Weekly Vulnerabilities Reports > November 30 to December 6, 2020

Overview

195 new vulnerabilities reported during this period, including 31 critical vulnerabilities and 61 high severity vulnerabilities. This weekly summary report vulnerabilities in 293 products from 118 vendors including Debian, Redhat, Imagemagick, Netapp, and Fedoraproject. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Integer Overflow or Wraparound", "SQL Injection", and "Out-of-bounds Read".

  • 130 reported vulnerabilities are remotely exploitables.
  • 20 reported vulnerabilities have public exploit available.
  • 46 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 132 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 30 reported vulnerabilities.
  • Westerndigital has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

31 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-02 CVE-2017-14451 Ethereum Out-of-bounds Read vulnerability in Ethereum

An exploitable out-of-bounds read vulnerability exists in libevm (Ethereum Virtual Machine) of CPP-Ethereum.

10.0
2020-12-04 CVE-2020-25462 Moddable Out-of-bounds Write vulnerability in Moddable

Heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562 in Moddable SDK before OS200903.

9.8
2020-12-03 CVE-2020-2320 Jenkins Download of Code Without Integrity Check vulnerability in Jenkins Installation Manager Tool

Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads.

9.8
2020-12-03 CVE-2020-6017 Valvesoftware Out-of-bounds Write vulnerability in Valvesoftware Game Networking Sockets 1.0.0/1.1.0

Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution.

9.8
2020-12-02 CVE-2020-29288 Adrianmercurio SQL Injection vulnerability in Adrianmercurio GYM Management System 1.0

An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable.

9.8
2020-12-02 CVE-2020-29287 CAR Rental Management System Project SQL Injection vulnerability in CAR Rental Management System Project CAR Rental Management System 1.0

An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or the car_id parameter in booking.php.

9.8
2020-12-02 CVE-2020-29285 Point OF Sales IN PHP PDO Project SQL Injection vulnerability in Point of Sales in PHP/Pdo Project Point of Sales in PHP/Pdo 1.0

SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to edit_category.php.

9.8
2020-12-02 CVE-2020-29284 Multi Restaurant Table Reservation System Project SQL Injection vulnerability in Multi Restaurant Table Reservation System Project Multi Restaurant Table Reservation System 1.0

The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection.

9.8
2020-12-02 CVE-2020-29283 Online Doctor Appointment Booking System PHP AND Mysql Project SQL Injection vulnerability in Online Doctor Appointment Booking System PHP and Mysql Project Online Doctor Appointment Booking System PHP and Mysql 1.0

An SQL injection vulnerability was discovered in Online Doctor Appointment Booking System PHP and Mysql via the q parameter to getuser.php.

9.8
2020-12-02 CVE-2020-29282 Bloodx Project SQL Injection vulnerability in Bloodx Project Bloodx 1.0

SQL injection vulnerability in BloodX 1.0 allows attackers to bypass authentication.

9.8
2020-12-02 CVE-2020-29280 Victor CMS Project SQL Injection vulnerability in Victor CMS Project Victor CMS 1.0

The Victor CMS v1.0 application is vulnerable to SQL injection via the 'search' parameter on the search.php page.

9.8
2020-12-02 CVE-2020-29279 74Cms Unspecified vulnerability in 74Cms

PHP remote file inclusion in the assign_resume_tpl method in Application/Common/Controller/BaseController.class.php in 74CMS before 6.0.48 allows remote code execution.

9.8
2020-12-02 CVE-2020-29389 Docker Missing Authentication for Critical Function vulnerability in Docker Crux Linux Docker Image

The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user.

9.8
2020-12-02 CVE-2020-28273 SET IN Project Unspecified vulnerability in Set-In Project Set-In

Prototype pollution vulnerability in 'set-in' versions 1.0.0 through 2.0.0 allows attacker to cause a denial of service and may lead to remote code execution.

9.8
2020-12-02 CVE-2020-28272 Keyget Project Unspecified vulnerability in Keyget Project Keyget

Prototype pollution vulnerability in 'keyget' versions 1.0.0 through 2.2.0 allows attacker to cause a denial of service and may lead to remote code execution.

9.8
2020-12-02 CVE-2020-7199 HP Improper Authentication vulnerability in HP Edgeline Infrastructure Manager

A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software.

9.8
2020-12-02 CVE-2020-6018 Valvesoftware Out-of-bounds Write vulnerability in Valvesoftware Game Networking Sockets 1.0.0/1.1.0

Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long encrypted messages in function AES_GCM_DecryptContext::Decrypt() when compiled using libsodium, leading to a Stack-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution.

9.8
2020-12-02 CVE-2020-14260 Hcltech Classic Buffer Overflow vulnerability in Hcltech Domino 10.0.0/11.0.0/9.0.1

HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input.

9.8
2020-12-01 CVE-2020-6880 ZTE SQL Injection vulnerability in ZTE Zxv10 W908 Firmware

A ZXELINK wireless controller has a SQL injection vulnerability.

9.8
2020-12-01 CVE-2020-28971 Westerndigital Improper Authentication vulnerability in Westerndigital MY Cloud OS 5

An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115.

9.8
2020-12-01 CVE-2020-28970 Westerndigital Improper Authentication vulnerability in Westerndigital MY Cloud OS 5

An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115.

9.8
2020-12-01 CVE-2020-28940 Westerndigital Improper Authentication vulnerability in Westerndigital MY Cloud OS 5

On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admin dashboard has an authentication bypass vulnerability that could allow an unauthenticated user to execute privileged commands on the device.

9.8
2020-12-01 CVE-2020-7548 Schneider Electric Unspecified vulnerability in Schneider-Electric products

A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and Wiser Series Gateways (see security notification for version information) that could allow unauthorized users to login.

9.8
2020-12-01 CVE-2020-7533 Schneider Electric Unspecified vulnerability in Schneider-Electric products

A CWE-255: Credentials Management vulnerability exists in Web Server on Modicon M340, Modicon Quantum and ModiconPremium Legacy offers and their Communication Modules (see security notification for version information) which could cause the execution of commands on the webserver without authentication when sending specially crafted HTTP requests.

9.8
2020-12-01 CVE-2020-26762 Edimax Out-of-bounds Write vulnerability in Edimax Ic-3116W Firmware and Ic-3140W Firmware

A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and IC-3140W (v3.07), which allows an unauthenticated, unauthorized attacker to perform remote-code-execution due to a crafted GET-Request.

9.8
2020-11-30 CVE-2020-29390 Zeroshell OS Command Injection vulnerability in Zeroshell 3.9.3

Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi-bin/kerbynet StartSessionSubmit parameter that could allow an unauthenticated attacker to execute a system command by using shell metacharacters and the %0a character.

9.8
2020-11-30 CVE-2020-28926 Readymedia Project
Debian
Classic Buffer Overflow vulnerability in multiple products

ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution.

9.8
2020-11-30 CVE-2020-25537 Ucms Project Unrestricted Upload of File with Dangerous Type vulnerability in Ucms Project Ucms 1.5.0

File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this vulnerability to obtain server management permission.

9.8
2020-11-30 CVE-2020-27660 Synology SQL Injection vulnerability in Synology Safeaccess

SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter.

9.8
2020-11-30 CVE-2020-29127 Fujitsu Improper Authentication vulnerability in Fujitsu Eternus Storage Dx200 S4 Firmware 20201125

An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25.

9.8
2020-11-30 CVE-2020-4627 IBM Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Cloud PAK for Security 1.3.0.1

IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection.

9.0

61 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-03 CVE-2020-13525 Processmaker SQL Injection vulnerability in Processmaker 3.4.11

The sort parameter in the download page /sysworkflow/en/neoclassic/reportTables/reportTables_Ajax is vulnerable to SQL injection in ProcessMaker 3.4.11.

8.8
2020-12-03 CVE-2020-14339 Redhat Unspecified vulnerability in Redhat Enterprise Linux and Libvirt

A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process.

8.8
2020-12-03 CVE-2020-13584 Webkitgtk
Fedoraproject
Use After Free vulnerability in multiple products

An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64.

8.8
2020-12-03 CVE-2020-13543 Webkitgtk Use After Free vulnerability in Webkitgtk 2.30.0

A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0.

8.8
2020-12-03 CVE-2020-13531 Pixar Use After Free vulnerability in Pixar Openusd 20.08

A use-after-free vulnerability exists in a way Pixar OpenUSD 20.08 processes reference paths textual USD files.

8.8
2020-12-02 CVE-2017-2910 Libxls Project Out-of-bounds Write vulnerability in Libxls Project Libxls 2.0.0

An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0.

8.8
2020-12-02 CVE-2020-29458 Textpattern Cross-Site Request Forgery (CSRF) vulnerability in Textpattern 4.6.2

Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem.

8.8
2020-12-01 CVE-2020-7547 Schneider Electric Unspecified vulnerability in Schneider-Electric products

A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a user the ability to perform actions via the web interface at a higher privilege level.

8.8
2020-12-01 CVE-2020-25181 WE CON Out-of-bounds Read vulnerability in We-Con PLC Editor 1.3.3U/1.3.5/1.3.8

WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer overflow vulnerabilities have been identified that may allow arbitrary code execution.

8.8
2020-12-01 CVE-2020-25177 WE CON Out-of-bounds Write vulnerability in We-Con PLC Editor 1.3.3U/1.3.5/1.3.8

WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer overflow vulnerability has been identified that may allow arbitrary code execution.

8.8
2020-12-03 CVE-2020-26248 Prestashop SQL Injection vulnerability in Prestashop Productcomments

In the PrestaShop module "productcomments" before version 4.2.1, an attacker can use a Blind SQL injection to retrieve data or stop the MySQL service.

8.2
2020-12-03 CVE-2020-28251 Netscout Unspecified vulnerability in Netscout Airmagnet Enterprise 11.1.4

NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system.

8.1
2020-12-03 CVE-2020-25693 Cimg
Fedoraproject
A flaw was found in CImg in versions prior to 2.9.3.
8.1
2020-12-03 CVE-2020-2321 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Shelve Project

A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project.

8.1
2020-12-02 CVE-2020-14305 Linux
Netapp
An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720.
8.1
2020-12-04 CVE-2020-28950 Kaspersky Uncontrolled Search Path Element vulnerability in Kaspersky Anti-Ransomware Tool 4.0

The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process.

7.8
2020-12-04 CVE-2020-27766 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/statistic.c.

7.8
2020-12-03 CVE-2020-29534 Linux Unspecified vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 5.9.3.

7.8
2020-12-03 CVE-2020-23740 Drivergenius Missing Authorization vulnerability in Drivergenius 9.61.5480.28

In DriverGenius 9.61.5480.28 there is a local privilege escalation vulnerability in the driver wizard, attackers can use constructed programs to increase user privileges.

7.8
2020-12-03 CVE-2020-28175 Almico Unspecified vulnerability in Almico Speedfan 4.52

There is a local privilege escalation vulnerability in Alfredo Milani Comparetti SpeedFan 4.52.

7.8
2020-12-03 CVE-2020-23735 Saibo Missing Authorization vulnerability in Saibo Cyber Game Accelerator 3.7.9

In Saibo Cyber Game Accelerator 3.7.9 there is a local privilege escalation vulnerability.

7.8
2020-12-03 CVE-2020-14381 Linux Use After Free vulnerability in Linux Kernel

A flaw was found in the Linux kernel’s futex implementation.

7.8
2020-12-03 CVE-2020-14351 Linux
Redhat
Debian
A flaw was found in the Linux kernel.
7.8
2020-12-03 CVE-2020-13542 Logicaldoc Incorrect Default Permissions vulnerability in Logicaldoc 8.5.1

A local privilege elevation vulnerability exists in the file system permissions of LogicalDoc 8.5.1 installation.

7.8
2020-12-03 CVE-2020-6021 Checkpoint Uncontrolled Search Path Element vulnerability in Checkpoint Endpoint Security

Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place.

7.8
2020-12-02 CVE-2020-13493 Pixar Out-of-bounds Write vulnerability in Pixar Openusd 20.05

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files.

7.8
2020-12-01 CVE-2020-8539 KIA Incorrect Default Permissions vulnerability in KIA Head Unit Firmware Sop.003.30.18.0703/Sop.005.7.181019/Sop.007.1.191209

Kia Motors Head Unit with Software version: SOP.003.30.18.0703, SOP.005.7.181019, and SOP.007.1.191209 may allow an attacker to inject unauthorized commands, by executing the micomd executable deamon, to trigger unintended functionalities.

7.8
2020-12-01 CVE-2020-7335 Mcafee Unspecified vulnerability in Mcafee Total Protection

Privilege Escalation vulnerability in Microsoft Windows client McAfee Total Protection (MTP) prior to 16.0.29 allows local users to gain elevated privileges via careful manipulation of a folder by creating a junction link.

7.8
2020-12-01 CVE-2020-9117 Huawei Out-of-bounds Write vulnerability in Huawei Nova 4 Firmware and Sydneym-Al00 Firmware

HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10.0.0.165(C00E66R1P5) have an out-of-bounds read and write vulnerability.

7.8
2020-12-01 CVE-2020-9114 Huawei Improper Privilege Management vulnerability in Huawei Fusioncompute

FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability.

7.8
2020-11-30 CVE-2020-8351 Lenovo Improper Privilege Management vulnerability in Lenovo Pcmanager 2.6.40.3154/2.8.90.11211

A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an authenticated user to execute code with elevated privileges.

7.8
2020-11-30 CVE-2020-29394 Genivi
Debian
Out-of-bounds Write vulnerability in multiple products

A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument).

7.8
2020-12-06 CVE-2020-29573 GNU
Redhat
Netapp
Out-of-bounds Write vulnerability in multiple products

sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf.

7.5
2020-12-04 CVE-2020-25465 Moddable NULL Pointer Dereference vulnerability in Moddable

Null Pointer Dereference.

7.5
2020-12-04 CVE-2020-25464 Moddable Out-of-bounds Write vulnerability in Moddable Os180328/Os180329/Os200831

Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before 20200903.

7.5
2020-12-04 CVE-2020-25463 Moddable Unspecified vulnerability in Moddable

Invalid Memory Access in fxUTF8Decode at moddable/xs/sources/xsCommon.c:916 in Moddable SDK before OS200908 causes a denial of service (SEGV).

7.5
2020-12-04 CVE-2020-25461 Moddable Unspecified vulnerability in Moddable

Invalid Memory Access in the fxProxyGetter function in moddable/xs/sources/xsProxy.c in Moddable SDK before OS200908 causes a denial of service (SEGV).

7.5
2020-12-04 CVE-2020-27408 Os4Ed Weak Password Recovery Mechanism for Forgotten Password vulnerability in Os4Ed Opensis 7.3/7.6

OpenSIS Community Edition through 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated attacker to change the password of arbitrary users.

7.5
2020-12-04 CVE-2020-5675 Mitsubishielectric Out-of-bounds Read vulnerability in Mitsubishielectric products

Out-of-bounds read vulnerability in GT21 model of GOT2000 series (GT2107-WTBD V01.39.000 and earlier, GT2107-WTSD V01.39.000 and earlier, GT2104-RTBD V01.39.000 and earlier, GT2104-PMBD V01.39.000 and earlier, and GT2103-PMBD V01.39.000 and earlier), GS21 model of GOT series (GS2110-WTBD V01.39.000 and earlier, GS2107-WTBD V01.39.000 and earlier, GS2110-WTBD-N V01.39.000 and earlier, and GS2107-WTBD-N V01.39.000 and earlier), and Tension Controller LE7-40GU-L series (LE7-40GU-L Screen package data for CC-Link IEF Basic V1.00, LE7-40GU-L Screen package data for MODBUS/TCP V1.00, and LE7-40GU-L Screen package data for SLMP V1.00) allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted packet.

7.5
2020-12-03 CVE-2020-29529 Hashicorp Link Following vulnerability in Hashicorp Go-Slug

HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks.

7.5
2020-12-03 CVE-2020-17527 Apache
Netapp
Debian
Oracle
Information Exposure vulnerability in multiple products

While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream.

7.5
2020-12-03 CVE-2020-27778 Freedesktop
Redhat
Debian
Access of Uninitialized Pointer vulnerability in multiple products

A flaw was found in Poppler in the way certain PDF files were converted into HTML.

7.5
2020-12-03 CVE-2020-25649 Fasterxml
Netapp
Fedoraproject
Quarkus
Apache
Oracle
XXE vulnerability in multiple products

A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly.

7.5
2020-12-03 CVE-2020-28937 Openclinic Project Forced Browsing vulnerability in Openclinic Project Openclinic 0.8.2

OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Protected Health Information (PHI) stored in the application, via a direct request for the /tests/ URI.

7.5
2020-12-03 CVE-2020-2324 Jenkins XXE vulnerability in Jenkins CVS

Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

7.5
2020-12-03 CVE-2020-2322 Netflix Missing Authorization vulnerability in Netflix Chaos Monkey 0.3

Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks.

7.5
2020-12-03 CVE-2020-6111 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1100 B Firmware

An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000 and Series B FRN 10.000.

7.5
2020-12-03 CVE-2020-5680 EC Cube Improper Input Validation vulnerability in Ec-Cube

Improper input validation vulnerability in EC-CUBE versions from 3.0.5 to 3.0.18 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vector.

7.5
2020-12-03 CVE-2020-5676 Weseek Information Exposure vulnerability in Weseek Growi

GROWI v4.1.3 and earlier allow remote attackers to obtain information which is not allowed to access via unspecified vectors.

7.5
2020-12-02 CVE-2020-12524 Phoenixcontact Resource Exhaustion vulnerability in Phoenixcontact products

Uncontrolled Resource Consumption can be exploited to cause the Phoenix Contact HMIs BTP 2043W, BTP 2070W and BTP 2102W in all versions to become unresponsive and not accurately update the display content (Denial of Service).

7.5
2020-12-02 CVE-2020-5423 Cloudfoundry Resource Exhaustion vulnerability in Cloudfoundry Cf-Deployment

CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM.

7.5
2020-12-02 CVE-2020-27813 Gorillatoolkit
Debian
Resource Exhaustion vulnerability in multiple products

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection.

7.5
2020-12-01 CVE-2020-28993 ATX Path Traversal vulnerability in ATX Minicmts200A Firmware 2.0

A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadband Gateway through 2.0 and Pico CMTS through 2.0.

7.5
2020-11-30 CVE-2020-16850 Mitsubishielectric Resource Exhaustion vulnerability in Mitsubishielectric products

Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network.

7.5
2020-11-30 CVE-2020-16849 Canon Unspecified vulnerability in Canon products

An issue was discovered on Canon MF237w 06.07 devices.

7.5
2020-12-02 CVE-2020-25638 Hibernate
Debian
Quarkus
Oracle
A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final.
7.4
2020-12-02 CVE-2012-0955 Canonical Improper Certificate Validation vulnerability in Canonical Software-Properties 0.81.13.1/0.81.13.3

software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py.

7.4
2020-12-03 CVE-2020-28939 Openclinic Project Unrestricted Upload of File with Dangerous Type vulnerability in Openclinic Project Openclinic 0.8.2

OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability.

7.2
2020-12-01 CVE-2020-7545 Schneider Electric Unspecified vulnerability in Schneider-Electric products

A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow for arbitrary code execution on the server when an authorized user access an affected webpage.

7.2
2020-12-01 CVE-2020-9116 Huawei Command Injection vulnerability in Huawei Fusioncompute 6.5.1/8.0.0

Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability.

7.2
2020-12-01 CVE-2020-9115 Huawei Command Injection vulnerability in Huawei Manageone

ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, ,6.5.1.1.B050, 8.0.0 and 8.0.1 have a command injection vulnerability.

7.2

86 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-04 CVE-2020-27348 Canonical Uncontrolled Search Path Element vulnerability in Canonical Snapcraft and Ubuntu Linux

In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both plug the home interface or similar.

6.8
2020-12-02 CVE-2020-26244 Python Openid Connect Project Improper Verification of Cryptographic Signature vulnerability in Python Openid Connect Project Python Openid Connect

Python oic is a Python OpenID Connect implementation.

6.8
2020-12-02 CVE-2020-4102 Hcltech Classic Buffer Overflow vulnerability in Hcltech Notes

HCL Notes is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input.

6.7
2020-12-01 CVE-2020-28575 Trendmicro Out-of-bounds Write vulnerability in Trendmicro Serverprotect 3.0

A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affected installations.

6.7
2020-11-30 CVE-2020-27587 Quickheal Weak Password Requirements vulnerability in Quickheal Total Security

Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access to files in the File Vault via a brute-force attack on the password.

6.7
2020-12-03 CVE-2018-21270 Nodejs Out-of-bounds Read vulnerability in Nodejs Node.Js

Versions less than 0.0.6 of the Node.js stringstream module are vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream (when using Node.js 4.x).

6.5
2020-12-03 CVE-2020-25711 Infinispan
Redhat
Netapp
Missing Authorization vulnerability in multiple products

A flaw was found in infinispan 10 REST API, where authorization permissions are not checked while performing some server management operations.

6.5
2020-12-03 CVE-2020-26246 Pimcore Improper Preservation of Permissions vulnerability in Pimcore

Pimcore is an open source digital experience platform.

6.5
2020-12-02 CVE-2020-28206 Bitrix24 Improper Restriction of Excessive Authentication Attempts vulnerability in Bitrix24 Bitrix Framework 20.0

An issue was discovered in Bitrix24 Bitrix Framework (1c site management) 20.0.

6.5
2020-12-02 CVE-2020-13496 Pixar Out-of-bounds Read vulnerability in Pixar Openusd 20.05

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types.

6.5
2020-12-02 CVE-2020-25265 Appimage Unspecified vulnerability in Appimage Libappimage

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components.

6.5
2020-12-02 CVE-2020-14383 Samba
Redhat
A flaw was found in samba's DNS server.
6.5
2020-11-30 CVE-2020-4127 Hcltech Cross-Site Request Forgery (CSRF) vulnerability in Hcltech HCL Domino 10.0.1/9.0.1

HCL Domino is susceptible to a Login CSRF vulnerability.

6.5
2020-11-30 CVE-2020-29441 Outsystems Unrestricted Upload of File with Dangerous Type vulnerability in Outsystems 10

An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0.

6.5
2020-11-30 CVE-2020-29438 Tesla Improper Verification of Cryptographic Signature vulnerability in Tesla Model X Firmware

Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification.

6.5
2020-11-30 CVE-2020-17901 Pbootcms Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 1.3.2

Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers to change the password of a user.

6.5
2020-12-02 CVE-2020-14369 Redhat Cross-Site Request Forgery (CSRF) vulnerability in Redhat Cloudforms

This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execute unwanted actions on a web application in which the user is currently authenticated.

6.3
2020-12-01 CVE-2020-26250 Jupyter Incorrect Authorization vulnerability in Jupyter Oauthenticator 0.12.0/0.12.1

OAuthenticator is an OAuth login mechanism for JupyterHub.

6.3
2020-12-06 CVE-2020-29572 Misp Cross-site Scripting vulnerability in Misp 2.4.135

app/View/Elements/genericElements/SingleViews/Fields/genericField.ctp in MISP 2.4.135 has XSS via the authkey comment field.

6.1
2020-12-04 CVE-2020-27409 Os4Ed Cross-site Scripting vulnerability in Os4Ed Opensis 7.3

OpenSIS Community Edition before 7.5 is affected by a cross-site scripting (XSS) vulnerability in SideForStudent.php via the modname parameter.

6.1
2020-12-04 CVE-2020-29565 Openstack
Debian
Open Redirect vulnerability in multiple products

An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x.

6.1
2020-12-03 CVE-2020-27783 Lxml
Redhat
Debian
Fedoraproject
Netapp
Oracle
A XSS vulnerability was discovered in python-lxml's clean module.
6.1
2020-12-03 CVE-2020-5679 EC Cube Improper Restriction of Rendered UI Layers or Frames vulnerability in Ec-Cube

Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks.

6.1
2020-12-03 CVE-2020-5678 Weseek Cross-site Scripting vulnerability in Weseek Growi

Stored cross-site scripting vulnerability in GROWI v3.8.1 and earlier allows remote attackers to inject arbitrary script via unspecified vectors.

6.1
2020-12-03 CVE-2020-5677 Weseek Cross-site Scripting vulnerability in Weseek Growi

Reflected cross-site scripting vulnerability in GROWI v4.0.0 and earlier allows remote attackers to inject arbitrary script via unspecified vectors.

6.1
2020-12-03 CVE-2020-5638 Desknets Cross-site Scripting vulnerability in Desknets NEO 5.5

Cross-site scripting vulnerability in desknet's NEO (desknet's NEO Small License V5.5 R1.5 and earlier, and desknet's NEO Enterprise License V5.5 R1.5 and earlier) allows remote attackers to inject arbitrary script via unspecified vectors.

6.1
2020-12-02 CVE-2020-29239 Janobe Cross-site Scripting vulnerability in Janobe Online Voting System 1.0

Online Birth Certificate System Project V 1.0 is affected by cross-site scripting (XSS).

6.1
2020-12-02 CVE-2020-29456 Papermerge Cross-site Scripting vulnerability in Papermerge

Multiple cross-site scripting (XSS) vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function.

6.1
2020-12-02 CVE-2020-27816 Elastic
Redhat
Open Redirect vulnerability in multiple products

The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource.

6.1
2020-11-30 CVE-2020-29395 Myeventon Cross-site Scripting vulnerability in Myeventon Eventon

The EventON plugin through 3.0.5 for WordPress allows addons/?q= XSS via the search field.

6.1
2020-12-01 CVE-2020-4126 Hcltech Missing Encryption of Sensitive Data vulnerability in Hcltech HCL Inotes

HCL iNotes is susceptible to a sensitive cookie exposure vulnerability.

5.9
2020-11-30 CVE-2020-27586 Quickheal Cleartext Transmission of Sensitive Information vulnerability in Quickheal Total Security

Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text.

5.9
2020-12-04 CVE-2020-27770 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability.

5.5
2020-12-04 CVE-2020-28916 Qemu
Debian
Infinite Loop vulnerability in multiple products

hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.

5.5
2020-12-04 CVE-2020-29561 Boom Core Improper Handling of Exceptional Conditions vulnerability in Boom-Core Risvc-Boom 3.0.0

An issue was discovered in SonicBOOM riscv-boom 3.0.0.

5.5
2020-12-03 CVE-2020-23741 Amoisoft Unspecified vulnerability in Amoisoft Anyview 4.6.0.1

In AnyView (network police) network monitoring software 4.6.0.1, there is a local denial of service vulnerability in AnyView, attackers can use a constructed program to cause a computer crash (BSOD).

5.5
2020-12-03 CVE-2020-23738 Advancedsystemcare Unspecified vulnerability in Advancedsystemcare Advanced Systemcare 13.5.0.174

There is a local denial of service vulnerability in Advanced SystemCare 13 PRO 13.5.0.174.

5.5
2020-12-03 CVE-2020-23736 Dadajiasu Unspecified vulnerability in Dadajiasu Dada Accelerator 5.6.19.816

There is a local denial of service vulnerability in DaDa accelerator 5.6.19.816,, attackers can use constructed programs to cause computer crashes (BSOD).

5.5
2020-12-03 CVE-2020-23727 Antiy Unspecified vulnerability in Antiy Zhijia Terminal Defense System 5.0.2.10121559

There is a local denial of service vulnerability in the Antiy Zhijia Terminal Defense System 5.0.2.10121559 and an attacker can cause a computer crash (BSOD).

5.5
2020-12-03 CVE-2020-23726 Wisecleaner Unspecified vulnerability in Wisecleaner Wise Care 365 5.5.4

There is a local denial of service vulnerability in Wise Care 365 5.5.4, attackers can cause computer crash (BSOD).

5.5
2020-12-03 CVE-2020-13524 Pixar
Apple
Out-of-bounds Write vulnerability in multiple products

An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files.

5.5
2020-12-03 CVE-2020-27762 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in coders/hdr.c.

5.5
2020-12-03 CVE-2020-27760 Imagemagick
Debian
Divide By Zero vulnerability in multiple products

In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick.

5.5
2020-12-02 CVE-2020-13498 Pixar Unspecified vulnerability in Pixar Openusd 20.05

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types.

5.5
2020-12-02 CVE-2020-13497 Pixar Out-of-bounds Read vulnerability in Pixar Openusd 20.05

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types.

5.5
2020-12-02 CVE-2020-13494 Pixar Out-of-bounds Write vulnerability in Pixar Openusd 20.05

A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files.

5.5
2020-12-02 CVE-2020-25266 Appimage Download of Code Without Integrity Check vulnerability in Appimage Appimaged

AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid appimage.

5.5
2020-12-02 CVE-2020-25704 Linux
Debian
Starwindsoftware
A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER.
5.5
2020-11-30 CVE-2020-4900 IBM Information Exposure Through Log Files vulnerability in IBM Business Automation Workflow 19.0.0.3

IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files that could be read by a local user.

5.5
2020-11-30 CVE-2020-29384 Advsys Integer Overflow or Wraparound vulnerability in Advsys Pngout 20200115

An issue was discovered in PNGOUT 2020-01-15.

5.5
2020-12-03 CVE-2020-28938 Openclinic Project Cross-site Scripting vulnerability in Openclinic Project Openclinic 0.8.2

OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users.

5.4
2020-12-01 CVE-2019-16958 Solarwinds Cross-site Scripting vulnerability in Solarwinds Help Desk 12.7.0

Cross-site Scripting (XSS) vulnerability in SolarWinds Web Help Desk 12.7.0 allows attacker to inject arbitrary web script or HTML via Location Name.

5.4
2020-12-01 CVE-2020-29315 Thinkadmin Cross-site Scripting vulnerability in Thinkadmin 1.0/6.0

ThinkAdmin version v1 v6 has a stored XSS vulnerability which allows remote attackers to inject an arbitrary web script or HTML.

5.4
2020-12-01 CVE-2020-7546 Schneider Electric Unspecified vulnerability in Schneider-Electric products

A CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow an attacker to perform actions on behalf of the authorized user when accessing an affected webpage.

5.4
2020-11-30 CVE-2020-14193 Atlassian Injection vulnerability in Atlassian Automation for Jira

Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & <jira-installation>/jira/bin directories via a template injection vulnerability in Jira smart values using mustache partials.

5.4
2020-12-03 CVE-2020-2323 Netflix Missing Authorization vulnerability in Netflix Chaos Monkey 0.3/0.4

Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permission checks in an HTTP endpoint, allowing attackers with Overall/Read permission to access the Chaos Monkey page and to see the history of actions.

5.3
2020-12-02 CVE-2020-13956 Apache
Quarkus
Oracle
Netapp
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
5.3
2020-12-01 CVE-2020-28583 Trendmicro Unspecified vulnerability in Trendmicro Apex ONE and Officescan

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information.

5.3
2020-12-01 CVE-2020-28582 Trendmicro Unspecified vulnerability in Trendmicro Apex ONE and Officescan

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents.

5.3
2020-12-01 CVE-2020-28577 Trendmicro Unspecified vulnerability in Trendmicro Apex ONE and Officescan

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names.

5.3
2020-12-01 CVE-2020-28576 Trendmicro Unspecified vulnerability in Trendmicro Apex ONE and Officescan

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information.

5.3
2020-12-01 CVE-2020-28573 Trendmicro Unspecified vulnerability in Trendmicro Apex ONE and Officescan

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal the total agents managed by the server.

5.3
2020-12-01 CVE-2020-4128 Hcltech Unspecified vulnerability in Hcltech Domino

HCL Domino is susceptible to a lockout policy bypass vulnerability in the ID Vault service.

5.3
2020-12-01 CVE-2020-4129 Hcltech Unspecified vulnerability in Hcltech HCL Domino 10.0.1/9.0.1

HCL Domino is susceptible to a lockout policy bypass vulnerability in the LDAP service.

5.3
2020-11-30 CVE-2020-4625 IBM Incorrect Permission Assignment for Critical Resource vulnerability in IBM Cloud PAK for Security 1.3.0.1

IBM Cloud Pak for Security 1.3.0.1(CP4S) could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag.

5.3
2020-11-30 CVE-2020-4624 IBM Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Cloud PAK for Security 1.3.0.1

IBM Cloud Pak for Security 1.3.0.1 (CP4S) uses weaker than expected cryptographic algorithms during negotiation could allow an attacker to decrypt sensitive information.

5.3
2020-11-30 CVE-2020-28978 Canto Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability.

5.3
2020-11-30 CVE-2020-28977 Canto Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability.

5.3
2020-11-30 CVE-2020-28976 Canto Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0

The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability.

5.3
2020-12-01 CVE-2020-15257 Linuxfoundation
Fedoraproject
Debian
containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows.
5.2
2020-11-30 CVE-2020-25624 Qemu
Debian
Out-of-bounds Read vulnerability in multiple products

hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver.

5.0
2020-12-04 CVE-2020-25449 Arachnys Cross-site Scripting vulnerability in Arachnys Cabot 0.11.12

Cross Site Scripting (XSS) vulnerability in Arachnys Cabot 0.11.12 can be exploited via the Address column.

4.8
2020-12-04 CVE-2020-29562 GNU
Fedoraproject
Netapp
Reachable Assertion vulnerability in multiple products

The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

4.8
2020-12-02 CVE-2020-29240 Lepton CMS Cross-site Scripting vulnerability in Lepton-Cms Leptoncms 4.7.0

Lepton-CMS 4.7.0 is affected by cross-site scripting (XSS).

4.8
2020-11-30 CVE-2020-29364 Netartmedia Cross-site Scripting vulnerability in Netartmedia News Lister 1.0.0

In NetArt News Lister 1.0.0, the news headlines vulnerable to stored xss attacks.

4.8
2020-11-30 CVE-2020-27659 Synology Cross-site Scripting vulnerability in Synology Safeaccess

Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) profile parameter.

4.8
2020-12-04 CVE-2020-16123 Canonical Race Condition vulnerability in Canonical Ubuntu Linux

An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement.

4.7
2020-11-30 CVE-2020-29440 Tesla Improper Certificate Validation vulnerability in Tesla Model X Firmware

Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module (BCM).

4.6
2020-11-30 CVE-2020-29439 Tesla Unspecified vulnerability in Tesla Model X Firmware

Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module (BCM) to initiate a Bluetooth wake-up action.

4.6
2020-11-30 CVE-2020-29392 Lock Password Manager Safe APP Project Improper Authentication vulnerability in Lock Password Manager Safe APP Project Lock Password Manager Safe APP 2.3

The Estil Hill Lock Password Manager Safe app 2.3 for iOS has a *#06#* backdoor password.

4.6
2020-11-30 CVE-2020-27585 Quickheal Weak Password Requirements vulnerability in Quickheal Total Security

Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password.

4.4
2020-12-03 CVE-2020-14318 Samba
Redhat
A flaw was found in the way samba handled file and directory permissions.
4.3
2020-12-02 CVE-2020-29454 Umbraco Incorrect Authorization vulnerability in Umbraco CMS

Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access.

4.3
2020-11-30 CVE-2020-4696 IBM Insufficient Session Expiration vulnerability in IBM Cloud PAK for Security 1.3.0.1

IBM Cloud Pak for Security 1.3.0.1(CP4S) does not invalidate session after logout which could allow an authenticated user to obtain sensitive information from the previous session.

4.3
2020-11-30 CVE-2020-4626 IBM Unspecified vulnerability in IBM Cloud PAK for Security 1.3.0.1

IBM Cloud Pak for Security 1.3.0.1 (CP4S) could reveal sensitive information about the internal network to an authenticated user using a specially crafted HTTP request.

4.3
2020-12-02 CVE-2020-25656 Linux
Redhat
Debian
Starwindsoftware
A flaw was found in the Linux kernel.
4.1

17 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-11-30 CVE-2020-6317 SAP Information Exposure Through Log Files vulnerability in SAP Adaptive Server Enterprise 15.7/16.0

In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files.

3.5
2020-12-04 CVE-2020-27773 Imagemagick
Redhat
Debian
Divide By Zero vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/gem-private.h.

3.3
2020-12-04 CVE-2020-27772 Imagemagick
Redhat
Debian
Integer Overflow or Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in coders/bmp.c.

3.3
2020-12-04 CVE-2020-27776 Imagemagick
Redhat
Integer Overflow or Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/statistic.c.

3.3
2020-12-04 CVE-2020-27775 Imagemagick
Redhat
Debian
Integer Overflow or Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/quantum.h.

3.3
2020-12-04 CVE-2020-27774 Imagemagick
Redhat
Debian
Integer Overflow or Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/statistic.c.

3.3
2020-12-04 CVE-2020-27771 Imagemagick
Redhat
Debian
Integer Overflow or Wraparound vulnerability in multiple products

In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type.

3.3
2020-12-04 CVE-2020-27767 Imagemagick
Redhat
Debian
Integer Overflow or Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/quantum.h.

3.3
2020-12-04 CVE-2020-27765 Imagemagick
Redhat
Debian
Divide By Zero vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/segment.c.

3.3
2020-12-03 CVE-2020-27764 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick.

3.3
2020-12-03 CVE-2020-27763 Imagemagick
Debian
Divide By Zero vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/resize.c.

3.3
2020-12-03 CVE-2020-27761 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick.

3.3
2020-12-03 CVE-2020-27759 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned.

3.3
2020-12-01 CVE-2020-11990 Apache Unspecified vulnerability in Apache Cordova 4.1.0

We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications.

3.3
2020-11-30 CVE-2020-11867 Audacityteam
Fedoraproject
Incorrect Default Permissions vulnerability in multiple products

Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default.

3.3
2020-12-02 CVE-2020-25723 Qemu
Debian
A reachable assertion issue was found in the USB EHCI emulation code of QEMU.
3.2
2020-12-03 CVE-2020-28923 Lightbend Unspecified vulnerability in Lightbend Play Framework

An issue was discovered in Play Framework 2.8.0 through 2.8.4.

2.7