Weekly Vulnerabilities Reports > June 29 to July 5, 2020

Overview

273 new vulnerabilities reported during this period, including 56 critical vulnerabilities and 85 high severity vulnerabilities. This weekly summary report vulnerabilities in 335 products from 114 vendors including Atlassian, Jenkins, Baxter, IBM, and Debian. Vulnerabilities are notably categorized as "Cross-site Scripting", "Use of Hard-coded Credentials", "OS Command Injection", "SQL Injection", and "Out-of-bounds Read".

  • 212 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities have public exploit available.
  • 106 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 172 reported vulnerabilities are exploitable by an anonymous user.
  • Atlassian has the most reported vulnerabilities, with 23 reported vulnerabilities.
  • Baxter has the most reported critical vulnerabilities, with 7 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

56 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-06-29 CVE-2020-2021 Paloaltonetworks Improper Verification of Cryptographic Signature vulnerability in Paloaltonetworks Pan-Os

When Security Assertion Markup Language (SAML) authentication is enabled and the 'Validate Identity Provider Certificate' option is disabled (unchecked), improper verification of signatures in PAN-OS SAML authentication enables an unauthenticated network-based attacker to access protected resources.

10.0
2020-07-05 CVE-2020-15543 Solarwinds Improper Input Validation vulnerability in Solarwinds Serv-U FTP Server

SolarWinds Serv-U FTP server before 15.2.1 does not validate an argument path.

9.8
2020-07-05 CVE-2020-15542 Solarwinds Unspecified vulnerability in Solarwinds Serv-U FTP Server

SolarWinds Serv-U FTP server before 15.2.1 mishandles the CHMOD command.

9.8
2020-07-05 CVE-2020-15541 Solarwinds Unspecified vulnerability in Solarwinds Serv-U FTP Server

SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution.

9.8
2020-07-05 CVE-2020-15540 WE COM SQL Injection vulnerability in We-Com Opendata CMS 2.0

We-com OpenData CMS 2.0 allows SQL Injection via the username field on the administrator login page.

9.8
2020-07-05 CVE-2020-15539 WE COM SQL Injection vulnerability in We-Com Municipality Portal CMS 2.1.0

SQL injection can occur in We-com Municipality portal CMS 2.1.x via the cerca/ keywords field.

9.8
2020-07-03 CVE-2020-10282 Dronecode Missing Authentication for Critical Function vulnerability in Dronecode Micro AIR Vehicle Link 1.0.0

The Micro Air Vehicle Link (MAVLink) protocol presents no authentication mechanism on its version 1.0 (nor authorization) whichs leads to a variety of attacks including identity spoofing, unauthorized access, PITM attacks and more.

9.8
2020-07-03 CVE-2020-14172 Atlassian Deserialization of Untrusted Data vulnerability in Atlassian Jira and Jira Software Data Center

This issue exists to document that a security improvement in the way that Jira Server and Data Center use velocity templates has been implemented.

9.8
2020-07-02 CVE-2020-4074 Prestashop Improper Authentication vulnerability in Prestashop

In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, the authentication system is malformed and an attacker is able to forge requests and execute admin commands.

9.8
2020-07-02 CVE-2020-14092 Ithemes SQL Injection vulnerability in Ithemes Paypal PRO

The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection.

9.8
2020-07-02 CVE-2020-7821 Nexaweb Improper Input Validation vulnerability in Nexaweb Nexacro 14 and Nexacro 17

Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by modifying the value of registry path.

9.8
2020-07-02 CVE-2020-7820 Nexaweb Improper Input Validation vulnerability in Nexaweb Nexacro 14 and Nexacro 17

Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by setting the arguments to the vulnerable API.

9.8
2020-07-02 CVE-2020-3297 Cisco Improper Authentication vulnerability in Cisco products

A vulnerability in session management for the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to defeat authentication protections and gain unauthorized access to the management interface.

9.8
2020-07-01 CVE-2020-15490 Wavlink Classic Buffer Overflow vulnerability in Wavlink Wl-Wn530Hg4 Firmware M30Hg4.V5030.191116

An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices.

9.8
2020-07-01 CVE-2020-15489 Wavlink OS Command Injection vulnerability in Wavlink Wl-Wn530Hg4 Firmware M30Hg4.V5030.191116

An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices.

9.8
2020-07-01 CVE-2019-15311 Linkplay OS Command Injection vulnerability in Linkplay

An issue was discovered on Zolo Halo devices via the Linkplay firmware.

9.8
2020-07-01 CVE-2019-15310 Linkplay Authorization Bypass Through User-Controlled Key vulnerability in Linkplay

An issue was discovered on various devices via the Linkplay firmware.

9.8
2020-07-01 CVE-2020-14057 Monstaftp Externally Controlled Reference to a Resource in Another Sphere vulnerability in Monstaftp Monsta FTP

Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations.

9.8
2020-07-01 CVE-2020-14056 Monstaftp Server-Side Request Forgery (SSRF) vulnerability in Monstaftp Monsta FTP

Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality.

9.8
2020-07-01 CVE-2020-13619 Locutus OS Command Injection vulnerability in Locutus PHP

php/exec/escapeshellarg in Locutus PHP through 2.0.11 allows an attacker to achieve code execution.

9.8
2020-07-01 CVE-2020-5902 F5 Path Traversal vulnerability in F5 products

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages.

9.8
2020-07-01 CVE-2020-13381 Os4Ed SQL Injection vulnerability in Os4Ed Opensis

openSIS through 7.4 allows SQL Injection.

9.8
2020-07-01 CVE-2020-13380 Os4Ed SQL Injection vulnerability in Os4Ed Opensis

openSIS before 7.4 allows SQL Injection.

9.8
2020-07-01 CVE-2020-15475 Ntop Use After Free vulnerability in Ntop Ndpi

In nDPI through 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c omits certain reinitialization, leading to a use-after-free.

9.8
2020-07-01 CVE-2020-15474 Ntop Out-of-bounds Write vulnerability in Ntop Ndpi

In nDPI through 3.2, there is a stack overflow in extractRDNSequence in lib/protocols/tls.c.

9.8
2020-07-01 CVE-2020-15468 Persian VIP Download Script Project SQL Injection vulnerability in Persian VIP Download Script Project Persian VIP Download Script 1.0

Persian VIP Download Script 1.0 allows SQL Injection via the cart_edit.php active parameter.

9.8
2020-06-30 CVE-2020-15415 Draytek OS Command Injection vulnerability in Draytek products

On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via shell metacharacters in a filename when the text/x-python-script content type is used, a different issue than CVE-2020-14472.

9.8
2020-06-30 CVE-2020-15411 Misp Unspecified vulnerability in Misp 2.4.128

An issue was discovered in MISP 2.4.128.

9.8
2020-06-30 CVE-2019-20893 Activision Classic Buffer Overflow vulnerability in Activision Call of Duty Modern Warfare 2 20180426/20191211

An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11.

9.8
2020-06-30 CVE-2017-18922 Libvncserver Project
Canonical
Opensuse
Fedoraproject
Siemens
Out-of-bounds Write vulnerability in multiple products

It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames.

9.8
2020-06-29 CVE-2020-15069 Sophos Classic Buffer Overflow vulnerability in Sophos XG Firewall Firmware 17.0/17.5

Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless access.

9.8
2020-06-29 CVE-2018-6446 Broadcom Use of Hard-coded Credentials vulnerability in Broadcom Brocade Network Advisor

A vulnerability in Brocade Network Advisor Version Before 14.3.1 could allow an unauthenticated, remote attacker to log in to the JBoss Administration interface of an affected system using an undocumented user credentials and install additional JEE applications.

9.8
2020-06-29 CVE-2020-15362 Thingssdk OS Command Injection vulnerability in Thingssdk Wifiscanner 1.0.1

wifiscanner.js in thingsSDK WiFi Scanner 1.0.1 allows Code Injection because it can be used with options to overwrite the default executable/binary path and its arguments.

9.8
2020-06-29 CVE-2020-14072 MK Auth OS Command Injection vulnerability in Mk-Auth 19.01

An issue was discovered in MK-AUTH 19.01.

9.8
2020-06-29 CVE-2020-14070 MK Auth Improper Authentication vulnerability in Mk-Auth 19.01

An issue was discovered in MK-AUTH 19.01.

9.8
2020-06-29 CVE-2020-14068 MK Auth SQL Injection vulnerability in Mk-Auth 19.01

An issue was discovered in MK-AUTH 19.01.

9.8
2020-06-29 CVE-2020-15324 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloud CNM Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials.

9.8
2020-06-29 CVE-2020-15323 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials.

9.8
2020-06-29 CVE-2020-15322 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account.

9.8
2020-06-29 CVE-2020-15321 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account.

9.8
2020-06-29 CVE-2020-15320 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account.

9.8
2020-06-29 CVE-2020-12047 Baxter Use of Hard-coded Credentials vulnerability in Baxter Sigma Spectrum Infusion System Firmware 8.0

The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24), when used with a Baxter Spectrum v8.x (model 35700BAX2) in a factory-default wireless configuration enables an FTP service with hard-coded credentials.

9.8
2020-06-29 CVE-2020-12045 Baxter Use of Hard-coded Credentials vulnerability in Baxter Sigma Spectrum Infusion System Firmware 8.0

The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) when used in conjunction with a Baxter Spectrum v8.x (model 35700BAX2), operates a Telnet service on Port 1023 with hard-coded credentials.

9.8
2020-06-29 CVE-2020-12043 Baxter Operation on a Resource after Expiration or Release vulnerability in Baxter Sigma Spectrum Infusion System Firmware 8.0

The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) when configured for wireless networking the FTP service operating on the WBM remains operational until the WBM is rebooted.

9.8
2020-06-29 CVE-2020-12040 Baxter Cleartext Transmission of Sensitive Information vulnerability in Baxter Sigma Spectrum Infusion System Firmware 6.0/6.05/8.0

Sigma Spectrum Infusion System v's6.x (model 35700BAX) and Baxter Spectrum Infusion System Version(s) 8.x (model 35700BAX2) at the application layer uses an unauthenticated clear-text communication channel to send and receive system status and operational data.

9.8
2020-06-29 CVE-2020-12016 Baxter Use of Hard-coded Credentials vulnerability in Baxter Em1200 Firmware and Em2400 Firmware

Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 have hard-coded administrative account credentials for the ExactaMix operating system.

9.8
2020-06-29 CVE-2019-3681 Opensuse Unspecified vulnerability in Opensuse OSC 0.162.115.9.1/0.169.0/0.169.13.20.1

A External Control of File Name or Path vulnerability in osc of SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Software Development Kit 12-SP5, SUSE Linux Enterprise Software Development Kit 12-SP4; openSUSE Leap 15.1, openSUSE Factory allowed remote attackers that can change downloaded packages to overwrite arbitrary files.

9.8
2020-07-01 CVE-2020-5901 F5 Cross-site Scripting vulnerability in F5 Nginx Controller 3.3.0/3.4.0

In NGINX Controller 3.3.0-3.4.0, undisclosed API endpoints may allow for a reflected Cross Site Scripting (XSS) attack.

9.6
2020-06-30 CVE-2020-9413 Tibco Cross-site Scripting vulnerability in Tibco products

The MFT Browser file transfer client and MFT Browser admin client components of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contain a vulnerability that theoretically allows an attacker to craft an URL that will execute arbitrary commands on the affected system.

9.6
2020-06-29 CVE-2020-12041 Baxter Incorrect Permission Assignment for Critical Resource vulnerability in Baxter Sigma Spectrum Infusion System Firmware 8.0

The Baxter Spectrum WBM (v17, v20D29, v20D30, v20D31, and v22D24) telnet Command-Line Interface, grants access to sensitive data stored on the WBM that permits temporary configuration changes to network settings of the WBM, and allows the WBM to be rebooted.

9.4
2020-07-01 CVE-2020-13382 Os4Ed Missing Authentication for Critical Function vulnerability in Os4Ed Opensis

openSIS through 7.4 has Incorrect Access Control.

9.1
2020-07-01 CVE-2020-15473 Ntop Out-of-bounds Read vulnerability in Ntop Ndpi

In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c.

9.1
2020-07-01 CVE-2020-15472 Ntop
Debian
Out-of-bounds Read vulnerability in multiple products

In nDPI through 3.2, the H.323 dissector is vulnerable to a heap-based buffer over-read in ndpi_search_h323 in lib/protocols/h323.c, as demonstrated by a payload packet length that is too short.

9.1
2020-07-01 CVE-2020-15471 Ntop Out-of-bounds Read vulnerability in Ntop Ndpi

In nDPI through 3.2, the packet parsing code is vulnerable to a heap-based buffer over-read in ndpi_parse_packet_line_info in lib/ndpi_main.c.

9.1
2020-06-30 CVE-2020-15084 Auth0 Incorrect Authorization vulnerability in Auth0 Express-Jwt

In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced.

9.1
2020-06-29 CVE-2020-12032 Baxter Cleartext Storage of Sensitive Information vulnerability in Baxter Em1200 Firmware and Em2400 Firmware

Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems store device data with sensitive information in an unencrypted database.

9.1

85 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-07-03 CVE-2020-7283 Mcafee Improper Privilege Management vulnerability in Mcafee Total Protection

Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to create and edit files via symbolic link manipulation in a location they would otherwise not have access to.

8.8
2020-07-03 CVE-2020-15518 Veeam Missing Authorization vulnerability in Veeam products

VeeamFSR.sys in Veeam Availability Suite before 10 and Veeam Backup & Replication before 10 has no device object DACL, which allows unprivileged users to achieve total control over filesystem I/O requests.

8.8
2020-07-02 CVE-2020-8188 UI OS Command Injection vulnerability in UI Unifi Protect Firmware

We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges.

8.8
2020-07-02 CVE-2020-8163 Rubyonrails
Debian
Code Injection vulnerability in multiple products

The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE.

8.8
2020-07-02 CVE-2020-15082 Prestashop Unspecified vulnerability in Prestashop

In PrestaShop from version 1.6.0.1 and before version 1.7.6.6, the dashboard allows rewriting all configuration variables.

8.8
2020-07-02 CVE-2020-2211 Jenkins Deserialization of Untrusted Data vulnerability in Jenkins Kubernetes CI

Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin 1.3 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.

8.8
2020-07-01 CVE-2019-15312 Linkplay Unspecified vulnerability in Linkplay

An issue was discovered on Zolo Halo devices via the Linkplay firmware.

8.8
2020-07-01 CVE-2020-5904 F5 Cross-Site Request Forgery (CSRF) vulnerability in F5 products

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a cross-site request forgery (CSRF) vulnerability in the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, exists in an undisclosed page.

8.8
2020-07-01 CVE-2020-5900 F5 Cross-Site Request Forgery (CSRF) vulnerability in F5 Nginx Controller

In versions 3.0.0-3.4.0, 2.0.0-2.9.0, and 1.0.1, there is insufficient cross-site request forgery (CSRF) protections for the NGINX Controller user interface.

8.8
2020-06-30 CVE-2020-14947 Factorfx OS Command Injection vulnerability in Factorfx Open Computer Software Inventory Next Generation 2.7

OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid.

8.8
2020-06-30 CVE-2020-9414 Tibco Cross-site Scripting vulnerability in Tibco products

The MFT admin service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contains a vulnerability that theoretically allows an authenticated user with specific permissions to obtain the session identifier of another user.

8.8
2020-06-30 CVE-2020-15049 Squid Cache
Fedoraproject
HTTP Request Smuggling vulnerability in multiple products

An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3.

8.8
2020-06-30 CVE-2020-15087 Prestosql Unspecified vulnerability in Prestosql Presto

In Presto before version 337, authenticated users can bypass authorization checks by directly accessing internal APIs.

8.8
2020-06-30 CVE-2020-13095 Obdev Link Following vulnerability in Obdev Little Snitch

Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user.

8.8
2020-06-30 CVE-2019-19163 Commax Unspecified vulnerability in Commax Cdp-1020Mb Firmware 2019.12.30

A Vulnerability in the firmware of COMMAX WallPad(CDP-1020MB) allow an unauthenticated adjacent attacker to execute arbitrary code, because of a using the old version of MySQL.

8.8
2020-06-30 CVE-2020-5601 NTA Command Injection vulnerability in NTA E-Tax Reception System 1.0.0.0

Chrome Extension for e-Tax Reception System Ver1.0.0.0 allows remote attackers to execute an arbitrary command via unspecified vectors.

8.8
2020-06-29 CVE-2020-14414 Nedi OS Command Injection vulnerability in Nedi 1.9C

NeDi 1.9C is vulnerable to Remote Command Execution.

8.8
2020-06-29 CVE-2020-14412 Nedi OS Command Injection vulnerability in Nedi 1.9C

NeDi 1.9C is vulnerable to Remote Command Execution.

8.8
2020-06-29 CVE-2019-19160 Cabsoftware Insufficient Verification of Data Authenticity vulnerability in Cabsoftware Reportexpress Proplus

Reportexpress ProPlus contains a vulnerability that could allow an arbitrary code execution by inserted VBscript into the configure file(rxp).

8.8
2020-07-02 CVE-2020-8161 Rack Project
Debian
Canonical
Path Traversal vulnerability in multiple products

A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.

8.6
2020-07-02 CVE-2020-12119 Ledger Insufficient Verification of Data Authenticity vulnerability in Ledger Live

Ledger Live before 2.7.0 does not handle Bitcoin's Replace-By-Fee (RBF).

8.1
2020-07-01 CVE-2020-5906 F5 Incorrect Default Permissions vulnerability in F5 products

In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, the BIG-IP system does not properly enforce the access controls for the scp.blacklist files.

8.1
2020-06-30 CVE-2020-5580 Cybozu Unspecified vulnerability in Cybozu Garoon

Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to view and/or alter Single sign-on settings via unspecified vectors.

8.1
2020-07-05 CVE-2020-15530 Valvesoftware Race Condition vulnerability in Valvesoftware Steam Client 2.10.91.91

An issue was discovered in Valve Steam Client 2.10.91.91.

7.8
2020-07-05 CVE-2020-15529 GOG Incorrect Permission Assignment for Critical Resource vulnerability in GOG Galaxy 2.0.17

An issue was discovered in GOG Galaxy Client 2.0.17.

7.8
2020-07-05 CVE-2020-15528 GOG Incorrect Permission Assignment for Critical Resource vulnerability in GOG Galaxy 2.0.17

An issue was discovered in GOG Galaxy Client 2.0.17.

7.8
2020-07-04 CVE-2020-15523 Python
Netapp
Use of Uninitialized Resource vulnerability in multiple products

In Python 3.6 through 3.6.10, 3.7 through 3.7.8, 3.8 through 3.8.4rc1, and 3.9 through 3.9.0b4 on Windows, a Trojan horse python3.dll might be used in cases where CPython is embedded in a native application.

7.8
2020-07-03 CVE-2020-7284 Mcafee Information Exposure vulnerability in Mcafee Network Security Management 10.0/9.0

Exposure of Sensitive Information in McAfee Network Security Management (NSM) prior to 10.1.7.7 allows local users to gain unauthorised access to the root account via execution of carefully crafted commands from the restricted command line interface (CLI).

7.8
2020-07-03 CVE-2019-20419 Atlassian Uncontrolled Search Path Element vulnerability in Atlassian Jira Data Center and Jira Server

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to execute arbitrary code via a DLL hijacking vulnerability in Tomcat.

7.8
2020-07-01 CVE-2020-7688 Mversion Project OS Command Injection vulnerability in Mversion Project Mversion

The issue occurs because tagName user input is formatted inside the exec function is executed without any checks.

7.8
2020-07-01 CVE-2020-6089 Leadtools Out-of-bounds Write vulnerability in Leadtools 20.0.0.0.0

An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20.

7.8
2020-07-01 CVE-2020-12498 Phoenixcontact Out-of-bounds Read vulnerability in Phoenixcontact PC Worx and PC Worx Express

mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution.

7.8
2020-07-01 CVE-2020-12497 Phoenixcontact Out-of-bounds Write vulnerability in Phoenixcontact PC Worx and PC Worx Express

PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow.

7.8
2020-07-01 CVE-2020-5899 F5 Insufficiently Protected Credentials vulnerability in F5 Nginx Controller

In NGINX Controller 3.0.0-3.4.0, recovery code required to change a user's password is transmitted and stored in the database in plain text, which allows an attacker who can intercept the database connection or have read access to the database, to request a password reset using the email address of another registered user then retrieve the recovery code.

7.8
2020-07-01 CVE-2020-4363 IBM Classic Buffer Overflow vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges.

7.8
2020-07-01 CVE-2019-4676 IBM Cleartext Storage of Sensitive Information vulnerability in IBM Security Identity Manager Virtual Appliance 7.0.2

IBM Security Identity Manager Virtual Appliance 7.0.2 stores user credentials in plain in clear text which can be read by a local user.

7.8
2020-06-30 CVE-2020-5971 Nvidia Out-of-bounds Read vulnerability in Nvidia Virtual GPU Manager

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software reads from a buffer by using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to code execution, denial of service, escalation of privileges, or information disclosure.

7.8
2020-06-30 CVE-2020-5968 Nvidia Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia Virtual GPU Manager

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed by using an index or pointer, such as memory or files, which may lead to code execution, denial of service, escalation of privileges, or information disclosure.

7.8
2020-06-30 CVE-2020-14482 Deltaww Out-of-bounds Write vulnerability in Deltaww Dopsoft 2.00.07

Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior.

7.8
2020-06-30 CVE-2020-4044 Neutrinolabs Unspecified vulnerability in Neutrinolabs Xrdp

The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload.

7.8
2020-06-30 CVE-2020-14957 Arswp Improper Input Validation vulnerability in Arswp Windows Cleanup Assistant 3.2

In Windows cleaning assistant 3.2, the driver file (AtpKrnl.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x223CCD.

7.8
2020-06-30 CVE-2020-14956 Arswp Improper Input Validation vulnerability in Arswp Windows Cleanup Assistant 3.2

In Windows cleaning assistant 3.2, the driver file (AtpKrnl.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x223CCA.

7.8
2020-06-30 CVE-2020-7816 Hmtalk Out-of-bounds Read vulnerability in Hmtalk Daoffice, Dava+ and Daview Indy

A vulnerability in the JPEG image parsing module in DaView Indy, DaVa+, DaOffice softwares could allow an unauthenticated, remote attacker to cause an arbitrary code execution on an affected device.nThe vulnerability is due to a stack overflow read.

7.8
2020-06-30 CVE-2020-15397 Hylafax Project
Ifax
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uucp account).

7.8
2020-06-30 CVE-2020-15396 Hylafax Project
Ifax
Fedoraproject
Opensuse
Race Condition vulnerability in multiple products

In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories.

7.8
2020-06-30 CVE-2020-15395 Mediaarea
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing).

7.8
2020-06-29 CVE-2020-8019 Oneidentity Unspecified vulnerability in Oneidentity Syslog-Ng

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module for Legacy Software 12, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server for SAP 12-SP1; openSUSE Backports SLE-15-SP1, openSUSE Leap 15.1 allowed local attackers controlling the user news to escalate their privileges to root.

7.8
2020-06-29 CVE-2020-8014 Opensuse Unspecified vulnerability in Opensuse Leap and Tumbleweed Kopano-Spamd

A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of kopano-spamd of openSUSE Leap 15.1, openSUSE Tumbleweed allowed local attackers with the privileges of the kopano user to escalate to root.

7.8
2020-06-29 CVE-2020-8022 Apache
Opensuse
A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root.
7.8
2020-07-05 CVE-2020-15466 Wireshark
Opensuse
Debian
Infinite Loop vulnerability in multiple products

In Wireshark 3.2.0 to 3.2.4, the GVCP dissector could go into an infinite loop.

7.5
2020-07-03 CVE-2020-10281 Dronecode Cleartext Transmission of Sensitive Information vulnerability in Dronecode Micro AIR Vehicle Link

This vulnerability applies to the Micro Air Vehicle Link (MAVLink) protocol and allows a remote attacker to gain access to sensitive information provided it has access to the communication medium.

7.5
2020-07-02 CVE-2019-20894 Traefik Improper Certificate Validation vulnerability in Traefik 2.0.0

Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERR_BAD_SSL_CLIENT_AUTH_CERT should have occurred.

7.5
2020-07-02 CVE-2020-15503 Libraw
Fedoraproject
Debian
Improper Input Validation vulnerability in multiple products

LibRaw before 0.20-RC1 lacks a thumbnail size range check.

7.5
2020-07-02 CVE-2020-5910 F5 Missing Authentication for Critical Function vulnerability in F5 Nginx Controller

In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.

7.5
2020-07-02 CVE-2020-15502 Duckduckgo Information Exposure vulnerability in Duckduckgo

The DuckDuckGo application through 5.58.0 for Android, and through 7.47.1.0 for iOS, sends hostnames of visited web sites within HTTPS .ico requests to servers in the duckduckgo.com domain, which might make visit data available temporarily at a Potentially Unwanted Endpoint.

7.5
2020-07-02 CVE-2020-3402 Cisco Missing Authentication for Critical Function vulnerability in Cisco Unified Customer Voice Portal

A vulnerability in the Java Remote Method Invocation (RMI) interface of Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to access sensitive information on an affected device.

7.5
2020-07-01 CVE-2020-8663 Envoyproxy Resource Exhaustion vulnerability in Envoyproxy Envoy

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file descriptors and/or memory when accepting too many connections.

7.5
2020-07-01 CVE-2020-4420 IBM Improper Resource Shutdown or Release vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated attacker to cause a denial of service due a hang in the execution of a terminate command.

7.5
2020-07-01 CVE-2020-13383 Os4Ed Path Traversal vulnerability in Os4Ed Opensis

openSIS through 7.4 allows Directory Traversal.

7.5
2020-07-01 CVE-2020-12605 Envoyproxy Allocation of Resources Without Limits or Throttling vulnerability in Envoyproxy Envoy

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs.

7.5
2020-07-01 CVE-2020-12604 Envoyproxy Memory Leak vulnerability in Envoyproxy Envoy

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream.

7.5
2020-07-01 CVE-2020-7689 Node Bcrypt JS Project Use of a Broken or Risky Cryptographic Algorithm vulnerability in Node.Bcrypt.Js Project Node.Bcrypt.Js

Data is truncated wrong when its length is greater than 255 bytes.

7.5
2020-07-01 CVE-2020-12603 Envoyproxy Resource Exhaustion vulnerability in Envoyproxy Envoy

Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small (i.e.

7.5
2020-07-01 CVE-2020-15478 Journal Theme Information Exposure Through an Error Message vulnerability in Journal-Theme Journal

The Journal theme before 3.1.0 for OpenCart allows exposure of sensitive data via SQL errors.

7.5
2020-07-01 CVE-2020-15476 Ntop
Debian
Out-of-bounds Read vulnerability in multiple products

In nDPI through 3.2, the Oracle protocol dissector has a heap-based buffer over-read in ndpi_search_oracle in lib/protocols/oracle.c.

7.5
2020-07-01 CVE-2020-14167 Atlassian Unspecified vulnerability in Atlassian products

The MessageBundleResource resource in Jira Server and Data Center before version 7.13.4, from 8.5.0 before 8.5.5, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to impact the application's availability via an Denial of Service (DoS) vulnerability.

7.5
2020-06-30 CVE-2020-14474 Cellebrite Use of Hard-coded Credentials vulnerability in Cellebrite Ufed Firmware 5.0/7.5.0.845

The Cellebrite UFED physical device 5.0 through 7.5.0.845 relies on key material hardcoded within both the executable code supporting the decryption process, and within the encrypted files themselves by using a key enveloping technique.

7.5
2020-06-30 CVE-2020-14058 Squid Cache
Fedoraproject
Netapp
An issue was discovered in Squid before 4.12 and 5.x before 5.0.3.
7.5
2020-06-30 CVE-2020-9483 Apache SQL Injection vulnerability in Apache Skywalking

**Resolved** When use H2/MySQL/TiDB as Apache SkyWalking storage, the metadata query through GraphQL protocol, there is a SQL injection vulnerability, which allows to access unpexcted data.

7.5
2020-06-30 CVE-2020-5603 Mitsubishielectric Resource Exhaustion vulnerability in Mitsubishielectric products

Uncontrolled resource consumption vulnerability in Mitsubishi Electoric FA Engineering Software (CPU Module Logging Configuration Tool Ver.

7.5
2020-06-30 CVE-2020-5602 Mitsubishielectric XXE vulnerability in Mitsubishielectric products

Mitsubishi Electoric FA Engineering Software (CPU Module Logging Configuration Tool Ver.

7.5
2020-06-30 CVE-2020-5584 Cybozu Unspecified vulnerability in Cybozu Garoon

Cybozu Garoon 4.0.0 to 5.0.1 allow remote attackers to obtain unintended information via unspecified vectors.

7.5
2020-06-29 CVE-2020-4067 Coturn Project
Debian
Fedoraproject
Canonical
Opensuse
In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly.
7.5
2020-06-29 CVE-2020-4452 IBM Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM API Connect

IBM API Connect V2018.4.1.0 through 2018.4.1.11 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

7.5
2020-06-29 CVE-2020-12048 Baxter Cleartext Transmission of Sensitive Information vulnerability in Baxter Phoenix X36 Firmware 3.36/3.40

Phoenix Hemodialysis Delivery System SW 3.36 and 3.40, The Phoenix Hemodialysis device does not support data-in-transit encryption (e.g., TLS/SSL) when transmitting treatment and prescription data on the network between the Phoenix system and the Exalis dialysis data management tool.

7.5
2020-06-29 CVE-2020-12037 Baxter Cleartext Transmission of Sensitive Information vulnerability in Baxter Prismaflex Firmware and Prismax Firmware

Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption (e.g., TLS/SSL) when configured to send treatment data to a PDMS (Patient Data Management System) or an EMR (Electronic Medical Record) system.

7.5
2020-06-29 CVE-2020-12036 Baxter Cleartext Transmission of Sensitive Information vulnerability in Baxter Prismaflex Firmware and Prismax Firmware

Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The affected devices do not implement data-in-transit encryption (e.g., TLS/SSL) when configured to send treatment data to a PDMS (Patient Data Management System) or an EMR (Electronic Medical Record) system.

7.5
2020-06-29 CVE-2020-12008 Baxter Cleartext Transmission of Sensitive Information vulnerability in Baxter Em1200 Firmware and Em2400 Firmware

Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems use cleartext messages to communicate order information with an order entry system.

7.5
2020-06-29 CVE-2019-20413 Atlassian Unspecified vulnerability in Atlassian products

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability on the UserPickerBrowser.jspa page.

7.5
2020-07-02 CVE-2020-5911 F5 Unspecified vulnerability in F5 Nginx Controller

In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.

7.3
2020-06-30 CVE-2020-7049 Nozominetworks Improper Neutralization of Formula Elements in a CSV File vulnerability in Nozominetworks Guardian

Nozomi Networks OS before 19.0.4 allows /#/network?tab=network_node_list.html CSV Injection.

7.3
2020-07-01 CVE-2020-5907 F5 Unspecified vulnerability in F5 products

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, an authorized user provided with access only to the TMOS Shell (tmsh) may be able to conduct arbitrary file read/writes via the built-in sftp functionality.

7.2
2020-06-30 CVE-2019-19161 Cymiinstaller322 Activex Project Untrusted Search Path vulnerability in Cymiinstaller322 Activex Project Cymiinstaller322 Activex 2016.5.26.1

CyMiInstaller322 ActiveX which runs MIPLATFORM downloads files required to run applications.

7.2
2020-06-30 CVE-2020-5972 Nvidia Release of Invalid Pointer or Reference vulnerability in Nvidia Virtual GPU Manager

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service.

7.1
2020-06-30 CVE-2020-5970 Nvidia Improper Input Validation vulnerability in Nvidia Virtual GPU Manager

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service.

7.1

127 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-06-29 CVE-2020-14069 MK Auth SQL Injection vulnerability in Mk-Auth 19.01

An issue was discovered in MK-AUTH 19.01.

6.8
2020-07-02 CVE-2020-9498 Apache
Fedoraproject
Debian
Out-of-bounds Write vulnerability in multiple products

Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP static virtual channels.

6.7
2020-07-03 CVE-2019-20418 Atlassian Unspecified vulnerability in Atlassian Jira Software Data Center

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to prevent users from accessing the instance via an Application Denial of Service vulnerability in the /rendering/wiki endpoint.

6.5
2020-07-02 CVE-2020-8185 Rubyonrails
Fedoraproject
Resource Exhaustion vulnerability in multiple products

A denial of service vulnerability exists in Rails <6.0.3.2 that allowed an untrusted user to run any pending migrations on a Rails app running in production.

6.5
2020-07-02 CVE-2020-15091 Tendermint Improper Verification of Cryptographic Signature vulnerability in Tendermint

TenderMint from version 0.33.0 and before version 0.33.6 allows block proposers to include signatures for the wrong block.

6.5
2020-07-02 CVE-2020-3391 Cisco Insufficiently Protected Credentials vulnerability in Cisco Digital Network Architecture Center

A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to view sensitive information in clear text.

6.5
2020-07-01 CVE-2020-5238 Github Flavored Markdown Project
Fedoraproject
The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs.
6.5
2020-07-01 CVE-2020-2500 Qnap Use of Hard-coded Credentials vulnerability in Qnap Helpdesk

This improper access control vulnerability in Helpdesk allows attackers to get control of QNAP Kayako service.

6.5
2020-07-01 CVE-2020-4376 IBM Unspecified vulnerability in IBM MQ for HPE Nonstop 8.0.4/8.1.0

IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0.4 and 8.1.0 could allow an attacker to cause a denial of service caused by an error within the pubsub logic.

6.5
2020-06-30 CVE-2020-14059 Squid Cache Improper Synchronization vulnerability in Squid-Cache Squid 5.0/5.0.1/5.0.2

An issue was discovered in Squid 5.x before 5.0.3.

6.5
2020-06-30 CVE-2020-5587 Cybozu Unspecified vulnerability in Cybozu Garoon

Cybozu Garoon 4.0.0 to 5.0.1 allow remote authenticated attackers to obtain unintended information via unspecified vectors.

6.5
2020-06-30 CVE-2020-5583 Cybozu Unspecified vulnerability in Cybozu Garoon

Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to obtain unauthorized Multi-Report's data via unspecified vectors.

6.5
2020-06-30 CVE-2020-5581 Cybozu Path Traversal vulnerability in Cybozu Garoon

Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to obtain unintended information via unspecified vectors.

6.5
2020-06-29 CVE-2020-15389 Uclouvain
Debian
Oracle
Use After Free vulnerability in multiple products

jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor.

6.5
2020-06-29 CVE-2020-15043 Iball Cross-Site Request Forgery (CSRF) vulnerability in Iball Wrb303N Firmware

iBall WRB303N devices allow CSRF attacks, as demonstrated by enabling remote management, enabling DHCP, or modifying the subnet range for IP addresses.

6.5
2020-06-29 CVE-2020-8573 Netapp Use of Hard-coded Credentials vulnerability in Netapp HCI H610S Firmware

The NetApp HCI H610C, H615C and H610S Baseboard Management Controllers (BMC) are shipped with a documented default account and password that should be changed during the initial node setup.

6.5
2020-06-29 CVE-2019-20410 Atlassian Unspecified vulnerability in Atlassian products

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view sensitive information via an Information Disclosure vulnerability in the comment restriction feature.

6.5
2020-07-03 CVE-2020-7282 Mcafee Link Following vulnerability in Mcafee Total Protection

Privilege Escalation vulnerability in McAfee Total Protection (MTP) before 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file.

6.3
2020-07-03 CVE-2020-7281 Mcafee Improper Privilege Management vulnerability in Mcafee Total Protection

Privilege Escalation vulnerability in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file.

6.3
2020-06-30 CVE-2020-5969 Nvidia Race Condition vulnerability in Nvidia Virtual GPU Manager

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it validates a shared resource before using it, creating a race condition which may lead to denial of service or information disclosure.

6.3
2020-07-05 CVE-2020-15538 WE COM Cross-site Scripting vulnerability in We-Com Municipality Portal CMS 2.1.0

XSS can occur in We-com Municipality portal CMS 2.1.x via the cerca/ search bar.

6.1
2020-07-05 CVE-2020-15537 Vanguard Project Cross-site Scripting vulnerability in Vanguard Project Vanguard 2.1

An issue was discovered in the Vanguard plugin 2.1 for WordPress.

6.1
2020-07-05 CVE-2020-15536 Online Hotel Booking System Project Cross-site Scripting vulnerability in Online Hotel Booking System Project Online Hotel Booking System 1.1

An issue was discovered in the bestsoftinc Hotel Booking System Pro plugin through 1.1 for WordPress.

6.1
2020-07-05 CVE-2020-15535 Bestsoftinc Cross-site Scripting vulnerability in Bestsoftinc CAR Rental System 1.1/1.2/1.3

An issue was discovered in the bestsoftinc Car Rental System plugin through 1.3 for WordPress.

6.1
2020-07-02 CVE-2020-8176 Shopify Cross-site Scripting vulnerability in Shopify Koa-Shopify-Auth 3.1.61/3.1.62

A cross-site scripting vulnerability exists in koa-shopify-auth v3.1.61-v3.1.62 that allows an attacker to inject JS payloads into the `shop` parameter on the `/shopify/auth/enable_cookies` endpoint.

6.1
2020-07-02 CVE-2020-15083 Prestashop Cross-site Scripting vulnerability in Prestashop

In PrestaShop from version 1.7.0.0 and before version 1.7.6.6, if a target sends a corrupted file, it leads to a reflected XSS.

6.1
2020-07-02 CVE-2020-13653 Synacor Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite

An XSS vulnerability exists in the Webmail component of Zimbra Collaboration Suite before 8.8.15 Patch 11.

6.1
2020-07-02 CVE-2020-2217 Praqma Cross-site Scripting vulnerability in Praqma Compatibility Action Storage 1.0

Jenkins Compatibility Action Storage Plugin 1.0 and earlier does not escape the content coming from the MongoDB in the testConnection form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability.

6.1
2020-07-02 CVE-2020-2207 Jenkins Cross-site Scripting vulnerability in Jenkins Vncviewer

Jenkins VncViewer Plugin 1.7 and earlier does not escape a parameter value in the checkVncServ form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability.

6.1
2020-07-02 CVE-2020-2206 Jenkins Cross-site Scripting vulnerability in Jenkins Vncrecorder

Jenkins VncRecorder Plugin 1.25 and earlier does not escape a parameter value in the checkVncServ form validation endpoint, resulting in a reflected cross-site scripting (XSS) vulnerability.

6.1
2020-07-02 CVE-2020-3282 Cisco Cross-site Scripting vulnerability in Cisco products

A vulnerability in the web-based management interface of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management Edition, Cisco Unified Communications Manager IM &amp; Presence Service, and Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.

6.1
2020-07-01 CVE-2020-15500 Tileserver Cross-site Scripting vulnerability in Tileserver Tileservergl 3.0.0

An issue was discovered in server.js in TileServer GL through 3.0.0.

6.1
2020-07-01 CVE-2020-14055 Monstaftp Cross-site Scripting vulnerability in Monstaftp Monsta FTP

Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language setting due to insufficient output encoding.

6.1
2020-07-01 CVE-2020-5903 F5 Cross-site Scripting vulnerability in F5 products

In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility.

6.1
2020-07-01 CVE-2017-1659 IBM Cross-site Scripting vulnerability in IBM Inotes

"HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability.

6.1
2020-07-01 CVE-2020-4022 Atlassian Cross-site Scripting vulnerability in Atlassian products

The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability issue attachments with a mixed multipart content type.

6.1
2020-07-01 CVE-2020-14169 Atlassian Cross-site Scripting vulnerability in Atlassian Jira

The quick search component in Atlassian Jira Server and Data Center before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability

6.1
2020-07-01 CVE-2020-14164 Atlassian Cross-site Scripting vulnerability in Atlassian Jira

The WYSIWYG editor resource in Jira Server and Data Center before version 8.8.2 allows remote attackers to inject arbitrary HTML or JavaScript names via an Cross Site Scripting (XSS) vulnerability by pasting javascript code into the editor field.

6.1
2020-06-30 CVE-2020-15307 Nozominetworks Cross-site Scripting vulnerability in Nozominetworks Guardian

Nozomi Guardian before 19.0.4 allows attackers to achieve stored XSS (in the web front end) by leveraging the ability to create a custom field with a crafted field name.

6.1
2020-06-30 CVE-2020-15085 Mirumee Unspecified vulnerability in Mirumee Saleor

In Saleor Storefront before version 2.10.3, request data used to authenticate customers was inadvertently cached in the browser's local storage mechanism, including credentials.

6.1
2020-06-29 CVE-2020-14413 Nedi Cross-site Scripting vulnerability in Nedi 1.9C

NeDi 1.9C is vulnerable to XSS because of an incorrect implementation of sanitize() in inc/libmisc.php.

6.1
2020-06-29 CVE-2020-14071 MK Auth Cross-site Scripting vulnerability in Mk-Auth 19.01

An issue was discovered in MK-AUTH 19.01.

6.1
2020-06-29 CVE-2020-12635 Mageme Cross-site Scripting vulnerability in Mageme Webforms PRO M2

XSS exists in the WebForms Pro M2 extension before 2.9.17 for Magento 2 via the textarea field.

6.1
2020-06-29 CVE-2020-12024 Baxter Unspecified vulnerability in Baxter Em1200 Firmware and Em2400 Firmware

Baxter ExactaMix EM 2400 versions 1.10, 1.11, 1.13, 1.14 and ExactaMix EM1200 Versions 1.1, 1.2, 1.4 and 1.5 does not restrict access to the USB interface from an unauthorized user with physical access.

6.1
2020-06-29 CVE-2020-12020 Baxter Exposure of Resource to Wrong Sphere vulnerability in Baxter Em1200 Firmware and Em2400 Firmware

Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13 and ExactaMix EM1200 Versions 1.1, 1.2, and 1.4 does not restrict non administrative users from gaining access to the operating system and editing the application startup script.

6.1
2020-06-29 CVE-2020-12012 Baxter Use of Hard-coded Credentials vulnerability in Baxter Em1200 Firmware and Em2400 Firmware

Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13, and ExactaMix EM1200 Versions 1.1, 1.2, and 1.4 have hard-coded administrative account credentials for the ExactaMix application.

6.1
2020-07-01 CVE-2017-1712 Hcltech Inadequate Encryption Strength vulnerability in Hcltech Domino 9.0

"A vulnerability in the TLS protocol implementation of the Domino server could allow an unauthenticated, remote attacker to access sensitive information, aka a Return of Bleichenbacher's Oracle Threat (ROBOT) attack.

5.9
2020-07-01 CVE-2020-14168 Atlassian Unspecified vulnerability in Atlassian products

The email client in Jira Server and Data Center before version 7.13.16, from 8.5.0 before 8.5.7, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to access outgoing emails between a Jira instance and the SMTP server via man-in-the-middle (MITM) vulnerability.

5.9
2020-06-29 CVE-2020-14145 Openbsd
Netapp
Information Exposure Through Discrepancy vulnerability in multiple products

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation.

5.9
2020-06-29 CVE-2020-14002 Putty
Netapp
Fedoraproject
Information Exposure Through Discrepancy vulnerability in multiple products

PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation.

5.9
2020-06-29 CVE-2020-15319 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree.

5.9
2020-06-29 CVE-2020-15318 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree.

5.9
2020-06-29 CVE-2020-15317 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree.

5.9
2020-06-29 CVE-2020-15316 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree.

5.9
2020-06-29 CVE-2020-15315 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/axess chroot directory tree.

5.9
2020-06-29 CVE-2020-15314 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account.

5.9
2020-06-29 CVE-2020-15313 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account.

5.9
2020-06-29 CVE-2020-15312 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Cloudcnm Secumanager 3.1.0/3.1.1

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account.

5.9
2020-07-01 CVE-2020-5908 F5 Information Exposure Through Log Files vulnerability in F5 Big-Ip Access Policy Manager

In versions bundled with BIG-IP APM 12.1.0-12.1.5 and 11.6.1-11.6.5.2, Edge Client for Linux exposes full session ID in the local log files.

5.5
2020-07-01 CVE-2020-15470 Rockcarry Out-of-bounds Write vulnerability in Rockcarry Ffjpeg

ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode in jfif.c.

5.5
2020-06-29 CVE-2020-15393 Linux
Debian
Opensuse
Canonical
Memory Leak vulnerability in multiple products

In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.

5.5
2020-06-29 CVE-2020-15368 Asrock Unspecified vulnerability in Asrock RGB Driver Firmware

AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3.

5.5
2020-06-29 CVE-2020-13657 Avast Unspecified vulnerability in Avast AVG Antivirus and Free Antivirus

An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links.

5.5
2020-07-03 CVE-2020-14173 Atlassian Cross-site Scripting vulnerability in Atlassian products

The file upload feature in Atlassian Jira Server and Data Center in affected versions allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability.

5.4
2020-07-02 CVE-2020-4061 Octobercms Cross-site Scripting vulnerability in Octobercms October

In October from version 1.0.319 and before version 1.0.467, pasting content copied from malicious websites into the Froala richeditor could result in a successful self-XSS attack.

5.4
2020-07-02 CVE-2020-15079 Prestashop Unspecified vulnerability in Prestashop

In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there is improper access control in Carrier page, Module Manager and Module Positions.

5.4
2020-07-02 CVE-2020-11074 Prestashop Cross-site Scripting vulnerability in Prestashop

In PrestaShop from version 1.5.3.0 and before version 1.7.6.6, there is a stored XSS when using the name of a quick access item.

5.4
2020-07-02 CVE-2020-2219 Jenkins Cross-site Scripting vulnerability in Jenkins Link Column 1.0

Jenkins Link Column Plugin 1.0 and earlier does not filter URLs of links created by users with View/Configure permission, resulting in a stored cross-site scripting vulnerability.

5.4
2020-07-02 CVE-2020-2214 Jenkins Cross-site Scripting vulnerability in Jenkins ZAP Pipeline

Jenkins ZAP Pipeline Plugin 1.9 and earlier programmatically disables Content-Security-Policy protection for user-generated content in workspaces, archived artifacts, etc.

5.4
2020-07-02 CVE-2020-2204 Jenkins Missing Authorization vulnerability in Jenkins Fortify on Demand

A missing permission check in Jenkins Fortify on Demand Plugin 5.0.1 and earlier allows attackers with Overall/Read permission to connect to the globally configured Fortify on Demand endpoint using attacker-specified credentials IDs.

5.4
2020-07-02 CVE-2020-2201 Jenkins Cross-site Scripting vulnerability in Jenkins Sonargraph Integration

Jenkins Sonargraph Integration Plugin 3.0.0 and earlier does not escape the file path for the Log file field form validation, resulting in a stored cross-site scripting vulnerability.

5.4
2020-07-02 CVE-2020-5909 F5 Improper Certificate Validation vulnerability in F5 Nginx Controller

In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Controller user interface (UI) to fetch the agent installer, the server TLS certificate is not verified.

5.4
2020-07-01 CVE-2020-4024 Atlassian Cross-site Scripting vulnerability in Atlassian products

The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability issue attachments with a vnd.wap.xhtml+xml content type.

5.4
2020-06-29 CVE-2020-4037 Oauth2 Proxy Project Unspecified vulnerability in Oauth2 Proxy Project Oauth2 Proxy 5.1.1

In OAuth2 Proxy from version 5.1.1 and less than version 6.0.0, users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow.

5.4
2020-06-29 CVE-2020-4557 IBM Cross-site Scripting vulnerability in IBM products

IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting.

5.4
2020-06-29 CVE-2019-20414 Atlassian Cross-site Scripting vulnerability in Atlassian products

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in Issue Navigator Basic Search.

5.4
2020-07-02 CVE-2020-15081 Prestashop Information Exposure vulnerability in Prestashop

In PrestaShop from version 1.5.0.0 and before 1.7.6.6, there is information exposure in the upload directory.

5.3
2020-07-02 CVE-2020-15080 Prestashop Missing Authorization vulnerability in Prestashop

In PrestaShop from version 1.7.4.0 and before version 1.7.6.6, some files should not be in the release archive, and others should not be accessible.

5.3
2020-07-01 CVE-2020-14196 Powerdns Incorrect Authorization vulnerability in Powerdns Recursor

In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced.

5.3
2020-07-01 CVE-2020-4355 IBM Unspecified vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service, caused by improper handling of Secure Sockets Layer (SSL) renegotiation requests.

5.3
2020-07-01 CVE-2020-6261 SAP Improper Encoding or Escaping of Output vulnerability in SAP Solution Manager 7.20

SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to perform a log injection into the trace file, due to Incomplete XML Validation.

5.3
2020-07-01 CVE-2020-14165 Atlassian Unspecified vulnerability in Atlassian Jira

The UniversalAvatarResource.getAvatars resource in Jira Server and Data Center before version 8.9.0 allows remote attackers to obtain information about custom project avatars names via an Improper authorization vulnerability.

5.3
2020-07-01 CVE-2019-20408 Atlassian Server-Side Request Forgery (SSRF) vulnerability in Atlassian Jira

The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.7.0 allows remote attackers to access the content of internal network resources via a Server Side Request Forgery (SSRF) vulnerability due to a logic bug in the JiraWhitelist class.

5.3
2020-06-29 CVE-2020-13896 Maipu Unspecified vulnerability in Maipu Mp1800X-50 Firmware 7.5.3.14(R)

The web interface of Maipu MP1800X-50 7.5.3.14(R) devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime.

5.3
2020-06-29 CVE-2020-8024 Opensuse Unspecified vulnerability in Opensuse Hylafax+ 5.6.1Lp151.3.7/7.0.22.1

A Incorrect Default Permissions vulnerability in the packaging of hylafax+ of openSUSE Leap 15.2, openSUSE Leap 15.1, openSUSE Factory allows local attackers to escalate from user uucp to users calling hylafax binaries.

5.3
2020-06-29 CVE-2019-20412 Atlassian Improper Authentication vulnerability in Atlassian products

The Convert Sub-Task to Issue page in affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate the following information via an Improper Authentication vulnerability: Workflow names; Project Key, if it is part of the workflow name; Issue Keys; Issue Types; Status Types.

5.3
2020-06-30 CVE-2020-5588 Cybozu Path Traversal vulnerability in Cybozu Garoon 5.0.0/5.0.1

Path traversal vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to obtain unintended information via unspecified vectors.

4.9
2020-06-29 CVE-2020-12035 Baxter Use of Hard-coded Credentials vulnerability in Baxter Prismaflex Firmware and Prismax Firmware

Baxter PrismaFlex all versions, PrisMax all versions prior to 3.x, The PrismaFlex device contains a hard-coded service password that provides access to biomedical information, device settings, calibration settings, and network configuration.

4.9
2020-07-02 CVE-2020-2205 Jenkins Cross-site Scripting vulnerability in Jenkins Vncrecorder

Jenkins VncRecorder Plugin 1.25 and earlier does not escape a tool path in the `checkVncServ` form validation endpoint, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by Jenkins administrators.

4.8
2020-07-02 CVE-2020-3340 Cisco Cross-site Scripting vulnerability in Cisco Identity Services Engine

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface.

4.8
2020-07-01 CVE-2020-4025 Atlassian Cross-site Scripting vulnerability in Atlassian products

The attachment download resource in Atlassian Jira Server and Data Center The attachment download resource in Atlassian Jira Server and Data Center before 8.5.5, and from 8.6.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability issue attachments with a rdf content type.

4.8
2020-07-01 CVE-2020-14166 Atlassian Cross-site Scripting vulnerability in Atlassian Jira Service Desk

The /servicedesk/customer/portals resource in Jira Service Desk Server and Data Center before version 4.10.0 allows remote attackers with project administrator privileges to inject arbitrary HTML or JavaScript names via an Cross Site Scripting (XSS) vulnerability by uploading a html file.

4.8
2020-06-30 CVE-2020-5586 Cybozu Cross-site Scripting vulnerability in Cybozu Garoon 4.10.3/5.0.0/5.0.1

Cross-site scripting vulnerability in Cybozu Garoon 4.10.3 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors.

4.8
2020-06-30 CVE-2020-5585 Cybozu Cross-site Scripting vulnerability in Cybozu Garoon 5.0.0/5.0.1

Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator rights to inject an arbitrary script via unspecified vectors.

4.8
2020-06-30 CVE-2019-20416 Atlassian Cross-site Scripting vulnerability in Atlassian Jira

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the project configuration feature.

4.8
2020-06-29 CVE-2020-13423 Form Builder FOR Magento 2 Project Cross-site Scripting vulnerability in Form Builder for Magento 2 Project Form Builder for Magento 2 2.1.0

Form Builder 2.1.0 for Magento has multiple XSS issues that can be exploited against Magento 2 admin accounts via the Current_url or email field, or the User-Agent HTTP header.

4.8
2020-07-01 CVE-2020-4387 IBM Race Condition vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to obtain sensitive information using a race condition of a symbolic link.

4.7
2020-07-01 CVE-2020-4386 IBM Race Condition vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to obtain sensitive information using a race condition of a symbolic link.

4.7
2020-07-01 CVE-2020-4027 Atlassian Injection vulnerability in Atlassian Confluence

Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vulnerability in custom user macros.

4.7
2020-06-29 CVE-2019-18256 Biotronik Insufficiently Protected Credentials vulnerability in Biotronik products

BIOTRONIK CardioMessenger II, The affected products use individual per-device credentials that are stored in a recoverable format.

4.6
2020-06-29 CVE-2019-18254 Biotronik Cleartext Storage of Sensitive Information vulnerability in Biotronik products

BIOTRONIK CardioMessenger II, The affected products do not encrypt sensitive information while at rest.

4.6
2020-07-02 CVE-2020-9497 Apache
Fedoraproject
Debian
Improper Input Validation vulnerability in multiple products

Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static virtual channels.

4.4
2020-07-01 CVE-2020-4414 IBM Unspecified vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory.

4.4
2020-06-30 CVE-2020-5973 Nvidia
Canonical
NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service.
4.4
2020-06-30 CVE-2020-15401 Iobit Link Following vulnerability in Iobit Malware Fighter 8.0.2.547

IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain privileges for file deletion by manipulating malicious flagged file locations with an NTFS junction and an Object Manager symbolic link.

4.4
2020-07-02 CVE-2020-8166 Rubyonrails
Debian
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

A CSRF forgery vulnerability exists in rails < 5.2.5, rails < 6.0.4 that makes it possible for an attacker to, given a global CSRF token such as the one present in the authenticity_token meta tag, forge a per-form CSRF token.

4.3
2020-07-02 CVE-2020-2216 Jenkins Missing Authorization vulnerability in Jenkins Zephyr for Jira Test Management

A missing permission check in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP server using attacker-specified username and password.

4.3
2020-07-02 CVE-2020-2215 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Zephyr for Jira Test Management

A cross-site request forgery vulnerability in Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified username and password.

4.3
2020-07-02 CVE-2020-2213 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins White Source

Jenkins White Source Plugin 19.1.1 and earlier stores credentials unencrypted in its global configuration file and in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission (config.xml), or access to the master file system.

4.3
2020-07-02 CVE-2020-2212 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Github Coverage Reporter

Jenkins GitHub Coverage Reporter Plugin 1.8 and earlier stores secrets unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system or read permissions on the system configuration.

4.3
2020-07-02 CVE-2020-2210 Jenkins Cleartext Transmission of Sensitive Information vulnerability in Jenkins Stash Branch Parameter

Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier transmits configured passwords in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure.

4.3
2020-07-02 CVE-2020-2209 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Testcomplete Support

Jenkins TestComplete support Plugin 2.4.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.

4.3
2020-07-02 CVE-2020-2208 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Slack Upload

Jenkins Slack Upload Plugin 1.7 and earlier stores a secret unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.

4.3
2020-07-02 CVE-2020-2203 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Fortify on Demand

A cross-site request forgery vulnerability in Jenkins Fortify on Demand Plugin 5.0.1 and earlier allows attackers to connect to the globally configured Fortify on Demand endpoint using attacker-specified credentials IDs.

4.3
2020-07-02 CVE-2020-2202 Jenkins Missing Authorization vulnerability in Jenkins Fortify on Demand

A missing permission check in Jenkins Fortify on Demand Plugin 6.0.0 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.

4.3
2020-07-01 CVE-2020-5905 F5 Cross-site Scripting vulnerability in F5 products

In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network > WCCP page, the system does not sanitize all user-provided data before display.

4.3
2020-07-01 CVE-2019-4704 IBM Missing Encryption of Sensitive Data vulnerability in IBM Security Identity Manager Virtual Appliance 7.0.2

IBM Security Identity Manager Virtual Appliance 7.0.2 does not set the secure attribute on authorization tokens or session cookies.

4.3
2020-07-01 CVE-2020-4029 Atlassian Unspecified vulnerability in Atlassian products

The /rest/project-templates/1.0/createshared resource in Atlassian Jira Server and Data Center before version 8.5.5, from 8.6.0 before 8.7.2, and from 8.8.0 before 8.8.1 allows remote attackers to enumerate project names via an improper authorization vulnerability.

4.3
2020-06-30 CVE-2020-15412 Misp Missing Authorization vulnerability in Misp 2.4.128

An issue was discovered in MISP 2.4.128.

4.3
2020-06-30 CVE-2020-15400 Cakefoundation Cross-site Scripting vulnerability in Cakefoundation Cakephp

CakePHP before 4.0.6 mishandles CSRF token generation.

4.3
2020-06-30 CVE-2020-5582 Cybozu Unspecified vulnerability in Cybozu Garoon

Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to alter the data for the file attached to Report via unspecified vectors.

4.3
2020-06-30 CVE-2019-20415 Atlassian Cross-Site Request Forgery (CSRF) vulnerability in Atlassian products

Atlassian Jira Server and Data Center in affected versions allows remote attackers to modify logging and profiling settings via a cross-site request forgery (CSRF) vulnerability.

4.3
2020-06-29 CVE-2019-18252 Biotronik Improper Authentication vulnerability in Biotronik products

BIOTRONIK CardioMessenger II, The affected products allow credential reuse for multiple authentication purposes.

4.3
2020-06-29 CVE-2019-18248 Biotronik Cleartext Transmission of Sensitive Information vulnerability in Biotronik products

BIOTRONIK CardioMessenger II, The affected products transmit credentials in clear-text prior to switching to an encrypted communication channel.

4.3
2020-06-29 CVE-2019-18246 Biotronik Improper Authentication vulnerability in Biotronik products

BIOTRONIK CardioMessenger II, The affected products do not properly enforce mutual authentication with the BIOTRONIK Remote Communication infrastructure.

4.3
2020-06-29 CVE-2019-20411 Atlassian Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to modify Wallboard settings via a Cross-site request forgery (CSRF) vulnerability.

4.3
2020-07-02 CVE-2020-8179 Nextcloud Improper Privilege Management vulnerability in Nextcloud Deck

Improper access control in Nextcloud Deck 1.0.0 allowed an attacker to inject tasks into other users decks.

4.1

5 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-07-02 CVE-2020-2218 HP Application Lifecycle Management Quality Center Project Insufficiently Protected Credentials vulnerability in HP Application Lifecycle Management Quality Center Project HP Application Lifecycle Management Quality Center

Jenkins HP ALM Quality Center Plugin 1.6 and earlier stores a password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system.

3.3
2020-07-01 CVE-2019-4706 IBM Information Exposure Through Log Files vulnerability in IBM Security Identity Manager Virtual Appliance 7.0.2

IBM Security Identity Manager Virtual Appliance 7.0.2 writes information to log files which can be of a sensitive nature and give valuable guidance to an attacker or expose sensitive user information.

2.7
2020-07-01 CVE-2019-4705 IBM Unspecified vulnerability in IBM Security Identity Manager Virtual Appliance 7.0.2

IBM Security Identity Manager Virtual Appliance 7.0.2 discloses sensitive information to unauthorized users.

2.7
2020-06-29 CVE-2020-12039 Baxter Use of Hard-coded Credentials vulnerability in Baxter Sigma Spectrum Infusion System Firmware 6.0/6.05/8.0

Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion System v's8.x model 35700BAX2 contain hardcoded passwords when physically entered on the keypad provide access to biomedical menus including device settings, view calibration values, network configuration of Sigma Spectrum WBM if installed.

2.4
2020-07-02 CVE-2020-15469 Qemu
Debian
NULL Pointer Dereference vulnerability in multiple products

In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference.

2.3