HSC 2019 : Un taux de réussite de 74,95% pour la République de Maurice

GIS – 07 février 2020 : Le taux de réussite au niveau du Cambridge Higher School Certificate (HSC) pour la République de Maurice s’élève cette année à 74,95%, représentant ainsi une légère hausse en comparaison à 74,90% pour l’année 2018. Au total, 8 975 candidats ont pris part aux examens du HSC en 2019, soit 8 657 pour Maurice et 318 pour Rodrigues.

 
Ce matin, le Premier ministre, ministre de la Défense, de l’intérieur, et des Communications extérieures, ministre de Rodrigues, des Iles éparses et de l’Intégrité territoriale, M. Pravind Kumar Jugnauth, a procédé à la cérémonie de signature de la liste des lauréats du HSC pour la cuvée 2019 au bâtiment du Trésor à Port-Louis.
 
Le nombre de lauréats par école est comme suit :
  • Collège royal de Port Louis – 9 ;
  • Collège Queen Elizabeth – 7 ;
  • Collège royal de Curepipe – 6 ;
  • Collège d’Etat Dr Maurice Curé – 6 ;
  • Ecole secondaire Rabindranath Tagore – 3 ;
  • Collège d’Etat Droopnath Ramphul – 2 ;
  • Institut Mahatma Gandhi de Moka – 2 ;
  • Collège d’Etat G.M.B Atchia – 2 ;
  • Collège Du Saint Esprit – 2 ;
  • Collège Lorette de Quatre Bornes – 1 ;
  • Collège Moderne – 1 ; et
  • Collège de Rodrigues – 4.
 
Le gouvernement offre chaque année 68 bourses à ceux ayant excellé aux examens du HSC. Une bourse est également offerte par la Mauritius Commercial Bank (MCB) dans le cadre de la MCB Foundation Scholarship. De ses 69 bourses, 45 sont offertes en prenant en compte uniquement la performance.
 
En outre, 24 bourses supplémentaires sont attribuées en se basant sur des critères académiques et sociaux. La liste des 24 bénéficiaires sera proclamée après un exercice de sélection mené par le ministère de l’Education, de l’Enseignement supérieur, des Sciences et de la Technologie, et celui de l’Intégration sociale, de la Sécurité sociale et de la Solidarité Nationale.
 
 

Government Information Service, Prime Minister’s Office, Level 6, New Government Centre, Port Louis, Mauritius. Email: gis@govmu.org  Website: http://gis.govmu.org  Mobile App: Search Gov

Permis de morcellement : réaliser les démarches en ligne

GIS – – 07 février 2020 : Le Morcellement Permit Process, intégré au National E-Licensing System (NELS), a été lancé hier lors d’une cérémonie au Shri Atal Bihari Vajpayee Tower à Ebène. Ainsi, les personnes désirant morceler un terrain pourront entreprendre les démarches en ligne sur la plateforme du NELS.

 
Le NELS, une mesure budgétaire 2016/17, vise à améliorer le climat des affaires et de l’investissement et faciliter la création d’entreprises à Maurice. Ce système est une plateforme unique pour faire une demande de permis et s’acquitter des frais en ligne. Il est mis en œuvre par l’Economic Development Board (EDB) et cofinancé par l’Union européenne (UE).
 
Lors du lancement, le ministre des Finances, de la Planification et du Développement économiques, Dr Renganaden Padayachy, a fait ressortir que la croissance économique est cruciale pour aider Maurice à réaliser ses ambitions. Le NELS, a-t-il déclaré, joue un rôle important pour aider le pays à maintenir sa trajectoire économique et à améliorer son classement dans le rapport Ease of Doing Business de la Banque mondiale.
 
Le ministre du Logement et de l’Aménagement du Territoire, M. Louis Steven Obeegadoo, a, pour sa part, souligné que le processus pour l’obtention d’autorisation et de permis d’aménagement du territoire est perçu comme étant très difficile, long et complexe, d’où la nécessité de réformes. Le NELS fait ainsi partie du programme de réforme du gouvernement pour améliorer le climat des affaires et de l’investissement à Maurice, a-t-il ajouté.
 
En ce qu’il s’agit du système de permis électroniques, le ministre a indiqué que les démarches et les paiements pour un Morcellement Permit se feront en ligne sur une base 24/7. Les citoyens pourront faire le suivi de leur demande en ligne et communiquer avec la Morcellement Unit par le biais du NELS. De plus, un service d’assistance a été mis sur pied au niveau de la Morcellement Unit du ministère du Logement et de l’Aménagement du Territoire pour aider les personnes qui veulent déposer leur dossier en ligne.
 

Government Information Service, Prime Minister’s Office, Level 6, New Government Centre, Port Louis, Mauritius. Email: gis@govmu.org  Website: http://gis.govmu.org  Mobile App: Search Gov

Vulnerability Summary for the Week of January 27, 2020

Original release date: February 3, 2020

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
adobe — illustrator_cc
 
Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. 2020-01-29 9.3 CVE-2020-3714
CONFIRM
adobe — illustrator_cc
 
Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. 2020-01-29 9.3 CVE-2020-3713
CONFIRM
adobe — illustrator_cc
 
Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. 2020-01-29 9.3 CVE-2020-3712
CONFIRM
adobe — illustrator_cc
 
Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. 2020-01-29 9.3 CVE-2020-3711
CONFIRM
adobe — illustrator_cc
 
Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. 2020-01-29 9.3 CVE-2020-3710
CONFIRM
alienvault — ossim
 
OSSIM before 4.3.3.1 has tele_compress.php path traversal vulnerability 2020-01-27 7.8 CVE-2013-6056
MISC
amd — atidxx64.dll_driver An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.50005. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. 2020-01-25 7.8 CVE-2019-5124
MISC
amd — atidxx64.dll_driver
 
An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. 2020-01-25 7.8 CVE-2019-5146
MISC
amd — atidxx64.dll_driver
 
An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13003.1007. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. 2020-01-25 7.8 CVE-2019-5147
MISC
apache — spamassassin
 
A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious Configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and attempts to exploit the issue will throw warnings. Thanks to Damian Lukowski at credativ for reporting the issue ethically. With this bug unpatched, exploits can be injected in a number of scenarios though doing so remotely is difficult. In addition to upgrading to SA 3.4.4, we again recommend that users should only use update channels or 3rd party .cf files from trusted places. 2020-01-30 9.3 CVE-2020-1931
CONFIRM
BUGTRAQ
DEBIAN
apache — spamassassin
 
A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injected in a number of scenarios including the same privileges as spamd is run which may be elevated though doing so remotely is difficult. In addition to upgrading to SA 3.4.4, we again recommend that users should only use update channels or 3rd party .cf files from trusted places. If you cannot upgrade, do not use 3rd party rulesets, do not use sa-compile and do not run spamd as an account with elevated privileges. 2020-01-30 9.3 CVE-2020-1930
CONFIRM
MLIST
BUGTRAQ
DEBIAN
asus — rt-n56u_devices
 
ASUS RT-N56U devices allow CSRF. 2020-01-28 9.3 CVE-2013-3093
MISC
avast — secure_browser
 
A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe (which is running as NT AUTHORITY\SYSTEM) when AvastSecureBrowser.exe checks for new updates. When the update check is triggered, the elevated process cleans the ACL of the Update.ini file in %PROGRAMDATA%\Avast Software\Browser\Update\ and sets all privileges to group Everyone. Because any low-privileged user can create, delete, or modify the Update.ini file stored in this location, an attacker with low privileges can create a hard link named Update.ini in this folder, and make it point to a file writable by NT AUTHORITY\SYSTEM. Once AvastBrowserUpdate.exe is triggered by the update check functionality, the DACL is set to a misconfigured value on the crafted Update.ini and, consequently, to the target file that was previously not writable by the low-privileged attacker. 2020-01-27 7.2 CVE-2019-17190
MISC
bitdefender — bitdefender_box_2
 
A command injection vulnerability has been discovered in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method `/api/download_image` unsafely handles the production firmware URL supplied by remote servers, leading to arbitrary execution of system commands. In order to exploit the condition, an unauthenticated attacker should impersonate a infrastructure server to trigger this vulnerability. 2020-01-27 10 CVE-2019-17095
ETC
CONFIRM
ETC
bitdefender — bitdefender_box_2
 
A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command. 2020-01-27 9.3 CVE-2019-17096
CONFIRM
cisco — sd-wan_solution
 
A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in the affected solution. An attacker could exploit this vulnerability by configuring a malicious username on the login page of the affected solution. A successful exploit could allow the attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. 2020-01-26 9 CVE-2019-12629
CISCO
cisco — sd-wan_solution_vmanage
 
A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted file to the affected system. An exploit could allow the attacker to elevate privileges to root-level privileges. 2020-01-26 7.2 CVE-2020-3115
CISCO
cisco — small_business_switches
 
A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web interface of an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. This vulnerability affects firmware releases prior than 1.3.7.18 2020-01-30 7.8 CVE-2020-3147
CISCO
cisco — webex_video_mesh
 
A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an authenticated, remote attacker to execute arbitrary commands on the affected system. The vulnerability is due to improper validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by logging in to the web-based management interface with administrative privileges and supplying crafted requests to the application. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges on a targeted node. 2020-01-26 9 CVE-2019-16005
CISCO
core_security — vivotek_ip_cameras
 
A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code. 2020-01-24 9 CVE-2013-1598
MISC
MISC
MISC
MISC
MISC
core_security — vivotek_pt7135_ip_camera
 
A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial of Service. 2020-01-24 7.5 CVE-2013-1595
MISC
MISC
MISC
MISC
MISC
d-link — dir-859_devices
 
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because REMOTE_PORT is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters. 2020-01-29 10 CVE-2019-20216
MISC
MISC
CONFIRM
d-link — dir-859_devices
 
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because HTTP_ST is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters. 2020-01-29 10 CVE-2019-20215
MISC
CONFIRM
d-link — dir-859_devices
 
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because SERVER_ID is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters. 2020-01-29 10 CVE-2019-20217
MISC
MISC
CONFIRM
d-link — dsr-250n_devices
 
D-Link DSR-250N devices with firmware 1.05B73_WW allow Persistent Root Access because of the admin password for the admin account. 2020-01-25 9 CVE-2012-6613
EXPLOIT-DB
dolibarr — dolibarr
 
The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts. 2020-01-26 10 CVE-2020-7995
MISC
MISC
exiv2 — exiv2
 
In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. 2020-01-27 7.1 CVE-2019-20421
MISC
MISC
fudforum — fudforum_bulletin_board
 
PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system. 2020-01-27 9 CVE-2013-2267
BID
XF
geocoder — geocoder
 
sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when within_bounding_box is used in conjunction with untrusted sw_lat, sw_lng, ne_lat, or ne_lng data. 2020-01-25 7.5 CVE-2020-7981
MISC
MISC
gitlab — gitlab_community_and_enterprise_edition
 
A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF where the library is utilized. 2020-01-28 7.5 CVE-2019-5464
MISC
MISC
MISC
gitlab — gitlab_community_and_enterprise_edition
 
Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user’s account. 2020-01-28 7.5 CVE-2019-15585
MISC
MISC
git — git
 
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka ‘Git for Visual Studio Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387. 2020-01-24 9.3 CVE-2019-1352
SUSE
REDHAT
MISC
MISC
git — git
 
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka ‘Git for Visual Studio Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387. 2020-01-24 9.3 CVE-2019-1354
SUSE
MISC
MISC
git — git
 
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka ‘Git for Visual Studio Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. 2020-01-24 9.3 CVE-2019-1349
SUSE
REDHAT
MISC
MISC
git — git
 
A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka ‘Git for Visual Studio Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. 2020-01-24 9.3 CVE-2019-1350
SUSE
MISC
MISC
gnu — gnu_coreutils
 
Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings. 2020-01-24 7.5 CVE-2015-4042
MISC
MISC
handsomeweb — sos_webpages
 
backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash. 2020-01-28 7.5 CVE-2014-3445
MISC
MISC
MISC
MISC
MISC
huawei — e587_3g_mobile_hotspot
 
Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI. 2020-01-27 10 CVE-2013-2612
XF
BID
i_read_it_somewhere — i_read_it_somewhere
 
IRIS citations management tool through 1.3 allows remote attackers to execute arbitrary commands. 2020-01-25 7.5 CVE-2013-1744
MISC
intellian_technologies — aptus
 
The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account. 2020-01-27 10 CVE-2020-8001
MISC
intellian_technologies — aptus_web
 
Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account. 2020-01-27 10 CVE-2020-8000
MISC
intellian_technologies — aptus_web
 
Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed. 2020-01-25 10 CVE-2020-7980
MISC
MISC
MISC
intellian — aptus
 
The Intellian Aptus application 1.0.2 for Android has hardcoded values for DOWNLOAD_API_KEY and FILE_DOWNLOAD_API_KEY. 2020-01-27 7.5 CVE-2020-7999
MISC
irfanview — flashpix_plugin
 
IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow Vulnerability 2020-01-27 9.3 CVE-2013-3486
MISC
MISC
isof — isof
 
All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. Every exported method used by the package uses the exec function to parse user input. 2020-01-29 7.5 CVE-2019-10783
MISC
jenkins — jenkins
 
Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents. 2020-01-29 7.5 CVE-2020-2099
MLIST
CONFIRM
koha — koha
 
SQL injection vulnerability in the MARC framework import/export function (admin/import_export_framework.pl) in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be leveraged by remote attackers using CVE-2014-1924. 2020-01-24 7.5 CVE-2014-1925
MISC
MISC
MISC
MISC
koha — koha
 
The MARC framework import/export function (admin/import_export_framework.pl) in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 does not require authentication, which allows remote attackers to conduct SQL injection attacks via unspecified vectors. 2020-01-24 7.5 CVE-2014-1924
MISC
MISC
MISC
MISC
lexmark — markvision_enterprise
 
Directory traversal vulnerability in the ReportDownloadServlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to read arbitrary files via unspecified vectors. 2020-01-27 7.8 CVE-2014-8742
CONFIRM
MISC
lexmark — markvision_enterprise
 
Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to write to arbitrary files via unspecified vectors. 2020-01-27 10 CVE-2014-8741
CONFIRM
MISC
lorex_technology — lnc116_and_lnc104_ip_cameras
 
Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication Bypass Vulnerability 2020-01-24 7.5 CVE-2012-6451
MISC
MISC
lustre — lustre
 
In the Lustre file system before 2.12.3, mdt_object_remote in the mdt module has a NULL pointer dereference and panic due to the lack of validation for specific fields of packets sent by a client. 2020-01-27 7.8 CVE-2019-20424
MISC
MISC
MISC
MISC
lustre — lustre
 
In the Lustre file system before 2.12.3, the mdt module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. mdt_file_secctx_unpack does not validate the value of name_size derived from req_capsule_get_size. 2020-01-27 7.8 CVE-2019-20432
MISC
MISC
MISC
MISC
lustre — lustre
 
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustre_msg_string, there is no validation of a certain length value derived from lustre_msg_buflen_v2. 2020-01-27 7.8 CVE-2019-20425
MISC
MISC
MISC
MISC
lustre — lustre
 
In the Lustre file system before 2.12.3, the mdt module has an LBUG panic (via a large MDT Body eadatasize field) due to the lack of validation for specific fields of packets sent by a client. 2020-01-27 7.8 CVE-2019-20430
MISC
MISC
MISC
MISC
lustre — lustre
 
In the Lustre file system before 2.12.3, the ptlrpc module has an osd_map_remote_to_local out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. osd_bufs_get in the osd_ldiskfs module does not validate a certain length value. 2020-01-27 7.8 CVE-2019-20431
MISC
MISC
MISC
MISC
lustre — lustre
 
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic (via a modified lm_bufcount field) due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between sptlrpc_svc_unwrap_request and lustre_msg_hdr_size_v2. 2020-01-27 7.8 CVE-2019-20429
MISC
MISC
MISC
MISC
lustre — lustre
 
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldl_request_cancel function mishandles a large lock_count parameter. 2020-01-27 7.8 CVE-2019-20428
MISC
MISC
MISC
MISC
lustre — lustre
 
In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlm_cancel_hpreq_check, there is no lock_count bounds check. 2020-01-27 7.8 CVE-2019-20426
MISC
MISC
MISC
MISC
lustre — lustre
 
In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. The function target_handle_connect() mishandles a certain size value when a client connects to a server, because of an integer signedness error. 2020-01-27 7.8 CVE-2019-20423
MISC
MISC
MISC
MISC
lustre — lustre
 
In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between req_capsule_get_size and tgt_brw_write leads to a tgt_shortio2pages integer signedness error. 2020-01-27 9 CVE-2019-20427
MISC
MISC
MISC
MISC
magento — magento
 
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have an sql injection vulnerability. Successful exploitation could lead to sensitive information disclosure. 2020-01-29 7.8 CVE-2020-3719
CONFIRM
magento — magento
 
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution. 2020-01-29 10 CVE-2020-3716
CONFIRM
magento — magento
 
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution. 2020-01-29 10 CVE-2020-3718
CONFIRM
microsoft — visual_studio_code
 
An elevation of privilege vulnerability exists in Visual Studio Code when it exposes a debug listener to users of a local computer, aka ‘Visual Studio Code Elevation of Privilege Vulnerability’. 2020-01-24 7.2 CVE-2019-1414
MISC
netgear — centria_wndr4700_devices
 
NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass. 2020-01-28 7.5 CVE-2013-3071
BID
netgear — wndr4700_media_server_devices
 
NetGear WNDR4700 Media Server devices with firmware 1.0.0.34 allow remote attackers to cause a denial of service (device crash). 2020-01-28 7.8 CVE-2013-3074
BID
netgear — wnr1000v3
 
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key. 2020-01-29 10 CVE-2013-3317
EXPLOIT-DB
netgear — wnr1000v3
 
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a “.jpg”. 2020-01-29 10 CVE-2013-3316
EXPLOIT-DB

opensmtpd — opensmtpd

smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the “uncommented” default configuration. The issue exists because of an incorrect return value upon failure of input validation. 2020-01-29 10 CVE-2020-7247
MISC
MISC
FULLDISC
MISC
CONFIRM
BUGTRAQ
DEBIAN
CERT-VN
CONFIRM
postgresql — postgresql
 
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an error, which triggers the loss of synchronization and part of the protocol message to be treated as a new message, as demonstrated by causing a timeout or query cancellation. 2020-01-27 7.5 CVE-2015-0244
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
red_hat — openshift_origin
 
The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart. 2020-01-28 10 CVE-2013-2060
MISC
MISC
MISC
MISC
ruckus — zoneflex_r500_devices
 
Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat${IFS} substring. 2020-01-29 9 CVE-2020-8438
MISC
soapbox — soapbox
 
Soapbox through 0.3.1: Sandbox bypass – runs a second instance of Soapbox within a sandboxed Soapbox. 2020-01-24 7.2 CVE-2012-6302
MISC
suse — Linux_enterprise_server_11
 
A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to group mailman. This issue affects: SUSE Linux Enterprise Server 11 mailman versions prior to 2.1.15-9.6.15.1. SUSE Linux Enterprise Server 12 mailman versions prior to 2.1.17-3.11.1. openSUSE Leap 15.1 mailman version 2.1.29-lp151.2.14 and prior versions. 2020-01-24 7.2 CVE-2019-3693
SUSE
CONFIRM
suse — linux_enterprise_server_11
 
The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions. 2020-01-24 7.2 CVE-2019-3692
CONFIRM
suse — opensuse
 
UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. This issue affects: openSUSE Leap 15.1 gnump3d version 3.0-lp151.2.1 and prior versions. 2020-01-24 7.2 CVE-2019-3697
CONFIRM
suse — opensuse_factory
 
A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Factory munin version 2.0.49-4.2 and prior versions. openSUSE Leap 15.1 munin version 2.0.40-lp151.1.1 and prior versions. 2020-01-24 7.2 CVE-2019-3694
CONFIRM
synacor — zimbra_collaboration
 
Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS. 2020-01-27 7.5 CVE-2014-8563
CONFIRM
CONFIRM
tp-link — tp-link_ip_cameras
 
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code. 2020-01-29 10 CVE-2013-2573
MISC
MISC
MISC
MISC
MISC
vtiger — vtiger_crm
 
vtiger CRM 5.4.0 and earlier contain an Authentication Bypass Vulnerability due to improper authentication validation in the validateSession function. 2020-01-29 7.5 CVE-2013-3215
BID
XF
vtiger — vtiger_crm
 
vtiger CRM 5.4.0 and earlier contain a PHP Code Injection Vulnerability in ‘vtigerolservice.php’. 2020-01-28 7.5 CVE-2013-3214
EXPLOIT-DB
BID
XF
webcalendar_project — webcalendar
 
install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter. 2020-01-27 7.5 CVE-2012-1495
MISC
MISC
MISC
MISC
xnview — xnview
 
XnView 2.03 has an integer overflow vulnerability 2020-01-27 7.5 CVE-2013-3493
MISC
xnview — xnview
 
XnView 2.03 has a stack-based buffer overflow vulnerability 2020-01-27 7.5 CVE-2013-3492
MISC
zavio — zavio_ip_cameras
 
A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code. 2020-01-29 10 CVE-2013-2568
MISC
MISC
MISC
MISC
MISC
zavio — zavio_ip_cameras
 
A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code. 2020-01-29 7.5 CVE-2013-2570
MISC
MISC
MISC
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
3s-smart_software_solutions — codesys_control_and_gateway_and_hmi
 
CODESYS Control V3, Gateway V3, and HMI V3 before 3.5.15.30 allow uncontrolled memory allocation which can result in a remote denial of service condition. 2020-01-24 4 CVE-2020-7052
CONFIRM
MISC
N/A — N/A
 
Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries. 2020-01-28 6.8 CVE-2015-8011
MISC
MISC
MISC
N/A — N/A
 
svg.swf in TYPO3 6.2.0 to 6.2.38 ELTS and 7.0.0 to 7.1.0 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system. This may be at a contrib/websvg/svg.swf pathname. 2020-01-27 4.3 CVE-2020-8091
MISC
MISC
N/A — N/A
 
BearFTP before 0.2.0 allows remote attackers to achieve denial of service via a large volume of connections to the PASV mode port. 2020-01-29 5 CVE-2020-8416
CONFIRM
CONFIRM
CONFIRM
MISC
N/A — N/A
 
Cross-site scripting (XSS) vulnerability in TennisConnect COMPONENTS 9.927 allows remote attackers to inject arbitrary web script or HTML via the pid parameter to index.cfm. 2020-01-28 4.3 CVE-2014-8490
MISC
MISC
N/A — secure_entry_server
 
Secure Entry Server before 4.7.0 contains a URI Redirection vulnerability which could allow remote attackers to conduct phishing attacks due to HSP_AbsoluteRedirects being disabled by default. 2020-01-28 5.8 CVE-2013-2764
BID
XF
adive — adive
 
Adive Framework 2.0.8 has admin/config CSRF to change the Administrator password. 2020-01-26 6.8 CVE-2020-7991
MISC
MISC
MISC
adive — adive_framework
 
Adive Framework 2.0.8 has admin/user/add userName XSS. 2020-01-26 4.3 CVE-2020-7990
MISC
MISC
adive — adive_framework
 
Adive Framework 2.0.8 has admin/user/add userUsername XSS. 2020-01-26 4.3 CVE-2020-7989
MISC
MISC
amazon — aws_xms
 
Directory traversal vulnerability in AWS XMS 2.5 allows remote attackers to view arbitrary files via the ‘what’ parameter. 2020-01-27 5 CVE-2013-2474
EXPLOIT-DB
BID
XF

amd — atidxx64.dll_driver

An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. A specially crafted pixel shader can cause a type confusion issue, leading to potential code execution. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. 2020-01-25 6.8 CVE-2019-5183
MISC
angular_expressions — angular_expressions
 
Angular Expressions before version 1.0.1 has a remote code execution vulnerability if you call expressions.compile(userControlledInput) where userControlledInput is text that comes from user input. If running angular-expressions in the browser, an attacker could run any browser script when the application code calls expressions.compile(userControlledInput). If running angular-expressions on the server, an attacker could run any Javascript expression, thus gaining Remote Code Execution. 2020-01-24 6.8 CVE-2020-5219
MISC
MISC
CONFIRM
apache — nifi
 
A XSS vulnerability was found in Apache NiFi 1.0.0 to 1.10.0. Malicious scripts could be injected to the UI through action by an unaware authenticated user in Firefox. Did not appear to occur in other browsers. 2020-01-28 4.3 CVE-2020-1933
CONFIRM
apache — nifi
 
An information disclosure vulnerability was found in Apache NiFi 1.10.0. The sensitive parameter parser would log parsed values for debugging purposes. This would expose literal values entered in a sensitive property when no parameter was present. 2020-01-28 5 CVE-2020-1928
CONFIRM
apache — superset
 
An information disclosure issue was found in Apache Superset 0.34.0, 0.34.1, 0.35.0, and 0.35.1. Authenticated Apache Superset users are able to retrieve other users’ information, including hashed passwords, by accessing an unused and undocumented API endpoint on Apache Superset. 2020-01-28 4 CVE-2020-1932
MISC
asus — wrt-ac66u_3_rt_devices
 
ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the Client Name field to the Parental Control feature. 2020-01-28 4.3 CVE-2020-7997
MISC
big_switch_networks — big_monitoring_fabric
 
An issue was discovered in Big Switch Big Monitoring Fabric 6.2 through 6.2.4, 6.3 through 6.3.9, 7.0 through 7.0.3, and 7.1 through 7.1.3; Big Cloud Fabric 4.5 through 4.5.5, 4.7 through 4.7.7, 5.0 through 5.0.1, and 5.1 through 5.1.4; and Multi-Cloud Director through 1.1.0. An unauthenticated attacker may inject stored arbitrary JavaScript (XSS), and execute it in the content of authenticated administrators. 2020-01-24 4.3 CVE-2019-19632
MISC
MISC
bitdefender — epsecurityservice.exe
 
An Untrusted Search Path vulnerability in EPSecurityService.exe as used in Bitdefender Endpoint Security Tools versions prior to 6.6.11.163 allows an attacker to load an arbitrary DLL file from the search path. This issue affects: Bitdefender EPSecurityService.exe versions prior to 6.6.11.163. 2020-01-27 4.4 CVE-2019-17099
CONFIRM
bytemark — symbiosis
 
Bytemark Symbiosis allows remote attackers to cause a denial of service via a crafted username, which triggers the firewall to blacklist the IP. 2020-01-27 5 CVE-2014-3979
MISC
MISC
MISC
chamilo — chamilo
 
Chamilo 1.9.4 has XSS due to improper validation of user-supplied input by the chat.php script. 2020-01-30 4.3 CVE-2013-0739
MISC
MISC
chamilo — chamilo
 
Chamilo 1.9.4 has Multiple XSS and HTML Injection Vulnerabilities: blog.php and announcements.php. 2020-01-30 4.3 CVE-2013-0738
MISC
MISC
cisco — application_policy_infrastructure_controller
 
A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could allow an unauthenticated, remote attacker to bypass configured deny entries for specific IP ports. These IP ports would be permitted to the OOB management interface when, in fact, the packets should be dropped. The vulnerability is due to the configuration of specific IP table entries for which there is a programming logic error that results in the IP port being permitted. An attacker could exploit this vulnerability by sending traffic to the OOB management interface on the targeted device. A successful exploit could allow the attacker to bypass configured IP table rules to drop specific IP port traffic. The attacker has no control over the configuration of the device itself. This vulnerability affects Cisco APIC releases prior to the first fixed software Release 4.2(3j). 2020-01-26 5 CVE-2020-3139
CISCO
cisco — asyncos_software
 
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of zip files. An attacker could exploit this vulnerability by sending an email message with a crafted zip-compressed attachment. A successful exploit could trigger a restart of the content-scanning process, causing a temporary DoS condition. This vulnerability affects Cisco AsyncOS Software for Cisco ESA releases earlier than 13.0. 2020-01-26 6.4 CVE-2020-3134
CISCO
cisco — crosswork_change_automation
 
A vulnerability in the web-based management interface of Cisco Crosswork Change Automation could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. 2020-01-26 4.3 CVE-2019-16024
CISCO
cisco — data_center_analytics_framework
 
A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information on the affected system. 2020-01-26 4.3 CVE-2019-16015
CISCO
cisco — finesse
 
A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to sensitive information. 2020-01-26 4.3 CVE-2019-15278
CISCO
cisco — identity_services_engine
 
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to bypass authorization and access sensitive information related to the device. The vulnerability exists because the software fails to sanitize URLs before it handles requests. An attacker could exploit this vulnerability by submitting a crafted URL. A successful exploit could allow the attacker to gain unauthorized access to sensitive information. 2020-01-26 4 CVE-2019-15255
CISCO
cisco — ios_xr_software
 
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim’s BGP network on an existing, valid TCP connection to a BGP peer. 2020-01-26 5 CVE-2019-16022
CISCO
cisco — ios_xr_software
 
A vulnerability in the implementation of the Border Gateway Protocol (BGP) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains a specific BGP attribute. An attacker could exploit this vulnerability by sending BGP update messages that include a specific, malformed attribute to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer or would need to be injected by the attacker into the victim&rsquo;s BGP network on an existing, valid TCP connection to a BGP peer. 2020-01-26 5 CVE-2019-15989
CISCO
cisco — ios_xr_software
 
Multiple vulnerabilities in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerabilities are due to incorrect processing of BGP update messages that contain crafted EVPN attributes. An attacker could exploit these vulnerabilities by sending BGP EVPN update messages with malformed attributes to be processed by an affected system. A successful exploit could allow the attacker to cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit these vulnerabilities, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim’s BGP network on an existing, valid TCP connection to a BGP peer. 2020-01-26 5 CVE-2019-16020
CISCO
cisco — ios_xr_software
 
A vulnerability in the implementation of the Intermediate System&ndash;to&ndash;Intermediate System (IS&ndash;IS) routing protocol functionality in Cisco IOS XR Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition in the IS&ndash;IS process. The vulnerability is due to improper handling of a Simple Network Management Protocol (SNMP) request for specific Object Identifiers (OIDs) by the IS&ndash;IS process. An attacker could exploit this vulnerability by sending a crafted SNMP request to the affected device. A successful exploit could allow the attacker to cause a DoS condition in the IS&ndash;IS process. 2020-01-26 4 CVE-2019-16027
CISCO
cisco — jabber_guest
 
A vulnerability in the web-based management interface of Cisco Jabber Guest could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability exists because the web-based management interface of the affected device does not properly validate user-supplied input. An attacker could exploit this vulnerability by persuading a user to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or to access sensitive, browser-based information. This vulnerability affects Cisco Jabber Guest releases 11.1(2) and earlier. 2020-01-26 4.3 CVE-2020-3136
CISCO
cisco — mobility_management_entity
 
A vulnerability in the implementation of the Stream Control Transmission Protocol (SCTP) on Cisco Mobility Management Entity (MME) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an eNodeB that is connected to an affected device. The vulnerability is due to insufficient input validation of SCTP traffic. An attacker could exploit this vulnerability by leveraging a man-in-the-middle position between the eNodeB and the MME and then sending a crafted SCTP message to the MME. A successful exploit would cause the MME to stop sending SCTP messages to the eNodeB, triggering a DoS condition. 2020-01-26 4.3 CVE-2019-16026
CISCO
cisco — sd-wan_solution_vmanage
 
A vulnerability in the web interface for Cisco SD-WAN Solution vManage could allow an authenticated, remote attacker to impact the integrity of an affected system by executing arbitrary SQL queries. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted input that includes SQL statements to an affected system. A successful exploit could allow the attacker to modify entries in some database tables, affecting the integrity of the data. 2020-01-26 4 CVE-2019-12619
CISCO
cisco — small_business_smart_and_managed_switches
 
A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link and access a specific page. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. 2020-01-26 4.3 CVE-2020-3121
CISCO
cisco — smart_software_manager_on-prem
 
A vulnerability in the application programming interface (API) of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service (DoS) condition of the web interface. The vulnerability is due to the lack of input validation in the API. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to change or corrupt user account information which could grant the attacker administrator access or prevent legitimate user access to the web interface, resulting in a denial of service (DoS) condition. 2020-01-26 6.4 CVE-2019-16029
CISCO
cisco — ucs_director
 
A vulnerability in the web-based management interface of Cisco UCS Director could allow an unauthenticated, remote attacker to download system log files from an affected device. The vulnerability is due to an issue in the authentication logic of the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the web interface. A successful exploit could allow the attacker to download log files if they were previously generated by an administrator. 2020-01-26 5 CVE-2019-16003
CISCO
cisco — webex_meetings_suite_and_online
 
A vulnerability in Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites could allow an unauthenticated, remote attendee to join a password-protected meeting without providing the meeting password. The connection attempt must initiate from a Webex mobile application for either iOS or Android. The vulnerability is due to unintended meeting information exposure in a specific meeting join flow for mobile applications. An unauthorized attendee could exploit this vulnerability by accessing a known meeting ID or meeting URL from the mobile device&rsquo;s web browser. The browser will then request to launch the device&rsquo;s Webex mobile application. A successful exploit could allow the unauthorized attendee to join the password-protected meeting. The unauthorized attendee will be visible in the attendee list of the meeting as a mobile attendee. Cisco has applied updates that address this vulnerability and no user action is required. This vulnerability affects Cisco Webex Meetings Suite sites and Cisco Webex Meetings Online sites releases earlier than 39.11.5 and 40.1.3. 2020-01-26 5 CVE-2020-3142
CISCO
cisco — webex_teams
 
A vulnerability in the Cisco Webex Teams client for Windows could allow an authenticated, remote attacker to cause the client to crash, resulting in a denial of service (DoS) condition. The attacker needs a valid developer account to exploit this vulnerability. The vulnerability is due to insufficient input validation when processing received adaptive cards. The attacker could exploit this vulnerability by sending an adaptive card with malicious content to an existing user of the Cisco Webex Teams client for Windows. A successful exploit could allow the attacker to cause the targeted user’s client to crash continuously. This vulnerability was introduced in Cisco Webex Teams client for Windows Release 3.0.13131. 2020-01-26 4 CVE-2020-3131
CISCO
codecov — codecov
 
Codecov npm module before 3.6.2 allows remote attackers to execute arbitrary commands via the “gcov-args” argument. 2020-01-25 6.5 CVE-2020-7596
MISC
contao — contao
 
contao prior to 2.11.4 has a sql injection vulnerability 2020-01-29 6.5 CVE-2012-4383
MISC
core_security — vivotek_pt7135_ip_camera
 
An Information Disclosure vulnerability exists via a GET request in Vivotek PT7135 IP Camera 0300a and 0400a due to wireless keys and 3rd party credentials stored in clear text. 2020-01-24 5 CVE-2013-1594
MISC
MISC
MISC
MISC
MISC
MISC
core_security — vivotek_pt7135_ip_camera
 
An Authentication Bypass Vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via specially crafted RTSP packets to TCP port 554. 2020-01-24 5 CVE-2013-1596
MISC
MISC
MISC
MISC
MISC
core_security — tp-link_ip_cameras
 
A Security Bypass vulnerability exists in TP-LINK IP Cameras TL-SC 3130, TL-SC 3130G, 3171G, 4171G, and 3130 1.6.18P12 due to default hard-coded credentials for the administrative Web interface, which could let a malicious user obtain unauthorized access to CGI files. 2020-01-29 5 CVE-2013-2572
MISC
MISC
MISC
MISC
MISC
core_security — vivotek_pt7135_ip_cameras
 
A Directory Traversal vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via a specially crafted GET request, which could let a malicious user obtain user credentials. 2020-01-24 4 CVE-2013-1597
MISC
MISC
MISC
MISC
MISC
core_security — zavio_ip_cameras
 
An Authentication Bypass vulnerability exists in the web interface in Zavio IP Cameras through 1.6.03 due to a hardcoded admin account found in boa.conf, which lets a remote malicious user obtain sensitive information. 2020-01-29 5 CVE-2013-2567
MISC
MISC
MISC
MISC
MISC
core_security — zavio_ip_cameras
 
A Security Bypass vulnerability exists in Zavio IP Cameras through 1.6.3 because the RTSP protocol authentication is disabled by default, which could let a malicious user obtain unauthorized access to the live video stream. 2020-01-29 5 CVE-2013-2569
MISC
MISC
MISC
MISC
cpanel — webhost_manager
 
Cross-site Scripting (XSS) in cPanel WebHost Manager (WHM) 11.34.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2020-01-27 4.3 CVE-2012-6448
EXPLOIT-DB
dolibarr — dolibarr
 
Multiple cross-site scripting (XSS) vulnerabilities in Dolibarr 10.0.6 allow remote attackers to inject arbitrary web script or HTML via the (1) label[libelle] parameter to the /htdocs/admin/dict.php?id=3 page; the (2) name[constname] parameter to the /htdocs/admin/const.php?mainmenu=home page; the (3) note[note] parameter to the /htdocs/admin/dict.php?id=10 page; the (4) zip[MAIN_INFO_SOCIETE_ZIP] or email[mail] parameter to the /htdocs/admin/company.php page; the (5) url[defaulturl], field[defaultkey], or value[defaultvalue] parameter to the /htdocs/admin/defaultvalues.php page; the (6) key[transkey] or key[transvalue] parameter to the /htdocs/admin/translation.php page; or the (7) [main_motd] or [main_home] parameter to the /htdocs/admin/ihm.php page. 2020-01-26 4.3 CVE-2020-7994
MISC
MISC
dolibarr — dolibarr
 
htdocs/user/passwordforgotten.php in Dolibarr 10.0.6 allows XSS via the Referer HTTP header. 2020-01-26 4.3 CVE-2020-7996
MISC
MISC
eucalyptus — eucalyptus_management_control
 
Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2020-01-27 4.3 CVE-2013-4770
MISC
f-revocrm — f-revocrm
 
Cross-site scripting vulnerability in F-RevoCRM 6.0 to F-RevoCRM 6.5 patch6 (version 6 series) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2020-01-27 4.3 CVE-2019-6036
MISC
MISC
fuji_xerox — netprint
 
The netprint App for iOS 3.2.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. 2020-01-27 5.8 CVE-2020-5520
MISC
MISC
fuji_xerox — kantan_netprint
 
The kantan netprint App for iOS 2.0.2 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. 2020-01-27 5.8 CVE-2020-5521
MISC
MISC
fuji_xerox — kantan_netprint
 
The kantan netprint App for Android 2.0.3 and earlier does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. 2020-01-27 5.8 CVE-2020-5522
MISC
MISC
gitlab — gitlab
 
An information disclosure issue was discovered GitLab versions < 12.1.2, < 12.0.4, and < 11.11.6 in the security dashboard which could result in disclosure of vulnerability feedback information. 2020-01-28 5 CVE-2019-5470
MISC
MISC
MISC
gitlab — gitlab
 
An authorization issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 that prevented owners and maintainer to delete epic comments. 2020-01-28 5 CVE-2019-5472
MISC
MISC
MISC
gitlab — gitlab_community_and_enterprise_edition

 

An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). The path of a private project, that used to be public, would be disclosed in the unsubscribe email link of issues and merge requests. 2020-01-28 5 CVE-2019-15578
MISC
MISC
gitlab — gitlab_community_and_enterprise_edition

 

An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) where the assignee(s) of a confidential issue in a private project would be disclosed to a guest via milestones. 2020-01-28 5 CVE-2019-15579
MISC
MISC
gitlab — gitlab_community_and_enterprise_edition

 

An IDOR exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a project owner or maintainer to see the members of any private group via merge request approval rules. 2020-01-28 5 CVE-2019-15581
MISC
MISC
gitlab — gitlab_community_and_enterprise_edition

 

An IDOR was discovered in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) that allowed a maintainer to add any private group to a protected environment. 2020-01-28 5 CVE-2019-15582
MISC
MISC
gitlab — gitlab_community_and_enterprise_edition
 
An access control issue exists in < 12.3.5, < 12.2.8, and < 12.1.14 for GitLab Community Edition (CE) and Enterprise Edition (EE) where private merge requests and issues would be disclosed with the Group Search feature provided by Elasticsearch integration 2020-01-28 5 CVE-2019-15590
MISC
MISC
gitlab — gitlab_community_and_enterprise_edition
 
An information disclosure exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE). When an issue was moved to a public project from a private one, the associated private labels and the private project namespace would be disclosed through the GitLab API. 2020-01-28 5 CVE-2019-15583
MISC
MISC
gitlab — gitlab_community_and_enterprise_edition
 
A XSS exists in Gitlab CE/EE < 12.1.10 in the Mermaid plugin. 2020-01-28 4.3 CVE-2019-15586
MISC
MISC
gitlab — gitlab_community_end_enterprise_edition
 
A privilege escalation issue was discovered in GitLab CE/EE 9.0 and later when trigger tokens are not rotated once ownership of them has changed. 2020-01-28 6.8 CVE-2019-5462
MISC
MISC
MISC
git — git
 
A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka ‘Git for Visual Studio Tampering Vulnerability’. 2020-01-24 5 CVE-2019-1351
SUSE
MISC
MISC
gnu — aspell
 
libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single ‘\0’ byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable. 2020-01-27 6.4 CVE-2019-20433
MISC
gnu — gnucoreutils
 
The keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of bytes occupied by multibyte characters, which allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via long UTF-8 strings. 2020-01-24 4.6 CVE-2015-4041
MISC
MISC
MISC
gnu — gnutls
 
GnuTLS before 3.3.13 does not validate that the signature algorithms match when importing a certificate. 2020-01-27 5 CVE-2015-0294
MISC
MISC
MISC
google — android
 
audio/AudioPolicyManagerBase.cpp in Android before 5.1 allows attackers to cause a denial of service (audio_policy application outage) via a crafted application that provides a NULL device address. 2020-01-24 4.3 CVE-2015-1525
MISC
google — android
 
media/libmedia/IAudioPolicyService.cpp in Android before 5.1 allows attackers to execute arbitrary code with media_server privileges or cause a denial of service (integer overflow) via a crafted application that provides an invalid array size. 2020-01-24 6 CVE-2015-1530
MISC
ibm — content_navigator
 
IBM Content Navigator 3.0CD could allow an authenticated user to gain information about the hosting operating system and version that could be used in further attacks against the system. IBM X-Force ID: 171515. 2020-01-28 4 CVE-2019-4679
XF
CONFIRM
ibm — mq_and_mq_appliance
 
IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS client connecting to a Queue Manager could cause a SIGSEGV denial of service caused by converting an invalid message. IBM X-Force ID: 168639. 2020-01-28 4 CVE-2019-4614
XF
CONFIRM
ibm — mq_and_mq_appliance
 
IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS could allow a remote attacker with intimate knowledge of the server to cause a denial of service when receiving data on the channel. IBM X-Force ID: 166629. 2020-01-28 4.3 CVE-2019-4568
XF
CONFIRM
ibm — mq_appliance_and_lts
 
IBM MQ Appliance 8.0 and 9.0 LTS could allow a local attacker to bypass security restrictions caused by improper validation of environment variables. IBM X-Force ID: 168863. 2020-01-28 4.6 CVE-2019-4620
XF
CONFIRM
ibm — security_access_manager_appliance
 
IBM Security Access Manager Appliance 9.0.7.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 172018. 2020-01-28 5.5 CVE-2019-4707
XF
CONFIRM
ibm — security_secret_server
 
IBM Security Secret Server 10.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 170004. 2020-01-28 4.3 CVE-2019-4632
XF
CONFIRM
ibm — security_secret_server
 
IBM Security Secret Server 10.7 does not set the secure attribute on authorization tokens or session cookies. This could allow an attacker to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 170044. 2020-01-28 4.3 CVE-2019-4638
XF
CONFIRM
ibm — security_secret_server
 
IBM Security Secret Server 10.7 could allow a privileged user to perform unauthorized command injection due to imporoper input neutralization of special elements. IBM X-Force ID: 170011. 2020-01-28 4 CVE-2019-4635
XF
CONFIRM
ibm — security_secret_server
 
IBM Security Secret Server 10.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 170001. 2020-01-28 5.8 CVE-2019-4631
XF
CONFIRM
ibm — security_secret_server
 
IBM Security Secret Server 10.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 170045. 2020-01-28 5 CVE-2019-4639
XF
CONFIRM
ibm — security_secret_server
 
IBM Security Secret Server 10.7 could disclose sensitive information to an authenticated user from generated error messages. IBM X-Force ID: 170013. 2020-01-28 4 CVE-2019-4636
XF
CONFIRM
ibm — security_secret_server
 
IBM Security Secret Server 10.7 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity. IBM X-Force ID: 170043. 2020-01-28 4 CVE-2019-4637
XF
CONFIRM
ibm — security_secret_server
 
IBM Security Secret Server 10.7 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. IBM X-Force ID: 170007. 2020-01-28 4.3 CVE-2019-4633
XF
CONFIRM
icewarp — webmail_server
 
In IceWarp Webmail Server through 11.4.4.1, there is XSS in the /webmail/ color parameter. 2020-02-01 4.3 CVE-2020-8512
MISC
MISC
jazzband — django-user-sessions
 
In Django User Sessions (django-user-sessions) before 1.7.1, the views provided allow users to terminate specific sessions. The session key is used to identify sessions, and thus included in the rendered HTML. In itself this is not a problem. However if the website has an XSS vulnerability, the session key could be extracted by the attacker and a session takeover could happen. 2020-01-24 4 CVE-2020-5224
CONFIRM
MISC
jenkins — fortify_plugin
 
Jenkins Fortify Plugin 19.1.29 and earlier stores proxy server passwords unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system. 2020-01-29 4 CVE-2020-2107
MLIST
CONFIRM
jenkins — jenkins
 
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart. 2020-01-29 4 CVE-2020-2104
MLIST
CONFIRM
jenkins — jenkins
 
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848. 2020-01-29 5 CVE-2020-2100
MLIST
CONFIRM
jenkins — jenkins
 
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user’s detail object in the whoAmI diagnostic page. 2020-01-29 4 CVE-2020-2103
MLIST
CONFIRM
jenkins — jenkins
 
REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks. 2020-01-29 4.3 CVE-2020-2105
MLIST
CONFIRM
jenkins — websphere_deployer_plugin
 
Jenkins WebSphere Deployer Plugin 1.6.1 and earlier does not configure the XML parser to prevent XXE attacks which can be exploited by a user with Job/Configure permissions. 2020-01-29 6.5 CVE-2020-2108
MLIST
CONFIRM
jetbrains — intellij_idea
 
Ports listened to by JetBrains IntelliJ IDEA before 2019.3 were exposed to the network. 2020-01-30 5 CVE-2020-7905
MISC
CONFIRM
jetbrains — intellij_idea
 
In JetBrains IntelliJ IDEA before 2019.3, some Maven repositories were accessed via HTTP instead of HTTPS. 2020-01-30 5.8 CVE-2020-7904
MISC
CONFIRM
jetbrains — rider
 
In JetBrains Rider versions 2019.3 EAP2 through 2019.3 EAP7, there were unsigned binaries provided by the Windows installer. This issue was fixed in release version 2019.3. 2020-01-30 5 CVE-2020-7906
MISC
MISC
jetbrains — teamcity
 
In JetBrains TeamCity before 2019.1.5, reverse tabnabbing was possible on several pages. 2020-01-30 4.3 CVE-2020-7908
MISC
CONFIRM
jetbrains — teamcity
 
In JetBrains TeamCity before 2019.1.5, some server-stored passwords could be shown via the web UI. 2020-01-30 5 CVE-2020-7909
MISC
CONFIRM
jetbrains — teamcity
 
In JetBrains TeamCity before 2019.2, several user-level pages were vulnerable to XSS. 2020-01-30 4.3 CVE-2020-7911
MISC
CONFIRM
jetbrains — youtrack
 
In JetBrains YouTrack before 2019.2.59309, SMTP/Jabber settings could be accessed using backups. 2020-01-30 5 CVE-2020-7912
MISC
CONFIRM
jetbrains — youtrack
 
JetBrains YouTrack 2019.2 before 2019.2.59309 was vulnerable to XSS via an issue description. 2020-01-30 4.3 CVE-2020-7913
MISC
CONFIRM
koha — koha
 
Multiple directory traversal vulnerabilities in the (1) staff interface help editor (edithelp.pl) or (2) member-picupload.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allow remote attackers to write to arbitrary files via unspecified vectors. 2020-01-24 5 CVE-2014-1923
MISC
MISC
MISC
MISC
MISC
koha — koha
 
Absolute path traversal vulnerability in tools/pdfViewer.pl in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allows remote attackers to read arbitrary files via unspecified vectors. 2020-01-24 5 CVE-2014-1922
MISC
MISC
MISC
MISC
lldpd — lldpd
 
lldpd before 0.8.0 allows remote attackers to cause a denial of service (assertion failure and daemon crash) via a malformed packet. 2020-01-28 5 CVE-2015-8012
MISC
MISC
CONFIRM
CONFIRM
magento — magento
 
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a path traversal vulnerability. Successful exploitation could lead to sensitive information disclosure. 2020-01-29 5 CVE-2020-3717
CONFIRM
magento — magento
 
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. 2020-01-29 4.3 CVE-2020-3715
CONFIRM
magento — magento
 
Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. 2020-01-29 4.3 CVE-2020-3758
CONFIRM
mediawiki — N/A
 
Cross-site scripting (XSS) vulnerability in MediaWiki 1.19.9 before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to inject arbitrary web script or HTML via unspecified CSS values. 2020-01-28 4.3 CVE-2013-6451
MISC
mediawiki — mediawiki
 
The CentralAuth extension for MediaWiki before 1.19.10, 1.2x before 1.21.4, and 1.22.x before 1.22.1 allows remote attackers to obtain usernames via vectors related to writing the names to the DOM of a page. 2020-01-28 5 CVE-2013-6455
MISC
microsoft — Microsoft_dynamics_365_server
 
An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Server, aka ‘Microsoft Dynamics 365 Elevation of Privilege Vulnerability’. 2020-01-24 4 CVE-2018-8654
MISC
mirumee — saleor
 
An issue was discovered in Mirumee Saleor 2.x before 2.9.1. Incorrect access control in the checkoutCustomerAttach mutations allows attackers to attach their checkouts to any user ID and consequently leak user data (e.g., name, address, and previous orders of any other customer). 2020-01-24 5 CVE-2020-7964
MISC
MISC
mympc — media_player_classic_home_cinema
 
Stack-based buffer overflow in Media Player Classic – Home Cinema (MPC-HC) before 1.7.0.7858 allows remote attackers to execute arbitrary code via a crafted MPEG-2 Transport Stream (M2TS) file. 2020-01-31 6.8 CVE-2013-3488
CONFIRM
MISC
mympc — media_player_classic_home_cinema
 
Buffer overflow in Media Player Classic – Home Cinema (MPC-HC) before 1.7.0 allows remote attackers to execute arbitrary code via a crafted RealMedia .rm file 2020-01-31 6.8 CVE-2013-3489
MISC
MISC
netapp — oncommand_system_manager
 
Cross-site Scripting (XSS) vulnerability in NetApp OnCommand System Manager before 2.2 allows remote attackers to inject arbitrary web script or HTML via the ‘full-name’ and ‘comment’ fields. 2020-01-29 4.3 CVE-2013-3320
BID
XF
XF
netapp — oncommand_system_manager
 
NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to the “diagnostic” page using the SnapMirror log path parameter. 2020-01-29 6 CVE-2013-3321
XF
MISC
netty — netty
 
Netty 4.1.43.Final allows HTTP Request Smuggling because it mishandles Transfer-Encoding whitespace (such as a [space]Transfer-Encoding:chunked line) and a later Content-Length header. This issue exists because of an incomplete fix for CVE-2019-16869. 2020-01-27 5 CVE-2020-7238
MISC
MISC
netty — netty
 
HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an “invalid fold.” 2020-01-29 6.4 CVE-2019-20444
MISC
MISC
MLIST
MLIST
MLIST
netty — netty
 
HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header. 2020-01-29 6.4 CVE-2019-20445
MISC
MISC
MLIST
MLIST
MLIST
novell — zenworks_configuration_management
 
Novell ZENworks Configuration Management before 11.2.4 allows obtaining sensitive trace information. 2020-01-25 5 CVE-2012-6345
MISC
novell — zenworks_configuration_management
 
Novell ZENworks Configuration Management before 11.2.4 allows XSS. 2020-01-25 4.3 CVE-2012-6344
MISC
ntt_data_corporation — mypallete
 
Android App ‘MyPallete’ and some of the Android banking applications based on ‘MyPallete’ do not verify X.509 certificates from servers, and also do not properly validate certificates with host-mismatch, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. 2020-01-28 5.8 CVE-2020-5523
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
openpne — openpne_3
 
OpenPNE 3 versions 3.8.7, 3.6.11, 3.4.21.1, 3.2.7.6, 3.0.8.5 has an External Entity Injection Vulnerability 2020-01-24 6.4 CVE-2013-4333
MISC
MISC
MISC
ossec — ossec-hids
 
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authenticated client. 2020-01-30 6.5 CVE-2020-8442
MISC
MISC
MISC
postgresql — postgresql
 
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to obtain sensitive column values by triggering constraint violation and then reading the error message. 2020-01-27 4 CVE-2014-8161
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
postgresql — postgresql
 
Multiple buffer overflows in contrib/pgcrypto in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allow remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors. 2020-01-27 6.5 CVE-2015-0243
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
postgresql — postgresql
 
Stack-based buffer overflow in the *printf function implementations in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1, when running on a Windows system, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a floating point number with a large precision, as demonstrated by using the to_char function. 2020-01-27 6.5 CVE-2015-0242
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
postgresql — postgresql
 
The to_char function in PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 allows remote authenticated users to cause a denial of service (crash) or possibly execute arbitrary code via a (1) large number of digits when processing a numeric formatting template, which triggers a buffer over-read, or (2) crafted timestamp formatting template, which triggers a buffer overflow. 2020-01-27 6.5 CVE-2015-0241
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
proxmox — proxmox
 
Proxmox VE prior to 3.2: ‘AccessControl.pm’ User Enumeration Vulnerability 2020-01-27 5 CVE-2014-4156
MISC
MISC
pwgen_project — pwgen
 
The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack. 2020-01-27 5 CVE-2013-4441
MISC
MISC
MISC
MISC
pyradius — pyrad
 
packet.py in pyrad before 2.1 uses weak random numbers to generate RADIUS authenticators and hash passwords, which makes it easier for remote attackers to obtain sensitive information via a brute force attack. 2020-01-28 4.3 CVE-2013-0294
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
CONFIRM
MISC
CONFIRM
python — python
 
In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1, an insecure dependency load upon launch on Windows 7 may result in an attacker’s copy of api-ms-win-core-path-l1-1-0.dll being loaded and used instead of the system’s copy. Windows 8 and later are unaffected. 2020-01-28 4.3 CVE-2020-8315
MISC
qt — qt
 
Qt through 5.14 allows an exponential XML entity expansion attack via a crafted SVG document that is mishandled in QXmlStreamReader, a related issue to CVE-2003-1564. 2020-01-24 5 CVE-2015-9541
MISC
rapid7 — nexpose
 
Rapid7 Nexpose before 5.5.4 contains a session hijacking vulnerability which allows remote attackers to capture a user’s session and gain unauthorized access. 2020-01-25 4.3 CVE-2012-6494
BID
XF
ratpack — ratpack
 
All versions of io.ratpack:ratpack-core from 0.9.10 inclusive and before 1.7.6 are vulnerable to Cross-site Scripting (XSS). This affects the development mode error handler when an exception message contains untrusted data. Note the production mode error handler is not vulnerable – so for this to be utilized in production it would require users to not disable development mode. 2020-01-28 4.3 CVE-2019-10770
CONFIRM
roundup — roundup
 
Multiple cross-site scripting (XSS) vulnerabilities in Roundup before 1.4.20 allow remote attackers to inject arbitrary web script or HTML via the (1) @ok_message or (2) @error_message parameter to issue*. 2020-01-30 4.3 CVE-2012-6133
CONFIRM
MISC
MISC
MISC
CONFIRM
simplehrm — simplehrm
 
SimpleHRM 2.3 and earlier could allow remote attackers to bypass the authentication process in ‘user_manager.php’ via spoofing a cookie. 2020-01-27 5 CVE-2013-2499
MISC
BID
XF
simplesamlphp — simplesamlphp
 
Log injection in SimpleSAMLphp before version 1.18.4. The www/erroreport.php script, which receives error reports and sends them via email to the system administrator, did not properly sanitize the report identifier obtained from the request. This allows an attacker, under specific circumstances, to inject new log lines by manually crafting this report ID. When configured to use the file logging handler, SimpleSAMLphp will output all its logs by appending each log line to a given file. Since the reportID parameter received in a request sent to www/errorreport.php was not properly sanitized, it was possible to inject newline characters into it, effectively allowing a malicious user to inject new log lines with arbitrary content. 2020-01-24 5.5 CVE-2020-5225
CONFIRM
MISC
smb4k — smb4k
 
Smb4K before 1.1.1 allows remote attackers to obtain credentials via vectors related to the cuid option in the “Additional options” line edit. 2020-01-28 5 CVE-2014-2581
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
MISC
stroom — stroom
 
All versions of stroom:stroom-app before 5.5.12 and all versions of the 6.0.0 branch before 6.0.25 are affected by Cross-site Scripting. An attacker website is able to load the Stroom UI into a hidden iframe. Using that iframe, the attacker site can issue commands to the Stroom UI via an XSS vulnerability to take full control of the Stroom UI on behalf of the logged-in user. 2020-01-28 4.3 CVE-2019-10779
CONFIRM
synacor — zimbra-collaboration
 
Synacor Zimbra Collaboration before 8.0.8 has XSS. 2020-01-27 4.3 CVE-2014-5500
CONFIRM
synacor — zimbra_collaboration
 
Zimbra Collaboration 8.7.x – 8.8.11P2 contains persistent XSS. 2020-01-27 4.3 CVE-2019-8945
MISC
MISC
MISC
MISC
synacor — zimbra_collaboration
 
In Zimbra Collaboration before 8.8.15 Patch 1, there is a non-persistent XSS vulnerability. 2020-01-27 4.3 CVE-2019-15313
MISC
MISC
synacor — zimbra_collaboration
 
Zimbra Collaboration 8.7.x – 8.8.11P2 contains persistent XSS. 2020-01-27 4.3 CVE-2019-8946
MISC
MISC
MISC
MISC
synacor — zimbra_collaboration
 
Zimbra Collaboration 8.7.x – 8.8.11P2 contains non-persistent XSS. 2020-01-27 4.3 CVE-2019-8947
MISC
MISC
MISC
MISC
tiki_software — tiki_wiki_cms_groupware
 
Tiki 8.2 and earlier allows remote administrators to execute arbitrary PHP code via crafted input to the regexres and regex parameters. 2020-01-27 6 CVE-2011-4558
MISC
tor_project — tor
 
buf_pullup in Tor before 0.2.4.26 and 0.2.5.x before 0.2.5.11 does not properly handle unexpected arrival times of buffers with invalid layouts, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via crafted packets. 2020-01-24 5 CVE-2015-2688
MISC
MISC
tor_project — tor
 
The Hidden Service (HS) client implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote servers to cause a denial of service (assertion failure and application exit) via a malformed HS descriptor. 2020-01-24 5 CVE-2015-2929
MISC
MISC
tor_project — tor
 
The Hidden Service (HS) server implementation in Tor before 0.2.4.27, 0.2.5.x before 0.2.5.12, and 0.2.6.x before 0.2.6.7 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via unspecified vectors. 2020-01-24 5 CVE-2015-2928
MLIST
CONFIRM
tor_project — tor
 
Tor before 0.2.4.26 and 0.2.5.x before 0.2.5.11 does not properly handle pending-connection resolve states during periods of high DNS load, which allows remote attackers to cause a denial of service (assertion failure and daemon exit) via crafted packets. 2020-01-24 5 CVE-2015-2689
MISC
MISC
tornadoweb — tornado
 
Tornado before 3.2.2 sends arbitrary responses that contain a fixed CSRF token and may be sent with HTTP compression, which makes it easier for remote attackers to conduct a BREACH attack and determine this token via a series of crafted requests. 2020-01-24 4.3 CVE-2014-9720
MISC
MISC
MISC
MISC
MISC
tp-link — tp-link_tl-wr849n
 
TP-LINK TL-WR849N 0.9.1 4.16 devices do not require authentication to replace the firmware via a POST request to the cgi/softup URI. 2020-01-27 4.1 CVE-2019-19143
MISC
valve_dota_2 — valve_dota_2
 
rendersystemdx9.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is affected by memory corruption. 2020-01-27 6.8 CVE-2020-7952
MISC
valve_dota_2 — valve_dota_2
 
schemasystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a GetValue call. 2020-01-27 6.8 CVE-2020-7949
MISC
valve_dota_2 — valve_dota_2
 
meshsystem.dll in Valve Dota 2 before 7.23e allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is affected by memory corruption. 2020-01-27 6.8 CVE-2020-7951
MISC
valve_dota_2 — valve_dota_2
 
meshsystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a vulnerable function call. 2020-01-27 6.8 CVE-2020-7950
MISC
videolan — vlc_media_player
 
Integer underflow in the MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a box size less than 7. 2020-01-24 6.8 CVE-2014-9626
MISC
MISC
CONFIRM
videolan — vlc_media_player
 
The rtp_packetize_xiph_config function in modules/stream_out/rtpfmt.c in VideoLAN VLC media player before 2.1.6 uses a stack-allocation approach with a size determined by arbitrary input data, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted length value. 2020-01-24 6.8 CVE-2014-9630
MISC
MISC
CONFIRM
videolan — vlc_media_player
 
The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 allows remote attackers to trigger an unintended zero-size malloc and conduct buffer overflow attacks, and consequently execute arbitrary code, via a box size of 7. 2020-01-24 6.8 CVE-2014-9628
MISC
MISC
CONFIRM
videolan — vlc_media_player
 
Integer overflow in the Encode function in modules/codec/schroedinger.c in VideoLAN VLC media player before 2.1.6 and 2.2.x before 2.2.1 allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted length value. 2020-01-24 6.8 CVE-2014-9629
MISC
MISC
CONFIRM
videolan — vlc_media_player
 
The GetUpdateFile function in misc/update.c in the Updater in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to conduct buffer overflow attacks and execute arbitrary code via a crafted update status file, aka an “integer truncation” vulnerability. 2020-01-24 6.8 CVE-2014-9625
MISC
MISC
CONFIRM
videolan — vlc_media_player
 
The MP4_ReadBox_String function in modules/demux/mp4/libmp4.c in VideoLAN VLC media player before 2.1.6 performs an incorrect cast operation from a 64-bit integer to a 32-bit integer, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large box size. 2020-01-24 6.8 CVE-2014-9627
MISC
MISC
CONFIRM
viewgit — viewgit
 
Multiple cross-site scripting (XSS) vulnerabilities in ViewGit before 0.0.7 allow remote repository users to inject arbitrary web script or HTML via a (1) tag name to the Shortlog table in templates/shortlog.php or branch name to the (2) Shortlog table in templates/shortlog.php or (3) Heads table in plates/summary.php. 2020-01-30 4.3 CVE-2013-2294
CONFIRM
MISC
MISC
MISC
webcalendar_project — webcalendar
 
Local file inclusion in WebCalendar before 1.2.5. 2020-01-27 6.5 CVE-2012-1496
MISC
wiz — wiz
 
Wiz 5.0.3 has a user mode write access violation 2020-01-27 5 CVE-2013-5659
MISC
MISC
wordpress — wordpress
 
Multiple cross-site request forgery (CSRF) vulnerabilities in the Private Only plugin 3.5.1 for WordPress allow remote attackers to hijack the authentication of administrators for requests that (1) add users, (2) delete posts, or (3) modify PHP files via unspecified vectors, or (4) conduct cross-site scripting (XSS) attacks via the po_logo parameter in the privateonly.php page to wp-admin/options-general.php. 2020-01-28 6.8 CVE-2015-5483
MISC
MISC
MISC
wordpress — wordpress
 
WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability 2020-01-27 6.4 CVE-2013-4462
MISC
MISC
wordpress — wordpress
 
Cross-site Scripting (XSS) in WordPress podPress Plugin 8.8.10.13 could allow remote attackers to inject arbitrary web script or html via the ‘playerID’ parameter. 2020-01-28 4.3 CVE-2013-2714
BID
wso2 — multiple_products An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. If there is a claim dialect configured with an XSS payload in the dialect URI, and a user picks up this dialect’s URI and adds it as the service provider claim dialect while configuring the service provider, that payload gets executed. The attacker also needs to have privileges to log in to the management console, and to add and configure claim dialects. 2020-01-28 4.3 CVE-2019-20436
MISC
MISC
wso2 — multiple_products
 
An issue was discovered in WSO2 API Manager 2.6.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. When a custom claim dialect with an XSS payload is configured in the identity provider basic claim configuration, that payload gets executed, if a user picks up that dialect’s URI as the provisioning claim in the advanced claim configuration of the same Identity Provider. The attacker also needs to have privileges to log in to the management console, and to add and update identity provider configurations. 2020-01-28 4.3 CVE-2019-20437
MISC
MISC
zend — zend_mail
 
CRLF injection vulnerability in Zend\Mail (Zend_Mail) in Zend Framework before 1.12.12, 2.x before 2.3.8, and 2.4.x before 2.4.1 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the header of an email. 2020-01-27 4.3 CVE-2015-3154
CONFIRM
zeuscart — zeuscart
 
Multiple SQL injection vulnerabilities in ZeusCart 4.x. 2020-01-31 6.5 CVE-2014-3868
MISC
MISC
MISC
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
N/A — N/A
 
A stored XSS vulnerability is present within node-red (version: <= 0.20.7) npm package, which is a visual tool for wiring the Internet of Things. This issue will allow the attacker to steal session cookies, deface web applications, etc. 2020-01-28 3.5 CVE-2019-15607
MISC
N/A — N/A
 
The Username field in the Storage Service settings of A1 WLAN Box ADB VV2220v2 devices allows stored XSS (after a successful Administrator login). 2020-01-27 3.5 CVE-2020-8090
MISC
bitdefender — bitdefender_av_for_mac
 
An Incorrect Default Permissions vulnerability in the BDLDaemon component of Bitdefender AV for Mac allows an attacker to elevate permissions to read protected directories. This issue affects: Bitdefender AV for Mac versions prior to 8.0.0. 2020-01-27 2.1 CVE-2019-17103
CONFIRM
cisco — multiple_products
 
A vulnerability in the web-based GUI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based GUI of an affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information. 2020-01-26 3.5 CVE-2019-16008
CISCO
cisco — unity_connection_software
 
A vulnerability in the web-based management interface of Cisco Unity Connection Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by providing crafted data to a specific field within the interface. A successful exploit could allow the attacker to store an XSS attack within the interface. This stored XSS attack would then be executed on the system of any user viewing the attacker-supplied data element. 2020-01-26 3.5 CVE-2020-3129
CISCO
dokeos — dokeos
 
Dokeos 2.1.1 has multiple XSS issues involving “extra_” parameters in main/auth/profile.php. 2020-01-29 3.5 CVE-2012-5776
MISC
MISC
fortinet — fortisiem
 
An Improper Neutralization of Input vulnerability in the description and title parameters of a Device Maintenance Schedule in FortiSIEM version 5.2.5 and below may allow a remote authenticated attacker to perform a Stored Cross Site Scripting attack (XSS) by injecting malicious JavaScript code into the description field of a Device Maintenance schedule. 2020-01-28 3.5 CVE-2019-17651
CONFIRM
git — git
 
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. The –export-marks option of git fast-import is exposed also via the in-stream command feature export-marks=… and it allows overwriting arbitrary paths. 2020-01-24 3.6 CVE-2019-1348
SUSE
REDHAT
MISC
MISC
google — android
 
A spoofing vulnerability exists in the way Microsoft Outlook for Android software parses specifically crafted email messages, aka ‘Outlook for Android Spoofing Vulnerability’. 2020-01-24 3.5 CVE-2019-1460
MISC
havalite — havalite_cms
 
Havalite CMS 1.1.7 has a stored XSS vulnerability 2020-01-29 3.5 CVE-2013-0161
MISC
jenkins — jenkins
 
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret. 2020-01-29 3.5 CVE-2020-2101
MLIST
CONFIRM
jenkins — jenkins
 
Jenkins Code Coverage API Plugin 1.1.2 and earlier does not escape the filename of the coverage report used in its view, resulting in a stored XSS vulnerability exploitable by users able to change job configurations. 2020-01-29 3.5 CVE-2020-2106
MLIST
CONFIRM
jenkins — jenkins
 
Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC. 2020-01-29 3.5 CVE-2020-2102
MLIST
CONFIRM
jetbrains — teamcity
 
JetBrains TeamCity before 2019.2 was vulnerable to a stored XSS attack by a user with the developer role. 2020-01-30 3.5 CVE-2020-7910
MISC
CONFIRM
linux — Linux_kernel
 
fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky use-after-free, which allows local users to cause a denial of service (OOPS) or possibly obtain sensitive information from kernel memory, aka CID-d0cb50185ae9. One attack vector may be an open system call for a UNIX domain socket, if the socket is being moved to a new parent directory and its old parent directory is being removed. 2020-01-29 3.6 CVE-2020-8428
MLIST
MLIST
MISC
MISC
MISC
linux — linux_kernel
 
In the Linux kernel before 5.3.4, fib6_rule_lookup in net/ipv6/ip6_fib.c mishandles the RT6_LOOKUP_F_DST_NOREF flag in a reference-count decision, leading to (for example) a crash that was identified by syzkaller, aka CID-7b09c2d052db. 2020-01-27 2.1 CVE-2019-20422
MISC
MISC
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka ‘Windows User Profile Service Elevation of Privilege Vulnerability’. 2020-01-24 3.6 CVE-2019-1454
MISC
netapp — e-series_santricity_os_controller_software
 
E-Series SANtricity OS Controller Software version 11.60.0 is susceptible to a vulnerability which allows an attacker to cause a Denial of Service (DoS) in IPv6 environments. 2020-01-30 3.3 CVE-2019-17273
CONFIRM
ossec — ossec-hids
 
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to path traversal (with write access) via crafted syscheck messages written directly to the analysisd UNIX domain socket by a local user. 2020-01-30 2.1 CVE-2020-8446
MISC
MISC
MISC
ossec — ossec-hids
 
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a denial of service (NULL pointer dereference) via crafted messages written directly to the analysisd UNIX domain socket by a local user. 2020-01-30 2.1 CVE-2020-8448
MISC
MISC
MISC
simplesamlphp — simplesamlphp
 
Cross-site scripting in SimpleSAMLphp before version 1.18.4. The www/erroreport.php script allows error reports to be submitted and sent to the system administrator. Starting with SimpleSAMLphp 1.18.0, a new SimpleSAML\Utils\EMail class was introduced to handle sending emails, implemented as a wrapper of an external dependency. This new wrapper allows us to use Twig templates in order to create the email sent with an error report. Since Twig provides automatic escaping of variables, manual escaping of the free-text field in www/errorreport.php was removed to avoid double escaping. However, for those not using the new user interface yet, an email template is hardcoded into the class itself in plain PHP. Since no escaping is provided in this template, it is then possible to inject HTML inside the template by manually crafting the contents of the free-text field. 2020-01-24 3.5 CVE-2020-5226
CONFIRM
MISC
suse — linux_enterprise_server
 
The permission package in SUSE Linux Enterprise Server allowed all local users to run dumpcap in the “easy” permission profile and sniff network traffic. This issue affects: SUSE Linux Enterprise Server permissions versions starting from 85c83fef7e017f8ab7f8602d3163786d57344439 to 081d081dcfaf61710bda34bc21c80c66276119aa. 2020-01-24 1.9 CVE-2019-3687
CONFIRM
suse — networkmanager
 
NetworkManager 0.9.x does not pin a certificate’s subject to an ESSID when 802.11X authentication is used. 2020-01-27 3.2 CVE-2006-7246
MISC
MISC
MISC
MISC
synacor — zimbra_collaboration
 
Zimbra Collaboration before 8.6.0 patch5 has XSS. 2020-01-27 3.5 CVE-2015-2249
CONFIRM
synacor — zimbra_collaboration
 
Zimbra Collaboration before 8.8.12 Patch 1 has persistent XSS. 2020-01-27 3.5 CVE-2019-11318
MISC
MISC
MISC
MISC
synacor — zimbra_collaboration
 
Zimbra Collaboration before 8.8.15 Patch 1 is vulnerable to a non-persistent XSS via the Admin Console. 2020-01-27 3.5 CVE-2019-12427
MISC
MISC
MISC
virgl — virglrenderer
 
A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_allocated_texture is not an appropriate place for a free. 2020-01-27 2.1 CVE-2020-8003
MISC
MISC
MISC
MISC
virgl — virglrenderer
 
A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service via commands that attempt to launch a grid without previously providing a Compute Shader (CS). 2020-01-27 2.1 CVE-2020-8002
MISC
MISC
MISC
wordpress — wordpress
 
Pinboard 1.0.6 theme for WordPress has XSS. 2020-01-27 3.5 CVE-2013-0286
MISC
wordpress — wordpress
 
The Elementor plugin before 2.8.5 for WordPress suffers from a reflected XSS vulnerability on the elementor-system-info page. These can be exploited by targeting an authenticated user. 2020-01-28 3.5 CVE-2020-8426
MISC
MISC
MISC
wowza_media_systems — wowza_streaming_engine
 
Wowza Streaming Engine 4.7.7 and 4.7.8 suffers from multiple authenticated XSS vulnerabilities via the (1) customList%5B0%5D.value field in enginemanager/server/serversetup/edit_adv.htm of the Server Setup configuration or the (2) host field in enginemanager/j_spring_security_check of the login form. 2020-01-29 3.5 CVE-2019-7655
MISC
MISC
wso2 — api_manager
 
An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the Datasource creation page of the Management Console. 2020-01-28 3.5 CVE-2019-20434
MISC
MISC
wso2 — api_manager
 
An issue was discovered in WSO2 API Manager 2.6.0. A reflected XSS attack could be performed in the inline API documentation editor page of the API Publisher by sending an HTTP GET request with a harmful docName request parameter. 2020-01-28 3.5 CVE-2019-20435
MISC
MISC
wso2 — api_manager
 
An issue was discovered in WSO2 API Manager 2.6.0. A potential stored Cross-Site Scripting (XSS) vulnerability has been identified in the inline API documentation editor page of the API Publisher. 2020-01-28 3.5 CVE-2019-20438
MISC
MISC
wso2 — api_manager
 
An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in defining a scope in the “manage the API” page of the API Publisher. 2020-01-28 3.5 CVE-2019-20439
MISC
MISC
wso2 — api_manager
 
An issue was discovered in WSO2 API Manager 2.6.0. A potential Reflected Cross-Site Scripting (XSS) vulnerability has been identified in the update API documentation feature of the API Publisher. 2020-01-28 3.5 CVE-2019-20440
MISC
MISC
wso2 — api_manager
 
An issue was discovered in WSO2 API Manager 2.6.0. A potential Stored Cross-Site Scripting (XSS) vulnerability has been identified in the ‘implement phase’ of the API Publisher. 2020-01-28 3.5 CVE-2019-20441
MISC
MISC
wso2 — multiple_products
 
An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. A potential stored Cross-Site Scripting (XSS) vulnerability in mediaType has been identified in the registry UI. 2020-01-28 3.5 CVE-2019-20443
MISC
MISC
wso2 — multiple_products
 
An issue was discovered in WSO2 API Manager 2.6.0, WSO2 Enterprise Integrator 6.5.0, WSO2 IS as Key Manager 5.7.0, and WSO2 Identity Server 5.8.0. A potential stored Cross-Site Scripting (XSS) vulnerability in roleToAuthorize has been identified in the registry UI. 2020-01-28 3.5 CVE-2019-20442
MISC
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
abrt — abrt
 
ABRT might allow attackers to obtain sensitive information from crash reports. 2020-01-31 not yet calculated CVE-2011-4088
MISC
MISC
adobe — acrobat_and_reader
 
Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2017.011.30142 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution . 2020-01-28 not yet calculated CVE-2019-8257
CONFIRM
adobe — acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.010.20064 and earlier, 2019.010.20064 and earlier, 2017.011.30110 and earlier version, and 2015.006.30461 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. 2020-01-28 not yet calculated CVE-2019-7131
CONFIRM
aircrack-ng — aircrack-ng
 
Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors. 2020-01-31 not yet calculated CVE-2014-8321
CONFIRM
MISC
MISC
CONFIRM
MISC
aircrack-ng — aircrack-ng
 
Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value. 2020-01-31 not yet calculated CVE-2014-8322
CONFIRM
MISC
MISC
MISC
CONFIRM
MISC
alcatel-lucent — 1830_photonic_service_switch Cross-site scripting (XSS) vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html. 2020-01-31 not yet calculated CVE-2014-3809
MISC
apache — jackrabbit_oak
 
The optional initial password change and password expiration features present in Apache Jackrabbit Oak 1.2.0 to 1.22.0 are prone to a sensitive information disclosure vulnerability. The code mandates the changed password to be passed as an additional attribute to the credentials object but does not remove it upon processing during the first phase of the authentication. In combination with additional, independent authentication mechanisms, this may lead to the new password being disclosed. 2020-01-28 not yet calculated CVE-2020-1940
MLIST
MLIST
MLIST
MLIST
MLIST
MLIST
MISC
MLIST
aroxsolution — school_management_software_php/mysql
 
School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=deleteadmin CSRF to delete a user. 2020-01-31 not yet calculated CVE-2020-8505
MISC
aroxsolution — school_management_software_php/mysql
 
School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=addadmin CSRF to add an administrative user. 2020-01-31 not yet calculated CVE-2020-8504
MISC
aruba — airwave_management_platform
 
A vulnerability exists in the Aruba AirWave Management Platform 8.x prior to 8.2 in the management interface of an underlying system component called RabbitMQ, which could let a malicious user obtain sensitive information. This interface listens on TCP port 15672 and 55672 2020-01-31 not yet calculated CVE-2016-2032
MISC
MISC
MISC
MISC
aruba — clearpass_policy_manager
 
Multiple vulnerabilities exist in Aruba ClearPass Policy Manager up to 6.5.6 and 6.6.0 includes SQL injection issues, unauthenticated arbitrary file read via XXE, remote root command execution, and elevated privilege issues. 2020-01-31 not yet calculated CVE-2016-2033
CONFIRM
aruba — instate
 
Multiple vulnerabilities exists in Aruba Instate before 4.1.3.0 and 4.2.3.1 due to insufficient validation of user-supplied input and insufficient checking of parameters, which could allow a malicious user to bypass security restrictions, obtain sensitive information, perform unauthorized actions and execute arbitrary code. 2020-01-31 not yet calculated CVE-2016-2031
MISC
MISC
MISC
MISC
belkin — wemo_switch Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary files onto the system. 2020-01-28 not yet calculated CVE-2013-2748
EXPLOIT-DB
BID
XF
belkin_wemo_insight_switch
 
A Stack-based Buffer Overflow vulnerability in libbelkin_api.so component of Belkin WeMo Insight Switch firmware allows a local attacker to obtain code execution on the device. This issue affects: Belkin WeMo Insight Switch firmware version 2.00.11396 and prior versions. 2020-01-27 not yet calculated CVE-2019-17094
CONFIRM
biscom — biscom_secure_file_transfer
 
Biscom Secure File Transfer (SFT) 5.0.1050 through 5.1.1067 and 6.0.1000 through 6.0.1003 allows Insecure Direct Object Reference (IDOR) by an authenticated sender because of an error in a file-upload feature. This is fixed in 5.1.1068 and 6.0.1004. 2020-01-31 not yet calculated CVE-2020-8503
MISC
bitdefender — bitdefender_antivirus_for_mac
 
A privilege escalation vulnerability in BDLDaemon as used in Bitdefender Antivirus for Mac allows a local attacker to obtain authentication tokens for requests submitted to the Bitdefender Cloud. This issue affects: Bitdefender Bitdefender Antivirus for Mac versions prior to 8.0.0. 2020-01-30 not yet calculated CVE-2020-8092
MISC
bitdefender — bitdefender_antivirus_for_mac
 
A vulnerability in the AntivirusforMac binary as used in Bitdefender Antivirus for Mac allows an attacker to inject a library using DYLD environment variable to cause third-party code execution 2020-01-30 not yet calculated CVE-2020-8093
MISC
bitdefender — bitdefender_total_security_2020
 
A vulnerability in the improper handling of junctions before deletion in Bitdefender Total Security 2020 can allow an attacker to to trigger a denial of service on the affected device. 2020-01-30 not yet calculated CVE-2020-8095
CONFIRM
bitdefender — box_2
 
An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method `/api/update_setup` does not perform firmware signature checks atomically, leading to an exploitable race condition (TOCTTOU) that allows arbitrary execution of system commands. This issue affects: Bitdefender Bitdefender BOX 2 versions prior to 2.1.47.36. 2020-01-27 not yet calculated CVE-2019-17102
CONFIRM
bitdefender — total_security_2020
 
An Untrusted Search Path vulnerability in bdserviceshost.exe as used in Bitdefender Total Security 2020 allows an attacker to execute arbitrary code. This issue does not affect: Bitdefender Total Security versions prior to 24.0.12.69. 2020-01-27 not yet calculated CVE-2019-17100
MISC
c-lightning — c-lightning
 
c-lightning before 0.7.1 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states “It can be used for testing, but it should not be used for real funds.” 2020-01-31 not yet calculated CVE-2019-12998
MISC
CONFIRM
cisco — ios_xr_software
 
A vulnerability in the implementation of Border Gateway Protocol (BGP) Ethernet VPN (EVPN) functionality in Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to incorrect processing of a BGP update message that contains crafted EVPN attributes. An attacker could indirectly exploit the vulnerability by sending BGP EVPN update messages with a specific, malformed attribute to an affected system and waiting for a user on the device to display the EVPN operational routes&rsquo; status. If successful, the attacker could cause the BGP process to restart unexpectedly, resulting in a DoS condition. The Cisco implementation of BGP accepts incoming BGP traffic only from explicitly defined peers. To exploit this vulnerability, the malicious BGP update message would need to come from a configured, valid BGP peer, or would need to be injected by the attacker into the victim’s BGP network on an existing, valid TCP connection to a BGP peer. 2020-01-26 not yet calculated CVE-2019-16018
CISCO
com.puppycrawl.tools:checkstyle — com.puppycrawl.tools:checkstyle
 
All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity (XXE) Injection due to an incomplete fix for CVE-2019-9658. 2020-01-30 not yet calculated CVE-2019-10782
MISC
cups_easy — cups_easy_purchase_&_inventory
 
Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account deletion via userdelete.php. 2020-01-28 not yet calculated CVE-2020-8425
MISC
MISC
cups_easy — cups_easy_purchase_&_inventory
 
Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account takeover via passwordmychange.php. 2020-01-28 not yet calculated CVE-2020-8424
MISC
MISC
cysharp — messagepack_for_c#_and_unity
 
MessagePack for C# and Unity before version 1.9.3 and 2.1.80 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Review the linked GitHub Security Advisory for more information and remediation steps. 2020-01-31 not yet calculated CVE-2020-5234
MISC
CONFIRM
d-link — multiple_cameras An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live video in D-Link TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-2121 1.06_FR, 1.06, and 1.05_RU, DCS-2102 1.06_FR. 1.06, and 1.05_RU, which could let a malicious user obtain sensitive information. 2020-01-28 not yet calculated CVE-2013-1600
MISC
MISC
MISC
MISC
MISC
d-link — multiple_ip_cameras An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03 due to hard-coded credentials that serve as a backdoor, which allows remote attackers to access the RTSP video stream. 2020-01-28 not yet calculated CVE-2013-1603
MISC
MISC
MISC
MISC
MISC
d-link — multiple_ip_cameras A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera?s web interface. 2020-01-28 not yet calculated CVE-2013-1599
MISC
MISC
MISC
MISC
FULLDISC
MISC
d-link — multiple_ip_cameras An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK An Information Disclosure vulnerability exists due to a failure to restrict access on the lums.cgi script when processing a live video stream in D-LINK WCS-1100 1.02, TESCO DCS-2121 1.05_TESCO, TESCO DCS-2102 1.05_TESCO, DCS-7510 1.00, DCS-7410 1.00, DCS-6410 1.00, DCS-5635 1.01, DCS-5605 1.01, DCS-5230L 1.02, DCS-5230 1.02, DCS-3430 1.02, DCS-3411 1.02, DCS-3410 1.02, DCS-2121 1.06_FR, DCS-2121 1.06, DCS-2121 1.05_RU, DCS-2102 1.06_FR, DCS-2102 1.06, DCS-2102 1.05_RU, DCS-1130L 1.04, DCS-1130 1.04_US, DCS-1130 1.03, DCS-1100L 1.04, DCS-1100 1.04_US, and DCS-1100 1.03, which could let a malicious user obtain sensitive information. which could let a malicious user obtain sensitive information. 2020-01-28 not yet calculated CVE-2013-1601
MISC
MISC
MISC
MISC
MISC
d-link — multiple_ip_cameras An Information Disclosure vulnerability exists due to insufficient validation of authentication cookies for the RTSP session in D-Link DCS-5635 1.01, DCS-1100L 1.04, DCS-1130L 1.04, DCS-1100 1.03/1.04_US, DCS-1130 1.03/1.04_US , DCS-2102 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-2121 1.05_RU/1.06/1.06_FR/1.05_TESCO, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.0, DCS-7410 1.0, DCS-7510 1.0, and WCS-1100 1.02, which could let a malicious user obtain unauthorized access to video streams. 2020-01-28 not yet calculated CVE-2013-1602
MISC
MISC
MISC
MISC
das_u-boot — das_u-bootN/A
 
In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a memory leak identified by static analysis. 2020-01-29 not yet calculated CVE-2020-8432
MISC
MISC
draytek — multiple_devices
 
DrayTek Vigor2960 1.3.1_Beta; Vigor3900 1.4.4_Beta; and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. 2020-02-01 not yet calculated CVE-2020-8515
MISC
drupal — drupal The Login Security module 6.x-1.x before 6.x-1.3 and 7.x-1.x before 7.x-1.3 for Drupal allows attackers to bypass intended restrictions via a crafted username. 2020-01-30 not yet calculated CVE-2013-2198
MISC
CONFIRM
CONFIRM
CONFIRM
drupal — drupal The Flippy module 7.x-1.x before 7.x-1.2 for Drupal does not properly restrict access to nodes, which allows remote authenticated users with the permission to access content to read a link or alias to a restricted node. 2020-01-30 not yet calculated CVE-2013-4187
MISC
MISC
MISC
CONFIRM
MISC
drupal — drupal
 
Cross-site scripting (XSS) vulnerability in vwrooms/js/jsor-jcarousel/examples/special_textscroller.php in the VideoWhisper Webcam plugins for Drupal 7.x allows remote attackers to inject arbitrary web script or HTML via a URL to a crafted SVG file in the feed parameter. 2020-01-31 not yet calculated CVE-2014-8338
MISC
MISC
eclair — eclair
 
Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states “it is beta-quality software and don’t put too much money in it.” 2020-01-31 not yet calculated CVE-2019-13000
MISC
MISC
CONFIRM
edk2 — unified_extensible_firmware_interface Integer overflow in the Drive Execution Environment (DXE) phase in the Capsule Update feature in the UEFI implementation in EDK2 allows physically proximate attackers to bypass intended access restrictions via crafted data. 2020-01-31 not yet calculated CVE-2014-4859
MISC
edk2 — unified_extensible_firmware_interface Multiple integer overflows in the Pre-EFI Initialization (PEI) boot phase in the Capsule Update feature in the UEFI implementation in EDK2 allow physically proximate attackers to bypass intended access restrictions by providing crafted data that is not properly handled during the coalescing phase. 2020-01-31 not yet calculated CVE-2014-4860
MISC
ensdomains — ens
 
A user who owns an ENS domain can set a trapdoor, allowing them to transfer ownership to another user, and later regain ownership without the new owners consent or awareness. A new ENS deployment is being rolled out that fixes this vulnerability in the ENS registry. 2020-01-31 not yet calculated CVE-2020-5232
MISC
CONFIRM
eucalyptus — eucalyptus_management_console Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2020-01-31 not yet calculated CVE-2014-5039
CONFIRM
evernote — evernote Evernote before 5.5.1 has insecure PIN storage 2020-01-31 not yet calculated CVE-2013-5112
MISC
MISC
evernote — evernote Evernote prior to 5.5.1 has insecure password change 2020-01-31 not yet calculated CVE-2013-5116
MISC
MISC
MISC
feedgen — feedgen
 
Feedgen (python feedgen) before 0.9.0 is susceptible to XML Denial of Service attacks. The *feedgen* library allows supplying XML as content for some of the available fields. This XML will be parsed and integrated into the existing XML tree. During this process, feedgen is vulnerable to XML Denial of Service Attacks (e.g. XML Bomb). This becomes a concern in particular if feedgen is used to include content from untrused sources and if XML (including XHTML) is directly included instead of providing plain tex content only. This problem has been fixed in feedgen 0.9.0 which disallows XML entity expansion and external resources. 2020-01-28 not yet calculated CVE-2020-5227
MISC
MISC
CONFIRM
fish-shell — fish-shell fish (aka fish-shell) 2.0.0 before 2.1.1 does not restrict access to the configuration service (aka fish_config), which allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by set_prompt. 2020-01-28 not yet calculated CVE-2014-2914
MISC
CONFIRM
fish-shell — fish-shell The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name. 2020-01-28 not yet calculated CVE-2014-3856
MISC
CONFIRM
MISC
fish-shell — fish-shell The psub function in fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name. 2020-01-28 not yet calculated CVE-2014-2906
MISC
MISC
CONFIRM
foscam — ip_camera_fi8620 An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a malicious user obtain sensitive information. 2020-01-29 not yet calculated CVE-2013-2574
MISC
MISC
MISC
MISC
MISC
fuji_xerox — awms_mobile_app
 
The AWMS Mobile App for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8 does not verify X.509 certificates from servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. 2020-01-31 not yet calculated CVE-2020-5526
MISC
MISC
fusionauth — fusionauth
 
An issue was discovered in FusionAuth before 1.11.0. An authenticated user, allowed to edit e-mail templates (Home -> Settings -> Email Templates) or themes (Home -> Settings -> Themes), can execute commands on the underlying operating system by abusing freemarker.template.utility.Execute in the Apache FreeMarker engine that processes custom templates. 2020-01-28 not yet calculated CVE-2020-7799
MISC
MISC
MISC
BUGTRAQ
gemalto — gemalto_tokend Gemalto Tokend 2013 has an Arbitrary File Creation/Overwrite Vulnerability 2020-01-30 not yet calculated CVE-2013-1867
MISC
MISC
git — git
 
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as “WSL”) while accessing a working directory on a regular Windows drive, none of the NTFS protections were active. 2020-01-24 not yet calculated CVE-2019-1353
SUSE
MISC
MISC
git-extras — git-extras The git-changelog utility in git-extras 1.7.0 allows local users to overwrite arbitrary files via a symlink attack on (1) /tmp/changelog or (2) /tmp/.git-effort. 2020-01-28 not yet calculated CVE-2012-6114
MISC
MISC
MISC
gitlab — ce/ee An IDOR was discovered in GitLab CE/EE 11.5 and later that allowed new merge requests endpoint to disclose label names. 2020-01-28 not yet calculated CVE-2019-5466
MISC
MISC
MISC
gitlab — ce/ee
 
An information disclosure issue was discovered in GitLab CE/EE 8.14 and later, by using the move issue feature which could result in disclosure of the newly created issue ID. 2020-01-28 not yet calculated CVE-2019-5465
MISC
MISC
MISC
gitlab — ee
 
An authorization issue was discovered in GitLab EE < 12.1.2, < 12.0.4, and < 11.11.6 allowing the merge request approval rules to be overridden without appropriate permissions. 2020-01-28 not yet calculated CVE-2019-5474
MISC
MISC
MISC
gitlab — gitlab The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories. 2020-01-28 not yet calculated CVE-2013-4583
MISC
MISC
MISC
gitlab — gitlab The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to include information from local files into the metadata of a Git repository via the web interface. 2020-01-28 not yet calculated CVE-2013-4582
MISC
MISC
MISC
gitlab — gitlab
 
An privilege escalation issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 when Mattermost slash commands are used with a blocked account. 2020-01-28 not yet calculated CVE-2019-5468
MISC
MISC
MISC
hashicorp — consul_and_consul_enterprise HashiCorp Consul and Consul Enterprise up to 1.6.2 HTTP/RPC services allowed unbounded resource usage, and were susceptible to unauthenticated denial of service. Fixed in 1.6.3. 2020-01-31 not yet calculated CVE-2020-7219
MISC
MISC
hashicorp — consul_and_consul_enterprise
 
HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. Fixed in 1.6.3. 2020-01-31 not yet calculated CVE-2020-7955
MISC
MISC
hashicorp — nomad_and_nomad_enterprise
 
HashiCorp Nomad and Nomad Enterprise before 0.10.3 allow unbounded resource usage. 2020-01-31 not yet calculated CVE-2020-7218
MISC
MISC
hashicorp — nomad_and_nomad_enterprise
 
HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validated role/region associated with TLS certificates used for mTLS RPC, and were susceptible to privilege escalation. Fixed in 0.10.3. 2020-01-31 not yet calculated CVE-2020-7956
MISC
MISC
hp — intel-based_business_pcs
 
A potential security vulnerability with pre-boot DMA may allow unauthorized UEFI code execution using open-case attacks. This industry-wide issue requires physically accessing internal expansion slots with specialized hardware and software tools to modify UEFI code in memory. This affects HP Intel-based Business PCs that support Microsoft Windows 10 Kernel DMA protection. Affected versions depend on platform (prior to 01.04.02; or prior to 02.04.01; or prior to 02.04.02). 2020-01-31 not yet calculated CVE-2019-18913
CONFIRM
htcondor — mrg_grid
 
The scheduler in HTCondor before 8.2.6 allows remote authenticated users to execute arbitrary code. 2020-01-31 not yet calculated CVE-2014-8126
MISC
MISC
MISC
MISC
ibm — watson_iot_message_gateway
 
IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2 is vulnerable to a buffer overflow, caused by improper bounds checking when handling a failed HTTP request with specific content in the headers. By sending a specially crafted HTTP request, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause a denial of service. IBM X-Force ID: 174972. 2020-01-28 not yet calculated CVE-2020-4207
XF
CONFIRM
ibm — websphere_application_server
 
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume all available memory. IBM X-Force ID: 172125. 2020-01-31 not yet calculated CVE-2019-4720
XF
CONFIRM
idelji — web_viewpoint_and_web_viewpoint_plus_and_web_viewpoint_enterprise
 
An issue was discovered in Idelji Web ViewPoint H01ABO-H01BY and L01ABP-L01ABZ, Web ViewPoint Plus H01AAG-H01AAQ and L01AAH-L01AAR, and Web ViewPoint Enterprise H01-H01AAE and L01-L01AAF. By reading ADB or AADB file content within the Installation subvolume, a Guardian user can discover the password of the group.user or alias who acknowledges events from the WVP Events screen. 2020-01-27 not yet calculated CVE-2019-19539
CONFIRM

info-zip — unzip

Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. 2020-01-31 not yet calculated CVE-2014-8140
MISC
MISC
MISC
MISC
info-zip — unzip
 
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. 2020-01-31 not yet calculated CVE-2014-8139
MISC
MISC
MISC
MISC
info-zip — unzip
 
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. 2020-01-31 not yet calculated CVE-2014-8141
MISC
MISC
MISC
MISC
infoware — mapsuite mapapi Cross-site scripting (XSS) vulnerability in infoware MapSuite MapAPI 1.0.x before 1.0.36 and 1.1.x before 1.1.49 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2020-01-31 not yet calculated CVE-2014-2843
MISC
MISC
MISC
intel — multiple_intel_processors
 
Cleanup errors in some data cache evictions for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 2020-01-28 not yet calculated CVE-2020-0549
CONFIRM
intel — multiple_intel_processors
 
Cleanup errors in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. 2020-01-28 not yet calculated CVE-2020-0548
CONFIRM
intergraph_corporation — erdas_er_viewer
 
ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities 2020-01-30 not yet calculated CVE-2013-0725
MISC
MISC
israeli_ex_libris — aleph_500 Multiple SQL injection vulnerabilities in cgi-bin/review_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to execute arbitrary SQL commands via the (1) find, (2) lib, or (3) sid parameter. 2020-01-30 not yet calculated CVE-2014-3719
MISC
MISC
israeli_ex_libris — aleph_500 Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/tag_m.cgi in Ex Libris ALEPH 500 (Integrated library management system) 18.1 and 20 allow remote attackers to inject arbitrary web script or HTML via the (1) find, (2) lib, or (3) sid parameter. 2020-01-30 not yet calculated CVE-2014-3718
MISC
MISC
jetbrains — intellij_idea
 
In JetBrains IntelliJ IDEA 2019.2, an XSLT debugger plugin misconfiguration allows arbitrary file read operations over the network. This issue was fixed in 2019.3. 2020-01-31 not yet calculated CVE-2020-7914
MISC
CONFIRM
joomla! — joomla! An issue was discovered in Joomla! before 3.9.15. Missing token checks in the batch actions of various components cause CSRF vulnerabilities. 2020-01-28 not yet calculated CVE-2020-8419
MISC
joomla! — joomla!
 
An issue was discovered in Joomla! before 3.9.15. Inadequate escaping of usernames allows XSS attacks in com_actionlogs. 2020-01-28 not yet calculated CVE-2020-8421
MISC
joomla! — joomla!
 
An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of com_templates causes a CSRF vulnerability. 2020-01-28 not yet calculated CVE-2020-8420
MISC
kronos — kronos_web_time_and_attendance A stored XSS vulnerability in Kronos Web Time and Attendance (webTA) affects 3.8.x and later 3.x versions before 4.0 via multiple input fields (Login Message, Banner Message, and Password Instructions) of the com.threeis.webta.H261configMenu servlet via an authenticated administrator. 2020-01-30 not yet calculated CVE-2020-8493
MISC
MISC
kronos — kronos_web_time_and_attendance
 
In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H491delegate servlet allows an attacker with Timekeeper or Supervisor privileges to gain unauthorized administrative privileges within the application via the delegate, delegateRole, and delegatorUserId parameters. 2020-01-30 not yet calculated CVE-2020-8495
MISC
MISC
kronos — kronos_web_time_and_attendance
 
In Kronos Web Time and Attendance (webTA) 4.1.x and later 4.x versions before 5.0, there is a Stored XSS vulnerability by setting the Application Banner input field of the /ApplicationBanner page as an authenticated administrator. 2020-01-30 not yet calculated CVE-2020-8496
MISC
MISC
kronos — kronos_web_time_and_attendance
 
In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H402editUser servlet allows an attacker with Timekeeper, Master Timekeeper, or HR Admin privileges to gain unauthorized administrative privileges within the application via the emp_id, userid, pw1, pw2, supervisor, and timekeeper parameters. 2020-01-30 not yet calculated CVE-2020-8494
MISC
MISC
ktor — ktor
 
In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn’t handle Content-Length and Transfer-Encoding properly or doesn’t handle \n as a headers separator. 2020-01-27 not yet calculated CVE-2020-5207
MISC
CONFIRM
liferay — portal_ce
 
In LifeRay Portal CE 7.1.0 through 7.2.1, the First Name, Middle Name, and Last Name fields for user accounts in MyAccountPortlet are all vulnerable to a persistent XSS issue. Any user can modify these fields with a particular XSS payload, and it will be stored in the database. The payload will then be rendered when a user utilizes the search feature to search for other users (i.e., if a user with modified fields occurs in the search results). 2020-01-28 not yet calculated CVE-2020-7934
MISC
lightning_labs — lightning_network_daemon
 
Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger loss of funds because of Incorrect Access Control. 2020-01-31 not yet calculated CVE-2019-12999
MISC
MISC
CONFIRM
linux — linux_kernel
 
In a Linux KVM guest that has PV TLB enabled, a process in the guest kernel may be able to read memory locations from another process in the same guest. This problem is limit to the host running linux kernel 4.10 with a guest running linux kernel 4.16 or later. The problem mainly affects AMD processors but Intel CPUs cannot be ruled out. 2020-01-31 not yet calculated CVE-2019-3016
CONFIRM
CONFIRM
CONFIRM
logmein — lastpass LastPass prior to 2.5.1 allows secure wipe bypass. 2020-01-31 not yet calculated CVE-2013-5114
MISC
MISC
MISC
logmein — lastpass LastPass prior to 2.5.1 has an insecure PIN implementation. 2020-01-31 not yet calculated CVE-2013-5113
MISC
MISC
MISC
lzx_apps — super_file_explorer
 
An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the root path. By default, there is no password set for the FTP or Web UI service. 2020-01-28 not yet calculated CVE-2020-7998
MISC
MISC
manageengine — desktopcentral Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the webroot. 2020-01-27 not yet calculated CVE-2013-7390
MISC
MISC
mediawiki — mediawiki
 
The Scribunto extension for MediaWiki allows remote attackers to obtain the rollback token and possibly other sensitive information via a crafted module, related to unstripping special page HTML. 2020-01-27 not yet calculated CVE-2014-9481
MISC
MISC
CONFIRM
MISC
micasaverde — veralite The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or (2) remote authenticated users to execute arbitrary Lua code via a RunLua action in a request to port_49451/upnp/control/hag. 2020-01-28 not yet calculated CVE-2013-4863
MISC
MISC
MISC
micasaverde — veralite MiCasaVerde VeraLite with firmware 1.5.408 does not properly restrict access, which allows remote authenticated users to (1) update the firmware via the squashfs parameter to upgrade_step2.sh or (2) obtain hashed passwords via the cgi-bin/cmh/backup.sh page. 2020-01-28 not yet calculated CVE-2013-4862
MISC
MISC
MISC
micasaverde — veralite Directory traversal vulnerability in cgi-bin/cmh/get_file.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote authenticated users to read arbirary files via a .. (dot dot) in the filename parameter. 2020-01-28 not yet calculated CVE-2013-4861
MISC
MISC
MISC
micasaverde — veralite MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to send HTTP requests to intranet servers via the url parameter to cgi-bin/cmh/proxy.sh, related to a Server-Side Request Forgery (SSRF) issue. 2020-01-28 not yet calculated CVE-2013-4864
MISC
MISC
MISC
micasaverde — veralite Cross-site request forgery (CSRF) vulnerability in upgrade_step2.sh in MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to hijack the authentication of users for requests that install arbitrary firmware via the squashfs parameter. 2020-01-28 not yet calculated CVE-2013-4865
MISC
MISC
MISC
motu — motu_avb_devices
 
AVB MOTU devices through 2020-01-22 allow /.. Directory Traversal, as demonstrated by reading the /etc/passwd file. 2020-01-27 not yet calculated CVE-2020-8009
MISC
multiple_vendors — multiple_bios_implementations
 
The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local users to bypass the Secure Boot protection mechanism and gain privileges by leveraging write access to physical memory. 2020-01-30 not yet calculated CVE-2015-0949
MISC
multiple_vendors — multiple_realtek_sdk_based_routers
 
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) allows remote attackers to retrieve the configuration, including sensitive data (usernames and passwords). This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12. 2020-01-27 not yet calculated CVE-2019-19822
MISC
MISC
FULLDISC
FULLDISC
MISC
MISC
multiple_vendors — multiple_realtek_sdk_based_routers
 
A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12. 2020-01-27 not yet calculated CVE-2019-19823
MISC
MISC
FULLDISC
FULLDISC
MISC
MISC
neato — botvac_connected
 
An issue was discovered in Neato Botvac Connected 2.2.0. The GenerateRobotPassword function of the NeatoCrypto library generates insufficiently random numbers for robot secret_key values used for local and cloud authentication/authorization. If an attacker knows the serial number and is able to estimate the time of first provisioning of a robot, he is able to brute force the generated secret_key of the robot. This is because the entropy of the secret_key exclusively relies on these two values, due to not seeding the random generator and using several constant inputs for secret_key computation. Serial numbers are printed on the packaging and equal the MAC address of the robot. 2020-01-27 not yet calculated CVE-2018-19441
MISC
MISC
netapp — oncommand_system_manager NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to inject arbitrary commands in the Halt/Reboot interface. 2020-01-31 not yet calculated CVE-2013-3322
XF
MISC
nethack — nethack
 
In NetHack before 3.6.5, detecting an unknown configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5. 2020-01-28 not yet calculated CVE-2020-5214
CONFIRM
nethack — nethack
 
In NetHack before 3.6.5, too long of a value for the SYMBOL configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5. 2020-01-28 not yet calculated CVE-2020-5213
CONFIRM
nethack — nethack
 
In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5. 2020-01-28 not yet calculated CVE-2020-5212
CONFIRM
nethack — nethack
 
In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence command line options. Users should upgrade to NetHack 3.6.5. 2020-01-28 not yet calculated CVE-2020-5210
MISC
CONFIRM
nethack — nethack
 
In NetHack before 3.6.5, unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence command line options. Users should upgrade to NetHack 3.6.5. 2020-01-28 not yet calculated CVE-2020-5209
MISC
CONFIRM
nethack — nethack
 
In NetHack before 3.6.5, an invalid extended command in value for the AUTOCOMPLETE configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to upload their own configuration files. Users should upgrade to NetHack 3.6.5. 2020-01-28 not yet calculated CVE-2020-5211
CONFIRM
network_time_protocol — network_time_protocol
 
Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use ‘\’ or ‘/’ characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files. 2020-01-28 not yet calculated CVE-2015-7851
MISC
MISC
MISC
node-uuid — node-uuid
 
node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for attackers to have unspecified impact via brute force guessing. 2020-01-30 not yet calculated CVE-2015-8851
MISC
MISC
CONFIRM
CONFIRM
oauth2_proxy — oauth2_proxy
 
OAuth2 Proxy before 5.0 has an open redirect vulnerability. Authentication tokens could be silently harvested by an attacker. This has been patched in version 5.0. 2020-01-30 not yet calculated CVE-2020-5233
MISC
MISC
CONFIRM
open-xchange — open-xchange_app_suite Multiple absolute path traversal vulnerabilities in documentconverter in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allow remote attackers to read application files via a full pathname in a crafted (1) OLE Object or (2) image in an OpenDocument text file. 2020-01-31 not yet calculated CVE-2014-5236
MISC
MISC
MISC
opencast — opencast
 
Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. Furthermore, the hashes are salted using the username instead of a random salt, causing hashes for users with the same username and password to collide which is problematic especially for popular users like the default `admin` user. This essentially means that for an attacker, it might be feasible to reconstruct a user’s password given access to these hashes. Note that attackers needing access to the hashes means that they must gain access to the database in which these are stored first to be able to start cracking the passwords. The problem is addressed in Opencast 8.1 which now uses the modern and much stronger bcrypt password hashing algorithm for storing passwords. Note, that old hashes remain MD5 until the password is updated. For a list of users whose password hashes are stored using MD5, take a look at the `/user-utils/users/md5.json` REST endpoint. 2020-01-30 not yet calculated CVE-2020-5229
MISC
CONFIRM
opencast — opencast
 
Opencast before 7.6 and 8.1 enables a remember-me cookie based on a hash created from the username, password, and an additional system key. This means that an attacker getting access to a remember-me token for one server can get access to all servers which allow log-in using the same credentials without ever needing the credentials. This problem is fixed in Opencast 7.6 and Opencast 8.1 2020-01-30 not yet calculated CVE-2020-5222
MISC
CONFIRM
opencast — opencast
 
Opencast before 8.1 and 7.6 allows almost arbitrary identifiers for media packages and elements to be used. This can be problematic for operation and security since such identifiers are sometimes used for file system operations which may lead to an attacker being able to escape working directories and write files to other locations. In addition, Opencast’s Id.toString(?) vs Id.compact(?) behavior, the latter trying to mitigate some of the file system problems, can cause errors due to identifier mismatch since an identifier may unintentionally change. This issue is fixed in Opencast 7.6 and 8.1. 2020-01-30 not yet calculated CVE-2020-5230
MISC
CONFIRM
opencast — opencast
 
In Opencast before 7.6 and 8.1, users with the role ROLE_COURSE_ADMIN can use the user-utils endpoint to create new users not including the role ROLE_ADMIN. ROLE_COURSE_ADMIN is a non-standard role in Opencast which is referenced neither in the documentation nor in any code (except for tests) but only in the security configuration. From the name ? implying an admin for a specific course ? users would never expect that this role allows user creation. This issue is fixed in 7.6 and 8.1 which both ship a new default security configuration. 2020-01-30 not yet calculated CVE-2020-5231
MISC
CONFIRM
opencast — opencast
 
Opencast before 8.1 and 7.6 allows unauthorized public access to all media and metadata by default via OAI-PMH. OAI-PMH is part of the default workflow and is activated by default, requiring active user intervention of users to protect media. This leads to users unknowingly handing out public access to events without their knowledge. The problem has been addressed in Opencast 7.6 and 8.1 where the OAI-PMH endpoint is configured to require users with `ROLE_ADMIN` by default. In addition to this, Opencast 9 removes the OAI-PMH publication from the default workflow, making the publication a conscious decision users have to make by updating their workflows. 2020-01-30 not yet calculated CVE-2020-5228
MISC
CONFIRM
opencast — opencast
 
In Opencast before 7.6 and 8.1, using a remember-me cookie with an arbitrary username can cause Opencast to assume proper authentication for that user even if the remember-me cookie was incorrect given that the attacked endpoint also allows anonymous access. This way, an attacker can, for example, fake a remember-me token, assume the identity of the global system administrator and request non-public content from the search service without ever providing any proper authentication. This problem is fixed in Opencast 7.6 and Opencast 8.1 2020-01-30 not yet calculated CVE-2020-5206
MISC
CONFIRM
openjpeg_2.3.1 — openjpeg_2.3.1N/A
 
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851. 2020-01-28 not yet calculated CVE-2020-8112
MISC
MLIST
opensc — opensc.tokend
 
OpenSC OpenSC.tokend has an Arbitrary File Creation/Overwrite Vulnerability 2020-01-30 not yet calculated CVE-2013-1866
MISC
MISC
ossec — ossec-hids
 
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted). 2020-01-30 not yet calculated CVE-2020-8443
MISC
MISC
MISC
ossec — ossec-hids
 
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of ossec-alert formatted msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted). 2020-01-30 not yet calculated CVE-2020-8444
MISC
MISC
MISC
ossec — ossec-hids
 
In OSSEC-HIDS 2.7 through 3.5.0, the OS_CleanMSG function in ossec-analysisd doesn’t remove or encode terminal control characters or newlines from processed log messages. In many cases, those characters are later logged. Because newlines (\n) are permitted in messages processed by ossec-analysisd, it may be possible to inject nested events into the ossec log. Use of terminal control characters may allow obfuscating events or executing commands when viewed through vulnerable terminal emulators. This may be an unauthenticated remote attack for certain types and origins of logged data. 2020-01-30 not yet calculated CVE-2020-8445
MISC
MISC
MISC
ossec — ossec-hids
 
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of syscheck formatted msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted). 2020-01-30 not yet calculated CVE-2020-8447
MISC
MISC
MISC
pandora_fms — pandora_fms
 
Pandora FMS ? 7.42 suffers from a remote code execution vulnerability. To exploit the vulnerability, an authenticated user should create a new folder with a “tricky” name in the filemanager. The exploit works when the php-fileinfo extension is disabled on the host system. The attacker must include shell metacharacters in the content type. 2020-01-30 not yet calculated CVE-2019-20050
MISC
perl — perl Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files. 2020-01-31 not yet calculated CVE-2011-4115
MISC
MISC
CONFIRM
perl — perl Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value. 2020-01-28 not yet calculated CVE-2013-1437
MISC
MISC
MISC
perl — perl The Batch::BatchRun module 1.03 for Perl does not properly handle temporary files. 2020-01-31 not yet calculated CVE-2011-4117
MISC
MISC
MISC
perl — perl The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when using IO::Socket::SSL as the SSL socket class, allows attackers to disable server certificate validation via the (1) HTTPS_CA_DIR or (2) HTTPS_CA_FILE environment variable. 2020-01-28 not yet calculated CVE-2014-3230
MISC
MISC
MISC
MISC
MISC
perl — perl _is_safe in the File::Temp module for Perl does not properly handle symlinks. 2020-01-31 not yet calculated CVE-2011-4116
MISC
MISC
MISC
MISC
MISC
pivotal — pivotal_tc_server_and_pivotal_tc_runtime
 
In Pivotal tc Server, 3.x versions prior to 3.2.19 and 4.x versions prior to 4.0.10, and Pivotal tc Runtimes, 7.x versions prior to 7.0.99.B, 8.x versions prior to 8.5.47.A, and 9.x versions prior to 9.0.27.A, when a tc Runtime instance is configured with the JMX Socket Listener, a local attacker without access to the tc Runtime process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack to capture user names and passwords used to access the JMX interface. The attacker can then use these credentials to access the JMX interface and gain complete control over the tc Runtime instance. 2020-01-27 not yet calculated CVE-2019-11288
CONFIRM
polycom — hdx_video_end_points_and_uc_ap Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature. 2020-01-28 not yet calculated CVE-2012-6610
MISC
MISC
polycom — web_management_interface_g3/hdx_8000_hd Directory traversal vulnerability in a_getlog.cgi in Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter. 2020-01-28 not yet calculated CVE-2012-6609
MISC
MISC
prosody — prosody
 
The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. This grants remote entities admin-only functionality if their username matches the username of a local admin. 2020-01-28 not yet calculated CVE-2020-8086
MISC
MISC
CONFIRM
BUGTRAQ
DEBIAN
python — python The py-bcrypt module before 0.3 for Python does not properly handle concurrent memory access, which allows attackers to bypass authentication via multiple authentication requests, which trigger the password hash to be overwritten. 2020-01-28 not yet calculated CVE-2013-1895
MISC
MISC
MISC
MISC
MISC
python — python
 
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking. 2020-01-30 not yet calculated CVE-2020-8492
MISC
MISC
MISC
qemu — qemu
 
The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors. 2020-01-31 not yet calculated CVE-2015-6815
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
CONFIRM
CONFIRM
rockwell_automation — arena_simulation_software
 
A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities. 2020-01-27 not yet calculated CVE-2019-13521
MISC
MISC
rockwell_automation — arena_simulation_software
 
A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities. 2020-01-27 not yet calculated CVE-2019-13519
MISC
MISC
senior — rubiweb
 
Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37 allows admin access to sensitive information of affected users using vulnerable versions. The attacker only needs to provide the correct URL. 2020-01-31 not yet calculated CVE-2019-19550
CONFIRM
silicon_graphics_international — sgi_tempo
 
SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading etc/dbdump.db. 2020-01-27 not yet calculated CVE-2014-7303
MISC
MISC
silicon_graphics_international — sgi_tempo
 
SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to change the permissions of arbitrary files by executing /opt/sgi/sgimc/bin/vx. 2020-01-27 not yet calculated CVE-2014-7302
MISC
MISC
silicon_graphics_international — sgi_tempo
 
SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading /etc/odapw. 2020-01-27 not yet calculated CVE-2014-7301
MISC
MISC
simplejobscript — simplejobscript
 
controllers/page_apply.php in Simplejobscript.com SJS through 1.66 is prone to unauthenticated Remote Code Execution by uploading a PHP script as a resume. 2020-01-31 not yet calculated CVE-2020-8440
CONFIRM
smc_networks — d3g0804w_d3gnv5m-3.5.1.6.10_ga_devices
 
SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must use a Parameter Pollution approach against goform/formSetDiagnosticToolsFmPing by providing the vlu_diagnostic_tools__ping_address parameter twice: once with a shell metacharacter and a command name, and once with a command argument. 2020-01-27 not yet calculated CVE-2020-8087
MISC
solarwinds — n-central
 
SolarWinds N-central before 12.1 SP1 HF5 and 12.2 before SP1 HF2 allows remote attackers to retrieve cleartext domain admin credentials from the Agent & Probe settings, and obtain other sensitive information. The attacker can use a customer ID to self register and read any aspects of the agent/appliance configuration. 2020-01-26 not yet calculated CVE-2020-7984
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
sonalak — verax_nms Verax NMS prior to 2.1.0 has multiple security bypass vulnerabilities 2020-01-30 not yet calculated CVE-2013-1350
MISC
MISC
sonalak — verax_nms Verax NMS prior to 2.1.0 uses an encryption key that is hardcoded in a JAR archive. 2020-01-30 not yet calculated CVE-2013-1352
MISC
MISC
MISC
sonalak — verax_nms Verax NMS prior to 2.10 allows authentication via the encrypted password without knowing the cleartext password. 2020-01-30 not yet calculated CVE-2013-1351
MISC
MISC
MISC
sonalak — verax_nms
 
Verax NMS prior to 2.1.0 leaks connection details when any user executes a Repair Table action 2020-01-30 not yet calculated CVE-2013-1631
MISC
MISC
sudo — sudo
 
In Sudo before 1.8.26, if pwfeedback is enabled in /etc/sudoers, users can trigger a stack-based buffer overflow in the privileged sudo process. (pwfeedback is a default setting in Linux Mint and elementary OS; however, it is NOT the default for upstream and many other packages, and would exist only if enabled by an administrator.) The attacker needs to deliver a long string to the stdin of getln() in tgetpass.c. 2020-01-29 not yet calculated CVE-2019-18634
FULLDISC
MLIST
MLIST
MLIST
BUGTRAQ
BUGTRAQ
BUGTRAQ
CONFIRM
DEBIAN
CONFIRM
MISC
suse — linux_enterprise_server_15_obs-service-tar_scm_and_opensuse_factory_obs-service-tar_scm Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. This issue affects: SUSE Linux Enterprise Server 15 obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74:. openSUSE Factory obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74. 2020-01-27 not yet calculated CVE-2018-12476
CONFIRM
suse — opensuse_leap_yast2-rmt
 
A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log file. This issue affects: SUSE Linux Enterprise Server 15 yast2-rmt versions prior to 1.2.2. openSUSE Leap yast2-rmt versions prior to 1.2.2. 2020-01-27 not yet calculated CVE-2018-20105
CONFIRM
suse — suse_studio_onsite_susestudio-common
 
A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite susestudio-common version 1.3.17-56.6.3 and prior versions. 2020-01-27 not yet calculated CVE-2017-14806
CONFIRM
suse — suse_studio_onsite_susestudio-ui-server
 
An Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in Studio to alter SQL statements, allowing for extraction and modification of data. This issue affects: SUSE Studio onsite susestudio-ui-server version 1.3.17-56.6.3 and prior versions. 2020-01-27 not yet calculated CVE-2017-14807
CONFIRM
sylius — resourcebundle
 
Sylius ResourceBundle accepts and uses any serialisation groups to be passed via a HTTP header. This might lead to data exposure by using an unintended serialisation group – for example it could make Shop API use a more permissive group from Admin API. Anyone exposing an API with ResourceBundle’s controller is affected. The vulnerable versions are: <1.3 || >=1.3.0 <=1.3.12 || >=1.4.0 <=1.4.5 || >=1.5.0 <=1.5.0 || >=1.6.0 <=1.6.2. The patch is provided for Sylius ResourceBundle 1.3.13, 1.4.6, 1.5.1 and 1.6.3, but not for any versions below 1.3. 2020-01-27 not yet calculated CVE-2020-5220
MISC
CONFIRM
sylius — sylius
 
Affected versions of Sylius give attackers the ability to switch channels via the _channel_code GET parameter in production environments. This was meant to be enabled only when kernel.debug is set to true. However, if no sylius_channel.debug is set explicitly in the configuration, the default value which is kernel.debug will be not resolved and cast to boolean, enabling this debug feature even if that parameter is set to false. Patch has been provided for Sylius 1.3.x and newer – 1.3.16, 1.4.12, 1.5.9, 1.6.5. Versions older than 1.3 are not covered by our security support anymore. 2020-01-27 not yet calculated CVE-2020-5218
MISC
CONFIRM
tensorflow — tensorflow
 
In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker can send a data point which contains a string instead of a tf.float16 value. Similar effects can be obtained by manipulating saved models and checkpoints whereby replacing a scalar tf.float16 value with a scalar string will trigger this issue due to automatic conversions. This can be easily reproduced by tf.constant(“hello”, tf.float16), if eager execution is enabled. This issue is patched in TensorFlow 1.15.1 and 2.0.1 with this vulnerability patched. TensorFlow 2.1.0 was released after we fixed the issue, thus it is not affected. Users are encouraged to switch to TensorFlow 1.15.1, 2.0.1 or 2.1.0. 2020-01-28 not yet calculated CVE-2020-5215
MISC
MISC
MISC
CONFIRM
tibco_software — tibco_patterns_-_search
 
The user interface component of TIBCO Software Inc.’s TIBCO Patterns – Search contains multiple vulnerabilities that theoretically allow authenticated users to perform persistent cross-site scripting (XSS) attacks. Affected releases are TIBCO Software Inc.’s TIBCO Patterns – Search: versions 5.4.0 and below. 2020-01-28 not yet calculated CVE-2019-17338
CONFIRM
CONFIRM
totolink — realtek_sdk_based_routers
 
On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {“topicurl”:”setting/getSanvas”} POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. (Also, the CAPTCHA text is not needed once the attacker has determined valid credentials. The attacker can perform router actions via HTTP requests with Basic Authentication.) This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0. 2020-01-27 not yet calculated CVE-2019-19825
MISC
FULLDISC
FULLDISC
MISC
totolink — realtek_sdk_based_routers
 
On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device’s internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0. 2020-01-27 not yet calculated CVE-2019-19824
MISC
FULLDISC
FULLDISC
MISC
trend_micro — anti-threat_toolkit
 
Trend Micro Anti-Threat Toolkit (ATTK) versions 1.62.0.1218 and below have a vulnerability that may allow an attacker to place malicious files in the same directory, potentially leading to arbitrary remote code execution (RCE) when executed. Another attack vector similar to CVE-2019-9491 was idenitfied and resolved in version 1.62.0.1228 of the tool. 2020-01-30 not yet calculated CVE-2019-20358
FULLDISC
N/A
N/A
united_planet — intrexx_professional Unrestricted file upload vulnerability in an unspecified third party tool in United Planet Intrexx Professional before 5.2 Online Update 0905 and 6.x before 6.0 Online Update 10 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unknown vectors. 2020-01-31 not yet calculated CVE-2014-2025
MISC
MISC
CONFIRM
usebb — usebb
 
panel_login.php in UseBB 1.0.12 allows type juggling for login bypass because != is used instead of !== for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters. 2020-01-27 not yet calculated CVE-2020-8088
MISC
videolan — vlc_media_player Multiple cross-site scripting (XSS) vulnerabilities in the HTTP Interface in VideoLAN VLC Media Player before 2.0.7 allow remote attackers to inject arbitrary web script or HTML via the (1) command parameter to requests/vlm_cmd.xml, (2) dir parameter to requests/browse.xml, or (3) URI in a request, which is returned in an error message through share/lua/intf/http.lua. 2020-01-31 not yet calculated CVE-2013-3565
MISC
MISC
MISC
MISC
vtiger — vtiger_crm vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in ‘customerportal.php’ which allows remote attackers to view files and execute local script code. 2020-01-28 not yet calculated CVE-2013-3212
EXPLOIT-DB
BID
XF
web2project — web2project Multiple SQL injection vulnerabilities in web2Project 3.1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) search_string parameter in the contacts module to index.php or allow remote attackers to execute arbitrary SQL commands via the updatekey parameter to (2) do_updatecontact.php or (3) updatecontact.php. 2020-01-31 not yet calculated CVE-2014-3119
MISC
MISC
MISC
webargs — webargs
 
flaskparser.py in Webargs 5.x through 5.5.2 doesn’t check that the Content-Type header is application/json when receiving JSON input. If the request body is valid JSON, it will accept it even if the content type is application/x-www-form-urlencoded. This allows for JSON POST requests to be made across domains, leading to CSRF. 2020-01-29 not yet calculated CVE-2020-7965
CONFIRM
wolfssl — cyassl The DoAlert function in the (1) TLS and (2) DTLS implementations in wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact and vectors, which trigger memory corruption or an out-of-bounds read. 2020-01-28 not yet calculated CVE-2014-2896
MISC
MISC
CONFIRM
CONFIRM
wolfssl — cyassl wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact via multiple calls to the CyaSSL_read function which triggers an out-of-bounds read when an error occurs, related to not checking the return code and MAC verification failure. 2020-01-28 not yet calculated CVE-2014-2898
MISC
MISC
CONFIRM
CONFIRM
wolfssl — cyassl The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC, which triggers an out-of-bounds read. 2020-01-28 not yet calculated CVE-2014-2897
MISC
MISC
CONFIRM
CONFIRM
wordpress — wordpress Multiple cross-site scripting (XSS) vulnerabilities in the HMS Testimonials plugin before 2.0.11 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) name, (2) image, (3) url, or (4) testimonial parameter to the Testimonial form (hms-testimonials-addnew page); (5) date_format parameter to the Settings – Default form (hms-testimonials-settings page); (6) name parameter in a Save action to the Settings – Custom Fields form (hms-testimonials-settings-fields page); or (7) name parameter in a Save action to the Settings – Template form (hms-testimonials-templates-new page). 2020-01-30 not yet calculated CVE-2013-4241
MISC
MISC
MISC
MISC
MISC
wordpress — wordpress
 
The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu. 2020-01-28 not yet calculated CVE-2020-8417
MISC
MISC
wordpress — wordpress
 
NextGEN Gallery Plugin for WordPress 1.9.10 and 1.9.11 has a Path Disclosure Vulnerability 2020-01-30 not yet calculated CVE-2013-0291
MISC
MISC
wordpress — wordpress
 
XSS exists in the shortcode functionality of the GistPress plugin before 3.0.2 for WordPress via the includes/class-gistpress.php id parameter. This allows an attacker with the WordPress Contributor role to execute arbitrary JavaScript code with the privileges of other users (e.g., ones who have the publish_posts capability). 2020-01-30 not yet calculated CVE-2020-8498
MISC
MISC
MISC
wowza — wowza_streaming_engine
 
A privilege escalation vulnerability in Wowza Streaming Engine 4.7.7 and 4.7.8 allows any unprivileged Linux user to escalate privileges to root. The installer sets too relaxed permissions on /usr/local/WowzaStreamingEngine/bin/* core program files. By injecting a payload into one of those files, it will run with the same privileges as the Wowza server, root. For example, /usr/local/WowzaStreamingEngine/bin/tune.sh could be replaced with a Trojan horse. 2020-01-29 not yet calculated CVE-2019-7656
MISC
MISC
wowza — wowza_streaming_engine
 
Wowza Streaming Engine 4.7.7 and 4.7.8 suffers from multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as adding another admin user via enginemanager/server/user/edit.htm in the Server->Users component. 2020-01-29 not yet calculated CVE-2019-7654
MISC
MISC
xpient — xpient_point_of_sale_systems Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the cash drawer. 2020-01-28 not yet calculated CVE-2013-2571
MISC
MISC
MISC
MISC
zoho_manageengine — remote_access_plus
 
An authorization issue was discovered in the Credential Manager feature in Zoho ManageEngine Remote Access Plus before 10.0.450. A user with the Guest role can extract the collection of all defined credentials of remote machines: the credential name, credential type, user name, domain/workgroup name, and description (but not the password). 2020-01-31 not yet calculated CVE-2020-8422
MISC
MISC

Back to top

This product is provided subject to this Notification and this Privacy & Use policy.