Weekly Vulnerabilities Reports > November 16 to 22, 2020
Overview
291 new vulnerabilities reported during this period, including 41 critical vulnerabilities and 127 high severity vulnerabilities. This weekly summary report vulnerabilities in 286 products from 121 vendors including Schneider Electric, Cisco, IBM, Fedoraproject, and Jetbrains. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Unrestricted Upload of File with Dangerous Type", "Improper Input Validation", and "Out-of-bounds Write".
- 229 reported vulnerabilities are remotely exploitables.
- 20 reported vulnerabilities have public exploit available.
- 89 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 172 reported vulnerabilities are exploitable by an anonymous user.
- Schneider Electric has the most reported vulnerabilities, with 30 reported vulnerabilities.
- Cisco has the most reported critical vulnerabilities, with 7 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
41 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-11-16 | CVE-2020-27486 | Garmin | Classic Buffer Overflow vulnerability in Garmin Forerunner 235 Firmware Garmin Forerunner 235 before 8.20 is affected by: Buffer Overflow. | 9.9 |
2020-11-16 | CVE-2020-27485 | Garmin | Improper Validation of Array Index vulnerability in Garmin Forerunner 235 Firmware Garmin Forerunner 235 before 8.20 is affected by: Array index error. | 9.9 |
2020-11-16 | CVE-2020-27484 | Garmin | Integer Overflow or Wraparound vulnerability in Garmin Forerunner 235 Firmware Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. | 9.9 |
2020-11-16 | CVE-2020-27483 | Garmin | Improper Validation of Array Index vulnerability in Garmin Forerunner 235 Firmware Garmin Forerunner 235 before 8.20 is affected by: Array index error. | 9.9 |
2020-11-21 | CVE-2020-25189 | Paradox | Unspecified vulnerability in Paradox Ip150 Firmware 5.02.09 The affected product is vulnerable to three stack-based buffer overflows, which may allow an unauthenticated attacker to remotely execute arbitrary code on the IP150 (firmware versions 5.02.09). | 9.8 |
2020-11-20 | CVE-2020-28877 | TP Link | Classic Buffer Overflow vulnerability in Tp-Link products Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N, WR890N, WR890N, WR882N, and WR708N. | 9.8 |
2020-11-20 | CVE-2020-25839 | Microfocus | SQL Injection vulnerability in Microfocus Identity Manager 4.8 NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1 are affected by an injection vulnerability. | 9.8 |
2020-11-19 | CVE-2020-7561 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7 A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T300 (with firmware 2.7 and older) that could cause a wide range of problems, including information exposure, denial of service, and command execution when access to a resource from an attacker is not restricted or incorrectly restricted. | 9.8 |
2020-11-19 | CVE-2020-28212 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Ecostruxure Control Expert A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when a brute force attack is done over Modbus. | 9.8 |
2020-11-19 | CVE-2020-28951 | Openwrt | Use After Free vulnerability in Openwrt libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. | 9.8 |
2020-11-19 | CVE-2020-11831 | Oppo | Incorrect Permission Assignment for Critical Resource vulnerability in Oppo Ovoicemanager 2.0.1 OvoiceManager has system permission to write vulnerability reports for arbitrary files, affected product is com.oppo.ovoicemanager V2.0.1. | 9.8 |
2020-11-19 | CVE-2020-11830 | Oppo | Unspecified vulnerability in Oppo Qualityprotect 2.0 QualityProtect has a vulnerability to execute arbitrary system commands, affected product is com.oppo.qualityprotect V2.0. | 9.8 |
2020-11-19 | CVE-2020-11829 | Oppo | Unspecified vulnerability in Oppo Coloros 2.0.05493E40200722 Dynamic loading of services in the backup and restore SDK leads to elevated privileges, affected product is com.coloros.codebook V2.0.0_5493e40_200722. | 9.8 |
2020-11-19 | CVE-2019-20933 | Influxdata Debian | Improper Authentication vulnerability in multiple products InfluxDB before 1.7.6 has an authentication bypass vulnerability in the authenticate function in services/httpd/handler.go because a JWT token may have an empty SharedSecret (aka shared secret). | 9.8 |
2020-11-18 | CVE-2020-3586 | Cisco | OS Command Injection vulnerability in Cisco DNA Spaces: Connector A vulnerability in the web-based management interface of Cisco DNA Spaces Connector could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. | 9.8 |
2020-11-18 | CVE-2020-3531 | Cisco | Missing Authentication for Critical Function vulnerability in Cisco IOT Field Network Director A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to access the back-end database of an affected system. | 9.8 |
2020-11-18 | CVE-2020-3470 | Cisco | Improper Input Validation vulnerability in Cisco products Multiple vulnerabilities in the API subsystem of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to execute arbitrary code with root privileges. | 9.8 |
2020-11-18 | CVE-2020-28578 | Trendmicro | Out-of-bounds Write vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges. | 9.8 |
2020-11-18 | CVE-2020-26097 | Planet | Use of Hard-coded Credentials vulnerability in Planet Nvr-1615 Firmware and Nvr-915 Firmware The firmware of the PLANET Technology Corp NVR-915 and NVR-1615 before 2020-10-28 embeds default credentials for root access via telnet. | 9.8 |
2020-11-18 | CVE-2020-6016 | Valvesoftware | Out-of-bounds Write vulnerability in Valvesoftware Game Networking Sockets 1.0.0/1.1.0 Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments with negative offsets in function SNP_ReceiveUnreliableSegment(), leading to a Heap-Based Buffer Underflow and a free() of memory not from the heap, resulting in a memory corruption and probably even a remote code execution. | 9.8 |
2020-11-17 | CVE-2020-28183 | Water Billing System Project | SQL Injection vulnerability in Water Billing System Project Water Billing System 1.0 SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the username and password parameters to process.php. | 9.8 |
2020-11-17 | CVE-2020-28130 | Online Library Management System Project | Unrestricted Upload of File with Dangerous Type vulnerability in Online Library Management System Project Online Library Management System 1.0 An Arbitrary File Upload in the Upload Image component in SourceCodester Online Library Management System 1.0 allows the user to conduct remote code execution via admin/borrower/index.php?view=add because .php files can be uploaded to admin/borrower/photos (under the web root). | 9.8 |
2020-11-17 | CVE-2020-26553 | Aviatrix | Unrestricted Upload of File with Dangerous Type vulnerability in Aviatrix Controller 5.3.1516 An issue was discovered in Aviatrix Controller before R6.0.2483. | 9.8 |
2020-11-17 | CVE-2020-28133 | Simple Grocery Store Sales AND Inventory Sales Project | SQL Injection vulnerability in Simple Grocery Store Sales and Inventory Sales Project Simple Grocery Store Sales and Inventory System 1.0 An issue was discovered in SourceCodester Simple Grocery Store Sales And Inventory System 1.0. | 9.8 |
2020-11-17 | CVE-2020-28140 | Online Clothing Store Project | Unrestricted Upload of File with Dangerous Type vulnerability in Online Clothing Store Project Online Clothing Store 1.0 SourceCodester Online Clothing Store 1.0 is affected by an arbitrary file upload via the image upload feature of Products.php. | 9.8 |
2020-11-17 | CVE-2020-28138 | Online Clothing Store Project | SQL Injection vulnerability in Online Clothing Store Project Online Clothing Store 1.0 SourceCodester Online Clothing Store 1.0 is affected by a SQL Injection via the txtUserName parameter to login.php. | 9.8 |
2020-11-17 | CVE-2020-27555 | Basetech | Insecure Default Initialization of Resource vulnerability in Basetech Ge-131 Bt-1837836 Firmware 20180921 Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to execute arbitrary system commands as the root user. | 9.8 |
2020-11-17 | CVE-2020-7774 | Y18N Project Oracle Siemens | The package y18n before 3.2.2, 4.0.1 and 5.0.5, is vulnerable to Prototype Pollution. | 9.8 |
2020-11-17 | CVE-2020-27131 | Cisco | Deserialization of Untrusted Data vulnerability in Cisco Security Manager Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. | 9.8 |
2020-11-17 | CVE-2020-27125 | Cisco | Improper Input Validation vulnerability in Cisco Security Manager A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. | 9.8 |
2020-11-17 | CVE-2020-11851 | Microfocus | Code Injection vulnerability in Microfocus Arcsight Logger 6.61/7.0/7.0.1 Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. | 9.8 |
2020-11-16 | CVE-2020-26510 | Airleader | Insecure Default Initialization of Resource vulnerability in Airleader Master Control Airleader Master <= 6.21 devices have default credentials that can be used to access the exposed Tomcat Manager for deployment of a new .war file, with resultant remote code execution. | 9.8 |
2020-11-16 | CVE-2020-26508 | Canon | Insufficiently Protected Credentials vulnerability in Canon OCE Colorwave 3500 Firmware 5.1.1.0 The WebTools component on Canon Oce ColorWave 3500 5.1.1.0 devices allows attackers to retrieve stored SMB credentials via the export feature, even though these are intentionally inaccessible in the UI. | 9.8 |
2020-11-16 | CVE-2020-27422 | Anuko | Insufficient Session Expiration vulnerability in Anuko Time Tracker In Anuko Time Tracker v1.19.23.5311, the password reset link emailed to the user doesn't expire once used, allowing an attacker to use the same link to takeover the account. | 9.8 |
2020-11-16 | CVE-2020-25952 | User Registration Login AND User Management System Project | SQL Injection vulnerability in User Registration & Login and User Management System Project User Registration & Login and User Management System 2.1 SQL injection vulnerability in PHPGurukul User Registration & Login and User Management System With admin panel 2.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication. | 9.8 |
2020-11-16 | CVE-2020-25207 | Jetbrains | Unspecified vulnerability in Jetbrains Toolbox JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler. | 9.8 |
2020-11-16 | CVE-2020-5664 | Riken | Deserialization of Untrusted Data vulnerability in Riken Xoonips Deserialization of untrusted data vulnerability in XooNIps 3.49 and earlier allows remote attackers to execute arbitrary code via unspecified vectors. | 9.8 |
2020-11-16 | CVE-2020-28642 | Infinitewp | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Infinitewp 2.4.2/2.4.3 In InfiniteWP Admin Panel before 3.1.12.3, resetPasswordSendMail generates a weak password-reset code, which makes it easier for remote attackers to conduct admin Account Takeover attacks. | 9.8 |
2020-11-16 | CVE-2020-8271 | Citrix | Path Traversal vulnerability in Citrix Sd-Wan Unauthenticated remote code execution with root privileges in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8 | 9.8 |
2020-11-18 | CVE-2020-3419 | Cisco | Improper Control of Dynamically-Managed Code Resources vulnerability in Cisco Webex Meetings Server A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to join a Webex session without appearing on the participant list. | 9.1 |
2020-11-17 | CVE-2020-27130 | Cisco | Unspecified vulnerability in Cisco Security Manager A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to gain access to sensitive information. | 9.1 |
127 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-11-21 | CVE-2020-25185 | Paradox | Unspecified vulnerability in Paradox Ip150 Firmware 5.02.09 The affected product is vulnerable to five post-authentication buffer overflows, which may allow a logged in user to remotely execute arbitrary code on the IP150 (firmware versions 5.02.09). | 8.8 |
2020-11-20 | CVE-2020-13671 | Drupal Fedoraproject | Unrestricted Upload of File with Dangerous Type vulnerability in multiple products Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. | 8.8 |
2020-11-19 | CVE-2020-7572 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Webreports 1.9/3.1 A CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary XML code and obtain disclosure of confidential data, denial of service, server side request forgery due to improper configuration of the XML parser. | 8.8 |
2020-11-19 | CVE-2020-7569 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Webreports 1.9/3.1 A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upload arbitrary files due to incorrect verification of user supplied files and achieve remote code execution. | 8.8 |
2020-11-19 | CVE-2020-28213 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Ecostruxure Control Expert A CWE-494: Download of Code Without Integrity Check vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause unauthorized command execution when sending specially crafted requests over Modbus. | 8.8 |
2020-11-19 | CVE-2020-12495 | Endress | Improper Privilege Management vulnerability in Endress products Endress+Hauser Ecograph T (Neutral/Private Label) (RSG35, ORSG35) with Firmware version prior to V2.0.0 is prone to improper privilege management. | 8.8 |
2020-11-18 | CVE-2020-28579 | Trendmicro | Out-of-bounds Write vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges. | 8.8 |
2020-11-18 | CVE-2020-26075 | Cisco | SQL Injection vulnerability in Cisco IOT Field Network Director A vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to gain access to the back-end database of an affected device. | 8.8 |
2020-11-18 | CVE-2020-24297 | TP Link | OS Command Injection vulnerability in Tp-Link Tl-Wpa4220 Firmware 4.0.2 httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remote authenticated users to execute arbitrary OS commands by sending crafted POST requests to the endpoint /admin/powerline. | 8.8 |
2020-11-18 | CVE-2020-7564 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause write access and the execution of commands when uploading a specially crafted file on the controller over FTP. | 8.8 |
2020-11-18 | CVE-2020-7563 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP. | 8.8 |
2020-11-17 | CVE-2020-26548 | Aviatrix | Unspecified vulnerability in Aviatrix Controller 5.3.1516 An issue was discovered in Aviatrix Controller before R5.4.1290. | 8.8 |
2020-11-17 | CVE-2020-28136 | Phpgurukul | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul Tourism Management System 1.0 An Arbitrary File Upload is discovered in SourceCodester Tourism Management System 1.0 allows the user to conduct remote code execution via admin/create-package.php vulnerable page. | 8.8 |
2020-11-17 | CVE-2020-7841 | Tobesoft | Improper Input Validation vulnerability in Tobesoft Xplatform Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto:// | 8.8 |
2020-11-17 | CVE-2020-28688 | Artworks Gallery IN PHP CSS Javascript AND Mysql Project | Unrestricted Upload of File with Dangerous Type vulnerability in Artworks Gallery in PHP, Css, Javascript, and Mysql Project Artworks Gallery in PHP, Css, Javascript, and Mysql 1.0 The add artwork functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files. | 8.8 |
2020-11-17 | CVE-2020-28687 | Artworks Gallery IN PHP CSS Javascript AND Mysql Project | Unrestricted Upload of File with Dangerous Type vulnerability in Artworks Gallery in PHP, Css, Javascript, and Mysql Project Artworks Gallery in PHP, Css, Javascript, and Mysql 1.0 The edit profile functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files. | 8.8 |
2020-11-16 | CVE-2020-28693 | Horizontcms Project | Unrestricted Upload of File with Dangerous Type vulnerability in Horizontcms Project Horizontcms 1.0.0 An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an authenticated remote attacker to upload PHP code through a zip file by uploading a theme, and executing the PHP file via an HTTP GET request to /themes/<php_file_name> | 8.8 |
2020-11-16 | CVE-2020-26217 | Xstream Project Debian Netapp Apache Oracle | XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. | 8.8 |
2020-11-16 | CVE-2020-23489 | Wwbn | Missing Authorization vulnerability in Wwbn Avideo The import.json.php file before 8.9 for Avideo is vulnerable to a File Deletion vulnerability. | 8.8 |
2020-11-16 | CVE-2020-4700 | IBM | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with administrative privileges. | 8.8 |
2020-11-16 | CVE-2020-4655 | IBM | SQL Injection vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to SQL injection. | 8.8 |
2020-11-16 | CVE-2020-4647 | IBM | SQL Injection vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 is vulnerable to SQL injection. | 8.8 |
2020-11-16 | CVE-2020-13769 | Ivanti | SQL Injection vulnerability in Ivanti Endpoint Manager LDMS/alert_log.aspx in Ivanti Endpoint Manager through 2020.1 allows SQL Injection via a /remotecontrolauth/api/device request. | 8.8 |
2020-11-16 | CVE-2020-5659 | Riken | SQL Injection vulnerability in Riken Xoonips SQL injection vulnerability in the XooNIps 3.49 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | 8.8 |
2020-11-16 | CVE-2020-28649 | Orbisius | Cross-Site Request Forgery (CSRF) vulnerability in Orbisius Child Theme Creator The orbisius-child-theme-creator plugin before 1.5.2 for WordPress allows CSRF via orbisius_ctc_theme_editor_manage_file. | 8.8 |
2020-11-16 | CVE-2020-28648 | Nagios | Improper Input Validation vulnerability in Nagios XI Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code. | 8.8 |
2020-11-16 | CVE-2020-8273 | Citrix | OS Command Injection vulnerability in Citrix Sd-Wan Privilege escalation of an authenticated user to root in Citrix SD-WAN center versions before 11.2.2, 11.1.2b and 10.2.8. | 8.8 |
2020-11-16 | CVE-2020-8270 | Citrix | OS Command Injection vulnerability in Citrix Virtual Apps and Desktops 1903/1912/2006 An unprivileged Windows user on the VDA or an SMB user can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285871 and CTX285872, 7.15 LTSR CU6 hotfix CTX285341 and CTX285342 | 8.8 |
2020-11-16 | CVE-2020-8269 | Citrix | Improper Privilege Management vulnerability in Citrix Virtual Apps and Desktops, Xenapp and Xendesktop An unprivileged Windows user on the VDA can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9 | 8.8 |
2020-11-16 | CVE-2020-25695 | Postgresql Debian | A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. | 8.8 |
2020-11-18 | CVE-2020-26072 | Cisco | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the SOAP API of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to access and modify information on devices that belong to a different domain. | 8.7 |
2020-11-20 | CVE-2020-4004 | Vmware | Use After Free vulnerability in VMWare products VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. | 8.2 |
2020-11-19 | CVE-2020-13356 | Gitlab | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.8.9. | 8.2 |
2020-11-19 | CVE-2020-13355 | Gitlab | Path Traversal vulnerability in Gitlab An issue has been discovered in GitLab CE/EE affecting all versions starting from 8.14. | 8.1 |
2020-11-18 | CVE-2020-26226 | Semantic Release Project | Unspecified vulnerability in Semantic-Release Project Semantic-Release In the npm package semantic-release before version 17.2.3, secrets that would normally be masked by `semantic-release` can be accidentally disclosed if they contain characters that become encoded when included in a URL. | 8.1 |
2020-11-18 | CVE-2020-7562 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause a segmentation fault or a buffer overflow when uploading a specially crafted file on the controller over FTP. | 8.1 |
2020-11-17 | CVE-2020-14389 | Redhat | Use of Password Hash With Insufficient Computational Effort vulnerability in Redhat Keycloak It was found that Keycloak before version 12.0.0 would permit a user with only view-profile role to manage the resources in the new account console, allowing access and modification of data the user was not intended to have. | 8.1 |
2020-11-16 | CVE-2020-8897 | Amazon | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Amazon AWS Encryption SDK A weak robustness vulnerability exists in the AWS Encryption SDKs for Java, Python, C and Javalcript prior to versions 2.0.0. | 8.1 |
2020-11-16 | CVE-2020-8259 | Nextcloud | Insufficiently Protected Credentials vulnerability in Nextcloud Server Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the encryption keys. | 8.1 |
2020-11-16 | CVE-2020-25694 | Postgresql Debian | A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. | 8.1 |
2020-11-20 | CVE-2020-4005 | Vmware | Unspecified vulnerability in VMWare Cloud Foundation and Esxi VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. | 7.8 |
2020-11-20 | CVE-2020-28845 | Netskope | Improper Neutralization of Formula Elements in a CSV File vulnerability in Netskope 75.0 A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated user to inject malicious payload in admin's portal thus leads to compromise admin's system. | 7.8 |
2020-11-20 | CVE-2020-20740 | Pdfresurrect Project Debian Fedoraproject | Out-of-bounds Write vulnerability in multiple products PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_version(). | 7.8 |
2020-11-20 | CVE-2020-19667 | Imagemagick Debian | Out-of-bounds Write vulnerability in multiple products Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7. | 7.8 |
2020-11-20 | CVE-2020-4739 | IBM | Untrusted Search Path vulnerability in IBM DB2 IBM DB2 Accessories Suite for Linux, UNIX, and Windows, DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability in Microsoft Windows client. | 7.8 |
2020-11-19 | CVE-2020-7558 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | 7.8 |
2020-11-19 | CVE-2020-7557 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | 7.8 |
2020-11-19 | CVE-2020-7556 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | 7.8 |
2020-11-19 | CVE-2020-7555 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | 7.8 |
2020-11-19 | CVE-2020-7554 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | 7.8 |
2020-11-19 | CVE-2020-7553 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | 7.8 |
2020-11-19 | CVE-2020-7552 | Schneider Electric | Out-of-bounds Write vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | 7.8 |
2020-11-19 | CVE-2020-7551 | Schneider Electric | Out-of-bounds Write vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247, that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | 7.8 |
2020-11-19 | CVE-2020-7550 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Interactive Graphical Scada System A CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in IGSS Definition (Def.exe) version 14.0.0.20247 and prior that could cause Remote Code Execution when malicious CGF (Configuration Group File) file is imported to IGSS Definition. | 7.8 |
2020-11-19 | CVE-2020-7544 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Operator Terminal Expert Runtime 3.1 A CWE-269 Improper Privilege Management vulnerability exists in EcoStruxureª Operator Terminal Expert runtime (Vijeo XD) that could cause privilege escalation on the workstation when interacting directly with a driver installed by the runtime software of EcoStruxureª Operator Terminal Expert. | 7.8 |
2020-11-19 | CVE-2020-28211 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Ecostruxure Control Expert A CWE-863: Incorrect Authorization vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause bypass of authentication when overwriting memory using a debugger. | 7.8 |
2020-11-19 | CVE-2020-25989 | Pritunl | Link Following vulnerability in Pritunl Pritunl-Client-Electron Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2.2550.20. | 7.8 |
2020-11-19 | CVE-2020-28949 | PHP Debian Fedoraproject Drupal | Injection vulnerability in multiple products Archive_Tar through 1.4.10 has :// filename sanitization only to address phar attacks, and thus any other stream-wrapper attack (such as file:// to overwrite files) can still succeed. | 7.8 |
2020-11-19 | CVE-2020-28948 | PHP Debian Fedoraproject Drupal | Deserialization of Untrusted Data vulnerability in multiple products Archive_Tar through 1.4.10 allows an unserialization attack because phar: is blocked but PHAR: is not blocked. | 7.8 |
2020-11-19 | CVE-2020-4701 | IBM | Classic Buffer Overflow vulnerability in IBM DB2 10.5/11.1/11.5 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. | 7.8 |
2020-11-18 | CVE-2020-15301 | Salesagility | Improper Neutralization of Formula Elements in a CSV File vulnerability in Salesagility Suitecrm SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts, Opportunities, and Leads modules. | 7.8 |
2020-11-18 | CVE-2020-28572 | Trendmicro | Unspecified vulnerability in Trendmicro Apex ONE 2019 A vulnerability in Trend Micro Apex One could allow an unprivileged user to abuse the product installer to reinstall the agent with additional malicious code in the context of a higher privilege. | 7.8 |
2020-11-18 | CVE-2020-27697 | Trendmicro | Link Following vulnerability in Trendmicro products Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a non-protected location with high privileges (symlink attack) which can lead to obtaining administrative privileges during the installation of the product. | 7.8 |
2020-11-18 | CVE-2020-27696 | Trendmicro | Unspecified vulnerability in Trendmicro products Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a specific Windows system directory which can lead to obtaining administrative privileges during the installation of the product. | 7.8 |
2020-11-18 | CVE-2020-27695 | Trendmicro | Untrusted Search Path vulnerability in Trendmicro products Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a local directory which can lead to obtaining administrative privileges during the installation of the product. | 7.8 |
2020-11-18 | CVE-2020-3367 | Cisco | OS Command Injection vulnerability in Cisco Asyncos A vulnerability in the log subscription subsystem of Cisco AsyncOS for the Cisco Secure Web Appliance (formerly Web Security Appliance) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. | 7.8 |
2020-11-17 | CVE-2020-13958 | Apache | Unspecified vulnerability in Apache Openoffice A vulnerability in Apache OpenOffice scripting events allows an attacker to construct documents containing hyperlinks pointing to an executable on the target users file system. | 7.8 |
2020-11-17 | CVE-2020-27192 | Binarynights | Missing Authorization vulnerability in Binarynights Forklift BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled which allowed a local attacker to inject code into ForkLift. | 7.8 |
2020-11-17 | CVE-2020-15349 | Binarynights | Missing Authorization vulnerability in Binarynights Forklift BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation vulnerability because the privileged helper tool implements an XPC interface that allows file operations to any process (copy, move, delete) as root and changing permissions. | 7.8 |
2020-11-19 | CVE-2020-13359 | Gitlab | Unspecified vulnerability in Gitlab The Terraform API in GitLab CE/EE 12.10+ exposed the object storage signed URL on the delete operation allowing a malicious project maintainer to overwrite the Terraform state, bypassing audit and other business controls. | 7.6 |
2020-11-21 | CVE-2020-28975 | Scikit Learn | Unspecified vulnerability in Scikit-Learn 0.23.2 svm_predict_values in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service (segmentation fault) via a crafted model SVM (introduced via pickle, json, or any other model permanence standard) with a large value in the _n_support array. | 7.5 |
2020-11-21 | CVE-2020-14258 | Hcltech | Improper Input Validation vulnerability in Hcltech Notes 10.0/11.0/9.0 HCL Notes is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. | 7.5 |
2020-11-21 | CVE-2020-14234 | Hcltech | Improper Input Validation vulnerability in Hcltech Domino 10.0.0/9.0/9.0.1 HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an attacker the ability to crash the server. | 7.5 |
2020-11-21 | CVE-2020-14230 | Hcltech | Improper Input Validation vulnerability in Hcltech Domino HCL Domino is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. | 7.5 |
2020-11-20 | CVE-2020-26236 | Scratchverifier | Unspecified vulnerability in Scratchverifier In ScratchVerifier before commit a603769, an attacker can hijack the verification process to log into someone else's account on any site that uses ScratchVerifier for logins. | 7.5 |
2020-11-20 | CVE-2020-4937 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 7.5 |
2020-11-20 | CVE-2020-5668 | Mitsubishielectric | Resource Exhaustion vulnerability in Mitsubishielectric products Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware version '19' and earlier, R04/08/16/32/120 (EN) CPU firmware version '51' and earlier, R08/16/32/120SFCPU firmware version '22' and earlier, R08/16/32/120PCPU firmware version '25' and earlier, R08/16/32/120PSFCPU firmware version '06' and earlier, RJ71EN71 firmware version '47' and earlier, RJ71GF11-T2 firmware version '47' and earlier, RJ72GF15-T2 firmware version '07' and earlier, RJ71GP21-SX firmware version '47' and earlier, RJ71GP21S-SX firmware version '47' and earlier, and RJ71GN11-T2 firmware version '11' and earlier) allows a remote unauthenticated attacker to cause an error in a CPU unit and cause a denial-of-service (DoS) condition in execution of the program and its communication, or to cause a denial-of-service (DoS) condition in communication via the unit by receiving a specially crafted SLMP packet | 7.5 |
2020-11-19 | CVE-2020-7559 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Ecostruxure Control Expert A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause a crash of the PLC simulator present in EcoStruxureª Control Expert software when receiving a specially crafted request over Modbus. | 7.5 |
2020-11-19 | CVE-2020-7538 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Ecostruxure Control Expert A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in PLC Simulator on EcoStruxureª Control Expert (now Unity Pro) (all versions) that could cause a crash of the PLC simulator present in EcoStruxureª Control Expert software when receiving a specially crafted request over Modbus. | 7.5 |
2020-11-19 | CVE-2020-28924 | Rclone Fedoraproject | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in multiple products An issue was discovered in Rclone before 1.53.3. | 7.5 |
2020-11-19 | CVE-2020-25699 | Moodle Fedoraproject | Incorrect Authorization vulnerability in multiple products In moodle, insufficient capability checks could lead to users with the ability to course restore adding additional capabilities to roles within that course. | 7.5 |
2020-11-19 | CVE-2020-25698 | Moodle Fedoraproject | Users' enrollment capabilities were not being sufficiently checked in Moodle when they are restored into an existing course. | 7.5 |
2020-11-19 | CVE-2020-28054 | Tsmmanager | Unspecified vulnerability in Tsmmanager 6.5.0.21 JamoDat TSMManager Collector version up to 6.5.0.21 is vulnerable to an Authorization Bypass because the Collector component is not properly validating an authenticated session with the Viewer. | 7.5 |
2020-11-19 | CVE-2020-8277 | Nodejs Fedoraproject Oracle C Ares Project | Resource Exhaustion vulnerability in multiple products A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number of responses. | 7.5 |
2020-11-19 | CVE-2019-12412 | Apache | NULL Pointer Dereference vulnerability in Apache Libapreq2 A flaw in the libapreq2 v2.07 to v2.13 multipart parser can deference a null pointer leading to a process crash. | 7.5 |
2020-11-18 | CVE-2020-12593 | Symantec | Unspecified vulnerability in Symantec Endpoint Detection and Response Symantec Endpoint Detection & Response, prior to 4.5, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. | 7.5 |
2020-11-18 | CVE-2020-28574 | Trendmicro | Path Traversal vulnerability in Trendmicro Worry-Free Business Security 10.0 A unauthenticated path traversal arbitrary remote file deletion vulnerability in Trend Micro Worry-Free Business Security 10 SP1 could allow an unauthenticated attacker to exploit the vulnerability and modify or delete arbitrary files on the product's management console. | 7.5 |
2020-11-18 | CVE-2020-3392 | Cisco | Missing Authentication for Critical Function vulnerability in Cisco IOT Field Network Director A vulnerability in the API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive information on an affected system. | 7.5 |
2020-11-18 | CVE-2020-26076 | Cisco | Information Exposure vulnerability in Cisco IOT Field Network Director A vulnerability in Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive database information on an affected device. | 7.5 |
2020-11-18 | CVE-2020-28367 | Golang | Code Injection vulnerability in Golang GO Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via malicious gcc flags specified via a #cgo directive. | 7.5 |
2020-11-18 | CVE-2020-28366 | Golang Fedoraproject Netapp | Code Injection vulnerability in multiple products Code injection in the go command with cgo before Go 1.14.12 and Go 1.15.5 allows arbitrary code execution at build time via a malicious unquoted symbol name in a linked object file. | 7.5 |
2020-11-18 | CVE-2020-28362 | Golang Fedoraproject Netapp | Improper Certificate Validation vulnerability in multiple products Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service. | 7.5 |
2020-11-18 | CVE-2020-28091 | Cxuu | SQL Injection vulnerability in Cxuu Cxuucms 3.0 cxuucms v3 has a SQL injection vulnerability, which can lead to the leakage of all database data via the keywords parameter via search.php. | 7.5 |
2020-11-17 | CVE-2020-26552 | Aviatrix | Unspecified vulnerability in Aviatrix Controller 5.3.1516 An issue was discovered in Aviatrix Controller before R6.0.2483. | 7.5 |
2020-11-17 | CVE-2020-26551 | Aviatrix | Cleartext Storage of Sensitive Information vulnerability in Aviatrix Controller 5.3.1516 An issue was discovered in Aviatrix Controller before R5.3.1151. | 7.5 |
2020-11-17 | CVE-2020-26550 | Aviatrix | Use of Insufficiently Random Values vulnerability in Aviatrix Controller 5.3.1516 An issue was discovered in Aviatrix Controller before R5.3.1151. | 7.5 |
2020-11-17 | CVE-2020-26549 | Aviatrix | Files or Directories Accessible to External Parties vulnerability in Aviatrix Controller 5.3.1516 An issue was discovered in Aviatrix Controller before R5.4.1290. | 7.5 |
2020-11-17 | CVE-2020-25400 | Taskcafe Project | Unspecified vulnerability in Taskcafe Project Taskcafe Cross domain policies in Taskcafe Project Management tool before version 0.1.0 and 0.1.1 allows remote attackers to access sensitive data such as access token. | 7.5 |
2020-11-17 | CVE-2020-27554 | Basetech | Insufficiently Protected Credentials vulnerability in Basetech Ge-131 Bt-1837836 Firmware 20180921 Cleartext Transmission of Sensitive Information vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 exists which could leak sensitive information transmitted between the mobile app and the camera device. | 7.5 |
2020-11-17 | CVE-2020-27553 | Basetech | Path Traversal vulnerability in Basetech Ge-131 Bt-1837836 Firmware 20180921 In BASETech GE-131 BT-1837836 firmware 20180921, the web-server on the system is configured with the option “DocumentRoot /etc“. | 7.5 |
2020-11-16 | CVE-2020-26224 | Prestashop | Unspecified vulnerability in Prestashop In PrestaShop before version 1.7.6.9 an attacker is able to list all the orders placed on the website without being logged by abusing the function that allows a shopping cart to be recreated from an order already placed. | 7.5 |
2020-11-16 | CVE-2020-26509 | Airleader | Use of Hard-coded Credentials vulnerability in Airleader Master Control Airleader Master and Easy <= 6.21 devices have default credentials that can be used for a denial of service. | 7.5 |
2020-11-16 | CVE-2020-23490 | Wwbn | Unspecified vulnerability in Wwbn Avideo There was a local file disclosure vulnerability in AVideo < 8.9 via the proxy streaming. | 7.5 |
2020-11-16 | CVE-2020-4476 | IBM | Unspecified vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 7.5 |
2020-11-16 | CVE-2020-28723 | Cloudavid | Memory Leak vulnerability in Cloudavid Pparam 1.3.1 Memory leak in IPv6Param::setAddress in CloudAvid PParam 1.3.1. | 7.5 |
2020-11-16 | CVE-2020-27623 | Jetbrains | Unspecified vulnerability in Jetbrains Ideavim JetBrains IdeaVim before version 0.58 might have caused an information leak in limited circumstances. | 7.5 |
2020-11-16 | CVE-2020-27423 | Anuko | Improper Restriction of Excessive Authentication Attempts vulnerability in Anuko Time Tracker Anuko Time Tracker v1.19.23.5311 lacks rate limit on the password reset module which allows attacker to perform Denial of Service attack on any legitimate user's mailbox | 7.5 |
2020-11-16 | CVE-2020-27191 | Lionwiki | Unspecified vulnerability in Lionwiki LionWiki before 3.2.12 allows an unauthenticated user to read files as the web server user via crafted string in the index.php f1 variable, aka Local File Inclusion. | 7.5 |
2020-11-16 | CVE-2020-25209 | Jetbrains | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API. | 7.5 |
2020-11-16 | CVE-2020-25013 | Jetbrains | Unspecified vulnerability in Jetbrains Toolbox JetBrains ToolBox before version 1.18 is vulnerable to a Denial of Service attack via a browser protocol handler. | 7.5 |
2020-11-16 | CVE-2020-8272 | Citrix | Improper Authentication vulnerability in Citrix Sd-Wan Authentication Bypass resulting in exposure of SD-WAN functionality in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8 | 7.5 |
2020-11-16 | CVE-2020-5666 | Mitsubishielectric | Resource Exhaustion vulnerability in Mitsubishielectric products Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series CPU Modules (R00/01/02CPU Firmware versions from '05' to '19' and R04/08/16/32/120(EN)CPU Firmware versions from '35' to '51') allows a remote attacker to cause an error in a CPU unit via a specially crafted HTTP packet, which may lead to a denial-of-service (DoS) condition in execution of the program and its communication. | 7.5 |
2020-11-19 | CVE-2020-8279 | Nextcloud | Improper Certificate Validation vulnerability in Nextcloud Social Missing validation of server certificates for out-going connections in Nextcloud Social < 0.4.0 allowed a man-in-the-middle attack. | 7.4 |
2020-11-17 | CVE-2020-25705 | Linux Redhat | A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. | 7.4 |
2020-11-19 | CVE-2020-7566 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Modicon M221 Firmware A CWE-334: Small Space of Random Values vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to break the encryption keys when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller. | 7.3 |
2020-11-19 | CVE-2020-7565 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Modicon M221 Firmware A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to break the encryption key when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller. | 7.3 |
2020-11-19 | CVE-2020-12510 | Beckhoff | Incorrect Default Permissions vulnerability in Beckhoff Twincat Extended Automation Runtime 3.1 The default installation path of the TwinCAT XAR 3.1 software in all versions is underneath C:\TwinCAT. | 7.3 |
2020-11-18 | CVE-2020-25406 | Lemocms | Unrestricted Upload of File with Dangerous Type vulnerability in Lemocms app\admin\controller\sys\Uploads.php in lemocms 1.8.x allows users to upload files to upload executable files. | 7.3 |
2020-11-18 | CVE-2020-28581 | Trendmicro | OS Command Injection vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges. | 7.2 |
2020-11-18 | CVE-2020-28580 | Trendmicro | OS Command Injection vulnerability in Trendmicro Interscan web Security Virtual Appliance 6.5 A command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges. | 7.2 |
2020-11-17 | CVE-2020-21665 | Fastadmin | SQL Injection vulnerability in Fastadmin 1.0.0.20191212 In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has logged in, a malicious parameter can be passed for SQL injection in URL /admin/ajax/weigh. | 7.2 |
2020-11-16 | CVE-2020-28692 | Gilacms | Unrestricted Upload of File with Dangerous Type vulnerability in Gilacms Gila CMS 1.16.0 In Gila CMS 1.16.0, an attacker can upload a shell to tmp directy and abuse .htaccess through the logs function for executing PHP files. | 7.2 |
2020-11-16 | CVE-2020-2492 | Qnap | Command Injection vulnerability in Qnap QTS If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. | 7.2 |
2020-11-16 | CVE-2020-2490 | Qnap | Command Injection vulnerability in Qnap QTS If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. | 7.2 |
2020-11-17 | CVE-2020-28914 | Katacontainers | Incorrect Permission Assignment for Critical Resource vulnerability in Katacontainers Kata-Containers An improper file permissions vulnerability affects Kata Containers prior to 1.11.5. | 7.1 |
2020-11-17 | CVE-2020-26405 | Gitlab | Path Traversal vulnerability in Gitlab Path traversal vulnerability in package upload functionality in GitLab CE/EE starting from 12.8 allows an attacker to save packages in arbitrary locations. | 7.1 |
2020-11-19 | CVE-2020-28209 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Enterprise Server Installer 1.9/3.1 A CWE-428 Windows Unquoted Search Path vulnerability exists in EcoStruxure Building Operation Enterprise Server installer V1.9 - V3.1 and Enterprise Central installer V2.0 - V3.1 that could cause any local Windows user who has write permission on at least one of the subfolders of the Connect Agent service binary path, being able to gain the privilege of the user who started the service. | 7.0 |
117 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-11-18 | CVE-2020-13799 | Westerndigital Linaro | Authentication Bypass by Capture-replay vulnerability in multiple products Western Digital has identified a security vulnerability in the Replay Protected Memory Block (RPMB) protocol as specified in multiple standards for storage device interfaces, including all versions of eMMC, UFS, and NVMe. | 6.8 |
2020-11-16 | CVE-2020-28656 | VW | Improper Validation of Integrity Check Value vulnerability in VW Polo Firmware 2019 The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019 vehicles allows physically proximate attackers to execute arbitrary code because some unsigned parts of a metainfo file are parsed, which can cause attacker-controlled files to be written to the infotainment system and executed as root. | 6.8 |
2020-11-20 | CVE-2020-7842 | Netu | Improper Input Validation vulnerability in Netu Wf2429Tb Firmware 1.1.10 Improper Input validation vulnerability exists in Netis Korea D'live AP which could cause arbitrary command injection and execution when the time setting (using ntpServerlp1 parameter) for the users. | 6.6 |
2020-11-20 | CVE-2020-19668 | Libsixel Project | Out-of-bounds Read vulnerability in Libsixel Project Libsixel 1.8.6 Unverified indexs into the array lead to out of bound access in the gif_out_code function in fromgif.c in libsixel 1.8.6. | 6.5 |
2020-11-19 | CVE-2020-7573 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Webreports 1.9/3.1 A CWE-284 Improper Access Control vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker being able to access a restricted web resources due to improper access control. | 6.5 |
2020-11-19 | CVE-2020-12496 | Endress | Information Exposure vulnerability in Endress products Endress+Hauser Ecograph T (Neutral/Private Label) (RSG35, ORSG35) and Memograph M (Neutral/Private Label) (RSG45, ORSG45) with Firmware version V2.0.0 and above is prone to exposure of sensitive information to an unauthorized actor. | 6.5 |
2020-11-19 | CVE-2020-25700 | Moodle Fedoraproject | SQL Injection vulnerability in multiple products In moodle, some database module web services allowed students to add entries within groups they did not belong to. | 6.5 |
2020-11-18 | CVE-2020-3482 | Cisco | Improper Privilege Management vulnerability in Cisco products A vulnerability in the Traversal Using Relays around NAT (TURN) server component of Cisco Expressway software could allow an unauthenticated, remote attacker to bypass security controls and send network traffic to restricted destinations. | 6.5 |
2020-11-18 | CVE-2020-3471 | Cisco | Improper Synchronization vulnerability in Cisco Webex Meetings Server A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to maintain bidirectional audio despite being expelled from an active Webex session. | 6.5 |
2020-11-18 | CVE-2020-4592 | IBM | Unspecified vulnerability in IBM MQ Appliance 9.1.0.0 IBM MQ Appliance 9.1.CD and LTS could allow an authenticated user, under nondefault configuration to cause a data corruption attack due to an error when using segmented messages. | 6.5 |
2020-11-18 | CVE-2020-26078 | Cisco | Path Traversal vulnerability in Cisco IOT Field Network Director A vulnerability in the file system of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to overwrite files on an affected system. | 6.5 |
2020-11-18 | CVE-2020-26068 | Cisco | Authorization Bypass Through User-Controlled Key vulnerability in Cisco Roomos and Telepresence Collaboration Endpoint A vulnerability in the xAPI service of Cisco Telepresence CE Software and Cisco RoomOS Software could allow an authenticated, remote attacker to generate an access token for an affected device. | 6.5 |
2020-11-18 | CVE-2020-28005 | TP Link | Classic Buffer Overflow vulnerability in Tp-Link Tl-Wpa4220 Firmware 4.0.2 httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the /admin/syslog endpoint. | 6.5 |
2020-11-18 | CVE-2020-28917 | View Frontend Statistics Project | Cleartext Storage of Sensitive Information vulnerability in View Frontend Statistics Project View Frontend Statistics An issue was discovered in the view_statistics (aka View frontend statistics) extension before 2.0.1 for TYPO3. | 6.5 |
2020-11-17 | CVE-2020-25988 | Genexis | Cleartext Transmission of Sensitive Information vulnerability in Genexis Platinum 4410 Firmware P4410V21.34H UPNP Service listening on port 5555 in Genexis Platinum 4410 Router V2.1 (P4410-V2–1.34H) has an action 'X_GetAccess' which leaks the credentials of 'admin', provided that the attacker is network adjacent. | 6.5 |
2020-11-17 | CVE-2020-13351 | Gitlab | Incorrect Default Permissions vulnerability in Gitlab Insufficient permission checks in scheduled pipeline API in GitLab CE/EE 13.0+ allows an attacker to read variable names and values for scheduled pipelines on projects visible to the attacker. | 6.5 |
2020-11-17 | CVE-2020-27558 | Basetech | Improper Authentication vulnerability in Basetech Ge-131 Bt-1837836 Firmware 20180921 Use of an undocumented user in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to view the video stream. | 6.5 |
2020-11-16 | CVE-2020-4692 | IBM | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user to obtain sensitive information from the Dashboard UI. | 6.5 |
2020-11-16 | CVE-2020-4671 | IBM | Information Exposure Through Log Files vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 stores potentially sensitive information in log files that could be read by an authenticatedl user. | 6.5 |
2020-11-16 | CVE-2020-4566 | IBM | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.6.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 stores potentially highly sensitive information in log files that could be read by an authenticated user. | 6.5 |
2020-11-16 | CVE-2020-4475 | IBM | Unspecified vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 6.5 |
2020-11-16 | CVE-2020-26129 | Jetbrains | HTTP Request Smuggling vulnerability in Jetbrains Ktor In JetBrains Ktor before 1.4.1, HTTP request smuggling was possible. | 6.5 |
2020-11-21 | CVE-2020-5797 | TP Link | Link Following vulnerability in Tp-Link Archer C9 Firmware 180125 UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an unauthenticated actor, with physical access and network access, to read sensitive files and write to a limited set of files after plugging a crafted USB drive into the router. | 6.1 |
2020-11-19 | CVE-2020-28350 | Sokrates | Cross-site Scripting vulnerability in Sokrates Sowasql 5.6.1 A Cross Site Scripting (XSS) vulnerability exists in OPAC in Sokrates SOWA SowaSQL through 5.6.1 via the sowacgi.php typ parameter. | 6.1 |
2020-11-19 | CVE-2020-28210 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Ecostruxure Building Operation 2.0/3.1 A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting) vulnerability exists in EcoStruxure Building Operation WebStation V2.0 - V3.1 that could cause an attacker to inject HTML and JavaScript code into the user's browser. | 6.1 |
2020-11-19 | CVE-2020-28947 | Misp | Cross-site Scripting vulnerability in Misp 2.4.134 In MISP 2.4.134, XSS exists in the template element index view because the id parameter is mishandled. | 6.1 |
2020-11-19 | CVE-2020-22394 | Yzmcms | Cross-site Scripting vulnerability in Yzmcms 5.5 In YzmCMS v5.5 the member contribution function in the editor contains a cross-site scripting (XSS) vulnerability. | 6.1 |
2020-11-19 | CVE-2020-25702 | Moodle Fedoraproject | Cross-site Scripting vulnerability in multiple products In Moodle, it was possible to include JavaScript when re-naming content bank items. | 6.1 |
2020-11-19 | CVE-2020-15710 | Pulseaudio Project | Double Free vulnerability in Pulseaudio Project Pulseaudio Potential double free in Bluez 5 module of PulseAudio could allow a local attacker to leak memory or crash the program. | 6.1 |
2020-11-18 | CVE-2020-26215 | Jupyter Debian | Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. | 6.1 |
2020-11-18 | CVE-2020-22723 | Ljcmsshop Project | Cross-site Scripting vulnerability in Ljcmsshop Project Ljcmsshop 1.14 A cross-site scripting (XSS) vulnerability in Beijing Liangjing Zhicheng Technology Co., Ltd ljcmsshop version 1.14 allows remote attackers to inject arbitrary web script or HTML via user.php by registering an account directly in the user center, and then adding the payload to the delivery address. | 6.1 |
2020-11-18 | CVE-2020-15300 | Salesagility | Open Redirect vulnerability in Salesagility Suitecrm SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document. | 6.1 |
2020-11-18 | CVE-2020-27126 | Cisco | Cross-site Scripting vulnerability in Cisco Webex Meetings 40.10.2 A vulnerability in an API of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. | 6.1 |
2020-11-18 | CVE-2020-26081 | Cisco | Injection vulnerability in Cisco IOT Field Network Director Multiple vulnerabilities in the web UI of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users on an affected system. | 6.1 |
2020-11-18 | CVE-2020-26554 | Reddoxx | Cross-site Scripting vulnerability in Reddoxx Maildepot 2033 REDDOXX MailDepot 2033 (aka 2.3.3022) allows XSS via an incoming HTML e-mail message. | 6.1 |
2020-11-18 | CVE-2020-26884 | RSA | Injection vulnerability in RSA Archer RSA Archer 6.8 through 6.8.0.3 and 6.9 contains a URL injection vulnerability. | 6.1 |
2020-11-18 | CVE-2020-28724 | Palletsprojects | Open Redirect vulnerability in Palletsprojects Werkzeug Open redirect vulnerability in werkzeug before 0.11.6 via a double slash in the URL. | 6.1 |
2020-11-17 | CVE-2020-28092 | Pescms | Cross-site Scripting vulnerability in Pescms Team 2.3.2 PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?g=Team&m=Task&a=my&status=3&id=,?g=Team&m=Task&a=my&status=0&id=,?g=Team&m=Task&a=my&status=1&id=,?g=Team&m=Task&a=my&status=10&id= | 6.1 |
2020-11-17 | CVE-2020-28129 | Adrianmercurio | Cross-site Scripting vulnerability in Adrianmercurio GYM Management System 1.0 Stored Cross-site scripting (XSS) vulnerability in SourceCodester Gym Management System 1.0 allows users to inject and store arbitrary JavaScript code in index.php?page=packages via vulnerable fields 'Package Name' and 'Description'. | 6.1 |
2020-11-17 | CVE-2020-26216 | Typo3 | Unspecified vulnerability in Typo3 Fluid TYPO3 Fluid before versions 2.0.8, 2.1.7, 2.2.4, 2.3.7, 2.4.4, 2.5.11 and 2.6.10 is vulnerable to Cross-Site Scripting. | 6.1 |
2020-11-17 | CVE-2020-25890 | Kyocera | Cross-site Scripting vulnerability in Kyocera Ecosys M2640Idw Firmware The web application of Kyocera printer (ECOSYS M2640IDW) is affected by Stored XSS vulnerability, discovered in the addition a new contact in "Machine Address Book". | 6.1 |
2020-11-17 | CVE-2020-28139 | Online Clothing Store Project | Cross-site Scripting vulnerability in Online Clothing Store Project Online Clothing Store 1.0 SourceCodester Online Clothing Store 1.0 is affected by a cross-site scripting (XSS) vulnerability via a Offer Detail field in offer.php. | 6.1 |
2020-11-17 | CVE-2020-11860 | Microfocus | Cross-site Scripting vulnerability in Microfocus Arcsight Logger 6.61/7.0/7.0.1 Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. | 6.1 |
2020-11-16 | CVE-2020-26225 | Prestashop | Unspecified vulnerability in Prestashop Product Comments 4.0.0/4.0.1/4.1.0 In PrestaShop Product Comments before version 4.2.0, an attacker could inject malicious web code into the users' web browsers by creating a malicious link. | 6.1 |
2020-11-16 | CVE-2020-27627 | Jetbrains | Injection vulnerability in Jetbrains Teamcity JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection. | 6.1 |
2020-11-16 | CVE-2020-27459 | Chronoengine | Cross-site Scripting vulnerability in Chronoengine Chronoforums 2.0.11 Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when inserting a crafted payload into a post. | 6.1 |
2020-11-16 | CVE-2020-7773 | Markdown IT Highlightjs Project | Cross-site Scripting vulnerability in Markdown-It-Highlightjs Project Markdown-It-Highlightjs This affects the package markdown-it-highlightjs before 3.3.1. | 6.1 |
2020-11-18 | CVE-2020-26933 | Trustedcomputinggroup | Improper Initialization vulnerability in Trustedcomputinggroup Trusted Platform Module 2.0 Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USE_DA_USED. | 6.0 |
2020-11-18 | CVE-2020-28915 | Linux | Out-of-bounds Read vulnerability in Linux Kernel A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def. | 5.8 |
2020-11-19 | CVE-2020-7567 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Modicon M221 Firmware A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Modicon M221 (all references, all versions) that could allow the attacker to find the password hash when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller and broke the encryption keys. | 5.7 |
2020-11-17 | CVE-2020-13348 | Gitlab | Unspecified vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 10.2. | 5.7 |
2020-11-21 | CVE-2020-25725 | Xpdfreader Fedoraproject | In Xpdf 4.02, SplashOutputDev::endType3Char(GfxState *state) SplashOutputDev.cc:3079 is trying to use the freed `t3GlyphStack->cache`, which causes an `heap-use-after-free` problem. | 5.5 |
2020-11-19 | CVE-2020-28941 | Linux Fedoraproject Debian | Release of Invalid Pointer or Reference vulnerability in multiple products An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. | 5.5 |
2020-11-17 | CVE-2020-27557 | Basetech | Insufficiently Protected Credentials vulnerability in Basetech Ge-131 Bt-1837836 Firmware 20180921 Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 allows local users to gain access to the video streaming username and password via SQLite files containing plain text credentials. | 5.5 |
2020-11-17 | CVE-2020-13358 | Gitlab | Unspecified vulnerability in Gitlab A vulnerability in the internal Kubernetes agent api in GitLab CE/EE version 13.3 and above allows unauthorized access to private projects. | 5.5 |
2020-11-19 | CVE-2020-7571 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Webreports 1.9/3.1 A CWE-79 Multiple Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Reflected) vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker to inject arbitrary web script or HTML due to incorrect sanitization of user supplied data and achieve a Cross-Site Scripting reflected attack against other WebReport users. | 5.4 |
2020-11-19 | CVE-2020-7570 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Webreports 1.9/3.1 A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Stored) vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to inject arbitrary web script or HTML due to incorrect sanitization of user-supplied data and achieve a Cross-Site Scripting stored attack against other WebReport users. | 5.4 |
2020-11-19 | CVE-2020-4718 | IBM | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to stored cross-site scripting. | 5.4 |
2020-11-18 | CVE-2020-14208 | Salesagility | Cross-site Scripting vulnerability in Salesagility Suitecrm SuiteCRM 7.11.13 is affected by stored Cross-Site Scripting (XSS) in the Documents preview functionality. | 5.4 |
2020-11-18 | CVE-2020-25454 | Grocy Project | Cross-site Scripting vulnerability in Grocy Project Grocy 2.7.1 Cross-site Scripting (XSS) vulnerability in grocy 2.7.1 via the add recipe module, which gets executed when deleting the recipe. | 5.4 |
2020-11-18 | CVE-2020-28361 | Kamailio | HTTP Request Smuggling vulnerability in Kamailio Kamailio before 5.4.0, as used in Sip Express Router (SER) in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. | 5.4 |
2020-11-17 | CVE-2020-26701 | Kaaproject | Cross-site Scripting vulnerability in Kaaproject KAA 1.2.0 Cross-site scripting (XSS) vulnerability in Dashboards section in Kaa IoT Platform v1.2.0 allows remote attackers to inject malicious web scripts or HTML Injection payloads via the Description parameter. | 5.4 |
2020-11-17 | CVE-2020-25798 | Limesurvey | Cross-site Scripting vulnerability in Limesurvey A stored cross-site scripting (XSS) vulnerability in LimeSurvey before and including 3.21.1 allows authenticated users with correct permissions to inject arbitrary web script or HTML via parameter ParticipantAttributeNamesDropdown of the Attributes on the central participant database page. | 5.4 |
2020-11-17 | CVE-2020-28647 | Progress | Cross-site Scripting vulnerability in Progress Moveit Transfer In Progress MOVEit Transfer before 2020.1, a malicious user could craft and store a payload within the application. | 5.4 |
2020-11-17 | CVE-2020-25832 | Microfocus | Cross-site Scripting vulnerability in Microfocus Filr 4.2.1 Reflected Cross Site scripting vulnerability on Micro Focus Filr product, affecting version 4.2.1. | 5.4 |
2020-11-17 | CVE-2020-25834 | Microfocus | Cross-site Scripting vulnerability in Microfocus Arcsight Logger 6.61/7.0/7.0.1 Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting version 7.1. | 5.4 |
2020-11-16 | CVE-2020-4672 | IBM | Cross-site Scripting vulnerability in IBM Business Automation Workflow 20.0.0.1 IBM Business Automation Workflow 20.0.0.1 is vulnerable to cross-site scripting. | 5.4 |
2020-11-16 | CVE-2020-27991 | Nagios | Cross-site Scripting vulnerability in Nagios XI Nagios XI before 5.7.5 is vulnerable to XSS in Account Information (Email field). | 5.4 |
2020-11-16 | CVE-2020-27990 | Nagios | Cross-site Scripting vulnerability in Nagios XI Nagios XI before 5.7.5 is vulnerable to XSS in the Deployment tool (add agent). | 5.4 |
2020-11-16 | CVE-2020-27989 | Nagios | Cross-site Scripting vulnerability in Nagios XI Nagios XI before 5.7.5 is vulnerable to XSS in Dashboard Tools (Edit Dashboard). | 5.4 |
2020-11-16 | CVE-2020-27988 | Nagios | Cross-site Scripting vulnerability in Nagios XI Nagios XI before 5.7.5 is vulnerable to XSS in Manage Users (Username field). | 5.4 |
2020-11-16 | CVE-2020-13773 | Ivanti | Cross-site Scripting vulnerability in Ivanti Endpoint Manager Ivanti Endpoint Manager through 2020.1.1 allows XSS via /LDMS/frm_splitfrm.aspx, /LDMS/licensecheck.aspx, /LDMS/frm_splitcollapse.aspx, /LDMS/alert_log.aspx, /LDMS/ServerList.aspx, /LDMS/frm_coremainfrm.aspx, /LDMS/frm_findfrm.aspx, /LDMS/frm_taskfrm.aspx, and /LDMS/query_browsecomp.aspx. | 5.4 |
2020-11-16 | CVE-2020-5663 | Riken | Cross-site Scripting vulnerability in Riken Xoonips Stored cross-site scripting vulnerability in XooNIps 3.49 and earlier allows remote authenticated attackers to inject arbitrary script via unspecified vectors. | 5.4 |
2020-11-16 | CVE-2020-5662 | Riken | Cross-site Scripting vulnerability in Riken Xoonips Reflected cross-site scripting vulnerability in XooNIps 3.49 and earlier allows remote authenticated attackers to inject arbitrary script via unspecified vectors. | 5.4 |
2020-11-16 | CVE-2020-28650 | Wpbakery | Cross-site Scripting vulnerability in Wpbakery Page Builder The WPBakery plugin before 6.4.1 for WordPress allows XSS because it calls kses_remove_filters to disable the standard WordPress XSS protection mechanism for the Author and Contributor roles. | 5.4 |
2020-11-20 | CVE-2020-20739 | Libvips Debian Fedoraproject | Missing Initialization of Resource vulnerability in multiple products im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address. | 5.3 |
2020-11-19 | CVE-2020-28954 | Bigbluebutton | Improper Encoding or Escaping of Output vulnerability in Bigbluebutton web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitization, as demonstrated by accepting control characters in a user name. | 5.3 |
2020-11-19 | CVE-2020-25703 | Moodle Fedoraproject | Information Exposure vulnerability in multiple products The participants table download in Moodle always included user emails, but should have only done so when users' emails are not hidden. | 5.3 |
2020-11-19 | CVE-2020-25701 | Moodle Fedoraproject | Incorrect Authorization vulnerability in multiple products If the upload course tool in Moodle was used to delete an enrollment method which did not exist or was not already enabled, the tool would erroneously enable that enrollment method. | 5.3 |
2020-11-19 | CVE-2020-9049 | Johnsoncontrols | Improper Authentication vulnerability in Johnsoncontrols C-Cure web and Victor web A vulnerability in specified versions of American Dynamics victor Web Client and Software House C•CURE Web Client could allow an unauthenticated attacker on the network to create and sign their own JSON Web Token and use it to execute an HTTP API Method without the need for valid authentication/authorization. | 5.3 |
2020-11-19 | CVE-2020-8278 | Nextcloud | Incorrect Authorization vulnerability in Nextcloud Social 0.3.1 Improper access control in Nextcloud Social app version 0.3.1 allowed to read posts of any user. | 5.3 |
2020-11-18 | CVE-2020-3441 | Cisco | Unspecified vulnerability in Cisco Webex Meetings Server A vulnerability in Cisco Webex Meetings and Cisco Webex Meetings Server could allow an unauthenticated, remote attacker to view sensitive information from the meeting room lobby. | 5.3 |
2020-11-17 | CVE-2020-27556 | Basetech | Use of Insufficiently Random Values vulnerability in Basetech Ge-131 Bt-1837836 Firmware 20180921 A predictable device ID in BASETech GE-131 BT-1837836 firmware 20180921 allows unauthenticated remote attackers to connect to the device. | 5.3 |
2020-11-17 | CVE-2020-26406 | Gitlab | Unspecified vulnerability in Gitlab Certain SAST CiConfiguration information could be viewed by unauthorized users in GitLab EE starting with 13.3. | 5.3 |
2020-11-17 | CVE-2020-13352 | Gitlab | Unspecified vulnerability in Gitlab Private group info is leaked leaked in GitLab CE/EE version 10.2 and above, when the project is moved from private to public group. | 5.3 |
2020-11-16 | CVE-2020-27622 | Jetbrains | Unspecified vulnerability in Jetbrains Intellij Idea In JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the IDE version. | 5.3 |
2020-11-16 | CVE-2020-13772 | Ivanti | Unspecified vulnerability in Ivanti Endpoint Manager In /ldclient/ldprov.cgi in Ivanti Endpoint Manager through 2020.1.1, an attacker is able to disclose information about the server operating system, local pathnames, and environment variables with no authentication required. | 5.3 |
2020-11-16 | CVE-2020-27629 | Jetbrains | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts. | 5.3 |
2020-11-16 | CVE-2020-27626 | Jetbrains | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF. | 5.3 |
2020-11-16 | CVE-2020-27625 | Jetbrains | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues. | 5.3 |
2020-11-16 | CVE-2020-27624 | Jetbrains | Server-Side Request Forgery (SSRF) vulnerability in Jetbrains Youtrack JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF. | 5.3 |
2020-11-16 | CVE-2020-25210 | Jetbrains | Unspecified vulnerability in Jetbrains Youtrack In JetBrains YouTrack before 2020.3.7955, an attacker could access workflow rules without appropriate access grants. | 5.3 |
2020-11-16 | CVE-2020-7765 | Unspecified vulnerability in Google Firebase/Util This affects the package @firebase/util before 0.3.4. | 5.3 | |
2020-11-20 | CVE-2020-28974 | Linux Debian | Out-of-bounds Read vulnerability in multiple products A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. | 5.0 |
2020-11-18 | CVE-2020-26079 | Cisco | Insufficiently Protected Credentials vulnerability in Cisco IOT Field Network Director A vulnerability in the web UI of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to obtain hashes of user passwords on an affected device. | 4.9 |
2020-11-18 | CVE-2020-24723 | User Registration Login AND User Management System Project | Cross-site Scripting vulnerability in User Registration & Login and User Management System Project User Registration & Login and User Management System 2.1 Cross Site Scripting (XSS) vulnerability in the Registration page of the admin panel in PHPGurukul User Registration & Login and User Management System With admin panel 2.1. | 4.8 |
2020-11-17 | CVE-2020-25833 | Microfocus | Cross-site Scripting vulnerability in Microfocus Idol Persistent cross-Site Scripting vulnerability on Micro Focus IDOL product, affecting all version prior to version 12.7. | 4.8 |
2020-11-17 | CVE-2020-10776 | Redhat | Cross-site Scripting vulnerability in Redhat Keycloak A flaw was found in Keycloak before version 12.0.0, where it is possible to add unsafe schemes for the redirect_uri parameter. | 4.8 |
2020-11-16 | CVE-2020-4705 | IBM | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scripting. | 4.8 |
2020-11-20 | CVE-2020-4788 | IBM Fedoraproject Oracle | IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. | 4.7 |
2020-11-17 | CVE-2020-25746 | Resourcexpress | Information Exposure vulnerability in Resourcexpress Qubi3 Firmware QED ResourceXpress Qubi3 devices before 1.40.9 could allow a local attacker (with physical access to the device) to obtain sensitive information via the debug interface (keystrokes over a USB cable), aka wireless password visibility. | 4.6 |
2020-11-16 | CVE-2019-19562 | Harman | Improper Authentication vulnerability in Harman Hermes 2.1 An authentication bypass in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with physical access to device hardware to obtain system information. | 4.6 |
2020-11-16 | CVE-2019-19560 | Harman | Improper Authentication vulnerability in Harman Hermes 1.5 An authentication bypass in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with physical access to device hardware to obtain system information. | 4.6 |
2020-11-16 | CVE-2019-19556 | Harman | Unspecified vulnerability in Harman Hermes 1.0 An authentication bypass in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with physical access to device hardware to obtain system information. | 4.6 |
2020-11-16 | CVE-2020-8152 | Nextcloud | Insufficiently Protected Credentials vulnerability in Nextcloud Server Insufficient protection of the server-side encryption keys in Nextcloud Server 19.0.1 allowed an attacker to replace the public key to decrypt them later on. | 4.4 |
2020-11-19 | CVE-2020-7568 | Schneider Electric | Unspecified vulnerability in Schneider-Electric Modicon M221 Firmware A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists in Modicon M221 (all references, all versions) that could allow non sensitive information disclosure when the attacker has captured the traffic between EcoStruxure Machine - Basic software and Modicon M221 controller. | 4.3 |
2020-11-19 | CVE-2020-28953 | Bigbluebutton | Unspecified vulnerability in Bigbluebutton In BigBlueButton before 2.2.29, a user can vote more than once in a single poll. | 4.3 |
2020-11-19 | CVE-2020-28942 | Primekey | Improper Certificate Validation vulnerability in Primekey Ejbca An issue exists in PrimeKey EJBCA before 7.4.3 when enrolling with EST while proxied through an RA over the Peers protocol. | 4.3 |
2020-11-19 | CVE-2020-5947 | F5 | Unspecified vulnerability in F5 products In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able to obtain TCP sequence numbers from the BIG-IP system that can be reused in future connections with the same source and destination port and IP numbers. | 4.3 |
2020-11-18 | CVE-2020-26077 | Cisco | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the access control functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to view lists of users from different domains that are configured on an affected system. | 4.3 |
2020-11-17 | CVE-2020-13349 | Gitlab | Resource Exhaustion vulnerability in Gitlab An issue has been discovered in GitLab EE affecting all versions starting from 8.12. | 4.3 |
2020-11-17 | CVE-2020-13350 | Gitlab | Cross-Site Request Forgery (CSRF) vulnerability in Gitlab CSRF in runner administration page in all versions of GitLab CE/EE allows an attacker who's able to target GitLab instance administrators to pause/resume runners. | 4.3 |
2020-11-17 | CVE-2020-13354 | Gitlab | Resource Exhaustion vulnerability in Gitlab A potential DOS vulnerability was discovered in GitLab CE/EE starting with version 12.6. | 4.3 |
2020-11-16 | CVE-2020-4763 | IBM | Unspecified vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 6.0.0.0 through 6.0.3.2 and 2.2.0.0 through 2.2.6.5 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2020-11-16 | CVE-2020-4665 | IBM | Unspecified vulnerability in IBM Sterling File Gateway IBM Sterling File Gateway 2.2.0.0 through 2.2.6.5 and 6.0.0.0 through 6.0.3.2 does not set the secure attribute on authorization tokens or session cookies. | 4.3 |
2020-11-16 | CVE-2020-27628 | Jetbrains | Unspecified vulnerability in Jetbrains Teamcity In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records. | 4.3 |
2020-11-18 | CVE-2020-26080 | Cisco | Improper Privilege Management vulnerability in Cisco IOT Field Network Director A vulnerability in the user management functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to manage user information for users in different domains on an affected system. | 4.1 |
6 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-11-19 | CVE-2020-6879 | ZTE | Improper Input Validation vulnerability in ZTE Zxhn F670L Firmware and Zxhn Z500 Firmware Some ZTE devices have input verification vulnerabilities. | 3.5 |
2020-11-16 | CVE-2020-24366 | Jetbrains | Unspecified vulnerability in Jetbrains Youtrack Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0 for Android via application backups. | 3.3 |
2020-11-17 | CVE-2020-13353 | Gitlab | Insufficient Session Expiration vulnerability in Gitlab Gitaly When importing repos via URL, one time use git credentials were persisted beyond the expected time window in Gitaly 1.79.0 or above. | 3.2 |
2020-11-16 | CVE-2019-19563 | Harman | Unspecified vulnerability in Harman Hermes 2.1 A misconfiguration in the debug interface in Mercedes-Benz HERMES 2.1 allows an attacker with direct physical access to device hardware to obtain cellular modem information. | 2.4 |
2020-11-16 | CVE-2019-19561 | Harman | Insecure Storage of Sensitive Information vulnerability in Harman Hermes 1.5 A misconfiguration in the debug interface in Mercedes-Benz HERMES 1.5 allows an attacker with direct physical access to device hardware to obtain cellular modem information. | 2.4 |
2020-11-16 | CVE-2019-19557 | Harman | Insecure Storage of Sensitive Information vulnerability in Harman Hermes 1.0 A misconfiguration in the debug interface in Mercedes-Benz HERMES 1 allows an attacker with direct physical access to device hardware to obtain cellular modem information. | 2.4 |