Weekly Vulnerabilities Reports > November 2 to 8, 2020
Overview
316 new vulnerabilities reported during this period, including 48 critical vulnerabilities and 154 high severity vulnerabilities. This weekly summary report vulnerabilities in 404 products from 106 vendors including Debian, Fedoraproject, Google, Opensuse, and Qualcomm. Vulnerabilities are notably categorized as "Cross-site Scripting", "Use After Free", "Out-of-bounds Write", "Classic Buffer Overflow", and "Out-of-bounds Read".
- 229 reported vulnerabilities are remotely exploitables.
- 2 reported vulnerabilities have public exploit available.
- 69 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 201 reported vulnerabilities are exploitable by an anonymous user.
- Debian has the most reported vulnerabilities, with 60 reported vulnerabilities.
- Debian has the most reported critical vulnerabilities, with 9 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
48 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-11-08 | CVE-2020-28347 | TP Link | OS Command Injection vulnerability in Tp-Link Ac1750 Firmware 190726 tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. | 9.8 |
2020-11-08 | CVE-2020-28340 | Unspecified vulnerability in Google Android An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. | 9.8 | |
2020-11-06 | CVE-2020-3284 | Cisco | Unspecified vulnerability in Cisco products A vulnerability in the enhanced Preboot eXecution Environment (PXE) boot loader for Cisco IOS XR 64-bit Software could allow an unauthenticated, remote attacker to execute unsigned code during the PXE boot process on an affected device. | 9.8 |
2020-11-06 | CVE-2020-26214 | Alerta Project | Unspecified vulnerability in Alerta Project Alerta In Alerta before version 8.1.0, users may be able to bypass LDAP authentication if they provide an empty password when Alerta server is configure to use LDAP as the authorization provider. | 9.8 |
2020-11-06 | CVE-2020-25172 | Bbraun | Unspecified vulnerability in Bbraun Onlinesuite Application Package 3.0 A relative path traversal attack in the B. | 9.8 |
2020-11-06 | CVE-2020-26892 | Linuxfoundation Fedoraproject | Use of Hard-coded Credentials vulnerability in multiple products The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled. | 9.8 |
2020-11-06 | CVE-2020-25592 | Saltstack Debian | Improper Authentication vulnerability in multiple products In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. | 9.8 |
2020-11-06 | CVE-2020-16846 | Saltstack Debian Fedoraproject | OS Command Injection vulnerability in multiple products An issue was discovered in SaltStack Salt through 3002. | 9.8 |
2020-11-06 | CVE-2020-28250 | Cellinx | Unspecified vulnerability in Cellinx NVT web Server 5.0.0.014B Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side. | 9.8 |
2020-11-06 | CVE-2020-5648 | Mitsubishielectric | Argument Injection or Modification vulnerability in Mitsubishielectric Coreos 05.65.00.Bd Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS version "05.65.00.BD" and earlier, and GT1450HS-QMBDE CoreOS version "05.65.00.BD" and earlier) allows unauthenticated attackers on adjacent network to stop the network functions of the products via a specially crafted packet. | 9.8 |
2020-11-06 | CVE-2020-5647 | Mitsubishielectric | Unspecified vulnerability in Mitsubishielectric Coreos 05.65.00.Bd Improper access control vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QMBDE CoreOS version ’05.65.00.BD’ and earlier, GT1450-QLBDE CoreOS version ’05.65.00.BD’ and earlier, GT1455HS-QTBDE CoreOS version ’05.65.00.BD’ and earlier, and GT1450HS-QMBDE CoreOS version ’05.65.00.BD’ and earlier) allows a remote unauthenticated attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet. | 9.8 |
2020-11-06 | CVE-2020-5644 | Mitsubishielectric | Classic Buffer Overflow vulnerability in Mitsubishielectric Coreos 05.65.00.Bd Buffer overflow vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS version "05.65.00.BD" and earlier, and GT1450HS-QMBDE CoreOS version "05.65.00.BD" and earlier) allows a remote unauthenticated attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet. | 9.8 |
2020-11-05 | CVE-2020-17510 | Apache Debian | Improper Authentication vulnerability in multiple products Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. | 9.8 |
2020-11-05 | CVE-2020-12145 | Silver Peak | Improper Authentication vulnerability in Silver-Peak Unity Orchestrator Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+ uses HTTP headers to authenticate REST API calls from localhost. | 9.8 |
2020-11-05 | CVE-2020-27955 | GIT Large File Storage Project | Uncontrolled Search Path Element vulnerability in GIT Large File Storage Project GIT Large File Storage 2.12.0 Git LFS 2.12.0 allows Remote Code Execution. | 9.8 |
2020-11-04 | CVE-2020-7128 | Arubanetworks | Missing Authentication for Critical Function vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | 9.8 |
2020-11-04 | CVE-2020-27689 | Imomobile | Use of Hard-coded Credentials vulnerability in Imomobile Verve Connect Vh510 Firmware The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains undocumented default admin credentials for the web management interface. | 9.8 |
2020-11-04 | CVE-2020-22274 | Jomsocial | Improper Neutralization of Formula Elements in a CSV File vulnerability in Jomsocial 4.7.6 JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile. | 9.8 |
2020-11-04 | CVE-2020-26167 | Thedaylightstudio | Unspecified vulnerability in Thedaylightstudio Fuel CMS In FUEL CMS 11.4.12 and before, the page preview feature allows an anonymous user to take complete ownership of any account including an administrator one. | 9.8 |
2020-11-04 | CVE-2020-22276 | Weformspro | Improper Neutralization of Formula Elements in a CSV File vulnerability in Weformspro Weforms 1.4.7 WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry. | 9.8 |
2020-11-04 | CVE-2020-2301 | Jenkins | Unspecified vulnerability in Jenkins Active Directory Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user with any password while a successful authentication of that user is still in the optional cache when using Windows/ADSI mode. | 9.8 |
2020-11-04 | CVE-2020-2300 | Jenkins | Unspecified vulnerability in Jenkins Active Directory Jenkins Active Directory Plugin 2.19 and earlier does not prohibit the use of an empty password in Windows/ADSI mode, which allows attackers to log in to Jenkins as any user depending on the configuration of the Active Directory server. | 9.8 |
2020-11-04 | CVE-2020-2299 | Jenkins | Unspecified vulnerability in Jenkins Active Directory Jenkins Active Directory Plugin 2.19 and earlier allows attackers to log in as any user if a magic constant is used as the password. | 9.8 |
2020-11-03 | CVE-2020-1909 | Use After Free vulnerability in Whatsapp and Whatsapp Business A use-after-free in a logging library in WhatsApp for iOS prior to v2.20.111 and WhatsApp Business for iOS prior to v2.20.111 could have resulted in memory corruption, crashes and potentially code execution. | 9.8 | |
2020-11-03 | CVE-2020-15993 | Use After Free vulnerability in Google Chrome Use after free in printing in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 9.8 | |
2020-11-02 | CVE-2020-5656 | Mitsubishielectric | Unspecified vulnerability in Mitsubishielectric products Improper access control vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows a remote unauthenticated attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet. | 9.8 |
2020-11-02 | CVE-2020-5653 | Mitsubishielectric | Classic Buffer Overflow vulnerability in Mitsubishielectric products Buffer overflow vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows a remote unauthenticated attacker to stop the network functions of the products or execute a malicious program via a specially crafted packet. | 9.8 |
2020-11-02 | CVE-2020-28037 | Wordpress Fedoraproject Debian | Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, leading to remote code execution (as well as a denial of service for the old installation). | 9.8 |
2020-11-02 | CVE-2020-28036 | Wordpress Fedoraproject Debian | Missing Authorization vulnerability in multiple products wp-includes/class-wp-xmlrpc-server.php in WordPress before 5.5.2 allows attackers to gain privileges by using XML-RPC to comment on a post. | 9.8 |
2020-11-02 | CVE-2020-28035 | Wordpress Fedoraproject Debian | WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC. | 9.8 |
2020-11-02 | CVE-2020-28032 | Wordpress Fedoraproject Debian | Deserialization of Untrusted Data vulnerability in multiple products WordPress before 5.5.2 mishandles deserialization requests in wp-includes/Requests/Utility/FilteredIterator.php. | 9.8 |
2020-11-02 | CVE-2020-24881 | Osticket | Server-Side Request Forgery (SSRF) vulnerability in Osticket SSRF exists in osTicket before 1.14.3, where an attacker can add malicious file to server or perform port scanning. | 9.8 |
2020-11-02 | CVE-2020-23639 | Moxa | Command Injection vulnerability in Moxa Vport 461 Firmware 3.4 A command injection vulnerability exists in Moxa Inc VPort 461 Series Firmware Version 3.4 or lower that could allow a remote attacker to execute arbitrary commands in Moxa's VPort 461 Series Industrial Video Servers. | 9.8 |
2020-11-02 | CVE-2018-19025 | Juuko | Unspecified vulnerability in Juuko K-808 Firmware In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command, which could be executed on the K-808 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.). | 9.8 |
2020-11-02 | CVE-2018-17932 | Juuko | Unspecified vulnerability in Juuko K-800 Firmware JUUKO K-800 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.) is vulnerable to a replay attack and command forgery, which could allow attackers to replay commands, control the device, view commands, or cause the device to stop running. | 9.8 |
2020-11-02 | CVE-2018-19950 | Qnap | Command Injection vulnerability in Qnap Music Station If exploited, this command injection vulnerability could allow remote attackers to execute arbitrary commands. | 9.8 |
2020-11-02 | CVE-2020-3703 | Qualcomm | Out-of-bounds Read vulnerability in Qualcomm products u'Buffer over-read issue in Bluetooth peripheral firmware due to lack of check for invalid opcode and length of opcode received from central device(This CVE is equivalent to Link Layer Length Overfow issue (CVE-2019-16336,CVE-2019-17519) and Silent Length Overflow issue(CVE-2019-17518) mentioned in sweyntooth paper)' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, APQ8076, AR9344, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, Nicobar, QCA6174A, QCA9377, QCM2150, QCM6125, QCS404, QCS405, QCS605, QCS610, QM215, Rennell, SC8180X, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130 | 9.8 |
2020-11-02 | CVE-2020-3692 | Qualcomm | Classic Buffer Overflow vulnerability in Qualcomm products u'Possible buffer overflow while updating output buffer for IMEI and Gateway Address due to lack of check of input validation for parameters received from server' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Agatti, Kamorta, Nicobar, QCM6125, QCS610, Rennell, SA415M, Saipan, SC7180, SC8180X, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130 | 9.8 |
2020-11-02 | CVE-2020-3673 | Qualcomm | Improper Validation of Array Index vulnerability in Qualcomm products u'Buffer overflow can happen as part of SIP message packet processing while storing values in array due to lack of check to validate the index length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8053, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6390, QCA6574AU, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 9.8 |
2020-11-02 | CVE-2020-3657 | Qualcomm | Classic Buffer Overflow vulnerability in Qualcomm products u'Remote code execution can happen by sending a carefully crafted POST query when Device configuration is accessed from a tethered client through webserver due to lack of array bound check.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6574AU, QCS405, QCS610, QRB5165, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8250 | 9.8 |
2020-11-02 | CVE-2020-3654 | Qualcomm | Improper Validation of Array Index vulnerability in Qualcomm products u'Buffer overflow occurs while processing SIP message packet due to lack of check of index validation before copying into it' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8053, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCA6390, QCA6574AU, QCM2150, QCS605, QM215, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 9.8 |
2020-11-02 | CVE-2020-11172 | Qualcomm | Classic Buffer Overflow vulnerability in Qualcomm products u'fscanf reads a string from a file and stores its contents on a statically allocated stack memory which leads to stack overflow' in Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, QCA9531, QCA9980 | 9.8 |
2020-11-02 | CVE-2020-11153 | Qualcomm | Out-of-bounds Write vulnerability in Qualcomm products u'Out of bound memory access while processing GATT data received due to lack of check of pdu data length and leads to remote code execution' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8053, QCA6390, QCA9379, QCN7605, SC8180X, SDX55 | 9.8 |
2020-11-03 | CVE-2020-16011 | Google Opensuse Debian | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 9.6 |
2020-11-02 | CVE-2020-28039 | Wordpress Debian Canonical | is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected. | 9.1 |
2020-11-02 | CVE-2020-3670 | Qualcomm | Out-of-bounds Read vulnerability in Qualcomm products u'Potential out of bounds read while processing downlink NAS transport message due to improper length check of Information Element(IEI) NAS message container' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8053, APQ8096AU, APQ8098, Kamorta, MDM9150, MDM9205, MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909W, MSM8917, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCM6125, QCS605, QCS610, QM215, Rennell, SA415M, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 | 9.1 |
2020-11-02 | CVE-2020-11169 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products u'Buffer over-read while processing received L2CAP packet due to lack of integer overflow check' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, QCN7606, SA415M, SA515M, SA6155P, SA8155P, SC8180X, SDX55 | 9.1 |
2020-11-05 | CVE-2020-15952 | Immuta | Cross-site Scripting vulnerability in Immuta 2.8.2 Immuta v2.8.2 is affected by stored XSS that allows a low-privileged user to escalate privileges to administrative permissions. | 9.0 |
154 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-11-07 | CVE-2020-28339 | Collne | Deserialization of Untrusted Data vulnerability in Collne Welcart E-Commerce The usc-e-shop (aka Collne Welcart e-Commerce) plugin before 1.9.36 for WordPress allows Object Injection because of usces_unserialize. | 8.8 |
2020-11-06 | CVE-2020-15259 | Auth0 | Unspecified vulnerability in Auth0 Ad/Ldap Connector ad-ldap-connector's admin panel before version 5.0.13 does not provide csrf protection, which when exploited may result in remote code execution or confidential data loss. | 8.8 |
2020-11-06 | CVE-2020-3371 | Cisco | OS Command Injection vulnerability in Cisco Integrated Management Controller 3.0(1C) A vulnerability in the web UI of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary code and execute arbitrary commands at the underlying operating system level. | 8.8 |
2020-11-06 | CVE-2020-28328 | Salesagility | Unrestricted Upload of File with Dangerous Type vulnerability in Salesagility Suitecrm SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. | 8.8 |
2020-11-06 | CVE-2020-7198 | HP | Unspecified vulnerability in HP Oneview, Synergy Composer and Synergy Composer 2 There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. | 8.8 |
2020-11-05 | CVE-2020-6877 | ZTE | Unspecified vulnerability in ZTE Zxa10 Eodn Firmware 2.3P2T1 A ZTE product is impacted by an information leak vulnerability. | 8.8 |
2020-11-05 | CVE-2020-25661 | Redhat | Unspecified vulnerability in Redhat Enterprise Linux 8.3 A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. | 8.8 |
2020-11-05 | CVE-2020-13661 | Telerik | Unspecified vulnerability in Telerik Fiddler 5.0.20202.18177 Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. | 8.8 |
2020-11-05 | CVE-2020-12147 | Silver Peak | Path Traversal vulnerability in Silver-Peak Unity Orchestrator In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can make unauthorized MySQL queries against the Orchestrator database using the /sqlExecution REST API, which had been used for internal testing. | 8.8 |
2020-11-05 | CVE-2020-12146 | Silver Peak | Path Traversal vulnerability in Silver-Peak Unity Orchestrator In Silver Peak Unity Orchestrator versions prior to 8.9.11+, 8.10.11+, or 9.0.1+, an authenticated user can access, modify, and delete restricted files on the Orchestrator server using the/debugFiles REST API. | 8.8 |
2020-11-05 | CVE-2020-25398 | Mind | Improper Neutralization of Formula Elements in a CSV File vulnerability in Mind Imind Server 3.13.65 CSV Injection exists in InterMind iMind Server through 3.13.65 via the csv export functionality. | 8.8 |
2020-11-05 | CVE-2020-28115 | WEB Audimex | SQL Injection vulnerability in Web-Audimex Audimexee 14.1.0 SQL Injection vulnerability in "Documents component" found in AudimexEE version 14.1.0 allows an attacker to execute arbitrary SQL commands via the object_path parameter. | 8.8 |
2020-11-05 | CVE-2020-24849 | Fruitywifi Project | OS Command Injection vulnerability in Fruitywifi Project Fruitywifi A remote code execution vulnerability is identified in FruityWifi through 2.4. | 8.8 |
2020-11-05 | CVE-2020-15950 | Immuta | Insufficient Session Expiration vulnerability in Immuta 2.8.2 Immuta v2.8.2 is affected by improper session management: user sessions are not revoked upon logout. | 8.8 |
2020-11-05 | CVE-2020-27387 | Horizontcms Project | Unrestricted Upload of File with Dangerous Type vulnerability in Horizontcms Project Horizontcms 1.0.0 An unrestricted file upload issue in HorizontCMS through 1.0.0-beta allows an authenticated remote attacker (with access to the FileManager) to upload and execute arbitrary PHP code by uploading a PHP payload, and then using the FileManager's rename function to provide the payload (which will receive a random name on the server) with the PHP extension, and finally executing the PHP file via an HTTP GET request to /storage/<php_file_name>. | 8.8 |
2020-11-04 | CVE-2020-27692 | Imomobile | Cross-Site Request Forgery (CSRF) vulnerability in Imomobile Verve Connect Vh510 Firmware The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains multiple CSRF vulnerabilities within its web management portal. | 8.8 |
2020-11-04 | CVE-2020-22278 | Phpmyadmin | Improper Neutralization of Formula Elements in a CSV File vulnerability in PHPmyadmin phpMyAdmin through 5.0.2 allows CSV injection via Export Section. | 8.8 |
2020-11-04 | CVE-2020-22275 | Easyregistrationforms | Improper Neutralization of Formula Elements in a CSV File vulnerability in Easyregistrationforms Easy Registration Forms 2.0.6 Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an attacker to submit an entry with malicious CSV commands. | 8.8 |
2020-11-03 | CVE-2020-16010 | Out-of-bounds Write vulnerability in Google Chrome Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 8.8 | |
2020-11-03 | CVE-2020-16009 | Google Microsoft Cefsharp Opensuse Fedoraproject Debian | Type Confusion vulnerability in multiple products Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-16008 | Google Debian Opensuse Fedoraproject | Out-of-bounds Write vulnerability in multiple products Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet. | 8.8 |
2020-11-03 | CVE-2020-16006 | Google Debian Opensuse Fedoraproject | Out-of-bounds Write vulnerability in multiple products Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-16005 | Google Opensuse Debian Fedoraproject | Improper Handling of Exceptional Conditions vulnerability in multiple products Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-16004 | Google Opensuse Fedoraproject Debian | Use After Free vulnerability in multiple products Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-16003 | Google Debian Fedoraproject Opensuse | Use After Free vulnerability in multiple products Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-16002 | Google Fedoraproject Opensuse Debian | Use After Free vulnerability in multiple products Use after free in PDFium in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | 8.8 |
2020-11-03 | CVE-2020-16001 | Google Debian Opensuse Fedoraproject | Use After Free vulnerability in multiple products Use after free in media in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-16000 | Google Fedoraproject Opensuse Debian | Out-of-bounds Write vulnerability in multiple products Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15998 | Use After Free vulnerability in Google Chrome Use after free in USB in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 8.8 | |
2020-11-03 | CVE-2020-15997 | Use After Free vulnerability in Google Chrome Use after free in Mojo in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 8.8 | |
2020-11-03 | CVE-2020-15996 | Use After Free vulnerability in Google Chrome Use after free in passwords in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 8.8 | |
2020-11-03 | CVE-2020-15995 | Google Debian Fedoraproject | Out-of-bounds Write vulnerability in multiple products Out of bounds write in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15994 | Use After Free vulnerability in Google Chrome Use after free in V8 in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 | |
2020-11-03 | CVE-2020-15992 | Google Debian Opensuse Fedoraproject | Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15991 | Google Opensuse Fedoraproject Debian | Use After Free vulnerability in multiple products Use after free in password manager in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15990 | Google Debian Fedoraproject Opensuse | Use After Free vulnerability in multiple products Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15987 | Google Fedoraproject Opensuse Debian | Use After Free vulnerability in multiple products Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted WebRTC stream. | 8.8 |
2020-11-03 | CVE-2020-15979 | Google Debian Fedoraproject Opensuse | Out-of-bounds Write vulnerability in multiple products Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15978 | Google Debian Fedoraproject Opensuse | Improper Input Validation vulnerability in multiple products Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15976 | Google Debian Fedoraproject Opensuse | Use After Free vulnerability in multiple products Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15975 | Google Fedoraproject Opensuse Debian | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15974 | Google Debian Fedoraproject Opensuse | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15972 | Google Debian Fedoraproject Opensuse | Use After Free vulnerability in multiple products Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15971 | Google Fedoraproject Opensuse Debian | Use After Free vulnerability in multiple products Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15970 | Google Fedoraproject Opensuse Debian | Use After Free vulnerability in multiple products Use after free in NFC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15969 | Google Debian Fedoraproject Opensuse Apple | Use After Free vulnerability in multiple products Use after free in WebRTC in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15968 | Google Debian Fedoraproject Opensuse | Use After Free vulnerability in multiple products Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 8.8 |
2020-11-03 | CVE-2020-15967 | Google Fedoraproject Opensuse Debian | Use After Free vulnerability in multiple products Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | 8.8 |
2020-11-02 | CVE-2020-11155 | Qualcomm | Classic Buffer Overflow vulnerability in Qualcomm products u'Buffer overflow while processing PDU packet in bluetooth due to lack of check of buffer length before copying into it.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, QCN7606, SA415M, SA515M, SA6155P, SA8155P, SC8180X, SDX55 | 8.8 |
2020-11-02 | CVE-2020-11154 | Qualcomm | Classic Buffer Overflow vulnerability in Qualcomm products u'Buffer overflow while processing a crafted PDU data packet in bluetooth due to lack of check of buffer size before copying' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, QCN7606, SA415M, SA515M, SA6155P, SA8155P, SC8180X, SDX55 | 8.8 |
2020-11-02 | CVE-2020-11114 | Qualcomm | Out-of-bounds Read vulnerability in Qualcomm Ar9344 Firmware u'Bluetooth devices does not properly restrict the L2CAP payload length allowing users in radio range to cause a buffer overflow via a crafted Link Layer packet(Equivalent to CVE-2019-17060,CVE-2019-17061 and CVE-2019-17517 in Sweyntooth paper)' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in AR9344 | 8.8 |
2020-11-03 | CVE-2020-26211 | Bookstackapp | Unspecified vulnerability in Bookstackapp Bookstack In BookStack before version 0.30.4, a user with permissions to edit a page could insert JavaScript code through the use of `javascript:` URIs within a link or form which would run, within the context of the current page, when clicked or submitted. | 8.7 |
2020-11-03 | CVE-2020-26210 | Bookstackapp | Unspecified vulnerability in Bookstackapp Bookstack In BookStack before version 0.30.4, a user with permissions to edit a page could add an attached link which would execute untrusted JavaScript code when clicked by a viewer of the page. | 8.7 |
2020-11-05 | CVE-2020-5945 | F5 | Cross-site Scripting vulnerability in F5 products In BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, undisclosed TMUI page contains a stored cross site scripting vulnerability (XSS). | 8.4 |
2020-11-06 | CVE-2020-10292 | Kuka | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Kuka Visual Components Network License Server 2.0.8 Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. | 8.2 |
2020-11-02 | CVE-2020-11156 | Qualcomm | Out-of-bounds Read vulnerability in Qualcomm products u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap packet received from peer device.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in QCA6390, QCN7605, QCS404, SA415M, SA515M, SC8180X, SDX55, SM8250 | 8.1 |
2020-11-02 | CVE-2020-11141 | Qualcomm | Out-of-bounds Read vulnerability in Qualcomm products u'Buffer over-read issue in Bluetooth estack due to lack of check for invalid length of L2cap configuration request received from peer device.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, SA415M, SA515M, SC8180X, SDX55, SM8250 | 8.1 |
2020-11-04 | CVE-2020-26207 | Databaseschemareader Project | Unspecified vulnerability in Databaseschemareader Project Dbschemareader DatabaseSchemaViewer before version 2.7.4.3 is vulnerable to arbitrary code execution if a user is tricked into opening a specially crafted `.dbschema` file. | 8.0 |
2020-11-04 | CVE-2020-22277 | Codection | Improper Neutralization of Formula Elements in a CSV File vulnerability in Codection Import and Export Users and Customers Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via a customer's profile. | 8.0 |
2020-11-08 | CVE-2020-28343 | Out-of-bounds Write vulnerability in Google Android 10.0/9.0 An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. | 7.8 | |
2020-11-08 | CVE-2020-28342 | Unspecified vulnerability in Google Android 10.0/9.0 An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (China / India) software. | 7.8 | |
2020-11-08 | CVE-2020-28341 | Classic Buffer Overflow vulnerability in Google Android 10.0 An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos990 chipsets) software. | 7.8 | |
2020-11-07 | CVE-2020-16122 | Packagekit Project Canonical | Insufficient Verification of Data Authenticity vulnerability in multiple products PackageKit's apt backend mistakenly treated all local debs as trusted. | 7.8 |
2020-11-06 | CVE-2020-3604 | Cisco | Out-of-bounds Write vulnerability in Cisco Webex Meetings Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. | 7.8 |
2020-11-06 | CVE-2020-3603 | Cisco | Out-of-bounds Write vulnerability in Cisco Webex Meetings and Webex Meetings Server Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. | 7.8 |
2020-11-06 | CVE-2020-3600 | Cisco | Incorrect Authorization vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. | 7.8 |
2020-11-06 | CVE-2020-3595 | Cisco | Incorrect Permission Assignment for Critical Resource vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root group on the underlying operating system. | 7.8 |
2020-11-06 | CVE-2020-3594 | Cisco | Improper Privilege Management vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. | 7.8 |
2020-11-06 | CVE-2020-3593 | Cisco | Improper Privilege Management vulnerability in Cisco Sd-Wan A vulnerability in Cisco SD-WAN Software could allow an authenticated, local attacker to elevate privileges to root on the underlying operating system. | 7.8 |
2020-11-06 | CVE-2020-3588 | Cisco | Path Traversal vulnerability in Cisco Webex Meetings A vulnerability in virtualization channel messaging in Cisco Webex Meetings Desktop App for Windows could allow a local attacker to execute arbitrary code on a targeted system. | 7.8 |
2020-11-06 | CVE-2020-3573 | Cisco | Improper Initialization vulnerability in Cisco Webex Meetings and Webex Meetings Server Multiple vulnerabilities in Cisco Webex Network Recording Player for Windows and Cisco Webex Player for Windows could allow an attacker to execute arbitrary code on an affected system. | 7.8 |
2020-11-06 | CVE-2020-5794 | Tenable | Unspecified vulnerability in Tenable Nessus Network Monitor 5.11.0/5.11.1/5.12.0 A vulnerability in Nessus Network Monitor versions 5.11.0, 5.11.1, and 5.12.0 for Windows could allow an authenticated local attacker to execute arbitrary code by copying user-supplied files to a specially constructed path in a specifically named user directory. | 7.8 |
2020-11-06 | CVE-2020-25174 | Bbraun | Unspecified vulnerability in Bbraun Onlinesuite Application Package 3.0 A DLL hijacking vulnerability in the B. | 7.8 |
2020-11-06 | CVE-2020-25170 | Bbraun | Unspecified vulnerability in Bbraun Onlinesuite Application Package 3.0 An Excel Macro Injection vulnerability exists in the export feature in the B. | 7.8 |
2020-11-06 | CVE-2020-27347 | Tmux Project | Out-of-bounds Write vulnerability in Tmux Project Tmux In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output. | 7.8 |
2020-11-06 | CVE-2020-15708 | Canonical | Incorrect Permission Assignment for Critical Resource vulnerability in Canonical Ubuntu Linux 20.04 Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. | 7.8 |
2020-11-05 | CVE-2020-13537 | Moxa | Incorrect Default Permissions vulnerability in Moxa Mxview 3.1.8 An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. | 7.8 |
2020-11-05 | CVE-2020-13536 | Moxa | Incorrect Default Permissions vulnerability in Moxa Mxview 3.1.8 An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. | 7.8 |
2020-11-05 | CVE-2020-5793 | Tenable | Unspecified vulnerability in Tenable Nessus and Nessus Agent A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 for Windows could allow an authenticated local attacker to copy user-supplied files to a specially constructed path in a specifically named user directory. | 7.8 |
2020-11-05 | CVE-2020-24437 | Adobe | Unspecified vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. | 7.8 |
2020-11-05 | CVE-2020-24436 | Adobe | Unspecified vulnerability in Adobe products Acrobat Pro DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds write vulnerability that could result in writing past the end of an allocated memory structure. | 7.8 |
2020-11-05 | CVE-2020-24435 | Adobe | Unspecified vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a heap-based buffer overflow vulnerability in the submitForm function, potentially resulting in arbitrary code execution in the context of the current user. | 7.8 |
2020-11-05 | CVE-2020-24433 | Adobe | Unspecified vulnerability in Adobe products Adobe Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a local privilege escalation vulnerability that could enable a user without administrator privileges to delete arbitrary files and potentially execute arbitrary code as SYSTEM. | 7.8 |
2020-11-05 | CVE-2020-24432 | Adobe | Unspecified vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) and Adobe Acrobat Pro DC 2017.011.30175 (and earlier) are affected by an improper input validation vulnerability that could result in arbitrary JavaScript execution in the context of the current user. | 7.8 |
2020-11-05 | CVE-2020-24430 | Adobe | Use After Free vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability when handling malicious JavaScript. | 7.8 |
2020-11-05 | CVE-2020-24429 | Adobe | Unspecified vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a signature verification bypass that could result in local privilege escalation. | 7.8 |
2020-11-05 | CVE-2020-26507 | Marmind | Improper Neutralization of Formula Elements in a CSV File vulnerability in Marmind 4.1.141.0 A CSV Injection (also known as Formula Injection) vulnerability in the Marmind web application with version 4.1.141.0 allows malicious users to gain remote control of other computers. | 7.8 |
2020-11-05 | CVE-2020-25399 | Mind | Cross-site Scripting vulnerability in Mind Imind Server 3.13.65 Stored XSS in InterMind iMind Server through 3.13.65 allows any user to hijack another user's session by sending a malicious file in the chat. | 7.8 |
2020-11-05 | CVE-2020-27402 | Hindotech | Unspecified vulnerability in Hindotech HK1 BOX S905X3 Firmware Hk1X3S905X34Bitv1120191105 The HK1 Box S905X3 TV Box contains a vulnerability that allows a local unprivileged user to escalate to root using the /system/xbin/su binary via a serial port (UART) connection or using adb. | 7.8 |
2020-11-03 | CVE-2020-16007 | Google Debian Opensuse | Link Following vulnerability in multiple products Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem. | 7.8 |
2020-11-03 | CVE-2020-15983 | Google Fedoraproject Debian Opensuse | Improper Input Validation vulnerability in multiple products Insufficient data validation in webUI in Google Chrome on ChromeOS prior to 86.0.4240.75 allowed a local attacker to bypass content security policy via a crafted HTML page. | 7.8 |
2020-11-03 | CVE-2020-15980 | Google Opensuse Fedoraproject Debian | Insufficient policy enforcement in Intents in Google Chrome on Android prior to 86.0.4240.75 allowed a local attacker to bypass navigation restrictions via crafted Intents. | 7.8 |
2020-11-02 | CVE-2020-28046 | PAX | Improper Privilege Management vulnerability in PAX Prolinos 2.4.161.8859R An issue was discovered in ProlinOS through 2.4.161.8859R. | 7.8 |
2020-11-02 | CVE-2020-28045 | PAX | Improper Verification of Cryptographic Signature vulnerability in PAX Prolinos 2.4.161.8859R An unsigned-library issue was discovered in ProlinOS through 2.4.161.8859R. | 7.8 |
2020-11-02 | CVE-2020-27992 | Wondershare | Incorrect Permission Assignment for Critical Resource vulnerability in Wondershare Dr.Fone 3.0.0 Dr.Fone 3.0.0 allows local users to gain privileges via a Trojan horse DriverInstall.exe because %PROGRAMFILES(X86)%\Wondershare\dr.fone\Library\DriverInstaller has Full Control for BUILTIN\Users. | 7.8 |
2020-11-02 | CVE-2020-27708 | EA | Uncontrolled Search Path Element vulnerability in EA Origin A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. | 7.8 |
2020-11-02 | CVE-2020-14425 | Foxitsoftware | Unspecified vulnerability in Foxitsoftware Foxit Reader 9.7.1/9.7.1.29511/9.7.2.29539 Foxit Reader before 10.0 allows Remote Command Execution via the app.opencPDFWebPage JavsScript API. | 7.8 |
2020-11-02 | CVE-2020-3696 | Qualcomm | Use After Free vulnerability in Qualcomm products u'Use after free while installing new security rule in ipcrtr as old one is deleted and this rule could still be in use for checking security permission for particular process' in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8996AU, QCA4531, QCA6574AU, QCA9531, QCM2150, QCS605, SDM429W, SDX20, SDX24 | 7.8 |
2020-11-02 | CVE-2020-3694 | Qualcomm | Unspecified vulnerability in Qualcomm products u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom' in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Voice & Music in Bitra, Nicobar, Saipan, SM6150, SM8150, SM8250, SXR2130 | 7.8 |
2020-11-02 | CVE-2020-3693 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products u'Use out of range pointer issue can occur due to incorrect buffer range check during the execution of qseecom.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8098, Bitra, MSM8909W, MSM8996AU, Nicobar, QCM2150, QCS605, Saipan, SDM429W, SDX20, SM6150, SM8150, SM8250, SXR2130 | 7.8 |
2020-11-02 | CVE-2020-3690 | Qualcomm | Unspecified vulnerability in Qualcomm products u'Due to an incorrect SMMU configuration, the modem crypto engine can potentially compromise the hypervisor' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Agatti, Bitra, Kamorta, Nicobar, QCA6390, QCS404, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 7.8 |
2020-11-02 | CVE-2020-3684 | Qualcomm | Unspecified vulnerability in Qualcomm products u'QSEE reads the access permission policy for the SMEM TOC partition from the SMEM TOC contents populated by XBL Loader and applies them without validation' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8098, Bitra, IPQ6018, Kamorta, MDM9150, MDM9205, MDM9206, MDM9607, MDM9650, MSM8905, MSM8998, Nicobar, QCA6390, QCS404, QCS405, QCS605, QCS610, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC7180, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 7.8 |
2020-11-02 | CVE-2020-3678 | Qualcomm | Classic Buffer Overflow vulnerability in Qualcomm products u'A buffer overflow could occur if the API is improperly used due to UIE init does not contain a buffer size a param' in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Agatti, Kamorta, QCS404, QCS605, SDA845, SDM670, SDM710, SDM845, SXR1130 | 7.8 |
2020-11-02 | CVE-2020-3638 | Qualcomm | Unspecified vulnerability in Qualcomm products u'An Unaligned address or size can propagate to the database due to improper page permissions and can lead to improper access control' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Agatti, Bitra, Kamorta, QCA6390, QCS404, QCS610, Rennell, SA515M, SC7180, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130 | 7.8 |
2020-11-02 | CVE-2020-11174 | Qualcomm | Improper Validation of Array Index vulnerability in Qualcomm products u'Array index underflow issue in adsp driver due to improper check of channel id before used as array index.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, QCA6390, QCA9531, QCM2150, QCS404, QCS405, QCS605, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM8150, SM8250, SXR1130, SXR2130 | 7.8 |
2020-11-02 | CVE-2020-11164 | Qualcomm | Unspecified vulnerability in Qualcomm products u'Third-party app may also call the broadcasts in Perfdump and cause privilege escalation issue due to improper access control' in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in Agatti, APQ8096AU, APQ8098, Bitra, Kamorta, MSM8909W, MSM8917, MSM8940, Nicobar, QCA6390, QCM2150, QCS605, Rennell, SA6155P, SA8155P, Saipan, SDA660, SDM429W, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 7.8 |
2020-11-02 | CVE-2020-11162 | Qualcomm | Classic Buffer Overflow vulnerability in Qualcomm products u'Possible buffer overflow in MHI driver due to lack of input parameter validation of EOT events received from MHI device side' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MSM8917, MSM8953, Nicobar, QCA6390, QCM2150, QCS404, QCS405, QCS605, QM215, QRB5165, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130 | 7.8 |
2020-11-02 | CVE-2020-11125 | Qualcomm | Out-of-bounds Write vulnerability in Qualcomm products u'Out of bound access can happen in MHI command process due to lack of check of channel id value received from MHI devices' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9150, MDM9607, MDM9650, MSM8905, MSM8917, MSM8953, Nicobar, QCA6390, QCA9531, QCM2150, QCS404, QCS405, QCS605, QCS610, QM215, QRB5165, Rennell, SA415M, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 7.8 |
2020-11-05 | CVE-2020-24428 | Adobe | Unspecified vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a time-of-check time-of-use (TOCTOU) race condition vulnerability that could result in local privilege escalation. | 7.7 |
2020-11-08 | CVE-2020-7764 | Find MY WAY Project | HTTP Request Smuggling vulnerability in Find-My-Way Project Find-My-Way This affects the package find-my-way before 2.2.5, from 3.0.0 and before 3.0.5. | 7.5 |
2020-11-08 | CVE-2020-28345 | NULL Pointer Dereference vulnerability in Google Android 10.0 An issue was discovered on LG mobile devices with Android OS 10 software. | 7.5 | |
2020-11-08 | CVE-2020-28344 | NULL Pointer Dereference vulnerability in Google Android An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. | 7.5 | |
2020-11-06 | CVE-2020-3574 | Cisco | Unspecified vulnerability in Cisco products A vulnerability in the TCP packet processing functionality of Cisco IP Phones could allow an unauthenticated, remote attacker to cause the phone to stop responding to incoming calls, drop connected calls, or unexpectedly reload. | 7.5 |
2020-11-06 | CVE-2020-3444 | Cisco | Unspecified vulnerability in Cisco IOS XE A vulnerability in the packet filtering features of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to bypass L3 and L4 traffic filters. | 7.5 |
2020-11-06 | CVE-2020-26213 | Teler Project | Unspecified vulnerability in Teler Project Teler In teler before version 0.0.1, if you run teler inside a Docker container and encounter `errors.Exit` function, it will cause denial-of-service (`SIGSEGV`) because it doesn't get process ID and process group ID of teler properly to kills. | 7.5 |
2020-11-06 | CVE-2020-8580 | Netapp | Unspecified vulnerability in Netapp E-Series Santricity OS Controller SANtricity OS Controller Software versions 11.30 and higher are susceptible to a vulnerability which allows an unauthenticated attacker with access to the system to cause a Denial of Service (DoS). | 7.5 |
2020-11-06 | CVE-2020-27589 | Synopsys | Improper Certificate Validation vulnerability in Synopsys Hub-Rest-Api-Python Synopsys hub-rest-api-python (aka blackduck on PyPI) version 0.0.25 - 0.0.52 does not validate SSL certificates in certain cases. | 7.5 |
2020-11-06 | CVE-2020-27196 | Lightbend | Out-of-bounds Write vulnerability in Lightbend Play Framework An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. | 7.5 |
2020-11-06 | CVE-2020-26883 | Lightbend | Uncontrolled Recursion vulnerability in Lightbend Play Framework In Play Framework 2.6.0 through 2.8.2, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents. | 7.5 |
2020-11-06 | CVE-2020-26882 | Lightbend | Uncontrolled Recursion vulnerability in Lightbend Play Framework In Play Framework 2.6.0 through 2.8.2, data amplification can occur when an application accepts multipart/form-data JSON input. | 7.5 |
2020-11-06 | CVE-2020-10291 | Kuka | Missing Authentication for Critical Function vulnerability in Kuka Visual Components Network License Server 2.0.8 Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. | 7.5 |
2020-11-06 | CVE-2020-28196 | MIT Fedoraproject Netapp Oracle | Uncontrolled Recursion vulnerability in multiple products MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before 1.18.3 allows unbounded recursion via an ASN.1-encoded Kerberos message because the lib/krb5/asn.1/asn1_encode.c support for BER indefinite lengths lacks a recursion limit. | 7.5 |
2020-11-06 | CVE-2020-26521 | Linuxfoundation Fedoraproject | NULL Pointer Dereference vulnerability in multiple products The JWT library in NATS nats-server before 2.1.9 allows a denial of service (a nil dereference in Go code). | 7.5 |
2020-11-06 | CVE-2020-5649 | Mitsubishielectric | Unspecified vulnerability in Mitsubishielectric Coreos 05.65.00.Bd Resource management error vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS version "05.65.00.BD" and earlier, and GT1450HS-QMBDE CoreOS version "05.65.00.BD" and earlier) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet. | 7.5 |
2020-11-06 | CVE-2020-5646 | Mitsubishielectric | NULL Pointer Dereference vulnerability in Mitsubishielectric Coreos 05.65.00.Bd NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS version "05.65.00.BD" and earlier, and GT1450HS-QMBDE CoreOS version "05.65.00.BD" and earlier) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet. | 7.5 |
2020-11-06 | CVE-2020-5645 | Mitsubishielectric | Session Fixation vulnerability in Mitsubishielectric Coreos 05.65.00.Bd Session fixation vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 series (GT1455-QTBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QMBDE CoreOS version "05.65.00.BD" and earlier, GT1450-QLBDE CoreOS version "05.65.00.BD" and earlier, GT1455HS-QTBDE CoreOS version "05.65.00.BD" and earlier, and GT1450HS-QMBDE CoreOS version "05.65.00.BD" and earlier) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet. | 7.5 |
2020-11-05 | CVE-2020-25837 | Microfocus | Unspecified vulnerability in Microfocus Self Service Password Reset Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. | 7.5 |
2020-11-05 | CVE-2020-5946 | F5 | Unspecified vulnerability in F5 Big-Ip Fraud Protection Service In BIG-IP Advanced WAF and FPS versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, under some circumstances, certain format client-side alerts sent to the BIG-IP virtual server configured with DataSafe may cause the Traffic Management Microkernel (TMM) to restart, resulting in a Denial-of-Service (DoS). | 7.5 |
2020-11-05 | CVE-2020-5942 | F5 | Unspecified vulnerability in F5 Big-Ip Policy Enforcement Manager In BIG-IP PEM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when processing Capabilities-Exchange-Answer (CEA) packets with certain attributes from the Policy and Charging Rules Function (PCRF) server, the Traffic Management Microkernel (TMM) may generate a core file and restart. | 7.5 |
2020-11-05 | CVE-2020-5941 | F5 | Unspecified vulnerability in F5 products On BIG-IP versions 16.0.0-16.0.0.1 and 15.1.0-15.1.0.5, using the RESOLV::lookup command within an iRule may cause the Traffic Management Microkernel (TMM) to generate a core file and restart. | 7.5 |
2020-11-05 | CVE-2020-5939 | F5 | Unspecified vulnerability in F5 products In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and 13.1.0-13.1.3.4, BIG-IP Virtual Edition (VE) systems on VMware, with an Intel-based 85299 Network Interface Controller (NIC) card and Single Root I/O Virtualization (SR-IOV) enabled on vSphere, may fail and leave the Traffic Management Microkernel (TMM) in a state where it cannot transmit traffic. | 7.5 |
2020-11-05 | CVE-2020-27688 | Robware | Insufficiently Protected Credentials vulnerability in Robware Rvtools 4.0.6 RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. | 7.5 |
2020-11-05 | CVE-2020-15949 | Immuta | Improper Authentication vulnerability in Immuta 2.8.2 Immuta v2.8.2 is affected by one instance of insecure permissions that can lead to user account takeover. | 7.5 |
2020-11-04 | CVE-2020-25201 | Hashicorp | Unspecified vulnerability in Hashicorp Consul HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a namespace replication bug which can be triggered to cause denial of service via infinite Raft writes. | 7.5 |
2020-11-04 | CVE-2020-8037 | Tcpdump Debian Fedoraproject Apple | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The ppp decapsulator in tcpdump 4.9.3 can be convinced to allocate a large amount of memory. | 7.5 |
2020-11-04 | CVE-2020-8036 | Tcpdump | Out-of-bounds Read vulnerability in Tcpdump 4.10.0 The tok2strbuf() function in tcpdump 4.10.0-PRE-GIT was used by the SOME/IP dissector in an unsafe way. | 7.5 |
2020-11-02 | CVE-2020-9861 | Apple | Uncontrolled Recursion vulnerability in Apple Swift A stack overflow issue existed in Swift for Linux. | 7.5 |
2020-11-02 | CVE-2020-9368 | Oleacorner | Path Traversal vulnerability in Oleacorner Olea Gift on Order 5.0.8 The Module Olea Gift On Order module through 5.0.8 for PrestaShop enables an unauthenticated user to read arbitrary files on the server via getfile.php?file=/.. | 7.5 |
2020-11-02 | CVE-2020-8183 | Nextcloud | Insufficiently Protected Credentials vulnerability in Nextcloud Server A logic error in Nextcloud Server 19.0.0 caused a plaintext storage of the share password when it was given on the initial create API call. | 7.5 |
2020-11-02 | CVE-2020-5658 | Mitsubishielectric | Unspecified vulnerability in Mitsubishielectric products Resource Management Errors vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet. | 7.5 |
2020-11-02 | CVE-2020-5655 | Mitsubishielectric | NULL Pointer Dereference vulnerability in Mitsubishielectric products NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet. | 7.5 |
2020-11-02 | CVE-2020-5654 | Mitsubishielectric | Session Fixation vulnerability in Mitsubishielectric products Session fixation vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows a remote unauthenticated attacker to stop the network functions of the products via a specially crafted packet. | 7.5 |
2020-11-02 | CVE-2020-5652 | Mitsubishielectric | Resource Exhaustion vulnerability in Mitsubishielectric products Uncontrolled resource consumption vulnerability in Ethernet Port on MELSEC iQ-R, Q and L series CPU modules (R 00/01/02 CPU firmware versions '20' and earlier, R 04/08/16/32/120 (EN) CPU firmware versions '52' and earlier, R 08/16/32/120 SFCPU firmware versions '22' and earlier, R 08/16/32/120 PCPU all versions, R 08/16/32/120 PSFCPU all versions, R 16/32/64 MTCPU all versions, Q03 UDECPU, Q 04/06/10/13/20/26/50/100 UDEHCPU serial number '22081' and earlier , Q 03/04/06/13/26 UDVCPU serial number '22031' and earlier, Q 04/06/13/26 UDPVCPU serial number '22031' and earlier, Q 172/173 DCPU all versions, Q 172/173 DSCPU all versions, Q 170 MCPU all versions, Q 170 MSCPU all versions, L 02/06/26 CPU (-P) and L 26 CPU - (P) BT all versions) allows a remote unauthenticated attacker to stop the Ethernet communication functions of the products via a specially crafted packet, which may lead to a denial of service (DoS) condition . | 7.5 |
2020-11-02 | CVE-2020-28043 | Misp | Server-Side Request Forgery (SSRF) vulnerability in Misp MISP through 2.4.133 allows SSRF in the REST client via the use_full_path parameter with an arbitrary URL. | 7.5 |
2020-11-02 | CVE-2020-28033 | Wordpress Fedoraproject Debian | WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed. | 7.5 |
2020-11-02 | CVE-2020-28030 | Wireshark Debian Fedoraproject | Infinite Loop vulnerability in multiple products In Wireshark 3.2.0 to 3.2.7, the GQUIC dissector could crash. | 7.5 |
2020-11-02 | CVE-2020-10937 | Protocol | Unspecified vulnerability in Protocol Ipfs 0.4.23 An issue was discovered in IPFS (aka go-ipfs) 0.4.23. | 7.5 |
2020-11-02 | CVE-2018-19952 | Qnap | SQL Injection vulnerability in Qnap Music Station If exploited, this SQL injection vulnerability could allow remote attackers to obtain application information. | 7.5 |
2020-11-02 | CVE-2020-3704 | Qualcomm | Improper Locking vulnerability in Qualcomm products u'While processing invalid connection request PDU which is nonstandard (interval or timeout is 0) from central device may lead peripheral system enter into dead lock state.(This CVE is equivalent to InvalidConnectionRequest(CVE-2019-19193) mentioned in sweyntooth paper)' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8009, APQ8017, APQ8053, AR9344, Bitra, IPQ5018, Kamorta, MDM9607, MDM9640, MDM9650, MSM8996AU, Nicobar, QCA6174A, QCA6390, QCA6574AU, QCA9377, QCA9886, QCM6125, QCN7605, QCS404, QCS405, QCS605, QCS610, QRB5165, Rennell, SA415M, SA515M, Saipan, SC7180, SC8180X, SDA845, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 | 7.5 |
2020-11-02 | CVE-2020-11157 | Qualcomm | Unspecified vulnerability in Qualcomm products u'Lack of handling unexpected control messages while encryption was in progress can terminate the connection and thus leading to a DoS' in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8076, MDM9640, MDM9650, MSM8905, MSM8917, MSM8937, MSM8940, MSM8953, QCA6174A, QCA9886, QCM2150, QM215, SDM429, SDM439, SDM450, SDM632 | 7.5 |
2020-11-06 | CVE-2020-3556 | Cisco | Unspecified vulnerability in Cisco Anyconnect Secure Mobility Client 4.9(3052)/98.145(86) A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client Software could allow an authenticated, local attacker to cause a targeted AnyConnect user to execute a malicious script. | 7.3 |
2020-11-04 | CVE-2020-7129 | Arubanetworks | Unspecified vulnerability in Arubanetworks Airwave Glass 1.2.1/1.3.0/1.3.1 A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2. | 7.2 |
2020-11-06 | CVE-2017-18926 | Librdf Debian Fedoraproject | Out-of-bounds Write vulnerability in multiple products raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml). | 7.1 |
2020-11-02 | CVE-2020-11173 | Qualcomm | Use After Free vulnerability in Qualcomm products u'Two threads running simultaneously from user space can lead to race condition in fastRPC driver' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in Agatti, APQ8053, Bitra, IPQ4019, IPQ5018, IPQ6018, IPQ8064, IPQ8074, Kamorta, MDM9607, MSM8953, Nicobar, QCA6390, QCS404, QCS405, QCS610, Rennell, SA515M, SA6155P, SA8155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM632, SDM660, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130 | 7.0 |
105 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-11-05 | CVE-2020-7207 | HP | Unspecified vulnerability in HP products A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). | 6.8 |
2020-11-05 | CVE-2020-4097 | Hcltech | Classic Buffer Overflow vulnerability in Hcltech Notes In HCL Notes version 9 previous to release 9.0.1 FixPack 10 Interim Fix 8, version 10 previous to release 10.0.1 FixPack 6 and version 11 previous to 11.0.1 FixPack 1, a vulnerability in the input parameter handling of the Notes Client could potentially be exploited by an attacker resulting in a buffer overflow. | 6.8 |
2020-11-02 | CVE-2020-8236 | Nextcloud | Improper Authentication vulnerability in Nextcloud Server A wrong configuration in Nextcloud Server 19.0.1 incorrectly made the user feel the passwordless WebAuthn is also a two factor verification by asking for the PIN of the passwordless WebAuthn but not verifying it. | 6.8 |
2020-11-02 | CVE-2020-28044 | PAX | Incorrect Default Permissions vulnerability in PAX Prolinos 2.4.161.8859R An attacker with physical access to a PAX Point Of Sale device with ProlinOS through 2.4.161.8859R can boot it in management mode, enable the XCB service, and then list, read, create, and overwrite files with MAINAPP permissions. | 6.8 |
2020-11-06 | CVE-2020-27129 | Cisco | Argument Injection or Modification vulnerability in Cisco Sd-Wan Vmanage A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. | 6.7 |
2020-11-06 | CVE-2020-27122 | Cisco | Improper Privilege Management vulnerability in Cisco Identity Services Engine A vulnerability in the Microsoft Active Directory integration of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to elevate privileges on an affected device. | 6.7 |
2020-11-06 | CVE-2020-3592 | Cisco | Incorrect Authorization vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization and modify the configuration of an affected system. | 6.5 |
2020-11-06 | CVE-2020-27128 | Cisco | Path Traversal vulnerability in Cisco Sd-Wan A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to write arbitrary files to an affected system. | 6.5 |
2020-11-06 | CVE-2020-27121 | Cisco | Improper Handling of Exceptional Conditions vulnerability in Cisco Unified Communications Manager IM and Presence Service 12.5(1) A vulnerability in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) Software could allow an authenticated, remote attacker to cause the Cisco XCP Authentication Service on an affected device to restart, resulting in a denial of service (DoS) condition. | 6.5 |
2020-11-06 | CVE-2020-26084 | Cisco | Exposure of Resource to Wrong Sphere vulnerability in Cisco Edge FOG Fabric A vulnerability in the REST API of Cisco Edge Fog Fabric could allow an authenticated, remote attacker to access files outside of their authorization sphere on an affected device. | 6.5 |
2020-11-06 | CVE-2020-4482 | IBM | Unspecified vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow an authenticated user to bypass security. | 6.5 |
2020-11-06 | CVE-2020-27617 | Qemu Debian | Reachable Assertion vulnerability in multiple products eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. | 6.5 |
2020-11-06 | CVE-2020-27616 | Qemu | Incorrect Calculation vulnerability in Qemu 4.2.1 ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a calculation. | 6.5 |
2020-11-06 | CVE-2020-28242 | Asterisk Sangoma Fedoraproject Debian | Uncontrolled Recursion vulnerability in multiple products An issue was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1 and Certified Asterisk before 16.8-cert5. | 6.5 |
2020-11-06 | CVE-2020-28241 | Maxmind Debian Fedoraproject | Out-of-bounds Read vulnerability in multiple products libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list in maxminddb.c. | 6.5 |
2020-11-06 | CVE-2020-5643 | Cybozu | Improper Input Validation vulnerability in Cybozu Garoon 5.0.0/5.0.1/5.0.2 Improper input validation vulnerability in Cybozu Garoon 5.0.0 to 5.0.2 allows a remote authenticated attacker to delete some data of the bulletin board via unspecified vector. | 6.5 |
2020-11-05 | CVE-2020-25662 | Redhat | Unspecified vulnerability in Redhat Enterprise Linux 8.3 A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. | 6.5 |
2020-11-05 | CVE-2020-5943 | F5 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in F5 products In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed through the REST interface, the protected fields are obfuscated in the REST response, not protected via a SecureVault cryptogram as TMSH does. | 6.5 |
2020-11-04 | CVE-2020-22273 | Creativeitem | Cross-Site Request Forgery (CSRF) vulnerability in Creativeitem Neoflex Video Subscription System 2.0 Neoflex Video Subscription System Version 2.0 is affected by CSRF which allows the Website's Settings to be changed (such as Payment Settings) | 6.5 |
2020-11-04 | CVE-2020-2319 | Jenkins | Insufficiently Protected Credentials vulnerability in Jenkins VMWare LAB Manager Slaves Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier stores a password unencrypted in the global config.xml file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 6.5 |
2020-11-04 | CVE-2020-2318 | Jenkins | Insufficiently Protected Credentials vulnerability in Jenkins Mail Commander 1.0.0 Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier stores passwords unencrypted in job config.xml files on the Jenkins controller where they can be viewed by users with Extended Read permission, or access to the Jenkins controller file system. | 6.5 |
2020-11-04 | CVE-2020-2315 | Jenkins | Unspecified vulnerability in Jenkins Visualworks Store Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 6.5 |
2020-11-04 | CVE-2020-2312 | Jenkins | Unspecified vulnerability in Jenkins Sqlplus Script Runner Jenkins SQLPlus Script Runner Plugin 2.0.12 and earlier does not mask a password provided as command line argument in build logs. | 6.5 |
2020-11-04 | CVE-2020-2305 | Jenkins | Unspecified vulnerability in Jenkins Mercurial Jenkins Mercurial Plugin 2.11 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 6.5 |
2020-11-04 | CVE-2020-2304 | Jenkins | Unspecified vulnerability in Jenkins Subversion Jenkins Subversion Plugin 2.13.1 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 6.5 |
2020-11-03 | CVE-2020-6557 | Google Debian Fedoraproject Opensuse | Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page. | 6.5 |
2020-11-03 | CVE-2020-15999 | Google Freetype Debian Fedoraproject Opensuse | Out-of-bounds Write vulnerability in multiple products Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
2020-11-03 | CVE-2020-15986 | Google Fedoraproject Opensuse Debian | Use After Free vulnerability in multiple products Integer overflow in media in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
2020-11-03 | CVE-2020-15985 | Google Fedoraproject Debian Opensuse | Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page. | 6.5 |
2020-11-03 | CVE-2020-15984 | Google Fedoraproject Opensuse Debian | Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 86.0.4240.75 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted URL. | 6.5 |
2020-11-03 | CVE-2020-15982 | Google Fedoraproject Debian Opensuse | Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
2020-11-03 | CVE-2020-15981 | Google Fedoraproject Opensuse Debian | Out-of-bounds Read vulnerability in multiple products Out of bounds read in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | 6.5 |
2020-11-03 | CVE-2020-15977 | Google Debian Fedoraproject Opensuse | Improper Input Validation vulnerability in multiple products Insufficient data validation in dialogs in Google Chrome on OS X prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from disk via a crafted HTML page. | 6.5 |
2020-11-03 | CVE-2020-15973 | Google Fedoraproject Opensuse Debian | Insufficient policy enforcement in extensions in Google Chrome prior to 86.0.4240.75 allowed an attacker who convinced a user to install a malicious extension to bypass same origin policy via a crafted Chrome Extension. | 6.5 |
2020-11-02 | CVE-2020-6014 | Checkpoint | Untrusted Search Path vulnerability in Checkpoint Endpoint Security E80.96/E81.30 Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed, before version E83.20, tries to load a non-existent DLL during a query for the Domain Name. | 6.5 |
2020-11-02 | CVE-2020-5657 | Mitsubishielectric | Argument Injection or Modification vulnerability in Mitsubishielectric products Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 High Speed Data Logger Module First 2 digits of serial number are '08' or before, RD81MES96N MES Interface Module First 2 digits of serial number are '04' or before, and RD81OPC96 OPC UA Server Module First 2 digits of serial number are '04' or before) allows unauthenticated attackers on adjacent network to stop the network functions of the products via a specially crafted packet. | 6.5 |
2020-11-02 | CVE-2020-28041 | Netgear | Incorrect Default Permissions vulnerability in Netgear Nighthawk R7000 Firmware 1.0.9.6410.2.64 The SIP ALG implementation on NETGEAR Nighthawk R7000 1.0.9.64_10.2.64 devices allows remote attackers to communicate with arbitrary TCP and UDP services on a victim's intranet machine, if the victim visits an attacker-controlled web site with a modern browser, aka NAT Slipstreaming. | 6.5 |
2020-11-02 | CVE-2020-25689 | Redhat Netapp | A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able to connect to domain-controller. | 6.5 |
2020-11-06 | CVE-2020-3590 | Cisco | Cross-site Scripting vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. | 6.4 |
2020-11-06 | CVE-2020-3587 | Cisco | Cross-site Scripting vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user. | 6.4 |
2020-11-04 | CVE-2020-28049 | Sddm Project Opensuse Debian Fedoraproject | Race Condition vulnerability in multiple products An issue was discovered in SDDM before 0.19.0. | 6.3 |
2020-11-03 | CVE-2020-15988 | Google Fedoraproject Debian Opensuse | Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 86.0.4240.75 allowed a remote attacker who convinced the user to open files to execute arbitrary code via a crafted HTML page. | 6.3 |
2020-11-06 | CVE-2020-5795 | TP Link | Link Following vulnerability in Tp-Link Archer A7 Firmware 200721 UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows an authenticated admin user, with physical access and network access, to execute arbitrary code after plugging a crafted USB drive into the router. | 6.2 |
2020-11-06 | CVE-2020-3579 | Cisco | Cross-site Scripting vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 6.1 |
2020-11-06 | CVE-2020-3551 | Cisco | Cross-site Scripting vulnerability in Cisco Identity Services Engine 2.6/2.7 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. | 6.1 |
2020-11-06 | CVE-2020-28249 | Joplin Project | Cross-site Scripting vulnerability in Joplin Project Joplin 1.2.6 Joplin 1.2.6 for Desktop allows XSS via a LINK element in a note. | 6.1 |
2020-11-05 | CVE-2020-26505 | Marmind | Cross-site Scripting vulnerability in Marmind 4.1.141.0 A Stored Cross-Site Scripting (XSS) vulnerability in the “Marmind” web application with version 4.1.141.0 allows an attacker to inject code that will later be executed by legitimate users when they open the assets containing the JavaScript code. | 6.1 |
2020-11-05 | CVE-2020-14240 | Hcltech | Cross-site Scripting vulnerability in Hcltech Notes HCL Notes versions previous to releases 9.0.1 FP10 IF8, 10.0.1 FP6 and 11.0.1 FP1 is susceptible to a Stored Cross-site Scripting (XSS) vulnerability. | 6.1 |
2020-11-05 | CVE-2020-14222 | Hcltech | Cross-site Scripting vulnerability in Hcltech HCL Digital Experience 8.5/9.0/9.5 HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross site scripting (XSS). | 6.1 |
2020-11-05 | CVE-2020-15951 | Immuta | Cross-site Scripting vulnerability in Immuta 2.8.2 Immuta v2.8.2 accepts user-supplied project names without properly sanitizing the input, allowing attackers to inject arbitrary HTML content that is rendered as part of the application. | 6.1 |
2020-11-04 | CVE-2020-27691 | Imomobile | Cross-site Scripting vulnerability in Imomobile Verve Connect Vh510 Firmware The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 allows XSS via URLBlocking Settings, SNMP Settings, and System Log Settings. | 6.1 |
2020-11-02 | CVE-2020-28038 | Wordpress Fedoraproject Debian | Cross-site Scripting vulnerability in multiple products WordPress before 5.5.2 allows stored XSS via post slugs. | 6.1 |
2020-11-02 | CVE-2020-28034 | Wordpress Fedoraproject Debian | Cross-site Scripting vulnerability in multiple products WordPress before 5.5.2 allows XSS associated with global variables. | 6.1 |
2020-11-02 | CVE-2020-27982 | Icewarp | Cross-site Scripting vulnerability in Icewarp Mail Server 11.4.5 IceWarp 11.4.5.0 allows XSS via the language parameter. | 6.1 |
2020-11-02 | CVE-2018-19956 | Qnap | Cross-site Scripting vulnerability in Qnap Photo Station The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. | 6.1 |
2020-11-02 | CVE-2018-19955 | Qnap | Cross-site Scripting vulnerability in Qnap Photo Station The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. | 6.1 |
2020-11-02 | CVE-2018-19954 | Qnap | Cross-site Scripting vulnerability in Qnap Photo Station The cross-site scripting vulnerability has been reported to affect earlier versions of Photo Station. | 6.1 |
2020-11-02 | CVE-2018-19951 | Qnap | Cross-site Scripting vulnerability in Qnap Music Station If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. | 6.1 |
2020-11-06 | CVE-2020-28168 | Axios Siemens | Server-Side Request Forgery (SSRF) vulnerability in multiple products Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF) vulnerability where an attacker is able to bypass a proxy by providing a URL that responds with a redirect to a restricted host or IP address. | 5.9 |
2020-11-06 | CVE-2020-8577 | Netapp | Unspecified vulnerability in Netapp E-Series Santricity OS Controller SANtricity OS Controller Software versions 11.50.1 and higher are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmission within an https session. | 5.9 |
2020-11-06 | CVE-2020-27123 | Cisco | Unspecified vulnerability in Cisco Anyconnect Secure Mobility Client A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to read arbitrary files on the underlying operating system of an affected device. | 5.5 |
2020-11-06 | CVE-2020-27152 | Linux | Infinite Loop vulnerability in Linux Kernel An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. | 5.5 |
2020-11-06 | CVE-2020-17490 | Saltstack Debian | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions. | 5.5 |
2020-11-06 | CVE-2020-5667 | Wantedlyinc | Use of Hard-coded Credentials vulnerability in Wantedlyinc Studyplus 6.3.7/8.29.0 Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS v8.29.0 and earlier use a hard-coded API key for an external service. | 5.5 |
2020-11-05 | CVE-2020-6015 | Checkpoint | Unspecified vulnerability in Checkpoint Endpoint Security E84.10 Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations. | 5.5 |
2020-11-04 | CVE-2020-27690 | Imomobile | Classic Buffer Overflow vulnerability in Imomobile Verve Connect Vh510 Firmware The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains a buffer overflow within its web management portal. | 5.5 |
2020-11-04 | CVE-2020-2314 | Jenkins | Insufficiently Protected Credentials vulnerability in Jenkins Appspider Jenkins AppSpider Plugin 1.0.12 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system. | 5.5 |
2020-11-03 | CVE-2020-15989 | Google Fedoraproject Opensuse Debian | Use of Uninitialized Resource vulnerability in multiple products Uninitialized data in PDFium in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted PDF file. | 5.5 |
2020-11-05 | CVE-2020-5940 | F5 | Cross-site Scripting vulnerability in F5 products In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.3, a stored cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Traffic Management User Interface (TMUI), also known as the BIG-IP Configuration utility. | 5.4 |
2020-11-05 | CVE-2020-28047 | WEB Audimex | Cross-site Scripting vulnerability in Web-Audimex Audimexee 14.1.0 AudimexEE before 14.1.1 is vulnerable to Reflected XSS (Cross-Site-Scripting). | 5.4 |
2020-11-04 | CVE-2019-7356 | Intelliants | Cross-site Scripting vulnerability in Intelliants Subrion 4.2.1 Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter. | 5.4 |
2020-11-04 | CVE-2020-2317 | Jenkins | Cross-site Scripting vulnerability in Jenkins Findbugs Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to provide report files to Jenkins FindBugs Plugin's post build step. | 5.4 |
2020-11-04 | CVE-2020-2316 | Jenkins | Cross-site Scripting vulnerability in Jenkins Static Analysis Utilities Jenkins Static Analysis Utilities Plugin 1.96 and earlier does not escape the annotation message in tooltips, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission. | 5.4 |
2020-11-03 | CVE-2020-4785 | IBM | Improper Restriction of Rendered UI Layers or Frames vulnerability in IBM APP Connect Enterprise Certified Container IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote attacker to hijack the clicking action of the victim. | 5.4 |
2020-11-02 | CVE-2020-23989 | Nedi | Cross-site Scripting vulnerability in Nedi 1.9C NeDi 1.9C allows pwsec.php oid XSS. | 5.4 |
2020-11-02 | CVE-2020-23868 | Nedi | Cross-site Scripting vulnerability in Nedi 1.9C NeDi 1.9C allows inc/rt-popup.php d XSS. | 5.4 |
2020-11-02 | CVE-2020-27359 | Evms | Cross-site Scripting vulnerability in Evms Redcap A cross-site scripting (XSS) issue in REDCap 8.11.6 through 9.x before 10 allows attackers to inject arbitrary JavaScript or HTML in the Messenger feature. | 5.4 |
2020-11-02 | CVE-2020-15914 | EA | Cross-site Scripting vulnerability in EA Origin Client 10.5.86 A cross-site scripting (XSS) vulnerability exists in the Origin Client for Mac and PC 10.5.86 or earlier that could allow a remote attacker to execute arbitrary Javascript in a target user’s Origin client. | 5.4 |
2020-11-06 | CVE-2020-28327 | Digium Sangoma | Improper Resource Shutdown or Release vulnerability in multiple products A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. | 5.3 |
2020-11-05 | CVE-2020-8267 | UI | Improper Authentication vulnerability in UI Unifi Protect Firmware A security issue was found in UniFi Protect controller v1.14.10 and earlier.The authentication in the UniFi Protect controller API was using “x-token” improperly, allowing attackers to use the API to send authenticated messages without a valid token.This vulnerability was fixed in UniFi Protect v1.14.11 and newer.This issue does not impact UniFi Cloud Key Gen 2 plus.This issue does not impact UDM-Pro customers with UniFi Protect stopped.Affected Products:UDM-Pro firmware 1.7.2 and earlier.UNVR firmware 1.3.12 and earlier.Mitigation:Update UniFi Protect to v1.14.11 or newer version; the UniFi Protect controller can be updated through your UniFi OS settings.Alternatively, you can update UNVR and UDM-Pro to:- UNVR firmware to 1.3.15 or newer.- UDM-Pro firmware to 1.8.0 or newer. | 5.3 |
2020-11-02 | CVE-2020-26939 | Bouncycastle | Information Exposure Through Discrepancy vulnerability in Bouncycastle products In Legion of the Bouncy Castle BC before 1.61 and BC-FJA before 1.0.1.2, attackers can obtain sensitive information about a private exponent because of Observable Differences in Behavior to Error Inputs. | 5.3 |
2020-11-02 | CVE-2020-28042 | Servicestack | Improper Verification of Cryptographic Signature vulnerability in Servicestack ServiceStack before 5.9.2 mishandles JWT signature verification unless an application has a custom ValidateToken function that establishes a valid minimum length for a signature. | 5.3 |
2020-11-02 | CVE-2020-28002 | Sonarsource | Improper Authentication vulnerability in Sonarsource Sonarqube 8.4.2.36762 In SonarQube 8.4.2.36762, an external attacker can achieve authentication bypass through SonarScanner. | 5.3 |
2020-11-06 | CVE-2020-26083 | Cisco | Cross-site Scripting vulnerability in Cisco Identity Services Engine A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. | 4.8 |
2020-11-03 | CVE-2020-1908 | Files or Directories Accessible to External Parties vulnerability in Whatsapp and Whatsapp Business Improper authorization of the Screen Lock feature in WhatsApp and WhatsApp Business for iOS prior to v2.20.100 could have permitted use of Siri to interact with the WhatsApp application even after the phone was locked. | 4.6 | |
2020-11-05 | CVE-2020-24431 | Adobe | Unspecified vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) for macOS are affected by a security feature bypass that could result in dynamic library code injection by the Adobe Reader process. | 4.4 |
2020-11-06 | CVE-2020-3591 | Cisco | Cross-site Scripting vulnerability in Cisco Catalyst Sd-Wan Manager and Sd-Wan Vmanage A vulnerability in the web-based management interface of the Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. | 4.3 |
2020-11-06 | CVE-2020-26086 | Cisco | Exposure of Resource to Wrong Sphere vulnerability in Cisco Telepresence Collaboration Endpoint A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, remote attacker to gain access to sensitive information on an affected device. | 4.3 |
2020-11-06 | CVE-2020-4484 | IBM | Unspecified vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could disclose sensitive information to an authenticated user that could be used in further attacks against the system. | 4.3 |
2020-11-06 | CVE-2020-4483 | IBM | Information Exposure Through an Error Message vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.3 |
2020-11-05 | CVE-2020-5944 | F5 | Unspecified vulnerability in F5 Big-Iq Centralized Management 7.1.0 In BIG-IQ 7.1.0, accessing the DoS Summary events and DNS Overview pages in the BIG-IQ system interface returns an error message due to disabled Grafana reverse proxy in web service configuration. | 4.3 |
2020-11-05 | CVE-2020-26506 | Marmind | Incorrect Authorization vulnerability in Marmind 4.1.141.0 An Authorization Bypass vulnerability in the Marmind web application with version 4.1.141.0 allows users with lower privileges to gain control to files uploaded by administrative users. | 4.3 |
2020-11-04 | CVE-2020-2313 | Jenkins | Unspecified vulnerability in Jenkins Azure KEY Vault A missing permission check in Jenkins Azure Key Vault Plugin 2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 4.3 |
2020-11-04 | CVE-2020-2311 | Jenkins | Unspecified vulnerability in Jenkins AWS Global Configuration A missing permission check in Jenkins AWS Global Configuration Plugin 1.5 and earlier allows attackers with Overall/Read permission to replace the global AWS configuration. | 4.3 |
2020-11-04 | CVE-2020-2310 | Jenkins | Unspecified vulnerability in Jenkins Ansible Missing permission checks in Jenkins Ansible Plugin 1.0 and earlier allow attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 4.3 |
2020-11-04 | CVE-2020-2309 | Jenkins | Unspecified vulnerability in Jenkins Kubernetes A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | 4.3 |
2020-11-04 | CVE-2020-2308 | Jenkins | Unspecified vulnerability in Jenkins Kubernetes A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names. | 4.3 |
2020-11-04 | CVE-2020-2307 | Jenkins | Unspecified vulnerability in Jenkins Kubernetes Jenkins Kubernetes Plugin 1.27.3 and earlier allows low-privilege users to access possibly sensitive Jenkins controller environment variables. | 4.3 |
2020-11-04 | CVE-2020-2306 | Jenkins | Unspecified vulnerability in Jenkins Mercurial A missing permission check in Jenkins Mercurial Plugin 2.11 and earlier allows attackers with Overall/Read permission to obtain a list of names of configured Mercurial installations. | 4.3 |
2020-11-04 | CVE-2020-2303 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Active Directory A cross-site request forgery (CSRF) vulnerability in Jenkins Active Directory Plugin 2.19 and earlier allows attackers to perform connection tests, connecting to attacker-specified or previously configured Active Directory servers using attacker-specified credentials. | 4.3 |
2020-11-04 | CVE-2020-2302 | Jenkins | Missing Authorization vulnerability in Jenkins Active Directory A missing permission check in Jenkins Active Directory Plugin 2.19 and earlier allows attackers with Overall/Read permission to access the domain health check diagnostic page. | 4.3 |
2020-11-03 | CVE-2020-4649 | IBM | Information Exposure vulnerability in IBM Planning Analytics Local IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace 57 could expose data to non-privleged users by not invalidating TM1Web user sessions. | 4.3 |
2020-11-02 | CVE-2020-28040 | Wordpress Debian Canonical | Cross-Site Request Forgery (CSRF) vulnerability in multiple products WordPress before 5.5.2 allows CSRF attacks that change a theme's background image. | 4.3 |
2020-11-02 | CVE-2020-28031 | Eramba | Injection vulnerability in Eramba 2.8.1 eramba through c2.8.1 allows HTTP Host header injection with (for example) resultant wkhtml2pdf PDF printing by authenticated users. | 4.3 |
2020-11-02 | CVE-2020-27358 | Vanderbilt | Incorrect Default Permissions vulnerability in Vanderbilt Redcap An issue was discovered in REDCap 8.11.6 through 9.x before 10. | 4.3 |
9 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-11-03 | CVE-2019-4349 | IBM | Information Exposure vulnerability in IBM Maximo Anywhere IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 applications can be installed on a deprecated operating system version that could compromised the confidentiality and integrity of the service. | 3.5 |
2020-11-07 | CVE-2020-16121 | Packagekit Project Canonical | Information Exposure Through an Error Message vulnerability in multiple products PackageKit provided detailed error messages to unprivileged callers that exposed information about file presence and mimetype of files that the user would be unable to determine on its own. | 3.3 |
2020-11-05 | CVE-2020-24438 | Adobe | Unspecified vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a use-after-free vulnerability that could result in a memory address leak. | 3.3 |
2020-11-05 | CVE-2020-24434 | Adobe | Unspecified vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 3.3 |
2020-11-05 | CVE-2020-24427 | Adobe | Unspecified vulnerability in Adobe products Acrobat Reader versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an input validation vulnerability when decoding a crafted codec that could result in the disclosure of sensitive memory. | 3.3 |
2020-11-05 | CVE-2020-24426 | Adobe | Unspecified vulnerability in Adobe products Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. | 3.3 |
2020-11-05 | CVE-2020-24439 | Adobe | Unspecified vulnerability in Adobe products Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a security feature bypass. | 2.8 |
2020-11-05 | CVE-2018-1725 | IBM | Unspecified vulnerability in IBM Qradar Security Information and Event Manager IBM QRadar SIEM 7.3 and 7.4 n a multi tenant configuration could be vulnerable to information disclosure. | 2.3 |
2020-11-02 | CVE-2020-8173 | Nextcloud | Missing Encryption of Sensitive Data vulnerability in Nextcloud Server A too small set of random characters being used for encryption in Nextcloud Server 18.0.4 allowed decryption in shorter time than intended. | 2.2 |