Weekly Vulnerabilities Reports > November 23 to 29, 2020
Overview
197 new vulnerabilities reported during this period, including 10 critical vulnerabilities and 47 high severity vulnerabilities. This weekly summary report vulnerabilities in 238 products from 94 vendors including Debian, Mongodb, Linux, Fedoraproject, and Cdatatec. Vulnerabilities are notably categorized as "Cross-site Scripting", "Use of Hard-coded Credentials", "Improper Input Validation", "Path Traversal", and "Improper Authentication".
- 151 reported vulnerabilities are remotely exploitables.
- 2 reported vulnerabilities have public exploit available.
- 62 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 132 reported vulnerabilities are exploitable by an anonymous user.
- Debian has the most reported vulnerabilities, with 24 reported vulnerabilities.
- Vsolcn has the most reported critical vulnerabilities, with 2 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
10 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-11-29 | CVE-2020-29381 | Vsolcn | Command Injection vulnerability in Vsolcn products An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. | 10.0 |
2020-11-27 | CVE-2019-19875 | BR Automation | Command Injection vulnerability in Br-Automation Industrial Automation Aprol An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. | 10.0 |
2020-11-24 | CVE-2020-29056 | Cdatatec Cdata | Command Injection vulnerability in multiple products An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. | 10.0 |
2020-11-24 | CVE-2015-9551 | Totolink | Unspecified vulnerability in Totolink products An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. | 10.0 |
2020-11-24 | CVE-2020-28334 | Barco | Use of Hard-coded Credentials vulnerability in Barco Wepresent Wipg-1600W Firmware Barco wePresent WiPG-1600W devices use Hard-coded Credentials (issue 2 of 2). | 10.0 |
2020-11-23 | CVE-2020-6939 | Tableau | Unspecified vulnerability in Tableau Server Tableau Server installations configured with Site-Specific SAML that allows the APIs to be used by unauthenticated users. | 10.0 |
2020-11-24 | CVE-2020-13942 | Apache | Injection vulnerability in Apache Unomi 1.5.0/1.5.1 It is possible to inject malicious OGNL or MVEL scripts into the /context.json public endpoint. | 9.8 |
2020-11-27 | CVE-2020-29367 | C Blosc2 Project | Out-of-bounds Write vulnerability in C-Blosc2 Project C-Blosc2 2.0.0 blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data. | 9.3 |
2020-11-29 | CVE-2020-29378 | Vsolcn | Improper Privilege Management vulnerability in Vsolcn products An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. | 9.0 |
2020-11-23 | CVE-2020-4006 | Vmware | Command Injection vulnerability in VMWare products VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability. | 9.0 |
47 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-11-25 | CVE-2020-29074 | X11Vnc Project Fedoraproject Debian | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user. | 8.8 |
2020-11-23 | CVE-2020-25660 | Redhat Fedoraproject | Authentication Bypass by Capture-replay vulnerability in multiple products A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. | 8.8 |
2020-11-23 | CVE-2020-12351 | Linux | Improper Input Validation vulnerability in Linux Kernel Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | 8.8 |
2020-11-24 | CVE-2020-26237 | Highlightjs Debian Oracle | Modification of Assumed-Immutable Data (MAID) vulnerability in multiple products Highlight.js is a syntax highlighter written in JavaScript. | 8.7 |
2020-11-25 | CVE-2020-29071 | Liquidfiles | Cross-site Scripting vulnerability in Liquidfiles An XSS issue was found in the Shares feature of LiquidFiles before 3.3.19. | 8.5 |
2020-11-25 | CVE-2020-26238 | Cron Utils Project | Injection vulnerability in Cron-Utils Project Cron-Utils Cron-utils is a Java library to parse, validate, migrate crons as well as get human readable descriptions for them. | 8.1 |
2020-11-26 | CVE-2020-27253 | Rockwellautomation | Improper Input Validation vulnerability in Rockwellautomation Factorytalk Linx 6.00/6.10/6.11 A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. | 7.8 |
2020-11-24 | CVE-2020-29057 | Cdatatec | Unspecified vulnerability in Cdatatec products An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. | 7.8 |
2020-11-27 | CVE-2020-26245 | Systeminformation | OS Command Injection vulnerability in Systeminformation npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. | 7.5 |
2020-11-27 | CVE-2020-25708 | Libvncserver Project Redhat Debian | Divide By Zero vulnerability in multiple products A divide by zero issue was found to occur in libvncserver-0.9.12. | 7.5 |
2020-11-27 | CVE-2020-25014 | Zyxel | Out-of-bounds Write vulnerability in Zyxel Access Points Firmware and ZLD Firmware A stack-based buffer overflow in fbwifi_continue.cgi on Zyxel UTM and VPN series of gateways running firmware version V4.30 through to V4.55 allows remote unauthenticated attackers to execute arbitrary code via a crafted http packet. | 7.5 |
2020-11-27 | CVE-2020-10772 | Nlnetlabs | Resource Exhaustion vulnerability in Nlnetlabs Unbound 1.6.65 An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. | 7.5 |
2020-11-27 | CVE-2017-15681 | Craftercms | Path Traversal vulnerability in Craftercms Crafter CMS 3.0.0 In Crafter CMS Crafter Studio 3.0.1 a directory traversal vulnerability exists which allows unauthenticated attackers to overwrite files from the operating system which can lead to RCE. | 7.5 |
2020-11-27 | CVE-2019-19876 | BR Automation | SQL Injection vulnerability in Br-Automation Industrial Automation Aprol An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. | 7.5 |
2020-11-27 | CVE-2019-19874 | BR Automation | Injection vulnerability in Br-Automation Industrial Automation Aprol An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. | 7.5 |
2020-11-27 | CVE-2019-19872 | BR Automation | Injection vulnerability in Br-Automation Industrial Automation Aprol An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. | 7.5 |
2020-11-26 | CVE-2020-7778 | Systeminformation | OS Command Injection vulnerability in Systeminformation This affects the package systeminformation before 4.30.2. | 7.5 |
2020-11-26 | CVE-2020-27251 | Rockwellautomation | Heap-based Buffer Overflow vulnerability in Rockwellautomation Factorytalk Linx 6.00/6.10/6.11 A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. | 7.5 |
2020-11-24 | CVE-2020-29062 | Cdatatec | Use of Hard-coded Credentials vulnerability in Cdatatec products An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. | 7.5 |
2020-11-24 | CVE-2020-29061 | Cdatatec | Use of Hard-coded Credentials vulnerability in Cdatatec products An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. | 7.5 |
2020-11-24 | CVE-2020-29060 | Cdatatec | Use of Hard-coded Credentials vulnerability in Cdatatec products An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. | 7.5 |
2020-11-24 | CVE-2020-29059 | Cdatatec | Use of Hard-coded Credentials vulnerability in Cdatatec products An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. | 7.5 |
2020-11-24 | CVE-2020-28329 | Barco | Use of Hard-coded Credentials vulnerability in Barco Wepresent Wipg-1600W Firmware Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. | 7.5 |
2020-11-24 | CVE-2020-25159 | Rtautomation | Out-of-bounds Write vulnerability in Rtautomation 499Es Ethernet/Ip Adaptor Firmware 499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution. | 7.5 |
2020-11-24 | CVE-2020-28333 | Barco | Improper Authentication vulnerability in Barco Wepresent Wipg-1600W Firmware 2.5.1.8 Barco wePresent WiPG-1600W devices allow Authentication Bypass. | 7.5 |
2020-11-24 | CVE-2020-28332 | Barco | Download of Code Without Integrity Check vulnerability in Barco Wepresent Wipg-1600W Firmware 2.5.1.8 Barco wePresent WiPG-1600W devices download code without an Integrity Check. | 7.5 |
2020-11-24 | CVE-2020-28994 | Karenderia Multiple Restaurant System Project | SQL Injection vulnerability in Karenderia multiple Restaurant System Project Karenderia multiple Restaurant System 5.4.2 A SQL injection vulnerability was discovered in Karenderia Multiple Restaurant System, affecting versions 5.4.2 and below. | 7.5 |
2020-11-24 | CVE-2020-4001 | Vmware | Use of Hard-coded Credentials vulnerability in VMWare Sd-Wan Orchestrator The SD-WAN Orchestrator 3.3.2, 3.4.x, and 4.0.x has default passwords allowing for a Pass-the-Hash Attack. | 7.5 |
2020-11-24 | CVE-2020-29006 | Misp | Missing Authorization vulnerability in Misp MISP before 2.4.135 lacks an ACL check, related to app/Controller/GalaxyElementsController.php and app/Model/GalaxyElement.php. | 7.5 |
2020-11-24 | CVE-2020-25475 | Newsscriptphp | SQL Injection vulnerability in Newsscriptphp News Script PHP PRO 2.3 SimplePHPscripts News Script PHP Pro 2.3 is affected by a SQL Injection via the id parameter in an editNews action. | 7.5 |
2020-11-24 | CVE-2019-20925 | Mongodb | Incorrect Comparison vulnerability in Mongodb An unauthenticated client can trigger denial of service by issuing specially crafted wire protocol messages, which cause the message decompressor to incorrectly allocate memory. | 7.5 |
2020-11-24 | CVE-2020-26890 | Matrix Fedoraproject | Improper Input Validation vulnerability in multiple products Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service attack against the federation and common Matrix clients. | 7.5 |
2020-11-24 | CVE-2020-15929 | Ortussolutions | Command Injection vulnerability in Ortussolutions Testbox In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system/runners/HTMLRunner.cfm allow an attacker to write an arbitrary CFM file (within the application's context) containing attacker-defined CFML tags, leading to Remote Code Execution. | 7.5 |
2020-11-24 | CVE-2020-28991 | Gitea | Unspecified vulnerability in Gitea Gitea 0.9.99 through 1.12.x before 1.12.6 does not prevent a git protocol path that specifies a TCP port number and also contains newlines (with URL encoding) in ParseRemoteAddr in modules/auth/repo_form.go. | 7.5 |
2020-11-23 | CVE-2020-28984 | Spip Debian | prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does not properly validate the couleur, display, display_navigation, display_outils, imessage, and spip_ecran parameters. | 7.5 |
2020-11-23 | CVE-2020-25696 | Postgresql Debian | Permissive Whitelist vulnerability in multiple products A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. | 7.5 |
2020-11-23 | CVE-2020-28360 | Private IP Project | Server-Side Request Forgery (SSRF) vulnerability in Private-Ip Project Private-Ip Insufficient RegEx in private-ip npm package v1.0.5 and below insufficiently filters reserved IP ranges resulting in indeterminate SSRF. | 7.5 |
2020-11-23 | CVE-2020-28864 | Winscp | Classic Buffer Overflow vulnerability in Winscp 5.17.8 Buffer overflow in WinSCP 5.17.8 allows a malicious FTP server to cause a denial of service or possibly have other unspecified impact via a long file name. | 7.5 |
2020-11-23 | CVE-2020-4854 | IBM | Use of Hard-coded Credentials vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 7.5 |
2020-11-23 | CVE-2020-7925 | Mongodb | Improper Input Validation vulnerability in Mongodb Incorrect validation of user input in the role name parser may lead to use of uninitialized memory allowing an unauthenticated attacker to use a specially crafted request to cause a denial of service. | 7.5 |
2020-11-27 | CVE-2020-28922 | Pcanalyser | Improper Privilege Management vulnerability in Pcanalyser PC Analyser 4.05/4.10 An issue was discovered in Devid Espenschied PC Analyser through 4.10. | 7.2 |
2020-11-27 | CVE-2020-28921 | Pcanalyser | Improper Privilege Management vulnerability in Pcanalyser PC Analyser 4.05/4.10 An issue was discovered in Devid Espenschied PC Analyser through 4.10. | 7.2 |
2020-11-24 | CVE-2020-25654 | Clusterlabs Debian | An ACL bypass flaw was found in pacemaker. | 7.2 |
2020-11-23 | CVE-2020-27985 | Securityonionsolutions | Improper Authentication vulnerability in Securityonionsolutions Security Onion Security Onion v2 prior to 2.3.10 has an incorrect sudo configuration, which allows the administrative user to obtain root access without using the sudo password by editing and executing /home/<user>/SecurityOnion/setup/so-setup. | 7.2 |
2020-11-28 | CVE-2020-29370 | Linux Netapp | Race Condition vulnerability in multiple products An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. | 7.0 |
2020-11-28 | CVE-2020-29369 | Linux Netapp | Race Condition vulnerability in multiple products An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. | 7.0 |
2020-11-28 | CVE-2020-29368 | Linux Netapp | Race Condition vulnerability in multiple products An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. | 7.0 |
115 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-11-27 | CVE-2020-7780 | Softwaremill | Cross-Site Request Forgery (CSRF) vulnerability in Softwaremill Akka-Http-Session This affects the package com.softwaremill.akka-http-session:core_2.13 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.12 before 0.5.11; the package com.softwaremill.akka-http-session:core_2.11 before 0.5.11. | 6.8 |
2020-11-27 | CVE-2020-27745 | Schedmd Debian | Classic Buffer Overflow vulnerability in multiple products Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin. | 6.8 |
2020-11-26 | CVE-2020-26936 | Cloudera | Cross-Site Request Forgery (CSRF) vulnerability in Cloudera Data Engineering Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack. | 6.8 |
2020-11-26 | CVE-2020-29128 | Petl Project | XML Injection (aka Blind XPath Injection) vulnerability in Petl Project Petl petl before 1.68, in some configurations, allows resolution of entities in an XML document. | 6.8 |
2020-11-24 | CVE-2020-13620 | Fastweb | Cross-Site Request Forgery (CSRF) vulnerability in Fastweb Fastgate Gpon Fga2130Fwb Firmware 20200526 Fastweb FASTGate GPON FGA2130FWB devices through 2020-05-26 allow CSRF via the router administration web panel, leading to an attacker's ability to perform administrative actions such as modifying the configuration. | 6.8 |
2020-11-23 | CVE-2020-15436 | Linux Broadcom Netapp | Use After Free vulnerability in multiple products Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. | 6.7 |
2020-11-24 | CVE-2020-4002 | Vmware | Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Sd-Wan Orchestrator The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 handles system parameters in an insecure way. | 6.5 |
2020-11-24 | CVE-2020-4000 | Vmware | Path Traversal vulnerability in VMWare Sd-Wan Orchestrator The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 allows for executing files through directory traversal. | 6.5 |
2020-11-24 | CVE-2020-3985 | Vmware | Improper Privilege Management vulnerability in VMWare Sd-Wan Orchestrator 3.3.2/3.4.0/3.4.4 The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 allows an access to set arbitrary authorization levels leading to a privilege escalation issue. | 6.5 |
2020-11-23 | CVE-2020-7927 | Mongodb | Unspecified vulnerability in Mongodb OPS Manager Specially crafted API calls may allow an authenticated user who holds Organization Owner privilege to obtain an API key with Global Role privilege. | 6.5 |
2020-11-23 | CVE-2018-20803 | Mongodb | Infinite Loop vulnerability in Mongodb A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which loop indefinitely in mathematics processing while retaining locks. | 6.5 |
2020-11-23 | CVE-2020-7928 | Mongodb | Unspecified vulnerability in Mongodb A user authorized to perform database queries may trigger a read overrun and access arbitrary memory by issuing specially crafted queries. | 6.5 |
2020-11-23 | CVE-2020-7777 | Jsen Project | Unspecified vulnerability in Jsen Project Jsen This affects all versions of package jsen. | 6.5 |
2020-11-23 | CVE-2019-2393 | Mongodb | Use After Free vulnerability in Mongodb A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use $lookup and collations. | 6.5 |
2020-11-23 | CVE-2019-2392 | Mongodb | Integer Overflow or Wraparound vulnerability in Mongodb A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which use the $mod operator to overflow negative values. | 6.5 |
2020-11-23 | CVE-2019-20924 | Mongodb | Improper Check for Unusual or Exceptional Conditions vulnerability in Mongodb 4.2.0/4.2.1 A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries which trigger an invariant in the IndexBoundsBuilder. | 6.5 |
2020-11-23 | CVE-2019-20923 | Mongodb | Unspecified vulnerability in Mongodb A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which throw unhandled Javascript exceptions containing types intended to be scoped to the Javascript engine's internals. | 6.5 |
2020-11-23 | CVE-2018-20805 | Mongodb | Excessive Iteration vulnerability in Mongodb A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch . | 6.5 |
2020-11-23 | CVE-2018-20804 | Mongodb | Improper Input Validation vulnerability in Mongodb A user authorized to perform database queries may trigger denial of service by issuing specially crafted applyOps invocations. | 6.5 |
2020-11-23 | CVE-2018-20802 | Mongodb | Unspecified vulnerability in Mongodb A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries with compound indexes affecting QueryPlanner. | 6.5 |
2020-11-23 | CVE-2020-7926 | Mongodb | Improper Handling of Exceptional Conditions vulnerability in Mongodb 4.4.0 A user authorized to perform database queries may cause denial of service by issuing a specially crafted query which violates an invariant in the server selection subsystem. | 6.5 |
2020-11-23 | CVE-2020-28053 | Hashicorp | Incorrect Authorization vulnerability in Hashicorp Consul HashiCorp Consul and Consul Enterprise 1.2.0 up to 1.8.5 allowed operators with operator:read ACL permissions to read the Connect CA private key configuration. | 6.5 |
2020-11-27 | CVE-2017-15680 | Craftercms | Missing Authorization vulnerability in Craftercms Crafter CMS 3.0.0 In Crafter CMS Crafter Studio 3.0.1 an IDOR vulnerability exists which allows unauthenticated attackers to view and modify administrative data. | 6.4 |
2020-11-26 | CVE-2020-25651 | Spice Space Debian Fedoraproject | Race Condition vulnerability in multiple products A flaw was found in the SPICE file transfer protocol. | 6.4 |
2020-11-24 | CVE-2020-7378 | Opencrx | Improper Authentication vulnerability in Opencrx CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. | 6.4 |
2020-11-24 | CVE-2020-25473 | Newsscriptphp | Unspecified vulnerability in Newsscriptphp News Script PHP PRO 2.3 SimplePHPscripts News Script PHP Pro 2.3 does not properly set the HttpOnly Flag from Session Cookies. | 6.4 |
2020-11-26 | CVE-2020-25653 | Spice Space Debian Fedoraproject | Race Condition vulnerability in multiple products A race condition vulnerability was found in the way the spice-vdagentd daemon handled new client connections. | 6.3 |
2020-11-24 | CVE-2020-28348 | Hashicorp | Path Traversal vulnerability in Hashicorp Nomad HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. | 6.3 |
2020-11-24 | CVE-2020-28726 | Seeddms | Open Redirect vulnerability in Seeddms 6.0.13 Open redirect in SeedDMS 6.0.13 via the dropfolderfileform1 parameter to out/out.AddDocument.php. | 5.8 |
2020-11-23 | CVE-2020-0569 | Intel Debian Canonical Opensuse QT | Out-of-bounds Write vulnerability in multiple products Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. | 5.7 |
2020-11-26 | CVE-2020-25652 | Spice Space Debian Fedoraproject | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the spice-vdagentd daemon, where it did not properly handle client connections that can be established via the UNIX domain socket in `/run/spice-vdagentd/spice-vdagent-sock`. | 5.5 |
2020-11-25 | CVE-2020-25650 | Spice Space Debian Fedoraproject | Allocation of Resources Without Limits or Throttling vulnerability in multiple products A flaw was found in the way the spice-vdagentd daemon handled file transfers from the host system to the virtual machine. | 5.5 |
2020-11-25 | CVE-2020-26241 | Ethereum | Incorrect Calculation vulnerability in Ethereum GO Ethereum Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. | 5.5 |
2020-11-24 | CVE-2020-26232 | Jupyter | Open Redirect vulnerability in Jupyter Server Jupyter Server before version 1.0.6 has an Open redirect vulnerability. | 5.5 |
2020-11-24 | CVE-2020-28928 | Musl Libc Debian Fedoraproject Oracle | Out-of-bounds Write vulnerability in multiple products In musl libc through 1.2.1, wcsnrtombs mishandles particular combinations of destination buffer size and source character limit, as demonstrated by an invalid write access (buffer overflow). | 5.5 |
2020-11-24 | CVE-2020-10762 | Redhat | Information Exposure Through Log Files vulnerability in Redhat Gluster-Block An information-disclosure flaw was found in the way that gluster-block before 0.5.1 logs the output from gluster-block CLI operations. | 5.5 |
2020-11-28 | CVE-2019-20934 | Linux | Use After Free vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 5.2.6. | 5.4 |
2020-11-27 | CVE-2020-29138 | Sagemcom | Missing Authentication for Critical Function vulnerability in Sagemcom F@St 3486 Router Firmware 4.109.0 Incorrect Access Control in the configuration backup path in SAGEMCOM F@ST3486 NET DOCSIS 3.0, software NET_4.109.0, allows remote unauthenticated users to download the router configuration file via the /backupsettings.conf URI, when any valid session is running. | 5.3 |
2020-11-24 | CVE-2020-25640 | Redhat | Information Exposure Through Log Files vulnerability in Redhat Wildfly A flaw was discovered in WildFly before 21.0.0.Final where, Resource adapter logs plain text JMS password at warning level on connection error, inserting sensitive information in the log file. | 5.3 |
2020-11-23 | CVE-2019-14586 | Tianocore Debian | Use After Free vulnerability in multiple products Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access. | 5.2 |
2020-11-29 | CVE-2020-29377 | Vsolcn | Use of Hard-coded Credentials vulnerability in Vsolcn V1600D Firmware 2.03.69 An issue was discovered on V-SOL V1600D V2.03.69 OLT devices. | 5.0 |
2020-11-29 | CVE-2020-29376 | Vsolcn | Use of Hard-coded Credentials vulnerability in Vsolcn products An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. | 5.0 |
2020-11-27 | CVE-2017-15685 | Craftercms | XML Injection (aka Blind XPath Injection) vulnerability in Craftercms Crafter CMS 3.0.0 Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). | 5.0 |
2020-11-27 | CVE-2017-15684 | Craftercms | Path Traversal vulnerability in Craftercms Crafter CMS 3.0.0 Crafter CMS Crafter Studio 3.0.1 has a directory traversal vulnerability which allows unauthenticated attackers to view files from the operating system. | 5.0 |
2020-11-27 | CVE-2017-15683 | Craftercms | XML Injection (aka Blind XPath Injection) vulnerability in Craftercms Crafter CMS 3.0.0 In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band. | 5.0 |
2020-11-27 | CVE-2019-19878 | BR Automation | Improper Authentication vulnerability in Br-Automation Industrial Automation Aprol An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. | 5.0 |
2020-11-27 | CVE-2019-19877 | BR Automation | Path Traversal vulnerability in Br-Automation Industrial Automation Aprol An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. | 5.0 |
2020-11-27 | CVE-2019-19873 | BR Automation | Improper Authentication vulnerability in Br-Automation Industrial Automation Aprol An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. | 5.0 |
2020-11-27 | CVE-2019-19869 | BR Automation | Unspecified vulnerability in Br-Automation Industrial Automation Aprol An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. | 5.0 |
2020-11-26 | CVE-2020-29043 | Bigbluebutton | Missing Authorization vulnerability in Bigbluebutton An issue was discovered in BigBlueButton through 2.2.29. | 5.0 |
2020-11-26 | CVE-2020-27207 | Zetetic | Use After Free vulnerability in Zetetic Sqlcipher 4.0 Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sqlcipher_codec_pragma and sqlite3Strlen30 in sqlite3.c. | 5.0 |
2020-11-26 | CVE-2020-13886 | Intelbras | Path Traversal vulnerability in Intelbras products Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 devices allow cgi-bin/cgiServer.exx?page=../ Directory Traversal. | 5.0 |
2020-11-26 | CVE-2020-7779 | Djvalidator Project | Expression Language Injection vulnerability in Djvalidator Project Djvalidator All versions of package djvalidator are vulnerable to Regular Expression Denial of Service (ReDoS) by sending crafted invalid emails - for example, --@------------------------------------------------------------------------------------------------------------------------!. | 5.0 |
2020-11-26 | CVE-2020-27255 | Rockwellautomation | Heap-based Buffer Overflow vulnerability in Rockwellautomation Factorytalk Linx 6.00/6.10/6.11 A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. | 5.0 |
2020-11-25 | CVE-2020-14190 | Atlassian | Missing Authorization vulnerability in Atlassian Crucible Affected versions of Atlassian Fisheye/Crucible allow remote attackers to achieve Regex Denial of Service via user-supplied regex in EyeQL. | 5.0 |
2020-11-25 | CVE-2020-14191 | Atlassian | Missing Authorization vulnerability in Atlassian Crucible Affected versions of Atlassian Fisheye/Crucible allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the MessageBundleResource within Atlassian Gadgets. | 5.0 |
2020-11-25 | CVE-2020-26242 | Ethereum | Unspecified vulnerability in Ethereum GO Ethereum Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. | 5.0 |
2020-11-25 | CVE-2020-26240 | Ethereum | Incorrect Calculation vulnerability in Ethereum GO Ethereum Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. | 5.0 |
2020-11-24 | CVE-2020-29063 | Cdatatec | Inadequate Encryption Strength vulnerability in Cdatatec products An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. | 5.0 |
2020-11-24 | CVE-2020-29058 | Cdatatec | Insufficiently Protected Credentials vulnerability in Cdatatec products An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. | 5.0 |
2020-11-24 | CVE-2020-29054 | Cdatatec | Insufficiently Protected Credentials vulnerability in Cdatatec products An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. | 5.0 |
2020-11-24 | CVE-2015-9550 | Totolink | Exposure of Resource to Wrong Sphere vulnerability in Totolink products An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. | 5.0 |
2020-11-24 | CVE-2020-28331 | Barco | Unspecified vulnerability in Barco Wepresent Wipg-1600W Firmware 2.5.1.8 Barco wePresent WiPG-1600W devices have Improper Access Control. | 5.0 |
2020-11-24 | CVE-2020-15928 | Ortussolutions | Path Traversal vulnerability in Ortussolutions Testbox In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters to test-browser/index.cfm allow directory traversal. | 5.0 |
2020-11-23 | CVE-2020-26228 | Typo3 | Cleartext Storage of Sensitive Information vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 5.0 |
2020-11-23 | CVE-2020-24227 | Playgroundsessions | Insufficiently Protected Credentials vulnerability in Playgroundsessions Playground Sessions Playground Sessions v2.5.582 (and earlier) for Windows, stores the user credentials in plain text allowing anyone with access to UserProfiles.sol to extract the email and password. | 5.0 |
2020-11-23 | CVE-2020-15246 | Octobercms | Path Traversal vulnerability in Octobercms October October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. | 5.0 |
2020-11-23 | CVE-2020-4771 | IBM | Improper Authentication vulnerability in IBM Spectrum Protect Operations Center IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.10.and 7.1.0.000 through 7.1.11 could allow a remote attacker to obtain sensitive information, caused by improper authentication of a websocket endpoint. | 5.0 |
2020-11-23 | CVE-2019-14559 | Tianocore | Memory Leak vulnerability in Tianocore Edk2 Uncontrolled resource consumption in EDK II may allow an unauthenticated user to potentially enable denial of service via network access. | 5.0 |
2020-11-23 | CVE-2020-15437 | Linux | NULL Pointer Dereference vulnerability in Linux Kernel The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized. | 4.9 |
2020-11-28 | CVE-2020-27218 | Eclipse Netapp Oracle Apache Debian | In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. | 4.8 |
2020-11-28 | CVE-2020-29372 | Linux Canonical | Race Condition vulnerability in multiple products An issue was discovered in do_madvise in mm/madvise.c in the Linux kernel before 5.6.8. | 4.7 |
2020-11-24 | CVE-2020-29040 | XEN | Off-by-one Error vulnerability in XEN An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial of service (stack corruption), cause a data leak, or possibly gain privileges because of an off-by-one error. | 4.6 |
2020-11-23 | CVE-2018-16723 | V Secure | Improper Input Validation vulnerability in V-Secure Jingyun Antivirus 2.4.2.39 In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12364020. | 4.6 |
2020-11-23 | CVE-2018-16722 | V Secure | Improper Input Validation vulnerability in V-Secure Jingyun Antivirus 2.4.2.39 In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12360094, a related issue to CVE-2018-16305. | 4.6 |
2020-11-23 | CVE-2018-16721 | V Secure | Improper Input Validation vulnerability in V-Secure Jingyun Antivirus 2.4.2.39 In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12360090, a related issue to CVE-2018-16306. | 4.6 |
2020-11-23 | CVE-2018-16720 | V Secure | Improper Input Validation vulnerability in V-Secure Jingyun Antivirus 2.4.2.39 In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x1236001c, a related issue to CVE-2018-16304. | 4.6 |
2020-11-23 | CVE-2018-16719 | V Secure | Improper Input Validation vulnerability in V-Secure Jingyun Antivirus 2.4.2.39 In Jingyun Antivirus v2.4.2.39, the driver file (hookbody.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00221482. | 4.6 |
2020-11-23 | CVE-2020-15248 | Octobercms | Improper Privilege Management vulnerability in Octobercms October October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. | 4.6 |
2020-11-23 | CVE-2019-14575 | Tianocore Debian | Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.6 |
2020-11-23 | CVE-2019-14563 | Tianocore Debian | Incorrect Conversion between Numeric Types vulnerability in multiple products Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access. | 4.6 |
2020-11-23 | CVE-2020-28421 | Broadcom | Improper Privilege Management vulnerability in Broadcom Unified Infrastructure Management CA Unified Infrastructure Management 20.1 and earlier contains a vulnerability in the robot (controller) component that allows local attackers to elevate privileges. | 4.6 |
2020-11-24 | CVE-2020-5674 | Epson | Untrusted Search Path vulnerability in Epson products Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 4.4 |
2020-11-23 | CVE-2020-26231 | Octobercms | Missing Authorization vulnerability in Octobercms October 1.0.469/1.1.0 October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. | 4.4 |
2020-11-23 | CVE-2020-15247 | Octobercms | Unspecified vulnerability in Octobercms October October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. | 4.4 |
2020-11-29 | CVE-2020-29380 | Vsolcn | Cleartext Transmission of Sensitive Information vulnerability in Vsolcn products An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. | 4.3 |
2020-11-27 | CVE-2020-27746 | Schedmd Debian | Race Condition vulnerability in multiple products Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem. | 4.3 |
2020-11-27 | CVE-2017-15686 | Craftercms | Cross-site Scripting vulnerability in Craftercms Crafter CMS 3.0.0 Crafter CMS Crafter Studio 3.0.1 is affected by: Cross Site Scripting (XSS), which allows remote attackers to steal users’ cookies. | 4.3 |
2020-11-27 | CVE-2017-15682 | Craftercms | Cross-site Scripting vulnerability in Craftercms Crafter CMS 3.0.0 In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel. | 4.3 |
2020-11-27 | CVE-2020-29137 | Cpanel | Cross-site Scripting vulnerability in Cpanel cPanel before 90.0.17 allows self-XSS via the WHM Transfer Tool interface (SEC-577). | 4.3 |
2020-11-27 | CVE-2020-29133 | Coremail XT Project | Cross-site Scripting vulnerability in Coremail XT Project Coremail XT 5.0 jsp/upload.jsp in Coremail XT 5.0 allows XSS via an uploaded personal signature, as demonstrated by a .jpg.html filename in the signImgFile parameter. | 4.3 |
2020-11-26 | CVE-2020-29130 | Libslirp Project Debian Fedoraproject | Out-of-bounds Read vulnerability in multiple products slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. | 4.3 |
2020-11-26 | CVE-2020-29129 | Libslirp Project Fedoraproject Debian | Out-of-bounds Read vulnerability in multiple products ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. | 4.3 |
2020-11-26 | CVE-2020-29042 | Bigbluebutton | Improper Restriction of Excessive Authentication Attempts vulnerability in Bigbluebutton An issue was discovered in BigBlueButton through 2.2.29. | 4.3 |
2020-11-25 | CVE-2020-26243 | Nanopb Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nanopb Project Nanopb Nanopb is a small code-size Protocol Buffers implementation. | 4.3 |
2020-11-25 | CVE-2020-29072 | Liquidfiles | Cross-site Scripting vulnerability in Liquidfiles A Cross-Site Script Inclusion vulnerability was found on LiquidFiles before 3.3.19. | 4.3 |
2020-11-24 | CVE-2020-29055 | Cdatatec | Cleartext Transmission of Sensitive Information vulnerability in Cdatatec products An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. | 4.3 |
2020-11-24 | CVE-2020-29053 | Hrsale | Cross-site Scripting vulnerability in Hrsale 2.0.0 HRSALE 2.0.0 allows XSS via the admin/project/projects_calendar set_date parameter. | 4.3 |
2020-11-24 | CVE-2020-25474 | Newsscriptphp | Cross-site Scripting vulnerability in Newsscriptphp News Script PHP PRO 2.3 SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Scripting (XSS) vulnerability via the editor_name parameter. | 4.3 |
2020-11-24 | CVE-2020-25472 | Newsscriptphp | Cross-Site Request Forgery (CSRF) vulnerability in Newsscriptphp News Script PHP PRO 2.3 SimplePHPscripts News Script PHP Pro 2.3 is affected by a Cross Site Request Forgery (CSRF) vulnerability, which allows attackers to add new users. | 4.3 |
2020-11-24 | CVE-2020-5641 | Netgear | Cross-Site Request Forgery (CSRF) vulnerability in Netgear Gs108Ev3 Firmware Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmware version 2.06.10 and earlier allows remote attackers to hijack the authentication of administrators and the product's settings may be changed without the user's intention or consent via unspecified vectors. | 4.3 |
2020-11-23 | CVE-2020-26227 | Typo3 | Cross-site Scripting vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 4.3 |
2020-11-23 | CVE-2020-28927 | Magicpin | Cross-site Scripting vulnerability in Magicpin 2.1 There is a Stored XSS in Magicpin v2.1 in the User Registration section. | 4.3 |
2020-11-23 | CVE-2020-4783 | IBM | Information Exposure vulnerability in IBM Spectrum Protect Plus IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 4.3 |
2020-11-29 | CVE-2020-29375 | Vsolcn | Use of Hard-coded Credentials vulnerability in Vsolcn products An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. | 4.0 |
2020-11-27 | CVE-2020-29136 | Cpanel | Improper Restriction of Excessive Authentication Attempts vulnerability in Cpanel In cPanel before 90.0.17, 2FA can be bypassed via a brute-force approach (SEC-575). | 4.0 |
2020-11-26 | CVE-2020-27663 | Glpi Project | Insecure Storage of Sensitive Information vulnerability in Glpi-Project Glpi In GLPI before 9.5.3, ajax/getDropdownValue.php has an Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to read data from any itemType (e.g., Ticket, Users, etc.). | 4.0 |
2020-11-26 | CVE-2020-27662 | Glpi Project | Insecure Storage of Sensitive Information vulnerability in Glpi-Project Glpi In GLPI before 9.5.3, ajax/comments.php has an Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to read data from any database table (e.g., glpi_tickets, glpi_users, etc.). | 4.0 |
2020-11-25 | CVE-2020-26212 | Glpi Project | Missing Authorization vulnerability in Glpi-Project Glpi GLPI stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. | 4.0 |
2020-11-24 | CVE-2020-28330 | Barco | Insufficiently Protected Credentials vulnerability in Barco Wepresent Wipg-1600W Firmware 2.5.1.8 Barco wePresent WiPG-1600W devices have Unprotected Transport of Credentials. | 4.0 |
2020-11-24 | CVE-2020-24815 | Microstrategy | Server-Side Request Forgery (SSRF) vulnerability in Microstrategy 10.4/2019/2020 A Server-Side Request Forgery (SSRF) affecting the PDF generation in MicroStrategy 10.4, 2019 before Update 6, and 2020 before Update 2 allows authenticated users to access the content of internal network resources or leak files from the local system via HTML containers embedded in a dossier/dashboard document. | 4.0 |
2020-11-24 | CVE-2020-4003 | Vmware | SQL Injection vulnerability in VMWare Sd-Wan Orchestrator VMware SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 was found to be vulnerable to SQL-injection attacks allowing for potential information disclosure. | 4.0 |
2020-11-24 | CVE-2020-3984 | Vmware | SQL Injection vulnerability in VMWare Sd-Wan Orchestrator 3.3.2/3.4.0/3.4.4 The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3 and 3.4.x prior to 3.4.4 does not apply correct input validation which allows for SQL-injection. | 4.0 |
2020-11-23 | CVE-2020-1778 | Otrs | Improper Authentication vulnerability in Otrs When OTRS uses multiple backends for user authentication (with LDAP), agents are able to login even if the account is set to invalid. | 4.0 |
2020-11-23 | CVE-2019-14553 | Tianocore | Improper Authentication vulnerability in Tianocore Edk2 Improper authentication in EDK II may allow a privileged user to potentially enable information disclosure via network access. | 4.0 |
25 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-11-28 | CVE-2020-29374 | Linux Debian Netapp | Incorrect Authorization vulnerability in multiple products An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. | 3.6 |
2020-11-23 | CVE-2020-26229 | Typo3 | XXE vulnerability in Typo3 TYPO3 is an open source PHP based web content management system. | 3.6 |
2020-11-27 | CVE-2020-29145 | Ericsson | Cross-site Scripting vulnerability in Ericsson products In Ericsson BSCS iX R18 Billing & Rating iX R18, ADMX is a web base module in BSCS iX that is vulnerable to stored XSS via the name or description field to a solutionUnitServlet?SuName=UserReferenceDataSU Access Rights Group. | 3.5 |
2020-11-27 | CVE-2020-29144 | Ericsson | Cross-site Scripting vulnerability in Ericsson products In Ericsson BSCS iX R18 Billing & Rating iX R18, MX is a web base module in BSCS iX that is vulnerable to stored XSS via an Alert Dashboard comment. | 3.5 |
2020-11-27 | CVE-2020-29135 | Cpanel | Injection vulnerability in Cpanel cPanel before 90.0.17 has multiple instances of URL parameter injection (SEC-567). | 3.5 |
2020-11-27 | CVE-2020-12262 | Intelbras | Cross-site Scripting vulnerability in Intelbras products Intelbras TIP200 60.61.75.15, TIP200LITE 60.61.75.15, and TIP300 65.61.75.15 devices allow /cgi-bin/cgiServer.exx?page= XSS. | 3.5 |
2020-11-25 | CVE-2020-29070 | Oscommerce | Cross-site Scripting vulnerability in Oscommerce 2.3.4.1 osCommerce 2.3.4.1 has XSS vulnerability via the authenticated user entering the XSS payload into the title section of newsletters. | 3.5 |
2020-11-24 | CVE-2020-26235 | Time Project | NULL Pointer Dereference vulnerability in Time Project Time In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. | 3.5 |
2020-11-24 | CVE-2020-29003 | Mediawiki | Cross-site Scripting vulnerability in Mediawiki The PollNY extension for MediaWiki through 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll. | 3.5 |
2020-11-24 | CVE-2020-29002 | Mediawiki | Cross-site Scripting vulnerability in Mediawiki includes/CologneBlueTemplate.php in the CologneBlue skin for MediaWiki through 1.35 allows XSS via a qbfind message supplied by an administrator. | 3.5 |
2020-11-23 | CVE-2020-15249 | Octobercms | Cross-site Scripting vulnerability in Octobercms October October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. | 3.5 |
2020-11-23 | CVE-2020-26239 | Scratchaddons | Cross-site Scripting vulnerability in Scratchaddons Scratch Addons Scratch Addons is a WebExtension that supports both Chrome and Firefox. | 3.5 |
2020-11-23 | CVE-2020-12352 | Linux | Unspecified vulnerability in Linux Kernel Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access. | 3.3 |
2020-11-23 | CVE-2019-14587 | Tianocore Debian | Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access. | 3.3 |
2020-11-23 | CVE-2020-25688 | Redhat | Use of Hard-coded Credentials vulnerability in Redhat Advanced Cluster Management for Kubernetes A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. | 2.7 |
2020-11-23 | CVE-2020-28896 | Mutt Neomutt Debian | Insufficiently Protected Credentials vulnerability in multiple products Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid. | 2.6 |
2020-11-29 | CVE-2020-29383 | Vsolcn | Use of Hard-coded Credentials vulnerability in Vsolcn V1600D-Mini Firmware and V1600D4L Firmware An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. | 2.1 |
2020-11-29 | CVE-2020-29382 | Vsolcn | Use of Hard-coded Credentials vulnerability in Vsolcn V1600D Firmware, V1600G1 Firmware and V1600G2 Firmware An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. | 2.1 |
2020-11-29 | CVE-2020-29379 | Vsolcn | Improper Authentication vulnerability in Vsolcn V1600D-Mini Firmware and V1600D4L Firmware An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. | 2.1 |
2020-11-28 | CVE-2020-29373 | Linux | Path Traversal vulnerability in Linux Kernel An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. | 2.1 |
2020-11-28 | CVE-2020-29371 | Linux | Use of Uninitialized Resource vulnerability in Linux Kernel An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. | 2.1 |
2020-11-25 | CVE-2020-29069 | Modern Honey Network Project | Unspecified vulnerability in Modern Honey Network Project Modern Honey Network 20201123 _get_flag_ip_localdb in server/mhn/ui/utils.py in Modern Honey Network (MHN) through 2020-11-23 allows attackers to cause a denial-of-service via an IP address that is absent from a local geolocation database, because the code tries to uppercase a return value even if that value is not a string. | 2.1 |
2020-11-24 | CVE-2020-10763 | Heketi Project Redhat | Information Exposure Through Log Files vulnerability in multiple products An information-disclosure flaw was found in the way Heketi before 10.1.0 logs sensitive information. | 2.1 |
2020-11-23 | CVE-2019-14562 | Tianocore Debian | Integer Overflow or Wraparound vulnerability in multiple products Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access. | 2.1 |
2020-11-27 | CVE-2020-25738 | Cyberark | Uncontrolled Search Path Element vulnerability in Cyberark Endpoint Privilege Manager 11.1.0.173 CyberArk Endpoint Privilege Manager (EPM) 11.1.0.173 allows attackers to bypass a Credential Theft protection mechanism by injecting a DLL into a process that normally has credential access, such as a Chrome process that reads credentials from a SQLite database. | 1.9 |