Weekly Vulnerabilities Reports > September 28 to October 4, 2020
Overview
217 new vulnerabilities reported during this period, including 37 critical vulnerabilities and 83 high severity vulnerabilities. This weekly summary report vulnerabilities in 177 products from 105 vendors including Gitlab, Mozilla, Opensuse, Debian, and Nvidia. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Path Traversal", "Out-of-bounds Write", and "Use After Free".
- 170 reported vulnerabilities are remotely exploitables.
- 6 reported vulnerabilities have public exploit available.
- 74 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 124 reported vulnerabilities are exploitable by an anonymous user.
- Gitlab has the most reported vulnerabilities, with 16 reported vulnerabilities.
- Halo has the most reported critical vulnerabilities, with 4 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
37 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-10-02 | CVE-2020-26527 | Damstratechnology | Origin Validation Error vulnerability in Damstratechnology Smart Asset 2020.7 An issue was discovered in API/api/Version in Damstra Smart Asset 2020.7. | 9.8 |
2020-10-02 | CVE-2020-18185 | Pluxml | Code Injection vulnerability in Pluxml 5.7 class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment. | 9.8 |
2020-10-02 | CVE-2020-7737 | Safetydance Project | Unspecified vulnerability in Safetydance Project Safetydance All versions of package safetydance are vulnerable to Prototype Pollution via the set function. | 9.8 |
2020-10-02 | CVE-2020-7736 | Bmoor Project | Unspecified vulnerability in Bmoor Project Bmoor The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function. | 9.8 |
2020-10-02 | CVE-2020-24698 | Powerdns | Double Free vulnerability in Powerdns Authoritative An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. | 9.8 |
2020-10-02 | CVE-2020-12126 | Wavlink | Improper Authentication vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403 Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to leak router settings, change configuration variables, and cause denial of service via an unauthenticated endpoint. | 9.8 |
2020-10-02 | CVE-2020-12125 | Wavlink | Classic Buffer Overflow vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403 A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication. | 9.8 |
2020-10-02 | CVE-2020-12124 | Wavlink | OS Command Injection vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403 A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication. | 9.8 |
2020-10-02 | CVE-2020-26539 | Foxitsoftware | Use After Free vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1. | 9.8 |
2020-10-02 | CVE-2020-26537 | Foxitsoftware | Out-of-bounds Write vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1. | 9.8 |
2020-10-02 | CVE-2020-26535 | Foxitsoftware | Out-of-bounds Write vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1. | 9.8 |
2020-10-02 | CVE-2020-26534 | Foxitsoftware | Use After Free vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1. | 9.8 |
2020-10-02 | CVE-2020-26518 | Artica | SQL Injection vulnerability in Artica Pandora FMS Artica Pandora FMS before 743 allows unauthenticated attackers to conduct SQL injection attacks via the pandora_console/include/chart_generator.php session_id parameter. | 9.8 |
2020-10-01 | CVE-2020-15533 | Zohocorp | SQL Injection vulnerability in Zohocorp Manageengine Applications Manager In Zoho ManageEngine Application Manager 14.7 Build 14730 (before 14684, and between 14689 and 14750), the AlarmEscalation module is vulnerable to unauthenticated SQL Injection attack. | 9.8 |
2020-10-01 | CVE-2020-15227 | Nette Debian | Code Injection vulnerability in multiple products Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE. | 9.8 |
2020-10-01 | CVE-2020-25990 | Websitebaker | SQL Injection vulnerability in Websitebaker 2.12.2 WebsiteBaker 2.12.2 allows SQL Injection via parameter 'display_name' in /websitebaker/admin/preferences/save.php. | 9.8 |
2020-09-30 | CVE-2020-12870 | Rainbowfishsoftware | SQL Injection vulnerability in Rainbowfishsoftware Pacsone Server 6.8.4 RainbowFish PacsOne Server 6.8.4 allows SQL injection on the username parameter in the signup page. | 9.8 |
2020-09-30 | CVE-2020-26042 | Hoosk | SQL Injection vulnerability in Hoosk 1.8.0 An issue was discovered in Hoosk CMS v1.8.0. | 9.8 |
2020-09-30 | CVE-2020-26041 | Hoosk | Unspecified vulnerability in Hoosk 1.8.0 An issue was discovered in Hoosk CmS v1.8.0. | 9.8 |
2020-09-30 | CVE-2020-25763 | Seat Reservation System Project | Unrestricted Upload of File with Dangerous Type vulnerability in Seat Reservation System Project Seat Reservation System 1.0 Seat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading PHP files. | 9.8 |
2020-09-30 | CVE-2020-21526 | Halo | Path Traversal vulnerability in Halo 1.1.3 An Arbitrary file writing vulnerability in halo v1.1.3. | 9.8 |
2020-09-30 | CVE-2020-21523 | Halo | Injection vulnerability in Halo 1.1.3 A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. | 9.8 |
2020-09-30 | CVE-2020-21522 | Halo | Path Traversal vulnerability in Halo 1.1.3 An issue was discovered in halo V1.1.3. | 9.8 |
2020-09-30 | CVE-2020-20800 | Metinfo | SQL Injection vulnerability in Metinfo 7.0.0 An issue was discovered in MetInfo v7.0.0 beta. | 9.8 |
2020-09-30 | CVE-2020-19672 | Niushop | Unrestricted Upload of File with Dangerous Type vulnerability in Niushop 1.11 Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize function, upload php file, getshell. | 9.8 |
2020-09-30 | CVE-2020-15487 | RE Desk | SQL Injection vulnerability in Re-Desk Re:Desk 2.3 Re:Desk 2.3 contains a blind unauthenticated SQL injection vulnerability in the getBaseCriteria() function in the protected/models/Ticket.php file. | 9.8 |
2020-09-30 | CVE-2020-26154 | Libproxy Project Fedoraproject Debian Opensuse | Classic Buffer Overflow vulnerability in multiple products url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header. | 9.8 |
2020-09-30 | CVE-2018-5353 | Zohocorp | Authentication Bypass by Spoofing vulnerability in Zohocorp Manageengine Adselfservice Plus The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing. | 9.8 |
2020-09-30 | CVE-2020-26158 | Leanote | Cross-site Scripting vulnerability in Leanote Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. | 9.6 |
2020-09-30 | CVE-2020-26157 | Leanote | Cross-site Scripting vulnerability in Leanote Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. | 9.6 |
2020-10-02 | CVE-2020-26525 | Damstratechnology | SQL Injection vulnerability in Damstratechnology Smart Asset 2020.7 Damstra Smart Asset 2020.7 has SQL injection via the API/api/Asset originator parameter. | 9.1 |
2020-10-02 | CVE-2020-15232 | Mapfish | Unspecified vulnerability in Mapfish Print In mapfish-print before version 3.24, a user can do to an XML External Entity (XXE) attack with the provided SDL style. | 9.1 |
2020-10-02 | CVE-2020-12676 | Fusionauth | Improper Verification of Cryptographic Signature vulnerability in Fusionauth Samlv2 0.2.3 FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack". | 9.1 |
2020-10-02 | CVE-2020-18191 | GET Simple | Path Traversal vulnerability in Get-Simple Getsimplecms 3.3.15 GetSimpleCMS-3.3.15 is affected by directory traversal. | 9.1 |
2020-10-02 | CVE-2020-18190 | Bludit | Path Traversal vulnerability in Bludit 3.8.1 Bludit v3.8.1 is affected by directory traversal. | 9.1 |
2020-09-30 | CVE-2020-25762 | Seat Reservation System Project | SQL Injection vulnerability in Seat Reservation System Project Seat Reservation System 1.0 An issue was discovered in SourceCodester Seat Reservation System 1.0. | 9.1 |
2020-09-30 | CVE-2020-21524 | Halo | XXE vulnerability in Halo 1.1.3 There is a XML external entity (XXE) vulnerability in halo v1.1.3, The function of importing other blogs in the background(/api/admin/migrations/wordpress) needs to parse the xml file, but it is not used for security defense, This vulnerability can detect the intranet, read files, enable ddos attacks, etc. | 9.1 |
83 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-10-02 | CVE-2020-24628 | HPE | Code Injection vulnerability in HPE KVM IP Console Switch G2 Firmware A remote code injection vulnerability was discovered in HPE KVM IP Console Switches version(s): G2 4x1Ex32 Prior to 2.8.3. | 8.8 |
2020-10-02 | CVE-2020-26124 | Openmediavault | Code Injection vulnerability in Openmediavault 2.1/5.0.0 openmediavault before 4.1.36 and 5.x before 5.5.12 allows authenticated PHP code injection attacks, via the sortfield POST parameter of rpc.php, because json_encode_safe is not used in config/databasebackend.inc. | 8.8 |
2020-10-01 | CVE-2020-5786 | Teltonika Networks | Cross-Site Request Forgery (CSRF) vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03 Cross-site request forgery in Teltonika firmware TRB2_R_00.02.04.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. | 8.8 |
2020-10-01 | CVE-2020-15675 | Mozilla | Use After Free vulnerability in Mozilla Firefox When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash. | 8.8 |
2020-10-01 | CVE-2020-15674 | Mozilla | Improper Locking vulnerability in Mozilla Firefox Mozilla developers reported memory safety bugs present in Firefox 80. | 8.8 |
2020-10-01 | CVE-2020-15670 | Mozilla | Reachable Assertion vulnerability in Mozilla Firefox and Firefox ESR Mozilla developers reported memory safety bugs present in Firefox for Android 79. | 8.8 |
2020-10-01 | CVE-2020-15669 | Mozilla | Use After Free vulnerability in Mozilla Firefox ESR When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. | 8.8 |
2020-10-01 | CVE-2020-15667 | Mozilla | Out-of-bounds Write vulnerability in Mozilla Firefox When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading to memory corruption and potentially arbitrary code execution. | 8.8 |
2020-10-01 | CVE-2020-15663 | Mozilla | Uncontrolled Search Path Element vulnerability in Mozilla Firefox If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges. | 8.8 |
2020-10-01 | CVE-2020-15678 | Mozilla Opensuse Debian | Use After Free vulnerability in multiple products When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free. | 8.8 |
2020-10-01 | CVE-2020-15673 | Mozilla Debian Opensuse | Use After Free vulnerability in multiple products Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2. | 8.8 |
2020-09-30 | CVE-2020-12715 | Rainbowfishsoftware | Unrestricted Upload of File with Dangerous Type vulnerability in Rainbowfishsoftware Pacsone Server 6.8.4 RainbowFish PacsOne Server 6.8.4 has Incorrect Access Control. | 8.8 |
2020-09-30 | CVE-2020-14374 | Dpdk Opensuse Canonical | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. | 8.8 |
2020-09-30 | CVE-2020-21564 | Pluck CMS | Unrestricted Upload of File with Dangerous Type vulnerability in Pluck-Cms Pluck 4.7.10/4.7.11 An issue was discovered in Pluck CMS 4.7.10-dev2 and 4.7.11. | 8.8 |
2020-09-30 | CVE-2020-13296 | Gitlab | Missing Authorization vulnerability in Gitlab An issue has been discovered in GitLab affecting versions >=10.7 <13.0.14, >=13.1.0 <13.1.8, >=13.2.0 <13.2.6. | 8.8 |
2020-09-30 | CVE-2020-26163 | Bigbluebutton | Unspecified vulnerability in Bigbluebutton Greenlight BigBlueButton Greenlight before 2.5.6 allows HTTP header (Host and Origin) attacks, which can result in Account Takeover if a victim follows a spoofed password-reset link. | 8.8 |
2020-09-30 | CVE-2020-25760 | Projectworlds | SQL Injection vulnerability in Projectworlds Visitor Management System in PHP 1.0 Projectworlds Visitor Management System in PHP 1.0 allows SQL Injection. | 8.8 |
2020-09-30 | CVE-2018-5354 | Anixis | Authentication Bypass by Spoofing vulnerability in Anixis Password Reset Client The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing. | 8.8 |
2020-10-01 | CVE-2020-25017 | Envoyproxy | Unspecified vulnerability in Envoyproxy Envoy Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers. | 8.3 |
2020-09-30 | CVE-2020-13321 | Gitlab | Unspecified vulnerability in Gitlab A vulnerability was discovered in GitLab versions prior to 13.1. | 8.3 |
2020-10-02 | CVE-2020-15589 | Zohocorp | Unspecified vulnerability in Zohocorp products A design issue was discovered in GetInternetRequestHandle, InternetSendRequestEx and InternetSendRequestByBitrate in the client side of Zoho ManageEngine Desktop Central 10.0.552.W and Remote Access Plus before 10.1.2119.1. | 8.1 |
2020-10-02 | CVE-2020-24696 | Powerdns | Race Condition vulnerability in Powerdns Authoritative An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. | 8.1 |
2020-10-02 | CVE-2020-12123 | Wavlink | Cross-Site Request Forgery (CSRF) vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403 CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to remotely access router endpoints, because these endpoints do not contain CSRF tokens. | 8.1 |
2020-09-30 | CVE-2020-13952 | Apache | Unspecified vulnerability in Apache Superset In the course of work on the open source project it was discovered that authenticated users running queries against Hive and Presto database engines could access information via a number of templated fields including the contents of query description metadata database, the hashed version of the authenticated users’ password, and access to connection information including the plaintext password for the current connection. | 8.1 |
2020-09-30 | CVE-2019-20920 | Handlebarsjs | Code Injection vulnerability in Handlebarsjs Handlebars Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution. | 8.1 |
2020-09-30 | CVE-2020-13658 | Lansweeper | Cross-Site Request Forgery (CSRF) vulnerability in Lansweeper 8.0.130.17 In Lansweeper 8.0.130.17, the web console is vulnerable to a CSRF attack that would allow a low-level Lansweeper user to elevate their privileges within the application. | 8.0 |
2020-10-02 | CVE-2020-25776 | Trendmicro | Link Following vulnerability in Trendmicro Antivirus 2019/2020 Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their privileges. | 7.8 |
2020-10-02 | CVE-2020-5987 | Nvidia | Incomplete Cleanup vulnerability in Nvidia Virtual GPU Manager NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to denial of service or escalation of privileges. | 7.8 |
2020-10-02 | CVE-2020-5984 | Nvidia | Use After Free vulnerability in Nvidia Virtual GPU Manager NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure. | 7.8 |
2020-10-02 | CVE-2020-5981 | Nvidia | Out-of-bounds Write vulnerability in Nvidia Virtual GPU Manager NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), in which a specially crafted shader can cause an out of bounds access, which may lead to denial of service or code execution. | 7.8 |
2020-10-02 | CVE-2020-5980 | Nvidia | Unspecified vulnerability in Nvidia Virtual GPU Manager NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in multiple components in which a securely loaded system DLL will load its dependencies in an insecure fashion, which may lead to code execution or denial of service. | 7.8 |
2020-10-02 | CVE-2020-5979 | Nvidia | Unspecified vulnerability in Nvidia Virtual GPU Manager NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which a user is presented with a dialog box for input by a high-privilege process, which may lead to escalation of privileges. | 7.8 |
2020-10-02 | CVE-2020-24356 | Cloudflare | Uncontrolled Search Path Element vulnerability in Cloudflare Cloudflared `cloudflared` versions prior to 2020.8.1 contain a local privilege escalation vulnerability on Windows systems. | 7.8 |
2020-10-02 | CVE-2020-17382 | MSI | Out-of-bounds Write vulnerability in MSI Ambientlink Mslo64 Firmware 1.0.0.8 The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,and 0x80102054). | 7.8 |
2020-10-02 | CVE-2020-26538 | Foxitsoftware | Uncontrolled Search Path Element vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1. | 7.8 |
2020-10-01 | CVE-2020-24620 | Unisys | Use of Hard-coded Credentials vulnerability in Unisys Stealth Unisys Stealth(core) before 4.0.134 stores passwords in a recoverable format. | 7.8 |
2020-09-30 | CVE-2020-16234 | Fatek | Unspecified vulnerability in Fatek Winproladder 3.28 In PLC WinProladder Version 3.28 and prior, a stack-based buffer overflow vulnerability can be exploited when a valid user opens a specially crafted file, which may allow an attacker to remotely execute arbitrary code. | 7.8 |
2020-09-30 | CVE-2020-6654 | Eaton | Untrusted Search Path vulnerability in Eaton 9000X Programming and Configuration Software 2.0.38 A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL. | 7.8 |
2020-09-30 | CVE-2020-14376 | Dpdk Opensuse Canonical | Classic Buffer Overflow vulnerability in multiple products A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. | 7.8 |
2020-09-30 | CVE-2020-14375 | Dpdk Opensuse Canonical | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. | 7.8 |
2020-09-29 | CVE-2020-4607 | IBM | Improper Input Validation vulnerability in IBM Security Verify Privilege Vault Remote On-Premises 1.3.2 IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation. | 7.8 |
2020-09-29 | CVE-2020-25773 | Trendmicro | Double Free vulnerability in Trendmicro Apex ONE 2019/Saas A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. | 7.8 |
2020-09-29 | CVE-2020-24563 | Trendmicro | Improper Authentication vulnerability in Trendmicro Apex ONE 2019/Saas A vulnerability in Trend Micro Apex One may allow a local attacker to manipulate the process of the security agent unload option (if configured), which then could be manipulated to gain a privilege escalation and code execution. | 7.8 |
2020-09-29 | CVE-2020-24562 | Trendmicro | Link Following vulnerability in Trendmicro Officescan XG A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution. | 7.8 |
2020-09-30 | CVE-2020-21527 | Halo | Path Traversal vulnerability in Halo 1.1.3 There is an Arbitrary file deletion vulnerability in halo v1.1.3. | 7.7 |
2020-09-30 | CVE-2020-13323 | Gitlab | Unspecified vulnerability in Gitlab A vulnerability was discovered in GitLab versions prior 13.1. | 7.7 |
2020-10-04 | CVE-2017-18924 | Oauth2 Server Project | Code Injection vulnerability in Oauth2-Server Project Oauth2-Server oauth2-server (aka node-oauth2-server) through 3.1.1 implements OAuth 2.0 without PKCE. | 7.5 |
2020-10-02 | CVE-2020-25623 | Erlang | Path Traversal vulnerability in Erlang Erlang/Otp Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal. | 7.5 |
2020-10-02 | CVE-2020-8110 | Bitdefender | Access of Uninitialized Pointer vulnerability in Bitdefender Engines 7.84063/7.84892/7.84897 A vulnerability has been discovered in the ceva_emu.cvd module that results from a lack of proper validation of user-supplied data, which can result in a pointer that is fetched from uninitialized memory. | 7.5 |
2020-10-02 | CVE-2020-24697 | Powerdns | Unspecified vulnerability in Powerdns Authoritative An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. | 7.5 |
2020-10-02 | CVE-2020-14293 | Secudos | OS Command Injection vulnerability in Secudos Domos 5.6/5.6.1/5.8 conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface). | 7.5 |
2020-10-02 | CVE-2020-12127 | Wavlink | Missing Authentication for Critical Function vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403 An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication. | 7.5 |
2020-10-02 | CVE-2020-26540 | Foxitsoftware | Improper Verification of Cryptographic Signature vulnerability in Foxitsoftware Foxit Reader and Phantompdf An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on macOS. | 7.5 |
2020-10-02 | CVE-2020-26511 | Wpo365 | Improper Authentication vulnerability in Wpo365 Wordpress + Azure AD / Microsoft Office 365 The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token. | 7.5 |
2020-10-01 | CVE-2020-9491 | Apache | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Apache Nifi In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. | 7.5 |
2020-10-01 | CVE-2020-9487 | Apache | Missing Authentication for Critical Function vulnerability in Apache Nifi In Apache NiFi 1.0.0 to 1.11.4, the NiFi download token (one-time password) mechanism used a fixed cache size and did not authenticate a request to create a download token, only when attempting to use the token to access the content. | 7.5 |
2020-10-01 | CVE-2020-9486 | Apache | Information Exposure Through Log Files vulnerability in Apache Nifi In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which included sensitive property values. | 7.5 |
2020-10-01 | CVE-2020-11979 | Apache Gradle Fedoraproject Oracle | As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them. | 7.5 |
2020-10-01 | CVE-2020-25018 | Envoyproxy | Unspecified vulnerability in Envoyproxy Envoy 2D69E30 Envoy master between 2d69e30 and 3b5acb2 may fail to parse request URL that requires host canonicalization. | 7.5 |
2020-10-01 | CVE-2020-4576 | IBM | Unspecified vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.5, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to obtain sensitive information with a specially-crafted sequence of serialized objects. | 7.5 |
2020-10-01 | CVE-2020-8109 | Bitdefender | Out-of-bounds Write vulnerability in Bitdefender Engines 7.84063/7.84892 A vulnerability has been discovered in the ace.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. | 7.5 |
2020-10-01 | CVE-2019-20902 | Atlassian | Unspecified vulnerability in Atlassian Crowd Upgrading Crowd via XML Data Transfer can reactivate a disabled user from OpenLDAP. | 7.5 |
2020-09-30 | CVE-2020-15488 | RE Desk | Unrestricted Upload of File with Dangerous Type vulnerability in Re-Desk Re:Desk 2.3 Re:Desk 2.3 allows insecure file upload. | 7.5 |
2020-09-30 | CVE-2019-20922 | Handlebarsjs | Resource Exhaustion vulnerability in Handlebarsjs Handlebars Handlebars before 4.4.5 allows Regular Expression Denial of Service (ReDoS) because of eager matching. | 7.5 |
2020-09-30 | CVE-2020-26160 | JWT GO Project | Improper Handling of Exceptional Conditions vulnerability in Jwt-Go Project Jwt-Go jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). | 7.5 |
2020-09-30 | CVE-2020-26149 | Linuxfoundation | Insufficiently Protected Credentials vulnerability in Linuxfoundation Nats.Deno and Nats.Js NATS nats.js before 2.0.0-209, nats.ws before 1.0.0-111, and nats.deno before 1.0.0-9 allow credential disclosure from a client to a server. | 7.5 |
2020-09-30 | CVE-2020-26148 | Md4C Project | Use of Uninitialized Resource vulnerability in Md4C Project Md4C 0.4.5 md_push_block_bytes in md4c.c in md4c 0.4.5 allows attackers to trigger use of uninitialized memory, and cause a denial of service (e.g., assertion failure) via a malformed Markdown document. | 7.5 |
2020-09-30 | CVE-2020-21525 | Halo | Path Traversal vulnerability in Halo 1.1.3 Halo V1.1.3 is affected by: Arbitrary File reading. | 7.5 |
2020-09-30 | CVE-2020-13951 | Apache | Unspecified vulnerability in Apache Openmeetings Attackers can use public NetTest web service of Apache OpenMeetings 4.0.0-5.0.0 to organize denial of service attack. | 7.5 |
2020-09-30 | CVE-2020-26150 | Logaritmo | Forced Browsing vulnerability in Logaritmo Aware Callmanager 2012 info.php in Logaritmo Aware CallManager 2012 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function. | 7.5 |
2020-09-30 | CVE-2018-11765 | Apache | Improper Authentication vulnerability in Apache Hadoop In Apache Hadoop versions 3.0.0-alpha2 to 3.0.0, 2.9.0 to 2.9.2, 2.8.0 to 2.8.5, any users can access some servlets without authentication when Kerberos authentication is enabled and SPNEGO through HTTP is not enabled. | 7.5 |
2020-10-02 | CVE-2019-19199 | Reddoxx | Insufficient Session Expiration vulnerability in Reddoxx Maildepot 2032 REDDOXX MailDepot 2032 SP2 2.2.1242 has Insufficient Session Expiration because tokens are not invalidated upon a logout. | 7.4 |
2020-10-02 | CVE-2020-24397 | Zohocorp | Integer Overflow or Wraparound vulnerability in Zohocorp Manageengine Desktop Central 10.0.0 An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.0.SP-534. | 7.2 |
2020-10-02 | CVE-2020-18184 | Pluxxml | Unspecified vulnerability in Pluxxml 5.7 In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template. | 7.2 |
2020-09-30 | CVE-2020-15849 | RE Desk | SQL Injection vulnerability in Re-Desk Re:Desk 2.3 Re:Desk 2.3 has a blind authenticated SQL injection vulnerability in the SettingsController class, in the actionEmailTemplates() method. | 7.2 |
2020-09-30 | CVE-2020-8243 | Pulsesecure Ivanti | Code Injection vulnerability in multiple products A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution. | 7.2 |
2020-09-30 | CVE-2020-14030 | Ozeki | Deserialization of Untrusted Data vulnerability in Ozeki NG SMS Gateway An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. | 7.2 |
2020-09-30 | CVE-2020-13322 | Gitlab | Incorrect Authorization vulnerability in Gitlab A vulnerability was discovered in GitLab versions after 12.9. | 7.2 |
2020-10-02 | CVE-2020-5988 | Nvidia | Double Free vulnerability in Nvidia Virtual GPU Manager NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. | 7.1 |
2020-10-02 | CVE-2020-5985 | Nvidia | Improper Input Validation vulnerability in Nvidia Virtual GPU Manager NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering or denial of service. | 7.1 |
2020-10-02 | CVE-2020-5983 | Nvidia | Out-of-bounds Write vulnerability in Nvidia Virtual GPU Manager NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may lead to denial of service or information disclosure. | 7.1 |
2020-09-30 | CVE-2020-14377 | Dpdk Canonical Opensuse | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. | 7.1 |
2020-09-30 | CVE-2020-13325 | Gitlab | Unspecified vulnerability in Gitlab A vulnerability was discovered in GitLab versions prior 13.1. | 7.1 |
92 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-10-01 | CVE-2020-16844 | Istio | Unspecified vulnerability in Istio In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7, when users specify an AuthorizationPolicy resource with DENY actions using wildcard suffixes (e.g. | 6.8 |
2020-09-30 | CVE-2020-25816 | Hashicorp | Unspecified vulnerability in Hashicorp Vault HashiCorp Vault and Vault Enterprise versions 1.0 and newer allowed leases created with a batch token to outlive their TTL because expiration time was not scheduled correctly. | 6.8 |
2020-10-02 | CVE-2020-26541 | Linux | Unspecified vulnerability in Linux Kernel The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. | 6.5 |
2020-10-02 | CVE-2020-15230 | Vapor Project | Unspecified vulnerability in Vapor Project Vapor Vapor is a web framework for Swift. | 6.5 |
2020-10-02 | CVE-2020-24568 | Mbconnectline | SQL Injection vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24 An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. | 6.5 |
2020-10-02 | CVE-2020-5422 | Cloud Foundry | Exposure of Resource to Wrong Sphere vulnerability in Cloud Foundry Bosh System Metrics Server BOSH System Metrics Server releases prior to 0.1.0 exposed the UAA password as a flag to a process running on the BOSH director. | 6.5 |
2020-10-02 | CVE-2020-7069 | PHP Fedoraproject Debian Opensuse Canonical Netapp Oracle Tenable | Inadequate Encryption Strength vulnerability in multiple products In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used. | 6.5 |
2020-10-01 | CVE-2020-5789 | Teltonika Networks | Path Traversal vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03 Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attacker to read the contents of arbitrary files on disk. | 6.5 |
2020-10-01 | CVE-2020-5788 | Teltonika Networks | Path Traversal vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03 Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attacker to delete arbitrary files on disk via the admin/system/admin/certificates/delete action. | 6.5 |
2020-10-01 | CVE-2020-5787 | Teltonika Networks | Path Traversal vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03 Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attacker to delete arbitrary files on disk via the admin/services/packages/remove action. | 6.5 |
2020-10-01 | CVE-2020-5784 | Teltonika Networks | Server-Side Request Forgery (SSRF) vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03 Server-Side Request Forgery in Teltonika firmware TRB2_R_00.02.04.3 allows a low privileged user to cause the application to perform HTTP GET requests to arbitrary URLs. | 6.5 |
2020-10-01 | CVE-2020-15666 | Mozilla | Information Exposure Through an Error Message vulnerability in Mozilla Firefox When trying to load a non-video in an audio/video context the exact status code (200, 302, 404, 500, 412, 403, etc.) was disclosed via the MediaError Message. | 6.5 |
2020-10-01 | CVE-2020-15664 | Mozilla | Incorrect Authorization vulnerability in Mozilla Firefox and Firefox ESR By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. | 6.5 |
2020-09-30 | CVE-2020-26137 | Python Canonical Debian Oracle | Injection vulnerability in multiple products urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). | 6.5 |
2020-09-30 | CVE-2020-24570 | Mbconnectline | Server-Side Request Forgery (SSRF) vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24 An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. | 6.5 |
2020-09-30 | CVE-2020-13329 | Gitlab | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions from 12.6.2 prior to 12.10.13. | 6.5 |
2020-09-30 | CVE-2020-13324 | Gitlab | Unspecified vulnerability in Gitlab A vulnerability was discovered in GitLab versions prior to 13.1. | 6.5 |
2020-09-30 | CVE-2020-13320 | Gitlab | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab before version 12.10.13 that allowed a project member with limited permissions to view the project security dashboard. | 6.5 |
2020-09-30 | CVE-2019-17098 | August | Use of Hard-coded Credentials vulnerability in August Home and Connect Wi-Fi Bridge Firmware Use of hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App, Connect Firmware allows an attacker to decrypt an intercepted payload containing the Wi-Fi network authentication credentials. | 6.5 |
2020-09-29 | CVE-2020-15216 | Goxmldsig Project Fedoraproject | Improper Verification of Cryptographic Signature vulnerability in multiple products In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one. | 6.5 |
2020-09-29 | CVE-2020-25775 | Trendmicro | Race Condition vulnerability in Trendmicro products The Trend Micro Security 2020 (v16) consumer family of products is vulnerable to a security race condition arbitrary file deletion vulnerability that could allow an unprivileged user to manipulate the product's secure erase feature to delete files with a higher set of privileges. | 6.3 |
2020-10-02 | CVE-2020-15231 | Mapfish | Unspecified vulnerability in Mapfish Print In mapfish-print before version 3.24, a user can use the JSONP support to do a Cross-site scripting. | 6.1 |
2020-10-02 | CVE-2020-26135 | Livehelperchat | Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat Live Helper Chat before 3.44v allows reflected XSS via the setsettingajax PATH_INFO. | 6.1 |
2020-10-02 | CVE-2020-26134 | Livehelperchat | Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat Live Helper Chat before 3.44v allows stored XSS in chat messages with an operator via BBCode. | 6.1 |
2020-10-02 | CVE-2020-14294 | Secudos | Cross-site Scripting vulnerability in Secudos Qiata FTA 1.50.1/1.70.19 An issue was discovered in Secudos Qiata FTA 1.70.19. | 6.1 |
2020-10-02 | CVE-2020-13168 | Sysaid | Cross-site Scripting vulnerability in Sysaid On-Premises and Sysaidsy On-Premises SysAid 20.1.11b26 allows reflected XSS via the ForgotPassword.jsp accountid parameter. | 6.1 |
2020-10-02 | CVE-2020-26523 | Froala | Cross-site Scripting vulnerability in Froala Editor Froala Editor before 3.2.2 allows XSS via pasted content. | 6.1 |
2020-10-01 | CVE-2020-5785 | Teltonika Networks | Cross-site Scripting vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03 Insufficient output sanitization in Teltonika firmware TRB2_R_00.02.04.3 allows an unauthenticated attacker to conduct reflected cross-site scripting via a crafted ‘action’ or ‘pkg_name’ parameter. | 6.1 |
2020-10-01 | CVE-2020-14223 | Hcltech | Cross-site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5 HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross-site scripting (XSS). | 6.1 |
2020-10-01 | CVE-2020-15677 | Mozilla Debian Opensuse | Open Redirect vulnerability in multiple products By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from. | 6.1 |
2020-10-01 | CVE-2020-15676 | Mozilla Debian Opensuse | Cross-site Scripting vulnerability in multiple products Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element. | 6.1 |
2020-10-01 | CVE-2019-19393 | Rittal | Cross-site Scripting vulnerability in Rittal CMC PU III 7030.000 Firmware 3.11.002/3.15.704 The Web application on Rittal CMC PU III 7030.000 V3.00 V3.11.00_2 to V3.15.70_4 devices fails to sanitize user input on the system configurations page. | 6.1 |
2020-09-30 | CVE-2020-25626 | Encode Redhat Debian | Cross-site Scripting vulnerability in multiple products A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2. | 6.1 |
2020-09-30 | CVE-2019-20921 | Snapappointments | Cross-site Scripting vulnerability in Snapappointments Bootstrap-Select bootstrap-select before 1.13.6 allows Cross-Site Scripting (XSS). | 6.1 |
2020-09-30 | CVE-2020-8238 | Pulsesecure Ivanti | Cross-site Scripting vulnerability in multiple products A vulnerability in the authenticated user web interface of Pulse Connect Secure and Pulse Policy Secure < 9.1R8.2 could allow attackers to conduct Cross-Site Scripting (XSS). | 6.1 |
2020-09-30 | CVE-2020-26043 | Hoosk | Cross-site Scripting vulnerability in Hoosk 1.8.0 An issue was discovered in Hoosk CMS v1.8.0. | 6.1 |
2020-09-30 | CVE-2020-25761 | Projectworlds | Cross-site Scripting vulnerability in Projectworlds Visitor Management System in PHP 1.0 Projectworlds Visitor Management System in PHP 1.0 allows XSS. | 6.1 |
2020-09-30 | CVE-2020-22481 | Hack | Cross-site Scripting vulnerability in Hack Hfish 0.5.1 An issue was discovered in HFish 0.5.1. | 6.1 |
2020-09-30 | CVE-2020-24721 | Apple | An issue was discovered in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-09-29, as used in COVID-19 applications on Android and iOS. | 5.7 |
2020-10-02 | CVE-2020-5989 | Nvidia | NULL Pointer Dereference vulnerability in Nvidia Virtual GPU Manager NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference a NULL pointer, which may lead to denial of service. | 5.5 |
2020-10-02 | CVE-2020-5986 | Nvidia | Improper Input Validation vulnerability in Nvidia Virtual GPU Manager NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. | 5.5 |
2020-10-02 | CVE-2020-26536 | Foxitsoftware | NULL Pointer Dereference vulnerability in Foxitsoftware Foxit Reader An issue was discovered in Foxit Reader and PhantomPDF before 10.1. | 5.5 |
2020-10-02 | CVE-2020-26519 | Artifex Debian Fedoraproject | Out-of-bounds Write vulnerability in multiple products Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service. | 5.5 |
2020-10-01 | CVE-2020-13940 | Apache | XXE vulnerability in Apache Nifi In Apache NiFi 1.0.0 to 1.11.4, the notification service manager and various policy authorizer and user group provider objects allowed trusted administrators to inadvertently configure a potentially malicious XML file. | 5.5 |
2020-09-29 | CVE-2020-25772 | Trendmicro | Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. | 5.5 |
2020-09-29 | CVE-2020-25771 | Trendmicro | Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. | 5.5 |
2020-09-29 | CVE-2020-25770 | Trendmicro | Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. | 5.5 |
2020-09-29 | CVE-2020-24565 | Trendmicro | Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. | 5.5 |
2020-09-29 | CVE-2020-24564 | Trendmicro | Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. | 5.5 |
2020-10-02 | CVE-2020-13338 | Gitlab | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions prior to 12.10.13, 13.0.8, 13.1.2. | 5.4 |
2020-10-02 | CVE-2020-24627 | HPE | Cross-site Scripting vulnerability in HPE KVM IP Console Switch G2 Firmware A remote stored xss vulnerability was discovered in HPE KVM IP Console Switches version(s): G2 4x1Ex32 Prior to 2.8.3. | 5.4 |
2020-10-01 | CVE-2020-24861 | GET Simple | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.16 GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings page persistent Cross Site Scripting which is executed when you create and open a new page | 5.4 |
2020-10-01 | CVE-2020-24860 | Cmsmadesimple | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 CMS Made Simple 2.2.14 allows an authenticated user with access to the Content Manager to edit content and put persistent XSS payload in the affected text fields. | 5.4 |
2020-10-01 | CVE-2019-20903 | Atlassian | Cross-site Scripting vulnerability in Atlassian Editor-Core The hyperlinks functionality in atlaskit/editor-core in before version 113.1.5 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in link targets. | 5.4 |
2020-09-30 | CVE-2020-12869 | Rainbowfishsoftware | Cross-site Scripting vulnerability in Rainbowfishsoftware Pacsone Server 6.8.4 RainbowFish PacsOne Server 6.8.4 allows XSS. | 5.4 |
2020-09-30 | CVE-2019-18989 | Mediatek | Authentication Bypass by Spoofing vulnerability in Mediatek Mt7620N Firmware 1.06 A partial authentication bypass vulnerability exists on Mediatek MT7620N 1.06 devices. | 5.4 |
2020-09-30 | CVE-2019-18990 | Realtek | Authentication Bypass by Spoofing vulnerability in Realtek products A partial authentication bypass vulnerability exists on Realtek RTL8812AR 1.21WW, RTL8196D 1.0.0, RTL8192ER 2.10, and RTL8881AN 1.09 devices. | 5.4 |
2020-09-30 | CVE-2019-18991 | Qualcomm | Authentication Bypass by Spoofing vulnerability in Qualcomm products A partial authentication bypass vulnerability exists on Atheros AR9132 3.60(AMX.8), AR9283 1.85, and AR9285 1.0.0.12NA devices. | 5.4 |
2020-09-30 | CVE-2020-22842 | Cmsmadesimple | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple CMS Made Simple before 2.2.15 allows XSS via the m1_mod parameter in a ModuleManager local_uninstall action to admin/moduleinterface.php. | 5.4 |
2020-09-30 | CVE-2020-13331 | Gitlab | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions prior to 12.10.13. | 5.4 |
2020-09-30 | CVE-2020-13330 | Gitlab | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions prior to 12.10.13. | 5.4 |
2020-10-02 | CVE-2020-26526 | Damstratechnology | Unspecified vulnerability in Damstratechnology Smart Asset 2020.7 An issue was discovered in Damstra Smart Asset 2020.7. | 5.3 |
2020-10-02 | CVE-2020-7070 | PHP Fedoraproject Debian Opensuse Canonical Netapp Tenable | Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded. | 5.3 |
2020-10-02 | CVE-2020-26524 | Filecloud | Unspecified vulnerability in Filecloud CodeLathe FileCloud before 20.2.0.11915 allows username enumeration. | 5.3 |
2020-10-01 | CVE-2020-25200 | Pritunl | Information Exposure Through Discrepancy vulnerability in Pritunl 1.29.2145.25 Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames via a series of /auth/session login attempts. | 5.3 |
2020-09-30 | CVE-2020-19676 | Alibaba | Unspecified vulnerability in Alibaba Nacos 1.1.4 Nacos 1.1.4 is affected by: Incorrect Access Control. | 5.3 |
2020-09-30 | CVE-2020-13953 | Apache | Files or Directories Accessible to External Parties vulnerability in Apache Tapestry In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run. | 5.3 |
2020-09-30 | CVE-2020-5132 | Sonicwall | Unspecified vulnerability in Sonicwall Sma100 Firmware and Sonicos SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. | 5.3 |
2020-10-01 | CVE-2020-15228 | Toolkit Project | Command Injection vulnerability in Toolkit Project Toolkit In the `@actions/core` npm module before version 1.2.6,`addPath` and `exportVariable` functions communicate with the Actions Runner over stdout by generating a string in a specific format. | 5.0 |
2020-09-30 | CVE-2020-8256 | Pulsesecure Ivanti | XXE vulnerability in multiple products A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to gain arbitrary file reading access through Pulse Collaboration via XML External Entity (XXE) vulnerability. | 4.9 |
2020-09-30 | CVE-2020-21244 | Frontaccounting | Path Traversal vulnerability in Frontaccounting 2.4.7 An issue was discovered in FrontAccounting 2.4.7. | 4.9 |
2020-09-30 | CVE-2020-19670 | Niushop | Missing Authentication for Critical Function vulnerability in Niushop 1.11 In Niushop B2B2C Multi-Business Basic Edition V1.11, authentication can be bypassed, causing administrators to reset any passwords. | 4.9 |
2020-10-02 | CVE-2020-15233 | ORY | Open Redirect vulnerability in ORY Fosite ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go. | 4.8 |
2020-10-02 | CVE-2020-15234 | ORY | Improper Handling of Case Sensitivity vulnerability in ORY Fosite ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go. | 4.8 |
2020-10-02 | CVE-2020-13337 | Gitlab | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions from 12.10 to 12.10.12 that allowed for a stored XSS payload to be added as a group name. | 4.8 |
2020-09-30 | CVE-2020-25830 | Mantisbt | Cross-site Scripting vulnerability in Mantisbt An issue was discovered in MantisBT before 2.24.3. | 4.8 |
2020-09-30 | CVE-2020-25288 | Mantisbt | Cross-site Scripting vulnerability in Mantisbt An issue was discovered in MantisBT before 2.24.3. | 4.8 |
2020-09-30 | CVE-2020-13336 | Gitlab | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions from 11.8 before 12.10.13. | 4.8 |
2020-09-30 | CVE-2020-13328 | Gitlab | Cross-site Scripting vulnerability in Gitlab An issue has been discovered in GitLab affecting versions prior to 13.1.2, 13.0.8 and 12.10.13. | 4.8 |
2020-10-02 | CVE-2020-5982 | Nvidia | Allocation of Resources Without Limits or Throttling vulnerability in Nvidia Virtual GPU Manager NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) scheduler, in which the software does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests, which may lead to denial of service. | 4.4 |
2020-10-01 | CVE-2020-5387 | Dell | Improper Handling of Exceptional Conditions vulnerability in Dell XPS 13 9370 Firmware Dell XPS 13 9370 BIOS versions prior to 1.13.1 contains an Improper Exception Handling vulnerability. | 4.4 |
2020-10-02 | CVE-2020-17482 | Powerdns | Use of Uninitialized Resource vulnerability in Powerdns Authoritative An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory. | 4.3 |
2020-10-01 | CVE-2020-15668 | Mozilla | Improper Locking vulnerability in Mozilla Firefox A lock was missing when accessing a data structure and importing certificate information into the trust database. | 4.3 |
2020-10-01 | CVE-2020-15665 | Mozilla | Unspecified vulnerability in Mozilla Firefox Firefox did not reset the address bar after the beforeunload dialog was shown if the user chose to remain on the page. | 4.3 |
2020-09-30 | CVE-2020-25781 | Mantisbt | Missing Authorization vulnerability in Mantisbt An issue was discovered in file_download.php in MantisBT before 2.24.3. | 4.3 |
2020-09-30 | CVE-2020-24569 | Mbconnectline | SQL Injection vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24 An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1. | 4.3 |
2020-09-30 | CVE-2020-15594 | Zohocorp | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Application Control Plus An SSRF issue was discovered in Zoho Application Control Plus before version 10.0.511. | 4.3 |
2020-09-30 | CVE-2020-13794 | Linuxfoundation | Missing Authorization vulnerability in Linuxfoundation Harbor Harbor 1.9.* 1.10.* and 2.0.* allows Exposure of Sensitive Information to an Unauthorized Actor. | 4.3 |
2020-09-30 | CVE-2020-13326 | Gitlab | Unspecified vulnerability in Gitlab A vulnerability was discovered in GitLab versions prior to 13.1. | 4.3 |
2020-09-30 | CVE-2020-13319 | Gitlab | Missing Authorization vulnerability in Gitlab An issue has been discovered in GitLab affecting versions prior to 13.1.2, 13.0.8 and 12.10.13. | 4.3 |
2020-09-30 | CVE-2020-15595 | Zohocorp | Unspecified vulnerability in Zohocorp Manageengine Application Control Plus An issue was discovered in Zoho Application Control Plus before version 10.0.511. | 4.3 |
2020-09-29 | CVE-2020-25774 | Trendmicro | Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to trigger an out-of-bounds red information disclosure which would disclose sensitive information to an unprivileged account. | 4.3 |
5 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-09-30 | CVE-2020-15731 | Bitdefender | Improper Input Validation vulnerability in Bitdefender Engines 7.84063/7.84892/7.84897 An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name. | 3.6 |
2020-09-30 | CVE-2020-14378 | Dpdk Opensuse Canonical | Integer Underflow (Wrap or Wraparound) vulnerability in multiple products An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. | 3.3 |
2020-09-30 | CVE-2020-4629 | IBM | Information Exposure Through an Error Message vulnerability in IBM Websphere Application Server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message. | 3.3 |
2020-10-02 | CVE-2020-25741 | Qemu | NULL Pointer Dereference vulnerability in Qemu 5.0.0 fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive. | 3.2 |
2020-10-01 | CVE-2020-15671 | Mozilla | Race Condition vulnerability in Mozilla Firefox When typing in a password under certain conditions, a race may have occured where the InputContext was not being correctly set for the input field, resulting in the typed password being saved to the keyboard dictionary. | 3.1 |