Weekly Vulnerabilities Reports > December 7 to 13, 2020

Overview

431 new vulnerabilities reported during this period, including 69 critical vulnerabilities and 54 high severity vulnerabilities. This weekly summary report vulnerabilities in 336 products from 132 vendors including Apple, Microsoft, Mozilla, Debian, and Imagemagick. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Read", "Out-of-bounds Write", "Improper Privilege Management", and "Use After Free".

  • 359 reported vulnerabilities are remotely exploitables.
  • 6 reported vulnerabilities have public exploit available.
  • 92 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 348 reported vulnerabilities are exploitable by an anonymous user.
  • Apple has the most reported vulnerabilities, with 63 reported vulnerabilities.
  • Apple has the most reported critical vulnerabilities, with 17 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

69 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-11 CVE-2020-29589 Influxdata Unspecified vulnerability in Influxdata Kapacitor

Versions of the Official kapacitor Docker images through 1.5.0-alpine contain a blank password for the root user.

10.0
2020-12-11 CVE-2020-15357 Askey Unspecified vulnerability in Askey Ap5100W Firmware 1.01.097

Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and all prior versions allows remote attackers to execute arbitrary commands via a shell metacharacter in the ping, traceroute, or route options.

10.0
2020-12-11 CVE-2020-29591 Docker Weak Password Requirements vulnerability in Docker Registry

Versions of the Official registry Docker images through 2.7.0 contain a blank password for the root user.

10.0
2020-12-11 CVE-2020-29590 Teamspeak Weak Password Requirements vulnerability in Teamspeak Docker Image

Versions of the Official teamspeak Docker images through 3.6.0 contain a blank password for the root user.

10.0
2020-12-11 CVE-2020-24634 Arubanetworks Command Injection vulnerability in Arubanetworks Arubaos

An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.

10.0
2020-12-11 CVE-2020-24633 Arubanetworks Classic Buffer Overflow vulnerability in Arubanetworks Arubaos

There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.

10.0
2020-12-10 CVE-2020-29311 Ubilling Command Injection vulnerability in Ubilling 1.0.9

Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command that is injected inside the config file and being triggered by another part of the software.

10.0
2020-12-10 CVE-2020-26201 Singtel Weak Password Requirements vulnerability in Singtel Askey Ap5100W-D171 Firmware

Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password at the Operating System (rlx-linux) level.

10.0
2020-12-10 CVE-2020-19527 Idreamsoft OS Command Injection vulnerability in Idreamsoft Icms 7.0.14

iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DB_NAME parameter to install/install.php.

10.0
2020-12-10 CVE-2020-19142 Idreamsoft OS Command Injection vulnerability in Idreamsoft Icms 7.0.0

iCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.

10.0
2020-12-10 CVE-2020-29667 Lanatmservice Insufficient Session Expiration vulnerability in Lanatmservice M3 ATM Monitoring System 6.1.0

In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote attacker able to use a default cookie value, such as PHPSESSID=LANIT-IMANAGER, can achieve control over the system because of Insufficient Session Expiration.

10.0
2020-12-10 CVE-2020-17118 Microsoft Unspecified vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Microsoft SharePoint Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17121.

10.0
2020-12-09 CVE-2020-29659 Flexense Classic Buffer Overflow vulnerability in Flexense Dupscout 10.0.18

A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack.

10.0
2020-12-08 CVE-2020-29602 Irssi Unspecified vulnerability in Irssi Docker Image

The official irssi docker images before 1.1-alpine (Alpine specific) contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29601 Docker Unspecified vulnerability in Docker Notary Docker Image

The official notary docker images before signer-0.6.1-1 contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29581 Docker Unspecified vulnerability in Docker Spiped Alpine Docker Image

The official spiped docker images before 1.5-alpine contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29580 Docker Unspecified vulnerability in Docker Storm Docker Image

The official storm Docker images before 1.2.1 contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29579 Express Gateway Unspecified vulnerability in Express-Gateway Docker Image

The official Express Gateway Docker images before 1.14.0 contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29577 ZNC Unspecified vulnerability in ZNC Docker Image

The official znc docker images before 1.7.1-slim contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29576 Eggheads Unspecified vulnerability in Eggheads Eggdrop Docker Image

The official eggdrop Docker images before 1.8.4rc2 contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29575 Docker Unspecified vulnerability in Docker Elixir Alpine Docker Image

The official elixir Docker images before 1.8.0-alpine (Alpine specific) contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29564 Hashicorp Unspecified vulnerability in Hashicorp Consul Docker Image

The official Consul Docker images 0.7.1 through 1.4.2 contain a blank password for a root user.

10.0
2020-12-08 CVE-2020-29578 Matomo Unspecified vulnerability in Matomo Piwik Fpm-Alpine Docker Image

The official piwik Docker images before fpm-alpine (Alpine specific) contain a blank password for a root user.

10.0
2020-12-10 CVE-2020-17002 Microsoft Unspecified vulnerability in Microsoft C SDK for Azure IOT

Azure SDK for C Security Feature Bypass Vulnerability

9.4
2020-12-10 CVE-2020-16608 Notable Cross-site Scripting vulnerability in Notable 1.8.4

Notable 1.8.4 allows XSS via crafted Markdown text, with resultant remote code execution (because nodeIntegration in webPreferences is true).

9.3
2020-12-10 CVE-2020-17129 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128.

9.3
2020-12-10 CVE-2020-17128 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17129.

9.3
2020-12-10 CVE-2020-17127 Microsoft Unspecified vulnerability in Microsoft Excel 2010

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17123, CVE-2020-17125, CVE-2020-17128, CVE-2020-17129.

9.3
2020-12-10 CVE-2020-17125 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17123, CVE-2020-17127, CVE-2020-17128, CVE-2020-17129.

9.3
2020-12-10 CVE-2020-17124 Microsoft Unspecified vulnerability in Microsoft 365 Apps, Office and Powerpoint

Microsoft PowerPoint Remote Code Execution Vulnerability

9.3
2020-12-10 CVE-2020-17123 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128, CVE-2020-17129.

9.3
2020-12-10 CVE-2020-17122 Microsoft Unspecified vulnerability in Microsoft Office, Office web Apps and Sharepoint Server

Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128, CVE-2020-17129.

9.3
2020-12-09 CVE-2020-26970 Mozilla Out-of-bounds Write vulnerability in Mozilla Thunderbird

When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte.

9.3
2020-12-09 CVE-2020-26969 Mozilla Out-of-bounds Write vulnerability in Mozilla Firefox

Mozilla developers reported memory safety bugs present in Firefox 82.

9.3
2020-12-09 CVE-2020-26968 Mozilla Out-of-bounds Write vulnerability in Mozilla Firefox

Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4.

9.3
2020-12-09 CVE-2020-26960 Mozilla Use After Free vulnerability in Mozilla Firefox

If the Compact() method was called on an nsTArray, the array could have been reallocated without updating other pointers, leading to a potential use-after-free and exploitable crash.

9.3
2020-12-09 CVE-2020-26952 Mozilla Out-of-bounds Write vulnerability in Mozilla Firefox

Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors.

9.3
2020-12-09 CVE-2020-26950 Mozilla Use After Free vulnerability in Mozilla Firefox

In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition.

9.3
2020-12-08 CVE-2020-27932 Apple Type Confusion vulnerability in Apple products

A type confusion issue was addressed with improved state handling.

9.3
2020-12-08 CVE-2020-27926 Apple Use After Free vulnerability in Apple Ipados and Iphone OS

A use after free issue was addressed with improved memory management.

9.3
2020-12-08 CVE-2020-27917 Apple Use After Free vulnerability in Apple products

A use after free issue was addressed with improved memory management.

9.3
2020-12-08 CVE-2020-27916 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write was addressed with improved input validation.

9.3
2020-12-08 CVE-2020-27912 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write was addressed with improved input validation.

9.3
2020-12-08 CVE-2020-27911 Apple Integer Overflow or Wraparound vulnerability in Apple products

An integer overflow was addressed through improved input validation.

9.3
2020-12-08 CVE-2020-27910 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

9.3
2020-12-08 CVE-2020-27909 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

9.3
2020-12-08 CVE-2020-27906 Apple Integer Overflow or Wraparound vulnerability in Apple Macos 10.15.7/11.0

Multiple integer overflows were addressed with improved input validation.

9.3
2020-12-08 CVE-2020-27905 Apple Unspecified vulnerability in Apple products

A memory corruption issue was addressed with improved state management.

9.3
2020-12-08 CVE-2020-27904 Apple Unspecified vulnerability in Apple Macos 11.0

A logic issue existed resulting in memory corruption.

9.3
2020-12-08 CVE-2020-27903 Apple Improper Privilege Management vulnerability in Apple Macos 11.0

This issue was addressed by removing the vulnerable code.

9.3
2020-12-08 CVE-2020-9981 Apple Use After Free vulnerability in Apple products

A use after free issue was addressed with improved memory management.

9.3
2020-12-08 CVE-2020-9965 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

9.3
2020-12-08 CVE-2020-9949 Apple Use After Free vulnerability in Apple products

A use after free issue was addressed with improved memory management.

9.3
2020-12-08 CVE-2020-10016 Apple Unspecified vulnerability in Apple products

A memory corruption issue was addressed with improved state management.

9.3
2020-12-08 CVE-2020-10013 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved state management.

9.3
2020-12-11 CVE-2020-27134 Cisco Information Exposure vulnerability in Cisco Jabber and Jabber for Mobile Platforms

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information.

9.0
2020-12-11 CVE-2020-27133 Cisco Improper Privilege Management vulnerability in Cisco Jabber and Jabber for Mobile Platforms

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information.

9.0
2020-12-11 CVE-2020-27132 Cisco Improper Privilege Management vulnerability in Cisco Jabber and Jabber for Mobile Platforms

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information.

9.0
2020-12-11 CVE-2020-27127 Cisco Improper Privilege Management vulnerability in Cisco Jabber and Jabber for Mobile Platforms

Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) with elevated privileges or gain access to sensitive information.

9.0
2020-12-11 CVE-2020-4633 IBM Improper Input Validation vulnerability in IBM Resilient Security Orchestration Automation and Response 38.0

IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbitrary code on the system, caused by formula injection due to improper input validation.

9.0
2020-12-11 CVE-2020-24637 Arubanetworks Unspecified vulnerability in Arubanetworks Arubaos

Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot.

9.0
2020-12-10 CVE-2020-12594 Broadcom Improper Privilege Management vulnerability in Broadcom Symantec Messaging Gateway

A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance.

9.0
2020-12-10 CVE-2020-17117 Microsoft Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019

Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17132, CVE-2020-17141, CVE-2020-17142, CVE-2020-17144.

9.0
2020-12-10 CVE-2020-17096 Microsoft Unspecified vulnerability in Microsoft products

Windows NTFS Remote Code Execution Vulnerability

9.0
2020-12-10 CVE-2020-17095 Microsoft Unspecified vulnerability in Microsoft products

Hyper-V Remote Code Execution Vulnerability

9.0
2020-12-09 CVE-2020-25499 Totolink Command Injection vulnerability in Totolink products

TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's 'Run Command'.

9.0
2020-12-09 CVE-2020-26838 SAP OS Command Injection vulnerability in SAP Business Warehouse and Bw/4Hana

SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782, and SAP BW4HANA, versions - 100, 200 allows an attacker authenticated with (high) developer privileges to submit a crafted request to generate and execute code without requiring any user interaction.

9.0
2020-12-09 CVE-2020-26829 SAP Improper Authentication vulnerability in SAP Netweaver Application Server Java

SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal cluster communication.

9.0
2020-12-07 CVE-2020-27151 Katacontainers Unspecified vulnerability in Katacontainers Kata Containers

An issue was discovered in Kata Containers through 1.11.3 and 2.x through 2.0-rc1.

9.0

54 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-11 CVE-2020-12149 Silver Peak OS Command Injection vulnerability in Silver-Peak Ecos

The configuration backup/restore function in Silver Peak Unity ECOSTM (ECOS) appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input.

8.5
2020-12-11 CVE-2020-12148 Silver Peak OS Command Injection vulnerability in Silver-Peak Ecos

A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM (ECOS) appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance.

8.5
2020-12-11 CVE-2020-25191 NI Incorrect Permission Assignment for Critical Resource vulnerability in NI Compactrio Firmware

Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to trigger a function that could reboot the CompactRIO (Driver versions prior to 20.5) remotely.

7.8
2020-12-11 CVE-2020-7536 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M340 CPUs (BMXP34* versions prior to V3.30) Modicon M340 Communication Ethernet modules (BMXNOE0100 (H) versions prior to V3.4 BMXNOE0110 (H) versions prior to V6.6 BMXNOR0200H all versions), that could cause the device to be unreachable when modifying network parameters over SNMP.

7.8
2020-12-12 CVE-2020-29563 Westerndigital Improper Authentication vulnerability in Westerndigital MY Cloud OS 5

An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118.

7.5
2020-12-11 CVE-2020-25112 Contiki OS Out-of-bounds Write vulnerability in Contiki-Os 3.0

An issue was discovered in the IPv6 stack in Contiki through 3.0.

7.5
2020-12-11 CVE-2020-25111 Contiki OS Out-of-bounds Write vulnerability in Contiki-Os 3.0

An issue was discovered in the IPv6 stack in Contiki through 3.0.

7.5
2020-12-11 CVE-2020-25110 Ethernut Out-of-bounds Read vulnerability in Ethernut Nut/Os 5.1

An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1.

7.5
2020-12-11 CVE-2020-25109 Ethernut Out-of-bounds Read vulnerability in Ethernut Nut/Os 5.1

An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1.

7.5
2020-12-11 CVE-2020-25108 Ethernut Out-of-bounds Write vulnerability in Ethernut Nut/Os 5.1

An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1.

7.5
2020-12-11 CVE-2020-25107 Ethernut Out-of-bounds Read vulnerability in Ethernut Nut/Os 5.1

An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1.

7.5
2020-12-11 CVE-2020-24338 Altran Out-of-bounds Write vulnerability in Altran Picotcp

An issue was discovered in picoTCP through 1.7.0.

7.5
2020-12-11 CVE-2020-24336 Contiki NG
Contiki OS
Classic Buffer Overflow vulnerability in multiple products

An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5.

7.5
2020-12-11 CVE-2020-17439 UIP Project Improper Input Validation vulnerability in UIP Project UIP 1.0

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products.

7.5
2020-12-11 CVE-2020-17438 UIP Project Out-of-bounds Write vulnerability in UIP Project UIP 1.0

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products.

7.5
2020-12-11 CVE-2020-27730 F5 Path Traversal vulnerability in F5 Nginx Controller

In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities.

7.5
2020-12-11 CVE-2020-19165 Phpshe SQL Injection vulnerability in PHPshe 1.7

PHPSHE 1.7 has SQL injection via the admin.php?mod=user&userlevel_id=1 userlevel_id[] parameter.

7.5
2020-12-11 CVE-2020-29574 Sophos SQL Injection vulnerability in Sophos Cyberoamos

An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely.

7.5
2020-12-11 CVE-2020-28440 Corenlp JS Interface Project Command Injection vulnerability in Corenlp-Js-Interface Project Corenlp-Js-Interface

All versions of package corenlp-js-interface are vulnerable to Command Injection via the main function.

7.5
2020-12-11 CVE-2020-28439 Corenlp JS Prefab Project Command Injection vulnerability in Corenlp-Js-Prefab Project Corenlp-Js-Prefab

This affects all versions of package corenlp-js-prefab.

7.5
2020-12-11 CVE-2020-7792 Moutjs Unspecified vulnerability in Moutjs Mout

This affects all versions of package mout.

7.5
2020-12-11 CVE-2020-7788 INI Project
Debian
Resource Exhaustion vulnerability in multiple products

This affects the package ini before 1.3.6.

7.5
2020-12-11 CVE-2020-13556 Opener Project Out-of-bounds Write vulnerability in Opener Project Opener 2.3

An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3.

7.5
2020-12-11 CVE-2020-17530 Apache
Oracle
Expression Language Injection vulnerability in multiple products

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution.

7.5
2020-12-11 CVE-2020-7540 Schneider Electric Missing Authentication for Critical Function vulnerability in Schneider-Electric products

A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause unauthenticated command execution in the controller when sending special HTTP requests.

7.5
2020-12-11 CVE-2020-28215 Schneider Electric Missing Authorization vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7

A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older), that could cause a wide range of problems, including information exposures, denial of service, and arbitrary code execution when access control checks are not applied consistently.

7.5
2020-12-10 CVE-2019-7198 Qnap Command Injection vulnerability in Qnap QTS and Quts Hero

This command injection vulnerability allows attackers to execute arbitrary commands in a compromised application.

7.5
2020-12-09 CVE-2020-26832 SAP Missing Authorization vulnerability in SAP Netweaver AS Abap and S/4 Hana

SAP AS ABAP (SAP Landscape Transformation), versions - 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730, 2011_1_731, 2011_1_752, 2020 and SAP S4 HANA (SAP Landscape Transformation), versions - 101, 102, 103, 104, 105, allows a high privileged user to execute a RFC function module to which access should be restricted, however due to missing authorization an attacker can get access to some sensitive internal information of vulnerable SAP system or to make vulnerable SAP systems completely unavailable.

7.5
2020-12-08 CVE-2020-28274 Deepref Project Unspecified vulnerability in Deepref Project Deepref

Prototype pollution vulnerability in 'deepref' versions 1.1.1 through 1.2.1 allows attacker to cause a denial of service and may lead to remote code execution.

7.5
2020-12-08 CVE-2020-25889 Online BUS Booking System Project SQL Injection vulnerability in Online BUS Booking System Project Online BUS Booking System 1.0

Online Bus Booking System Project Using PHP/MySQL version 1.0 has SQL injection via the login page.

7.5
2020-12-08 CVE-2020-17531 Apache Deserialization of Untrusted Data vulnerability in Apache Tapestry

A Java Serialization vulnerability was found in Apache Tapestry 4.

7.5
2020-12-07 CVE-2020-29600 Awstats
Debian
Fedoraproject
Path Traversal vulnerability in multiple products

In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even though it was intended to only read a file in the /etc/awstats/awstats.conf format.

7.5
2020-12-07 CVE-2020-29597 Incomcms Project Unrestricted Upload of File with Dangerous Type vulnerability in Incomcms Project Incomcms 2.0

IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability.

7.5
2020-12-07 CVE-2020-29595 Acdsee Unspecified vulnerability in Acdsee Photo Studio 2021 14.0

PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 14.0 Build 1705 has a User Mode Write AV starting at IDE_ACDStd!JPEGTransW+0x00000000000031aa.

7.5
2020-12-07 CVE-2020-5800 EAT Spray Love Project Improper Authentication vulnerability in EAT Spray Love Project EAT Spray Love 2.0.20

The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access to.

7.5
2020-12-07 CVE-2020-5799 EAT Spray Love Project Unspecified vulnerability in EAT Spray Love Project EAT Spray Love 2.0.20

The Eat Spray Love mobile app for both iOS and Android contains a backdoor account that, when modified, allowed privileged access to restricted functionality and to other users' data.

7.5
2020-12-11 CVE-2020-27786 Linux
Redhat
Use After Free vulnerability in multiple products

A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue.

7.2
2020-12-10 CVE-2020-4829 IBM Unspecified vulnerability in IBM AIX and Vios

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in the ksu user command to gain root privileges.

7.2
2020-12-10 CVE-2020-17103 Microsoft Improper Privilege Management vulnerability in Microsoft products

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17134, CVE-2020-17136.

7.2
2020-12-10 CVE-2020-17092 Microsoft Improper Privilege Management vulnerability in Microsoft products

Windows Network Connections Service Elevation of Privilege Vulnerability

7.2
2020-12-10 CVE-2020-16964 Microsoft Improper Privilege Management vulnerability in Microsoft products

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963.

7.2
2020-12-10 CVE-2020-16963 Microsoft Improper Privilege Management vulnerability in Microsoft products

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16964.

7.2
2020-12-10 CVE-2020-16962 Microsoft Improper Privilege Management vulnerability in Microsoft products

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16963, CVE-2020-16964.

7.2
2020-12-10 CVE-2020-16961 Microsoft Improper Privilege Management vulnerability in Microsoft products

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16960, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.

7.2
2020-12-10 CVE-2020-16960 Microsoft Improper Privilege Management vulnerability in Microsoft products

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16959, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.

7.2
2020-12-10 CVE-2020-16959 Microsoft Improper Privilege Management vulnerability in Microsoft products

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16958, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.

7.2
2020-12-10 CVE-2020-16958 Microsoft Improper Privilege Management vulnerability in Microsoft products

Windows Backup Engine Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-16959, CVE-2020-16960, CVE-2020-16961, CVE-2020-16962, CVE-2020-16963, CVE-2020-16964.

7.2
2020-12-09 CVE-2020-10143 Macrium Improper Privilege Management vulnerability in Macrium Reflect

Macrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR variable as C:\openssl\.

7.2
2020-12-09 CVE-2020-2049 Paloaltonetworks Uncontrolled Search Path Element vulnerability in Paloaltonetworks Cortex XDR Agent 7.1/7.1.2/7.2

A local privilege escalation vulnerability exists in Palo Alto Networks Cortex XDR Agent on the Windows platform that allows an authenticated local Windows user to execute programs with SYSTEM privileges.

7.2
2020-12-09 CVE-2020-29661 Linux
Fedoraproject
Improper Locking vulnerability in multiple products

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13.

7.2
2020-12-09 CVE-2020-27614 Anydesk Improper Privilege Management vulnerability in Anydesk

AnyDesk for macOS versions 6.0.2 and older have a vulnerability in the XPC interface that does not properly validate client requests and allows local privilege escalation.

7.2
2020-12-07 CVE-2020-5798 Druva Improper Validation of Integrity Check Value vulnerability in Druva Insync 6.8.0

inSync Client installer for macOS versions v6.8.0 and prior could allow an attacker to gain privileges of a root user from a lower privileged user due to improper integrity checks and directory permissions.

7.2
2020-12-08 CVE-2020-27950 Apple Improper Initialization vulnerability in Apple products

A memory initialization issue was addressed.

7.1
2020-12-08 CVE-2020-27822 Redhat Memory Leak vulnerability in Redhat Wildfly

A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final.

7.1

250 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-12 CVE-2020-29654 Westerndigital Uncontrolled Search Path Element vulnerability in Westerndigital Dashboard

Western Digital Dashboard before 3.2.2.9 allows DLL Hijacking that leads to compromise of the SYSTEM account.

6.9
2020-12-11 CVE-2020-5948 F5 Cross-site Scripting vulnerability in F5 products

On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.

6.8
2020-12-11 CVE-2020-29254 Tiki Cross-Site Request Forgery (CSRF) vulnerability in Tiki Tikiwiki Cms/Groupware 21.2

TikiWiki 21.2 allows templates to be edited without CSRF protection.

6.8
2020-12-11 CVE-2020-7789 Node Notifier Project OS Command Injection vulnerability in Node-Notifier Project Node-Notifier

This affects the package node-notifier before 9.0.0.

6.8
2020-12-11 CVE-2020-35135 Infolific Cross-Site Request Forgery (CSRF) vulnerability in Infolific Ultimate Category Excluder

The ultimate-category-excluder plugin before 1.2 for WordPress allows ultimate-category-excluder.php CSRF.

6.8
2020-12-11 CVE-2020-27828 Jasper Project
Fedoraproject
Improper Input Validation vulnerability in multiple products

There's a flaw in jasper's jpc encoder in versions prior to 2.0.23.

6.8
2020-12-11 CVE-2020-13520 Pixar
Apple
Out-of-bounds Write vulnerability in multiple products

An out of bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 reconstructs paths from binary USD files.

6.8
2020-12-11 CVE-2020-7560 SE
Schneider Electric
Write-what-where Condition vulnerability in multiple products

A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert (all versions) and Unity Pro (former name of EcoStruxure™ Control Expert) (all versions), that could cause a crash of the software or unexpected code execution when opening a malicious file in EcoStruxure™ Control Expert software.

6.8
2020-12-10 CVE-2020-17159 Microsoft Code Injection vulnerability in Microsoft Visual Studio Code

Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability

6.8
2020-12-10 CVE-2020-17156 Microsoft Code Injection vulnerability in Microsoft Visual Studio 2017

Visual Studio Remote Code Execution Vulnerability

6.8
2020-12-10 CVE-2020-17150 Microsoft Code Injection vulnerability in Microsoft Visual Studio Code

Visual Studio Code Remote Code Execution Vulnerability

6.8
2020-12-10 CVE-2020-17148 Microsoft Code Injection vulnerability in Microsoft Visual Studio Code

Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability

6.8
2020-12-09 CVE-2020-16600 Artifex Use After Free vulnerability in Artifex Mupdf

A Use After Free vulnerability exists in Artifex Software, Inc.

6.8
2020-12-09 CVE-2020-25199 WE CON Out-of-bounds Write vulnerability in We-Con Levistudiou

A heap-based buffer overflow vulnerability exists within the WECON LeviStudioU Release Build 2019-09-21 and prior when processing project files.

6.8
2020-12-09 CVE-2020-17529 Apache Out-of-bounds Write vulnerability in Apache Nuttx

Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying and invalid fragmentation offset value specified in the IP header.

6.8
2020-12-09 CVE-2020-26959 Mozilla Use After Free vulnerability in Mozilla Firefox

During browser shutdown, reference decrementing could have occured on a previously freed object, resulting in a use-after-free, memory corruption, and a potentially exploitable crash.

6.8
2020-12-08 CVE-2020-27918 Apple
Fedoraproject
Debian
Use After Free vulnerability in multiple products

A use after free issue was addressed with improved memory management.

6.8
2020-12-08 CVE-2020-27930 Apple Out-of-bounds Write vulnerability in Apple products

A memory corruption issue was addressed with improved input validation.

6.8
2020-12-08 CVE-2020-27927 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write issue was addressed with improved bounds checking.

6.8
2020-12-08 CVE-2020-10017 Apple Out-of-bounds Write vulnerability in Apple products

An out-of-bounds write was addressed with improved input validation.

6.8
2020-12-08 CVE-2020-9999 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

A memory corruption issue was addressed with improved state management.

6.8
2020-12-08 CVE-2020-9996 Apple Use After Free vulnerability in Apple Ipad OS and Iphone OS

A use after free issue was addressed with improved memory management.

6.8
2020-12-08 CVE-2020-9972 Apple Classic Buffer Overflow vulnerability in Apple products

A buffer overflow issue was addressed with improved memory handling.

6.8
2020-12-08 CVE-2020-9966 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved input validation.

6.8
2020-12-08 CVE-2020-9954 Apple Classic Buffer Overflow vulnerability in Apple products

A buffer overflow issue was addressed with improved memory handling.

6.8
2020-12-08 CVE-2020-9950 Apple Use After Free vulnerability in Apple products

A use after free issue was addressed with improved memory management.

6.8
2020-12-08 CVE-2020-9947 Apple Use After Free vulnerability in Apple products

A use after free issue was addressed with improved memory management.

6.8
2020-12-08 CVE-2020-10011 Apple Out-of-bounds Read vulnerability in Apple Ipados and Iphone OS

An out-of-bounds read was addressed with improved bounds checking.

6.8
2020-12-08 CVE-2020-10004 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved state management.

6.8
2020-12-07 CVE-2020-29599 Imagemagick
Debian
XML Injection (aka Blind XPath Injection) vulnerability in multiple products

ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files.

6.8
2020-12-07 CVE-2020-9247 Huawei Classic Buffer Overflow vulnerability in Huawei products

There is a buffer overflow vulnerability in several Huawei products.

6.8
2020-12-11 CVE-2020-9301 Linuxfoundation Deserialization of Untrusted Data vulnerability in Linuxfoundation Spinnaker

Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all versions prior to version 1.23.4, 1.22.4 or 1.21.5.

6.5
2020-12-10 CVE-2020-25967 Fastadmin Code Injection vulnerability in Fastadmin 1.0.0.20200506

The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability.

6.5
2020-12-10 CVE-2020-13526 Processmaker SQL Injection vulnerability in Processmaker 3.4.11

SQL injection vulnerability exists in the handling of sort parameters in ProcessMaker 3.4.11.

6.5
2020-12-10 CVE-2020-17158 Microsoft Code Injection vulnerability in Microsoft Dynamics 365

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17152.

6.5
2020-12-10 CVE-2020-17152 Microsoft Code Injection vulnerability in Microsoft Dynamics 365

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17158.

6.5
2020-12-10 CVE-2020-17143 Microsoft Information Exposure vulnerability in Microsoft Exchange Server 2013/2016/2019

Microsoft Exchange Information Disclosure Vulnerability

6.5
2020-12-10 CVE-2020-17142 Microsoft Code Injection vulnerability in Microsoft Exchange Server 2013/2016/2019

Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17144.

6.5
2020-12-10 CVE-2020-17132 Microsoft Code Injection vulnerability in Microsoft Exchange Server 2013/2016/2019

Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17117, CVE-2020-17141, CVE-2020-17142, CVE-2020-17144.

6.5
2020-12-10 CVE-2020-17121 Microsoft Unspecified vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Microsoft SharePoint Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17118.

6.5
2020-12-09 CVE-2020-26837 SAP Path Traversal vulnerability in SAP Solution Manager 7.20

SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, allows an authenticated user to upload a malicious script that can exploit an existing path traversal vulnerability to compromise confidentiality exposing elements of the file system, partially compromise integrity allowing the modification of some configurations and partially compromise availability by making certain services unavailable.

6.5
2020-12-09 CVE-2020-23520 Txjia Unrestricted Upload of File with Dangerous Type vulnerability in Txjia Imcat 5.2

imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality.

6.5
2020-12-08 CVE-2020-26255 Getkirby Unrestricted Upload of File with Dangerous Type vulnerability in Getkirby Kirby

Kirby is a CMS.

6.5
2020-12-08 CVE-2020-25629 Moodle Improper Access Control vulnerability in Moodle

A vulnerability was found in Moodle where users with "Log in as" capability in a course context (typically, course managers) may gain access to some site administration capabilities by "logging in as" a System manager.

6.5
2020-12-07 CVE-2020-26122 Inspur Improper Verification of Cryptographic Signature vulnerability in Inspur products

Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via administrator privileges.

6.5
2020-12-11 CVE-2020-24383 Fnet Project Out-of-bounds Read vulnerability in Fnet Project Fnet

An issue was discovered in FNET through 4.6.4.

6.4
2020-12-11 CVE-2020-24341 Altran Out-of-bounds Read vulnerability in Altran Picotcp and Picotcp-Ng

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0.

6.4
2020-12-11 CVE-2020-24334 UIP Project Out-of-bounds Read vulnerability in UIP Project UIP

The code that processes DNS responses in uIP through 1.0, as used in Contiki and Contiki-NG, does not check whether the number of responses specified in the DNS packet header corresponds to the response data available in the DNS packet, leading to an out-of-bounds read and Denial-of-Service in resolv.c.

6.4
2020-12-11 CVE-2020-17467 Fnet Project Out-of-bounds Read vulnerability in Fnet Project Fnet

An issue was discovered in FNET through 4.6.4.

6.4
2020-12-11 CVE-2020-17441 Altran
Microchip
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in picoTCP 1.7.0.

6.4
2020-12-11 CVE-2020-17437 UIP Project Out-of-bounds Write vulnerability in UIP Project UIP 1.0

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products.

6.4
2020-12-10 CVE-2020-16971 Microsoft Unspecified vulnerability in Microsoft Azure SDK for Java

Azure SDK for Java Security Feature Bypass Vulnerability

6.4
2020-12-09 CVE-2020-17528 Apache Out-of-bounds Write vulnerability in Apache Nuttx

Out-of-bounds Write vulnerability in TCP stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying arbitrary urgent data pointer offsets within TCP packets including beyond the length of the packet.

6.4
2020-12-09 CVE-2020-29657 Jerryscript Out-of-bounds Read vulnerability in Jerryscript 2.3.0

In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the main-utils.c file.

6.4
2020-12-10 CVE-2020-17144 Microsoft Code Injection vulnerability in Microsoft Exchange Server 2010

Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142.

6.0
2020-12-10 CVE-2020-17141 Microsoft Code Injection vulnerability in Microsoft Exchange Server 2016/2019

Microsoft Exchange Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17117, CVE-2020-17132, CVE-2020-17142, CVE-2020-17144.

6.0
2020-12-10 CVE-2020-17130 Microsoft Unspecified vulnerability in Microsoft 365 Apps and Excel

Microsoft Excel Security Feature Bypass Vulnerability

6.0
2020-12-10 CVE-2020-17115 Microsoft Improper Input Validation vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Microsoft SharePoint Spoofing Vulnerability

6.0
2020-12-10 CVE-2020-17089 Microsoft Improper Privilege Management vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Microsoft SharePoint Elevation of Privilege Vulnerability

6.0
2020-12-10 CVE-2020-7339 Mcafee Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mcafee Database Security 4.6.6

Use of a Broken or Risky Cryptographic Algorithm vulnerability in McAfee Database Security Server and Sensor prior to 4.8.0 in the form of a SHA1 signed certificate that would allow an attacker on the same local network to potentially intercept communication between the Server and Sensors.

5.8
2020-12-10 CVE-2020-17153 Microsoft Improper Input Validation vulnerability in Microsoft Edge

Microsoft Edge for Android Spoofing Vulnerability

5.8
2020-12-09 CVE-2020-26836 SAP Open Redirect vulnerability in SAP Solution Manager 7.20

SAP Solution Manager (Trace Analysis), version - 720, allows for misuse of a parameter in the application URL leading to Open Redirect vulnerability, an attacker can enter a link to malicious site which could trick the user to enter credentials or download malicious software, as a parameter in the application URL and share it with the end user who could potentially become a victim of the attack.

5.8
2020-12-08 CVE-2020-27752 Imagemagick Heap-based Buffer Overflow vulnerability in Imagemagick

A flaw was found in ImageMagick in MagickCore/quantum-private.h.

5.8
2020-12-08 CVE-2020-25664 Imagemagick Heap-based Buffer Overflow vulnerability in Imagemagick

In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-private.h is called.

5.8
2020-12-09 CVE-2020-26834 SAP Improper Authentication vulnerability in SAP Hana Database 2.00

SAP HANA Database, version - 2.0, does not correctly validate the username when performing SAML bearer token-based user authentication.

5.5
2020-12-09 CVE-2020-26831 SAP Unspecified vulnerability in SAP Businessobjects Business Intelligence Platform 4.1/4.2/4.3

SAP BusinessObjects BI Platform (Crystal Report), versions - 4.1, 4.2, 4.3, does not sufficiently validate uploaded XML entities during crystal report generation due to missing XML validation, An attacker with basic privileges can inject some arbitrary XML entities leading to internal file disclosure, internal directories disclosure, Server-Side Request Forgery (SSRF) and denial-of-service (DoS).

5.5
2020-12-09 CVE-2020-26830 SAP Missing Authorization vulnerability in SAP Solution Manager 7.20

SAP Solution Manager 7.2 (User Experience Monitoring), version - 7.2, does not perform necessary authorization checks for an authenticated user.

5.5
2020-12-09 CVE-2020-26828 SAP Unrestricted Upload of File with Dangerous Type vulnerability in SAP Disclosure Management 10.1

SAP Disclosure Management, version - 10.1, provides capabilities for authorized users to upload and download content of specific file type.

5.5
2020-12-09 CVE-2020-26260 Bookstackapp Injection vulnerability in Bookstackapp Bookstack

BookStack is a platform for storing and organising information and documentation.

5.5
2020-12-11 CVE-2020-27825 Linux
Redhat
Debian
Use After Free vulnerability in multiple products

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1).

5.4
2020-12-11 CVE-2020-28220 SE Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in SE Modicon M258 Firmware, Somachine and Somachine Motion

A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion software (All versions), that could cause a buffer overflow when the length of a file transferred to the webserver is not verified.

5.2
2020-12-10 CVE-2020-17131 Microsoft Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge

Chakra Scripting Engine Memory Corruption Vulnerability

5.1
2020-12-12 CVE-2020-35176 Awstats
Debian
Path Traversal vulnerability in multiple products

In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to only read a file in the /etc/awstats/awstats.conf format.

5.0
2020-12-11 CVE-2020-35175 Frappe Improper Input Validation vulnerability in Frappe

Frappe Framework 12 and 13 does not properly validate the HTTP method for the frappe.client API.

5.0
2020-12-11 CVE-2020-24340 Altran Out-of-bounds Read vulnerability in Altran Picotcp and Picotcp-Ng

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0.

5.0
2020-12-11 CVE-2020-24339 Altran Out-of-bounds Read vulnerability in Altran Picotcp and Picotcp-Ng

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0.

5.0
2020-12-11 CVE-2020-24337 Altran Infinite Loop vulnerability in Altran Picotcp and Picotcp-Ng

An issue was discovered in picoTCP and picoTCP-NG through 1.7.0.

5.0
2020-12-11 CVE-2020-17470 Fnet Project Improper Input Validation vulnerability in Fnet Project Fnet

An issue was discovered in FNET through 4.6.4.

5.0
2020-12-11 CVE-2020-17469 Fnet Project Out-of-bounds Read vulnerability in Fnet Project Fnet

An issue was discovered in FNET through 4.6.4.

5.0
2020-12-11 CVE-2020-17468 Fnet Project Out-of-bounds Read vulnerability in Fnet Project Fnet

An issue was discovered in FNET through 4.6.4.

5.0
2020-12-11 CVE-2020-17445 Altran Out-of-bounds Read vulnerability in Altran Picotcp

An issue was discovered in picoTCP 1.7.0.

5.0
2020-12-11 CVE-2020-17444 Altran Integer Overflow or Wraparound vulnerability in Altran Picotcp

An issue was discovered in picoTCP 1.7.0.

5.0
2020-12-11 CVE-2020-17443 Altran Integer Overflow or Wraparound vulnerability in Altran Picotcp

An issue was discovered in picoTCP 1.7.0.

5.0
2020-12-11 CVE-2020-17442 Altran Integer Overflow or Wraparound vulnerability in Altran Picotcp

An issue was discovered in picoTCP 1.7.0.

5.0
2020-12-11 CVE-2020-17440 UIP Project Unspecified vulnerability in UIP Project UIP 1.0

An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products.

5.0
2020-12-11 CVE-2020-13988 Contiki NG Integer Overflow or Wraparound vulnerability in Contiki-Ng

An issue was discovered in Contiki through 3.0.

5.0
2020-12-11 CVE-2020-13987 Contiki OS Out-of-bounds Read vulnerability in Contiki-Os Contiki

An issue was discovered in Contiki through 3.0.

5.0
2020-12-11 CVE-2020-13986 Contiki OS Infinite Loop vulnerability in Contiki-Os Contiki

An issue was discovered in Contiki through 3.0.

5.0
2020-12-11 CVE-2020-13985 Contiki OS Integer Overflow or Wraparound vulnerability in Contiki-Os Contiki

An issue was discovered in Contiki through 3.0.

5.0
2020-12-11 CVE-2020-13984 Contiki OS Infinite Loop vulnerability in Contiki-Os Contiki

An issue was discovered in Contiki through 3.0.

5.0
2020-12-11 CVE-2020-5950 F5 Resource Exhaustion vulnerability in F5 Big-Ip Advanced Firewall Manager

On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role.

5.0
2020-12-11 CVE-2020-5949 F5 Unspecified vulnerability in F5 products

On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break.

5.0
2020-12-11 CVE-2020-35149 Mquery Project Unspecified vulnerability in Mquery Project Mquery

lib/utils.js in mquery before 3.2.3 allows a pollution attack because a special property (e.g., __proto__) can be copied during a merge or clone operation.

5.0
2020-12-11 CVE-2020-27713 F5 Memory Leak vulnerability in F5 Big-Ip Advanced Firewall Manager 13.1.3.4

In certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the connection is reset and the Traffic Management Microkernel (TMM) leaks memory.

5.0
2020-12-11 CVE-2020-26421 Wireshark
Fedoraproject
Debian
Out-of-bounds Read vulnerability in multiple products

Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

5.0
2020-12-11 CVE-2020-26420 Wireshark
Fedoraproject
Memory Leak vulnerability in multiple products

Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

5.0
2020-12-11 CVE-2020-26419 Wireshark
Fedoraproject
Memory Leak vulnerability in multiple products

Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.

5.0
2020-12-11 CVE-2020-26418 Wireshark
Fedoraproject
Debian
Memory Leak vulnerability in multiple products

Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.

5.0
2020-12-11 CVE-2020-7791 I18N Project Unspecified vulnerability in I18N Project I18N 2.1.1.0

This affects the package i18n before 2.1.15.

5.0
2020-12-11 CVE-2020-27508 Frappe Unspecified vulnerability in Frappe

In two-factor authentication, the system also sending 2fa secret key in response, which enables an intruder to breach the 2fa security.

5.0
2020-12-11 CVE-2020-7793 UA Parser JS Project Resource Exhaustion vulnerability in Ua-Parser-Js Project Ua-Parser-Js

The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info).

5.0
2020-12-11 CVE-2020-7790 Spatie Path Traversal vulnerability in Spatie Browsershot

This affects the package spatie/browsershot from 0.0.0.

5.0
2020-12-11 CVE-2020-26417 Gitlab Information Exposure vulnerability in Gitlab

Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership.

5.0
2020-12-11 CVE-2020-26413 Gitlab Information Exposure vulnerability in Gitlab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2.

5.0
2020-12-11 CVE-2020-26408 Gitlab Information Exposure vulnerability in Gitlab

A limited information disclosure vulnerability exists in Gitlab CE/EE from >= 12.2 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2 that allows an attacker to view limited information in user's private profile

5.0
2020-12-11 CVE-2020-13530 Opener Project Resource Exhaustion vulnerability in Opener Project Opener 2.3

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3.

5.0
2020-12-11 CVE-2020-7549 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause denial of HTTP and FTP services when a series of specially crafted requests is sent to the controller over HTTP.

5.0
2020-12-11 CVE-2020-7543 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.

5.0
2020-12-11 CVE-2020-7542 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.

5.0
2020-12-11 CVE-2020-7541 Schneider Electric Forced Browsing vulnerability in Schneider-Electric products

A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of sensitive data when sending a specially crafted request to the controller over HTTP.

5.0
2020-12-11 CVE-2020-7539 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause a denial of service vulnerability when a specially crafted packet is sent to the controller over HTTP.

5.0
2020-12-11 CVE-2020-7537 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller.

5.0
2020-12-11 CVE-2020-7535 Schneider Electric Path Traversal vulnerability in Schneider-Electric products

A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal' Vulnerability Type) vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause disclosure of information when sending a specially crafted request to the controller over HTTP.

5.0
2020-12-11 CVE-2020-28217 Schneider Electric Missing Encryption of Sensitive Data vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.

5.0
2020-12-11 CVE-2020-28216 Schneider Electric Missing Encryption of Sensitive Data vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7

A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.

5.0
2020-12-10 CVE-2020-26269 Google Out-of-bounds Read vulnerability in Google Tensorflow 2.4.0

In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of the array holding the directories.

5.0
2020-12-10 CVE-2020-29666 Lanatmservice Unspecified vulnerability in Lanatmservice M3 ATM Monitoring System 6.1.0

In Lan ATMService M3 ATM Monitoring System 6.1.0, due to a directory-listing vulnerability, a remote attacker can view log files, located in /websocket/logs/, that contain a user's cookie values and the predefined developer's cookie value.

5.0
2020-12-10 CVE-2020-24444 Adobe Server-Side Request Forgery (SSRF) vulnerability in Adobe Experience Manager Forms Add-On 6.4.8.2/6.5.6.0

AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 (6.4.8.2) have a blind Server-Side Request Forgery (SSRF) vulnerability.

5.0
2020-12-10 CVE-2020-12516 Wago Unspecified vulnerability in Wago products

Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack.

5.0
2020-12-10 CVE-2020-17119 Microsoft Unspecified vulnerability in Microsoft 365 Apps, Office and Outlook

Microsoft Outlook Information Disclosure Vulnerability

5.0
2020-12-09 CVE-2020-28086 Zx2C4 Improper Authentication vulnerability in Zx2C4 Password-Store

pass through 1.7.3 has a possibility of using a password for an unintended resource.

5.0
2020-12-09 CVE-2020-7787 React Adal Project Improper Authentication vulnerability in React-Adal Project React-Adal

This affects all versions of package react-adal.

5.0
2020-12-09 CVE-2020-29656 Asus Information Exposure vulnerability in Asus Rt-Ac88U Firmware

An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108.

5.0
2020-12-09 CVE-2020-29655 Asus Injection vulnerability in Asus Rt-Ac88U Firmware

An injection vulnerability exists in RT-AC88U Download Master before 3.1.0.108.

5.0
2020-12-09 CVE-2020-29651 Pytest Unspecified vulnerability in Pytest PY

A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality.

5.0
2020-12-08 CVE-2020-9991 Apple Unspecified vulnerability in Apple products

This issue was addressed with improved checks.

5.0
2020-12-08 CVE-2020-28946 Plummac Insufficiently Protected Credentials vulnerability in Plummac Ik-401 Firmware

An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker (with network access to the device) to obtain the configuration file, including hashed credential data.

5.0
2020-12-08 CVE-2020-14207 Divebook Project SQL Injection vulnerability in Divebook Project Divebook 1.1.4

The DiveBook plugin 1.1.4 for WordPress was prone to a SQL injection within divelog.php, allowing unauthenticated users to retrieve data from the database via the divelog.php filter_diver parameter.

5.0
2020-12-08 CVE-2020-14205 Divebook Project Missing Authorization vulnerability in Divebook Project Divebook 1.1.4

The DiveBook plugin 1.1.4 for WordPress is prone to improper access control in the Log Dive form because it fails to perform authorization checks.

5.0
2020-12-08 CVE-2020-26254 Omniauth Apple Project Authentication Bypass by Spoofing vulnerability in Omniauth-Apple Project Omniauth-Apple

omniauth-apple is the OmniAuth strategy for "Sign In with Apple" (RubyGem omniauth-apple).

5.0
2020-12-08 CVE-2020-29540 Systransoft Resource Exhaustion vulnerability in Systransoft Pure Neural Server

API calls in the Translation API feature in Systran Pure Neural Server before 9.7.0 allow a threat actor to use the Systran Pure Neural Server as a Denial-of-Service proxy by sending a large amount of translation requests to a destination host on any given TCP port regardless of whether a web service is running on the destination port.

5.0
2020-12-08 CVE-2020-25692 Openldap
Redhat
NULL Pointer Dereference vulnerability in multiple products

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs.

5.0
2020-12-08 CVE-2020-25630 Moodle Resource Exhaustion vulnerability in Moodle

A vulnerability was found in Moodle where the decompressed size of zip files was not checked against available user quota before unzipping them, which could lead to a denial of service risk.

5.0
2020-12-10 CVE-2020-17145 Microsoft Improper Input Validation vulnerability in Microsoft Azure Devops Server and Team Foundation Server

Azure DevOps Server and Team Foundation Services Spoofing Vulnerability

4.9
2020-12-10 CVE-2020-17135 Microsoft Improper Input Validation vulnerability in Microsoft Azure Devops Server 2019/2019.0.1

Azure DevOps Server Spoofing Vulnerability

4.9
2020-12-11 CVE-2020-15375 Broadcom Improper Input Validation vulnerability in Broadcom Fabric Operating System

Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked.

4.6
2020-12-10 CVE-2020-26266 Google Use of Uninitialized Resource vulnerability in Google Tensorflow

In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution.

4.6
2020-12-10 CVE-2020-27350 Debian Integer Overflow or Wraparound vulnerability in Debian Advanced Package Tool

APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc.

4.6
2020-12-10 CVE-2020-17139 Microsoft Unspecified vulnerability in Microsoft products

Windows Overlay Filter Security Feature Bypass Vulnerability

4.6
2020-12-10 CVE-2020-17137 Microsoft Improper Privilege Management vulnerability in Microsoft Windows 10 and Windows Server 2016

DirectX Graphics Kernel Elevation of Privilege Vulnerability

4.6
2020-12-10 CVE-2020-17136 Microsoft Improper Privilege Management vulnerability in Microsoft products

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17103, CVE-2020-17134.

4.6
2020-12-10 CVE-2020-17134 Microsoft Improper Privilege Management vulnerability in Microsoft products

Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17103, CVE-2020-17136.

4.6
2020-12-10 CVE-2020-17099 Microsoft Unspecified vulnerability in Microsoft products

Windows Lock Screen Security Feature Bypass Vulnerability

4.6
2020-12-10 CVE-2020-17097 Microsoft Improper Privilege Management vulnerability in Microsoft products

Windows Digital Media Receiver Elevation of Privilege Vulnerability

4.6
2020-12-09 CVE-2020-7337 Mcafee Incorrect Permission Assignment for Critical Resource vulnerability in Mcafee Virusscan Enterprise

Incorrect Permission Assignment for Critical Resource vulnerability in McAfee VirusScan Enterprise (VSE) prior to 8.8 Patch 16 allows local administrators to bypass local security protection through VSE not correctly integrating with Windows Defender Application Control via careful manipulation of the Code Integrity checks.

4.6
2020-12-08 CVE-2020-10010 Apple Path Traversal vulnerability in Apple products

A path handling issue was addressed with improved validation.

4.6
2020-12-08 CVE-2020-10003 Apple Link Following vulnerability in Apple products

An issue existed within the path validation logic for symlinks.

4.6
2020-12-12 CVE-2020-35200 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0

Ignite Realtime Openfire 4.6.0 has plugins/clientcontrol/spark-form.jsp Reflective XSS.

4.3
2020-12-11 CVE-2020-29455 Smartystreets Cross-site Scripting vulnerability in Smartystreets Liveaddressplugin.Js 3.2

A cross-Site Scripting (XSS) vulnerability in this.showInvalid and this.showInvalidCountry in SmartyStreets liveAddressPlugin.js 3.2 allows remote attackers to inject arbitrary web script or HTML via any address parameter (e.g., street or country).

4.3
2020-12-11 CVE-2020-15023 Askey Use of Insufficiently Random Values vulnerability in Askey Ap5100W Firmware

Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute-force cracking.

4.3
2020-12-11 CVE-2020-17515 Apache Cross-site Scripting vulnerability in Apache Airflow

The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit.

4.3
2020-12-11 CVE-2020-28218 Schneider Electric Improper Restriction of Rendered UI Layers or Frames vulnerability in Schneider-Electric Easergy T300 Firmware 1.5.2/2.7

A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to trick a user into initiating an unintended action.

4.3
2020-12-10 CVE-2020-26267 Google Out-of-bounds Read vulnerability in Google Tensorflow

In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes.

4.3
2020-12-10 CVE-2020-29668 Sympa Improper Authentication vulnerability in Sympa

Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API access by sending any arbitrary string (except one from an expired cookie) as the cookie value to authenticateAndRun.

4.3
2020-12-10 CVE-2020-2498 Qnap Cross-site Scripting vulnerability in Qnap QTS and Quts Hero

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in certificate configuration.

4.3
2020-12-10 CVE-2020-2497 Qnap Cross-site Scripting vulnerability in Qnap QTS and Quts Hero

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in System Connection Logs.

4.3
2020-12-10 CVE-2020-2496 Qnap Cross-site Scripting vulnerability in Qnap QTS and Quts Hero

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station.

4.3
2020-12-10 CVE-2020-2495 Qnap Cross-site Scripting vulnerability in Qnap QTS and Quts Hero

If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station.

4.3
2020-12-10 CVE-2020-2494 Qnap Cross-site Scripting vulnerability in Qnap Music Station

This cross-site scripting vulnerability in Music Station allows remote attackers to inject malicious code.

4.3
2020-12-10 CVE-2020-2493 Qnap Cross-site Scripting vulnerability in Qnap Multimedia Console

This cross-site scripting vulnerability in Multimedia Console allows remote attackers to inject malicious code.

4.3
2020-12-10 CVE-2020-2491 Qnap Cross-site Scripting vulnerability in Qnap Photo Station

This cross-site scripting vulnerability in Photo Station allows remote attackers to inject malicious code.

4.3
2020-12-09 CVE-2020-29259 Online Examination System Project Cross-site Scripting vulnerability in Online Examination System Project Online Examination System 1.0

Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the subject or feedback parameter to feedback.php.

4.3
2020-12-09 CVE-2020-29258 Online Examination System Project Cross-site Scripting vulnerability in Online Examination System Project Online Examination System 1.0

Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the w parameter to index.php.

4.3
2020-12-09 CVE-2020-29257 Online Examination System Project Cross-site Scripting vulnerability in Online Examination System Project Online Examination System 1.0

Cross-site scripting (XSS) vulnerability in Online Examination System 1.0 via the q parameter to feedback.php.

4.3
2020-12-09 CVE-2020-16599 GNU NULL Pointer Dereference vulnerability in GNU Binutils 2.34

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in _bfd_elf_get_symbol_version_string, as demonstrated in nm-new, that can cause a denial of service via a crafted file.

4.3
2020-12-09 CVE-2020-16598 GNU NULL Pointer Dereference vulnerability in GNU Binutils 2.34

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.34, in debug_get_real_type, as demonstrated in objdump, that can cause a denial of service via a crafted file.

4.3
2020-12-09 CVE-2020-16593 GNU NULL Pointer Dereference vulnerability in GNU Binutils 2.34

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file.

4.3
2020-12-09 CVE-2020-16592 GNU Use After Free vulnerability in GNU Binutils 2.34

A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file.

4.3
2020-12-09 CVE-2020-16591 GNU Out-of-bounds Read vulnerability in GNU Binutils 2.34

A Denial of Service vulnerability exists in the Binary File Descriptor (BFD) in GNU Binutils 2.35 due to an invalid read in process_symbol_table, as demonstrated in readeif.

4.3
2020-12-09 CVE-2020-16590 GNU Double Free vulnerability in GNU Binutils 2.34

A double free vulnerability exists in the Binary File Descriptor (BFD) (aka libbrd) in GNU Binutils 2.35 in the process_symbol_table, as demonstrated in readelf, via a crafted file.

4.3
2020-12-09 CVE-2020-16589 Aswf Out-of-bounds Write vulnerability in Aswf Openexr 2.3.0

A head-based buffer overflow exists in Academy Software Foundation OpenEXR 2.3.0 in writeTileData in ImfTiledOutputFile.cpp that can cause a denial of service via a crafted EXR file.

4.3
2020-12-09 CVE-2020-16588 Aswf NULL Pointer Dereference vulnerability in Aswf Openexr 2.3.0

A Null Pointer Deference issue exists in Academy Software Foundation OpenEXR 2.3.0 in generatePreview in makePreview.cpp that can cause a denial of service via a crafted EXR file.

4.3
2020-12-09 CVE-2020-16587 Openexr Out-of-bounds Write vulnerability in Openexr 2.3.0

A heap-based buffer overflow vulnerability exists in Academy Software Foundation OpenEXR 2.3.0 in chunkOffsetReconstruction in ImfMultiPartInputFile.cpp that can cause a denial of service via a crafted EXR file.

4.3
2020-12-09 CVE-2020-26835 SAP Cross-site Scripting vulnerability in SAP Netweaver AS Abap

SAP NetWeaver AS ABAP, versions - 740, 750, 751, 752, 753, 754 , does not sufficiently encode URL which allows an attacker to input malicious java script in the URL which could be executed in the browser resulting in Reflected Cross-Site Scripting (XSS) vulnerability.

4.3
2020-12-09 CVE-2020-26967 Mozilla Unspecified vulnerability in Mozilla Firefox

When listening for page changes with a Mutation Observer, a malicious web page could confuse Firefox Screenshots into interacting with elements other than those that it injected into the page.

4.3
2020-12-09 CVE-2020-26966 Mozilla Unspecified vulnerability in Mozilla Firefox

Searching for a single word from the address bar caused an mDNS request to be sent on the local network searching for a hostname consisting of that string; resulting in an information leak.

4.3
2020-12-09 CVE-2020-26965 Mozilla Improper Cross-boundary Removal of Sensitive Data vulnerability in Mozilla Firefox

Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password.

4.3
2020-12-09 CVE-2020-26963 Mozilla Unspecified vulnerability in Mozilla Firefox

Repeated calls to the history and location interfaces could have been used to hang the browser.

4.3
2020-12-09 CVE-2020-26962 Mozilla Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox

Cross-origin iframes that contained a login form could have been recognized by the login autofill service, and populated.

4.3
2020-12-09 CVE-2020-26961 Mozilla Unspecified vulnerability in Mozilla Firefox

When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver.

4.3
2020-12-09 CVE-2020-26958 Mozilla Cross-site Scripting vulnerability in Mozilla Firefox

Firefox did not block execution of scripts with incorrect MIME types when the response was intercepted and cached through a ServiceWorker.

4.3
2020-12-09 CVE-2020-26957 Mozilla Improper Initialization vulnerability in Mozilla Firefox 80.0

OneCRL was non-functional in the new Firefox for Android due to a missing service initialization.

4.3
2020-12-09 CVE-2020-26956 Mozilla Cross-site Scripting vulnerability in Mozilla Firefox

In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS.

4.3
2020-12-09 CVE-2020-26955 Mozilla Reliance on Cookies without Validation and Integrity Checking vulnerability in Mozilla Firefox 80.0

When a user downloaded a file in Firefox for Android, if a cookie is set, it would have been re-sent during a subsequent file download operation on the same domain, regardless of whether the original and subsequent request were in private and non-private browsing modes.

4.3
2020-12-09 CVE-2020-26954 Mozilla Unspecified vulnerability in Mozilla Firefox 80.0

When accepting a malicious intent from other installed apps, Firefox for Android accepted manifests from arbitrary file paths and allowed declaring webapp manifests for other origins.

4.3
2020-12-09 CVE-2020-26953 Mozilla Improper Restriction of Rendered UI Layers or Frames vulnerability in Mozilla Firefox

It was possible to cause the browser to enter fullscreen mode without displaying the security UI; thus making it possible to attempt a phishing attack or otherwise confuse the user.

4.3
2020-12-09 CVE-2020-26951 Mozilla Cross-site Scripting vulnerability in Mozilla Firefox

A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization.

4.3
2020-12-09 CVE-2020-25627 Moodle Cross-site Scripting vulnerability in Moodle 3.9.0/3.9.1/3.9.2

The moodlenetprofile user profile field required extra sanitizing to prevent a stored XSS risk.

4.3
2020-12-08 CVE-2020-27896 Apple Path Traversal vulnerability in Apple mac OS X

A path handling issue was addressed with improved validation.

4.3
2020-12-08 CVE-2020-27758 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

A flaw was found in ImageMagick in coders/txt.c.

4.3
2020-12-08 CVE-2020-27757 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could lead to undefined behavior in the form of a value outside the range of type unsigned long long.

4.3
2020-12-08 CVE-2020-27756 Imagemagick Integer Overflow or Wraparound vulnerability in Imagemagick

In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can lead to divide-by-zero conditions which also lead to undefined behavior.

4.3
2020-12-08 CVE-2020-27755 Imagemagick Memory Leak vulnerability in Imagemagick

in SetImageExtent() of /MagickCore/image.c, an incorrect image depth size can cause a memory leak because the code which checks for the proper image depth size does not reset the size in the event there is an invalid size.

4.3
2020-12-08 CVE-2020-27754 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which could return overflowed values to the caller when ImageMagick processes a crafted input file.

4.3
2020-12-08 CVE-2020-27753 Imagemagick Memory Leak vulnerability in Imagemagick

There are several memory leaks in the MIFF coder in /coders/miff.c due to improper image depth values, which can be triggered by a specially crafted input file.

4.3
2020-12-08 CVE-2020-27751 Imagemagick Integer Overflow or Wraparound vulnerability in Imagemagick

A flaw was found in ImageMagick in MagickCore/quantum-export.c.

4.3
2020-12-08 CVE-2020-27750 Imagemagick
Debian
Divide By Zero vulnerability in multiple products

A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h.

4.3
2020-12-08 CVE-2020-25676 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all functions in /MagickCore/pixel.c, there were multiple unconstrained pixel offset calculations which were being used with the floor() function.

4.3
2020-12-08 CVE-2020-25675 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations performed on unconstrained pixel offsets was causing undefined behavior in the form of integer overflow and out-of-range values as reported by UndefinedBehaviorSanitizer.

4.3
2020-12-08 CVE-2020-25674 Imagemagick
Debian
Heap-based Buffer Overflow vulnerability in multiple products

WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop with an improper exit condition that can allow an out-of-bounds READ via heap-buffer-overflow.

4.3
2020-12-08 CVE-2020-27929 Apple Unspecified vulnerability in Apple Iphone OS

A logic issue existed in the handling of Group FaceTime calls.

4.3
2020-12-08 CVE-2020-27900 Apple Information Exposure vulnerability in Apple Macos 10.15.7/11.0

An issue existed in the handling of snapshots.

4.3
2020-12-08 CVE-2020-27898 Apple Unchecked Return Value vulnerability in Apple Macos 11.0

A denial of service issue was addressed with improved state handling.

4.3
2020-12-08 CVE-2020-27895 Apple Information Exposure vulnerability in Apple Itunes

An information disclosure issue existed in the transition of program state.

4.3
2020-12-08 CVE-2020-25667 Imagemagick Heap-based Buffer Overflow vulnerability in Imagemagick

TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a crafted input file is provided to ImageMagick.

4.3
2020-12-08 CVE-2020-25666 Imagemagick
Debian
Integer Overflow or Wraparound vulnerability in multiple products

There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations.

4.3
2020-12-08 CVE-2020-25665 Imagemagick
Debian
Heap-based Buffer Overflow vulnerability in multiple products

The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256.

4.3
2020-12-08 CVE-2020-25663 Imagemagick Use After Free vulnerability in Imagemagick

A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() was called.

4.3
2020-12-08 CVE-2020-9993 Apple Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple products

The issue was addressed with improved UI handling.

4.3
2020-12-08 CVE-2020-9987 Apple Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Safari

An inconsistent user interface issue was addressed with improved state management.

4.3
2020-12-08 CVE-2020-9977 Apple Improper Input Validation vulnerability in Apple Ipad OS and Iphone OS

A validation issue existed in the entitlement verification.

4.3
2020-12-08 CVE-2020-9974 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved state management.

4.3
2020-12-08 CVE-2020-9963 Apple Unspecified vulnerability in Apple Ipados and Iphone OS

The issue was addressed with improved handling of icon caches.

4.3
2020-12-08 CVE-2020-9945 Apple Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Safari

A spoofing issue existed in the handling of URLs.

4.3
2020-12-08 CVE-2020-9944 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved bounds checking.

4.3
2020-12-08 CVE-2020-9943 Apple Out-of-bounds Read vulnerability in Apple products

An out-of-bounds read was addressed with improved bounds checking.

4.3
2020-12-08 CVE-2020-9942 Apple Improper Restriction of Rendered UI Layers or Frames vulnerability in Apple Safari

An inconsistent user interface issue was addressed with improved state management.

4.3
2020-12-08 CVE-2020-9922 Apple Unspecified vulnerability in Apple mac OS X

A logic issue was addressed with improved state management.

4.3
2020-12-08 CVE-2020-9849 Apple Information Exposure vulnerability in Apple products

An information disclosure issue was addressed with improved state management.

4.3
2020-12-08 CVE-2020-27894 Apple Unspecified vulnerability in Apple Macos

The issue was addressed with additional user controls.

4.3
2020-12-08 CVE-2020-14206 Divebook Project Cross-site Scripting vulnerability in Divebook Project Divebook 1.1.4

The DiveBook plugin 1.1.4 for WordPress is prone to unauthenticated XSS within the filter function (via an arbitrary parameter).

4.3
2020-12-08 CVE-2020-10014 Apple Path Traversal vulnerability in Apple Macos 11.0

A parsing issue in the handling of directory paths was addressed with improved path validation.

4.3
2020-12-08 CVE-2020-10012 Apple Cross-site Scripting vulnerability in Apple Macos 11.0

An access issue was addressed with improved access restrictions.

4.3
2020-12-08 CVE-2020-10009 Apple Unspecified vulnerability in Apple mac OS X

A logic issue was addressed with improved state management.

4.3
2020-12-08 CVE-2020-10006 Apple Unspecified vulnerability in Apple mac OS X

This issue was addressed with improved entitlements.

4.3
2020-12-08 CVE-2020-1971 Openssl
Debian
Fedoraproject
Oracle
Netapp
Tenable
NULL Pointer Dereference vulnerability in multiple products

The X.509 GeneralName type is a generic type for representing different types of names.

4.3
2020-12-08 CVE-2020-26253 Getkirby Origin Validation Error vulnerability in Getkirby Kirby

Kirby is a CMS.

4.3
2020-12-08 CVE-2020-27818 Libpng
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

A flaw was found in the check_chunk_name() function of pngcheck-2.4.0.

4.3
2020-12-08 CVE-2020-25631 Moodle Cross-site Scripting vulnerability in Moodle

A vulnerability was found in Moodle 3.9 to 3.9.1, 3.8 to 3.8.4 and 3.7 to 3.7.7 where it was possible to include JavaScript in a book's chapter title, which was not escaped on the "Add new chapter" page.

4.3
2020-12-08 CVE-2020-25628 Moodle Cross-site Scripting vulnerability in Moodle

The filter in the tag manager required extra sanitizing to prevent a reflected XSS risk.

4.3
2020-12-07 CVE-2020-26513 Intland XXE vulnerability in Intland Codebeamer Application Lifecycle Management 10.0.0/10.1.0

An issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4.

4.3
2020-12-07 CVE-2020-28727 Seeddms Cross-site Scripting vulnerability in Seeddms 6.0.13

Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php.

4.3
2020-12-11 CVE-2020-15376 Broadcom Unspecified vulnerability in Broadcom Fabric Operating System

Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric mode contain a weakness in the ldap implementation that could allow a remote ldap user to login in the Brocade Fibre Channel SAN switch with "user" privileges if it is not associated with any groups.

4.0
2020-12-11 CVE-2020-26264 Ethereum Resource Exhaustion vulnerability in Ethereum GO Ethereum

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol.

4.0
2020-12-11 CVE-2020-26411 Gitlab Improper Resource Shutdown or Release vulnerability in Gitlab

A potential DOS vulnerability was discovered in all versions of Gitlab starting from 13.4.x (>=13.4 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2).

4.0
2020-12-11 CVE-2020-26415 Gitlab Information Exposure vulnerability in Gitlab

Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API.

4.0
2020-12-11 CVE-2020-26412 Gitlab Information Exposure vulnerability in Gitlab

Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2.

4.0
2020-12-11 CVE-2020-13357 Gitlab Authorization Bypass Through User-Controlled Key vulnerability in Gitlab

An issue was discovered in Gitlab CE/EE versions >= 13.1 to <13.4.7, >= 13.5 to <13.5.5, and >= 13.6 to <13.6.2 allowed an unauthorized user to access the user list corresponding to a feature flag in a project.

4.0
2020-12-11 CVE-2020-26409 Gitlab Improper Input Validation vulnerability in Gitlab

A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields.

4.0
2020-12-11 CVE-2020-25838 Microfocus Information Exposure vulnerability in Microfocus Filr

Unauthorized disclosure of sensitive information vulnerability in Micro Focus Filr product.

4.0
2020-12-10 CVE-2019-4738 IBM Cleartext Storage of Sensitive Information vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and 6.0.0.0 through 6.0.3.1 discloses sensitive information to an authenticated user from the dashboard UI which could be used in further attacks against the system.

4.0
2020-12-10 CVE-2020-12595 Broadcom Unspecified vulnerability in Broadcom Symantec Messaging Gateway

An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access.

4.0
2020-12-10 CVE-2020-17140 Microsoft Information Exposure vulnerability in Microsoft products

Windows SMB Information Disclosure Vulnerability

4.0
2020-12-10 CVE-2020-17133 Microsoft Information Exposure vulnerability in Microsoft Dynamics NAV 2015

Microsoft Dynamics Business Central/NAV Information Disclosure

4.0
2020-12-10 CVE-2020-17120 Microsoft Unspecified vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

Microsoft SharePoint Information Disclosure Vulnerability

4.0
2020-12-10 CVE-2020-16996 Microsoft Unspecified vulnerability in Microsoft products

Kerberos Security Feature Bypass Vulnerability

4.0
2020-12-09 CVE-2020-26257 Matrix Resource Exhaustion vulnerability in Matrix Synapse

Matrix is an ecosystem for open federated Instant Messaging and VoIP.

4.0
2020-12-09 CVE-2020-26826 SAP Unrestricted Upload of File with Dangerous Type vulnerability in SAP Netweaver Application Server Java 7.31/7.40/7.50

Process Integration Monitoring of SAP NetWeaver AS JAVA, versions - 7.31, 7.40, 7.50, allows an attacker to upload any file (including script files) without proper file format validation, leading to Unrestricted File Upload.

4.0
2020-12-09 CVE-2020-26964 Mozilla Unspecified vulnerability in Mozilla Firefox 80.0

If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content.

4.0
2020-12-07 CVE-2020-13945 Apache Unspecified vulnerability in Apache Apisix

In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules.

4.0

58 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-11 CVE-2020-24447 Adobe Uncontrolled Search Path Element vulnerability in Adobe Lightroom 10.0/9.2.0.10/9.3

Adobe Lightroom Classic version 10.0 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user.

3.7
2020-12-11 CVE-2020-24440 Adobe Uncontrolled Search Path Element vulnerability in Adobe Prelude 9.0/9.0.1

Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user.

3.7
2020-12-10 CVE-2020-26268 Google Unspecified vulnerability in Google Tensorflow

In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable.

3.6
2020-12-08 CVE-2020-26233 Microsoft Use of Incorrectly-Resolved Name or Reference vulnerability in Microsoft GIT Credential Manager Core

Git Credential Manager Core (GCM Core) is a secure Git credential helper built on .NET Core that runs on Windows and macOS.

3.6
2020-12-12 CVE-2020-35202 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0

Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql Stored XSS.

3.5
2020-12-12 CVE-2020-35201 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0

Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp users Stored XSS.

3.5
2020-12-12 CVE-2020-35199 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0

Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchatJID Stored XSS.

3.5
2020-12-11 CVE-2020-26265 Ethereum Incorrect Calculation vulnerability in Ethereum GO Ethereum

Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol.

3.5
2020-12-11 CVE-2020-28838 Opencart Cross-Site Request Forgery (CSRF) vulnerability in Opencart 3.0.3.6

Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd.

3.5
2020-12-11 CVE-2020-35132 Phpldapadmin Project
Fedoraproject
Cross-site Scripting vulnerability in multiple products

An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time via get_request in lib/function.php.

3.5
2020-12-11 CVE-2020-35127 Igniterealtime Cross-site Scripting vulnerability in Igniterealtime Openfire 4.6.0

Ignite Realtime Openfire 4.6.0 has plugins/bookmarks/create-bookmark.jsp Stored XSS.

3.5
2020-12-11 CVE-2020-35126 Typesettercms Cross-site Scripting vulnerability in Typesettercms Typesetter

** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to conduct Site Title persistent XSS attacks via an Admin/Configuration URI.

3.5
2020-12-10 CVE-2020-26407 Gitlab Cross-site Scripting vulnerability in Gitlab

A XSS vulnerability exists in Gitlab CE/EE from 12.4 before 13.4.7, 13.5 before 13.5.5, and 13.6 before 13.6.2 that allows an attacker to perform cross-site scripting to other users via importing a malicious project

3.5
2020-12-10 CVE-2020-24445 Adobe Cross-site Scripting vulnerability in Adobe Experience Manager

AEM's Cloud Service offering, as well as version 6.5.6.0 (and below), are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields.

3.5
2020-12-10 CVE-2020-17147 Microsoft Cross-site Scripting vulnerability in Microsoft Dynamics 365 8.2/9.0

Dynamics CRM Webclient Cross-site Scripting Vulnerability

3.5
2020-12-09 CVE-2020-7776 Phpspreadsheet Project Cross-site Scripting vulnerability in PHPspreadsheet Project PHPspreadsheet

This affects the package phpoffice/phpspreadsheet from 0.0.0.

3.5
2020-12-09 CVE-2020-10146 Microsoft Cross-site Scripting vulnerability in Microsoft Teams

The Microsoft Teams online service contains a stored cross-site scripting vulnerability in the displayName parameter that can be exploited on Teams clients to obtain sensitive information such as authentication tokens and to possibly execute arbitrary commands.

3.5
2020-12-09 CVE-2020-26249 Cogboard Cross-site Scripting vulnerability in Cogboard Red-Dashboard

Red Discord Bot Dashboard is an easy-to-use interactive web dashboard to control your Redbot.

3.5
2020-12-08 CVE-2020-26256 C2Fo Resource Exhaustion vulnerability in C2Fo Fast-Csv

Fast-csv is an npm package for parsing and formatting CSVs or any other delimited value file in node.

3.5
2020-12-08 CVE-2020-25955 Student Management System Project IN PHP Project Cross-site Scripting vulnerability in PHP 1.0

SourceCodester Student Management System Project in PHP version 1.0 is vulnerable to stored a cross-site scripting (XSS) via the 'add subject' tab.

3.5
2020-12-08 CVE-2020-29539 Systransoft Cross-site Scripting vulnerability in Systransoft Pure Neural Server

A Cross-Site Scripting (XSS) issue in WebUI Translation in Systran Pure Neural Server before 9.7.0 allows a threat actor to have a remote authenticated user run JavaScript from a malicious site.

3.5
2020-12-12 CVE-2020-35208 Logmein Improper Authentication vulnerability in Logmein Lastpass 4.8.11.2403

** DISPUTED ** An issue was discovered in the LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app 4.8.11.2403 for iOS.

3.3
2020-12-12 CVE-2020-35207 Logmein Improper Authentication vulnerability in Logmein Lastpass 4.8.11.2403

** DISPUTED ** An issue was discovered in the LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app 4.8.11.2403 for iOS.

3.3
2020-12-09 CVE-2020-26261 Jupyterhub Exposure of Resource to Wrong Sphere vulnerability in Jupyterhub Systemdspawner

jupyterhub-systemdspawner enables JupyterHub to spawn single-user notebook servers using systemd.

3.3
2020-12-10 CVE-2020-8920 Google Unspecified vulnerability in Google Gerrit

An information leak vulnerability exists in Gerrit versions prior to 2.14.22, 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where an overoptimization with the FilteredRepository wrapper skips the verification of access on All-Users repositories, allowing an attacker to get read access to all users' personal information associated with their accounts.

2.7
2020-12-10 CVE-2020-8919 Google Incorrect Authorization vulnerability in Google Gerrit

An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where a missing access check on the branch REST API allows an attacker with only the default set of priviledges to read all other user's personal account data as well as sub-trees with restricted access.

2.7
2020-12-09 CVE-2020-26816 SAP Missing Encryption of Sensitive Data vulnerability in SAP Netweaver Application Server Java

SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted.

2.7
2020-12-11 CVE-2020-26416 Gitlab Information Exposure vulnerability in Gitlab

Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs.

2.1
2020-12-11 CVE-2020-28219 Schneider Electric Insufficiently Protected Credentials vulnerability in Schneider-Electric products

A CWE-522: Insufficiently Protected Credentials vulnerability exists in EcoStruxure Geo SCADA Expert 2019 (Original release and Monthly Updates to September 2020, from 81.7268.1 to 81.7578.1) and EcoStruxure Geo SCADA Expert 2020 (Original release and Monthly Updates to September 2020, from 83.7551.1 to 83.7578.1), that could cause exposure of credentials to server-side users when web users are logged in to Virtual ViewX.

2.1
2020-12-11 CVE-2020-28214 Schneider Electric Use of a One-Way Hash with a Predictable Salt vulnerability in Schneider-Electric Modicon M221 Firmware

A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 (all references, all versions), that could allow an attacker to pre-compute the hash value using dictionary attack technique such as rainbow tables, effectively disabling the protection that an unpredictable salt would provide.

2.1
2020-12-10 CVE-2020-8908 Google
Quarkus
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir().

2.1
2020-12-10 CVE-2020-26270 Google Improper Input Validation vulnerability in Google Tensorflow

In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend.

2.1
2020-12-10 CVE-2020-26271 Google Out-of-bounds Read vulnerability in Google Tensorflow

In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph.

2.1
2020-12-10 CVE-2020-27351 Debian Missing Release of Resource after Effective Lifetime vulnerability in Debian Advanced Package Tool

Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170.

2.1
2020-12-10 CVE-2020-17138 Microsoft Information Exposure vulnerability in Microsoft Windows 10 and Windows Server 2016

Windows Error Reporting Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-17094.

2.1
2020-12-10 CVE-2020-17126 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Excel Information Disclosure Vulnerability

2.1
2020-12-10 CVE-2020-17098 Microsoft Unspecified vulnerability in Microsoft products

Windows GDI+ Information Disclosure Vulnerability

2.1
2020-12-10 CVE-2020-17094 Microsoft Unspecified vulnerability in Microsoft products

Windows Error Reporting Information Disclosure Vulnerability This CVE ID is unique from CVE-2020-17138.

2.1
2020-12-09 CVE-2020-2020 Paloaltonetworks Improper Handling of Exceptional Conditions vulnerability in Paloaltonetworks Cortex XDR Agent

An improper handling of exceptional conditions vulnerability in Cortex XDR Agent allows a local authenticated Windows user to create files in the software's internal program directory that prevents the Cortex XDR Agent from starting.

2.1
2020-12-09 CVE-2020-29660 Fedoraproject
Linux
Improper Locking vulnerability in multiple products

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13.

2.1
2020-12-09 CVE-2020-27349 Canonical Missing Authorization vulnerability in Canonical Ubuntu Linux

Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges.

2.1
2020-12-09 CVE-2020-16128 Canonical Information Exposure Through an Error Message vulnerability in Canonical Ubuntu Linux

The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196.

2.1
2020-12-08 CVE-2020-26234 Apereo Origin Validation Error vulnerability in Apereo Opencast

Opencast before versions 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests.

2.1
2020-12-08 CVE-2020-27821 Qemu Heap-based Buffer Overflow vulnerability in Qemu

A flaw was found in the memory management API of QEMU during the initialization of a memory region cache.

2.1
2020-12-08 CVE-2020-27902 Apple Improper Authentication vulnerability in Apple Ipados and Iphone OS

An authentication issue was addressed with improved state management.

2.1
2020-12-08 CVE-2020-9989 Apple Unspecified vulnerability in Apple products

The issue was addressed with improved deletion.

2.1
2020-12-08 CVE-2020-9988 Apple Unspecified vulnerability in Apple Ipad OS and Iphone OS

The issue was addressed with improved deletion.

2.1
2020-12-08 CVE-2020-10007 Apple Unspecified vulnerability in Apple mac OS X

A logic issue was addressed with improved state management.

2.1
2020-12-08 CVE-2020-10002 Apple Unspecified vulnerability in Apple products

A logic issue was addressed with improved state management.

2.1
2020-12-08 CVE-2020-25677 Ceph
Redhat
Cleartext Storage of Sensitive Information vulnerability in multiple products

A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions.

2.1
2020-12-07 CVE-2020-8566 Kubernetes Information Exposure Through Log Files vulnerability in Kubernetes

In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs.

2.1
2020-12-07 CVE-2020-8565 Kubernetes Information Exposure Through Log Files vulnerability in Kubernetes

In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files.

2.1
2020-12-07 CVE-2020-8564 Kubernetes Information Exposure Through Log Files vulnerability in Kubernetes

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials.

2.1
2020-12-07 CVE-2020-8563 Kubernetes Information Exposure Through Log Files vulnerability in Kubernetes

In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log.

2.1
2020-12-07 CVE-2020-28935 Nlnetlabs Link Following vulnerability in Nlnetlabs Name Server Daemon

NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack.

2.1
2020-12-07 CVE-2020-17521 Apache
Netapp
Oracle
Apache Groovy provides extension methods to aid with creating temporary directories.
2.1
2020-12-08 CVE-2020-27925 Apple Unspecified vulnerability in Apple Ipados and Iphone OS

An issue existed in the handling of incoming calls.

1.9
2020-12-08 CVE-2020-9969 Apple Unspecified vulnerability in Apple products

An access issue was addressed with additional sandbox restrictions.

1.9