Weekly Vulnerabilities Reports > August 31 to September 6, 2020

Overview

322 new vulnerabilities reported during this period, including 29 critical vulnerabilities and 74 high severity vulnerabilities. This weekly summary report vulnerabilities in 317 products from 153 vendors including Os4Ed, Google, Cisco, IBM, and Jenkins. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Improper Input Validation", "Incorrect Authorization", and "Path Traversal".

  • 250 reported vulnerabilities are remotely exploitables.
  • 11 reported vulnerabilities have public exploit available.
  • 118 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 217 reported vulnerabilities are exploitable by an anonymous user.
  • Os4Ed has the most reported vulnerabilities, with 28 reported vulnerabilities.
  • Redlion has the most reported critical vulnerabilities, with 4 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

29 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-02 CVE-2020-13802 Erlang Unspecified vulnerability in Erlang Rebar3

Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification.

10.0
2020-09-02 CVE-2020-24355 Zyxel Incorrect Permission Assignment for Critical Resource vulnerability in Zyxel Vmg5313-B30B Firmware

Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by insecure permissions which allows regular and other users to create new users with elevated privileges.

10.0
2020-09-04 CVE-2020-24987 Tendacn Improper Authentication vulnerability in Tendacn Ac18 Firmware

Tenda AC18 Router through V15.03.05.05_EN and through V15.03.05.19(6318) CN devices could cause a remote code execution due to incorrect authentication handling of vulnerable logincheck() function in /usr/lib/lua/ngx_authserver/ngx_wdas.lua file if the administrator UI Interface is set to "radius".

9.8
2020-09-01 CVE-2020-16204 Redlion Hidden Functionality vulnerability in Redlion N-Tron 702-W Firmware and N-Tron 702M12-W Firmware

The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all versions).

9.8
2020-09-01 CVE-2020-7727 Gedi Project Unspecified vulnerability in Gedi Project Gedi

All versions of package gedi are vulnerable to Prototype Pollution via the set function.

9.8
2020-09-01 CVE-2020-7726 Safe Object2 Project Unspecified vulnerability in Safe-Object2 Project Safe-Object2

All versions of package safe-object2 are vulnerable to Prototype Pollution via the setter function.

9.8
2020-09-01 CVE-2020-7725 Guidesmiths Unspecified vulnerability in Guidesmiths Worksmith

All versions of package worksmith are vulnerable to Prototype Pollution via the setValue function.

9.8
2020-09-01 CVE-2020-7724 Tiny Conf Project Unspecified vulnerability in Tiny-Conf Project Tiny-Conf

All versions of package tiny-conf are vulnerable to Prototype Pollution via the set function.

9.8
2020-09-01 CVE-2020-7723 Yola Unspecified vulnerability in Yola Promisehelpers

All versions of package promisehelpers are vulnerable to Prototype Pollution via the insert function.

9.8
2020-09-01 CVE-2020-7722 Nodee Utils Project Unspecified vulnerability in Nodee-Utils Project Nodee-Utils

All versions of package nodee-utils are vulnerable to Prototype Pollution via the deepSet function.

9.8
2020-09-01 CVE-2020-7721 Node Oojs Project Unspecified vulnerability in Node-Oojs Project Node-Oojs

All versions of package node-oojs are vulnerable to Prototype Pollution via the setPath function.

9.8
2020-09-01 CVE-2020-7719 Locutus Unspecified vulnerability in Locutus

Versions of package locutus before 2.0.12 are vulnerable to prototype Pollution via the php.strings.parse_str function.

9.8
2020-09-01 CVE-2020-7718 Gammautils Project Unspecified vulnerability in Gammautils Project Gammautils

All versions of package gammautils are vulnerable to Prototype Pollution via the deepSet and deepMerge functions.

9.8
2020-09-01 CVE-2020-7717 DOT Notes Project Unspecified vulnerability in Dot-Notes Project Dot-Notes

All versions of package dot-notes are vulnerable to Prototype Pollution via the create function.

9.8
2020-09-01 CVE-2020-7716 Invertase Unspecified vulnerability in Invertase Deeps

All versions of package deeps are vulnerable to Prototype Pollution via the set function.

9.8
2020-09-01 CVE-2020-7715 Deep GET SET Project Unspecified vulnerability in Deep-Get-Set Project Deep-Get-Set

All versions of package deep-get-set are vulnerable to Prototype Pollution via the main function.

9.8
2020-09-01 CVE-2020-7714 Realseriousgames Unspecified vulnerability in Realseriousgames Confucious

All versions of package confucious are vulnerable to Prototype Pollution via the set function.

9.8
2020-09-01 CVE-2020-7713 ARR Flatten Unflatten Project Unspecified vulnerability in Arr-Flatten-Unflatten Project Arr-Flatten-Unflatten

All versions of package arr-flatten-unflatten are vulnerable to Prototype Pollution via the constructor.

9.8
2020-08-31 CVE-2020-24786 Zohocorp Improper Authentication vulnerability in Zohocorp products

An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer before build number 12136, ADAudit Plus before build number 6052, O365 Manager Plus before build number 4334, Cloud Security Plus before build number 4110, ADManager Plus before build number 7055, and Log360 before build number 5166.

9.8
2020-08-31 CVE-2020-24115 Online Book Store Project Use of Hard-coded Credentials vulnerability in Online Book Store Project Online Book Store 1.0

In projectworlds Online Book Store 1.0 Use of Hard-coded Credentials in source code leads to admin panel access.

9.8
2020-09-04 CVE-2020-4545 IBM Untrusted Search Path vulnerability in IBM Aspera Connect 3.9.8/3.9.9

IBM Aspera Connect 3.9.9 could allow a remote attacker to execute arbitrary code on the system, caused by improper loading of Dynamic Link Libraries by the import feature.

9.3
2020-09-01 CVE-2020-16208 Redlion Cross-Site Request Forgery (CSRF) vulnerability in Redlion N-Tron 702-W Firmware and N-Tron 702M12-W Firmware

The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link on the N-Tron 702-W / 702M12-W (all versions).

9.3
2020-09-04 CVE-2020-24986 Concretecms Unrestricted Upload of File with Dangerous Type vulnerability in Concretecms Concrete CMS

Concrete5 up to and including 8.5.2 allows Unrestricted Upload of File with Dangerous Type such as a .php file via File Manager.

9.0
2020-09-03 CVE-2020-24949 PHP Fusion Improper Privilege Management vulnerability in PHP-Fusion 9.03.50

Privilege escalation in PHP-Fusion 9.03.50 downloads/downloads.php allows an authenticated user (not admin) to send a crafted request to the server and perform remote command execution (RCE).

9.0
2020-09-02 CVE-2020-25079 Dlink Unspecified vulnerability in Dlink Dcs-2530L Firmware and Dcs-2670L Firmware

An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices.

9.0
2020-09-01 CVE-2020-16210 Redlion Cross-site Scripting vulnerability in Redlion N-Tron 702-W Firmware and N-Tron 702M12-W Firmware

The affected product is vulnerable to reflected cross-site scripting, which may allow an attacker to remotely execute arbitrary code and perform actions in the context of an attacked user on the N-Tron 702-W / 702M12-W (all versions).

9.0
2020-09-01 CVE-2020-16206 Redlion Cross-site Scripting vulnerability in Redlion N-Tron 702-W Firmware and N-Tron 702M12-W Firmware

The affected product is vulnerable to stored cross-site scripting, which may allow an attacker to remotely execute arbitrary code to gain access to sensitive data on the N-Tron 702-W / 702M12-W (all versions).

9.0
2020-09-01 CVE-2020-24034 Sagemcom Deserialization of Untrusted Data vulnerability in Sagemcom F@St 5280 Router Firmware 1.150.61

Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecure deserialization that allows any authenticated user to perform a privilege escalation to any other user.

9.0
2020-09-01 CVE-2020-12776 Openfind Incorrect Authorization vulnerability in Openfind Mail2000 7.0

Openfind Mail2000 contains Broken Access Control vulnerability, which can be used to execute unauthorized commands after attackers obtain the administrator access token or cookie.

9.0

74 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-04 CVE-2020-3495 Cisco Improper Input Validation vulnerability in Cisco Jabber

A vulnerability in Cisco Jabber for Windows could allow an authenticated, remote attacker to execute arbitrary code.

8.8
2020-09-04 CVE-2020-3430 Cisco OS Command Injection vulnerability in Cisco Jabber

A vulnerability in the application protocol handling features of Cisco Jabber for Windows could allow an unauthenticated, remote attacker to execute arbitrary commands.

8.8
2020-09-02 CVE-2020-15094 Sensiolabs
Fedoraproject
Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products

In Symfony before versions 4.4.13 and 5.1.5, the CachingHttpClient class from the HttpClient Symfony component relies on the HttpCache class to handle requests.

8.8
2020-09-01 CVE-2020-2241 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Database

A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to connect to an attacker-specified database server using attacker-specified credentials.

8.8
2020-09-01 CVE-2020-2240 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Database

A cross-site request forgery (CSRF) vulnerability in Jenkins database Plugin 1.6 and earlier allows attackers to execute arbitrary SQL scripts.

8.8
2020-09-04 CVE-2020-3530 Cisco Incorrect Authorization vulnerability in Cisco IOS XR

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local attacker to execute that command, even though administrative privileges should be required.

8.4
2020-09-01 CVE-2020-17405 Senstar Deserialization of Untrusted Data vulnerability in Senstar Symphony 7.3.2.2

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Senstar Symphony 7.3.2.2.

8.3
2020-08-31 CVE-2020-24363 TP Link Missing Authentication for Critical Function vulnerability in Tp-Link Tl-Wa855Re Firmware 20200415

TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot.

8.3
2020-09-04 CVE-2020-3478 Cisco Improper Input Validation vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure

A vulnerability in the REST API of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to overwrite certain files that should be restricted on an affected device.

8.1
2020-09-02 CVE-2020-16602 Razer Race Condition vulnerability in Razer Chroma SDK

Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers to execute arbitrary programs because there is a race condition in which a file created under "%PROGRAMDATA%\Razer Chroma\SDK\Apps" can be replaced before it is executed by the server.

8.1
2020-09-04 CVE-2019-3881 Bundler Uncontrolled Search Path Element vulnerability in Bundler

Bundler prior to 2.1.0 uses a predictable path in /tmp/, created with insecure permissions as a storage location for gems, if locations under the user's home directory are not available.

7.8
2020-08-31 CVE-2020-25065 Google Information Exposure Through Discrepancy vulnerability in Google Android

An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software.

7.8
2020-09-03 CVE-2020-9199 Huawei Code Injection vulnerability in Huawei products

B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerability.

7.7
2020-09-04 CVE-2019-20916 Pypa
Opensuse
Debian
Oracle
Path Traversal vulnerability in multiple products

The pip package before 19.2 for Python allows Directory Traversal when a URL is given in an install command, because a Content-Disposition header can have ../ in a filename, as demonstrated by overwriting the /root/.ssh/authorized_keys file.

7.5
2020-09-04 CVE-2020-24659 GNU
Fedoraproject
Opensuse
Canonical
NULL Pointer Dereference vulnerability in multiple products

An issue was discovered in GnuTLS before 3.6.15.

7.5
2020-09-04 CVE-2020-7730 Bestzip Project Command Injection vulnerability in Bestzip Project Bestzip

The package bestzip before 2.1.7 are vulnerable to Command Injection via the options param.

7.5
2020-09-04 CVE-2020-25023 Noise Java Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Noise-Java Project Noise-Java 20161008/20190813/20200827

An issue was discovered in Noise-Java through 2020-08-27.

7.5
2020-09-04 CVE-2020-25022 Noise Java Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Noise-Java Project Noise-Java 20161008/20190813/20200827

An issue was discovered in Noise-Java through 2020-08-27.

7.5
2020-09-04 CVE-2020-25021 Noise Java Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Noise-Java Project Noise-Java 20161008/20190813/20200827

An issue was discovered in Noise-Java through 2020-08-27.

7.5
2020-09-04 CVE-2020-24978 Nasm Double Free vulnerability in Nasm Netwide Assembler 2.15.04

In NASM 2.15.04rc3, there is a double-free vulnerability in pp_tokline asm/preproc.c.

7.5
2020-09-03 CVE-2020-25006 Heybbs Project SQL Injection vulnerability in Heybbs Project Heybbs 1.2

Heybbs v1.2 has a SQL injection vulnerability in login.php file via the username parameter which may allow a remote attacker to execute arbitrary code.

7.5
2020-09-03 CVE-2020-25005 Heybbs Project SQL Injection vulnerability in Heybbs Project Heybbs 1.2

Heybbs v1.2 has a SQL injection vulnerability in msg.php file via the ID parameter which may allow a remote attacker to execute arbitrary code.

7.5
2020-09-03 CVE-2020-25004 Heybbs Project SQL Injection vulnerability in Heybbs Project Heybbs 1.2

Heybbs v1.2 has a SQL injection vulnerability in user.php file via the ID parameter which may allow a remote attacker to execute arbitrary code.

7.5
2020-09-03 CVE-2020-1891 Whatsapp Out-of-bounds Write vulnerability in Whatsapp

A user controlled parameter used in video call in WhatsApp for Android prior to v2.20.17, WhatsApp Business for Android prior to v2.20.7, WhatsApp for iPhone prior to v2.20.20, and WhatsApp Business for iPhone prior to v2.20.20 could have allowed an out-of-bounds write on 32-bit devices.

7.5
2020-09-03 CVE-2020-1889 Whatsapp Unspecified vulnerability in Whatsapp Desktop

A security feature bypass issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed for sandbox escape in Electron and escalation of privilege if combined with a remote code execution vulnerability inside the sandboxed renderer process.

7.5
2020-09-03 CVE-2020-24193 Daily Tracker System Project SQL Injection vulnerability in Daily Tracker System Project Daily Tracker System 1.0

A SQL injection vulnerability in login in Sourcecodetester Daily Tracker System 1.0 allows unauthenticated user to execute authentication bypass with SQL injection via the email parameter.

7.5
2020-09-03 CVE-2020-11579 Chadhaajay Missing Authentication for Critical Function vulnerability in Chadhaajay PHPkb 9.0

An issue was discovered in Chadha PHPKB 9.0 Enterprise Edition.

7.5
2020-09-02 CVE-2020-4693 IBM Improper Input Validation vulnerability in IBM Spectrum Protect Operations Center

IBM Spectrum Protect Operations Center 7.1.0.000 through 7.1.10 and 8.1.0.000 through 8.1.9 may allow an attacker to execute arbitrary code on the system, caused by improper validation of data prior to export.

7.5
2020-09-02 CVE-2020-24030 Forlogic Operation on a Resource after Expiration or Release vulnerability in Forlogic Qualiex 1.0/3.0

ForLogic Qualiex v1 and v3 has weak token expiration.

7.5
2020-09-02 CVE-2020-24029 Forlogic Improper Authentication vulnerability in Forlogic Qualiex 1.0/3.0

Because of unauthenticated password changes in ForLogic Qualiex v1 and v3, customer and admin permissions and data can be accessed via a simple request.

7.5
2020-09-02 CVE-2020-25078 Dlink Unspecified vulnerability in Dlink Dcs-2530L Firmware and Dcs-2670L Firmware

An issue was discovered on D-Link DCS-2530L before 1.06.01 Hotfix and DCS-2670L through 2.02 devices.

7.5
2020-09-01 CVE-2020-6151 Accusoft Incorrect Type Conversion or Cast vulnerability in Accusoft Imagegear 19.7.0

A memory corruption vulnerability exists in the TIFF handle_COMPRESSION_PACKBITS functionality of Accusoft ImageGear 19.7.

7.5
2020-09-01 CVE-2020-6144 Os4Ed Code Injection vulnerability in Os4Ed Opensis 7.4

A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4.

7.5
2020-09-01 CVE-2020-6143 Os4Ed Code Injection vulnerability in Os4Ed Opensis 7.4

A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4.

7.5
2020-09-01 CVE-2020-6142 Os4Ed Path Traversal vulnerability in Os4Ed Opensis 7.3

A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3.

7.5
2020-09-01 CVE-2020-6140 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3.

7.5
2020-09-01 CVE-2020-6139 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3.

7.5
2020-09-01 CVE-2020-6138 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3.

7.5
2020-09-01 CVE-2020-6137 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3.

7.5
2020-09-01 CVE-2020-5777 Magmi Project Improper Authentication vulnerability in Magmi Project Magmi

MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure.

7.5
2020-09-01 CVE-2020-25069 Usvn Unspecified vulnerability in Usvn

USVN (aka User-friendly SVN) before 1.0.10 allows attackers to execute arbitrary code in the commit view.

7.5
2020-09-01 CVE-2020-6141 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

An exploitable SQL injection vulnerability exists in the login functionality of OS4Ed openSIS 7.3.

7.5
2020-09-01 CVE-2020-15150 Duffel Code Injection vulnerability in Duffel Paginator

There is a vulnerability in Paginator (Elixir/Hex package) which makes it susceptible to Remote Code Execution (RCE) attacks via input parameters to the paginate() function.

7.5
2020-09-01 CVE-2020-24584 Djangoproject
Canonical
Fedoraproject
Oracle
Incorrect Default Permissions vulnerability in multiple products

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used).

7.5
2020-09-01 CVE-2020-24583 Djangoproject
Canonical
Fedoraproject
Oracle
Incorrect Default Permissions vulnerability in multiple products

An issue was discovered in Django 2.2 before 2.2.16, 3.0 before 3.0.10, and 3.1 before 3.1.1 (when Python 3.7+ is used).

7.5
2020-08-31 CVE-2020-25062 Google Improper Privilege Management vulnerability in Google Android 10.0/9.0

An issue was discovered on LG mobile devices with Android OS 9 and 10 software.

7.5
2020-08-31 CVE-2020-25061 Google Unspecified vulnerability in Google Android 10.0/9.0

An issue was discovered on LG mobile devices with Android OS 9 and 10 software on the VZW network.

7.5
2020-08-31 CVE-2020-25058 Google Unspecified vulnerability in Google Android

An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9, and 10 software.

7.5
2020-08-31 CVE-2020-25057 Google Unspecified vulnerability in Google Android 10.0

An issue was discovered on LG mobile devices with Android OS 10 software.

7.5
2020-08-31 CVE-2020-25055 Google Incorrect Authorization vulnerability in Google Android

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software.

7.5
2020-08-31 CVE-2020-25053 Google Unspecified vulnerability in Google Android 10.0

An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software.

7.5
2020-08-31 CVE-2020-25052 Google Improper Input Validation vulnerability in Google Android 10.0

An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software.

7.5
2020-08-31 CVE-2020-25049 Google Incorrect Authorization vulnerability in Google Android 10.0/9.0

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software.

7.5
2020-08-31 CVE-2020-7522 Schneider Electric Path Traversal vulnerability in Schneider-Electric APC Easy UPS Online Software 2.0

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `SoundUploadServlet` which may lead to uploading executable files to non-specified directories.

7.5
2020-08-31 CVE-2020-7521 Schneider Electric Path Traversal vulnerability in Schneider-Electric APC Easy UPS Online Software 2.0

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method of `FileUploadServlet` which may lead to uploading executable files to non-specified directories.

7.5
2020-09-01 CVE-2020-7720 Digitalbazaar Unspecified vulnerability in Digitalbazaar Forge

The package node-forge before 0.10.0 is vulnerable to Prototype Pollution via the util.setPath function.

7.3
2020-09-04 CVE-2020-23834 Realtimelogic Incorrect Permission Assignment for Critical Resource vulnerability in Realtimelogic Barracudadrive 6.5

Insecure Service File Permissions in the bd service in Real Time Logic BarracudaDrive v6.5 allow local attackers to escalate privileges to admin by replacing the %SYSTEMDRIVE%\bd\bd.exe file.

7.2
2020-09-04 CVE-2020-3473 Cisco Incorrect Authorization vulnerability in Cisco IOS XR

A vulnerability in task group assignment for a specific CLI command in Cisco IOS XR Software could allow an authenticated, local CLI shell user to elevate privileges and gain full administrative control of the device.

7.2
2020-09-03 CVE-2020-25042 Maracms Unrestricted Upload of File with Dangerous Type vulnerability in Maracms 7.5

An arbitrary file upload issue exists in Mara CMS 7.5.

7.2
2020-09-03 CVE-2019-10679 Thomsonreuters Incorrect Default Permissions vulnerability in Thomsonreuters Eikon 4.0.42144

Thomson Reuters Eikon 4.0.42144 allows all local users to modify the service executable file because of weak %PROGRAMFILES(X86)%\Thomson Reuters\Eikon permissions.

7.2
2020-09-02 CVE-2020-5379 Dell Unspecified vulnerability in Dell Inspiron 7352 Bios

Dell Inspiron 7352 BIOS versions prior to A12 contain a UEFI BIOS Boot Services overwrite vulnerability.

7.2
2020-09-02 CVE-2020-5378 Dell Use After Free vulnerability in Dell G7 17 7790 Bios

Dell G7 17 7790 BIOS versions prior to 1.13.2 contain a UEFI BIOS Boot Services overwrite vulnerability.

7.2
2020-09-02 CVE-2020-5376 Dell Use After Free vulnerability in Dell Inspiron 7347 Bios

Dell Inspiron 7347 BIOS versions prior to A13 contain a UEFI BIOS Boot Services overwrite vulnerability.

7.2
2020-09-01 CVE-2020-24955 Superantispyware Improper Privilege Management vulnerability in Superantispyware Professional X

SUPERAntiSyware Professional X Trial 10.0.1206 is vulnerable to local privilege escalation because it allows unprivileged users to restore a malicious DLL from quarantine into the system32 folder via an NTFS directory junction, as demonstrated by a crafted ualapi.dll file that is detected as malware.

7.2
2020-09-01 CVE-2020-24559 Trendmicro Link Following vulnerability in Trendmicro products

A vulnerability in Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services on macOS may allow an attacker to manipulate a certain binary to load and run a script from a user-writable folder, which then would allow them to execute arbitrary code as root.

7.2
2020-09-01 CVE-2020-24557 Trendmicro Unspecified vulnerability in Trendmicro Apex ONE and Worry-Free Business Security

A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation.

7.2
2020-09-01 CVE-2020-24556 Trendmicro Link Following vulnerability in Trendmicro products

A vulnerability in Trend Micro Apex One, OfficeScan XG SP1, Worry-Free Business Security 10 SP1 and Worry-Free Business Security Services on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution.

7.2
2020-09-01 CVE-2020-8023 Opensuse Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in Opensuse Openldap2 2.4.260.74.13/2.4.4118.71.2/2.4.469.31.1

A acceptance of Extraneous Untrusted Data With Trusted Data vulnerability in the start script of openldap2 of SUSE Enterprise Storage 5, SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SECURITY, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8; openSUSE Leap 15.1, openSUSE Leap 15.2 allows local attackers to escalate privileges from user ldap to root.

7.2
2020-08-31 CVE-2020-13471 Apexmic Unspecified vulnerability in Apexmic Apm32F103 Firmware

Apex Microelectronics APM32F103 devices allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration.

7.2
2020-08-31 CVE-2020-13466 ST Unspecified vulnerability in ST Stm32F103 Firmware

STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration.

7.2
2020-08-31 CVE-2020-11618 Thomsonstb
Philips
THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes have their TELNET service hardcoded to start on boot, which allows an attacker on the local network to achieve root access via the TELNET protocol.
7.2
2020-08-31 CVE-2020-25031 Canonical Link Following vulnerability in Canonical Checkinstall 1.6.2

checkinstall 1.6.2, when used to create a package that contains a symlink, may trigger the creation of a mode 0777 executable file.

7.2
2020-09-03 CVE-2020-7729 Gruntjs
Debian
Canonical
Insecure Default Initialization of Resource vulnerability in multiple products

The package grunt before 1.3.0 are vulnerable to Arbitrary Code Execution due to the default usage of the function load() instead of its secure replacement safeLoad() of the package js-yaml inside grunt.file.readYAML.

7.1
2020-09-01 CVE-2020-2245 Jenkins XXE vulnerability in Jenkins Valgrind

Jenkins Valgrind Plugin 0.28 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

7.1

174 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-04 CVE-2020-12248 Foxitsoftware Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can execute arbitrary code via a heap-based buffer overflow because dirty image-resource data is mishandled.

6.8
2020-09-04 CVE-2020-3453 Cisco Improper Input Validation vulnerability in Cisco products

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user.

6.8
2020-09-04 CVE-2020-1911 Facebook Type Confusion vulnerability in Facebook Hermes

A type confusion vulnerability when resolving properties of JavaScript objects with specially-crafted prototype chains in Facebook Hermes prior to commit fe52854cdf6725c2eaa9e125995da76e6ceb27da allows attackers to potentially execute arbitrary code via crafted JavaScript.

6.8
2020-09-03 CVE-2020-24999 Xpdfreader Out-of-bounds Write vulnerability in Xpdfreader Xpdf 4.0.2

There is an invalid memory access in the function fprintf located in Error.cc in Xpdf 4.0.2.

6.8
2020-09-03 CVE-2020-24996 Xpdfreader Improper Initialization vulnerability in Xpdfreader Xpdf 4.0.2

There is an invalid memory access in the function TextString::~TextString() located in Catalog.cc in Xpdf 4.0.2.

6.8
2020-09-03 CVE-2020-1894 Whatsapp Out-of-bounds Write vulnerability in Whatsapp

A stack write overflow in WhatsApp for Android prior to v2.20.35, WhatsApp Business for Android prior to v2.20.20, WhatsApp for iPhone prior to v2.20.30, and WhatsApp Business for iPhone prior to v2.20.30 could have allowed arbitrary code execution when playing a specially crafted push to talk message.

6.8
2020-09-03 CVE-2020-1886 Whatsapp Classic Buffer Overflow vulnerability in Whatsapp

A buffer overflow in WhatsApp for Android prior to v2.20.11 and WhatsApp Business for Android prior to v2.20.2 could have allowed an out-of-bounds write via a specially crafted video stream after receiving and answering a malicious video call.

6.8
2020-09-03 CVE-2020-25125 Gnupg
Gpg4Win
Classic Buffer Overflow vulnerability in multiple products

GnuPG 2.2.21 and 2.2.22 (and Gpg4win 3.1.12) has an array overflow, leading to a crash or possibly unspecified other impact, when a victim imports an attacker's OpenPGP key, and this key has AEAD preferences.

6.8
2020-09-03 CVE-2020-7381 Rapid7 Code Injection vulnerability in Rapid7 Nexpose

In Rapid7 Nexpose installer versions prior to 6.6.40, the Nexpose installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine.

6.8
2020-09-03 CVE-2020-5420 Cloudfoundry Improper Check for Unusual or Exceptional Conditions vulnerability in Cloudfoundry Cf-Deployment

Cloud Foundry Routing (Gorouter) versions prior to 0.206.0 allow a malicious developer with "cf push" access to cause denial-of-service to the CF cluster by pushing an app that returns specially crafted HTTP responses that crash the Gorouters.

6.8
2020-09-02 CVE-2020-7830 Raonwiz Improper Input Validation vulnerability in Raonwiz Raon Kupload

RAONWIZ v2018.0.2.50 and earlier versions contains a vulnerability that could allow remote files to be downloaded by lack of validation.

6.8
2020-09-01 CVE-2020-6152 Accusoft Out-of-bounds Write vulnerability in Accusoft Imagegear 19.7.0

A code execution vulnerability exists in the DICOM parse_dicom_meta_info functionality of Accusoft ImageGear 19.7.

6.8
2020-09-01 CVE-2020-5776 Magmi Project Cross-Site Request Forgery (CSRF) vulnerability in Magmi Project Magmi

Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens.

6.8
2020-09-01 CVE-2020-25070 Usvn Cross-Site Request Forgery (CSRF) vulnerability in Usvn

USVN (aka User-friendly SVN) before 1.0.10 allows CSRF, related to the lack of the SameSite Strict feature.

6.8
2020-09-01 CVE-2020-23836 Oswapp Cross-Site Request Forgery (CSRF) vulnerability in Oswapp Warehouse Inventory System 20200810

A Cross-Site Request Forgery (CSRF) vulnerability in edit_user.php in OSWAPP Warehouse Inventory System (aka OSWA-INV) through 2020-08-10 allows remote attackers to change the admin's password after an authenticated admin visits a third-party site.

6.8
2020-09-04 CVE-2020-3545 Cisco Out-of-bounds Write vulnerability in Cisco Firepower Extensible Operating System

A vulnerability in Cisco FXOS Software could allow an authenticated, local attacker with administrative credentials to cause a buffer overflow condition.

6.7
2020-09-04 CVE-2020-14008 Zohocorp Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Applications Manager

Zoho ManageEngine Applications Manager 14710 and before allows an authenticated admin user to upload a vulnerable jar in a specific location, which leads to remote code execution.

6.5
2020-09-04 CVE-2020-3547 Cisco Insufficiently Protected Credentials vulnerability in Cisco Asyncos

A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA), Cisco Content Security Management Appliance (SMA), and Cisco Web Security Appliance (WSA) could allow an authenticated, remote attacker to access sensitive information on an affected device.

6.5
2020-09-04 CVE-2020-3498 Cisco Improper Input Validation vulnerability in Cisco Jabber

A vulnerability in Cisco Jabber software could allow an authenticated, remote attacker to gain access to sensitive information.

6.5
2020-09-04 CVE-2020-3365 Cisco Path Traversal vulnerability in Cisco Enterprise Network Function Virtualization Infrastructure

A vulnerability in the directory permissions of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, remote attacker to perform a directory traversal attack on a limited set of restricted directories.

6.5
2020-09-04 CVE-2020-24977 Xmlsoft
Debian
Fedoraproject
Opensuse
Netapp
Oracle
Out-of-bounds Read vulnerability in multiple products

GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c.

6.5
2020-09-03 CVE-2020-24948 Autoptimize Unrestricted Upload of File with Dangerous Type vulnerability in Autoptimize

The ao_ccss_import AJAX call in Autoptimize Wordpress Plugin 2.7.6 does not ensure that the file provided is a legitimate Zip file, allowing high privilege users to upload arbitrary files, such as PHP, leading to remote command execution.

6.5
2020-09-03 CVE-2020-4638 IBM Improper Privilege Management vulnerability in IBM API Connect

IBM API Connect's API Manager 2018.4.1.0 through 2018.4.1.12 is vulnerable to privilege escalation.

6.5
2020-09-02 CVE-2020-5369 Dell Incorrect Permission Assignment for Critical Resource vulnerability in Dell EMC Isilon Onefs and EMC Powerscale Onefs

Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability.

6.5
2020-09-02 CVE-2020-24028 Forlogic Incorrect Permission Assignment for Critical Resource vulnerability in Forlogic Qualiex 1.0/3.0

ForLogic Qualiex v1 and v3 allows any authenticated customer to achieve privilege escalation via user creations, password changes, or user permission updates.

6.5
2020-09-02 CVE-2020-15811 Squid Cache
Canonical
Debian
Fedoraproject
Opensuse
Incorrect Comparison vulnerability in multiple products

An issue was discovered in Squid before 4.13 and 5.x before 5.0.4.

6.5
2020-09-02 CVE-2020-15810 Squid Cache
Canonical
Debian
Fedoraproject
Opensuse
HTTP Request Smuggling vulnerability in multiple products

An issue was discovered in Squid before 4.13 and 5.x before 5.0.4.

6.5
2020-09-02 CVE-2020-14209 Dolibarr Unrestricted Upload of File with Dangerous Type vulnerability in Dolibarr

Dolibarr before 11.0.5 allows low-privilege users to upload files of dangerous types, leading to arbitrary code execution.

6.5
2020-09-01 CVE-2020-6136 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

An exploitable SQL injection vulnerability exists in the DownloadWindow.php functionality of OS4Ed openSIS 7.3.

6.5
2020-09-01 CVE-2020-6135 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

An exploitable SQL injection vulnerability exists in the Validator.php functionality of OS4Ed openSIS 7.3.

6.5
2020-09-01 CVE-2020-23829 Librehealth Unrestricted Upload of File with Dangerous Type vulnerability in Librehealth EHR 2.0.0

interface/new/new_comprehensive_save.php in LibreHealth EHR 2.0.0 suffers from an authenticated file upload vulnerability, allowing remote attackers to achieve remote code execution (RCE) on the hosting webserver by uploading a maliciously crafted image.

6.5
2020-09-01 CVE-2012-3336 IBM
Linux
SQL Injection vulnerability in IBM Infosphere Guardium 8.0/8.01/8.2

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to SQL injection.

6.5
2020-09-01 CVE-2020-6134 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerabilities exist in the ID parameters of OS4Ed openSIS 7.3 pages.

6.5
2020-09-01 CVE-2020-6133 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerabilities exist in the ID parameters of OS4Ed openSIS 7.3 pages.

6.5
2020-09-01 CVE-2020-6132 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerability exists in the ID parameters of OS4Ed openSIS 7.3 pages.

6.5
2020-09-01 CVE-2020-6128 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3.

6.5
2020-09-01 CVE-2020-6127 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3.

6.5
2020-09-01 CVE-2020-6126 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3.

6.5
2020-09-01 CVE-2020-6125 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

An exploitable SQL injection vulnerability exists in the GetSchool.php functionality of OS4Ed openSIS 7.3.

6.5
2020-09-01 CVE-2020-6124 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3.

6.5
2020-09-01 CVE-2020-6131 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerabilities exist in the course_period_id parameters used in OS4Ed openSIS 7.3 pages.

6.5
2020-09-01 CVE-2020-6130 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerabilities exist in the course_period_id parameters used in OS4Ed openSIS 7.3 pages.

6.5
2020-09-01 CVE-2020-6129 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerabilities exist in the course_period_id parameters used in OS4Ed openSIS 7.3 pages.

6.5
2020-09-01 CVE-2020-6123 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed openSIS 7.3.

6.5
2020-09-01 CVE-2020-6122 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3.

6.5
2020-09-01 CVE-2020-6121 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3.

6.5
2020-09-01 CVE-2020-6120 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3.

6.5
2020-09-01 CVE-2020-6119 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3.

6.5
2020-09-01 CVE-2020-6118 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3.

6.5
2020-09-01 CVE-2020-6117 Os4Ed SQL Injection vulnerability in Os4Ed Opensis 7.3

SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3.

6.5
2020-09-01 CVE-2020-2250 Jenkins Missing Encryption of Sensitive Data vulnerability in Jenkins Soapui PRO Functional Testing

Jenkins SoapUI Pro Functional Testing Plugin 1.3 and earlier stores project passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by attackers with Extended Read permission, or access to the Jenkins controller file system.

6.5
2020-09-01 CVE-2020-2247 Jenkins XXE vulnerability in Jenkins Klocwork Analysis

Jenkins Klocwork Analysis Plugin 2020.2.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

6.5
2020-09-01 CVE-2020-2242 Jenkins Missing Authorization vulnerability in Jenkins Database

A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials.

6.5
2020-08-31 CVE-2020-24354 Zyxel Code Injection vulnerability in Zyxel Vmg5313-B30B Firmware 5.11(Abcu.1)C0/5.13(Abcj.6)B31127

Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by shell injection.

6.5
2020-08-31 CVE-2020-7526 APC Improper Input Validation vulnerability in APC Powerchute 9.0.1.606

Improper Input Validation vulnerability exists in PowerChute Business Edition (software V9.0.x and earlier) which could cause remote code execution when a script is executed during a shutdown event.

6.5
2020-08-31 CVE-2020-25054 Samsung Improper Input Validation vulnerability in Samsung Exynos

An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets).

6.4
2020-09-02 CVE-2020-24553 Golang
Fedoraproject
Opensuse
Oracle
Cross-site Scripting vulnerability in multiple products

Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header.

6.1
2020-09-01 CVE-2020-23839 GET Simple Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.16

A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the login form.

6.1
2020-09-01 CVE-2020-23835 Tailor Management System Project Cross-site Scripting vulnerability in Tailor Management System Project Tailor Management System 1.0

A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Tailor Management System v1.0 allows remote attackers to harvest keys pressed by an unauthenticated victim who clicks on a malicious URL and begins typing.

6.1
2020-09-01 CVE-2020-2248 Jenkins Cross-site Scripting vulnerability in Jenkins Jsgames 0.1/0.2

Jenkins JSGames Plugin 0.2 and earlier evaluates part of a URL as code, resulting in a reflected cross-site scripting (XSS) vulnerability.

6.1
2020-08-31 CVE-2020-25033 Blubrry Cross-site Scripting vulnerability in Blubrry Subscribe Sidebar 1.3.1

The Blubrry subscribe-sidebar (aka Subscribe Sidebar) plugin 1.3.1 for WordPress allows subscribe_sidebar.php&status= reflected XSS.

6.1
2020-09-01 CVE-2020-13946 Apache
Netapp
Exposure of Resource to Wrong Sphere vulnerability in multiple products

In Apache Cassandra, all versions prior to 2.1.22, 2.2.18, 3.0.22, 3.11.8 and 4.0-beta2, it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface.

5.9
2020-09-04 CVE-2020-12247 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts.

5.8
2020-09-04 CVE-2020-11493 Foxitsoftware Insufficient Verification of Data Authenticity vulnerability in Foxitsoftware Phantompdf

In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information about an uninitialized object because of direct transformation from PDF Object to Stream without concern for a crafted XObject.

5.8
2020-09-02 CVE-2020-23830 Stock Management System Project Cross-Site Request Forgery (CSRF) vulnerability in Stock Management System Project Stock Management System 1.0

A Cross-Site Request Forgery (CSRF) vulnerability in changeUsername.php in SourceCodester Stock Management System v1.0 allows remote attackers to deny future logins by changing an authenticated victim's username when they visit a third-party site.

5.8
2020-09-01 CVE-2020-25067 Netgear Injection vulnerability in Netgear R8300 Firmware

NETGEAR R8300 devices before 1.0.2.134 are affected by command injection by an unauthenticated attacker.

5.8
2020-08-31 CVE-2020-13593 TI Incorrect Authorization vulnerability in TI Simplelink-Cc2640R2 Software Development KIT 2.2.3

The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation in Texas Instruments SimpleLink SIMPLELINK-CC2640R2-SDK through 2.2.3 allows the Diffie-Hellman check during the Secure Connection pairing to be skipped if the Link Layer encryption setup is performed earlier.

5.8
2020-09-04 CVE-2020-3537 Cisco Information Exposure vulnerability in Cisco Jabber

A vulnerability in Cisco Jabber for Windows software could allow an authenticated, remote attacker to gain access to sensitive information.

5.7
2020-09-03 CVE-2020-14373 Artifex
Redhat
Use After Free vulnerability in multiple products

A use after free was found in igc_reloc_struct_ptr() of psi/igc.c of ghostscript-9.25.

5.5
2020-09-02 CVE-2020-8576 Netapp Incorrect Authorization vulnerability in Netapp Clustered Data Ontap 9.3/9.5/9.6

Clustered Data ONTAP versions prior to 9.3P19, 9.5P14, 9.6P9 and 9.7 are susceptible to a vulnerability which when successfully exploited could lead to addition or modification of data or disclosure of sensitive information.

5.5
2020-09-02 CVE-2020-16150 ARM
Fedoraproject
Debian
Information Exposure Through Discrepancy vulnerability in multiple products

A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information.

5.5
2020-09-01 CVE-2020-6874 ZTE Insufficiently Protected Credentials vulnerability in ZTE Zxiptv Firmware Zxiptvwebpv5.09.08.04

A ZTE product is impacted by the cryptographic issues vulnerability.

5.5
2020-09-04 CVE-2020-24963 Appsbd Cross-site Scripting vulnerability in Appsbd Best Support System 3.0.4

An Authenticated Persistent XSS vulnerability was discovered in the Best Support System, tested version v3.0.4.

5.4
2020-09-01 CVE-2020-2246 Jenkins Cross-site Scripting vulnerability in Jenkins Valgrind

Jenkins Valgrind Plugin 0.28 and earlier does not escape content in Valgrind XML reports, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control Valgrind XML report contents.

5.4
2020-09-01 CVE-2020-2244 Jenkins Cross-site Scripting vulnerability in Jenkins Build Failure Analyzer

Jenkins Build Failure Analyzer Plugin 1.27.0 and earlier does not escape matching text in a form validation response, resulting in a cross-site scripting (XSS) vulnerability exploitable by attackers able to provide console output for builds used to test build log indications.

5.4
2020-09-01 CVE-2020-2243 Jenkins Cross-site Scripting vulnerability in Jenkins Cadence Vmanager

Jenkins Cadence vManager Plugin 3.0.4 and earlier does not escape build descriptions in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Run/Update permission.

5.4
2020-09-01 CVE-2020-2238 Jenkins Cross-site Scripting vulnerability in Jenkins GIT Parameter

Jenkins Git Parameter Plugin 0.9.12 and earlier does not escape the repository field on the 'Build with Parameters' page, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

5.4
2020-09-01 CVE-2018-12475 Opensuse Externally Controlled Reference to a Resource in Another Sphere vulnerability in Opensuse Open Build Service

A Externally Controlled Reference to a Resource in Another Sphere vulnerability in obs-service-download_files of openSUSE Open Build Service allows authenticated users to generate HTTP request against internal networks and potentially downloading data that is exposed there.

5.4
2020-08-31 CVE-2020-13828 Dolibarr Cross-site Scripting vulnerability in Dolibarr Erp/Crm 11.0.4

Dolibarr 11.0.4 is affected by multiple stored Cross-Site Scripting (XSS) vulnerabilities that could allow remote authenticated attackers to inject arbitrary web script or HTML via ticket/card.php?action=create with the subject, message, or address parameter; adherents/card.php with the societe or address parameter; product/card.php with the label or customcode parameter; or societe/card.php with the alias or barcode parameter.

5.4
2020-08-31 CVE-2020-15020 Elementor Cross-site Scripting vulnerability in Elementor Website Builder

An issue was discovered in the Elementor plugin through 2.9.13 for WordPress.

5.4
2020-09-04 CVE-2020-3542 Cisco Improper Input Validation vulnerability in Cisco Webex Training

A vulnerability in Cisco Webex Training could allow an authenticated, remote attacker to join a password-protected meeting without providing the meeting password.

5.3
2020-08-31 CVE-2020-20627 Givewp Missing Authentication for Critical Function vulnerability in Givewp

The includes/gateways/stripe/includes/admin/admin-actions.php in GiveWP plugin through 2.5.9 for WordPress allows unauthenticated settings change.

5.3
2020-09-04 CVE-2020-24981 Ucms Project Incorrect Authorization vulnerability in Ucms Project Ucms 1.4.8

An Incorrect Access Control vulnerability exists in /ucms/chk.php in UCMS 1.4.8.

5.0
2020-09-04 CVE-2020-3546 Cisco Improper Input Validation vulnerability in Cisco Asyncos

A vulnerability in the web-based management interface of Cisco AsyncOS software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to access sensitive information on an affected device.

5.0
2020-09-03 CVE-2020-1890 Whatsapp Improper Input Validation vulnerability in Whatsapp

A URL validation issue in WhatsApp for Android prior to v2.20.11 and WhatsApp Business for Android prior to v2.20.2 could have caused the recipient of a sticker message containing deliberately malformed data to load an image from a sender-controlled URL without user interaction.

5.0
2020-09-03 CVE-2020-24876 Pancakeapp Use of Hard-coded Credentials vulnerability in Pancakeapp Pancake

Use of a hard-coded cryptographic key in Pancake versions < 4.13.29 allows an attacker to forge session cookies, which may lead to remote privilege escalation.

5.0
2020-09-03 CVE-2020-23811 Xuxueli Information Exposure vulnerability in Xuxueli Xxl-Job 2.2.0

xxl-job 2.2.0 allows Information Disclosure of username, model, and password via job/admin/controller/UserController.java.

5.0
2020-09-03 CVE-2020-25105 Eramba Weak Password Recovery Mechanism for Forgotten Password vulnerability in Eramba 2.19.3/2.8.1

eramba c2.8.1 and Enterprise before e2.19.3 has a weak password recovery token (createHash has only a million possibilities).

5.0
2020-09-03 CVE-2020-25068 Setelsa Security Path Traversal vulnerability in Setelsa-Security Conacwin 3.7.1.2

Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vulnerability.

5.0
2020-09-02 CVE-2020-5386 Dell Exposure of Resource to Wrong Sphere vulnerability in Dell EMC Elastic Cloud Storage 3.4.0.0/3.4.0.1

Dell EMC ECS, versions prior to 3.5, contains an Exposure of Resource vulnerability.

5.0
2020-09-02 CVE-2020-5779 Tradingtechnologies Unspecified vulnerability in Tradingtechnologies Trading Technologies Messaging 7.1.28.3

A flaw in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) relates to invalid parameter handling when calling strcpy_s() with an invalid parameter (i.e., a long src string parameter) as a part of processing a type 4 message sent to default TCP RequestPort 10200.

5.0
2020-09-02 CVE-2020-5778 Tradingtechnologies Improper Input Validation vulnerability in Tradingtechnologies Trading Technologies Messaging 7.1.28.3

A flaw exists in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) due to improper validation of user-supplied data when processing a type 8 message sent to default TCP RequestPort 10200.

5.0
2020-09-02 CVE-2020-5622 Shadan KUN Unspecified vulnerability in Shadan-Kun Server Security Type 1.5.3

Shadankun Server Security Type (excluding normal blocking method types) Ver.1.5.3 and earlier allows remote attackers to cause a denial of service which may result in not being able to add newly detected attack source IP addresses as blocking targets for about 10 minutes via a specially crafted request.

5.0
2020-09-02 CVE-2020-25073 Debian Exposure of Resource to Wrong Sphere vulnerability in Debian Freedombox

FreedomBox through 20.13 allows remote attackers to obtain sensitive information from the /server-status page of the Apache HTTP Server, because a connection from the Tor onion service (or from PageKite) is considered a local connection.

5.0
2020-09-01 CVE-2020-6873 ZTE Unspecified vulnerability in ZTE Zxr10 2800-4 Almpufb(Low) Firmware

A ZTE product has a DoS vulnerability.

5.0
2020-09-01 CVE-2012-3338 IBM Improper Input Validation vulnerability in IBM Infosphere Guardium 8.0/8.01/8.2

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the create new user account functionality.

5.0
2020-09-01 CVE-2020-23971 Gmapfp Incorrect Default Permissions vulnerability in Gmapfp J3.30

gmapfp.org Joomla Component GMapFP J3.30pro is affected by Insecure Permissions.

5.0
2020-09-01 CVE-2012-3337 IBM Path Traversal vulnerability in IBM Infosphere Guardium 8.0/8.01/8.2

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to traverse directories on the system.

5.0
2020-09-01 CVE-2019-5645 Rapid7 Resource Exhaustion vulnerability in Rapid7 Metasploit

By sending a specially crafted HTTP GET request to a listening Rapid7 Metasploit HTTP handler, an attacker can register an arbitrary regular expression.

5.0
2020-09-01 CVE-2020-7669 U Root Path Traversal vulnerability in U-Root

This affects all versions of package github.com/u-root/u-root/pkg/tarutil.

5.0
2020-09-01 CVE-2020-7666 U Root Path Traversal vulnerability in U-Root

This affects all versions of package github.com/u-root/u-root/pkg/cpio.

5.0
2020-09-01 CVE-2020-7665 U Root Path Traversal vulnerability in U-Root

This affects all versions of package github.com/u-root/u-root/pkg/uzip.

5.0
2020-09-01 CVE-2020-24554 Liferay Open Redirect vulnerability in Liferay Portal

The redirect module in Liferay Portal before 7.3.3 does not limit the number of URLs resulting in a 404 error that is recorded, which allows remote attackers to perform a denial of service attack by making repeated requests for pages that do not exist.

5.0
2020-09-01 CVE-2020-14178 Atlassian Unspecified vulnerability in Atlassian products

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate project keys via an Information Disclosure vulnerability in the /browse.PROJECTKEY endpoint.

5.0
2020-08-31 CVE-2020-25064 Google Unspecified vulnerability in Google Android

An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software.

5.0
2020-08-31 CVE-2020-25063 Google Improper Input Validation vulnerability in Google Android

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software.

5.0
2020-08-31 CVE-2020-25059 Google Improper Input Validation vulnerability in Google Android

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software.

5.0
2020-08-31 CVE-2020-25056 Google Improper Check for Unusual or Exceptional Conditions vulnerability in Google Android 10.0

An issue was discovered on Samsung mobile devices with Q(10.0) (Galaxy S20) software.

5.0
2020-08-31 CVE-2020-25051 Google Unspecified vulnerability in Google Android 10.0/9.0

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software.

5.0
2020-08-31 CVE-2020-25050 Google Unspecified vulnerability in Google Android 10.0/9.0

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software.

5.0
2020-08-31 CVE-2020-2075 Sick Improper Handling of Exceptional Conditions vulnerability in Sick products

Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x – CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, LMS12x, LMS13x, LMS14x, LMS5xx, LMS53x, MSC800, RFH.

5.0
2020-08-31 CVE-2020-14364 Qemu
Redhat
Fedoraproject
Debian
Opensuse
Canonical
Out-of-bounds Write vulnerability in multiple products

An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0.

5.0
2020-08-31 CVE-2020-7525 Schneider Electric Improper Restriction of Excessive Authentication Attempts vulnerability in Schneider-Electric Spacelynk Firmware and Wiser FOR KNX Firmware

Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an attacker to guess a password when brute force is used.

5.0
2020-08-31 CVE-2020-7524 Schneider Electric Out-of-bounds Write vulnerability in Schneider-Electric Modicon M218 Firmware 4.3/5.0.0.7

Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (V5.0.0.7 and prior) which could cause Denial of Service when sending specific crafted IPV4 packet to the controller: Sending a specific IPv4 protocol package to Schneider Electric Modicon M218 Logic Controller can cause IPv4 devices to go down.

5.0
2020-08-31 CVE-2020-20625 Slicedinvoices SQL Injection vulnerability in Slicedinvoices Sliced Invoices 3.8.2

Sliced Invoices plugin for WordPress 3.8.2 and earlier allows unauthenticated information disclosure and authenticated SQL injection via core/class-sliced.php.

5.0
2020-08-31 CVE-2020-15687 Linuxfoundation Unspecified vulnerability in Linuxfoundation Acrn 1.6.1/2.0

Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads.

5.0
2020-08-31 CVE-2020-12645 Open Xchange Improper Input Validation vulnerability in Open-Xchange Appsuite 7.10.1

OX App Suite 7.10.1 to 7.10.3 has improper input validation for rate limits with a crafted User-Agent header, spoofed vacation notices, and /apps/load memory consumption.

5.0
2020-08-31 CVE-2020-25032 Flask Cors Project
Debian
Opensuse
Path Traversal vulnerability in multiple products

An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9.

5.0
2020-09-03 CVE-2020-10720 Linux Use After Free vulnerability in Linux Kernel

A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2.

4.9
2020-09-03 CVE-2020-24863 Midnightbsd
Freebsd
Out-of-bounds Write vulnerability in multiple products

A memory corruption vulnerability was found in the kernel function kern_getfsstat in MidnightBSD before 1.2.7 and 1.3 through 2020-08-19, and FreeBSD through 11.4, that allows an attacker to trigger an invalid free and crash the system via a crafted size value in conjunction with an invalid mode.

4.9
2020-09-03 CVE-2020-24385 Midnightbsd
Freebsd
NULL Pointer Dereference vulnerability in multiple products

In MidnightBSD before 1.2.6 and 1.3 before August 2020, and FreeBSD before 7, a NULL pointer dereference was found in the Linux emulation layer that allows attackers to crash the running kernel.

4.9
2020-09-04 CVE-2020-3451 Cisco Improper Input Validation vulnerability in Cisco products

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 Series Routers could allow an authenticated, remote attacker with administrative credentials to execute arbitrary commands on the underlying operating system (OS) as a restricted user.

4.7
2020-09-01 CVE-2020-8335 Lenovo Unspecified vulnerability in Lenovo products

The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad A285, BIOS versions up to r0xuj70w; A485, BIOS versions up to r0wuj65w; T495 BIOS versions up to r12uj55w; T495s/X395, BIOS versions up to r13uj47w, while the emergency-reset button is pressed which may allow for unauthorized access.

4.6
2020-08-31 CVE-2020-25060 Google Improper Privilege Management vulnerability in Google Android

An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software.

4.6
2020-08-31 CVE-2020-7527 Schneider Electric Incorrect Default Permissions vulnerability in Schneider-Electric Somove 1.7/2.8.1

Incorrect Default Permission vulnerability exists in SoMove (V2.8.1) and prior which could cause elevation of privilege and provide full access control to local system users to SoMove component and services when a SoMove installer script is launched.

4.6
2020-08-31 CVE-2020-13468 Gigadevice Incorrect Default Permissions vulnerability in Gigadevice Gd32F130 Firmware

Gigadevice GD32F130 devices allow physical attackers to escalate their debug interface permissions via fault injection into inter-IC bonding wires (which have insufficient physical protection).

4.6
2020-08-31 CVE-2020-13465 Gigadevice Improper Input Validation vulnerability in Gigadevice Gd32F103 Firmware

The security protection in Gigadevice GD32F103 devices allows physical attackers to redirect the control flow and execute arbitrary code via the debug interface.

4.6
2020-08-31 CVE-2020-5419 Pivotal Software
Vmware
Uncontrolled Search Path Element vulnerability in multiple products

RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution.

4.6
2020-09-04 CVE-2020-3541 Cisco Information Exposure Through Log Files vulnerability in Cisco Webex Meetings and Webex Teams

A vulnerability in the media engine component of Cisco Webex Meetings Client for Windows, Cisco Webex Meetings Desktop App for Windows, and Cisco Webex Teams for Windows could allow an authenticated, local attacker to gain access to sensitive information.

4.4
2020-09-03 CVE-2020-24162 Tencent Uncontrolled Search Path Element vulnerability in Tencent 5.8.2.5300

The Shenzhen Tencent app 5.8.2.5300 for PC platforms (from Tencent App Center) has a DLL hijacking vulnerability.

4.4
2020-09-03 CVE-2020-24161 163 Untrusted Search Path vulnerability in 163 Netease Mail Master 4.14.1.1004

Guangzhou NetEase Mail Master 4.14.1.1004 on Windows has a DLL hijacking vulnerability.

4.4
2020-09-03 CVE-2020-24160 Tencent Untrusted Search Path vulnerability in Tencent TIM 3.0.0.21315

Shenzhen Tencent TIM Windows client 3.0.0.21315 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code.

4.4
2020-09-03 CVE-2020-24159 163 Untrusted Search Path vulnerability in 163 Netease Youdao Dictionary 8.9.2.0

NetEase Youdao Dictionary has a DLL hijacking vulnerability, which can be exploited by attackers to gain server permissions.

4.4
2020-09-03 CVE-2020-24158 360 Untrusted Search Path vulnerability in 360 Speed Browser 12.0.1247.0

360 Speed Browser 12.0.1247.0 has a DLL hijacking vulnerability, which can be exploited by attackers to execute malicious code.

4.4
2020-09-03 CVE-2020-7382 Rapid7 Unquoted Search Path or Element vulnerability in Rapid7 Nexpose

Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted Search Path which may allow an attacker on the local machine to insert an arbitrary file into the executable path.

4.4
2020-09-02 CVE-2020-25045 Kaspersky Uncontrolled Search Path Element vulnerability in Kaspersky Security Center and Security Center web Console

Installers of Kaspersky Security Center and Kaspersky Security Center Web Console prior to 12 & prior to 12 Patch A were vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges in the system.

4.4
2020-09-02 CVE-2020-15167 Johnkerl Uncontrolled Search Path Element vulnerability in Johnkerl Miller 5.9.0

In Miller (command line utility) using the configuration file support introduced in version 5.9.0, it is possible for an attacker to cause Miller to run arbitrary code by placing a malicious `.mlrrc` file in the working directory.

4.4
2020-08-31 CVE-2020-7523 Schneider Electric Improper Privilege Management vulnerability in Schneider-Electric Modbus Driver Suite and Modbus Serial Driver

Improper Privilege Management vulnerability exists in Schneider Electric Modbus Serial Driver (see security notification for versions) which could cause local privilege escalation when the Modbus Serial Driver service is invoked.

4.4
2020-09-04 CVE-2020-24941 Laravel Improper Input Validation vulnerability in Laravel

An issue was discovered in Laravel before 6.18.35 and 7.x before 7.24.0.

4.3
2020-09-04 CVE-2020-24940 Laravel Improper Input Validation vulnerability in Laravel

An issue was discovered in Laravel before 6.18.34 and 7.x before 7.23.2.

4.3
2020-09-03 CVE-2019-11928 Whatsapp Cross-site Scripting vulnerability in Whatsapp Desktop

An input validation issue in WhatsApp Desktop versions prior to v0.3.4932 could have allowed cross-site scripting upon clicking on a link from a specially crafted live location message.

4.3
2020-09-03 CVE-2020-25102 Advanced Reports Project Cross-site Scripting vulnerability in Advanced Reports Project Advanced Reports

silverstripe-advancedreports (aka the Advanced Reports module for SilverStripe) 1.0 through 2.0 is vulnerable to Cross-Site Scripting (XSS) because it is possible to inject and store malicious JavaScript code.

4.3
2020-09-03 CVE-2020-23814 Xuxueli Cross-site Scripting vulnerability in Xuxueli Xxl-Job 2.2.0

Multiple cross-site scripting (XSS) vulnerabilities in xxl-job v2.2.0 allow remote attackers to inject arbitrary web script or HTML via (1) AppName and (2)AddressList parameter in JobGroupController.java file.

4.3
2020-09-03 CVE-2020-13972 Enghouse Cross-site Scripting vulnerability in Enghouse web Chat 6.2.284.34

Enghouse Web Chat 6.2.284.34 allows XSS.

4.3
2020-09-03 CVE-2020-4337 IBM Unspecified vulnerability in IBM API Connect

IBM API Connect 2018.4.1.0 through 2018.4.1.12 could allow an attacker to launch phishing attacks by tricking the server to generate user registration emails that contain malicious URLs.

4.3
2020-09-03 CVE-2020-12058 Oscommerce Cross-site Scripting vulnerability in Oscommerce CE Phoenix 1.0.6.0

Several XSS vulnerabilities in osCommerce CE Phoenix before 1.0.6.0 allow an attacker to inject and execute arbitrary JavaScript code.

4.3
2020-09-03 CVE-2020-25093 Ecommerce Codeigniter Bootstrap Project Cross-site Scripting vulnerability in Ecommerce-Codeigniter-Bootstrap Project Ecommerce-Codeigniter-Bootstrap

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in blog.php.

4.3
2020-09-03 CVE-2020-25092 Ecommerce Codeigniter Bootstrap Project Cross-site Scripting vulnerability in Ecommerce-Codeigniter-Bootstrap Project Ecommerce-Codeigniter-Bootstrap

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in _parts/header.php, within application/views/templates/clothesshop, application/views/templates/greenlabel, and application/views/templates/redlabel.

4.3
2020-09-03 CVE-2020-25091 Ecommerce Codeigniter Bootstrap Project Cross-site Scripting vulnerability in Ecommerce-Codeigniter-Bootstrap Project Ecommerce-Codeigniter-Bootstrap

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/vendor/views/add_product.php.

4.3
2020-09-03 CVE-2020-25090 Ecommerce Codeigniter Bootstrap Project Cross-site Scripting vulnerability in Ecommerce-Codeigniter-Bootstrap Project Ecommerce-Codeigniter-Bootstrap

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/publish.php.

4.3
2020-09-03 CVE-2020-25089 Ecommerce Codeigniter Bootstrap Project Cross-site Scripting vulnerability in Ecommerce-Codeigniter-Bootstrap Project Ecommerce-Codeigniter-Bootstrap

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/ecommerce/discounts.php.

4.3
2020-09-03 CVE-2020-25088 Ecommerce Codeigniter Bootstrap Project Cross-site Scripting vulnerability in Ecommerce-Codeigniter-Bootstrap Project Ecommerce-Codeigniter-Bootstrap

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/blog/blogpublish.php.

4.3
2020-09-03 CVE-2020-25087 Ecommerce Codeigniter Bootstrap Project Cross-site Scripting vulnerability in Ecommerce-Codeigniter-Bootstrap Project Ecommerce-Codeigniter-Bootstrap

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/advanced_settings/languages.php.

4.3
2020-09-03 CVE-2020-25086 Ecommerce Codeigniter Bootstrap Project Cross-site Scripting vulnerability in Ecommerce-Codeigniter-Bootstrap Project Ecommerce-Codeigniter-Bootstrap

Ecommerce-CodeIgniter-Bootstrap before 2020-08-03 allows XSS in application/modules/admin/views/advanced_settings/adminUsers.php.

4.3
2020-09-02 CVE-2020-24604 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.5.1

A Reflected XSS vulnerability was discovered in Ignite Realtime Openfire version 4.5.1.

4.3
2020-09-02 CVE-2020-24602 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.5.1

Ignite Realtime Openfire 4.5.1 has a reflected Cross-site scripting vulnerability which allows an attacker to execute arbitrary malicious URL via the vulnerable GET parameter searchName", "searchValue", "searchDescription", "searchDefaultValue","searchPlugin", "searchDescription" and "searchDynamic" in the Server Properties and Security Audit Viewer JSP page

4.3
2020-09-02 CVE-2020-24601 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.5.1

In Ignite Realtime Openfire 4.5.1 a Stored Cross-site Vulnerability allows an attacker to execute an arbitrary malicious URL via the vulnerable POST parameter searchName", "alias" in the import certificate trusted page

4.3
2020-09-01 CVE-2020-23831 Stock Management System Project Cross-site Scripting vulnerability in Stock Management System Project Stock Management System 1.0

A Reflected Cross-Site Scripting (XSS) vulnerability in the index.php login-portal webpage of SourceCodester Stock Management System v1.0 allows remote attackers to harvest login credentials and session cookies when an unauthenticated victim clicks on a malicious URL and enters credentials.

4.3
2020-09-01 CVE-2020-2251 Jenkins Cleartext Transmission of Sensitive Information vulnerability in Jenkins and Soapui PRO Functional Testing

Jenkins SoapUI Pro Functional Testing Plugin 1.5 and earlier transmits project passwords in its configuration in plain text as part of job configuration forms, potentially resulting in their exposure.

4.3
2020-09-01 CVE-2020-2239 Jenkins Missing Encryption of Sensitive Data vulnerability in Jenkins Parameterized Remote Trigger

Jenkins Parameterized Remote Trigger Plugin 3.1.3 and earlier stores a secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system.

4.3
2020-08-31 CVE-2020-20628 Appsaloon Cross-site Scripting vulnerability in Appsaloon Wp-Gdpr 2.1.1

controller/controller-comments.php in WP GDPR plugin through 2.1.1 has unauthenticated stored XSS.

4.3
2020-08-31 CVE-2020-24699 Chamber Dashboard Business Directory Project Cross-site Scripting vulnerability in Chamber Dashboard Business Directory Project Chamber Dashboard Business Directory 3.2.8

The Chamber Dashboard Business Directory plugin 3.2.8 for WordPress allows XSS.

4.3
2020-08-31 CVE-2020-17465 Forgerock Cross-site Scripting vulnerability in Forgerock Identity Manager 6.0.0.6/6.5.0.4

Dashboards and progressiveProfileForms in ForgeRock Identity Manager before 7.0.0 are vulnerable to stored XSS.

4.3
2020-08-31 CVE-2020-13655 O DYN Cross-site Scripting vulnerability in O-Dyn Collabtive 3.0/3.1

An issue was discovered in Collabtive 3.0 and later.

4.3
2020-08-31 CVE-2020-11617 Thomsonstb
Philips
Improper Certificate Validation vulnerability in multiple products

The RSS application on THOMSON THT741FTA 2.2.1 and Philips DTR3502BFTA DVB-T2 2.2.1 set-top boxes doesn't validate the SSL certificates of RSS servers, which allows a man-in-the-middle attacker to modify the data delivered to the client.

4.3
2020-09-04 CVE-2020-7299 Mcafee Insufficiently Protected Credentials vulnerability in Mcafee True KEY 5.1.165

Cleartext Storage of Sensitive Information in Memory vulnerability in Microsoft Windows client in McAfee True Key (TK) prior to 6.2.109.2 allows a local user logged in with administrative privileges to access to another user’s passwords on the same machine via triggering a process dump in specific situations.

4.1
2020-09-04 CVE-2020-4632 IBM Server-Side Request Forgery (SSRF) vulnerability in IBM Infosphere Metadata Asset Manager 11.7

IBM InfoSphere Metadata Asset Manager 11.7 is vulnerable to server-side request forgery.

4.0
2020-09-04 CVE-2020-7119 Arubanetworks Unspecified vulnerability in Arubanetworks Analytics and Location Engine

A vulnerability exists in the Aruba Analytics and Location Engine (ALE) web management interface 2.1.0.2 and earlier firmware that allows an already authenticated administrative user to arbitrarily modify files as an underlying privileged operating system user.

4.0
2020-09-03 CVE-2020-5418 Cloudfoundry Incorrect Authorization vulnerability in Cloudfoundry Capi-Release

Cloud Foundry CAPI (Cloud Controller) versions prior to 1.98.0 allow authenticated users having only the "cloud_controller.read" scope, but no roles in any spaces, to list all droplets in all spaces (whereas they should see none).

4.0
2020-09-02 CVE-2020-25026 Derhansen Incorrect Authorization vulnerability in Derhansen Event Management and Registration

The sf_event_mgt (aka Event management and registration) extension before 4.3.1 and 5.x before 5.1.1 for TYPO3 allows Information Disclosure (participant data, and event data via email) because of Broken Access Control.

4.0
2020-09-02 CVE-2020-25025 Localization Manager Project Missing Authorization vulnerability in Localization Manager Project Localization Manager

The l10nmgr (aka Localization Manager) extension before 7.4.0, 8.x before 8.7.0, and 9.x before 9.2.0 for TYPO3 allows Information Disclosure (translatable fields).

4.0
2020-09-01 CVE-2012-3340 IBM XML Entity Expansion vulnerability in IBM Infosphere Guardium 8.0/8.0.1/8.2

IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by improper validation of user-supplied input.

4.0
2020-08-31 CVE-2020-12644 Open Xchange Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite

OX App Suite 7.10.3 and earlier allows SSRF, related to the mail account API and the /folder/list API.

4.0
2020-08-31 CVE-2020-12643 Open Xchange Incorrect Authorization vulnerability in Open-Xchange Appsuite

OX App Suite 7.10.3 and earlier has Incorrect Access Control via an /api/subscriptions request for a snippet containing an email address.

4.0

45 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-02 CVE-2020-25044 Kaspersky Unspecified vulnerability in Kaspersky Virus Removal Tool

Kaspersky Virus Removal Tool (KVRT) prior to 15.0.23.0 was vulnerable to arbitrary file corruption that could provide an attacker with the opportunity to eliminate content of any file in the system.

3.6
2020-09-02 CVE-2020-25043 Kaspersky Unspecified vulnerability in Kaspersky VPN Secure Connection

The installer of Kaspersky VPN Secure Connection prior to 5.0 was vulnerable to arbitrary file deletion that could allow an attacker to delete any file in the system.

3.6
2020-09-02 CVE-2020-12621 Teamwire Incorrect Authorization vulnerability in Teamwire 5.3.0

The Teamwire application 5.3.0 for Android allows physically proximate attackers to exploit a flaw related to the pass-code component.

3.6
2020-09-01 CVE-2020-24558 Trendmicro Out-of-bounds Read vulnerability in Trendmicro products

A vulnerability in an Trend Micro Apex One, Worry-Free Business Security 10.0 SP1 and Worry-Free Business Security Services dll may allow an attacker to manipulate it to cause an out-of-bounds read that crashes multiple processes in the product.

3.6
2020-09-04 CVE-2020-4702 IBM Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.7

IBM InfoSphere Information Server 11.7 is vulnerable to stored cross-site scripting.

3.5
2020-09-03 CVE-2020-25124 Vbulletin Cross-site Scripting vulnerability in Vbulletin 5.6.3

The Admin CP in vBulletin 5.6.3 allows XSS via an admincp/attachment.php&do=rebuild&type= URI.

3.5
2020-09-03 CVE-2020-25123 Vbulletin Cross-site Scripting vulnerability in Vbulletin 5.6.3

The Admin CP in vBulletin 5.6.3 allows XSS via a Smilie Title to Smilies Manager.

3.5
2020-09-03 CVE-2020-25122 Vbulletin Cross-site Scripting vulnerability in Vbulletin 5.6.3

The Admin CP in vBulletin 5.6.3 allows XSS via a Rank Type to User Rank Manager.

3.5
2020-09-03 CVE-2020-25121 Vbulletin Cross-site Scripting vulnerability in Vbulletin 5.6.3

The Admin CP in vBulletin 5.6.3 allows XSS via the Paid Subscription Email Notification field in the Options.

3.5
2020-09-03 CVE-2020-25120 Vbulletin Cross-site Scripting vulnerability in Vbulletin 5.6.3

The Admin CP in vBulletin 5.6.3 allows XSS via the admincp/search.php?do=dosearch URI.

3.5
2020-09-03 CVE-2020-25119 Vbulletin Cross-site Scripting vulnerability in Vbulletin 5.6.3

The Admin CP in vBulletin 5.6.3 allows XSS via a Title of a Child Help Item in the Login/Logoff part of the User Manual.

3.5
2020-09-03 CVE-2020-25118 Vbulletin Cross-site Scripting vulnerability in Vbulletin 5.6.3

The Admin CP in vBulletin 5.6.3 allows XSS via a Style Options Settings Title to Styles Manager.

3.5
2020-09-03 CVE-2020-25117 Vbulletin Cross-site Scripting vulnerability in Vbulletin 5.6.3

The Admin CP in vBulletin 5.6.3 allows XSS via a Junior Member Title to User Title Manager.

3.5
2020-09-03 CVE-2020-25116 Vbulletin Cross-site Scripting vulnerability in Vbulletin 5.6.3

The Admin CP in vBulletin 5.6.3 allows XSS via an Announcement Title to Channel Manager.

3.5
2020-09-03 CVE-2020-25115 Vbulletin Cross-site Scripting vulnerability in Vbulletin 5.6.3

The Admin CP in vBulletin 5.6.3 allows XSS via an Occupation Title or Description to User Profile Field Manager.

3.5
2020-09-03 CVE-2020-25104 Eramba Cross-site Scripting vulnerability in Eramba 2.19.3/2.8.1

eramba c2.8.1 and Enterprise before e2.19.3 allows XSS via a crafted filename for a file attached to an object.

3.5
2020-09-02 CVE-2020-4546 IBM Cross-site Scripting vulnerability in IBM products

IBM Jazz Team Server based Applications are vulnerable to cross-site scripting.

3.5
2020-09-02 CVE-2020-4522 IBM Cross-site Scripting vulnerability in IBM products

IBM Jazz Team Server based Applications are vulnerable to cross-site scripting.

3.5
2020-09-02 CVE-2020-4445 IBM Cross-site Scripting vulnerability in IBM products

IBM Jazz Team Server based Applications are vulnerable to cross-site scripting.

3.5
2020-09-02 CVE-2020-17458 Fabbricadigitale Cross-site Scripting vulnerability in Fabbricadigitale Multiux 3.1.12.0

A post-authenticated stored XSS was found in MultiUx v.3.1.12.0 via the /multiux/SaveMailbox LastName field.

3.5
2020-09-01 CVE-2012-3341 IBM Cross-site Scripting vulnerability in IBM Infosphere Guardium

IBM InfoSphere Guardium 7.0, 8.0, 8.01, and 8.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input.

3.5
2020-09-01 CVE-2020-23450 Spiceworks Cross-site Scripting vulnerability in Spiceworks

Spiceworks Version <= 7.5.00107 is affected by XSS.

3.5
2020-08-31 CVE-2020-20626 Lara S Google Analytics Project Cross-site Scripting vulnerability in Lara'S Google Analytics Project Lara'S Google Analytics

lara-google-analytics.php in Lara Google Analytics plugin through 2.0.4 for WordPress allows authenticated stored XSS.

3.5
2020-08-31 CVE-2020-12646 Open Xchange Cross-site Scripting vulnerability in Open-Xchange Appsuite

OX App Suite 7.10.3 and earlier allows XSS via text/x-javascript, text/rdf, or a PDF document.

3.5
2020-09-02 CVE-2020-24654 KDE
Canonical
Debian
Opensuse
Fedoraproject
Link Following vulnerability in multiple products

In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory.

3.3
2020-09-01 CVE-2020-2249 Jenkins Missing Encryption of Sensitive Data vulnerability in Jenkins Team Foundation Server

Jenkins Team Foundation Server Plugin 5.157.1 and earlier stores a webhook secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system.

3.3
2020-09-01 CVE-2020-14514 Nmfc Information Exposure Through Sent Data vulnerability in Nmfc Power Line Communications

All trailer Power Line Communications are affected.

3.3
2020-08-31 CVE-2020-13595 Espressif Reachable Assertion vulnerability in Espressif Esp-Idf 4.0.0/4.1/4.2

The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.0 through 4.2 (for ESP32 devices) returns the wrong number of completed BLE packets and triggers a reachable assertion on the host stack when receiving a packet with an MIC failure.

3.3
2020-08-31 CVE-2020-13594 Espressif Improper Input Validation vulnerability in Espressif Esp-Idf

The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.2 and earlier (for ESP32 devices) does not properly restrict the channel map field of the connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.

3.3
2020-09-05 CVE-2020-15709 Canonical Unspecified vulnerability in Canonical Add-Apt-Repository

Versions of add-apt-repository before 0.98.9.2, 0.96.24.32.14, 0.96.20.10, and 0.92.37.8ubuntu0.1~esm1, printed a PPA (personal package archive) description to the terminal as-is, which allowed PPA owners to provide ANSI terminal escapes to modify terminal contents in unexpected ways.

2.1
2020-09-03 CVE-2020-9235 Huawei Information Exposure vulnerability in Huawei products

Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C185E3R5P1),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.212(C432E10R3P4),Versions earlier than 10.1.0.213(C636E3R4P3),Versions earlier than 10.1.0.214(C10E5R4P3),Versions earlier than 10.1.0.214(C185E3R3P3);Versions earlier than 10.1.0.212(C00E210R5P1);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C01E160R2P11);Versions earlier than 10.1.0.160(C00E160R2P11);Versions earlier than 10.1.0.160(C00E160R8P12);Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 10.1.0.231(C10E3R3P2),Versions earlier than 10.1.0.231(C636E3R3P1);Versions earlier than 10.1.0.225(C431E3R1P2),Versions earlier than 10.1.0.225(C432E3R1P2) contain an information vulnerability.

2.1
2020-09-03 CVE-2020-9083 Huawei Improper Input Validation vulnerability in Huawei Mate 20 Firmware

HUAWEI Mate 20 smart phones with Versions earlier than 10.1.0.163(C00E160R3P8) have a denial of service (DoS) vulnerability.

2.1
2020-09-01 CVE-2020-8341 Lenovo Unspecified vulnerability in Lenovo products

In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash.

2.1
2020-09-01 CVE-2020-15704 Canonical Improper Input Validation vulnerability in Canonical PPP

The modprobe child process in the ./debian/patches/load_ppp_generic_if_needed patch file incorrectly handled module loading.

2.1
2020-08-31 CVE-2020-25048 Google Injection vulnerability in Google Android 10.0

An issue was discovered on Samsung mobile devices with Q(10.0) (with ONEUI 2.1) software.

2.1
2020-08-31 CVE-2020-25047 Google Unspecified vulnerability in Google Android 10.0/9.0

An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (released in China and India) software.

2.1
2020-08-31 CVE-2020-25046 Google Information Exposure Through Log Files vulnerability in Google Android

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software.

2.1
2020-08-31 CVE-2020-13472 Gigadevice Exposure of Resource to Wrong Sphere vulnerability in Gigadevice Gd32F103 Firmware

The flash memory readout protection in Gigadevice GD32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the DMA module.

2.1
2020-08-31 CVE-2020-13470 Gigadevice Exposure of Resource to Wrong Sphere vulnerability in Gigadevice Gd32F103 Firmware and Gd32F130 Firmware

Gigadevice GD32F103 and GD32F130 devices allow physical attackers to extract data via the probing of easily accessible bonding wires and de-obfuscation of the observed data.

2.1
2020-08-31 CVE-2020-13469 Gigadevice Exposure of Resource to Wrong Sphere vulnerability in Gigadevice Gd32Vf103 Firmware

The flash memory readout protection in Gigadevice GD32VF103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU.

2.1
2020-08-31 CVE-2020-13467 Cksic Improper Handling of Exceptional Conditions vulnerability in Cksic Cks32F103 Firmware

The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling.

2.1
2020-08-31 CVE-2020-13463 Apexmic Improper Handling of Exceptional Conditions vulnerability in Apexmic Apm32F103 Firmware

The flash memory readout protection in Apex Microelectronics APM32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling.

2.1
2020-08-31 CVE-2020-12829 Qemu
Canonical
Debian
Integer Overflow or Wraparound vulnerability in multiple products

In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation.

2.1
2020-08-31 CVE-2020-4492 IBM Argument Injection or Modification vulnerability in IBM Spectrum Scale

IBM Spectrum Scale V5.0.0.0 through V5.0.4.3 and V4.2.0.0 through V4.2.3.21 could allow a local attacker to cause a denial of service crashing the kernel by sending a subset of ioctls on the device with invalid arguments.

2.1
2020-08-31 CVE-2020-13464 Cksic Information Exposure vulnerability in Cksic Cks32F103 Firmware

The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU or DMA module.

1.9