Weekly Vulnerabilities Reports > September 14 to 20, 2020

Overview

449 new vulnerabilities reported during this period, including 46 critical vulnerabilities and 157 high severity vulnerabilities. This weekly summary report vulnerabilities in 415 products from 122 vendors including Google, Jenkins, Gitlab, Redhat, and Debian. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Out-of-bounds Read", "Missing Authorization", and "Improper Input Validation".

  • 259 reported vulnerabilities are remotely exploitables.
  • 14 reported vulnerabilities have public exploit available.
  • 103 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 203 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 151 reported vulnerabilities.
  • Google has the most reported critical vulnerabilities, with 7 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

46 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-15 CVE-2020-15148 Yiiframework Unspecified vulnerability in Yiiframework YII

Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input.

10.0
2020-09-14 CVE-2020-13300 Gitlab Incorrect Authorization vulnerability in Gitlab 13.3.0/13.3.1/13.3.2

GitLab CE/EE version 13.3 prior to 13.3.4 was vulnerable to an OAuth authorization scope change without user consent in the middle of the authorization flow.

10.0
2020-09-19 CVE-2020-25787 TT RSS Improper Input Validation vulnerability in Tt-Rss Tiny RSS 17.4

An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16.

9.8
2020-09-18 CVE-2020-8158 Typeorm Unspecified vulnerability in Typeorm

Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.

9.8
2020-09-18 CVE-2020-15181 Alfresco Unspecified vulnerability in Alfresco Reset Password

The Alfresco Reset Password add-on before version 1.2.0 relies on untrusted inputs in a security decision.

9.8
2020-09-18 CVE-2020-15188 Brassica Unspecified vulnerability in Brassica SOY CMS

SOY CMS 3.0.2.327 and earlier is affected by Unauthenticated Remote Code Execution (RCE).

9.8
2020-09-18 CVE-2020-0354 Google Out-of-bounds Write vulnerability in Google Android 11.0

In Bluetooth, there is a possible out of bounds write due to a missing bounds check.

9.8
2020-09-18 CVE-2020-25756 Cesanta Classic Buffer Overflow vulnerability in Cesanta Mongoose 6.18

A buffer overflow vulnerability exists in the mg_get_http_header function in Cesanta Mongoose 6.18 due to a lack of bounds checking.

9.8
2020-09-17 CVE-2020-0333 Google Improper Input Validation vulnerability in Google Android 11.0

In UrlQuerySanitizer, there is a possible improper input validation.

9.8
2020-09-17 CVE-2020-25216 Yworks XML Injection (aka Blind XPath Injection) vulnerability in Yworks YED

yWorks yEd Desktop before 3.20.1 allows code execution via an XSL Transformation when using an XML file in conjunction with a custom stylesheet.

9.8
2020-09-17 CVE-2020-25215 Yworks XXE vulnerability in Yworks YED

yWorks yEd Desktop before 3.20.1 allows XXE attacks via an XML or GraphML document.

9.8
2020-09-17 CVE-2020-25489 Sqreen Out-of-bounds Write vulnerability in Sqreen Python Mini Racer

A heap overflow in Sqreen PyMiniRacer (aka Python Mini Racer) before 0.3.0 allows remote attackers to potentially exploit heap corruption.

9.8
2020-09-17 CVE-2020-24753 Objective Open Cbor RUN Time Project Use of Uninitialized Resource vulnerability in Objective Open Cbor Run-Time Project Objective Open Cbor Run-Time

A memory corruption vulnerability in Objective Open CBOR Run-time (oocborrt) in versions before 2020-08-12 could allow an attacker to execute code via crafted Concise Binary Object Representation (CBOR) input to the cbor2json decoder.

9.8
2020-09-17 CVE-2020-11698 Titanhq Command Injection vulnerability in Titanhq Spamtitan 7.07

An issue was discovered in Titan SpamTitan 7.07.

9.8
2020-09-17 CVE-2020-0380 Google Out-of-bounds Write vulnerability in Google Android

In allocExcessBits of bitalloc.c, there is a possible out of bounds write due to an incorrect bounds check.

9.8
2020-09-17 CVE-2020-0342 Google Out-of-bounds Write vulnerability in Google Android

There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812576

9.8
2020-09-17 CVE-2020-0278 Google Out-of-bounds Write vulnerability in Google Android

There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812574

9.8
2020-09-17 CVE-2020-0229 Google Out-of-bounds Write vulnerability in Google Android

There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-156333725

9.8
2020-09-17 CVE-2020-0123 Google Out-of-bounds Write vulnerability in Google Android

There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-149871374

9.8
2020-09-16 CVE-2020-14517 Wibu Use of a Broken or Risky Cryptographic Algorithm vulnerability in Wibu Codemeter 6.50A/6.81

Protocol encryption can be easily broken for CodeMeter (All versions prior to 6.90 are affected, including Version 6.90 or newer only if CodeMeter Runtime is running as server) and the server accepts external connections, which may allow an attacker to remotely communicate with the CodeMeter API.

9.8
2020-09-16 CVE-2020-14509 Wibu Unspecified vulnerability in Wibu Codemeter

Multiple memory corruption vulnerabilities exist in CodeMeter (All versions prior to 7.10) where the packet parser mechanism does not verify length fields.

9.8
2020-09-16 CVE-2020-25614 Xmlquery Project Improper Input Validation vulnerability in Xmlquery Project Xmlquery

xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service (SIGSEGV) at xmlquery.(*Node).InnerText or possibly have unspecified other impact.

9.8
2020-09-16 CVE-2020-25412 Gnuplot Project Out-of-bounds Write vulnerability in Gnuplot Project Gnuplot 5.4.0

com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution.

9.8
2020-09-16 CVE-2020-14315 Daemonology Out-of-bounds Write vulnerability in Daemonology Bsdiff 4.3

A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3.

9.8
2020-09-15 CVE-2020-23833 Projectworlds SQL Injection vulnerability in Projectworlds House Rental 1.0

Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowing remote attackers to execute arbitrary code on the hosting webserver via a malicious index.php POST request.

9.8
2020-09-15 CVE-2020-23828 Online Course Registration Project Unrestricted Upload of File with Dangerous Type vulnerability in Online Course Registration Project Online Course Registration 1.0

A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution (RCE) on the hosting webserver by uploading a crafted PHP web-shell that bypasses the image upload filters.

9.8
2020-09-15 CVE-2020-23512 VR CAM Missing Authentication for Critical Function vulnerability in VR CAM P1 Firmware

VR CAM P1 Model P1 v1 has an incorrect access control vulnerability where an attacker can obtain complete access of the device from web (remote) without authentication.

9.8
2020-09-15 CVE-2020-16098 Gallagher Missing Authentication for Critical Function vulnerability in Gallagher Command Centre

It is possible to enumerate access card credentials via an unauthenticated network connection to the server in versions of Command Centre v8.20 prior to v8.20.1166(MR3), versions of 8.10 prior to v8.10.1211(MR5), versions of 8.00 prior to v8.00.1228(MR6), all versions of 7.90 and earlier.

9.8
2020-09-14 CVE-2020-13312 Gitlab Improper Restriction of Excessive Authentication Attempts vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

9.8
2020-09-14 CVE-2020-25576 Rand Project Incorrect Type Conversion or Cast vulnerability in Rand Project Rand

An issue was discovered in the rand_core crate before 0.4.2 for Rust.

9.8
2020-09-14 CVE-2020-25575 Failure Project Type Confusion vulnerability in Failure Project Failure

An issue was discovered in the failure crate through 0.1.5 for Rust.

9.8
2020-09-14 CVE-2020-25573 Linked Hash MAP Project Access of Uninitialized Pointer vulnerability in Linked-Hash-Map Project Linked-Hash-Map

An issue was discovered in the linked-hash-map crate before 0.5.3 for Rust.

9.8
2020-09-14 CVE-2019-0230 Apache
Oracle
Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.
9.8
2020-09-14 CVE-2018-20432 Dlink Use of Hard-coded Credentials vulnerability in Dlink Covr-2600R Firmware and Covr-3902 Firmware

D-Link COVR-2600R and COVR-3902 Kit before 1.01b05Beta01 use hardcoded credentials for telnet connection, which allows unauthenticated attackers to gain privileged access to the router, and to extract sensitive data or modify the configuration.

9.8
2020-09-14 CVE-2020-24660 Lemonldap NG
Debian
Forced Browsing vulnerability in multiple products

An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used.

9.8
2020-09-17 CVE-2020-15182 SOY CMS Project
SOY Inquiry Project
The SOY Inquiry component of SOY CMS is affected by Cross-site Request Forgery (CSRF) and Remote Code Execution (RCE).
9.6
2020-09-16 CVE-2020-24377 Free Improper Input Validation vulnerability in Free products

A DNS rebinding vulnerability in the Freebox OS web interface in Freebox Server before 4.2.3.

9.6
2020-09-16 CVE-2020-24376 Free Improper Input Validation vulnerability in Free products

A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3.

9.6
2020-09-16 CVE-2020-24374 Free Improper Input Validation vulnerability in Free Freebox HD Firmware

A DNS rebinding vulnerability in Freebox v5 before 1.5.29.

9.6
2020-09-17 CVE-2020-8028 Suse Unspecified vulnerability in Suse Salt-Netapi-Client 0.16.04.14.1/0.17.03.3.2

A Improper Access Control vulnerability in the configuration of salt of SUSE Linux Enterprise Module for SUSE Manager Server 4.1, SUSE Manager Proxy 4.0, SUSE Manager Retail Branch Server 4.0, SUSE Manager Server 3.2, SUSE Manager Server 4.0 allows local users to escalate to root on every system managed by SUSE manager.

9.3
2020-09-15 CVE-2020-15178 Prestashop Unspecified vulnerability in Prestashop Contactform

In PrestaShop contactform module (prestashop/contactform) before version 4.3.0, an attacker is able to inject JavaScript while using the contact form.

9.3
2020-09-15 CVE-2020-24561 Trendmicro Command Injection vulnerability in Trendmicro Serverprotect 3.0

A command injection vulnerability in Trend Micro ServerProtect for Linux 3.0 could allow an attacker to execute arbitrary code on an affected system.

9.1
2020-09-14 CVE-2020-11684 Linux4Sam Improper Cross-boundary Removal of Sensitive Data vulnerability in Linux4Sam At91Bootstrap

AT91bootstrap before 3.9.2 does not properly wipe encryption and authentication keys from memory before passing control to a less privileged software component.

9.1
2020-09-17 CVE-2020-13169 Solarwinds Cross-site Scripting vulnerability in Solarwinds Orion Platform

Stored XSS (Cross-Site Scripting) exists in the SolarWinds Orion Platform before before 2020.2.1 on multiple forms and pages.

9.0
2020-09-15 CVE-2020-7293 Mcafee Improper Authentication vulnerability in Mcafee web Gateway

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user with low permissions to change the system's root password via improper access controls in the user interface.

9.0
2020-09-15 CVE-2020-15179 Scratch Wiki Unspecified vulnerability in Scratch-Wiki Scratchsig

The ScratchSig extension for MediaWiki before version 1.0.1 allows stored Cross-Site Scripting.

9.0

157 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-18 CVE-2020-8247 Citrix Improper Privilege Management vulnerability in Citrix products

Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b are vulnerable to escalation of privileges on the management interface.

8.8
2020-09-18 CVE-2020-15776 Gradle Incorrect Permission Assignment for Critical Resource vulnerability in Gradle Enterprise

An issue was discovered in Gradle Enterprise 2018.2 - 2020.2.4.

8.8
2020-09-18 CVE-2020-25751 Corephp SQL Injection vulnerability in Corephp Pago Commerce 2.5.9.0

The paGO Commerce plugin 2.5.9.0 for Joomla! allows SQL Injection via the administrator/index.php?option=com_pago&view=comments filter_published parameter.

8.8
2020-09-17 CVE-2020-0321 Google Use of Uninitialized Resource vulnerability in Google Android 11.0

In the mp3 extractor, there is a possible out of bounds write due to uninitialized data.

8.8
2020-09-17 CVE-2020-0303 Google Improper Locking vulnerability in Google Android 11.0

In the Media extractor, there is a possible use after free due to improper locking.

8.8
2020-09-17 CVE-2020-0264 Google Integer Overflow or Wraparound vulnerability in Google Android 11.0

In libstagefright, there is a possible out of bounds write due to an integer overflow.

8.8
2020-09-17 CVE-2020-25728 Alfresco Weak Password Recovery Mechanism for Forgotten Password vulnerability in Alfresco Reset Password

The Reset Password add-on before 1.2.0 for Alfresco has a broken algorithm (involving an increment) that allows a malicious user to change any user's account password include the admin account.

8.8
2020-09-17 CVE-2020-11804 Titanhq Code Injection vulnerability in Titanhq Spamtitan 7.07

An issue was discovered in Titan SpamTitan 7.07.

8.8
2020-09-17 CVE-2020-11803 Titanhq Code Injection vulnerability in Titanhq Spamtitan 7.07

An issue was discovered in Titan SpamTitan 7.07.

8.8
2020-09-17 CVE-2020-11699 Titanhq OS Command Injection vulnerability in Titanhq Spamtitan 7.07

An issue was discovered in Titan SpamTitan 7.07.

8.8
2020-09-17 CVE-2020-0245 Google Out-of-bounds Write vulnerability in Google Android

In DecodeFrameCombinedMode of combined_decode.cpp, there is a possible out of bounds write due to a heap buffer overflow.

8.8
2020-09-17 CVE-2020-13948 Apache Unspecified vulnerability in Apache Superset

While investigating a bug report on Apache Superset, it was determined that an authenticated user could craft requests via a number of templated text fields in the product that would allow arbitrary access to Python’s `os` package in the web application process in versions < 0.37.1.

8.8
2020-09-16 CVE-2020-24373 Free Cross-Site Request Forgery (CSRF) vulnerability in Free products

A CSRF vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3.

8.8
2020-09-16 CVE-2020-6146 Gonitro Out-of-bounds Write vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300

An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13.2.242 and 13.16.2.300.

8.8
2020-09-16 CVE-2020-13259 RAD Cross-Site Request Forgery (CSRF) vulnerability in RAD Secflow-1V Firmware Osimagesf02902.3.01.26

A vulnerability in the web-based management interface of RAD SecFlow-1v os-image SF_0290_2.3.01.26 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.

8.8
2020-09-16 CVE-2020-25040 Sylabs
Opensuse
Exposure of Resource to Wrong Sphere vulnerability in multiple products

Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different vulnerability than CVE-2020-25039.

8.8
2020-09-16 CVE-2020-14306 Istio Operator Project Missing Authorization vulnerability in Istio-Operator Project Istio-Operator

An incorrect access control flaw was found in the operator, openshift-service-mesh/istio-rhel8-operator all versions through 1.1.3.

8.8
2020-09-16 CVE-2020-7530 Schneider Electric Unspecified vulnerability in Schneider-Electric Scadapack 7X Remote Connect 3.6.3.574

A CWE-285 Improper Authorization vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows improper access to executable code folders.

8.8
2020-09-16 CVE-2020-2276 Jenkins OS Command Injection vulnerability in Jenkins Selection Tasks 1.0

Jenkins Selection tasks Plugin 1.0 and earlier executes a user-specified program on the Jenkins controller, allowing attackers with Job/Configure permission to execute an arbitrary system command on the Jenkins controller as the OS user that the Jenkins process is running as.

8.8
2020-09-16 CVE-2020-2268 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Mongodb

A cross-site request forgery (CSRF) vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller.

8.8
2020-09-16 CVE-2020-2261 Jenkins OS Command Injection vulnerability in Jenkins Perfecto

Jenkins Perfecto Plugin 1.17 and earlier executes a command on the Jenkins controller, allowing attackers with Job/Configure permission to run arbitrary commands on the Jenkins controller

8.8
2020-09-15 CVE-2020-25453 Blackcat CMS Cross-Site Request Forgery (CSRF) vulnerability in Blackcat-Cms Blackcat CMS

An issue was discovered in BlackCat CMS before 1.4.

8.8
2020-09-15 CVE-2020-15172 Fluffycogs Project Unspecified vulnerability in Fluffycogs Project Fluffycogs

The Act module for Red Discord Bot before commit 6b9f3b86 is vulnerable to Remote Code Execution.

8.8
2020-09-15 CVE-2020-4521 IBM Deserialization of Untrusted Data vulnerability in IBM Maximo Asset Management

IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in Java.

8.8
2020-09-15 CVE-2020-23451 Spiceworks Cross-Site Request Forgery (CSRF) vulnerability in Spiceworks

Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function.

8.8
2020-09-14 CVE-2020-13309 Gitlab Server-Side Request Forgery (SSRF) vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

8.8
2020-09-14 CVE-2020-10229 Vtenext Cross-Site Request Forgery (CSRF) vulnerability in Vtenext 19

A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts.

8.8
2020-09-14 CVE-2020-10228 Vtenext Unrestricted Upload of File with Dangerous Type vulnerability in Vtenext 19

A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution.

8.8
2020-09-14 CVE-2020-25379 Recall Products Project SQL Injection vulnerability in Recall-Products Project Recall-Products 0.8

Wordpress Plugin Store / Mike Rooijackers Recall Products V0.8 fails to sanitize input from the 'Manufacturer[]' parameter which allows an authenticated attacker to inject a malicious SQL query.

8.8
2020-09-18 CVE-2020-15958 1Crm Authorization Bypass Through User-Controlled Key vulnerability in 1Crm 8.5.7/8.6.7

An issue was discovered in 1CRM System through 8.6.7.

8.6
2020-09-16 CVE-2020-4409 IBM Open Redirect vulnerability in IBM products

IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack.

8.2
2020-09-19 CVE-2020-25788 TT RSS Inclusion of Functionality from Untrusted Control Sphere vulnerability in Tt-Rss Tiny RSS 17.4

An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16.

8.1
2020-09-18 CVE-2020-25744 Safervpn Link Following vulnerability in Safervpn 4.2.5/5.0.2.20

SaferVPN before 5.0.3.3 on Windows could allow low-privileged users to create or overwrite arbitrary files, which could cause a denial of service (DoS) condition, because a symlink from %LOCALAPPDATA%\SaferVPN\Log is followed.

8.1
2020-09-17 CVE-2020-24750 Fasterxml
Oracle
Debian
Deserialization of Untrusted Data vulnerability in multiple products

FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration.

8.1
2020-09-16 CVE-2020-25039 Sylabs
Opensuse
Exposure of Resource to Wrong Sphere vulnerability in multiple products

Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution.

8.1
2020-09-14 CVE-2020-13299 Gitlab Insufficient Session Expiration vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

8.1
2020-09-14 CVE-2020-8817 Dataiku Unspecified vulnerability in Dataiku Data Science Studio

Dataiku DSS before 6.0.5 allows attackers write access to the project to modify the "Created by" metadata.

8.1
2020-09-15 CVE-2020-4703 IBM Unrestricted Upload of File with Dangerous Type vulnerability in IBM Spectrum Protect Plus

IBM Spectrum Protect Plus 10.1.0 through 10.1.6 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server.

8.0
2020-09-18 CVE-2020-8252 Nodejs
Opensuse
Fedoraproject
Classic Buffer Overflow vulnerability in multiple products

The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is longer than 256 bytes.

7.8
2020-09-18 CVE-2020-11861 Microfocus Unspecified vulnerability in Microfocus Operations Agent

Unauthorized escalation of local privileges vulnerability on Micro Focus Operation Agent, affecting all versions prior to versions 12.11.

7.8
2020-09-18 CVE-2020-3979 Installbuilder Uncontrolled Search Path Element vulnerability in Installbuilder

InstallBuilder for Qt Windows (versions prior to 20.7.0) installers look for plugins at a predictable location at initialization time, writable by non-admin users.

7.8
2020-09-18 CVE-2020-0405 Google Improper Preservation of Permissions vulnerability in Google Android 11.0

In NetworkStackNotifier, there is a possible permissions bypass due to an unsafe implicit PendingIntent.

7.8
2020-09-18 CVE-2020-0319 Google Out-of-bounds Write vulnerability in Google Android 11.0

In NFC, there is a possible out of bounds write due to a missing bounds check.

7.8
2020-09-18 CVE-2020-0299 Google Missing Authorization vulnerability in Google Android 11.0

In Bluetooth, there is a possible spoofing of bluetooth device metadata due to a missing permission check.

7.8
2020-09-18 CVE-2020-0298 Google Missing Authorization vulnerability in Google Android 11.0

In Bluetooth, there is a possible control over Bluetooth enabled state due to a missing permission check.

7.8
2020-09-18 CVE-2020-0273 Google Out-of-bounds Write vulnerability in Google Android 11.0

In hwservicemanager, there is a possible out of bounds write due to freeing a wild pointer.

7.8
2020-09-18 CVE-2020-0262 Google Unspecified vulnerability in Google Android 11.0

In WiFi tethering, there is a possible attacker controlled intent due to an unsafe PendingIntent.

7.8
2020-09-18 CVE-2020-0089 Google Missing Authorization vulnerability in Google Android 11.0

In the audio server, there is a missing permission check.

7.8
2020-09-17 CVE-2020-0406 Google Out-of-bounds Write vulnerability in Google Android 11.0

In libmpeg2dec, there is a possible out of bounds write due to a missing bounds check.

7.8
2020-09-17 CVE-2020-0375 Google Missing Authorization vulnerability in Google Android 11.0

In Telephony, there is a possible permission bypass due to a missing permission check.

7.8
2020-09-17 CVE-2020-0374 Google Incorrect Default Permissions vulnerability in Google Android 11.0

In NFC, there is a possible permission bypass due to an unsafe PendingIntent.

7.8
2020-09-17 CVE-2020-0369 Google Integer Overflow or Wraparound vulnerability in Google Android 11.0

In libavb, there is a possible out of bounds write due to an integer overflow.

7.8
2020-09-17 CVE-2020-0366 Google Improper Restriction of Rendered UI Layers or Frames vulnerability in Google Android 11.0

In PackageInstaller, there is a possible permissions bypass due to a tapjacking vulnerability.

7.8
2020-09-17 CVE-2020-0360 Google Unspecified vulnerability in Google Android 11.0

In Notification Access Confirmation, there is a possible permissions bypass due to uninformed consent.

7.8
2020-09-17 CVE-2020-0357 Google Improper Locking vulnerability in Google Android 11.0

In SurfaceFlinger, there is a possible use-after-free due to improper locking.

7.8
2020-09-17 CVE-2020-0346 Google Integer Overflow or Wraparound vulnerability in Google Android 11.0

In Mediaserver, there is a possible out of bounds write due to an integer overflow.

7.8
2020-09-17 CVE-2020-0345 Google Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 11.0

In DocumentsUI, there is a possible permission bypass due to a confused deputy.

7.8
2020-09-17 CVE-2020-0341 Google Missing Authorization vulnerability in Google Android 11.0

In DisplayManager, there is a possible permission bypass due to a missing permission check.

7.8
2020-09-17 CVE-2020-0306 Google Unspecified vulnerability in Google Android 11.0

In LLVM, there is a possible ineffective stack cookie placement due to stack frame double reservation.

7.8
2020-09-17 CVE-2020-0277 Google Missing Authorization vulnerability in Google Android 11.0

In NetworkPolicyManagerService, there is a possible permissions bypass due to a missing permission check.

7.8
2020-09-17 CVE-2020-0275 Google Incorrect Default Permissions vulnerability in Google Android 11.0

In MediaProvider, there is a possible way to access ContentResolver and MediaStore entries the app shouldn't have access to due to a permissions bypass.

7.8
2020-09-17 CVE-2020-0267 Google Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 11.0

In WindowManager, there is a possible launch of an unexpected app due to a confused deputy.

7.8
2020-09-17 CVE-2020-0266 Google Missing Authorization vulnerability in Google Android 11.0

In factory reset protection, there is a possible FRP bypass due to a missing permission check.

7.8
2020-09-17 CVE-2020-0130 Google Command Injection vulnerability in Google Android 11.0

In screencap, there is a possible command injection due to improper input validation.

7.8
2020-09-17 CVE-2020-0434 Google Use After Free vulnerability in Google Android

In Pixel's use of the Catpipe library, there is possible memory corruption due to a use after free.

7.8
2020-09-17 CVE-2020-0433 Google Improper Locking vulnerability in Google Android

In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use after free due to improper locking.

7.8
2020-09-17 CVE-2020-0432 Google
Opensuse
Integer Overflow or Wraparound vulnerability in multiple products

In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow.

7.8
2020-09-17 CVE-2020-0430 Google Out-of-bounds Read vulnerability in Google Android

In skb_headlen of /include/linux/skbuff.h, there is a possible out of bounds read due to memory corruption.

7.8
2020-09-17 CVE-2020-0387 Google Missing Authorization vulnerability in Google Android

In manifest files of the SmartSpace package, there is a possible tapjacking vector due to a missing permission check.

7.8
2020-09-17 CVE-2020-0401 Google Missing Authorization vulnerability in Google Android

In setInstallerPackageName of PackageManagerService.java, there is a missing permission check.

7.8
2020-09-17 CVE-2020-0394 Google Insecure Default Initialization of Resource vulnerability in Google Android

In onCreate of BluetoothPairingDialog.java, there is a possible tapjacking vector due to an insecure default value.

7.8
2020-09-17 CVE-2020-0392 Google Double Free vulnerability in Google Android 10.0/9.0

In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code execution due to a double free.

7.8
2020-09-17 CVE-2020-0391 Google Unspecified vulnerability in Google Android 10.0/9.0

In applyPolicy of PackageManagerService.java, there is possible arbitrary command execution as System due to an unenforced protected-broadcast.

7.8
2020-09-17 CVE-2020-0388 Google Incorrect Default Permissions vulnerability in Google Android 10.0/11.0

In createEmergencyLocationUserNotification of GnssVisibilityControl.java, there is a possible permissions bypass due to an empty mutable PendingIntent.

7.8
2020-09-17 CVE-2020-0074 Google Improper Privilege Management vulnerability in Google Android

In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains.

7.8
2020-09-17 CVE-2020-6116 Gonitro Incorrect Calculation of Buffer Size vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300

An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242.

7.8
2020-09-17 CVE-2020-6115 Gonitro Use After Free vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300

An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242.

7.8
2020-09-17 CVE-2020-6113 Gonitro Incorrect Calculation of Buffer Size vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300

An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its cross-reference table.

7.8
2020-09-17 CVE-2020-6112 Gonitro Unspecified vulnerability in Gonitro Nitro PRO 13.13.2.242/13.16.2.300

An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when decoding sub-samples.

7.8
2020-09-16 CVE-2020-7532 Schneider Electric Deserialization of Untrusted Data vulnerability in Schneider-Electric Scadapack X70 Security Administrator 1.2.0

A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack x70 Security Administrator (V1.2.0 and prior) which could allow arbitrary code execution when an attacker builds a custom .SDB file containing a malicious serialized buffer.

7.8
2020-09-16 CVE-2020-7531 Schneider Electric Unspecified vulnerability in Schneider-Electric Scadapack 7X Remote Connect 3.6.3.574

A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows an attacker to place executables in a specific folder and run code whenever RemoteConnect is executed by the user.

7.8
2020-09-16 CVE-2020-7528 Schneider Electric Unspecified vulnerability in Schneider-Electric Scadapack 7X Remote Connect 3.6.3.574

A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which could allow arbitrary code execution when an attacker builds a custom .PRJ file containing a malicious serialized buffer.

7.8
2020-09-16 CVE-2020-24889 Libraw Classic Buffer Overflow vulnerability in Libraw

A buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::GetNormalizedModel in src/metadata/normalize_model.cpp may lead to context-dependent arbitrary code execution.

7.8
2020-09-16 CVE-2020-14382 Cryptsetup Project
Redhat
Canonical
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container.

7.8
2020-09-16 CVE-2020-25559 Gnuplot Project Double Free vulnerability in Gnuplot Project Gnuplot 5.5.0

gnuplot 5.5 is affected by double free when executing print_set_output.

7.8
2020-09-16 CVE-2020-14386 Linux
Debian
Fedoraproject
Opensuse
Out-of-bounds Write vulnerability in multiple products

A flaw was found in the Linux kernel before 5.9-rc4.

7.8
2020-09-15 CVE-2020-14362 X ORG
Redhat
Canonical
Integer Underflow (Wrap or Wraparound) vulnerability in multiple products

A flaw was found in X.Org Server before xorg-x11-server 1.20.9.

7.8
2020-09-15 CVE-2020-14361 X ORG
Redhat
Canonical
Integer Underflow (Wrap or Wraparound) vulnerability in multiple products

A flaw was found in X.Org Server before xorg-x11-server 1.20.9.

7.8
2020-09-15 CVE-2020-14346 X ORG
Redhat
Canonical
Integer Underflow (Wrap or Wraparound) vulnerability in multiple products

A flaw was found in xorg-x11-server before 1.20.9.

7.8
2020-09-15 CVE-2020-14345 X ORG
Canonical
A flaw was found in X.Org Server before xorg-x11-server 1.20.9.
7.8
2020-09-15 CVE-2020-16096 Gallagher Unspecified vulnerability in Gallagher Command Centre

In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to 7.90.991(MR5), 7.80 prior to 7.80.960(MR2), 7.70 and earlier, any operator account has access to all data that would be replicated if the system were to be (or is) attached to a multi-server environment.

7.7
2020-09-14 CVE-2020-24457 Intel Unspecified vulnerability in Intel products

Logic error in BIOS firmware for 8th, 9th and 10th Generation Intel(R) Core(TM) Processors may allow an unauthenticated user to potentially enable escalation of privilege, denial of service and/or information disclosure via physical access.

7.6
2020-09-19 CVE-2020-25796 Sized Chunks Project Improper Validation of Array Index vulnerability in Sized-Chunks Project Sized-Chunks

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust.

7.5
2020-09-19 CVE-2020-25795 Sized Chunks Project Memory Leak vulnerability in Sized-Chunks Project Sized-Chunks

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust.

7.5
2020-09-19 CVE-2020-25794 Sized Chunks Project Memory Leak vulnerability in Sized-Chunks Project Sized-Chunks

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust.

7.5
2020-09-19 CVE-2020-25793 Sized Chunks Project Improper Validation of Array Index vulnerability in Sized-Chunks Project Sized-Chunks

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust.

7.5
2020-09-19 CVE-2020-25792 Sized Chunks Project Improper Validation of Array Index vulnerability in Sized-Chunks Project Sized-Chunks

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust.

7.5
2020-09-19 CVE-2020-25791 Sized Chunks Project Improper Validation of Array Index vulnerability in Sized-Chunks Project Sized-Chunks

An issue was discovered in the sized-chunks crate through 0.6.2 for Rust.

7.5
2020-09-18 CVE-2020-8253 Citrix Improper Authentication vulnerability in Citrix Xenmobile Server

Improper authentication in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 leads to the ability to access sensitive files.

7.5
2020-09-18 CVE-2020-8251 Nodejs
Fedoraproject
Resource Exhaustion vulnerability in multiple products

Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests submission which can make the server unable to accept new connections.

7.5
2020-09-18 CVE-2020-8246 Citrix Resource Exhaustion vulnerability in Citrix products

Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b are vulnerable to a denial of service attack originating from the management network.

7.5
2020-09-18 CVE-2020-8237 Json Bigint Project Resource Exhaustion vulnerability in Json-Bigint Project Json-Bigint

Prototype pollution in json-bigint npm package < 1.0.0 may lead to a denial-of-service (DoS) attack.

7.5
2020-09-18 CVE-2020-8225 Nextcloud Cleartext Storage of Sensitive Information vulnerability in Nextcloud Desktop

A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away information about used proxies and their authentication credentials.

7.5
2020-09-18 CVE-2020-25766 Misp Unspecified vulnerability in Misp

An issue was discovered in MISP before 2.4.132.

7.5
2020-09-18 CVE-2020-14029 Ozeki XXE vulnerability in Ozeki NG SMS Gateway

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6.

7.5
2020-09-18 CVE-2020-0300 Google Use of Uninitialized Resource vulnerability in Google Android 11.0

In NFC, there is a possible out of bounds read due to uninitialized data.

7.5
2020-09-18 CVE-2020-0286 Google Incomplete Cleanup vulnerability in Google Android 11.0

In Bluetooth AVRCP, there is a possible leak of audio metadata due to residual data.

7.5
2020-09-18 CVE-2020-5976 Nvidia Unspecified vulnerability in Nvidia Games and Geforce NOW

NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, Shield TV), contains a vulnerability in the application software where the network test component transmits sensitive information insecurely, which may lead to information disclosure.

7.5
2020-09-18 CVE-2020-5975 Nvidia Information Exposure vulnerability in Nvidia Geforce NOW

NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the desktop application software that includes sensitive information as part of a URL, which may lead to information disclosure.

7.5
2020-09-18 CVE-2020-15775 Gradle Insecure Storage of Sensitive Information vulnerability in Gradle Enterprise

An issue was discovered in Gradle Enterprise 2017.1 - 2020.2.4.

7.5
2020-09-18 CVE-2020-15771 Gradle Missing Encryption of Sensitive Data vulnerability in Gradle Enterprise and Enterprise Cache Node

An issue was discovered in Gradle Enterprise 2018.2 and Gradle Enterprise Build Cache Node 4.1.

7.5
2020-09-18 CVE-2020-15768 Gradle Unspecified vulnerability in Gradle Enterprise and Enterprise Cache Node

An issue was discovered in Gradle Enterprise 2017.3 - 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 - 9.2.

7.5
2020-09-18 CVE-2020-25750 Dotplant XXE vulnerability in Dotplant Dotplant2

An issue was discovered in DotPlant2 before 2020-09-14.

7.5
2020-09-18 CVE-2020-25733 Webtareas Project Unrestricted Upload of File with Dangerous Type vulnerability in Webtareas Project Webtareas 2.0/2.1

webTareas through 2.1 allows upload of the dangerous .exe and .shtml file types.

7.5
2020-09-17 CVE-2020-25727 Flexsolution SQL Injection vulnerability in Flexsolution Reset Password 1.1.0

The Reset Password add-on before 1.2.0 for Alfresco suffers from CMIS-SQL Injection, which allows a malicious user to inject a query within the email input field.

7.5
2020-09-17 CVE-2020-0381 Google Integer Overflow or Wraparound vulnerability in Google Android

In Parse_wave of eas_mdls.c, there is a possible out of bounds write due to an integer overflow.

7.5
2020-09-16 CVE-2020-16233 Wibu Unspecified vulnerability in Wibu Codemeter

An attacker could send a specially crafted packet that could have CodeMeter (All versions prior to 7.10) send back packets containing data from the heap.

7.5
2020-09-16 CVE-2020-14519 Wibu Unspecified vulnerability in Wibu Codemeter 6.50A/6.81/6.90

This vulnerability allows an attacker to use the internal WebSockets API for CodeMeter (All versions prior to 7.00 are affected, including Version 7.0 or newer with the affected WebSockets API still enabled.

7.5
2020-09-16 CVE-2020-14515 Wibu Unspecified vulnerability in Wibu Codemeter 6.50A/6.81

CodeMeter (All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code) has an issue in the license-file signature checking mechanism, which allows attackers to build arbitrary license files, including forging a valid license file as if it were a valid license file of an existing vendor.

7.5
2020-09-16 CVE-2020-14513 Wibu Unspecified vulnerability in Wibu Codemeter 6.50A

CodeMeter (All versions prior to 6.81) and the software using it may crash while processing a specifically crafted license file due to unverified length fields.

7.5
2020-09-16 CVE-2020-10718 Redhat Unspecified vulnerability in Redhat Jboss Fuse and Wildfly

A flaw was found in Wildfly before wildfly-embedded-13.0.0.Final, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL).

7.5
2020-09-16 CVE-2020-1748 Redhat Unspecified vulnerability in Redhat Wildfly Elytron

A flaw was found in all supported versions before wildfly-elytron-1.6.8.Final-redhat-00001, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization.

7.5
2020-09-16 CVE-2020-10758 Redhat Allocation of Resources Without Limits or Throttling vulnerability in Redhat products

A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body.

7.5
2020-09-16 CVE-2020-7733 UA Parser JS Project
Oracle
Resource Exhaustion vulnerability in multiple products

The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA.

7.5
2020-09-15 CVE-2020-16101 Gallagher Out-of-bounds Read vulnerability in Gallagher Command Centre

It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service due to an out-of-bounds buffer access.

7.5
2020-09-15 CVE-2020-16100 Gallagher Improper Resource Shutdown or Release vulnerability in Gallagher Command Centre

It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service's DCOM websocket thread due to improper shutdown of closed websocket connections, preventing it from accepting future DCOM websocket (Configuration Client) connections.

7.5
2020-09-15 CVE-2020-24925 Elkarbackup Information Exposure Through an Error Message vulnerability in Elkarbackup 1.3.3

A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3.

7.5
2020-09-14 CVE-2020-15590 Privateinternetaccess Incorrect Authorization vulnerability in Privateinternetaccess Private Internet Access VPN Client 1.5.0

A vulnerability in the Private Internet Access (PIA) VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic.

7.5
2020-09-14 CVE-2020-13315 Gitlab Unspecified vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

7.5
2020-09-14 CVE-2020-13306 Gitlab Allocation of Resources Without Limits or Throttling vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

7.5
2020-09-14 CVE-2020-11881 Mikrotik Improper Validation of Array Index vulnerability in Mikrotik Routeros

An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964.

7.5
2020-09-14 CVE-2020-25574 Hyper Infinite Loop vulnerability in Hyper Http

An issue was discovered in the http crate before 0.1.20 for Rust.

7.5
2020-09-14 CVE-2019-0233 Apache
Oracle
Improper Preservation of Permissions vulnerability in multiple products

An access permission override in Apache Struts 2.0.0 to 2.5.20 may cause a Denial of Service when performing a file upload.

7.5
2020-09-14 CVE-2020-12789 Microchip Use of Hard-coded Credentials vulnerability in Microchip products

The Secure Monitor in Microchip Atmel ATSAMA5 products use a hardcoded key to encrypt and authenticate secure applets.

7.5
2020-09-14 CVE-2020-12788 Microchip Information Exposure Through Discrepancy vulnerability in Microchip products

CMAC verification functionality in Microchip Atmel ATSAMA5 products is vulnerable to vulnerable to timing and power analysis attacks.

7.5
2020-09-14 CVE-2020-12787 Microchip Unspecified vulnerability in Microchip products

Microchip Atmel ATSAMA5 products in Secure Mode allow an attacker to bypass existing security mechanisms related to applet handling.

7.5
2020-09-14 CVE-2020-25540 Thinkadmin Path Traversal vulnerability in Thinkadmin 6.0

ThinkAdmin v6 is affected by a directory traversal vulnerability.

7.5
2020-09-18 CVE-2020-8201 Nodejs
Opensuse
Fedoraproject
HTTP Request Smuggling vulnerability in multiple products

Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users.

7.4
2020-09-16 CVE-2020-6781 Bosch Improper Certificate Validation vulnerability in Bosch Smart Home

Improper certificate validation for certain connections in the Bosch Smart Home System App for iOS prior to version 9.17.1 potentially allows to intercept video contents by performing a man-in-the-middle attack.

7.4
2020-09-18 CVE-2020-0271 Google Insecure Default Initialization of Resource vulnerability in Google Android 11.0

In the Settings app, there is an insecure default value.

7.3
2020-09-17 CVE-2020-25490 Sqreen Improper Verification of Cryptographic Signature vulnerability in Sqreen PHP Microagent

Lack of cryptographic signature verification in the Sqreen PHP agent daemon before 1.16.0 makes it easier for remote attackers to inject rules for execution inside the virtual machine.

7.3
2020-09-16 CVE-2020-10733 Postgresql Untrusted Search Path vulnerability in Postgresql

The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths.

7.3
2020-09-14 CVE-2020-13318 Gitlab Unspecified vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.0.12, 13.1.10, 13.2.8 and 13.3.4.

7.3
2020-09-14 CVE-2020-0570 QT
Redhat
Untrusted Search Path vulnerability in multiple products

Uncontrolled search path in the QT Library before 5.14.0, 5.12.7 and 5.9.10 may allow an authenticated user to potentially enable elevation of privilege via local access.

7.3
2020-09-19 CVE-2020-25790 Typesettercms Unrestricted Upload of File with Dangerous Type vulnerability in Typesettercms Typesetter 5.0/5.0.1/5.1

Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive.

7.2
2020-09-18 CVE-2020-15189 Brassica Unspecified vulnerability in Brassica SOY CMS

SOY CMS 3.0.2 and earlier is affected by Remote Code Execution (RCE) using Unrestricted File Upload.

7.2
2020-09-17 CVE-2020-24046 Titanhq Improper Privilege Management vulnerability in Titanhq Spamtitan 7.07

A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07.

7.2
2020-09-17 CVE-2020-24045 Titanhq Insufficient Verification of Data Authenticity vulnerability in Titanhq Spamtitan 7.07

A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07.

7.2
2020-09-15 CVE-2020-11977 Apache Unspecified vulnerability in Apache Syncope

In Apache Syncope 2.1.X releases prior to 2.1.7, when the Flowable extension is enabled, an administrator with workflow entitlements can use Shell Service Tasks to perform malicious operations, including but not limited to file read, file write, and code execution.

7.2
2020-09-14 CVE-2020-13304 Gitlab Use of Insufficiently Random Values vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

7.2
2020-09-14 CVE-2020-13302 Gitlab Insufficient Session Expiration vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

7.2
2020-09-18 CVE-2020-16247 Philips Exposure of Resource to Wrong Sphere vulnerability in Philips Clinical Collaboration Platform 12.2.1

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.

7.1
2020-09-18 CVE-2020-9745 Adobe Out-of-bounds Read vulnerability in Adobe Media Encoder

Adobe Media Encoder version 14.3.2 (and earlier versions) has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or disclosure of sensitive information from other memory locations.

7.1
2020-09-18 CVE-2020-9744 Adobe Out-of-bounds Read vulnerability in Adobe Media Encoder

Adobe Media Encoder version 14.3.2 (and earlier versions) has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or disclosure of sensitive information from other memory locations.

7.1
2020-09-18 CVE-2020-9739 Adobe Out-of-bounds Read vulnerability in Adobe Media Encoder

Adobe Media Encoder version 14.3.2 (and earlier versions) has an out-of-bounds read vulnerability that could be exploited to read past the end of an allocated buffer, possibly resulting in a crash or disclosure of sensitive information from other memory locations.

7.1
2020-09-16 CVE-2020-14393 Perl
Opensuse
Debian
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

A buffer overflow was found in perl-DBI < 1.643 in DBI.xs.

7.1
2020-09-15 CVE-2020-8342 Lenovo Race Condition vulnerability in Lenovo System Update

A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allow escalation of privilege.

7.0

237 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-18 CVE-2020-15774 Gradle Insufficient Session Expiration vulnerability in Gradle Enterprise

An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4.

6.8
2020-09-14 CVE-2020-11683 Linux4Sam Information Exposure Through Discrepancy vulnerability in Linux4Sam At91Bootstrap

A timing side channel was discovered in AT91bootstrap before 3.9.2.

6.8
2020-09-18 CVE-2020-0350 Google Out-of-bounds Write vulnerability in Google Android 11.0

In NFC, there is a possible out of bounds write due to a missing bounds check.

6.7
2020-09-18 CVE-2020-0347 Google Out-of-bounds Write vulnerability in Google Android 11.0

In iptables, there is a possible out of bounds write due to an incorrect bounds check.

6.7
2020-09-18 CVE-2020-0335 Google Out-of-bounds Write vulnerability in Google Android 11.0

In NFC, there is a possible out of bounds write due to a missing bounds check.

6.7
2020-09-18 CVE-2020-0334 Google Out-of-bounds Write vulnerability in Google Android 11.0

In NFC, there is a possible out of bounds write due to a missing bounds check.

6.7
2020-09-18 CVE-2020-0326 Google Use of Uninitialized Resource vulnerability in Google Android 11.0

In NFC, there is a possible out of bounds write due to uninitialized data.

6.7
2020-09-18 CVE-2020-0309 Google Integer Overflow or Wraparound vulnerability in Google Android 11.0

In the Bluetooth server, there is a possible out of bounds write due to an integer overflow.

6.7
2020-09-17 CVE-2020-0356 Google Out-of-bounds Write vulnerability in Google Android 11.0

In the Audio HAL, there is a possible out of bounds write due to an incorrect bounds check.

6.7
2020-09-17 CVE-2020-0336 Google Type Confusion vulnerability in Google Android 11.0

In SurfaceFlinger, there is possible memory corruption due to type confusion.

6.7
2020-09-17 CVE-2020-0330 Google Use After Free vulnerability in Google Android 11.0

In iorap, there is a possible memory corruption due to a use after free.

6.7
2020-09-17 CVE-2020-0431 Google
Opensuse
Out-of-bounds Write vulnerability in multiple products

In kbd_keycode of keyboard.c, there is a possible out of bounds write due to a missing bounds check.

6.7
2020-09-17 CVE-2020-0429 Google Use After Free vulnerability in Google Android

In l2tp_session_delete and related functions of l2tp_core.c, there is possible memory corruption due to a use after free.

6.7
2020-09-17 CVE-2020-0403 Google Improper Privilege Management vulnerability in Google Android

In the FPC TrustZone fingerprint App, there is a possible invalid command handler due to an exposed test feature.

6.7
2020-09-16 CVE-2020-3980 Vmware Unspecified vulnerability in VMWare Fusion

VMware Fusion (11.x) contains a privilege escalation vulnerability due to the way it allows configuring the system wide path.

6.7
2020-09-15 CVE-2020-14331 Linux
Redhat
A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur.
6.6
2020-09-19 CVE-2020-5421 Vmware
Oracle
Netapp
In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter.
6.5
2020-09-18 CVE-2020-8200 Citrix Improper Authentication vulnerability in Citrix Storefront Server

Improper authentication in Citrix StoreFront Server < 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary files from that server.

6.5
2020-09-18 CVE-2020-9084 Huawei Use After Free vulnerability in Huawei Taurus-An00B Firmware 10.1.0.156

Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a use-after-free (UAF) vulnerability.

6.5
2020-09-18 CVE-2020-16200 Philips Unspecified vulnerability in Philips Clinical Collaboration Platform 12.2.1

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.

6.5
2020-09-18 CVE-2020-24623 HPE SQL Injection vulnerability in HPE Universal API Framework

A potential security vulnerability has been identified in Hewlett Packard Enterprise Universal API Framework.

6.5
2020-09-18 CVE-2020-7358 Rapid7 Uncontrolled Search Path Element vulnerability in Rapid7 Appspider

In AppSpider installer versions prior to 7.2.126, the AppSpider installer calls an executable which can be placed in the appropriate directory by an attacker with access to the local machine.

6.5
2020-09-18 CVE-2020-15773 Gradle Origin Validation Error vulnerability in Gradle Enterprise

An issue was discovered in Gradle Enterprise before 2020.2.4.

6.5
2020-09-18 CVE-2020-5629 Uniqlo Unspecified vulnerability in Uniqlo 7.3.3

UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access an arbitrary website via a malicious App created by the third party.

6.5
2020-09-18 CVE-2020-5628 Uniqlo Unspecified vulnerability in Uniqlo 7.3.3

UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access an arbitrary website via the vulnerable App.

6.5
2020-09-17 CVE-2020-0370 Google Out-of-bounds Read vulnerability in Google Android 11.0

In libAACdec, there is a possible out of bounds read due to missing bounds check.

6.5
2020-09-17 CVE-2020-0364 Google Out-of-bounds Read vulnerability in Google Android 11.0

In libDRCdec, there is a possible out of bounds read due to a missing bounds check.

6.5
2020-09-17 CVE-2020-0363 Google Improper Input Validation vulnerability in Google Android 11.0

In libmedia, there is a possible resource exhaustion due to improper input validation.

6.5
2020-09-17 CVE-2020-0362 Google Improper Input Validation vulnerability in Google Android 11.0

In libstagefright, there is a possible resource exhaustion due to improper input validation.

6.5
2020-09-17 CVE-2020-0361 Google Use of Uninitialized Resource vulnerability in Google Android 11.0

In libDRCdec, there is a possible information disclosure due to uninitialized data.

6.5
2020-09-17 CVE-2020-0355 Google Out-of-bounds Read vulnerability in Google Android 11.0

In libFraunhoferAAC, there is a possible out of bounds read due to a missing bounds check.

6.5
2020-09-17 CVE-2020-0353 Google Allocation of Resources Without Limits or Throttling vulnerability in Google Android 11.0

In libmp4extractor, there is a possible resource exhaustion due to a missing bounds check.

6.5
2020-09-17 CVE-2020-0351 Google Improper Input Validation vulnerability in Google Android 11.0

In libstagefright, there is possible CPU exhaustion due to improper input validation.

6.5
2020-09-17 CVE-2020-0340 Google Use of Uninitialized Resource vulnerability in Google Android 11.0

In libcodec2_soft_mp3dec, there is a possible information disclosure due to uninitialized data.

6.5
2020-09-17 CVE-2020-0332 Google Unspecified vulnerability in Google Android 11.0

In libstagefright, there is a possible dead loop due to an uncaught exception.

6.5
2020-09-17 CVE-2020-0324 Google Out-of-bounds Read vulnerability in Google Android 11.0

In libsonivox, there is a possible out of bounds read due to a missing bounds check.

6.5
2020-09-17 CVE-2020-0320 Google Improper Input Validation vulnerability in Google Android 11.0

In libstagefright, there is a possible resource exhaustion due to improper input validation.

6.5
2020-09-17 CVE-2020-0301 Google Improper Input Validation vulnerability in Google Android 11.0

In libstagefright, there is a possible resource exhaustion due to improper input validation.

6.5
2020-09-17 CVE-2020-0287 Google Improper Input Validation vulnerability in Google Android 11.0

In libmkvextractor, there is a possible resource exhaustion due to a missing bounds check.

6.5
2020-09-17 CVE-2020-0279 Google Out-of-bounds Read vulnerability in Google Android 11.0

In the AAC parser, there is a possible out of bounds read due to a missing bounds check.

6.5
2020-09-17 CVE-2020-0270 Google Out-of-bounds Read vulnerability in Google Android 11.0

In tremolo, there is a possible out of bounds read due to a missing bounds check.

6.5
2020-09-17 CVE-2020-11700 Titanhq Path Traversal vulnerability in Titanhq Spamtitan 7.07

An issue was discovered in Titan SpamTitan 7.07.

6.5
2020-09-16 CVE-2020-25015 Genexis Cross-Site Request Forgery (CSRF) vulnerability in Genexis Platinum 4410 Firmware P4410V21.28

A specific router allows changing the Wi-Fi password remotely.

6.5
2020-09-16 CVE-2020-3990 Vmware Integer Overflow or Wraparound vulnerability in VMWare Horizon Client, Workstation Player and Workstation PRO

VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component.

6.5
2020-09-16 CVE-2020-2278 Jenkins Path Traversal vulnerability in Jenkins Storable Configs 1.0

Jenkins Storable Configs Plugin 1.0 and earlier does not restrict the user-specified file name, allowing attackers with Job/Configure permission to replace any other '.xml' file on the Jenkins controller with a job config.xml file's content.

6.5
2020-09-16 CVE-2020-2277 Jenkins Path Traversal vulnerability in Jenkins Storable Configs 1.0

Jenkins Storable Configs Plugin 1.0 and earlier allows users with Job/Read permission to read arbitrary files on the Jenkins controller.

6.5
2020-09-16 CVE-2020-2275 Jenkins Path Traversal vulnerability in Jenkins Copy Data to Workspace 1.0

Jenkins Copy data to workspace Plugin 1.0 and earlier does not limit which directories can be copied from the Jenkins controller to job workspaces, allowing attackers with Job/Configure permission to read arbitrary files on the Jenkins controller.

6.5
2020-09-16 CVE-2020-2254 Jenkins Path Traversal vulnerability in Jenkins Blue Ocean

Jenkins Blue Ocean Plugin 1.23.2 and earlier provides an undocumented feature flag that, when enabled, allows an attacker with Job/Configure or Job/Create permission to read arbitrary files on the Jenkins controller file system.

6.5
2020-09-15 CVE-2020-4711 IBM Path Traversal vulnerability in IBM Spectrum Protect Plus

IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote attacker to traverse directories on the system.

6.5
2020-09-15 CVE-2020-13303 Gitlab Improper Authentication vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

6.5
2020-09-15 CVE-2020-8927 Google
Debian
Fedoraproject
Canonical
Opensuse
Microsoft
Classic Buffer Overflow vulnerability in multiple products

A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB.

6.5
2020-09-14 CVE-2020-13310 Gitlab Unspecified vulnerability in Gitlab

A vulnerability was discovered in GitLab runner versions before 13.1.3, 13.2.3 and 13.3.1.

6.5
2020-09-14 CVE-2020-13284 Gitlab Incorrect Authorization vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

6.5
2020-09-18 CVE-2020-0268 Google Use After Free vulnerability in Google Android 11.0

In NFC, there is a possible use-after-free due to a race condition.

6.4
2020-09-17 CVE-2020-0358 Google Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Google Android 11.0

In SurfaceFlinger, there is a possible use after free due to a race condition.

6.4
2020-09-17 CVE-2020-0428 Google Use After Free vulnerability in Google Android

In CamX code, there is a possible use after free due to a race condition.

6.4
2020-09-18 CVE-2020-16198 Philips Unspecified vulnerability in Philips Clinical Collaboration Platform 12.2.1

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.

6.3
2020-09-15 CVE-2019-4671 IBM SQL Injection vulnerability in IBM Maximo Asset Management

IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to SQL injection.

6.3
2020-09-19 CVE-2020-25789 TT RSS Cross-site Scripting vulnerability in Tt-Rss Tiny RSS 17.4

An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16.

6.1
2020-09-19 CVE-2020-25786 Dlink Cross-site Scripting vulnerability in Dlink products

webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header.

6.1
2020-09-18 CVE-2020-8245 Citrix Cross-site Scripting vulnerability in Citrix products

Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b leads to an HTML Injection attack against the SSL VPN web portal.

6.1
2020-09-18 CVE-2020-15769 Gradle Cross-site Scripting vulnerability in Gradle Enterprise 2020.2/2020.2.4

An issue was discovered in Gradle Enterprise 2020.2 - 2020.2.4.

6.1
2020-09-18 CVE-2020-5606 Buffalo Cross-site Scripting vulnerability in Buffalo Airstation Whr-G54S Firmware 1.43

Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to inject arbitrary script via a specially crafted page.

6.1
2020-09-18 CVE-2020-25735 Webtareas Project Cross-site Scripting vulnerability in Webtareas Project Webtareas 2.0/2.1

webTareas through 2.1 allows XSS in clients/editclient.php, extensions/addextension.php, administration/add_announcement.php, administration/departments.php, administration/locations.php, expenses/claim_type.php, projects/editproject.php, and general/newnotifications.php.

6.1
2020-09-17 CVE-2020-13260 RAD Unrestricted Upload of File with Dangerous Type vulnerability in RAD Secflow-1V Firmware Osimagesf02902.3.01.26

A vulnerability in the web-based management interface of RAD SecFlow-1v through 2020-05-21 could allow an authenticated attacker to upload a JavaScript file, with a stored XSS payload, that will remain stored in the system as an OVPN file in Configuration-Services-Security-OpenVPN-Config or as the static key file in Configuration-Services-Security-OpenVPN-Static Keys.

6.1
2020-09-17 CVE-2020-25729 Zoneminder Cross-site Scripting vulnerability in Zoneminder

ZoneMinder before 1.34.21 has XSS via the connkey parameter to download.php or export.php.

6.1
2020-09-17 CVE-2020-13944 Apache Cross-site Scripting vulnerability in Apache Airflow

In Apache Airflow < 1.10.12, the "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit.

6.1
2020-09-16 CVE-2020-13928 Apache Cross-site Scripting vulnerability in Apache Atlas

Apache Atlas before 2.1.0 contain a XSS vulnerability.

6.1
2020-09-16 CVE-2020-10748 Redhat Cross-site Scripting vulnerability in Redhat Keycloak and Single Sign-On

A flaw was found in Keycloak's data filter, in version 10.0.1, where it allowed the processing of data URLs in some circumstances.

6.1
2020-09-16 CVE-2020-3988 Vmware Out-of-bounds Read vulnerability in VMWare Horizon Client, Workstation Player and Workstation PRO

VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser).

6.1
2020-09-16 CVE-2020-3987 Vmware Out-of-bounds Read vulnerability in VMWare Horizon Client, Workstation Player and Workstation PRO

VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMR STRETCHDIBITS parser).

6.1
2020-09-16 CVE-2020-3986 Vmware Out-of-bounds Read vulnerability in VMWare Horizon Client, Workstation Player and Workstation PRO

VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMF Parser).

6.1
2020-09-16 CVE-2014-10402 Perl Incorrect Permission Assignment for Critical Resource vulnerability in Perl DBI

An issue was discovered in the DBI module through 1.643 for Perl.

6.1
2020-09-15 CVE-2020-8340 Lenovo Cross-site Scripting vulnerability in Lenovo Integrated Management Module 2

A cross-site scripting (XSS) vulnerability was discovered in the legacy IBM and Lenovo System x IMM2 (Integrated Management Module 2), prior to version 5.60, embedded Baseboard Management Controller (BMC) web interface during an internal security review.

6.1
2020-09-15 CVE-2020-8339 IBM Cross-site Scripting vulnerability in IBM Bladecenter Advanced Management Module Firmware 3.68I

A cross-site scripting inclusion (XSSI) vulnerability was reported in the legacy IBM BladeCenter Advanced Management Module (AMM) web interface prior to version 3.68n [BPET68N].

6.1
2020-09-14 CVE-2020-10227 Vtenext Cross-site Scripting vulnerability in Vtenext 19

A cross-site scripting (XSS) vulnerability in the messages module of vtecrm vtenext 19 CE allows attackers to inject arbitrary JavaScript code via the From field of an email.

6.1
2020-09-14 CVE-2019-14758 Kaiostech Cross-site Scripting vulnerability in Kaiostech Kaios 2.5/2.5.1

An issue was discovered in KaiOS 2.5 and 2.5.1.

6.1
2020-09-14 CVE-2019-14757 Kaiostech Cross-site Scripting vulnerability in Kaiostech Kaios 2.5/2.5.1

An issue was discovered in KaiOS 2.5 and 2.5.1.

6.1
2020-09-14 CVE-2019-14756 Kaiostech Cross-site Scripting vulnerability in Kaiostech Kaios 1.0/2.5/2.5.12.5

An issue was discovered in KaiOS 1.0, 2.5, and 2.5.12.5.

6.1
2020-09-14 CVE-2020-21845 Codoforum Cross-site Scripting vulnerability in Codoforum 4.8.3

Codoforum 4.8.3 allows HTML Injection in the 'admin dashboard Manage users Section.'

6.1
2020-09-14 CVE-2020-25378 Accesspressthemes Cross-site Scripting vulnerability in Accesspressthemes WP Floating Menu 1.3.0

Wordpress Plugin Store / AccessPress Themes WP Floating Menu V1.3.0 is affected by: Cross Site Scripting (XSS) via the id GET parameter.

6.1
2020-09-14 CVE-2020-22158 Mediakind Cross-site Scripting vulnerability in Mediakind Rx8200 Firmware 5.13.3

MediaKind (formerly Ericsson) RX8200 5.13.3 devices are vulnerable to multiple reflected and stored XSS.

6.1
2020-09-14 CVE-2020-21733 Sagemcom Cross-site Scripting vulnerability in Sagemcom F@St 3686 Firmware 1.0Hun3.97.0

Sagemcom F@ST3686 v1.0 HUN 3.97.0 has XSS via RgDiagnostics.asp, RgDdns.asp, RgFirewallEL.asp, RgVpnL2tpPptp.asp.

6.1
2020-09-14 CVE-2020-21732 Rukovoditel Cross-site Scripting vulnerability in Rukovoditel 2.6

Rukovoditel Project Management app 2.6 is affected by: Cross Site Scripting (XSS).

6.1
2020-09-14 CVE-2020-21731 Gazie Project Cross-site Scripting vulnerability in Gazie Project Gazie 7.29

Gazie 7.29 is affected by: Cross Site Scripting (XSS) via http://192.168.100.7/gazie/modules/config/admin_utente.php?user_name=amministratore&Update.

6.1
2020-09-15 CVE-2020-10759 Redhat Unspecified vulnerability in Redhat Enterprise Linux 7.0/8.0

A PGP signature bypass flaw was found in fwupd (all versions), which could lead to the installation of unsigned firmware.

6.0
2020-09-14 CVE-2020-13298 Gitlab Unspecified vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

5.8
2020-09-17 CVE-2020-0379 Google Unspecified vulnerability in Google Android

In the Bluetooth service, there is a possible spoofing attack due to a logic error.

5.7
2020-09-16 CVE-2020-7297 Mcafee Improper Authentication vulnerability in Mcafee web Gateway

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected dashboard data via improper access control in the user interface.

5.7
2020-09-15 CVE-2020-7296 Mcafee Improper Authentication vulnerability in Mcafee web Gateway

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to access protected configuration files via improper access control in the user interface.

5.7
2020-09-18 CVE-2020-14390 Linux
Debian
Out-of-bounds Write vulnerability in multiple products

A flaw was found in the Linux kernel in versions before 5.9-rc6.

5.6
2020-09-18 CVE-2020-7945 Puppet Insufficiently Protected Credentials vulnerability in Puppet Continuous Delivery 4.0.0

Local registry credentials were included directly in the CD4PE deployment definition, which could expose these credentials to users who should not have access to them.

5.5
2020-09-18 CVE-2020-0365 Google Out-of-bounds Read vulnerability in Google Android 11.0

In netd, there is a possible out of bounds read due to a missing bounds check.

5.5
2020-09-18 CVE-2020-0331 Google Unspecified vulnerability in Google Android 11.0

In Settings, there is a possible permissions bypass.

5.5
2020-09-18 CVE-2020-0327 Google Missing Authorization vulnerability in Google Android 11.0

In core networking, there is a missing permission check.

5.5
2020-09-18 CVE-2020-0316 Google Missing Authorization vulnerability in Google Android 11.0

In Telephony, there is a missing permission check.

5.5
2020-09-18 CVE-2020-0315 Google Unspecified vulnerability in Google Android 11.0

In Zen Mode, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-18 CVE-2020-0313 Google Unspecified vulnerability in Google Android 11.0

In NotificationManagerService, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-18 CVE-2020-0311 Google Unspecified vulnerability in Google Android 11.0

In InputManagerService, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-18 CVE-2020-0310 Google Unspecified vulnerability in Google Android 11.0

In Settings, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-18 CVE-2020-0307 Google Unspecified vulnerability in Google Android 11.0

In Settings, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-18 CVE-2020-0304 Google Unspecified vulnerability in Google Android 11.0

In Settings, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-18 CVE-2020-0302 Google Unspecified vulnerability in Google Android 11.0

In Settings, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-18 CVE-2020-0295 Google Unspecified vulnerability in Google Android 11.0

In Telecom, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-18 CVE-2020-0294 Google Incorrect Default Permissions vulnerability in Google Android 11.0

In bindWallpaperComponentLocked of WallpaperManagerService.java, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-18 CVE-2020-0285 Google Missing Authorization vulnerability in Google Android 11.0

In Telephony, there is a possible permission bypass due to a missing permission check.

5.5
2020-09-18 CVE-2020-0284 Google Missing Authorization vulnerability in Google Android 11.0

In Telephony, there is a possible permission bypass due to a missing permission check.

5.5
2020-09-18 CVE-2020-0276 Google Missing Authorization vulnerability in Google Android 11.0

In Telephony, there is a possible permission bypass due to a missing permission check.

5.5
2020-09-18 CVE-2020-0269 Google Unspecified vulnerability in Google Android 11.0

In Android Auto Settings, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-18 CVE-2020-0265 Google Missing Authorization vulnerability in Google Android 11.0

In Telephony, there are possible leaks of sensitive data due to missing permission checks.

5.5
2020-09-18 CVE-2020-0263 Google Unspecified vulnerability in Google Android 11.0

In the Accessibility service, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-18 CVE-2020-0318 Google Improper Handling of Exceptional Conditions vulnerability in Google Android 11.0

In the System UI, there is a possible system crash due to an uncaught exception.

5.5
2020-09-18 CVE-2020-15770 Gradle Improper Restriction of Excessive Authentication Attempts vulnerability in Gradle Enterprise 2018.5

An issue was discovered in Gradle Enterprise 2018.5.

5.5
2020-09-17 CVE-2020-0426 Google Unspecified vulnerability in Google Android 11.0

In SyncManager, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-17 CVE-2020-0425 Google Unspecified vulnerability in Google Android 11.0

There is a possible way to view notifications even when the "Lockdown" feature is on.

5.5
2020-09-17 CVE-2020-0372 Google Missing Authorization vulnerability in Google Android 11.0

In ActivityManager, there is a possible access to protected data due to a missing permission check.

5.5
2020-09-17 CVE-2020-0359 Google Out-of-bounds Read vulnerability in Google Android 11.0

In GLESRenderEngine, there is a possible out of bounds read due to a buffer overflow.

5.5
2020-09-17 CVE-2020-0352 Google SQL Injection vulnerability in Google Android 11.0

In MediaProvider, there is a possible permissions bypass due to SQL injection.

5.5
2020-09-17 CVE-2020-0344 Google SQL Injection vulnerability in Google Android 11.0

In MediaProvider, there is a possible permissions bypass due to SQL injection.

5.5
2020-09-17 CVE-2020-0343 Google Missing Authorization vulnerability in Google Android 11.0

In NetworkStatsService, there is a possible access to protected data due to a missing permission check.

5.5
2020-09-17 CVE-2020-0337 Google Unspecified vulnerability in Google Android 11.0

In MediaProvider, there is a possible bypass of a permissions check due to a confused deputy.

5.5
2020-09-17 CVE-2020-0329 Google Out-of-bounds Read vulnerability in Google Android 11.0

In the OMX encoder, there is a possible out of bounds read due to invalid input validation.

5.5
2020-09-17 CVE-2020-0323 Google Out-of-bounds Read vulnerability in Google Android 11.0

In libavb, there is a possible out of bounds read due to a missing bounds check.

5.5
2020-09-17 CVE-2020-0317 Google Missing Authorization vulnerability in Google Android 11.0

In UsageStatsManager, there is a possible access to protected data due to a missing permission check.

5.5
2020-09-17 CVE-2020-0314 Google Missing Authorization vulnerability in Google Android 11.0

In AudioService, there are missing permission checks.

5.5
2020-09-17 CVE-2020-0312 Google Unspecified vulnerability in Google Android 11.0

In Battery Saver, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-17 CVE-2020-0308 Google Unspecified vulnerability in Google Android 11.0

In Window Manager, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-17 CVE-2020-0297 Google Unspecified vulnerability in Google Android 11.0

In devicepolicy service, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-17 CVE-2020-0296 Google Unspecified vulnerability in Google Android 11.0

In ADB server and USB server, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-17 CVE-2020-0293 Google Missing Authorization vulnerability in Google Android 11.0

In Java network APIs, there is possible access to sensitive network state due to a missing permission check.

5.5
2020-09-17 CVE-2020-0290 Google Missing Authorization vulnerability in Google Android 11.0

In PackageManager, there is a missing permission check.

5.5
2020-09-17 CVE-2020-0289 Google Missing Authorization vulnerability in Google Android 11.0

In PackageManager, there is a missing permission check.

5.5
2020-09-17 CVE-2020-0288 Google Missing Authorization vulnerability in Google Android 11.0

In PackageManager, there is a missing permission check.

5.5
2020-09-17 CVE-2020-0274 Google Unspecified vulnerability in Google Android 11.0

In the OMX parser, there is a possible information disclosure due to a returned raw pointer.

5.5
2020-09-17 CVE-2020-0125 Google Out-of-bounds Read vulnerability in Google Android 11.0

In mediadrm, there is a possible out of bounds read due to a missing bounds check.

5.5
2020-09-17 CVE-2020-0427 Google
Debian
Opensuse
Starwindsoftware
Use After Free vulnerability in multiple products

In create_pinctrl of core.c, there is a possible out of bounds read due to a use after free.

5.5
2020-09-17 CVE-2020-0404 Google
Oracle
Improper Privilege Management vulnerability in multiple products

In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause.

5.5
2020-09-17 CVE-2020-0399 Google Unspecified vulnerability in Google Android

In showLimitedSimFunctionWarningNotification of NotificationMgr.java, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-17 CVE-2020-0397 Google Unspecified vulnerability in Google Android

In getNotificationBuilder of CarrierServiceStateTracker.java, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-17 CVE-2020-0396 Google Unspecified vulnerability in Google Android

In various places in Telephony, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-17 CVE-2020-0395 Google Unspecified vulnerability in Google Android

In showNotification of EmergencyCallbackModeService.java, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-17 CVE-2020-0393 Google Out-of-bounds Read vulnerability in Google Android 10.0/9.0

In decrypt and decrypt_1_2 of CryptoPlugin.cpp, there is a possible out of bounds read due to a missing bounds check.

5.5
2020-09-17 CVE-2020-0390 Google Incorrect Default Permissions vulnerability in Google Android 10.0/11.0

In the app zygote SE Policy, there is a possible permissions bypass.

5.5
2020-09-17 CVE-2020-0389 Google Unspecified vulnerability in Google Android 10.0/11.0

In createSaveNotification of RecordingService.java, there is a possible permission bypass due to an unsafe PendingIntent.

5.5
2020-09-17 CVE-2020-0386 Google Insecure Default Initialization of Resource vulnerability in Google Android

In onCreate of RequestPermissionActivity.java, there is a possible tapjacking vector due to an insecure default value.

5.5
2020-09-17 CVE-2020-0385 Google Out-of-bounds Write vulnerability in Google Android

In Parse_insh of eas_mdls.c, there is a possible out of bounds write due to an incorrect bounds check.

5.5
2020-09-17 CVE-2020-0384 Google Out-of-bounds Write vulnerability in Google Android

In Parse_art of eas_mdls.c, there is a possible out of bounds write due to an incorrect bounds check.

5.5
2020-09-17 CVE-2020-0383 Google Out-of-bounds Write vulnerability in Google Android

In Parse_ins of eas_mdls.c, there is a possible out of bounds write due to a missing bounds check.

5.5
2020-09-16 CVE-2020-7529 Schneider Electric Unspecified vulnerability in Schneider-Electric Scadapack 7X Remote Connect 3.6.3.574

A CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Transversal') vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows an attacker to place content in any unprotected folder on the target system using a crafted .RCZ file.

5.5
2020-09-16 CVE-2020-24890 Libraw NULL Pointer Dereference vulnerability in Libraw 0.20.0

libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution.

5.5
2020-09-16 CVE-2020-2274 Jenkins Cleartext Storage of Sensitive Information vulnerability in Jenkins Elastest

Jenkins ElasTest Plugin 1.2.1 and earlier stores its server password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.

5.5
2020-09-16 CVE-2020-14392 Perl
Canonical
Opensuse
Fedoraproject
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An untrusted pointer dereference flaw was found in Perl-DBI < 1.643.

5.5
2020-09-16 CVE-2020-10781 Linux
Debian
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

A flaw was found in the Linux Kernel before 5.8-rc6 in the ZRAM kernel module, where a user with a local account and the ability to read the /sys/class/zram-control/hot_add file can create ZRAM device nodes in the /dev/ directory.

5.5
2020-09-16 CVE-2020-10768 Linux Unspecified vulnerability in Linux Kernel

A flaw was found in the Linux Kernel before 5.8-rc1 in the prctl() function, where it can be used to enable indirect branch speculation after it has been disabled.

5.5
2020-09-15 CVE-2020-10767 Linux Unspecified vulnerability in Linux Kernel

A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier).

5.5
2020-09-15 CVE-2020-10766 Linux Unspecified vulnerability in Linux Kernel

A logic bug flaw was found in Linux kernel before 5.8-rc1 in the implementation of SSBD.

5.5
2020-09-15 CVE-2020-14385 Linux
Debian
Canonical
Incorrect Calculation of Buffer Size vulnerability in multiple products

A flaw was found in the Linux kernel before 5.9-rc4.

5.5
2020-09-15 CVE-2020-14314 Linux
Debian
Canonical
Starwindsoftware
A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing.
5.5
2020-09-15 CVE-2020-8346 Lenovo Incorrect Default Permissions vulnerability in Lenovo System Interface Foundation 1.0.66.0/1.1.18.3/1.1.19.3

A denial of service vulnerability was reported in the Lenovo Vantage component called Lenovo System Interface Foundation prior to version 1.1.19.5 that could allow configuration files to be written to non-standard locations.

5.5
2020-09-14 CVE-2020-7807 LG Improper Validation of Integrity Check Value vulnerability in LG products

A vulnerability that can hijack a DLL file that is loaded during products(LGPCSuite_Setup, IPSFULLHD, LG_ULTRAWIDE, ULTRA_HD_Driver Setup) installation into a DLL file that the hacker wants.

5.5
2020-09-16 CVE-2020-20406 Elementor Cross-site Scripting vulnerability in Elementor Page Builder

A stored XSS vulnerability exists in the Custom Link Attributes control Affect function in Elementor Page Builder 2.9.2 and earlier versions.

5.4
2020-09-16 CVE-2020-2271 Jenkins Cross-site Scripting vulnerability in Jenkins Locked Files Report 1.3/1.5/1.6

Jenkins Locked Files Report Plugin 1.6 and earlier does not escape locked files' names in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

5.4
2020-09-16 CVE-2020-2270 Jenkins Cross-site Scripting vulnerability in Jenkins Clearcase Release 0.1/0.2/0.3

Jenkins ClearCase Release Plugin 0.3 and earlier does not escape the composite baseline in badge tooltip, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

5.4
2020-09-16 CVE-2020-2269 Jenkins Cross-site Scripting vulnerability in Jenkins Chosen-Views-Tabbar 1.0/1.1/1.2

Jenkins chosen-views-tabbar Plugin 1.2 and earlier does not escape view names in the dropdown to select views, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with the ability to configure views.

5.4
2020-09-16 CVE-2020-2266 Jenkins Cross-site Scripting vulnerability in Jenkins Description Column

Jenkins Description Column Plugin 1.3 and earlier does not escape the job description in the column tooltip, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

5.4
2020-09-16 CVE-2020-2265 Jenkins Cross-site Scripting vulnerability in Jenkins Coverage/Complexity Scatter Plot

Jenkins Coverage/Complexity Scatter Plot Plugin 1.1.1 and earlier does not escape the method information in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide report files to the plugin's post-build step.

5.4
2020-09-16 CVE-2020-2264 Jenkins Cross-site Scripting vulnerability in Jenkins Custom JOB Icon 0.1/0.2

Jenkins Custom Job Icon Plugin 0.2 and earlier does not escape the job descriptions in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

5.4
2020-09-16 CVE-2020-2263 Jenkins Cross-site Scripting vulnerability in Jenkins Radiator View

Jenkins Radiator View Plugin 1.29 and earlier does not escape the full name of the jobs in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

5.4
2020-09-16 CVE-2020-2262 Jenkins Cross-site Scripting vulnerability in Jenkins Android Lint

Jenkins Android Lint Plugin 2.6 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide report files to the plugin's post-build step.

5.4
2020-09-16 CVE-2020-2259 Jenkins Cross-site Scripting vulnerability in Jenkins Computer Queue

Jenkins computer-queue-plugin Plugin 1.5 and earlier does not escape the agent name in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Agent/Configure permission.

5.4
2020-09-16 CVE-2020-2257 Jenkins Cross-site Scripting vulnerability in Jenkins Validating String Parameter

Jenkins Validating String Parameter Plugin 2.4 and earlier does not escape various user-controlled fields, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

5.4
2020-09-16 CVE-2020-2256 Jenkins Cross-site Scripting vulnerability in Jenkins Pipeline Maven Integration

Jenkins Pipeline Maven Integration Plugin 3.9.2 and earlier does not escape the upstream job's display name shown as part of a build cause, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.

5.4
2020-09-15 CVE-2020-9416 Tibco Cross-site Scripting vulnerability in Tibco products

The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Desktop, and TIBCO Spotfire Server contains a vulnerability that theoretically allows a legitimate user to inject scripts.

5.4
2020-09-15 CVE-2020-25071 Niftypm Cross-site Scripting vulnerability in Niftypm Nifty 20200826

Nifty Project Management Web Application 2020-08-26 allows XSS, via Add Task, that is rendered upon a Project Home visit.

5.4
2020-09-15 CVE-2020-4530 IBM Cross-site Scripting vulnerability in IBM products

IBM Business Automation Workflow C.D.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 are vulnerable to cross-site scripting.

5.4
2020-09-15 CVE-2020-24924 Elkarbackup Cross-site Scripting vulnerability in Elkarbackup 1.3.3

A Persistent Cross-site Scripting vulnerability is found in ElkarBackup v1.3.3, where an attacker can steal the user session cookie using this vulnerability present on Policies >> action >> Name Parameter

5.4
2020-09-14 CVE-2020-13297 Gitlab Unspecified vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

5.4
2020-09-14 CVE-2020-13289 Gitlab Missing Authentication for Critical Function vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

5.4
2020-09-14 CVE-2020-25380 Recall Products Project Cross-site Scripting vulnerability in Recall-Products Project Recall-Products 0.8

Wordpress Plugin Store / Mike Rooijackers Recall Products V0.8 is affected by: Cross Site Scripting (XSS) via the 'Recall Settings' field in admin.php.

5.4
2020-09-14 CVE-2020-25375 Softrade Cross-site Scripting vulnerability in Softrade WP Smart CRM & Invoices 1.8.7

Wordpress Plugin Store / SoftradeWeb SNC WP SMART CRM V1.8.7 is affected by: Cross Site Scripting via the Business Name field, Tax Code field, First Name field, Address field, Town field, Phone field, Mobile field, Place of Birth field, Web Site field, VAT Number field, Last Name field, Fax field, Email field, and Skype field.

5.4
2020-09-18 CVE-2020-25633 Redhat
Quarkus
Information Exposure Through an Error Message vulnerability in multiple products

A flaw was found in RESTEasy client in all versions of RESTEasy up to 4.5.6.Final.

5.3
2020-09-18 CVE-2020-15767 Gradle Missing Encryption of Sensitive Data vulnerability in Gradle Enterprise

An issue was discovered in Gradle Enterprise before 2020.2.5.

5.3
2020-09-18 CVE-2020-25734 Webtareas Project Path Traversal vulnerability in Webtareas Project Webtareas 2.0/2.1

webTareas through 2.1 allows files/Default/ Directory Listing.

5.3
2020-09-17 CVE-2020-14338 Redhat Improper Input Validation vulnerability in Redhat Xerces 2.11.0/2.12.0

A flaw was found in Wildfly's implementation of Xerces, specifically in the way the XMLSchemaValidator class in the JAXP component of Wildfly enforced the "use-grammar-pool-only" feature.

5.3
2020-09-17 CVE-2020-14181 Atlassian Information Exposure vulnerability in Atlassian Jira

Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint.

5.3
2020-09-16 CVE-2020-4708 IBM Unspecified vulnerability in IBM Security Trusteer Pinpoint Detect 11.6.5

IBM Security Trusteer Pinpoint Detect 11.6.5 could disclose some information due to using a wildcard in the Access-Control-Allow-Origin header.

5.3
2020-09-16 CVE-2020-1710 Redhat Unspecified vulnerability in Redhat products

The issue appears to be that JBoss EAP 6.4.21 does not parse the field-name in accordance to RFC7230[1] as it returns a 200 instead of a 400.

5.3
2020-09-14 CVE-2020-13314 Gitlab Unspecified vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

5.3
2020-09-17 CVE-2020-0338 Google Unspecified vulnerability in Google Android 10.0/9.0

In checkKeyIntent of AccountManagerService.java, there is a possible permission bypass.

5.0
2020-09-18 CVE-2020-14021 Ozeki Unspecified vulnerability in Ozeki NG SMS Gateway

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6.

4.9
2020-09-18 CVE-2020-0348 Google Out-of-bounds Read vulnerability in Google Android 11.0

In NFC, there is a possible out of bounds read due to a missing bounds check.

4.9
2020-09-18 CVE-2020-15772 Gradle Server-Side Request Forgery (SSRF) vulnerability in Gradle Enterprise

An issue was discovered in Gradle Enterprise 2018.5 - 2020.2.4.

4.9
2020-09-16 CVE-2020-1694 Redhat Incorrect Permission Assignment for Critical Resource vulnerability in Redhat Keycloak

A flaw was found in all versions of Keycloak before 10.0.0, where the NodeJS adapter did not support the verify-token-audience.

4.9
2020-09-14 CVE-2020-13317 Gitlab Improper Input Validation vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8, and 13.3.4.

4.9
2020-09-17 CVE-2020-15183 Soycms Project Unspecified vulnerability in Soycms Project Soycms 3.0.2

SoyCMS 3.0.2 and earlier is affected by Reflected Cross-Site Scripting (XSS) which leads to Remote Code Execution (RCE) from a known vulnerability.

4.8
2020-09-16 CVE-2020-2253 Jenkins Improper Certificate Validation vulnerability in Jenkins Email Extension

Jenkins Email Extension Plugin 2.75 and earlier does not perform hostname validation when connecting to the configured SMTP server.

4.8
2020-09-16 CVE-2020-2252 Jenkins Improper Certificate Validation vulnerability in Jenkins Mailer

Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.

4.8
2020-09-14 CVE-2020-13301 Gitlab Cross-site Scripting vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

4.8
2020-09-17 CVE-2020-15187 Helm Unspecified vulnerability in Helm

In Helm before versions 2.16.11 and 3.3.2, a Helm plugin can contain duplicates of the same entry, with the last one always used.

4.7
2020-09-17 CVE-2020-0373 Google Out-of-bounds Read vulnerability in Google Android 11.0

In SoundTriggerHwService, there is a possible out of bounds read due to a race condition.

4.7
2020-09-17 CVE-2019-20919 Perl
Fedoraproject
Canonical
Debian
Opensuse
NULL Pointer Dereference vulnerability in multiple products

An issue was discovered in the DBI module before 1.643 for Perl.

4.7
2020-09-15 CVE-2020-13307 Gitlab Insufficient Session Expiration vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

4.7
2020-09-15 CVE-2020-7295 Mcafee Improper Authentication vulnerability in Mcafee web Gateway

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to delete or download protected log data via improper access controls in the user interface.

4.6
2020-09-15 CVE-2020-7294 Mcafee Improper Authentication vulnerability in Mcafee web Gateway

Privilege Escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.1 allows authenticated user interface user to delete or download protected files via improper access controls in the REST interface.

4.6
2020-09-15 CVE-2020-16097 Gallagher Unspecified vulnerability in Gallagher Command Centre

On controllers running versions of v8.20 prior to vCR8.20.200221b (distributed in v8.20.1093(MR2)), v8.10 prior to vGR8.10.179 (distributed in v8.10.1211(MR5)), v8.00 prior to vGR8.00.165 (Distributed in v8.00.1228(MR6)), v7.90 prior to vGR7.90.165 (distributed in v7.90.1038(MRX)), v7.80 or earlier, It is possible to retrieve site keys used for securing MIFARE Plus and Desfire using debug ports on T Series readers.

4.6
2020-09-18 CVE-2020-0282 Google Out-of-bounds Read vulnerability in Google Android 11.0

In NFC, there is a possible out of bounds read due to a missing bounds check.

4.5
2020-09-18 CVE-2020-0281 Google Out-of-bounds Read vulnerability in Google Android 11.0

In NFC, there is a possible out of bounds read due to a missing bounds check.

4.5
2020-09-18 CVE-2020-0349 Google Out-of-bounds Read vulnerability in Google Android 11.0

In NFC, there is a possible out of bounds read due to a missing bounds check.

4.4
2020-09-18 CVE-2020-0325 Google Improper Input Validation vulnerability in Google Android 11.0

In NFC, there is a missing bounds check.

4.4
2020-09-18 CVE-2020-0292 Google Out-of-bounds Read vulnerability in Google Android 11.0

In Bluetooth, there is a possible out of bounds read due to a missing bounds check.

4.4
2020-09-18 CVE-2020-0291 Google Out-of-bounds Read vulnerability in Google Android 11.0

In Bluetooth, there is a possible out of bounds read due to a missing bounds check.

4.4
2020-09-18 CVE-2020-0272 Google Use of Uninitialized Resource vulnerability in Google Android 11.0

In libhwbinder, there is a possible information disclosure due to uninitialized data.

4.4
2020-09-17 CVE-2020-0328 Google Integer Overflow or Wraparound vulnerability in Google Android 11.0

In the camera, there is a possible out of bounds read due to an integer overflow.

4.4
2020-09-17 CVE-2020-0322 Google Out-of-bounds Read vulnerability in Google Android 11.0

In apexd, there is a possible out of bounds read due to a missing bounds check.

4.4
2020-09-17 CVE-2020-0407 Google Use of Insufficiently Random Values vulnerability in Google Android

In various functions in fscrypt_ice.c and related files in some implementations of f2fs encryption that use encryption hardware which only supports 32-bit IVs (Initialization Vectors), 64-bit IVs are used and later are truncated to 32 bits.

4.4
2020-09-15 CVE-2020-14304 Linux Unspecified vulnerability in Linux Kernel 4.19.1182/4.9.2101/5.6.71

A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device.

4.4
2020-09-14 CVE-2019-14761 Kaiostech Cross-site Scripting vulnerability in Kaiostech Kaios 2.5

An issue was discovered in KaiOS 2.5.

4.4
2020-09-14 CVE-2019-14760 Kaiostech Cross-site Scripting vulnerability in Kaiostech Kaios 2.5

An issue was discovered in KaiOS 2.5.

4.4
2020-09-14 CVE-2019-14759 Kaiostech Cross-site Scripting vulnerability in Kaiostech Kaios 1.0/2.5/2.5.1

An issue was discovered in KaiOS 1.0, 2.5, and 2.5.1.

4.4
2020-09-18 CVE-2020-14506 Philips Unspecified vulnerability in Philips Clinical Collaboration Platform 12.2.1

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.

4.3
2020-09-18 CVE-2020-5605 Buffalo Path Traversal vulnerability in Buffalo Airstation Whr-G54S Firmware 1.43

Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access sensitive information such as setting values via unspecified vectors.

4.3
2020-09-16 CVE-2020-14348 Redhat Improper Check for Unusual or Exceptional Conditions vulnerability in Redhat AMQ Online

It was found in AMQ Online before 1.5.2 that injecting an invalid field to a user's AddressSpace configuration of the user namespace puts AMQ Online in an inconsistent state, where the AMQ Online components do not operate properly, such as the failure of provisioning and the failure of creating addresses, though this does not impact upon already existing messaging clients or brokers.

4.3
2020-09-16 CVE-2020-10715 Redhat Improper Input Validation vulnerability in Redhat Openshift

A content spoofing vulnerability was found in the openshift/console 3.11 and 4.x.

4.3
2020-09-16 CVE-2020-2273 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Elastest

A cross-site request forgery (CSRF) vulnerability in Jenkins ElasTest Plugin 1.2.1 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials.

4.3
2020-09-16 CVE-2020-2272 Jenkins Missing Authorization vulnerability in Jenkins Elastest

A missing permission check in Jenkins ElasTest Plugin 1.2.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials.

4.3
2020-09-16 CVE-2020-2267 Jenkins Missing Authorization vulnerability in Jenkins Mongodb

A missing permission check in Jenkins MongoDB Plugin 1.3 and earlier allows attackers with Overall/Read permission to gain access to some metadata of any arbitrary files on the Jenkins controller.

4.3
2020-09-16 CVE-2020-2260 Jenkins Missing Authorization vulnerability in Jenkins Perfecto

A missing permission check in Jenkins Perfecto Plugin 1.17 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified credentials.

4.3
2020-09-16 CVE-2020-2258 Jenkins Incorrect Authorization vulnerability in Jenkins Health Advisor BY Cloudbees

Jenkins Health Advisor by CloudBees Plugin 3.2.0 and earlier does not correctly perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to view that HTTP endpoint.

4.3
2020-09-16 CVE-2020-2255 Jenkins Missing Authorization vulnerability in Jenkins Blue Ocean

A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.

4.3
2020-09-16 CVE-2020-7268 Mcafee Path Traversal vulnerability in Mcafee Email Gateway

Path Traversal vulnerability in McAfee McAfee Email Gateway (MEG) prior to 7.6.406 allows remote attackers to traverse the file system to access files or directories that are outside of the restricted directory via external input to construct a path name that should be within a restricted directory.

4.3
2020-09-15 CVE-2020-4526 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Maximo Asset Management

IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

4.3
2020-09-15 CVE-2020-16099 Gallagher Unspecified vulnerability in Gallagher Command Centre 8.20/8.20.1093

In Gallagher Command Centre v8.20 prior to v8.20.1093(MR2) it is possible to create Guard Tour events that when accessed via things like reporting cause clients to temporarily hang or disconnect.

4.3
2020-09-14 CVE-2020-13305 Gitlab Insufficient Session Expiration vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

4.3
2020-09-14 CVE-2020-13313 Gitlab Incorrect Authorization vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

4.3
2020-09-14 CVE-2020-13311 Gitlab Use of Incorrectly-Resolved Name or Reference vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

4.3
2020-09-14 CVE-2020-13316 Gitlab Unspecified vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

4.3
2020-09-14 CVE-2020-13287 Gitlab Unspecified vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

4.3

9 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-18 CVE-2020-14525 Philips Unspecified vulnerability in Philips Clinical Collaboration Platform 12.2.1

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior.

3.5
2020-09-16 CVE-2020-3989 Vmware Out-of-bounds Write vulnerability in VMWare Horizon Client, Workstation Player and Workstation PRO

VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an out-of-bounds write issue in Cortado ThinPrint component.

3.3
2020-09-15 CVE-2020-4344 IBM Insecure Storage of Sensitive Information vulnerability in IBM Tivoli Business Service Manager 6.2.0.0

IBM Tivoli Business Service Manager 6.2.0.0 - 6.2.0.2 IF 1 allows web pages to be stored locally which can be read by another user on the system.

3.3
2020-09-17 CVE-2020-15186 Helm Injection vulnerability in Helm

In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly.

2.7
2020-09-17 CVE-2020-15185 Helm Unspecified vulnerability in Helm

In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used.

2.7
2020-09-17 CVE-2020-15184 Helm Injection vulnerability in Helm

In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the `alias` field on a `Chart.yaml` is not properly sanitized.

2.7
2020-09-15 CVE-2020-13308 Gitlab Improper Preservation of Permissions vulnerability in Gitlab

A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4.

2.7
2020-09-18 CVE-2020-16230 HMS Networks Unspecified vulnerability in Hms-Networks Ewon Cosy Firmware and Ewon Flexy Firmware

All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources.

2.3
2020-09-17 CVE-2020-0382 Google Improper Handling of Exceptional Conditions vulnerability in Google Android 10.0/11.0

In RunInternal of dumpstate.cpp, there is a possible user consent bypass due to an uncaught exception.

2.3