Weekly Vulnerabilities Reports > November 30 to December 6, 2020
Overview
195 new vulnerabilities reported during this period, including 31 critical vulnerabilities and 61 high severity vulnerabilities. This weekly summary report vulnerabilities in 293 products from 118 vendors including Debian, Redhat, Imagemagick, Netapp, and Fedoraproject. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Integer Overflow or Wraparound", "SQL Injection", and "Out-of-bounds Read".
- 130 reported vulnerabilities are remotely exploitables.
- 20 reported vulnerabilities have public exploit available.
- 46 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 132 reported vulnerabilities are exploitable by an anonymous user.
- Debian has the most reported vulnerabilities, with 30 reported vulnerabilities.
- Westerndigital has the most reported critical vulnerabilities, with 3 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
31 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-12-02 | CVE-2017-14451 | Ethereum | Out-of-bounds Read vulnerability in Ethereum An exploitable out-of-bounds read vulnerability exists in libevm (Ethereum Virtual Machine) of CPP-Ethereum. | 10.0 |
2020-12-04 | CVE-2020-25462 | Moddable | Out-of-bounds Write vulnerability in Moddable Heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562 in Moddable SDK before OS200903. | 9.8 |
2020-12-03 | CVE-2020-2320 | Jenkins | Download of Code Without Integrity Check vulnerability in Jenkins Installation Manager Tool Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads. | 9.8 |
2020-12-03 | CVE-2020-6017 | Valvesoftware | Out-of-bounds Write vulnerability in Valvesoftware Game Networking Sockets 1.0.0/1.1.0 Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution. | 9.8 |
2020-12-02 | CVE-2020-29288 | Adrianmercurio | SQL Injection vulnerability in Adrianmercurio GYM Management System 1.0 An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable. | 9.8 |
2020-12-02 | CVE-2020-29287 | CAR Rental Management System Project | SQL Injection vulnerability in CAR Rental Management System Project CAR Rental Management System 1.0 An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or the car_id parameter in booking.php. | 9.8 |
2020-12-02 | CVE-2020-29285 | Point OF Sales IN PHP PDO Project | SQL Injection vulnerability in Point of Sales in PHP/Pdo Project Point of Sales in PHP/Pdo 1.0 SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to edit_category.php. | 9.8 |
2020-12-02 | CVE-2020-29284 | Multi Restaurant Table Reservation System Project | SQL Injection vulnerability in Multi Restaurant Table Reservation System Project Multi Restaurant Table Reservation System 1.0 The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection. | 9.8 |
2020-12-02 | CVE-2020-29283 | Online Doctor Appointment Booking System PHP AND Mysql Project | SQL Injection vulnerability in Online Doctor Appointment Booking System PHP and Mysql Project Online Doctor Appointment Booking System PHP and Mysql 1.0 An SQL injection vulnerability was discovered in Online Doctor Appointment Booking System PHP and Mysql via the q parameter to getuser.php. | 9.8 |
2020-12-02 | CVE-2020-29282 | Bloodx Project | SQL Injection vulnerability in Bloodx Project Bloodx 1.0 SQL injection vulnerability in BloodX 1.0 allows attackers to bypass authentication. | 9.8 |
2020-12-02 | CVE-2020-29280 | Victor CMS Project | SQL Injection vulnerability in Victor CMS Project Victor CMS 1.0 The Victor CMS v1.0 application is vulnerable to SQL injection via the 'search' parameter on the search.php page. | 9.8 |
2020-12-02 | CVE-2020-29279 | 74Cms | Unspecified vulnerability in 74Cms PHP remote file inclusion in the assign_resume_tpl method in Application/Common/Controller/BaseController.class.php in 74CMS before 6.0.48 allows remote code execution. | 9.8 |
2020-12-02 | CVE-2020-29389 | Docker | Missing Authentication for Critical Function vulnerability in Docker Crux Linux Docker Image The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user. | 9.8 |
2020-12-02 | CVE-2020-28273 | SET IN Project | Unspecified vulnerability in Set-In Project Set-In Prototype pollution vulnerability in 'set-in' versions 1.0.0 through 2.0.0 allows attacker to cause a denial of service and may lead to remote code execution. | 9.8 |
2020-12-02 | CVE-2020-28272 | Keyget Project | Unspecified vulnerability in Keyget Project Keyget Prototype pollution vulnerability in 'keyget' versions 1.0.0 through 2.2.0 allows attacker to cause a denial of service and may lead to remote code execution. | 9.8 |
2020-12-02 | CVE-2020-7199 | HP | Improper Authentication vulnerability in HP Edgeline Infrastructure Manager A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. | 9.8 |
2020-12-02 | CVE-2020-6018 | Valvesoftware | Out-of-bounds Write vulnerability in Valvesoftware Game Networking Sockets 1.0.0/1.1.0 Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long encrypted messages in function AES_GCM_DecryptContext::Decrypt() when compiled using libsodium, leading to a Stack-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution. | 9.8 |
2020-12-02 | CVE-2020-14260 | Hcltech | Classic Buffer Overflow vulnerability in Hcltech Domino 10.0.0/11.0.0/9.0.1 HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. | 9.8 |
2020-12-01 | CVE-2020-6880 | ZTE | SQL Injection vulnerability in ZTE Zxv10 W908 Firmware A ZXELINK wireless controller has a SQL injection vulnerability. | 9.8 |
2020-12-01 | CVE-2020-28971 | Westerndigital | Improper Authentication vulnerability in Westerndigital MY Cloud OS 5 An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. | 9.8 |
2020-12-01 | CVE-2020-28970 | Westerndigital | Improper Authentication vulnerability in Westerndigital MY Cloud OS 5 An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. | 9.8 |
2020-12-01 | CVE-2020-28940 | Westerndigital | Improper Authentication vulnerability in Westerndigital MY Cloud OS 5 On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admin dashboard has an authentication bypass vulnerability that could allow an unauthenticated user to execute privileged commands on the device. | 9.8 |
2020-12-01 | CVE-2020-7548 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and Wiser Series Gateways (see security notification for version information) that could allow unauthorized users to login. | 9.8 |
2020-12-01 | CVE-2020-7533 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-255: Credentials Management vulnerability exists in Web Server on Modicon M340, Modicon Quantum and ModiconPremium Legacy offers and their Communication Modules (see security notification for version information) which could cause the execution of commands on the webserver without authentication when sending specially crafted HTTP requests. | 9.8 |
2020-12-01 | CVE-2020-26762 | Edimax | Out-of-bounds Write vulnerability in Edimax Ic-3116W Firmware and Ic-3140W Firmware A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and IC-3140W (v3.07), which allows an unauthenticated, unauthorized attacker to perform remote-code-execution due to a crafted GET-Request. | 9.8 |
2020-11-30 | CVE-2020-29390 | Zeroshell | OS Command Injection vulnerability in Zeroshell 3.9.3 Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi-bin/kerbynet StartSessionSubmit parameter that could allow an unauthenticated attacker to execute a system command by using shell metacharacters and the %0a character. | 9.8 |
2020-11-30 | CVE-2020-28926 | Readymedia Project Debian | Classic Buffer Overflow vulnerability in multiple products ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. | 9.8 |
2020-11-30 | CVE-2020-25537 | Ucms Project | Unrestricted Upload of File with Dangerous Type vulnerability in Ucms Project Ucms 1.5.0 File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this vulnerability to obtain server management permission. | 9.8 |
2020-11-30 | CVE-2020-27660 | Synology | SQL Injection vulnerability in Synology Safeaccess SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter. | 9.8 |
2020-11-30 | CVE-2020-29127 | Fujitsu | Improper Authentication vulnerability in Fujitsu Eternus Storage Dx200 S4 Firmware 20201125 An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. | 9.8 |
2020-11-30 | CVE-2020-4627 | IBM | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM Cloud PAK for Security 1.3.0.1 IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection. | 9.0 |
61 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-12-03 | CVE-2020-13525 | Processmaker | SQL Injection vulnerability in Processmaker 3.4.11 The sort parameter in the download page /sysworkflow/en/neoclassic/reportTables/reportTables_Ajax is vulnerable to SQL injection in ProcessMaker 3.4.11. | 8.8 |
2020-12-03 | CVE-2020-14339 | Redhat | Unspecified vulnerability in Redhat Enterprise Linux and Libvirt A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. | 8.8 |
2020-12-03 | CVE-2020-13584 | Webkitgtk Fedoraproject | Use After Free vulnerability in multiple products An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. | 8.8 |
2020-12-03 | CVE-2020-13543 | Webkitgtk | Use After Free vulnerability in Webkitgtk 2.30.0 A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. | 8.8 |
2020-12-03 | CVE-2020-13531 | Pixar | Use After Free vulnerability in Pixar Openusd 20.08 A use-after-free vulnerability exists in a way Pixar OpenUSD 20.08 processes reference paths textual USD files. | 8.8 |
2020-12-02 | CVE-2017-2910 | Libxls Project | Out-of-bounds Write vulnerability in Libxls Project Libxls 2.0.0 An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0. | 8.8 |
2020-12-02 | CVE-2020-29458 | Textpattern | Cross-Site Request Forgery (CSRF) vulnerability in Textpattern 4.6.2 Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem. | 8.8 |
2020-12-01 | CVE-2020-7547 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a user the ability to perform actions via the web interface at a higher privilege level. | 8.8 |
2020-12-01 | CVE-2020-25181 | WE CON | Out-of-bounds Read vulnerability in We-Con PLC Editor 1.3.3U/1.3.5/1.3.8 WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer overflow vulnerabilities have been identified that may allow arbitrary code execution. | 8.8 |
2020-12-01 | CVE-2020-25177 | WE CON | Out-of-bounds Write vulnerability in We-Con PLC Editor 1.3.3U/1.3.5/1.3.8 WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer overflow vulnerability has been identified that may allow arbitrary code execution. | 8.8 |
2020-12-03 | CVE-2020-26248 | Prestashop | SQL Injection vulnerability in Prestashop Productcomments In the PrestaShop module "productcomments" before version 4.2.1, an attacker can use a Blind SQL injection to retrieve data or stop the MySQL service. | 8.2 |
2020-12-03 | CVE-2020-28251 | Netscout | Unspecified vulnerability in Netscout Airmagnet Enterprise 11.1.4 NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system. | 8.1 |
2020-12-03 | CVE-2020-25693 | Cimg Fedoraproject | A flaw was found in CImg in versions prior to 2.9.3. | 8.1 |
2020-12-03 | CVE-2020-2321 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Shelve Project A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project. | 8.1 |
2020-12-02 | CVE-2020-14305 | Linux Netapp | An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. | 8.1 |
2020-12-04 | CVE-2020-28950 | Kaspersky | Uncontrolled Search Path Element vulnerability in Kaspersky Anti-Ransomware Tool 4.0 The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process. | 7.8 |
2020-12-04 | CVE-2020-27766 | Imagemagick Debian | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/statistic.c. | 7.8 |
2020-12-03 | CVE-2020-29534 | Linux | Unspecified vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 5.9.3. | 7.8 |
2020-12-03 | CVE-2020-23740 | Drivergenius | Missing Authorization vulnerability in Drivergenius 9.61.5480.28 In DriverGenius 9.61.5480.28 there is a local privilege escalation vulnerability in the driver wizard, attackers can use constructed programs to increase user privileges. | 7.8 |
2020-12-03 | CVE-2020-28175 | Almico | Unspecified vulnerability in Almico Speedfan 4.52 There is a local privilege escalation vulnerability in Alfredo Milani Comparetti SpeedFan 4.52. | 7.8 |
2020-12-03 | CVE-2020-23735 | Saibo | Missing Authorization vulnerability in Saibo Cyber Game Accelerator 3.7.9 In Saibo Cyber Game Accelerator 3.7.9 there is a local privilege escalation vulnerability. | 7.8 |
2020-12-03 | CVE-2020-14381 | Linux | Use After Free vulnerability in Linux Kernel A flaw was found in the Linux kernel’s futex implementation. | 7.8 |
2020-12-03 | CVE-2020-14351 | Linux Redhat Debian | A flaw was found in the Linux kernel. | 7.8 |
2020-12-03 | CVE-2020-13542 | Logicaldoc | Incorrect Default Permissions vulnerability in Logicaldoc 8.5.1 A local privilege elevation vulnerability exists in the file system permissions of LogicalDoc 8.5.1 installation. | 7.8 |
2020-12-03 | CVE-2020-6021 | Checkpoint | Uncontrolled Search Path Element vulnerability in Checkpoint Endpoint Security Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. | 7.8 |
2020-12-02 | CVE-2020-13493 | Pixar | Out-of-bounds Write vulnerability in Pixar Openusd 20.05 A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. | 7.8 |
2020-12-01 | CVE-2020-8539 | KIA | Incorrect Default Permissions vulnerability in KIA Head Unit Firmware Sop.003.30.18.0703/Sop.005.7.181019/Sop.007.1.191209 Kia Motors Head Unit with Software version: SOP.003.30.18.0703, SOP.005.7.181019, and SOP.007.1.191209 may allow an attacker to inject unauthorized commands, by executing the micomd executable deamon, to trigger unintended functionalities. | 7.8 |
2020-12-01 | CVE-2020-7335 | Mcafee | Unspecified vulnerability in Mcafee Total Protection Privilege Escalation vulnerability in Microsoft Windows client McAfee Total Protection (MTP) prior to 16.0.29 allows local users to gain elevated privileges via careful manipulation of a folder by creating a junction link. | 7.8 |
2020-12-01 | CVE-2020-9117 | Huawei | Out-of-bounds Write vulnerability in Huawei Nova 4 Firmware and Sydneym-Al00 Firmware HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10.0.0.165(C00E66R1P5) have an out-of-bounds read and write vulnerability. | 7.8 |
2020-12-01 | CVE-2020-9114 | Huawei | Improper Privilege Management vulnerability in Huawei Fusioncompute FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability. | 7.8 |
2020-11-30 | CVE-2020-8351 | Lenovo | Improper Privilege Management vulnerability in Lenovo Pcmanager 2.6.40.3154/2.8.90.11211 A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an authenticated user to execute code with elevated privileges. | 7.8 |
2020-11-30 | CVE-2020-29394 | Genivi Debian | Out-of-bounds Write vulnerability in multiple products A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument). | 7.8 |
2020-12-06 | CVE-2020-29573 | GNU Redhat Netapp | Out-of-bounds Write vulnerability in multiple products sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. | 7.5 |
2020-12-04 | CVE-2020-25465 | Moddable | NULL Pointer Dereference vulnerability in Moddable Null Pointer Dereference. | 7.5 |
2020-12-04 | CVE-2020-25464 | Moddable | Out-of-bounds Write vulnerability in Moddable Os180328/Os180329/Os200831 Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before 20200903. | 7.5 |
2020-12-04 | CVE-2020-25463 | Moddable | Unspecified vulnerability in Moddable Invalid Memory Access in fxUTF8Decode at moddable/xs/sources/xsCommon.c:916 in Moddable SDK before OS200908 causes a denial of service (SEGV). | 7.5 |
2020-12-04 | CVE-2020-25461 | Moddable | Unspecified vulnerability in Moddable Invalid Memory Access in the fxProxyGetter function in moddable/xs/sources/xsProxy.c in Moddable SDK before OS200908 causes a denial of service (SEGV). | 7.5 |
2020-12-04 | CVE-2020-27408 | Os4Ed | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Os4Ed Opensis 7.3/7.6 OpenSIS Community Edition through 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated attacker to change the password of arbitrary users. | 7.5 |
2020-12-04 | CVE-2020-5675 | Mitsubishielectric | Out-of-bounds Read vulnerability in Mitsubishielectric products Out-of-bounds read vulnerability in GT21 model of GOT2000 series (GT2107-WTBD V01.39.000 and earlier, GT2107-WTSD V01.39.000 and earlier, GT2104-RTBD V01.39.000 and earlier, GT2104-PMBD V01.39.000 and earlier, and GT2103-PMBD V01.39.000 and earlier), GS21 model of GOT series (GS2110-WTBD V01.39.000 and earlier, GS2107-WTBD V01.39.000 and earlier, GS2110-WTBD-N V01.39.000 and earlier, and GS2107-WTBD-N V01.39.000 and earlier), and Tension Controller LE7-40GU-L series (LE7-40GU-L Screen package data for CC-Link IEF Basic V1.00, LE7-40GU-L Screen package data for MODBUS/TCP V1.00, and LE7-40GU-L Screen package data for SLMP V1.00) allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted packet. | 7.5 |
2020-12-03 | CVE-2020-29529 | Hashicorp | Link Following vulnerability in Hashicorp Go-Slug HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks. | 7.5 |
2020-12-03 | CVE-2020-17527 | Apache Netapp Debian Oracle | Information Exposure vulnerability in multiple products While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. | 7.5 |
2020-12-03 | CVE-2020-27778 | Freedesktop Redhat Debian | Access of Uninitialized Pointer vulnerability in multiple products A flaw was found in Poppler in the way certain PDF files were converted into HTML. | 7.5 |
2020-12-03 | CVE-2020-25649 | Fasterxml Netapp Fedoraproject Quarkus Apache Oracle | XXE vulnerability in multiple products A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. | 7.5 |
2020-12-03 | CVE-2020-28937 | Openclinic Project | Forced Browsing vulnerability in Openclinic Project Openclinic 0.8.2 OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Protected Health Information (PHI) stored in the application, via a direct request for the /tests/ URI. | 7.5 |
2020-12-03 | CVE-2020-2324 | Jenkins | XXE vulnerability in Jenkins CVS Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 7.5 |
2020-12-03 | CVE-2020-2322 | Netflix | Missing Authorization vulnerability in Netflix Chaos Monkey 0.3 Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks. | 7.5 |
2020-12-03 | CVE-2020-6111 | Rockwellautomation | Unspecified vulnerability in Rockwellautomation Micrologix 1100 B Firmware An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000 and Series B FRN 10.000. | 7.5 |
2020-12-03 | CVE-2020-5680 | EC Cube | Improper Input Validation vulnerability in Ec-Cube Improper input validation vulnerability in EC-CUBE versions from 3.0.5 to 3.0.18 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vector. | 7.5 |
2020-12-03 | CVE-2020-5676 | Weseek | Information Exposure vulnerability in Weseek Growi GROWI v4.1.3 and earlier allow remote attackers to obtain information which is not allowed to access via unspecified vectors. | 7.5 |
2020-12-02 | CVE-2020-12524 | Phoenixcontact | Resource Exhaustion vulnerability in Phoenixcontact products Uncontrolled Resource Consumption can be exploited to cause the Phoenix Contact HMIs BTP 2043W, BTP 2070W and BTP 2102W in all versions to become unresponsive and not accurately update the display content (Denial of Service). | 7.5 |
2020-12-02 | CVE-2020-5423 | Cloudfoundry | Resource Exhaustion vulnerability in Cloudfoundry Cf-Deployment CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM. | 7.5 |
2020-12-02 | CVE-2020-27813 | Gorillatoolkit Debian | Resource Exhaustion vulnerability in multiple products An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. | 7.5 |
2020-12-01 | CVE-2020-28993 | ATX | Path Traversal vulnerability in ATX Minicmts200A Firmware 2.0 A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadband Gateway through 2.0 and Pico CMTS through 2.0. | 7.5 |
2020-11-30 | CVE-2020-16850 | Mitsubishielectric | Resource Exhaustion vulnerability in Mitsubishielectric products Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. | 7.5 |
2020-11-30 | CVE-2020-16849 | Canon | Unspecified vulnerability in Canon products An issue was discovered on Canon MF237w 06.07 devices. | 7.5 |
2020-12-02 | CVE-2020-25638 | Hibernate Debian Quarkus Oracle | A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final. | 7.4 |
2020-12-02 | CVE-2012-0955 | Canonical | Improper Certificate Validation vulnerability in Canonical Software-Properties 0.81.13.1/0.81.13.3 software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. | 7.4 |
2020-12-03 | CVE-2020-28939 | Openclinic Project | Unrestricted Upload of File with Dangerous Type vulnerability in Openclinic Project Openclinic 0.8.2 OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. | 7.2 |
2020-12-01 | CVE-2020-7545 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow for arbitrary code execution on the server when an authorized user access an affected webpage. | 7.2 |
2020-12-01 | CVE-2020-9116 | Huawei | Command Injection vulnerability in Huawei Fusioncompute 6.5.1/8.0.0 Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. | 7.2 |
2020-12-01 | CVE-2020-9115 | Huawei | Command Injection vulnerability in Huawei Manageone ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, ,6.5.1.1.B050, 8.0.0 and 8.0.1 have a command injection vulnerability. | 7.2 |
86 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-12-04 | CVE-2020-27348 | Canonical | Uncontrolled Search Path Element vulnerability in Canonical Snapcraft and Ubuntu Linux In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both plug the home interface or similar. | 6.8 |
2020-12-02 | CVE-2020-26244 | Python Openid Connect Project | Improper Verification of Cryptographic Signature vulnerability in Python Openid Connect Project Python Openid Connect Python oic is a Python OpenID Connect implementation. | 6.8 |
2020-12-02 | CVE-2020-4102 | Hcltech | Classic Buffer Overflow vulnerability in Hcltech Notes HCL Notes is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. | 6.7 |
2020-12-01 | CVE-2020-28575 | Trendmicro | Out-of-bounds Write vulnerability in Trendmicro Serverprotect 3.0 A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affected installations. | 6.7 |
2020-11-30 | CVE-2020-27587 | Quickheal | Weak Password Requirements vulnerability in Quickheal Total Security Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access to files in the File Vault via a brute-force attack on the password. | 6.7 |
2020-12-03 | CVE-2018-21270 | Nodejs | Out-of-bounds Read vulnerability in Nodejs Node.Js Versions less than 0.0.6 of the Node.js stringstream module are vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream (when using Node.js 4.x). | 6.5 |
2020-12-03 | CVE-2020-25711 | Infinispan Redhat Netapp | Missing Authorization vulnerability in multiple products A flaw was found in infinispan 10 REST API, where authorization permissions are not checked while performing some server management operations. | 6.5 |
2020-12-03 | CVE-2020-26246 | Pimcore | Improper Preservation of Permissions vulnerability in Pimcore Pimcore is an open source digital experience platform. | 6.5 |
2020-12-02 | CVE-2020-28206 | Bitrix24 | Improper Restriction of Excessive Authentication Attempts vulnerability in Bitrix24 Bitrix Framework 20.0 An issue was discovered in Bitrix24 Bitrix Framework (1c site management) 20.0. | 6.5 |
2020-12-02 | CVE-2020-13496 | Pixar | Out-of-bounds Read vulnerability in Pixar Openusd 20.05 An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. | 6.5 |
2020-12-02 | CVE-2020-25265 | Appimage | Unspecified vulnerability in Appimage Libappimage AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components. | 6.5 |
2020-12-02 | CVE-2020-14383 | Samba Redhat | A flaw was found in samba's DNS server. | 6.5 |
2020-11-30 | CVE-2020-4127 | Hcltech | Cross-Site Request Forgery (CSRF) vulnerability in Hcltech HCL Domino 10.0.1/9.0.1 HCL Domino is susceptible to a Login CSRF vulnerability. | 6.5 |
2020-11-30 | CVE-2020-29441 | Outsystems | Unrestricted Upload of File with Dangerous Type vulnerability in Outsystems 10 An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0. | 6.5 |
2020-11-30 | CVE-2020-29438 | Tesla | Improper Verification of Cryptographic Signature vulnerability in Tesla Model X Firmware Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. | 6.5 |
2020-11-30 | CVE-2020-17901 | Pbootcms | Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 1.3.2 Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers to change the password of a user. | 6.5 |
2020-12-02 | CVE-2020-14369 | Redhat | Cross-Site Request Forgery (CSRF) vulnerability in Redhat Cloudforms This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execute unwanted actions on a web application in which the user is currently authenticated. | 6.3 |
2020-12-01 | CVE-2020-26250 | Jupyter | Incorrect Authorization vulnerability in Jupyter Oauthenticator 0.12.0/0.12.1 OAuthenticator is an OAuth login mechanism for JupyterHub. | 6.3 |
2020-12-06 | CVE-2020-29572 | Misp | Cross-site Scripting vulnerability in Misp 2.4.135 app/View/Elements/genericElements/SingleViews/Fields/genericField.ctp in MISP 2.4.135 has XSS via the authkey comment field. | 6.1 |
2020-12-04 | CVE-2020-27409 | Os4Ed | Cross-site Scripting vulnerability in Os4Ed Opensis 7.3 OpenSIS Community Edition before 7.5 is affected by a cross-site scripting (XSS) vulnerability in SideForStudent.php via the modname parameter. | 6.1 |
2020-12-04 | CVE-2020-29565 | Openstack Debian | Open Redirect vulnerability in multiple products An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x. | 6.1 |
2020-12-03 | CVE-2020-27783 | Lxml Redhat Debian Fedoraproject Netapp Oracle | A XSS vulnerability was discovered in python-lxml's clean module. | 6.1 |
2020-12-03 | CVE-2020-5679 | EC Cube | Improper Restriction of Rendered UI Layers or Frames vulnerability in Ec-Cube Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks. | 6.1 |
2020-12-03 | CVE-2020-5678 | Weseek | Cross-site Scripting vulnerability in Weseek Growi Stored cross-site scripting vulnerability in GROWI v3.8.1 and earlier allows remote attackers to inject arbitrary script via unspecified vectors. | 6.1 |
2020-12-03 | CVE-2020-5677 | Weseek | Cross-site Scripting vulnerability in Weseek Growi Reflected cross-site scripting vulnerability in GROWI v4.0.0 and earlier allows remote attackers to inject arbitrary script via unspecified vectors. | 6.1 |
2020-12-03 | CVE-2020-5638 | Desknets | Cross-site Scripting vulnerability in Desknets NEO 5.5 Cross-site scripting vulnerability in desknet's NEO (desknet's NEO Small License V5.5 R1.5 and earlier, and desknet's NEO Enterprise License V5.5 R1.5 and earlier) allows remote attackers to inject arbitrary script via unspecified vectors. | 6.1 |
2020-12-02 | CVE-2020-29239 | Janobe | Cross-site Scripting vulnerability in Janobe Online Voting System 1.0 Online Birth Certificate System Project V 1.0 is affected by cross-site scripting (XSS). | 6.1 |
2020-12-02 | CVE-2020-29456 | Papermerge | Cross-site Scripting vulnerability in Papermerge Multiple cross-site scripting (XSS) vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function. | 6.1 |
2020-12-02 | CVE-2020-27816 | Elastic Redhat | Open Redirect vulnerability in multiple products The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource. | 6.1 |
2020-11-30 | CVE-2020-29395 | Myeventon | Cross-site Scripting vulnerability in Myeventon Eventon The EventON plugin through 3.0.5 for WordPress allows addons/?q= XSS via the search field. | 6.1 |
2020-12-01 | CVE-2020-4126 | Hcltech | Missing Encryption of Sensitive Data vulnerability in Hcltech HCL Inotes HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. | 5.9 |
2020-11-30 | CVE-2020-27586 | Quickheal | Cleartext Transmission of Sensitive Information vulnerability in Quickheal Total Security Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text. | 5.9 |
2020-12-04 | CVE-2020-27770 | Imagemagick Debian | Integer Overflow or Wraparound vulnerability in multiple products Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability. | 5.5 |
2020-12-04 | CVE-2020-28916 | Qemu Debian | Infinite Loop vulnerability in multiple products hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address. | 5.5 |
2020-12-04 | CVE-2020-29561 | Boom Core | Improper Handling of Exceptional Conditions vulnerability in Boom-Core Risvc-Boom 3.0.0 An issue was discovered in SonicBOOM riscv-boom 3.0.0. | 5.5 |
2020-12-03 | CVE-2020-23741 | Amoisoft | Unspecified vulnerability in Amoisoft Anyview 4.6.0.1 In AnyView (network police) network monitoring software 4.6.0.1, there is a local denial of service vulnerability in AnyView, attackers can use a constructed program to cause a computer crash (BSOD). | 5.5 |
2020-12-03 | CVE-2020-23738 | Advancedsystemcare | Unspecified vulnerability in Advancedsystemcare Advanced Systemcare 13.5.0.174 There is a local denial of service vulnerability in Advanced SystemCare 13 PRO 13.5.0.174. | 5.5 |
2020-12-03 | CVE-2020-23736 | Dadajiasu | Unspecified vulnerability in Dadajiasu Dada Accelerator 5.6.19.816 There is a local denial of service vulnerability in DaDa accelerator 5.6.19.816,, attackers can use constructed programs to cause computer crashes (BSOD). | 5.5 |
2020-12-03 | CVE-2020-23727 | Antiy | Unspecified vulnerability in Antiy Zhijia Terminal Defense System 5.0.2.10121559 There is a local denial of service vulnerability in the Antiy Zhijia Terminal Defense System 5.0.2.10121559 and an attacker can cause a computer crash (BSOD). | 5.5 |
2020-12-03 | CVE-2020-23726 | Wisecleaner | Unspecified vulnerability in Wisecleaner Wise Care 365 5.5.4 There is a local denial of service vulnerability in Wise Care 365 5.5.4, attackers can cause computer crash (BSOD). | 5.5 |
2020-12-03 | CVE-2020-13524 | Pixar Apple | Out-of-bounds Write vulnerability in multiple products An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. | 5.5 |
2020-12-03 | CVE-2020-27762 | Imagemagick Debian | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in ImageMagick in coders/hdr.c. | 5.5 |
2020-12-03 | CVE-2020-27760 | Imagemagick Debian | Divide By Zero vulnerability in multiple products In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick. | 5.5 |
2020-12-02 | CVE-2020-13498 | Pixar | Unspecified vulnerability in Pixar Openusd 20.05 An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. | 5.5 |
2020-12-02 | CVE-2020-13497 | Pixar | Out-of-bounds Read vulnerability in Pixar Openusd 20.05 An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. | 5.5 |
2020-12-02 | CVE-2020-13494 | Pixar | Out-of-bounds Write vulnerability in Pixar Openusd 20.05 A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files. | 5.5 |
2020-12-02 | CVE-2020-25266 | Appimage | Download of Code Without Integrity Check vulnerability in Appimage Appimaged AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid appimage. | 5.5 |
2020-12-02 | CVE-2020-25704 | Linux Debian Starwindsoftware | A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. | 5.5 |
2020-11-30 | CVE-2020-4900 | IBM | Information Exposure Through Log Files vulnerability in IBM Business Automation Workflow 19.0.0.3 IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files that could be read by a local user. | 5.5 |
2020-11-30 | CVE-2020-29384 | Advsys | Integer Overflow or Wraparound vulnerability in Advsys Pngout 20200115 An issue was discovered in PNGOUT 2020-01-15. | 5.5 |
2020-12-03 | CVE-2020-28938 | Openclinic Project | Cross-site Scripting vulnerability in Openclinic Project Openclinic 0.8.2 OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users. | 5.4 |
2020-12-01 | CVE-2019-16958 | Solarwinds | Cross-site Scripting vulnerability in Solarwinds Help Desk 12.7.0 Cross-site Scripting (XSS) vulnerability in SolarWinds Web Help Desk 12.7.0 allows attacker to inject arbitrary web script or HTML via Location Name. | 5.4 |
2020-12-01 | CVE-2020-29315 | Thinkadmin | Cross-site Scripting vulnerability in Thinkadmin 1.0/6.0 ThinkAdmin version v1 v6 has a stored XSS vulnerability which allows remote attackers to inject an arbitrary web script or HTML. | 5.4 |
2020-12-01 | CVE-2020-7546 | Schneider Electric | Unspecified vulnerability in Schneider-Electric products A CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow an attacker to perform actions on behalf of the authorized user when accessing an affected webpage. | 5.4 |
2020-11-30 | CVE-2020-14193 | Atlassian | Injection vulnerability in Atlassian Automation for Jira Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & <jira-installation>/jira/bin directories via a template injection vulnerability in Jira smart values using mustache partials. | 5.4 |
2020-12-03 | CVE-2020-2323 | Netflix | Missing Authorization vulnerability in Netflix Chaos Monkey 0.3/0.4 Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permission checks in an HTTP endpoint, allowing attackers with Overall/Read permission to access the Chaos Monkey page and to see the history of actions. | 5.3 |
2020-12-02 | CVE-2020-13956 | Apache Quarkus Oracle Netapp | Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution. | 5.3 |
2020-12-01 | CVE-2020-28583 | Trendmicro | Unspecified vulnerability in Trendmicro Apex ONE and Officescan An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information. | 5.3 |
2020-12-01 | CVE-2020-28582 | Trendmicro | Unspecified vulnerability in Trendmicro Apex ONE and Officescan An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents. | 5.3 |
2020-12-01 | CVE-2020-28577 | Trendmicro | Unspecified vulnerability in Trendmicro Apex ONE and Officescan An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names. | 5.3 |
2020-12-01 | CVE-2020-28576 | Trendmicro | Unspecified vulnerability in Trendmicro Apex ONE and Officescan An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information. | 5.3 |
2020-12-01 | CVE-2020-28573 | Trendmicro | Unspecified vulnerability in Trendmicro Apex ONE and Officescan An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal the total agents managed by the server. | 5.3 |
2020-12-01 | CVE-2020-4128 | Hcltech | Unspecified vulnerability in Hcltech Domino HCL Domino is susceptible to a lockout policy bypass vulnerability in the ID Vault service. | 5.3 |
2020-12-01 | CVE-2020-4129 | Hcltech | Unspecified vulnerability in Hcltech HCL Domino 10.0.1/9.0.1 HCL Domino is susceptible to a lockout policy bypass vulnerability in the LDAP service. | 5.3 |
2020-11-30 | CVE-2020-4625 | IBM | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Cloud PAK for Security 1.3.0.1 IBM Cloud Pak for Security 1.3.0.1(CP4S) could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. | 5.3 |
2020-11-30 | CVE-2020-4624 | IBM | Use of a Broken or Risky Cryptographic Algorithm vulnerability in IBM Cloud PAK for Security 1.3.0.1 IBM Cloud Pak for Security 1.3.0.1 (CP4S) uses weaker than expected cryptographic algorithms during negotiation could allow an attacker to decrypt sensitive information. | 5.3 |
2020-11-30 | CVE-2020-28978 | Canto | Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0 The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. | 5.3 |
2020-11-30 | CVE-2020-28977 | Canto | Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0 The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. | 5.3 |
2020-11-30 | CVE-2020-28976 | Canto | Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0 The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. | 5.3 |
2020-12-01 | CVE-2020-15257 | Linuxfoundation Fedoraproject Debian | containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. | 5.2 |
2020-11-30 | CVE-2020-25624 | Qemu Debian | Out-of-bounds Read vulnerability in multiple products hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver. | 5.0 |
2020-12-04 | CVE-2020-25449 | Arachnys | Cross-site Scripting vulnerability in Arachnys Cabot 0.11.12 Cross Site Scripting (XSS) vulnerability in Arachnys Cabot 0.11.12 can be exploited via the Address column. | 4.8 |
2020-12-04 | CVE-2020-29562 | GNU Fedoraproject Netapp | Reachable Assertion vulnerability in multiple products The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service. | 4.8 |
2020-12-02 | CVE-2020-29240 | Lepton CMS | Cross-site Scripting vulnerability in Lepton-Cms Leptoncms 4.7.0 Lepton-CMS 4.7.0 is affected by cross-site scripting (XSS). | 4.8 |
2020-11-30 | CVE-2020-29364 | Netartmedia | Cross-site Scripting vulnerability in Netartmedia News Lister 1.0.0 In NetArt News Lister 1.0.0, the news headlines vulnerable to stored xss attacks. | 4.8 |
2020-11-30 | CVE-2020-27659 | Synology | Cross-site Scripting vulnerability in Synology Safeaccess Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) profile parameter. | 4.8 |
2020-12-04 | CVE-2020-16123 | Canonical | Race Condition vulnerability in Canonical Ubuntu Linux An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement. | 4.7 |
2020-11-30 | CVE-2020-29440 | Tesla | Improper Certificate Validation vulnerability in Tesla Model X Firmware Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module (BCM). | 4.6 |
2020-11-30 | CVE-2020-29439 | Tesla | Unspecified vulnerability in Tesla Model X Firmware Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module (BCM) to initiate a Bluetooth wake-up action. | 4.6 |
2020-11-30 | CVE-2020-29392 | Lock Password Manager Safe APP Project | Improper Authentication vulnerability in Lock Password Manager Safe APP Project Lock Password Manager Safe APP 2.3 The Estil Hill Lock Password Manager Safe app 2.3 for iOS has a *#06#* backdoor password. | 4.6 |
2020-11-30 | CVE-2020-27585 | Quickheal | Weak Password Requirements vulnerability in Quickheal Total Security Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password. | 4.4 |
2020-12-03 | CVE-2020-14318 | Samba Redhat | A flaw was found in the way samba handled file and directory permissions. | 4.3 |
2020-12-02 | CVE-2020-29454 | Umbraco | Incorrect Authorization vulnerability in Umbraco CMS Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access. | 4.3 |
2020-11-30 | CVE-2020-4696 | IBM | Insufficient Session Expiration vulnerability in IBM Cloud PAK for Security 1.3.0.1 IBM Cloud Pak for Security 1.3.0.1(CP4S) does not invalidate session after logout which could allow an authenticated user to obtain sensitive information from the previous session. | 4.3 |
2020-11-30 | CVE-2020-4626 | IBM | Unspecified vulnerability in IBM Cloud PAK for Security 1.3.0.1 IBM Cloud Pak for Security 1.3.0.1 (CP4S) could reveal sensitive information about the internal network to an authenticated user using a specially crafted HTTP request. | 4.3 |
2020-12-02 | CVE-2020-25656 | Linux Redhat Debian Starwindsoftware | A flaw was found in the Linux kernel. | 4.1 |
17 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-11-30 | CVE-2020-6317 | SAP | Information Exposure Through Log Files vulnerability in SAP Adaptive Server Enterprise 15.7/16.0 In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. | 3.5 |
2020-12-04 | CVE-2020-27773 | Imagemagick Redhat Debian | Divide By Zero vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/gem-private.h. | 3.3 |
2020-12-04 | CVE-2020-27772 | Imagemagick Redhat Debian | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in ImageMagick in coders/bmp.c. | 3.3 |
2020-12-04 | CVE-2020-27776 | Imagemagick Redhat | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/statistic.c. | 3.3 |
2020-12-04 | CVE-2020-27775 | Imagemagick Redhat Debian | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/quantum.h. | 3.3 |
2020-12-04 | CVE-2020-27774 | Imagemagick Redhat Debian | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/statistic.c. | 3.3 |
2020-12-04 | CVE-2020-27771 | Imagemagick Redhat Debian | Integer Overflow or Wraparound vulnerability in multiple products In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. | 3.3 |
2020-12-04 | CVE-2020-27767 | Imagemagick Redhat Debian | Integer Overflow or Wraparound vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/quantum.h. | 3.3 |
2020-12-04 | CVE-2020-27765 | Imagemagick Redhat Debian | Divide By Zero vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/segment.c. | 3.3 |
2020-12-03 | CVE-2020-27764 | Imagemagick Debian | Integer Overflow or Wraparound vulnerability in multiple products In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick. | 3.3 |
2020-12-03 | CVE-2020-27763 | Imagemagick Debian | Divide By Zero vulnerability in multiple products A flaw was found in ImageMagick in MagickCore/resize.c. | 3.3 |
2020-12-03 | CVE-2020-27761 | Imagemagick Debian | Integer Overflow or Wraparound vulnerability in multiple products WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick. | 3.3 |
2020-12-03 | CVE-2020-27759 | Imagemagick Debian | Integer Overflow or Wraparound vulnerability in multiple products In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned. | 3.3 |
2020-12-01 | CVE-2020-11990 | Apache | Unspecified vulnerability in Apache Cordova 4.1.0 We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications. | 3.3 |
2020-11-30 | CVE-2020-11867 | Audacityteam Fedoraproject | Incorrect Default Permissions vulnerability in multiple products Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. | 3.3 |
2020-12-02 | CVE-2020-25723 | Qemu Debian | A reachable assertion issue was found in the USB EHCI emulation code of QEMU. | 3.2 |
2020-12-03 | CVE-2020-28923 | Lightbend | Unspecified vulnerability in Lightbend Play Framework An issue was discovered in Play Framework 2.8.0 through 2.8.4. | 2.7 |