| abb — esoms |
For ABB eSOMS versions 4.0 to 6.0.3, the X-Content-Type-Options Header is missing in the HTTP response, potentially causing the response body to be interpreted and displayed as different content type other than declared. A possible attack scenario would be unauthorized code execution via text interpreted as JavaScript. |
2020-04-02 |
4.3 |
CVE-2019-19089
CONFIRM |
| abb — esoms |
For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP response. This can potentially allow ‘ClickJacking’ attacks where an attacker can frame parts of the application on a malicious web site, revealing sensitive user information such as authentication credentials. |
2020-04-02 |
4.3 |
CVE-2019-19001
CONFIRM |
abb — esoms
|
Lack of input checks for SQL queries in ABB eSOMS versions 3.9 to 6.0.3 might allow an attacker SQL injection attacks against the backend database. |
2020-04-02 |
6.5 |
CVE-2019-19094
CONFIRM |
abb — esoms
|
For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. This can allow Javascript to access the cookie contents, which in turn might enable Cross Site Scripting. |
2020-04-02 |
4.3 |
CVE-2019-19003
CONFIRM |
abb — esoms
|
ABB eSOMS versions 4.0 to 6.0.3 accept connections using medium strength ciphers. If a connection is enabled using such a cipher, an attacker might be able to eavesdrop and/or intercept the connection. |
2020-04-02 |
4.3 |
CVE-2019-19097
CONFIRM |
abb — esoms
|
eSOMS versions 4.0 to 6.0.3 do not enforce password complexity settings, potentially resulting in lower access security due to insecure user passwords. |
2020-04-02 |
6.4 |
CVE-2019-19093
CONFIRM |
abb — esoms
|
For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information. |
2020-04-02 |
6.4 |
CVE-2019-19000
CONFIRM |
abb — esoms
|
For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. An attacker might use this detail information to specifically craft the attack. |
2020-04-02 |
4 |
CVE-2019-19091
CONFIRM |
advantech — webaccess
|
In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution. |
2020-03-27 |
6.5 |
CVE-2020-10607
MISC |
advantech — webaccess
|
Advantech WebAccess 8.3.4 does not properly restrict an RPC call that allows unauthenticated, remote users to read files. An attacker can use this vulnerability to recover the administrator password. |
2020-04-01 |
5 |
CVE-2019-3942
MISC |
apache — dubbo
|
Unsafe deserialization occurs within a Dubbo application which has HTTP remoting enabled. An attacker may submit a POST request with a Java object in it to completely compromise a Provider instance of Apache Dubbo, if this instance enables HTTP. This issue affected Apache Dubbo 2.7.0 to 2.7.4, 2.6.0 to 2.6.7, and all 2.5.x versions. |
2020-04-01 |
6.8 |
CVE-2019-17564
MISC |
apache — http_server
|
In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL. |
2020-04-02 |
5.8 |
CVE-2020-1927
MLIST
MLIST
CONFIRM
MLIST
MLIST |
| apache — netbeans |
The “Apache NetBeans” autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an attacker to intercept downloads of autoupdates and modify the download, potentially injecting malicious code. “Apache NetBeans” versions up to and including 11.2 are affected by this vulnerability. |
2020-03-30 |
6.4 |
CVE-2019-17560
MISC |
apache — netbeans
|
The “Apache NetBeans” autoupdate system does not fully validate code signatures. An attacker could modify the downloaded nbm and include additional code. “Apache NetBeans” versions up to and including 11.2 are affected by this vulnerability. |
2020-03-30 |
5 |
CVE-2019-17561
MISC |
| apache — ofbiz |
Data sent with contentId to /control/stream is not sanitized, allowing XSS attacks in Apache OFBiz 16.11.01 to 16.11.07. |
2020-04-01 |
4.3 |
CVE-2020-1943
MISC |
apache — sling_cms
|
Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS attacks. |
2020-04-01 |
4.3 |
CVE-2020-1949
MISC |
apache — solr
|
In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all authorization settings for such requests. This affects all Solr versions prior to 7.7 that use the default authorization mechanism of Solr (RuleBasedAuthorizationPlugin). |
2020-04-01 |
4 |
CVE-2018-11802
MISC |
| apple — ios_and_ipados |
A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPadOS 13.4. An attacker in a privileged network position may be able to intercept Bluetooth traffic. |
2020-04-01 |
4 |
CVE-2020-9770
MISC |
| apple — ios_and_ipados |
An issue existed in the selection of video file by Mail. The issue was fixed by selecting the latest version of a video. This issue is fixed in iOS 13.4 and iPadOS 13.4. Cropped videos may not be shared properly via Mail. |
2020-04-01 |
5 |
CVE-2020-9777
MISC |
apple — ios_and_ipados
|
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4. A maliciously crafted page may interfere with other web contexts. |
2020-04-01 |
4.3 |
CVE-2020-3888
MISC |
apple — ios_and_ipados
|
The issue was addressed by clearing website permission prompts after navigation. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user may grant website permissions to a site they didn’t intend to. |
2020-04-01 |
5 |
CVE-2020-9781
MISC |
apple — ios_and_ipados
|
The issue was addressed with improved deletion. This issue is fixed in iOS 13.4 and iPadOS 13.4. Deleted messages groups may still be suggested as an autocompletion. |
2020-04-01 |
5 |
CVE-2020-3890
MISC |
apple — ios_and_ipados
|
An issue existed in the handling of tabs displaying picture in picture video. The issue was corrected with improved state handling. This issue is fixed in iOS 13.4 and iPadOS 13.4. A user’s private browsing activity may be unexpectedly saved in Screen Time. |
2020-04-01 |
5 |
CVE-2020-9775
MISC |
apple — macos_catalina
|
This issue was addressed with a new entitlement. This issue is fixed in macOS Catalina 10.15.4. A malicious application may be able to access a user’s call history. |
2020-04-01 |
4.3 |
CVE-2020-9776
MISC |
| apple — macos_high_sierra_and_catalina |
An injection issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.4. A remote attacker may be able to cause arbitrary javascript code execution. |
2020-04-01 |
4.3 |
CVE-2020-3884
MISC |
apple — macos_mojave_and_catalina
|
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.4. A maliciously crafted application may be able to bypass code signing enforcement. |
2020-04-01 |
6.8 |
CVE-2020-3906
MISC |
|
apple — macos_mojave_and_catalina_and_high_sierrra
|
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory. |
2020-04-01 |
6.6 |
CVE-2020-3908
MISC |
|
apple — macos_mojave_and_catalina_and_high_sierrra
|
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory. |
2020-04-01 |
6.6 |
CVE-2020-3912
MISC |
|
apple — macos_mojave_and_catalina_and_high_sierrra
|
An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory. |
2020-04-01 |
6.6 |
CVE-2020-3907
MISC |
apple — multiple_devices
|
A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to code execution. |
2020-04-01 |
6.8 |
CVE-2020-9783
MISC
MISC
MISC
MISC
MISC
MISC |
| apple — multiple_products |
A memory initialization issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. An application may be able to read restricted memory. |
2020-04-01 |
4.3 |
CVE-2020-3914
MISC
MISC
MISC
MISC |
| apple — multiple_products |
A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download’s origin may be incorrectly associated. |
2020-04-01 |
4.3 |
CVE-2020-3887
MISC
MISC
MISC
MISC
MISC
MISC |
apple — multiple_products
|
The issue was addressed with improved handling of icon caches. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, tvOS 13.4, watchOS 6.2. A malicious application may be able to identify what other applications a user has installed. |
2020-04-01 |
4.3 |
CVE-2020-9773
MISC
MISC
MISC
MISC |
apple — multiple_products
|
A permissions issue existed. This issue was addressed with improved permission validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, macOS Catalina 10.15.4, watchOS 6.2. A malicious application may be able to elevate privileges. |
2020-04-01 |
6.8 |
CVE-2020-3913
MISC
MISC
MISC |
apple — multiple_products
|
An input validation issue was addressed with improved input validation. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to a cross site scripting attack. |
2020-04-01 |
4.3 |
CVE-2020-3902
MISC
MISC
MISC
MISC
MISC
MISC |
apple — multiple_products
|
A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution. |
2020-04-01 |
6.8 |
CVE-2020-3900
MISC
MISC
MISC
MISC
MISC
MISC
MISC |
apple — multiple_products
|
An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, watchOS 6.2. Setting an alternate app icon may disclose a photo without needing permission to access photos. |
2020-04-01 |
5 |
CVE-2020-3916
MISC
MISC |
|
apple — multiple_products
|
A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, watchOS 6.2, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. Processing maliciously crafted web content may lead to arbitrary code execution. |
2020-04-01 |
6.8 |
CVE-2020-3901
MISC
MISC
MISC
MISC
MISC
MISC
MISC |
apple — safari
|
A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1. A malicious iframe may use another website’s download settings. |
2020-04-01 |
4.3 |
CVE-2020-9784
MISC |
avast — avast_antivirus
|
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to make arbitrary changes to the Components section of the Stats.ini file via RPC from a Low Integrity process. |
2020-04-01 |
5 |
CVE-2020-10865
MISC
MISC
MISC |
avast — avast_antivirus
|
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Arbitrary File Deletion from Avast Program Path via RPC, when Self Defense is Enabled. |
2020-04-01 |
6.4 |
CVE-2020-10861
MISC
MISC
MISC |
avast — avast_antivirus
|
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to launch the Repair App RPC call from a Low Integrity process. |
2020-04-01 |
5 |
CVE-2020-10868
MISC
MISC
MISC |
avast — avast_antivirus
|
An issue was discovered in Avast Antivirus before 20. An Arbitrary Memory Address Overwrite vulnerability in the aswAvLog Log Library results in Denial of Service of the Avast Service (AvastSvc.exe). |
2020-04-01 |
5 |
CVE-2020-10860
MISC
MISC
MISC |
avast — avast_antivirus
|
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a shutdown via RPC from a Low Integrity process via TempShutDownMachine. |
2020-04-01 |
5 |
CVE-2020-10863
MISC
MISC
MISC |
avast — avast_antivirus
|
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to achieve Local Privilege Escalation (LPE) via RPC. |
2020-04-01 |
4.6 |
CVE-2020-10862
MISC
MISC
MISC |
avast — avast_antivirus
|
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a reboot via RPC from a Low Integrity process. |
2020-04-01 |
5 |
CVE-2020-10864
MISC
MISC
MISC |
avast — avast_antivirus
|
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to enumerate the network interfaces and access points from a Low Integrity process via RPC. |
2020-04-01 |
5 |
CVE-2020-10866
MISC
MISC
MISC |
|
cacagoo — cloud_storage_intelligent_camera_tv_288zd-2mp
|
The CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmware 3.4.2.0919 allows access to the RTSP service without a password. |
2020-04-02 |
5 |
CVE-2020-9349
MISC
MISC |
deskpro — deskpro
|
An issue was discovered in Deskpro before 2019.8.0. The /api/people endpoint failed to properly validate a user’s privilege, allowing an attacker to retrieve sensitive information about all users registered on the system. This includes their full name, privilege, email address, phone number, etc. |
2020-04-01 |
4 |
CVE-2020-11464
MISC
MISC
MISC |
deskpro — deskpro
|
An issue was discovered in Deskpro before 2019.8.0. The /api/tickets endpoint failed to properly validate a user’s privilege, allowing an attacker to retrieve arbitrary information about all helpdesk tickets stored in database with numerous filters. This leaked sensitive information to unauthorized parties. Additionally, it leaked ticket authentication code, making it possible to make changes to a ticket. |
2020-04-01 |
4 |
CVE-2020-11466
MISC
MISC
MISC |
deskpro — deskpro
|
An issue was discovered in Deskpro before 2019.8.0. The /api/email_accounts endpoint failed to properly validate a user’s privilege, allowing an attacker to retrieve cleartext credentials of all helpdesk email accounts, including incoming and outgoing email credentials. This enables an attacker to get full access to all emails sent or received by the system including password reset emails, making it possible to reset any user’s password. |
2020-04-01 |
5 |
CVE-2020-11463
MISC
MISC
MISC |
deskpro — deskpro
|
An issue was discovered in Deskpro before 2019.8.0. The /api/apps/* endpoints failed to properly validate a user’s privilege, allowing an attacker to control/install helpdesk applications and leak current applications’ configurations, including applications used as user sources (used for authentication). This enables an attacker to forge valid authentication models that resembles any user on the system. |
2020-04-01 |
6.5 |
CVE-2020-11465
MISC
MISC
MISC |
deskpro — deskpro
|
An issue was discovered in Deskpro before 2019.8.0. This product enables administrators to modify the helpdesk interface by editing /portal/api/style/edit-theme-set/template-sources theme templates, and uses TWIG as its template engine. While direct access to self and _self variables was not permitted, one could abuse the accessible variables in one’s context to reach a native unserialize function via the code parameter. There, on could pass a crafted payload to trigger a set of POP gadgets in order to achieve remote code execution. |
2020-04-01 |
6.5 |
CVE-2020-11467
MISC
MISC
MISC |
| f5 — big-ip |
On BIG-IP 15.1.0.1, specially formatted HTTP/3 messages may cause TMM to produce a core file. |
2020-03-27 |
5 |
CVE-2020-5859
MISC |
| f5 — big-ip |
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, undisclosed HTTP behavior may lead to a denial of service. |
2020-03-27 |
5 |
CVE-2020-5857
MISC |
| f5 — big-ip |
On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under certain conditions, TMM may crash or stop processing new traffic with the DPDK/ENA driver on AWS systems while sending traffic. This issue does not affect any other platforms, hardware or virtual, or any other cloud provider since the affected driver is specific to AWS. |
2020-03-27 |
5 |
CVE-2020-5862
MISC |
| f5 — big-ip |
On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in some cases when Ram Cache incorrectly optimizes stored data resulting in memory errors. |
2020-03-27 |
5 |
CVE-2020-5861
MISC |
f5 — big-ip
|
On BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, users with non-administrator roles (for example, Guest or Resource Administrator) with tmsh shell access can execute arbitrary commands with elevated privilege via a crafted tmsh command. |
2020-03-27 |
4.6 |
CVE-2020-5858
MISC |
f5 — big-ip_and_big-iq
|
On BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5.1, and 11.5.2-11.6.5.1 and BIG-IQ 7.0.0, 6.0.0-6.1.0, and 5.2.0-5.4.0, in a High Availability (HA) network failover in Device Service Cluster (DSC), the failover service does not require a strong form of authentication and HA network failover traffic is not encrypted by Transport Layer Security (TLS). |
2020-03-27 |
6.8 |
CVE-2020-5860
MISC |
fasterxml — jackson-databind
|
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). |
2020-03-31 |
6.8 |
CVE-2020-11111
MISC
MISC
CONFIRM |
fasterxml — jackson-databind
|
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). |
2020-03-31 |
6.8 |
CVE-2020-11113
MISC
MISC
CONFIRM |
fasterxml — jackson-databind
|
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). |
2020-03-31 |
6.8 |
CVE-2020-11112
MISC
MISC
CONFIRM |
fortinet — fortios
|
An external control of system vulnerability in FortiOS may allow an authenticated, regular user to change the routing settings of the device via connecting to the ZebOS component. |
2020-04-02 |
6.5 |
CVE-2018-13371
MISC |
gitlab — gitlab
|
GitLab through 12.9 is affected by a potential DoS in repository archive download. |
2020-03-27 |
5 |
CVE-2020-10954
CONFIRM
MISC |
gitlab — gitlab_community_and_enterprise_editions
|
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images. |
2020-03-27 |
5.8 |
CVE-2020-10952
CONFIRM
MISC |
gitlab — gitlab_community_and_enterprise_editions
|
GitLab EE/CE 11.1 through 12.9 is vulnerable to parameter tampering on an upload feature that allows an unauthorized user to read content available under specific folders. |
2020-03-27 |
4 |
CVE-2020-10955
CONFIRM
MISC |
gitlab — gitlab_enterprise_edition
|
In GitLab EE 11.7 through 12.9, the NPM feature is vulnerable to a path traversal issue. |
2020-03-27 |
5 |
CVE-2020-10953
CONFIRM
MISC |
grandstream — ucm6200_series_devices
|
The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. This could allow an attacker to retrieve all passwords and possibly gain elevated privileges. |
2020-03-30 |
5 |
CVE-2020-5723
CONFIRM |
grandstream — ucm6200_series_devices
|
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server’s websockify endpoint. A remote unauthenticated attacker can invoke the login action with a crafted username and, through the use of timing attacks, can discover user passwords. |
2020-03-30 |
4.3 |
CVE-2020-5725
MISC
CONFIRM |
grandstream — ucm6200_series_devices
|
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords. |
2020-03-30 |
5 |
CVE-2020-5726
MISC
CONFIRM |
grandstream — ucm6200_series_devices
|
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server’s websockify endpoint. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords. |
2020-03-30 |
5 |
CVE-2020-5724
CONFIRM |
| gstreamer — gst-rtsp-server |
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability. |
2020-03-27 |
5 |
CVE-2020-6095
MISC
MISC |
haproxy — haproxy
|
In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution. |
2020-04-02 |
6.5 |
CVE-2020-11100
SUSE
MISC
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
| huawei — multiple_smartax_devices |
There is a buffer overflow vulnerability in some Huawei products. The vulnerability can be exploited by an attacker to perform remote code execution on the affected products when the affected product functions as an optical line terminal (OLT). Affected product versions include:SmartAX MA5600T versions V800R013C10, V800R015C00, V800R015C10, V800R017C00, V800R017C10, V800R018C00, V800R018C10; SmartAX MA5800 versions V100R017C00, V100R017C10, V100R018C00, V100R018C10, V100R019C10; SmartAX EA5800 versions V100R018C00, V100R018C10, V100R019C10. |
2020-04-02 |
5.2 |
CVE-2020-9067
CONFIRM |
ibm — process_federation_server
|
The IBM Process Federation Server 18.0.0.1, 18.0.0.2, 19.0.0.1, 19.0.0.2, and 19.0.0.3 Global Teams REST API does not properly shutdown the thread pools that it creates to retrieve Global Teams information from the federated systems. As a consequence, the Java Virtual Machine can’t recover the memory used by those thread pools, which leads to an OutOfMemory exception when the Process Federation Server Global Teams REST API is used extensively. IBM X-Force ID: 177596. |
2020-04-02 |
4 |
CVE-2020-4325
XF
CONFIRM |
ibm — spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to overwrite or create arbitrary files on the system. IBM X-Force ID: 175417. |
2020-03-31 |
6.4 |
CVE-2020-4240
XF
CONFIRM |
ibm — spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow a remote attacker to arbitrary delete a directory caused by improper validation of user-supplied input. IBM X-Force ID: 175026. |
2020-03-31 |
6.4 |
CVE-2020-4214
XF
CONFIRM |
ibm — tivoli_netcool_impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 175412. |
2020-03-31 |
5 |
CVE-2020-4239
XF
CONFIRM |
ibm — tivoli_netcool_impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 175411. |
2020-03-31 |
6.8 |
CVE-2020-4238
XF
CONFIRM |
ibm — tivoli_netcool_impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 175410. |
2020-03-31 |
6.8 |
CVE-2020-4237
XF
CONFIRM |
ibm — tivoli_netcool_impact
|
IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17 could allow an authenticated user to cause a denial of service due to improper content parsing in the project management module. IBM X-Force ID: 175409. |
2020-03-31 |
4 |
CVE-2020-4236
XF
CONFIRM |
ibm — websphere_application_server_liberty
|
IBM WebSphere Application Server – Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176670. |
2020-04-02 |
4.3 |
CVE-2020-4304
XF
CONFIRM |
ibm — websphere_application_server_liberty
|
IBM WebSphere Application Server – Liberty 17.0.0.3 through 20.0.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176668. |
2020-04-02 |
4.3 |
CVE-2020-4303
XF
CONFIRM |
| intland_software — codebeamer |
codeBeamer before 9.5.0-RC3 does not properly restrict the ability to execute custom Java code and access the Java class loader via computed fields. |
2020-04-02 |
4.3 |
CVE-2019-20635
MISC |
| kubernetes — api_server |
The Kubernetes API server component in versions prior to 1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via successful API requests. |
2020-03-27 |
5 |
CVE-2020-8552
MISC
MISC |
kubernetes — api_server
|
The Kubernetes API Server component in versions 1.1-1.14, and versions prior to 1.15.10, 1.16.7 and 1.17.3 allows an authorized user who sends malicious YAML payloads to cause the kube-apiserver to consume excessive CPU cycles while parsing YAML. |
2020-04-01 |
4 |
CVE-2019-11254
MISC
MISC |
leantime — leantime
|
Leantime before versions 2.0.15 and 2.1-beta3 has a SQL Injection vulnerability. The impact is high. Malicious users/attackers can execute arbitrary SQL queries negatively affecting the confidentiality, integrity, and availability of the site. Attackers can exfiltrate data like the users’ and administrators’ password hashes, modify data, or drop tables. The unescaped parameter is “searchUsers” when sending a POST request to “/tickets/showKanban” with a valid session. In the code, the parameter is named “users” in class.tickets.php. This issue is fixed in versions 2.0.15 and 2.1.0 beta 3. |
2020-03-31 |
6.5 |
CVE-2020-5292
MISC
MISC
CONFIRM |
lenovo — lenovo_solution_center
|
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center (LSC) prior to version 3.3.002 that could allow cross-site request forgery. |
2020-03-27 |
6.8 |
CVE-2015-8536
MISC |
lenovo — multiple_devices
|
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A race condition was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow a user to execute arbitrary code with elevated privileges. |
2020-03-27 |
6.9 |
CVE-2015-7335
MISC |
lenovo — multiple_devices
|
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow the signature check of an update to be bypassed. |
2020-03-27 |
5 |
CVE-2015-7336
MISC |
limesurvey — limesurvey
|
LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php. |
2020-04-01 |
5 |
CVE-2020-11455
MISC |
limesurvey — limesurvey
|
LimeSurvey before 4.1.12+200324 has stored XSS in application/views/admin/surveysgroups/surveySettings.php and application/models/SurveysGroups.php (aka survey groups). |
2020-04-01 |
4.3 |
CVE-2020-11456
MISC |
microstrategy — web_services
|
The Upload Visualization plugin in the Microstrategy Web 10.4 admin panel allows an administrator to upload a ZIP archive containing files with arbitrary extensions and data. (This is also exploitable via SSRF.) |
2020-04-02 |
6.5 |
CVE-2020-11451
MISC
FULLDISC
MISC
MISC |
microstrategy — web_services
|
Microstrategy Web 10.4 is vulnerable to Server-Side Request Forgery in the Test Web Service functionality exposed through the path /MicroStrategyWS/. The functionality requires no authentication and, while it is not possible to pass parameters in the SSRF request, it is still possible to exploit it to conduct port scanning. An attacker could exploit this vulnerability to enumerate the resources allocated in the network (IP addresses and services exposed). |
2020-04-02 |
5 |
CVE-2020-11453
MISC
FULLDISC
MISC
MISC |
microstrategy — web_services
|
Microstrategy Web 10.4 exposes the JVM configuration, CPU architecture, installation folder, and other information through the URL /MicroStrategyWS/happyaxis.jsp. An attacker could use this vulnerability to learn more about the environment the application is running in. |
2020-04-02 |
5 |
CVE-2020-11450
MISC
FULLDISC
MISC
MISC |
microstrategy — web_services
|
Microstrategy Web 10.4 includes functionality to allow users to import files or data from external resources such as URLs or databases. By providing an external URL under attacker control, it’s possible to send requests to external resources (aka SSRF) or leak files from the local system using the file:// stream wrapper. |
2020-04-02 |
4 |
CVE-2020-11452
MISC
FULLDISC
MISC
MISC |
misp_project — misp
|
app/Model/feed.php in MISP before 2.4.124 allows administrators to choose arbitrary files that should be ingested by MISP. This does not cause a leak of the full contents of a file, but does cause a leaks of strings that match certain patterns. Among the data that can leak are passwords from database.php or GPG key passphrases from config.php. |
2020-04-02 |
4 |
CVE-2020-11458
MISC
MISC |
mongodb — js-bson
|
Incorrect parsing of certain JSON input may result in js-bson not correctly serializing BSON. This may cause unexpected application behaviour including data disclosure. |
2020-03-31 |
5.5 |
CVE-2019-2391
CONFIRM |
moodle — moodle
|
A vulnerability was found in Moodle versions 3.7 before 3.7.3, 3.6 before 3.6.7, 3.5 before 3.5.9 and earlier. OAuth 2 providers who do not verify users’ email address changes require additional verification during sign-up to reduce the risk of account compromise. |
2020-03-31 |
6.4 |
CVE-2019-14880
CONFIRM
MISC |
| open_source_social_network — open_source_social_network |
An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file path with a weak cryptographic rand() can be used to read any file with the permissions of the webserver. This can lead to further compromise. The attacker must conduct a brute-force attack against the SiteKey to insert into a crafted URL for components/OssnComments/ossn_com.php and/or libraries/ossn.lib.upgrade.php. |
2020-03-30 |
4.3 |
CVE-2020-10560
MISC
MISC |
osmand — osmand
|
Osmand through 2.0.0 allow XXE because of binary/BinaryMapIndexReader.java. |
2020-03-27 |
6.4 |
CVE-2020-10993
MISC |
|
otrs — open_ticket_request_system_and_open_ticket_request_system_community_edition
|
An attacker with the ability to generate session IDs or password reset tokens, either by being able to authenticate or by exploiting OSA-2020-09, may be able to predict other users session IDs, password reset tokens and automatically generated passwords. This issue affects ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS; 7.0.15 and prior versions. |
2020-03-27 |
5.5 |
CVE-2020-1773
MISC |
|
otrs — open_ticket_request_system_and_open_ticket_request_system_community_edition
|
In the login screens (in agent and customer interface), Username and Password fields use autocomplete, which might be considered as security issue. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions. |
2020-03-27 |
4 |
CVE-2020-1769
MISC |
|
otrs — open_ticket_request_system_and_open_ticket_request_system_community_edition
|
It’s possible to craft Lost Password requests with wildcards in the Token value, which allows attacker to retrieve valid Token(s), generated by users which already requested new passwords. This issue affects: ((OTRS)) Community Edition 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions. |
2020-03-27 |
5 |
CVE-2020-1772
MISC |
|
otrs — open_ticket_request_system_and_open_ticket_request_system_community_edition
|
Support bundle generated files could contain sensitive information that might be unwanted to be disclosed. This issue affects: ((OTRS)) Community Edition: 5.0.41 and prior versions, 6.0.26 and prior versions. OTRS: 7.0.15 and prior versions. |
2020-03-27 |
4 |
CVE-2020-1770
MISC |
| phoenix_contact — pc_worx_srt |
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation. |
2020-03-27 |
4.6 |
CVE-2020-10939
CONFIRM |
| phoenix_contact — portico_server |
Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as a service. |
2020-03-27 |
4.6 |
CVE-2020-10940
CONFIRM |
| php — php |
In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead to information disclosure or crash. |
2020-04-01 |
5.8 |
CVE-2020-7064
MISC
CONFIRM |
php — php
|
In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution. |
2020-04-01 |
6.8 |
CVE-2020-7065
MISC
CONFIRM |
php — php
|
In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make incorrect assumptions about the target of the get_headers() and possibly send some information to a wrong server. |
2020-04-01 |
4.3 |
CVE-2020-7066
MISC
CONFIRM |
progress_software — telerik_ui_for_silverlight
|
An issue was discovered in Progress Telerik UI for Silverlight before 2020.1.330. The RadUploadHandler class in RadUpload for Silverlight expects a web request that provides the file location of the uploading file along with a few other parameters. The uploading file location should be inside the directory where the upload handler class is defined. Before 2020.1.330, a crafted web request could result in uploads to arbitrary locations. |
2020-03-31 |
5 |
CVE-2020-11414
MISC |
| proofpoint — email_protection |
An issue was discovered in Proofpoint Email Protection through 2019-09-08. By collecting scores from Proofpoint email headers, it is possible to build a copy-cat Machine Learning Classification model and extract insights from this model. The insights gathered allow an attacker to craft emails that receive preferable scores, with a goal of delivering malicious emails. |
2020-03-30 |
6.4 |
CVE-2019-20634
MISC
MISC |
red_hat — ansible_engine
|
A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible’s nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues. |
2020-03-31 |
4.6 |
CVE-2019-14905
REDHAT
REDHAT
CONFIRM
FEDORA |
red_hat — openshift/apb-base
|
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/apb-base, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4. An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. |
2020-04-02 |
4.4 |
CVE-2019-19348
CONFIRM |
red_hat — openshift/mariadb-apb
|
An insecure modification vulnerability in the /etc/passwd file was found in the container openshift/mariadb-apb, affecting versions before the following 4.3.5, 4.2.21, 4.1.37, and 3.11.188-4 . An attacker with access to the container could use this flaw to modify /etc/passwd and escalate their privileges. |
2020-04-02 |
4.4 |
CVE-2019-19346
CONFIRM |
redpwn — redpwnctf
|
In RedpwnCTF before version 2.3, there is a session fixation vulnerability in exploitable through the `#token=$ssid` hash when making a request to the `/verify` endpoint. An attacker team could potentially steal flags by, for example, exploiting a stored XSS payload in a CTF challenge so that victim teams who solve the challenge are unknowingly (and against their will) signed into the attacker team's account. Then, the attacker can gain points / value off the backs of the victims. This is patched in version 2.3. |
2020-04-01 |
4.3 |
CVE-2020-5290
MISC
CONFIRM |
| responsive_filemanager — responsive_filemanager |
An issue was discovered in Responsive Filemanager through 9.14.0. In the dialog.php page, the session variable $_SESSION[‘RF’][“view_type”] wasn’t sanitized if it was already set. This made stored XSS possible if one opens ajax_calls.php and uses the “view” action and places a payload in the type parameter, and then returns to the dialog.php page. This occurs because ajax_calls.php was also able to set the $_SESSION[‘RF’][“view_type”] variable, but there it wasn’t sanitized. |
2020-03-30 |
4.3 |
CVE-2020-11106
MISC |
| sunnet_technology — ehrd |
Sunnet eHRD, a human training and development management system, improperly stores system files. Attackers can use a specific URL and capture confidential information. |
2020-03-27 |
5 |
CVE-2020-10508
CONFIRM
MISC |
| sunnet_technology — ehrd |
Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers can inject arbitrary command into the system and launch XSS attack. |
2020-03-27 |
4.3 |
CVE-2020-10509
CONFIRM
MISC |
sunnet_technology — ehrd
|
Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality and data. |
2020-03-27 |
4 |
CVE-2020-10510
CONFIRM
MISC |
symfony — symfony
|
In Symfony before versions 4.4.7 and 5.0.7, when a `Response` does not contain a `Content-Type` header, affected versions of Symfony can fallback to the format defined in the `Accept` header of the request, leading to a possible mismatch between the response's content and `Content-Type` header. When the response is cached, this can prevent the use of the website by other users. This has been patched in versions 4.4.7 and 5.0.7. |
2020-03-30 |
4 |
CVE-2020-5255
MISC
CONFIRM
MISC |
symfony — symfony
|
In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule’s attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the check of next attributes that should have been take into account in an unanimous strategy. The accessDecisionManager is now called with all attributes at once, allowing the unanimous strategy being applied on each attribute. This issue is patched in versions 4.4.7 and 5.0.7. |
2020-03-30 |
5.5 |
CVE-2020-5275
CONFIRM
CONFIRM |
symfony — symfony
|
In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the `ErrorHandler` rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the stacktrace is only display in debug configuration. This issue is patched in symfony/http-foundation versions 4.4.5 and 5.0.5 |
2020-03-30 |
5.5 |
CVE-2020-5274
MISC
MISC
CONFIRM |
technicolor — tc7337_devices
|
An issue was discovered on Technicolor TC7337 8.89.17 devices. An attacker can discover admin credentials in the backup file, aka backupsettings.conf. |
2020-04-01 |
5 |
CVE-2020-11449
MISC |
tikiwiki — groupware_and_cms
|
There is an Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in php webpages of Tiki-Wiki Groupware. Tiki-Wiki CMS all versions through 20.0 allows malicious users to cause the injection of malicious code fragments (scripts) into a legitimate web page. |
2020-04-01 |
4.3 |
CVE-2020-8966
CONFIRM
CONFIRM |
| totemo — totemomail |
An insecure direct object reference in webmail in totemo totemomail 7.0.0 allows an authenticated remote user to read and modify mail folder names of other users via enumeration. |
2020-03-27 |
5.5 |
CVE-2020-7918
MISC
MISC |
toyota — model_year_2017_display_control_unit
|
Toyota 2017 Model Year DCU (Display Control Unit) allows an unauthenticated attacker within Bluetooth range to cause a denial of service attack and/or execute an arbitrary command. The affected DCUs are installed in Lexus (LC, LS, NX, RC, RC F), TOYOTA CAMRY, and TOYOTA SIENNA manufactured in the regions other than Japan from Oct. 2016 to Oct. 2019. An attacker with certain knowledge on the target vehicle control system may be able to send some diagnostic commands to ECUs with some limited availability impacts; the vendor states critical vehicle controls such as driving, turning, and stopping are not affected. |
2020-03-30 |
5.4 |
CVE-2020-5551
MISC
MISC |
| ubiquiti — unifi_video_controller |
The UniFi Video Server (Windows) web interface configuration restore functionality at the “backup” and “wizard” endpoints does not implement sufficient privilege checks. Low privileged users, belonging to the PUBLIC_GROUP or CUSTOM_GROUP groups, can access these endpoints and overwrite the current application configuration. This can be abused for various purposes, including adding new administrative users. Affected Products: UniFi Video Controller v3.9.3 (for Windows 7/8/10 x64) and prior. Fixed in UniFi Video Controller v3.9.6 and newer. |
2020-04-01 |
4 |
CVE-2020-8145
CONFIRM |
ubiquiti — unifi_video_controller
|
In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. The issue was fixed by adjusting the .tsExport folder when the controller is running on Windows and adjusting the SafeDllSearchMode in the windows registry when installing UniFi-Video controller. Affected Products: UniFi Video Controller v3.10.2 (for Windows 7/8/10 x64) and prior. Fixed in UniFi Video Controller v3.10.3 and newer. |
2020-04-01 |
6.9 |
CVE-2020-8146
CONFIRM |
ubiquiti — unifi_video_controller
|
The UniFi Video Server v3.9.3 and prior (for Windows 7/8/10 x64) web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure they are within the intended destination directory tree. It accepts a request with a URL to firmware update information. If the version field contains ..\ character sequences, the destination file path to save the firmware can be manipulated to be outside the intended destination directory tree. Fixed in UniFi Video Controller v3.10.3 and newer. |
2020-04-01 |
5.2 |
CVE-2020-8144
CONFIRM |
| unisoon — ultralog_express |
UltraLog Express device management software stores user’s information in cleartext. Any user can obtain accounts information through a specific page. |
2020-03-27 |
5 |
CVE-2020-3921
MISC |
unisoon — ultralog_express
|
UltraLog Express device management interface does not properly perform access authentication in some specific pages/functions. Any user can access the privileged page to manage accounts through specific system directory. |
2020-03-27 |
5.5 |
CVE-2020-3920
MISC |
|
university_of_southern_california — innovation_in_integrated_informatics_lab_cereal
|
An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an (initialized) C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information (such as memory layout or private keys) can be gleaned if the archive is distributed outside of a trusted context. |
2020-03-30 |
5 |
CVE-2020-11104
MISC |
| vertiv — avocent_universal_management_gateway |
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to stored XSS. A remote attacker authenticated with an administrator account could store a maliciously named file within the web application that would execute each time a user browsed to the page. |
2020-03-30 |
6 |
CVE-2019-9508
MISC
MISC |
vertiv — avocent_universal_management_gateway
|
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to reflected XSS in an HTTP POST parameter. The web application does not neutralize user-controllable input before displaying to users in a web page, which could allow a remote attacker authenticated with a user account to execute arbitrary code. |
2020-03-30 |
6.5 |
CVE-2019-9509
MISC
MISC |
weberp — weberp
|
In webERP 4.15, the Import Bank Transactions function fails to sanitize the content of imported MT940 bank statement files, resulting in the execution of arbitrary SQL queries, aka SQL Injection. |
2020-03-30 |
6.5 |
CVE-2019-7755
MISC
MISC
MISC |
| wordpress — wordpress |
A stored cross-site scripting (XSS) vulnerability exists in the Auth0 plugin before 4.0.0 for WordPress via the settings page. |
2020-04-01 |
4.3 |
CVE-2020-5392
CONFIRM
MISC
CONFIRM |
| wordpress — wordpress |
The custom-searchable-data-entry-system (aka Custom Searchable Data Entry System) plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued. |
2020-03-27 |
6.5 |
CVE-2020-10817
MISC
MISC |
wordpress — wordpress
|
An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. A user can perform an insecure direct object reference. |
2020-04-01 |
6.5 |
CVE-2020-7948
MISC
CONFIRM
CONFIRM
MISC |
wordpress — wordpress
|
Cross-site request forgery (CSRF) vulnerabilities exist in the Auth0 plugin before 4.0.0 for WordPress via the domain field. |
2020-04-01 |
6.8 |
CVE-2020-5391
CONFIRM
MISC
CONFIRM |
wordpress — wordpress
|
The Login by Auth0 plugin before 4.0.0 for WordPress allows stored XSS on multiple pages, a different issue than CVE-2020-5392. |
2020-04-01 |
4.3 |
CVE-2020-6753
CONFIRM
MISC
CONFIRM |
yahoo — elide
|
In Elide before 4.5.14, it is possible for an adversary to “guess and check” the value of a model field they do not have access to assuming they can read at least one other field in the model. The adversary can construct filter expressions for an inaccessible field to filter a collection. The presence or absence of models in the returned collection can be used to reconstruct the value of the inaccessible field. Resolved in Elide 4.5.14 and greater. |
2020-03-30 |
4 |
CVE-2020-5289
MISC
MISC
CONFIRM |
zeit — next.js
|
Next.js versions before 9.3.2 have a directory traversal vulnerability. Attackers could craft special requests to access files in the dist directory (.next). This does not affect files outside of the dist directory (.next). In general, the dist directory only holds build assets unless your application intentionally stores other assets under this directory. This issue is fixed in version 9.3.2. |
2020-03-30 |
5 |
CVE-2020-5284
MISC
CONFIRM |
zevenet — zen_load_balancer
|
Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticated admins to conduct absolute path traversal attacks, as demonstrated by a filelog=/etc/shadow request to index.cgi. |
2020-04-02 |
4 |
CVE-2020-11491
MISC
MISC |
| zoho — manageengine_desktop_central |
Zoho ManageEngine Desktop Central allows unauthenticated users to access PDFGenerationServlet, leading to sensitive information disclosure. |
2020-03-30 |
5 |
CVE-2020-8509
CONFIRM |
