Weekly Vulnerabilities Reports > September 21 to 27, 2020
Overview
384 new vulnerabilities reported during this period, including 45 critical vulnerabilities and 180 high severity vulnerabilities. This weekly summary report vulnerabilities in 373 products from 74 vendors including Cisco, Google, Fedoraproject, Debian, and Opensuse. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Input Validation", "SQL Injection", "Use After Free", and "Out-of-bounds Write".
- 314 reported vulnerabilities are remotely exploitables.
- 2 reported vulnerabilities have public exploit available.
- 92 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 272 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 86 reported vulnerabilities.
- Google has the most reported critical vulnerabilities, with 8 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
45 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-09-25 | CVE-2020-15196 | Out-of-bounds Read vulnerability in Google Tensorflow 2.3.0 In Tensorflow version 2.3.0, the `SparseCountSparseOutput` and `RaggedCountSparseOutput` implementations don't validate that the `weights` tensor has the same shape as the data. | 9.9 | |
2020-09-23 | CVE-2020-2279 | Jenkins | Unspecified vulnerability in Jenkins Script Security A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content that can result in arbitrary code execution on the Jenkins controller JVM. | 9.9 |
2020-09-25 | CVE-2020-15208 | Google Opensuse | In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes. | 9.8 |
2020-09-25 | CVE-2020-15205 | Google Opensuse | Out-of-bounds Write vulnerability in multiple products In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `data_splits` argument of `tf.raw_ops.StringNGrams` lacks validation. | 9.8 |
2020-09-25 | CVE-2020-25147 | Observium | SQL Injection vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 9.8 |
2020-09-25 | CVE-2020-25132 | Observium | SQL Injection vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 9.8 |
2020-09-25 | CVE-2019-16211 | Broadcom | Insufficiently Protected Credentials vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1/2.0 Brocade SANnav versions before v2.1.0, contain a Plaintext Password Storage vulnerability. | 9.8 |
2020-09-25 | CVE-2020-15374 | Broadcom | Unspecified vulnerability in Broadcom Fabric Operating System Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input. | 9.8 |
2020-09-25 | CVE-2020-15373 | Broadcom | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Broadcom Fabric Operating System Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks. | 9.8 |
2020-09-25 | CVE-2020-15371 | Broadcom | Code Injection vulnerability in Broadcom Fabric Operating System Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability. | 9.8 |
2020-09-25 | CVE-2020-13995 | Airforce | Out-of-bounds Write vulnerability in Airforce Nitf Extract Utility 7.5 U.S. | 9.8 |
2020-09-25 | CVE-2020-15394 | Zohocorp | SQL Injection vulnerability in Zohocorp Manageengine Applications Manager The REST API in Zoho ManageEngine Applications Manager before build 14740 allows an unauthenticated SQL Injection via a crafted request, leading to Remote Code Execution. | 9.8 |
2020-09-25 | CVE-2020-26108 | Cpanel | Unspecified vulnerability in Cpanel cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488). | 9.8 |
2020-09-25 | CVE-2020-26105 | Cpanel | Improper Authentication vulnerability in Cpanel In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554). | 9.8 |
2020-09-25 | CVE-2020-26101 | Cpanel | Improper Authentication vulnerability in Cpanel In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549). | 9.8 |
2020-09-25 | CVE-2020-26100 | Cpanel | Unspecified vulnerability in Cpanel chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497). | 9.8 |
2020-09-25 | CVE-2020-26098 | Cpanel | Unspecified vulnerability in Cpanel cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485). | 9.8 |
2020-09-25 | CVE-2020-25749 | Rubetek | Use of Hard-coded Credentials vulnerability in Rubetek products The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) could allow an remote attacker to take full control of the device with a high-privileged account. | 9.8 |
2020-09-25 | CVE-2020-25223 | Sophos | OS Command Injection vulnerability in Sophos Unified Threat Management A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11 | 9.8 |
2020-09-25 | CVE-2020-11805 | Pexip | Improper Input Validation vulnerability in Pexip Infinity and Reverse Proxy and Turn Server Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN. | 9.8 |
2020-09-24 | CVE-2020-15160 | Prestashop | SQL Injection vulnerability in Prestashop PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. | 9.8 |
2020-09-24 | CVE-2020-15851 | Nakivo | Missing Authentication for Critical Function vulnerability in Nakivo Backup & Replication Transporter 9.4.0.R43656 Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service. | 9.8 |
2020-09-24 | CVE-2020-12843 | Gogogate | Unrestricted Upload of File with Dangerous Type vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. | 9.8 |
2020-09-24 | CVE-2020-12842 | Gogogate | Incorrect Permission Assignment for Critical Resource vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php. | 9.8 |
2020-09-24 | CVE-2020-12839 | Gogogate | Incorrect Permission Assignment for Critical Resource vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php. | 9.8 |
2020-09-24 | CVE-2020-12838 | Gogogate | Incorrect Permission Assignment for Critical Resource vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php. | 9.8 |
2020-09-24 | CVE-2020-13505 | Aveva | SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053 Parameter psClass in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. | 9.8 |
2020-09-24 | CVE-2020-13504 | Aveva | SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053 Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks. | 9.8 |
2020-09-24 | CVE-2020-13501 | Aveva | SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053 An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. | 9.8 |
2020-09-24 | CVE-2020-13500 | Aveva | SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053 SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. | 9.8 |
2020-09-24 | CVE-2020-13499 | Aveva | SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053 An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053. | 9.8 |
2020-09-24 | CVE-2020-16147 | Telmat | OS Command Injection vulnerability in Telmat products The login page in Telmat AccessLog <= 6.0 (TAL_20180415) allows an attacker to get root shell access via Unauthenticated code injection over the network. | 9.8 |
2020-09-24 | CVE-2015-4719 | Pexip | Improper Privilege Management vulnerability in Pexip Infinity 7.0/9 The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain privileges via a crafted request. | 9.8 |
2020-09-23 | CVE-2020-24626 | HPE | Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9 Unathenticated directory traversal in the ReceiverServlet class doPost() method can lead to arbitrary remote code execution in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9. | 9.8 |
2020-09-23 | CVE-2019-16028 | Cisco | Improper Authentication vulnerability in Cisco Secure Firewall Management Center A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. | 9.8 |
2020-09-22 | CVE-2020-11856 | Microfocus | Missing Authentication for Critical Function vulnerability in Microfocus Operation Bridge Reporter Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. | 9.8 |
2020-09-22 | CVE-2020-11857 | Microfocus | Use of Hard-coded Credentials vulnerability in Microfocus Operation Bridge Reporter An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. | 9.8 |
2020-09-25 | CVE-2020-24594 | Mitel | Cross-site Scripting vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1 Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. | 9.6 |
2020-09-21 | CVE-2020-6573 | Google Debian Opensuse Fedoraproject | Use After Free vulnerability in multiple products Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
2020-09-21 | CVE-2020-15963 | Google Opensuse Fedoraproject Debian | Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | 9.6 |
2020-09-21 | CVE-2020-15961 | Google Opensuse Fedoraproject Debian | Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. | 9.6 |
2020-09-25 | CVE-2020-25747 | Rubetek | Missing Authentication for Critical Function vulnerability in Rubetek products The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication. | 9.4 |
2020-09-24 | CVE-2020-3426 | Cisco | Improper Input Validation vulnerability in Cisco IOS A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition. | 9.1 |
2020-09-25 | CVE-2020-15207 | Google Opensuse | Out-of-bounds Write vulnerability in multiple products In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses `ResolveAxis` to convert negative values to positive indices. | 9.0 |
2020-09-25 | CVE-2020-15202 | Google Opensuse | In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments. | 9.0 |
180 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-09-25 | CVE-2020-15195 | Google Opensuse | Out-of-bounds Write vulnerability in multiple products In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of `SparseFillEmptyRowsGrad` uses a double indexing pattern. | 8.8 |
2020-09-25 | CVE-2020-25149 | Observium | Unrestricted Upload of File with Dangerous Type vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 8.8 |
2020-09-25 | CVE-2020-25145 | Observium | Unrestricted Upload of File with Dangerous Type vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 8.8 |
2020-09-25 | CVE-2020-25144 | Observium | Unrestricted Upload of File with Dangerous Type vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 8.8 |
2020-09-25 | CVE-2020-25143 | Observium | SQL Injection vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 8.8 |
2020-09-25 | CVE-2020-25136 | Observium | Unrestricted Upload of File with Dangerous Type vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 8.8 |
2020-09-25 | CVE-2020-25134 | Observium | Unrestricted Upload of File with Dangerous Type vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 8.8 |
2020-09-25 | CVE-2020-25133 | Observium | Unrestricted Upload of File with Dangerous Type vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 8.8 |
2020-09-25 | CVE-2019-16212 | Broadcom | Unspecified vulnerability in Broadcom Brocade Sannav 1.1.0/1.1.1/2.0 A vulnerability in Brocade SANnav versions before v2.1.0 could allow a remote authenticated attacker to conduct an LDAP injection. | 8.8 |
2020-09-25 | CVE-2020-15369 | Broadcom | Weak Password Requirements vulnerability in Broadcom Fabric Operating System Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. | 8.8 |
2020-09-25 | CVE-2020-24621 | Openmrs | Path Traversal vulnerability in Openmrs Htmlformentry A remote code execution (RCE) vulnerability was discovered in the htmlformentry (aka HTML Form Entry) module before 3.11.0 for OpenMRS. | 8.8 |
2020-09-25 | CVE-2020-23837 | Multi User Project | Cross-Site Request Forgery (CSRF) vulnerability in Multi User Project Multi User 1.8.2 A Cross-Site Request Forgery (CSRF) vulnerability in the Multi User plugin 1.8.2 for GetSimple CMS allows remote attackers to add admin (or other) users after an authenticated admin visits a third-party site or clicks on a URL. | 8.8 |
2020-09-24 | CVE-2020-3425 | Cisco | Unspecified vulnerability in Cisco IOS XE Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device. | 8.8 |
2020-09-24 | CVE-2020-3400 | Cisco | Missing Authorization vulnerability in Cisco IOS XE A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to utilize parts of the web UI for which they are not authorized.The vulnerability is due to insufficient authorization of web UI access requests. | 8.8 |
2020-09-24 | CVE-2020-3141 | Cisco | Unspecified vulnerability in Cisco IOS XE Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device. | 8.8 |
2020-09-24 | CVE-2020-12282 | Gogogate | Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. | 8.8 |
2020-09-24 | CVE-2020-24365 | Gemteks | Insecure Default Initialization of Resource vulnerability in Gemteks Wrtm-127Acn Firmware and Wrtm-127X9 Firmware An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-127x9 01.01.02.127 devices. | 8.8 |
2020-09-24 | CVE-2020-12817 | Fortinet | Cross-site Scripting vulnerability in Fortinet Fortianalyzer and Fortitester An improper neutralization of input vulnerability in FortiAnalyzer before 6.4.1 and 6.2.5 may allow a remote authenticated attacker to inject script related HTML tags via Name parameter of Storage Connectors. | 8.8 |
2020-09-23 | CVE-2020-2280 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Warnings A cross-site request forgery (CSRF) vulnerability in Jenkins Warnings Plugin 5.0.1 and earlier allows attackers to execute arbitrary code. | 8.8 |
2020-09-23 | CVE-2019-16009 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS A vulnerability in the web UI of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 8.8 |
2020-09-23 | CVE-2020-3135 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager (UCM) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected device. | 8.8 |
2020-09-22 | CVE-2020-14026 | Ozeki | Improper Neutralization of Formula Elements in a CSV File vulnerability in Ozeki NG SMS Gateway CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the Export Of Contacts feature in Ozeki NG SMS Gateway through 4.17.6 via a value that is mishandled in a CSV export. | 8.8 |
2020-09-22 | CVE-2020-14025 | Ozeki | Cross-Site Request Forgery (CSRF) vulnerability in Ozeki NG SMS Gateway Ozeki NG SMS Gateway through 4.17.6 has multiple CSRF vulnerabilities. | 8.8 |
2020-09-22 | CVE-2020-14022 | Ozeki | Unrestricted Upload of File with Dangerous Type vulnerability in Ozeki NG SMS Gateway Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file type when bulk importing new contacts ("Import Contacts" functionality) from a file. | 8.8 |
2020-09-22 | CVE-2020-4621 | IBM | Incorrect Authorization vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to escalate their privileges to administrator due to insufficient authorization checks. | 8.8 |
2020-09-22 | CVE-2020-4620 | IBM | Unrestricted Upload of File with Dangerous Type vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions. | 8.8 |
2020-09-22 | CVE-2020-4611 | IBM | Unspecified vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to bypass security and execute actions reserved for admins. | 8.8 |
2020-09-21 | CVE-2020-6559 | Google Debian Opensuse Fedoraproject | Use After Free vulnerability in multiple products Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6553 | Google Debian Fedoraproject | Use After Free vulnerability in multiple products Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6552 | Google Debian Fedoraproject | Use After Free vulnerability in multiple products Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6549 | Google Debian Fedoraproject | Use After Free vulnerability in multiple products Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6548 | Google Debian Fedoraproject | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6545 | Google Debian Fedoraproject | Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6544 | Google Debian Fedoraproject | Use After Free vulnerability in multiple products Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6543 | Google Debian Fedoraproject | Use After Free vulnerability in multiple products Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6540 | Google Debian Fedoraproject | Out-of-bounds Write vulnerability in multiple products Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6539 | Google Debian Fedoraproject | Use After Free vulnerability in multiple products Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6537 | Google Debian Fedoraproject | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6532 | Google Debian Fedoraproject | Use After Free vulnerability in multiple products Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6576 | Google Debian Opensuse Fedoraproject | Use After Free vulnerability in multiple products Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6556 | Google Debian Fedoraproject Opensuse | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-15965 | Google Debian Opensuse Fedoraproject | Type Confusion vulnerability in multiple products Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-15964 | Google Opensuse Fedoraproject Debian | NULL Pointer Dereference vulnerability in multiple products Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-15962 | Google Opensuse Fedoraproject Debian | Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-15960 | Google Opensuse Fedoraproject Debian | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6551 | Google Debian Fedoraproject | Use After Free vulnerability in multiple products Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6550 | Google Debian Fedoraproject | Use After Free vulnerability in multiple products Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6542 | Google Debian Fedoraproject | Use After Free vulnerability in multiple products Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-21 | CVE-2020-6541 | Google Debian Fedoraproject | Use After Free vulnerability in multiple products Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-09-25 | CVE-2020-15212 | Out-of-bounds Write vulnerability in Google Tensorflow 2.2.0/2.3.0 In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor. | 8.6 | |
2020-09-24 | CVE-2020-3560 | Cisco | Resource Exhaustion vulnerability in Cisco products A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device. | 8.6 |
2020-09-24 | CVE-2020-3527 | Cisco | Resource Exhaustion vulnerability in Cisco IOS XE A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to crash the device. | 8.6 |
2020-09-24 | CVE-2020-3526 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE 17.2 A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device. | 8.6 |
2020-09-24 | CVE-2020-3510 | Cisco | Resource Exhaustion vulnerability in Cisco IOS XE 16.12.1/16.12.2/17.1.1 A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in a denial of service condition on an affected device. | 8.6 |
2020-09-24 | CVE-2020-3509 | Cisco | Information Exposure Through Discrepancy vulnerability in Cisco IOS XE 16.7(1) A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition. | 8.6 |
2020-09-24 | CVE-2020-3492 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 8.6 |
2020-09-24 | CVE-2020-3480 | Cisco | Improper Check for Unusual or Exceptional Conditions vulnerability in Cisco IOS XE Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall. | 8.6 |
2020-09-24 | CVE-2020-3414 | Cisco | Resource Exhaustion vulnerability in Cisco IOS XE A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 8.6 |
2020-09-24 | CVE-2020-3408 | Cisco | Resource Exhaustion vulnerability in Cisco IOS and IOS XE A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 8.6 |
2020-09-24 | CVE-2020-3407 | Cisco | NULL Pointer Dereference vulnerability in Cisco IOS XE 15.8(3)M3 A vulnerability in the RESTCONF and NETCONF-YANG access control list (ACL) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload. | 8.6 |
2020-09-24 | CVE-2020-3399 | Cisco | Out-of-bounds Read vulnerability in Cisco IOS XE 16.12/16.12.1S/16.12.2 A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device. | 8.6 |
2020-09-24 | CVE-2020-3359 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 A vulnerability in the multicast DNS (mDNS) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 8.6 |
2020-09-24 | CVE-2020-3559 | Cisco | Resource Exhaustion vulnerability in Cisco products A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload. | 8.6 |
2020-09-23 | CVE-2019-16019 | Cisco | Unspecified vulnerability in Cisco IOS XR Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 8.6 |
2020-09-23 | CVE-2019-1947 | Cisco | Improper Input Validation vulnerability in Cisco Asyncos and Email Security Appliance A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device. | 8.6 |
2020-09-23 | CVE-2020-3569 | Cisco | Allocation of Resources Without Limits or Throttling vulnerability in Cisco IOS XR Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. | 8.6 |
2020-09-21 | CVE-2020-6554 | Google Debian Fedoraproject | Use After Free vulnerability in multiple products Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension. | 8.6 |
2020-09-22 | CVE-2020-25514 | Simple Library Management System Project | SQL Injection vulnerability in Simple Library Management System Project Simple Library Management System 1.0 Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://<site>/lms/admin.php. | 8.4 |
2020-09-21 | CVE-2020-6575 | Google Debian Opensuse Fedoraproject | Race Condition vulnerability in multiple products Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 8.3 |
2020-09-25 | CVE-2020-24718 | Freebsd Omniosce Openindiana Netapp | Missing Authorization vulnerability in multiple products bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP. | 8.2 |
2020-09-27 | CVE-2020-26117 | Tigervnc Debian Opensuse | Improper Certificate Validation vulnerability in multiple products In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. | 8.1 |
2020-09-25 | CVE-2020-15214 | Unspecified vulnerability in Google Tensorflow 2.2.0/2.3.0 In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted. | 8.1 | |
2020-09-25 | CVE-2020-25748 | Rubetek | Cleartext Transmission of Sensitive Information vulnerability in Rubetek products A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339). | 8.1 |
2020-09-24 | CVE-2020-3475 | Cisco | Improper Input Validation vulnerability in Cisco IOS Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. | 8.1 |
2020-09-24 | CVE-2020-3474 | Cisco | Incorrect Authorization vulnerability in Cisco IOS XE Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition. | 8.1 |
2020-09-24 | CVE-2020-15222 | ORY | Insufficient Verification of Data Authenticity vulnerability in ORY Fosite In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.31.0, when using "private_key_jwt" authentication the uniqueness of the `jti` value is not checked. | 8.1 |
2020-09-24 | CVE-2020-13119 | Gogogate | Improper Restriction of Rendered UI Layers or Frames vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 ismartgate PRO 1.5.9 is vulnerable to clickjacking. | 8.1 |
2020-09-22 | CVE-2020-4617 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.1 |
2020-09-24 | CVE-2020-15223 | ORY | Improper Check for Unusual or Exceptional Conditions vulnerability in ORY Fosite In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.34.0, the `TokenRevocationHandler` ignores errors coming from the storage. | 8.0 |
2020-09-24 | CVE-2020-17365 | Pango | Incorrect Permission Assignment for Critical Resource vulnerability in Pango Hotspot Shield 10.0.1/10.3.0 Improper directory permissions in the Hotspot Shield VPN client software for Windows 10.3.0 and earlier may allow an authorized user to potentially enable escalation of privilege via local access. | 7.8 |
2020-09-24 | CVE-2020-8333 | Lenovo | Unspecified vulnerability in Lenovo products A potential vulnerability in the SMI callback function used in the EEPROM driver in some Lenovo Desktops and ThinkStation models may allow arbitrary code execution | 7.8 |
2020-09-24 | CVE-2020-15850 | Nakivo | Incorrect Default Permissions vulnerability in Nakivo Backup & Replication Director 9.4.0.R43656 Insecure permissions in Nakivo Backup & Replication Director version 9.4.0.r43656 on Linux allow local users to access the Nakivo Director web interface and gain root privileges. | 7.8 |
2020-09-24 | CVE-2020-3404 | Cisco | Incorrect Authorization vulnerability in Cisco IOS XE 16.11.1 A vulnerability in the persistent Telnet/Secure Shell (SSH) CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system (OS) with root privileges. | 7.8 |
2020-09-24 | CVE-2020-3403 | Cisco | OS Command Injection vulnerability in Cisco IOS XE 17.2.1 A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to inject a command to the underlying operating system that will execute with root privileges upon the next reboot of the device. | 7.8 |
2020-09-24 | CVE-2020-3393 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 A vulnerability in the application-hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device. | 7.8 |
2020-09-23 | CVE-2020-25603 | XEN Fedoraproject Opensuse Debian | Always-Incorrect Control Flow Implementation vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 7.8 |
2020-09-23 | CVE-2020-25595 | XEN Fedoraproject Debian Opensuse | Improper Privilege Management vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 7.8 |
2020-09-23 | CVE-2020-25826 | Pingidentity | Incorrect Permission Assignment for Critical Resource vulnerability in Pingidentity Pingid Integration for Windows Login PingID Integration for Windows Login before 2.4.2 allows local users to gain privileges by modifying CefSharp.BrowserSubprocess.exe. | 7.8 |
2020-09-23 | CVE-2019-15283 | Cisco | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. | 7.8 |
2020-09-23 | CVE-2019-15285 | Cisco | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. | 7.8 |
2020-09-23 | CVE-2019-15287 | Cisco | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco products Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. | 7.8 |
2020-09-22 | CVE-2020-25515 | Simple Library Management System Project | Unrestricted Upload of File with Dangerous Type vulnerability in Simple Library Management System Project Simple Library Management System 1.0 Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books. | 7.8 |
2020-09-22 | CVE-2020-25487 | Phpgurukul | SQL Injection vulnerability in PHPgurukul ZOO Management System 1.0 PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is affected by: SQL Injection via zms/animal-detail.php. | 7.8 |
2020-09-22 | CVE-2020-16202 | Advantech | Unspecified vulnerability in Advantech Webaccess WebAccess Node (All versions prior to 9.0.1) has incorrect permissions set for resources used by specific services, which may allow code execution with system privileges. | 7.8 |
2020-09-22 | CVE-2020-11855 | Microfocus | Incorrect Permission Assignment for Critical Resource vulnerability in Microfocus Operation Bridge Reporter An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier. | 7.8 |
2020-09-21 | CVE-2020-6546 | Google Debian Fedoraproject | Link Following vulnerability in multiple products Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege via a crafted filesystem. | 7.8 |
2020-09-21 | CVE-2020-6574 | Google Opensuse Debian Fedoraproject | Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary. | 7.8 |
2020-09-21 | CVE-2020-6555 | Google Debian Fedoraproject | Out-of-bounds Read vulnerability in multiple products Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 7.6 |
2020-09-27 | CVE-2020-26121 | Mediawiki Fedoraproject | Incorrect Authorization vulnerability in multiple products An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. | 7.5 |
2020-09-27 | CVE-2020-25869 | Mediawiki Fedoraproject | Incorrect Authorization vulnerability in multiple products An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. | 7.5 |
2020-09-27 | CVE-2020-25827 | Mediawiki Fedoraproject | Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. | 7.5 |
2020-09-25 | CVE-2020-15206 | Google Opensuse | In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's `SavedModel` protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model. | 7.5 |
2020-09-25 | CVE-2020-15203 | Google Opensuse | Use of Externally-Controlled Format String vulnerability in multiple products In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the `fill` argument of tf.strings.as_string, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a `printf` call is constructed. | 7.5 |
2020-09-25 | CVE-2020-19455 | Jdownloads | SQL Injection vulnerability in Jdownloads 3.2.63 SQL injection exists in the jdownloads 3.2.63 component for Joomla! via components/com_jdownloads/helpers/categories.php, order function via the filter_order parameter. | 7.5 |
2020-09-25 | CVE-2020-19451 | Jdownloads | SQL Injection vulnerability in Jdownloads 3.2.63 SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, updateLog function via the X-forwarded-for Header parameter. | 7.5 |
2020-09-25 | CVE-2020-19450 | Jdownloads | SQL Injection vulnerability in Jdownloads 3.2.63 SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, getUserLimits function in the list parameter. | 7.5 |
2020-09-25 | CVE-2018-6448 | Broadcom | Unspecified vulnerability in Broadcom Fabric Operating System A vulnerability in the management interface in Brocade Fabric OS Versions before Brocade Fabric OS v9.0.0 could allow a remote attacker to perform a denial of service attack on the vulnerable host. | 7.5 |
2020-09-25 | CVE-2020-5930 | F5 | Unspecified vulnerability in F5 products In BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.7, 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 and BIG-IQ 5.2.0-7.1.0, unauthenticated attackers can cause disruption of service via undisclosed methods. | 7.5 |
2020-09-25 | CVE-2020-26112 | Cpanel | Unspecified vulnerability in Cpanel The email quota cache in cPanel before 90.0.10 allows overwriting of files. | 7.5 |
2020-09-25 | CVE-2020-26109 | Cpanel | Unspecified vulnerability in Cpanel cPanel before 88.0.13 allows bypass of a protection mechanism that attempted to restrict package modification (SEC-557). | 7.5 |
2020-09-25 | CVE-2020-26107 | Cpanel | Use of Insufficiently Random Values vulnerability in Cpanel cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561). | 7.5 |
2020-09-25 | CVE-2020-26106 | Cpanel | Incorrect Permission Assignment for Critical Resource vulnerability in Cpanel cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-558). | 7.5 |
2020-09-25 | CVE-2020-26104 | Cpanel | Insecure Storage of Sensitive Information vulnerability in Cpanel In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552). | 7.5 |
2020-09-25 | CVE-2020-26103 | Cpanel | Weak Password Requirements vulnerability in Cpanel In cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551). | 7.5 |
2020-09-25 | CVE-2020-26102 | Cpanel | Unspecified vulnerability in Cpanel In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM (SEC-550). | 7.5 |
2020-09-25 | CVE-2020-26099 | Cpanel | Unspecified vulnerability in Cpanel cPanel before 88.0.3 allows attackers to bypass the SMTP greylisting protection mechanism (SEC-491). | 7.5 |
2020-09-25 | CVE-2018-10432 | Pexip | Resource Exhaustion vulnerability in Pexip Infinity Pexip Infinity before 18 allows Remote Denial of Service (TLS handshakes in RTMP). | 7.5 |
2020-09-25 | CVE-2018-10585 | Pexip | Resource Exhaustion vulnerability in Pexip Infinity Pexip Infinity before 18 allows remote Denial of Service (XML parsing). | 7.5 |
2020-09-25 | CVE-2020-13387 | Pexip | Improper Input Validation vulnerability in Pexip Infinity Pexip Infinity before 23.4 has a lack of input validation, leading to temporary denial of service via H.323. | 7.5 |
2020-09-25 | CVE-2020-12824 | Pexip | Improper Input Validation vulnerability in Pexip Infinity 23/23.1/23.2 Pexip Infinity 23.x before 23.3 has improper input validation, leading to a temporary software abort via RTP. | 7.5 |
2020-09-24 | CVE-2020-13991 | Jerryscript | Unspecified vulnerability in Jerryscript 2.2.0 vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register. | 7.5 |
2020-09-24 | CVE-2020-19447 | Jdownloads | SQL Injection vulnerability in Jdownloads 3.2.63 SQL injection exists in the jdownloads 3.2.63 component for Joomla! com_jdownloads/models/send.php via the f_marked_files_id parameter. | 7.5 |
2020-09-24 | CVE-2020-3479 | Cisco | Resource Exhaustion vulnerability in Cisco IOS and IOS XE A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
2020-09-24 | CVE-2020-3422 | Cisco | Unspecified vulnerability in Cisco IOS XE 16.9.3 A vulnerability in the IP Service Level Agreement (SLA) responder feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the IP SLA responder to reuse an existing port, resulting in a denial of service (DoS) condition. | 7.5 |
2020-09-24 | CVE-2020-3421 | Cisco | Improper Check for Unusual or Exceptional Conditions vulnerability in Cisco IOS XE 16.9.3/17.2 Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall. | 7.5 |
2020-09-24 | CVE-2020-12837 | Gogogate | Unrestricted Upload of File with Dangerous Type vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. | 7.5 |
2020-09-24 | CVE-2020-24560 | Trendmicro | Improper Certificate Validation vulnerability in Trendmicro products An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. | 7.5 |
2020-09-24 | CVE-2020-15604 | Trendmicro | Download of Code Without Integrity Check vulnerability in Trendmicro products An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one. | 7.5 |
2020-09-23 | CVE-2020-11031 | Glpi Project | Unspecified vulnerability in Glpi-Project Glpi In GLPI before version 9.5.0, the encryption algorithm used is insecure. | 7.5 |
2020-09-23 | CVE-2020-24213 | Ygopro | Integer Overflow or Wraparound vulnerability in Ygopro Ygocore 1.035.1 An integer overflow was discovered in YGOPro ygocore v13.51. | 7.5 |
2020-09-23 | CVE-2020-7122 | Arubanetworks | Out-of-bounds Write vulnerability in Arubanetworks products Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. | 7.5 |
2020-09-23 | CVE-2020-7121 | Arubanetworks | Out-of-bounds Write vulnerability in Arubanetworks products Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found. | 7.5 |
2020-09-23 | CVE-2020-24625 | HPE | Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9 Unathenticated directory traversal in the ReceiverServlet class doGet() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9. | 7.5 |
2020-09-23 | CVE-2020-24624 | HPE | Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9 Unathenticated directory traversal in the DownloadServlet class execute() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9. | 7.5 |
2020-09-23 | CVE-2020-10714 | Redhat Netapp | A flaw was found in WildFly Elytron version 1.11.3.Final and before. | 7.5 |
2020-09-23 | CVE-2020-25821 | PEG Markdown Project | NULL Pointer Dereference vulnerability in Peg-Markdown Project Peg-Markdown 0.4.14 peg-markdown 0.4.14 has a NULL pointer dereference in process_raw_blocks in markdown_lib.c. | 7.5 |
2020-09-23 | CVE-2019-15289 | Cisco | Improper Input Validation vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint Multiple vulnerabilities in the video service of Cisco TelePresence Collaboration Endpoint (CE) and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
2020-09-23 | CVE-2019-16023 | Cisco | Unspecified vulnerability in Cisco IOS XR Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
2020-09-23 | CVE-2019-16021 | Cisco | Unspecified vulnerability in Cisco IOS XR Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 7.5 |
2020-09-23 | CVE-2020-3133 | Cisco | Improper Input Validation vulnerability in Cisco Email Security Appliance A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device. | 7.5 |
2020-09-22 | CVE-2020-4622 | IBM | Use of Hard-coded Credentials vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 7.5 |
2020-09-22 | CVE-2020-4614 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information. | 7.5 |
2020-09-22 | CVE-2020-4613 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2020-09-22 | CVE-2020-8887 | Telestream | SQL Injection vulnerability in Telestream Medius and Sentry Telestream Tektronix Medius before 10.7.5 and Sentry before 10.7.5 have a SQL injection vulnerability allowing an unauthenticated attacker to dump database contents via the page parameter in a page=login request to index.php (aka the server login page). | 7.5 |
2020-09-21 | CVE-2020-4643 | IBM | XXE vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 7.5 |
2020-09-21 | CVE-2020-4581 | IBM | Unspecified vulnerability in IBM Datapower Gateway IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a chunked transfer-encoding HTTP/2 request. | 7.5 |
2020-09-21 | CVE-2020-4580 | IBM | Unspecified vulnerability in IBM Datapower Gateway IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted a JSON request with invalid characters. | 7.5 |
2020-09-21 | CVE-2020-4579 | IBM | Unspecified vulnerability in IBM Datapower Gateway IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted HTTP/2 request with invalid characters. | 7.5 |
2020-09-24 | CVE-2016-11086 | Oauth Ruby Project | Improper Certificate Validation vulnerability in Oauth-Ruby Project Oauth-Ruby lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby does not verify server X.509 certificates if a certificate bundle cannot be found, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information. | 7.4 |
2020-09-24 | CVE-2020-3552 | Cisco | NULL Pointer Dereference vulnerability in Cisco products A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 7.4 |
2020-09-24 | CVE-2020-3512 | Cisco | Resource Exhaustion vulnerability in Cisco IOS XE 15.2(7)E A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition. | 7.4 |
2020-09-24 | CVE-2020-3511 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE 15.1(4)M A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. | 7.4 |
2020-09-24 | CVE-2020-3497 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. | 7.4 |
2020-09-24 | CVE-2020-3494 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. | 7.4 |
2020-09-24 | CVE-2020-3493 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. | 7.4 |
2020-09-24 | CVE-2020-3489 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. | 7.4 |
2020-09-24 | CVE-2020-3488 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. | 7.4 |
2020-09-24 | CVE-2020-3409 | Cisco | Resource Exhaustion vulnerability in Cisco IOS and IOS XE A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device. | 7.4 |
2020-09-24 | CVE-2020-3390 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1 A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) condition on an affected device. | 7.4 |
2020-09-24 | CVE-2020-3508 | Cisco | Resource Exhaustion vulnerability in Cisco IOS XE A vulnerability in the IP Address Resolution Protocol (ARP) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor (ESP) installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service condition. | 7.4 |
2020-09-24 | CVE-2020-15843 | Actfax | Incorrect Default Permissions vulnerability in Actfax 7.10 ActFax Version 7.10 Build 0335 (2020-05-25) is susceptible to a privilege escalation vulnerability due to insecure folder permissions on %PROGRAMFILES%\ActiveFax\Client\, %PROGRAMFILES%\ActiveFax\Install\ and %PROGRAMFILES%\ActiveFax\Terminal\. | 7.3 |
2020-09-27 | CVE-2020-26116 | Python Fedoraproject Canonical Netapp Debian Oracle Opensuse | Injection vulnerability in multiple products http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. | 7.2 |
2020-09-25 | CVE-2019-7177 | Pexip | Code Injection vulnerability in Pexip Infinity Pexip Infinity before 20.1 allows Code Injection onto nodes via an admin. | 7.2 |
2020-09-25 | CVE-2019-7178 | Pexip | Improper Input Validation vulnerability in Pexip Infinity Pexip Infinity before 20.1 allows privilege escalation by restoring a system backup. | 7.2 |
2020-09-25 | CVE-2020-24593 | Mitel | SQL Injection vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1 Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation. | 7.2 |
2020-09-24 | CVE-2020-3396 | Cisco | Improper Privilege Management vulnerability in Cisco IOS XE 16.12.1 A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive (SSD) for Cisco IOS XE Software could allow an authenticated, physical attacker to remove the USB 3.0 SSD and modify sensitive areas of the file system, including the namespace container protections. | 7.2 |
2020-09-24 | CVE-2020-16148 | Telmat | OS Command Injection vulnerability in Telmat products The ping page of the administration panel in Telmat AccessLog <= 6.0 (TAL_20180415) allows an attacker to get root shell access via authenticated code injection over the network. | 7.2 |
2020-09-23 | CVE-2020-16244 | GE | Unspecified vulnerability in GE Asset Performance Management Classic 4.4 GE Digital APM Classic, Versions 4.4 and prior. | 7.2 |
2020-09-23 | CVE-2019-1888 | Cisco | Unrestricted Upload of File with Dangerous Type vulnerability in Cisco products A vulnerability in the Administration Web Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an authenticated, remote attacker to upload arbitrary files and execute commands on the underlying operating system. | 7.2 |
2020-09-23 | CVE-2019-15957 | Cisco | Improper Input Validation vulnerability in Cisco products A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system. | 7.2 |
2020-09-23 | CVE-2019-15992 | Cisco | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device. | 7.2 |
2020-09-23 | CVE-2020-3143 | Cisco | Path Traversal vulnerability in Cisco products A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. | 7.2 |
2020-09-22 | CVE-2020-14031 | Ozeki | Unspecified vulnerability in Ozeki NG SMS Gateway An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. | 7.2 |
2020-09-22 | CVE-2020-14028 | Ozeki | Path Traversal vulnerability in Ozeki NG SMS Gateway An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. | 7.2 |
2020-09-25 | CVE-2020-15193 | Google Opensuse | Use of Uninitialized Resource vulnerability in multiple products In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of `dlpack.to_dlpack` can be made to use uninitialized memory resulting in further memory corruption. | 7.1 |
2020-09-25 | CVE-2020-24692 | Mitel | Improper Input Validation vulnerability in Mitel Micontact Center Business The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. | 7.1 |
2020-09-23 | CVE-2020-2284 | Jenkins | XXE vulnerability in Jenkins Liquibase Runner Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 7.1 |
2020-09-23 | CVE-2020-14365 | Redhat Debian | A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module. | 7.1 |
2020-09-23 | CVE-2019-16007 | Cisco | Insufficient Verification of Data Authenticity vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service (DoS) condition. | 7.1 |
2020-09-23 | CVE-2020-25599 | XEN Fedoraproject Opensuse Debian | Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 7.0 |
158 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-09-24 | CVE-2020-3524 | Cisco | Missing Authorization vulnerability in Cisco IOS XE ROM Monitor 15.6(18R)/16.2(1R) A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to break the chain of trust and load a compromised software image on an affected device. | 6.8 |
2020-09-23 | CVE-2019-16017 | Cisco | Improper Input Validation vulnerability in Cisco Unified Customer Voice Portal A vulnerability in the Operations, Administration, Maintenance and Provisioning (OAMP) OpsConsole Server for Cisco Unified Customer Voice Portal (CVP) could allow an authenticated, remote attacker to execute Insecure Direct Object Reference actions on specific pages within the OAMP application. | 6.8 |
2020-09-24 | CVE-2020-3513 | Cisco | Code Injection vulnerability in Cisco IOS XE 16.12.1/17.2 Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust. | 6.7 |
2020-09-24 | CVE-2020-3423 | Cisco | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS XE A vulnerability in the implementation of the Lua interpreter that is integrated in Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary code with root privileges on the underlying Linux operating system (OS) of an affected device. | 6.7 |
2020-09-24 | CVE-2020-3417 | Cisco | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust. | 6.7 |
2020-09-24 | CVE-2020-3416 | Cisco | Code Injection vulnerability in Cisco IOS XE 16.12.1/17.2 Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust. | 6.7 |
2020-09-23 | CVE-2019-15959 | Cisco | Improper Input Validation vulnerability in Cisco Spa500 Series IP Phones Firmware A vulnerability in Cisco Small Business SPA500 Series IP Phones could allow a physically proximate attacker to execute arbitrary commands on the device. | 6.6 |
2020-09-23 | CVE-2019-1736 | Cisco | Improper Verification of Cryptographic Signature vulnerability in Cisco products A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation checks and load a compromised software image on an affected device. | 6.6 |
2020-09-25 | CVE-2020-15210 | Google Opensuse | Out-of-bounds Write vulnerability in multiple products In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption. | 6.5 |
2020-09-25 | CVE-2020-25142 | Observium | Cross-Site Request Forgery (CSRF) vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 6.5 |
2020-09-25 | CVE-2020-25130 | Observium | SQL Injection vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 6.5 |
2020-09-25 | CVE-2020-15370 | Broadcom | Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext. | 6.5 |
2020-09-24 | CVE-2020-3487 | Cisco | Resource Exhaustion vulnerability in Cisco IOS XE Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. | 6.5 |
2020-09-24 | CVE-2020-3486 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device. | 6.5 |
2020-09-24 | CVE-2020-3465 | Cisco | Unspecified vulnerability in Cisco IOS XE 16.6.9/17.4.1 A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload. | 6.5 |
2020-09-24 | CVE-2020-3429 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE 16.12.1S A vulnerability in the WPA2 and WPA3 security implementation of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause denial of service (DoS) condition on an affected device. | 6.5 |
2020-09-24 | CVE-2020-3428 | Cisco | Resource Exhaustion vulnerability in Cisco IOS XE A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
2020-09-24 | CVE-2020-12841 | Gogogate | Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php | 6.5 |
2020-09-24 | CVE-2020-12840 | Gogogate | Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php | 6.5 |
2020-09-24 | CVE-2020-12281 | Gogogate | Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php. | 6.5 |
2020-09-24 | CVE-2020-12280 | Gogogate | Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9 iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php. | 6.5 |
2020-09-23 | CVE-2020-25597 | XEN Fedoraproject | Improper Handling of Exceptional Conditions vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.5 |
2020-09-23 | CVE-2020-5782 | Ignitenet | Unspecified vulnerability in Ignitenet Helios Glinq 2.2.1 In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wan_type’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection. | 6.5 |
2020-09-23 | CVE-2019-16004 | Cisco | Missing Authentication for Critical Function vulnerability in Cisco Vision Dynamic Signage Director A vulnerability in the REST API endpoint of Cisco Vision Dynamic Signage Director could allow an unauthenticated, remote attacker to bypass authentication on an affected device. | 6.5 |
2020-09-23 | CVE-2019-15963 | Cisco | Unspecified vulnerability in Cisco Unified Communications Manager A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive information in the web-based management interface of the affected software. | 6.5 |
2020-09-23 | CVE-2020-3130 | Cisco | Improper Input Validation vulnerability in Cisco Unity Connection A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote attacker to overwrite files on the underlying filesystem. | 6.5 |
2020-09-23 | CVE-2020-3124 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Hosted Collaboration Mediation Fulfillment A vulnerability in the web-based interface of Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 6.5 |
2020-09-22 | CVE-2020-15839 | Liferay | Unrestricted Upload of File with Dangerous Type vulnerability in Liferay Portal Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix pack 18 and 7.2 before fix pack 6, does not restrict the size of a multipart/form-data POST action, which allows remote authenticated users to conduct denial-of-service attacks by uploading large files. | 6.5 |
2020-09-22 | CVE-2020-24333 | Arista | Unspecified vulnerability in Arista Cloudvision Portal A vulnerability in Arista’s CloudVision Portal (CVP) prior to 2020.2 allows users with “read-only” or greater access rights to the Configlet Management module to download files not intended for access, located on the CVP server, by accessing a specific API. | 6.5 |
2020-09-22 | CVE-2020-4619 | IBM | Cleartext Storage of Sensitive Information vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 stores user credentials in plain in clear text which can be read by an authenticated user. | 6.5 |
2020-09-22 | CVE-2020-4612 | IBM | Unspecified vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to obtain sensitive information using a specially crafted HTTP request. | 6.5 |
2020-09-22 | CVE-2020-3977 | Vmware | Missing Authentication for Critical Function vulnerability in VMWare Horizon Daas 7.0.0/8.0.0/8.0.1 VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication. | 6.5 |
2020-09-21 | CVE-2020-6568 | Google Debian Opensuse Fedoraproject | Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 6.5 |
2020-09-21 | CVE-2020-6567 | Google Debian Opensuse Fedoraproject | Improper Input Validation vulnerability in multiple products Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 6.5 |
2020-09-21 | CVE-2020-6566 | Google Debian Opensuse Fedoraproject | Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
2020-09-21 | CVE-2020-6565 | Google Debian Opensuse Fedoraproject | Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | 6.5 |
2020-09-21 | CVE-2020-6564 | Debian Opensuse Fedoraproject | Improper Preservation of Permissions vulnerability in multiple products Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page. | 6.5 |
2020-09-21 | CVE-2020-6563 | Google Debian Opensuse Fedoraproject | Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page. | 6.5 |
2020-09-21 | CVE-2020-6562 | Google Debian Opensuse Fedoraproject | Cross-site Scripting vulnerability in multiple products Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
2020-09-21 | CVE-2020-6561 | Google Debian Opensuse Fedoraproject | Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
2020-09-21 | CVE-2020-6560 | Google Debian Opensuse Fedoraproject | Insufficient policy enforcement in autofill in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
2020-09-21 | CVE-2020-6558 | Google Opensuse Debian | Cross-site Scripting vulnerability in multiple products Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | 6.5 |
2020-09-21 | CVE-2020-6547 | Google Debian Fedoraproject | Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page. | 6.5 |
2020-09-21 | CVE-2020-6538 | Google Debian Fedoraproject | Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | 6.5 |
2020-09-21 | CVE-2020-4590 | IBM | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client. | 6.5 |
2020-09-21 | CVE-2020-16171 | Acronis | Server-Side Request Forgery (SSRF) vulnerability in Acronis Cyber Backup 12.5 An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342. | 6.5 |
2020-09-21 | CVE-2020-14177 | Atlassian | Unspecified vulnerability in Atlassian Jira Server Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Regex-based Denial of Service (DoS) vulnerability in JQL version searching. | 6.5 |
2020-09-24 | CVE-2020-6020 | Checkpoint | Improper Input Validation vulnerability in Checkpoint ICA Management Portal Check Point Security Management's Internal CA web management before Jumbo HFAs R80.10 Take 278, R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38, can be manipulated to run commands as a high privileged user or crash, due to weak input validation on inputs by a trusted management administrator. | 6.4 |
2020-09-25 | CVE-2020-15197 | Unspecified vulnerability in Google Tensorflow 2.3.0 In Tensorflow before version 2.3.1, the `SparseCountSparseOutput` implementation does not validate that the input arguments form a valid sparse tensor. | 6.3 | |
2020-09-21 | CVE-2020-6569 | Google Debian Opensuse Fedoraproject | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | 6.3 |
2020-09-27 | CVE-2020-26120 | Mediawiki Fedoraproject | Cross-site Scripting vulnerability in multiple products XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway. | 6.1 |
2020-09-27 | CVE-2020-25828 | Mediawiki Fedoraproject | Cross-site Scripting vulnerability in multiple products An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. | 6.1 |
2020-09-27 | CVE-2020-25815 | Mediawiki Fedoraproject | Cross-site Scripting vulnerability in multiple products An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. | 6.1 |
2020-09-27 | CVE-2020-25814 | Mediawiki Fedoraproject | Cross-site Scripting vulnerability in multiple products In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. | 6.1 |
2020-09-27 | CVE-2020-25812 | Mediawiki Fedoraproject | Cross-site Scripting vulnerability in multiple products An issue was discovered in MediaWiki 1.34.x before 1.34.4. | 6.1 |
2020-09-25 | CVE-2020-25148 | Observium | Cross-site Scripting vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 6.1 |
2020-09-25 | CVE-2020-25146 | Observium | Cross-site Scripting vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 6.1 |
2020-09-25 | CVE-2020-25141 | Observium | Cross-site Scripting vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 6.1 |
2020-09-25 | CVE-2020-16242 | GE | Unspecified vulnerability in GE S2020 Firmware and S2024 Firmware The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts. | 6.1 |
2020-09-25 | CVE-2020-4727 | IBM | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Infosphere Information Server 11.7 IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim. | 6.1 |
2020-09-25 | CVE-2020-25140 | Observium | Cross-site Scripting vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 6.1 |
2020-09-25 | CVE-2020-25139 | Observium | Cross-site Scripting vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 6.1 |
2020-09-25 | CVE-2020-25138 | Observium | Cross-site Scripting vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 6.1 |
2020-09-25 | CVE-2020-25137 | Observium | Cross-site Scripting vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 6.1 |
2020-09-25 | CVE-2020-25135 | Observium | Cross-site Scripting vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 6.1 |
2020-09-25 | CVE-2018-6449 | Broadcom | Cross-site Scripting vulnerability in Broadcom Fabric Operating System Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers | 6.1 |
2020-09-25 | CVE-2020-25131 | Observium | Cross-site Scripting vulnerability in Observium 20.8.10631 An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631. | 6.1 |
2020-09-25 | CVE-2020-15521 | Zohocorp | Cross-site Scripting vulnerability in Zohocorp Manageengine Applications Manager Zoho ManageEngine Applications Manager before 14 build 14730 has no protection against jsp/header.jsp Cross-site Scripting (XSS) . | 6.1 |
2020-09-25 | CVE-2019-11556 | Redhat Opensuse | Cross-site Scripting vulnerability in multiple products Pagure before 5.6 allows XSS via the templates/blame.html blame view. | 6.1 |
2020-09-25 | CVE-2020-26115 | Cpanel | Cross-site Scripting vulnerability in Cpanel cPanel before 90.0.10 allows self XSS via the Cron Editor interface (SEC-574). | 6.1 |
2020-09-25 | CVE-2020-26114 | Cpanel | Cross-site Scripting vulnerability in Cpanel cPanel before 90.0.10 allows self XSS via the Cron Jobs interface (SEC-573). | 6.1 |
2020-09-25 | CVE-2020-26113 | Cpanel | Cross-site Scripting vulnerability in Cpanel cPanel before 90.0.10 allows self XSS via WHM Manage API Tokens interfaces (SEC-569). | 6.1 |
2020-09-25 | CVE-2020-26111 | Cpanel | Cross-site Scripting vulnerability in Cpanel cPanel before 90.0.10 allows self XSS via the WHM Edit DNS Zone interface (SEC-566). | 6.1 |
2020-09-25 | CVE-2020-26110 | Cpanel | Cross-site Scripting vulnerability in Cpanel cPanel before 88.0.13 allows self XSS via DNS Zone Manager DNSSEC interfaces (SEC-564). | 6.1 |
2020-09-25 | CVE-2017-17477 | Pexip | Cross-site Scripting vulnerability in Pexip Infinity Pexip Infinity before 17 allows an unauthenticated remote attacker to achieve stored XSS via management web interface views. | 6.1 |
2020-09-24 | CVE-2020-15161 | Prestashop | Unspecified vulnerability in Prestashop In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attacker is able to inject javascript while using the contact form. | 6.1 |
2020-09-24 | CVE-2020-8348 | Lenovo | Cross-site Scripting vulnerability in Lenovo Enterprise Network Disk 6.1 A DOM-based cross-site scripting (XSS) vulnerability was reported in Lenovo Enterprise Network Disk prior to version 6.1 patch 6 hotfix 4 that could allow execution of code in an authenticated user's current browser session if a crafted url is visited, possibly through phishing. | 6.1 |
2020-09-24 | CVE-2020-8347 | Lenovo | Cross-site Scripting vulnerability in Lenovo Enterprise Network Disk 6.1 A reflective cross-site scripting (XSS) vulnerability was reported in Lenovo Enterprise Network Disk prior to version 6.1 patch 6 hotfix 4 that could allow execution of code in an authenticated user's browser if a crafted url is visited, possibly through phishing. | 6.1 |
2020-09-24 | CVE-2020-15930 | Joplin Project | Cross-site Scripting vulnerability in Joplin Project Joplin An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary code execution via a malicious HTML embed tag. | 6.1 |
2020-09-24 | CVE-2020-12811 | Fortinet | Cross-site Scripting vulnerability in Fortinet Fortianalyzer and Fortimanager An improper neutralization of script-related HTML tags in a web page in FortiManager 6.2.0, 6.2.1, 6.2.2, and 6.2.3and FortiAnalyzer 6.2.0, 6.2.1, 6.2.2, and 6.2.3 may allow an attacker to execute a cross site scripting (XSS) via the Identify Provider name field. | 6.1 |
2020-09-24 | CVE-2020-12816 | Fortinet | Cross-site Scripting vulnerability in Fortinet Fortinac An improper neutralization of input vulnerability in FortiNAC before 8.7.2 may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the UserID of Admin Users. | 6.1 |
2020-09-24 | CVE-2020-22453 | Untis | Cross-site Scripting vulnerability in Untis Webuntis Untis WebUntis before 2020.9.6 allows XSS in multiple functions that store information. | 6.1 |
2020-09-23 | CVE-2020-25739 | GON Project Debian Canonical | Cross-site Scripting vulnerability in multiple products An issue was discovered in the gon gem before gon-6.4.0 for Ruby. | 6.1 |
2020-09-23 | CVE-2019-15969 | Cisco | Cross-site Scripting vulnerability in Cisco web Security Appliance A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface of an affected device. | 6.1 |
2020-09-23 | CVE-2019-15974 | Cisco | Improper Input Validation vulnerability in Cisco Managed Services Accelerator A vulnerability in the web interface of Cisco Managed Services Accelerator (MSX) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. | 6.1 |
2020-09-23 | CVE-2020-3137 | Cisco | Cross-site Scripting vulnerability in Cisco Email Security Appliance A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
2020-09-22 | CVE-2020-14024 | Ozeki | Cross-site Scripting vulnerability in Ozeki NG SMS Gateway Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the (1) Receiver or Recipient field in the Mailbox feature, (2) OZFORM_GROUPNAME field in the Group configuration of addresses, (3) listname field in the Defining address lists configuration, or (4) any GET Parameter in the /default URL of the application. | 6.1 |
2020-09-21 | CVE-2020-4731 | IBM | Cross-site Scripting vulnerability in IBM Aspera Shares 1.9.14 IBM Aspera Web Application 1.9.14 PL1 is vulnerable to cross-site scripting. | 6.1 |
2020-09-24 | CVE-2020-3503 | Cisco | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco IOS XE 16.12.1 A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files. | 6.0 |
2020-09-24 | CVE-2020-3476 | Cisco | Files or Directories Accessible to External Parties vulnerability in Cisco IOS 16.10.1/16.9 A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system. | 6.0 |
2020-09-23 | CVE-2020-25602 | XEN Fedoraproject Debian Opensuse | Improper Handling of Exceptional Conditions vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 6.0 |
2020-09-25 | CVE-2020-15209 | Google Opensuse | In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer. | 5.9 |
2020-09-25 | CVE-2020-15200 | Out-of-bounds Write vulnerability in Google Tensorflow 2.3.0 In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not validate that the input arguments form a valid ragged tensor. | 5.9 | |
2020-09-25 | CVE-2020-15199 | Improper Input Validation vulnerability in Google Tensorflow 2.3.0 In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` does not validate that the input arguments form a valid ragged tensor. | 5.9 | |
2020-09-25 | CVE-2020-5929 | F5 | Information Exposure Through Discrepancy vulnerability in F5 products In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH use option not enabled in the options list may be vulnerable to crafted SSL/TLS Handshakes that may result with a PMS (Pre-Master Secret) that starts in a 0 byte and may lead to a recovery of plaintext messages as BIG-IP TLS/SSL ADH/DHE sends different error messages acting as an oracle. | 5.9 |
2020-09-22 | CVE-2020-24619 | Meltytech | Improper Certificate Validation vulnerability in Meltytech Shotcut In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuses TLS because of setPeerVerifyMode(QSslSocket::VerifyNone). | 5.9 |
2020-09-25 | CVE-2020-15372 | Broadcom | Improper Control of Dynamically-Managed Code Resources vulnerability in Broadcom Fabric Operating System A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or bypassing the logging. | 5.5 |
2020-09-25 | CVE-2020-25203 | Framer | Unspecified vulnerability in Framer Preview 12.0 The Framer Preview application 12 for Android exposes com.framer.viewer.FramerViewActivity to other applications. | 5.5 |
2020-09-24 | CVE-2020-3477 | Cisco | Incorrect Authorization vulnerability in Cisco IOS 16.3.11 A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem. | 5.5 |
2020-09-24 | CVE-2020-26088 | Linux Debian Opensuse Canonical | Incorrect Default Permissions vulnerability in multiple products A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a. | 5.5 |
2020-09-23 | CVE-2020-25601 | XEN Debian Fedoraproject Opensuse | An issue was discovered in Xen through 4.14.x. | 5.5 |
2020-09-23 | CVE-2020-25600 | XEN Fedoraproject Opensuse Debian | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 5.5 |
2020-09-23 | CVE-2020-25598 | XEN Fedoraproject Opensuse | Always-Incorrect Control Flow Implementation vulnerability in multiple products An issue was discovered in Xen 4.14.x. | 5.5 |
2020-09-23 | CVE-2020-25596 | XEN Fedoraproject Debian Opensuse | Injection vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 5.5 |
2020-09-23 | CVE-2020-3116 | Cisco | Improper Input Validation vulnerability in Cisco Webex Meetings Online and Webex Meetings Server A vulnerability in the way Cisco Webex applications process Universal Communications Format (UCF) files could allow an attacker to cause a denial of service (DoS) condition. | 5.5 |
2020-09-25 | CVE-2020-15198 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Tensorflow 2.3.0 In Tensorflow before version 2.3.1, the `SparseCountSparseOutput` implementation does not validate that the input arguments form a valid sparse tensor. | 5.4 | |
2020-09-25 | CVE-2018-6447 | Broadcom | Cross-site Scripting vulnerability in Broadcom Fabric Operating System A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account. | 5.4 |
2020-09-24 | CVE-2020-15162 | Prestashop | Unspecified vulnerability in Prestashop In PrestaShop from version 1.5.0.0 and before version 1.7.6.8, users are allowed to send compromised files. | 5.4 |
2020-09-24 | CVE-2020-12815 | Fortinet | Cross-site Scripting vulnerability in Fortinet Fortianalyzer and Fortitester An improper neutralization of input vulnerability in FortiTester before 3.9.0 may allow a remote authenticated attacker to inject script related HTML tags via IPv4/IPv6 address fields. | 5.4 |
2020-09-23 | CVE-2020-5783 | Ignitenet | Cross-Site Request Forgery (CSRF) vulnerability in Ignitenet Helios Glinq 2.2.1 In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms. | 5.4 |
2020-09-23 | CVE-2020-2283 | Jenkins | Cross-site Scripting vulnerability in Jenkins Liquibase Runner Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not escape changeset contents, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users able to control changeset files evaluated by the plugin. | 5.4 |
2020-09-23 | CVE-2020-2281 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Lockable Resources A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources. | 5.4 |
2020-09-22 | CVE-2020-4615 | IBM | Cross-site Scripting vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site scripting. | 5.4 |
2020-09-27 | CVE-2020-25813 | Mediawiki Fedoraproject | In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users. | 5.3 |
2020-09-25 | CVE-2020-15204 | Google Opensuse | In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state. | 5.3 |
2020-09-25 | CVE-2020-15194 | Google Opensuse | In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `SparseFillEmptyRowsGrad` implementation has incomplete validation of the shapes of its arguments. | 5.3 |
2020-09-25 | CVE-2020-15191 | Google Opensuse | Unchecked Return Value vulnerability in multiple products In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to `dlpack.to_dlpack` the expected validations will cause variables to bind to `nullptr` while setting a `status` variable to the error condition. | 5.3 |
2020-09-25 | CVE-2020-15190 | Google Opensuse | In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `tf.raw_ops.Switch` operation takes as input a tensor and a boolean and outputs two tensors. | 5.3 |
2020-09-25 | CVE-2020-4531 | IBM | Unchecked Return Value vulnerability in IBM products IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 5.3 |
2020-09-25 | CVE-2020-25625 | Qemu Debian | Infinite Loop vulnerability in multiple products hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop. | 5.3 |
2020-09-25 | CVE-2020-24615 | Pexip | Improper Input Validation vulnerability in Pexip Infinity Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP. | 5.3 |
2020-09-25 | CVE-2020-24595 | Mitel | Unspecified vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1 Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to retrieve sensitive information due to insufficient access control. | 5.3 |
2020-09-25 | CVE-2020-24592 | Mitel | Improper Encoding or Escaping of Output vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1 Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization. | 5.3 |
2020-09-24 | CVE-2020-15840 | Liferay | Unspecified vulnerability in Liferay DXP and Liferay Portal In Liferay Portal before 7.3.1, Liferay Portal 6.2 EE, and Liferay DXP 7.2, DXP 7.1 and DXP 7.0, the property 'portlet.resource.id.banned.paths.regexp' can be bypassed with doubled encoded URLs. | 5.3 |
2020-09-24 | CVE-2020-12818 | Fortinet | Unspecified vulnerability in Fortinet Fortios An insufficient logging vulnerability in FortiGate before 6.4.1 may allow the traffic from an unauthenticated attacker to Fortinet owned IP addresses to go unnoticed. | 5.3 |
2020-09-23 | CVE-2020-16240 | GE | Unspecified vulnerability in GE Asset Performance Management Classic 4.4 GE Digital APM Classic, Versions 4.4 and prior. | 5.3 |
2020-09-23 | CVE-2020-14370 | Podman Project Redhat Fedoraproject | Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. | 5.3 |
2020-09-23 | CVE-2019-15993 | Cisco | Improper Authentication vulnerability in Cisco products A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to access sensitive device information. | 5.3 |
2020-09-23 | CVE-2019-1983 | Cisco | Improper Input Validation vulnerability in Cisco Asyncos and Content Security Management Appliance A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to cause repeated crashes in some internal processes that are running on the affected devices, resulting in a denial of service (DoS) condition. | 5.3 |
2020-09-22 | CVE-2020-14027 | Ozeki | Argument Injection or Modification vulnerability in Ozeki NG SMS Gateway An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. | 5.3 |
2020-09-22 | CVE-2020-4616 | IBM | Unspecified vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 could disclose sensitive username information to an attacker using a specially crafted HTTP request. | 5.3 |
2020-09-22 | CVE-2020-23446 | Verint | Authorization Bypass Through User-Controlled Key vulnerability in Verint Workforce Optimization 15.1.0.37634 Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API | 5.3 |
2020-09-21 | CVE-2020-14179 | Atlassian | Unspecified vulnerability in Atlassian Jira Server Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint. | 5.3 |
2020-09-25 | CVE-2020-25085 | Qemu Debian | Out-of-bounds Write vulnerability in multiple products QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case. | 5.0 |
2020-09-22 | CVE-2020-14023 | Ozeki | Server-Side Request Forgery (SSRF) vulnerability in Ozeki NG SMS Gateway Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS. | 4.9 |
2020-09-22 | CVE-2020-4618 | IBM | Improper Input Validation vulnerability in IBM Data Risk Manager IBM Data Risk Manager (iDNA) 2.0.6 could allow a privileged user to cause a denial of service due to improper input validation. | 4.9 |
2020-09-25 | CVE-2020-15211 | Google Opensuse | In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors. | 4.8 |
2020-09-25 | CVE-2020-15201 | Out-of-bounds Write vulnerability in Google Tensorflow 2.3.0 In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not validate that the input arguments form a valid ragged tensor. | 4.8 | |
2020-09-23 | CVE-2020-10687 | Redhat | Unspecified vulnerability in Redhat Undertow 1.0.0 A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request. | 4.8 |
2020-09-23 | CVE-2019-16025 | Cisco | Cross-site Scripting vulnerability in Cisco Emergency Responder A vulnerability in the web framework of Cisco Emergency Responder could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. | 4.8 |
2020-09-24 | CVE-2020-3418 | Cisco | Unspecified vulnerability in Cisco IOS XE 17.1.1 A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9800 Series Routers could allow an unauthenticated, adjacent attacker to send ICMPv6 traffic prior to the client being placed into RUN state. | 4.7 |
2020-09-23 | CVE-2020-25604 | XEN Fedoraproject Debian Opensuse | Race Condition vulnerability in multiple products An issue was discovered in Xen through 4.14.x. | 4.7 |
2020-09-23 | CVE-2020-3117 | Cisco | Unspecified vulnerability in Cisco products A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. | 4.7 |
2020-09-23 | CVE-2019-16000 | Cisco | Insufficient Verification of Data Authenticity vulnerability in Cisco Umbrella Roaming Client 2.2.238 A vulnerability in the automatic update process of Cisco Umbrella Roaming Client for Windows could allow an authenticated, local attacker to install arbitrary, unapproved applications on a targeted device. | 4.4 |
2020-09-25 | CVE-2020-15192 | Google Opensuse | Improper Input Validation vulnerability in multiple products In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to `dlpack.to_dlpack` there is a memory leak following an expected validation failure. | 4.3 |
2020-09-24 | CVE-2020-3516 | Cisco | Improper Input Validation vulnerability in Cisco IOS XE A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticated, remote attacker to crash the web server on the device. | 4.3 |
2020-09-23 | CVE-2020-5781 | Ignitenet | Cross-site Scripting vulnerability in Ignitenet Helios Glinq 2.2.1 In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file (/etc/config/luci) by the authenticator.htmlauth function. | 4.3 |
2020-09-23 | CVE-2020-4340 | IBM | Improper Certificate Validation vulnerability in IBM Security Secret Server IBM Security Secret Server prior to 10.9 could allow an attacker to bypass SSL security due to improper certificate validation. | 4.3 |
2020-09-23 | CVE-2020-4324 | IBM | Improper Input Validation vulnerability in IBM Security Secret Server IBM Security Secret Server proir to 10.9 could allow a remote attacker to bypass security restrictions, caused by improper input validation. | 4.3 |
2020-09-23 | CVE-2020-2285 | Jenkins | Missing Authorization vulnerability in Jenkins Liquibase Runner A missing permission check in Jenkins Liquibase Runner Plugin 1.4.7 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 4.3 |
2020-09-23 | CVE-2020-2282 | Jenkins | Missing Authorization vulnerability in Jenkins Implied Labels Jenkins Implied Labels Plugin 0.6 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to configure the plugin. | 4.3 |
2020-09-21 | CVE-2020-6571 | Google Opensuse Fedoraproject Debian | Improper Input Validation vulnerability in multiple products Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | 4.3 |
2020-09-21 | CVE-2020-6570 | Google Opensuse Fedoraproject Debian | Information Exposure vulnerability in multiple products Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction. | 4.3 |
2020-09-21 | CVE-2020-15966 | Google Debian Opensuse Fedoraproject | Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension. | 4.3 |
2020-09-21 | CVE-2020-15959 | Google Opensuse Fedoraproject Debian | Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering. | 4.3 |
2020-09-21 | CVE-2020-4315 | IBM | Insecure Storage of Sensitive Information vulnerability in IBM Business Automation Content Analyzer on Cloud 1.0 IBM Business Automation Content Analyzer on Cloud 1.0 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2020-09-21 | CVE-2020-14180 | Atlassian | Unspecified vulnerability in Atlassian Jira Service Desk Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource. | 4.3 |
2020-09-25 | CVE-2020-15213 | Allocation of Resources Without Limits or Throttling vulnerability in Google Tensorflow 2.2.0/2.3.0 In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum. | 4.0 |
1 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-09-25 | CVE-2020-25084 | Qemu Debian | Use After Free vulnerability in multiple products QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked. | 3.2 |