Weekly Vulnerabilities Reports > August 3 to 9, 2020

Overview

163 new vulnerabilities reported during this period, including 15 critical vulnerabilities and 40 high severity vulnerabilities. This weekly summary report vulnerabilities in 184 products from 85 vendors including IBM, Jetbrains, Fedoraproject, Canonical, and Deltaww. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Input Validation", "Out-of-bounds Write", "Information Exposure", and "Improper Authentication".

  • 106 reported vulnerabilities are remotely exploitables.
  • 54 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 119 reported vulnerabilities are exploitable by an anonymous user.
  • IBM has the most reported vulnerabilities, with 20 reported vulnerabilities.
  • Apache has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

15 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-08-06 CVE-2020-12441 Ivanti Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ivanti products

Denial-of-Service (DoS) in Ivanti Service Manager HEAT Remote Control 7.4 due to a buffer overflow in the protocol parser of the ‘HEATRemoteService’ agent.

10.0
2020-08-06 CVE-2020-7356 Cayintech SQL Injection vulnerability in Cayintech Xpost 1.0/2.0/2.5.18103

CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability.

10.0
2020-08-06 CVE-2020-7357 Cayintech OS Command Injection vulnerability in Cayintech products

Cayin CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials.

9.9
2020-08-07 CVE-2020-11984 Apache
Netapp
Canonical
Debian
Fedoraproject
Opensuse
Oracle
Classic Buffer Overflow vulnerability in multiple products

Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE

9.8
2020-08-05 CVE-2020-17353 Lilypond
Fedoraproject
Debian
Opensuse
scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, as demonstrated by including dangerous PostScript code.
9.8
2020-08-05 CVE-2020-13921 Apache SQL Injection vulnerability in Apache Skywalking

**Resolved** Only when using H2/MySQL/TiDB as Apache SkyWalking storage, there is a SQL injection vulnerability in the wildcard query cases.

9.8
2020-08-05 CVE-2020-13151 Aerospike OS Command Injection vulnerability in Aerospike Server

Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query.

9.8
2020-08-07 CVE-2020-13376 Securenvoy Path Traversal vulnerability in Securenvoy Securmail 9.3.503

SecurEnvoy SecurMail 9.3.503 allows attackers to upload executable files and achieve OS command execution via a crafted SecurEnvoyReply cookie.

9.3
2020-08-06 CVE-2020-16215 Advantech Improper Input Validation vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.

9.3
2020-08-09 CVE-2020-17452 Flatcore Unrestricted Upload of File with Dangerous Type vulnerability in Flatcore

flatCore before 1.5.7 allows upload and execution of a .php file by an admin.

9.0
2020-08-06 CVE-2020-13365 Zyxel Improper Authentication vulnerability in Zyxel products

Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root.

9.0
2020-08-06 CVE-2020-13364 Zyxel Unspecified vulnerability in Zyxel products

A backdoor in certain Zyxel products allows remote TELNET access via a CGI script.

9.0
2020-08-06 CVE-2020-7361 Easycorp OS Command Injection vulnerability in Easycorp Zentao PRO 8.8.2

The EasyCorp ZenTao Pro application suffers from an OS command injection vulnerability in its '/pro/repo-create.html' component.

9.0
2020-08-05 CVE-2020-13404 Quadra Informatique OS Command Injection vulnerability in Quadra-Informatique Atos/Sips

The ATOS/Sips (aka Atos-Magento) community module 3.0.0 to 3.0.5 for Magento allows command injection.

9.0
2020-08-04 CVE-2020-15467 Cohesive OS Command Injection vulnerability in Cohesive Vns3

The administrative interface of Cohesive Networks vns3:vpn appliances before version 4.11.1 is vulnerable to authenticated remote code execution leading to server compromise.

9.0

40 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-08-08 CVE-2020-15824 Jetbrains
Oracle
Improper Privilege Management vulnerability in multiple products

In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue.

8.8
2020-08-07 CVE-2020-11852 Microfocus OS Command Injection vulnerability in Microfocus Secure Messaging Gateway 471

DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG).

8.8
2020-08-05 CVE-2020-7298 Mcafee Unspecified vulnerability in Mcafee Total Protection

Unexpected behavior violation in McAfee Total Protection (MTP) prior to 16.0.R26 allows local users to turn off real time scanning via a specially crafted object making a specific function call.

8.4
2020-08-07 CVE-2020-15063 Digitus Improper Authentication vulnerability in Digitus Da-70254 Firmware 2.073.000.E0008

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.

8.3
2020-08-07 CVE-2020-15059 Lindy International Improper Authentication vulnerability in Lindy-International 42633 Firmware 2.078.000

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.

8.3
2020-08-07 CVE-2020-15055 TP Link Improper Authentication vulnerability in Tp-Link Tl-Ps310U Firmware

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.

8.3
2020-08-07 CVE-2020-8026 Opensuse Incorrect Default Permissions vulnerability in Opensuse Backports Sle, Leap and Tumbleweed

A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root.

7.8
2020-08-07 CVE-2020-16225 Deltaww Out-of-bounds Write vulnerability in Deltaww Tpeditor

Delta Electronics TPEditor Versions 1.97 and prior.

7.8
2020-08-07 CVE-2020-16223 Deltaww Out-of-bounds Write vulnerability in Deltaww Tpeditor

Delta Electronics TPEditor Versions 1.97 and prior.

7.8
2020-08-07 CVE-2020-16221 Deltaww Out-of-bounds Write vulnerability in Deltaww Tpeditor

Delta Electronics TPEditor Versions 1.97 and prior.

7.8
2020-08-07 CVE-2020-16219 Deltaww Out-of-bounds Read vulnerability in Deltaww Tpeditor

Delta Electronics TPEditor Versions 1.97 and prior.

7.8
2020-08-06 CVE-2020-16229 Advantech Type Confusion vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.

7.8
2020-08-06 CVE-2020-16217 Advantech Double Free vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.

7.8
2020-08-06 CVE-2020-16213 Advantech Out-of-bounds Write vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.

7.8
2020-08-06 CVE-2020-16207 Advantech Out-of-bounds Write vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.

7.8
2020-08-06 CVE-2020-15114 Redhat
Fedoraproject
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access.

7.7
2020-08-04 CVE-2020-16134 Swisscom Insufficiently Protected Credentials vulnerability in Swisscom products

An issue was discovered on Swisscom Internet Box 2, Internet Box Standard, Internet Box Plus prior to 10.04.38, Internet Box 3 prior to 11.01.20, and Internet Box light prior to 08.06.06.

7.7
2020-08-07 CVE-2019-7005 Avaya Unspecified vulnerability in Avaya IP Office

A vulnerability was discovered in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information.

7.5
2020-08-07 CVE-2020-16169 Robotemi Improper Authentication vulnerability in Robotemi Robox OS 117.21/119.24

Authentication Bypass Using an Alternate Path or Channel in temi Robox OS prior to120, temi Android app up to 1.3.7931 allows remote attackers to gain elevated privileges on the temi and have it automatically answer the attacker's calls, granting audio, video, and motor control via unspecified vectors.

7.5
2020-08-07 CVE-2020-9490 Apache
Oracle
Opensuse
Debian
Fedoraproject
Canonical
Redhat
HTTP Request Smuggling vulnerability in multiple products

Apache HTTP Server versions 2.4.20 to 2.4.43.

7.5
2020-08-07 CVE-2020-11993 Apache
Netapp
Canonical
Opensuse
Debian
Fedoraproject
Oracle
HTTP Request Smuggling vulnerability in multiple products

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools.

7.5
2020-08-06 CVE-2020-15115 Redhat
Fedoraproject
Weak Password Requirements vulnerability in multiple products

etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one.

7.5
2020-08-06 CVE-2020-13793 Ivanti Use of Hard-coded Credentials vulnerability in Ivanti DSM Netinst 5.1

Unsafe storage of AD credentials in Ivanti DSM netinst 5.1 due to a static, hard-coded encryption key.

7.5
2020-08-06 CVE-2020-16845 Golang
Opensuse
Debian
Fedoraproject
Infinite Loop vulnerability in multiple products

Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.

7.5
2020-08-05 CVE-2020-5609 Yokogawa Path Traversal vulnerability in Yokogawa products

Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors.

7.5
2020-08-05 CVE-2020-5608 Yokogawa Improper Authentication vulnerability in Yokogawa products

CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to bypass authentication and send altered communication packets via unspecified vectors.

7.5
2020-08-04 CVE-2020-4459 IBM Use of Hard-coded Credentials vulnerability in IBM Security Secret Server 10.7/10.7.000059

IBM Security Verify Access 10.7 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

7.5
2020-08-04 CVE-2020-5616 Calendar01 Project
Calendar02 Project
Calendarform01 Project
Gallery01 Project
Link01 Project
Pkobo News01 Project
Pkobo Vote01 Project
Telop01 Project
Improper Authentication vulnerability in multiple products

[Calendar01], [Calendar02], [PKOBO-News01], [PKOBO-vote01], [Telop01], [Gallery01], [CalendarForm01], and [Link01] [Calendar01] free edition ver1.0.0, [Calendar02] free edition ver1.0.0, [PKOBO-News01] free edition ver1.0.3 and earlier, [PKOBO-vote01] free edition ver1.0.1 and earlier, [Telop01] free edition ver1.0.0, [Gallery01] free edition ver1.0.3 and earlier, [CalendarForm01] free edition ver1.0.3 and earlier, and [Link01] free edition ver1.0.0 allows remote attackers to bypass authentication and log in to the product with administrative privileges via unspecified vectors.

7.5
2020-08-05 CVE-2020-17366 Nlnetlabs Improper Certificate Validation vulnerability in Nlnetlabs Routinator

An issue was discovered in NLnet Labs Routinator 0.1.0 through 0.7.1.

7.4
2020-08-04 CVE-2020-6012 Checkpoint Link Following vulnerability in Checkpoint Zonealarm Anti-Ransomware 1.0.0601/1.0.710

ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory with low privileges.

7.4
2020-08-07 CVE-2020-15480 Passmark Unspecified vulnerability in Passmark Burnintest, Osforensics and Performancetest

An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10.

7.2
2020-08-07 CVE-2020-15479 Passmark Classic Buffer Overflow vulnerability in Passmark Burnintest, Osforensics and Performancetest

An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10.

7.2
2020-08-06 CVE-2020-7352 GOG Use of Hard-coded Credentials vulnerability in GOG Galaxy

The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows environment.

7.2
2020-08-05 CVE-2020-8607 Trendmicro Improper Input Validation vulnerability in Trendmicro products

An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode.

7.2
2020-08-03 CVE-2019-19455 Wowza Incorrect Permission Assignment for Critical Resource vulnerability in Wowza Streaming Engine

Wowza Streaming Engine before 4.8.5 has Insecure Permissions which may allow a local attacker to escalate privileges in / usr / local / WowzaStreamingEngine / manager / bin / in the Linux version of the server by writing arbitrary commands in any file and execute them as root.

7.2
2020-08-03 CVE-2020-4534 IBM Improper Privilege Management vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper handling of UNC paths.

7.2
2020-08-05 CVE-2020-15113 Etcd
Fedoraproject
Improper Preservation of Permissions vulnerability in multiple products

In etcd before versions 3.3.23 and 3.4.10, certain directory paths are created (etcd data directory and the directory path when provided to automatically generate self-signed certificates for TLS connections with clients) with restricted access permissions (700) by using the os.MkdirAll.

7.1
2020-08-03 CVE-2020-5772 Teltonika Networks Unrestricted Upload of File with Dangerous Type vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.01

Improper Input Validation in Teltonika firmware TRB2_R_00.02.04.01 allows a remote, authenticated attacker to gain root privileges by uploading a malicious package file.

7.1
2020-08-03 CVE-2020-5771 Teltonika Networks Unrestricted Upload of File with Dangerous Type vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.01

Improper Input Validation in Teltonika firmware TRB2_R_00.02.04.01 allows a remote, authenticated attacker to gain root privileges by uploading a malicious backup archive.

7.1
2020-08-06 CVE-2020-15702 Canonical Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Canonical Apport

TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code.

7.0

90 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-08-03 CVE-2020-4554 IBM Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I2 Analysts Notebook 9.2.1/9.2.2

IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption.

6.9
2020-08-03 CVE-2020-4553 IBM Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I2 Analysts Notebook 9.2.1/9.2.2

IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption.

6.9
2020-08-03 CVE-2020-4552 IBM Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I2 Analysts Notebook 9.2.1

IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption.

6.9
2020-08-03 CVE-2020-4551 IBM Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I2 Analysts Notebook 9.2.1/9.2.2

IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption.

6.9
2020-08-03 CVE-2020-4550 IBM Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I2 Analysts Notebook 9.2.1/9.2.2

IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption.

6.9
2020-08-03 CVE-2020-4549 IBM Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM I2 Analysts Notebook 9.2.1

IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption.

6.9
2020-08-07 CVE-2020-7810 Handysoft Improper Validation of Integrity Check Value vulnerability in Handysoft Hslogin2.Dll 6.7.8.4/7.3.4

hslogin2.dll ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method.

6.8
2020-08-07 CVE-2020-16227 Deltaww Improper Input Validation vulnerability in Deltaww Tpeditor

Delta Electronics TPEditor Versions 1.97 and prior.

6.8
2020-08-04 CVE-2020-15135 Save Server Project Cross-Site Request Forgery (CSRF) vulnerability in Save-Server Project Save-Server 1.0.3/1.0.4

save-server (npm package) before version 1.05 is affected by a CSRF vulnerability, as there is no CSRF mitigation (Tokens etc.).

6.8
2020-08-04 CVE-2020-16203 Deltaww Access of Uninitialized Pointer vulnerability in Deltaww Cncsoft Screeneditor 1.00.88/1.00.96/1.01.23

Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior.

6.8
2020-08-04 CVE-2020-16199 Deltaww Out-of-bounds Write vulnerability in Deltaww Cncsoft Screeneditor 1.00.88/1.00.96/1.01.23

Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior.

6.8
2020-08-04 CVE-2020-7823 Hmtalk Out-of-bounds Write vulnerability in Hmtalk Daviewindy 8.98.4/8.98.7

DaviewIndy has a Memory corruption vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe.

6.8
2020-08-04 CVE-2020-7822 Hmtalk Out-of-bounds Write vulnerability in Hmtalk Daviewindy 8.98.4/8.98.7

DaviewIndy has a Heap-based overflow vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe.

6.8
2020-08-04 CVE-2020-5615 Calendar01 Project
Calendar02 Project
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

Cross-site request forgery (CSRF) vulnerability in [Calendar01] free edition ver1.0.0 and [Calendar02] free edition ver1.0.0 allows remote attackers to hijack the authentication of administrators via unspecified vectors.

6.8
2020-08-03 CVE-2020-5770 Teltonika Networks Cross-Site Request Forgery (CSRF) vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.01

Cross-site request forgery in Teltonika firmware TRB2_R_00.02.04.01 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.

6.8
2020-08-05 CVE-2020-14344 X ORG
Fedoraproject
Canonical
Opensuse
Integer Overflow or Wraparound vulnerability in multiple products

An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10.

6.7
2020-08-08 CVE-2020-15825 Jetbrains Improper Privilege Management vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges.

6.5
2020-08-08 CVE-2020-15817 Jetbrains Code Injection vulnerability in Jetbrains Youtrack

In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues.

6.5
2020-08-07 CVE-2020-17352 Sophos OS Command Injection vulnerability in Sophos XG Firewall Firmware 17.5/18.0

Two OS command injection vulnerabilities in the User Portal of Sophos XG Firewall through 2020-08-05 potentially allow an authenticated attacker to remotely execute arbitrary code.

6.5
2020-08-07 CVE-2020-16168 Robotemi Origin Validation Error vulnerability in Robotemi Temi Firmware

Origin Validation Error in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to access the REST API and MQTT broker used by the temi and send it custom data/requests via unspecified vectors.

6.5
2020-08-06 CVE-2020-15136 Redhat
Fedoraproject
Missing Authentication for Critical Function vulnerability in multiple products

In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records.

6.5
2020-08-05 CVE-2020-15112 Etcd
Fedoraproject
Improper Validation of Array Index vulnerability in multiple products

In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go.

6.5
2020-08-05 CVE-2020-15106 Etcd
Fedoraproject
In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method.
6.5
2020-08-03 CVE-2020-5773 Teltonika Networks Improper Privilege Management vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.01

Improper Access Control in Teltonika firmware TRB2_R_00.02.04.01 allows a low privileged user to perform unauthorized write operations.

6.5
2020-08-03 CVE-2020-4328 IBM SQL Injection vulnerability in IBM Financial Transaction Manager FOR Multiplatform 3.2.4

IBM Financial Transaction Manager 3.2.4 is vulnerable to SQL injection.

6.5
2020-08-07 CVE-2020-16167 Robotemi Missing Authentication for Critical Function vulnerability in Robotemi Launcher OS 11969/13146

Missing Authentication for Critical Function in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to receive and answer calls intended for another temi user.

6.4
2020-08-05 CVE-2020-4481 IBM XML Entity Expansion vulnerability in IBM Urbancode Deploy

IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.

6.4
2020-08-03 CVE-2020-16272 KEE Improper Input Validation vulnerability in KEE Keepassrpc

The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 is missing validation for a client-provided parameter, which allows remote attackers to read and modify data in the KeePass database via an A=0 WebSocket connection.

6.4
2020-08-03 CVE-2020-16271 KEE Use of Insufficiently Random Values vulnerability in KEE Keepassrpc

The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 generates insufficiently random numbers, which allows remote attackers to read and modify data in the KeePass database via a WebSocket connection.

6.4
2020-08-03 CVE-2020-4377 IBM XML Entity Expansion vulnerability in IBM Cognos Analytics 11.0.0/11.1.0

IBM Cognos Anaytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.

6.4
2020-08-07 CVE-2020-15065 Digitus Improper Input Validation vulnerability in Digitus Da-70254 Firmware 2.073.000.E0008

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to denial-of-service the device via long input values.

6.1
2020-08-07 CVE-2020-15061 Lindy International Improper Input Validation vulnerability in Lindy-International 42633 Firmware 2.078.000

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values.

6.1
2020-08-07 CVE-2020-15057 TP Link Improper Input Validation vulnerability in Tp-Link Tl-Ps310U Firmware

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to denial-of-service the device via long input values.

6.1
2020-08-03 CVE-2020-11584 Plesk Cross-site Scripting vulnerability in Plesk Onyx 17.8.11

A GET-based XSS reflected vulnerability in Plesk Onyx 17.8.11 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter.

6.1
2020-08-03 CVE-2020-11583 Plesk Cross-site Scripting vulnerability in Plesk Obsidian 18.0.17

A GET-based XSS reflected vulnerability in Plesk Obsidian 18.0.17 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter.

6.1
2020-08-03 CVE-2020-13820 Extremenetworks Cross-site Scripting vulnerability in Extremenetworks Extreme Management Center 8.4.1.24

Extreme Management Center 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request.

6.1
2020-08-09 CVE-2020-16248 Prometheus Server-Side Request Forgery (SSRF) vulnerability in Prometheus Blackbox Exporter

Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF.

5.8
2020-08-05 CVE-2020-16253 Pghero Project Cross-Site Request Forgery (CSRF) vulnerability in Pghero Project Pghero

The PgHero gem through 2.6.0 for Ruby allows CSRF.

5.8
2020-08-06 CVE-2020-15701 Canonical Improper Handling of Exceptional Conditions vulnerability in Canonical Apport

An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service.

5.5
2020-08-06 CVE-2020-16211 Advantech Out-of-bounds Read vulnerability in Advantech Webaccess/Hmi Designer 2.1/2.1.9.31

Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior.

5.5
2020-08-05 CVE-2020-14347 X ORG
Debian
Canonical
Improper Initialization vulnerability in multiple products

A flaw was found in the way xserver memory was not properly initialized.

5.5
2020-08-04 CVE-2020-15943 Gantt Chart Project Missing Authorization vulnerability in Gantt-Chart Project Gantt-Chart

An issue was discovered in the Gantt-Chart module before 5.5.4 for Jira.

5.5
2020-08-03 CVE-2020-16269 Radare
Fedoraproject
radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parse_typedef in type_dwarf.c via a malformed DW_AT_name in the .debug_info section.
5.5
2020-08-03 CVE-2019-19453 Wowza Cross-site Scripting vulnerability in Wowza Streaming Engine

Wowza Streaming Engine before 4.8.5 allows XSS (issue 1 of 2).

5.4
2020-08-07 CVE-2020-11985 Apache Insufficient Verification of Data Authenticity vulnerability in Apache Http Server

IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts.

5.3
2020-08-08 CVE-2020-15829 Jetbrains Information Exposure vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs.

5.0
2020-08-08 CVE-2020-15827 Jetbrains Improper Verification of Cryptographic Signature vulnerability in Jetbrains Toolbox 1.17/1.17.6802

In JetBrains ToolBox version 1.17 before 1.17.6856, the set of signature verifications omitted the jetbrains-toolbox.exe file.

5.0
2020-08-08 CVE-2020-15823 Jetbrains Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack

JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.

5.0
2020-08-08 CVE-2020-15820 Jetbrains Information Exposure vulnerability in Jetbrains Youtrack

In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence.

5.0
2020-08-08 CVE-2020-15819 Jetbrains Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack

JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports.

5.0
2020-08-08 CVE-2020-15818 Jetbrains Information Exposure vulnerability in Jetbrains Youtrack

In JetBrains YouTrack before 2020.2.8527, the subtasks workflow could disclose issue existence.

5.0
2020-08-08 CVE-2019-19704 Jetbrains Information Exposure vulnerability in Jetbrains Upsource

In JetBrains Upsource before 2020.1, information disclosure is possible because of an incorrect user matching algorithm.

5.0
2020-08-05 CVE-2020-15132 Sulu Information Exposure Through an Error Message vulnerability in Sulu

In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget password" feature on the login screen is used, Sulu asks the user for a username or email address.

5.0
2020-08-05 CVE-2020-15127 Projectcontour Missing Authentication for Critical Function vulnerability in Projectcontour Contour

In Contour ( Ingress controller for Kubernetes) before version 1.7.0, a bad actor can shut down all instances of Envoy, essentially killing the entire ingress data plane.

5.0
2020-08-04 CVE-2020-15109 Nebulab Missing Authorization vulnerability in Nebulab Solidus

In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations.

5.0
2020-08-04 CVE-2020-15956 Acti Classic Buffer Overflow vulnerability in Acti NVR 2.3.04.07/3.0.12.42

ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unauthenticated attackers to trigger a buffer overflow and application termination via a malformed payload.

5.0
2020-08-03 CVE-2020-12739 Fanuc Improper Input Validation vulnerability in Fanuc products

A denial-of-service vulnerability in the Fanuc i Series CNC (0i-MD and 0i Mate-MD) could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices.

5.0
2020-08-03 CVE-2019-4366 IBM Information Exposure vulnerability in IBM Cognos Analytics 11.0.0/11.1.0

IBM Cognos Analytics 11.0 and 11.1 is susceptible to an information disclosure vulnerability where an attacker could gain access to cached browser data.

5.0
2020-08-07 CVE-2020-8025 Suse Incorrect Execution-Assigned Permissions vulnerability in Suse products

A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed sets the permissions for some of the directories of the pcp package to unintended settings.

4.6
2020-08-06 CVE-2020-7817 Raonwiz Download of Code Without Integrity Check vulnerability in Raonwiz K Upload 6.2.2018.529

MyBrowserPlus downloads the files needed to run the program through the setup file (Setup.inf).

4.6
2020-08-06 CVE-2020-7459 Freebsd Improper Input Validation vulnerability in Freebsd 11.3/11.4/12.1

In FreeBSD 12.1-STABLE before r362166, 12.1-RELEASE before p8, 11.4-STABLE before r362167, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, missing length validation code common to mulitple USB network drivers allows a malicious USB device to write beyond the end of an allocated network packet buffer.

4.6
2020-08-04 CVE-2019-20001 Ricoh Improper Privilege Management vulnerability in Ricoh Streamline NX Client Tool and Streamline NX PC Client

An issue was discovered in RICOH Streamline NX Client Tool and RICOH Streamline NX PC Client that allows attackers to escalate local privileges.

4.6
2020-08-04 CVE-2020-5617 Skygroup Improper Privilege Management vulnerability in Skygroup Skysea Client View 12.200.12N/15.210.05F

Privilege escalation vulnerability in SKYSEA Client View Ver.12.200.12n to 15.210.05f allows an attacker to obtain unauthorized privileges and modify/obtain sensitive information or perform unintended operations via unspecified vectors.

4.6
2020-08-03 CVE-2020-8574 Netapp Unspecified vulnerability in Netapp Active IQ Unified Manager

Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service enabled allowing unauthorized code execution to local users.

4.6
2020-08-03 CVE-2020-8108 Bitdefender Improper Authentication vulnerability in Bitdefender Endpoint Security

Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivileged process to restart the main service and potentially inject third-party code into a trusted process.

4.6
2020-08-06 CVE-2020-7460 Freebsd Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Freebsd 11.3/11.4/12.1

In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace program to modify control message headers after they were validation.

4.4
2020-08-08 CVE-2020-15831 Jetbrains Cross-site Scripting vulnerability in Jetbrains Teamcity

JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI.

4.3
2020-08-08 CVE-2020-15830 Jetbrains Cross-site Scripting vulnerability in Jetbrains Teamcity

JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI.

4.3
2020-08-07 CVE-2020-15907 Mahara Cross-site Scripting vulnerability in Mahara

In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and 20.04 before 20.04.1, certain places could execute file or folder names containing JavaScript.

4.3
2020-08-05 CVE-2020-9036 Jeedom Cross-site Scripting vulnerability in Jeedom 4.0.38

Jeedom through 4.0.38 allows XSS.

4.3
2020-08-05 CVE-2020-16254 Chartkick Project Injection vulnerability in Chartkick Project Chartkick

The Chartkick gem through 3.3.2 for Ruby allows Cascading Style Sheets (CSS) Injection (without attribute).

4.3
2020-08-05 CVE-2020-16192 Limesurvey Cross-site Scripting vulnerability in Limesurvey 4.3.2

LimeSurvey 4.3.2 allows reflected XSS because application/controllers/LSBaseController.php lacks code to validate parameters.

4.3
2020-08-05 CVE-2020-17364 Usvn Cross-site Scripting vulnerability in Usvn User-Friendly SVN

USVN (aka User-friendly SVN) before 1.0.9 allows XSS via SVN logs.

4.3
2020-08-05 CVE-2020-4243 IBM Session Fixation vulnerability in IBM Security Identity Governance and Intelligence 5.2.6

IBM Security Identity Governance and Intelligence 5.2.6 Virtual Appliance could allow a remote attacker to obtain sensitive information using man in the middle techniques due to not properly invalidating session tokens.

4.3
2020-08-05 CVE-2020-16252 Field Test Project Cross-Site Request Forgery (CSRF) vulnerability in Field Test Project Field Test

The Field Test gem 0.2.0 through 0.3.2 for Ruby allows CSRF.

4.3
2020-08-05 CVE-2020-13819 Extremenetworks Cross-site Scripting vulnerability in Extremenetworks Extreme Management Center 8.4.1.24/8.5

Extreme EAC Appliance 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request.

4.3
2020-08-04 CVE-2020-16847 Extremenetworks Cross-site Scripting vulnerability in Extremenetworks Extreme Management Center 8.4.1.24/8.5

Extreme Analytics in Extreme Management Center before 8.5.0.169 allows unauthenticated reflected XSS via a parameter in a GET request, aka CFD-4887.

4.3
2020-08-04 CVE-2020-16843 Amazon Unspecified vulnerability in Amazon Firecracker 0.20.0/0.21.0/0.21.1

In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic.

4.3
2020-08-04 CVE-2020-16201 Deltaww Out-of-bounds Read vulnerability in Deltaww Cncsoft Screeneditor 1.00.88/1.00.96/1.01.23

Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior.

4.3
2020-08-03 CVE-2020-16131 Tiki Cross-site Scripting vulnerability in Tiki

Tiki before 21.2 allows XSS because [\s\/"\'] is not properly considered in lib/core/TikiFilter/PreventXss.php.

4.3
2020-08-03 CVE-2015-9549 Ocportal Cross-site Scripting vulnerability in Ocportal 9.0.20

A reflected Cross-site Scripting (XSS) vulnerability exists in OcPortal 9.0.20 via the OCF_EMOTICON_CELL.tpl FIELD_NAME field to data/emoticons.php.

4.3
2020-08-03 CVE-2020-4560 IBM Cross-site Scripting vulnerability in IBM Financial Transaction Manager 3.2.4.0

IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting.

4.3
2020-08-08 CVE-2020-15828 Jetbrains Information Exposure vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2020.1.1, project parameter values can be retrieved by a user without appropriate permissions.

4.0
2020-08-08 CVE-2020-15826 Jetbrains Incorrect Authorization vulnerability in Jetbrains Teamcity

In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have.

4.0
2020-08-08 CVE-2020-15821 Jetbrains Incorrect Default Permissions vulnerability in Jetbrains Youtrack

In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.

4.0
2020-08-07 CVE-2020-5412 Vmware Externally Controlled Reference to a Resource in Another Sphere vulnerability in VMWare Spring Cloud Netflix 2.1.0/2.2.0

Spring Cloud Netflix, versions 2.2.x prior to 2.2.4, versions 2.1.x prior to 2.1.6, and older unsupported versions allow applications to use the Hystrix Dashboard proxy.stream endpoint to make requests to any server reachable by the server hosting the dashboard.

4.0
2020-08-05 CVE-2017-18112 Atlassian Information Exposure vulnerability in Atlassian Fisheye

Affected versions of Atlassian Fisheye allow remote attackers to view the HTTP password of a repository via an Information Disclosure vulnerability in the logging feature.

4.0
2020-08-04 CVE-2020-4410 IBM Information Exposure vulnerability in IBM products

IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to send a specially crafted HTTP GET request to read attachments on the server that they should not have access to.

4.0
2020-08-03 CVE-2020-14319 Redhat Cross-Site Request Forgery (CSRF) vulnerability in Redhat AMQ Online and Enmasse

It was found that the AMQ Online console is vulnerable to a Cross-Site Request Forgery (CSRF) which is exploitable in cases where preflight checks are not instigated or bypassed.

4.0
2020-08-03 CVE-2019-4589 IBM Improper Privilege Management vulnerability in IBM Cognos Analytics 11.1.0/11.0.0

IBM Cognos Analytics 11.0 and 11.1 is vulnerable to privlege escalation where the "My schedules and subscriptions" page is visible and accessible to a less privileged user.

4.0

18 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-08-04 CVE-2020-13522 Softperfect Unspecified vulnerability in Softperfect RAM Disk 4.1

An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver.

3.6
2020-08-09 CVE-2020-17451 Flatcore Cross-site Scripting vulnerability in Flatcore

flatCore before 1.5.7 allows XSS by an admin via the acp/acp.php?tn=pages&sub=edit&editpage=1 page_linkname, page_title, page_content, or page_extracontent parameter, or the acp/acp.php?tn=system&sub=sys_pref prefs_pagename, prefs_pagetitle, or prefs_pagesubtitle parameter.

3.5
2020-08-04 CVE-2020-15944 Gantt Chart Project Cross-site Scripting vulnerability in Gantt-Chart Project Gantt-Chart

An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira.

3.5
2020-08-04 CVE-2020-4542 IBM Cross-site Scripting vulnerability in IBM Engineering Requirements Management Doors Next 7.0

IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.

3.5
2020-08-04 CVE-2020-4525 IBM Cross-site Scripting vulnerability in IBM products

IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.

3.5
2020-08-04 CVE-2020-4396 IBM Cross-site Scripting vulnerability in IBM Engineering Test Management 7.0.0

IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting.

3.5
2020-08-07 CVE-2020-15062 Digitus Insufficiently Protected Credentials vulnerability in Digitus Da-70254 Firmware 2.073.000.E0008

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.

3.3
2020-08-07 CVE-2020-15058 Lindy International Insufficiently Protected Credentials vulnerability in Lindy-International 42633 Firmware 2.078.000

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.

3.3
2020-08-07 CVE-2020-15054 TP Link Insufficiently Protected Credentials vulnerability in Tp-Link Tl-Ps310U Firmware

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.

3.3
2020-08-03 CVE-2020-16116 KDE
Debian
Fedoraproject
Opensuse
Canonical
Path Traversal vulnerability in multiple products

In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal.

3.3
2020-08-07 CVE-2020-15138 Prismjs Cross-site Scripting vulnerability in Prismjs Previewers

Prism is vulnerable to Cross-Site Scripting.

2.6
2020-08-07 CVE-2020-15064 Digitus Cross-site Scripting vulnerability in Digitus Da-70254 Firmware 2.073.000.E0008

DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.

2.3
2020-08-07 CVE-2020-15060 Lindy International Cross-site Scripting vulnerability in Lindy-International 42633 Firmware 2.078.000

Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.

2.3
2020-08-07 CVE-2020-15056 TP Link Cross-site Scripting vulnerability in Tp-Link Tl-Ps310U Firmware

TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.

2.3
2020-08-06 CVE-2020-11937 Canonical Memory Leak vulnerability in Canonical Whoopsie

In whoopsie, parse_report() from whoopsie.c allows a local attacker to cause a denial of service via a crafted file.

2.1
2020-08-04 CVE-2020-13523 Softperfect Missing Authorization vulnerability in Softperfect RAM Disk 4.1

An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve.sys driver.

2.1
2020-08-03 CVE-2020-8575 Netapp Unspecified vulnerability in Netapp Active IQ Unified Manager 7.3/9.5/9.6

Active IQ Unified Manager for VMware vSphere and Windows versions prior to 9.5 are susceptible to a vulnerability which allows administrative users to cause Denial of Service (DoS).

2.1
2020-08-04 CVE-2020-4631 IBM Incorrect Permission Assignment for Critical Resource vulnerability in IBM Spectrum Protect Plus

IBM Spectrum Protect Plus 10.1.0 through 10.1.6 agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to cause interruption of the service operations.

1.9