Weekly Vulnerabilities Reports > September 21 to 27, 2020

Overview

352 new vulnerabilities reported during this period, including 23 critical vulnerabilities and 54 high severity vulnerabilities. This weekly summary report vulnerabilities in 230 products from 74 vendors including Cisco, Fedoraproject, Google, Debian, and Opensuse. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Input Validation", "SQL Injection", "Use After Free", and "Resource Exhaustion".

  • 290 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities have public exploit available.
  • 96 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 288 reported vulnerabilities are exploitable by an anonymous user.
  • Cisco has the most reported vulnerabilities, with 63 reported vulnerabilities.
  • Google has the most reported critical vulnerabilities, with 8 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

23 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-25 CVE-2020-25749 Rubetek USE of Hard-Coded Credentials vulnerability in Rubetek products

The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) could allow an remote attacker to take full control of the device with a high-privileged account.

10.0
2020-09-25 CVE-2020-25223 Sophos Code Injection vulnerability in Sophos United Threat Management

A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5, v9.607 MR7, and v9.511 MR11

10.0
2020-09-24 CVE-2020-16147 Telmat Code Injection vulnerability in Telmat products

The login page in Telmat AccessLog <= 6.0 (TAL_20180415) allows an attacker to get root shell access via Unauthenticated code injection over the network.

10.0
2020-09-22 CVE-2020-11856 Microfocus Missing Authorization vulnerability in Microfocus Operation Bridge Reporter

Arbitrary code execution vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier.

10.0
2020-09-25 CVE-2020-11805 Pexip Improper Input Validation vulnerability in Pexip Infinity and Reverse Proxy and Turn Server

Pexip Reverse Proxy and TURN Server before 6.1.0 has Incorrect UDP Access Control via TURN.

9.3
2020-09-22 CVE-2020-14026 Ozeki Unspecified vulnerability in Ozeki NG SMS Gateway

CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the Export Of Contacts feature in Ozeki NG SMS Gateway through 4.17.6 via a value that is mishandled in a CSV export.

9.3
2020-09-21 CVE-2020-6559 Google
Opensuse
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.3
2020-09-21 CVE-2020-6553 Google
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.3
2020-09-21 CVE-2020-6552 Google
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.3
2020-09-21 CVE-2020-6549 Google
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.3
2020-09-21 CVE-2020-6548 Google
Debian
Fedoraproject
Out-Of-Bounds Write vulnerability in multiple products

Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

9.3
2020-09-21 CVE-2020-6556 Google Out-Of-Bounds Write vulnerability in Google Chrome

Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.3
2020-09-21 CVE-2020-6551 Google
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.3
2020-09-21 CVE-2020-6550 Google
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.3
2020-09-25 CVE-2020-25747 Rubetek Improper Authentication vulnerability in Rubetek products

The Telnet service of Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) can allow a remote attacker to gain access to RTSP and ONFIV services without authentication.

9.0
2020-09-24 CVE-2020-24365 Gemteks Code Injection vulnerability in Gemteks Wrtm-127Acn Firmware and Wrtm-127X9 Firmware

An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-127x9 01.01.02.127 devices.

9.0
2020-09-24 CVE-2020-16148 Telmat Code Injection vulnerability in Telmat products

The ping page of the administration panel in Telmat AccessLog <= 6.0 (TAL_20180415) allows an attacker to get root shell access via authenticated code injection over the network.

9.0
2020-09-23 CVE-2019-15992 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Adaptive Security Appliance

A vulnerability in the implementation of the Lua interpreter integrated in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code with root privileges on the underlying Linux operating system of an affected device.

9.0
2020-09-23 CVE-2020-3143 Cisco Path Traversal vulnerability in Cisco products

A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software, Cisco TelePresence Codec (TC) Software, and Cisco RoomOS Software could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device.

9.0
2020-09-22 CVE-2020-14031 Ozeki Unspecified vulnerability in Ozeki NG SMS Gateway

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6.

9.0
2020-09-22 CVE-2020-14028 Ozeki Path Traversal vulnerability in Ozeki NG SMS Gateway

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6.

9.0
2020-09-22 CVE-2020-14022 Ozeki Unrestricted Upload of File With Dangerous Type vulnerability in Ozeki NG SMS Gateway

Ozeki NG SMS Gateway 4.17.1 through 4.17.6 does not check the file type when bulk importing new contacts ("Import Contacts" functionality) from a file.

9.0
2020-09-22 CVE-2020-4620 IBM Unrestricted Upload of File With Dangerous Type vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 could allow a remote authenticated attacker to upload arbitrary files, caused by the improper validation of file extensions.

9.0

54 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-24 CVE-2020-3560 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in Cisco Aironet Access Points (APs) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) on an affected device.

7.8
2020-09-24 CVE-2020-3527 Cisco Resource Exhaustion vulnerability in Cisco IOS XE

A vulnerability in the Polaris kernel of Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to crash the device.

7.8
2020-09-24 CVE-2020-3526 Cisco Improper Input Validation vulnerability in Cisco IOS XE 17.2

A vulnerability in the Common Open Policy Service (COPS) engine of Cisco IOS XE Software on Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to crash a device.

7.8
2020-09-24 CVE-2020-3509 Cisco Information Exposure Through Discrepancy vulnerability in Cisco IOS XE 16.7(1)

A vulnerability in the DHCP message handler of Cisco IOS XE Software for Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, remote attacker to cause the supervisor to crash, which could result in a denial of service (DoS) condition.

7.8
2020-09-24 CVE-2020-3492 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers and Cisco AireOS Software for Cisco Wireless LAN Controllers (WLC) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.8
2020-09-24 CVE-2020-3480 Cisco Improper Check FOR Unusual OR Exceptional Conditions vulnerability in Cisco IOS XE

Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall.

7.8
2020-09-24 CVE-2020-3479 Cisco Resource Exhaustion vulnerability in Cisco IOS and IOS XE

A vulnerability in the implementation of Multiprotocol Border Gateway Protocol (MP-BGP) for the Layer 2 VPN (L2VPN) Ethernet VPN (EVPN) address family in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

7.8
2020-09-24 CVE-2020-3414 Cisco Resource Exhaustion vulnerability in Cisco IOS XE

A vulnerability in the packet processing of Cisco IOS XE Software for Cisco 4461 Integrated Services Routers could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

7.8
2020-09-24 CVE-2020-3408 Cisco Resource Exhaustion vulnerability in Cisco IOS and IOS XE

A vulnerability in the Split DNS feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

7.8
2020-09-24 CVE-2020-3399 Cisco Out-Of-Bounds Read vulnerability in Cisco IOS XE 16.12/16.12.1S/16.12.2

A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device.

7.8
2020-09-24 CVE-2020-3359 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

A vulnerability in the multicast DNS (mDNS) feature of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

7.8
2020-09-24 CVE-2020-3559 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in Cisco Aironet Access Point (AP) Software could allow an unauthenticated, remote attacker to cause an affected device to reload.

7.8
2020-09-25 CVE-2020-15212 Tensorflow Out-Of-Bounds Write vulnerability in Tensorflow

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger writes outside of bounds of heap allocated buffers by inserting negative elements in the segment ids tensor.

7.5
2020-09-25 CVE-2020-15208 Tensorflow Out-Of-Bounds Read vulnerability in Tensorflow

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, when determining the common dimension size of two tensors, TFLite uses a `DCHECK` which is no-op outside of debug compilation modes.

7.5
2020-09-25 CVE-2020-15205 Tensorflow Heap-Based Buffer Overflow vulnerability in Tensorflow

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `data_splits` argument of `tf.raw_ops.StringNGrams` lacks validation.

7.5
2020-09-25 CVE-2020-25147 Observium SQL Injection vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

7.5
2020-09-25 CVE-2020-25132 Observium SQL Injection vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

7.5
2020-09-25 CVE-2020-15374 Broadcom
Brocade
Improper Input Validation vulnerability in multiple products

Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input.

7.5
2020-09-25 CVE-2020-15373 Broadcom
Brocade
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks.

7.5
2020-09-25 CVE-2020-15371 Broadcom
Brocade
Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability.
7.5
2020-09-25 CVE-2020-13995 Airforce Classic Buffer Overflow vulnerability in Airforce Nitf Extract Utility 7.5

U.S.

7.5
2020-09-25 CVE-2020-15394 Zohocorp SQL Injection vulnerability in Zohocorp Manageengine Applications Manager

The REST API in Zoho ManageEngine Applications Manager before build 14740 allows an unauthenticated SQL Injection via a crafted request, leading to Remote Code Execution.

7.5
2020-09-25 CVE-2020-26108 Cpanel Unspecified vulnerability in Cpanel

cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488).

7.5
2020-09-25 CVE-2020-26100 Cpanel Unspecified vulnerability in Cpanel

chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497).

7.5
2020-09-25 CVE-2020-26098 Cpanel Unspecified vulnerability in Cpanel

cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).

7.5
2020-09-24 CVE-2020-15160 Prestashop SQL Injection vulnerability in Prestashop

PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter.

7.5
2020-09-24 CVE-2020-15851 Nakivo Missing Authentication FOR Critical Function vulnerability in Nakivo Backup & Replication Transporter 9.4.0.R43656

Lack of access control in Nakivo Backup & Replication Transporter version 9.4.0.r43656 allows remote users to access unencrypted backup repositories and the Nakivo Controller configuration via a network accessible transporter service.

7.5
2020-09-24 CVE-2020-12843 Gogogate Unrestricted Upload of File With Dangerous Type vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors.

7.5
2020-09-24 CVE-2020-12842 Gogogate Code Injection vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php.

7.5
2020-09-24 CVE-2020-12839 Gogogate Code Injection vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php.

7.5
2020-09-24 CVE-2020-12838 Gogogate Code Injection vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php.

7.5
2020-09-24 CVE-2020-13505 Aveva SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053

Parameter psClass in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks.

7.5
2020-09-24 CVE-2020-13504 Aveva SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053

Parameter AttFilterValue in ednareporting.asmx is vulnerable to unauthenticated SQL injection attacks.

7.5
2020-09-24 CVE-2020-13501 Aveva SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053

An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053.

7.5
2020-09-24 CVE-2020-13500 Aveva SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053

SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053.

7.5
2020-09-24 CVE-2020-13499 Aveva SQL Injection vulnerability in Aveva Edna Enterprise Data Historian 3.0.1.2/7.5.4989.33053

An SQL injection vulnerability exists in the CHaD.asmx web service functionality of eDNA Enterprise Data Historian 3.0.1.2/7.5.4989.33053.

7.5
2020-09-23 CVE-2020-24626 HPE Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9

Unathenticated directory traversal in the ReceiverServlet class doPost() method can lead to arbitrary remote code execution in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.

7.5
2020-09-22 CVE-2020-11857 Microfocus USE of Hard-Coded Credentials vulnerability in Microfocus Operation Bridge Reporter

An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier.

7.5
2020-09-24 CVE-2020-6020 Checkpoint Improper Input Validation vulnerability in Checkpoint ICA Management Portal R80.20/R80.30/R80.40

Check Point Security Management's Internal CA web management before Jumbo HFAs R80.10 Take 278, R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38, can be manipulated to run commands as a high privileged user or crash, due to weak input validation on inputs by a trusted management administrator.

7.4
2020-09-25 CVE-2020-24718 Freebsd
Omniosce
Openindiana
Incorrect Authorization vulnerability in multiple products

bhyve, as used in FreeBSD through 12.1 and illumos (e.g., OmniOS CE through r151034 and OpenIndiana through Hipster 2020.04), does not properly restrict VMCS and VMCB read/write operations, as demonstrated by a root user in a container on an Intel system, who can gain privileges by modifying VMCS_HOST_RIP.

7.2
2020-09-24 CVE-2020-17365 Pango Incorrect Permission Assignment FOR Critical Resource vulnerability in Pango Hotspot Shield 10.0.1/10.3.0

Improper directory permissions in the Hotspot Shield VPN client software for Windows 10.3.0 and earlier may allow an authorized user to potentially enable escalation of privilege via local access.

7.2
2020-09-24 CVE-2020-8333 Lenovo Unspecified vulnerability in Lenovo products

A potential vulnerability in the SMI callback function used in the EEPROM driver in some Lenovo Desktops and ThinkStation models may allow arbitrary code execution

7.2
2020-09-24 CVE-2020-15850 Nakivo Incorrect Default Permissions vulnerability in Nakivo Backup & Replication Director 9.4.0.R43656

Insecure permissions in Nakivo Backup & Replication Director version 9.4.0.r43656 on Linux allow local users to access the Nakivo Director web interface and gain root privileges.

7.2
2020-09-24 CVE-2020-3423 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco IOS XE

A vulnerability in the implementation of the Lua interpreter that is integrated in Cisco IOS XE Software could allow an authenticated, local attacker to execute arbitrary code with root privileges on the underlying Linux operating system (OS) of an affected device.

7.2
2020-09-24 CVE-2020-3417 Cisco OS Command Injection vulnerability in Cisco IOS XE

A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute persistent code at boot time and break the chain of trust.

7.2
2020-09-24 CVE-2020-3404 Cisco Incorrect Authorization vulnerability in Cisco IOS XE 16.11.1

A vulnerability in the persistent Telnet/Secure Shell (SSH) CLI of Cisco IOS XE Software could allow an authenticated, local attacker to gain shell access on an affected device and execute commands on the underlying operating system (OS) with root privileges.

7.2
2020-09-24 CVE-2020-3403 Cisco OS Command Injection vulnerability in Cisco IOS XE 17.2.1

A vulnerability in the CLI of Cisco IOS XE Software could allow an authenticated, local attacker to inject a command to the underlying operating system that will execute with root privileges upon the next reboot of the device.

7.2
2020-09-24 CVE-2020-3393 Cisco Improper Privilege Management vulnerability in Cisco IOS XE 16.12.1

A vulnerability in the application-hosting subsystem of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to root on an affected device.

7.2
2020-09-23 CVE-2020-25826 Pingidentity Improper Privilege Management vulnerability in Pingidentity Pingid Integration for Windows Login

PingID Integration for Windows Login before 2.4.2 allows local users to gain privileges by modifying CefSharp.BrowserSubprocess.exe.

7.2
2020-09-22 CVE-2020-16202 Advantech Incorrect Permission Assignment FOR Critical Resource vulnerability in Advantech Webaccess

WebAccess Node (All versions prior to 9.0.1) has incorrect permissions set for resources used by specific services, which may allow code execution with system privileges.

7.2
2020-09-22 CVE-2020-11855 Microfocus Incorrect Authorization vulnerability in Microfocus Operation Bridge Reporter

An Authorization Bypass vulnerability on Micro Focus Operation Bridge Reporter, affecting version 10.40 and earlier.

7.2
2020-09-24 CVE-2020-3510 Cisco Resource Exhaustion vulnerability in Cisco IOS XE 16.12.1/16.12.2/17.1.1

A vulnerability in the Umbrella Connector component of Cisco IOS XE Software for Cisco Catalyst 9200 Series Switches could allow an unauthenticated, remote attacker to trigger a reload, resulting in a denial of service condition on an affected device.

7.1
2020-09-24 CVE-2020-3421 Cisco Improper Check FOR Unusual OR Exceptional Conditions vulnerability in Cisco IOS XE 16.9.3/17.2

Multiple vulnerabilities in the Zone-Based Firewall feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload or stop forwarding traffic through the firewall.

7.1
2020-09-24 CVE-2020-3407 Cisco Null Pointer Dereference vulnerability in Cisco IOS XE 15.8(3)M3

A vulnerability in the RESTCONF and NETCONF-YANG access control list (ACL) function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload.

7.1

254 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-24 CVE-2020-3524 Cisco Missing Authorization vulnerability in Cisco IOS XE ROM Monitor 15.6(18R)/16.2(1R)

A vulnerability in the Cisco IOS XE ROM Monitor (ROMMON) Software for Cisco 4000 Series Integrated Services Routers, Cisco ASR 920 Series Aggregation Services Routers, Cisco ASR 1000 Series Aggregation Services Routers, and Cisco cBR-8 Converged Broadband Routers could allow an unauthenticated, physical attacker to break the chain of trust and load a compromised software image on an affected device.

6.9
2020-09-24 CVE-2020-3513 Cisco Code Injection vulnerability in Cisco IOS XE 16.12.1/17.2

Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust.

6.9
2020-09-24 CVE-2020-3416 Cisco Code Injection vulnerability in Cisco IOS XE 16.12.1/17.2

Multiple vulnerabilities in the initialization routines that are executed during bootup of Cisco IOS XE Software for Cisco ASR 900 Series Aggregation Services Routers with a Route Switch Processor 3 (RSP3) installed could allow an authenticated, local attacker with high privileges to execute persistent code at bootup and break the chain of trust.

6.9
2020-09-24 CVE-2020-3396 Cisco Improper Privilege Management vulnerability in Cisco IOS XE 16.12.1

A vulnerability in the file system on the pluggable USB 3.0 Solid State Drive (SSD) for Cisco IOS XE Software could allow an authenticated, physical attacker to remove the USB 3.0 SSD and modify sensitive areas of the file system, including the namespace container protections.

6.9
2020-09-23 CVE-2019-1736 Cisco Improper Verification of Cryptographic Signature vulnerability in Cisco products

A vulnerability in the firmware of the Cisco UCS C-Series Rack Servers could allow an authenticated, physical attacker to bypass Unified Extensible Firmware Interface (UEFI) Secure Boot validation checks and load a compromised software image on an affected device.

6.9
2020-09-25 CVE-2020-15214 Tensorflow Out-Of-Bounds Write vulnerability in Tensorflow

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a write out bounds / segmentation fault if the segment ids are not sorted.

6.8
2020-09-25 CVE-2020-15207 Tensorflow Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Tensorflow

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, to mimic Python's indexing with negative values, TFLite uses `ResolveAxis` to convert negative values to positive indices.

6.8
2020-09-25 CVE-2020-15202 Tensorflow Numeric Truncation Error vulnerability in Tensorflow

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `Shard` API in TensorFlow expects the last argument to be a function taking two `int64` (i.e., `long long`) arguments.

6.8
2020-09-25 CVE-2020-15201 Tensorflow Heap-Based Buffer Overflow vulnerability in Tensorflow 2.3.0

In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not validate that the input arguments form a valid ragged tensor.

6.8
2020-09-25 CVE-2020-25748 Rubetek Cleartext Transmission of Sensitive Information vulnerability in Rubetek products

A Cleartext Transmission issue was discovered on Rubetek RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339).

6.8
2020-09-25 CVE-2020-24594 Mitel Cross-Site Scripting vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1

Mitel MiCloud Management Portal before 6.1 SP5 could allow an unauthenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS.

6.8
2020-09-25 CVE-2020-23837 Multi User Project Cross-Site Request Forgery (CSRF) vulnerability in Multi User Project Multi User 1.8.2

A Cross-Site Request Forgery (CSRF) vulnerability in the Multi User plugin 1.8.2 for GetSimple CMS allows remote attackers to add admin (or other) users after an authenticated admin visits a third-party site or clicks on a URL.

6.8
2020-09-24 CVE-2020-12282 Gogogate Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php.

6.8
2020-09-23 CVE-2020-5782 Ignitenet Improper Input Validation vulnerability in Ignitenet Helios Glinq 2.2.1

In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wan_type’ parameter, the wan interface for the device will become unreachable, which results in a denial of service condition for devices dependent on this connection.

6.8
2020-09-23 CVE-2020-2280 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Warnings

A cross-site request forgery (CSRF) vulnerability in Jenkins Warnings Plugin 5.0.1 and earlier allows attackers to execute arbitrary code.

6.8
2020-09-23 CVE-2020-3135 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager

A vulnerability in the web-based management interface of Cisco Unified Communications Manager (UCM) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected device.

6.8
2020-09-22 CVE-2020-14025 Ozeki Cross-Site Request Forgery (CSRF) vulnerability in Ozeki NG SMS Gateway

Ozeki NG SMS Gateway through 4.17.6 has multiple CSRF vulnerabilities.

6.8
2020-09-21 CVE-2020-6569 Google
Opensuse
Debian
Fedoraproject
Integer Overflow OR Wraparound vulnerability in multiple products

Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

6.8
2020-09-21 CVE-2020-6555 Google
Debian
Fedoraproject
Out-Of-Bounds Read vulnerability in multiple products

Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

6.8
2020-09-21 CVE-2020-6554 Google
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially perform a sandbox escape via a crafted Chrome Extension.

6.8
2020-09-21 CVE-2020-6545 Google
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2020-09-21 CVE-2020-6544 Google
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2020-09-21 CVE-2020-6543 Google
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2020-09-21 CVE-2020-6540 Google
Debian
Fedoraproject
Out-Of-Bounds Write vulnerability in multiple products

Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2020-09-21 CVE-2020-6539 Google
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2020-09-21 CVE-2020-6537 Google
Debian
Fedoraproject
Type Confusion vulnerability in multiple products

Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

6.8
2020-09-21 CVE-2020-6532 Google
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2020-09-21 CVE-2020-6576 Google
Opensuse
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2020-09-21 CVE-2020-6573 Google
Opensuse
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

6.8
2020-09-21 CVE-2020-15965 Google
Opensuse
Debian
Fedoraproject
Type Confusion vulnerability in multiple products

Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

6.8
2020-09-21 CVE-2020-15964 Google
Opensuse
Fedoraproject
Debian
Out-Of-Bounds Write vulnerability in multiple products

Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2020-09-21 CVE-2020-15963 Google
Opensuse
Fedoraproject
Debian
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
6.8
2020-09-21 CVE-2020-15962 Google
Opensuse
Fedoraproject
Debian
Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.
6.8
2020-09-21 CVE-2020-15961 Google
Opensuse
Fedoraproject
Debian
Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension.
6.8
2020-09-21 CVE-2020-15960 Google
Opensuse
Fedoraproject
Debian
Out-Of-Bounds Write vulnerability in multiple products

Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page.

6.8
2020-09-21 CVE-2020-6542 Google
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2020-09-21 CVE-2020-6541 Google
Debian
Fedoraproject
USE After Free vulnerability in multiple products

Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2020-09-23 CVE-2020-14365 Redhat Improper Verification of Cryptographic Signature vulnerability in Redhat products

A flaw was found in the Ansible Engine, in ansible-engine 2.8.x before 2.8.15 and ansible-engine 2.9.x before 2.9.13, when installing packages using the dnf module.

6.6
2020-09-25 CVE-2020-15196 Tensorflow Heap-Based Buffer Overflow vulnerability in Tensorflow 2.3.0

In Tensorflow version 2.3.0, the `SparseCountSparseOutput` and `RaggedCountSparseOutput` implementations don't validate that the `weights` tensor has the same shape as the data.

6.5
2020-09-25 CVE-2020-15195 Tensorflow Heap-Based Buffer Overflow vulnerability in Tensorflow

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the implementation of `SparseFillEmptyRowsGrad` uses a double indexing pattern.

6.5
2020-09-25 CVE-2020-25149 Observium Path Traversal vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

6.5
2020-09-25 CVE-2020-25145 Observium Path Traversal vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

6.5
2020-09-25 CVE-2020-25144 Observium Path Traversal vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

6.5
2020-09-25 CVE-2020-25143 Observium SQL Injection vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

6.5
2020-09-25 CVE-2020-25136 Observium Path Traversal vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

6.5
2020-09-25 CVE-2020-25134 Observium Path Traversal vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

6.5
2020-09-25 CVE-2020-25133 Observium Path Traversal vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

6.5
2020-09-25 CVE-2020-7735 NG Packagr Project OS Command Injection vulnerability in Ng-Packagr Project Ng-Packagr

The package ng-packagr before 10.1.1 are vulnerable to Command Injection via the styleIncludePaths option.

6.5
2020-09-25 CVE-2020-24621 Openmrs Path Traversal vulnerability in Openmrs Htmlformentry

A remote code execution (RCE) vulnerability was discovered in the htmlformentry (aka HTML Form Entry) module before 3.11.0 for OpenMRS.

6.5
2020-09-25 CVE-2020-24593 Mitel SQL Injection vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1

Mitel MiCloud Management Portal before 6.1 SP5 could allow a remote attacker to conduct a SQL Injection attack and access user credentials due to improper input validation.

6.5
2020-09-24 CVE-2020-3425 Cisco Improper Privilege Management vulnerability in Cisco IOS XE

Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device.

6.5
2020-09-24 CVE-2020-3400 Cisco Missing Authorization vulnerability in Cisco IOS XE

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to utilize parts of the web UI for which they are not authorized.The vulnerability is due to insufficient authorization of web UI access requests.

6.5
2020-09-24 CVE-2020-3141 Cisco Unspecified vulnerability in Cisco IOS XE

Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to elevate privileges to the level of an Administrator user on an affected device.

6.5
2020-09-24 CVE-2020-12817 Fortinet Injection vulnerability in Fortinet Fortianalyzer and Fortitester

An improper neutralization of input vulnerability in FortiAnalyzer before 6.4.1 and 6.2.5 may allow a remote authenticated attacker to inject script related HTML tags via Name parameter of Storage Connectors.

6.5
2020-09-23 CVE-2020-2279 Jenkins Unspecified vulnerability in Jenkins Script Security

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.74 and earlier allows attackers with permission to define sandboxed scripts to provide crafted return values or script binding content that can result in arbitrary code execution on the Jenkins controller JVM.

6.5
2020-09-22 CVE-2020-4621 IBM Incorrect Authorization vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to escalate their privileges to administrator due to insufficient authorization checks.

6.5
2020-09-22 CVE-2020-4611 IBM Incorrect Permission Assignment for Critical Resource vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to bypass security and execute actions reserved for admins.

6.5
2020-09-27 CVE-2020-26116 Python
Fedoraproject
Improper Encoding OR Escaping of Output vulnerability in multiple products

http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.

6.4
2020-09-24 CVE-2020-3426 Cisco Improper Privilege Management vulnerability in Cisco IOS

A vulnerability in the implementation of the Low Power, Wide Area (LPWA) subsystem of Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data or cause a denial of service (DoS) condition.

6.4
2020-09-21 CVE-2020-16171 Acronis Server-Side Request Forgery (SSRF) vulnerability in Acronis Cyber Backup 12.5

An issue was discovered in Acronis Cyber Backup before 12.5 Build 16342.

6.4
2020-09-24 CVE-2020-3552 Cisco Null Pointer Dereference vulnerability in Cisco products

A vulnerability in the Ethernet packet handling of Cisco Aironet Access Points (APs) Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.

6.1
2020-09-24 CVE-2020-3511 Cisco Improper Input Validation vulnerability in Cisco IOS XE 15.1(4)M

A vulnerability in the ISDN subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.

6.1
2020-09-24 CVE-2020-3497 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.

6.1
2020-09-24 CVE-2020-3494 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.

6.1
2020-09-24 CVE-2020-3493 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.

6.1
2020-09-24 CVE-2020-3489 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.

6.1
2020-09-24 CVE-2020-3488 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.

6.1
2020-09-24 CVE-2020-3487 Cisco Resource Exhaustion vulnerability in Cisco IOS XE

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.

6.1
2020-09-24 CVE-2020-3486 Cisco Improper Input Validation vulnerability in Cisco IOS XE

Multiple vulnerabilities in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition of an affected device.

6.1
2020-09-24 CVE-2020-3465 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.6.9/17.4.1

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a device to reload.

6.1
2020-09-24 CVE-2020-3428 Cisco Resource Exhaustion vulnerability in Cisco IOS XE

A vulnerability in the WLAN Local Profiling feature of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device.

6.1
2020-09-24 CVE-2020-3409 Cisco Resource Exhaustion vulnerability in Cisco IOS and IOS XE

A vulnerability in the PROFINET feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause an affected device to crash and reload, resulting in a denial of service (DoS) condition on the device.

6.1
2020-09-24 CVE-2020-3508 Cisco Resource Exhaustion vulnerability in Cisco IOS XE

A vulnerability in the IP Address Resolution Protocol (ARP) feature of Cisco IOS XE Software for Cisco ASR 1000 Series Aggregation Services Routers with a 20-Gbps Embedded Services Processor (ESP) installed could allow an unauthenticated, adjacent attacker to cause an affected device to reload, resulting in a denial of service condition.

6.1
2020-09-23 CVE-2020-25597 XEN Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in XEN

An issue was discovered in Xen through 4.14.x.

6.1
2020-09-23 CVE-2020-25595 XEN
Debian
Fedoraproject
Opensuse
Improper Privilege Management vulnerability in multiple products

An issue was discovered in Xen through 4.14.x.

6.1
2020-09-27 CVE-2020-26117 Tigervnc
Debian
Opensuse
Improper Certificate Validation vulnerability in multiple products

In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions.

5.8
2020-09-25 CVE-2020-15211 Tensorflow Out-Of-Bounds Read vulnerability in Tensorflow

In TensorFlow Lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, saved models in the flatbuffer format use a double indexing scheme: a model has a set of subgraphs, each subgraph has a set of operators and each operator has a set of input/output tensors.

5.8
2020-09-25 CVE-2020-15210 Tensorflow Improper Input Validation vulnerability in Tensorflow

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, if a TFLite saved model uses the same tensor as both input and output of an operator, then, depending on the operator, we can observe a segmentation fault or just memory corruption.

5.8
2020-09-25 CVE-2020-15198 Tensorflow Heap-Based Buffer Overflow vulnerability in Tensorflow 2.3.0

In Tensorflow before version 2.3.1, the `SparseCountSparseOutput` implementation does not validate that the input arguments form a valid sparse tensor.

5.8
2020-09-24 CVE-2020-15222 ORY Improper Authentication vulnerability in ORY Fosite

In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.31.0, when using "private_key_jwt" authentication the uniqueness of the `jti` value is not checked.

5.8
2020-09-23 CVE-2020-5783 Ignitenet Cross-Site Request Forgery (CSRF) vulnerability in Ignitenet Helios Glinq 2.2.1

In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection mechanisms.

5.8
2020-09-23 CVE-2020-2281 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Lockable Resources

A cross-site request forgery (CSRF) vulnerability in Jenkins Lockable Resources Plugin 2.8 and earlier allows attackers to reserve, unreserve, unlock, and reset resources.

5.8
2020-09-23 CVE-2020-10687 Redhat Http Request Smuggling vulnerability in Redhat Undertow 1.0.0

A flaw was discovered in all versions of Undertow before Undertow 2.2.0.Final, where HTTP request smuggling related to CVE-2017-2666 is possible against HTTP/1.x and HTTP/2 due to permitting invalid characters in an HTTP request.

5.8
2020-09-22 CVE-2020-4617 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

5.8
2020-09-24 CVE-2020-3512 Cisco Resource Exhaustion vulnerability in Cisco IOS XE 15.2(7)E

A vulnerability in the PROFINET handler for Link Layer Discovery Protocol (LLDP) messages of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause a crash on an affected device, resulting in a denial of service (DoS) condition.

5.7
2020-09-24 CVE-2020-3429 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1S

A vulnerability in the WPA2 and WPA3 security implementation of Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause denial of service (DoS) condition on an affected device.

5.7
2020-09-24 CVE-2020-3390 Cisco Improper Input Validation vulnerability in Cisco IOS XE 16.12.1

A vulnerability in Simple Network Management Protocol (SNMP) trap generation for wireless clients of the Cisco IOS XE Wireless Controller Software for the Cisco Catalyst 9000 Family could allow an unauthenticated, adjacent attacker to cause the device to unexpectedly reload, causing a denial of service (DoS) condition on an affected device.

5.7
2020-09-25 CVE-2020-15193 Tensorflow USE of Uninitialized Resource vulnerability in Tensorflow 2.2.0/2.3.0

In Tensorflow before versions 2.2.1 and 2.3.1, the implementation of `dlpack.to_dlpack` can be made to use uninitialized memory resulting in further memory corruption.

5.5
2020-09-24 CVE-2020-3475 Cisco Improper Privilege Management vulnerability in Cisco IOS

Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition.

5.5
2020-09-24 CVE-2020-3474 Cisco Incorrect Authorization vulnerability in Cisco IOS XE

Multiple vulnerabilities in the web management framework of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to gain unauthorized read access to sensitive data or cause the web management software to hang or crash, resulting in a denial of service (DoS) condition.

5.5
2020-09-23 CVE-2020-2284 Jenkins XXE vulnerability in Jenkins Liquibase Runner

Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

5.5
2020-09-23 CVE-2020-3130 Cisco Improper Input Validation vulnerability in Cisco Unity Connection

A vulnerability in the web management interface of Cisco Unity Connection could allow an authenticated remote attacker to overwrite files on the underlying filesystem.

5.5
2020-09-23 CVE-2020-10714 Redhat Session Fixation vulnerability in Redhat products

A flaw was found in WildFly Elytron version 1.11.3.Final and before.

5.1
2020-09-21 CVE-2020-6575 Google
Opensuse
Debian
Fedoraproject
Race Condition vulnerability in multiple products

Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.

5.1
2020-09-27 CVE-2020-26121 Mediawiki Incorrect Authorization vulnerability in Mediawiki

An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4.

5.0
2020-09-27 CVE-2020-25869 Mediawiki Improper Handling of Exceptional Conditions vulnerability in Mediawiki

An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4.

5.0
2020-09-27 CVE-2020-25827 Mediawiki Improper Restriction of Excessive Authentication Attempts vulnerability in Mediawiki

An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4.

5.0
2020-09-27 CVE-2020-25813 Mediawiki Unspecified vulnerability in Mediawiki

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users.

5.0
2020-09-25 CVE-2020-15206 Tensorflow Improper Input Validation vulnerability in Tensorflow

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, changing the TensorFlow's `SavedModel` protocol buffer and altering the name of required keys results in segfaults and data corruption while loading the model.

5.0
2020-09-25 CVE-2020-15204 Tensorflow Null Pointer Dereference vulnerability in Tensorflow

In eager mode, TensorFlow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1 does not set the session state.

5.0
2020-09-25 CVE-2020-15203 Tensorflow Improper Input Validation vulnerability in Tensorflow

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, by controlling the `fill` argument of tf.strings.as_string, a malicious attacker is able to trigger a format string vulnerability due to the way the internal format use in a `printf` call is constructed.

5.0
2020-09-25 CVE-2020-15194 Tensorflow
Opensuse
Reachable Assertion vulnerability in multiple products

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `SparseFillEmptyRowsGrad` implementation has incomplete validation of the shapes of its arguments.

5.0
2020-09-25 CVE-2020-15191 Tensorflow Null Pointer Dereference vulnerability in Tensorflow 2.2.0/2.3.0

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes an invalid argument to `dlpack.to_dlpack` the expected validations will cause variables to bind to `nullptr` while setting a `status` variable to the error condition.

5.0
2020-09-25 CVE-2020-15190 Tensorflow Null Pointer Dereference vulnerability in Tensorflow

In Tensorflow before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, the `tf.raw_ops.Switch` operation takes as input a tensor and a boolean and outputs two tensors.

5.0
2020-09-25 CVE-2020-4531 IBM Unchecked Return Value vulnerability in IBM products

IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.

5.0
2020-09-25 CVE-2020-19455 Jdownloads SQL Injection vulnerability in Jdownloads 3.2.63

SQL injection exists in the jdownloads 3.2.63 component for Joomla! via components/com_jdownloads/helpers/categories.php, order function via the filter_order parameter.

5.0
2020-09-25 CVE-2020-19451 Jdownloads SQL Injection vulnerability in Jdownloads 3.2.63

SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, updateLog function via the X-forwarded-for Header parameter.

5.0
2020-09-25 CVE-2020-19450 Jdownloads SQL Injection vulnerability in Jdownloads 3.2.63

SQL injection exists in the jdownloads 3.2.63 component for Joomla! via com_jdownloads/helpers/jdownloadshelper.php, getUserLimits function in the list parameter.

5.0
2020-09-25 CVE-2020-5930 F5 Unspecified vulnerability in F5 products

In BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.7, 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 and BIG-IQ 5.2.0-7.1.0, unauthenticated attackers can cause disruption of service via undisclosed methods.

5.0
2020-09-25 CVE-2020-26112 Cpanel Unspecified vulnerability in Cpanel

The email quota cache in cPanel before 90.0.10 allows overwriting of files.

5.0
2020-09-25 CVE-2020-26109 Cpanel Unspecified vulnerability in Cpanel

cPanel before 88.0.13 allows bypass of a protection mechanism that attempted to restrict package modification (SEC-557).

5.0
2020-09-25 CVE-2020-26107 Cpanel Inadequate Encryption Strength vulnerability in Cpanel

cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).

5.0
2020-09-25 CVE-2020-26106 Cpanel Information Exposure Through LOG Files vulnerability in Cpanel

cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-558).

5.0
2020-09-25 CVE-2020-26105 Cpanel Insufficiently Protected Credentials vulnerability in Cpanel

In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).

5.0
2020-09-25 CVE-2020-26104 Cpanel Insecure Storage of Sensitive Information vulnerability in Cpanel

In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552).

5.0
2020-09-25 CVE-2020-26103 Cpanel Weak Password Requirements vulnerability in Cpanel

In cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551).

5.0
2020-09-25 CVE-2020-26102 Cpanel Incorrect Authorization vulnerability in Cpanel

In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM (SEC-550).

5.0
2020-09-25 CVE-2020-26101 Cpanel Insufficiently Protected Credentials vulnerability in Cpanel

In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).

5.0
2020-09-25 CVE-2020-26099 Cpanel Unspecified vulnerability in Cpanel

cPanel before 88.0.3 allows attackers to bypass the SMTP greylisting protection mechanism (SEC-491).

5.0
2020-09-25 CVE-2020-24615 Pexip Improper Input Validation vulnerability in Pexip Infinity

Pexip Infinity before 24.1 has Improper Input Validation, leading to temporary denial of service via SIP.

5.0
2020-09-25 CVE-2020-24595 Mitel Incorrect Authorization vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1

Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to retrieve sensitive information due to insufficient access control.

5.0
2020-09-25 CVE-2020-24592 Mitel Improper Encoding OR Escaping of Output vulnerability in Mitel Micloud Management Portal 5.3/6.0/6.1

Mitel MiCloud Management Portal before 6.1 SP5 could allow an attacker, by sending a crafted request, to view system information due to insufficient output sanitization.

5.0
2020-09-25 CVE-2020-13387 Pexip Improper Input Validation vulnerability in Pexip Infinity

Pexip Infinity before 23.4 has a lack of input validation, leading to temporary denial of service via H.323.

5.0
2020-09-25 CVE-2020-12824 Pexip Improper Input Validation vulnerability in Pexip Infinity 23/23.1/23.2

Pexip Infinity 23.x before 23.3 has improper input validation, leading to a temporary software abort via RTP.

5.0
2020-09-24 CVE-2020-13991 Jerryscript Unspecified vulnerability in Jerryscript 2.2.0

vm/opcodes.c in JerryScript 2.2.0 allows attackers to hijack the flow of control by controlling a register.

5.0
2020-09-24 CVE-2020-19447 Jdownloads SQL Injection vulnerability in Jdownloads 3.2.63

SQL injection exists in the jdownloads 3.2.63 component for Joomla! com_jdownloads/models/send.php via the f_marked_files_id parameter.

5.0
2020-09-24 CVE-2020-12837 Gogogate Unrestricted Upload of File With Dangerous Type vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors.

5.0
2020-09-24 CVE-2020-15840 Liferay Unspecified vulnerability in Liferay DXP and Liferay Portal

In Liferay Portal before 7.3.1, Liferay Portal 6.2 EE, and Liferay DXP 7.2, DXP 7.1 and DXP 7.0, the property 'portlet.resource.id.banned.paths.regexp' can be bypassed with doubled encoded URLs.

5.0
2020-09-24 CVE-2020-12818 Fortinet Unspecified vulnerability in Fortinet Fortios

An insufficient logging vulnerability in FortiGate before 6.4.1 may allow the traffic from an unauthenticated attacker to Fortinet owned IP addresses to go unnoticed.

5.0
2020-09-24 CVE-2020-24560 Trendmicro Improper Certificate Validation vulnerability in Trendmicro products

An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one.

5.0
2020-09-24 CVE-2020-15604 Trendmicro Improper Certificate Validation vulnerability in Trendmicro products

An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an attacker to combine this vulnerability with another attack to trick an affected client into downloading a malicious update instead of the expected one.

5.0
2020-09-23 CVE-2020-11031 Glpi Project USE of A Broken OR Risky Cryptographic Algorithm vulnerability in Glpi-Project Glpi

In GLPI before version 9.5.0, the encryption algorithm used is insecure.

5.0
2020-09-23 CVE-2020-24213 Ygopro Integer Overflow OR Wraparound vulnerability in Ygopro Ygocore 1.035.1

An integer overflow was discovered in YGOPro ygocore v13.51.

5.0
2020-09-23 CVE-2020-16240 GE Authorization Bypass Through User-Controlled KEY vulnerability in GE Asset Performance Management Classic 4.4

GE Digital APM Classic, Versions 4.4 and prior.

5.0
2020-09-23 CVE-2020-7122 Aruba Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Aruba products

Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found.

5.0
2020-09-23 CVE-2020-7121 Aruba Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Aruba products

Two memory corruption vulnerabilities in the Aruba CX Switches Series 6200F, 6300, 6400, 8320, 8325, and 8400 have been found.

5.0
2020-09-23 CVE-2020-24625 HPE Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9

Unathenticated directory traversal in the ReceiverServlet class doGet() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.

5.0
2020-09-23 CVE-2020-24624 HPE Path Traversal vulnerability in HPE Utility Computing Service Meter 1.9

Unathenticated directory traversal in the DownloadServlet class execute() method can lead to arbitrary file reads in HPE Pay Per Use (PPU) Utility Computing Service (UCS) Meter version 1.9.

5.0
2020-09-23 CVE-2020-25821 PEG Markdown Project Null Pointer Dereference vulnerability in Peg-Markdown Project Peg-Markdown 0.4.14

** UNSUPPORTED WHEN ASSIGNED ** peg-markdown 0.4.14 has a NULL pointer dereference in process_raw_blocks in markdown_lib.c.

5.0
2020-09-23 CVE-2020-3569 Cisco Resource Exhaustion vulnerability in Cisco IOS XR

Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash.

5.0
2020-09-23 CVE-2020-3133 Cisco Improper Input Validation vulnerability in Cisco Email Security Appliance

A vulnerability in the email message scanning of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass configured filters on the device.

5.0
2020-09-22 CVE-2020-4622 IBM USE of Hard-Coded Credentials vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

5.0
2020-09-22 CVE-2020-4616 IBM Information Exposure vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 could disclose sensitive username information to an attacker using a specially crafted HTTP request.

5.0
2020-09-22 CVE-2020-4614 IBM USE of A Broken OR Risky Cryptographic Algorithm vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt sensitive information.

5.0
2020-09-22 CVE-2020-4613 IBM USE of A Broken OR Risky Cryptographic Algorithm vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2020-09-22 CVE-2020-23446 Verint Unspecified vulnerability in Verint Workforce Optimization 15.1.0.37634

Verint Workforce Optimization suite 15.1 (15.1.0.37634) has Unauthenticated Information Disclosure via API

5.0
2020-09-22 CVE-2020-8887 Telestream SQL Injection vulnerability in Telestream Medius and Sentry

Telestream Tektronix Medius before 10.7.5 and Sentry before 10.7.5 have a SQL injection vulnerability allowing an unauthenticated attacker to dump database contents via the page parameter in a page=login request to index.php (aka the server login page).

5.0
2020-09-21 CVE-2020-4643 IBM XXE vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data.

5.0
2020-09-21 CVE-2020-4581 IBM Unspecified vulnerability in IBM Datapower Gateway

IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a chunked transfer-encoding HTTP/2 request.

5.0
2020-09-21 CVE-2020-4580 IBM Unspecified vulnerability in IBM Datapower Gateway

IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted a JSON request with invalid characters.

5.0
2020-09-21 CVE-2020-4579 IBM Unspecified vulnerability in IBM Datapower Gateway

IBM DataPower Gateway 2018.4.1.0 through 2018.4.1.12 could allow a remote attacker to cause a denial of service by sending a specially crafted HTTP/2 request with invalid characters.

5.0
2020-09-21 CVE-2020-14179 Atlassian Information Exposure vulnerability in Atlassian Jira Server and Data Center

Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /secure/QueryComponent!Default.jspa endpoint.

5.0
2020-09-23 CVE-2020-25601 XEN
Debian
Fedoraproject
Opensuse
Resource Exhaustion vulnerability in multiple products

An issue was discovered in Xen through 4.14.x.

4.9
2020-09-23 CVE-2020-25600 XEN
Fedoraproject
Opensuse
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

An issue was discovered in Xen through 4.14.x.

4.9
2020-09-25 CVE-2020-25625 Qemu Infinite Loop vulnerability in Qemu 5.0.0

hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop.

4.7
2020-09-23 CVE-2020-25603 XEN Memory Leak vulnerability in XEN

An issue was discovered in Xen through 4.14.x.

4.6
2020-09-23 CVE-2020-25602 XEN Improper Handling of Exceptional Conditions vulnerability in XEN

An issue was discovered in Xen through 4.14.x.

4.6
2020-09-22 CVE-2020-25515 Simple Library Management System Project Unrestricted Upload of File With Dangerous Type vulnerability in Simple Library Management System Project Simple Library Management System 1.0

Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books.

4.6
2020-09-22 CVE-2020-25514 Simple Library Management System Project Improper Authentication vulnerability in Simple Library Management System Project Simple Library Management System 1.0

Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://<site>/lms/admin.php.

4.6
2020-09-22 CVE-2020-25487 ZOO Management System Project SQL Injection vulnerability in ZOO Management System Project ZOO Management System 1.0

PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is affected by: SQL Injection via zms/animal-detail.php.

4.6
2020-09-21 CVE-2020-6546 Google
Debian
Fedoraproject
Improper Privilege Management vulnerability in multiple products

Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local attacker to potentially elevate privilege via a crafted filesystem.

4.6
2020-09-21 CVE-2020-6574 Google
Opensuse
Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed a local attacker to potentially achieve privilege escalation via a crafted binary.
4.6
2020-09-25 CVE-2020-25085 Qemu
Debian
Out-Of-Bounds Write vulnerability in multiple products

QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case.

4.4
2020-09-24 CVE-2020-15843 Actfax Incorrect Default Permissions vulnerability in Actfax 7.10

ActFax Version 7.10 Build 0335 (2020-05-25) is susceptible to a privilege escalation vulnerability due to insecure folder permissions on %PROGRAMFILES%\ActiveFax\Client\, %PROGRAMFILES%\ActiveFax\Install\ and %PROGRAMFILES%\ActiveFax\Terminal\.

4.4
2020-09-23 CVE-2020-25599 XEN Race Condition vulnerability in XEN

An issue was discovered in Xen through 4.14.x.

4.4
2020-09-27 CVE-2020-26120 Mediawiki Cross-Site Scripting vulnerability in Mediawiki

XSS exists in the MobileFrontend extension for MediaWiki before 1.34.4 because section.line is mishandled during regex section line replacement from PageGateway.

4.3
2020-09-27 CVE-2020-25828 Mediawiki Cross-Site Scripting vulnerability in Mediawiki

An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4.

4.3
2020-09-27 CVE-2020-25815 Mediawiki Cross-Site Scripting vulnerability in Mediawiki

An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4.

4.3
2020-09-27 CVE-2020-25814 Mediawiki Cross-Site Scripting vulnerability in Mediawiki

In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur.

4.3
2020-09-27 CVE-2020-25812 Mediawiki Cross-Site Scripting vulnerability in Mediawiki

An issue was discovered in MediaWiki 1.34.x before 1.34.4.

4.3
2020-09-25 CVE-2020-15213 Tensorflow Allocation of Resources Without Limits OR Throttling vulnerability in Tensorflow

In TensorFlow Lite before versions 2.2.1 and 2.3.1, models using segment sum can trigger a denial of service by causing an out of memory allocation in the implementation of segment sum.

4.3
2020-09-25 CVE-2020-15209 Tensorflow Null Pointer Dereference vulnerability in Tensorflow

In tensorflow-lite before versions 1.15.4, 2.0.3, 2.1.2, 2.2.1 and 2.3.1, a crafted TFLite model can force a node to have as input a tensor backed by a `nullptr` buffer.

4.3
2020-09-25 CVE-2020-15200 Tensorflow Heap-Based Buffer Overflow vulnerability in Tensorflow 2.3.0

In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` implementation does not validate that the input arguments form a valid ragged tensor.

4.3
2020-09-25 CVE-2020-15199 Tensorflow Improper Input Validation vulnerability in Tensorflow 2.3.0

In Tensorflow before version 2.3.1, the `RaggedCountSparseOutput` does not validate that the input arguments form a valid ragged tensor.

4.3
2020-09-25 CVE-2020-25148 Observium Cross-Site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25146 Observium Cross-Site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25142 Observium Cross-Site Request Forgery (CSRF) vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25141 Observium Cross-Site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-16242 GE Cross-Site Scripting vulnerability in GE S2020 Firmware and S2024 Firmware

The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow an attacker to trick application users into performing critical application actions that include, but are not limited to, adding and updating accounts.

4.3
2020-09-25 CVE-2020-4727 IBM Improper Restriction of Rendered UI Layers OR Frames vulnerability in IBM Infosphere Information Server 11.7

IBM InfoSphere Information Server 11.7 could allow a remote attacker to hijack the clicking action of the victim.

4.3
2020-09-25 CVE-2020-25140 Observium Cross-Site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25139 Observium Cross-Site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25138 Observium Cross-Site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25137 Observium Cross-Site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25135 Observium Cross-Site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-25131 Observium Cross-Site Scripting vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.3
2020-09-25 CVE-2020-15521 Zohocorp Cross-Site Scripting vulnerability in Zohocorp Manageengine Applications Manager

Zoho ManageEngine Applications Manager before 14 build 14730 has no protection against jsp/header.jsp Cross-site Scripting (XSS) .

4.3
2020-09-25 CVE-2019-11556 Redhat Cross-Site Scripting vulnerability in Redhat Pagure

Pagure before 5.6 allows XSS via the templates/blame.html blame view.

4.3
2020-09-25 CVE-2020-26115 Cpanel Cross-Site Scripting vulnerability in Cpanel

cPanel before 90.0.10 allows self XSS via the Cron Editor interface (SEC-574).

4.3
2020-09-25 CVE-2020-26114 Cpanel Cross-Site Scripting vulnerability in Cpanel

cPanel before 90.0.10 allows self XSS via the Cron Jobs interface (SEC-573).

4.3
2020-09-25 CVE-2020-26113 Cpanel Cross-Site Scripting vulnerability in Cpanel

cPanel before 90.0.10 allows self XSS via WHM Manage API Tokens interfaces (SEC-569).

4.3
2020-09-25 CVE-2020-26111 Cpanel Cross-Site Scripting vulnerability in Cpanel

cPanel before 90.0.10 allows self XSS via the WHM Edit DNS Zone interface (SEC-566).

4.3
2020-09-25 CVE-2020-26110 Cpanel Cross-Site Scripting vulnerability in Cpanel

cPanel before 88.0.13 allows self XSS via DNS Zone Manager DNSSEC interfaces (SEC-564).

4.3
2020-09-24 CVE-2020-15161 Prestashop Cross-Site Scripting vulnerability in Prestashop

In PrestaShop from version 1.6.0.4 and before version 1.7.6.8 an attacker is able to inject javascript while using the contact form.

4.3
2020-09-24 CVE-2020-8348 Lenovo Cross-Site Scripting vulnerability in Lenovo Enterprise Network Disk 6.1

A DOM-based cross-site scripting (XSS) vulnerability was reported in Lenovo Enterprise Network Disk prior to version 6.1 patch 6 hotfix 4 that could allow execution of code in an authenticated user's current browser session if a crafted url is visited, possibly through phishing.

4.3
2020-09-24 CVE-2020-8347 Lenovo Cross-Site Scripting vulnerability in Lenovo Enterprise Network Disk 6.1

A reflective cross-site scripting (XSS) vulnerability was reported in Lenovo Enterprise Network Disk prior to version 6.1 patch 6 hotfix 4 that could allow execution of code in an authenticated user's browser if a crafted url is visited, possibly through phishing.

4.3
2020-09-24 CVE-2020-15930 Joplin Project Cross-Site Scripting vulnerability in Joplin Project Joplin

An XSS issue in Joplin desktop 1.0.190 to 1.0.245 allows arbitrary code execution via a malicious HTML embed tag.

4.3
2020-09-24 CVE-2020-3422 Cisco Unspecified vulnerability in Cisco IOS XE 16.9.3

A vulnerability in the IP Service Level Agreement (SLA) responder feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the IP SLA responder to reuse an existing port, resulting in a denial of service (DoS) condition.

4.3
2020-09-24 CVE-2020-12811 Fortinet Cross-Site Scripting vulnerability in Fortinet Fortianalyzer and Fortimanager

An improper neutralization of script-related HTML tags in a web page in FortiManager 6.2.0, 6.2.1, 6.2.2, and 6.2.3and FortiAnalyzer 6.2.0, 6.2.1, 6.2.2, and 6.2.3 may allow an attacker to execute a cross site scripting (XSS) via the Identify Provider name field.

4.3
2020-09-24 CVE-2020-13119 Gogogate Improper Restriction of Rendered UI Layers OR Frames vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to clickjacking.

4.3
2020-09-24 CVE-2020-12841 Gogogate Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php

4.3
2020-09-24 CVE-2020-12840 Gogogate Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php

4.3
2020-09-24 CVE-2020-12281 Gogogate Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php.

4.3
2020-09-24 CVE-2020-12816 Fortinet Cross-Site Scripting vulnerability in Fortinet Fortinac

An improper neutralization of input vulnerability in FortiNAC before 8.7.2 may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the UserID of Admin Users.

4.3
2020-09-24 CVE-2020-12280 Gogogate Cross-Site Request Forgery (CSRF) vulnerability in Gogogate Ismartgate PRO Firmware 1.5.9

iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php.

4.3
2020-09-24 CVE-2020-22453 Untis Cross-Site Scripting vulnerability in Untis Webuntis

Untis WebUntis before 2020.9.6 allows XSS in multiple functions that store information.

4.3
2020-09-23 CVE-2020-4340 IBM Improper Certificate Validation vulnerability in IBM Security Secret Server 10.7/10.7.000059/10.8

IBM Security Secret Server prior to 10.9 could allow an attacker to bypass SSL security due to improper certificate validation.

4.3
2020-09-23 CVE-2020-25739 GON Project
Debian
Cross-Site Scripting vulnerability in multiple products

An issue was discovered in the gon gem before gon-6.4.0 for Ruby.

4.3
2020-09-23 CVE-2020-3137 Cisco Cross-Site Scripting vulnerability in Cisco Email Security Appliance

A vulnerability in the web-based management interface of Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

4.3
2020-09-23 CVE-2020-3124 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Hosted Collaboration Mediation Fulfillment

A vulnerability in the web-based interface of Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.

4.3
2020-09-23 CVE-2020-3117 Cisco Unspecified vulnerability in Cisco products

A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance (WSA) and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response.

4.3
2020-09-23 CVE-2020-3116 Cisco Improper Input Validation vulnerability in Cisco Webex Meetings Online and Webex Meetings Server

A vulnerability in the way Cisco Webex applications process Universal Communications Format (UCF) files could allow an attacker to cause a denial of service (DoS) condition.

4.3
2020-09-22 CVE-2020-14024 Ozeki Cross-Site Scripting vulnerability in Ozeki NG SMS Gateway

Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected XSS vulnerabilities via the (1) Receiver or Recipient field in the Mailbox feature, (2) OZFORM_GROUPNAME field in the Group configuration of addresses, (3) listname field in the Defining address lists configuration, or (4) any GET Parameter in the /default URL of the application.

4.3
2020-09-22 CVE-2020-24619 Meltytech USE of A Broken OR Risky Cryptographic Algorithm vulnerability in Meltytech Shotcut

In mainwindow.cpp in Shotcut before 20.09.13, the upgrade check misuses TLS because of setPeerVerifyMode(QSslSocket::VerifyNone).

4.3
2020-09-21 CVE-2020-6571 Google
Opensuse
Fedoraproject
Debian
Improper Input Validation vulnerability in multiple products

Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.

4.3
2020-09-21 CVE-2020-6570 Google
Opensuse
Fedoraproject
Debian
Information Exposure vulnerability in multiple products

Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information via a crafted WebRTC interaction.

4.3
2020-09-21 CVE-2020-6568 Google
Opensuse
Fedoraproject
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
4.3
2020-09-21 CVE-2020-6567 Google
Opensuse
Fedoraproject
Improper Input Validation vulnerability in multiple products

Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

4.3
2020-09-21 CVE-2020-6566 Google
Opensuse
Fedoraproject
Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
4.3
2020-09-21 CVE-2020-6565 Google
Fedoraproject
Opensuse
Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
4.3
2020-09-21 CVE-2020-6564 Google
Opensuse
Fedoraproject
Improper Preservation of Permissions vulnerability in multiple products

Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page.

4.3
2020-09-21 CVE-2020-6563 Google
Opensuse
Fedoraproject
Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page.
4.3
2020-09-21 CVE-2020-6562 Google
Opensuse
Debian
Fedoraproject
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

4.3
2020-09-21 CVE-2020-6561 Google
Opensuse
Debian
Fedoraproject
Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
4.3
2020-09-21 CVE-2020-6560 Google
Opensuse
Fedoraproject
Insufficient policy enforcement in autofill in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
4.3
2020-09-21 CVE-2020-6558 Google
Opensuse
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

4.3
2020-09-21 CVE-2020-6547 Google
Debian
Fedoraproject
Information Exposure vulnerability in multiple products

Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially obtain sensitive information via a crafted HTML page.

4.3
2020-09-21 CVE-2020-6538 Google
Debian
Fedoraproject
Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
4.3
2020-09-21 CVE-2020-15966 Google
Debian
Opensuse
Fedoraproject
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension.
4.3
2020-09-21 CVE-2020-15959 Google
Opensuse
Fedoraproject
Debian
Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering.
4.3
2020-09-21 CVE-2020-4731 IBM Cross-Site Scripting vulnerability in IBM Aspera Shares 1.9.14

IBM Aspera Web Application 1.9.14 PL1 is vulnerable to cross-site scripting.

4.3
2020-09-21 CVE-2020-4315 IBM Insecure Storage of Sensitive Information vulnerability in IBM Business Automation Content Analyzer ON Cloud 1.0

IBM Business Automation Content Analyzer on Cloud 1.0 does not set the secure attribute on authorization tokens or session cookies.

4.3
2020-09-25 CVE-2020-15192 Tensorflow Improper Input Validation vulnerability in Tensorflow 2.2.0/2.3.0

In Tensorflow before versions 2.2.1 and 2.3.1, if a user passes a list of strings to `dlpack.to_dlpack` there is a memory leak following an expected validation failure.

4.0
2020-09-25 CVE-2020-25130 Observium SQL Injection vulnerability in Observium 20.8.10631

An issue was discovered in Observium Professional, Enterprise & Community 20.8.10631.

4.0
2020-09-25 CVE-2020-15370 Broadcom Information Exposure Through LOG Files vulnerability in Broadcom Fabric Operating System

Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext.

4.0
2020-09-25 CVE-2020-15369 Broadcom
Brocade
Weak Password Requirements vulnerability in multiple products

Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server.

4.0
2020-09-24 CVE-2020-3516 Cisco Improper Input Validation vulnerability in Cisco IOS XE

A vulnerability in the web server authentication of Cisco IOS XE Software could allow an authenticated, remote attacker to crash the web server on the device.

4.0
2020-09-24 CVE-2020-15223 ORY Improper Handling of Exceptional Conditions vulnerability in ORY Fosite

In ORY Fosite (the security first OAuth2 & OpenID Connect framework for Go) before version 0.34.0, the `TokenRevocationHandler` ignores errors coming from the storage.

4.0
2020-09-23 CVE-2020-5781 Ignitenet Cross-Site Scripting vulnerability in Ignitenet Helios Glinq 2.2.1

In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configuration file (/etc/config/luci) by the authenticator.htmlauth function.

4.0
2020-09-23 CVE-2020-4324 IBM Improper Input Validation vulnerability in IBM Security Secret Server 10.7/10.7.000059/10.8

IBM Security Secret Server proir to 10.9 could allow a remote attacker to bypass security restrictions, caused by improper input validation.

4.0
2020-09-23 CVE-2020-2285 Jenkins Missing Authorization vulnerability in Jenkins Liquibase Runner

A missing permission check in Jenkins Liquibase Runner Plugin 1.4.7 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins.

4.0
2020-09-23 CVE-2020-2282 Jenkins Missing Authorization vulnerability in Jenkins Implied Labels

Jenkins Implied Labels Plugin 0.6 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to configure the plugin.

4.0
2020-09-23 CVE-2020-16244 GE USE of A One-Way Hash Without A Salt vulnerability in GE Asset Performance Management Classic 4.4

GE Digital APM Classic, Versions 4.4 and prior.

4.0
2020-09-23 CVE-2020-14370 Podman Project
Redhat
Information Exposure vulnerability in multiple products

An information disclosure vulnerability was found in containers/podman in versions before 2.0.5.

4.0
2020-09-22 CVE-2020-15839 Liferay Unrestricted Upload of File With Dangerous Type vulnerability in Liferay Digital Experience Platform and Liferay Portal

Liferay Portal before 7.3.3, and Liferay DXP 7.1 before fix pack 18 and 7.2 before fix pack 6, does not restrict the size of a multipart/form-data POST action, which allows remote authenticated users to conduct denial-of-service attacks by uploading large files.

4.0
2020-09-22 CVE-2020-14023 Ozeki Server-Side Request Forgery (SSRF) vulnerability in Ozeki NG SMS Gateway

Ozeki NG SMS Gateway through 4.17.6 allows SSRF via SMS WCF or RSS To SMS.

4.0
2020-09-22 CVE-2020-24333 Arista Improper Authentication vulnerability in Arista Cloudvision Portal

A vulnerability in Arista’s CloudVision Portal (CVP) prior to 2020.2 allows users with “read-only” or greater access rights to the Configlet Management module to download files not intended for access, located on the CVP server, by accessing a specific API.

4.0
2020-09-22 CVE-2020-4619 IBM Cleartext Storage of Sensitive Information vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 stores user credentials in plain in clear text which can be read by an authenticated user.

4.0
2020-09-22 CVE-2020-4618 IBM Improper Input Validation vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 could allow a privileged user to cause a denial of service due to improper input validation.

4.0
2020-09-22 CVE-2020-4612 IBM Information Exposure vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 could allow an authenticated user to obtain sensitive information using a specially crafted HTTP request.

4.0
2020-09-22 CVE-2020-3977 Vmware Missing Authentication FOR Critical Function vulnerability in VMWare Horizon Daas 7.0.0/8.0.0/8.0.1

VMware Horizon DaaS (7.x and 8.x before 8.0.1 Update 1) contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication.

4.0
2020-09-21 CVE-2020-4590 IBM Unspecified vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server Liberty 17.0.0.3 through 20.0.0.9 running oauth-2.0 or openidConnectServer-1.0 server features is vulnerable to a denial of service attack conducted by an authenticated client.

4.0
2020-09-21 CVE-2020-14180 Atlassian Information Exposure vulnerability in Atlassian Jira Service Desk

Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource.

4.0
2020-09-21 CVE-2020-14177 Atlassian Unspecified vulnerability in Atlassian Jira Server and Data Center 7.14.0/8.11.0/8.6.0

Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Regex-based Denial of Service (DoS) vulnerability in JQL version searching.

4.0

21 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-09-25 CVE-2020-24692 Mitel Improper Input Validation vulnerability in Mitel Micontact Center Business 8.0/9.0.0.0/9.0.1.0

The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow an attacker to execute arbitrary scripts due to insufficient input validation, aka XSS.

3.6
2020-09-24 CVE-2020-3503 Cisco Incorrect Permission Assignment FOR Critical Resource vulnerability in Cisco IOS XE 16.12.1

A vulnerability in the file system permissions of Cisco IOS XE Software could allow an authenticated, local attacker to obtain read and write access to critical configuration or system files.

3.6
2020-09-24 CVE-2020-3476 Cisco Files OR Directories Accessible TO External Parties vulnerability in Cisco IOS 16.10.1/16.9

A vulnerability in the CLI implementation of a specific command of Cisco IOS XE Software could allow an authenticated, local attacker to overwrite arbitrary files in the underlying host file system.

3.6
2020-09-25 CVE-2020-15197 Tensorflow Reachable Assertion vulnerability in Tensorflow 2.3.0

In Tensorflow before version 2.3.1, the `SparseCountSparseOutput` implementation does not validate that the input arguments form a valid sparse tensor.

3.5
2020-09-25 CVE-2018-6447 Broadcom
Brocade
Cross-Site Scripting vulnerability in multiple products

A Reflective XSS Vulnerability in HTTP Management Interface in Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g could allow authenticated attackers with access to the web interface to hijack a user’s session and take over the account.

3.5
2020-09-24 CVE-2020-15162 Prestashop Cross-Site Scripting vulnerability in Prestashop

In PrestaShop from version 1.5.0.0 and before version 1.7.6.8, users are allowed to send compromised files.

3.5
2020-09-24 CVE-2020-12815 Fortinet Cross-Site Scripting vulnerability in Fortinet Fortianalyzer

An improper neutralization of input vulnerability in FortiTester before 3.9.0 may allow a remote authenticated attacker to inject script related HTML tags via IPv4/IPv6 address fields.

3.5
2020-09-23 CVE-2020-2283 Jenkins Cross-Site Scripting vulnerability in Jenkins Liquibase Runner

Jenkins Liquibase Runner Plugin 1.4.5 and earlier does not escape changeset contents, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users able to control changeset files evaluated by the plugin.

3.5
2020-09-22 CVE-2020-14027 Ozeki Argument Injection OR Modification vulnerability in Ozeki NG SMS Gateway

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6.

3.5
2020-09-22 CVE-2020-4615 IBM Cross-Site Scripting vulnerability in IBM Data Risk Manager

IBM Data Risk Manager (iDNA) 2.0.6 is vulnerable to cross-site scripting.

3.5
2020-09-22 CVE-2020-7734 Arachnys Cross-Site Scripting vulnerability in Arachnys Cabot

All versions of package cabot are vulnerable to Cross-site Scripting (XSS) via the Endpoint column.

3.5
2020-09-24 CVE-2020-3418 Cisco Improper Privilege Management vulnerability in Cisco IOS XE 17.1.1

A vulnerability in Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9800 Series Routers could allow an unauthenticated, adjacent attacker to send ICMPv6 traffic prior to the client being placed into RUN state.

3.3
2020-09-25 CVE-2020-5929 F5 Unspecified vulnerability in F5 products

In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Nitrox SSL hardware acceleration cards, a Virtual Server configured with a Client SSL profile, and using Anonymous (ADH) or Ephemeral (DHE) Diffie-Hellman key exchange and Single DH use option not enabled in the options list may be vulnerable to crafted SSL/TLS Handshakes that may result with a PMS (Pre-Master Secret) that starts in a 0 byte and may lead to a recovery of plaintext messages as BIG-IP TLS/SSL ADH/DHE sends different error messages acting as an oracle.

2.6
2020-09-25 CVE-2020-15372 Broadcom Improper Control of Dynamically-Managed Code Resources vulnerability in Broadcom Fabric Operating System

A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or bypassing the logging.

2.1
2020-09-25 CVE-2020-25084 Qemu
Debian
USE After Free vulnerability in multiple products

QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.

2.1
2020-09-24 CVE-2020-3477 Cisco Improper Input Validation vulnerability in Cisco IOS 16.3.11

A vulnerability in the CLI parser of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker to access files from the flash: filesystem.

2.1
2020-09-24 CVE-2020-26088 Linux
Debian
Opensuse
Incorrect Default Permissions vulnerability in multiple products

A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a.

2.1
2020-09-23 CVE-2020-25598 XEN
Fedoraproject
Opensuse
Always-Incorrect Control Flow Implementation vulnerability in multiple products

An issue was discovered in Xen 4.14.x.

2.1
2020-09-23 CVE-2020-25596 XEN
Debian
Fedoraproject
Opensuse
Injection vulnerability in multiple products

An issue was discovered in Xen through 4.14.x.

2.1
2020-09-25 CVE-2020-25203 Framer Unspecified vulnerability in Framer Preview 12.0

The Framer Preview application 12 for Android exposes com.framer.viewer.FramerViewActivity to other applications.

1.9
2020-09-23 CVE-2020-25604 XEN
Fedoraproject
Race Condition vulnerability in multiple products

An issue was discovered in Xen through 4.14.x.

1.9