Weekly Vulnerabilities Reports > August 10 to 16, 2020

Overview

315 new vulnerabilities reported during this period, including 34 critical vulnerabilities and 124 high severity vulnerabilities. This weekly summary report vulnerabilities in 403 products from 106 vendors including Intel, Canonical, Debian, Artifex, and Google. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Classic Buffer Overflow", "Out-of-bounds Read", and "SQL Injection".

  • 164 reported vulnerabilities are remotely exploitables.
  • 4 reported vulnerabilities have public exploit available.
  • 83 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 162 reported vulnerabilities are exploitable by an anonymous user.
  • Intel has the most reported vulnerabilities, with 52 reported vulnerabilities.
  • Google has the most reported critical vulnerabilities, with 4 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

34 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-08-12 CVE-2020-5415 Pivotal Software Authentication Bypass by Spoofing vulnerability in Pivotal Software Concourse

Concourse, versions prior to 6.3.1 and 6.4.1, in installations which use the GitLab auth connector, is vulnerable to identity spoofing by way of configuring a GitLab account with the same full name as another user who is granted access to a Concourse team.

10.0
2020-08-16 CVE-2020-24361 Snmptt
Debian
Improper Check for Dropped Privileges vulnerability in multiple products

SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknown_trap_exec.

9.8
2020-08-14 CVE-2020-17474 Zkteco Insufficient Session Expiration vulnerability in Zkteco Facedepot 7B Firmware and Zkbiosecurity Server

A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to create arbitrary new users, elevate users to administrators, delete users, and download user faces from the database.

9.8
2020-08-14 CVE-2020-15692 NIM Lang Argument Injection or Modification vulnerability in Nim-Lang NIM

In Nim 1.2.4, the standard library browsers mishandles the URL argument to browsers.openDefaultBrowser.

9.8
2020-08-14 CVE-2020-10055 Siemens Code Injection vulnerability in Siemens products

A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x).

9.8
2020-08-14 CVE-2020-7701 Springtree Unspecified vulnerability in Springtree Madlib-Object-Utils

madlib-object-utils before 0.1.7 is vulnerable to Prototype Pollution via setValue.

9.8
2020-08-14 CVE-2020-7700 PHP JS Project Unspecified vulnerability in PHP.Js Project PHP.Js

All versions of phpjs are vulnerable to Prototype Pollution via parse_str.

9.8
2020-08-13 CVE-2020-17463 Thedaylightstudio SQL Injection vulnerability in Thedaylightstudio Fuel CMS 1.4.7

FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.

9.8
2020-08-13 CVE-2019-16374 Pega Unspecified vulnerability in Pega Platform

Pega Platform 8.2.1 allows LDAP injection because a username can contain a * character and can be of unlimited length.

9.8
2020-08-13 CVE-2020-4589 IBM Deserialization of Untrusted Data vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources.

9.8
2020-08-12 CVE-2020-16137 Cisco Unspecified vulnerability in Cisco Unified IP Conference Station 7937G Firmware 1.4.4.0/1.4.5.7

A privilege escalation issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to reset the credentials for the SSH administrative console to arbitrary values.

9.8
2020-08-12 CVE-2020-12107 Stengg OS Command Injection vulnerability in Stengg Vpncrypt M10 Firmware 2.6.5

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command injection via a text field, which allow full control over this module's Operating System.

9.8
2020-08-12 CVE-2020-12106 Stengg Missing Authentication for Critical Function vulnerability in Stengg Vpncrypt M10 Firmware 2.6.5

The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Administrator account or connect the product to a rogue access point.

9.8
2020-08-12 CVE-2020-17506 Articatech SQL Injection vulnerability in Articatech web Proxy 4.30.000000

Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php.

9.8
2020-08-12 CVE-2020-17446 Magic
Debian
Access of Uninitialized Pointer vulnerability in multiple products

asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code (on a database client) via a crafted server response, because of access to an uninitialized pointer in the array data decoder.

9.8
2020-08-12 CVE-2020-17496 Vbulletin Injection vulnerability in Vbulletin

vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request.

9.8
2020-08-12 CVE-2020-6932 Blackberry Unspecified vulnerability in Blackberry QNX Software Development Platform

An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development Platform versions 6.4.0 to 6.6.0 could allow an attacker to potentially read arbitrary files and run arbitrary executables in the context of the web server.

9.8
2020-08-11 CVE-2020-0253 Google Use After Free vulnerability in Google Android

There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152647365

9.8
2020-08-11 CVE-2020-0252 Google Use After Free vulnerability in Google Android

There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152236803

9.8
2020-08-11 CVE-2020-17466 Turcom Always-Incorrect Control Flow Implementation vulnerability in Turcom Trcwifizone 20200810

Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by visiting manage/control.php and ignoring 302 Redirect responses.

9.8
2020-08-11 CVE-2020-17368 Firejail Project
Debian
Fedoraproject
Opensuse
OS Command Injection vulnerability in multiple products

Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection.

9.8
2020-08-11 CVE-2020-11552 Zohocorp Improper Privilege Management vulnerability in Zohocorp Manageengine Adselfservice Plus

An elevation of privilege vulnerability exists in ManageEngine ADSelfService Plus before build 6003 because it does not properly enforce user privileges associated with a Certificate dialog.

9.8
2020-08-10 CVE-2020-17479 Json Pattern Validator Project Improper Input Validation vulnerability in Json Pattern Validator Project Json Pattern Validator

jpv (aka Json Pattern Validator) before 2.2.2 does not properly validate input, as demonstrated by a corrupted array.

9.8
2020-08-10 CVE-2020-9529 Hichip Unspecified vulnerability in Hichip Shenzhen Hichip Vision Technology Firmware 11.4.8.1.120170926

Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from a privilege escalation vulnerability that allows attackers on the local network to reset the device's administrator password.

9.8
2020-08-10 CVE-2020-9527 Hichip Classic Buffer Overflow vulnerability in Hichip Shenzhen Hichip Vision Technology Firmware 11.4.8.1.120170926

Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20, after 2018-08-09 through 2020), as used by many different vendors in millions of Internet of Things devices, suffers from buffer overflow vulnerability that allows unauthenticated remote attackers to execute arbitrary code via the peer-to-peer (P2P) service.

9.8
2020-08-14 CVE-2020-15781 Siemens Cross-site Scripting vulnerability in Siemens Sicam A8000 Firmware

A vulnerability has been identified in SICAM WEB firmware for SICAM A8000 RTUs (All versions < V05.30).

9.6
2020-08-12 CVE-2020-8904 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Asylo

An arbitrary memory overwrite vulnerability in the trusted memory of Asylo exists in versions prior to 0.6.0.

9.6
2020-08-10 CVE-2020-13292 Gitlab Improper Authentication vulnerability in Gitlab

In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow.

9.6
2020-08-12 CVE-2020-6294 SAP Missing Authentication for Critical Function vulnerability in SAP Businessobjects Business Intelligence Platform 4.2/4.3

Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on Unix does not perform any authentication checks for functionalities that require user identity.

9.1
2020-08-11 CVE-2020-0260 Google Out-of-bounds Read vulnerability in Google Android

There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152225183

9.1
2020-08-11 CVE-2020-14324 Redhat OS Command Injection vulnerability in Redhat Cloudforms Management Engine

A high severity vulnerability was found in all active versions of Red Hat CloudForms before 5.11.7.0.

9.1
2020-08-11 CVE-2020-14325 Redhat Unspecified vulnerability in Redhat Cloudforms

Red Hat CloudForms before 5.11.7.0 was vulnerable to the User Impersonation authorization flaw which allows malicious attacker to create existent and non-existent role-based access control user, with groups and roles.

9.1
2020-08-14 CVE-2020-15142 Openapi Python Client Project Code Injection vulnerability in Openapi-Python-Client Project Openapi-Python-Client

In openapi-python-client before version 0.5.3, clients generated with a maliciously crafted OpenAPI Document can generate arbitrary Python code.

9.0
2020-08-12 CVE-2020-6284 SAP Cross-site Scripting vulnerability in SAP Netweaver Knowledge Management

SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows the automatic execution of script content in a stored file due to inadequate filtering with the accessing user's privileges.

9.0

124 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-08-14 CVE-2020-4662 IBM Improper Authentication vulnerability in IBM Event Streams 10.0.0

IBM Event Streams 10.0.0 could allow an authenticated user to perform tasks to a schema due to improper authentication validation.

8.8
2020-08-13 CVE-2020-15947 Loway SQL Injection vulnerability in Loway Queuemetrics

A SQL injection vulnerability in the qm_adm/qm_export_stats_run.do endpoint of Loway QueueMetrics before 19.10.21 allows remote authenticated users to execute arbitrary SQL commands via the exportId parameter.

8.8
2020-08-13 CVE-2020-15925 Loway SQL Injection vulnerability in Loway Queuemetrics

A SQL injection vulnerability at a tpf URI in Loway QueueMetrics before 19.10.21 allows remote authenticated attackers to execute arbitrary SQL commands via the TPF_XPAR1 parameter.

8.8
2020-08-13 CVE-2020-8732 Intel Out-of-bounds Write vulnerability in Intel products

Heap-based buffer overflow in the firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

8.8
2020-08-13 CVE-2020-8731 Intel Incorrect Permission Assignment for Critical Resource vulnerability in Intel products

Incorrect execution-assigned permissions in the file system for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

8.8
2020-08-13 CVE-2020-8730 Intel Out-of-bounds Write vulnerability in Intel products

Heap-based overflow for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

8.8
2020-08-13 CVE-2020-8718 Intel Classic Buffer Overflow vulnerability in Intel products

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

8.8
2020-08-13 CVE-2020-8713 Intel Improper Authentication vulnerability in Intel products

Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

8.8
2020-08-13 CVE-2020-8709 Intel Improper Authentication vulnerability in Intel products

Improper authentication in socket services for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

8.8
2020-08-13 CVE-2020-8708 Intel Improper Authentication vulnerability in Intel products

Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

8.8
2020-08-13 CVE-2020-8707 Intel Classic Buffer Overflow vulnerability in Intel products

Buffer overflow in daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

8.8
2020-08-13 CVE-2020-8706 Intel Classic Buffer Overflow vulnerability in Intel products

Buffer overflow in a daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

8.8
2020-08-12 CVE-2020-17505 Articatech OS Command Injection vulnerability in Articatech web Proxy 4.30.000000

Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php.

8.8
2020-08-12 CVE-2020-6296 SAP Unspecified vulnerability in SAP Abap Platform and Netweaver Application Server Abap

SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753, 755, allows an attacker to inject code that can be executed by the application, leading to Code Injection.

8.8
2020-08-12 CVE-2020-8913 Android Path Traversal vulnerability in Android Play Core Library

A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2.

8.8
2020-08-11 CVE-2020-7029 Avaya Cross-Site Request Forgery (CSRF) vulnerability in Avaya Aura Communication Manager and Aura Messaging

A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging.

8.8
2020-08-11 CVE-2020-0240 Google Integer Overflow or Wraparound vulnerability in Google Android 10.0

In NewFixedDoubleArray of factory.cc, there is a possible out of bounds write due to an integer overflow.

8.8
2020-08-11 CVE-2020-13124 Sabnzbd OS Command Injection vulnerability in Sabnzbd 2.3.9/3.0.0

SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operating system.

8.8
2020-08-11 CVE-2020-9079 Huawei Unspecified vulnerability in Huawei Fusionsphere Openstack 8.0.0

FusionSphere OpenStack 8.0.0 have a protection mechanism failure vulnerability.

8.8
2020-08-10 CVE-2020-16277 Carson Saint SQL Injection vulnerability in Carson-Saint Saint Security Suite 8.0/9.8.20

An SQL injection vulnerability in the Analytics component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.

8.8
2020-08-10 CVE-2020-16276 Carson Saint SQL Injection vulnerability in Carson-Saint Saint Security Suite 8.0/9.8.20

An SQL injection vulnerability in the Assets component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.

8.8
2020-08-10 CVE-2020-15659 Mozilla
Opensuse
Canonical
Out-of-bounds Write vulnerability in multiple products

Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0.

8.8
2020-08-10 CVE-2020-15656 Mozilla
Opensuse
Canonical
Type Confusion vulnerability in multiple products

JIT optimizations involving the Javascript arguments object could confuse later optimizations.

8.8
2020-08-10 CVE-2020-6145 Frappe SQL Injection vulnerability in Frappe Erpnext 11.1.38

An SQL injection vulnerability exists in the frappe.desk.reportview.get functionality of ERPNext 11.1.38.

8.8
2020-08-10 CVE-2020-13295 Gitlab Server-Side Request Forgery (SSRF) vulnerability in Gitlab Runner

For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.

8.8
2020-08-10 CVE-2020-12781 Combodo Cross-Site Request Forgery (CSRF) vulnerability in Combodo Itop

Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery.

8.8
2020-08-13 CVE-2020-16087 VNG Injection vulnerability in VNG Zalo Desktop 19.8.1.0

An issue was discovered in Zalo.exe in VNG Zalo Desktop 19.8.1.0.

8.6
2020-08-11 CVE-2020-10783 Redhat Unspecified vulnerability in Redhat Cloudforms 4.7/5.0.0

Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege escalation flaw.

8.3
2020-08-14 CVE-2020-15145 Getcomposer Unspecified vulnerability in Getcomposer Composer-Setup

In Composer-Setup for Windows before version 6.0.0, if the developer's computer is shared with other users, a local attacker may be able to exploit the following scenarios.

8.2
2020-08-13 CVE-2020-12301 Intel Improper Initialization vulnerability in Intel products

Improper initialization in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access.

8.2
2020-08-13 CVE-2020-12300 Intel Access of Uninitialized Pointer vulnerability in Intel products

Uninitialized pointer in BIOS firmware for Intel(R) Server Board Families S2600CW, S2600KP, S2600TP, and S2600WT may allow a privileged user to potentially enable escalation of privilege via local access.

8.2
2020-08-13 CVE-2020-12299 Intel Improper Input Validation vulnerability in Intel products

Improper input validation in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access.

8.2
2020-08-13 CVE-2020-8722 Intel Classic Buffer Overflow vulnerability in Intel products

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access.

8.2
2020-08-13 CVE-2020-8721 Intel Improper Input Validation vulnerability in Intel products

Improper input validation for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access.

8.2
2020-08-13 CVE-2020-8719 Intel Classic Buffer Overflow vulnerability in Intel products

Buffer overflow in subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access.

8.2
2020-08-12 CVE-2020-17497 Intel Unspecified vulnerability in Intel Inet Wireless Daemon

eapol.c in iNet wireless daemon (IWD) through 1.8 allows attackers to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4.

8.1
2020-08-12 CVE-2020-13291 Gitlab Unspecified vulnerability in Gitlab 13.2.0/13.2.1/13.2.2

In GitLab before 13.2.3, project sharing could temporarily allow too permissive access.

8.1
2020-08-12 CVE-2020-6301 SAP Missing Authorization vulnerability in SAP HCM Travel Management

SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check.

8.1
2020-08-12 CVE-2020-6298 SAP Missing Authorization vulnerability in SAP Generic Market Data 400/450/500

SAP Banking Services (Generic Market Data), versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data (GMD) and change related GMD key figure values, due to Missing Authorization Check.

8.1
2020-08-11 CVE-2019-17339 Tibco Unspecified vulnerability in Tibco Silver Fabric

The VirtualRouter component of TIBCO Software Inc.'s TIBCO Silver Fabric contains a vulnerability that theoretically allows an attacker to inject scripts via URLs.

8.1
2020-08-11 CVE-2020-4486 IBM Unspecified vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to overwrite or delete arbitrary files due to a flaw after WinCollect installation.

8.1
2020-08-10 CVE-2020-9525 CS2 Network Insufficiently Protected Credentials vulnerability in Cs2-Network P2P

CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an authentication flaw that allows remote attackers to perform a man-in-the-middle attack, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices.

8.1
2020-08-14 CVE-2020-9767 Zoom Uncontrolled Search Path Element vulnerability in Zoom Sharing Service 5.0.4

A vulnerability related to Dynamic-link Library (“DLL”) loading in the Zoom Sharing Service would allow an attacker who had local access to a machine on which the service was running with elevated privileges to elevate their system privileges as well through use of a malicious DLL.

7.8
2020-08-14 CVE-2020-7583 Siemens Incorrect Authorization vulnerability in Siemens Automation License Manager

A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0.8).

7.8
2020-08-14 CVE-2020-22722 Rapidscada Unrestricted Upload of File with Dangerous Type vulnerability in Rapidscada Rapid Scada 5.8.0

Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege escalation vulnerability in the ScadaAgentSvc.exe executable file.

7.8
2020-08-14 CVE-2020-22721 Pnotes NET Project Unrestricted Upload of File with Dangerous Type vulnerability in Pnotes.Net Project Pnotes.Net 3.8.1.2

A File Upload Vulnerability in PNotes - Andrey Gruber PNotes.NET v3.8.1.2 allows a local attacker to execute arbitrary code via the Miscellaneous " External Programs by uploading the malicious .exe file to the external program.

7.8
2020-08-14 CVE-2020-17462 Cmsmadesimple Unrestricted Upload of File with Dangerous Type vulnerability in Cmsmadesimple CMS Made Simple 2.2.14

CMS Made Simple 2.2.14 allows Authenticated Arbitrary File Upload because the File Manager does not block .ptar files, a related issue to CVE-2017-16798.

7.8
2020-08-13 CVE-2019-20383 Abbyy Link Following vulnerability in Abbyy Finereader

ABBYY network license server in ABBYY FineReader 15 before Release 4 (aka 15.0.112.2130) allows escalation of privileges by local users via manipulations involving files and using symbolic links.

7.8
2020-08-13 CVE-2020-24346 F5 Use After Free vulnerability in F5 NJS

njs through 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c.

7.8
2020-08-13 CVE-2020-24345 Jerryscript Out-of-bounds Write vulnerability in Jerryscript

JerryScript through 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse("[]",a).

7.8
2020-08-13 CVE-2020-24343 Artifex Use After Free vulnerability in Artifex Mujs

Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c.

7.8
2020-08-13 CVE-2020-24342 LUA
Fedoraproject
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.

7.8
2020-08-13 CVE-2020-24331 Trousers Project
Fedoraproject
Improper Privilege Management vulnerability in multiple products

An issue was discovered in TrouSerS through 0.3.14.

7.8
2020-08-13 CVE-2020-24330 Trousers Project
Fedoraproject
Improper Privilege Management vulnerability in multiple products

An issue was discovered in TrouSerS through 0.3.14.

7.8
2020-08-13 CVE-2020-0261 Google Unspecified vulnerability in Google Android

In C2 flame devices, there is a possible bypass of seccomp due to a missing configuration file.

7.8
2020-08-13 CVE-2020-8687 Intel Uncontrolled Search Path Element vulnerability in Intel Rste Software Raid

Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2020-08-13 CVE-2020-8681 Intel Out-of-bounds Write vulnerability in Intel Graphics Drivers 14.40/15.33/15.33.49.5100

Out of bounds write in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2020-08-13 CVE-2020-0559 Intel Incorrect Permission Assignment for Critical Resource vulnerability in Intel products

Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8.1 before version 21.40.5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2020-08-13 CVE-2020-0555 Intel Improper Input Validation vulnerability in Intel products

Improper input validation for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2020-08-13 CVE-2020-0513 Intel Out-of-bounds Write vulnerability in Intel Graphics Drivers 14.40/15.33/15.33.49.5100

Out of bounds write for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2020-08-13 CVE-2020-0510 Intel Out-of-bounds Read vulnerability in Intel Graphics Drivers

Out of bounds read in some Intel(R) Graphics Drivers before versions 15.45.31.5127 and 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2020-08-13 CVE-2020-8763 Intel Incorrect Default Permissions vulnerability in Intel products

Improper permissions in the installer for the Intel(R) RealSense(TM) D400 Series UWP driver for Windows* 10 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2020-08-13 CVE-2020-8743 Intel Incorrect Default Permissions vulnerability in Intel Mailbox Interface Driver

Improper permissions in the installer for the Intel(R) Mailbox Interface driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2020-08-13 CVE-2020-8736 Intel Unspecified vulnerability in Intel Computing Improvement Program 2.1.03638/2.2.0.03942/2.4.0.04733

Improper access control in subsystem for the Intel(R) Computing Improvement Program before version 2.4.5718 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2020-08-13 CVE-2020-8729 Intel Classic Buffer Overflow vulnerability in Intel products

Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2020-08-13 CVE-2020-8714 Intel Improper Authentication vulnerability in Intel products

Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2020-08-13 CVE-2020-8712 Intel Classic Buffer Overflow vulnerability in Intel products

Buffer overflow in a verification process for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2020-08-13 CVE-2020-16303 Artifex
Debian
Canonical
Use After Free vulnerability in multiple products

A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file.

7.8
2020-08-13 CVE-2020-12287 Intel Incorrect Default Permissions vulnerability in Intel Distribution of Openvino Toolkit

Incorrect permissions in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2020.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.8
2020-08-12 CVE-2020-7374 Documalis Classic Buffer Overflow vulnerability in Documalis Free PDF Editor and Free PDF Scanner

Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not appropriately validate the contents of JPEG images contained within a PDF.

7.8
2020-08-12 CVE-2020-17360 Readytalk Integer Overflow or Wraparound vulnerability in Readytalk Avian 1.2.0

An issue was discovered in ReadyTalk Avian 1.2.0.

7.8
2020-08-12 CVE-2020-6295 SAP Incorrect Permission Assignment for Critical Resource vulnerability in SAP Adaptive Server Enterprise 16.0

Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log files leading to a compromise of the installed Cockpit.

7.8
2020-08-11 CVE-2020-0259 Google Unspecified vulnerability in Google Android

In android_verity_ctr of dm-android-verity.c, there is a possible way to modify a dm-verity protected filesystem due to improperly used crypto.

7.8
2020-08-11 CVE-2020-0257 Google Unspecified vulnerability in Google Android 10.0

In SpecializeCommon of com_android_internal_os_Zygote.cpp, there is a permissions bypass due to an incomplete cleanup.

7.8
2020-08-11 CVE-2020-0243 Google Improper Locking vulnerability in Google Android

In clearPropValue of MediaAnalyticsItem.cpp, there is a possible use-after-free due to improper locking.

7.8
2020-08-11 CVE-2020-0242 Google Improper Locking vulnerability in Google Android

In reset of NuPlayerDriver.cpp, there is a possible use-after-free due to improper locking.

7.8
2020-08-11 CVE-2020-0241 Google Double Free vulnerability in Google Android

In NuPlayerStreamListener of NuPlayerStreamListener.cpp, there is possible memory corruption due to a double free.

7.8
2020-08-11 CVE-2020-0108 Google Improper Handling of Exceptional Conditions vulnerability in Google Android 10.0/8.1/9.0

In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception.

7.8
2020-08-11 CVE-2020-14979 Evga
Winring0 Project
The WinRing0.sys and WinRing0x64.sys drivers 1.2.0 in EVGA Precision X1 through 1.0.6 allow local users, including low integrity processes, to read and write to arbitrary memory locations.
7.8
2020-08-11 CVE-2020-13177 Teradici Uncontrolled Search Path Element vulnerability in Teradici Graphics Agent and Pcoip Standard Agent

The support bundler in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior to 20.04.1 and 20.07.0 does not use hard coded paths for certain Windows binaries, which allows an attacker to gain elevated privileges via execution of a malicious binary placed in the system path.

7.8
2020-08-11 CVE-2020-17448 Telegram Incorrect Authorization vulnerability in Telegram Desktop

Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension.

7.8
2020-08-11 CVE-2020-17367 Firejail Project
Debian
Fedoraproject
Opensuse
Argument Injection or Modification vulnerability in multiple products

Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection.

7.8
2020-08-10 CVE-2020-9078 Huawei Unspecified vulnerability in Huawei Fusioncompute 8.0.0

FusionCompute 8.0.0 have local privilege escalation vulnerability.

7.8
2020-08-10 CVE-2020-15657 Mozilla Uncontrolled Search Path Element vulnerability in Mozilla Firefox

Firefox could be made to load attacker-supplied DLL files from the installation directory.

7.8
2020-08-10 CVE-2020-8224 Nextcloud Code Injection vulnerability in Nextcloud Desktop

A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arbitrary code when placing a malicious OpenSSL config into a fixed directory.

7.8
2020-08-10 CVE-2020-6070 F2Fs Tools Project
Fedoraproject
Incorrect Calculation of Buffer Size vulnerability in multiple products

An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0.

7.8
2020-08-13 CVE-2020-7304 Mcafee Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Data Loss Prevention

Cross site request forgery vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attacker to embed a CRSF script via adding a new label.

7.6
2020-08-14 CVE-2020-17475 Megvii Missing Authentication for Critical Function vulnerability in Megvii Koala Firmware 2.9.1C3S

Lack of authentication in the network relays used in MEGVII Koala 2.9.1-c3s allows attackers to grant physical access to anyone by sending packet data to UDP port 5000.

7.5
2020-08-14 CVE-2020-15694 NIM Lang Improper Input Validation vulnerability in Nim-Lang NIM

In Nim 1.2.4, the standard library httpClient fails to properly validate the server response.

7.5
2020-08-14 CVE-2020-9708 Adobe Path Traversal vulnerability in Adobe Git-Server

The resolveRepositoryPath function doesn't properly validate user input and a malicious user may traverse to any valid Git repository outside the repoRoot.

7.5
2020-08-14 CVE-2020-9228 Huawei Unspecified vulnerability in Huawei Fusioncompute 8.0.0

FusionCompute 8.0.0 has an information disclosure vulnerability.

7.5
2020-08-14 CVE-2019-19643 ISE Infinite Loop vulnerability in ISE Smart Connect KNX Vaillant 1.2.839

ise smart connect KNX Vaillant 1.2.839 contain a Denial of Service.

7.5
2020-08-13 CVE-2020-8688 Intel Improper Input Validation vulnerability in Intel Raid web Console 3 4.186/7.009.011.000/7.010.009.000

Improper input validation in the Intel(R) RAID Web Console 3 for Windows* may allow an unauthenticated user to potentially enable denial of service via network access.

7.5
2020-08-12 CVE-2020-15868 Sonatype Unspecified vulnerability in Sonatype Nexus Repository Manager

Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control.

7.5
2020-08-12 CVE-2020-16139 Cisco Unspecified vulnerability in Cisco Unified IP Conference Station 7937G Firmware 1.4.4.0/1.4.5.7

A denial-of-service in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers restart the device remotely through sending specially crafted packets.

7.5
2020-08-12 CVE-2020-16138 Cisco Unspecified vulnerability in Cisco Unified IP Conference Station 7937G Firmware 1.4.4.0/1.4.5.7

A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled.

7.5
2020-08-12 CVE-2020-12674 Dovecot
Debian
Canonical
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.

7.5
2020-08-12 CVE-2020-12673 Dovecot
Debian
Canonical
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read.

7.5
2020-08-12 CVE-2020-12100 Dovecot
Debian
Fedoraproject
Canonical
Uncontrolled Recursion vulnerability in multiple products

In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts.

7.5
2020-08-12 CVE-2020-6309 SAP Missing Authentication for Critical Function vulnerability in SAP Netweaver Application Server Java

SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service.

7.5
2020-08-12 CVE-2020-2232 Jenkins Cleartext Transmission of Sensitive Information vulnerability in Jenkins Email Extension 2.72/2.73

Jenkins Email Extension Plugin 2.72 and 2.73 transmits and displays the SMTP password in plain text as part of the global Jenkins configuration form, potentially resulting in its exposure.

7.5
2020-08-11 CVE-2020-17495 Django Celery Results Project Cleartext Storage of Sensitive Information vulnerability in Django-Celery-Results Project Django-Celery-Results

django-celery-results through 1.2.1 stores task results in the database.

7.5
2020-08-11 CVE-2020-17487 Radare
Fedoraproject
radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_parse_algorithmidentifier in libr/util/x509.c.
7.5
2020-08-11 CVE-2020-16170 Robotemi Use of Hard-coded Credentials vulnerability in Robotemi Temi 1.3.3/1.3.7931

Use of Hard-coded Credentials in temi Robox OS prior to 120, temi Android app up to 1.3.7931 allows remote attackers to listen in on any ongoing calls between temi robots and their users if they can brute-force/guess a six-digit value via unspecified vectors.

7.5
2020-08-11 CVE-2020-0254 Google Out-of-bounds Read vulnerability in Google Android

There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152647751

7.5
2020-08-11 CVE-2020-0251 Google Out-of-bounds Read vulnerability in Google Android

There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152647626

7.5
2020-08-11 CVE-2020-11976 Apache Files or Directories Accessible to External Parties vulnerability in Apache Fortress and Wicket

By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates.

7.5
2020-08-11 CVE-2020-13175 Teradici Inclusion of Functionality from Untrusted Control Sphere vulnerability in Teradici products

The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local file inclusion vulnerability which allows an unauthenticated remote attacker to leak LDAP credentials via a specially crafted HTTP request.

7.5
2020-08-10 CVE-2020-17478 P5 Crypt Perl Project Information Exposure Through Discrepancy vulnerability in P5-Crypt-Perl Project P5-Crypt-Perl

ECDSA/EC/Point.pm in Crypt::Perl before 0.33 does not properly consider timing attacks against the EC point multiplication algorithm.

7.5
2020-08-10 CVE-2020-9528 Hichip Use of a Broken or Risky Cryptographic Algorithm vulnerability in Hichip Shenzhen Hichip Vision Technology Firmware 11.4.8.1.120170926

Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from cryptographic issues that allow remote attackers to access user session data, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices.

7.5
2020-08-10 CVE-2020-12780 Combodo Incorrect Authorization vulnerability in Combodo Itop

A security misconfiguration exists in Combodo iTop, which can expose sensitive information.

7.5
2020-08-10 CVE-2020-12777 Combodo Information Exposure vulnerability in Combodo Itop

A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information.

7.5
2020-08-10 CVE-2020-15647 Mozilla Information Exposure vulnerability in Mozilla Firefox

A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins.

7.4
2020-08-13 CVE-2020-7360 Philips Uncontrolled Search Path Element vulnerability in Philips Smartcontrol 4.3.15

An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path.

7.3
2020-08-14 CVE-2020-16205 Geutebrueck OS Command Injection vulnerability in Geutebrueck products

Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5).

7.2
2020-08-12 CVE-2020-13290 Gitlab Improper Authentication vulnerability in Gitlab

In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page

7.2
2020-08-13 CVE-2020-24344 Jerryscript Out-of-bounds Read vulnerability in Jerryscript

JerryScript through 2.3.0 has a (function({a=arguments}){const arguments}) buffer over-read.

7.1
2020-08-11 CVE-2020-9404 Pactware Insufficiently Protected Credentials vulnerability in Pactware

In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stored in an insecure manner, and may be modified by an attacker with no knowledge of the current passwords.

7.1
2020-08-11 CVE-2020-8918 Google Improper Initialization vulnerability in Google Go-Tpm

An improperly initialized 'migrationAuth' value in Google's go-tpm TPM1.2 library versions prior to 0.3.0 can lead an eavesdropping attacker to discover the auth value for a key created with CreateWrapKey.

7.1
2020-08-11 CVE-2020-14296 Redhat Server-Side Request Forgery (SSRF) vulnerability in Redhat Cloudforms Management Engine 4.7/5.0

Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw.

7.1
2020-08-10 CVE-2020-13293 Gitlab Unspecified vulnerability in Gitlab

In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override an existing hash.

7.1
2020-08-13 CVE-2020-8680 Intel Race Condition vulnerability in Intel Graphics Drivers

Race condition in some Intel(R) Graphics Drivers before version 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access.

7.0
2020-08-13 CVE-2020-0554 Intel Race Condition vulnerability in Intel products

Race condition in software installer for some Intel(R) Wireless Bluetooth(R) products on Windows* 7, 8.1 and 10 may allow an unprivileged user to potentially enable escalation of privilege via local access.

7.0
2020-08-11 CVE-2020-0238 Google Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android

In updatePreferenceIntents of AccountTypePreferenceLoader, there is a possible confused deputy attack due to a race condition.

7.0

152 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-08-11 CVE-2020-0256 Google
Debian
Out-of-bounds Write vulnerability in multiple products

In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check.

6.8
2020-08-11 CVE-2020-9244 Huawei Unspecified vulnerability in Huawei products

HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability.

6.8
2020-08-13 CVE-2020-11733 Spirent OS Command Injection vulnerability in Spirent Avalanche and Testcenter

An issue was discovered on Spirent TestCenter and Avalanche appliance admin interface firmware.

6.7
2020-08-13 CVE-2020-8684 Intel Unspecified vulnerability in Intel Acceleration Stack 1.0/1.1/1.2

Improper access control in firmware for Intel(R) PAC with Arria(R) 10 GX FPGA before Intel Acceleration Stack version 1.2.1 may allow a privileged user to potentially enable escalation of privilege via local access.

6.7
2020-08-13 CVE-2020-8759 Intel Unspecified vulnerability in Intel SSD Data Center Tool 3.0.17

Improper access control in the installer for Intel(R) SSD DCT versions before 3.0.23 may allow a privileged user to potentially enable escalation of privilege via local access.

6.7
2020-08-13 CVE-2020-8742 Intel Improper Input Validation vulnerability in Intel products

Improper input validation in the firmware for Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.

6.7
2020-08-13 CVE-2020-8733 Intel Unspecified vulnerability in Intel M10Jnp2Sb Firmware 7.209

Improper buffer restrictions in the firmware for Intel(R) Server Board M10JNP2SB before version 7.210 may allow a privileged user to potentially enable escalation of privilege via local access.

6.7
2020-08-13 CVE-2020-8711 Intel Unspecified vulnerability in Intel products

Improper access control in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via local access.

6.7
2020-08-13 CVE-2020-8710 Intel Classic Buffer Overflow vulnerability in Intel products

Buffer overflow in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via local access.

6.7
2020-08-12 CVE-2020-15596 HP Uncontrolled Search Path Element vulnerability in HP products

The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file.

6.7
2020-08-11 CVE-2020-13178 Teradici Insufficient Verification of Data Authenticity vulnerability in Teradici Graphics Agent and Pcoip Standard Agent

A function in the Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to version 20.04.1 does not properly validate the signature of an external binary, which could allow an attacker to gain elevated privileges via execution in the context of the PCoIP Agent process.

6.7
2020-08-16 CVE-2016-11085 Expresstech Cross-site Scripting vulnerability in Expresstech Quiz and Survey Master

php/qmn_options_questions_tab.php in the quiz-master-next plugin before 4.7.9 for WordPress allows CSRF, with resultant stored XSS, via the question_name parameter because js/admin_question.js mishandles parsing inside of a SCRIPT element.

6.5
2020-08-14 CVE-2020-15693 NIM Lang Injection vulnerability in Nim-Lang NIM

In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF injection in the target URL.

6.5
2020-08-14 CVE-2019-5591 Fortinet Missing Authentication for Critical Function vulnerability in Fortinet Fortios

A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.

6.5
2020-08-13 CVE-2020-17498 Wireshark
Fedoraproject
Opensuse
Oracle
Double Free vulnerability in multiple products

In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash.

6.5
2020-08-13 CVE-2020-13281 Gitlab Resource Exhaustion vulnerability in Gitlab

For GitLab before 13.0.12, 13.1.6, 13.2.3 a denial of service exists in the project import feature

6.5
2020-08-13 CVE-2020-13280 Gitlab Resource Exhaustion vulnerability in Gitlab

For GitLab before 13.0.12, 13.1.6, 13.2.3 a memory exhaustion flaw exists due to excessive logging of an invite email error message.

6.5
2020-08-13 CVE-2020-8689 Intel Unspecified vulnerability in Intel Inet Wireless Daemon

Improper buffer restrictions in the Intel(R) Wireless for Open Source before version 1.5 may allow an unauthenticated user to potentially enable denial of service via adjacent access.

6.5
2020-08-13 CVE-2019-14620 Intel Unspecified vulnerability in Intel products

Insufficient control flow management for some Intel(R) Wireless Bluetooth(R) products may allow an unprivileged user to potentially enable denial of service via adjacent access.

6.5
2020-08-13 CVE-2020-7305 Mcafee Improper Privilege Management vulnerability in Mcafee Data Loss Prevention

Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows a low privileged remote attacker to create new rule sets via incorrect validation of user credentials.

6.5
2020-08-12 CVE-2020-8905 Google Classic Buffer Overflow vulnerability in Google Asylo

A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to.

6.5
2020-08-12 CVE-2020-6293 SAP Unrestricted Upload of File with Dangerous Type vulnerability in SAP Netweaver Knowledge Management

SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to upload a malicious file and also to access, modify or make unavailable existing files but the impact is limited to the files themselves and is restricted by other policies such as access control lists and other upload file size restrictions, leading to Unrestricted File Upload.

6.5
2020-08-12 CVE-2020-2235 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Pipeline Maven Integration

A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline Maven Integration Plugin 3.8.2 and earlier allows attackers to connect to an attacker-specified JDBC URL using attacker-specified credentials IDs obtained through another method, potentially capturing credentials stored in Jenkins.

6.5
2020-08-12 CVE-2020-2234 Jenkins Missing Authorization vulnerability in Jenkins Pipeline Maven Integration

A missing permission check in Jenkins Pipeline Maven Integration Plugin 3.8.2 and earlier allows users with Overall/Read access to connect to an attacker-specified JDBC URL using attacker-specified credentials IDs obtained through another method, potentially capturing credentials stored in Jenkins.

6.5
2020-08-12 CVE-2020-2233 Jenkins Incorrect Authorization vulnerability in Jenkins Pipeline Maven Integration

A missing permission check in Jenkins Pipeline Maven Integration Plugin 3.8.2 and earlier allows users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.

6.5
2020-08-11 CVE-2020-10779 Redhat Authorization Bypass Through User-Controlled Key vulnerability in Redhat Cloudforms 4.7/5.0.0

Red Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level access control bypass due to missing privilege check.

6.5
2020-08-11 CVE-2020-4485 IBM Unspecified vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar 7.2.0 through 7.2.9 could allow an authenticated user to disable the Wincollect service which could aid an attacker in bypassing security mechanisms in future attacks.

6.5
2020-08-10 CVE-2020-15662 Mozilla Unspecified vulnerability in Mozilla Firefox

A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file.

6.5
2020-08-10 CVE-2020-15661 Mozilla Insufficiently Protected Credentials vulnerability in Mozilla Firefox

A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain.

6.5
2020-08-10 CVE-2020-15658 Mozilla
Canonical
Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products

The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog.

6.5
2020-08-10 CVE-2020-15655 Mozilla
Opensuse
Canonical
A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information.
6.5
2020-08-10 CVE-2020-15654 Mozilla
Canonical
Infinite Loop vulnerability in multiple products

When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not.

6.5
2020-08-10 CVE-2020-15653 Mozilla
Canonical
An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links.
6.5
2020-08-10 CVE-2020-15652 Mozilla
Canonical
Origin Validation Error vulnerability in multiple products

By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect.

6.5
2020-08-10 CVE-2020-15648 Mozilla Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox

Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header.

6.5
2020-08-13 CVE-2020-7302 Mcafee Unrestricted Upload of File with Dangerous Type vulnerability in Mcafee Data Loss Prevention

Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management section via lack of sanity checking.

6.4
2020-08-13 CVE-2020-8723 Intel Cross-site Scripting vulnerability in Intel products

Cross-site scripting for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

6.3
2020-08-12 CVE-2020-7300 Mcafee Incorrect Authorization vulnerability in Mcafee Data Loss Prevention

Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attackers to change the configuration when logged in with view only privileges via carefully constructed HTTP post messages.

6.3
2020-08-11 CVE-2020-10780 Redhat Improper Neutralization of Formula Elements in a CSV File vulnerability in Redhat Cloudforms Management Engine 4.7/5.0

Red Hat CloudForms 4.7 and 5 is affected by CSV Injection flaw, a crafted payload stays dormant till a victim export as CSV and opens the file with Excel.

6.3
2020-08-14 CVE-2020-12648 Tiny Cross-site Scripting vulnerability in Tiny Tinymce

A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlier allows remote attackers to inject arbitrary web script when configured in classic editing mode.

6.1
2020-08-14 CVE-2019-7410 Galileo CMS Project Cross-site Scripting vulnerability in Galileo CMS Project Galileo CMS 0.042

There is stored cross site scripting (XSS) in Galileo CMS v0.042.

6.1
2020-08-14 CVE-2019-6112 Graphpaperpress Cross-site Scripting vulnerability in Graphpaperpress Sell Media

A Cross-site scripting (XSS) vulnerability in /inc/class-search.php in the Sell Media plugin v2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the keyword parameter (aka $search_term or the Search field).

6.1
2020-08-12 CVE-2020-17450 PHP Fusion Cross-site Scripting vulnerability in PHP-Fusion 9.0/9.00/9.03

PHP-Fusion 9.03 allows XSS on the preview page.

6.1
2020-08-12 CVE-2020-17362 Themeinprogress Cross-site Scripting vulnerability in Themeinprogress Nova Lite

search.php in the Nova Lite theme before 1.3.9 for WordPress allows Reflected XSS.

6.1
2020-08-12 CVE-2020-13278 Rosariosis Cross-site Scripting vulnerability in Rosariosis Student Information System

Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System < 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET request.

6.1
2020-08-12 CVE-2020-16145 Roundcube
Fedoraproject
Cross-site Scripting vulnerability in multiple products

Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document.

6.1
2020-08-11 CVE-2020-15071 Getsymphony Cross-site Scripting vulnerability in Getsymphony Symphony 3.0.0

content/content.blueprintsevents.php in Symphony CMS 3.0.0 allows XSS via fields['name'] to appendSubheading.

6.1
2020-08-11 CVE-2020-13176 Teradici Cross-site Scripting vulnerability in Teradici products

The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 24, 2020 (v16 and earlier for the Cloud Access Connector) contains a stored cross-site scripting (XSS) vulnerability which allows a remote unauthenticated attacker to poison log files with malicious JavaScript via the login page which is executed when an administrator views the logs within the application.

6.1
2020-08-11 CVE-2020-13174 Teradici Improper Restriction of Rendered UI Layers or Frames vulnerability in Teradici Pcoip Management Console 20.01.1/20.04

The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set the X-Frame-Options HTTP header, which could allow an attacker to trick a user into clicking a malicious link via clickjacking.

6.1
2020-08-10 CVE-2020-16278 Carson Saint Cross-site Scripting vulnerability in Carson-Saint Saint Security Suite 8.0/9.8.20

A cross-site scripting (XSS) vulnerability in the Permissions component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link.

6.1
2020-08-10 CVE-2020-16275 Carson Saint Cross-site Scripting vulnerability in Carson-Saint Saint Security Suite 8.0/9.8.20

A cross-site scripting (XSS) vulnerability in the Credential Manager component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link.

6.1
2020-08-10 CVE-2020-15139 Mybb Cross-site Scripting vulnerability in Mybb

In MyBB before version 1.8.24, the custom MyCode (BBCode) for the visual editor doesn't escape input properly when rendering HTML, resulting in a DOM-based XSS vulnerability.

6.1
2020-08-10 CVE-2020-17480 Tiny Cross-site Scripting vulnerability in Tiny Tinymce

TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor.

6.1
2020-08-10 CVE-2020-17476 Mibew Cross-site Scripting vulnerability in Mibew Messenger

Mibew Messenger before 3.2.7 allows XSS via a crafted user name.

6.1
2020-08-10 CVE-2020-4541 IBM Cross-site Scripting vulnerability in IBM Jazz Reporting Service 7.0/7.0.1

IBM Jazz Reporting Service 7.0 and 7.0.1 is vulnerable to cross-site scripting.

6.1
2020-08-10 CVE-2020-4539 IBM Cross-site Scripting vulnerability in IBM Jazz Reporting Service

IBM Jazz Reporting Service 6.0.2, 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to cross-site scripting.

6.1
2020-08-10 CVE-2020-4533 IBM Cross-site Scripting vulnerability in IBM Jazz Reporting Service 6.0.6/6.0.6.1/7.0

IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting.

6.1
2020-08-10 CVE-2020-12778 Combodo Cross-site Scripting vulnerability in Combodo Itop

Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack.

6.1
2020-08-11 CVE-2020-10778 Redhat Incorrect Resource Transfer Between Spheres vulnerability in Redhat Cloudforms 4.7/5.0.0

In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attribute from the fields since there is no server-side validation.

6.0
2020-08-14 CVE-2020-17473 Zkteco Insufficient Session Expiration vulnerability in Zkteco Facedepot 7B Firmware and Zkbiosecurity Server

Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server.

5.9
2020-08-12 CVE-2020-15137 Horndis Project Integer Overflow or Wraparound vulnerability in Horndis Project Horndis

All versions of HoRNDIS are affected by an integer overflow in the RNDIS packet parsing routines.

5.9
2020-08-10 CVE-2020-9526 CS2 Network Cleartext Transmission of Sensitive Information vulnerability in Cs2-Network P2P

CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an information exposure flaw that exposes user session data to supernodes in the network, as demonstrated by passively eavesdropping on user video/audio streams, capturing credentials, and compromising devices.

5.9
2020-08-11 CVE-2020-8911 Amazon Use of a Broken or Risky Cryptographic Algorithm vulnerability in Amazon AWS S3 Crypto SDK 1/2

A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2.

5.6
2020-08-13 CVE-2020-24349 F5 Use After Free vulnerability in F5 NJS

njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c.

5.5
2020-08-13 CVE-2020-24348 F5 Out-of-bounds Read vulnerability in F5 NJS

njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c.

5.5
2020-08-13 CVE-2020-24347 F5 Out-of-bounds Read vulnerability in F5 NJS

njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c.

5.5
2020-08-13 CVE-2020-24332 Trustedcomputinggroup
Fedoraproject
Link Following vulnerability in multiple products

An issue was discovered in TrouSerS through 0.3.14.

5.5
2020-08-13 CVE-2020-8720 Intel Classic Buffer Overflow vulnerability in Intel products

Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable denial of service via local access.

5.5
2020-08-13 CVE-2020-8683 Intel Unspecified vulnerability in Intel Graphics Drivers 14.40/15.33/15.33.49.5100

Improper buffer restrictions in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access.

5.5
2020-08-13 CVE-2020-8682 Intel Out-of-bounds Read vulnerability in Intel Graphics Drivers 14.40/15.33/15.33.49.5100

Out of bounds read in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access.

5.5
2020-08-13 CVE-2020-8679 Intel Out-of-bounds Write vulnerability in Intel Graphics Drivers

Out-of-bounds write in Kernel Mode Driver for some Intel(R) Graphics Drivers before version 26.20.100.7755 may allow an authenticated user to potentially enable denial of service via local access.

5.5
2020-08-13 CVE-2020-0512 Intel Improper Handling of Exceptional Conditions vulnerability in Intel Graphics Drivers 14.40/15.33/15.33.49.5100

Uncaught exception in the system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access.

5.5
2020-08-13 CVE-2020-8717 Intel Improper Input Validation vulnerability in Intel products

Improper input validation in a subsystem for some Intel Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service via local access.

5.5
2020-08-13 CVE-2020-8716 Intel Unspecified vulnerability in Intel products

Improper access control for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service via local access.

5.5
2020-08-13 CVE-2020-8715 Intel Release of Invalid Pointer or Reference vulnerability in Intel products

Invalid pointer for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable denial of service via local access.

5.5
2020-08-13 CVE-2020-17538 Artifex
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16310 Artifex
Debian
Canonical
Divide By Zero vulnerability in multiple products

A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16309 Artifex
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file.

5.5
2020-08-13 CVE-2020-16308 Artifex
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16307 Artifex
Debian
Canonical
NULL Pointer Dereference vulnerability in multiple products

A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file.

5.5
2020-08-13 CVE-2020-16306 Artifex
Debian
Canonical
NULL Pointer Dereference vulnerability in multiple products

A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file.

5.5
2020-08-13 CVE-2020-16305 Artifex
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16304 Artifex
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted eps file.

5.5
2020-08-13 CVE-2020-16302 Artifex
Debian
Canonical
Classic Buffer Overflow vulnerability in multiple products

A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16301 Artifex
Debian
Canonical
Classic Buffer Overflow vulnerability in multiple products

A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16300 Artifex
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16299 Artifex
Debian
Canonical
Divide By Zero vulnerability in multiple products

A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16298 Artifex
Debian
Canonical
Classic Buffer Overflow vulnerability in multiple products

A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16297 Artifex
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16296 Artifex
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16295 Artifex
Debian
Canonical
NULL Pointer Dereference vulnerability in multiple products

A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16294 Artifex
Debian
Canonical
Classic Buffer Overflow vulnerability in multiple products

A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16293 Artifex
Debian
Canonical
NULL Pointer Dereference vulnerability in multiple products

A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16292 Artifex
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16291 Artifex
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16290 Artifex
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16289 Artifex
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16288 Artifex
Debian
Canonical
Classic Buffer Overflow vulnerability in multiple products

A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-13 CVE-2020-16287 Artifex
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.

5.5
2020-08-12 CVE-2020-17361 Readytalk Improper Handling of Exceptional Conditions vulnerability in Readytalk Avian 1.2.0

An issue was discovered in ReadyTalk Avian 1.2.0.

5.5
2020-08-11 CVE-2020-0258 Google Incomplete Cleanup vulnerability in Google Android 10.0

In stopZygoteLocked of AppZygote.java, there is an insufficient cleanup.

5.5
2020-08-11 CVE-2020-0250 Google Missing Authorization vulnerability in Google Android 10.0

In requestCellInfoUpdateInternal of PhoneInterfaceManager.java, there is a missing permission check.

5.5
2020-08-11 CVE-2020-0249 Google Unspecified vulnerability in Google Android

In postInstantAppNotif of InstantAppNotifier.java, there is a possible permission bypass due to a PendingIntent error.

5.5
2020-08-11 CVE-2020-0248 Google Unspecified vulnerability in Google Android 10.0

In postInstantAppNotif of InstantAppNotifier.java, there is a possible permission bypass due to a PendingIntent error.

5.5
2020-08-11 CVE-2020-0247 Google Infinite Loop vulnerability in Google Android 10.0/8.0/8.1

In Threshold::getHistogram of ImageProcessHelper.java, there is a possible crash loop due to an uncaught exception.

5.5
2020-08-11 CVE-2020-0239 Google Missing Authorization vulnerability in Google Android 10.0/9.0

In getDocumentMetadata of DocumentsContract.java, there is a possible disclosure of location metadata from a file due to a permissions bypass.

5.5
2020-08-11 CVE-2020-9403 Pactware Insufficiently Protected Credentials vulnerability in Pactware

In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stored in a recoverable format, and may be retrieved by any user with access to the PACTware workstation.

5.5
2020-08-11 CVE-2020-13179 Teradici Improper Cross-boundary Removal of Sensitive Data vulnerability in Teradici Graphics Agent and Pcoip Standard Agent

Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confidential information from a memory dump via forcing a crashing during the single sign-on procedure.

5.5
2020-08-10 CVE-2020-9245 Huawei Unspecified vulnerability in Huawei P30 Firmware and P30 PRO Firmware

HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability.

5.5
2020-08-10 CVE-2020-9243 Huawei Uncontrolled Recursion vulnerability in Huawei Mate 30 Firmware

HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability.

5.5
2020-08-10 CVE-2020-15650 Mozilla Unspecified vulnerability in Mozilla Firefox ESR

Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile).

5.5
2020-08-10 CVE-2020-15649 Mozilla Unrestricted Upload of File with Dangerous Type vulnerability in Mozilla Firefox ESR

Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked.

5.5
2020-08-10 CVE-2020-8229 Nextcloud Memory Leak vulnerability in Nextcloud Desktop

A memory leak in the OCUtil.dll library used by Nextcloud Desktop Client 2.6.4 can lead to a DoS against the host system.

5.5
2020-08-13 CVE-2020-13285 Gitlab Cross-site Scripting vulnerability in Gitlab

For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting (XSS) vulnerability exists in the issue reference number tooltip.

5.4
2020-08-13 CVE-2020-13283 Gitlab Cross-site Scripting vulnerability in Gitlab

For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issues list via milestone title.

5.4
2020-08-12 CVE-2020-17449 PHP Fusion Cross-site Scripting vulnerability in PHP-Fusion 9.0/9.00/9.03

PHP-Fusion 9.03 allows XSS via the error_log file.

5.4
2020-08-12 CVE-2020-2236 Jenkins Cross-site Scripting vulnerability in Jenkins YET Another Build Visualizer

Jenkins Yet Another Build Visualizer Plugin 1.11 and earlier does not escape tooltip content, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Run/Update permission.

5.4
2020-08-12 CVE-2020-2231 Jenkins Cross-site Scripting vulnerability in Jenkins

Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the remote address of the host starting a build via 'Trigger builds remotely', resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Job/Configure permission or knowledge of the Authentication Token.

5.4
2020-08-12 CVE-2020-2230 Jenkins Cross-site Scripting vulnerability in Jenkins

Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the project naming strategy description, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Overall/Manage permission.

5.4
2020-08-12 CVE-2020-2229 Jenkins Cross-site Scripting vulnerability in Jenkins

Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the tooltip content of help icons, resulting in a stored cross-site scripting (XSS) vulnerability.

5.4
2020-08-12 CVE-2020-17372 Sugarcrm Cross-site Scripting vulnerability in Sugarcrm

SugarCRM before 10.1.0 (Q3 2020) allows XSS.

5.4
2020-08-12 CVE-2020-16266 Mantisbt Cross-site Scripting vulnerability in Mantisbt

An XSS issue was discovered in MantisBT before 2.24.2.

5.4
2020-08-11 CVE-2020-15597 Soplanning Cross-site Scripting vulnerability in Soplanning

SOPlanning 1.46.01 allows persistent XSS via the Project Name, Statutes Comment, Places Comment, or Resources Comment field.

5.4
2020-08-11 CVE-2020-10777 Redhat Cross-site Scripting vulnerability in Redhat Cloudforms 4.7/5.0.0

A cross-site scripting flaw was found in Report Menu feature of Red Hat CloudForms 4.7 and 5.

5.4
2020-08-10 CVE-2020-13294 Gitlab Unspecified vulnerability in Gitlab

In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application.

5.4
2020-08-10 CVE-2020-12779 Combodo Cross-site Scripting vulnerability in Combodo Itop 2.7.0

Combodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script.

5.4
2020-08-14 CVE-2015-8033 Textpattern Weak Password Requirements vulnerability in Textpattern 4.5.7

In Textpattern 4.5.7, the password-reset feature does not securely tether a hash to a user account.

5.3
2020-08-14 CVE-2015-8032 Textpattern Improper Privilege Management vulnerability in Textpattern 4.5.7

In Textpattern 4.5.7, an unprivileged author can change an article's markup setting.

5.3
2020-08-12 CVE-2020-17507 QT
Debian
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1.

5.3
2020-08-12 CVE-2020-17373 Sugarcrm SQL Injection vulnerability in Sugarcrm

SugarCRM before 10.1.0 (Q3 2020) allows SQL Injection.

5.3
2020-08-13 CVE-2020-7307 Mcafee Insufficiently Protected Credentials vulnerability in Mcafee Data Loss Prevention

Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials.

5.2
2020-08-13 CVE-2020-7306 Mcafee Insufficiently Protected Credentials vulnerability in Mcafee Data Loss Prevention

Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the ADRMS username and password via unprotected log files containing plain text

5.2
2020-08-12 CVE-2020-13288 Gitlab Cross-site Scripting vulnerability in Gitlab

In GitLab before 13.0.12, 13.1.6, and 13.2.3, a stored XSS vulnerability exists in the CI/CD Jobs page

4.8
2020-08-12 CVE-2020-6300 SAP Cross-site Scripting vulnerability in SAP Businessobjects Business Intelligence Platform 4.2/4.3

SAP Business Objects Business Intelligence Platform (Central Management Console), versions- 4.2, 4.3, allows an attacker with administrator rights can use the web application to send malicious code to a different end user (victim), as it does not sufficiently encode user-controlled inputs for RecycleBin, resulting in Stored Cross-Site Scripting (XSS) vulnerability.

4.8
2020-08-13 CVE-2019-14630 Intel Unspecified vulnerability in Intel products

Reliance on untrusted inputs in a security decision in some Intel(R) Thunderbolt(TM) controllers may allow unauthenticated user to potentially enable information disclosure via physical access.

4.6
2020-08-12 CVE-2020-7301 Mcafee Cross-site Scripting vulnerability in Mcafee Data Loss Prevention

Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to trigger alerts via the file upload tab in the DLP case management section.

4.6
2020-08-14 CVE-2020-9229 Huawei Unspecified vulnerability in Huawei Fusioncompute 8.0.0

FusionCompute 8.0.0 has an information disclosure vulnerability.

4.4
2020-08-13 CVE-2020-8685 Intel Improper Authentication vulnerability in Intel LED Manager for NUC

Improper authentication in subsystem for Intel (R) LED Manager for NUC before version 1.2.3 may allow privileged user to potentially enable denial of service via local access.

4.4
2020-08-13 CVE-2020-0553 Intel Out-of-bounds Read vulnerability in Intel products

Out-of-bounds read in kernel mode driver for some Intel(R) Wireless Bluetooth(R) products on Windows* 10, may allow a privileged user to potentially enable information disclosure via local access.

4.4
2020-08-12 CVE-2020-6297 SAP Unspecified vulnerability in SAP Data Intelligence 3.0

Under certain conditions the upgrade of SAP Data Hub 2.7 to SAP Data Intelligence, version - 3.0, allows an attacker to access confidential system configuration information, that should otherwise be restricted, leading to Information Disclosure.

4.4
2020-08-13 CVE-2020-14483 Tridium Unspecified vulnerability in Tridium Niagara and Niagara Enterprise Security

A timeout during a TLS handshake can result in the connection failing to terminate.

4.3
2020-08-13 CVE-2020-13286 Gitlab Server-Side Request Forgery (SSRF) vulnerability in Gitlab

For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings can be modified to result in Server Side Request Forgery.

4.3
2020-08-13 CVE-2019-4582 IBM Path Traversal vulnerability in IBM Maximo Asset Management 7.6.0.0/7.6.0.1

IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to traverse directories on the system.

4.3
2020-08-12 CVE-2020-6310 SAP Unspecified vulnerability in SAP Abap Platform and Netweaver Application Server Abap

Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP users, leading to Information Disclosure.

4.3
2020-08-12 CVE-2020-6299 SAP Unspecified vulnerability in SAP Abap Platform and Netweaver Application Server Abap

SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 740, 750, 751, 752, 753, 754, 755, allows a business user to access the list of users in the given system using value help, leading to Information Disclosure.

4.3
2020-08-12 CVE-2020-6273 SAP Missing Authorization vulnerability in SAP S/4 Hana Fiori UI for General Ledger Accounting 103/104

SAP S/4 HANA (Fiori UI for General Ledger Accounting), versions 103, 104, does not perform necessary authorization checks for an authenticated user working with attachment service, allowing the attacker to delete attachments due to Missing Authorization Check.

4.3
2020-08-12 CVE-2020-2237 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Flaky Test Handler

A cross-site request forgery (CSRF) vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision.

4.3
2020-08-11 CVE-2020-17489 Gnome
Debian
Canonical
Opensuse
Insufficiently Protected Credentials vulnerability in multiple products

An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4.

4.3
2020-08-11 CVE-2020-14313 Redhat Unspecified vulnerability in Redhat Quay

An information disclosure vulnerability was found in Red Hat Quay in versions before 3.3.1.

4.3
2020-08-10 CVE-2020-15651 Mozilla Unspecified vulnerability in Mozilla Firefox

A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension.

4.3
2020-08-14 CVE-2020-15141 Openapi Python Client Project Unspecified vulnerability in Openapi-Python-Client Project Openapi-Python-Client

In openapi-python-client before version 0.5.3, there is a path traversal vulnerability.

4.1
2020-08-13 CVE-2020-7303 Mcafee Cross-site Scripting vulnerability in Mcafee Data Loss Prevention

Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote user to trigger scripts to run in a user's browser via adding a new label.

4.1

5 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-08-12 CVE-2020-6653 Eaton Information Exposure Through Log Files vulnerability in Eaton Secureconnect 1.7.3

Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app.

3.9
2020-08-11 CVE-2020-16092 Qemu
Debian
Canonical
Opensuse
Reachable Assertion vulnerability in multiple products

In QEMU through 5.0.0, an assertion failure can occur in the network packet processing.

3.8
2020-08-13 CVE-2020-13282 Gitlab Improper Preservation of Permissions vulnerability in Gitlab

For GitLab before 13.0.12, 13.1.6, 13.2.3 after a group transfer occurs, members from a parent group keep their access level on the subgroup leading to improper access.

3.5
2020-08-12 CVE-2020-2035 Paloaltonetworks Unspecified vulnerability in Paloaltonetworks Pan-Os

When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on the decrypted HTTPS web transactions but does not consider Server Name Indication (SNI) field within the TLS Client Hello handshake.

3.0
2020-08-11 CVE-2020-8912 Amazon Use of a Broken or Risky Cryptographic Algorithm vulnerability in Amazon AWS S3 Crypto SDK 1/2

A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2.

2.5