Weekly Vulnerabilities Reports > September 21 to 27, 2020

Overview

359 new vulnerabilities reported during this period, including 21 critical vulnerabilities and 104 high severity vulnerabilities. This weekly summary report vulnerabilities in 246 products from 75 vendors including Google, Cisco, Fedoraproject, Debian, and Opensuse. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Input Validation", "Out-of-bounds Write", "SQL Injection", and "Use After Free".

  • 296 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities have public exploit available.
  • 101 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 271 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 72 reported vulnerabilities.
  • Ozeki has the most reported critical vulnerabilities, with 4 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

21 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-25 CVE-2020-25749 Rubetek Use of Hard-coded Credentials vulnerability in Rubetek products

The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) could allow an remote attacker to take full control of the device with a high-privileged account.

10.0
2020-09-24 CVE-2020-16147 Telmat OS Command Injection vulnerability in Telmat products

The login page in Telmat AccessLog <= 6.0 (TAL_20180415) allows an attacker to get root shell access via Unauthenticated code injection over the network.

10.0
2020-09-23 CVE-2020-2279 Jenkins Unspecified vulnerability in Jenkins Script Security

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content that can result in arbitrary code execution on the Jenkins controller JVM.

9.9
2020-09-25 CVE-2020-25223 Sophos OS Command Injection vulnerability in Sophos Unified Threat Management

A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11

9.8
2020-09-22 CVE-2020-11856 Microfocus Missing Authentication for Critical Function vulnerability in Microfocus Operation Bridge Reporter

Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier.

9.8
2020-09-22 CVE-2020-11857 Microfocus Use of Hard-coded Credentials vulnerability in Microfocus Operation Bridge Reporter

An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier.

9.8
2020-09-21 CVE-2020-6573 Google
Debian
Opensuse
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

9.6
2020-09-21 CVE-2020-15963 Google
Opensuse
Fedoraproject
Debian
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
9.6
2020-09-21 CVE-2020-15961 Google
Opensuse
Fedoraproject
Debian
Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
9.6
2020-09-25 CVE-2020-11805 Pexip Improper Input Validation vulnerability in Pexip Infinity and Reverse Proxy and Turn Server

Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN.

9.3
2020-09-22 CVE-2020-14026 Ozeki Improper Neutralization of Formula Elements in a CSV File vulnerability in Ozeki NG SMS Gateway

CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the Export Of Contacts feature in Ozeki NG SMS Gateway through 4.17.6 via a value that is mishandled in a CSV export.

9.3
2020-09-24 CVE-2020-3426 Cisco Improper Input Validation vulnerability in Cisco IOS

A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition.

9.1
2020-09-25 CVE-2020-25747 Rubetek Improper Authentication vulnerability in Rubetek products

The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication.

9.0
2020-09-24 CVE-2020-24365 Gemteks Insecure Default Initialization of Resource vulnerability in Gemteks Wrtm-127Acn Firmware and Wrtm-127X9 Firmware

An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-127x9 01.01.02.127 devices.

9.0
2020-09-24 CVE-2020-16148 Telmat OS Command Injection vulnerability in Telmat products

The ping page of the administration panel in Telmat AccessLog <= 6.0 (TAL_20180415) allows an attacker to get root shell access via authenticated code injection over the network.

9.0
2020-09-23 CVE-2019-15957 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an authenticated, remote attacker with administrative privileges to inject arbitrary commands into the underlying operating system.

9.0
2020-09-23 CVE-2020-3143 Cisco Path Traversal vulnerability in Cisco products

A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device.

9.0
2020-09-22 CVE-2020-14031 Ozeki Unspecified vulnerability in Ozeki NG SMS Gateway

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6.

9.0
2020-09-22 CVE-2020-14028 Ozeki Path Traversal vulnerability in Ozeki NG SMS Gateway

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6.

9.0
2020-09-22 CVE-2020-14022 Ozeki Unrestricted Upload of File with Dangerous Type vulnerability in Ozeki NG SMS Gateway

Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file type when bulk importing new contacts ("Import Contacts" functionality) from a file.

9.0
2020-09-22 CVE-2020-4620 IBM Unrestricted Upload of File with Dangerous Type vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions.

9.0

104 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-24 CVE-2020-3425 Cisco Unspecified vulnerability in Cisco IOS XE

Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device.

8.8
2020-09-24 CVE-2020-3141 Cisco Unspecified vulnerability in Cisco IOS XE

Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device.

8.8
2020-09-23 CVE-2020-2280 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Warnings

A cross-site request forgery (CSRF) vulnerability in Jenkins Warnings Plugin 5.0.1 and earlier allows attackers to execute arbitrary code.

8.8
2020-09-21 CVE-2020-6559 Google
Debian
Opensuse
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6553 Google
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6552 Google
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6549 Google
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6548 Google
Debian
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6545 Google
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6544 Google
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6543 Google
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6540 Google
Debian
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6539 Google
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6537 Google
Debian
Fedoraproject
Type Confusion vulnerability in multiple products

Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6532 Google
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6576 Google
Debian
Opensuse
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6556 Google
Debian
Fedoraproject
Opensuse
Out-of-bounds Write vulnerability in multiple products

Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-15965 Google
Debian
Opensuse
Fedoraproject
Type Confusion vulnerability in multiple products

Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

8.8
2020-09-21 CVE-2020-15964 Google
Opensuse
Fedoraproject
Debian
NULL Pointer Dereference vulnerability in multiple products

Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-15962 Google
Opensuse
Fedoraproject
Debian
Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
8.8
2020-09-21 CVE-2020-15960 Google
Opensuse
Fedoraproject
Debian
Out-of-bounds Write vulnerability in multiple products

Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6551 Google
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6550 Google
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6542 Google
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-21 CVE-2020-6541 Google
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

8.8
2020-09-24 CVE-2020-3480 Cisco Improper Check for Unusual or Exceptional Conditions vulnerability in Cisco IOS XE

Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall.

8.6
2020-09-24 CVE-2020-3414 Cisco Resource Exhaustion vulnerability in Cisco IOS XE

A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

8.6
2020-09-24 CVE-2020-3408 Cisco Resource Exhaustion vulnerability in Cisco IOS and IOS XE

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

8.6
2020-09-24 CVE-2020-3407 Cisco NULL Pointer Dereference vulnerability in Cisco IOS XE 15.8(3)M3

A vulnerability in the RESTCONF and NETCONF-YANG access control list (ACL) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload.

8.6
2020-09-24 CVE-2020-3399 Cisco Out-of-bounds Read vulnerability in Cisco IOS XE 16.12/16.12.1S/16.12.2

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device.

8.6
2020-09-21 CVE-2020-6554 Google
Debian
Fedoraproject
Use After Free vulnerability in multiple products

Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.

8.6
2020-09-21 CVE-2020-6575 Google
Debian
Opensuse
Fedoraproject
Race Condition vulnerability in multiple products

Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

8.3
2020-09-27 CVE-2020-26117 Tigervnc
Debian
Opensuse
Improper Certificate Validation vulnerability in multiple products

In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions.

8.1
2020-09-24 CVE-2020-3475 Cisco Improper Input Validation vulnerability in Cisco IOS

Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition.

8.1
2020-09-24 CVE-2020-3474 Cisco Incorrect Authorization vulnerability in Cisco IOS XE

Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition.

8.1
2020-09-24 CVE-2020-15223 ORY Improper Check for Unusual or Exceptional Conditions vulnerability in ORY Fosite

In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.34.0, the `TokenRevocationHandler` ignores errors coming from the storage.

8.0
2020-09-24 CVE-2020-3560 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device.

7.8
2020-09-24 CVE-2020-3527 Cisco Resource Exhaustion vulnerability in Cisco IOS XE

A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to crash the device.

7.8
2020-09-24 CVE-2020-3526 Cisco Improper Input Validation vulnerability in Cisco IOS XE 17.2

A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device.

7.8
2020-09-24 CVE-2020-3509 Cisco Information Exposure Through Discrepancy vulnerability in Cisco IOS XE 16.7(1)

A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition.

7.8
2020-09-24 CVE-2020-3492 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.8
2020-09-24 CVE-2020-3404 Cisco Incorrect Authorization vulnerability in Cisco IOS XE 16.11.1

A vulnerability in the persistent Telnet/Secure Shell (SSH) CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system (OS) with root privileges.

7.8
2020-09-24 CVE-2020-3403 Cisco OS Command Injection vulnerability in Cisco IOS XE 17.2.1

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to inject a command to the underlying operating system that will execute with root privileges upon the next reboot of the device.

7.8
2020-09-24 CVE-2020-3393 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

A vulnerability in the application-hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device.

7.8
2020-09-24 CVE-2020-3359 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

A vulnerability in the multicast DNS (mDNS) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

7.8
2020-09-24 CVE-2020-3559 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload.

7.8
2020-09-23 CVE-2020-25603 XEN
Fedoraproject
Opensuse
Debian
Always-Incorrect Control Flow Implementation vulnerability in multiple products

An issue was discovered in Xen through 4.14.x.

7.8
2020-09-23 CVE-2020-25595 XEN
Fedoraproject
Debian
Opensuse
Improper Privilege Management vulnerability in multiple products

An issue was discovered in Xen through 4.14.x.

7.8
2020-09-22 CVE-2020-25487 Phpgurukul SQL Injection vulnerability in PHPgurukul ZOO Management System 1.0

PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is affected by: SQL Injection via zms/animal-detail.php.

7.8
2020-09-22 CVE-2020-11855 Microfocus Incorrect Permission Assignment for Critical Resource vulnerability in Microfocus Operation Bridge Reporter

An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier.

7.8
2020-09-21 CVE-2020-6546 Google
Debian
Fedoraproject
Link Following vulnerability in multiple products

Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege via a crafted filesystem.

7.8
2020-09-21 CVE-2020-6574 Google
Opensuse
Debian
Fedoraproject
Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.
7.8
2020-09-21 CVE-2020-6555 Google
Debian
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

7.6
2020-09-27 CVE-2020-26121 Mediawiki
Fedoraproject
Incorrect Authorization vulnerability in multiple products

An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4.

7.5
2020-09-27 CVE-2020-25869 Mediawiki
Fedoraproject
Incorrect Authorization vulnerability in multiple products

An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4.

7.5
2020-09-27 CVE-2020-25827 Mediawiki
Fedoraproject
Improper Restriction of Excessive Authentication Attempts vulnerability in multiple products

An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4.

7.5
2020-09-25 CVE-2020-15212 Google Out-of-bounds Write vulnerability in Google Tensorflow 2.2.0/2.3.0

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor.

7.5
2020-09-25 CVE-2020-15208 Google
Opensuse
Out-of-bounds Write vulnerability in multiple products

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes.

7.5
2020-09-25 CVE-2020-15205 Google
Opensuse
Out-of-bounds Write vulnerability in multiple products

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `data_splits` argument of `tf.raw_ops.StringNGrams` lacks validation.

7.5
2020-09-25 CVE-2020-25147 Observium SQL Injection vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

7.5
2020-09-25 CVE-2020-25132 Observium SQL Injection vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

7.5
2020-09-25 CVE-2020-15374 Broadcom Unspecified vulnerability in Broadcom Fabric Operating System

Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input.

7.5
2020-09-25 CVE-2020-15373 Broadcom Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Broadcom Fabric Operating System

Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks.

7.5
2020-09-25 CVE-2020-15371 Broadcom Unspecified vulnerability in Broadcom Fabric Operating System

Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability.

7.5
2020-09-25 CVE-2020-13995 Airforce Out-of-bounds Write vulnerability in Airforce Nitf Extract Utility 7.5

U.S.

7.5
2020-09-25 CVE-2020-15394 Zohocorp SQL Injection vulnerability in Zohocorp Manageengine Applications Manager

The REST API in Zoho ManageEngine Applications Manager before build 14740 allows an unauthenticated SQL Injection via a crafted request, leading to Remote Code Execution.

7.5
2020-09-25 CVE-2020-26108 Cpanel Unspecified vulnerability in Cpanel

cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488).

7.5
2020-09-25 CVE-2020-26100 Cpanel Unspecified vulnerability in Cpanel

chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497).

7.5
2020-09-25 CVE-2020-26098 Cpanel Unspecified vulnerability in Cpanel

cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).

7.5
2020-09-24 CVE-2020-15160 Prestashop SQL Injection vulnerability in Prestashop

PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter.

7.5
2020-09-24 CVE-2020-15851 Nakivo Missing Authentication for Critical Function vulnerability in Nakivo Backup & Replication Transporter 9.4.0.R43656

Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service.

7.5
2020-09-24 CVE-2020-3479 Cisco Resource Exhaustion vulnerability in Cisco IOS and IOS XE

A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

7.5
2020-09-24 CVE-2020-3422 Cisco Unspecified vulnerability in Cisco IOS XE 16.9.3

A vulnerability in the IP Service Level Agreement (SLA) responder feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the IP SLA responder to reuse an existing port, resulting in a denial of service (DoS) condition.

7.5
2020-09-24 CVE-2020-3421 Cisco Improper Check for Unusual or Exceptional Conditions vulnerability in Cisco IOS XE 16.9.3/17.2

Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall.

7.5
2020-09-24 CVE-2020-12843 Gogogate Unrestricted Upload of File with Dangerous Type vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors.

7.5
2020-09-24 CVE-2020-12842 Gogogate Code Injection vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php.

7.5
2020-09-24 CVE-2020-12839 Gogogate Code Injection vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php.

7.5
2020-09-24 CVE-2020-12838 Gogogate Code Injection vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php.

7.5
2020-09-24 CVE-2020-13505 Aveva SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053

Parameter psClass in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks.

7.5
2020-09-24 CVE-2020-13504 Aveva SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053

Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks.

7.5
2020-09-24 CVE-2020-13501 Aveva SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053

An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053.

7.5
2020-09-24 CVE-2020-13500 Aveva SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053

SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053.

7.5
2020-09-24 CVE-2020-13499 Aveva SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053

An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053.

7.5
2020-09-23 CVE-2020-7122 Arubanetworks Out-of-bounds Write vulnerability in Arubanetworks products

Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found.

7.5
2020-09-23 CVE-2020-7121 Arubanetworks Out-of-bounds Write vulnerability in Arubanetworks products

Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found.

7.5
2020-09-23 CVE-2020-24626 HPE Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9

Unathenticated directory traversal in the ReceiverServlet class doPost() method can lead to arbitrary remote code execution in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.

7.5
2020-09-23 CVE-2020-10714 Redhat
Netapp
Session Fixation vulnerability in multiple products

A flaw was found in WildFly Elytron version 1.11.3.Final and before.

7.5
2020-09-23 CVE-2020-25821 PEG Markdown Project NULL Pointer Dereference vulnerability in Peg-Markdown Project Peg-Markdown 0.4.14

peg-markdown 0.4.14 has a NULL pointer dereference in process_raw_blocks in markdown_lib.c.

7.5
2020-09-23 CVE-2020-3569 Cisco Allocation of Resources Without Limits or Throttling vulnerability in Cisco IOS XR

Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash.

7.5
2020-09-24 CVE-2020-3511 Cisco Improper Input Validation vulnerability in Cisco IOS XE 15.1(4)M

A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.

7.4
2020-09-24 CVE-2020-3409 Cisco Resource Exhaustion vulnerability in Cisco IOS and IOS XE

A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device.

7.4
2020-09-24 CVE-2020-3508 Cisco Resource Exhaustion vulnerability in Cisco IOS XE

A vulnerability in the IP Address Resolution Protocol (ARP) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor (ESP) installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service condition.

7.4
2020-09-27 CVE-2020-26116 Python
Fedoraproject
Canonical
Netapp
Debian
Oracle
Opensuse
Injection vulnerability in multiple products

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.

7.2
2020-09-25 CVE-2020-24718 Freebsd
Omniosce
Openindiana
Netapp
Missing Authorization vulnerability in multiple products

bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP.

7.2
2020-09-24 CVE-2020-17365 Pango Incorrect Permission Assignment for Critical Resource vulnerability in Pango Hotspot Shield 10.0.1/10.3.0

Improper directory permissions in the Hotspot Shield VPN client software for Windows 10.3.0 and earlier may allow an authorized user to potentially enable escalation of privilege via local access.

7.2
2020-09-24 CVE-2020-8333 Lenovo Unspecified vulnerability in Lenovo products

A potential vulnerability in the SMI callback function used in the EEPROM driver in some Lenovo Desktops and ThinkStation models may allow arbitrary code execution

7.2
2020-09-24 CVE-2020-15850 Nakivo Incorrect Default Permissions vulnerability in Nakivo Backup & Replication Director 9.4.0.R43656

Insecure permissions in Nakivo Backup & Replication Director version 9.4.0.r43656 on Linux allow local users to access the Nakivo Director web interface and gain root privileges.

7.2
2020-09-24 CVE-2020-3396 Cisco Improper Privilege Management vulnerability in Cisco IOS XE 16.12.1

A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive (SSD) for Cisco IOS XE Software could allow an authenticated, physical attacker to remove the USB 3.0 SSD and modify sensitive areas of the file system, including the namespace container protections.

7.2
2020-09-23 CVE-2020-25826 Pingidentity Improper Privilege Management vulnerability in Pingidentity Pingid Integration for Windows Login

PingID Integration for Windows Login before 2.4.2 allows local users to gain privileges by modifying CefSharp.BrowserSubprocess.exe.

7.2
2020-09-23 CVE-2019-15992 Cisco Out-of-bounds Write vulnerability in Cisco products

A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device.

7.2
2020-09-22 CVE-2020-16202 Advantech Incorrect Permission Assignment for Critical Resource vulnerability in Advantech Webaccess

WebAccess Node (All versions prior to 9.0.1) has incorrect permissions set for resources used by specific services, which may allow code execution with system privileges.

7.2
2020-09-24 CVE-2020-3510 Cisco Resource Exhaustion vulnerability in Cisco IOS XE 16.12.1/16.12.2/17.1.1

A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in a denial of service condition on an affected device.

7.1
2020-09-23 CVE-2020-2284 Jenkins XXE vulnerability in Jenkins Liquibase Runner

Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

7.1
2020-09-23 CVE-2020-25599 XEN
Fedoraproject
Opensuse
Debian
Race Condition vulnerability in multiple products

An issue was discovered in Xen through 4.14.x.

7.0

218 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-23 CVE-2019-1736 Cisco Improper Verification of Cryptographic Signature vulnerability in Cisco products

A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation checks and load a compromised software image on an affected device.

6.9
2020-09-25 CVE-2020-15214 Google Out-of-bounds Write vulnerability in Google Tensorflow 2.2.0/2.3.0

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted.

6.8
2020-09-25 CVE-2020-15207 Google
Opensuse
Out-of-bounds Write vulnerability in multiple products

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses `ResolveAxis` to convert negative values to positive indices.

6.8
2020-09-25 CVE-2020-15202 Google
Opensuse
In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments.
6.8
2020-09-25 CVE-2020-15201 Google Out-of-bounds Write vulnerability in Google Tensorflow 2.3.0

In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not validate that the input arguments form a valid ragged tensor.

6.8
2020-09-25 CVE-2020-25748 Rubetek Cleartext Transmission of Sensitive Information vulnerability in Rubetek products

A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339).

6.8
2020-09-25 CVE-2020-24594 Mitel Cross-site Scripting vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1

Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS.

6.8
2020-09-25 CVE-2020-23837 Multi User Project Cross-Site Request Forgery (CSRF) vulnerability in Multi User Project Multi User 1.8.2

A Cross-Site Request Forgery (CSRF) vulnerability in the Multi User plugin 1.8.2 for GetSimple CMS allows remote attackers to add admin (or other) users after an authenticated admin visits a third-party site or clicks on a URL.

6.8
2020-09-24 CVE-2020-3524 Cisco Missing Authorization vulnerability in Cisco IOS XE ROM Monitor 15.6(18R)/16.2(1R)

A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to break the chain of trust and load a compromised software image on an affected device.

6.8
2020-09-24 CVE-2020-12282 Gogogate Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php.

6.8
2020-09-23 CVE-2020-5782 Ignitenet Improper Input Validation vulnerability in Ignitenet Helios Glinq 2.2.1

In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wan_type’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection.

6.8
2020-09-23 CVE-2020-3135 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (UCM) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected device.

6.8
2020-09-22 CVE-2020-14025 Ozeki Cross-Site Request Forgery (CSRF) vulnerability in Ozeki NG SMS Gateway

Ozeki NG SMS Gateway through 4.17.6 has multiple CSRF vulnerabilities.

6.8
2020-09-24 CVE-2020-3513 Cisco Code Injection vulnerability in Cisco IOS XE 16.12.1/17.2

Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust.

6.7
2020-09-24 CVE-2020-3423 Cisco Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS XE

A vulnerability in the implementation of the Lua interpreter that is integrated in Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary code with root privileges on the underlying Linux operating system (OS) of an affected device.

6.7
2020-09-24 CVE-2020-3417 Cisco OS Command Injection vulnerability in Cisco IOS XE

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust.

6.7
2020-09-24 CVE-2020-3416 Cisco Code Injection vulnerability in Cisco IOS XE 16.12.1/17.2

Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust.

6.7
2020-09-23 CVE-2020-14365 Redhat
Debian
Improper Verification of Cryptographic Signature vulnerability in multiple products

A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module.

6.6
2020-09-25 CVE-2020-15196 Google Out-of-bounds Read vulnerability in Google Tensorflow 2.3.0

In Tensorflow version 2.3.0, the `SparseCountSparseOutput` and `RaggedCountSparseOutput` implementations don't validate that the `weights` tensor has the same shape as the data.

6.5
2020-09-25 CVE-2020-15195 Google
Opensuse
Out-of-bounds Write vulnerability in multiple products

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of `SparseFillEmptyRowsGrad` uses a double indexing pattern.

6.5
2020-09-25 CVE-2020-25149 Observium Path Traversal vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

6.5
2020-09-25 CVE-2020-25145 Observium Path Traversal vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

6.5
2020-09-25 CVE-2020-25144 Observium Path Traversal vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

6.5
2020-09-25 CVE-2020-25143 Observium SQL Injection vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

6.5
2020-09-25 CVE-2020-25136 Observium Path Traversal vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

6.5
2020-09-25 CVE-2020-25134 Observium Path Traversal vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

6.5
2020-09-25 CVE-2020-25133 Observium Path Traversal vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

6.5
2020-09-25 CVE-2020-7735 NG Packagr Project OS Command Injection vulnerability in Ng-Packagr Project Ng-Packagr

The package ng-packagr before 10.1.1 are vulnerable to Command Injection via the styleIncludePaths option.

6.5
2020-09-25 CVE-2020-24621 Openmrs Path Traversal vulnerability in Openmrs Htmlformentry

A remote code execution (RCE) vulnerability was discovered in the htmlformentry (aka HTML Form Entry) module before 3.11.0 for OpenMRS.

6.5
2020-09-25 CVE-2020-24593 Mitel SQL Injection vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1

Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation.

6.5
2020-09-24 CVE-2020-3465 Cisco Unspecified vulnerability in Cisco IOS XE 16.6.9/17.4.1

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload.

6.5
2020-09-24 CVE-2020-3428 Cisco Resource Exhaustion vulnerability in Cisco IOS XE

A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.

6.5
2020-09-24 CVE-2020-3400 Cisco Missing Authorization vulnerability in Cisco IOS XE

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to utilize parts of the web UI for which they are not authorized.The vulnerability is due to insufficient authorization of web UI access requests.

6.5
2020-09-24 CVE-2020-12817 Fortinet Injection vulnerability in Fortinet Fortianalyzer and Fortitester

An improper neutralization of input vulnerability in FortiAnalyzer before 6.4.1 and 6.2.5 may allow a remote authenticated attacker to inject script related HTML tags via Name parameter of Storage Connectors.

6.5
2020-09-23 CVE-2020-25597 XEN
Fedoraproject
Improper Handling of Exceptional Conditions vulnerability in multiple products

An issue was discovered in Xen through 4.14.x.

6.5
2020-09-22 CVE-2020-4621 IBM Incorrect Authorization vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to escalate their privileges to administrator due to insufficient authorization checks.

6.5
2020-09-22 CVE-2020-4611 IBM Incorrect Permission Assignment for Critical Resource vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to bypass security and execute actions reserved for admins.

6.5
2020-09-21 CVE-2020-6568 Google
Debian
Opensuse
Fedoraproject
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
6.5
2020-09-21 CVE-2020-6567 Google
Debian
Opensuse
Fedoraproject
Improper Input Validation vulnerability in multiple products

Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

6.5
2020-09-21 CVE-2020-6566 Google
Debian
Opensuse
Fedoraproject
Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
6.5
2020-09-21 CVE-2020-6565 Google
Debian
Opensuse
Fedoraproject
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
6.5
2020-09-21 CVE-2020-6564 Debian
Opensuse
Google
Fedoraproject
Improper Preservation of Permissions vulnerability in multiple products

Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page.

6.5
2020-09-21 CVE-2020-6563 Google
Debian
Opensuse
Fedoraproject
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
6.5
2020-09-21 CVE-2020-6562 Google
Debian
Opensuse
Fedoraproject
Cross-site Scripting vulnerability in multiple products

Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

6.5
2020-09-21 CVE-2020-6561 Google
Debian
Opensuse
Fedoraproject
Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
6.5
2020-09-21 CVE-2020-6560 Google
Debian
Opensuse
Fedoraproject
Insufficient policy enforcement in autofill in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
6.5
2020-09-21 CVE-2020-6547 Google
Debian
Fedoraproject
Improper Restriction of Rendered UI Layers or Frames vulnerability in multiple products

Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page.

6.5
2020-09-21 CVE-2020-6538 Google
Debian
Fedoraproject
Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
6.5
2020-09-24 CVE-2020-6020 Checkpoint Improper Input Validation vulnerability in Checkpoint ICA Management Portal

Check Point Security Management's Internal CA web management before Jumbo HFAs R80.10 Take 278, R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38, can be manipulated to run commands as a high privileged user or crash, due to weak input validation on inputs by a trusted management administrator.

6.4
2020-09-21 CVE-2020-16171 Acronis Server-Side Request Forgery (SSRF) vulnerability in Acronis Cyber Backup 12.5

An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342.

6.4
2020-09-21 CVE-2020-6569 Google
Debian
Opensuse
Fedoraproject
Integer Overflow or Wraparound vulnerability in multiple products

Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

6.3
2020-09-27 CVE-2020-26120 Mediawiki
Fedoraproject
Cross-site Scripting vulnerability in multiple products

XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway.

6.1
2020-09-27 CVE-2020-25828 Mediawiki
Fedoraproject
Cross-site Scripting vulnerability in multiple products

An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4.

6.1
2020-09-27 CVE-2020-25815 Mediawiki
Fedoraproject
Cross-site Scripting vulnerability in multiple products

An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4.

6.1
2020-09-27 CVE-2020-25814 Mediawiki
Fedoraproject
Cross-site Scripting vulnerability in multiple products

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur.

6.1
2020-09-27 CVE-2020-25812 Mediawiki
Fedoraproject
Cross-site Scripting vulnerability in multiple products

An issue was discovered in MediaWiki 1.34.x before 1.34.4.

6.1
2020-09-25 CVE-2020-16242 GE Cross-site Scripting vulnerability in GE S2020 Firmware and S2024 Firmware

The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts.

6.1
2020-09-25 CVE-2019-11556 Redhat
Opensuse
Cross-site Scripting vulnerability in multiple products

Pagure before 5.6 allows XSS via the templates/blame.html blame view.

6.1
2020-09-24 CVE-2020-3552 Cisco NULL Pointer Dereference vulnerability in Cisco products

A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.

6.1
2020-09-24 CVE-2020-3497 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.

6.1
2020-09-24 CVE-2020-3494 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.

6.1
2020-09-24 CVE-2020-3493 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.

6.1
2020-09-24 CVE-2020-3489 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.

6.1
2020-09-24 CVE-2020-3488 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.

6.1
2020-09-24 CVE-2020-3487 Cisco Resource Exhaustion vulnerability in Cisco IOS XE

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.

6.1
2020-09-24 CVE-2020-3486 Cisco Improper Input Validation vulnerability in Cisco IOS XE

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.

6.1
2020-09-23 CVE-2020-25739 GON Project
Debian
Canonical
Cross-site Scripting vulnerability in multiple products

An issue was discovered in the gon gem before gon-6.4.0 for Ruby.

6.1
2020-09-24 CVE-2020-3503 Cisco Incorrect Permission Assignment for Critical Resource vulnerability in Cisco IOS XE 16.12.1

A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files.

6.0
2020-09-23 CVE-2020-25602 XEN
Fedoraproject
Debian
Opensuse
Improper Handling of Exceptional Conditions vulnerability in multiple products

An issue was discovered in Xen through 4.14.x.

6.0
2020-09-25 CVE-2020-15211 Google
Opensuse
Out-of-bounds Write vulnerability in multiple products

In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors.

5.8
2020-09-25 CVE-2020-15210 Google
Opensuse
Out-of-bounds Write vulnerability in multiple products

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption.

5.8
2020-09-25 CVE-2020-15198 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Tensorflow 2.3.0

In Tensorflow before version 2.3.1, the `SparseCountSparseOutput` implementation does not validate that the input arguments form a valid sparse tensor.

5.8
2020-09-24 CVE-2020-15222 ORY Insufficient Verification of Data Authenticity vulnerability in ORY Fosite

In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.31.0, when using "private_key_jwt" authentication the uniqueness of the `jti` value is not checked.

5.8
2020-09-23 CVE-2020-5783 Ignitenet Cross-Site Request Forgery (CSRF) vulnerability in Ignitenet Helios Glinq 2.2.1

In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms.

5.8
2020-09-23 CVE-2019-15974 Cisco Improper Input Validation vulnerability in Cisco Managed Services Accelerator

A vulnerability in the web interface of Cisco Managed Services Accelerator (MSX) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.

5.8
2020-09-22 CVE-2020-4617 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

5.8
2020-09-24 CVE-2020-3512 Cisco Resource Exhaustion vulnerability in Cisco IOS XE 15.2(7)E

A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition.

5.7
2020-09-24 CVE-2020-3429 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1S

A vulnerability in the WPA2 and WPA3 security implementation of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause denial of service (DoS) condition on an affected device.

5.7
2020-09-24 CVE-2020-3390 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) condition on an affected device.

5.7
2020-09-25 CVE-2020-15193 Google
Opensuse
Use of Uninitialized Resource vulnerability in multiple products

In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of `dlpack.to_dlpack` can be made to use uninitialized memory resulting in further memory corruption.

5.5
2020-09-23 CVE-2020-25601 XEN
Debian
Fedoraproject
Opensuse
An issue was discovered in Xen through 4.14.x.
5.5
2020-09-23 CVE-2020-25600 XEN
Fedoraproject
Opensuse
Debian
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in Xen through 4.14.x.

5.5
2020-09-23 CVE-2020-25598 XEN
Fedoraproject
Opensuse
Always-Incorrect Control Flow Implementation vulnerability in multiple products

An issue was discovered in Xen 4.14.x.

5.5
2020-09-23 CVE-2020-25596 XEN
Fedoraproject
Debian
Opensuse
Injection vulnerability in multiple products

An issue was discovered in Xen through 4.14.x.

5.5
2020-09-23 CVE-2020-3130 Cisco Improper Input Validation vulnerability in Cisco Unity Connection

A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote attacker to overwrite files on the underlying filesystem.

5.5
2020-09-23 CVE-2020-2283 Jenkins Cross-site Scripting vulnerability in Jenkins Liquibase Runner

Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not escape changeset contents, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users able to control changeset files evaluated by the plugin.

5.4
2020-09-23 CVE-2020-2281 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Lockable Resources

A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources.

5.4
2020-09-27 CVE-2020-25813 Mediawiki
Fedoraproject
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users.
5.3
2020-09-23 CVE-2020-14370 Podman Project
Redhat
Fedoraproject
Improper Cross-boundary Removal of Sensitive Data vulnerability in multiple products

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5.

5.3
2020-09-25 CVE-2020-15206 Google
Opensuse
Improper Input Validation vulnerability in multiple products

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's `SavedModel` protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model.

5.0
2020-09-25 CVE-2020-15204 Google
Opensuse
NULL Pointer Dereference vulnerability in multiple products

In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state.

5.0
2020-09-25 CVE-2020-15203 Google
Opensuse
Use of Externally-Controlled Format String vulnerability in multiple products

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the `fill` argument of tf.strings.as_string, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a `printf` call is constructed.

5.0
2020-09-25 CVE-2020-15194 Google
Opensuse
Reachable Assertion vulnerability in multiple products

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `SparseFillEmptyRowsGrad` implementation has incomplete validation of the shapes of its arguments.

5.0
2020-09-25 CVE-2020-15191 Google
Opensuse
Unchecked Return Value vulnerability in multiple products

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to `dlpack.to_dlpack` the expected validations will cause variables to bind to `nullptr` while setting a `status` variable to the error condition.

5.0
2020-09-25 CVE-2020-15190 Google
Opensuse
NULL Pointer Dereference vulnerability in multiple products

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `tf.raw_ops.Switch` operation takes as input a tensor and a boolean and outputs two tensors.

5.0
2020-09-25 CVE-2020-4531 IBM Unchecked Return Value vulnerability in IBM products

IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.

5.0
2020-09-25 CVE-2020-19455 Jdownloads SQL Injection vulnerability in Jdownloads 3.2.63

SQL injection exists in the jdownloads 3.2.63 component for Joomla! via components/com_jdownloads/helpers/categories.php, order function via the filter_order parameter.

5.0
2020-09-25 CVE-2020-19451 Jdownloads SQL Injection vulnerability in Jdownloads 3.2.63

SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, updateLog function via the X-forwarded-for Header parameter.

5.0
2020-09-25 CVE-2020-19450 Jdownloads SQL Injection vulnerability in Jdownloads 3.2.63

SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, getUserLimits function in the list parameter.

5.0
2020-09-25 CVE-2018-6448 Broadcom Unspecified vulnerability in Broadcom Fabric Operating System

A vulnerability in the management interface in Brocade Fabric OS Versions before Brocade Fabric OS v9.0.0 could allow a remote attacker to perform a denial of service attack on the vulnerable host.

5.0
2020-09-25 CVE-2020-5930 F5 Unspecified vulnerability in F5 products

In BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.7, 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 and BIG-IQ 5.2.0-7.1.0, unauthenticated attackers can cause disruption of service via undisclosed methods.

5.0
2020-09-25 CVE-2020-26112 Cpanel Unspecified vulnerability in Cpanel

The email quota cache in cPanel before 90.0.10 allows overwriting of files.

5.0
2020-09-25 CVE-2020-26109 Cpanel Unspecified vulnerability in Cpanel

cPanel before 88.0.13 allows bypass of a protection mechanism that attempted to restrict package modification (SEC-557).

5.0
2020-09-25 CVE-2020-26107 Cpanel Inadequate Encryption Strength vulnerability in Cpanel

cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).

5.0
2020-09-25 CVE-2020-26106 Cpanel Information Exposure Through Log Files vulnerability in Cpanel

cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-558).

5.0
2020-09-25 CVE-2020-26105 Cpanel Insufficiently Protected Credentials vulnerability in Cpanel

In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).

5.0
2020-09-25 CVE-2020-26104 Cpanel Insecure Storage of Sensitive Information vulnerability in Cpanel

In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552).

5.0
2020-09-25 CVE-2020-26103 Cpanel Weak Password Requirements vulnerability in Cpanel

In cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551).

5.0
2020-09-25 CVE-2020-26102 Cpanel Incorrect Authorization vulnerability in Cpanel

In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM (SEC-550).

5.0
2020-09-25 CVE-2020-26101 Cpanel Insufficiently Protected Credentials vulnerability in Cpanel

In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).

5.0
2020-09-25 CVE-2020-26099 Cpanel Unspecified vulnerability in Cpanel

cPanel before 88.0.3 allows attackers to bypass the SMTP greylisting protection mechanism (SEC-491).

5.0
2020-09-25 CVE-2020-24615 Pexip Improper Input Validation vulnerability in Pexip Infinity

Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP.

5.0
2020-09-25 CVE-2020-24595 Mitel Incorrect Authorization vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1

Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to retrieve sensitive information due to insufficient access control.

5.0
2020-09-25 CVE-2020-24592 Mitel Improper Encoding or Escaping of Output vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1

Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization.

5.0
2020-09-25 CVE-2020-13387 Pexip Improper Input Validation vulnerability in Pexip Infinity

Pexip Infinity before 23.4 has a lack of input validation, leading to temporary denial of service via H.323.

5.0
2020-09-25 CVE-2020-12824 Pexip Improper Input Validation vulnerability in Pexip Infinity 23/23.1/23.2

Pexip Infinity 23.x before 23.3 has improper input validation, leading to a temporary software abort via RTP.

5.0
2020-09-24 CVE-2020-13991 Jerryscript Unspecified vulnerability in Jerryscript 2.2.0

vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register.

5.0
2020-09-24 CVE-2020-19447 Jdownloads SQL Injection vulnerability in Jdownloads 3.2.63

SQL injection exists in the jdownloads 3.2.63 component for Joomla! com_jdownloads/models/send.php via the f_marked_files_id parameter.

5.0
2020-09-24 CVE-2020-12837 Gogogate Unrestricted Upload of File with Dangerous Type vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors.

5.0
2020-09-24 CVE-2020-15840 Liferay Unspecified vulnerability in Liferay DXP and Liferay Portal

In Liferay Portal before 7.3.1, Liferay Portal 6.2 EE, and Liferay DXP 7.2, DXP 7.1 and DXP 7.0, the property 'portlet.resource.id.banned.paths.regexp' can be bypassed with doubled encoded URLs.

5.0
2020-09-24 CVE-2020-12818 Fortinet Unspecified vulnerability in Fortinet Fortios

An insufficient logging vulnerability in FortiGate before 6.4.1 may allow the traffic from an unauthenticated attacker to Fortinet owned IP addresses to go unnoticed.

5.0
2020-09-24 CVE-2020-24560 Trendmicro Improper Certificate Validation vulnerability in Trendmicro products

An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one.

5.0
2020-09-24 CVE-2020-15604 Trendmicro Improper Certificate Validation vulnerability in Trendmicro products

An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one.

5.0
2020-09-23 CVE-2020-11031 Glpi Project Use of a Broken or Risky Cryptographic Algorithm vulnerability in Glpi-Project Glpi

In GLPI before version 9.5.0, the encryption algorithm used is insecure.

5.0
2020-09-23 CVE-2020-24213 Ygopro Integer Overflow or Wraparound vulnerability in Ygopro Ygocore 1.035.1

An integer overflow was discovered in YGOPro ygocore v13.51.

5.0
2020-09-23 CVE-2020-16240 GE Authorization Bypass Through User-Controlled Key vulnerability in GE Asset Performance Management Classic 4.4

GE Digital APM Classic, Versions 4.4 and prior.

5.0
2020-09-23 CVE-2020-24625 HPE Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9

Unathenticated directory traversal in the ReceiverServlet class doGet() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.

5.0
2020-09-23 CVE-2020-24624 HPE Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9

Unathenticated directory traversal in the DownloadServlet class execute() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.

5.0
2020-09-23 CVE-2019-16023 Cisco Unspecified vulnerability in Cisco IOS XR

Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

5.0
2020-09-23 CVE-2019-16021 Cisco Unspecified vulnerability in Cisco IOS XR

Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

5.0
2020-09-23 CVE-2020-3133 Cisco Improper Input Validation vulnerability in Cisco Email Security Appliance

A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device.

5.0
2020-09-22 CVE-2020-4622 IBM Use of Hard-coded Credentials vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

5.0
2020-09-22 CVE-2020-4616 IBM Information Exposure vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 could disclose sensitive username information to an attacker using a specially crafted HTTP request.

5.0
2020-09-22 CVE-2020-4614 IBM Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information.

5.0
2020-09-22 CVE-2020-4613 IBM Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2020-09-22 CVE-2020-23446 Verint Unspecified vulnerability in Verint Workforce Optimization 15.1.0.37634

Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API

5.0
2020-09-22 CVE-2020-8887 Telestream SQL Injection vulnerability in Telestream Medius and Sentry

Telestream Tektronix Medius before 10.7.5 and Sentry before 10.7.5 have a SQL injection vulnerability allowing an unauthenticated attacker to dump database contents via the page parameter in a page=login request to index.php (aka the server login page).

5.0
2020-09-21 CVE-2020-4643 IBM XXE vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.

5.0
2020-09-21 CVE-2020-4581 IBM Unspecified vulnerability in IBM Datapower Gateway

IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a chunked transfer-encoding HTTP/2 request.

5.0
2020-09-21 CVE-2020-4580 IBM Unspecified vulnerability in IBM Datapower Gateway

IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted a JSON request with invalid characters.

5.0
2020-09-21 CVE-2020-4579 IBM Unspecified vulnerability in IBM Datapower Gateway

IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted HTTP/2 request with invalid characters.

5.0
2020-09-21 CVE-2020-14179 Atlassian Unspecified vulnerability in Atlassian Jira Server

Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint.

5.0
2020-09-23 CVE-2020-10687 Redhat HTTP Request Smuggling vulnerability in Redhat Undertow 1.0.0

A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request.

4.8
2020-09-25 CVE-2020-25625 Qemu
Debian
Infinite Loop vulnerability in multiple products

hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop.

4.7
2020-09-23 CVE-2020-25604 XEN
Fedoraproject
Debian
Opensuse
Race Condition vulnerability in multiple products

An issue was discovered in Xen through 4.14.x.

4.7
2020-09-22 CVE-2020-25515 Simple Library Management System Project Unrestricted Upload of File with Dangerous Type vulnerability in Simple Library Management System Project Simple Library Management System 1.0

Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books.

4.6
2020-09-22 CVE-2020-25514 Simple Library Management System Project Improper Authentication vulnerability in Simple Library Management System Project Simple Library Management System 1.0

Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://<site>/lms/admin.php.

4.6
2020-09-25 CVE-2020-25085 Qemu
Debian
Out-of-bounds Write vulnerability in multiple products

QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.

4.4
2020-09-24 CVE-2020-15843 Actfax Incorrect Default Permissions vulnerability in Actfax 7.10

ActFax Version 7.10 Build 0335 (2020-05-25) is susceptible to a privilege escalation vulnerability due to insecure folder permissions on %PROGRAMFILES%\ActiveFax\Client\, %PROGRAMFILES%\ActiveFax\Install\ and %PROGRAMFILES%\ActiveFax\Terminal\.

4.4
2020-09-25 CVE-2020-15213 Google Allocation of Resources Without Limits or Throttling vulnerability in Google Tensorflow 2.2.0/2.3.0

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum.

4.3
2020-09-25 CVE-2020-15209 Google
Opensuse
NULL Pointer Dereference vulnerability in multiple products

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer.

4.3
2020-09-25 CVE-2020-15200 Google Out-of-bounds Write vulnerability in Google Tensorflow 2.3.0

In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not validate that the input arguments form a valid ragged tensor.

4.3
2020-09-25 CVE-2020-15199 Google Improper Input Validation vulnerability in Google Tensorflow 2.3.0

In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` does not validate that the input arguments form a valid ragged tensor.

4.3
2020-09-25 CVE-2020-25148 Observium Cross-site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25146 Observium Cross-site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25142 Observium Cross-Site Request Forgery (CSRF) vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25141 Observium Cross-site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-4727 IBM Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM Infosphere Information Server 11.7

IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim.

4.3
2020-09-25 CVE-2020-25140 Observium Cross-site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25139 Observium Cross-site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25138 Observium Cross-site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25137 Observium Cross-site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25135 Observium Cross-site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2018-6449 Broadcom Cross-site Scripting vulnerability in Broadcom Fabric Operating System

Host Header Injection vulnerability in the http management interface in Brocade Fabric OS versions before v9.0.0 could allow a remote attacker to exploit this vulnerability by injecting arbitrary HTTP headers

4.3
2020-09-25 CVE-2020-25131 Observium Cross-site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-15521 Zohocorp Cross-site Scripting vulnerability in Zohocorp Manageengine Applications Manager

Zoho ManageEngine Applications Manager before 14 build 14730 has no protection against jsp/header.jsp Cross-site Scripting (XSS) .

4.3
2020-09-25 CVE-2020-26115 Cpanel Cross-site Scripting vulnerability in Cpanel

cPanel before 90.0.10 allows self XSS via the Cron Editor interface (SEC-574).

4.3
2020-09-25 CVE-2020-26114 Cpanel Cross-site Scripting vulnerability in Cpanel

cPanel before 90.0.10 allows self XSS via the Cron Jobs interface (SEC-573).

4.3
2020-09-25 CVE-2020-26113 Cpanel Cross-site Scripting vulnerability in Cpanel

cPanel before 90.0.10 allows self XSS via WHM Manage API Tokens interfaces (SEC-569).

4.3
2020-09-25 CVE-2020-26111 Cpanel Cross-site Scripting vulnerability in Cpanel

cPanel before 90.0.10 allows self XSS via the WHM Edit DNS Zone interface (SEC-566).

4.3
2020-09-25 CVE-2020-26110 Cpanel Cross-site Scripting vulnerability in Cpanel

cPanel before 88.0.13 allows self XSS via DNS Zone Manager DNSSEC interfaces (SEC-564).

4.3
2020-09-24 CVE-2020-15161 Prestashop Cross-site Scripting vulnerability in Prestashop

In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attacker is able to inject javascript while using the contact form.

4.3
2020-09-24 CVE-2020-8348 Lenovo Cross-site Scripting vulnerability in Lenovo Enterprise Network Disk 6.1

A DOM-based cross-site scripting (XSS) vulnerability was reported in Lenovo Enterprise Network Disk prior to version 6.1 patch 6 hotfix 4 that could allow execution of code in an authenticated user's current browser session if a crafted url is visited, possibly through phishing.

4.3
2020-09-24 CVE-2020-8347 Lenovo Cross-site Scripting vulnerability in Lenovo Enterprise Network Disk 6.1

A reflective cross-site scripting (XSS) vulnerability was reported in Lenovo Enterprise Network Disk prior to version 6.1 patch 6 hotfix 4 that could allow execution of code in an authenticated user's browser if a crafted url is visited, possibly through phishing.

4.3
2020-09-24 CVE-2020-15930 Joplin Project Cross-site Scripting vulnerability in Joplin Project Joplin

An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary code execution via a malicious HTML embed tag.

4.3
2020-09-24 CVE-2020-12811 Fortinet Cross-site Scripting vulnerability in Fortinet Fortianalyzer and Fortimanager

An improper neutralization of script-related HTML tags in a web page in FortiManager 6.2.0, 6.2.1, 6.2.2, and 6.2.3and FortiAnalyzer 6.2.0, 6.2.1, 6.2.2, and 6.2.3 may allow an attacker to execute a cross site scripting (XSS) via the Identify Provider name field.

4.3
2020-09-24 CVE-2020-13119 Gogogate Improper Restriction of Rendered UI Layers or Frames vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to clickjacking.

4.3
2020-09-24 CVE-2020-12841 Gogogate Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php

4.3
2020-09-24 CVE-2020-12840 Gogogate Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php

4.3
2020-09-24 CVE-2020-12281 Gogogate Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php.

4.3
2020-09-24 CVE-2020-12816 Fortinet Cross-site Scripting vulnerability in Fortinet Fortinac

An improper neutralization of input vulnerability in FortiNAC before 8.7.2 may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the UserID of Admin Users.

4.3
2020-09-24 CVE-2020-12280 Gogogate Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php.

4.3
2020-09-24 CVE-2020-22453 Untis Cross-site Scripting vulnerability in Untis Webuntis

Untis WebUntis before 2020.9.6 allows XSS in multiple functions that store information.

4.3
2020-09-23 CVE-2020-4340 IBM Improper Certificate Validation vulnerability in IBM Security Secret Server 10.7/10.7.000059/10.8

IBM Security Secret Server prior to 10.9 could allow an attacker to bypass SSL security due to improper certificate validation.

4.3
2020-09-23 CVE-2020-2285 Jenkins Missing Authorization vulnerability in Jenkins Liquibase Runner

A missing permission check in Jenkins Liquibase Runner Plugin 1.4.7 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

4.3
2020-09-23 CVE-2020-2282 Jenkins Missing Authorization vulnerability in Jenkins Implied Labels

Jenkins Implied Labels Plugin 0.6 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to configure the plugin.

4.3
2020-09-23 CVE-2020-3137 Cisco Cross-site Scripting vulnerability in Cisco Email Security Appliance

A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

4.3
2020-09-23 CVE-2020-3124 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Hosted Collaboration Mediation Fulfillment

A vulnerability in the web-based interface of Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.

4.3
2020-09-23 CVE-2020-3117 Cisco Unspecified vulnerability in Cisco products

A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response.

4.3
2020-09-23 CVE-2020-3116 Cisco Improper Input Validation vulnerability in Cisco Webex Meetings Online and Webex Meetings Server

A vulnerability in the way Cisco Webex applications process Universal Communications Format (UCF) files could allow an attacker to cause a denial of service (DoS) condition.

4.3
2020-09-22 CVE-2020-14024 Ozeki Cross-site Scripting vulnerability in Ozeki NG SMS Gateway

Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the (1) Receiver or Recipient field in the Mailbox feature, (2) OZFORM_GROUPNAME field in the Group configuration of addresses, (3) listname field in the Defining address lists configuration, or (4) any GET Parameter in the /default URL of the application.

4.3
2020-09-22 CVE-2020-24619 Meltytech Use of a Broken or Risky Cryptographic Algorithm vulnerability in Meltytech Shotcut

In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuses TLS because of setPeerVerifyMode(QSslSocket::VerifyNone).

4.3
2020-09-21 CVE-2020-6571 Google
Opensuse
Fedoraproject
Debian
Improper Input Validation vulnerability in multiple products

Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

4.3
2020-09-21 CVE-2020-6570 Google
Opensuse
Fedoraproject
Debian
Information Exposure vulnerability in multiple products

Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction.

4.3
2020-09-21 CVE-2020-6558 Google
Opensuse
Debian
Cross-site Scripting vulnerability in multiple products

Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

4.3
2020-09-21 CVE-2020-15966 Google
Debian
Opensuse
Fedoraproject
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
4.3
2020-09-21 CVE-2020-15959 Google
Opensuse
Fedoraproject
Debian
Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.
4.3
2020-09-21 CVE-2020-4731 IBM Cross-site Scripting vulnerability in IBM Aspera Shares 1.9.14

IBM Aspera Web Application 1.9.14 PL1 is vulnerable to cross-site scripting.

4.3
2020-09-21 CVE-2020-4315 IBM Insecure Storage of Sensitive Information vulnerability in IBM Business Automation Content Analyzer ON Cloud 1.0

IBM Business Automation Content Analyzer on Cloud 1.0 does not set the secure attribute on authorization tokens or session cookies.

4.3
2020-09-25 CVE-2020-15192 Google
Opensuse
Improper Input Validation vulnerability in multiple products

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to `dlpack.to_dlpack` there is a memory leak following an expected validation failure.

4.0
2020-09-25 CVE-2020-25130 Observium SQL Injection vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.0
2020-09-25 CVE-2020-15370 Broadcom Information Exposure Through Log Files vulnerability in Broadcom Fabric Operating System

Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext.

4.0
2020-09-25 CVE-2020-15369 Broadcom Weak Password Requirements vulnerability in Broadcom Fabric Operating System

Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server.

4.0
2020-09-24 CVE-2020-3516 Cisco Improper Input Validation vulnerability in Cisco IOS XE

A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticated, remote attacker to crash the web server on the device.

4.0
2020-09-23 CVE-2020-5781 Ignitenet Cross-site Scripting vulnerability in Ignitenet Helios Glinq 2.2.1

In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file (/etc/config/luci) by the authenticator.htmlauth function.

4.0
2020-09-23 CVE-2020-4324 IBM Improper Input Validation vulnerability in IBM Security Secret Server 10.7/10.7.000059/10.8

IBM Security Secret Server proir to 10.9 could allow a remote attacker to bypass security restrictions, caused by improper input validation.

4.0
2020-09-23 CVE-2020-16244 GE Unspecified vulnerability in GE Asset Performance Management Classic 4.4

GE Digital APM Classic, Versions 4.4 and prior.

4.0
2020-09-23 CVE-2019-15963 Cisco Unspecified vulnerability in Cisco Unified Communications Manager

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive information in the web-based management interface of the affected software.

4.0
2020-09-22 CVE-2020-15839 Liferay Unrestricted Upload of File with Dangerous Type vulnerability in Liferay Digital Experience Platform and Liferay Portal

Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix pack 18 and 7.2 before fix pack 6, does not restrict the size of a multipart/form-data POST action, which allows remote authenticated users to conduct denial-of-service attacks by uploading large files.

4.0
2020-09-22 CVE-2020-14023 Ozeki Server-Side Request Forgery (SSRF) vulnerability in Ozeki NG SMS Gateway

Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS.

4.0
2020-09-22 CVE-2020-24333 Arista Improper Authentication vulnerability in Arista Cloudvision Portal

A vulnerability in Arista’s CloudVision Portal (CVP) prior to 2020.2 allows users with “read-only” or greater access rights to the Configlet Management module to download files not intended for access, located on the CVP server, by accessing a specific API.

4.0
2020-09-22 CVE-2020-4619 IBM Cleartext Storage of Sensitive Information vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 stores user credentials in plain in clear text which can be read by an authenticated user.

4.0
2020-09-22 CVE-2020-4618 IBM Improper Input Validation vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 could allow a privileged user to cause a denial of service due to improper input validation.

4.0
2020-09-22 CVE-2020-4612 IBM Information Exposure vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to obtain sensitive information using a specially crafted HTTP request.

4.0
2020-09-22 CVE-2020-3977 Vmware Missing Authentication for Critical Function vulnerability in VMWare Horizon Daas 7.0.0/8.0.0/8.0.1

VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication.

4.0
2020-09-21 CVE-2020-4590 IBM Unspecified vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client.

4.0
2020-09-21 CVE-2020-14180 Atlassian Information Exposure vulnerability in Atlassian Jira Service Desk

Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource.

4.0
2020-09-21 CVE-2020-14177 Atlassian Unspecified vulnerability in Atlassian Jira Server

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Regex-based Denial of Service (DoS) vulnerability in JQL version searching.

4.0

16 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-25 CVE-2020-24692 Mitel Improper Input Validation vulnerability in Mitel Micontact Center Business 8.0/9.0.0.0/9.0.1.0

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS.

3.6
2020-09-24 CVE-2020-3476 Cisco Files or Directories Accessible to External Parties vulnerability in Cisco IOS 16.10.1/16.9

A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system.

3.6
2020-09-25 CVE-2020-15197 Google Reachable Assertion vulnerability in Google Tensorflow 2.3.0

In Tensorflow before version 2.3.1, the `SparseCountSparseOutput` implementation does not validate that the input arguments form a valid sparse tensor.

3.5
2020-09-25 CVE-2018-6447 Broadcom Cross-site Scripting vulnerability in Broadcom Fabric Operating System

A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account.

3.5
2020-09-24 CVE-2020-15162 Prestashop Cross-site Scripting vulnerability in Prestashop

In PrestaShop from version 1.5.0.0 and before version 1.7.6.8, users are allowed to send compromised files.

3.5
2020-09-24 CVE-2020-12815 Fortinet Cross-site Scripting vulnerability in Fortinet Fortianalyzer

An improper neutralization of input vulnerability in FortiTester before 3.9.0 may allow a remote authenticated attacker to inject script related HTML tags via IPv4/IPv6 address fields.

3.5
2020-09-22 CVE-2020-14027 Ozeki Argument Injection or Modification vulnerability in Ozeki NG SMS Gateway

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6.

3.5
2020-09-22 CVE-2020-4615 IBM Cross-site Scripting vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site scripting.

3.5
2020-09-22 CVE-2020-7734 Arachnys Cross-site Scripting vulnerability in Arachnys Cabot

All versions of package cabot are vulnerable to Cross-site Scripting (XSS) via the Endpoint column.

3.5
2020-09-24 CVE-2020-3418 Cisco Unspecified vulnerability in Cisco IOS XE 17.1.1

A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9800 Series Routers could allow an unauthenticated, adjacent attacker to send ICMPv6 traffic prior to the client being placed into RUN state.

3.3
2020-09-25 CVE-2020-5929 F5 Unspecified vulnerability in F5 products

In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH use option not enabled in the options list may be vulnerable to crafted SSL/TLS Handshakes that may result with a PMS (Pre-Master Secret) that starts in a 0 byte and may lead to a recovery of plaintext messages as BIG-IP TLS/SSL ADH/DHE sends different error messages acting as an oracle.

2.6
2020-09-25 CVE-2020-15372 Broadcom Improper Control of Dynamically-Managed Code Resources vulnerability in Broadcom Fabric Operating System

A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or bypassing the logging.

2.1
2020-09-25 CVE-2020-25084 Qemu
Debian
Use After Free vulnerability in multiple products

QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.

2.1
2020-09-24 CVE-2020-3477 Cisco Incorrect Authorization vulnerability in Cisco IOS 16.3.11

A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem.

2.1
2020-09-24 CVE-2020-26088 Linux
Debian
Opensuse
Canonical
Incorrect Default Permissions vulnerability in multiple products

A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.

2.1
2020-09-25 CVE-2020-25203 Framer Unspecified vulnerability in Framer Preview 12.0

The Framer Preview application 12 for Android exposes com.framer.viewer.FramerViewActivity to other applications.

1.9