Weekly Vulnerabilities Reports > September 28 to October 4, 2020

Overview

214 new vulnerabilities reported during this period, including 6 critical vulnerabilities and 37 high severity vulnerabilities. This weekly summary report vulnerabilities in 153 products from 100 vendors including Gitlab, Mozilla, Trendmicro, Nvidia, and Apache. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Path Traversal", "Improper Input Validation", and "Information Exposure".

  • 174 reported vulnerabilities are remotely exploitables.
  • 3 reported vulnerabilities have public exploit available.
  • 73 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 157 reported vulnerabilities are exploitable by an anonymous user.
  • Gitlab has the most reported vulnerabilities, with 16 reported vulnerabilities.
  • Wavlink has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

6 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-10-02 CVE-2020-12125 Wavlink Classic Buffer Overflow vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403

A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication.

10.0
2020-10-02 CVE-2020-12124 Wavlink OS Command Injection vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403

A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary Linux commands as root without authentication.

10.0
2020-09-30 CVE-2020-21523 Halo Injection vulnerability in Halo 1.1.3

A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function.

10.0
2020-10-01 CVE-2020-15663 Mozilla Improper Privilege Management vulnerability in Mozilla Firefox

If Firefox is installed to a user-writable directory, the Mozilla Maintenance Service would execute updater.exe from the install location with system privileges.

9.3
2020-10-02 CVE-2020-24397 Zohocorp Integer Overflow or Wraparound vulnerability in Zohocorp Manageengine Desktop Central 10.0.0

An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.0.SP-534.

9.0
2020-10-02 CVE-2020-26124 Openmediavault Code Injection vulnerability in Openmediavault 2.1/5.0.0

openmediavault before 4.1.36 and 5.x before 5.5.12 allows authenticated PHP code injection attacks, via the sortfield POST parameter of rpc.php, because json_encode_safe is not used in config/databasebackend.inc.

9.0

37 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-10-02 CVE-2020-14293 Secudos OS Command Injection vulnerability in Secudos Domos 5.6/5.6.1/5.8

conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute arbitrary commands as root via shell metacharacters in the zone field (obtained from the web interface).

8.5
2020-10-01 CVE-2020-5788 Teltonika Networks Path Traversal vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03

Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attacker to delete arbitrary files on disk via the admin/system/admin/certificates/delete action.

8.5
2020-10-01 CVE-2020-5787 Teltonika Networks Path Traversal vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03

Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attacker to delete arbitrary files on disk via the admin/services/packages/remove action.

8.5
2020-09-30 CVE-2020-21527 Halo Path Traversal vulnerability in Halo 1.1.3

There is an Arbitrary file deletion vulnerability in halo v1.1.3.

8.5
2020-10-02 CVE-2020-12123 Wavlink Cross-Site Request Forgery (CSRF) vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403

CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to remotely access router endpoints, because these endpoints do not contain CSRF tokens.

7.8
2020-09-30 CVE-2019-20922 Handlebarsjs Infinite Loop vulnerability in Handlebarsjs Handlebars

Handlebars before 4.4.5 allows Regular Expression Denial of Service (ReDoS) because of eager matching.

7.8
2020-10-02 CVE-2020-26527 Damstratechnology Origin Validation Error vulnerability in Damstratechnology Smart Asset 2020.7

An issue was discovered in API/api/Version in Damstra Smart Asset 2020.7.

7.5
2020-10-02 CVE-2020-18185 Pluxml Code Injection vulnerability in Pluxml 5.7

class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP code by modify the configuration file in a linux environment.

7.5
2020-10-02 CVE-2020-7737 Safetydance Project Improper Input Validation vulnerability in Safetydance Project Safetydance

All versions of package safetydance are vulnerable to Prototype Pollution via the set function.

7.5
2020-10-02 CVE-2020-7736 Bmoor Project Improper Input Validation vulnerability in Bmoor Project Bmoor

The package bmoor before 0.8.12 are vulnerable to Prototype Pollution via the set function.

7.5
2020-10-02 CVE-2020-12126 Wavlink Improper Authentication vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403

Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allow an attacker to leak router settings, change configuration variables, and cause denial of service via an unauthenticated endpoint.

7.5
2020-10-02 CVE-2020-26539 Foxitsoftware Use After Free vulnerability in Foxitsoftware Foxit Reader

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.

7.5
2020-10-02 CVE-2020-26537 Foxitsoftware Out-of-bounds Write vulnerability in Foxitsoftware Foxit Reader

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.

7.5
2020-10-02 CVE-2020-26535 Foxitsoftware Out-of-bounds Write vulnerability in Foxitsoftware Foxit Reader

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.

7.5
2020-10-02 CVE-2020-26534 Foxitsoftware Use After Free vulnerability in Foxitsoftware Foxit Reader

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.

7.5
2020-10-02 CVE-2020-26518 Artica SQL Injection vulnerability in Artica Pandora FMS

Artica Pandora FMS before 743 allows unauthenticated attackers to conduct SQL injection attacks via the pandora_console/include/chart_generator.php session_id parameter.

7.5
2020-10-01 CVE-2020-15533 Zohocorp SQL Injection vulnerability in Zohocorp Manageengine Applications Manager

In Zoho ManageEngine Application Manager 14.7 Build 14730 (before 14684, and between 14689 and 14750), the AlarmEscalation module is vulnerable to unauthenticated SQL Injection attack.

7.5
2020-10-01 CVE-2020-15227 Nette Injection vulnerability in Nette Application

Nette versions before 2.0.19, 2.1.13, 2.2.10, 2.3.14, 2.4.16, 3.0.6 are vulnerable to an code injection attack by passing specially formed parameters to URL that may possibly leading to RCE.

7.5
2020-10-01 CVE-2020-25017 Envoyproxy Unspecified vulnerability in Envoyproxy Envoy

Envoy through 1.15.0 only considers the first value when multiple header values are present for some HTTP headers.

7.5
2020-10-01 CVE-2020-25990 Websitebaker SQL Injection vulnerability in Websitebaker 2.12.2

WebsiteBaker 2.12.2 allows SQL Injection via parameter 'display_name' in /websitebaker/admin/preferences/save.php.

7.5
2020-09-30 CVE-2020-12870 Rainbowfishsoftware SQL Injection vulnerability in Rainbowfishsoftware Pacsone Server 6.8.4

RainbowFish PacsOne Server 6.8.4 allows SQL injection on the username parameter in the signup page.

7.5
2020-09-30 CVE-2020-26159 Oniguruma Project
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

In Oniguruma 6.9.5_rev1, an attacker able to supply a regular expression for compilation may be able to overflow a buffer by one byte in concat_opt_exact_str in src/regcomp.c .

7.5
2020-09-30 CVE-2020-26042 Hoosk SQL Injection vulnerability in Hoosk 1.8.0

An issue was discovered in Hoosk CMS v1.8.0.

7.5
2020-09-30 CVE-2020-26041 Hoosk Unspecified vulnerability in Hoosk 1.8.0

An issue was discovered in Hoosk CmS v1.8.0.

7.5
2020-09-30 CVE-2020-25763 Seat Reservation System Project Unrestricted Upload of File with Dangerous Type vulnerability in Seat Reservation System Project Seat Reservation System 1.0

Seat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading PHP files.

7.5
2020-09-30 CVE-2020-21526 Halo Path Traversal vulnerability in Halo 1.1.3

An Arbitrary file writing vulnerability in halo v1.1.3.

7.5
2020-09-30 CVE-2020-21522 Halo Path Traversal vulnerability in Halo 1.1.3

An issue was discovered in halo V1.1.3.

7.5
2020-09-30 CVE-2020-20800 Metinfo SQL Injection vulnerability in Metinfo 7.0.0

An issue was discovered in MetInfo v7.0.0 beta.

7.5
2020-09-30 CVE-2020-19672 Niushop Unrestricted Upload of File with Dangerous Type vulnerability in Niushop 1.11

Niushop B2B2C Multi-business basic version V1.11, can bypass the administrator to obtain the background upload interface, through parameter upload, bypass the getimagesize function, upload php file, getshell.

7.5
2020-09-30 CVE-2020-15487 RE Desk SQL Injection vulnerability in Re-Desk Re:Desk 2.3

Re:Desk 2.3 contains a blind unauthenticated SQL injection vulnerability in the getBaseCriteria() function in the protected/models/Ticket.php file.

7.5
2020-09-30 CVE-2020-13296 Gitlab Missing Authorization vulnerability in Gitlab

An issue has been discovered in GitLab affecting versions >=10.7 <13.0.14, >=13.1.0 <13.1.8, >=13.2.0 <13.2.6.

7.5
2020-09-30 CVE-2018-5353 Zohocorp Authentication Bypass by Spoofing vulnerability in Zohocorp Manageengine Adselfservice Plus

The custom GINA/CP module in Zoho ManageEngine ADSelfService Plus before 5.5 build 5517 allows remote attackers to execute code and escalate privileges via spoofing.

7.5
2020-10-02 CVE-2020-25776 Trendmicro Improper Privilege Management vulnerability in Trendmicro Antivirus 2019/2020

Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their privileges.

7.2
2020-10-02 CVE-2020-17382 MSI Out-of-bounds Write vulnerability in MSI Ambientlink Mslo64 Firmware 1.0.0.8

The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,and 0x80102054).

7.2
2020-09-30 CVE-2020-14374 Dpdk
Canonical
Opensuse
Classic Buffer Overflow vulnerability in multiple products

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.

7.2
2020-09-29 CVE-2020-24563 Trendmicro Improper Privilege Management vulnerability in Trendmicro Apex ONE 2019/Saas

A vulnerability in Trend Micro Apex One may allow a local attacker to manipulate the process of the security agent unload option (if configured), which then could be manipulated to gain a privilege escalation and code execution.

7.2
2020-09-29 CVE-2020-24562 Trendmicro Improper Privilege Management vulnerability in Trendmicro Officescan XG

A vulnerability in Trend Micro OfficeScan XG SP1 on Microsoft Windows may allow an attacker to create a hard link to any file on the system, which then could be manipulated to gain a privilege escalation and code execution.

7.2

137 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-10-02 CVE-2020-26541 Linux Unspecified vulnerability in Linux Kernel

The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism.

6.9
2020-09-30 CVE-2020-14376 Dpdk
Canonical
Opensuse
Classic Buffer Overflow vulnerability in multiple products

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.

6.9
2020-10-02 CVE-2020-15589 Zohocorp Unspecified vulnerability in Zohocorp Manageengine Desktop Central 10.0.552.W

A design issue was discovered in GetInternetRequestHandle, InternetSendRequestEx and InternetSendRequestByBitrate in the client side of Zoho ManageEngine Desktop Central 10.0.552.W.

6.8
2020-10-02 CVE-2020-24698 Powerdns Double Free vulnerability in Powerdns Authoritative

An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used.

6.8
2020-10-01 CVE-2020-5786 Teltonika Networks Cross-Site Request Forgery (CSRF) vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03

Cross-site request forgery in Teltonika firmware TRB2_R_00.02.04.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.

6.8
2020-10-01 CVE-2020-15675 Mozilla Classic Buffer Overflow vulnerability in Mozilla Firefox

When processing surfaces, the lifetime may outlive a persistent buffer leading to memory corruption and a potentially exploitable crash.

6.8
2020-10-01 CVE-2020-15674 Mozilla Release of Invalid Pointer or Reference vulnerability in Mozilla Firefox

Mozilla developers reported memory safety bugs present in Firefox 80.

6.8
2020-10-01 CVE-2020-15670 Mozilla Release of Invalid Pointer or Reference vulnerability in Mozilla Firefox and Firefox ESR

Mozilla developers reported memory safety bugs present in Firefox for Android 79.

6.8
2020-10-01 CVE-2020-15669 Mozilla Use After Free vulnerability in Mozilla Firefox ESR

When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified.

6.8
2020-10-01 CVE-2020-15667 Mozilla Unrestricted Upload of File with Dangerous Type vulnerability in Mozilla Firefox

When processing a MAR update file, after the signature has been validated, an invalid name length could result in a heap overflow, leading to memory corruption and potentially arbitrary code execution.

6.8
2020-10-01 CVE-2020-15678 Mozilla Use After Free vulnerability in Mozilla Firefox

When recursing through graphical layers while scrolling, an iterator may have become invalid, resulting in a potential use-after-free.

6.8
2020-10-01 CVE-2020-15673 Mozilla Release of Invalid Pointer or Reference vulnerability in Mozilla Firefox

Mozilla developers reported memory safety bugs present in Firefox 80 and Firefox ESR 78.2.

6.8
2020-09-30 CVE-2020-16234 Fatek Stack-based Buffer Overflow vulnerability in Fatek Winproladder 3.28

In PLC WinProladder Version 3.28 and prior, a stack-based buffer overflow vulnerability can be exploited when a valid user opens a specially crafted file, which may allow an attacker to remotely execute arbitrary code.

6.8
2020-09-30 CVE-2020-26158 Leanote Cross-site Scripting vulnerability in Leanote

Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered.

6.8
2020-09-30 CVE-2020-26157 Leanote Cross-site Scripting vulnerability in Leanote

Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing.

6.8
2020-09-30 CVE-2020-26163 Bigbluebutton Unspecified vulnerability in Bigbluebutton Greenlight

BigBlueButton Greenlight before 2.5.6 allows HTTP header (Host and Origin) attacks, which can result in Account Takeover if a victim follows a spoofed password-reset link.

6.8
2020-09-30 CVE-2020-26154 Libproxy Project
Fedoraproject
Classic Buffer Overflow vulnerability in multiple products

url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.

6.8
2020-09-30 CVE-2019-20920 Handlebarsjs Code Injection vulnerability in Handlebarsjs Handlebars

Handlebars before 3.0.8 and 4.x before 4.5.3 is vulnerable to Arbitrary Code Execution.

6.8
2020-09-29 CVE-2020-25773 Trendmicro Double Free vulnerability in Trendmicro Apex ONE 2019/Saas

A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products.

6.8
2020-10-02 CVE-2020-24628 HPE Code Injection vulnerability in HPE KVM IP Console Switch G2 Firmware

A remote code injection vulnerability was discovered in HPE KVM IP Console Switches version(s): G2 4x1Ex32 Prior to 2.8.3.

6.5
2020-10-02 CVE-2020-18184 Pluxxml Unspecified vulnerability in Pluxxml 5.7

In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.

6.5
2020-10-02 CVE-2020-7738 Shiba Project Unspecified vulnerability in Shiba Project Shiba

All versions of package shiba are vulnerable to Arbitrary Code Execution due to the default usage of the function load() of the package js-yaml instead of its secure replacement , safeLoad().

6.5
2020-09-30 CVE-2020-12715 Rainbowfishsoftware Unrestricted Upload of File with Dangerous Type vulnerability in Rainbowfishsoftware Pacsone Server 6.8.4

RainbowFish PacsOne Server 6.8.4 has Incorrect Access Control.

6.5
2020-09-30 CVE-2020-15849 RE Desk SQL Injection vulnerability in Re-Desk Re:Desk 2.3

Re:Desk 2.3 has a blind authenticated SQL injection vulnerability in the SettingsController class, in the actionEmailTemplates() method.

6.5
2020-09-30 CVE-2020-8243 Pulsesecure Code Injection vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4

A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution.

6.5
2020-09-30 CVE-2020-21564 Pluck CMS Unrestricted Upload of File with Dangerous Type vulnerability in Pluck-Cms Pluck 4.7.10/4.7.11

An issue was discovered in Pluck CMS 4.7.10-dev2 and 4.7.11.

6.5
2020-09-30 CVE-2020-14030 Ozeki Deserialization of Untrusted Data vulnerability in Ozeki NG SMS Gateway

An issue was discovered in Ozeki NG SMS Gateway through 4.17.6.

6.5
2020-09-30 CVE-2020-13322 Gitlab Incorrect Authorization vulnerability in Gitlab

A vulnerability was discovered in GitLab versions after 12.9.

6.5
2020-09-30 CVE-2020-13321 Gitlab Unspecified vulnerability in Gitlab

A vulnerability was discovered in GitLab versions prior to 13.1.

6.5
2020-09-30 CVE-2020-25760 Projectworlds SQL Injection vulnerability in PHP 1.0

Projectworlds Visitor Management System in PHP 1.0 allows SQL Injection.

6.5
2020-10-02 CVE-2020-26525 Damstratechnology SQL Injection vulnerability in Damstratechnology Smart Asset 2020.7

Damstra Smart Asset 2020.7 has SQL injection via the API/api/Asset originator parameter.

6.4
2020-10-02 CVE-2020-15232 Mapfish XXE vulnerability in Mapfish Print

In mapfish-print before version 3.24, a user can do to an XML External Entity (XXE) attack with the provided SDL style.

6.4
2020-10-02 CVE-2020-12676 Fusionauth Improper Verification of Cryptographic Signature vulnerability in Fusionauth Samlv2 0.2.3

FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack".

6.4
2020-10-02 CVE-2020-7069 PHP
Fedoraproject
Debian
Opensuse
Canonical
Netapp
Inadequate Encryption Strength vulnerability in multiple products

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when AES-CCM mode is used with openssl_encrypt() function with 12 bytes IV, only first 7 bytes of the IV is actually used.

6.4
2020-10-02 CVE-2020-18191 GET Simple Path Traversal vulnerability in Get-Simple Getsimplecms 3.3.15

GetSimpleCMS-3.3.15 is affected by directory traversal.

6.4
2020-10-02 CVE-2020-18190 Bludit Path Traversal vulnerability in Bludit 3.8.1

Bludit v3.8.1 is affected by directory traversal.

6.4
2020-09-30 CVE-2020-26137 Python Injection vulnerability in Python Urllib3

urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest().

6.4
2020-09-30 CVE-2020-25762 Seat Reservation System Project SQL Injection vulnerability in Seat Reservation System Project Seat Reservation System 1.0

An issue was discovered in SourceCodester Seat Reservation System 1.0.

6.4
2020-09-30 CVE-2020-21524 Halo XXE vulnerability in Halo 1.1.3

There is a XML external entity (XXE) vulnerability in halo v1.1.3, The function of importing other blogs in the background(/api/admin/migrations/wordpress) needs to parse the xml file, but it is not used for security defense, This vulnerability can detect the intranet, read files, enable ddos attacks, etc.

6.4
2020-09-30 CVE-2020-12506 Wago Improper Authentication vulnerability in Wago products

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362 version FW03 and prior versions.

6.4
2020-09-30 CVE-2020-12505 Wago Improper Authentication vulnerability in Wago products

Improper Authentication vulnerability in WAGO 750-8XX series with FW version <= FW07 allows an attacker to change some special parameters without authentication.

6.4
2020-09-29 CVE-2020-25775 Trendmicro Race Condition vulnerability in Trendmicro products

The Trend Micro Security 2020 (v16) consumer family of products is vulnerable to a security race condition arbitrary file deletion vulnerability that could allow an unprivileged user to manipulate the product's secure erase feature to delete files with a higher set of privileges.

6.3
2020-09-30 CVE-2020-13658 Lansweeper Cross-Site Request Forgery (CSRF) vulnerability in Lansweeper 8.0.130.17

In Lansweeper 8.0.130.17, the web console is vulnerable to a CSRF attack that would allow a low-level Lansweeper user to elevate their privileges within the application.

6.0
2020-10-01 CVE-2020-15677 Mozilla Open Redirect vulnerability in Mozilla Firefox

By exploiting an Open Redirect vulnerability on a website, an attacker could have spoofed the site displayed in the download file dialog to show the original site (the one suffering from the open redirect) rather than the site the file was actually downloaded from.

5.8
2020-09-30 CVE-2018-5354 Anixis Authentication Bypass by Spoofing vulnerability in Anixis Password Reset Client

The custom GINA/CP module in ANIXIS Password Reset Client before version 3.22 allows remote attackers to execute code and escalate privileges via spoofing.

5.8
2020-09-30 CVE-2020-13952 Apache Unspecified vulnerability in Apache Superset

In the course of work on the open source project it was discovered that authenticated users running queries against Hive and Presto database engines could access information via a number of templated fields including the contents of query description metadata database, the hashed version of the authenticated users’ password, and access to connection information including the plaintext password for the current connection.

5.5
2020-09-30 CVE-2020-21244 Frontaccounting Path Traversal vulnerability in Frontaccounting 2.4.7

An issue was discovered in FrontAccounting 2.4.7.

5.5
2020-09-30 CVE-2020-13325 Gitlab Unspecified vulnerability in Gitlab

A vulnerability was discovered in GitLab versions prior 13.1.

5.5
2020-10-02 CVE-2020-24696 Powerdns Race Condition vulnerability in Powerdns Authoritative

An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used.

5.1
2020-10-02 CVE-2020-26526 Damstratechnology Unspecified vulnerability in Damstratechnology Smart Asset 2020.7

An issue was discovered in Damstra Smart Asset 2020.7.

5.0
2020-10-02 CVE-2020-7070 PHP
Fedoraproject
Debian
Opensuse
Canonical
Netapp
Reliance on Cookies without Validation and Integrity Checking vulnerability in multiple products

In PHP versions 7.2.x below 7.2.34, 7.3.x below 7.3.23 and 7.4.x below 7.4.11, when PHP is processing incoming HTTP cookie values, the cookie names are url-decoded.

5.0
2020-10-02 CVE-2020-8110 Bitdefender Access of Uninitialized Pointer vulnerability in Bitdefender Engines 7.84063/7.84892/7.84897

A vulnerability has been discovered in the ceva_emu.cvd module that results from a lack of proper validation of user-supplied data, which can result in a pointer that is fetched from uninitialized memory.

5.0
2020-10-02 CVE-2020-12127 Wavlink Information Exposure vulnerability in Wavlink Wn530H4 Firmware M30H4.V5030.190403

An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to leak router settings, including cleartext login details, DNS settings, and other sensitive information without authentication.

5.0
2020-10-02 CVE-2020-26540 Foxitsoftware Improper Verification of Cryptographic Signature vulnerability in Foxitsoftware Foxit Reader and Phantompdf

An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on macOS.

5.0
2020-10-02 CVE-2020-26524 Getfilecloud Information Exposure vulnerability in Getfilecloud Filecloud

CodeLathe FileCloud before 20.2.0.11915 allows username enumeration.

5.0
2020-10-02 CVE-2020-26511 Wpo365 Unspecified vulnerability in Wpo365 Wordpress + Azure AD / Microsoft Office 365

The wpo365-login plugin before v11.7 for WordPress allows use of a symmetric algorithm to decrypt a JWT token.

5.0
2020-10-01 CVE-2020-9491 Apache Inadequate Encryption Strength vulnerability in Apache Nifi

In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc.

5.0
2020-10-01 CVE-2020-9487 Apache Missing Authentication for Critical Function vulnerability in Apache Nifi

In Apache NiFi 1.0.0 to 1.11.4, the NiFi download token (one-time password) mechanism used a fixed cache size and did not authenticate a request to create a download token, only when attempting to use the token to access the content.

5.0
2020-10-01 CVE-2020-9486 Apache Information Exposure Through Log Files vulnerability in Apache Nifi

In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which included sensitive property values.

5.0
2020-10-01 CVE-2020-11979 Apache
Gradle
Fedoraproject
Oracle
As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions of temporary files it created so that only the current user was allowed to access them.
5.0
2020-10-01 CVE-2020-25200 Pritunl Information Exposure vulnerability in Pritunl 1.29.2145.25

** DISPUTED ** Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames via a series of /auth/session login attempts.

5.0
2020-10-01 CVE-2020-25018 Envoyproxy Unspecified vulnerability in Envoyproxy Envoy 2D69E30

Envoy master between 2d69e30 and 3b5acb2 may fail to parse request URL that requires host canonicalization.

5.0
2020-10-01 CVE-2020-4576 IBM Unspecified vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.5, 8.0, 8.5, and 9.0 traditional could allow a remote attacker to obtain sensitive information with a specially-crafted sequence of serialized objects.

5.0
2020-10-01 CVE-2020-8109 Bitdefender Out-of-bounds Write vulnerability in Bitdefender Engines 7.84063/7.84892

A vulnerability has been discovered in the ace.xmd parser that results from a lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer.

5.0
2020-09-30 CVE-2020-15488 RE Desk Unrestricted Upload of File with Dangerous Type vulnerability in Re-Desk Re:Desk 2.3

Re:Desk 2.3 allows insecure file upload.

5.0
2020-09-30 CVE-2020-26160 JWT GO Project Missing Authorization vulnerability in Jwt-Go Project Jwt-Go

jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification).

5.0
2020-09-30 CVE-2020-26149 Linuxfoundation Insufficiently Protected Credentials vulnerability in Linuxfoundation Nats.Deno and Nats.Js

NATS nats.js before 2.0.0-209, nats.ws before 1.0.0-111, and nats.deno before 1.0.0-9 allow credential disclosure from a client to a server.

5.0
2020-09-30 CVE-2020-26148 Md4C Project Use of Uninitialized Resource vulnerability in Md4C Project Md4C 0.4.5

md_push_block_bytes in md4c.c in md4c 0.4.5 allows attackers to trigger use of uninitialized memory, and cause a denial of service (e.g., assertion failure) via a malformed Markdown document.

5.0
2020-09-30 CVE-2020-21525 Halo Path Traversal vulnerability in Halo 1.1.3

Halo V1.1.3 is affected by: Arbitrary File reading.

5.0
2020-09-30 CVE-2020-19676 Alibaba Information Exposure vulnerability in Alibaba Nacos 1.1.4

Nacos 1.1.4 is affected by: Incorrect Access Control.

5.0
2020-09-30 CVE-2020-13953 Apache Files or Directories Accessible to External Parties vulnerability in Apache Tapestry 5.4.0

In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can download files inside the WEB-INF folder of the WAR being run.

5.0
2020-09-30 CVE-2020-13951 Apache Unspecified vulnerability in Apache Openmeetings

Attackers can use public NetTest web service of Apache OpenMeetings 4.0.0-5.0.0 to organize denial of service attack.

5.0
2020-09-30 CVE-2020-26150 Logaritmo Information Exposure vulnerability in Logaritmo Aware Callmanager 2012

info.php in Logaritmo Aware CallManager 2012 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function.

5.0
2020-09-30 CVE-2020-5132 Sonicwall Unspecified vulnerability in Sonicwall Sma100 Firmware and Sonicos

SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability.

5.0
2020-10-02 CVE-2020-15233 ORY Improper Input Validation vulnerability in ORY Fosite

ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go.

4.9
2020-10-02 CVE-2020-15234 ORY Improper Input Validation vulnerability in ORY Fosite

ORY Fosite is a security first OAuth2 & OpenID Connect framework for Go.

4.9
2020-10-01 CVE-2020-5387 Dell Improper Handling of Exceptional Conditions vulnerability in Dell XPS 13 9370 Firmware

Dell XPS 13 9370 BIOS versions prior to 1.13.1 contains an Improper Exception Handling vulnerability.

4.9
2020-10-01 CVE-2020-16844 Istio Unspecified vulnerability in Istio

In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7, when users specify an AuthorizationPolicy resource with DENY actions using wildcard suffixes (e.g.

4.9
2020-09-30 CVE-2020-25816 Hashicorp Unspecified vulnerability in Hashicorp Vault

HashiCorp Vault and Vault Enterprise versions 1.0 and newer allowed leases created with a batch token to outlive their TTL because expiration time was not scheduled correctly.

4.9
2020-09-30 CVE-2019-18989 Mediatek Improper Authentication vulnerability in Mediatek Mt7620N Firmware 1.06

A partial authentication bypass vulnerability exists on Mediatek MT7620N 1.06 devices.

4.8
2020-09-30 CVE-2019-18990 Realtek Improper Authentication vulnerability in Realtek products

A partial authentication bypass vulnerability exists on Realtek RTL8812AR 1.21WW, RTL8196D 1.0.0, RTL8192ER 2.10, and RTL8881AN 1.09 devices.

4.8
2020-09-30 CVE-2019-18991 Qualcomm Improper Authentication vulnerability in Qualcomm products

A partial authentication bypass vulnerability exists on Atheros AR9132 3.60(AMX.8), AR9283 1.85, and AR9285 1.0.0.12NA devices.

4.8
2020-10-02 CVE-2020-5987 Nvidia Incomplete Cleanup vulnerability in Nvidia Virtual GPU Manager

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to the guest being able to pass invalid parameters to plugin handlers, which may lead to denial of service or escalation of privileges.

4.6
2020-10-02 CVE-2020-5984 Nvidia Use After Free vulnerability in Nvidia Virtual GPU Manager

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service, code execution, and information disclosure.

4.6
2020-10-02 CVE-2020-5981 Nvidia Out-of-bounds Write vulnerability in Nvidia Virtual GPU Manager

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX11 user mode driver (nvwgf2um/x.dll), in which a specially crafted shader can cause an out of bounds access, which may lead to denial of service or code execution.

4.6
2020-10-02 CVE-2020-5980 Nvidia Unspecified vulnerability in Nvidia Virtual GPU Manager

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in multiple components in which a securely loaded system DLL will load its dependencies in an insecure fashion, which may lead to code execution or denial of service.

4.6
2020-10-02 CVE-2020-5979 Nvidia Unspecified vulnerability in Nvidia Virtual GPU Manager

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which a user is presented with a dialog box for input by a high-privilege process, which may lead to escalation of privileges.

4.6
2020-10-02 CVE-2020-24356 Cloudflare Improper Privilege Management vulnerability in Cloudflare Cloudflared

`cloudflared` versions prior to 2020.8.1 contain a local privilege escalation vulnerability on Windows systems.

4.6
2020-09-29 CVE-2020-4607 IBM Improper Input Validation vulnerability in IBM Security Verify Privilege Vault Remote On-Premises 1.3.2

IBM Security Secret Server (IBM Security Verify Privilege Vault Remote 1.2 ) could allow a local user to bypass security restrictions due to improper input validation.

4.6
2020-10-02 CVE-2020-26538 Foxitsoftware Unspecified vulnerability in Foxitsoftware Foxit Reader

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.

4.4
2020-09-30 CVE-2020-6654 Eaton Uncontrolled Search Path Element vulnerability in Eaton 9000X Programming and Configuration Software

A DLL Hijacking vulnerability in Eaton's 9000x Programming and Configuration Software v 2.0.38 and prior allows an attacker to execute arbitrary code by replacing the required DLLs with malicious DLLs when the software try to load vci11un6.DLL and cinpl.DLL.

4.4
2020-09-30 CVE-2020-14375 Dpdk
Canonical
Opensuse
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.

4.4
2020-10-02 CVE-2020-15231 Mapfish Cross-site Scripting vulnerability in Mapfish Print

In mapfish-print before version 3.24, a user can use the JSONP support to do a Cross-site scripting.

4.3
2020-10-02 CVE-2020-25623 Erlang Path Traversal vulnerability in Erlang Erlang/Otp 22.3.0/23.0.0

Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal.

4.3
2020-10-02 CVE-2020-26135 Livehelperchat Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat

Live Helper Chat before 3.44v allows reflected XSS via the setsettingajax PATH_INFO.

4.3
2020-10-02 CVE-2020-26134 Livehelperchat Cross-site Scripting vulnerability in Livehelperchat Live Helper Chat

Live Helper Chat before 3.44v allows stored XSS in chat messages with an operator via BBCode.

4.3
2020-10-02 CVE-2020-24697 Powerdns Unspecified vulnerability in Powerdns Authoritative

An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used.

4.3
2020-10-02 CVE-2020-14294 Secudos Cross-site Scripting vulnerability in Secudos Qiata FTA 1.50.1/1.70.19

An issue was discovered in Secudos Qiata FTA 1.70.19.

4.3
2020-10-02 CVE-2020-13168 Sysaid Cross-site Scripting vulnerability in Sysaid On-Premises and Sysaidsy On-Premises

SysAid 20.1.11b26 allows reflected XSS via the ForgotPassword.jsp accountid parameter.

4.3
2020-10-02 CVE-2020-26536 Foxitsoftware NULL Pointer Dereference vulnerability in Foxitsoftware Foxit Reader

An issue was discovered in Foxit Reader and PhantomPDF before 10.1.

4.3
2020-10-02 CVE-2020-26523 Froala Cross-site Scripting vulnerability in Froala Editor

Froala Editor before 3.2.2 allows XSS via pasted content.

4.3
2020-10-02 CVE-2020-26519 Artifex
Debian
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service.

4.3
2020-10-01 CVE-2020-5785 Teltonika Networks Cross-site Scripting vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03

Insufficient output sanitization in Teltonika firmware TRB2_R_00.02.04.3 allows an unauthenticated attacker to conduct reflected cross-site scripting via a crafted ‘action’ or ‘pkg_name’ parameter.

4.3
2020-10-01 CVE-2020-14223 Hcltech Cross-site Scripting vulnerability in Hcltech Digital Experience 8.5/9.0/9.5

HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross-site scripting (XSS).

4.3
2020-10-01 CVE-2020-13940 Apache XXE vulnerability in Apache Nifi

In Apache NiFi 1.0.0 to 1.11.4, the notification service manager and various policy authorizer and user group provider objects allowed trusted administrators to inadvertently configure a potentially malicious XML file.

4.3
2020-10-01 CVE-2020-15668 Mozilla Improper Locking vulnerability in Mozilla Firefox

A lock was missing when accessing a data structure and importing certificate information into the trust database.

4.3
2020-10-01 CVE-2020-15666 Mozilla Information Exposure vulnerability in Mozilla Firefox

When trying to load a non-video in an audio/video context the exact status code (200, 302, 404, 500, 412, 403, etc.) was disclosed via the MediaError Message.

4.3
2020-10-01 CVE-2020-15665 Mozilla Unspecified vulnerability in Mozilla Firefox

Firefox did not reset the address bar after the beforeunload dialog was shown if the user chose to remain on the page.

4.3
2020-10-01 CVE-2020-15664 Mozilla Incorrect Authorization vulnerability in Mozilla Firefox and Firefox ESR

By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension.

4.3
2020-10-01 CVE-2020-15676 Mozilla Cross-site Scripting vulnerability in Mozilla Firefox

Firefox sometimes ran the onload handler for SVG elements that the DOM sanitizer decided to remove, resulting in JavaScript being executed after pasting attacker-controlled data into a contenteditable element.

4.3
2020-09-30 CVE-2020-25626 Encode
Redhat
Cross-site Scripting vulnerability in multiple products

A flaw was found in Django REST Framework versions before 3.12.0 and before 3.11.2.

4.3
2020-09-30 CVE-2020-8238 Pulsesecure Cross-site Scripting vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4

A vulnerability in the authenticated user web interface of Pulse Connect Secure and Pulse Policy Secure < 9.1R8.2 could allow attackers to conduct Cross-Site Scripting (XSS).

4.3
2020-09-30 CVE-2020-26043 Hoosk Cross-site Scripting vulnerability in Hoosk 1.8.0

An issue was discovered in Hoosk CMS v1.8.0.

4.3
2020-09-30 CVE-2020-25761 Projectworlds Cross-site Scripting vulnerability in PHP 1.0

Projectworlds Visitor Management System in PHP 1.0 allows XSS.

4.3
2020-09-30 CVE-2020-24570 Mbconnectline Cross-Site Request Forgery (CSRF) vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1.

4.3
2020-09-30 CVE-2020-22481 Hack Cross-site Scripting vulnerability in Hack Hfish 0.5.1

An issue was discovered in HFish 0.5.1.

4.3
2020-09-30 CVE-2020-13323 Gitlab Incorrect Authorization vulnerability in Gitlab

A vulnerability was discovered in GitLab versions prior 13.1.

4.3
2020-09-30 CVE-2018-11765 Apache Improper Authentication vulnerability in Apache Hadoop

In Apache Hadoop versions 3.0.0-alpha2 to 3.0.0, 2.9.0 to 2.9.2, 2.8.0 to 2.8.5, any users can access some servlets without authentication when Kerberos authentication is enabled and SPNEGO through HTTP is not enabled.

4.3
2020-09-30 CVE-2020-15731 Bitdefender Improper Input Validation vulnerability in Bitdefender Engines 7.84063/7.84892/7.84897

An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows an attacker to write an arbitrary file in a location hardcoded in a specially-crafted malicious file name.

4.3
2020-09-29 CVE-2020-15216 Goxmldsig Project
Fedoraproject
Improper Verification of Cryptographic Signature vulnerability in multiple products

In goxmldsig (XML Digital Signatures implemented in pure Go) before version 1.1.0, with a carefully crafted XML file, an attacker can completely bypass signature validation and pass off an altered file as a signed one.

4.3
2020-09-29 CVE-2020-25774 Trendmicro Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas

A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to trigger an out-of-bounds red information disclosure which would disclose sensitive information to an unprivileged account.

4.3
2020-10-02 CVE-2020-15230 Vapor Project Path Traversal vulnerability in Vapor Project Vapor

Vapor is a web framework for Swift.

4.0
2020-10-02 CVE-2020-24568 Mbconnectline SQL Injection vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1.

4.0
2020-10-02 CVE-2020-5422 Cloud Foundry Exposure of Resource to Wrong Sphere vulnerability in Cloud Foundry Bosh System Metrics Server

BOSH System Metrics Server releases prior to 0.1.0 exposed the UAA password as a flag to a process running on the BOSH director.

4.0
2020-10-02 CVE-2020-17482 Powerdns Information Exposure vulnerability in Powerdns Authoritative

An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory.

4.0
2020-10-01 CVE-2020-5789 Teltonika Networks Path Traversal vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03

Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attacker to read the contents of arbitrary files on disk.

4.0
2020-10-01 CVE-2020-5784 Teltonika Networks Server-Side Request Forgery (SSRF) vulnerability in Teltonika-Networks Trb245 Firmware 00.02.04.03

Server-Side Request Forgery in Teltonika firmware TRB2_R_00.02.04.3 allows a low privileged user to cause the application to perform HTTP GET requests to arbitrary URLs.

4.0
2020-10-01 CVE-2020-15228 Toolkit Project Improper Input Validation vulnerability in Toolkit Project Toolkit

In the `@actions/core` npm module before version 1.2.6,`addPath` and `exportVariable` functions communicate with the Actions Runner over stdout by generating a string in a specific format.

4.0
2020-09-30 CVE-2020-25781 Mantisbt Incorrect Authorization vulnerability in Mantisbt

An issue was discovered in file_download.php in MantisBT before 2.24.3.

4.0
2020-09-30 CVE-2020-8256 Pulsesecure XXE vulnerability in Pulsesecure Pulse Connect Secure 7.1/7.4

A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to gain arbitrary file reading access through Pulse Collaboration via XML External Entity (XXE) vulnerability.

4.0
2020-09-30 CVE-2020-24569 Mbconnectline SQL Injection vulnerability in Mbconnectline Mbconnect24 and Mymbconnect24

An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.1.

4.0
2020-09-30 CVE-2020-19670 Niushop Missing Authentication for Critical Function vulnerability in Niushop 1.11

In Niushop B2B2C Multi-Business Basic Edition V1.11, authentication can be bypassed, causing administrators to reset any passwords.

4.0
2020-09-30 CVE-2020-15594 Zohocorp Information Exposure vulnerability in Zohocorp Application Control Plus

An SSRF issue was discovered in Zoho Application Control Plus before version 10.0.511.

4.0
2020-09-30 CVE-2020-13794 Linuxfoundation Information Exposure vulnerability in Linuxfoundation Harbor

Harbor 1.9.* 1.10.* and 2.0.* allows Exposure of Sensitive Information to an Unauthorized Actor.

4.0
2020-09-30 CVE-2020-13320 Gitlab Incorrect Authorization vulnerability in Gitlab

An issue has been discovered in GitLab before version 12.10.13 that allowed a project member with limited permissions to view the project security dashboard.

4.0
2020-09-30 CVE-2020-13319 Gitlab Missing Authorization vulnerability in Gitlab

An issue has been discovered in GitLab affecting versions prior to 13.1.2, 13.0.8 and 12.10.13.

4.0
2020-09-30 CVE-2020-15595 Zohocorp Incorrect Permission Assignment for Critical Resource vulnerability in Zohocorp Application Control Plus

An issue was discovered in Zoho Application Control Plus before version 10.0.511.

4.0

34 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-10-02 CVE-2020-5988 Nvidia Use After Free vulnerability in Nvidia Virtual GPU Manager

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service.

3.6
2020-10-02 CVE-2020-5985 Nvidia Improper Input Validation vulnerability in Nvidia Virtual GPU Manager

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering or denial of service.

3.6
2020-10-02 CVE-2020-5983 Nvidia Out-of-bounds Write vulnerability in Nvidia Virtual GPU Manager

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is outside the intended boundary of the frame buffer memory allocated to guest operating systems, which may lead to denial of service or information disclosure.

3.6
2020-09-30 CVE-2020-14377 Dpdk
Canonical
Opensuse
Out-of-bounds Read vulnerability in multiple products

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.

3.6
2020-10-02 CVE-2020-13338 Gitlab Cross-site Scripting vulnerability in Gitlab

An issue has been discovered in GitLab affecting versions prior to 12.10.13, 13.0.8, 13.1.2.

3.5
2020-10-02 CVE-2020-13337 Gitlab Cross-site Scripting vulnerability in Gitlab

An issue has been discovered in GitLab affecting versions from 12.10 to 12.10.12 that allowed for a stored XSS payload to be added as a group name.

3.5
2020-10-02 CVE-2020-24627 HPE Cross-site Scripting vulnerability in HPE KVM IP Console Switch G2 Firmware

A remote stored xss vulnerability was discovered in HPE KVM IP Console Switches version(s): G2 4x1Ex32 Prior to 2.8.3.

3.5
2020-10-01 CVE-2020-24861 GET Simple Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.16

GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings page persistent Cross Site Scripting which is executed when you create and open a new page

3.5
2020-10-01 CVE-2020-24860 Cmsmadesimple Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14

CMS Made Simple 2.2.14 allows an authenticated user with access to the Content Manager to edit content and put persistent XSS payload in the affected text fields.

3.5
2020-09-30 CVE-2020-25830 Mantisbt Cross-site Scripting vulnerability in Mantisbt

An issue was discovered in MantisBT before 2.24.3.

3.5
2020-09-30 CVE-2020-25288 Mantisbt Cross-site Scripting vulnerability in Mantisbt

An issue was discovered in MantisBT before 2.24.3.

3.5
2020-09-30 CVE-2020-13336 Gitlab Cross-site Scripting vulnerability in Gitlab

An issue has been discovered in GitLab affecting versions from 11.8 before 12.10.13.

3.5
2020-09-30 CVE-2020-12869 Rainbowfishsoftware Cross-site Scripting vulnerability in Rainbowfishsoftware Pacsone Server 6.8.4

RainbowFish PacsOne Server 6.8.4 allows XSS.

3.5
2020-09-30 CVE-2020-22842 Cmsmadesimple Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple

CMS Made Simple before 2.2.15 allows XSS via the m1_mod parameter in a ModuleManager local_uninstall action to admin/moduleinterface.php.

3.5
2020-09-30 CVE-2020-13331 Gitlab Cross-site Scripting vulnerability in Gitlab

An issue has been discovered in GitLab affecting versions prior to 12.10.13.

3.5
2020-09-30 CVE-2020-13330 Gitlab Cross-site Scripting vulnerability in Gitlab

An issue has been discovered in GitLab affecting versions prior to 12.10.13.

3.5
2020-09-30 CVE-2020-13329 Gitlab Cross-site Scripting vulnerability in Gitlab

An issue has been discovered in GitLab affecting versions from 12.6.2 prior to 12.10.13.

3.5
2020-09-30 CVE-2020-13328 Gitlab Cross-site Scripting vulnerability in Gitlab

An issue has been discovered in GitLab affecting versions prior to 13.1.2, 13.0.8 and 12.10.13.

3.5
2020-09-30 CVE-2020-13326 Gitlab Unspecified vulnerability in Gitlab

A vulnerability was discovered in GitLab versions prior to 13.1.

3.5
2020-09-30 CVE-2020-13324 Gitlab Unspecified vulnerability in Gitlab

A vulnerability was discovered in GitLab versions prior to 13.1.

3.5
2020-09-30 CVE-2020-24721 Apple
Google
An issue was discovered in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-09-29, as used in COVID-19 applications on Android and iOS.
3.3
2020-10-01 CVE-2020-15671 Mozilla Improper Input Validation vulnerability in Mozilla Firefox

When typing in a password under certain conditions, a race may have occured where the InputContext was not being correctly set for the input field, resulting in the typed password being saved to the keyboard dictionary.

2.6
2020-10-02 CVE-2020-5989 Nvidia NULL Pointer Dereference vulnerability in Nvidia Virtual GPU Manager

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference a NULL pointer, which may lead to denial of service.

2.1
2020-10-02 CVE-2020-5986 Nvidia Improper Input Validation vulnerability in Nvidia Virtual GPU Manager

NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service.

2.1
2020-10-02 CVE-2020-5982 Nvidia Allocation of Resources Without Limits or Throttling vulnerability in Nvidia Virtual GPU Manager

NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) scheduler, in which the software does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests, which may lead to denial of service.

2.1
2020-10-02 CVE-2020-25741 Qemu NULL Pointer Dereference vulnerability in Qemu 5.0.0

fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive.

2.1
2020-10-01 CVE-2020-24620 Unisys Use of Hard-coded Credentials vulnerability in Unisys Stealth

Unisys Stealth(core) before 4.0.134 stores passwords in a recoverable format.

2.1
2020-09-30 CVE-2020-14378 Dpdk
Canonical
Opensuse
Integer Overflow or Wraparound vulnerability in multiple products

An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop.

2.1
2020-09-30 CVE-2020-4629 IBM Information Exposure Through an Error Message vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensitive information from a detailed technical error message.

2.1
2020-09-29 CVE-2020-25772 Trendmicro Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas

An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product.

2.1
2020-09-29 CVE-2020-25771 Trendmicro Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas

An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product.

2.1
2020-09-29 CVE-2020-25770 Trendmicro Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas

An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product.

2.1
2020-09-29 CVE-2020-24565 Trendmicro Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas

An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product.

2.1
2020-09-29 CVE-2020-24564 Trendmicro Out-of-bounds Read vulnerability in Trendmicro Apex ONE 2019/Saas

An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product.

2.1