Vulnerability Summary for the Week of February 10, 2020

Released
Feb 17, 2020
Document ID
SB20-048

The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. NVD is sponsored by CISA. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High: vulnerabilities with a CVSS base score of 7.0–10.0
  • Medium: vulnerabilities with a CVSS base score of 4.0–6.9
  • Low: vulnerabilities with a CVSS base score of 0.0–3.9

Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis. 

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-1310CVE-2020-3740
CONFIRM
ajaxeplorer -- ajaxeplorer
 
Ajaxeplorer before 5.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) archive_name parameter to the Power FS module (plugins/action.powerfs/class.PowerFSController.php), a (2) file name to the getTrustSizeOnFileSystem function in the File System (Standard) module (plugins/access.fs/class.fsAccessWrapper.php), or the (3) revision parameter to the Subversion Repository module (plugins/meta.svn/class.SvnManager.php).2020-02-1110CVE-2013-4267
MISC
MISC
MISC
artica -- pandora_fms
 
functions_netflow.php in Artica Pandora FMS 7.0 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the index.php?operation/netflow/nf_live_view ip_dst, dst_port, or src_port parameter, a different vulnerability than CVE-2019-20224.2020-02-129CVE-2020-8947
MISC
MISC
MISC
atutor -- atutor
 
confirm.php in ATutor 2.2 and earlier allows remote attackers to bypass authentication and gain access as an existing user via the auto_login parameter.2020-02-117.5CVE-2014-9753
MISC
MISC
MISC
MISC
MISC
belkin -- n300_router
 
An Authentication Bypass vulnerability in Belkin N300 (F7D7301v1) router allows remote attackers to bypass authentication using "Javascript debugging."2020-02-0710CVE-2013-3091
MISC
MISC
MISC
biscom -- secure_file_transfer
 
Biscom Secure File Transfer (SFT) before 5.1.1071 and 6.0.1xxx before 6.0.1005 allows Remote Code Execution on the server.2020-02-077.5CVE-2020-8796
MISC
https://exchange.xforce.ibmcloud.com/vulnerabilities/175922
bosch -- bvms_mobile_video_service
 
Deserialization of Untrusted Data in the BVMS Mobile Video Service (BVMS MVS) allows an unauthenticated remote attacker to execute arbitrary code on the system. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000 and DIVAR IP 7000 if a vulnerable BVMS version is installed.2020-02-0710CVE-2020-6770
CONFIRM
canonical -- lxc
 
In LXC 2.0, many template scripts download code over cleartext HTTP, and omit a digital-signature check, before running it to bootstrap containers.2020-02-109.3CVE-2017-18641
MISC
corsair -- corsair_icue
 
The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call such as MmMapIoSpace.2020-02-077.2CVE-2020-8808
MISC
MISC
d-link -- multiple_products
 
Multiple SQL injection vulnerabilities in D-Link DSR-150 with firmware before 1.08B44; DSR-150N with firmware before 1.05B64; DSR-250 and DSR-250N with firmware before 1.08B44; and DSR-500, DSR-500N, DSR-1000, and DSR-1000N with firmware before 1.08B77 allow remote attackers to execute arbitrary SQL commands via the password to (1) the login.authenticate function in share/lua/5.1/teamf1lualib/login.lua or (2) captivePortal.lua.2020-02-1110CVE-2013-5945
MISC
MISC
MISC
MISC
MISC
dell -- multiple_products
 
An Authentication Bypass Vulnerability exists in DELL SonicWALL Analyzer 7.0, Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0; Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, 5.1, and 6.0 via the skipSessionCheck parameter to the UMA interface (/appliance/), which could let a remote malicious user obtain access to the root account.2020-02-1110CVE-2013-1359
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
dell -- multiple_products
 
An Authentication Bypass vulnerability exists in DELL SonicWALL Global Management System (GMS) 4.1, 5.0, 5.1, 6.0, and 7.0, Analyzer 7.0, Universal Management Appliance (UMA) 5.1, 6.0, and 7.0 and ViewPoint 4.1, 5.0, and 6.0 via a crafted request to the SGMS interface, which could let a remote malicious user obtain administrative access.2020-02-1110CVE-2013-1360
MISC
MISC
MISC
MISC
MISC
MISC
echoping_project -- echoping
 
echoping through 6.0.2 has buffer overflow vulnerabilities2020-02-1110CVE-2013-4448
MISC
MISC
MISC
enorth -- enorth_webpublisher_cms
 
SQL injection vulnerability in pub/m_pending_news/delete_pending_news.jsp in Enorth Webpublisher CMS allows remote attackers to execute arbitrary SQL commands via the cbNewsId parameter.2020-02-127.5CVE-2015-5617
MISC
MISC
eyesofnetwork -- eyesofnetwork
 
An issue was discovered in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via a crafted NSE script for nmap 7.2020-02-079.3CVE-2020-8655
MISC
MISC
eyesofnetwork -- eyesofnetwork
 
An issue was discovered in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is prone to SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the username field to getApiKey in include/api_functions.php.2020-02-077.5CVE-2020-8656
MISC
MISC
eyesofnetwork -- eyesofnetwork
 
An issue was discovered in EyesOfNetwork 5.3. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the /module/module_frame/index.php autodiscovery.php target field.2020-02-079CVE-2020-8654
MISC
MISC
golang -- go
 
The net/http library in net/http/transfer.go in Go before 1.4.3 does not properly parse HTTP headers, which allows remote attackers to conduct HTTP request smuggling attacks via a request that contains Content-Length and Transfer-Encoding header fields.2020-02-087.5CVE-2015-5741
MISC
MISC
MISC
MISC
MISC
MISC
MISC
google -- android
 
A Code Execution vulnerability exists in Android prior to 4.4.0 related to the addJavascriptInterface method and the accessibility and accessibilityTraversal objects, which could let a remote malicious user execute arbitrary code.2020-02-079CVE-2014-7224
MISC
MISC
MISC
MISC
google -- chrome
 
Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2020-02-119.3CVE-2020-6406
SUSE
MISC
MISC
hubot_scripts -- hubot_scriptsscripts/email.coffee in the Hubot Scripts module before 2.4.4 for Node.js allows remote attackers to execute arbitrary commands.2020-02-127.5CVE-2013-7378
MISC
MISC
MISC
MISC
ibm -- sterling_authentication_server
 
A Command Execution Vulnerability exists in IBM Sterling External Authentication Server 2.2.0, 2.3.01, 2.4.0, and 2.4.1 via an unspecified OS command, which could let a local malicious user execute arbitrary code.2020-02-117.2CVE-2013-0517
MISC
MISC
libnotify -- libnotify
 
libnotify before 1.0.4 for Node.js allows remote attackers to execute arbitrary commands via unspecified characters in a call to libnotify.notify.2020-02-127.5CVE-2013-7381
MISC
MISC
CONFIRM
MISC
linux -- linux_kernel
 
Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of service via a crafted USB device, or take full control of the system.2020-02-117.2CVE-2009-4067
MISC
MISC
lstio -- lstio
 
Istio 1.3 through 1.4.3 allows authentication bypass. The Authentication Policy exact-path matching logic can allow unauthorized access to HTTP paths even if they are configured to be only accessed after presenting a valid JWT token. For example, an attacker can add a ? or # character to a URI that would otherwise satisfy an exact-path match.2020-02-127.5CVE-2020-8595
REDHAT
CONFIRM
MISC
MISC
MISC
CONFIRM
mediawiki -- mediawiki
 
MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, (2) when an authentication plugin returns a false in the strict function, could allow remote attackers to use old passwords for non-existing accounts in an external authentication system via unspecified vectors.2020-02-089.3CVE-2012-4381
MISC
MISC
MISC
MISC
MISC
MISC
MISC
microsoft -- multiple_internet_explorer_products
 
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.2020-02-117.6CVE-2020-0674
MISC
microsoft -- multiple_internet_explorer_products
 
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.2020-02-117.6CVE-2020-0673
MISC
microsoft -- chakacore
 
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.2020-02-117.6CVE-2020-0711
MISC
microsoft -- chakacore
 
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713.2020-02-117.6CVE-2020-0767
MISC
microsoft -- chakacore
 
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0713, CVE-2020-0767.2020-02-117.6CVE-2020-0712
MISC
microsoft -- chakacore
 
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767.2020-02-117.6CVE-2020-0710
MISC
microsoft -- chakacore
 
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0673, CVE-2020-0674, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0767.2020-02-117.6CVE-2020-0713
MISC
microsoft -- excel
 
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.2020-02-119.3CVE-2020-0759
MISC
microsoft -- multiple_microsoft_exchange_server_products
 
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'.2020-02-119CVE-2020-0688
MISC
microsoft -- multiple_windows_productsAn elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0731.2020-02-117.2CVE-2020-0720
MISC
microsoft -- multiple_windows_productsAn elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0683.2020-02-117.2CVE-2020-0686
MISC
microsoft -- multiple_windows_productsA remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0734.2020-02-117.6CVE-2020-0681
MISC
microsoft -- multiple_windows_products
 
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an authenticated attacker abuses clipboard redirection, aka 'Remote Desktop Services Remote Code Execution Vulnerability'.2020-02-118.5CVE-2020-0655
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when Windows improperly handles Secure Socket Shell remote commands, aka 'Windows SSH Elevation of Privilege Vulnerability'.2020-02-117.2CVE-2020-0757
MISC
microsoft -- multiple_windows_products
 
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'.2020-02-119.3CVE-2020-0738
MISC
microsoft -- multiple_windows_products
 
A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka 'Windows Remote Code Execution Vulnerability'.2020-02-119CVE-2020-0662
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when Windows Error Reporting manager improperly handles hard links, aka 'Windows Error Reporting Manager Elevation of Privilege Vulnerability'.2020-02-117.2CVE-2020-0678
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726.2020-02-117.2CVE-2020-0731
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0726, CVE-2020-0731.2020-02-117.2CVE-2020-0725
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0668, CVE-2020-0669, CVE-2020-0671, CVE-2020-0672.2020-02-117.2CVE-2020-0670
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0731.2020-02-117.2CVE-2020-0726
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0715, CVE-2020-0792.2020-02-117.2CVE-2020-0745
MISC
microsoft -- multiple_windows_products
 
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka 'Remote Desktop Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0681.2020-02-119.3CVE-2020-0734
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0731.2020-02-117.2CVE-2020-0723
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0731.2020-02-117.2CVE-2020-0719
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0679, CVE-2020-0680.2020-02-117.2CVE-2020-0682
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0668, CVE-2020-0669, CVE-2020-0670, CVE-2020-0671.2020-02-117.2CVE-2020-0672
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686.2020-02-117.2CVE-2020-0683
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when the Windows Wireless Network Manager improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Wireless Network Manager Elevation of Privilege Vulnerability'.2020-02-117.2CVE-2020-0704
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0731.2020-02-117.2CVE-2020-0722
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when the Windows IME improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows IME Elevation of Privilege Vulnerability'.2020-02-117.2CVE-2020-0707
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'.2020-02-117.2CVE-2020-0685
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0731.2020-02-117.2CVE-2020-0721
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when the Windows Backup Service improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Backup Service Elevation of Privilege Vulnerability'.2020-02-117.2CVE-2020-0703
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0668, CVE-2020-0669, CVE-2020-0670, CVE-2020-0672.2020-02-117.2CVE-2020-0671
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0691, CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0725, CVE-2020-0726, CVE-2020-0731.2020-02-117.2CVE-2020-0724
MISC
microsoft -- office365_proplus_for_32-bit_and_64-bit_systems
 
An elevation of privilege vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM.To exploit the vulnerability, an authenticated attacker would need to place a specially crafted file in a specific location, thereby allowing arbitrary file corruption.The security update addresses the vulnerability by correcting how the process validates the log file., aka 'Microsoft Office Tampering Vulnerability'.2020-02-117.2CVE-2020-0697
MISC
microsoft -- windows_10_and_windows_server
 
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0715, CVE-2020-0745.2020-02-117.2CVE-2020-0792
MISC
microsoft -- windows_10_and_windows_server_2016
 
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0732.2020-02-117.2CVE-2020-0709
MISC
microsoft -- windows_10_and_windows_server_2016
 
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0709.2020-02-117.2CVE-2020-0732
MISC
microvirt -- memu
 
An issue was discovered in Microvirt MEmu all versions prior to 7.0.2. A guest Android operating system inside the MEmu emulator contains a /system/bin/systemd binary that is run with root privileges on startup (this is unrelated to Red Hat's systemd init program, and is a closed-source proprietary tool that seems to be developed by Microvirt). This program opens TCP port 21509, presumably to receive installation-related commands from the host OS. Because everything after the installer:uninstall command is concatenated directly into a system() call, it is possible to execute arbitrary commands by supplying shell metacharacters.2020-02-1110CVE-2019-14514
MISC
netgear -- ac1200_smart_wifi_router
 
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR AC1200 R6220 Firmware version 1.1.0.86 Smart WiFi Router. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of path strings. By inserting a null byte into the path, the user can skip most authentication checks. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-8616.2020-02-107.5CVE-2019-17137
MISC
netis -- wf2419_router
 
Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123. After one is connected to this page, it is possible to execute system commands as root through the tracert diagnostic tool because of lack of user input sanitizing.2020-02-078.5CVE-2019-19356
MISC
MISC
node.js -- node.js
 
HTTP request smuggling in Node.js 10, 12, and 13 causes malicious payload delivery when transfer-encoding is malformed2020-02-077.5CVE-2019-15605
MISC
FEDORA
CONFIRM
CONFIRM
CONFIRM
CONFIRM
nodejs -- nodejs
 
Including trailing white space in HTTP header values in Nodejs 10, 12, and 13 causes bypass of authorization based on header value comparisons2020-02-077.5CVE-2019-15606
MISC
CONFIRM
CONFIRM
CONFIRM
CONFIRM
nw.js -- nw.js
 
A vulnerability exists in nw.js before 0.11.3 when calling nw methods from normal frames, which has an unspecified impact.2020-02-077.5CVE-2014-9530
CONFIRM
omniauth-weibo-oauth2_gem_for_ruby_rails -- omniauth-weibo-oauth2_gem_for_ruby_rails
 
The omniauth-weibo-oauth2 gem 0.4.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions through 0.4.5, and 0.5.1 and later, are unaffected.2020-02-077.5CVE-2019-17268
MISC
CONFIRM
openpne -- opopensocialplugin
 
opOpenSocialPlugin 0.8.2.1, > 0.9.9.2, 0.9.13, 1.2.6: Multiple XML External Entity Injection Vulnerabilities2020-02-077.5CVE-2013-4335
MISC
MISC
MISC
openpne -- opwebapiplugin
 
opWebAPIPlugin 0.5.1, 0.4.0, and 0.1.0: XXE Vulnerabilities2020-02-077.5CVE-2013-4334
MISC
MISC
phxeventmanager -- phxeventmanager
 
SQL injection vulnerability in search.php in phxEventManager 2.0 beta 5 allows remote attackers to execute arbitrary SQL commands via the search_terms parameter.2020-02-117.5CVE-2012-1124
MISC
MISC
MISC
MISC
MISC
polarbear -- polarbear_cms
 
A PHP File Upload Vulnerability exists in PolarBear CMS 2.5 via upload.php, which could let a malicious user execute arbitrary code.2020-02-117.5CVE-2013-0803
MISC
MISC
MISC
polycomm -- web_management_interface_g3/hdx_800_hd
 
An issue was discovered in Polycom Web Management Interface G3/HDX 8000 HD with Durango 2.6.0 4740 software and embedded Polycom Linux Development Platform 2.14.g3. It has a blank administrative password by default, and can be successfully used without setting this password.2020-02-1010CVE-2012-6611
MISC
MISC
qemu -- qemu
 
The virtqueue_map_sg function in hw/virtio/virtio.c in QEMU before 1.7.2 allows remote attackers to execute arbitrary files via a crafted savevm image, related to virtio-block or virtio-serial read.2020-02-117.2CVE-2013-4535
MISC
MISC
MISC
MISC
MISC
MISC
qualcomm -- multiple_snapdragon_products

 

Out of bound access due to access of uninitialized memory segment in an array of pointers while normal camera open close in Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SDM439, SDM630, SDM636, SDM660, SDX242020-02-077.2CVE-2019-14044
CONFIRM
qualcomm -- multiple_snapdragon_products

 

APKs without proper permission may bind to CallEnhancementService and can lead to unauthorized access to call status in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6574AU, QCS605, QM215, SA6155P, SDA660, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SM6150, SM8150, SM8250, SXR21302020-02-077.2CVE-2019-14002
CONFIRM
qualcomm -- multiple_snapdragon_products

 

Possible use after free issue while CRM is accessing the link pointer from device private data due to lack of resource protection in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, MDM9206, MDM9207C, MDM9607, QCS605, SDM429W, SDX24, SM8150, SXR11302020-02-077.2CVE-2019-14088
CONFIRM
MISC
qualcomm -- multiple_snapdragon_products

 

Out of bound access while allocating memory for an array in camera due to improper validation of elements parameters in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in QCS605, SDM439, SDX242020-02-077.2CVE-2019-14046
CONFIRM
qualcomm -- multiple_snapdragon_products

 

Stage-2 fault will occur while writing to an ION system allocation which has been assigned to non-HLOS memory which is non-standard in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MSM8953, QCN7605, QCS605, SC8180X, SDA845, SDM429, SDM439, SDM450, SDM632, SDX20, SDX24, SDX55, SM8150, SXR11302020-02-077.2CVE-2019-14049
CONFIRM
qualcomm -- multiple_snapdragon_products

 

Possibility of use-after-free and double free because of not marking buffer as NULL after freeing can lead to dangling pointer access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8939, MSM8953, MSM8996AU, MSM8998, Nicobar, QCN7605, QCS605, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SDX55, SM8150, SM8250, SXR1130, SXR21302020-02-077.2CVE-2019-14055
CONFIRM
qualcomm -- multiple_snapdragon_products

 

Uninitialized stack data gets used If memory is not allocated for blob or if the allocated blob is less than the struct size required due to lack of check of return value for read or write blob in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8098, IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302020-02-077.2CVE-2019-14060
CONFIRM
qualcomm -- multiple_snapdragon_products
 
There is a way to deceive the GPU kernel driver into thinking there is room in the GPU ringbuffer and overwriting existing commands could allow unintended GPU opcodes to be executed in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302020-02-077.2CVE-2019-10567
CONFIRM
qualcomm -- multiple_snapdragon_products
 
Out of bound access while parsing dts atom, which is non-standard as it does not have valid number of tracks in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302020-02-0710CVE-2019-10590
CONFIRM
qualcomm -- multiple_snapdragon_products
 
Buffer Over read of codec private data while parsing an mkv file due to lack of check of buffer size before read in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA6574AU, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302020-02-079.4CVE-2019-14057
CONFIRM
qualcomm -- multiple_snapdragon_products
 
Out of bound access due to Invalid inputs to dapm mux settings which results into kernel failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ6018, IPQ8064, IPQ8074, MDM9607, Nicobar, QCS405, Rennell, SA6155P, Saipan, SC8180X, SDM630, SDM636, SDM660, SDX55, SM6150, SM7150, SM8150, SM8250, SXR21302020-02-079.4CVE-2019-14063
CONFIRM
qualcomm -- snapdragon_industrial_iot
 
Subsequent additions performed during Module loading while allocating the memory would lead to integer overflow and then to buffer overflow in Snapdragon Industrial IOT in MDM9206, MDM96072020-02-077.2CVE-2019-14051
CONFIRM
ruby_pdfkit_gem_for_ruby_on_rails -- ruby_pdfkit_gem_for_ruby_on_rails
 
Ruby PDFKit gem prior to 0.5.3 has a Code Execution Vulnerability2020-02-117.5CVE-2013-1607
MISC
MISC
secom -- dr.id
 
Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Management system, contains a vulnerability of Pre-auth SQL Injection, allowing attackers to inject a specific SQL command.2020-02-117.5CVE-2020-3934
MISC
MISC
MISC
siemens -- multiple_scalance_products
 
A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0), SCALANCE S612 (All versions >= V3.0), SCALANCE S623 (All versions >= V3.0), SCALANCE S627-2M (All versions >= V3.0). Specially crafted packets sent to port 443/tcp of affected devices could cause a Denial-of-Service condition of the web server. A cold reboot is required to restore the functionality of the device.2020-02-117.8CVE-2019-13926
MISC
simplejobscript -- simplejobscript
 
An issue was discovered in Simplejobscript.com SJS through 1.66. There is an unauthenticated SQL injection via the job applications search function. The vulnerable parameter is job_id. The function is getJobApplicationsByJobId(). The file is _lib/class.JobApplication.php.2020-02-077.5CVE-2020-8645
MISC
sphider -- sphider_pro_and_sphider_plus
 
A Command Execution vulnerability exists in Sphider Pro, and Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5086 pertains to instances of fwrite in Sphider Pro and Sphider Plus only, but don’t exist in Sphider.2020-02-107.5CVE-2014-5086
MISC
sphider -- sphider_search_engine
 
A vulnerability exists in Sphider Search Engine prior to 1.3.6 due to exec calls in admin/spiderfuncs.php, which could let a remote malicious user execute arbitrary code.2020-02-077.5CVE-2014-5087
MISC
MISC
status2k -- server_monitoring_software
 
A vulnerability exits in Status2K 2.5 Server Monitoring Software via the multies parameter to includes/functions.php, which could let a malicious user execute arbitrary PHP code.2020-02-0710CVE-2014-5091
MISC
MISC
MISC
MISC
ui -- edgeswitch
 
A privilege escalation in the EdgeSwitch prior to version 1.7.1, an CGI script don't fully sanitize the user input resulting in local commands execution, allowing an operator user (Privilege-1) to escalate privileges and became administrator (Privilege-15).2020-02-077.2CVE-2020-8126
MISC
wordpress -- wordpress
 
WordPress W3 Total Cache Plugin 0.9.2.8 has a Remote PHP Code Execution Vulnerability2020-02-127.5CVE-2013-2010
MISC
MISC
MISC
MISC
wordpress -- wordpress
 
NextGEN Gallery plugin before 1.9.13 for WordPress: ngggallery.php file upload2020-02-1110CVE-2013-3684
MISC
MISC
wordpress -- wordpress
 
Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form (formerly Sexy Contact Form) before 1.0.0 for WordPress and before 2.0.1 for Joomla!, allows remote attackers to execute arbitrary code by uploading a PHP file with an PHP extension, then accessing it via a direct request to the file in files/, as exploited in the wild in October 2014.2020-02-087.5CVE-2014-8739
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
yabb -- yabb
 
YaBB through 2.5.2: 'guestlanguage' Cookie Parameter Local File Include Vulnerability2020-02-117.5CVE-2013-2057
MISC
MISC
MISC
zend_framework -- zend_framework
 
Zend Framework, as used in ownCloud Server before 5.0.15 and 6.0.x before 6.0.2, allows remote attackers to read arbitrary files, cause a denial of service, or possibly have other impact via an XML External Entity (XXE) attack.2020-02-117.5CVE-2014-2052
MISC
CONFIRM
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
adobe -- framemakerAdobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3733
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3731
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3721
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3739
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3738
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3728
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3736
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3735
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3734
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3732
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3737
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3730
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3729
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3727
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3726
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3725
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3724
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3723
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3722
CONFIRM
adobe -- framemaker
 
Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-136.8CVE-2020-3720
CONFIRM
apple -- ios_and_os_xLibTIFF prior to 4.0.4, as used in Apple iOS before 8.4 and OS X before 10.10.4 and other products, allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted TIFF image.2020-02-124.3CVE-2014-8128
MISC
MISC
MISC
MISC
MISC
MISC
MISC
atlassian -- jira_server_and_data_center
 
The VerifyPopServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerate hosts and open ports on the internal network where Jira server is present.2020-02-126.8CVE-2019-20099
N/A
N/A
atlassian -- jira_server_and_data_center
 
The VerifySmtpServerConnection!add.jspa component in Atlassian Jira Server and Data Center before version 8.7.0 is vulnerable to cross-site request forgery (CSRF). An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerate hosts and open ports on the internal network where Jira server is present.2020-02-126.8CVE-2019-20098
N/A
N/A
blackberry -- playbook
 
BlackBerry PlayBook before 2.1 has an Information Disclosure Vulnerability via a Web browser component error2020-02-104.3CVE-2012-5828
MISC
MISC
MISC
MISC
bludit -- bludit
 
ajax/profile-picture-upload.php in Bludit 3.10.0 allows authenticated users to change other users' profile pictures.2020-02-074CVE-2020-8811
MISC
bosch -- multiple_products
 
A path traversal vulnerability in the Bosch Video Management System (BVMS) NoTouch deployment allows an unauthenticated remote attacker to read arbitrary files from the Central Server. This affects Bosch BVMS versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch BVMS Viewer versions 10.0 <= 10.0.0.1225, 9.0 <= 9.0.0.827, 8.0 <= 8.0.329 and 7.5 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable BVMS version is installed.2020-02-075CVE-2020-6768
CONFIRM
bosch -- video_streaming_gateway_and_divar_ip
 
Missing Authentication for Critical Function in the Bosch Video Streaming Gateway (VSG) allows an unauthenticated remote attacker to retrieve and set arbitrary configuration data of the Video Streaming Gateway. A successful attack can impact the confidentiality and availability of live and recorded video data of all cameras configured to be controlled by the VSG as well as the recording storage associated with the VSG. This affects Bosch Video Streaming Gateway versions 6.45 <= 6.45.08, 6.44 <= 6.44.022, 6.43 <= 6.43.0023 and 6.42.10 and older. This affects Bosch DIVAR IP 3000, DIVAR IP 7000 and DIVAR IP all-in-one 5000 if a vulnerable VSG version is installed with BVMS. This affects Bosch DIVAR IP 2000 <= 3.62.0019 and DIVAR IP 5000 <= 3.80.0039 if the corresponding port 8023 has been opened in the device's firewall.2020-02-076.4CVE-2020-6769
CONFIRM
canonical -- ubuntu
 
Kevin Backhouse discovered an integer overflow in bson_ensure_space, as used in whoopsie.2020-02-084.6CVE-2019-11484
MISC
MISC
canonical -- ubuntu
 
Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.2020-02-086.1CVE-2019-11481
MISC
MISC
ceph -- rgw_beast
 
A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent leak of a socket connection by radosgw. This flaw could lead to a denial of service condition by pile up of CLOSE_WAIT sockets, eventually leading to the exhaustion of available resources, preventing legitimate users from connecting to the system.2020-02-076.8CVE-2020-1700
SUSE
CONFIRM
chamilo -- chamilo_lms
 
Cross-site scripting (XSS) vulnerability in main/dropbox/index.php in Chamilo LMS before 1.8.8.6 allows remote attackers to inject arbitrary web script or HTML via the category_name parameter in an addsentcategory action.2020-02-084.3CVE-2012-4029
MISC
MISC
MISC
cisco -- application_control_engineCisco ACE A2(3.6) allows log retention DoS.2020-02-075CVE-2013-1202
MISC
clearcanvas -- clearcanvasSynaptive Medical ClearCanvas ImageServer 3.0 Alpha allows XSS (and HTML injection) via the Default.aspx UserName parameter. NOTE: the issues/227 reference does not imply that the affected product can be downloaded from GitHub. It was simply a convenient location for a public bug report.2020-02-074.3CVE-2020-8788
MISC
cypress -- psoc_4_devicesThe Bluetooth Low Energy (BLE) stack implementation on Cypress PSoC 4 through 3.62 devices does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame.2020-02-106.1CVE-2019-17061
MISC
MISC
d-link -- dir865l_devices
 
D-Link DIR865L v1.03 suffers from an "Unauthenticated Hardware Linking" vulnerability.2020-02-074.3CVE-2013-3096
MISC
MISC
MISC
daum_communications -- potplayer
 
Potplayer prior to 1.5.39659: DLL Loading Arbitrary Code Execution Vulnerability2020-02-116.8CVE-2013-3942
MISC
MISC
dialog -- da14580/1/2/3_devices
 
The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 5.0.4 for DA14580/1/2/3 devices does not properly restrict the L2CAP payload length, allowing attackers in radio range to cause a buffer overflow via a crafted Link Layer packet.2020-02-106.1CVE-2019-17517
MISC
MISC
dialog -- da1468x_devices
 
The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 1.0.14.1081 for DA1468x devices responds to link layer packets with a payload length larger than expected, allowing attackers in radio range to cause a buffer overflow via a crafted packet. This affects, for example, August Smart Lock.2020-02-106.1CVE-2019-17518
MISC
MISC
docker -- docker
 
A vulnerability exists in Docker before 1.2 via container names, which may collide with and override container IDs.2020-02-074.3CVE-2014-5278
MISC
MISC
MISC
drupal -- drupal
 
The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the "access basic_webmail" permission to read arbitrary users' email addresses.2020-02-084CVE-2012-5570
MISC
MISC
MISC
CONFIRM
filemaker -- filemaker_pro_and_filemaker_advanced
 
An Authentication Bypass vulnerability exists in the MatchPasswordData function in DBEngine.dll in Filemaker Pro 13.03 and Filemaker Pro Advanced 12.04, which could let a malicious user obtain elevated privileges.2020-02-114.6CVE-2014-8347
MISC
MISC
MISC
MISC
MISC
flowplayer -- flowplayer_flash
 
Cross-site scripting (XSS) vulnerability in Flowplayer Flash 3.2.7 through 3.2.16, as used in the News system (news) extension for TYPO3 and Mahara, allows remote attackers to inject arbitrary web script or HTML via the plugin configuration directive in a reference to an external domain plugin.2020-02-086.8CVE-2011-3642
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
fork -- fork_cms
 
Cross-site scripting (XSS) vulnerability in the loadForm function in Frontend/Modules/Search/Actions/Index.php in Fork CMS before 3.8.4 allows remote attackers to inject arbitrary web script or HTML via the q_widget parameter to en/search.2020-02-084.3CVE-2014-9470
MISC
MISC
MISC
MISC
MISC
MISC
fortiguard -- forticlient_for_linux
 
A privilege escalation vulnerability in FortiClient for Linux 6.2.1 and below may allow a user with low privilege to overwrite system files as root with arbitrary content through system backup file via specially crafted "BackupConfig" type IPC client requests to the fctsched process. Further more, FortiClient for Linux 6.2.2 and below allow low privilege user write the system backup file under root privilege through GUI thus can cause root system file overwrite.2020-02-076.6CVE-2019-16155
MISC
CONFIRM
foxit -- phantompdf
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DXF files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8773.2020-02-086.8CVE-2019-13333
MISC
foxit -- phantompdf
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DXF files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8774.2020-02-086.8CVE-2019-13334
MISC
foxit -- phantompdf
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DXF files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8775.2020-02-086.8CVE-2019-17135
MISC
foxit -- phantompdf
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.5.0.20723. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of DXF files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-8776.2020-02-086.8CVE-2019-17136
MISC
gizmo5 -- gizmo5
 
The SIP implementation on the Gizmo5 software phone provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue.2020-02-124.3CVE-2009-5139
MISC
MISC
google -- chromeInsufficient policy enforcement in Safe Browsing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.2020-02-116.8CVE-2020-6414
SUSE
MISC
MISC
google -- chrome

 

Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension.2020-02-114.3CVE-2020-6392
SUSE
MISC
MISC
google -- chrome

 

Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2020-02-114.3CVE-2020-6393
SUSE
MISC
MISC
google -- chrome
 
Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2020-02-116.8CVE-2020-6415
SUSE
MISC
MISC
google -- chrome
 
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page.2020-02-116.8CVE-2020-6413
SUSE
MISC
MISC
google -- chrome
 
Insufficient policy enforcement in navigation in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to confuse the user via a crafted domain name.2020-02-116.8CVE-2020-6410
SUSE
MISC
MISC
google -- chrome
 
Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain name.2020-02-116.8CVE-2020-6409
SUSE
MISC
MISC
google -- chrome
 
Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.2020-02-116.8CVE-2020-6402
SUSE
MISC
MISC
google -- chrome
 
Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2020-02-116.8CVE-2020-6379
MISC
MISC
google -- chrome
 
Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2020-02-116.8CVE-2020-6382
SUSE
MISC
MISC
google -- chrome
 
Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass site isolation via a crafted HTML page.2020-02-116.8CVE-2020-6385
SUSE
MISC
MISC
google -- chrome
 
Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted Chrome Extension.2020-02-116.8CVE-2020-6380
MISC
MISC
google -- chrome
 
Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2020-02-116.8CVE-2020-6381
SUSE
MISC
MISC
google -- chrome
 
Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.2020-02-116.8CVE-2020-6398
SUSE
MISC
MISC
google -- chrome
 
Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2020-02-116.8CVE-2020-6390
SUSE
MISC
MISC
google -- chrome
 
Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.2020-02-116.8CVE-2020-6389
SUSE
MISC
MISC
google -- chrome
 
Out of bounds access in WebAudio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2020-02-116.8CVE-2020-6388
SUSE
MISC
MISC
google -- chrome
 
Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream.2020-02-116.8CVE-2020-6387
SUSE
MISC
MISC
google -- chrome
 
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.2020-02-115.8CVE-2020-6412
SUSE
MISC
MISC
google -- chrome
 
Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2020-02-116.8CVE-2020-6378
MISC
MISC
google -- chrome
 
Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2020-02-116.8CVE-2020-6416
SUSE
MISC
MISC
google -- chrome
 
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.2020-02-115.8CVE-2020-6411
SUSE
MISC
MISC
google -- chrome
 
Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87 allowed a local attacker to execute arbitrary code via a crafted registry entry.2020-02-114.6CVE-2020-6417
SUSE
MISC
MISC
google -- chrome
 
Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to potentially exploit heap corruption via crafted clipboard content.2020-02-114.6CVE-2020-6404
SUSE
MISC
MISC
google -- chrome
 
Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.2020-02-115.8CVE-2020-6394
SUSE
MISC
MISC
google -- chrome
 
Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a local attacker to bypass content security policy via a crafted HTML page.2020-02-114.3CVE-2020-6391
SUSE
MISC
MISC
google -- chrome
 
Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.2020-02-114.3CVE-2020-6395
SUSE
MISC
MISC
google -- chrome
 
Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2020-02-114.3CVE-2020-6396
SUSE
MISC
MISC
google -- chrome
 
Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.2020-02-114.3CVE-2020-6397
SUSE
MISC
MISC
google -- chrome
 
Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2020-02-114.3CVE-2020-6400
SUSE
MISC
MISC
google -- chrome
 
Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.2020-02-114.3CVE-2020-6401
SUSE
MISC
MISC
google -- chrome
 
Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2020-02-114.3CVE-2020-6403
SUSE
MISC
MISC
google -- chrome
 
Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.2020-02-114.3CVE-2020-6405
SUSE
MISC
MISC
google -- chrome
 
Insufficient policy enforcement in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2020-02-114.3CVE-2020-6399
SUSE
MISC
MISC
hp -- system_event_utility
 
A potential security vulnerability has been identified with certain versions of HP System Event Utility prior to version 1.4.33. This vulnerability may allow a local attacker to execute arbitrary code via an HP System Event Utility system service.2020-02-134.6CVE-2019-18915
FULLDISC
MISC
htmlunit -- htmlunit
 
HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine improperly, hence a malicious JavScript code can execute arbitrary Java code on the application. Moreover, when embedded in Android application, Android-specific initialization of Rhino engine is done in an improper way, hence a malicious JavaScript code can execute arbitrary Java code on the application.2020-02-116.8CVE-2020-5529
CONFIRM
JVN
ibm -- cloud_cli
 
IBM Cloud CLI 0.6.0 through 0.16.1 windows installers are signed using SHA1 certificate. An attacker might be able to exploit the weak algorithm to generate a installer with malicious software inside. IBM X-Force ID: 162773.2020-02-125CVE-2019-4427
XF
CONFIRM
ibm -- content_navigator
 
IBM Content Navigator 3.0CD is vulnerable to Server Side Request Forgery (SSRF). This may allow an unauthenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 172815.2020-02-125CVE-2019-4741
XF
CONFIRM
ibm -- infosphere_guardiumInfoSphere Guardium aix_ktap module: DoS2020-02-104.9CVE-2012-2204
MISC
ispconfig -- ispconfig
 
ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution2020-02-076.5CVE-2013-3629
MISC
MISC
MISC
MISC
jenkins -- jenkins
 
A missing permission check in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.2020-02-124CVE-2020-2118
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins NUnit Plugin 0.25 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks.2020-02-126.5CVE-2020-2115
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins ECX Copy Data Management Plugin 1.9 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.2020-02-124CVE-2020-2128
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins FitNesse Plugin 1.30 and earlier does not configure the XML parser to prevent XML external entity (XXE) attacks.2020-02-126.5CVE-2020-2120
MLIST
CONFIRM
jenkins -- jenkins
 
A cross-site request forgery vulnerability in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier allows attackers to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.2020-02-126.8CVE-2020-2116
MLIST
CONFIRM
jenkins -- jenkins
 
A missing permission check in Jenkins Pipeline GitHub Notify Step Plugin 1.0.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.2020-02-124CVE-2020-2117
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins Debian Package Builder Plugin 1.6.11 and earlier stores a GPG passphrase unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system.2020-02-124CVE-2020-2125
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins Google Kubernetes Engine Plugin 0.8.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.2020-02-126.5CVE-2020-2121
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins DigitalOcean Plugin 1.1 and earlier stores a token unencrypted in the global config.xml file on the Jenkins master where it can be viewed by users with access to the master file system.2020-02-124CVE-2020-2126
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins BMC Release Package and Deployment Plugin 1.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2020-02-124CVE-2020-2127
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins Applatix Plugin 1.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.2020-02-124CVE-2020-2133
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins Eagle Tester Plugin 1.0.9 and earlier stores a password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system.2020-02-124CVE-2020-2129
MLIST
CONFIRM
jenkins -- jenkins
 
Sandbox protection in Jenkins Script Security Plugin 1.69 and earlier could be circumvented during the script compilation phase by applying AST transforming annotations to imports or by using them inside of other annotations.2020-02-126.5CVE-2020-2110
MLIST
CONFIRM
jenkins -- jenkins
 
Sandbox protection in Jenkins Pipeline: Groovy Plugin 2.78 and earlier can be circumvented through default parameter expressions in CPS-transformed methods.2020-02-126.5CVE-2020-2109
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins Harvest SCM Plugin 0.5.1 and earlier stores a password unencrypted in its global configuration file on the Jenkins master where it can be viewed by users with access to the master file system.2020-02-124CVE-2020-2130
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins Harvest SCM Plugin 0.5.1 and earlier stores passwords unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2020-02-124CVE-2020-2131
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins S3 publisher Plugin 0.11.4 and earlier transmits configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.2020-02-125CVE-2020-2114
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins Azure AD Plugin 1.1.2 and earlier transmits configured credentials in plain text as part of the global Jenkins configuration form, potentially resulting in their exposure.2020-02-125CVE-2020-2119
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins Parasoft Environment Manager Plugin 2.14 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.2020-02-124CVE-2020-2132
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins Dynamic Extended Choice Parameter Plugin 1.0.1 and earlier stores a password unencrypted in job config.xml files on the Jenkins master where it can be viewed by users with Extended Read permission, or access to the master file system.2020-02-124CVE-2020-2124
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins RadarGun Plugin 1.7 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.2020-02-126.5CVE-2020-2123
MLIST
CONFIRM
kemp_technologies -- loadmaster
 
A CSRF Vulnerability exists in Kemp Load Master before 7.0-18a via unspecified vectors in administrative pages.2020-02-076.8CVE-2014-5288
MISC
MISC
konqueror -- konquerorThe CSS parser (khtml/css/cssparser.cpp) in Konqueror in KDE 4.7.3 allows remote attackers to cause a denial of service (crash) and possibly read memory via a crafted font face source, related to "type confusion."2020-02-086.8CVE-2012-4512
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
libgd -- libgd
 
gdImageClone in gd.c in libgd 2.1.0-rc2 through 2.2.5 has a NULL pointer dereference allowing attackers to crash an application via a specific function call sequence. Only affects PHP when linked with an external libgd (not bundled).2020-02-115CVE-2018-14553
MISC
MISC
MISC
linksys -- spa2102_devices
 
The SIP implementation on the Linksys SPA2102 phone adapter provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue.2020-02-124.3CVE-2009-5140
MISC
MISC
linux -- linux_kernel
 
The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention.2020-02-124.9CVE-2012-0810
MISC
CONFIRM
CONFIRM
linuxmint -- linuxmint
 
LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintUpdate.2020-02-075CVE-2012-1567
MISC
MISC
linuxmint -- linuxmint
 
LinuxMint as of 2012-03-19 has temporary file creation vulnerabilities in mintNanny.2020-02-075CVE-2012-1566
MISC
maxum_development_corporation -- rumpus_ftpA CSRF vulnerability exists in the Upload Center Forms Component of Web File Manager in Rumpus FTP 8.2.9.1. This could allow an attacker to delete, create, and update the upload forms via RAPR/TriggerServerFunction.html.2020-02-105.8CVE-2019-19669
MISC
MISC
maxum_development_corporation -- rumpus_ftpA CSRF vulnerability exists in the Block Clients component of Web File Manager in Rumpus FTP 8.2.9.1 that could allow an attacker to whitelist or block any IP address via RAPR/BlockedClients.html.2020-02-105.8CVE-2019-19667
MISC
MISC
maxum_development_corporation -- rumpus_ftpA CSRF vulnerability exists in the File Types component of Web File Manager in Rumpus FTP 8.2.9.1 that allows an attacker to add or delete the file types that are used on the server via RAPR/TriggerServerFunction.html.2020-02-104.3CVE-2019-19668
MISC
MISC
maxum_development_corporation -- rumpus_ftpA CSRF vulnerability exists in the FTP Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server FTP settings at RAPR/FTPSettingsSet.html.2020-02-104.3CVE-2019-19665
MISC
MISC
maxum_development_corporation -- rumpus_ftpA Cookie based reflected XSS exists in the Web File Manager of Rumpus FTP Server 8.2.9.1, related to RumpusLoginUserName and snp.2020-02-104.3CVE-2019-19661
MISC
MISC
maxum_development_corporation -- rumpus_ftpA CSRF vulnerability exists in the Folder Sets Settings of Web File Manager in Rumpus FTP 8.2.9.1. This allows an attacker to Create/Delete Folders after exploiting it at RAPR/FolderSetsSet.html.2020-02-105.8CVE-2019-19663
MISC
MISC
maxum_development_corporation -- rumpus_ftpA CSRF vulnerability exists in the Event Notices Settings of Web File Manager in Rumpus FTP 8.2.9.1. An attacker can create/update event notices via RAPR/EventNoticesSet.html.2020-02-104.3CVE-2019-19666
MISC
MISC
maxum_development_corporation -- rumpus_ftpA CSRF vulnerability exists in the Web File Manager's Network Setting functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can manipulate the SMTP setting and other network settings via RAPR/NetworkSettingsSet.html.2020-02-104.3CVE-2019-19660
MISC
MISC
maxum_development_corporation -- rumpus_ftpA HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html.2020-02-104.3CVE-2019-19670
MISC
MISC
maxum_development_corporation -- rumpus_ftp_serverA CSRF vulnerability exists in the Web File Manager's Edit Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can take over a user account by changing the password, update users' details, and escalate privileges via RAPR/DefineUsersSet.html.2020-02-106.8CVE-2019-19659
MISC
MISC
mfscripts -- yetishare
 
MFScripts YetiShare v3.5.2 through v4.5.4 might allow an attacker to reset a password by using a leaked hash (the hash never expires until used).2020-02-105CVE-2019-20062
MISC
MISC
MISC
mfscripts -- yetishare
 
MFScripts YetiShare v3.5.2 through v4.5.4 places sensitive information in the Referer header. If this leaks, then third parties may discover password-reset hashes, file-delete links, or other sensitive information.2020-02-105CVE-2019-20060
MISC
MISC
MISC
mfscripts -- yetishare
 
The user-introduction email in MFScripts YetiShare v3.5.2 through v4.5.4 may leak the (system-picked) password if this email is sent in cleartext. In other words, the user is not allowed to choose their own initial password.2020-02-105CVE-2019-20061
MISC
MISC
MISC
mfscripts -- yetishare
 
payment_manage.ajax.php and various *_manage.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.4 directly insert values from the sSortDir_0 parameter into a SQL string. This allows an attacker to inject their own SQL and manipulate the query, typically extracting data from the database, aka SQL Injection. NOTE: this issue exists because of an incomplete fix for CVE-2019-19732.2020-02-106.8CVE-2019-20059
MISC
MISC
MISC
MISC
microchip_technology -- atsamb11_devicesThe Bluetooth Low Energy implementation on Microchip Technology BluSDK Smart through 6.2 for ATSAMB11 devices does not properly restrict link-layer data length on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.2020-02-106.1CVE-2019-19195
MISC
MISC
microsoft -- edge
 
An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka 'Microsoft Edge Elevation of Privilege Vulnerability'.2020-02-114CVE-2020-0663
MISC
microsoft -- exchange_server_2013_and_2016_and_2019
 
An elevation of privilege vulnerability exists in Microsoft Exchange Server, aka 'Microsoft Exchange Server Elevation of Privilege Vulnerability'.2020-02-116.8CVE-2020-0692
MISC
microsoft -- internet_explorer_10_and_11_and_edge
 
An information disclosure vulnerability exists in the way that affected Microsoft browsers handle cross-origin requests, aka 'Microsoft Browser Information Disclosure Vulnerability'.2020-02-114.3CVE-2020-0706
MISC
microsoft -- malicious_software_removal_tool
 
An elevation of privilege vulnerability exists when the Windows Malicious Software Removal Tool (MSRT) improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Malicious Software Removal Tool Elevation of Privilege Vulnerability'.2020-02-114.6CVE-2020-0733
MISC
microsoft -- multiple_products
 
A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'.2020-02-114.3CVE-2020-0696
MISC
microsoft -- multiple_windows_productsA security feature bypass vulnerability exists in secure boot, aka 'Microsoft Secure Boot Security Feature Bypass Vulnerability'.2020-02-114.6CVE-2020-0689
MISC
microsoft -- multiple_windows_productsAn elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0679, CVE-2020-0682.2020-02-114.6CVE-2020-0680
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0666, CVE-2020-0667, CVE-2020-0752.2020-02-114.6CVE-2020-0735
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0668, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672.2020-02-114.6CVE-2020-0669
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Client License Service (ClipSVC) handles objects in memory, aka 'Windows Client License Service Elevation of Privilege Vulnerability'.2020-02-114.6CVE-2020-0701
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0741, CVE-2020-0742, CVE-2020-0743, CVE-2020-0749, CVE-2020-0750.2020-02-114.6CVE-2020-0740
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the tapisrv.dll handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0739.2020-02-114.6CVE-2020-0737
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0740, CVE-2020-0741, CVE-2020-0742, CVE-2020-0743, CVE-2020-0749.2020-02-114.6CVE-2020-0750
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the dssvc.dll handles file creation allowing for a file overwrite or creation in a secured location, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0737.2020-02-114.6CVE-2020-0739
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0669, CVE-2020-0670, CVE-2020-0671, CVE-2020-0672.2020-02-114.6CVE-2020-0668
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0740, CVE-2020-0742, CVE-2020-0743, CVE-2020-0749, CVE-2020-0750.2020-02-114.6CVE-2020-0741
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0740, CVE-2020-0741, CVE-2020-0743, CVE-2020-0749, CVE-2020-0750.2020-02-114.6CVE-2020-0742
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0740, CVE-2020-0741, CVE-2020-0742, CVE-2020-0749, CVE-2020-0750.2020-02-114.6CVE-2020-0743
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka 'Windows Data Sharing Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0659.2020-02-114.6CVE-2020-0747
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Connected Devices Platform Service handles objects in memory, aka 'Connected Devices Platform Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0740, CVE-2020-0741, CVE-2020-0742, CVE-2020-0743, CVE-2020-0750.2020-02-114.6CVE-2020-0749
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0666, CVE-2020-0667, CVE-2020-0735.2020-02-114.6CVE-2020-0752
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Function Discovery Service handles objects in memory, aka 'Windows Function Discovery Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0680, CVE-2020-0682.2020-02-114.6CVE-2020-0679
MISC
microsoft -- multiple_windows_products
 
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka 'Microsoft Graphics Components Information Disclosure Vulnerability'.2020-02-115CVE-2020-0746
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka 'Active Directory Elevation of Privilege Vulnerability'.2020-02-116.8CVE-2020-0665
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0754.2020-02-114.6CVE-2020-0753
MISC
microsoft -- multiple_windows_products
 
A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'.2020-02-116.8CVE-2020-0729
MISC
microsoft -- multiple_windows_products
 
A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability'.2020-02-115CVE-2020-0660
MISC
microsoft -- multiple_windows_products
 
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate input from a privileged user on a guest operating system, aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-0751.2020-02-115.5CVE-2020-0661
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.2020-02-114.6CVE-2020-0657
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka 'Windows Data Sharing Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0747.2020-02-114.6CVE-2020-0659
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0667, CVE-2020-0735, CVE-2020-0752.2020-02-114.6CVE-2020-0666
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0666, CVE-2020-0735, CVE-2020-0752.2020-02-114.6CVE-2020-0667
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0753.2020-02-114.6CVE-2020-0754
MISC
microsoft -- sql_server_2012_and_2014_and_2016
 
A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it incorrectly handles page requests, aka 'Microsoft SQL Server Reporting Services Remote Code Execution Vulnerability'.2020-02-116.5CVE-2020-0618
MISC
microsoft -- surface_hub
 
A security feature bypass vulnerability exists in Surface Hub when prompting for credentials, aka 'Surface Hub Security Feature Bypass Vulnerability'.2020-02-114.6CVE-2020-0702
MISC
misp_project -- misp
 
An issue was discovered in MISP before 2.4.121. It mishandled time skew (between the machine hosting the web server and the machine hosting the database) when trying to block a brute-force series of invalid requests.2020-02-124.3CVE-2020-8890
MISC
MISC
MISC
misp_project -- misp
 
An issue was discovered in MISP before 2.4.121. It did not canonicalize usernames when trying to block a brute-force series of invalid requests.2020-02-124.3CVE-2020-8891
MISC
MISC
MISC
misp_project -- misp
 
An issue was discovered in MISP before 2.4.121. It did not consider the HTTP PUT method when trying to block a brute-force series of invalid requests.2020-02-126.8CVE-2020-8892
MISC
MISC
MISC
misp_project -- misp
 
An issue was discovered in MISP before 2.4.121. The Galaxy view contained an incorrectly sanitized search string in app/View/Galaxies/view.ctp.2020-02-125CVE-2020-8893
MISC
MISC
misp_project -- misp
 
An issue was discovered in MISP before 2.4.121. ACLs for discussion threads were mishandled in app/Controller/ThreadsController.php and app/Model/Thread.php.2020-02-126.4CVE-2020-8894
MISC
MISC
netcracker -- netcracker_resource_management_system
 
Multiple SQL injection vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to execute arbitrary SQL commands via the (1) ctrl, (2) h____%2427, (3) h____%2439, (4) param0, (5) param1, (6) param2, (7) param3, (8) param4, (9) filter_INSERT_COUNT, (10) filter_MINOR_FALLOUT, (11) filter_UPDATE_COUNT, (12) sort, or (13) sessid parameter.2020-02-086.5CVE-2015-3423
MISC
MISC
netsurf -- libnsbmp
 
Heap-based buffer overflow in the bmp_decode_rle function in libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via the last row of RLE data in a crafted BMP file.2020-02-126.8CVE-2015-7508
MISC
MISC
node.js -- node.js
 
Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate2020-02-075CVE-2019-15604
MISC
CONFIRM
CONFIRM
CONFIRM
CONFIRM
nxp -- kw41z_devices
 
The Bluetooth Low Energy (BLE) stack implementation on the NXP KW41Z (based on the MCUXpresso SDK with Bluetooth Low Energy Driver 2.2.1 and earlier) does not properly restrict the BLE Link Layer header and executes certain memory contents upon receiving a packet with a Link Layer ID (LLID) equal to zero. This allows attackers within radio range to cause deadlocks, cause anomalous behavior in the BLE state machine, or trigger a buffer overflow via a crafted BLE Link Layer frame.2020-02-106.1CVE-2019-17060
MISC
MISC
oberhumer -- liblzo2_and_lzo-2
 
Integer overflow in the LZO algorithm variant in Oberhumer liblzo2 and lzo-2 before 2.07 on 32-bit platforms might allow remote attackers to execute arbitrary code via a crafted Literal Run.2020-02-126.8CVE-2014-4607
MISC
CONFIRM
open-school -- open-school_community_edition
 
Open-School Community Edition 2.2 does not properly restrict access to the export functionality, which allows remote authenticated users to obtain sensitive information via the r parameter with the value export to index.php.2020-02-084CVE-2014-9127
MISC
open-school -- open-school_community_edition
 
Multiple cross-site scripting (XSS) vulnerabilities in Open-School Community Edition 2.2 allow remote attackers to inject arbitrary web script or HTML via the YII_CSRF_TOKEN HTTP cookie or the StudentDocument, StudentCategories, StudentPreviousDatas parameters to index.php.2020-02-084.3CVE-2014-9126
MISC
openfiler -- openfiler
 
Cross-site scripting (XSS) vulnerability in admin/system.html in Openfiler 2.3 allows remote attackers to inject arbitrary web script or HTML via the device parameter.2020-02-074.3CVE-2011-1086
MISC
MISC
MISC
otrs -- otrs
 
The external frontend system uses numerous background calls to the backend. Each background request is treated as user activity so the SessionMaxIdleTime will not be reached. This issue affects: OTRS 7.0.x version 7.0.14 and prior versions.2020-02-075.5CVE-2020-1768
CONFIRM
perforce_software -- p4web
 
Perforce P4web 2011.1 and 2012.1 has multiple XSS vulnerabilities2020-02-124.3CVE-2013-1410
MISC
MISC
phonoerlite -- phonerlite
 
The PhonerLite phone before 2.15 provides hashed credentials in a response to an invalid authentication challenge, which makes it easier for remote attackers to obtain access via a brute-force attack, related to a "SIP Digest Leak" issue.2020-02-124.3CVE-2014-2560
MISC
php -- phpWhen using certain mbstring functions to convert multibyte encodings, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause function mbfl_filt_conv_big5_wchar to read past the allocated buffer. This may lead to information disclosure or crash.2020-02-106.4CVE-2020-7060
MISC
php -- php
 
When using fgetss() function to read data with stripping tags, in PHP versions 7.2.x below 7.2.27, 7.3.x below 7.3.14 and 7.4.x below 7.4.2 it is possible to supply data that will cause this function to read past the allocated buffer. This may lead to information disclosure or crash.2020-02-106.4CVE-2020-7059
MISC
pragmamx -- pragmamx
 
Multiple cross-site scripting (XSS) vulnerabilities in pragmaMx 1.x before 1.12.2 allow remote attackers to inject arbitrary web script or HTML via the (1) name parameter to modules.php or (2) img_url to includes/wysiwyg/spaw/editor/plugins/imgpopup/img_popup.php.2020-02-114.3CVE-2012-2452
MISC
MISC
MISC
prestashop -- prestashop
 
Cross-site scripting (XSS) vulnerability in PrestaShop before 1.4.9 allows remote attackers to inject arbitrary web script or HTML via the index of the product[] parameter to ajax.php.2020-02-114.3CVE-2012-2517
MISC
MISC
qualcomm -- multiple_snapdragon_products
 
During listener modified response processing, a buffer overrun occurs due to lack of buffer size verification when updating message buffer with physical address information in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR21302020-02-074.6CVE-2019-14041
CONFIRM
qualcomm -- multiple_snapdragon_products
 
Using memory after being freed in qsee due to wrong implementation can lead to unexpected behavior such as execution of unknown code in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX24, SM8150, SXR11302020-02-074.6CVE-2019-14040
CONFIRM
railo_technologies -- railo
 
A File Inclusion vulnerability exists in Railo 4.2.1 and earlier via a specially-crafted URL request to the thumbnail.cfm to specify a malicious PNG file, which could let a remote malicious user obtain sensitive information or execute arbitrary code.2020-02-076.8CVE-2014-5468
MISC
MISC
MISC
MISC
MISC
red_hat -- openshift_entrprise
 
It has been found in openshift-enterprise version 3.11 and all openshift-enterprise versions from 4.1 to, including 4.3, that multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to modify /etc/passwd to add a user and escalate their privileges. This CVE is specific to the openshift/mysql-apb.2020-02-074.4CVE-2020-1708
CONFIRM
secom -- dr.idSecom Co. Dr.ID, a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers.2020-02-115CVE-2020-3935
MISC
MISC
MISC
secom -- dr.id
 
Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Management system, allows attackers to enumerate and exam user account in the system.2020-02-115CVE-2020-3933
MISC
MISC
MISC
siemens -- multiple_scalance_devices
 
A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0), SCALANCE S612 (All versions >= V3.0), SCALANCE S623 (All versions >= V3.0), SCALANCE S627-2M (All versions >= V3.0). Specially crafted packets sent to port 443/tcp of affected devices could cause a Denial-of-Service condition of the web server.2020-02-115CVE-2019-13925
MISC
siemens -- multiple_scalance_switches
 
A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (all versions < 5.2.4), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (all versions < 4.1.3). The device does not send the X-Frame-Option Header in the administrative web interface, which makes it vulnerable to Clickjacking attacks. The security vulnerability could be exploited by an attacker that is able to trick an administrative user with a valid session on the target device into clicking on a website controlled by the attacker. The vulnerability could allow an attacker to perform administrative actions via the web interface. At the time of advisory publication no public exploitation of this security vulnerability was known.2020-02-114.3CVE-2019-13924
MISC
siemens -- multiple_simatic_devices
 
A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.1), SIMATIC S7-300 PN/DP CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V6 and below CPU family (incl. SIPLUS variants) (All versions), SIMATIC S7-400 PN/DP V7 CPU family (incl. SIPLUS variants) (All versions). Affected devices contain a vulnerability that could cause a Denial-of-Service condition of the web server by sending specially crafted HTTP requests to ports 80/tcp and 443/tcp. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device’s web server. Beyond the web service, no other functions or interfaces are affected by the Denial-of-Service condition.2020-02-115CVE-2019-13940
MISC
MISC
siemens -- ozw672_and_772_web_servers
 
A vulnerability has been identified in OZW672 (All versions < V10.00), OZW772 (All versions < V10.00). Vulnerable versions of OZW Web Server use predictable path names for project files that legitimately authenticated users have created by using the application's export function. By accessing a specific uniform resource locator on the web server, a remote attacker could be able to download a project file without prior authentication. The security vulnerability could be exploited by an unauthenticated attacker with network access to the affected system. No user interaction is required to exploit this security vulnerability. Successful exploitation of the security vulnerability compromises the confidentiality of the targeted system.2020-02-115CVE-2019-13941
MISC
simple_machines -- simple_machines_forum
 
File Disclosure in SMF (SimpleMachines Forum) <= 2.0.3: Forum admin can read files such as the database config.2020-02-074CVE-2013-0192
MISC
MISC
MISC
smoothwall - smoothwall_express_3
 
A cross-site scripting (XSS) vulnerability in Smoothwall Express 3.2020-02-074.3CVE-2011-1084
MISC
smoothwall -- smoothwall_express_3
 
CSRF vulnerability in Smoothwall Express 3.2020-02-076.8CVE-2011-1085
MISC
socialengine -- socialengineMultiple cross-site request forgery (CSRF) vulnerabilities in the (1) Forum, (2) Event, and (3) Classifieds plugins in SocialEngine before 4.2.4.2020-02-116.8CVE-2012-6721
MISC
socialengine -- socialengine
 
Multiple cross-site scripting (XSS) vulnerabilities in SocialEngine before 4.2.4 allow remote attackers to inject arbitrary web script or HTML via the (1) title parameter to music/create, (2) location parameter to events/create, or (3) search parameter to widget/index/content_id/*.2020-02-114.3CVE-2012-6720
MISC
sockjs -- sockjs
 
htmlfile in lib/transport/htmlfile.js in SockJS before 3.0 is vulnerable to Reflected XSS via the /htmlfile c (aka callback) parameter.2020-02-104.3CVE-2020-8823
MISC
MISC
sphider -- sphider
 
A Command Execution vulnerability exists in Sphider before 1.3.6 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5083 pertains to instances of fwrite in Sphider.2020-02-106.5CVE-2014-5083
MISC
sphider -- sphider_plus
 
A Command Execution vulnerability exists in Sphider Plus 3.2 due to insufficient sanitization of fwrite to conf.php, which could let a remote malicious user execute arbitrary code. CVE-2014-5085 pertains to instances of fwrite in Sphider Plus, but do not exist in either Sphider or Sphider Pro.2020-02-106.5CVE-2014-5085
MISC
sphider -- sphider_pro
 
A Command Execution vulnerability exists in Sphider Pro 3.2 due to insufficient sanitization of fwrite, which could let a remote malicious user execute arbitrary code. CVE-2014-5084 pertains to instances of fwrite in Sphider Pro only, but do not exist in either Sphider or Sphider Plus.2020-02-106.5CVE-2014-5084
MISC
statusnet -- statusnet
 
statusnet through 2010 allows attackers to spoof syslog messages via newline injection attacks.2020-02-075CVE-2010-4658
MISC
MISC
suse -- opensuse_wicked
 
An ni_dhcp4_fsm_process_dhcp4_packet memory leak in openSUSE wicked 0.6.55 and earlier allows network attackers to cause a denial of service by sending DHCP4 packets with a different client-id.2020-02-115CVE-2020-7217
SUSE
MISC
MISC
MISCm

symantec -- endpoint_protection_and_endpoint_protection_small_business_edition

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.2020-02-114.6CVE-2020-5820
MISC

symantec -- endpoint_protection_and_endpoint_protection_small_business_edition

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.2020-02-114.6CVE-2020-5822
MISC

symantec -- endpoint_protection_and_endpoint_protection_small_business_edition

 

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a DLL injection vulnerability, which is a type of issue whereby an individual attempts to execute their own code in place of legitimate code as a means to perform an exploit.2020-02-114.6CVE-2020-5821
MISC

symantec -- endpoint_protection_and_endpoint_protection_small_business_edition

 

Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user.2020-02-114.6CVE-2020-5823
MISC
teamviewer -- teamviewer_desktop
 
TeamViewer Desktop through 14.7.1965 allows a bypass of remote-login access control because the same key is used for different customers' installations. It used a shared AES key for all installations since at least as far back as v7.0.43148, and used it for at least OptionsPasswordAES in the current version of the product. If an attacker were to know this key, they could decrypt protect information stored in the registry or configuration files of TeamViewer. With versions before v9.x , this allowed for attackers to decrypt the Unattended Access password to the system (which allows for remote login to the system as well as headless file browsing). The latest version still uses the same key for OptionPasswordAES but appears to have changed how the Unattended Access password is stored. While in most cases an attacker requires an existing session on a system, if the registry/configuration keys were stored off of the machine (such as in a file share or online), an attacker could then decrypt the required password to login to the system.2020-02-074.4CVE-2019-18988
MISC
MISC
MISC
MISC
testlink -- testlink
 
An issue was discovered in TestLink 1.9.19. The relation_type parameter of the lib/requirements/reqSearch.php endpoint is vulnerable to authenticated SQL Injection.2020-02-106.5CVE-2020-8841
MISC
MISC
texas_instruments -- cc2640r2_devices
 
The Bluetooth Low Energy implementation on Texas Instruments SDK through 3.30.00.20 for CC2640R2 devices does not properly restrict the SM Public Key packet on reception, allowing attackers in radio range to cause a denial of service (crash) via crafted packets.2020-02-106.1CVE-2019-17520
MISC
MISC
MISC
texas_instruments -- multiple_devices
 
The Bluetooth Low Energy peripheral implementation on Texas Instruments SIMPLELINK-CC2640R2-SDK through 3.30.00.20 and BLE-STACK through 1.5.0 before Q4 2019 for CC2640R2 and CC2540/1 devices does not properly restrict the advertisement connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.2020-02-106.1CVE-2019-19193
MISC
MISC
the_bug_genie -- the_bug_genie
 
The Bug Genie before 3.2.6 has Multiple XSS and HTML Injection Vulnerabilities2020-02-114.3CVE-2013-1760
MISC
MISC
MISC
ubiquiti_networks -- unifi_controller
 
Multiple cross-site request forgery (CSRF) vulnerabilities in Ubiquiti Networks UniFi Controller before 3.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create a new admin user via a request to api/add/admin; (2) have unspecified impact via a request to api/add/wlanconf; change the guest (3) password, (4) authentication method, or (5) restricted subnets via a request to api/set/setting/guest_access; (6) block, (7) unblock, or (8) reconnect users by MAC address via a request to api/cmd/stamgr; change the syslog (9) server or (10) port via a request to api/set/setting/rsyslogd; (11) have unspecified impact via a request to api/set/setting/smtp; change the syslog (12) server, (13) port, or (14) authentication settings via a request to api/cmd/cfgmgr; or (15) change the Unifi Controller name via a request to api/set/setting/identity.2020-02-086.8CVE-2014-2225
MISC
MISC
vbseo -- vbseo
 
vBSeo before 3.6.0PL2 allows XSS via the member.php u parameter.2020-02-104.3CVE-2012-6666
MISC
MISC
vtiger -- vtiger_crm
 
vTiger CRM 5.3 and 5.4: 'files' Upload Folder Arbitrary PHP Code Execution Vulnerability2020-02-076.5CVE-2013-3591
MISC
MISC
MISC
MISC
watchguard -- firewire_xtm
 
A Cross-site Scripting (XSS) vulnerability exists in WatchGuard XTM 11.8.3 via the poll_name parameter in the firewall/policy script.2020-02-074.3CVE-2014-6413
MISC
MISC
MISC
MISC
wordpress -- wordpressMultiple SQL injection vulnerabilities in the Huge-IT Slider (slider-image) plugin before 2.7.0 for WordPress allow remote administrators to execute arbitrary SQL commands via the removeslide parameter in a popup_posts or edit_cat action in the sliders_huge_it_slider page to wp-admin/admin.php.2020-02-086.5CVE-2015-2062
MISC
MISC
MISC
MISC
wordpress -- wordpress
 
A Cross-site Scripting (XSS) vulnerability exists in the All in One SEO Pack plugin before 2.0.3.1 for WordPress via the Search parameter.2020-02-114.3CVE-2013-5988
MISC
MISC
wordpress -- wordpress
 
WordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution2020-02-076.8CVE-2013-2009
MISC
MISC
MISC
MISC
MISC
wordpress -- wordpress
 
WordPress Super Cache Plugin 1.3 has XSS.2020-02-074.3CVE-2013-2008
MISC
MISC
MISC
xiaomi -- mi6_devices
 
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Xiaomi Browser Prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the miui.share application. The issue results from the lack of proper validation of user-supplied data, which can result in an arbitrary application download. An attacker can leverage this vulnerability to execute code in the context of the user. Was ZDI-CAN-7483.2020-02-106.8CVE-2019-13322
MISC
xiaomi -- mi6_devices
 
This vulnerability allows network adjacent attackers to execute arbitrary code on affected installations of Xiaomi Browser Prior to 10.4.0. User interaction is required to exploit this vulnerability in that the target must connect to a malicious access point. The specific flaw exists within the handling of HTTP responses to the Captive Portal. A crafted HTML response can cause the Captive Portal to to open a browser to a specified location without user interaction. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-7467.2020-02-105.4CVE-2019-13321
MISC
zabbix -- zabbix
 
Zabbix 2.0.9 has an Arbitrary Command Execution Vulnerability2020-02-076.5CVE-2013-3628
MISC
MISC
MISC
MISC
zenphoto -- zenphoto
 
Zenphoto before 1.4.3.4 admin-news-articles.php date parameter XSS.2020-02-114.3CVE-2012-4519
MISC
MISC
zoho_manageengine -- applications_manager
 
The FailOverHelperServlet (aka FailServlet) servlet in ZOHO ManageEngine Applications Manager before 11.9 build 11912, OpManager 8 through 11.5 build 11400, and IT360 10.5 and earlier does not properly restrict access, which allows remote attackers and remote authenticated users to (1) read arbitrary files via the fileName parameter in a copyfile operation or (2) obtain sensitive information via a directory listing in a listdirectory operation to servlet/FailOverHelperServlet.2020-02-085CVE-2014-7863
MISC
MISC
MISC
MISC
MISC
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
apport -- apport
 
Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories.2020-02-081.9CVE-2019-11482
MISC
MISC
apport -- apport
 
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user.2020-02-082.1CVE-2019-11483
MISC
MISC
apport -- apport
 
Sander Bos discovered Apport's lock file was in a world-writable director which allowed all users to prevent crash handling.2020-02-082.1CVE-2019-11485
MISC
MISC
bludit -- bludit
 
** DISPUTED ** Bludit 3.10.0 allows Editor or Author roles to insert malicious JavaScript on the WYSIWYG editor. NOTE: the vendor's perspective is that this is "not a bug."2020-02-073.5CVE-2020-8812
MISC
cpanel -- cpanel_and_whm
 
The clientconf.html and detailbw.html pages in x3 in cPanel & WHM 11.34.0 (build 8) have a XSS vulnerability.2020-02-103.5CVE-2012-6449
MISC
digi_transport -- multiple_devices
 
Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9 devices allow stored XSS in the web application.2020-02-103.5CVE-2020-8822
MISC
google -- chrome
 
Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attacker to obtain potentially sensitive information via a crafted HTML page.2020-02-112.1CVE-2020-6408
SUSE
MISC
MISC
hp -- hp_systems_insight_manager
 
HP Systems Insight Manager before 7.0 allows a remote user on adjacent network to access information2020-02-102.7CVE-2012-1994
MISC
MISC
MISC
ibm -- rational_publishing_engine
 
IBM Rational Publishing Engine 6.0.6 and 6.0.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162888.2020-02-123.5CVE-2019-4431
XF
CONFIRM
jenkins -- jenkins
 
Jenkins Brakeman Plugin 0.12 and earlier did not escape values received from parsed JSON files when rendering them, resulting in a stored cross-site scripting vulnerability exploitable by users able to control the Brakeman post-build step input data.2020-02-123.5CVE-2020-2122
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins Subversion Plugin 2.13.0 and earlier does not escape the error message for the Project Repository Base URL field form validation, resulting in a stored cross-site scripting vulnerability.2020-02-123.5CVE-2020-2111
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the parameter name shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission.2020-02-123.5CVE-2020-2112
MLIST
CONFIRM
jenkins -- jenkins
 
Jenkins Git Parameter Plugin 0.9.11 and earlier does not escape the default value shown on the UI, resulting in a stored cross-site scripting vulnerability exploitable by users with Job/Configure permission.2020-02-123.5CVE-2020-2113
MLIST
CONFIRM
keycloak -- keycloak
 
It was found in all keycloak versions before 9.0.0 that links to external applications (Application Links) in the admin console are not validated properly and could allow Stored XSS attacks. An authed malicious user could create URLs to trick users in other realms, and possibly conduct further attacks.2020-02-103.5CVE-2020-1697
CONFIRM
linksys -- wrt310nv2ne
 
Linksys WRT310Nv2 2.0.0.1 is vulnerable to XSS.2020-02-073.5CVE-2013-3067
MISC
MISC
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'.2020-02-113.6CVE-2020-0730
MISC
microsoft -- multiple_windows_products
 
An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka 'Windows Common Log File System Driver Information Disclosure Vulnerability'.2020-02-112.1CVE-2020-0658
MISC
microsoft -- multiple_windows_products
 
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the service handles objects in memory., aka 'Windows Key Isolation Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0675, CVE-2020-0676, CVE-2020-0677, CVE-2020-0748, CVE-2020-0756.2020-02-112.1CVE-2020-0755
MISC
microsoft -- multiple_windows_products
 
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the service handles objects in memory., aka 'Windows Key Isolation Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0676, CVE-2020-0677, CVE-2020-0748, CVE-2020-0755, CVE-2020-0756.2020-02-112.1CVE-2020-0675
MISC
microsoft -- multiple_windows_products
 
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the service handles objects in memory., aka 'Windows Key Isolation Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0675, CVE-2020-0676, CVE-2020-0677, CVE-2020-0755, CVE-2020-0756.2020-02-112.1CVE-2020-0748
MISC
microsoft -- multiple_windows_products
 
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'.2020-02-112.1CVE-2020-0744
MISC
microsoft -- multiple_windows_products
 
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the service handles objects in memory., aka 'Windows Key Isolation Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0675, CVE-2020-0676, CVE-2020-0677, CVE-2020-0748, CVE-2020-0755.2020-02-112.1CVE-2020-0756
MISC
microsoft -- multiple_windows_products
 
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0716.2020-02-112.1CVE-2020-0717
MISC
microsoft -- multiple_windows_products
 
An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0717.2020-02-112.1CVE-2020-0716
MISC
microsoft -- multiple_windows_products
 
An information disclosure vulnerability exists when the Windows Network Driver Interface Specification (NDIS) improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability'.2020-02-112.1CVE-2020-0705
MISC
microsoft -- multiple_windows_products
 
An information disclosure vulnerability exists when the Telephony Service improperly discloses the contents of its memory, aka 'Windows Information Disclosure Vulnerability'.2020-02-112.1CVE-2020-0698
MISC
microsoft -- multiple_windows_products
 
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the service handles objects in memory., aka 'Windows Key Isolation Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0675, CVE-2020-0676, CVE-2020-0748, CVE-2020-0755, CVE-2020-0756.2020-02-112.1CVE-2020-0677
MISC
microsoft -- multiple_windows_products
 
An information disclosure vulnerability exists in the Cryptography Next Generation (CNG) service when it fails to properly handle objects in memory.To exploit this vulnerability, an attacker would have to log on to an affected system and run a specially crafted application.The security update addresses the vulnerability by correcting how the service handles objects in memory., aka 'Windows Key Isolation Service Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0675, CVE-2020-0677, CVE-2020-0748, CVE-2020-0755, CVE-2020-0756.2020-02-112.1CVE-2020-0676
MISC
microsoft -- multiple_windows_products
 
An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka 'Windows Kernel Information Disclosure Vulnerability'.2020-02-112.1CVE-2020-0736
MISC
microsoft -- sharepoint
 
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0693.2020-02-113.5CVE-2020-0694
MISC
microsoft -- sharepoint
 
A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0694.2020-02-113.5CVE-2020-0693
MISC
microsoft -- windows_10_and_windows_server
 
A denial of service vulnerability exists when Microsoft Hyper-V on a host server fails to properly validate specific malicious data from a user on a guest operating system.To exploit the vulnerability, an attacker who already has a privileged account on a guest operating system, running as a virtual machine, could run a specially crafted application.The security update addresses the vulnerability by resolving the conditions where Hyper-V would fail to handle these requests., aka 'Windows Hyper-V Denial of Service Vulnerability'. This CVE ID is unique from CVE-2020-0661.2020-02-112.1CVE-2020-0751
MISC
moodle -- moodle
 
Persistent XSS in /course/modedit.php of Moodle through 3.7.2 allows authenticated users (Teacher and above) to inject JavaScript into the session of another user (e.g., enrolled student or site administrator) via the introeditor[text] parameter. NOTE: the discoverer and vendor disagree on whether Moodle customers have a reasonable expectation that anyone authenticated as a Teacher can be trusted with the ability to add arbitrary JavaScript (this ability is not documented on Moodle's Teacher_role page). Because the vendor has this expectation, they have stated "this report has been closed as a false positive, and not a bug."2020-02-113.5CVE-2019-18210
MISC
MISC
mybulletinboard -- mybulletinboard
 
Cross-site scripting (XSS) vulnerability in MyBB before 1.6.13 allows remote authenticated users to inject arbitrary web script or HTML via the name parameter in the edit action of the config-profile_fields module.2020-02-113.5CVE-2014-3826
MISC
mybulletinboard -- mybulletinboard
 
Multiple cross-site scripting (XSS) vulnerabilities in the MyBB (aka MyBulletinBoard) before 1.8.4 allow remote authenticated users to inject arbitrary web script or HTML via the title parameter in the (1) edit or (2) add action in the user-users module or the (3) finduser action or the name parameter in an (4) edit action in the user-user module or the (5) editprofile action to modcp.php.2020-02-113.5CVE-2014-3827
CONFIRM
MISC
netapp -- snap_creator_framework
 
NetApp Snap Creator Framework before 4.3P1 allows remote authenticated users to conduct clickjacking attacks via unspecified vectors.2020-02-113.5CVE-2016-5710
MISC
netcracker -- netcracker_resource_management_system
 
Multiple cross-site scripting (XSS) vulnerabilities in NetCracker Resource Management System before 8.2 allow remote authenticated users to inject arbitrary web script or HTML via the (1) ctrl, (2) t90001_0_theform_selection, (3) _scroll, (4) tableName, (5) parent, (6) circuit, (7) return, (8) xname, or (9) mpTransactionId parameter.2020-02-083.5CVE-2015-2207
MISC
MISC
orange_hrm -- orange_hrm
 
Orange HRM 2.7.1 allows XSS via the vacancy name.2020-02-103.5CVE-2013-1353
MISC
piwigo -- piwigo
 
Piwigo 2.10.1 is affected by stored XSS via the Group Name Field to the group_list page.2020-02-103.5CVE-2020-8089
CONFIRM
MISC
projectpier -- projectpier
 
ProjectPier 0.8.8 has stored XSS2020-02-073.5CVE-2013-3635
MISC
projectpier -- projectpier
 
ProjectPier 0.8.8 has a Remote Information Disclosure Weakness because of the lack of the HttpOnly cookie flag2020-02-073.5CVE-2013-3636
MISC
MISC
MISC
projectpier -- projectpier
 
ProjectPier 0.8.8 does not use the Secure flag for cookies2020-02-073.5CVE-2013-3637
MISC
rakuten -- viber_for_android
 
An exploitable information disclosure vulnerability exists in the 'Secret Chats' functionality of Rakuten Viber on Android 9.3.0.6. The 'Secret Chats' functionality allows a user to delete all traces of a chat either by using a time trigger or by direct request. There is a bug in this functionality which leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device.2020-02-132.1CVE-2018-3987
MISC
samsung -- knox
 
This vulnerability allows local attackers to disclose sensitive information on affected installations of Samsung Knox 1.2.02.39 on Samsung Galaxy S9 build G9600ZHS3ARL1 Secure Folder. An attacker must first obtain physical access to the device in order to exploit this vulnerability. The specific flaws exists within the the handling of the lock screen for Secure Folder. The issue results from the lack of proper validation that a user has correctly authenticated. An attacker can leverage this vulnerability to disclose the contents of the secure container. Was ZDI-CAN-7381.2020-02-102.1CVE-2019-6744
MISC
MISC
symantec -- endpoint_protection_and_endpoint_protection_small_business_edition
 
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to a denial of service vulnerability, which is a type of issue whereby a threat actor attempts to tie up the resources of a resident application, thereby making certain functions unavailable.2020-02-112.1CVE-2020-5824
MISC
symantec -- endpoint_protection_and_endpoint_protection_small_business_edition
 
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptiblesto an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.2020-02-112.1CVE-2020-5826
MISC
symantec -- endpoint_protection_and_endpoint_small_business_edition
 
Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE), prior to 14.2 RU2 MP1 and prior to 14.2.5569.2100 respectively, may be susceptible to an arbitrary file write vulnerability, which is a type of issue whereby an attacker is able to overwrite existing files on the resident system without proper privileges.2020-02-113.6CVE-2020-5825
MISC
symantec -- endpoint_protection_manager
 
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.2020-02-112.1CVE-2020-5827
MISC
symantec -- endpoint_protection_manager
 
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.2020-02-112.1CVE-2020-5829
MISC
symantec -- endpoint_protection_manager
 
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.2020-02-112.1CVE-2020-5830
MISC
symantec -- endpoint_protection_manager
 
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.2020-02-112.1CVE-2020-5831
MISC
symantec -- symantec_endpoint_protection_manager
 
Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program.2020-02-112.1CVE-2020-5828
MISC
syska -- smart_bulb_devices
 
Syska Smart Bulb devices through 2017-08-06 receive RGB parameters over cleartext Bluetooth Low Energy (BLE), leading to sniffing, reverse engineering, and replay attacks.2020-02-103.3CVE-2017-18642
MISC
vanilla_forum -- vanilla
 
index.php?p=/dashboard/settings/branding in Vanilla 2.6.3 allows stored XSS.2020-02-103.5CVE-2020-8825
MISC
MISC
wordpress -- wordpress
 
Multiple cross-site scripting (XSS) vulnerabilities in the Photo Gallery plugin before 1.2.11 for WordPress allow remote authenticated users to inject arbitrary web script or HTML via the (1) sort_by, (2) sort_order, (3) items_view, (4) dir, (5) clipboard_task, (6) clipboard_files, (7) clipboard_src, or (8) clipboard_dest parameters in an addImages action to wp-admin/admin-ajax.php.2020-02-083.5CVE-2015-1394
MISC
MISC
MISC
MISC
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
accusoft -- imagegear
 
An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll PNG pngread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted PNG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.2020-02-14not yet calculatedCVE-2020-6068
MISC
accusoft -- imagegear
 
An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG SOFx parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.2020-02-11not yet calculatedCVE-2020-6066
MISC
accusoft -- imagegear
 
An exploitable out-of-bounds write vulnerability exists in the TIFreadstripdata function of the igcore19d.dll library of Accusoft ImageGear 19.5.0. A specially crafted TIFF file file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.2020-02-14not yet calculatedCVE-2019-5187
MISC
accusoft -- imagegear
 
An exploitable out-of-bounds write vulnerability exists in the uncompress_scan_line function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted PCX file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.2020-02-11not yet calculatedCVE-2020-6063
MISC
accusoft -- imagegear
 
An exploitable out-of-bounds write vulnerability exists in the bmp_parsing function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted BMP file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.2020-02-11not yet calculatedCVE-2020-6065
MISC
accusoft -- imagegear
 
An exploitable out-of-bounds write vulnerability exists in the uncompress_scan_line function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted PCX file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.2020-02-11not yet calculatedCVE-2020-6064
MISC
accusoft -- imagegear
 
An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG jpegread precision parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.2020-02-11not yet calculatedCVE-2020-6069
MISC
accusoft -- imagegear
 
An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll TIFF tifread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted TIFF file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability.2020-02-11not yet calculatedCVE-2020-6067
MISC
adobe -- acrobat_and_readerAdobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to arbitrary file system write.2020-02-13not yet calculatedCVE-2020-3762
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .2020-02-13not yet calculatedCVE-2020-3748
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to arbitrary file system write.2020-02-13not yet calculatedCVE-2020-3763
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions, 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .2020-02-13not yet calculatedCVE-2020-3742
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .2020-02-13not yet calculatedCVE-2020-3743
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .2020-02-13not yet calculatedCVE-2020-3744
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .2020-02-13not yet calculatedCVE-2020-3745
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .2020-02-13not yet calculatedCVE-2020-3746
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .2020-02-13not yet calculatedCVE-2020-3747
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .2020-02-13not yet calculatedCVE-2020-3749
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .2020-02-13not yet calculatedCVE-2020-3750
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to memory leak .2020-02-13not yet calculatedCVE-2020-3753
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .2020-02-13not yet calculatedCVE-2020-3754
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure .2020-02-13not yet calculatedCVE-2020-3755
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to memory leak .2020-02-13not yet calculatedCVE-2020-3756
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .2020-02-13not yet calculatedCVE-2020-3751
CONFIRM
adobe -- acrobat_and_reader
 
Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution .2020-02-13not yet calculatedCVE-2020-3752
CONFIRM
adobe -- digital_editionsAdobe Digital Editions versions 4.5.10 and below have a buffer errors vulnerability. Successful exploitation could lead to information disclosure.2020-02-13not yet calculatedCVE-2020-3759
CONFIRM
adobe -- digital_editionsAdobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-13not yet calculatedCVE-2020-3760
CONFIRM
adobe -- experience_manager
 
Adobe Experience Manager versions 6.5, and 6.4 have an uncontrolled resource consumption vulnerability. Successful exploitation could lead to denial-of-service.2020-02-13not yet calculatedCVE-2020-3741
CONFIRM
adobe -- flash_player
 
Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.2020-02-13not yet calculatedCVE-2020-3757
CONFIRM
ai -- risknet_acquirer
 
RiskNet Acquirer before hotfix 6.0 b7+ADHOC-443 ApplicationServiceBean contains a service information disclosure.2020-02-14not yet calculatedCVE-2013-5687
XF
amazon -- aws-js-s3-explorer
 
explorer.js in Amazon AWS JavaScript S3 Explorer (aka aws-js-s3-explorer) v2 alpha before 2019-08-02 allows XSS in certain circumstances.2020-02-13not yet calculatedCVE-2019-14652
MISC
MISC
MISC

amd -- radeon_amd_user_experience_program_launcher

The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an arbitrary file name.2020-02-12not yet calculatedCVE-2020-8950
MISC
MISC
ammyy -- ammyy_admin
 
Ammyy Admin 3.2 and earlier stores the client ID at a fixed memory location, which might make it easier for user-assisted remote attackers to bypass authentication by running a local program that extracts a field from the AA_v3.2.exe file.2020-02-11not yet calculatedCVE-2013-5582
MISC
apache -- nifi
 
In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. In the event a node attempted to join a cluster and the cluster flow was not inheritable, the flow fingerprint of both the cluster and local flow was printed, potentially containing sensitive values in plaintext.2020-02-11not yet calculatedCVE-2020-1942
MISC
ariadne -- ariadne
 
Multiple cross-site scripting (XSS) vulnerabilities in Ariadne 2.7.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO parameter to (1) index.php and (2) loader.php.2020-02-11not yet calculatedCVE-2011-4938
MISC
MISC
MISC
MISC
MISC
aruba_networks -- intelligent_edge_switches
 
A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. The vulnerability impacts firmware 16.08.* before 16.08.0009, 16.09.* before 16.09.0007 and 16.10.* before 16.10.0003. The vulnerability allows an attacker to retrieve sensitive system information. This attack can be carried out without user authentication under very specific conditions.2020-02-13not yet calculatedCVE-2019-5322
MISC
askey -- ap400w_devices
 
An issue was discovered on Askey AP4000W TDC_V1.01.003 devices. An attacker can perform Remote Code Execution (RCE) by sending a specially crafted network packer to the bd_svr service listening on TCP port 54188.2020-02-13not yet calculatedCVE-2020-8614
MISC
askpop3d -- askpop3d
 
A Denial of Service vulnerability exists in askpop3d 0.7.7 in free (pszQuery),2020-02-13not yet calculatedCVE-2014-3208
MISC
MISC
atlassian -- jira_and_greenhoperStored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows an attacker to inject arbitrary script code.2020-02-13not yet calculatedCVE-2012-1500
MISC
EXPLOIT-DB
atlassian -- jira_server_and_data_center
 
The Atlassian Application Links plugin is vulnerable to cross-site request forgery (CSRF). The following versions are affected: all versions prior to 5.4.21, from version 6.0.0 before version 6.0.12, from version 6.1.0 before version 6.1.2, from version 7.0.0 before version 7.0.2, and from version 7.1.0 before version 7.1.3. The vulnerable plugin is used by Atlassian Jira Server and Data Center before version 8.7.0. An attacker could exploit this by tricking an administrative user into making malicious HTTP requests, allowing the attacker to enumerate hosts and open ports on the internal network where Jira server is present.2020-02-12not yet calculatedCVE-2019-20100
N/A
N/A
N/A
avira -- antivir_engine
 
A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine.2020-02-12not yet calculatedCVE-2013-4602
MISC
MISC
MISC
MISC
MISC
barracuda -- web_application_firewall
 
Barracuda Web Application Firewall (WAF) 7.8.1.013 allows remote attackers to bypass authentication by leveraging a permanent authentication token obtained from a query string.2020-02-12not yet calculatedCVE-2014-2595
MISC
MISC
MISC
MISC
MISC
MISC
MISC
bearftp -- bearftp
 
Improper connection handling in the base connection handler in IKTeam BearFTP before v0.3.1 allows a remote attacker to achieve denial of service via a Slowloris approach by sending a large volume of small packets.2020-02-12not yet calculatedCVE-2020-8815
MISC
MISC
CONFIRM
MISC
CONFIRM
belkin -- n750_routersBelkin n750 routers have a buffer overflow.2020-02-13not yet calculatedCVE-2013-7173
MISC
MISC
boat_browser -- boat_browser_for_android
 
The WebView class and use of the WebView.addJavascriptInterface method in the Boat Browser application 8.0 and 8.0.1 for Android allow remote attackers to execute arbitrary code via a crafted web site, a related issue to CVE-2012-6636.2020-02-12not yet calculatedCVE-2014-4968
MISC
bss -- bs-client_private_client
 
A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user access privileged function.2020-02-13not yet calculatedCVE-2014-4198
MISC
chiyu_technology -- bf-430_devices
 
Stored XSS was discovered on CHIYU BF-430 232/485 TCP/IP Converter devices before 1.16.00, as demonstrated by the /if.cgi TF_submask field.2020-02-12not yet calculatedCVE-2020-8839
MISC
MISC
cisco -- internetwork_operating_system
 
A memory leak vulnerability exists in Cisco IOS before 15.2(1)T due to a memory leak in the HTTP PROXY Server process (aka CSCtu52820), when configured with Cisco ISR Web Security with Cisco ScanSafe and User Authenticaiton NTLM configured.2020-02-12not yet calculatedCVE-2011-4661
MISC
cloud_foundry -- credhub
 
Cloud Foundry CredHub, versions prior to 2.5.10, connects to a MySQL database without TLS even when configured to use TLS. A malicious user with access to the network between CredHub and its MySQL database may eavesdrop on database connections and thereby gain unauthorized access to CredHub and other components.2020-02-12not yet calculatedCVE-2020-5399
CONFIRM
codologic -- codofurm
 
Codologic Codoforum through 4.8.4 allows a DOM-based XSS. While creating a new topic as a normal user, it is possible to add a poll that is automatically loaded in the DOM once the thread/topic is opened. Because session cookies lack the HttpOnly flag, it is possible to steal authentication cookies and take over accounts.2020-02-15not yet calculatedCVE-2020-7050
CONFIRM
MISC
codologic -- codofurm
 
Codologic Codoforum through 4.8.4 allows stored XSS in the login area. This is relevant in conjunction with CVE-2020-5842 because session cookies lack the HttpOnly flag. The impact is account takeover.2020-02-13not yet calculatedCVE-2020-7051
CONFIRM
MISC
combodo -- itop
 
In iTop through 2.6.0, an XSS payload can be delivered in certain fields (such as icon) of the XML file used to build the dashboard. This is similar to CVE-2015-6544 (which is only about the dashboard title).2020-02-14not yet calculatedCVE-2019-13966
MISC
MISC
combodo -- itop
 
iTop 2.2.0 through 2.6.0 allows remote attackers to cause a denial of service (application outage) via many requests to launch a compile operation. The requests use the pages/exec.php?exec_env=production&exec_module=itop-hub-connector&exec_page=ajax.php&operation=compile URI. This only affects the community version.2020-02-14not yet calculatedCVE-2019-13967
MISC
MISC
combodo -- itop
 
Because of a lack of sanitization around error messages, multiple Reflective XSS issues exist in iTop through 2.6.0 via the param_file parameter to webservices/export.php, webservices/cron.php, or env-production/itop-backup/backup.php. By default, any XSS sent to the administrator can be transformed to remote command execution because of CVE-2018-10642 (still working through 2.6.0) The Reflective XSS can also become a stored XSS within the same account because of another vulnerability.2020-02-14not yet calculatedCVE-2019-13965
MISC
MISC
combodo -- itop
 
In Combodo iTop 2.2.0 through 2.6.0, if the configuration file is writable, then execution of arbitrary code can be accomplished by calling ajax.dataloader with a maliciously crafted payload. Many conditions can place the configuration file into a writable state: during installation; during upgrade; in certain cases, an error during modification of the file from the web interface leaves the file writable (can be triggered with XSS); a race condition can be triggered by the hub-connector module (community version only from 2.4.1 to 2.6.0); or editing the file in a CLI.2020-02-14not yet calculatedCVE-2019-11215
MISC
MISC
cypress -- psoc_4_devices
 
The Bluetooth Low Energy implementation in Cypress PSoC 4 BLE component 3.61 and earlier processes data channel frames with a payload length larger than the configured link layer maximum RX payload size, which allows attackers (in radio range) to cause a denial of service (crash) via a crafted BLE Link Layer frame.2020-02-12not yet calculatedCVE-2019-16336
MISC
MISC
MISC
d-link -- dir-842_revc_devices
 
A stack-based buffer overflow was found on the D-Link DIR-842 REVC with firmware v3.13B09 HOTFIX due to the use of strcpy for LOGINPASSWORD when handling a POST request to the /MTFWU endpoint.2020-02-13not yet calculatedCVE-2020-8962
MISC
digi_international -- connectport_lts_32_mei
 
Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a malicious file to the application.2020-02-12not yet calculatedCVE-2020-6975
MISC
digi_international -- connectport_lts_32_mei
 
Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Version 1.2. Multiple cross-site scripting vulnerabilities exist that could allow an attacker to cause a denial-of-service condition.2020-02-13not yet calculatedCVE-2020-6973
MISC
dojo -- dojox
 
dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9. This is due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each character, not all of them.2020-02-13not yet calculatedCVE-2019-10785
MISC
MISC
dovecot -- dovecot
 
The IMAP and LMTP components in Dovecot 2.3.9 before 2.3.9.3 mishandle snippet generation when many characters must be read to compute the snippet and a trailing > character exists. This causes a denial of service in which the recipient cannot read all of their messages.2020-02-12not yet calculatedCVE-2020-7957
CONFIRM
CONFIRM
MISC
dovecot -- dovecot
 
lib-smtp in submission-login and lmtp in Dovecot 2.3.9 before 2.3.9.3 mishandles truncated UTF-8 data in command parameters, as demonstrated by the unauthenticated triggering of a submission-login infinite loop.2020-02-12not yet calculatedCVE-2020-7046
CONFIRM
CONFIRM
MISC
drupal -- drupal
 
The RESTful Web Services (restws) module 7.x-1.x before 7.x-1.4 and 7.x-2.x before 7.x-2.1 for Drupal does not properly restrict access to entity write operations, which makes it easier for remote authenticated users with the "access resource node" and "create page content" permissions (or equivalents) to conduct cross-site scripting (XSS) or execute arbitrary PHP code via a crafted text field.2020-02-11not yet calculatedCVE-2013-4225
MISC
MISC
MISC
MISC
easyxdm -- easyxdm
 
Cross-site Scripting (XSS) in EasyXDM before 2.4.18 allows remote attackers to inject arbitrary web script or html via the easyxdm.swf file.2020-02-14not yet calculatedCVE-2013-5212
MISC
XF
etherpad -- etherpad
 
Directory traversal vulnerability in node/utils/Minify.js in Etherpad 1.1.2 through 1.5.4 allows remote attackers to read arbitrary files with permissions of the user running the service via a .. (dot dot) in the path parameter of HTTP API requests. NOTE: This vulnerability is due to an incomplete fix to CVE-2015-3297.2020-02-13not yet calculatedCVE-2015-3309
MISC
MISC
MISC
extrun -- ilbo
 
ilbo App (ilbo App for Android prior to version 1.1.8 and ilbo App for iOS prior to version 1.2.01) allows an attacker on the same network segment to bypass authentication and to view the images which were recorded by the other ilbo user's device via unspecified vectors.2020-02-14not yet calculatedCVE-2020-5532
MISC
MISC
MISC
fasterxml -- jackson-databind
 
FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter.2020-02-10not yet calculatedCVE-2020-8840
MISC
foxit -- phantompdfThis vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of text field objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9400.2020-02-14not yet calculatedCVE-2020-8846
MISC
MISC
foxit -- phantompdf
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.2947. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the fxhtml2pdf.exe module. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9560.2020-02-14not yet calculatedCVE-2020-8855
MISC
MISC
foxit -- phantompdf
 
This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of watermarks in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9358.2020-02-14not yet calculatedCVE-2020-8845
MISC
MISC
foxit -- phantompdf
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of HTML files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9591.2020-02-14not yet calculatedCVE-2020-8853
MISC
MISC
foxit -- phantompdf
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of JPEG files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9606.2020-02-14not yet calculatedCVE-2020-8854
MISC
MISC
foxit -- phantompdf
 
This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25608. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of watermarks. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9640.2020-02-14not yet calculatedCVE-2020-8856
MISC
MISC
foxit -- readerThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPEG2000 files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process. Was ZDI-CAN-9416.2020-02-14not yet calculatedCVE-2020-8852
MISC
MISC
foxit -- readerThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of form Annotation objects within AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9862.2020-02-14not yet calculatedCVE-2020-8857
MISC
MISC
foxit -- reader
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPEG2000 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9414.2020-02-14not yet calculatedCVE-2020-8847
MISC
MISC
foxit -- reader
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9406.2020-02-14not yet calculatedCVE-2020-8851
MISC
MISC
foxit -- reader
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9407.2020-02-14not yet calculatedCVE-2020-8848
MISC
MISC
foxit -- reader
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPEG2000 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9415.2020-02-14not yet calculatedCVE-2020-8850
MISC
MISC
foxit -- reader
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPEG2000 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9413.2020-02-14not yet calculatedCVE-2020-8849
MISC
MISC
foxit -- reader
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG files within CovertToPDF. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9102.2020-02-14not yet calculatedCVE-2020-8844
CONFIRM
MISC
free_reprintables -- articlefr
 
A Privilege Escalation Vulnerability exists in Free Reprintables ArticleFR 11.06.2014 due to insufficient access restrictions in the data.php script, which could let a remote malicious user obtain access or modify or delete database information.2020-02-13not yet calculatedCVE-2014-4170
MISC
MISC
MISC
MISC
freebsd -- bsd_libc
 
regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion.2020-02-12not yet calculatedCVE-2011-3336
FULLDISC
BID
MISC
BUGTRAQ
fujitsu -- multiple_products
 
The Fujitsu TLS library allows a man-in-the-middle attack. This affects Interstage Application Development Cycle Manager V10 and other versions, Interstage Application Server V12 and other versions, Interstage Business Application Manager V2 and other versions, Interstage Information Integrator V11 and other versions, Interstage Job Workload Server V8, Interstage List Works V10 and other versions, Interstage Studio V12 and other versions, Interstage Web Server Express V11, Linkexpress V5, Safeauthor V3, ServerView Resource Orchestrator V3, Systemwalker Cloud Business Service Management V1, Systemwalker Desktop Keeper V15, Systemwalker Desktop Patrol V15, Systemwalker IT Change Manager V14, Systemwalker Operation Manager V16 and other versions, Systemwalker Runbook Automation V15 and other versions, Systemwalker Security Control V1, and Systemwalker Software Configuration Manager V15.2020-02-07not yet calculatedCVE-2019-13163
CONFIRM
git -- git
 
Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine; libgit2; Egit; and JGit allow remote Git servers to execute arbitrary commands via a tree containing a crafted .git/config file with (1) an ignorable Unicode codepoint, (2) a git~1/config representation, or (3) mixed case that is improperly handled on a case-insensitive filesystem.2020-02-12not yet calculatedCVE-2014-9390
MISC
MISC
MISC
MISC
MISC
MISC
MISC
gitlab -- gitlab
 
GitLab 12.2.2 and below contains a security vulnerability that allows a guest user in a private project to see the merge request ID associated to an issue via the activity timeline.2020-02-14not yet calculatedCVE-2019-15592
MISC
MISC
gitlab -- gitlab
 
GitLab 11.8 and later contains a security vulnerability that allows a user to obtain details of restricted pipelines via the merge request endpoint.2020-02-14not yet calculatedCVE-2019-15594
MISC
MISC
global_payments -- php-sdk
 
Gateways/Gateway.php in Heartland & Global Payments PHP SDK before 2.0.0 does not enforce SSL certificate validations.2020-02-14not yet calculatedCVE-2019-20455
MISC
MISC
gocloud -- mutliple_devices
 
Gocloud S2A_WL 4.2.7.16471, S2A 4.2.7.17278, S2A 4.3.0.15815, S2A 4.3.0.17193, S3A K2P MTK 4.2.7.16528, S3A 4.3.0.16572, and ISP3000 4.3.0.17190 devices allows remote attackers to execute arbitrary OS commands via shell metacharacters in a ping operation, as demonstrated by the cgi-bin/webui/admin/tools/app_ping/diag_ping/; substring.2020-02-12not yet calculatedCVE-2020-8949
MISC
google -- androidIn notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9Android ID: A-1226520572020-02-13not yet calculatedCVE-2020-0028
MISC
google -- android
 
In btm_read_remote_ext_features_complete of btm_acl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1415528592020-02-13not yet calculatedCVE-2020-0005
MISC
google -- android
 
It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable. This could lead to a local escalation of privilege with no additional execution privileges needed. User action is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1286745202020-02-13not yet calculatedCVE-2020-0014
MISC
google -- android
 
In binder_thread_release of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145286050References: Upstream kernel2020-02-13not yet calculatedCVE-2020-0030
MISC
google -- android
 
The Bluetooth stack in Android before 2.3.6 allows a physically proximate attacker to obtain contact information via an AT phonebook transfer.2020-02-12not yet calculatedCVE-2011-2343
CONFIRM
MISC
google -- android
 
In updatePermissions of PermissionManagerService.java, it may be possible for a malicious app to obtain a custom permission from another app due to a permission bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-673192742020-02-13not yet calculatedCVE-2019-2200
MISC
google -- android
 
In onCreate of CertInstaller.java, there is a possible way to overlay the Certificate Installation dialog by a malicious application. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1390171012020-02-13not yet calculatedCVE-2020-0015
MISC
google -- android
 
In Parcel::continueWrite of Parcel.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1404194012020-02-13not yet calculatedCVE-2020-0026
MISC
google -- android
 
In multiple places, it was possible for the primary user’s dictionary to be visible to and modifiable by secondary users. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1232328922020-02-13not yet calculatedCVE-2020-0017
MISC
google -- android
 
In MotionEntry::appendDescription of InputDispatcher.cpp, there is a possible log information disclosure. This could lead to local disclosure of user input with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1399450492020-02-13not yet calculatedCVE-2020-0018
MISC
google -- android
 
In HidRawSensor::batch of HidRawSensor.cpp, there is a possible out of bounds write due to an unexpected switch fallthrough. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1440409662020-02-13not yet calculatedCVE-2020-0027
MISC
google -- android
 
In getAttributeRange of ExifInterface.java, there is a possible failure to redact location information from media files due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-1431187312020-02-13not yet calculatedCVE-2020-0020
MISC
google -- android
 
In removeUnusedPackagesLPw of PackageManagerService.java, there is a possible permanent denial-of-service due to a missing package dependency test. This could lead to remote denial of service with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-1414136922020-02-13not yet calculatedCVE-2020-0021
MISC
google -- android
 
In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-1438947152020-02-13not yet calculatedCVE-2020-0022
FULLDISC
MISC
google -- android
 
In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user contacts over bluetooth due to a missing permission check. This could lead to local information disclosure if a malicious app enables contacts over a bluetooth connection, with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-1451308712020-02-13not yet calculatedCVE-2020-0023
MISC
hashicorp -- sentinelHashiCorp Sentinel up to 0.10.1 incorrectly parsed negation in certain policy expressions. Fixed in 0.10.2.2020-02-14not yet calculatedCVE-2019-19879
MISC
hcl -- appscan_standard_edition
 
HCL AppScan Standard Edition 9.0.3.13 and earlier uses hard-coded credentials which can be exploited by attackers to get unauthorized access to the system.2020-02-14not yet calculatedCVE-2019-4392
MISC
hitachi -- command_suite_and_automation_director
 
A vulnerability in Hitachi Command Suite prior to 8.7.1-00 and Hitachi Automation Director prior to 8.5.0-00 allow authenticated remote users to expose technical information through error messages. Hitachi Command Suite includes Hitachi Device Manager and Hitachi Compute Systems Manager.2020-02-14not yet calculatedCVE-2018-21032
MISC
CONFIRM
hitachi -- multiple_products
 
A vulnerability in Hitachi Command Suite prior to 8.6.2-00, Hitachi Automation Director prior to 8.6.2-00 and Hitachi Infrastructure Analytics Advisor prior to 4.2.0-00 allow authenticated remote users to load an arbitrary Cascading Style Sheets (CSS) token sequence. Hitachi Command Suite includes Hitachi Device Manager, Hitachi Tiered Storage Manager, Hitachi Replication Manager, Hitachi Tuning Manager, Hitachi Global Link Manager and Hitachi Compute Systems Manager.2020-02-14not yet calculatedCVE-2018-21033
MISC
CONFIRM
hp -- linuxki
 
LinuxKI v6.0-1 and earlier is vulnerable to an XSS which is resolved in release 6.0-2.2020-02-13not yet calculatedCVE-2020-7208
MISC
hp -- linuxki
 
LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution which is resolved in release 6.0-2.2020-02-13not yet calculatedCVE-2020-7209
MISC
ibm -- tivoli_monitoring_service
 
IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of service or disabling of the monitoring server. IBM X-Force ID: 167647.2020-02-13not yet calculatedCVE-2019-4592
XF
CONFIRM
ibm -- urbancode_deploy_and_urbancode_buildIBM UrbanCode Deploy (UCD) 7.0.3 and IBM UrbanCode Build 6.1.5 could allow a local user to obtain sensitive information by unmasking certain secure values in documents. IBM X-Force ID: 171248.2020-02-13not yet calculatedCVE-2019-4666
XF
CONFIRM
CONFIRM
intel -- converged_security_and_management_engine
 
Improper Authentication in subsystem in Intel(R) CSME versions 12.0 through 12.0.48 (IOT only: 12.0.56), versions 13.0 through 13.0.20, versions 14.0 through 14.0.10 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access.2020-02-13not yet calculatedCVE-2019-14598
MISC
intel -- e1000e/82574l_network_controller_devices
 
A denial of service vulnerability exists in some motherboard implementations of Intel e1000e/82574L network controller devices through 2013-02-06 where the device can be brought into a non-processing state when parsing 32 hex, 33 hex, or 34 hex byte values at the 0x47f offset. NOTE: A followup statement from Intel suggests that the root cause of this issue was an incorrectly configured EEPROM image.2020-02-13not yet calculatedCVE-2013-1634
MISC
MISC
MLIST
MLIST
SECTRACK
XF
intel -- manycore_platform_software_stack
 
Improper permissions in the installer for Intel(R) MPSS before version 3.8.6 may allow an authenticated user to potentially enable escalation of privilege via local access.2020-02-13not yet calculatedCVE-2020-0563
MISC
intel -- renesas_electronics_usb
 
Improper permissions in the installer for the Intel(R) Renesas Electronics(R) USB 3.0 Driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.2020-02-13not yet calculatedCVE-2020-0560
MISC
intel -- sgx_software_development_kitImproper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access.2020-02-13not yet calculatedCVE-2020-0561
MISC
intel --  raid_web_console_2Improper permissions in the installer for Intel(R) RWC2, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.2020-02-13not yet calculatedCVE-2020-0562
MISC
intel --  raid_web_console_3_for_windowsImproper permissions in the installer for Intel(R) RWC3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access.2020-02-13not yet calculatedCVE-2020-0564
MISC
invision_power_services -- invision_power_board
 
Invision Power Board (IPB) through 3.x allows admin account takeover leading to code execution.2020-02-12not yet calculatedCVE-2013-3725
MISC
istio -- istio
 
An issue was discovered in Istio 1.3 through 1.3.6. Under certain circumstances, it is possible to bypass a specifically configured Mixer policy. Istio-proxy accepts the x-istio-attributes header at ingress that can be used to affect policy decisions when Mixer policy selectively applies to a source equal to ingress. To exploit this vulnerability, someone has to encode a source.uid in this header. This feature is disabled by default in Istio 1.3 and 1.4.2020-02-14not yet calculatedCVE-2020-8843
MISC
MISC
CONFIRM
joomla! -- joomla!
 
Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution.2020-02-12not yet calculatedCVE-2011-4906
CONFIRM
EXPLOIT-DB
MISC
joomla! -- joomla!
 
TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php.2020-02-12not yet calculatedCVE-2011-4908
MISC
EXPLOIT-DB
MLIST
jsreport -- jsreport
 
An unintended require and server-side request forgery vulnerabilities in jsreport version 2.5.0 and earlier allow attackers to execute arbitrary code.2020-02-14not yet calculatedCVE-2020-8128
MISC
jsreport -- script-manager
 
An unintended require vulnerability in script-manager npm package version 0.8.6 and earlier may allow attackers to execute arbitrary code.2020-02-14not yet calculatedCVE-2020-8129
MISC
juniper -- junos_os
 
Multiple vulnerabilities exist in Juniper Junos J-Web error handling that may lead to cross site scripting (XSS) issues or crash the J-Web service (DoS). This affects Juniper Junos OS 12.1X44 before 12.1X44-D45, 12.1X46 before 12.1X46-D30, 12.1X47 before 12.1X47-D20, 12.3 before 12.3R8, 12.3X48 before 12.3X48-D10, 13.1 before 13.1R5, 13.2 before 13.2R6, 13.3 before 13.3R4, 14.1 before 14.1R3, 14.1X53 before 14.1X53-D10, 14.2 before 14.2R1, and 15.1 before 15.1R1.2020-02-11not yet calculatedCVE-2014-6447
CONFIRM
MISC
kaseya -- virtual_system_administrator
 
Directory traversal vulnerability in Kaseya Virtual System Administrator (VSA) 7.0.0.0 before 7.0.0.33, 8..0.0.0 before 8.0.0.23, 9.0.0.0 before 9.0.0.19, and 9.1.0.0 before 9.1.0.9 allows remote authenticated users to write to and execute arbitrary files due to insufficient restrictions in file paths to json.ashx.2020-02-13not yet calculatedCVE-2015-6589
MISC
MISC
MISC
MISC
kde -- paste_applet
 
The %{password(...)} macro in pastemacroexpander.cpp in the KDE Paste Applet before 4.10.5 in kdeplasma-addons does not properly generate passwords, which allows context-dependent attackers to bypass authentication via a brute-force attack.2020-02-11not yet calculatedCVE-2013-2120
MISC
MISC
MISC
MISC
MISC
kde -- paste_applet
 
The KRandom::random function in KDE Paste Applet after 4.10.5 in kdeplasma-addons uses the GNU C Library rand function's linear congruential generator, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by predicting the generator output.2020-02-11not yet calculatedCVE-2013-2213
MISC
MISC
MISC
kinetica -- kinetica
 
The Admin web application in Kinetica 7.0.9.2.20191118151947 does not properly sanitise the input for the function getLogs. This lack of sanitisation could be exploited to allow an authenticated attacker to run remote code on the underlying operating system. The logFile parameter in the getLogs function was used as a variable in a command to read log files; however, due to poor input sanitisation, it was possible to bypass a replacement and break out of the command.2020-02-11not yet calculatedCVE-2020-8429
MISC
MISC
lenovo -- ez_media_&_backup_centerA vulnerability in the web interface of Lenovo EZ Media & Backup Center, ix2 & ix2-dl version 4.1.406.34763 and prior could allow an unauthenticated, remote attacker to redirect a user to an untrusted web page.2020-02-14not yet calculatedCVE-2019-19758
CONFIRM
lenovo -- multiple_devices
 
Lenovo was notified of a potential denial of service vulnerability, affecting various versions of BIOS for Lenovo Desktop, Desktop - All in One, and ThinkStation, that could cause PCRs to be cleared intermittently after resuming from sleep (S3) on systems with Intel TXT enabled.2020-02-14not yet calculatedCVE-2019-6190
CONFIRM
lenovo -- xclarity_administrator
 
An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered a Document Object Model (DOM) based cross-site scripting vulnerability in versions prior to 2.6.6 that could allow JavaScript code to be executed in the user's web browser if a specially crafted link is visited. The JavaScript code is executed on the user's system, not executed on LXCA itself.2020-02-14not yet calculatedCVE-2019-19757
CONFIRM
lenovo -- xclarity_administrator
 
An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.6.6 that could allow information disclosure.2020-02-14not yet calculatedCVE-2019-6194
CONFIRM
lenovo -- xclarity_administrator
 
An information disclosure vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.6.6 that could allow unauthenticated access to some configuration files which may contain usernames, license keys, IP addresses, and encrypted password hashes.2020-02-14not yet calculatedCVE-2019-6193
CONFIRM
lenovo -- xclarity_controller
 
An authorization bypass exists in Lenovo XClarity Controller (XCC) versions prior to 3.08 CDI340V, 3.01 TEI392O, 1.71 PSI328N where a valid authenticated user with lesser privileges may be granted read-only access to higher-privileged information if 1) “LDAP Authentication Only with Local Authorization” mode is configured and used by XCC, and 2) a lesser privileged user logs into XCC within 1 minute of a higher privileged user logging out. The authorization bypass does not exist when “Local Authentication and Authorization” or “LDAP Authentication and Authorization” modes are configured and used by XCC.2020-02-14not yet calculatedCVE-2019-6195
CONFIRM
lexmark -- multiple_devices
 
Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other information via the users web browser.2020-02-13not yet calculatedCVE-2019-18791
MISC
CONFIRM
libuv -- libuv
 
The uv_rwlock_t fallback implementation for Windows XP and Server 2003 in libuv before 1.7.4 does not properly prevent threads from releasing the locks of other threads, which allows attackers to cause a denial of service (deadlock) or possibly have unspecified other impact by leveraging a race condition.2020-02-11not yet calculatedCVE-2014-9748
MISC
MISC
MISC
MISC
MISC
linux -- linux_kernel
 
ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size.2020-02-14not yet calculatedCVE-2020-8992
MISC
lvm2 -- lvm2
 
vg_lookup in daemons/lvmetad/lvmetad-core.c in LVM2 2.02 mismanages memory, leading to an lvmetad memory leak, as demonstrated by running pvs.2020-02-14not yet calculatedCVE-2020-8991
MISC
magento -- magentoZend_XmlRpc Class in Magento before 1.7.0.2 contains an information disclosure vulnerability.2020-02-13not yet calculatedCVE-2012-6091
MLIST
BID
XF
mailu -- mailu
 
In Mailu before version 1.7, an authenticated user can exploit a vulnerability in Mailu fetchmail script and gain full access to a Mailu instance. Mailu servers that have open registration or untrusted users are most impacted. The master and 1.7 branches are patched on our git repository. All Docker images published on docker.io/mailu for tags 1.5, 1.6, 1.7 and master are patched. For detailed instructions about patching and securing the server afterwards, see https://github.com/Mailu/Mailu/issues/13542020-02-13not yet calculatedCVE-2020-5239
MISC
CONFIRM
mambo -- mambo_cmsMambo CMS through 4.6.5 has multiple XSS.2020-02-12not yet calculatedCVE-2011-2499
MLIST
mantisbt -- mantisbt
 
A cross-site scripting (XSS) vulnerability was discovered in the Source Integration plugin before 1.6.2 and 2.x before 2.3.1 for MantisBT. The repo_delete.php Delete Repository page allows execution of arbitrary code via a repo name (if CSP settings permit it). This is related to CVE-2018-16362.2020-02-13not yet calculatedCVE-2020-8981
MISC
MISC
matestack-ui-core_gem_for_ruby_on_rails -- matestack-ui-core_gem_for_ruby_on_railsmatestack-ui-core (RubyGem) before 0.7.4 is vulnerable to XSS/Script injection. This vulnerability is patched in version 0.7.4.2020-02-13not yet calculatedCVE-2020-5241
CONFIRM
maxum_development_corporation -- rumpus_ftp
 
A CSRF vulnerability exists in the Web Settings of Web File Manager in Rumpus FTP 8.2.9.1. Exploitation of this vulnerability can result in manipulation of Server Web settings at RAPR/WebSettingsGeneralSet.html.2020-02-10not yet calculatedCVE-2019-19664
MISC
MISC
maxum_development_corporation -- rumpus_ftp_server
 
A CSRF vulnerability exists in the Web File Manager's Create/Delete Accounts functionality of Rumpus FTP Server 8.2.9.1. By exploiting it, an attacker can Create and Delete accounts via RAPR/TriggerServerFunction.html.2020-02-10not yet calculatedCVE-2019-19662
MISC
MISC
mcafee -- endpoint_security
 
Improper access control vulnerability in Configuration Tool in McAfee Mcafee Endpoint Security (ENS) Prior to 10.6.1 February 2020 Update allows local users to disable security features via unauthorised use of the configuration tool from older versions of ENS.2020-02-14not yet calculatedCVE-2020-7251
CONFIRM
microsoft -- multiple_windows_productsAn information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'.2020-02-11not yet calculatedCVE-2020-0728
MISC
BUGTRAQ
microsoft -- multiple_windows_productsAn information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Information Disclosure Vulnerability'.2020-02-11not yet calculatedCVE-2020-0714
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0745, CVE-2020-0792.2020-02-11not yet calculatedCVE-2020-0715
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists when the Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'.2020-02-11not yet calculatedCVE-2020-0727
MISC
microsoft -- multiple_windows_products
 
A remote code execution vulnerability exists when the Windows Imaging Library improperly handles memory.To exploit this vulnerability, an attacker would first have to coerce a victim to open a specially crafted file.The security update addresses the vulnerability by correcting how the Windows Imaging Library handles memory., aka 'Windows Imaging Library Remote Code Execution Vulnerability'.2020-02-11not yet calculatedCVE-2020-0708
MISC
microsoft -- multiple_windows_products
 
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0719, CVE-2020-0720, CVE-2020-0721, CVE-2020-0722, CVE-2020-0723, CVE-2020-0724, CVE-2020-0725, CVE-2020-0726, CVE-2020-0731.2020-02-11not yet calculatedCVE-2020-0691
MISC
microsoft -- office_online_server
 
A spoofing vulnerability exists when Office Online Server does not validate origin in cross-origin communications correctly, aka 'Microsoft Office Online Server Spoofing Vulnerability'.2020-02-11not yet calculatedCVE-2020-0695
MISC
microsys -- promotic
 
Microsys PROMOTIC 8.2.13 contains an ActiveX Control Start Buffer Overflow vulnerability which can lead to denial of service.2020-02-13not yet calculatedCVE-2014-1617
MISC
MISC
mobileiron -- vsp_and_sentry
 
MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme.2020-02-13not yet calculatedCVE-2013-7287
MISC
MISC
mobileiron -- vsp_and_sentry
 
MobileIron VSP < 5.9.1 and Sentry < 5.0 has a weak password obfuscation algorithm2020-02-12not yet calculatedCVE-2013-7286
MISC
MISC
moxa -- mgate_5105-mb-eip_devices
 
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Moxa MGate 5105-MB-EIP firmware version 4.1. Authentication is required to exploit this vulnerability. The specific flaw exists within the DestIP parameter within MainPing.asp. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9552.2020-02-14not yet calculatedCVE-2020-8858
MISC
MISC
netgear -- cg3100_devices
 
A vulnerability exists in Netgear CG3100 devices before 3.9.2421.13.mp3 V0027 via an embed malicious script in an unspecified page, which could let a malicious user obtain sensitive information.2020-02-13not yet calculatedCVE-2014-3919
MISC
netis -- wf2471_devices
 
Netis WF2471 v1.2.30142 devices allow an authenticated attacker to execute arbitrary OS commands via shell metacharacters in the /cgi-bin-igd/sys_log_clean.cgi log_3g_type parameter.2020-02-12not yet calculatedCVE-2020-8946
MISC
nvidia -- graphics_drivers
 
A Memory Corruption Vulnerability exists in NVIDIA Graphics Drivers 29549 due to an unknown function in the file proc/driver/nvidia/registry.2020-02-12not yet calculatedCVE-2012-0951
MISC
MISC
nxp -- kw41z_devices
 
The Bluetooth Low Energy implementation on NXP SDK through 2.2.1 for KW41Z devices does not properly restrict the Link Layer payload length, allowing attackers in radio range to cause a buffer overflow via a crafted packet.2020-02-12not yet calculatedCVE-2019-17519
MISC
openconnect_project -- openconnect_vpn_clientOpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection.2020-02-13not yet calculatedCVE-2013-7098
CONFIRM
openvpn -- access_serverOpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication).2020-02-13not yet calculatedCVE-2020-8953
CONFIRM
openx -- openx_ad_server
 
A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code2020-02-14not yet calculatedCVE-2013-4211
MISC
MISC
MISC
MISC
MISC
otrs -- itsm_and_faq
 
A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code.2020-02-12not yet calculatedCVE-2013-2637
MISC
MISC
MISC
MISC
palo_alto_networks -- expedition_migration_tool
 
Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. This issue affects Expedition Migration Tool 1.1.51 and earlier versions.2020-02-12not yet calculatedCVE-2020-1977
CONFIRM
palo_alto_networks -- globalprotect
 
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash. This issue affects GlobalProtect 5.0.5 and earlier versions of GlobalProtect 5.0 on Mac OS.2020-02-12not yet calculatedCVE-2020-1976
CONFIRM
palo_alto_networks -- pan-os
 
Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 versions earlier than PAN-OS 9.0.6. This issue does not affect PAN-OS 7.1, PAN-OS 8.0, or PAN-OS 9.1 or later versions.2020-02-12not yet calculatedCVE-2020-1975
CONFIRM
pcre -- pearl_compatible_regular_expressions
 
An out-of-bounds read was discovered in PCRE before 10.34 when the pattern \X is JIT compiled and used to match specially crafted subjects in non-UTF mode. Applications that use PCRE to parse untrusted input may be vulnerable to this flaw, which would allow an attacker to crash the application. The flaw occurs in do_extuni_no_utf in pcre2_jit_compile.c.2020-02-14not yet calculatedCVE-2019-20454
MISC
MISC
MISC
MISC
podman -- podman
 
A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0.2020-02-11not yet calculatedCVE-2020-1726
CONFIRM
prestashop -- prestashop
 
PrestaShop before 1.4.11 allows logout CSRF.2020-02-14not yet calculatedCVE-2013-4792
MISC
prestashop -- prestashop
 
PrestaShop before 1.4.11 allows Logistician, translators and other low level profiles/accounts to inject a persistent XSS vector on TinyMCE.2020-02-14not yet calculatedCVE-2013-4791
MISC
prismview -- prismview_system_and_prismview_player
 
The HTTP API in Prismview System 9 11.10.17.00 and Prismview Player 11 13.09.1100 allows remote code execution by uploading RebootSystem.lnk and requesting /REBOOTSYSTEM or /RESTARTVNC. (Authentication is required but an XML file containing credentials can be downloaded.)2020-02-10not yet calculatedCVE-2019-20451
MISC
proglottis -- gpgme
 
The proglottis Go wrapper before 0.1.1 for the GPGME library has a use-after-free, as demonstrated by use for container image pulls by Docker or CRI-O. This leads to a crash or potential code execution during GPG signature verification.2020-02-12not yet calculatedCVE-2020-8945
MISC
MISC
MISC
MISC
progress -- moveit_transfer
 
In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, multiple SQL Injection vulnerabilities have been found in the REST API that could allow an authenticated attacker to gain unauthorized access to MOVEit Transfer's database via the REST API. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or destroy database elements.2020-02-14not yet calculatedCVE-2020-8611
MISC
CONFIRM
CONFIRM
CONFIRM
progress -- moveit_transfer
 
In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, a REST API endpoint failed to adequately sanitize malicious input, which could allow an authenticated attacker to execute arbitrary code in a victim's browser, aka XSS.2020-02-14not yet calculatedCVE-2020-8612
MISC
CONFIRM
CONFIRM
CONFIRM
python-mode -- python-modeA Code Execution vulnerability exists in select.py when using python-mode 2012-12-19.2020-02-12not yet calculatedCVE-2013-5106
MISC
qemu -- qemu
 
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host.2020-02-11not yet calculatedCVE-2020-1711
CONFIRM
MISC
MISC
qnap -- viocard-300_devices
 
QNAP VioCard 300 has hardcoded RSA private keys.2020-02-13not yet calculatedCVE-2013-6277
MISC
MISC
realtek -- ndis_driver_rt64x64.sys
 
Realtek NDIS driver rt640x64.sys, file version 10.1.505.2015, fails to do any size checking on an input buffer from user space, which the driver assumes has a size greater than zero bytes. To exploit this vulnerability, an attacker must send an IRP with a system buffer size of 0.2020-02-12not yet calculatedCVE-2019-11867
MISC
MISC
red_hat -- openshift_enterprise
 
The default configuration of broker.conf in Red Hat OpenShift Enterprise 2.x before 2.1 has a password of "mooo" for a Mongo account, which allows remote attackers to hijack the broker by providing this password, related to the openshift.sh script in Openshift Extras before 20130920. NOTE: this may overlap CVE-2013-4253 and CVE-2013-4281.2020-02-12not yet calculatedCVE-2014-0234
MISC
MISC
MISC
MISC
MISC
runc -- runc
 
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)2020-02-12not yet calculatedCVE-2019-19921
SUSE
MISC
MISC
MISC
MISC
salesagility -- suitecrm
 
SuiteCRM through 7.11.10 allows SQL Injection via the SOAP API, the EmailUIAjax interface, or the MailMerge module.2020-02-13not yet calculatedCVE-2020-8804
MISC
MISC
MISC
salesagility -- suitecrm
 
SuiteCRM through 7.11.11 allows Directory Traversal to include arbitrary .php files within the webroot via add_to_prospect_list.2020-02-13not yet calculatedCVE-2020-8803
MISC
MISC
MISC
salesagility -- suitecrm
 
SuiteCRM through 7.11.11 has Incorrect Access Control via action_saveHTMLField Bean Manipulation.2020-02-13not yet calculatedCVE-2020-8802
MISC
MISC
MISC
salesagility -- suitecrm
 
SuiteCRM through 7.11.11 allows PHAR Deserialization.2020-02-13not yet calculatedCVE-2020-8801
MISC
MISC
MISC
salesagility -- suitecrm
 
SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection.2020-02-13not yet calculatedCVE-2020-8800
MISC
MISC
MISC
samsung -- s6_edge_smartphone
 
Multiple buffer overflows in the esa_write function in /dev/seirenin the Exynos Seiren Audio driver, as used in Samsung S6 Edge, allow local users to cause a denial of service (memory corruption) via a large (1) buffer or (2) size parameter.2020-02-12not yet calculatedCVE-2015-7890
MISC
MISC
MISC
sap -- business_objects_intelligence_platformCertain settings page(s) in SAP Business Objects Business Intelligence Platform (CMC), version 4.2, generates error messages that can give enterprise private-network related information which would otherwise be restricted leading to Information Disclosure.2020-02-12not yet calculatedCVE-2020-6189
MISC
MISC
sap -- enterprise_resource_planning_and_s/4hana
 
VAT Pro-Rata reports in SAP ERP (SAP_APPL versions 600, 602, 603, 604, 605, 606, 616 and SAP_FIN versions 617, 618, 700, 720, 730) and SAP S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user leading to Missing Authorization Check.2020-02-12not yet calculatedCVE-2020-6188
MISC
MISC
sap -- host_agentSAP Host Agent, version 7.21, allows an unprivileged user to read the shared memory or write to the shared memory by sending request to the main SAPOSCOL process and receive responses that may contain data read with user root privileges e.g. size of any directory, system hardware and OS details, leading to Missing Authorization Check vulnerability.2020-02-12not yet calculatedCVE-2020-6183
MISC
MISC
sap -- host_agent
 
SAP Host Agent, version 7.21, allows an attacker to cause a slowdown in processing of username/password-based authentication requests of the SAP Host Agent, leading to Denial of Service.2020-02-12not yet calculatedCVE-2020-6186
MISC
MISC
sap -- landscape_management
 
SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious commands with root privileges in SAP Host Agent via SAP Landscape Management.2020-02-12not yet calculatedCVE-2020-6192
MISC
MISC
sap -- landscape_management
 
SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious executables with root privileges in SAP Host Agent via SAP Landscape Management due to Missing Input Validation.2020-02-12not yet calculatedCVE-2020-6191
MISC
MISC
sap -- mobile_platform
 
SAP Mobile Platform, version 3.0, does not sufficiently validate an XML document accepted from an untrusted source which could lead to partial denial of service. Since SAP Mobile Platform does not allow External-Entity resolving, there is no issue of leaking content of files on the server.2020-02-12not yet calculatedCVE-2020-6177
MISC
MISC
sap -- netweaver
 
SAP NetWeaver (Guided Procedures), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently validate an XML document input from a compromised admin, leading to Denial of Service.2020-02-12not yet calculatedCVE-2020-6187
MISC
MISC
sap -- netweaver
 
SAP NetWeaver (Knowledge Management ICE Service), versions 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to execute malicious scripts leading to Reflected Cross-Site Scripting (XSS) vulnerability.2020-02-12not yet calculatedCVE-2020-6193
MISC
MISC
sap -- netweaver_and_abap_platform
 
Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP Platform (SAP_BASIS versions 750, 751, 752, 753, 754), allows an attacker to include invalidated data in the HTTP response header sent to a Web user, leading to HTTP Response Splitting vulnerability.2020-02-12not yet calculatedCVE-2020-6181
MISC
MISC
sap -- netweaver_and_s/4hanaUnder certain conditions, ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), does not sufficiently encode user-controlled inputs, resulting in Reflected Cross-Site Scripting (XSS) vulnerability.2020-02-12not yet calculatedCVE-2020-6184
MISC
MISC
sap -- netweaver_and_s/4hana
 
Under certain conditions ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4HANA (SAP_BASIS versions 7.50, 7.51, 7.52, 7.53, 7.54), allows an authenticated attacker to store a malicious payload which results in Stored Cross Site Scripting vulnerability.2020-02-12not yet calculatedCVE-2020-6185
MISC
MISC
sap -- netweaver_as_java
 
Certain vulnerable endpoints in SAP NetWeaver AS Java (Heap Dump Application), versions 7.30, 7.31, 7.40, 7.50, provide valuable information about the system like hostname, server node and installation path that could be misused by an attacker leading to Information Disclosure.2020-02-12not yet calculatedCVE-2020-6190
MISC
MISC
shaman -- shaman
 
Shaman 1.0.9: Users can add the line askforpwd=false to his shaman.conf file, without entering the root password in shaman. The next time shaman is run, root privileges are granted despite the fact that the user never entered the root password.2020-02-12not yet calculatedCVE-2011-4338
MISC
MISC
siemens -- multiple_devices
 
A vulnerability has been identified in Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller (All versions), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 (All Versions < V4.5), Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200P (All Versions < V4.6), PROFINET Driver for Controller (All Versions < V2.1), RUGGEDCOM RM1224 (All versions < V4.3), SCALANCE M-800 / S615 (All versions < V4.3), SCALANCE W700 IEEE 802.11n (All versions <= V6.0.1), SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All Versions < V5.3), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions), SCALANCE XB-200, XC-200, XP-200, XF-200BA and XR-300WG (All Versions < V3.0), SCALANCE XM-400 switch family (All Versions < V6.0), SCALANCE XR-500 switch family (All Versions < V6.0), SIMATIC CP 1616 and CP 1604 (All Versions < V2.8), SIMATIC CP 343-1 (incl. SIPLUS NET variants) (All versions), SIMATIC CP 343-1 Advanced (incl. SIPLUS NET variants) (All versions), SIMATIC CP 343-1 ERPC (All versions), SIMATIC CP 343-1 LEAN (incl. SIPLUS NET variants) (All versions), SIMATIC CP 443-1 (incl. SIPLUS NET variants) (All versions), SIMATIC CP 443-1 Advanced (incl. SIPLUS NET variants) (All versions), SIMATIC CP 443-1 OPC UA (All versions), SIMATIC ET200AL IM 157-1 PN (All versions), SIMATIC ET200M IM153-4 PN IO HF (incl. SIPLUS variants) (All versions), SIMATIC ET200M IM153-4 PN IO ST (incl. SIPLUS variants) (All versions), SIMATIC ET200MP IM155-5 PN HF (incl. SIPLUS variants) (All Versions < V4.2.0), SIMATIC ET200MP IM155-5 PN ST (incl. SIPLUS variants) (All Versions < V4.1.0), SIMATIC ET200S (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN Basic (incl. SIPLUS variants) (All versions), SIMATIC ET200SP IM155-6 PN HF (incl. SIPLUS variants) (All Versions < V3.3.1), SIMATIC ET200SP IM155-6 PN ST (incl. SIPLUS variants) (All Versions < V4.1.0), SIMATIC ET200ecoPN (except 6ES7148-6JD00-0AB0 and 6ES7146-6FF00-0AB0) (All versions), SIMATIC ET200pro, IM 154-3 PN HF (All versions), SIMATIC ET200pro, IM 154-4 PN HF (All versions), SIMATIC IPC Support, Package for VxWorks (All versions), SIMATIC MV400 family (All versions), SIMATIC PN/PN Coupler 6ES7158-3AD01-0XA0 (incl. SIPLUS NET variant) (All Versions), SIMATIC RF180C (All versions), SIMATIC RF182C (All versions), SIMATIC RF600 family (All versions < V3), SINAMICS DCP (All Versions < V1.3). Profinet-IO (PNIO) stack versions prior V06.00 do not properly limit internal resource allocation when multiple legitimate diagnostic package requests are sent to the DCE-RPC interface. This could lead to a denial of service condition due to lack of memory for devices that include a vulnerable version of the stack. The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device.2020-02-11not yet calculatedCVE-2019-13946
MISC
simple_machines -- simple_machines_forum
 
Simple Machines Forum (SMF) through 2.0.5 has XSS2020-02-12not yet calculatedCVE-2013-4395
MISC
MISC
MISC
simplisafe -- ss3_devices
 
Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.4 allows a local, unauthenticated attacker to modify the Wi-Fi network the base station connects to.2020-02-13not yet calculatedCVE-2019-3998
MISC
skrill -- skrill
 
Commerce Skrill (Formerly Moneybookers) has an Access bypass vulnerability in all versions prior to 7.x-1.22020-02-12not yet calculatedCVE-2013-1924
MISC
MISC
sprite_software -- spritebud_and_backup
 
A Privilege Escalation Vulnerability exists in Sprite Software Spritebud 1.3.24 and 1.3.28 and Backup 2.5.4105 and 2.5.4108 on LG Android smartphones due to a race condition in the spritebud daemon, which could let a local malicious user obtain root privileges.2020-02-12not yet calculatedCVE-2013-3685
MISC
MISC
MISC
MISC
sqlite -- android_sqlite
 
Android SQLite Journal before 4.0.1 has an information disclosure vulnerability.2020-02-12not yet calculatedCVE-2011-3901
BID
FULLDISC
squirrelmail -- squirrelmailSquirrelmail 4.0 uses the outdated MD5 hash algorithm for passwords.2020-02-13not yet calculatedCVE-2012-5623
MLIST
stem_innovation -- izon_ip_camera
 
IZON IP 2.0.2: hard-coded password vulnerability2020-02-12not yet calculatedCVE-2013-6236
MISC
MISC
MISC
stmicroeletronics -- stm32wb5x_series_devices
 
The Bluetooth Low Energy implementation on STMicroelectronics BLE Stack through 1.3.1 for STM32WB5x devices does not properly handle consecutive Attribute Protocol (ATT) requests on reception, allowing attackers in radio range to cause an event deadlock or crash via crafted packets.2020-02-12not yet calculatedCVE-2019-19192
MISC
synergy_systems_&_solutions -- husky_rtu_devices
 
The Synergy Systems & Solutions PLC & RTU system has a vulnerability in HUSKY RTU 6049-E70 firmware versions 5.0 and prior. Specially crafted malicious packets could cause disconnection of active authentic connections or reboot of device. This is a different issue than CVE-2019-16879 and CVE-2019-20046.2020-02-14not yet calculatedCVE-2019-20045
MISC
synergy_systems_&_solutions -- husky_rtu_devices
 
The Synergy Systems & Solutions PLC & RTU system has a vulnerability in HUSKY RTU 6049-E70 firmware versions 5.0 and prior. The affected product does not require adequate authentication, which may allow an attacker to read sensitive information or execute arbitrary code. This is a different issue than CVE-2019-16879 and CVE-2019-20045.2020-02-14not yet calculatedCVE-2019-20046
MISC

telink -- tlsr8x5_and_tlsr823x_and_tlsr826x_devices

The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices accepts a pairing request with a key size greater than 16 bytes, allowing an attacker in radio range to cause a buffer overflow and denial of service (crash) via crafted packets.2020-02-12not yet calculatedCVE-2019-19196
MISC
MISC

telink -- tlsr8x5_and_tlsr823x_and_tlsr826x_devices

 

The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation on Telink Semiconductor BLE SDK versions before November 2019 for TLSR8x5x through 3.4.0, TLSR823x through 1.3.0, and TLSR826x through 3.3 devices installs a zero long term key (LTK) if an out-of-order link-layer encryption request is received during Secure Connections pairing. An attacker in radio range can have arbitrary read/write access to protected GATT service data, cause a device crash, or possibly control a device's function by establishing an encrypted session with the zero LTK.2020-02-12not yet calculatedCVE-2019-19194
MISC
MISC
telligent_systems -- telligent_communityXSS in Telligent Community 5.6.583.20496 via a flash file and related to the allowScriptAccess parameter.2020-02-13not yet calculatedCVE-2012-1903
MISC
tiki_wiki -- cms_groupware
 
A Cross-Site Scripting (XSS) vulnerability exists in Tiki Wiki CMG Groupware 11.0 via the id paraZeroClipboard.swf, which could let a remote malicious user execute arbitrary code.2020-02-12not yet calculatedCVE-2013-6022
MISC
MISC
timetools -- multiple_deivces
 
TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to bypass authentication by placing t3axs=TiMEtOOlsj7G3xMm52wB in a t3.cgi request, aka a "hardcoded cookie."2020-02-13not yet calculatedCVE-2020-8964
MISC
timetools -- multiple_deivces
 
TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the t3.cgi srmodel or srtime parameter.2020-02-13not yet calculatedCVE-2020-8963
MISC
trendnet -- ts-s402_devices
 
TRENDnet TS-S402 has a backdoor to enable TELNET.2020-02-13not yet calculatedCVE-2013-6360
MISC
MISC
tri-plc -- internet_trilogi_server
 
Internet TRiLOGI Server (unknown versions) could allow a local user to bypass security and create a local user account.2020-02-13not yet calculatedCVE-2013-6927
BID
XF
umplayer -- umplayer
 
A Code Execution Vulnerability exists in UMPlayer 0.98 in wintab32.dll due to insufficient path restrictions when loading external libraries. which could let a malicious user execute arbitrary code.2020-02-12not yet calculatedCVE-2013-3494
MISC
varnish_software -- varnish_http_cache
 
Varnish HTTP cache before 3.0.4: ACL bug2020-02-12not yet calculatedCVE-2013-4090
MISC
visual_it -- tube_map_live_underground_for_android
 
Tube Map Live Underground for Android before 3.0.22 has an Information Disclosure Vulnerability2020-02-12not yet calculatedCVE-2013-6681
MISC
MISC
voatz -- voatz_for_android
 
The Voatz application 2020-01-01 for Android allows only 100 million different PINs, which makes it easier for attackers (after using root access to make a copy of the local database) to discover login credentials and voting history via an offline brute-force approach.2020-02-13not yet calculatedCVE-2020-8988
MISC
MISC
voatz -- voatz_for_android
 
In the Voatz application 2020-01-01 for Android, the amount of data transmitted during a single voter's vote depends on the different lengths of the metadata across the available voting choices, which makes it easier for remote attackers to discover this voter's choice by sniffing the network. For example, a small amount of sniffed data may indicate that a vote was cast for the candidate with the least metadata. An active man-in-the-middle attacker can leverage this behavior to disrupt voters' abilities to vote for a candidate opposed by the attacker.2020-02-13not yet calculatedCVE-2020-8989
MISC
MISC
weechat - weechat
 
irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a malformed IRC message 324 (channel mode).2020-02-12not yet calculatedCVE-2020-8955
MISC
MISC
wordpress -- wordpress
 
participants-database.php in the Participants Database plugin 1.9.5.5 and previous versions for WordPress has a time-based SQL injection vulnerability via the ascdesc, list_filter_count, or sortBy parameters. It is possible to exfiltrate data and potentially execute code (if certain conditions are met).2020-02-11not yet calculatedCVE-2020-8596
MISC
MISC
wordpress -- wordpress
 
The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninja_forms[recaptcha_site_key], ninja_forms[recaptcha_secret_key], ninja_forms[recaptcha_lang], or ninja_forms[date_format].2020-02-14not yet calculatedCVE-2020-8594
MISC
CONFIRM
MISC
wordpress -- wordpress
 
Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress allow attackers to execute arbitrary SQL commands via the pollid or poll_id parameter in a viewPollResults or userlogs action.2020-02-13not yet calculatedCVE-2013-1400
BID
XF
BUGTRAQ
wordpress -- wordpress
 
Multiple security bypass vulnerabilities in the editAnswer, deleteAnswer, addAnswer, and deletePoll functions in WordPress Poll Plugin 34.5 for WordPress allow a remote attacker to add, edit, and delete an answer and delete a poll.2020-02-13not yet calculatedCVE-2013-1401
BID
XF
BUGTRAQ
wordpress -- wordpress
 
WordPress WP Cleanfix Plugin 2.4.4 has CSRF2020-02-10not yet calculatedCVE-2013-2108
MISC
MISC
MISC
MISC
wordpress -- wordpress
 
WordPress plugin wp-cleanfix has Remote Code Execution2020-02-10not yet calculatedCVE-2013-2109
MISC
MISC
xerox -- colorcube_and_workcenter
 
Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts.2020-02-13not yet calculatedCVE-2013-6362
MISC
MISC
xilisoft -- video_conerter_ultimate
 
Xilisoft Video Converter Ultimate 7.8.1 build-20140505 has a DLL Hijacking vulnerability2020-02-12not yet calculatedCVE-2014-3860
MISC
zenoss -- zenoss_core
 
Multiple format string vulnerabilities in the python module in RRDtool, as used in Zenoss Core before 4.2.5 and other products, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted third argument to the rrdtool.graph function, aka ZEN-15415, a related issue to CVE-2013-2131.2020-02-12not yet calculatedCVE-2014-6262
MISC
MISC
MISC
zimbra -- zimbra_collaborationZimbra 2013 has XSS in aspell.php2020-02-12not yet calculatedCVE-2013-1938
MISC
MISC
MISC
zpanel_project -- zpanel
 
ZPanel through 10.1.0 has Remote Command Execution2020-02-12not yet calculatedCVE-2013-2097
MISC
MISC
MISC
MISC
MISC

Back to top

Please share your thoughts

We recently updated our anonymous product survey; we’d welcome your feedback.