Weekly Vulnerabilities Reports > October 19 to 25, 2020

Overview

350 new vulnerabilities reported during this period, including 62 critical vulnerabilities and 177 high severity vulnerabilities. This weekly summary report vulnerabilities in 195 products from 96 vendors including HP, Apple, Cisco, Adobe, and Bigbluebutton. Vulnerabilities are notably categorized as "Expression Language Injection", "Out-of-bounds Write", "Cross-site Scripting", "Out-of-bounds Read", and "Classic Buffer Overflow".

  • 233 reported vulnerabilities are remotely exploitables.
  • 4 reported vulnerabilities have public exploit available.
  • 118 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 231 reported vulnerabilities are exploitable by an anonymous user.
  • HP has the most reported vulnerabilities, with 65 reported vulnerabilities.
  • HP has the most reported critical vulnerabilities, with 40 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

62 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-10-23 CVE-2020-25483 Ucms Project Unrestricted Upload of File with Dangerous Type vulnerability in Ucms Project Ucms 1.4.8

An arbitrary command execution vulnerability exists in the fopen() function of file writes of UCMS v1.4.8, where an attacker can gain access to the server.

9.8
2020-10-23 CVE-2020-25466 Crmeb Server-Side Request Forgery (SSRF) vulnerability in Crmeb 3.0

A SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely download arbitrary files on the server and remotely execute arbitrary code.

9.8
2020-10-22 CVE-2020-15684 Mozilla Use After Free vulnerability in Mozilla Firefox

Mozilla developers reported memory safety bugs present in Firefox 81.

9.8
2020-10-22 CVE-2020-15683 Mozilla
Debian
Opensuse
Use After Free vulnerability in multiple products

Mozilla developers and community members reported memory safety bugs present in Firefox 81 and Firefox ESR 78.3.

9.8
2020-10-22 CVE-2019-17006 Siemens
Mozilla
Netapp
Improper Input Validation vulnerability in multiple products

In Network Security Services (NSS) before 3.46, several cryptographic primitives had missing length checks.

9.8
2020-10-22 CVE-2020-27664 Strapi Unspecified vulnerability in Strapi

admin/src/containers/InputModalStepperProvider/index.js in Strapi before 3.2.5 has unwanted /proxy?url= functionality.

9.8
2020-10-22 CVE-2020-9898 Apple Unspecified vulnerability in Apple Iphone OS

This issue was addressed with improved entitlements.

9.8
2020-10-22 CVE-2020-15906 Tiki Improper Restriction of Excessive Authentication Attempts vulnerability in Tiki

tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts.

9.8
2020-10-22 CVE-2020-27619 Python
Fedoraproject
Oracle
In Python 3 through 3.9.0, the Lib/test/multibytecodec_support.py CJK codec tests call eval() on content retrieved via HTTP.
9.8
2020-10-21 CVE-2020-27615 Loginizer SQL Injection vulnerability in Loginizer

The Loginizer plugin before 1.6.4 for WordPress allows SQL injection (with resultant XSS), related to loginizer_login_failed and lz_valid_ip.

9.8
2020-10-21 CVE-2020-27605 Bigbluebutton Unspecified vulnerability in Bigbluebutton

BigBlueButton through 2.2.28 uses Ghostscript for processing of uploaded EPS documents, and consequently may be subject to attacks related to a "schwache Sandbox."

9.8
2020-10-20 CVE-2020-3992 Vmware Use After Free vulnerability in VMWare Esxi 6.5/6.7

OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue.

9.8
2020-10-20 CVE-2020-5640 Onethird Unspecified vulnerability in Onethird 1.96C

Local file inclusion vulnerability in OneThird CMS v1.96c and earlier allows a remote unauthenticated attacker to execute arbitrary code or obtain sensitive information via unspecified vectors.

9.8
2020-10-19 CVE-2020-15256 Object Path Project Unspecified vulnerability in Object-Path Project Object-Path

A prototype pollution vulnerability has been found in `object-path` <= 0.11.4 affecting the `set()` method.

9.8
2020-10-19 CVE-2020-7172 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A templateselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7171 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A guidatadetail expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7170 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A select expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7169 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7168 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A selectusergroup expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7167 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A quicktemplateselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7166 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A operatorgrouptreeselectcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7165 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A iccselectcommand expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7164 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A operationselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7163 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A navigationto expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7162 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A operatorgroupselectcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7161 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A reporttaskselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7160 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A iccselectdeviceseries expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7159 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A customtemplateselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7158 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A perfselecttask expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7157 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A selviewnavcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7156 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A faultinfo_content expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7155 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A select expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7154 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A ifviewselectpage expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7153 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A iccselectdevtype expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7152 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A faultparasset expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7151 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A faulttrapgroupselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7150 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A faultstatchoosefaulttype expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7149 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7148 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A deployselectsoftware expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7147 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A deployselectbootrom expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7146 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A devgroupselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7145 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A chooseperfview expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7144 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A comparefilesresult expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7143 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A faultdevparasset expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7142 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A eventinfo_content expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-7141 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A adddevicetoview expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-24652 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A addvsiinterfaceinfo expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-24651 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A syslogtempletselectwin expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-24650 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A legend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-24649 HP Improper Input Validation vulnerability in HP Intelligent Management Center

A remote bytemessageresource transformentity" input validation code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-24648 HP Deserialization of Untrusted Data vulnerability in HP Intelligent Management Center

A accessmgrservlet classname deserialization of untrusted data remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-24647 HP Improper Input Validation vulnerability in HP Intelligent Management Center

A remote accessmgrservlet classname input validation code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-24646 HP Out-of-bounds Write vulnerability in HP Intelligent Management Center

A tftpserver stack-based buffer overflow remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-19 CVE-2020-24629 HP Improper Authentication vulnerability in HP Intelligent Management Center

A remote urlaccesscontroller authentication bypass vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

9.8
2020-10-22 CVE-2020-9920 Apple Path Traversal vulnerability in Apple products

A path handling issue was addressed with improved validation.

9.1
2020-10-22 CVE-2020-9906 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved input validation.

9.1
2020-10-22 CVE-2019-16127 Microchip Integer Overflow or Wraparound vulnerability in Microchip Advanced Software Framework 4

Atmel Advanced Software Framework (ASF) 4 has an Integer Overflow.

9.1
2020-10-22 CVE-2020-9868 Apple Improper Certificate Validation vulnerability in Apple products

A certificate validation issue existed when processing administrator added certificates.

9.1
2020-10-22 CVE-2020-27195 Hashicorp Unspecified vulnerability in Hashicorp Nomad

HashiCorp Nomad and Nomad Enterprise version 0.9.0 up to 0.12.5 client file sandbox feature can be subverted using either the template or artifact stanzas.

9.1
2020-10-21 CVE-2020-15240 Auth0 Improper Verification of Cryptographic Signature vulnerability in Auth0 Omniauth-Auth0 2.3.0/2.3.1/2.4.0

omniauth-auth0 (rubygems) versions >= 2.3.0 and < 2.4.1 improperly validate the JWT token signature when using the `jwt_validator.verify` method.

9.1
2020-10-20 CVE-2020-15269 Sparksolutions Insufficient Session Expiration vulnerability in Sparksolutions Spree

In Spree before versions 3.7.11, 4.0.4, or 4.1.11, expired user tokens could be used to access Storefront API v2 endpoints.

9.1
2020-10-19 CVE-2020-16159 Gopro Out-of-bounds Read vulnerability in Gopro Gpmf-Parser 1.5

GoPro gpmf-parser 1.5 has a heap out-of-bounds read and segfault in GPMF_ScaledData().

9.1

177 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-10-23 CVE-2020-26561 Belkin Out-of-bounds Write vulnerability in Belkin Linksys WRT 160Nl Firmware 1.0.04

Belkin LINKSYS WRT160NL 1.0.04.002_US_20130619 devices have a stack-based buffer overflow vulnerability because of sprintf in create_dir in mini_httpd.

8.8
2020-10-22 CVE-2020-18129 Eyoucms Cross-Site Request Forgery (CSRF) vulnerability in Eyoucms 1.2.7

A CSRF vulnerability in Eyoucms v1.2.7 allows an attacker to add an admin account via login.php.

8.8
2020-10-22 CVE-2020-11853 Microfocus
HP
Arbitrary code execution vulnerability affecting multiple Micro Focus products.
8.8
2020-10-22 CVE-2020-24033 FS Cross-Site Request Forgery (CSRF) vulnerability in FS S3900 24T4S Firmware 1.7.0

An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier.

8.8
2020-10-21 CVE-2020-3456 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Firepower Extensible Operating System 2.4(1.249)

A vulnerability in the Cisco Firepower Chassis Manager (FCM) of Cisco FXOS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected device.

8.8
2020-10-21 CVE-2018-11764 Apache Missing Authentication for Critical Function vulnerability in Apache Hadoop 3.0.0

Web endpoint authentication check is broken in Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, and 3.0.0.

8.8
2020-10-21 CVE-2020-5651 Tipsandtricks HQ SQL Injection vulnerability in Tipsandtricks-Hq Simple Download Monitor

SQL injection vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attackers to execute arbitrary SQL commands via a specially crafted URL.

8.8
2020-10-20 CVE-2020-9417 Tibco SQL Injection vulnerability in Tibco products

The Transaction Insight reporting component of TIBCO Software Inc.'s TIBCO Foresight Archive and Retrieval System, TIBCO Foresight Archive and Retrieval System Healthcare Edition, TIBCO Foresight Operational Monitor, TIBCO Foresight Operational Monitor Healthcare Edition, TIBCO Foresight Transaction Insight, and TIBCO Foresight Transaction Insight Healthcare Edition contains a vulnerability that theoretically allows an authenticated attacker to perform SQL injection.

8.8
2020-10-20 CVE-2019-4680 IBM SQL Injection vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.2.2 is vulnerable to SQL injection.

8.8
2020-10-19 CVE-2020-7195 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A iccselectrules expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7194 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A perfaddormoddevicemonitor expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7193 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A ictexpertcsvdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7192 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A devicethresholdconfig expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7191 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A devsoftsel expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7190 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A deviceselect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7189 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A faultflasheventselectfact expression language injectionremote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7188 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A userselectpagingcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7187 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A reportpage index expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7186 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A powershellconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7185 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A tvxlanlegend expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7184 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A viewbatchtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7183 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A forwardredirect expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7182 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A sshconfig expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7181 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A smsrulesdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7180 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A ictexpertdownload expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7179 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A thirdpartyperfselecttask expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7178 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A mediaforaction expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7177 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A wmiconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7176 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A viewtaskresultdetailfact expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7175 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A iccselectdymicparam expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7174 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A soapconfigcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-7173 HP Expression Language Injection vulnerability in HP Intelligent Management Center

A actionselectcontent expression language injection remote code execution vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-24630 HP Unspecified vulnerability in HP Intelligent Management Center

A remote operatoronlinelist_content privilege escalation vulnerability was discovered in HPE Intelligent Management Center (iMC) version(s): Prior to iMC PLAT 7.3 (E0705P07).

8.8
2020-10-19 CVE-2020-16158 Gopro Out-of-bounds Write vulnerability in Gopro Gpmf-Parser

GoPro gpmf-parser through 1.5 has a stack out-of-bounds write vulnerability in GPMF_ExpandComplexTYPE().

8.8
2020-10-19 CVE-2020-15909 Solarwinds Session Fixation vulnerability in Solarwinds N-Central

SolarWinds N-central through 2020.1 allows session hijacking and requires user interaction or physical access.

8.8
2020-10-19 CVE-2020-13778 Rconfig OS Command Injection vulnerability in Rconfig

rConfig 3.9.4 and earlier allows authenticated code execution (of system commands) by sending a forged GET request to lib/ajaxHandlers/ajaxAddTemplate.php or lib/ajaxHandlers/ajaxEditTemplate.php.

8.8
2020-10-21 CVE-2020-3572 Cisco Memory Leak vulnerability in Cisco Firepower Threat Defense

A vulnerability in the SSL/TLS session handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

8.6
2020-10-21 CVE-2020-3571 Cisco Improper Input Validation vulnerability in Cisco Firepower Threat Defense

A vulnerability in the ICMP ingress packet processing of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 4110 appliances could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

8.6
2020-10-21 CVE-2020-3563 Cisco Resource Exhaustion vulnerability in Cisco Firepower Threat Defense

A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

8.6
2020-10-21 CVE-2020-3562 Cisco Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Firepower Threat Defense 6.3.0/6.4.0/6.5.0

A vulnerability in the SSL/TLS inspection of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series firewalls could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

8.6
2020-10-21 CVE-2020-3499 Cisco Resource Exhaustion vulnerability in Cisco Secure Firewall Management Center

A vulnerability in the licensing service of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.The vulnerability is due to improper handling of system resource values by the affected system.

8.6
2020-10-21 CVE-2020-3436 Cisco Unrestricted Upload of File with Dangerous Type vulnerability in Cisco Firepower Threat Defense

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload.

8.6
2020-10-21 CVE-2020-3373 Cisco Memory Leak vulnerability in Cisco products

A vulnerability in the IP fragment-handling implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak on an affected device.

8.6
2020-10-21 CVE-2020-3304 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in the web interface of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition.

8.6
2020-10-21 CVE-2020-27613 Bigbluebutton Cleartext Storage of Sensitive Information vulnerability in Bigbluebutton

The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the FreeSWITCH password, which allows local users to achieve unintended FreeSWITCH access.

8.4
2020-10-21 CVE-2020-26896 Lightning Network Daemon Project Improper Validation of Integrity Check Value vulnerability in Lightning Network Daemon Project Lightning Network Daemon

Prior to 0.11.0-beta, LND (Lightning Network Daemon) had a vulnerability in its invoice database.

8.2
2020-10-22 CVE-2020-26649 Atomx Missing Authorization vulnerability in Atomx Atomxcms 2

AtomXCMS 2.0 is affected by Incorrect Access Control via admin/dump.php

8.1
2020-10-21 CVE-2020-3550 Cisco Path Traversal vulnerability in Cisco products

A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path.

8.1
2020-10-21 CVE-2020-3549 Cisco Inadequate Encryption Strength vulnerability in Cisco Firepower Threat Defense

A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash.

8.1
2020-10-21 CVE-2020-3410 Cisco Improper Authentication vulnerability in Cisco Secure Firewall Management Center 6.6.0/6.6.0.1

A vulnerability in the Common Access Card (CAC) authentication feature of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and access the FMC system.

8.1
2020-10-20 CVE-2020-7748 TS ED Project Unspecified vulnerability in Ts.Ed Project Ts.Ed

This affects the package @tsed/core before 5.65.7.

8.1
2020-10-19 CVE-2020-9113 Huawei Classic Buffer Overflow vulnerability in Huawei Mate 20 Firmware

HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in the Bluetooth module.

8.0
2020-10-23 CVE-2020-24848 Fruitywifi Project Improper Privilege Management vulnerability in Fruitywifi Project Fruitywifi

FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL].

7.8
2020-10-23 CVE-2020-5990 Nvidia Unspecified vulnerability in Nvidia Geforce Experience

NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.

7.8
2020-10-23 CVE-2020-5978 Nvidia Unspecified vulnerability in Nvidia Geforce Experience

NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges.

7.8
2020-10-23 CVE-2020-5977 Nvidia Untrusted Search Path vulnerability in Nvidia Geforce Experience

NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.

7.8
2020-10-23 CVE-2020-9331 Cryptopro Unspecified vulnerability in Cryptopro CSP

CryptoPro CSP through 5.0.0.10004 on 32-bit platforms allows Local Privilege Escalation (by local users with the SeChangeNotifyPrivilege right) because user-mode input is mishandled during process creation.

7.8
2020-10-23 CVE-2020-26887 AVM Unspecified vulnerability in AVM Fritz!Box 7490 Firmware 7.20

FRITZ!OS before 7.21 on FRITZ!Box devices allows a bypass of a DNS Rebinding protection mechanism.

7.8
2020-10-23 CVE-2019-14719 Verifone Command Injection vulnerability in Verifone Mx900 Firmware 30251000

Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager.

7.8
2020-10-23 CVE-2019-14717 Verifone Classic Buffer Overflow vulnerability in Verifone Verix OS Qt000530

Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 have a Buffer Overflow via the Run system call.

7.8
2020-10-23 CVE-2019-14712 Verifone Unspecified vulnerability in Verifone Verix OS Qt000530

Verifone VerixV Pinpad Payment Terminals with QT000530 allow bypass of integrity and origin control for S1G file generation.

7.8
2020-10-22 CVE-2020-27671 XEN
Opensuse
Debian
Fedoraproject
An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled.
7.8
2020-10-22 CVE-2020-27670 XEN
Opensuse
Fedoraproject
Debian
Insufficient Verification of Data Authenticity vulnerability in multiple products

An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because an AMD IOMMU page-table entry can be half-updated.

7.8
2020-10-22 CVE-2020-10721 Redhat Deserialization of Untrusted Data vulnerability in Redhat Fabric8-Maven

A flaw was found in the fabric8-maven-plugin 4.0.0 and later.

7.8
2020-10-22 CVE-2020-9990 Apple Race Condition vulnerability in Apple mac OS X

A race condition was addressed with additional validation.

7.8
2020-10-22 CVE-2020-9985 Apple Classic Buffer Overflow vulnerability in Apple products

A buffer overflow issue was addressed with improved memory handling.

7.8
2020-10-22 CVE-2020-9984 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

7.8
2020-10-22 CVE-2020-9980 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved bounds checking.

7.8
2020-10-22 CVE-2020-9940 Apple Classic Buffer Overflow vulnerability in Apple products

A buffer overflow issue was addressed with improved memory handling.

7.8
2020-10-22 CVE-2020-9938 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

7.8
2020-10-22 CVE-2020-9937 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved bounds checking.

7.8
2020-10-22 CVE-2020-9928 Apple Out-of-bounds Write vulnerability in Apple mac OS X

Multiple memory corruption issues were addressed with improved memory handling.

7.8
2020-10-22 CVE-2020-9927 Apple Out-of-bounds Write vulnerability in Apple mac OS X

A memory corruption issue was addressed with improved input validation.

7.8
2020-10-22 CVE-2020-9919 Apple Out-of-bounds Write vulnerability in Apple products

A buffer overflow issue was addressed with improved memory handling.

7.8
2020-10-22 CVE-2020-9904 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved state management.

7.8
2020-10-22 CVE-2020-9901 Apple Link Following vulnerability in Apple products

An issue existed within the path validation logic for symlinks.

7.8
2020-10-22 CVE-2020-9900 Apple Link Following vulnerability in Apple products

An issue existed within the path validation logic for symlinks.

7.8
2020-10-22 CVE-2020-9899 Apple Out-of-bounds Write vulnerability in Apple mac OS X

A memory corruption issue was addressed with improved input validation.

7.8
2020-10-22 CVE-2020-9892 Apple Out-of-bounds Write vulnerability in Apple products

Multiple memory corruption issues were addressed with improved state management.

7.8
2020-10-22 CVE-2020-9887 Apple Out-of-bounds Write vulnerability in Apple mac OS X

A memory corruption issue was addressed with improved input validation.

7.8
2020-10-22 CVE-2020-9883 Apple Classic Buffer Overflow vulnerability in Apple products

A buffer overflow issue was addressed with improved memory handling.

7.8
2020-10-22 CVE-2020-9882 Apple Classic Buffer Overflow vulnerability in Apple products

A buffer overflow issue was addressed with improved memory handling.

7.8
2020-10-22 CVE-2020-9881 Apple Classic Buffer Overflow vulnerability in Apple products

A buffer overflow issue was addressed with improved memory handling.

7.8
2020-10-22 CVE-2020-9880 Apple Classic Buffer Overflow vulnerability in Apple products

A buffer overflow was addressed with improved bounds checking.

7.8
2020-10-22 CVE-2020-9879 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved bounds checking.

7.8
2020-10-22 CVE-2020-9877 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved bounds checking.

7.8
2020-10-22 CVE-2020-9876 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved bounds checking.

7.8
2020-10-22 CVE-2020-9875 Apple Integer Overflow or Wraparound vulnerability in Apple products

An integer overflow was addressed through improved input validation.

7.8
2020-10-22 CVE-2020-9874 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved bounds checking.

7.8
2020-10-22 CVE-2020-9873 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

7.8
2020-10-22 CVE-2020-9872 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved bounds checking.

7.8
2020-10-22 CVE-2020-9871 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved bounds checking.

7.8
2020-10-22 CVE-2020-9863 Apple Improper Initialization vulnerability in Apple products

A memory initialization issue was addressed with improved memory handling.

7.8
2020-10-22 CVE-2020-9854 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved validation.

7.8
2020-10-22 CVE-2020-9853 Apple Out-of-bounds Write vulnerability in Apple mac OS X

A memory corruption issue was addressed with improved validation.

7.8
2020-10-22 CVE-2020-3915 Apple Unspecified vulnerability in Apple mac OS X

A path handling issue was addressed with improved validation.

7.8
2020-10-22 CVE-2020-3898 Apple Out-of-bounds Write vulnerability in Apple mac OS X

A memory corruption issue was addressed with improved validation.

7.8
2020-10-21 CVE-2020-24425 Adobe Uncontrolled Search Path Element vulnerability in Adobe Dreamweaver

Dreamweaver version 20.2 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation.

7.8
2020-10-21 CVE-2020-24424 Adobe Uncontrolled Search Path Element vulnerability in Adobe Premiere PRO 14.1/14.2/14.4

Adobe Premiere Pro version 14.4 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user.

7.8
2020-10-21 CVE-2020-24423 Adobe Uncontrolled Search Path Element vulnerability in Adobe Media Encoder

Adobe Media Encoder version 14.4 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2020-10-21 CVE-2020-24420 Adobe Uncontrolled Search Path Element vulnerability in Adobe Photoshop

Adobe Photoshop for Windows version 21.2.1 (and earlier) is affected by an uncontrolled search path element vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2020-10-21 CVE-2020-24419 Adobe Uncontrolled Search Path Element vulnerability in Adobe After Effects

Adobe After Effects version 17.1.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2020-10-21 CVE-2020-24418 Adobe Out-of-bounds Read vulnerability in Adobe After Effects

Adobe After Effects version 17.1.1 (and earlier) is affected by an out-of-bounds read vulnerability when parsing a crafted .aepx file, which could result in a read past the end of an allocated memory structure.

7.8
2020-10-21 CVE-2020-9750 Adobe Out-of-bounds Read vulnerability in Adobe Animate 15.2.1.95/20.5

Adobe Animate version 20.5 (and earlier) is affected by an out-of-bounds read vulnerability, which could result in arbitrary code execution in the context of the current user.

7.8
2020-10-21 CVE-2020-9749 Adobe Out-of-bounds Read vulnerability in Adobe Animate 15.2.1.95/20.5

Adobe Animate version 20.5 (and earlier) is affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2020-10-21 CVE-2020-9748 Adobe Out-of-bounds Write vulnerability in Adobe Animate 15.2.1.95/20.5

Adobe Animate version 20.5 (and earlier) is affected by a stack overflow vulnerability, which could lead to arbitrary code execution in the context of the current user.

7.8
2020-10-21 CVE-2020-9747 Adobe Double Free vulnerability in Adobe Animate 15.2.1.95/20.5

Adobe Animate version 20.5 (and earlier) is affected by a double free vulnerability when parsing a crafted .fla file, which could result in arbitrary code execution in the context of the current user.

7.8
2020-10-21 CVE-2020-24422 Adobe Uncontrolled Search Path Element vulnerability in Adobe Creative Cloud 2.1/5.2

Adobe Creative Cloud Desktop Application version 5.2 (and earlier) and 2.1 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user.

7.8
2020-10-21 CVE-2020-3459 Cisco OS Command Injection vulnerability in Cisco Firepower Extensible Operating System

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges.

7.8
2020-10-21 CVE-2020-3455 Cisco Unspecified vulnerability in Cisco Firepower Extensible Operating System

A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms.

7.8
2020-10-21 CVE-2020-10139 Acronis Improper Initialization vulnerability in Acronis True Image 2021

Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\.

7.8
2020-10-21 CVE-2020-10138 Acronis Improper Initialization vulnerability in Acronis Cyber Backup and Cyber Protect

Acronis Cyber Backup 12.5 and Cyber Protect 15 include an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\.

7.8
2020-10-20 CVE-2020-24415 Adobe Out-of-bounds Write vulnerability in Adobe Illustrator

Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file.

7.8
2020-10-20 CVE-2020-24414 Adobe Out-of-bounds Write vulnerability in Adobe Illustrator

Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file.

7.8
2020-10-20 CVE-2020-24413 Adobe Out-of-bounds Write vulnerability in Adobe Illustrator

Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file.

7.8
2020-10-20 CVE-2020-24412 Adobe Out-of-bounds Write vulnerability in Adobe Illustrator

Adobe Illustrator version 24.1.2 (and earlier) is affected by a memory corruption vulnerability that occurs when parsing a specially crafted .svg file.

7.8
2020-10-20 CVE-2020-24411 Adobe Out-of-bounds Write vulnerability in Adobe Illustrator

Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds write vulnerability when handling crafted PDF files.

7.8
2020-10-20 CVE-2020-24410 Adobe Out-of-bounds Read vulnerability in Adobe Illustrator

Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing crafted PDF files.

7.8
2020-10-20 CVE-2020-24409 Adobe Out-of-bounds Read vulnerability in Adobe Illustrator

Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing crafted PDF files.

7.8
2020-10-20 CVE-2020-15264 Chocolatey Unspecified vulnerability in Chocolatey Boxstarter

The Boxstarter installer before version 2.13.0 configures C:\ProgramData\Boxstarter to be in the system-wide PATH environment variable.

7.8
2020-10-19 CVE-2020-9263 Huawei Use After Free vulnerability in Huawei Mate 30 Firmware and P30 Firmware

HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.1.0.160(C00E160R2P11) have a use after free vulnerability.

7.8
2020-10-19 CVE-2020-9112 Huawei Improper Privilege Management vulnerability in Huawei Taurus-An00B Firmware 10.1.0.156

Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a privilege elevation vulnerability.

7.8
2020-10-20 CVE-2020-3982 Vmware Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in VMWare products

VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds write vulnerability due to a time-of-check time-of-use issue in ACPI device.

7.7
2020-10-22 CVE-2020-25186 WE CON XXE vulnerability in We-Con Levistudiou

An XXE vulnerability exists within LeviStudioU Release Build 2019-09-21 and prior when processing parameter entities, which may allow file disclosure.

7.5
2020-10-22 CVE-2020-15681 Mozilla Unspecified vulnerability in Mozilla Firefox

When multiple WASM threads had a reference to a module, and were looking up exported functions, one WASM thread could have overwritten another's entry in a shared stub table, resulting in a potentially exploitable crash.

7.5
2020-10-22 CVE-2020-13327 Gitlab Unspecified vulnerability in Gitlab Runner

An issue has been discovered in GitLab Runner affecting all versions starting from 13.4.0 before 13.4.2, all versions starting from 13.3.0 before 13.3.7, all versions starting from 13.2.0 before 13.2.10.

7.5
2020-10-22 CVE-2019-17007 Mozilla
Siemens
Improper Certificate Validation vulnerability in multiple products

In Network Security Services before 3.44, a malformed Netscape Certificate Sequence can cause NSS to crash, resulting in a denial of service.

7.5
2020-10-22 CVE-2020-9924 Apple Unspecified vulnerability in Apple mac OS X

A logic issue was addressed with improved state management.

7.5
2020-10-22 CVE-2020-9905 Apple Classic Buffer Overflow vulnerability in Apple products

A buffer overflow was addressed with improved bounds checking.

7.5
2020-10-22 CVE-2020-27665 Strapi Incorrect Default Permissions vulnerability in Strapi

In Strapi before 3.2.5, there is no admin::hasPermissions restriction for CTB (aka content-type-builder) routes.

7.5
2020-10-22 CVE-2020-9869 Apple Out-of-bounds Write vulnerability in Apple mac OS X

A memory corruption issue was addressed with improved memory handling.

7.5
2020-10-22 CVE-2020-9828 Apple Out-of-bounds Read vulnerability in Apple mac OS X

An out-of-bounds read was addressed with improved input validation.

7.5
2020-10-22 CVE-2020-27155 Octopus Unspecified vulnerability in Octopus Deploy

An issue was discovered in Octopus Deploy through 2020.4.4.

7.5
2020-10-22 CVE-2020-27638 Fastd Project
Debian
Fedoraproject
Reachable Assertion vulnerability in multiple products

receive.c in fastd before v21 allows denial of service (assertion failure) when receiving packets with an invalid type code.

7.5
2020-10-21 CVE-2020-17355 Arista Unspecified vulnerability in Arista EOS

Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (restart of agents) by crafting a malformed DHCP packet which leads to an incorrect route being installed.

7.5
2020-10-21 CVE-2020-15266 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Tensorflow

In Tensorflow before version 2.4.0, when the `boxes` argument of `tf.image.crop_and_resize` has a very large value, the CPU kernel implementation receives it as a C++ `nan` floating point value.

7.5
2020-10-21 CVE-2020-15265 Google Unspecified vulnerability in Google Tensorflow

In Tensorflow before version 2.4.0, an attacker can pass an invalid `axis` value to `tf.quantization.quantize_and_dequantize`.

7.5
2020-10-21 CVE-2020-3555 Cisco Improper Resource Shutdown or Release vulnerability in Cisco Firepower Threat Defense

A vulnerability in the SIP inspection process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a crash and reload of an affected device, resulting in a denial of service (DoS) condition.

7.5
2020-10-21 CVE-2020-3554 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in the TCP packet processing of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.5
2020-10-21 CVE-2020-3533 Cisco Resource Exhaustion vulnerability in Cisco Firepower Threat Defense

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly.

7.5
2020-10-21 CVE-2020-3529 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.

7.5
2020-10-21 CVE-2020-3528 Cisco Resource Exhaustion vulnerability in Cisco Firepower Threat Defense

A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

7.5
2020-10-21 CVE-2020-3317 Cisco Improper Input Validation vulnerability in Cisco Firepower Threat Defense

A vulnerability in the ssl_inspection component of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to crash Snort instances.

7.5
2020-10-21 CVE-2020-27610 Bigbluebutton Unspecified vulnerability in Bigbluebutton

The installation procedure in BigBlueButton before 2.2.28 (or earlier) exposes certain network services to external interfaces, and does not automatically set up a firewall configuration to block external access.

7.5
2020-10-21 CVE-2020-27603 Bigbluebutton Unspecified vulnerability in Bigbluebutton

BigBlueButton before 2.2.27 has an unsafe JODConverter setting in which LibreOffice document conversions can access external files.

7.5
2020-10-20 CVE-2020-25648 Mozilla
Redhat
Fedoraproject
Oracle
Allocation of Resources Without Limits or Throttling vulnerability in multiple products

A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3.

7.5
2020-10-20 CVE-2020-25157 Advantech SQL Injection vulnerability in Advantech R-Seenet

The R-SeeNet webpage (1.5.1 through 2.4.10) suffers from SQL injection, which allows a remote attacker to invoke queries on the database and retrieve sensitive information.

7.5
2020-10-20 CVE-2020-24765 Mind Forced Browsing vulnerability in Mind Imind Server 3.13.65

InterMind iMind Server through 3.13.65 allows remote unauthenticated attackers to read the self-diagnostic archive via a direct api/rs/monitoring/rs/api/system/dump-diagnostic-info?server=127.0.0.1 request.

7.5
2020-10-20 CVE-2020-15931 Netwrix Information Exposure vulnerability in Netwrix Account Lockout Examiner

Netwrix Account Lockout Examiner before 5.1 allows remote attackers to capture the Net-NTLMv1/v2 authentication challenge hash of the Domain Administrator (that is configured within the product in its installation state) by generating a single Kerberos Pre-Authentication Failed (ID 4771) event on a Domain Controller.

7.5
2020-10-20 CVE-2019-9080 Domainmod Use of Password Hash With Insufficient Computational Effort vulnerability in Domainmod

DomainMOD before 4.14.0 uses MD5 without a salt for password storage.

7.5
2020-10-19 CVE-2020-6085 Rockwellautomation Classic Buffer Overflow vulnerability in Rockwellautomation Flex I/O 1794-Aent 4.003

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003.

7.5
2020-10-19 CVE-2020-6084 Rockwellautomation Classic Buffer Overflow vulnerability in Rockwellautomation Flex I/O 1794-Aent 4.003

An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003.

7.5
2020-10-19 CVE-2020-24388 Yubico
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in the _send_secure_msg() function of yubihsm-shell through 2.0.2.

7.5
2020-10-19 CVE-2020-24387 Yubico
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2.

7.5
2020-10-19 CVE-2020-16161 Gopro Divide By Zero vulnerability in Gopro Gpmf-Parser 1.5

GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_ScaledData().

7.5
2020-10-19 CVE-2020-16160 Gopro Divide By Zero vulnerability in Gopro Gpmf-Parser 1.5

GoPro gpmf-parser 1.5 has a division-by-zero vulnerability in GPMF_Decompress().

7.5
2020-10-19 CVE-2020-24266 Broadcom
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in tcpreplay tcpprep v4.3.3.

7.5
2020-10-19 CVE-2020-24265 Broadcom
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in tcpreplay tcpprep v4.3.3.

7.5
2020-10-21 CVE-2020-3577 Cisco Improper Input Validation vulnerability in Cisco Firepower Threat Defense

A vulnerability in the ingress packet processing path of Cisco Firepower Threat Defense (FTD) Software for interfaces that are configured either as Inline Pair or in Passive mode could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition.

7.4
2020-10-20 CVE-2020-3994 Vmware Improper Certificate Validation vulnerability in VMWare Cloud Foundation and Vcenter Server

VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation.

7.4
2020-10-21 CVE-2020-17381 Ghisler Incorrect Default Permissions vulnerability in Ghisler Total Commander 9.51

An issue was discovered in Ghisler Total Commander 9.51.

7.3
2020-10-21 CVE-2020-27611 Bigbluebutton Use of a Broken or Risky Cryptographic Algorithm vulnerability in Bigbluebutton

BigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an unintended endpoint.

7.3
2020-10-21 CVE-2020-10140 Acronis Incorrect Permission Assignment for Critical Resource vulnerability in Acronis True Image 2021

Acronis True Image 2021 fails to properly set ACLs of the C:\ProgramData\Acronis directory.

7.3
2020-10-19 CVE-2020-15822 Jetbrains Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack

In JetBrains YouTrack before 2020.2.10514, SSRF is possible because URL filtering can be escaped.

7.3
2020-10-21 CVE-2020-15244 Openmage Deserialization of Untrusted Data vulnerability in Openmage Magento

In Magento (rubygems openmage/magento-lts package) before versions 19.4.8 and 20.0.4, an admin user can generate soap credentials that can be used to trigger RCE via PHP Object Injection through product attributes and a product.

7.2
2020-10-20 CVE-2020-5792 Nagios Argument Injection or Modification vulnerability in Nagios XI 5.7.3

Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, authenticated admin user to write to arbitrary files and ultimately execute code with the privileges of the apache user.

7.2
2020-10-20 CVE-2020-5791 Nagios OS Command Injection vulnerability in Nagios XI

Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote, authenticated admin user to execute operating system commands with the privileges of the apache user.

7.2
2020-10-22 CVE-2020-9994 Apple Unspecified vulnerability in Apple products

A path handling issue was addressed with improved validation.

7.1
2020-10-22 CVE-2020-9929 Apple Out-of-bounds Write vulnerability in Apple mac OS X

A memory corruption issue was addressed with improved memory handling.

7.1
2020-10-22 CVE-2020-9908 Apple Out-of-bounds Read vulnerability in Apple mac OS X

An out-of-bounds read was addressed with improved input validation.

7.1
2020-10-22 CVE-2020-9779 Apple Out-of-bounds Read vulnerability in Apple mac OS X

An out-of-bounds read was addressed with improved input validation.

7.1
2020-10-22 CVE-2020-9771 Apple Unspecified vulnerability in Apple mac OS X

This issue was addressed with a new entitlement.

7.1
2020-10-23 CVE-2020-27216 Eclipse
Netapp
Oracle
Apache
Debian
In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system.
7.0
2020-10-23 CVE-2019-14711 Verifone Race Condition vulnerability in Verifone Mx900 Firmware 30251000

Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass.

7.0
2020-10-22 CVE-2020-27672 XEN
Fedoraproject
Opensuse
Debian
Use After Free vulnerability in multiple products

An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages.

7.0
2020-10-22 CVE-2020-9921 Apple Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apple mac OS X

A memory corruption issue was addressed with improved memory handling.

7.0
2020-10-22 CVE-2020-9796 Apple Race Condition vulnerability in Apple mac OS X

A race condition was addressed with improved state handling.

7.0

106 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-10-23 CVE-2019-14715 Verifone Out-of-bounds Write vulnerability in Verifone products

Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation.

6.8
2020-10-22 CVE-2019-16128 Microchip Classic Buffer Overflow vulnerability in Microchip Cryptoauthlib

Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 1 of 2).

6.8
2020-10-22 CVE-2019-16129 Microchip Classic Buffer Overflow vulnerability in Microchip Cryptoauthlib

Microchip CryptoAuthentication Library CryptoAuthLib prior to 20191122 has a Buffer Overflow (issue 2 of 2).

6.8
2020-10-22 CVE-2020-9810 Apple Unspecified vulnerability in Apple mac OS X 10.15.4

A logic issue was addressed with improved restrictions.

6.8
2020-10-23 CVE-2019-14718 Verifone Incorrect Default Permissions vulnerability in Verifone Mx900 Firmware 30251000

Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbitrary command injection and privilege escalation.

6.7
2020-10-21 CVE-2020-3514 Cisco Unspecified vulnerability in Cisco products

A vulnerability in the multi-instance feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to escape the container for their Cisco FTD instance and execute commands with root privileges in the host namespace.

6.7
2020-10-21 CVE-2020-3458 Cisco Unspecified vulnerability in Cisco Adaptive Security Appliance Software

Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software for the Firepower 1000 Series and Firepower 2100 Series Appliances could allow an authenticated, local attacker to bypass the secure boot mechanism.

6.7
2020-10-21 CVE-2020-3457 Cisco OS Command Injection vulnerability in Cisco products

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges.

6.7
2020-10-19 CVE-2020-15261 Veyon Unspecified vulnerability in Veyon

On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges.

6.7
2020-10-19 CVE-2020-11496 Sprecher Automation Command Injection vulnerability in Sprecher-Automation Sprecon-E

Sprecher SPRECON-E firmware prior to 8.64b might allow local attackers with access to engineering data to insert arbitrary code.

6.7
2020-10-23 CVE-2019-14716 Verifone Unspecified vulnerability in Verifone Verix OS Qt000530

Verifone VerixV Pinpad Payment Terminals with QT000530 have an undocumented physical access mode (aka VerixV shell.out).

6.6
2020-10-23 CVE-2020-3998 Vmware Unspecified vulnerability in VMWare Horizon Client

VMware Horizon Client for Windows (5.x prior to 5.5.0) contains an information disclosure vulnerability.

6.5
2020-10-22 CVE-2020-15682 Mozilla Origin Validation Error vulnerability in Mozilla Firefox

When a link to an external protocol was clicked, a prompt was presented that allowed the user to choose what application to open it in.

6.5
2020-10-22 CVE-2018-18508 Mozilla
Siemens
NULL Pointer Dereference vulnerability in multiple products

In Network Security Services (NSS) before 3.36.7 and before 3.41.1, a malformed signature can cause a crash due to a null dereference, resulting in a Denial of Service.

6.5
2020-10-22 CVE-2020-27646 Biscom Unspecified vulnerability in Biscom Secure File Transfer

Biscom Secure File Transfer (SFT) before 5.1.1082 and 6.x before 6.0.1011 allows user credential theft.

6.5
2020-10-21 CVE-2020-3578 Cisco Incorrect Authorization vulnerability in Cisco products

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access rule and access parts of the WebVPN portal that are supposed to be blocked.

6.5
2020-10-21 CVE-2020-27607 Bigbluebutton Unspecified vulnerability in Bigbluebutton

In BigBlueButton before 2.2.28 (or earlier), the client-side Mute button only signifies that the server should stop accepting audio data from the client.

6.5
2020-10-21 CVE-2020-27604 Bigbluebutton Improper Encoding or Escaping of Output vulnerability in Bigbluebutton

BigBlueButton before 2.3 does not implement LibreOffice sandboxing.

6.5
2020-10-21 CVE-2020-6648 Fortinet Cleartext Storage of Sensitive Information vulnerability in Fortinet Fortios and Fortiproxy

A cleartext storage of sensitive information vulnerability in FortiOS command line interface in versions 6.2.4 and earlier and FortiProxy 2.0.0, 1.2.9 and earlier may allow an authenticated attacker to obtain sensitive information such as users passwords by connecting to FortiGate CLI and executing the "diag sys ha checksum show" command.

6.5
2020-10-21 CVE-2020-25820 Bigbluebutton Server-Side Request Forgery (SSRF) vulnerability in Bigbluebutton

BigBlueButton before 2.2.7 allows remote authenticated users to read local files and conduct SSRF attacks via an uploaded Office document that has a crafted URL in an ODF xlink field.

6.5
2020-10-20 CVE-2020-5790 Nagios Cross-Site Request Forgery (CSRF) vulnerability in Nagios XI 5.7.3

Cross-site request forgery in Nagios XI 5.7.3 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link.

6.5
2020-10-20 CVE-2020-6366 SAP Improper Input Validation vulnerability in SAP Netweaver Compare Systems

SAP NetWeaver (Compare Systems) versions - 7.20, 7.30, 7.40, 7.50, does not sufficiently validate uploaded XML documents.

6.5
2020-10-20 CVE-2020-6362 SAP Incorrect Authorization vulnerability in SAP Banking Services 500

SAP Banking Services version 500, use an incorrect authorization object in some of its reports.

6.5
2020-10-19 CVE-2020-24375 Free Authentication Bypass by Spoofing vulnerability in Free Freebox Server and Freebox V5 Firmware

A DNS rebinding vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3.

6.5
2020-10-22 CVE-2020-9939 Apple Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Apple mac OS X

This issue was addressed with improved checks.

6.4
2020-10-22 CVE-2020-27642 Bigbluebutton Cross-site Scripting vulnerability in Bigbluebutton Greenlight 2.7.6

A cross-site scripting (XSS) vulnerability exists in the 'merge account' functionality in admins.js in BigBlueButton Greenlight 2.7.6.

6.1
2020-10-22 CVE-2020-27620 Mediawiki Cross-site Scripting vulnerability in Mediawiki Skin:Cosmos 1.34.0/1.35.0

The Cosmos Skin for MediaWiki through 1.35.0 has stored XSS because MediaWiki messages were not being properly escaped.

6.1
2020-10-21 CVE-2020-17454 Wso2 Cross-site Scripting vulnerability in Wso2 API Manager

WSO2 API Manager 3.1.0 and earlier has reflected XSS on the "publisher" component's admin interface.

6.1
2020-10-21 CVE-2020-27344 Cminds Cross-site Scripting vulnerability in Cminds CM Download Manager

The cm-download-manager plugin before 2.8.0 for WordPress allows XSS.

6.1
2020-10-21 CVE-2020-3599 Cisco Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.

6.1
2020-10-21 CVE-2020-3583 Cisco Cross-site Scripting vulnerability in Cisco products

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device.

6.1
2020-10-21 CVE-2020-3582 Cisco Cross-site Scripting vulnerability in Cisco products

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device.

6.1
2020-10-21 CVE-2020-3581 Cisco Cross-site Scripting vulnerability in Cisco products

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device.

6.1
2020-10-21 CVE-2020-3580 Cisco Cross-site Scripting vulnerability in Cisco products

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device.

6.1
2020-10-21 CVE-2020-3558 Cisco Open Redirect vulnerability in Cisco Secure Firewall Management Center

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page.

6.1
2020-10-21 CVE-2020-3553 Cisco Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.

6.1
2020-10-21 CVE-2020-3515 Cisco Cross-site Scripting vulnerability in Cisco Secure Firewall Management Center

Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.

6.1
2020-10-21 CVE-2020-5650 Tipsandtricks HQ Cross-site Scripting vulnerability in Tipsandtricks-Hq Simple Download Monitor

Cross-site scripting vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.

6.1
2020-10-21 CVE-2020-27608 Bigbluebutton Cross-site Scripting vulnerability in Bigbluebutton

In BigBlueButton before 2.2.28 (or earlier), uploaded presentations are sent to clients without a Content-Type header, which allows XSS, as demonstrated by a .png file extension for an HTML document.

6.1
2020-10-20 CVE-2020-24416 Adobe Cross-site Scripting vulnerability in Adobe Marketo Sales Insight

Marketo Sales Insight plugin version 1.4355 (and earlier) is affected by a blind stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.

6.1
2020-10-20 CVE-2020-4748 IBM Cross-site Scripting vulnerability in IBM Spectrum Scale

IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting.

6.1
2020-10-20 CVE-2020-16246 GE Unspecified vulnerability in GE S2020 Firmware and S2024 Firmware

The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow attackers to trick users into following a link or navigating to a page that posts a malicious JavaScript statement to the vulnerable site, causing the malicious JavaScript to be rendered by the site and executed by the victim client.

6.1
2020-10-20 CVE-2020-6367 SAP Cross-site Scripting vulnerability in SAP Netweaver Composite Application Framework

There is a reflected cross site scripting vulnerability in SAP NetWeaver Composite Application Framework, versions - 7.20, 7.30, 7.31, 7.40, 7.50.

6.1
2020-10-19 CVE-2020-15263 Orchid Unspecified vulnerability in Orchid Platform

In platform before version 9.4.4, inline attributes are not properly escaped.

6.1
2020-10-19 CVE-2020-10746 Infinispan Unspecified vulnerability in Infinispan Infinispan-Server-Runtime 10.0.0

A flaw was found in Infinispan (org.infinispan:infinispan-server-runtime) version 10, where it permits local access to controls via both REST and HotRod APIs.

6.1
2020-10-19 CVE-2019-13633 Blinger Cross-site Scripting vulnerability in Blinger 1.0.2519

Blinger.io v.1.0.2519 is vulnerable to Blind/Persistent XSS.

6.1
2020-10-19 CVE-2020-26891 Matrix Cross-site Scripting vulnerability in Matrix Synapse

AuthRestServlet in Matrix Synapse before 1.21.0 is vulnerable to XSS due to unsafe interpolation of the session GET parameter.

6.1
2020-10-20 CVE-2020-3993 Vmware Unspecified vulnerability in VMWare Cloud Foundation and Nsx-T Data Center

VMware NSX-T (3.x before 3.0.2, 2.5.x before 2.5.2.2.0) contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX manager.

5.9
2020-10-20 CVE-2020-6369 SAP Unspecified vulnerability in SAP Focused RUN and Solution Manager

SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an unauthenticated attackers to bypass the authentication if the default passwords for Admin and Guest have not been changed by the administrator.This may impact the confidentiality of the service.

5.9
2020-10-21 CVE-2020-3565 Cisco Improper Authentication vulnerability in Cisco Firepower Threat Defense

A vulnerability in the TCP Intercept functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass configured Access Control Policies (including Geolocation) and Service Polices on an affected system.

5.8
2020-10-21 CVE-2020-3299 Cisco
Snort
Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP.
5.8
2020-10-20 CVE-2020-3981 Vmware Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in VMWare products

VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device.

5.8
2020-10-23 CVE-2020-9361 Cryptopro Unspecified vulnerability in Cryptopro CSP 5.0.0.10004

CryptoPro CSP through 5.0.0.10004 on 64-bit platforms allows local users with the SeChangeNotifyPrivilege right to cause denial of service because user-mode input is mishandled during process creation.

5.5
2020-10-23 CVE-2019-14713 Verifone Unspecified vulnerability in Verifone Mx900 Firmware 30251000

Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow installation of unsigned packages.

5.5
2020-10-22 CVE-2020-3996 Vmware Unspecified vulnerability in VMWare Velero

Velero (prior to 1.4.3 and 1.5.2) in some instances doesn’t properly manage volume identifiers which may result in information leakage to unauthorized users.

5.5
2020-10-22 CVE-2020-27673 Linux
Debian
Opensuse
XEN
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x.
5.5
2020-10-22 CVE-2020-9997 Apple Unspecified vulnerability in Apple mac OS X

An information disclosure issue was addressed with improved state management.

5.5
2020-10-22 CVE-2020-9902 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved bounds checking.

5.5
2020-10-22 CVE-2020-9772 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved restrictions.

5.5
2020-10-22 CVE-2020-3918 Apple Unspecified vulnerability in Apple products

An access issue was addressed with additional sandbox restrictions.

5.5
2020-10-21 CVE-2020-24421 Adobe Unspecified vulnerability in Adobe Indesign

Adobe InDesign version 15.1.2 (and earlier) is affected by a NULL pointer dereference bug that occurs when handling a malformed .indd file.

5.5
2020-10-21 CVE-2020-3352 Cisco Unspecified vulnerability in Cisco Firepower Threat Defense

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access hidden commands.

5.5
2020-10-20 CVE-2020-4756 IBM Improper Resource Shutdown or Release vulnerability in IBM Elastic Storage Server and Spectrum Scale

IBM Spectrum Scale V4.2.0.0 through V4.2.3.23 and V5.0.0.0 through V5.0.5.2 as well as IBM Elastic Storage System 6.0.0 through 6.0.1.0 could allow a local attacker to invoke a subset of ioctls on the device with invalid arguments that could crash the keneral and cause a denial of service.

5.5
2020-10-20 CVE-2020-4491 IBM Unspecified vulnerability in IBM Spectrum Scale

IBM Spectrum Scale V4.2.0.0 through V4.2.3.22 and V5.0.0.0 through V5.0.5 could allow a local attacker to cause a denial of service by sending a large number of RPC requests to the mmfsd daemon which would cause the service to crash.

5.5
2020-10-20 CVE-2020-6315 SAP Unspecified vulnerability in SAP 3D Visual Enterprise Viewer 9

SAP 3D Visual Enterprise Viewer, version 9, allows an attacker to send certain manipulated file to the victim, which can lead to leakage of sensitive information when the victim loads the malicious file into the VE viewer, leading to Information Disclosure.

5.5
2020-10-23 CVE-2020-27388 Yourls Cross-site Scripting vulnerability in Yourls

Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel, Versions 1.5 - 1.7.10.

5.4
2020-10-23 CVE-2020-3997 Vmware Cross-site Scripting vulnerability in VMWare Horizon

VMware Horizon Server (7.x prior to 7.10.3 or 7.13.0) contains a Cross Site Scripting (XSS) vulnerability.

5.4
2020-10-23 CVE-2018-8062 Comtrend Cross-site Scripting vulnerability in Comtrend Ar-5387Un Firmware A731410Jazc04R02.A2Pd035G.D23I

A cross-site scripting (XSS) vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04_R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service.

5.4
2020-10-22 CVE-2020-27666 Strapi Cross-site Scripting vulnerability in Strapi

Strapi before 3.2.5 has stored XSS in the wysiwyg editor's preview feature.

5.4
2020-10-22 CVE-2020-27533 Dedecms Cross-site Scripting vulnerability in Dedecms 5.8

A Cross Site Scripting (XSS) issue was discovered in the search feature of DedeCMS v.5.8 that allows malicious users to inject code into web pages, and other users will be affected when viewing web pages.

5.4
2020-10-20 CVE-2020-4755 IBM Cross-site Scripting vulnerability in IBM Spectrum Scale

IBM Spectrum Scale 5.0.0 through 5.0.5.2 is vulnerable to cross-site scripting.

5.4
2020-10-20 CVE-2020-4564 IBM Cross-site Scripting vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 and IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 are vulnerable to cross-site scripting.

5.4
2020-10-22 CVE-2020-27674 XEN
Fedoraproject
Debian
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in Xen through 4.14.x allowing x86 PV guest OS users to gain guest OS privileges by modifying kernel memory contents, because invalidation of TLB entries is mishandled during use of an INVLPG-like attack technique.

5.3
2020-10-22 CVE-2020-15680 Mozilla Unspecified vulnerability in Mozilla Firefox

If a valid external protocol handler was referenced in an image tag, the resulting broken image size could be distinguished from a broken image size of a non-existent protocol handler.

5.3
2020-10-22 CVE-2020-9787 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved restrictions.

5.3
2020-10-22 CVE-2020-26650 Atomx Exposure of Resource to Wrong Sphere vulnerability in Atomx Atomxcms 2.0

AtomXCMS 2.0 is affected by Arbitrary File Read via admin/dump.php

5.3
2020-10-21 CVE-2020-3564 Cisco Interpretation Conflict vulnerability in Cisco Firepower Threat Defense

A vulnerability in the FTP inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass FTP inspection.

5.3
2020-10-21 CVE-2020-3557 Cisco Improper Certificate Validation vulnerability in Cisco Secure Firewall Management Center

A vulnerability in the host input API daemon of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

5.3
2020-10-21 CVE-2020-27609 Bigbluebutton Incorrect Authorization vulnerability in Bigbluebutton

BigBlueButton through 2.2.28 records a video meeting despite the deactivation of video recording in the user interface.

5.3
2020-10-21 CVE-2020-27606 Bigbluebutton Unspecified vulnerability in Bigbluebutton

BigBlueButton before 2.2.28 (or earlier) does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session.

5.3
2020-10-21 CVE-2020-26895 Lightning Network Daemon Project Improper Validation of Integrity Check Value vulnerability in Lightning Network Daemon Project Lightning Network Daemon

Prior to 0.10.0-beta, LND (Lightning Network Daemon) would have accepted a counterparty high-S signature and broadcast tx-relay invalid local commitment/HTLC transactions.

5.3
2020-10-20 CVE-2020-3995 Vmware Memory Leak vulnerability in VMWare products

In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability.

5.3
2020-10-20 CVE-2020-6308 SAP Server-Side Request Forgery (SSRF) vulnerability in SAP Businessobjects Business Intelligence Platform 4.1/4.2/4.3

SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows an unauthenticated attacker to inject arbitrary values as CMS parameters to perform lookups on the internal network which is otherwise not accessible externally.

5.3
2020-10-19 CVE-2020-13937 Apache Insecure Storage of Sensitive Information vulnerability in Apache Kylin

Apache Kylin 2.0.0, 2.1.0, 2.2.0, 2.3.0, 2.3.1, 2.3.2, 2.4.0, 2.4.1, 2.5.0, 2.5.1, 2.5.2, 2.6.0, 2.6.1, 2.6.2, 2.6.3, 2.6.4, 2.6.5, 2.6.6, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0, 3.0.1, 3.0.2, 3.1.0, 4.0.0-alpha has one restful api which exposed Kylin's configuration information without any authentication, so it is dangerous because some confidential information entries will be disclosed to everyone.

5.3
2020-10-19 CVE-2020-8929 Google Unspecified vulnerability in Google Tink

A mis-handling of invalid unicode characters in the Java implementation of Tink versions prior to 1.5 allows an attacker to change the ID part of a ciphertext, which result in the creation of a second ciphertext that can decrypt to the same plaintext.

5.3
2020-10-23 CVE-2020-15002 Open Xchange Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite

OX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/message message API.

5.0
2020-10-23 CVE-2020-15004 Open Xchange Cross-site Scripting vulnerability in Open-Xchange Appsuite 7.10.2/7.10.3

OX App Suite through 7.10.3 allows stats/diagnostic?param= XSS.

4.8
2020-10-20 CVE-2020-6370 SAP Cross-site Scripting vulnerability in SAP Netweaver Design Time Repository

SAP NetWeaver Design Time Repository (DTR), versions - 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

4.8
2020-10-22 CVE-2020-27675 Linux
Fedoraproject
Debian
Use After Free vulnerability in multiple products

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x.

4.7
2020-10-21 CVE-2020-3561 Cisco Injection vulnerability in Cisco Firepower Threat Defense

A vulnerability in the Clientless SSL VPN (WebVPN) of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to inject arbitrary HTTP headers in the responses of the affected system.

4.7
2020-10-19 CVE-2020-15910 Solarwinds Incorrect Permission Assignment for Critical Resource vulnerability in Solarwinds N-Central 12.3

SolarWinds N-Central version 12.3 GA and lower does not set the JSESSIONID attribute to HTTPOnly.

4.7
2020-10-19 CVE-2020-9092 Huawei Cross-site Scripting vulnerability in Huawei Mate 20 Firmware

HUAWEI Mate 20 versions earlier than 10.1.0.163(C00E160R3P8) have a JavaScript injection vulnerability.

4.6
2020-10-19 CVE-2020-9111 Huawei Unspecified vulnerability in Huawei E6878-370 Firmware and E6878-870 Firmware

E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP11C233) have a denial of service vulnerability.

4.5
2020-10-23 CVE-2020-24847 Fruitywifi Project Cross-Site Request Forgery (CSRF) vulnerability in Fruitywifi Project Fruitywifi

A Cross-Site Request Forgery (CSRF) vulnerability is identified in FruityWifi through 2.4.

4.3
2020-10-23 CVE-2020-15003 Open Xchange Unspecified vulnerability in Open-Xchange Appsuite 7.10.2/7.10.3

OX App Suite through 7.10.3 allows Information Exposure because a user can obtain the IP address and User-Agent string of a different user (via the session API during shared Drive access).

4.3
2020-10-22 CVE-2020-15270 Parseplatform Operation on a Resource after Expiration or Release vulnerability in Parseplatform Parse-Server

Parse Server (npm package parse-server) broadcasts events to all clients without checking if the session token is valid.

4.3
2020-10-22 CVE-2020-9935 Apple Unspecified vulnerability in Apple mac OS X

A logic issue was addressed with improved state management.

4.3
2020-10-22 CVE-2020-27621 Mediawiki Unspecified vulnerability in Mediawiki

The FileImporter extension in MediaWiki through 1.35.0 was not properly attributing various user actions to a specific user's IP address.

4.3
2020-10-21 CVE-2020-27612 Bigbluebutton Information Exposure vulnerability in Bigbluebutton

Greenlight in BigBlueButton through 2.2.28 places usernames in room URLs, which may represent an unintended information leak to users in a room, or an information leak to outsiders if any user publishes a screenshot of a browser window.

4.3
2020-10-20 CVE-2020-7371 Raiseitsolutions Improper Restriction of Rendered UI Layers or Frames vulnerability in Raiseitsolutions Rits Browser 3.3.9

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser.

4.3
2020-10-20 CVE-2020-7370 Boltbrowser Missing Authentication for Critical Function vulnerability in Boltbrowser Bolt Browser

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of Danyil Vasilenko's Bolt Browser allows an attacker to obfuscate the true source of data as presented in the browser.

4.3
2020-10-20 CVE-2020-7369 Yandex Missing Authentication for Critical Function vulnerability in Yandex Browser

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of the Yandex Browser allows an attacker to obfuscate the true source of data as presented in the browser.

4.3
2020-10-20 CVE-2020-7364 Ucweb Unspecified vulnerability in Ucweb UC Browser 11.2.5.932/13.0.8

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser.

4.3
2020-10-20 CVE-2020-7363 Ucweb Unspecified vulnerability in Ucweb UC Browser 11.2.5.932/13.0.8

User Interface (UI) Misrepresentation of Critical Information vulnerability in the address bar of UCWeb's UC Browser allows an attacker to obfuscate the true source of data as presented in the browser.

4.3
2020-10-20 CVE-2020-4749 IBM Reliance on Cookies without Validation and Integrity Checking vulnerability in IBM Spectrum Scale

IBM Spectrum Scale 5.0.0 through 5.0.5.2 does not set the secure attribute on authorization tokens or session cookies.

4.3
2020-10-19 CVE-2020-15245 Sylius Missing Authorization vulnerability in Sylius

In Sylius before versions 1.6.9, 1.7.9 and 1.8.3, the user may register in a shop by email [email protected], verify it, change it to the mail [email protected] and stay verified and enabled.

4.3

5 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-10-21 CVE-2020-3585 Cisco Information Exposure Through Discrepancy vulnerability in Cisco products

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information.

3.7
2020-10-19 CVE-2020-15262 Webpack Subresource Integrity Project Insufficient Verification of Data Authenticity vulnerability in Webpack-Subresource-Integrity Project Webpack-Subresource-Integrity

In webpack-subresource-integrity before version 1.5.1, all dynamically loaded chunks receive an invalid integrity hash that is ignored by the browser, and therefore the browser cannot validate their integrity.

3.7
2020-10-22 CVE-2020-9986 Apple Unspecified vulnerability in Apple mac OS X

A file access issue existed with certain home folder files.

3.3
2020-10-22 CVE-2020-27560 Imagemagick
Debian
Opensuse
Divide By Zero vulnerability in multiple products

ImageMagick 7.0.10-34 allows Division by Zero in OptimizeLayerFrames in MagickCore/layer.c, which may cause a denial of service.

3.3
2020-10-22 CVE-2020-7020 Elastic Improper Privilege Management vulnerability in Elastic Elasticsearch

Elasticsearch versions before 6.8.13 and 7.9.2 contain a document disclosure flaw when Document or Field Level Security is used.

3.1