Weekly Vulnerabilities Reports > October 12 to 18, 2020

Overview

387 new vulnerabilities reported during this period, including 33 critical vulnerabilities and 58 high severity vulnerabilities. This weekly summary report vulnerabilities in 239 products from 90 vendors including Microsoft, Apple, Juniper, IBM, and Google. Vulnerabilities are notably categorized as "Improper Privilege Management", "Cross-site Scripting", "Out-of-bounds Read", "Out-of-bounds Write", and "Information Exposure".

  • 260 reported vulnerabilities are remotely exploitables.
  • 2 reported vulnerabilities have public exploit available.
  • 69 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 325 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 90 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 12 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

33 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-10-16 CVE-2020-9918 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

10.0
2020-10-16 CVE-2020-9864 Apple Unspecified vulnerability in Apple mac OS X

A logic issue was addressed with improved restrictions.

10.0
2020-10-16 CVE-2019-19513 Un4Seen
Microsoft
Out-of-bounds Write vulnerability in Un4Seen Bassmidi

The BASSMIDI plugin 2.4.12.1 for Un4seen BASS Audio Library on Windows is prone to an out of bounds write vulnerability.

10.0
2020-10-15 CVE-2020-6364 SAP OS Command Injection vulnerability in SAP Introscope Enterprise Manager

SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an attacker to modify a cookie in a way that OS commands can be executed and potentially gain control over the host running the CA Introscope Enterprise Manager,leading to Code Injection.

10.0
2020-10-13 CVE-2020-17407 Microhardcorp Stack-based Buffer Overflow vulnerability in Microhardcorp Bullet-Lte Firmware

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112.

10.0
2020-10-14 CVE-2020-0376 Google Out-of-bounds Read vulnerability in Google Android

There is a possible out of bounds read due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-163003156

9.4
2020-10-14 CVE-2020-0371 Google Out-of-bounds Read vulnerability in Google Android

There is a possible out of bounds read due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-163008256

9.4
2020-10-14 CVE-2020-0367 Google Out-of-bounds Write vulnerability in Google Android

There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-162980455

9.4
2020-10-14 CVE-2020-0339 Google Out-of-bounds Read vulnerability in Google Android

There is a possible out of bounds read due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-162980705

9.4
2020-10-14 CVE-2020-0283 Google Out-of-bounds Write vulnerability in Google Android

There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-163008257

9.4
2020-10-16 CVE-2020-17023 Microsoft Unspecified vulnerability in Microsoft Visual Studio Code

A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file, aka 'Visual Studio JSON Remote Code Execution Vulnerability'.

9.3
2020-10-16 CVE-2020-17003 Microsoft Unspecified vulnerability in Microsoft 3D Viewer

A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.An attacker who successfully exploited the vulnerability would gain execution on a victim system.The security update addresses the vulnerability by correcting how the Base3D rendering engine handles memory., aka 'Base3D Remote Code Execution Vulnerability'.

9.3
2020-10-16 CVE-2020-16977 Microsoft Unspecified vulnerability in Microsoft Visual Studio Code

A remote code execution vulnerability exists in Visual Studio Code when the Python extension loads a Jupyter notebook file, aka 'Visual Studio Code Python Extension Remote Code Execution Vulnerability'.

9.3
2020-10-16 CVE-2020-16968 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Windows 10

A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory, aka 'Windows Camera Codec Pack Remote Code Execution Vulnerability'.

9.3
2020-10-16 CVE-2020-16967 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Windows 10

A remote code execution vulnerability exists when the Windows Camera Codec Pack improperly handles objects in memory, aka 'Windows Camera Codec Pack Remote Code Execution Vulnerability'.

9.3
2020-10-16 CVE-2020-16957 Microsoft Unspecified vulnerability in Microsoft 365 Apps and Office

A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'.

9.3
2020-10-16 CVE-2020-16947 Microsoft Out-of-bounds Read vulnerability in Microsoft 365 Apps, Office and Outlook

A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory, aka 'Microsoft Outlook Remote Code Execution Vulnerability'.

9.3
2020-10-16 CVE-2020-16924 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'.

9.3
2020-10-16 CVE-2020-16918 Microsoft Unspecified vulnerability in Microsoft 365 Apps and 3D Viewer

A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.An attacker who successfully exploited the vulnerability would gain execution on a victim system.The security update addresses the vulnerability by correcting how the Base3D rendering engine handles memory., aka 'Base3D Remote Code Execution Vulnerability'.

9.3
2020-10-16 CVE-2020-16911 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'.

9.3
2020-10-16 CVE-2020-1167 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.

9.3
2020-10-16 CVE-2020-25214 Overwolf Unspecified vulnerability in Overwolf 0.149.2.30

In the client in Overwolf 0.149.2.30, a channel can be accessed or influenced by an actor that is not an endpoint.

9.3
2020-10-16 CVE-2020-9992 Apple Unspecified vulnerability in Apple Xcode

This issue was addressed by encrypting communications over the network to devices running iOS 14, iPadOS 14, tvOS 14, and watchOS 7.

9.3
2020-10-16 CVE-2020-9958 Apple Out-of-bounds Write vulnerability in Apple Ipad OS and Iphone OS

An out-of-bounds write issue was addressed with improved bounds checking.

9.3
2020-10-16 CVE-2020-9923 Apple Unspecified vulnerability in Apple Ipad OS and Iphone OS

A memory corruption issue was addressed with improved memory handling.

9.3
2020-10-16 CVE-2020-9907 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Ipad OS and Iphone OS

A memory corruption issue was addressed by removing the vulnerable code.

9.3
2020-10-16 CVE-2020-9799 Apple Out-of-bounds Read vulnerability in Apple mac OS X

An out-of-bounds read was addressed with improved bounds checking.

9.3
2020-10-14 CVE-2020-9746 Adobe NULL Pointer Dereference vulnerability in Adobe Flash Player

Adobe Flash Player version 32.0.0.433 (and earlier) are affected by an exploitable NULL pointer dereference vulnerability that could result in a crash and arbitrary code execution.

9.3
2020-10-14 CVE-2020-0416 Google Insecure Default Initialization of Resource vulnerability in Google Android

In multiple settings screens, there are possible tapjacking attacks due to an insecure default value.

9.3
2020-10-12 CVE-2020-4302 IBM Improper Handling of Exceptional Conditions vulnerability in IBM Cognos Analytics

IBM Cognos Analytics 11.0 and 11.1 could allow a remote attacker to execute arbitrary code on the system, caused by a CSV injection.

9.3
2020-10-16 CVE-2020-15252 Xwiki Injection vulnerability in Xwiki

In XWiki before version 12.5 and 11.10.6, any user with SCRIPT right (EDIT right before XWiki 7.4) can gain access to the application server Servlet context which contains tools allowing to instantiate arbitrary Java objects and invoke methods that may lead to arbitrary code execution.

9.0
2020-10-16 CVE-2020-26943 Openstack Unspecified vulnerability in Openstack Blazar-Dashboard 2.0.0/3.0.0

An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2.0.0, and 3.0.0.

9.0
2020-10-13 CVE-2020-17406 Microhardcorp OS Command Injection vulnerability in Microhardcorp Bullet-Lte Firmware

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microhard Bullet-LTE prior to v1.2.0-r1112.

9.0

58 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-10-15 CVE-2020-7591 Siemens Use of Client-Side Authentication vulnerability in Siemens Siport MP 2.2/3.0.3/3.1.4

A vulnerability has been identified in SIPORT MP (All versions < 3.2.1).

8.5
2020-10-12 CVE-2020-4689 IBM Injection vulnerability in IBM Security Guardium 11.2

IBM Security Guardium 11.2 is vulnerable to CVS Injection.

8.5
2020-10-16 CVE-2020-16927 Microsoft Unspecified vulnerability in Microsoft products

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.

7.8
2020-10-16 CVE-2020-16899 Microsoft Unspecified vulnerability in Microsoft products

A denial of service vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Denial of Service Vulnerability'.

7.8
2020-10-16 CVE-2020-16863 Microsoft Unspecified vulnerability in Microsoft Windows 7 and Windows Server 2008

A denial of service vulnerability exists in Windows Remote Desktop Service when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Service Denial of Service Vulnerability'.

7.8
2020-10-16 CVE-2020-1686 Juniper Unspecified vulnerability in Juniper Junos

On Juniper Networks Junos OS devices, receipt of a malformed IPv6 packet may cause the system to crash and restart (vmcore).

7.8
2020-10-16 CVE-2020-1683 Juniper Memory Leak vulnerability in Juniper Junos

On Juniper Networks Junos OS devices, a specific SNMP OID poll causes a memory leak which over time leads to a kernel crash (vmcore).

7.8
2020-10-14 CVE-2020-0377 Google Out-of-bounds Read vulnerability in Google Android

In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check.

7.8
2020-10-14 CVE-2020-6087 Rockwellautomation Classic Buffer Overflow vulnerability in Rockwellautomation Flex I/O 1794-Aent/B Firmware 4.003

An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B.

7.8
2020-10-14 CVE-2020-6086 Rockwellautomation Classic Buffer Overflow vulnerability in Rockwellautomation Flex I/O 1794-Aent/B Firmware 4.003

An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment functionality of Allen-Bradley Flex IO 1794-AENT/B.

7.8
2020-10-12 CVE-2020-15012 Sonatype Path Traversal vulnerability in Sonatype Nexus Repository Manager

A Directory Traversal issue was discovered in Sonatype Nexus Repository Manager 2.x before 2.14.19.

7.8
2020-10-16 CVE-2020-1673 Juniper Cross-site Scripting vulnerability in Juniper Junos

Insufficient Cross-Site Scripting (XSS) protection in Juniper Networks J-Web and web based (HTTP/HTTPS) services allows an unauthenticated attacker to hijack the target user's HTTP/HTTPS session and perform administrative actions on the Junos device as the targeted user.

7.6
2020-10-17 CVE-2020-27197 Eclecticiq
Libtaxii Project
Server-Side Request Forgery (SSRF) vulnerability in multiple products

** DISPUTED ** TAXII libtaxii through 1.1.117, as used in EclecticIQ OpenTAXII through 0.2.0 and other products, allows SSRF via an initial http:// substring to the parse method, even when the no_network setting is used for the XML parser.

7.5
2020-10-16 CVE-2020-16904 Microsoft Improper Privilege Management vulnerability in Microsoft Azure Functions

An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization.This security update addresses the vulnerability by correctly validating access keys used to access HTTP Functions., aka 'Azure Functions Elevation of Privilege Vulnerability'.

7.5
2020-10-16 CVE-2020-9895 Apple Use After Free vulnerability in Apple products

A use after free issue was addressed with improved memory management.

7.5
2020-10-16 CVE-2020-15254 Crossbeam Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Crossbeam Project Crossbeam

Crossbeam is a set of tools for concurrent programming.

7.5
2020-10-16 CVE-2020-26944 Aptean SQL Injection vulnerability in Aptean Product Configurator 4.61.0000

An issue was discovered in Aptean Product Configurator 4.61.0000 on Windows.

7.5
2020-10-15 CVE-2019-17640 Eclipse Path Traversal vulnerability in Eclipse Vert.X

In Eclipse Vert.x 3.4.x up to 3.9.4, 4.0.0.milestone1, 4.0.0.milestone2, 4.0.0.milestone3, 4.0.0.milestone4, 4.0.0.milestone5, 4.0.0.Beta1, 4.0.0.Beta2, and 4.0.0.Beta3, StaticHandler doesn't correctly processes back slashes on Windows Operating systems, allowing, escape the webroot folder to the current working directory.

7.5
2020-10-15 CVE-2020-12504 Pepperl Fuchs Unspecified vulnerability in Pepperl-Fuchs products

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service.

7.5
2020-10-15 CVE-2020-12501 Pepperl Fuchs Use of Hard-coded Credentials vulnerability in Pepperl-Fuchs products

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts.

7.5
2020-10-15 CVE-2020-12500 Pepperl Fuchs Missing Authentication for Critical Function vulnerability in Pepperl-Fuchs products

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration.

7.5
2020-10-15 CVE-2020-4499 IBM Missing Authorization vulnerability in IBM Security Access Manager and Security Verify Access

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an unauthorized public Oauth client to bypass some or all of the authentication checks and gain access to applications.

7.5
2020-10-15 CVE-2020-27156 Veritas Incorrect Authorization vulnerability in Veritas Aptare 10.4

Veritas APTARE versions prior to 10.5 did not perform adequate authorization checks.

7.5
2020-10-15 CVE-2020-27153 Bluez Double Free vulnerability in Bluez

In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c.

7.5
2020-10-13 CVE-2020-13957 Apache Missing Authorization vulnerability in Apache Solr

Apache Solr versions 6.6.0 to 6.6.6, 7.0.0 to 7.7.3 and 8.0.0 to 8.6.2 prevents some features considered dangerous (which could be used for remote code execution) to be configured in a ConfigSet that's uploaded via API without authentication/authorization.

7.5
2020-10-13 CVE-2020-16124 ROS Integer Overflow or Wraparound vulnerability in ROS Ros-Comm

Integer Overflow or Wraparound vulnerability in the XML RPC library of OpenRobotics ros_comm communications packages allows unauthenticated network traffic to cause unexpected behavior.

7.5
2020-10-13 CVE-2020-7743 Mathjs Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Mathjs

The package mathjs before 7.5.1 are vulnerable to Prototype Pollution via the deepExtend function that runs upon configuration updates.

7.5
2020-10-12 CVE-2019-17444 Jfrog Weak Password Requirements vulnerability in Jfrog Artifactory

Jfrog Artifactory uses default passwords (such as "password") for administrative accounts and does not require users to change them.

7.5
2020-10-12 CVE-2020-26867 Pcvuesolutions Deserialization of Untrusted Data vulnerability in Pcvuesolutions Pcvue 12/8.10

ARC Informatique PcVue prior to version 12.0.17 is vulnerable due to the deserialization of untrusted data, which may allow an attacker to remotely execute arbitrary code on the web and mobile back-end server.

7.5
2020-10-12 CVE-2020-5135 Sonicwall Classic Buffer Overflow vulnerability in Sonicwall Sonicos and Sonicosv

A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall.

7.5
2020-10-16 CVE-2020-16995 Microsoft Improper Privilege Management vulnerability in Microsoft Network Watcher Agent

An elevation of privilege vulnerability exists in Network Watcher Agent virtual machine extension for Linux, aka 'Network Watcher Agent Virtual Machine Extension for Linux Elevation of Privilege Vulnerability'.

7.2
2020-10-16 CVE-2020-16935 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'.

7.2
2020-10-16 CVE-2020-16916 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'.

7.2
2020-10-16 CVE-2020-16913 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

7.2
2020-10-16 CVE-2020-16908 Microsoft Improper Privilege Management vulnerability in Microsoft Windows 10

An elevation of privilege vulnerability exists in Windows Setup in the way it handles directories.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Setup Elevation of Privilege Vulnerability'.

7.2
2020-10-16 CVE-2020-16907 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'.

7.2
2020-10-16 CVE-2020-16902 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer Elevation of Privilege Vulnerability'.

7.2
2020-10-16 CVE-2020-16895 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles a process crash, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'.

7.2
2020-10-16 CVE-2020-16891 Microsoft Improper Input Validation vulnerability in Microsoft products

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka 'Windows Hyper-V Remote Code Execution Vulnerability'.

7.2
2020-10-16 CVE-2020-16890 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'.

7.2
2020-10-16 CVE-2020-16886 Microsoft Unspecified vulnerability in Microsoft Powershellget 2.2.5

A security feature bypass vulnerability exists in the PowerShellGet V2 module, aka 'PowerShellGet Module WDAC Security Feature Bypass Vulnerability'.

7.2
2020-10-16 CVE-2020-1080 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory, aka 'Windows Hyper-V Elevation of Privilege Vulnerability'.

7.2
2020-10-16 CVE-2020-1047 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

An elevation of privilege vulnerability exists when Windows Hyper-V on a host server fails to properly handle objects in memory, aka 'Windows Hyper-V Elevation of Privilege Vulnerability'.

7.2
2020-10-16 CVE-2020-1666 Juniper Insufficient Session Expiration vulnerability in Juniper Junos OS Evolved

The system console configuration option 'log-out-on-disconnect' In Juniper Networks Junos OS Evolved fails to log out an active CLI session when the console cable is disconnected.

7.2
2020-10-16 CVE-2020-1664 Juniper Out-of-bounds Write vulnerability in Juniper Junos

A stack buffer overflow vulnerability in the device control daemon (DCD) on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service (DoS) against the daemon or execute arbitrary code in the system with root privilege.

7.2
2020-10-15 CVE-2020-25859 Qualcomm OS Command Injection vulnerability in Qualcomm Qcmap

The QCMAP_CLI utility in the Qualcomm QCMAP software suite prior to versions released in October 2020 uses a system() call without validating the input, while handling a SetGatewayUrl() request.

7.2
2020-10-14 CVE-2020-8338 Lenovo Untrusted Search Path vulnerability in Lenovo Diagnostics

A DLL search path vulnerability was reported in Lenovo Diagnostics prior to version 4.35.4 that could allow a user with local access to execute code on the system.

7.2
2020-10-14 CVE-2020-0423 Google Improper Locking vulnerability in Google Android

In binder_release_work of binder.c, there is a possible use-after-free due to improper locking.

7.2
2020-10-14 CVE-2020-0421 Google Improper Handling of Exceptional Conditions vulnerability in Google Android

In appendFormatV of String8.cpp, there is a possible out of bounds write due to incorrect error handling.

7.2
2020-10-14 CVE-2020-0420 Google Improper Locking vulnerability in Google Android 11.0

In setUpdatableDriverPath of GpuService.cpp, there is a possible memory corruption due to a missing permission check.

7.2
2020-10-14 CVE-2020-0408 Google Integer Overflow or Wraparound vulnerability in Google Android

In remove of String16.cpp, there is a possible out of bounds write due to an integer overflow.

7.2
2020-10-13 CVE-2020-12928 AMD Unspecified vulnerability in AMD Ryzen Master

A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system.

7.2
2020-10-13 CVE-2020-17415 Foxitsoftware Incorrect Permission Assignment for Critical Resource vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit PhantomPDF 10.0.0.35798.

7.2
2020-10-13 CVE-2020-17414 Foxitsoftware Incorrect Permission Assignment for Critical Resource vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows local attackers to escalate privileges on affected installations of Foxit Reader 10.0.0.35798.

7.2
2020-10-13 CVE-2020-15797 Siemens Improper Privilege Management vulnerability in Siemens DCA Vantage Analyzer Firmware

A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590.

7.2
2020-10-16 CVE-2019-18796 Un4Seen Infinite Loop vulnerability in Un4Seen Bass

The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Denial of Service vulnerability (infinite loop) via a crafted .mp3 file.

7.1
2020-10-12 CVE-2020-9108 Huawei Out-of-bounds Read vulnerability in Huawei P30 PRO Firmware

HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability.

7.1
2020-10-12 CVE-2020-9107 Huawei Out-of-bounds Read vulnerability in Huawei P30 PRO Firmware

HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vulnerability.

7.1

220 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-10-14 CVE-2020-8332 Lenovo Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Lenovo products

A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution.

6.9
2020-10-16 CVE-2020-17022 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft Windows 10

A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'.

6.8
2020-10-16 CVE-2020-16955 Microsoft Improper Input Validation vulnerability in Microsoft 365 Apps and Office

An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files, aka 'Microsoft Office Click-to-Run Elevation of Privilege Vulnerability'.

6.8
2020-10-16 CVE-2020-16954 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft 365 Apps and Office

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Remote Code Execution Vulnerability'.

6.8
2020-10-16 CVE-2020-16952 Microsoft Origin Validation Error vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.

6.8
2020-10-16 CVE-2020-16951 Microsoft Origin Validation Error vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'.

6.8
2020-10-16 CVE-2020-16934 Microsoft Improper Privilege Management vulnerability in Microsoft 365 Apps, Office and Office 2013 Click-To-Run

An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files, aka 'Microsoft Office Click-to-Run Elevation of Privilege Vulnerability'.

6.8
2020-10-16 CVE-2020-16933 Microsoft Improper Handling of Exceptional Conditions vulnerability in Microsoft products

A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files, aka 'Microsoft Word Security Feature Bypass Vulnerability'.

6.8
2020-10-16 CVE-2020-16932 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

6.8
2020-10-16 CVE-2020-16931 Microsoft Use of Uninitialized Resource vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

6.8
2020-10-16 CVE-2020-16930 Microsoft Access of Uninitialized Pointer vulnerability in Microsoft 365 Apps and Office

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

6.8
2020-10-16 CVE-2020-16929 Microsoft Use After Free vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.

6.8
2020-10-16 CVE-2020-16928 Microsoft Improper Privilege Management vulnerability in Microsoft 365 Apps and Office

An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files, aka 'Microsoft Office Click-to-Run Elevation of Privilege Vulnerability'.

6.8
2020-10-16 CVE-2020-16923 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Remote Code Execution Vulnerability'.

6.8
2020-10-16 CVE-2020-16915 Microsoft Out-of-bounds Write vulnerability in Microsoft products

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'.

6.8
2020-10-16 CVE-2020-16894 Microsoft Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016

A remote code execution vulnerability exists when Windows Network Address Translation (NAT) fails to properly handle UDP traffic, aka 'Windows NAT Remote Code Execution Vulnerability'.

6.8
2020-10-16 CVE-2020-1660 Juniper Unspecified vulnerability in Juniper Junos

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service", may crash, causing the Services PIC to restart.

6.8
2020-10-16 CVE-2020-9983 Apple Out-of-bounds Write vulnerability in Apple Safari

An out-of-bounds write issue was addressed with improved bounds checking.

6.8
2020-10-16 CVE-2020-9951 Apple Use After Free vulnerability in Apple Safari

A use after free issue was addressed with improved memory management.

6.8
2020-10-16 CVE-2020-9948 Apple Type Confusion vulnerability in Apple Safari

A type confusion issue was addressed with improved memory handling.

6.8
2020-10-16 CVE-2020-9936 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved bounds checking.

6.8
2020-10-16 CVE-2020-9893 Apple Use After Free vulnerability in Apple products

A use after free issue was addressed with improved memory management.

6.8
2020-10-16 CVE-2020-9891 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved bounds checking.

6.8
2020-10-16 CVE-2020-9890 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved bounds checking.

6.8
2020-10-16 CVE-2020-9889 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved bounds checking.

6.8
2020-10-16 CVE-2020-9888 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved bounds checking.

6.8
2020-10-16 CVE-2020-9884 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved bounds checking.

6.8
2020-10-16 CVE-2020-9878 Apple Classic Buffer Overflow vulnerability in Apple products

A buffer overflow issue was addressed with improved memory handling.

6.8
2020-10-16 CVE-2020-9865 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

A memory corruption issue was addressed by removing the vulnerable code.

6.8
2020-10-16 CVE-2020-9862 Apple Command Injection vulnerability in Apple products

A command injection issue existed in Web Inspector.

6.8
2020-10-16 CVE-2020-26682 Libass Project Integer Overflow or Wraparound vulnerability in Libass Project Libass 0.14.0

In libass 0.14.0, the `ass_outline_construct`'s call to `outline_stroke` causes a signed integer overflow.

6.8
2020-10-16 CVE-2020-27176 Marktext Cross-site Scripting vulnerability in Marktext

Mutation XSS exists in Mark Text through 0.16.2 that leads to Remote Code Execution.

6.8
2020-10-15 CVE-2020-12502 Pepperl Fuchs Cross-Site Request Forgery (CSRF) vulnerability in Pepperl-Fuchs products

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration.

6.8
2020-10-15 CVE-2020-6108 F2Fs Tools Project Out-of-bounds Write vulnerability in F2Fs-Tools Project F2Fs-Tools 1.12.0/1.13.0

An exploitable code execution vulnerability exists in the fsck_chk_orphan_node functionality of F2fs-Tools F2fs.Fsck 1.13.

6.8
2020-10-15 CVE-2020-6105 F2Fs Tools Project Unspecified vulnerability in F2Fs-Tools Project F2Fs-Tools 1.12.0/1.13.0

An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13.

6.8
2020-10-15 CVE-2020-27157 Veritas Authentication Bypass by Capture-replay vulnerability in Veritas Aptare 10.4

Veritas APTARE versions prior to 10.5 included code that bypassed the normal login process when specific authentication credentials were provided to the server.

6.8
2020-10-15 CVE-2020-5642 Onwebchat Cross-Site Request Forgery (CSRF) vulnerability in Onwebchat Live Chat - Live Support

Cross-site request forgery (CSRF) vulnerability in Live Chat - Live support version 3.1.0 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors.

6.8
2020-10-15 CVE-2020-6374 SAP Out-of-bounds Read vulnerability in SAP 3D Visual Enterprise Viewer 9

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated Jupiter Tessallation(.jt) file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

6.8
2020-10-15 CVE-2020-6373 SAP Out-of-bounds Write vulnerability in SAP 3D Visual Enterprise Viewer 9

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

6.8
2020-10-15 CVE-2020-6372 SAP Out-of-bounds Write vulnerability in SAP 3D Visual Enterprise Viewer 9

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

6.8
2020-10-14 CVE-2020-8349 Lenovo Code Injection vulnerability in Lenovo Cloud Networking Operating System

An internal security review has identified an unauthenticated remote code execution vulnerability in Cloud Networking Operating System (CNOS)’ optional REST API management interface.

6.8
2020-10-14 CVE-2020-25188 Laquisscada Out-of-bounds Read vulnerability in Laquisscada Scada 4.1.0.4150/4.3.1.71

An attacker who convinces a valid user to open a specially crafted project file to exploit could execute code under the privileges of the application due to an out-of-bounds read vulnerability on the LAquis SCADA (Versions prior to 4.3.1.870).

6.8
2020-10-13 CVE-2020-17417 Foxitsoftware Use After Free vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.1.35811.

6.8
2020-10-13 CVE-2020-17416 Foxitsoftware Out-of-bounds Write vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.0.0.35798.

6.8
2020-10-13 CVE-2020-17413 Foxitsoftware Out-of-bounds Write vulnerability in Foxitsoftware 3D 9.5.0.20733/9.7.0.29430

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798.

6.8
2020-10-13 CVE-2020-17412 Foxitsoftware Out-of-bounds Write vulnerability in Foxitsoftware 3D 9.5.0.20733/9.7.0.29430

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798.

6.8
2020-10-13 CVE-2020-17410 Foxitsoftware Use After Free vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 10.0.0.35798.

6.8
2020-10-12 CVE-2020-9123 Huawei Out-of-bounds Write vulnerability in Huawei P30 PRO Firmware

HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability.

6.8
2020-10-16 CVE-2020-9910 Apple Improper Authentication vulnerability in Apple products

Multiple issues were addressed with improved logic.

6.5
2020-10-16 CVE-2020-9870 Apple Improper Input Validation vulnerability in Apple products

A logic issue was addressed with improved validation.

6.5
2020-10-16 CVE-2020-4636 IBM Command Injection vulnerability in IBM Resilient Security Orchestration Automation and Response 38.2

IBM Resilient OnPrem 38.2 could allow a privileged user to inject malicious commands through Python3 scripting.

6.5
2020-10-16 CVE-2020-15867 Gogs OS Command Injection vulnerability in Gogs

The git hook feature in Gogs 0.5.5 through 0.12.2 allows for authenticated remote code execution.

6.5
2020-10-16 CVE-2020-14144 Gitea OS Command Injection vulnerability in Gitea

** DISPUTED ** The git hook feature in Gitea 1.1.0 through 1.12.5 might allow for authenticated remote code execution in customer environments where the documentation was not understood (e.g., one viewpoint is that the dangerousness of this feature should be documented immediately above the ENABLE_GIT_HOOKS line in the config file).

6.5
2020-10-15 CVE-2020-12503 Pepperl Fuchs Incorrect Authorization vulnerability in Pepperl-Fuchs products

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections.

6.5
2020-10-16 CVE-2019-19885 Bender Missing Authorization vulnerability in Bender products

In Bender COMTRAXX, user authorization is validated for most, but not all, routes in the system.

6.4
2020-10-12 CVE-2020-4388 IBM Improper Handling of Exceptional Conditions vulnerability in IBM Cognos Analytics

IBM Cognos Analytics 11.0 and 11.1 could be vulnerable to a denial of service attack by failing to catch exceptions in a servlet also exposing debug information could also be used in future attacks.

6.4
2020-10-12 CVE-2020-5141 Sonicwall Improper Restriction of Excessive Authentication Attempts vulnerability in Sonicwall Sonicos and Sonicosv

A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ticket ID in the firewall SSLVPN service.

6.4
2020-10-16 CVE-2020-14299 Redhat Improper Authentication vulnerability in Redhat products

A flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode.

6.3
2020-10-16 CVE-2020-15258 Wire Improper Input Validation vulnerability in Wire

In Wire before 3.20.x, `shell.openExternal` was used without checking the URL.

6.0
2020-10-16 CVE-2020-15255 Anuko Improper Neutralization of Formula Elements in a CSV File vulnerability in Anuko Time Tracker

In Anuko Time Tracker before verion 1.19.23.5325, due to not properly filtered user input a CSV export of a report could contain cells that are treated as formulas by spreadsheet software (for example, when a cell value starts with an equal sign).

6.0
2020-10-16 CVE-2020-16898 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists when the Windows TCP/IP stack improperly handles ICMPv6 Router Advertisement packets, aka 'Windows TCP/IP Remote Code Execution Vulnerability'.

5.8
2020-10-16 CVE-2020-1656 Juniper Improper Input Validation vulnerability in Juniper Junos

The DHCPv6 Relay-Agent service, part of the Juniper Enhanced jdhcpd daemon shipped with Juniper Networks Junos OS has an Improper Input Validation vulnerability which will result in a Denial of Service (DoS) condition when a DHCPv6 client sends a specific DHPCv6 message allowing an attacker to potentially perform a Remote Code Execution (RCE) attack on the target device.

5.8
2020-10-16 CVE-2020-9952 Apple Cross-site Scripting vulnerability in Apple products

An input validation issue was addressed with improved input validation.

5.8
2020-10-15 CVE-2020-15793 Siemens Improper Restriction of Rendered UI Layers or Frames vulnerability in Siemens Desigo Insight 4.0/5.0/6.0

A vulnerability has been identified in Desigo Insight (All versions).

5.8
2020-10-15 CVE-2019-4552 IBM Unspecified vulnerability in IBM Security Access Manager and Security Verify Access

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 are vulnerable to HTTP response splitting attacks.

5.8
2020-10-15 CVE-2020-6365 SAP Open Redirect vulnerability in SAP Netweaver Application Server Java

SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, Start Page allows an unauthenticated remote attacker to redirect users to a malicious site due to insufficient reverse tabnabbing URL validation.

5.8
2020-10-14 CVE-2020-8350 Lenovo Improper Authentication vulnerability in Lenovo Thinkpad Stack Wireless Router Firmware

An authentication bypass vulnerability was reported in Lenovo ThinkPad Stack Wireless Router firmware version 1.1.3.4 that could allow escalation of privilege.

5.8
2020-10-14 CVE-2020-15229 Sylabs Path Traversal vulnerability in Sylabs Singularity

Singularity (an open source container platform) from version 3.1.1 through 3.6.3 has a vulnerability.

5.8
2020-10-14 CVE-2020-25777 Trendmicro Unspecified vulnerability in Trendmicro Antivirus 2019/2020

Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a specific kernel extension request attack where an attacker could bypass the Web Threat Protection feature of the product.

5.8
2020-10-14 CVE-2020-24551 Iproom Open Redirect vulnerability in Iproom Mmc+ 3.2.2

IProom MMC+ Server login page does not validate specific parameters properly.

5.8
2020-10-14 CVE-2020-7383 Rapid7 SQL Injection vulnerability in Rapid7 Nexpose

A SQL Injection issue in Rapid7 Nexpose version prior to 6.6.49 that may have allowed an authenticated user with a low permission level to access resources & make changes they should not have been able to access.

5.5
2020-10-14 CVE-2020-4395 IBM Insufficient Session Expiration vulnerability in IBM Security Access Manager Appliance 9.0.7

IBM Security Access Manager Appliance 9.0.7 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

5.5
2020-10-12 CVE-2020-4779 IBM Improper Authentication vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0

A HTTP Verb Tampering vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10.

5.5
2020-10-12 CVE-2020-4774 IBM Injection vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0

An XPath vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, caused by the improper handling of user-supplied input.

5.5
2020-10-12 CVE-2020-4772 IBM XXE vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0

An XML External Entity Injection (XXE) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10.

5.5
2020-10-16 CVE-2020-16949 Microsoft Memory Leak vulnerability in Microsoft products

A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory, aka 'Microsoft Outlook Denial of Service Vulnerability'.

5.0
2020-10-16 CVE-2020-16896 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Information Disclosure Vulnerability'.

5.0
2020-10-16 CVE-2020-1685 Juniper Information Exposure Through Discrepancy vulnerability in Juniper Junos

When configuring stateless firewall filters in Juniper Networks EX4600 and QFX 5000 Series devices using Virtual Extensible LAN protocol (VXLAN), the discard action will fail to discard traffic under certain conditions.

5.0
2020-10-16 CVE-2020-1680 Juniper Incorrect Calculation of Buffer Size vulnerability in Juniper Junos 15.1/15.1X53/18.2

On Juniper Networks MX Series with MS-MIC or MS-MPC card configured with NAT64 configuration, receipt of a malformed IPv6 packet may crash the MS-PIC component on MS-MIC or MS-MPC.

5.0
2020-10-16 CVE-2020-1672 Juniper Improper Input Validation vulnerability in Juniper Junos

On Juniper Networks Junos OS devices configured with DHCPv6 relay enabled, receipt of a specific DHCPv6 packet might crash the jdhcpd daemon.

5.0
2020-10-16 CVE-2020-1671 Juniper Unspecified vulnerability in Juniper Junos 17.4/18.1/18.2

On Juniper Networks Junos OS platforms configured as DHCPv6 local server or DHCPv6 Relay Agent, Juniper Networks Dynamic Host Configuration Protocol Daemon (JDHCPD) process might crash with a core dump if a malformed DHCPv6 packet is received, resulting with the restart of the daemon.

5.0
2020-10-16 CVE-2020-1665 Juniper Unspecified vulnerability in Juniper Junos

On Juniper Networks MX Series and EX9200 Series, in a certain condition the IPv6 Distributed Denial of Service (DDoS) protection might not take affect when it reaches the threshold condition.

5.0
2020-10-16 CVE-2020-1657 Juniper Unspecified vulnerability in Juniper Junos

On SRX Series devices, a vulnerability in the key-management-daemon (kmd) daemon of Juniper Networks Junos OS allows an attacker to spoof packets targeted to IPSec peers before a security association (SA) is established thereby causing a failure to set up the IPSec channel.

5.0
2020-10-16 CVE-2020-9931 Apple Improper Input Validation vulnerability in Apple Ipad OS and Iphone OS

A denial of service issue was addressed with improved input validation.

5.0
2020-10-16 CVE-2020-9917 Apple Unspecified vulnerability in Apple Ipad OS and Iphone OS

This issue was addressed with improved checks.

5.0
2020-10-16 CVE-2020-9916 Apple Unspecified vulnerability in Apple products

A URL Unicode encoding issue was addressed with improved state management.

5.0
2020-10-16 CVE-2020-9914 Apple Improper Input Validation vulnerability in Apple Ipad OS and Iphone OS

An input validation issue existed in Bluetooth.

5.0
2020-10-16 CVE-2020-9911 Apple Unspecified vulnerability in Apple Safari

A logic issue was addressed with improved restrictions.

5.0
2020-10-16 CVE-2020-9903 Apple Origin Validation Error vulnerability in Apple Safari

A logic issue was addressed with improved restrictions.

5.0
2020-10-16 CVE-2020-4254 IBM Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Security Guardium BIG Data Intelligence 1.0

IBM Security Guardium Big Data Intelligence 1.0 (SonarG) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2020-10-16 CVE-2020-27178 Apereo Improper Authentication vulnerability in Apereo Central Authentication Service

Apereo CAS 5.3.x before 5.3.16, 6.x before 6.1.7.2, 6.2.x before 6.2.4, and 6.3.x before 6.3.0-RC4 mishandles secret keys with Google Authenticator for multifactor authentication.

5.0
2020-10-16 CVE-2020-25829 Powerdns
Opensuse
An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5.
5.0
2020-10-16 CVE-2020-27174 Amazon Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Amazon Firecracker

In Amazon AWS Firecracker before 0.21.3, and 0.22.x before 0.22.1, the serial console buffer can grow its memory usage without limit when data is sent to the standard input.

5.0
2020-10-16 CVE-2020-27173 VM Superio Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Vm-Superio Project Vm-Superio 0.1.0

In vm-superio before 0.1.1, the serial console FIFO can grow to unlimited memory usage when data is sent to the input source (i.e., standard input).

5.0
2020-10-15 CVE-2020-14185 Atlassian Information Exposure vulnerability in Atlassian Jira

Affected versions of Jira Server allow remote unauthenticated attackers to enumerate issue keys via a missing permissions check in the ActionsAndOperations resource.

5.0
2020-10-15 CVE-2020-1777 Otrs Information Exposure vulnerability in Otrs

Agent names that participates in a chat conversation are revealed in certain parts of the external interface as well as in chat transcriptions inside the tickets, when system is configured to mask real agent names.

5.0
2020-10-15 CVE-2020-25858 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm Mobile Access Point

The QCMAP_Web_CLIENT binary in the Qualcomm QCMAP software suite prior to versions released in October 2020 does not validate the return value of a strstr() or strchr() call in the Tokenizer() function.

5.0
2020-10-15 CVE-2020-11637 BR Automation Memory Leak vulnerability in Br-Automation Automation Runtime

A memory leak in the TFTP service in B&R Automation Runtime versions <N4.26, <N4.34, <F4.45, <E4.53, <D4.63, <A4.73 and prior could allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition.

5.0
2020-10-14 CVE-2020-0413 Google Out-of-bounds Read vulnerability in Google Android

In gatt_process_read_by_type_rsp of gatt_cl.cc, there is a possible out of bounds read due to a missing bounds check.

5.0
2020-10-14 CVE-2020-6083 Rockwellautomation Classic Buffer Overflow vulnerability in Rockwellautomation Allen-Bradley Flex IO 1794-Aent/B Firmware 4.003

An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment functionality of Allen-Bradley Flex IO 1794-AENT/B.

5.0
2020-10-13 CVE-2020-25645 Linux
Debian
Netapp
Opensuse
Canonical
Cleartext Transmission of Sensitive Information vulnerability in multiple products

A flaw was found in the Linux kernel in versions before 5.9-rc7.

5.0
2020-10-13 CVE-2018-20243 Apache Insufficiently Protected Credentials vulnerability in Apache Fineract

The implementation of POST with the username and password in the URL parameters exposed the credentials.

5.0
2020-10-12 CVE-2020-26546 Evolutionscript SQL Injection vulnerability in Evolutionscript Helpdeskz 1.0.2

** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in HelpDeskZ 1.0.2.

5.0
2020-10-12 CVE-2020-25825 Octopus Unspecified vulnerability in Octopus Deploy

In Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensitive information to the user in the task logs.

5.0
2020-10-12 CVE-2020-26869 Pcvuesolutions Unspecified vulnerability in Pcvuesolutions Pcvue 12/8.10

ARC Informatique PcVue prior to version 12.0.17 is vulnerable to information exposure, allowing unauthorized users to access session data of legitimate users.

5.0
2020-10-12 CVE-2020-26868 Pcvuesolutions Unspecified vulnerability in Pcvuesolutions Pcvue 12/8.10

ARC Informatique PcVue prior to version 12.0.17 is vulnerable to a denial-of-service attack due to the ability of an unauthorized user to modify information used to validate messages sent by legitimate web clients.

5.0
2020-10-12 CVE-2020-4780 IBM Insufficient Session Expiration vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0

OOTB build scripts does not set the secure attribute on session cookie which may impact IBM Curam Social Program Management 7.0.9 and 7.0,10.

5.0
2020-10-12 CVE-2020-4778 IBM Inadequate Encryption Strength vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0

IBM Curam Social Program Management 7.0.9 and 7.0.10 uses MD5 algorithm for hashing token in a single instance which less safe than default SHA-256 cryptographic algorithm used throughout the Cúram application.

5.0
2020-10-12 CVE-2020-4776 IBM Path Traversal vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0

A path traversal vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which could allow a remote attacker to traverse directories on the system.

5.0
2020-10-12 CVE-2020-5143 Sonicwall Information Exposure Through Discrepancy vulnerability in Sonicwall Sonicos and Sonicosv

SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses.

5.0
2020-10-12 CVE-2020-5140 Sonicwall Out-of-bounds Read vulnerability in Sonicwall Sonicos and Sonicosv

A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak.

5.0
2020-10-12 CVE-2020-5139 Sonicwall Release of Invalid Pointer or Reference vulnerability in Sonicwall Sonicos and Sonicosv

A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash.

5.0
2020-10-12 CVE-2020-5138 Sonicwall Out-of-bounds Write vulnerability in Sonicwall Sonicos and Sonicosv

A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to SonicOS crash.

5.0
2020-10-12 CVE-2020-5137 Sonicwall Classic Buffer Overflow vulnerability in Sonicwall Sonicos and Sonicosv

A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash.

5.0
2020-10-12 CVE-2020-5133 Sonicwall Classic Buffer Overflow vulnerability in Sonicwall Sonicos and Sonicosv

A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash.

5.0
2020-10-16 CVE-2020-16940 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles junction points, aka 'Windows - User Profile Service Elevation of Privilege Vulnerability'.

4.9
2020-10-16 CVE-2020-9964 Apple Improper Initialization vulnerability in Apple Ipad OS and Iphone OS

A memory initialization issue was addressed with improved memory handling.

4.9
2020-10-15 CVE-2020-6363 SAP Insufficient Session Expiration vulnerability in SAP Commerce Cloud

SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, exposes several web applications that maintain sessions with a user.

4.9
2020-10-14 CVE-2020-0400 Google Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0/11.0

In showDataRoamingNotification of NotificationMgr.java, there is a possible permission bypass due to an unsafe PendingIntent.

4.9
2020-10-14 CVE-2020-0398 Google Incorrect Permission Assignment for Critical Resource vulnerability in Google Android 10.0/11.0

In updateMwi of NotificationMgr.java, there is a possible permission bypass due to a PendingIntent error.

4.9
2020-10-14 CVE-2020-0378 Google Missing Authorization vulnerability in Google Android 10.0/11.0/9.0

In onWnmFrameReceived of PasspointManager.java, there is a missing permission check.

4.9
2020-10-14 CVE-2020-0246 Google Missing Authorization vulnerability in Google Android 10.0/11.0

In getCarrierPrivilegeStatus of UiccAccessRule.java, there is a missing permission check.

4.9
2020-10-13 CVE-2020-12933 AMD Out-of-bounds Read vulnerability in AMD Atikmdag.Sys 26.20.15029.27017

A denial of service vulnerability exists in the D3DKMTEscape handler functionality of AMD ATIKMDAG.SYS (e.g.

4.9
2020-10-13 CVE-2020-12911 AMD Out-of-bounds Read vulnerability in AMD Atikmdag.Sys 26.20.15029.27017

A denial of service vulnerability exists in the D3DKMTCreateAllocation handler functionality of AMD ATIKMDAG.SYS (e.g.

4.9
2020-10-16 CVE-2020-1674 Juniper Unspecified vulnerability in Juniper Junos 16.1/17.2/17.3

Juniper Networks Junos OS and Junos OS Evolved fail to drop/discard delayed MACsec packets (e.g.

4.8
2020-10-16 CVE-2020-16980 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows iSCSI Target Service improperly handles file operations, aka 'Windows iSCSI Target Service Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16976 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16975 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16974 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16973 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16972 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16939 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when Group Policy improperly checks access, aka 'Group Policy Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16936 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16920 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations, aka 'Windows Application Compatibility Client Library Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16912 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16909 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16905 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16900 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Event System improperly handles objects in memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Event System Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16892 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory.An attacker who successfully exploited the vulnerability could execute code with elevated permissions.To exploit the vulnerability, a locally authenticated attacker could run a specially crafted application.The security update addresses the vulnerability by ensuring the Windows kernel image properly handles objects in memory., aka 'Windows Image Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16887 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16885 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Storage VSP Driver improperly handles file operations, aka 'Windows Storage VSP Driver Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-16876 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Application Compatibility Client Library improperly handles registry operations, aka 'Windows Application Compatibility Client Library Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-1243 Microsoft Unspecified vulnerability in Microsoft products

A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests., aka 'Windows Hyper-V Denial of Service Vulnerability'.

4.6
2020-10-16 CVE-2020-0764 Microsoft Improper Privilege Management vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Storage Services improperly handle file operations, aka 'Windows Storage Services Elevation of Privilege Vulnerability'.

4.6
2020-10-16 CVE-2020-9946 Apple Improper Locking vulnerability in Apple Ipad OS and Iphone OS

This issue was addressed with improved checks.

4.6
2020-10-16 CVE-2020-26893 Clamxav Insufficient Verification of Data Authenticity vulnerability in Clamxav

An issue was discovered in ClamXAV 3 before 3.1.1.

4.6
2020-10-15 CVE-2020-7327 Mcafee Authentication Bypass by Spoofing vulnerability in Mcafee Mvision Endpoint Detection and Response 3.0.0/3.1.0

Improperly implemented security check in McAfee MVISION Endpoint Detection and Response Client (MVEDR) prior to 3.2.0 may allow local administrators to execute malicious code via stopping a core Windows service leaving McAfee core trust component in an inconsistent state resulting in MVEDR failing open rather than closed

4.6
2020-10-15 CVE-2020-7326 Mcafee Authentication Bypass by Spoofing vulnerability in Mcafee Active Response

Improperly implemented security check in McAfee Active Response (MAR) prior to 2.4.4 may allow local administrators to execute malicious code via stopping a core Windows service leaving McAfee core trust component in an inconsistent state resulting in MAR failing open rather than closed

4.6
2020-10-15 CVE-2020-7334 Mcafee Improper Privilege Management vulnerability in Mcafee Application and Change Control

Improper privilege assignment vulnerability in the installer McAfee Application and Change Control (MACC) prior to 8.3.2 allows local administrators to change or update the configuration settings via a carefully constructed MSI configured to mimic the genuine installer.

4.6
2020-10-14 CVE-2020-3427 Cisco Improper Handling of Exceptional Conditions vulnerability in Cisco DUO Authentication FOR Windows Logon and RDP

The Windows Logon installer prior to 4.1.2 did not properly validate file installation paths.

4.6
2020-10-14 CVE-2019-2194 Google Incorrect Type Conversion or Cast vulnerability in Google Android 9.0

In SurfaceFlinger::createLayer of SurfaceFlinger.cpp, there is a possible arbitrary code execution due to improper casting.

4.6
2020-10-14 CVE-2020-7330 Mcafee Improper Privilege Management vulnerability in Mcafee Total Protection 4.0.161.1

Privilege Escalation vulnerability in McAfee Total Protection (MTP) trial prior to 4.0.176.1 allows local users to schedule tasks which call malicious software to execute with elevated privileges via editing of environment variables

4.6
2020-10-13 CVE-2020-7590 Siemens Use of Hard-coded Password vulnerability in Siemens DCA Vantage Analyzer Firmware

A vulnerability has been identified in DCA Vantage Analyzer (All versions < V4.5 are affected by CVE-2020-7590.

4.6
2020-10-12 CVE-2020-9090 Huawei Incorrect Authorization vulnerability in Huawei Fusionaccess 6.5.1

FusionAccess version 6.5.1 has an improper authorization vulnerability.

4.6
2020-10-12 CVE-2020-7811 Samsung Deserialization of Untrusted Data vulnerability in Samsung Update

Samsung Update 3.0.2.0 ~ 3.0.32.0 has a vulnerability that allows privilege escalation as commands crafted by attacker are executed while the engine deserializes the data received during inter-process communication

4.6
2020-10-14 CVE-2020-8345 Lenovo Uncontrolled Search Path Element vulnerability in Lenovo Hardware Scan

A DLL search path vulnerability was reported in the Lenovo HardwareScan Plugin for the Lenovo Vantage hardware scan feature prior to version 1.0.46.11 that could allow escalation of privilege.

4.4
2020-10-16 CVE-2020-16969 Microsoft Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019

An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages, aka 'Microsoft Exchange Information Disclosure Vulnerability'.

4.3
2020-10-16 CVE-2020-16950 Microsoft Information Exposure vulnerability in Microsoft Sharepoint Server 2019

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory, aka 'Microsoft SharePoint Information Disclosure Vulnerability'.

4.3
2020-10-16 CVE-2020-16937 Microsoft Information Exposure vulnerability in Microsoft .Net Framework

An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory, aka '.NET Framework Information Disclosure Vulnerability'.

4.3
2020-10-16 CVE-2020-16910 Microsoft Improper Preservation of Permissions vulnerability in Microsoft products

A security feature bypass vulnerability exists when Microsoft Windows fails to handle file creation permissions, which could allow an attacker to create files in a protected Unified Extensible Firmware Interface (UEFI) location.To exploit this vulnerability, an attacker could run a specially crafted application to bypass Unified Extensible Firmware Interface (UEFI) variable security in Windows.The security update addresses the vulnerability by correcting security feature behavior to enforce permissions., aka 'Windows Security Feature Bypass Vulnerability'.

4.3
2020-10-16 CVE-2020-1684 Juniper Resource Exhaustion vulnerability in Juniper Junos 12.3X48/15.1X49/18.2

On Juniper Networks SRX Series configured with application identification inspection enabled, receipt of specific HTTP traffic can cause high CPU load utilization, which could lead to traffic interruption.

4.3
2020-10-16 CVE-2020-1679 Juniper Unspecified vulnerability in Juniper Junos

On Juniper Networks PTX and QFX Series devices with packet sampling configured using tunnel-observation mpls-over-udp, sampling of a malformed packet can cause the Kernel Routing Table (KRT) queue to become stuck.

4.3
2020-10-16 CVE-2020-1677 Juniper Insufficient Verification of Data Authenticity vulnerability in Juniper Mist Cloud UI

When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle child elements in SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls.

4.3
2020-10-16 CVE-2020-1676 Juniper Improper Handling of Exceptional Conditions vulnerability in Juniper Mist Cloud UI

When SAML authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly handle SAML responses, allowing a remote attacker to modify a valid SAML response without invalidating its cryptographic signature to bypass SAML authentication security controls.

4.3
2020-10-16 CVE-2020-1675 Juniper Improper Authentication vulnerability in Juniper Mist Cloud UI

When Security Assertion Markup Language (SAML) authentication is enabled, Juniper Networks Mist Cloud UI might incorrectly process invalid authentication certificates which could allow a malicious network-based user to access unauthorized data.

4.3
2020-10-16 CVE-2020-1662 Juniper Unspecified vulnerability in Juniper Junos

On Juniper Networks Junos OS and Junos OS Evolved devices, BGP session flapping can lead to a routing process daemon (RPD) crash and restart, limiting the attack surface to configured BGP peers.

4.3
2020-10-16 CVE-2020-1661 Juniper Unspecified vulnerability in Juniper Junos 12.3/15.1

On Juniper Networks Junos OS devices configured as a DHCP forwarder, the Juniper Networks Dynamic Host Configuration Protocol Daemon (jdhcp) process might crash when receiving a malformed DHCP packet.

4.3
2020-10-16 CVE-2020-9976 Apple Information Exposure vulnerability in Apple products

A logic issue was addressed with improved state management.

4.3
2020-10-16 CVE-2020-9968 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved restrictions.

4.3
2020-10-16 CVE-2020-9933 Apple Incorrect Authorization vulnerability in Apple products

An authorization issue was addressed with improved state management.

4.3
2020-10-16 CVE-2020-9925 Apple Cross-site Scripting vulnerability in Apple products

A logic issue was addressed with improved state management.

4.3
2020-10-16 CVE-2020-9915 Apple Unspecified vulnerability in Apple products

An access issue existed in Content Security Policy.

4.3
2020-10-16 CVE-2020-9909 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved bounds checking.

4.3
2020-10-16 CVE-2020-9894 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

4.3
2020-10-16 CVE-2020-9885 Apple Insufficient Verification of Data Authenticity vulnerability in Apple products

An issue existed in the handling of iMessage tapbacks.

4.3
2020-10-16 CVE-2020-24408 Magento Cross-site Scripting vulnerability in Magento

Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by a persistent XSS vulnerability that allows users to upload malicious JavaScript via the file upload component.

4.3
2020-10-16 CVE-2020-16270 Olimpoks Cross-site Scripting vulnerability in Olimpoks Olimpok

OLIMPOKS under 3.3.39 allows Auth/Admin ErrorMessage XSS.

4.3
2020-10-16 CVE-2019-18795 Un4Seen Out-of-bounds Read vulnerability in Un4Seen Bass

The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile out of bounds read vulnerability via a crafted .wav file.

4.3
2020-10-16 CVE-2019-18794 Un4Seen Use After Free vulnerability in Un4Seen Bass

The BASS Audio Library 2.4.14 under Windows is prone to a BASS_StreamCreateFile Use after Free vulnerability via a crafted .ogg file.

4.3
2020-10-16 CVE-2020-26584 Sagedpw Cross-site Scripting vulnerability in Sagedpw Sage DPW 202006000/202006001

An issue was discovered in Sage DPW 2020_06_x before 2020_06_002.

4.3
2020-10-16 CVE-2020-26583 Sagedpw Unrestricted Upload of File with Dangerous Type vulnerability in Sagedpw Sage DPW 202006000/202006001

An issue was discovered in Sage DPW 2020_06_x before 2020_06_002.

4.3
2020-10-16 CVE-2020-27163 Phpredisadmin Project Cross-site Scripting vulnerability in PHPredisadmin Project PHPredisadmin

phpRedisAdmin before 1.13.2 allows XSS via the login.php username parameter.

4.3
2020-10-15 CVE-2020-6107 F2Fs Tools Project Out-of-bounds Read vulnerability in F2Fs-Tools Project F2Fs-Tools 1.12.0/1.13.0

An exploitable information disclosure vulnerability exists in the dev_read functionality of F2fs-Tools F2fs.Fsck 1.13.

4.3
2020-10-15 CVE-2020-6106 F2Fs Tools Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in F2Fs-Tools Project F2Fs-Tools 1.12.0/1.13.0

An exploitable information disclosure vulnerability exists in the init_node_manager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13.

4.3
2020-10-15 CVE-2020-6104 F2Fs Tools Project Out-of-bounds Read vulnerability in F2Fs-Tools Project F2Fs-Tools 1.12.0/1.13.0

An exploitable information disclosure vulnerability exists in the get_dnode_of_data functionality of F2fs-Tools F2fs.Fsck 1.13.

4.3
2020-10-15 CVE-2020-21674 Libarchive Out-of-bounds Write vulnerability in Libarchive 3.4.1

Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.1dev allows remote attackers to cause a denial of service (out-of-bounds write in heap memory resulting into a crash) via a crafted archive file.

4.3
2020-10-15 CVE-2020-7744 Mintegral Cleartext Transmission of Sensitive Information vulnerability in Mintegral Mintegraladsdk

This affects all versions of package com.mintegral.msdk:alphab.

4.3
2020-10-15 CVE-2020-6376 SAP Improper Input Validation vulnerability in SAP 3D Visual Enterprise Viewer 9

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated Right Hemisphere Binary (.rh) file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

4.3
2020-10-15 CVE-2020-6375 SAP Improper Input Validation vulnerability in SAP 3D Visual Enterprise Viewer 9

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated Right Computer Graphics Metafile (.cgm) file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation.

4.3
2020-10-15 CVE-2020-6323 SAP Cross-site Scripting vulnerability in SAP Netweaver Enterprise Portal 7.31/7.40/7.50

SAP NetWeaver Enterprise Portal (Fiori Framework Page) versions - 7.50, 7.31, 7.40, does not sufficiently encode user-controlled inputs and allows an attacker on a valid session to create an XSS that will be both reflected immediately and also be persisted and returned in further access to the system, resulting in Cross Site Scripting.

4.3
2020-10-15 CVE-2020-6319 SAP Cross-site Scripting vulnerability in SAP Netweaver Application Server Java

SAP NetWeaver Application Server Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 allows an unauthenticated attacker to include JavaScript blocks in any web page or URL with different symbols which are otherwise not allowed.

4.3
2020-10-14 CVE-2020-24188 Unitedplanet Cross-site Scripting vulnerability in Unitedplanet Intrexx 5.2/6.0

Cross-site scripting (XSS) vulnerability in the search functionality in United Planet Intrexx Professional before 20.03 allows remote attackers to inject arbitrary web script or HTML via the request parameter.

4.3
2020-10-14 CVE-2020-0414 Google Incorrect Default Permissions vulnerability in Google Android 10.0/11.0

In AudioFlinger::RecordThread::threadLoop of audioflinger/Threads.cpp, there is a possible non-silenced audio buffer due to a permissions bypass.

4.3
2020-10-14 CVE-2020-0411 Google Use of Uninitialized Resource vulnerability in Google Android 10.0/11.0

In ~AACExtractor() of AACExtractor.cpp, there is a possible out of bounds write due to uninitialized data.

4.3
2020-10-13 CVE-2020-17411 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware 3D 9.5.0.20733/9.7.0.29430

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 10.0.0.35798.

4.3
2020-10-12 CVE-2020-12670 Webmin Cross-site Scripting vulnerability in Webmin

XSS exists in Webmin 1.941 and earlier affecting the Save function of the Read User Email Module / mailboxes Endpoint when attempting to save HTML emails.

4.3
2020-10-12 CVE-2020-4740 IBM Injection vulnerability in IBM Infosphere Information Server 11.5/11.7

IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to HTML injection.

4.3
2020-10-12 CVE-2020-4773 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0

A cross-site request forgery (CSRF) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which is an attack that forces a user to execute unwanted actions on the web application while they are currently authenticated.

4.3
2020-10-12 CVE-2020-5142 Sonicwall Cross-site Scripting vulnerability in Sonicwall Sonicos and Sonicosv

A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface.

4.3
2020-10-16 CVE-2020-16953 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory, aka 'Microsoft SharePoint Information Disclosure Vulnerability'.

4.0
2020-10-16 CVE-2020-16948 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory, aka 'Microsoft SharePoint Information Disclosure Vulnerability'.

4.0
2020-10-16 CVE-2020-1667 Juniper Race Condition vulnerability in Juniper Junos

When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process might be bypassed due to a race condition.

4.0
2020-10-16 CVE-2020-26183 Dell Files or Directories Accessible to External Parties vulnerability in Dell EMC Networker

Dell EMC NetWorker versions prior to 19.3.0.2 contain an improper authorization vulnerability.

4.0
2020-10-16 CVE-2020-26182 Dell Files or Directories Accessible to External Parties vulnerability in Dell EMC Networker

Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability.

4.0
2020-10-15 CVE-2020-15794 Siemens Information Exposure Through an Error Message vulnerability in Siemens Desigo Insight 4.0/5.0/6.0

A vulnerability has been identified in Desigo Insight (All versions).

4.0
2020-10-15 CVE-2020-15792 Siemens SQL Injection vulnerability in Siemens Desigo Insight 4.0/5.0/6.0

A vulnerability has been identified in Desigo Insight (All versions).

4.0
2020-10-15 CVE-2020-11646 BR Automation Unspecified vulnerability in Br-Automation products

A log information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to view log information reserved for other users.

4.0
2020-10-15 CVE-2020-11645 BR Automation Resource Exhaustion vulnerability in Br-Automation products

A denial of service vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to limit availability of GateManager instances.

4.0
2020-10-15 CVE-2020-11644 BR Automation Unspecified vulnerability in Br-Automation products

The information disclosure vulnerability present in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to generate fake audit log messages.

4.0
2020-10-15 CVE-2020-11643 BR Automation Information Exposure Through Log Files vulnerability in Br-Automation products

An information disclosure vulnerability in B&R GateManager 4260 and 9250 versions <9.0.20262 and GateManager 8250 versions <9.2.620236042 allows authenticated users to view information of devices belonging to foreign domains.

4.0
2020-10-15 CVE-2020-11642 BR Automation Files or Directories Accessible to External Parties vulnerability in Br-Automation Sitemanager

The local file inclusion vulnerability present in B&R SiteManager versions <9.2.620236042 allows authenticated users to impact availability of SiteManager instances.

4.0
2020-10-15 CVE-2020-11641 BR Automation Files or Directories Accessible to External Parties vulnerability in Br-Automation Sitemanager

A local file inclusion vulnerability in B&R SiteManager versions <9.2.620236042 allows authenticated users to read sensitive files from SiteManager instances.

4.0
2020-10-15 CVE-2020-6371 SAP Information Exposure vulnerability in SAP Netweaver AS Abap

User enumeration vulnerability can be exploited to get a list of user accounts and personal user information can be exposed in SAP NetWeaver Application Server ABAP (POWL test application) versions - 710, 711, 730, 731, 740, 750, leading to Information Disclosure.

4.0
2020-10-13 CVE-2020-15251 Mirahezebots Missing Authorization vulnerability in Mirahezebots Channelmgnt 1.0.0/1.0.1/1.0.2

In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version 1.0.3, malicious users are able to op/voice and take over a channel.

4.0
2020-10-12 CVE-2020-4678 IBM Information Exposure vulnerability in IBM Security Guardium 11.2

IBM Security Guardium 11.2 could allow an attacker with admin access to obtain and read files that they normally would not have access to.

4.0
2020-10-12 CVE-2020-13341 Gitlab Incorrect Permission Assignment for Critical Resource vulnerability in Gitlab

An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2.

4.0
2020-10-12 CVE-2020-13943 Apache
Debian
If an HTTP/2 client connecting to Apache Tomcat 10.0.0-M1 to 10.0.0-M7, 9.0.0.M1 to 9.0.37 or 8.5.0 to 8.5.57 exceeded the agreed maximum number of concurrent streams for a connection (in violation of the HTTP/2 protocol), it was possible that a subsequent request made on that connection could contain HTTP headers - including HTTP/2 pseudo headers - from a previous request rather than the intended headers.
4.0
2020-10-12 CVE-2020-4781 IBM Improper Input Validation vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0

An improper input validation before calling java readLine() method may impact IBM Curam Social Program Management 7.0.9 and 7.0.10, which could result in a denial of service.

4.0
2020-10-12 CVE-2020-5136 Sonicwall Classic Buffer Overflow vulnerability in Sonicwall Sonicos and Sonicosv

A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Service (DoS) in the SSL-VPN and virtual assist portal, which leads to a firewall crash.

4.0
2020-10-12 CVE-2020-5134 Sonicwall Out-of-bounds Read vulnerability in Sonicwall Sonicos and Sonicosv

A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash.

4.0

76 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-10-16 CVE-2020-16877 Microsoft Improper Privilege Management vulnerability in Microsoft Windows 10 and Windows Server 2016

An elevation of privilege vulnerability exists when Microsoft Windows improperly handles reparse points, aka 'Windows Elevation of Privilege Vulnerability'.

3.6
2020-10-16 CVE-2020-3991 Vmware Unspecified vulnerability in VMWare Horizon Client

VMware Horizon Client for Windows (5.x before 5.5.0) contains a denial-of-service vulnerability due to a file system access control issue during install time.

3.6
2020-10-14 CVE-2020-27013 Trendmicro Unspecified vulnerability in Trendmicro Antivirus 2020

Trend Micro Antivirus for Mac 2020 (Consumer) contains a vulnerability in the product that occurs when a webserver is started that implements an API with several properties that can be read and written to allowing the attacker to gather and modify sensitive product and user data.

3.6
2020-10-18 CVE-2020-13893 Sage Cross-site Scripting vulnerability in Sage Easypay 10.7.5.10

Multiple stored cross-site scripting (XSS) vulnerabilities in Sage EasyPay 10.7.5.10 allow authenticated attackers to inject arbitrary web script or HTML via multiple parameters through Unicode Transformations (Best-fit Mapping), as demonstrated by the full-width variants of the less-than sign (%EF%BC%9C) and greater-than sign (%EF%BC%9E).

3.5
2020-10-16 CVE-2020-16978 Microsoft Cross-site Scripting vulnerability in Microsoft Dynamics 365 9.0

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.

3.5
2020-10-16 CVE-2020-16956 Microsoft Cross-site Scripting vulnerability in Microsoft Dynamics 365 8.2/9.0

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.

3.5
2020-10-16 CVE-2020-16946 Microsoft Cross-site Scripting vulnerability in Microsoft products

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.

3.5
2020-10-16 CVE-2020-16945 Microsoft Cross-site Scripting vulnerability in Microsoft products

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'.

3.5
2020-10-16 CVE-2020-16944 Microsoft Cross-site Scripting vulnerability in Microsoft products

This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint Reflective XSS Vulnerability'.

3.5
2020-10-16 CVE-2020-26672 Testimonial Rotator Project Cross-site Scripting vulnerability in Testimonial Rotator Project Testimonial Rotator

Testimonial Rotator Wordpress Plugin 3.0.2 is affected by Cross Site Scripting (XSS) in /wp-admin/post.php.

3.5
2020-10-15 CVE-2020-6368 SAP Cross-site Scripting vulnerability in SAP Business Planning and Consolidation

SAP Business Planning and Consolidation, versions - 750, 751, 752, 753, 754, 755, 810, 100, 200, can be abused by an attacker, allowing them to modify displayed application content without authorization, and to potentially obtain authentication information from other legitimate users, leading to Cross Site Scripting.

3.5
2020-10-15 CVE-2020-6272 SAP Cross-site Scripting vulnerability in SAP Commerce Cloud

SAP Commerce Cloud versions - 1808, 1811, 1905, 2005, does not sufficiently encode user inputs, which allows an authenticated and authorized content manager to inject malicious script into several web CMS components.

3.5
2020-10-14 CVE-2020-15253 Grocy Cross-site Scripting vulnerability in Grocy

Versions of Grocy <= 2.7.1 are vulnerable to Cross-Site Scripting via the Create Shopping List module, that is rendered upon deleting that Shopping List.

3.5
2020-10-12 CVE-2020-8821 Webmin Injection vulnerability in Webmin

An Improper Data Validation Vulnerability exists in Webmin 1.941 and earlier affecting the Command Shell Endpoint.

3.5
2020-10-12 CVE-2020-8820 Webmin Cross-site Scripting vulnerability in Webmin

An XSS Vulnerability exists in Webmin 1.941 and earlier affecting the Cluster Shell Commands Endpoint.

3.5
2020-10-12 CVE-2020-4741 IBM Cross-site Scripting vulnerability in IBM Infosphere Information Server 11.5/11.7

IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to stored cross-site scripting.

3.5
2020-10-12 CVE-2020-4681 IBM Cross-site Scripting vulnerability in IBM Security Guardium 11.2

IBM Security Guardium 11.2 is vulnerable to cross-site scripting.

3.5
2020-10-12 CVE-2020-4680 IBM Cross-site Scripting vulnerability in IBM Security Guardium 11.2

IBM Security Guardium 11.2 is vulnerable to cross-site scripting.

3.5
2020-10-12 CVE-2020-4679 IBM Cross-site Scripting vulnerability in IBM Security Guardium 11.2

IBM Security Guardium 11.2 is vulnerable to cross-site scripting.

3.5
2020-10-12 CVE-2020-4775 IBM Cross-site Scripting vulnerability in IBM Curam Social Program Management 7.0.10.0/7.0.9.0

A cross-site scripting (XSS) vulnerability may impact IBM Curam Social Program Management 7.0.9 and 7.0.10.

3.5
2020-10-12 CVE-2020-14184 Atlassian Cross-site Scripting vulnerability in Atlassian Jira

Affected versions of Atlassian Jira Server allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in Jira issue filter export files.

3.5
2020-10-16 CVE-2020-16943 Microsoft Incorrect Authorization vulnerability in Microsoft Dynamics 365

An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce, aka 'Dynamics 365 Commerce Elevation of Privilege Vulnerability'.

3.3
2020-10-16 CVE-2020-1689 Juniper Resource Exhaustion vulnerability in Juniper Junos

On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in a Virtual Chassis configuration, receipt of a stream of specific layer 2 frames can cause high CPU load, which could lead to traffic interruption.

3.3
2020-10-16 CVE-2020-1681 Juniper Improper Handling of Exceptional Conditions vulnerability in Juniper Junos OS Evolved

Receipt of a specifically malformed NDP packet sent from the local area network (LAN) to a device running Juniper Networks Junos OS Evolved can cause the ndp process to crash, resulting in a Denial of Service (DoS).

3.3
2020-10-16 CVE-2020-1670 Juniper Resource Exhaustion vulnerability in Juniper Junos

On Juniper Networks EX4300 Series, receipt of a stream of specific IPv4 packets can cause Routing Engine (RE) high CPU load, which could lead to network protocol operation issue and traffic interruption.

3.3
2020-10-16 CVE-2020-1668 Juniper Resource Exhaustion vulnerability in Juniper Junos 18.1/18.2/18.3

On Juniper Networks EX2300 Series, receipt of a stream of specific multicast packets by the layer2 interface can cause high CPU load, which could lead to traffic interruption.

3.3
2020-10-16 CVE-2019-12305 Actions Micro Use of Password Hash With Insufficient Computational Effort vulnerability in Actions-Micro Ezcast PRO II Firmware

In EZCast Pro II, the administrator password md5 hash is provided upon a web request.

3.3
2020-10-14 CVE-2020-3483 Cisco Insufficiently Protected Credentials vulnerability in Cisco DUO Network Gateway

Duo has identified and fixed an issue with the Duo Network Gateway (DNG) product in which some customer-provided SSL certificates and private keys were not excluded from logging.

3.3
2020-10-13 CVE-2020-17409 Netgear Authentication Bypass Using an Alternate Path or Channel vulnerability in Netgear products

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R6120, R6080, R6260, R6220, R6020, JNR3210, and WNR2020 routers with firmware 1.0.66.

3.3
2020-10-12 CVE-2020-9238 Huawei Classic Buffer Overflow vulnerability in Huawei Taurus-An00B Firmware

Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability.

3.3
2020-10-12 CVE-2020-9230 Huawei Insufficient Verification of Data Authenticity vulnerability in Huawei Ws5800-10 Firmware 10.0.3.25

WS5800-10 version 10.0.3.25 has a denial of service vulnerability.

3.3
2020-10-12 CVE-2020-9122 Huawei Improper Input Validation vulnerability in Huawei products

Some Huawei products have an insufficient input verification vulnerability.

3.3
2020-10-16 CVE-2020-1687 Juniper Resource Exhaustion vulnerability in Juniper Junos 17.3/17.4/18.1

On Juniper Networks EX4300-MP Series, EX4600 Series and QFX5K Series deployed in (Ethernet VPN) EVPN-(Virtual Extensible LAN) VXLAN configuration, receipt of a stream of specific VXLAN encapsulated layer 2 frames can cause high CPU load, which could lead to network protocol operation issue and traffic interruption.

2.9
2020-10-16 CVE-2020-1678 Juniper Memory Leak vulnerability in Juniper Junos and Junos OS Evolved

On Juniper Networks Junos OS and Junos OS Evolved platforms with EVPN configured, receipt of specific BGP packets causes a slow memory leak.

2.9
2020-10-12 CVE-2020-4699 IBM Information Exposure Through Discrepancy vulnerability in IBM Security Access Manager and Security Verify Access

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the system.

2.9
2020-10-12 CVE-2020-4661 IBM Information Exposure Through Discrepancy vulnerability in IBM Security Access Manager and Security Verify Access

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the system.

2.9
2020-10-12 CVE-2020-4660 IBM Information Exposure Through Discrepancy vulnerability in IBM Security Access Manager and Security Verify Access

IBM Security Access Manager 9.0.7 and IBM Security Verify Access 10.0.0 could allow an attacker to obtain sensitive using timing side channel attacks which could aid in further attacks against the system.

2.9
2020-10-14 CVE-2020-15224 Openenclave Unspecified vulnerability in Openenclave

In Open Enclave before version 0.12.0, an information disclosure vulnerability exists when an enclave application using the syscalls provided by the sockets.edl is loaded by a malicious host application.

2.7
2020-10-16 CVE-2020-15157 Linuxfoundation
Canonical
Debian
Insufficiently Protected Credentials vulnerability in multiple products

In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability.

2.6
2020-10-14 CVE-2020-7318 Mcafee Cross-site Scripting vulnerability in Mcafee Epolicy Orchestrator 5.10.0/5.10.9

Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.

2.3
2020-10-14 CVE-2020-7317 Mcafee Cross-site Scripting vulnerability in Mcafee Epolicy Orchestrator

Cross-Site Scripting vulnerability in McAfee ePolicy Orchistrator (ePO) prior to 5.10.9 Update 9 allows administrators to inject arbitrary web script or HTML via parameter values for "syncPointList" not being correctly sanitsed.

2.3
2020-10-16 CVE-2020-16942 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages, aka 'Microsoft SharePoint Information Disclosure Vulnerability'.

2.1
2020-10-16 CVE-2020-16941 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages, aka 'Microsoft SharePoint Information Disclosure Vulnerability'.

2.1
2020-10-16 CVE-2020-16938 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.

2.1
2020-10-16 CVE-2020-16922 Microsoft Improper Verification of Cryptographic Signature vulnerability in Microsoft products

A spoofing vulnerability exists when Windows incorrectly validates file signatures, aka 'Windows Spoofing Vulnerability'.

2.1
2020-10-16 CVE-2020-16921 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

An information disclosure vulnerability exists in Text Services Framework when it fails to properly handle objects in memory, aka 'Windows Text Services Framework Information Disclosure Vulnerability'.

2.1
2020-10-16 CVE-2020-16919 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows Enterprise App Management Service improperly handles certain file operations, aka 'Windows Enterprise App Management Service Information Disclosure Vulnerability'.

2.1
2020-10-16 CVE-2020-16914 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI+ Information Disclosure Vulnerability'.

2.1
2020-10-16 CVE-2020-16901 Microsoft Improper Initialization vulnerability in Microsoft Windows 10 and Windows Server 2016

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.To exploit this vulnerability, an authenticated attacker could run a specially crafted application, aka 'Windows Kernel Information Disclosure Vulnerability'.

2.1
2020-10-16 CVE-2020-16897 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists when NetBIOS over TCP (NBT) Extensions (NetBT) improperly handle objects in memory, aka 'NetBT Information Disclosure Vulnerability'.

2.1
2020-10-16 CVE-2020-16889 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows KernelStream improperly handles objects in memory, aka 'Windows KernelStream Information Disclosure Vulnerability'.

2.1
2020-10-16 CVE-2020-27194 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 5.8.15.

2.1
2020-10-16 CVE-2020-1688 Juniper Missing Encryption of Sensitive Data vulnerability in Juniper Junos 12.3X48/15.1X49/18.2

On Juniper Networks SRX Series and NFX Series, a local authenticated user with access to the shell may obtain the Web API service private key that is used to provide encrypted communication between the Juniper device and the authenticator services.

2.1
2020-10-16 CVE-2020-1682 Juniper Improper Input Validation vulnerability in Juniper Junos 15.1X49/17.4

An input validation vulnerability exists in Juniper Networks Junos OS, allowing an attacker to crash the srxpfe process, causing a Denial of Service (DoS) through the use of specific maintenance commands.

2.1
2020-10-16 CVE-2020-1669 Juniper Insufficiently Protected Credentials vulnerability in Juniper Junos 19.4/20.1

The Juniper Device Manager (JDM) container, used by the disaggregated Junos OS architecture on Juniper Networks NFX350 Series devices, stores password hashes in the world-readable file /etc/passwd.

2.1
2020-10-16 CVE-2020-9959 Apple Improper Locking vulnerability in Apple Ipad OS and Iphone OS

A lock screen issue allowed access to messages on a locked device.

2.1
2020-10-16 CVE-2020-9934 Apple Unspecified vulnerability in Apple Ipad OS and Iphone OS

An issue existed in the handling of environment variables.

2.1
2020-10-16 CVE-2020-9913 Apple Unspecified vulnerability in Apple mac OS X

This issue was addressed with improved data protection.

2.1
2020-10-16 CVE-2020-9912 Apple Unspecified vulnerability in Apple Safari

A logic issue was addressed with improved restrictions.

2.1
2020-10-16 CVE-2020-24352 Qemu Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qemu

An issue was discovered in QEMU through 5.1.0.

2.1
2020-10-14 CVE-2020-25824 Telegram Missing Authorization vulnerability in Telegram Desktop

Telegram Desktop through 2.4.3 does not require passcode entry upon pushing the Export key within the Export Telegram Data wizard.

2.1
2020-10-14 CVE-2020-25778 Trendmicro Information Exposure vulnerability in Trendmicro Antivirus 2019/2020

Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in a specific kernel extension where an attacker could supply a kernel pointer and leak several bytes of memory.

2.1
2020-10-14 CVE-2020-6933 Blackberry Improper Input Validation vulnerability in Blackberry Unified Endpoint Manager

An improper input validation vulnerability in the UEM Core of BlackBerry UEM version(s) 12.13.0, 12.12.1a QF2 (and earlier), and 12.11.1 QF3 (and earlier) could allow an attacker to potentially cause a Denial of Service (DoS) of the UEM Core service.

2.1
2020-10-14 CVE-2020-0422 Google Insecure Storage of Sensitive Information vulnerability in Google Android

In constructImportFailureNotification of NotificationImportExportListener.java, there is a possible permissions bypass due to an unsafe PendingIntent.

2.1
2020-10-14 CVE-2020-0419 Google Missing Authorization vulnerability in Google Android

In generateInfo of PackageInstallerSession.java, there is a possible leak of cross-profile URI data during app installation due to a missing permission check.

2.1
2020-10-14 CVE-2020-0415 Google Incorrect Default Permissions vulnerability in Google Android

In various locations in SystemUI, there is a possible permission bypass due to an unsafe PendingIntent.

2.1
2020-10-14 CVE-2020-0412 Google Incorrect Default Permissions vulnerability in Google Android

In setProcessMemoryTrimLevel of ActivityManagerService.java, there is a missing permission check.

2.1
2020-10-14 CVE-2020-0410 Google Incorrect Default Permissions vulnerability in Google Android

In setNotification of SapServer.java, there is a possible permission bypass due to a PendingIntent error.

2.1
2020-10-13 CVE-2020-25779 Trendmicro Unspecified vulnerability in Trendmicro Antivirus 2020

Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved websites list of Trend Micro Antivirus for Mac to bypass the web threat protection feature.

2.1
2020-10-12 CVE-2020-9240 Huawei Classic Buffer Overflow vulnerability in Huawei Taurus-An00B Firmware

Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability.

2.1
2020-10-12 CVE-2020-9110 Huawei Information Exposure vulnerability in Huawei Taurus-An00B Firmware

Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an information disclosure vulnerability.

2.1
2020-10-12 CVE-2020-9106 Huawei Untrusted Search Path vulnerability in Huawei P30 PRO Firmware

HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability.

2.1
2020-10-12 CVE-2020-9091 Huawei Out-of-bounds Read vulnerability in Huawei Taurus-An00B Firmware 10.1.0.156(C00E155R7P2)

Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an out-of-bounds read and write vulnerability.

2.1
2020-10-12 CVE-2020-9087 Huawei Out-of-bounds Read vulnerability in Huawei Taurus-Al00A Firmware 10.0.0.1(C00E1R1P1)

Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds read vulnerability in XFRM module.

2.1
2020-10-12 CVE-2020-15250 Junit
Debian
Apache
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability.

1.9
2020-10-12 CVE-2020-9109 Huawei Insufficient Verification of Data Authenticity vulnerability in Huawei products

There is an information disclosure vulnerability in several smartphones.

1.9