Weekly Vulnerabilities Reports > December 21 to 27, 2020

Overview

235 new vulnerabilities reported during this period, including 20 critical vulnerabilities and 40 high severity vulnerabilities. This weekly summary report vulnerabilities in 230 products from 124 vendors including F5, Odoo, IBM, ABB, and Terra Master. Vulnerabilities are notably categorized as "Cross-site Scripting", "SQL Injection", "Improper Privilege Management", "Resource Exhaustion", and "Out-of-bounds Write".

  • 212 reported vulnerabilities are remotely exploitables.
  • 16 reported vulnerabilities have public exploit available.
  • 97 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 174 reported vulnerabilities are exploitable by an anonymous user.
  • F5 has the most reported vulnerabilities, with 16 reported vulnerabilities.
  • Terra Master has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

20 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-27 CVE-2020-35729 Klogserver OS Command Injection vulnerability in Klogserver Klog Server 2.4.1

KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter.

10.0
2020-12-26 CVE-2020-35713 Linksys OS Command Injection vulnerability in Linksys Re6500 Firmware

Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page.

10.0
2020-12-24 CVE-2020-28188 Terra Master OS Command Injection vulnerability in Terra-Master TOS

Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter.

10.0
2020-12-24 CVE-2020-28187 Terra Master Path Traversal vulnerability in Terra-Master TOS

Multiple directory traversal vulnerabilities in TerraMaster TOS <= 4.2.06 allow remote authenticated attackers to read, edit or delete any file within the filesystem via the (1) filename parameter to /tos/index.php?editor/fileGet, Event parameter to /include/ajax/logtable.php, or opt parameter to /include/core/index.php.

10.0
2020-12-23 CVE-2020-35665 Terra Master Unrestricted Upload of File With Dangerous Type vulnerability in Terra-Master Terramaster Operating System 3.1.03/4.2.06

An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation.

10.0
2020-12-23 CVE-2020-29552 Urve OS Command Injection vulnerability in Urve 24.03.2020

An issue was discovered in URVE Build 24.03.2020.

10.0
2020-12-22 CVE-2020-29583 Zyxel Cleartext Storage of Sensitive Information vulnerability in Zyxel products

Firmware version 4.60 of Zyxel USG devices contains an undocumented account (zyfwp) with an unchangeable password.

10.0
2020-12-22 CVE-2020-24679 ABB Improper Input Validation vulnerability in ABB Symphony Plus Historian and Symphony Plus Operations

A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages.

10.0
2020-12-21 CVE-2020-27846 Grafana
Saml Project
Redhat
Fedoraproject
Misinterpretation of Input vulnerability in multiple products

A signature verification vulnerability exists in crewjam/saml.

10.0
2020-12-27 CVE-2020-8289 Backblaze Improper Certificate Validation vulnerability in Backblaze 7.0.0.439

Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where validation is disabled leading to possible remote code execution via client update functionality.

9.3
2020-12-26 CVE-2020-35712 Esri Server-Side Request Forgery (SSRF) vulnerability in Esri Arcgis Server

Esri ArcGIS Server before 10.8 is vulnerable to SSRF in some configurations.

9.3
2020-12-24 CVE-2020-5681 Epson Uncontrolled Search Path Element vulnerability in Epson products

Untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager versions 2.2.14 and earlier, and Offirio SynergyWare PrintDirector versions 1.6x/1.6y and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2020-12-23 CVE-2020-35370 Raysync Code Injection vulnerability in Raysync

A RCE vulnerability exists in Raysync below 3.3.3.8.

9.3
2020-12-22 CVE-2020-25106 Supremocontrol Unrestricted Upload of File With Dangerous Type vulnerability in Supremocontrol Supremo 4.1.3.2348

Nanosystems SupRemo 4.1.3.2348 allows attackers to obtain LocalSystem access because File Manager can be used to rename Supremo.exe and then upload a Trojan horse with the Supremo.exe filename.

9.3
2020-12-21 CVE-2020-35604 Kronos XXE vulnerability in Kronos web Time and Attendance 5.0.4

An XXE attack can occur in Kronos WebTA 5.0.4 when SAML is used.

9.3
2020-12-27 CVE-2020-29299 Zyxel Command Injection vulnerability in Zyxel products

Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action.

9.0
2020-12-26 CVE-2020-35715 Linksys OS Command Injection vulnerability in Linksys Re6500 Firmware

Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote authenticated users to execute arbitrary commands via shell metacharacters in a filename to the upload_settings.cgi page.

9.0
2020-12-23 CVE-2020-35136 Dolibarr Command Injection vulnerability in Dolibarr 12.0.3

Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution.

9.0
2020-12-22 CVE-2020-24674 ABB Incorrect Authorization vulnerability in ABB Symphony Plus Historian and Symphony Plus Operations

In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected.

9.0
2020-12-21 CVE-2020-35606 Webmin Command Injection vulnerability in Webmin

Arbitrary command execution can occur in Webmin through 1.962.

9.0

40 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-23 CVE-2020-29551 Urve Missing Authorization vulnerability in Urve 24.03.2020

An issue was discovered in URVE Build 24.03.2020.

8.5
2020-12-22 CVE-2018-15632 Odoo Improper Input Validation vulnerability in Odoo 10.0/11.0/8.0

Improper input validation in database creation logic in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to initialize an empty database on which they can connect with default credentials.

8.5
2020-12-21 CVE-2020-26284 Gohugo OS Command Injection vulnerability in Gohugo Hugo

Hugo is a fast and Flexible Static Site Generator built in Go.

8.5
2020-12-26 CVE-2020-35716 Linksys Unspecified vulnerability in Linksys Re6500 Firmware

Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to cause a persistent denial of service (segmentation fault) via a long /goform/langSwitch langSelectionOnly parameter.

7.8
2020-12-24 CVE-2020-27717 F5 Unspecified vulnerability in F5 Big-Ip Domain Name System

On BIG-IP DNS 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.2, undisclosed series of DNS requests may cause TMM to restart and generate a core file.

7.8
2020-12-24 CVE-2020-27716 F5 Unspecified vulnerability in F5 Big-Ip Access Policy Manager

On versions 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.5, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when a BIG-IP APM virtual server processes traffic of an undisclosed nature, the Traffic Management Microkernel (TMM) stops responding and restarts.

7.8
2020-12-24 CVE-2020-27715 F5 Unspecified vulnerability in F5 products

On BIG-IP 15.1.0-15.1.0.5 and 14.1.0-14.1.3, crafted TLS request to the BIG-IP management interface via port 443 can cause high (~100%) CPU utilization by the httpd daemon.

7.8
2020-12-22 CVE-2020-24581 D Link OS Command Injection vulnerability in D-Link Dsl2888A Firmware

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.

7.7
2020-12-27 CVE-2020-7845 Jiransecurity Out-Of-Bounds Write vulnerability in Jiransecurity Spamsniper 5.0.2/5.7.5

Spamsniper 5.0 ~ 5.2.7 contain a stack-based buffer overflow vulnerability caused by improper boundary checks when parsing MAIL FROM command.

7.5
2020-12-26 CVE-2020-35245 Flamingo Project SQL Injection vulnerability in Flamingo Project Flamingo

Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::addUser.

7.5
2020-12-26 CVE-2020-35244 Flamingo Project SQL Injection vulnerability in Flamingo Project Flamingo

Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::addGroup.

7.5
2020-12-26 CVE-2020-35243 Flamingo Project SQL Injection vulnerability in Flamingo Project Flamingo

Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::updateUserInfoInDb.

7.5
2020-12-26 CVE-2020-35242 Flamingo Project SQL Injection vulnerability in Flamingo Project Flamingo

Flamingo (aka FlamingoIM) through 2020-09-29 has a SQL injection vulnerability in UserManager::updateUserTeamInfoInDbAndMemory.

7.5
2020-12-26 CVE-2020-29203 Struct2Json Project Classic Buffer Overflow vulnerability in Struct2Json Project Struct2Json

struct2json before 2020-11-18 is affected by a Buffer Overflow because strcpy is used for S2J_STRUCT_GET_string_ELEMENT.

7.5
2020-12-26 CVE-2020-35364 Huorong Improper Privilege Management vulnerability in Huorong Internet Security 5.0.55.2

Beijing Huorong Internet Security 5.0.55.2 allows a non-admin user to escalate privileges by injecting code into a process, and then waiting for a Huorong services restart or a system reboot.

7.5
2020-12-26 CVE-2020-35575 TP Link Insufficiently Protected Credentials vulnerability in Tp-Link products

A password-disclosure issue in the web interface on certain TP-Link devices allows a remote attacker to get full administrative access to the web panel.

7.5
2020-12-24 CVE-2020-26282 Browserup Injection vulnerability in Browserup Proxy

BrowserUp Proxy allows you to manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file.

7.5
2020-12-24 CVE-2020-29474 Egavilanmedia SQL Injection vulnerability in Egavilanmedia EGM Address Book 1.0

EGavilan Media EGM Address Book 1.0 contains a SQL injection vulnerability.

7.5
2020-12-24 CVE-2020-29472 Egavilanmedia SQL Injection vulnerability in Egavilanmedia Under Construction Page With Cpanel 1.0

EGavilan Media Under Construction page with cPanel 1.0 contains a SQL injection vulnerability.

7.5
2020-12-23 CVE-2020-28074 Online Health Care System Project SQL Injection vulnerability in Online Health Care System Project Online Health Care System 1.0

SourceCodester Online Health Care System 1.0 is affected by SQL Injection which allows a potential attacker to bypass the authentication system and become an admin.

7.5
2020-12-23 CVE-2020-28073 Library Management System Project SQL Injection vulnerability in Library Management System Project Library Management System 1.0

SourceCodester Library Management System 1.0 is affected by SQL Injection allowing an attacker to bypass the user authentication and impersonate any user on the system.

7.5
2020-12-23 CVE-2020-28070 Alumni Management System Project SQL Injection vulnerability in Alumni Management System Project Alumni Management System 1.0

SourceCodester Alumni Management System 1.0 is affected by SQL injection causing arbitrary remote code execution from GET input in view_event.php via the 'id' parameter.

7.5
2020-12-23 CVE-2020-13968 CRK SQL Injection vulnerability in CRK Business Platform

CRK Business Platform <= 2019.1 allows can inject SQL statements against the DB on any path using the 'strSessao' parameter.

7.5
2020-12-23 CVE-2020-11720 Bilanc USE of Hard-Coded Credentials vulnerability in Bilanc 01431.01.2020

An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below.

7.5
2020-12-22 CVE-2020-27337 Treck Out-Of-Bounds Write vulnerability in Treck Ipv6

An issue was discovered in Treck IPv6 before 6.0.1.68.

7.5
2020-12-22 CVE-2020-25066 Treck Out-Of-Bounds Write vulnerability in Treck Tcp/Ip

A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code.

7.5
2020-12-22 CVE-2020-24683 ABB Incorrect Resource Transfer Between Spheres vulnerability in ABB Symphony Plus Historian and Symphony Plus Operations

The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at the client node (client-side authentication).

7.5
2020-12-22 CVE-2020-24675 ABB Improper Authentication vulnerability in ABB Symphony Plus Historian and Symphony Plus Operations

In S+ Operations and S+ History, it is possible that an unauthenticated user could inject values to the Operations History server (or standalone S+ History server) and ultimately write values to the controlled process.

7.5
2020-12-22 CVE-2020-24673 ABB SQL Injection vulnerability in ABB Symphony Plus Historian and Symphony Plus Operations

In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system.

7.5
2020-12-22 CVE-2020-28460 Multi INI Project Resource Exhaustion vulnerability in Multi-Ini Project Multi-Ini

This affects the package multi-ini before 2.1.2.

7.5
2020-12-22 CVE-2020-28448 Multi INI Project Resource Exhaustion vulnerability in Multi-Ini Project Multi-Ini

This affects the package multi-ini before 2.1.1.

7.5
2020-12-21 CVE-2020-11717 Bilanc SQL Injection vulnerability in Bilanc 01431.01.2020

An issue was discovered in Programi 014 31.01.2020.

7.5
2020-12-21 CVE-2020-35605 Kitty Project Unspecified vulnerability in Kitty Project Kitty

The Graphics Protocol feature in graphics.c in kitty before 0.19.3 allows remote attackers to execute arbitrary code because a filename containing special characters can be included in an error message.

7.5
2020-12-21 CVE-2020-21378 Seacms SQL Injection vulnerability in Seacms 10.1

SQL injection vulnerability in SeaCMS 10.1 (2020.02.08) via the id parameter in an edit action to admin_members_group.php.

7.5
2020-12-21 CVE-2020-21377 Yunyecms SQL Injection vulnerability in Yunyecms 2.0.1

SQL injection vulnerability in yunyecms V2.0.1 via the selcart parameter.

7.5
2020-12-21 CVE-2020-4988 IBM Unspecified vulnerability in IBM Loopback 8.0.0

Loopback 8.0.0 contains a vulnerability that could allow an attacker to manipulate or pollute Javascript values and cause a denial of service or possibly execute code.

7.5
2020-12-21 CVE-2020-35276 Egavilanmedia SQL Injection vulnerability in Egavilanmedia ECM Address Book 1.0

EgavilanMedia ECM Address Book 1.0 is affected by SQL injection.

7.5
2020-12-24 CVE-2020-9200 Huawei Improper Neutralization of Formula Elements in A CSV File vulnerability in Huawei Imanager Neteco 6000 V600R021C00

There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00.

7.2
2020-12-22 CVE-2020-35608 Microsoft Injection vulnerability in Microsoft Azure Sphere 20.07

A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07.

7.2
2020-12-21 CVE-2020-25860 Pengutronix Time-Of-Check Time-Of-Use (Toctou) Race Condition vulnerability in Pengutronix Rauc

The install.c module in the Pengutronix RAUC update client prior to version 1.5 has a Time-of-Check Time-of-Use vulnerability, where signature verification on an update file takes place before the file is reopened for installation.

7.1

149 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-24 CVE-2020-28169 TD Agent Builder Project Incorrect Permission Assignment for Critical Resource vulnerability in Td-Agent-Builder Project Td-Agent-Builder

The td-agent-builder plugin before 2020-12-18 for Fluentd allows attackers to gain privileges because the bin directory is writable by a user account, but a file in bin is executed as NT AUTHORITY\SYSTEM.

6.9
2020-12-27 CVE-2020-35728 Fasterxml
Debian
Netapp
Deserialization of Untrusted Data vulnerability in multiple products

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).

6.8
2020-12-26 CVE-2020-26766 User Registration Login AND User Management System With Admin Panel Project Cross-Site Request Forgery (CSRF) vulnerability in User Registration & Login and User Management System With Admin Panel Project User Registration & Login and User Management System With Admin Panel 2.1

A Cross Site Request Forgery (CSRF) vulnerability exists in the loginsystem page in PHPGurukul User Registration & Login and User Management System With Admin Panel 2.1.

6.8
2020-12-25 CVE-2020-35702 Freedesktop Out-Of-Bounds Write vulnerability in Freedesktop Poppler 20.12.1

** DISPUTED ** DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document.

6.8
2020-12-24 CVE-2020-28186 Terra Master Weak Password Recovery Mechanism for Forgotten Password vulnerability in Terra-Master TOS

Email Injection in TerraMaster TOS <= 4.2.06 allows remote unauthenticated attackers to abuse the forget password functionality and achieve account takeover.

6.8
2020-12-23 CVE-2020-35269 Nagios Cross-Site Request Forgery (CSRF) vulnerability in Nagios Core 4.2.4

Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross-Site Request Forgery (CSRF) in many functions, like adding – deleting for hosts or servers.

6.8
2020-12-23 CVE-2020-25198 Moxa Session Fixation vulnerability in Moxa Nport Iaw5000A-I/O Firmware

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has incorrectly implemented protections from session fixation, which may allow an attacker to gain access to a session and hijack it by stealing the user’s cookies.

6.8
2020-12-22 CVE-2020-13547 Foxitsoftware Type Confusion vulnerability in Foxitsoftware Foxit Reader 10.0.0.37527

A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527.

6.8
2020-12-22 CVE-2020-13570 Foxitsoftware USE After Free vulnerability in Foxitsoftware Foxit Reader 10.1.0.37527

A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.0.37527.

6.8
2020-12-22 CVE-2020-13560 Foxitsoftware USE After Free vulnerability in Foxitsoftware Foxit Reader 10.1.0.37527

A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527.

6.8
2020-12-22 CVE-2020-13557 Foxitsoftware USE After Free vulnerability in Foxitsoftware Foxit Reader 10.1.0.37527

A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527.

6.8
2020-12-22 CVE-2019-11781 Odoo Improper Input Validation vulnerability in Odoo

Improper input validation in portal component in Odoo Community 12.0 and earlier and Odoo Enterprise 12.0 and earlier, allows remote attackers to trick victims into modifying their account via crafted links, leading to privilege escalation.

6.8
2020-12-21 CVE-2020-35626 Mediawiki Cross-Site Request Forgery (CSRF) vulnerability in Mediawiki

An issue was discovered in the PushToWatch extension for MediaWiki through 1.35.1.

6.8
2020-12-22 CVE-2020-28641 Malwarebytes Link Following vulnerability in Malwarebytes Endpoint Protection and Malwarebytes

In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system.

6.6
2020-12-26 CVE-2020-25917 Stratodesk Improper Privilege Management vulnerability in Stratodesk Notouch Center 4.1.24

Stratodesk NoTouch Center before 4.4.68 is affected by: Incorrect Access Control.

6.5
2020-12-26 CVE-2020-35714 Linksys Command Injection vulnerability in Linksys Re6500 Firmware

Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program.

6.5
2020-12-25 CVE-2020-35708 Phplist SQL Injection vulnerability in PHPlist 3.5.9

phpList 3.5.9 allows SQL injection by admins who provide a crafted fourth line of a file to the "Config - Import Administrators" page.

6.5
2020-12-23 CVE-2020-35666 Steedos SQL Injection vulnerability in Steedos

Steedos Platform through 1.21.24 allows NoSQL injection because the /api/collection/findone implementation in server/packages/steedos_base.js mishandles req.body validation, as demonstrated by MongoDB operator attacks such as an X-User-Id[$ne]=1 value.

6.5
2020-12-23 CVE-2020-27397 Projectworlds Unrestricted Upload of File With Dangerous Type vulnerability in Projectworlds Online Matrimonial Project 1.0

Marital - Online Matrimonial Project In PHP version 1.0 suffers from an authenticated file upload vulnerability allowing remote attackers to gain remote code execution (RCE) on the Hosting web server via uploading a maliciously crafted PHP file.

6.5
2020-12-23 CVE-2020-25194 Moxa Improper Privilege Management vulnerability in Moxa Nport Iaw5000A-I/O Firmware

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower has improper privilege management, which may allow an attacker with user privileges to perform requests with administrative privileges.

6.5
2020-12-23 CVE-2020-35657 Jaws Project Unrestricted Upload of File With Dangerous Type vulnerability in Jaws Project Jaws

Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of UploadTheme to upload a theme ZIP archive containing a .php file that is able to execute OS commands.

6.5
2020-12-23 CVE-2020-35656 Jaws Project Unrestricted Upload of File With Dangerous Type vulnerability in Jaws Project Jaws

Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of admin.php?reqGadget=Components&reqAction=InstallGadget&comp=FileBrowser and admin.php?reqGadget=FileBrowser&reqAction=Files to upload a .php file.

6.5
2020-12-22 CVE-2020-24678 ABB Improper Privilege Management vulnerability in ABB Symphony Plus Historian and Symphony Plus Operations

An authenticated user might execute malicious code under the user context and take control of the system.

6.5
2020-12-22 CVE-2020-24677 ABB Improper Check for Unusual OR Exceptional Conditions vulnerability in ABB Symphony Plus Historian and Symphony Plus Operations

Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privilege escalation, redirect the user somewhere else or download unwanted data.

6.5
2020-12-22 CVE-2020-14874 Oracle Unspecified vulnerability in Oracle Cloud Infrastructure Identity and Access Management

Vulnerability in the Oracle Cloud Infrastructure Identity and Access Management product of Oracle Cloud Services.

6.5
2020-12-22 CVE-2020-14231 Hcltechsw Out-Of-Bounds Write vulnerability in Hcltechsw HCL Client Application Access 9.0

A vulnerability in the input parameter handling of HCL Client Application Access v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow.

6.5
2020-12-22 CVE-2020-29396 Odoo Improper Privilege Management vulnerability in Odoo 11.0/12.0/13.0

A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation.

6.5
2020-12-21 CVE-2020-35625 Mediawiki Incorrect Permission Assignment for Critical Resource vulnerability in Mediawiki

An issue was discovered in the Widgets extension for MediaWiki through 1.35.1.

6.5
2020-12-21 CVE-2020-35151 Online Marriage Registration System Project SQL Injection vulnerability in Online Marriage Registration System Project Online Marriage Registration System 1.0

The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection.

6.5
2020-12-21 CVE-2020-35273 Egavilanmedia Cross-Site Request Forgery (CSRF) vulnerability in Egavilanmedia User Registration & Login System With Admin Panel 1.0

EgavilanMedia User Registration & Login System with Admin Panel 1.0 is affected by Cross Site Request Forgery (CSRF) to remotely gain privileges in the User Profile panel.

6.0
2020-12-27 CVE-2020-35678 Crossbar Open Redirect vulnerability in Crossbar Autobahn

Autobahn|Python before 20.12.3 allows redirect header injection.

5.8
2020-12-24 CVE-2020-27729 F5 Open Redirect vulnerability in F5 Big-Ip Access Policy Manager

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, an undisclosed link on the BIG-IP APM virtual server allows a malicious user to build an open redirect URI.

5.8
2020-12-24 CVE-2020-5684 NEC Improper Certificate Validation vulnerability in NEC ISM Server

iSM client versions from V5.1 prior to V12.1 running on NEC Storage Manager or NEC Storage Manager Express does not verify a server certificate properly, which allows a man-in-the-middle attacker to eavesdrop on an encrypted communication or alter the communication via a crafted certificate.

5.8
2020-12-23 CVE-2020-11718 Bilanc Cleartext Transmission of Sensitive Information vulnerability in Bilanc 01431.01.2020

An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below.

5.8
2020-12-22 CVE-2020-24579 D Link Improper Authentication vulnerability in D-Link Dsl2888A Firmware

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.

5.8
2020-12-21 CVE-2020-26281 Rust Lang Http Request Smuggling vulnerability in Rust-Lang Async-H1

async-h1 is an asynchronous HTTP/1.1 parser for Rust (crates.io).

5.8
2020-12-21 CVE-2020-4840 IBM Open Redirect vulnerability in IBM Security Secret Server 10.6

IBM Security Secret Server 10.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.

5.8
2020-12-21 CVE-2020-26275 Jupyter Open Redirect vulnerability in Jupyter Server

The Jupyter Server provides the backend (i.e.

5.8
2020-12-24 CVE-2020-29189 Terra Master Incorrect Authorization vulnerability in Terra-Master TOS

Incorrect Access Control vulnerability in TerraMaster TOS <= 4.2.06 allows remote authenticated attackers to bypass read-only restriction and obtain full access to any folder within the NAS

5.5
2020-12-21 CVE-2020-4794 IBM Incorrect Authorization vulnerability in IBM products

IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.6 could allow an authenticated user to obtain sensitive information or cuase a denial of service due to iimproper authorization checking.

5.5
2020-12-21 CVE-2020-4555 IBM Session Fixation vulnerability in IBM Financial Transaction Manager

IBM Financial Transaction Manager 3.0.6 and 3.1.0 does not invalidate session after logout which could allow an authenticated user to impersonate another user on the system.

5.5
2020-12-24 CVE-2020-35693 Google Unspecified vulnerability in Google Android

On some Samsung phones and tablets running Android through 7.1.1, it is possible for an attacker-controlled Bluetooth Low Energy (BLE) device to pair silently with a vulnerable target device, without any user interaction, when the target device's Bluetooth is on, and it is running an app that offers a connectable BLE advertisement.

5.4
2020-12-22 CVE-2020-24580 D Link Improper Authentication vulnerability in D-Link Dsl2888A Firmware

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.

5.4
2020-12-27 CVE-2020-35736 Liftoffsoftware Path Traversal vulnerability in Liftoffsoftware Gateone 1.1

GateOne 1.1 allows arbitrary file download without authentication via /downloads/..

5.0
2020-12-27 CVE-2020-29156 Woocommerce Incorrect Authorization vulnerability in Woocommerce

The WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the order_id parameter in a fetch_order_status action.

5.0
2020-12-26 CVE-2020-35362 Dext5 Path Traversal vulnerability in Dext5 Dext5Upload 2.7.1262310

DEXT5Upload 2.7.1262310 and earlier is affected by Directory Traversal in handler/dext5handler.jsp.

5.0
2020-12-26 CVE-2020-35284 Flamingoim Project Path Traversal vulnerability in Flamingoim Project Flamingoim 20200929

Flamingo (aka FlamingoIM) through 2020-09-29 allows ../ directory traversal because the only ostensibly unpredictable part of a file-transfer request is an MD5 computation; however, this computation occurs on the client side, and the computation details can be easily determined because the product's source code is available.

5.0
2020-12-26 CVE-2020-35450 Gobby Project Null Pointer Dereference vulnerability in Gobby Project Gobby 0.4.11

Gobby 0.4.11 allows a NULL pointer dereference in the D-Bus handler for certain set_language calls.

5.0
2020-12-26 CVE-2020-35359 Pureftpd Allocation of Resources Without Limits OR Throttling vulnerability in Pureftpd Pure-Ftpd 1.0.48

Pure-FTPd 1.0.48 allows remote attackers to prevent legitimate server use by making enough connections to exceed the connection limit.

5.0
2020-12-26 CVE-2020-35376 Xpdfreader
Fedoraproject
Out-Of-Bounds Write vulnerability in multiple products

Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp() function.

5.0
2020-12-26 CVE-2020-35388 Rockoa Unspecified vulnerability in Rockoa Xinhu 2.1.9

rainrocka xinhu 2.1.9 allows remote attackers to obtain sensitive information via an index.php?a=gettotal request in which the ajaxbool value is manipulated to be true.

5.0
2020-12-25 CVE-2020-35711 ARC Swap Project Unspecified vulnerability in Arc-Swap Project Arc-Swap

An issue has been discovered in the arc-swap crate before 0.4.8 (and 1.x before 1.1.0) for Rust.

5.0
2020-12-25 CVE-2020-35710 Parallels Information Exposure vulnerability in Parallels Remote Application Server 18.0

Parallels Remote Application Server (RAS) 18 allows remote attackers to discover an intranet IP address because submission of the login form (even with blank credentials) provides this address to the attacker's client for use as a "host" value.

5.0
2020-12-24 CVE-2020-11093 Linuxfoundation Improper Verification of Cryptographic Signature vulnerability in Linuxfoundation Indy-Node

Hyperledger Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity.

5.0
2020-12-24 CVE-2020-9120 Huawei Unspecified vulnerability in Huawei Cloudengine 1800V V100R019C10Spc500

CloudEngine 1800V versions V100R019C10SPC500 has a resource management error vulnerability.

5.0
2020-12-24 CVE-2020-35680 Opensmtpd
Fedoraproject
Null Pointer Dereference vulnerability in multiple products

smtpd/lka_filter.c in OpenSMTPD before 6.8.0p1, in certain configurations, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted pattern of client activity, because the filter state machine does not properly maintain the I/O channel between the SMTP engine and the filters layer.

5.0
2020-12-24 CVE-2020-35679 Opensmtpd
Fedoraproject
Missing Release of Resource After Effective Lifetime vulnerability in multiple products

smtpd/table.c in OpenSMTPD before 6.8.0p1 lacks a certain regfree, which might allow attackers to trigger a "very significant" memory leak via messages to an instance that performs many regex lookups.

5.0
2020-12-24 CVE-2020-27723 F5 Unspecified vulnerability in F5 Big-Ip Access Policy Manager

In versions 14.1.0-14.1.3 and 13.1.0-13.1.3.4, a BIG-IP APM virtual server processing PingAccess requests may lead to a restart of the Traffic Management Microkernel (TMM) process.

5.0
2020-12-24 CVE-2020-28185 Terra Master Unspecified vulnerability in Terra-Master TOS

User Enumeration vulnerability in TerraMaster TOS <= 4.2.06 allows remote unauthenticated attackers to identify valid users within the system via the username parameter to wizard/initialise.php.

5.0
2020-12-24 CVE-2020-27718 F5 Resource Exhaustion vulnerability in F5 products

When a BIG-IP ASM or Advanced WAF system running version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, or 11.6.1-11.6.5.2 processes requests with JSON payload, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process.

5.0
2020-12-24 CVE-2020-2504 Qnap Path Traversal vulnerability in Qnap QES 2.1.1

If exploited, this absolute path traversal vulnerability could allow attackers to traverse files in File Station.

5.0
2020-12-23 CVE-2020-35668 Redislabs Null Pointer Dereference vulnerability in Redislabs Redisgraph

RedisGraph 2.x through 2.2.11 has a NULL Pointer Dereference that leads to a server crash because it mishandles an unquoted string, such as an alias that has not yet been introduced.

5.0
2020-12-23 CVE-2020-35598 Advanced Comment System Project Path Traversal vulnerability in Advanced Comment System Project Advanced Comment System 1.0

ACS Advanced Comment System 1.0 is affected by Directory Traversal via an advanced_component_system/index.php?ACS_path=..%2f URI.

5.0
2020-12-23 CVE-2020-11719 Bilanc Inadequate Encryption Strength vulnerability in Bilanc 01431.01.2020

An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below.

5.0
2020-12-23 CVE-2018-1000893 Bitcoinsv Resource Exhaustion vulnerability in Bitcoinsv Bitcoin SV

Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when deserializing transactions.

5.0
2020-12-23 CVE-2018-1000892 Bitcoinsv Resource Exhaustion vulnerability in Bitcoinsv Bitcoin SV

Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving sendheaders messages.

5.0
2020-12-23 CVE-2018-1000891 Bitcoinsv Resource Exhaustion vulnerability in Bitcoinsv Bitcoin SV

Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving messages with invalid checksums.

5.0
2020-12-23 CVE-2020-35587 Mersive Unspecified vulnerability in Mersive Solstice Firmware

** DISPUTED ** In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled.

5.0
2020-12-23 CVE-2020-29550 Urve Cleartext Storage of Sensitive Information vulnerability in Urve 24.03.2020

An issue was discovered in URVE Build 24.03.2020.

5.0
2020-12-23 CVE-2020-35586 Mersive Improper Restriction of Excessive Authentication Attempts vulnerability in Mersive Solstice POD Firmware

In Solstice Pod before 3.3.0 (or Open4.3), the Administrator password can be enumerated using brute-force attacks via the /Config/service/initModel?password= Solstice Open Control API because there is no complexity requirement (e.g., it might be all digits or all lowercase letters).

5.0
2020-12-23 CVE-2020-35585 Mersive Improper Restriction of Excessive Authentication Attempts vulnerability in Mersive Solstice POD Firmware

In Solstice Pod before 3.3.0 (or Open4.3), the screen key can be enumerated using brute-force attacks via the /lookin/info Solstice Open Control API because there are only 1.7 million possibilities.

5.0
2020-12-23 CVE-2020-25196 Moxa Improper Restriction of Excessive Authentication Attempts vulnerability in Moxa Nport Iaw5000A-I/O Firmware

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows SSH/Telnet sessions, which may be vulnerable to brute force attacks to bypass authentication.

5.0
2020-12-23 CVE-2020-25192 Moxa Information Exposure vulnerability in Moxa Nport Iaw5000A-I/O Firmware

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower allows sensitive information to be displayed without proper authorization.

5.0
2020-12-23 CVE-2020-25190 Moxa Cleartext Transmission of Sensitive Information vulnerability in Moxa Nport Iaw5000A-I/O Firmware

The built-in WEB server for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower stores and transmits the credentials of third-party services in cleartext.

5.0
2020-12-23 CVE-2020-25153 Moxa Weak Password Requirements vulnerability in Moxa Nport Iaw5000A-I/O Firmware

The built-in web service for MOXA NPort IAW5000A-I/O firmware version 2.1 or lower does not require users to have strong passwords.

5.0
2020-12-23 CVE-2020-35658 Spamtitan Missing Encryption of Sensitive Data vulnerability in Spamtitan

SpamTitan before 7.09 allows attackers to tamper with backups, because backups are not encrypted.

5.0
2020-12-22 CVE-2020-27336 Treck Out-Of-Bounds Read vulnerability in Treck Ipv6

An issue was discovered in Treck IPv6 before 6.0.1.68.

5.0
2020-12-22 CVE-2020-14270 Hcltech Information Exposure Through AN Error Message vulnerability in Hcltech Domino

HCL Domino v9, v10, v11 is susceptible to an Information Disclosure vulnerability in XPages due to improper error handling of user input.

5.0
2020-12-21 CVE-2020-35624 Mediawiki Information Exposure Through Discrepancy vulnerability in Mediawiki

An issue was discovered in the SecurePoll extension for MediaWiki through 1.35.1.

5.0
2020-12-21 CVE-2020-35623 Mediawiki Insufficiently Protected Credentials vulnerability in Mediawiki

An issue was discovered in the CasAuth extension for MediaWiki through 1.35.1.

5.0
2020-12-21 CVE-2020-8995 Bilanc USE of Hard-Coded Credentials vulnerability in Bilanc 01431.01.2020

Programi Bilanc Build 007 Release 014 31.01.2020 supplies a .exe file containing several hardcoded credentials to different servers that allow remote attackers to gain access to the complete infrastructure including the website, update server, and external issue tracking tools.

5.0
2020-12-21 CVE-2020-29596 Miniweb Http Server Project Classic Buffer Overflow vulnerability in Miniweb Http Server Project Miniweb Http Server 0.8.19

MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial of service (daemon crash) via a long name for the first parameter in a POST request.

5.0
2020-12-21 CVE-2018-7580 Philips Unspecified vulnerability in Philips HUE Firmware

Philips Hue is vulnerable to a Denial of Service attack.

5.0
2020-12-21 CVE-2020-6882 ZTE Insufficiently Protected Credentials vulnerability in ZTE products

ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device.

5.0
2020-12-21 CVE-2020-6881 ZTE Origin Validation Error vulnerability in ZTE products

ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure of the device to verify the validity of abnormal messages.

5.0
2020-12-21 CVE-2020-5808 Tenable Incorrect Permission Assignment for Critical Resource vulnerability in Tenable Tenable.Sc 5.14.0/5.14.1

In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distribution configuration.

5.0
2020-12-21 CVE-2020-4870 IBM Unspecified vulnerability in IBM MQ 9.2.0

IBM MQ 9.2 CD and LTS are vulnerable to a denial of service attack caused by an error processing connecting applications.

5.0
2020-12-21 CVE-2020-27254 Emerson Improper Authentication vulnerability in Emerson products

Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, XEFD, XEXF – all revisions, The affected products are vulnerable to improper authentication for accessing log and backup data, which could allow an attacker with a specially crafted URL to obtain access to sensitive information.

5.0
2020-12-21 CVE-2020-26422 Wireshark Classic Buffer Overflow vulnerability in Wireshark 3.4.0/3.4.1

Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1 allows denial of service via packet injection or crafted capture file

5.0
2020-12-21 CVE-2020-26263 Tlslite NG Project Inadequate Encryption Strength vulnerability in Tlslite-Ng Project Tlslite-Ng

tlslite-ng is an open source python library that implements SSL and TLS cryptographic protocols.

5.0
2020-12-21 CVE-2020-35590 Limitloginattempts Improper Restriction of Excessive Authentication Attempts vulnerability in Limitloginattempts Limit Login Attempts Reloaded

LimitLoginAttempts.php in the limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows a bypass of (per IP address) rate limits because the X-Forwarded-For header can be forged.

5.0
2020-12-22 CVE-2020-27338 Treck Out-Of-Bounds Read vulnerability in Treck Ipv6

An issue was discovered in Treck IPv6 before 6.0.1.68.

4.8
2020-12-27 CVE-2020-8290 Backblaze Improper Privilege Management vulnerability in Backblaze

Backblaze for Windows and Backblaze for macOS before 7.0.0.439 suffer from improper privilege management in `bztransmit` helper due to lack of permission handling and validation before creation of client update directories allowing for local escalation of privilege via rogue client update binary.

4.6
2020-12-24 CVE-2020-9137 Huawei Improper Input Validation vulnerability in Huawei products

There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800,CloudEngine 6800 and CloudEngine 7800.

4.6
2020-12-24 CVE-2020-9119 Huawei Improper Privilege Management vulnerability in Huawei products

There is a privilege escalation vulnerability on some Huawei smart phones due to design defects.

4.6
2020-12-22 CVE-2020-24680 ABB Insufficiently Protected Credentials vulnerability in ABB Symphony Plus Historian and Symphony Plus Operations

In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database.

4.6
2020-12-22 CVE-2020-24676 ABB Improper Privilege Management vulnerability in ABB Symphony + Historian and Symphony + Operations

In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks.

4.6
2020-12-24 CVE-2020-28912 Mariadb Unspecified vulnerability in Mariadb

With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between the client and the server, and getting the ability to run SQL commands on behalf of the connected user.

4.4
2020-12-24 CVE-2020-24658 ARM Out-Of-Bounds Write vulnerability in ARM Compiler

Arm Compiler 5 through 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays.

4.4
2020-12-27 CVE-2020-29250 Cxuu Cross-Site Scripting vulnerability in Cxuu Cxuucms 3.0

CXUUCMS V3 allows XSS via the first and third input fields to /public/admin.php.

4.3
2020-12-27 CVE-2020-29249 Cxuu Cross-Site Scripting vulnerability in Cxuu Cxuucms 3.0

CXUUCMS V3 allows class="layui-input" XSS.

4.3
2020-12-27 CVE-2020-29204 Xuxueli Cross-Site Scripting vulnerability in Xuxueli Xxl-Job 2.2.0

XXL-JOB 2.2.0 allows Stored XSS (in Add User) to bypass the 20-character limit via xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java.

4.3
2020-12-27 CVE-2020-35448 GNU
Netapp
Out-Of-Bounds Write vulnerability in multiple products

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1.

4.3
2020-12-26 CVE-2020-28759 Tengine Project Classic Buffer Overflow vulnerability in Tengine Project Tengine 1.0

** DISPUTED ** The serializer module in OAID Tengine lite-v1.0 has a Buffer Overflow and crash.

4.3
2020-12-26 CVE-2020-35437 Intelliants Cross-Site Scripting vulnerability in Intelliants Subrion CMS 4.2.1

Subrion CMS 4.2.1 is affected by: Cross Site Scripting (XSS) through the avatar[path] parameter in a POST request to the /_core/profile/ URI.

4.3
2020-12-26 CVE-2020-35347 Cxuu Cross-Site Request Forgery (CSRF) vulnerability in Cxuu Cxuucms 3.1

CXUUCMS V3 3.1 has a CSRF vulnerability that can add an administrator account via admin.php?c=adminuser&a=add.

4.3
2020-12-26 CVE-2020-20412 Stepmania
Xiph ORG
Improper Validation of Array Index vulnerability in multiple products

lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file.

4.3
2020-12-26 CVE-2020-29385 Gnome
Canonical
Fedoraproject
Infinite Loop vulnerability in multiple products

GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes.

4.3
2020-12-26 CVE-2020-29172 Litespeedtech Cross-Site Scripting vulnerability in Litespeedtech Litespeed Cache

A cross-site scripting (XSS) vulnerability in the LiteSpeed Cache plugin before 3.6.1 for WordPress can be exploited via the Server IP setting.

4.3
2020-12-26 CVE-2020-27515 Techkshetrainfo Cross-Site Scripting vulnerability in Techkshetrainfo Savsoft Quiz 5.0

A Cross Site Scripting (XSS) vulnerability in Savsoft Quiz v5.0 allows remote attackers to inject arbitrary web script or HTML via the Skype ID field.

4.3
2020-12-24 CVE-2020-29247 Wondercms Cross-Site Scripting vulnerability in Wondercms 3.1.3

WonderCMS 3.1.3 is affected by cross-site scripting (XSS) in the Admin Panel.

4.3
2020-12-24 CVE-2020-35659 PI Hole Cross-Site Scripting vulnerability in Pi-Hole

The DNS query log in Pi-hole before 5.2.2 is vulnerable to stored XSS.

4.3
2020-12-24 CVE-2020-27728 F5 Unspecified vulnerability in F5 products

On BIG-IP ASM & Advanced WAF versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.3, under certain conditions, Analytics, Visibility, and Reporting daemon (AVRD) may generate a core file and restart on the BIG-IP system when processing requests sent from mobile devices.

4.3
2020-12-24 CVE-2020-27726 F5 Cross-Site Scripting vulnerability in F5 Big-Ip Access Policy Manager

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.2, a reflected cross-site scripting (XSS) vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system.

4.3
2020-12-24 CVE-2020-27720 F5 Unspecified vulnerability in F5 products

On BIG-IP LTM/CGNAT version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5, when processing NAT66 traffic with Port Block Allocation (PBA) mode and SP-DAG enabled, and dag-ipv6-prefix-len configured with a value less than the default of 128, an undisclosed traffic pattern may cause the Traffic Management Microkernel (TMM) to restart.

4.3
2020-12-24 CVE-2020-27719 F5 Cross-Site Scripting vulnerability in F5 products

On BIG-IP 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.3, a cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility.

4.3
2020-12-24 CVE-2020-27714 F5 Unspecified vulnerability in F5 Big-Ip Advanced Firewall Manager

On the BIG-IP AFM version 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.5, when a Protocol Inspection Profile is attached to a FastL4 virtual server with the protocol field configured to either Other or All Protocols, the TMM may experience a restart if the profile processes non-TCP traffic.

4.3
2020-12-24 CVE-2020-28190 Terra Master Unspecified vulnerability in Terra-Master TOS

TerraMaster TOS <= 4.2.06 was found to check for updates (of both system and applications) via an insecure channel (HTTP).

4.3
2020-12-24 CVE-2020-27721 F5 Unspecified vulnerability in F5 Big-Ip Domain Name System

In versions 16.0.0-16.0.0.1, 15.1.0-15.1.1, 14.1.0-14.1.3, 13.1.0-13.1.3.5, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, in a BIG-IP DNS / BIG-IP LTM GSLB deployment, under certain circumstances, the BIG-IP DNS system may stop using a BIG-IP LTM virtual server for DNS response.

4.3
2020-12-24 CVE-2020-35676 Bigprof Cross-Site Scripting vulnerability in Bigprof Online Invoicing System

BigProf Online Invoicing System before 3.1 fails to correctly sanitize an XSS payload when a user registers using the self-registration functionality.

4.3
2020-12-24 CVE-2020-35669 Dart Unspecified vulnerability in Dart Http

An issue was discovered in the http package through 0.12.2 for Dart.

4.3
2020-12-23 CVE-2020-35252 Egavilanmedia Cross-Site Scripting vulnerability in Egavilanmedia User Registration and Login System With Admin Panel 1.0

Cross Site Scripting (XSS) vulnerability via the 'Full Name' parameter in the User Registration section of User Registration & Login System with Admin Panel 1.0.

4.3
2020-12-23 CVE-2020-13969 CRK Cross-Site Scripting vulnerability in CRK Business Platform

CRK Business Platform <= 2019.1 allows reflected XSS via erro.aspx on 'CRK', 'IDContratante', 'Erro', or 'Mod' parameter.

4.3
2020-12-23 CVE-2020-9439 Uncannyowl Cross-Site Scripting vulnerability in Uncannyowl TIN Canny Reporting for Learndash

Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Owl Tin Canny LearnDash Reporting before 3.4.4 allows authenticated remote attackers to inject arbitrary web script or HTML via the search_key GET Parameter in TinCan_Content_List_Table.php, message GET Parameter in licensing.php, tc_filter_group parameter in reporting-admin-menu.php, tc_filter_user parameter in reporting-admin-menu.php, tc_filter_course parameter in reporting-admin-menu.php, tc_filter_lesson parameter in reporting-admin-menu.php, tc_filter_module parameter in reporting-admin-menu.php, tc_filter_action parameter in reporting-admin-menu.php, tc_filter_data_range parameter in reporting-admin-menu.php, or tc_filter_data_range_last parameter in reporting-admin-menu.php.

4.3
2020-12-23 CVE-2020-6159 Opera Cross-Site Scripting vulnerability in Opera 52.1.2517.139570/54.0.2669.49432

URLs using “javascript:” have the protocol removed when pasted into the address bar to protect users from cross-site scripting (XSS) attacks, but in certain circumstances this removal was not performed.

4.3
2020-12-23 CVE-2020-35650 Uncannyowl Cross-Site Scripting vulnerability in Uncannyowl Uncanny Groups for Learndash

Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Groups for LearnDash before v3.7 allow authenticated remote attackers to inject arbitrary JavaScript or HTML via the ulgm_code_redeem POST Parameter in user-code-redemption.php, the ulgm_user_first POST Parameter in user-registration-form.php, the ulgm_user_last POST Parameter in user-registration-form.php, the ulgm_user_email POST Parameter in user-registration-form.php, the ulgm_code_registration POST Parameter in user-registration-form.php, the ulgm_terms_conditions POST Parameter in user-registration-form.php, the _ulgm_total_seats POST Parameter in frontend-uo_groups_buy_courses.php, the uncanny_group_signup_user_first POST Parameter in group-registration-form.php, the uncanny_group_signup_user_last POST Parameter in group-registration-form.php, the uncanny_group_signup_user_login POST Parameter in group-registration-form.php, the uncanny_group_signup_user_email POST Parameter in group-registration-form.php, the success-invited GET Parameter in frontend-uo_groups.php, the bulk-errors GET Parameter in frontend-uo_groups.php, or the message GET Parameter in frontend-uo_groups.php.

4.3
2020-12-23 CVE-2020-35584 Mersive Unspecified vulnerability in Mersive Solstice POD Firmware

In Solstice Pod before 3.0.3, the web services allow users to connect to them over unencrypted channels via the Browser Look-in feature.

4.3
2020-12-22 CVE-2018-15634 Odoo Cross-Site Scripting vulnerability in Odoo

Cross-site scripting (XSS) issue in attachment management in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via a crafted link.

4.3
2020-12-22 CVE-2018-15633 Odoo Cross-Site Scripting vulnerability in Odoo 10.0/11.0/8.0

Cross-site scripting (XSS) issue in "document" module in Odoo Community 11.0 and earlier and Odoo Enterprise 11.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted attachment filenames.

4.3
2020-12-21 CVE-2020-35622 Mediawiki Cross-Site Scripting vulnerability in Mediawiki

An issue was discovered in the GlobalUsage extension for MediaWiki through 1.35.1.

4.3
2020-12-21 CVE-2020-4841 IBM Information Exposure vulnerability in IBM Security Secret Server 10.6

IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.

4.3
2020-12-21 CVE-2020-14225 Hcltech
Hcltechsw
HCL iNotes is susceptible to a Tabnabbing vulnerability caused by improper sanitization of message content.
4.3
2020-12-21 CVE-2020-26049 Niftypm Injection vulnerability in Niftypm Nifty-Pm Cpe2.3

Nifty-PM CPE 2.3 is affected by stored HTML injection.

4.3
2020-12-25 CVE-2020-35709 Bloofox Path Traversal vulnerability in Bloofox Bloofoxcms 0.5.2.1

bloofoxCMS 0.5.2.1 allows admins to upload arbitrary .php files (with "Content-Type: application/octet-stream") to ../media/images/ via the admin/index.php?mode=tools&page=upload URI, aka directory traversal.

4.0
2020-12-24 CVE-2020-27727 F5 Improper Input Validation vulnerability in F5 products

On BIG-IP version 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, and 13.1.0-13.1.3.4, when an authenticated administrative user installs RPMs using the iAppsLX REST installer, the BIG-IP system does not sufficiently validate user input, allowing the user read access to the filesystem.

4.0
2020-12-24 CVE-2020-27724 F5 Resource Exhaustion vulnerability in F5 Big-Ip Access Policy Manager

In BIG-IP APM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, on systems running more than one TMM instance, authenticated VPN users may consume excessive resources by sending specially-crafted malicious traffic over the tunnel.

4.0
2020-12-24 CVE-2020-2499 Qnap USE of Hard-Coded Credentials vulnerability in Qnap QES 2.1.1

A hard-coded password vulnerability has been reported to affect earlier versions of QES.

4.0
2020-12-22 CVE-2019-11786 Odoo Incorrect Permission Assignment for Critical Resource vulnerability in Odoo

Improper access control in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote authenticated users to modify translated terms, which may lead to arbitrary content modification on translatable elements.

4.0
2020-12-22 CVE-2019-11785 Odoo Exposure of Resource TO Wrong Sphere vulnerability in Odoo

Improper access control in mail module (followers) in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote authenticated users to obtain access to messages posted on business records there were not given access to, and subscribe to receive future messages.

4.0
2020-12-22 CVE-2019-11784 Odoo Exposure of Resource TO Wrong Sphere vulnerability in Odoo

Improper access control in mail module (notifications) in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote authenticated users to obtain access to arbitrary messages in conversations they were not a party to.

4.0
2020-12-22 CVE-2019-11783 Odoo Incorrect Permission Assignment for Critical Resource vulnerability in Odoo

Improper access control in mail module (channel partners) in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote authenticated users to subscribe to arbitrary mail channels uninvited.

4.0
2020-12-22 CVE-2019-11782 Odoo Improper Input Validation vulnerability in Odoo

Improper access control in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote authenticated users with access to contact management to modify user accounts, leading to privilege escalation.

4.0
2020-12-22 CVE-2018-15645 Odoo Incorrect Permission Assignment for Critical Resource vulnerability in Odoo

Improper access control in message routing in Odoo Community 12.0 and earlier and Odoo Enterprise 12.0 and earlier allows remote authenticated users to create arbitrary records via crafted payloads, which may allow privilege escalation.

4.0
2020-12-21 CVE-2020-26277 Dbdeployer Link Following vulnerability in Dbdeployer

DBdeployer is a tool that deploys MySQL database servers easily.

4.0
2020-12-21 CVE-2020-4843 IBM Cleartext Storage of Sensitive Information vulnerability in IBM Security Secret Server 10.6

IBM Security Secret Server 10.6 stores potentially sensitive information in config files that could be read by an authenticated user.

4.0
2020-12-21 CVE-2020-4842 IBM Information Exposure Through AN Error Message vulnerability in IBM Security Secret Server 10.6

IBM Security Secret Server 10.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser.

4.0
2020-12-21 CVE-2020-35497 Ovirt
Redhat
Information Exposure vulnerability in multiple products

A flaw was found in ovirt-engine 4.4.3 and earlier allowing an authenticated user to read other users' personal information, including name, email and public SSH key.

4.0
2020-12-21 CVE-2019-16959 Solarwinds Injection vulnerability in Solarwinds Webhelpdesk 12.7.0

SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known as Formula Injection, via a file attached to a ticket.

4.0
2020-12-21 CVE-2020-29447 Atlassian Unrestricted Upload of File With Dangerous Type vulnerability in Atlassian Crucible

Affected versions of Atlassian Crucible allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the file upload request feature of code reviews.

4.0

26 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2020-12-26 CVE-2020-35349 Techkshetrainfo Cross-Site Scripting vulnerability in Techkshetrainfo Savsoft Quiz 5.0

Savsoft Quiz 5 is affected by: Cross Site Scripting (XSS) via field_title (aka a title on the custom fields page).

3.5
2020-12-26 CVE-2020-35346 Cxuu Cross-Site Scripting vulnerability in Cxuu Cxuucms 3.1

CXUUCMS V3 3.1 is affected by a reflected XSS vulnerability that allows remote attackers to inject arbitrary web script or HTML via the imgurl parameter of admin.php?c=content&a=add.

3.5
2020-12-25 CVE-2020-35707 Daybydaycrm Cross-Site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0

Daybyday 2.1.0 allows stored XSS via the Company Name parameter to the New Client screen.

3.5
2020-12-25 CVE-2020-35706 Daybydaycrm Cross-Site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0

Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Project screen.

3.5
2020-12-25 CVE-2020-35705 Daybydaycrm Cross-Site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0

Daybyday 2.1.0 allows stored XSS via the Name parameter to the New User screen.

3.5
2020-12-25 CVE-2020-35704 Daybydaycrm Cross-Site Scripting vulnerability in Daybydaycrm Daybyday 2.1.0

Daybyday 2.1.0 allows stored XSS via the Title parameter to the New Lead screen.

3.5
2020-12-24 CVE-2020-27722 F5 Resource Exhaustion vulnerability in F5 Big-Ip Access Policy Manager

In BIG-IP APM versions 15.0.0-15.0.1.3, 14.1.0-14.1.3, and 13.1.0-13.1.3.4, under certain conditions, the VDI plugin does not observe plugin flow-control protocol causing excessive resource consumption.

3.5
2020-12-24 CVE-2020-28184 Terra Master Cross-Site Scripting vulnerability in Terra-Master TOS

Cross-site scripting (XSS) vulnerability in TerraMaster TOS <= 4.2.06 allows remote authenticated users to inject arbitrary web script or HTML via the mod parameter to /module/index.php.

3.5
2020-12-24 CVE-2020-27725 F5 Missing Release of Resource After Effective Lifetime vulnerability in F5 Big-Ip Domain Name System

In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 of BIG-IP DNS, GTM, and Link Controller, zxfrd leaks memory when listing DNS zones.

3.5
2020-12-24 CVE-2020-35677 Bigprof Cross-Site Scripting vulnerability in Bigprof Online Invoicing System

BigProf Online Invoicing System before 4.0 fails to adequately sanitize fields for HTML characters upon an administrator using admin/pageEditGroup.php to create a new group, resulting in Stored XSS.

3.5
2020-12-24 CVE-2020-2503 Qnap Cross-Site Scripting vulnerability in Qnap QES 2.1.1

If exploited, this stored cross-site scripting vulnerability could allow remote attackers to inject malicious code in File Station.

3.5
2020-12-23 CVE-2020-28071 Alumni Management System Project Cross-Site Scripting vulnerability in Alumni Management System Project Alumni Management System 1.0

SourceCodester Alumni Management System 1.0 is affected by cross-site Scripting (XSS) in /admin/gallery.php.

3.5
2020-12-22 CVE-2018-15641 Odoo Cross-Site Scripting vulnerability in Odoo

Cross-site scripting (XSS) issue in web module in Odoo Community 11.0 through 14.0 and Odoo Enterprise 11.0 through 14.0, allows remote authenticated internal users to inject arbitrary web script in the browser of a victim via crafted calendar event attributes.

3.5
2020-12-22 CVE-2018-15638 Odoo Cross-Site Scripting vulnerability in Odoo

Cross-site scripting (XSS) issue in mail module in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote attackers to inject arbitrary web script in the browser of a victim via crafted channel names.

3.5
2020-12-21 CVE-2020-4757 IBM Cross-Site Scripting vulnerability in IBM Content Navigator 3.0.0

IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is vulnerable to stored cross-site scripting.

3.5
2020-12-21 CVE-2020-17526 Apache Improper Privilege Management vulnerability in Apache Airflow

Incorrect Session Validation in Apache Airflow Webserver versions prior to 1.10.14 with default config allows a malicious airflow user on site A where they log in normally, to access unauthorized Airflow Webserver on Site B through the session from Site A.

3.5
2020-12-21 CVE-2020-35275 Coastercms Cross-Site Scripting vulnerability in Coastercms 5.8.18

Coastercms v5.8.18 is affected by cross-site Scripting (XSS).

3.5
2020-12-21 CVE-2020-35274 Dotcms Cross-Site Scripting vulnerability in Dotcms 20.11

DotCMS Add Template with admin panel 20.11 is affected by cross-site Scripting (XSS) to gain remote privileges.

3.5
2020-12-21 CVE-2020-35589 Limitloginattempts Cross-Site Scripting vulnerability in Limitloginattempts Limit Login Attempts Reloaded

The limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows wp-admin/options-general.php?page=limit-login-attempts&tab= XSS.

3.5
2020-12-24 CVE-2020-9201 Huawei Out-Of-Bounds Read vulnerability in Huawei products

There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9500.

3.3
2020-12-22 CVE-2020-24578 D Link Incorrect Permission Assignment for Critical Resource vulnerability in D-Link Dsl2888A Firmware

An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55.

3.3
2020-12-24 CVE-2020-9202 Huawei Insecure Storage of Sensitive Information vulnerability in Huawei TE Mobile V600R006C10/V600R006C10Spc100

There is an information disclosure vulnerability in TE Mobile software versions V600R006C10,V600R006C10SPC100.

2.1
2020-12-24 CVE-2020-2505 Qnap Information Exposure Through AN Error Message vulnerability in Qnap QES 2.1.1

If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages.

2.1
2020-12-23 CVE-2020-4642 IBM Unspecified vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow local attacker to cause a denial of service inside the "DB2 Management Service".

2.1
2020-12-22 CVE-2020-35609 Microsoft Injection vulnerability in Microsoft Azure Sphere 20.05

A denial-of-service vulnerability exists in the asynchronous ioctl functionality of Microsoft Azure Sphere 20.05.

2.1
2020-12-21 CVE-2020-3999 Vmware Null Pointer Dereference vulnerability in VMWare Esxi, Fusion and Workstation

VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo.

2.1