Weekly Vulnerabilities Reports > November 30 to December 6, 2020

Overview

195 new vulnerabilities reported during this period, including 11 critical vulnerabilities and 30 high severity vulnerabilities. This weekly summary report vulnerabilities in 224 products from 115 vendors including Debian, Redhat, Imagemagick, Pixar, and IBM. Vulnerabilities are notably categorized as "Cross-site Scripting", "Integer Overflow or Wraparound", "SQL Injection", "Out-of-bounds Write", and "Information Exposure".

  • 155 reported vulnerabilities are remotely exploitables.
  • 10 reported vulnerabilities have public exploit available.
  • 48 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 167 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 20 reported vulnerabilities.
  • IBM has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

11 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-03 CVE-2020-2320 Jenkins Download of Code Without Integrity Check vulnerability in Jenkins Installation Manager Tool 2.1.3

Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not verify plugin downloads.

10.0
2020-12-02 CVE-2020-29389 Docker Missing Authentication for Critical Function vulnerability in Docker Crux Linux Docker Image

The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user.

10.0
2020-12-02 CVE-2020-7199 HP Improper Authentication vulnerability in HP Edgeline Infrastructure Manager

A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software.

10.0
2020-12-02 CVE-2020-14260 Hcltech Classic Buffer Overflow vulnerability in Hcltech Domino 9.0.1

HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input.

10.0
2020-11-30 CVE-2020-29390 Zeroshell OS Command Injection vulnerability in Zeroshell 3.9.3

Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi-bin/kerbynet StartSessionSubmit parameter that could allow an unauthenticated attacker to execute a system command by using shell metacharacters and the %0a character.

10.0
2020-11-30 CVE-2020-25537 Ucms Project Unrestricted Upload of File With Dangerous Type vulnerability in Ucms Project Ucms 1.5.0

File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this vulnerability to obtain server management permission.

10.0
2020-11-30 CVE-2020-27660 Synology SQL Injection vulnerability in Synology Safeaccess

SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter.

10.0
2020-11-30 CVE-2020-29127 Fujitsu Improper Authentication vulnerability in Fujitsu Eternus Storage Dx200 S4 Firmware

An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25.

10.0
2020-12-03 CVE-2020-28251 Netscout Improper Privilege Management vulnerability in Netscout Airmagnet Enterprise

NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system.

9.3
2020-12-01 CVE-2020-9115 Huawei Improper Input Validation vulnerability in Huawei Manageone

ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, ,6.5.1.1.B050, 8.0.0 and 8.0.1 have a command injection vulnerability.

9.0
2020-11-30 CVE-2020-4627 IBM Injection vulnerability in IBM Cloud PAK for Security 1.3.0.1

IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection.

9.0

30 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-02 CVE-2020-14305 Linux Out-Of-Bounds Write vulnerability in Linux Kernel

An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720.

8.3
2020-12-02 CVE-2020-5423 Cloudfoundry Resource Exhaustion vulnerability in Cloudfoundry Capi-Release

CAPI (Cloud Controller) versions prior to 1.101.0 are vulnerable to a denial-of-service attack in which an unauthenticated malicious attacker can send specially-crafted YAML files to certain endpoints, causing the YAML parser to consume excessive CPU and RAM.

7.8
2020-11-30 CVE-2020-16850 Mitsubishielectric Resource Exhaustion vulnerability in Mitsubishielectric products

Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network.

7.8
2020-12-04 CVE-2020-25462 Moddable Out-Of-Bounds Write vulnerability in Moddable

Heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562 in Moddable SDK before OS200903.

7.5
2020-12-03 CVE-2020-6017 Valvesoftware Out-Of-Bounds Write vulnerability in Valvesoftware Game Networking Sockets 1.0.0/1.1.0

Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments in function SNP_ReceiveUnreliableSegment() when configured to support plain-text messages, leading to a Heap-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution.

7.5
2020-12-02 CVE-2020-29288 GYM Management System Project SQL Injection vulnerability in GYM Management System Project GYM Management System 1.0

An SQL injection vulnerability was discovered in Gym Management System In manage_user.php file, GET parameter 'id' is vulnerable.

7.5
2020-12-02 CVE-2020-29287 CAR Rental Management System Project SQL Injection vulnerability in CAR Rental Management System Project CAR Rental Management System 1.0

An SQL injection vulnerability was discovered in Car Rental Management System v1.0 can be exploited via the id parameter in view_car.php or the car_id parameter in booking.php.

7.5
2020-12-02 CVE-2020-29285 Point OF Sales IN PHP PDO Project SQL Injection vulnerability in Point of Sales in PHP/Pdo Project Point of Sales in PHP/Pdo 1.0

SQL injection vulnerability was discovered in Point of Sales in PHP/PDO 1.0, which can be exploited via the id parameter to edit_category.php.

7.5
2020-12-02 CVE-2020-29284 Multi Restaurant Table Reservation System Project SQL Injection vulnerability in Multi Restaurant Table Reservation System Project Multi Restaurant Table Reservation System 1.0

The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0 does not perform input validation on the table_id parameter which allows unauthenticated SQL Injection.

7.5
2020-12-02 CVE-2020-29283 Online Doctor Appointment Booking System PHP AND Mysql Project SQL Injection vulnerability in Online Doctor Appointment Booking System PHP and Mysql Project Online Doctor Appointment Booking System PHP and Mysql 1.0

An SQL injection vulnerability was discovered in Online Doctor Appointment Booking System PHP and Mysql via the q parameter to getuser.php.

7.5
2020-12-02 CVE-2020-29282 Bloodx Project SQL Injection vulnerability in Bloodx Project Bloodx 1.0

SQL injection vulnerability in BloodX 1.0 allows attackers to bypass authentication.

7.5
2020-12-02 CVE-2020-29280 Victor CMS Project SQL Injection vulnerability in Victor CMS Project Victor CMS 1.0

The Victor CMS v1.0 application is vulnerable to SQL injection via the 'search' parameter on the search.php page.

7.5
2020-12-02 CVE-2020-29279 74Cms Unspecified vulnerability in 74Cms

PHP remote file inclusion in the assign_resume_tpl method in Application/Common/Controller/BaseController.class.php in 74CMS before 6.0.48 allows remote code execution.

7.5
2020-12-02 CVE-2017-14451 Ethereum Out-Of-Bounds Read vulnerability in Ethereum

An exploitable out-of-bounds read vulnerability exists in libevm (Ethereum Virtual Machine) of CPP-Ethereum.

7.5
2020-12-02 CVE-2020-28273 SET IN Project Unspecified vulnerability in Set-In Project Set-In

Prototype pollution vulnerability in 'set-in' versions 1.0.0 through 2.0.0 allows attacker to cause a denial of service and may lead to remote code execution.

7.5
2020-12-02 CVE-2020-28272 Keyget Project Unspecified vulnerability in Keyget Project Keyget

Prototype pollution vulnerability in 'keyget' versions 1.0.0 through 2.2.0 allows attacker to cause a denial of service and may lead to remote code execution.

7.5
2020-12-02 CVE-2020-6018 Valvesoftware Out-Of-Bounds Write vulnerability in Valvesoftware Game Networking Sockets 1.0.0/1.1.0

Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long encrypted messages in function AES_GCM_DecryptContext::Decrypt() when compiled using libsodium, leading to a Stack-Based Buffer Overflow and resulting in a memory corruption and possibly even a remote code execution.

7.5
2020-12-01 CVE-2020-6880 ZTE SQL Injection vulnerability in ZTE Zxv10 W908 Firmware

A ZXELINK wireless controller has a SQL injection vulnerability.

7.5
2020-12-01 CVE-2020-28971 Westerndigital Improper Input Validation vulnerability in Westerndigital MY Cloud OS 5

An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115.

7.5
2020-12-01 CVE-2020-28970 Westerndigital Unspecified vulnerability in Westerndigital MY Cloud OS 5

An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115.

7.5
2020-12-01 CVE-2020-28940 Westerndigital Unspecified vulnerability in Westerndigital MY Cloud OS 5

On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admin dashboard has an authentication bypass vulnerability that could allow an unauthenticated user to execute privileged commands on the device.

7.5
2020-12-01 CVE-2020-7548 Schneider Electric USE of Insufficiently Random Values vulnerability in Schneider-Electric products

A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and Wiser Series Gateways (see security notification for version information) that could allow unauthorized users to login.

7.5
2020-12-01 CVE-2020-7533 Schneider Electric Credentials Management vulnerability in Schneider-Electric products

A CWE-255: Credentials Management vulnerability exists in Web Server on Modicon M340, Modicon Quantum and ModiconPremium Legacy offers and their Communication Modules (see security notification for version information) which could cause the execution of commands on the webserver without authentication when sending specially crafted HTTP requests.

7.5
2020-12-01 CVE-2020-26762 Edimax Out-Of-Bounds Write vulnerability in Edimax Ic-3116W Firmware and Ic-3140W Firmware

A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and IC-3140W (v3.07), which allows an unauthenticated, unauthorized attacker to perform remote-code-execution due to a crafted GET-Request.

7.5
2020-11-30 CVE-2020-28926 Readymedia Project Classic Buffer Overflow vulnerability in Readymedia Project Readymedia

ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution.

7.5
2020-12-03 CVE-2020-29534 Linux Unspecified vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 5.9.3.

7.2
2020-12-03 CVE-2020-14339 Redhat Missing Release of Resource After Effective Lifetime vulnerability in Redhat Enterprise Linux and Libvirt

A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process.

7.2
2020-12-03 CVE-2020-13542 Logicaldoc Incorrect Default Permissions vulnerability in Logicaldoc 8.5.1

A local privilege elevation vulnerability exists in the file system permissions of LogicalDoc 8.5.1 installation.

7.2
2020-12-02 CVE-2020-4102 Hcltech Classic Buffer Overflow vulnerability in Hcltech Notes

HCL Notes is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input.

7.2
2020-12-01 CVE-2020-9114 Huawei Improper Privilege Management vulnerability in Huawei Fusioncompute

FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerability.

7.2

130 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-04 CVE-2020-28950 Kaspersky Uncontrolled Search Path Element vulnerability in Kaspersky Anti-Ransomware Tool 4.0

The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process.

6.9
2020-12-04 CVE-2020-27766 Imagemagick
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/statistic.c.

6.8
2020-12-03 CVE-2020-13584 Webkitgtk
Fedoraproject
USE After Free vulnerability in multiple products

An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64.

6.8
2020-12-03 CVE-2020-13543 Webkitgtk USE After Free vulnerability in Webkitgtk 2.30.0

A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0.

6.8
2020-12-03 CVE-2020-13531 Pixar USE After Free vulnerability in Pixar Openusd 20.08

A use-after-free vulnerability exists in a way Pixar OpenUSD 20.08 processes reference paths textual USD files.

6.8
2020-12-02 CVE-2020-13493 Pixar Classic Buffer Overflow vulnerability in Pixar Openusd 20.05

A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files.

6.8
2020-12-02 CVE-2017-2910 Libxls Project Out-Of-Bounds Write vulnerability in Libxls Project Libxls 2.0.0

An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0.

6.8
2020-12-02 CVE-2020-14369 Redhat Cross-Site Request Forgery (CSRF) vulnerability in Redhat Cloudforms

This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execute unwanted actions on a web application in which the user is currently authenticated.

6.8
2020-12-02 CVE-2020-29458 Textpattern Cross-Site Request Forgery (CSRF) vulnerability in Textpattern 4.6.2

Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem.

6.8
2020-12-01 CVE-2020-25181 WE CON Out-Of-Bounds Read vulnerability in We-Con PLC Editor 1.3.5

WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer overflow vulnerabilities have been identified that may allow arbitrary code execution.

6.8
2020-12-01 CVE-2020-25177 WE CON Out-Of-Bounds Write vulnerability in We-Con PLC Editor 1.3.5

WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer overflow vulnerability has been identified that may allow arbitrary code execution.

6.8
2020-11-30 CVE-2020-29394 DLT Daemon Project Out-Of-Bounds Write vulnerability in Dlt-Daemon Project Dlt-Daemon

A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument).

6.8
2020-12-03 CVE-2020-13525 Processmaker SQL Injection vulnerability in Processmaker 3.4.11

The sort parameter in the download page /sysworkflow/en/neoclassic/reportTables/reportTables_Ajax is vulnerable to SQL injection in ProcessMaker 3.4.11.

6.5
2020-12-03 CVE-2020-28939 Openclinic Project Unrestricted Upload of File With Dangerous Type vulnerability in Openclinic Project Openclinic 0.8.2

OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability.

6.5
2020-12-01 CVE-2020-7547 Schneider Electric Improper Access Control vulnerability in Schneider-Electric products

A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a user the ability to perform actions via the web interface at a higher privilege level.

6.5
2020-12-01 CVE-2020-7545 Schneider Electric Improper Access Control vulnerability in Schneider-Electric products

A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow for arbitrary code execution on the server when an authorized user access an affected webpage.

6.5
2020-12-01 CVE-2020-9116 Huawei Command Injection vulnerability in Huawei Fusioncompute 6.5.1/8.0.0

Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability.

6.5
2020-12-03 CVE-2020-26248 Prestashop SQL Injection vulnerability in Prestashop Productcomments

In the PrestaShop module "productcomments" before version 4.2.1, an attacker can use a Blind SQL injection to retrieve data or stop the MySQL service.

6.4
2020-11-30 CVE-2020-29441 Outsystems Unrestricted Upload of File With Dangerous Type vulnerability in Outsystems 10

An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0.

6.4
2020-12-04 CVE-2020-29565 Openstack
Debian
Open Redirect vulnerability in multiple products

An issue was discovered in OpenStack Horizon before 15.3.2, 16.x before 16.2.1, 17.x and 18.x before 18.3.3, 18.4.x, and 18.5.x.

5.8
2020-12-03 CVE-2018-21270 Nodejs Out-Of-Bounds Read vulnerability in Nodejs Node.Js

Versions less than 0.0.6 of the Node.js stringstream module are vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream (when using Node.js 4.x).

5.8
2020-12-03 CVE-2020-25693 Cimg
Fedoraproject
Heap-Based Buffer Overflow vulnerability in multiple products

A flaw was found in CImg in versions prior to 2.9.3.

5.8
2020-12-03 CVE-2020-2321 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Shelve Project

A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Project Plugin 3.0 and earlier allows attackers to shelve, unshelve, or delete a project.

5.8
2020-12-02 CVE-2020-25638 Hibernate
Debian
Quarkus
SQL Injection vulnerability in multiple products

A flaw was found in hibernate-core in versions prior to and including 5.4.23.Final.

5.8
2020-12-02 CVE-2020-27816 Elastic
Redhat
Open Redirect vulnerability in multiple products

The elasticsearch-operator does not validate the namespace where kibana logging resource is created and due to that it is possible to replace the original openshift-logging console link (kibana console) to different one, created based on the new CR for the new kibana resource.

5.8
2020-12-02 CVE-2012-0955 Canonical Improper Certificate Validation vulnerability in Canonical Software-Properties 0.81.13.1/0.81.13.3

software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py.

5.8
2020-11-30 CVE-2020-14193 Atlassian Injection vulnerability in Atlassian Jira

Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & <jira-installation>/jira/bin directories via a template injection vulnerability in Jira smart values using mustache partials.

5.5
2020-12-06 CVE-2020-29573 GNU
Redhat
Out-Of-Bounds Write vulnerability in multiple products

sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf.

5.0
2020-12-04 CVE-2020-25465 Moddable Null Pointer Dereference vulnerability in Moddable

Null Pointer Dereference.

5.0
2020-12-04 CVE-2020-25464 Moddable Out-Of-Bounds Write vulnerability in Moddable Os180328/Os180329/Os200831

Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before 20200903.

5.0
2020-12-04 CVE-2020-25463 Moddable Unspecified vulnerability in Moddable

Invalid Memory Access in fxUTF8Decode at moddable/xs/sources/xsCommon.c:916 in Moddable SDK before OS200908 causes a denial of service (SEGV).

5.0
2020-12-04 CVE-2020-25461 Moddable Unspecified vulnerability in Moddable

Invalid Memory Access in the fxProxyGetter function in moddable/xs/sources/xsProxy.c in Moddable SDK before OS200908 causes a denial of service (SEGV).

5.0
2020-12-04 CVE-2020-27408 Os4Ed Inadequate Encryption Strength vulnerability in Os4Ed Opensis 7.3/7.6

OpenSIS Community Edition through 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated attacker to change the password of arbitrary users.

5.0
2020-12-04 CVE-2020-5675 Mitsubishielectric Out-Of-Bounds Read vulnerability in Mitsubishielectric products

Out-of-bounds read issue in GT21 model of GOT2000 series (GT2107-WTBD all versions, GT2107-WTSD all versions, GT2104-RTBD all versions, GT2104-PMBD all versions, and GT2103-PMBD all versions), GS21 model of GOT series (GS2110-WTBD all versions and GS2107-WTBD all versions), and Tension Controller LE7-40GU-L all versions allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted packet.

5.0
2020-12-03 CVE-2020-29529 Hashicorp Path Traversal vulnerability in Hashicorp Go-Slug

HashiCorp go-slug up to 0.4.3 did not fully protect against directory traversal while unpacking tar archives, and protections could be bypassed with specific constructions of multiple symlinks.

5.0
2020-12-03 CVE-2020-17527 Apache Information Exposure vulnerability in Apache Tomcat

While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream.

5.0
2020-12-03 CVE-2020-27778 Freedesktop
Redhat
Access of Uninitialized Pointer vulnerability in multiple products

A flaw was found in Poppler in the way certain PDF files were converted into HTML.

5.0
2020-12-03 CVE-2020-25649 Fasterxml
Netapp
Fedoraproject
Quarkus
XXE vulnerability in multiple products

A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly.

5.0
2020-12-03 CVE-2020-28937 Openclinic Project Improper Authentication vulnerability in Openclinic Project Openclinic 0.8.2

OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Protected Health Information (PHI) stored in the application, via a direct request for the /tests/ URI.

5.0
2020-12-03 CVE-2020-2324 Jenkins XXE vulnerability in Jenkins CVS 2.16

Jenkins CVS Plugin 2.16 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.

5.0
2020-12-03 CVE-2020-2323 Netflix Missing Authorization vulnerability in Netflix Chaos Monkey

Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permission checks in an HTTP endpoint, allowing attackers with Overall/Read permission to access the Chaos Monkey page and to see the history of actions.

5.0
2020-12-03 CVE-2020-2322 Netflix Missing Authorization vulnerability in Netflix Chaos Monkey

Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform permission checks in several HTTP endpoints, allowing attackers with Overall/Read permission to generate load and to generate memory leaks.

5.0
2020-12-03 CVE-2020-6111 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1100 B Firmware

An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley MicroLogix 1100 Programmable Logic Controller Systems Series B FRN 16.000, Series B FRN 15.002, Series B FRN 15.000, Series B FRN 14.000, Series B FRN 13.000, Series B FRN 12.000, Series B FRN 11.000 and Series B FRN 10.000.

5.0
2020-12-03 CVE-2020-5680 EC Cube Improper Input Validation vulnerability in Ec-Cube

Improper input validation vulnerability in EC-CUBE versions from 3.0.5 to 3.0.18 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vector.

5.0
2020-12-03 CVE-2020-5676 Weseek Information Exposure vulnerability in Weseek Growi

GROWI v4.1.3 and earlier allow remote attackers to obtain information which is not allowed to access via unspecified vectors.

5.0
2020-12-02 CVE-2020-13956 Apache
Quarkus
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
5.0
2020-12-02 CVE-2020-12524 Phoenixcontact Resource Exhaustion vulnerability in Phoenixcontact products

Uncontrolled Resource Consumption can be exploited to cause the Phoenix Contact HMIs BTP 2043W, BTP 2070W and BTP 2102W in all versions to become unresponsive and not accurately update the display content (Denial of Service).

5.0
2020-12-02 CVE-2020-27813 Gorillatoolkit
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection.

5.0
2020-12-01 CVE-2020-28583 Trendmicro Information Exposure vulnerability in Trendmicro Apex ONE and Officescan

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information.

5.0
2020-12-01 CVE-2020-28582 Trendmicro Information Exposure vulnerability in Trendmicro Apex ONE and Officescan

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents.

5.0
2020-12-01 CVE-2020-28577 Trendmicro Information Exposure vulnerability in Trendmicro Apex ONE and Officescan

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names.

5.0
2020-12-01 CVE-2020-28576 Trendmicro Information Exposure vulnerability in Trendmicro Apex ONE and Officescan

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information.

5.0
2020-12-01 CVE-2020-28573 Trendmicro Information Exposure vulnerability in Trendmicro Apex ONE and Officescan

An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal the total agents managed by the server.

5.0
2020-12-01 CVE-2020-28993 ATX Path Traversal vulnerability in ATX Minicmts200A Firmware

A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadband Gateway through 2.0 and Pico CMTS through 2.0.

5.0
2020-12-01 CVE-2020-4128 Hcltech Improper Authentication vulnerability in Hcltech Domino 10.0.1/9.0.1

HCL Domino is susceptible to a lockout policy bypass vulnerability in the ID Vault service.

5.0
2020-12-01 CVE-2020-4129 Hcltech Unspecified vulnerability in Hcltech HCL Domino 10.0.1/9.0.1

HCL Domino is susceptible to a lockout policy bypass vulnerability in the LDAP service.

5.0
2020-11-30 CVE-2020-16849 Canon Unspecified vulnerability in Canon products

An issue was discovered on Canon MF237w 06.07 devices.

5.0
2020-11-30 CVE-2020-4625 IBM Information Exposure vulnerability in IBM Cloud PAK for Security 1.3.0.1

IBM Cloud Pak for Security 1.3.0.1(CP4S) could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag.

5.0
2020-11-30 CVE-2020-4624 IBM USE of A Broken OR Risky Cryptographic Algorithm vulnerability in IBM Cloud PAK for Security 1.3.0.1

IBM Cloud Pak for Security 1.3.0.1 (CP4S) uses weaker than expected cryptographic algorithms during negotiation could allow an attacker to decrypt sensitive information.

5.0
2020-11-30 CVE-2020-28978 Canto Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability.

5.0
2020-11-30 CVE-2020-28977 Canto Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0

The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability.

5.0
2020-11-30 CVE-2020-28976 Canto Server-Side Request Forgery (SSRF) vulnerability in Canto 1.3.0

The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability.

5.0
2020-12-03 CVE-2020-23741 Amoisoft Unspecified vulnerability in Amoisoft Anyview 4.6.0.1

In AnyView (network police) network monitoring software 4.6.0.1, there is a local denial of service vulnerability in AnyView, attackers can use a constructed program to cause a computer crash (BSOD).

4.9
2020-12-03 CVE-2020-23738 Advancedsystemcare Unspecified vulnerability in Advancedsystemcare Advanced Systemcare 13.5.0.174

There is a local denial of service vulnerability in Advanced SystemCare 13 PRO 13.5.0.174.

4.9
2020-12-03 CVE-2020-23736 Dadajiasu Unspecified vulnerability in Dadajiasu Dada Accelerator 5.6.19.816

There is a local denial of service vulnerability in DaDa accelerator 5.6.19.816,, attackers can use constructed programs to cause computer crashes (BSOD).

4.9
2020-12-03 CVE-2020-23727 Antiy Unspecified vulnerability in Antiy Zhijia Terminal Defense System 5.0.2.10121559

There is a local denial of service vulnerability in the Antiy Zhijia Terminal Defense System 5.0.2.10121559 and an attacker can cause a computer crash (BSOD).

4.9
2020-12-03 CVE-2020-23726 Wisecleaner Unspecified vulnerability in Wisecleaner Wise Care 365 5.5.4

There is a local denial of service vulnerability in Wise Care 365 5.5.4, attackers can cause computer crash (BSOD).

4.9
2020-12-03 CVE-2020-25711 Infinispan
Redhat
Improper Privilege Management vulnerability in multiple products

A flaw was found in infinispan 10 REST API, where authorization permissions are not checked while performing some server management operations.

4.9
2020-12-02 CVE-2020-26244 Python Openid Connect Project Improper Verification of Cryptographic Signature vulnerability in Python Openid Connect Project Python Openid Connect

Python oic is a Python OpenID Connect implementation.

4.9
2020-12-02 CVE-2020-25704 Linux Resource Exhaustion vulnerability in Linux Kernel

A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER.

4.9
2020-12-03 CVE-2020-23740 Drivergenius Improper Privilege Management vulnerability in Drivergenius 9.61.5480.28

In DriverGenius 9.61.5480.28 there is a local privilege escalation vulnerability in the driver wizard, attackers can use constructed programs to increase user privileges.

4.6
2020-12-03 CVE-2020-28175 Almico Improper Privilege Management vulnerability in Almico Speedfan 4.52

There is a local privilege escalation vulnerability in Alfredo Milani Comparetti SpeedFan 4.52.

4.6
2020-12-03 CVE-2020-23735 Saibo Improper Privilege Management vulnerability in Saibo Cyber Game Accelerator 3.7.9

In Saibo Cyber Game Accelerator 3.7.9 there is a local privilege escalation vulnerability.

4.6
2020-12-03 CVE-2020-14381 Linux USE After Free vulnerability in Linux Kernel

A flaw was found in the Linux kernel’s futex implementation.

4.6
2020-12-03 CVE-2020-14351 Linux
Redhat
USE After Free vulnerability in multiple products

A flaw was found in the Linux kernel.

4.6
2020-12-01 CVE-2020-28575 Trendmicro Out-Of-Bounds Write vulnerability in Trendmicro Serverprotect 3.0

A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affected installations.

4.6
2020-12-01 CVE-2020-8539 KIA Incorrect Default Permissions vulnerability in KIA Head Unit Firmware Sop.003.30.18.0703/Sop.005.7.181019/Sop.007.1.191209

Kia Motors Head Unit with Software version: SOP.003.30.18.0703, SOP.005.7.181019, and SOP.007.1.191209 may allow an attacker to inject unauthorized commands, by executing the micomd executable deamon, to trigger unintended functionalities.

4.6
2020-12-01 CVE-2020-9117 Huawei Out-Of-Bounds Read vulnerability in Huawei Nova 4 Firmware and Sydneym-Al00 Firmware

HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10.0.0.165(C00E66R1P5) have an out-of-bounds read and write vulnerability.

4.6
2020-11-30 CVE-2020-8351 Lenovo Improper Privilege Management vulnerability in Lenovo Pcmanager

A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an authenticated user to execute code with elevated privileges.

4.6
2020-12-04 CVE-2020-27348 Canonical Uncontrolled Search Path Element vulnerability in Canonical Snapcraft and Ubuntu Linux

In some conditions, a snap package built by snapcraft includes the current directory in LD_LIBRARY_PATH, allowing a malicious snap to gain code execution within the context of another snap if both plug the home interface or similar.

4.4
2020-12-03 CVE-2020-6021 Checkpoint Uncontrolled Search Path Element vulnerability in Checkpoint Endpoint Security E80.96/E83.20/E84.10

Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place.

4.4
2020-12-01 CVE-2020-7335 Mcafee Improper Privilege Management vulnerability in Mcafee Total Protection

Privilege Escalation vulnerability in Microsoft Windows client McAfee Total Protection (MTP) prior to 16.0.29 allows local users to gain elevated privileges via careful manipulation of a folder by creating a junction link.

4.4
2020-11-30 CVE-2020-25624 Qemu Out-Of-Bounds Read vulnerability in Qemu 5.0.0

hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver.

4.4
2020-12-06 CVE-2020-29572 Misp Cross-Site Scripting vulnerability in Misp 2.4.135

app/View/Elements/genericElements/SingleViews/Fields/genericField.ctp in MISP 2.4.135 has XSS via the authkey comment field.

4.3
2020-12-04 CVE-2020-27773 Imagemagick
Redhat
Debian
Divide BY Zero vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/gem-private.h.

4.3
2020-12-04 CVE-2020-27772 Imagemagick
Redhat
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in coders/bmp.c.

4.3
2020-12-04 CVE-2020-27776 Imagemagick
Redhat
Integer Overflow OR Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/statistic.c.

4.3
2020-12-04 CVE-2020-27775 Imagemagick
Redhat
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/quantum.h.

4.3
2020-12-04 CVE-2020-27774 Imagemagick
Redhat
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/statistic.c.

4.3
2020-12-04 CVE-2020-27409 Os4Ed Cross-Site Scripting vulnerability in Os4Ed Opensis 7.3

OpenSIS Community Edition before 7.5 is affected by a cross-site scripting (XSS) vulnerability in SideForStudent.php via the modname parameter.

4.3
2020-12-04 CVE-2020-27771 Imagemagick
Redhat
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type.

4.3
2020-12-04 CVE-2020-27770 Imagemagick
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

Due to a missing check for 0 value of `replace_extent`, it is possible for offset `p` to overflow in SubstituteString(), causing potential impact to application availability.

4.3
2020-12-04 CVE-2020-27767 Imagemagick
Redhat
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/quantum.h.

4.3
2020-12-04 CVE-2020-27765 Imagemagick
Redhat
Debian
Divide BY Zero vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/segment.c.

4.3
2020-12-04 CVE-2020-29561 Boom Core Missing Authorization vulnerability in Boom-Core Risvc-Boom 3.0.0

An issue was discovered in SonicBOOM riscv-boom 3.0.0.

4.3
2020-12-03 CVE-2020-13524 Pixar Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Pixar Openusd 20.05

An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files.

4.3
2020-12-03 CVE-2020-27783 Lxml
Redhat
Cross-Site Scripting vulnerability in multiple products

A XSS vulnerability was discovered in python-lxml's clean module.

4.3
2020-12-03 CVE-2020-27764 Imagemagick
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a size_t cast should have been a ssize_t cast, which causes out-of-range values under some circumstances when a crafted input file is processed by ImageMagick.

4.3
2020-12-03 CVE-2020-27763 Imagemagick
Debian
Divide BY Zero vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/resize.c.

4.3
2020-12-03 CVE-2020-27762 Imagemagick
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in coders/hdr.c.

4.3
2020-12-03 CVE-2020-27761 Imagemagick
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

WritePALMImage() in /coders/palm.c used size_t casts in several areas of a calculation which could lead to values outside the range of representable type `unsigned long` undefined behavior when a crafted input file was processed by ImageMagick.

4.3
2020-12-03 CVE-2020-27760 Imagemagick
Debian
Divide BY Zero vulnerability in multiple products

In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's possible to trigger a divide-by-zero condition when a crafted input file is processed by ImageMagick.

4.3
2020-12-03 CVE-2020-27759 Imagemagick
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted to int and returned, which in some cases caused a value outside the range of type `int` to be returned.

4.3
2020-12-03 CVE-2020-5679 EC Cube Improper Restriction of Rendered UI Layers OR Frames vulnerability in Ec-Cube

Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads to clickjacking attacks.

4.3
2020-12-03 CVE-2020-5678 Weseek Cross-Site Scripting vulnerability in Weseek Growi

Stored cross-site scripting vulnerability in GROWI v3.8.1 and earlier allows remote attackers to inject arbitrary script via unspecified vectors.

4.3
2020-12-03 CVE-2020-5677 Weseek Cross-Site Scripting vulnerability in Weseek Growi

Reflected cross-site scripting vulnerability in GROWI v4.0.0 and earlier allows remote attackers to inject arbitrary script via unspecified vectors.

4.3
2020-12-03 CVE-2020-5638 Desknets Cross-Site Scripting vulnerability in Desknets NEO 5.5

Cross-site scripting vulnerability in desknet's NEO (desknet's NEO Small License V5.5 R1.5 and earlier, and desknet's NEO Enterprise License V5.5 R1.5 and earlier) allows remote attackers to inject arbitrary script via unspecified vectors.

4.3
2020-12-02 CVE-2020-13498 Pixar Out-Of-Bounds Read vulnerability in Pixar Openusd 20.05

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types.

4.3
2020-12-02 CVE-2020-13497 Pixar Out-Of-Bounds Read vulnerability in Pixar Openusd 20.05

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types.

4.3
2020-12-02 CVE-2020-13496 Pixar Out-Of-Bounds Read vulnerability in Pixar Openusd 20.05

An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types.

4.3
2020-12-02 CVE-2020-13494 Pixar Classic Buffer Overflow vulnerability in Pixar Openusd 20.05

A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files.

4.3
2020-12-02 CVE-2020-29239 Online Voting System Project Cross-Site Scripting vulnerability in Online Voting System Project Online Voting System 1.0

Online Birth Certificate System Project V 1.0 is affected by cross-site scripting (XSS).

4.3
2020-12-02 CVE-2020-25266 Appimage Download of Code Without Integrity Check vulnerability in Appimage Appimaged

AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid appimage.

4.3
2020-12-02 CVE-2020-25265 Appimage Unspecified vulnerability in Appimage Libappimage

AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components.

4.3
2020-12-02 CVE-2020-29456 Papermerge Cross-Site Scripting vulnerability in Papermerge

Multiple cross-site scripting (XSS) vulnerabilities in Papermerge before 1.5.2 allow remote attackers to inject arbitrary web script or HTML via the rename, tag, upload, or create folder function.

4.3
2020-12-01 CVE-2020-29315 Ctolog Cross-Site Scripting vulnerability in Ctolog Thinkadmin 1.0/6.0

ThinkAdmin version v1 v6 has a stored XSS vulnerability which allows remote attackers to inject an arbitrary web script or HTML.

4.3
2020-12-01 CVE-2020-4126 Hcltech Information Exposure vulnerability in Hcltech HCL Inotes 10.0.1/11.0.0/11.0.1

HCL iNotes is susceptible to a sensitive cookie exposure vulnerability.

4.3
2020-11-30 CVE-2020-4127 Hcltech Cross-Site Request Forgery (CSRF) vulnerability in Hcltech HCL Domino 10.0.1/9.0.1

HCL Domino is susceptible to a Login CSRF vulnerability.

4.3
2020-11-30 CVE-2020-29395 Myeventon Cross-Site Scripting vulnerability in Myeventon Eventon

The EventON plugin through 3.0.5 for WordPress allows addons/?q= XSS via the search field.

4.3
2020-11-30 CVE-2020-27586 Quickheal Cleartext Transmission of Sensitive Information vulnerability in Quickheal Total Security

Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text.

4.3
2020-11-30 CVE-2020-17901 Pbootcms Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 1.3.2

Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers to change the password of a user.

4.3
2020-11-30 CVE-2020-29384 Advsys Integer Overflow OR Wraparound vulnerability in Advsys Pngout 20200115

An issue was discovered in PNGOUT 2020-01-15.

4.3
2020-12-03 CVE-2020-28923 Lightbend Unspecified vulnerability in Lightbend Play Framework

An issue was discovered in Play Framework 2.8.0 through 2.8.4.

4.0
2020-12-03 CVE-2020-14318 Samba
Redhat
Incorrect Privilege Assignment vulnerability in multiple products

A flaw was found in the way samba handled file and directory permissions.

4.0
2020-12-03 CVE-2020-26246 Pimcore Improper Preservation of Permissions vulnerability in Pimcore

Pimcore is an open source digital experience platform.

4.0
2020-12-02 CVE-2020-28206 Bitrix24 Improper Restriction of Excessive Authentication Attempts vulnerability in Bitrix24 Bitrix Framework 20.0

An issue was discovered in Bitrix24 Bitrix Framework (1c site management) 20.0.

4.0
2020-12-02 CVE-2020-29454 Umbraco Incorrect Permission Assignment for Critical Resource vulnerability in Umbraco CMS

Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access.

4.0
2020-12-02 CVE-2020-14383 Samba
Redhat
A flaw was found in samba's DNS server.
4.0
2020-11-30 CVE-2020-4696 IBM Insufficient Session Expiration vulnerability in IBM Cloud PAK for Security 1.3.0.1

IBM Cloud Pak for Security 1.3.0.1(CP4S) does not invalidate session after logout which could allow an authenticated user to obtain sensitive information from the previous session.

4.0
2020-11-30 CVE-2020-4626 IBM Information Exposure vulnerability in IBM Cloud PAK for Security 1.3.0.1

IBM Cloud Pak for Security 1.3.0.1 (CP4S) could reveal sensitive information about the internal network to an authenticated user using a specially crafted HTTP request.

4.0

24 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-01 CVE-2020-15257 Linuxfoundation
Fedoraproject
Debian
Incorrect Resource Transfer Between Spheres vulnerability in multiple products

containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows.

3.6
2020-12-04 CVE-2020-25449 Arachnys Cross-Site Scripting vulnerability in Arachnys Cabot 0.11.12

Cross Site Scripting (XSS) vulnerability in Arachnys Cabot 0.11.12 can be exploited via the Address column.

3.5
2020-12-03 CVE-2020-28938 Openclinic Project Cross-Site Scripting vulnerability in Openclinic Project Openclinic 0.8.2

OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users.

3.5
2020-12-02 CVE-2020-29240 Lepton CMS Cross-Site Scripting vulnerability in Lepton-Cms Leptoncms 4.7.0

Lepton-CMS 4.7.0 is affected by cross-site scripting (XSS).

3.5
2020-12-01 CVE-2020-26250 Jupyter Incorrect Authorization vulnerability in Jupyter Oauthenticator 0.12.0/0.12.1

OAuthenticator is an OAuth login mechanism for JupyterHub.

3.5
2020-12-01 CVE-2019-16958 Solarwinds Cross-Site Scripting vulnerability in Solarwinds Help Desk 12.7.0

Cross-site Scripting (XSS) vulnerability in SolarWinds Web Help Desk 12.7.0 allows attacker to inject arbitrary web script or HTML via Location Name.

3.5
2020-12-01 CVE-2020-7546 Schneider Electric Cross-Site Scripting vulnerability in Schneider-Electric products

A CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow an attacker to perform actions on behalf of the authorized user when accessing an affected webpage.

3.5
2020-11-30 CVE-2020-29364 Netartmedia Cross-Site Scripting vulnerability in Netartmedia News Lister 1.0.0

In NetArt News Lister 1.0.0, the news headlines vulnerable to stored xss attacks.

3.5
2020-11-30 CVE-2020-27659 Synology Cross-Site Scripting vulnerability in Synology Safeaccess

Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) profile parameter.

3.5
2020-11-30 CVE-2020-29438 Tesla Improper Verification of Cryptographic Signature vulnerability in Tesla Model X Firmware

Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification.

3.3
2020-11-30 CVE-2020-6317 SAP Information Exposure vulnerability in SAP Adaptive Server Enterprise 15.7/16.0

In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files.

2.7
2020-12-04 CVE-2020-29562 GNU
Fedoraproject
Netapp
Reachable Assertion vulnerability in multiple products

The iconv function in the GNU C Library (aka glibc or libc6) 2.30 to 2.32, when converting UCS4 text containing an irreversible character, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

2.1
2020-12-04 CVE-2020-28916 Qemu
Debian
Infinite Loop vulnerability in multiple products

hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.

2.1
2020-12-04 CVE-2020-16123 Canonical Race Condition vulnerability in Canonical Ubuntu Linux

An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were missing, allowing the snap to connect to PulseAudio without proper confinement.

2.1
2020-12-02 CVE-2020-25723 Qemu Reachable Assertion vulnerability in Qemu

A reachable assertion issue was found in the USB EHCI emulation code of QEMU.

2.1
2020-12-01 CVE-2020-11990 Apache Unspecified vulnerability in Apache Cordova 4.1.0

We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications.

2.1
2020-11-30 CVE-2020-29440 Tesla Improper Certificate Validation vulnerability in Tesla Model X Firmware

Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module (BCM).

2.1
2020-11-30 CVE-2020-29439 Tesla Unspecified vulnerability in Tesla Model X Firmware

Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module (BCM) to initiate a Bluetooth wake-up action.

2.1
2020-11-30 CVE-2020-11867 Audacityteam
Fedoraproject
Incorrect Default Permissions vulnerability in multiple products

Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default.

2.1
2020-11-30 CVE-2020-27587 Quickheal Weak Password Requirements vulnerability in Quickheal Total Security

Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access to files in the File Vault via a brute-force attack on the password.

2.1
2020-11-30 CVE-2020-27585 Quickheal Weak Password Requirements vulnerability in Quickheal Total Security

Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password.

2.1
2020-11-30 CVE-2020-29392 Lock Password Manager Safe APP Project Insufficiently Protected Credentials vulnerability in Lock Password Manager Safe APP Project Lock Password Manager Safe APP 2.3

The Estil Hill Lock Password Manager Safe app 2.3 for iOS has a *#06#* backdoor password.

2.1
2020-11-30 CVE-2020-4900 IBM Information Exposure Through LOG Files vulnerability in IBM Business Automation Workflow 19.0.0.3

IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files that could be read by a local user.

2.1
2020-12-02 CVE-2020-25656 Linux
Redhat
USE After Free vulnerability in multiple products

A flaw was found in the Linux kernel.

1.9