Vulnerability Summary for the Week of March 9, 2020
Released
Mar 16, 2020
Document ID
SB20-076
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
Vulnerability Severity:
The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
High Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| apache -- shardingsphere | In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the ShardingSphere's web console uses the SnakeYAML library for parsing YAML inputs to load datasource configuration. SnakeYAML allows to unmarshal data to a Java type By using the YAML tag. Unmarshalling untrusted data can lead to security flaws of RCE. | 2020-03-11 | 7.5 | CVE-2020-1947 CONFIRM |
| bookstack -- bookstack | BookStack before version 0.25.5 has a vulnerability where a user could upload PHP files through image upload functions, which would allow them to execute code on the host system remotely. They would then have the permissions of the PHP process. This most impacts scenarios where non-trusted users are given permission to upload images in any area of the application. The issue was addressed in a series of patches in versions 0.25.3, 0.25.4 and 0.25.5. Users should upgrade to at least v0.25.5 to avoid this vulnerability. | 2020-03-09 | 9 | CVE-2020-5256 MISC MISC MISC CONFIRM |
| bwa_technology -- direx-pro_devices | BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3. | 2020-03-09 | 10 | CVE-2020-10250 MISC |
| d-link -- dcs-930l_devices | setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code via an OS command in the SystemCommand parameter. | 2020-03-09 | 9 | CVE-2016-11021 MISC |
| d-link -- dir-825_devices | An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dns_query_name parameter in a dns_query.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected. | 2020-03-07 | 9 | CVE-2020-10215 MISC MISC |
| d-link -- dir-825_devices | An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the date parameter in a system_time.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected. | 2020-03-07 | 9 | CVE-2020-10216 MISC MISC |
| d-link -- dir-825_devices | An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wps_sta_enrollee_pin parameter in a set_sta_enrollee_pin.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected. | 2020-03-07 | 9 | CVE-2020-10213 MISC MISC |
| d-link -- dir-825_devices | An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntp_sync.cgi with a sufficiently long parameter ntp_server. | 2020-03-07 | 9 | CVE-2020-10214 MISC |
| dell -- digital_delivery | Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerability. A locally authenticated low-privileged malicious user could exploit this vulnerability to run an arbitrary executable with administrative privileges on the affected system. | 2020-03-09 | 7.2 | CVE-2020-5342 MISC |
| dell -- emc_isilon_onefs | Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. When this happens, loss of control of the cluster can occur. | 2020-03-06 | 10 | CVE-2020-5328 MISC |
| dell -- security_management_server | Dell Security Management Server versions prior to 10.2.10 contain a Java RMI Deserialization of Untrusted Data vulnerability. When the server is exposed to the internet and Windows Firewall is disabled, a remote unauthenticated attacker may exploit this vulnerability by sending a crafted RMI request to execute arbitrary code on the target host./ | 2020-03-06 | 9.3 | CVE-2020-5327 MISC |
| fat-free_framework -- fat-free_framework | In Fat-Free Framework 3.7.1, attackers can achieve arbitrary code execution if developers choose to pass user controlled input (e.g., $_REQUEST, $_GET, or $_POST) to the framework's Clear method. | 2020-03-11 | 7.5 | CVE-2020-5203 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 10.2 through 11.11. Multiple features contained Server-Side Request Forgery (SSRF) vulnerabilities caused by an insufficient validation to prevent DNS rebinding attacks. | 2020-03-10 | 7.5 | CVE-2019-12443 MISC CONFIRM |
| gitlab-- gitlab | GitLab 10.7 and later through 12.7.2 has Incorrect Access Control. | 2020-03-06 | 7.5 | CVE-2020-8113 CONFIRM MISC MISC |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 6.8 through 11.11. Users could bypass the mandatory external authentication provider sign-in restrictions by sending a specially crafted request. It has Improper Authorization. | 2020-03-10 | 7.5 | CVE-2019-12428 MISC CONFIRM |
| google -- android | In get_auth_result of fpc_ta_hw_auth.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-137648045References: N/A | 2020-03-10 | 7.2 | CVE-2020-0011 MISC |
| google -- android | In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible read of uninitialized data due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143155861 | 2020-03-10 | 7.8 | CVE-2020-0039 MISC |
| google -- android | In rw_i93_sm_set_read_only of rw_i93.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure over NFC with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143106535 | 2020-03-10 | 7.8 | CVE-2020-0037 MISC |
| google -- android | In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1Android ID: A-62458770 | 2020-03-10 | 7.8 | CVE-2020-0034 MISC |
| google -- android | In rw_i93_sm_update_ndef of rw_i93.cc, there is a possible read of uninitialized data due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143109193 | 2020-03-10 | 7.8 | CVE-2020-0038 MISC |
| google -- android | In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to stale pointer. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-144351324 | 2020-03-10 | 7.2 | CVE-2020-0033 MISC |
| google -- android | In fpc_ta_get_build_info of fpc_ta_kpi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-137014293References: N/A | 2020-03-10 | 7.2 | CVE-2020-0010 MISC |
| google -- android | In fpc_ta_pn_get_unencrypted_image of fpc_ta_pn.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-137648844 | 2020-03-10 | 7.2 | CVE-2020-0012 MISC |
| google -- android | In hasPermissions of PermissionMonitor.java, there is a possible access to restricted permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-144679405 | 2020-03-10 | 7.2 | CVE-2020-0036 MISC |
| google -- android | In ih264d_release_display_bufs of ih264d_utils.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-145364230 | 2020-03-10 | 9.3 | CVE-2020-0032 MISC |
| google -- android | In binder_transaction of binder.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145988638References: Upstream kernel | 2020-03-10 | 7.2 | CVE-2020-0041 MISC |
| google -- android | In the ioctl handlers of the Mediatek Command Queue driver, there is a possible out of bounds write due to insufficient input sanitization and missing SELinux restrictions. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-147882143References: M-ALPS04356754 | 2020-03-10 | 7.2 | CVE-2020-0069 MISC |
| hp -- storage_essentials | In HPE Storage Essentials 9.5.0.142, there is Unauthenticated Java Deserialization with remote code execution via OS commands in a request to invoker/JMXInvokerServlet, aka PSRT110461. | 2020-03-10 | 10 | CVE-2017-10992 MISC |
| jenkins -- jenkins | Jenkins CryptoMove Plugin 0.1.33 and earlier allows attackers with Job/Configure access to execute arbitrary OS commands on the Jenkins master as the OS user account running Jenkins. | 2020-03-09 | 9 | CVE-2020-2159 MLIST CONFIRM |
| jenkis -- jenkins | An arbitrary file write vulnerability in Jenkins Cobertura Plugin 1.15 and earlier allows attackers able to control the coverage report file contents to overwrite any file on the Jenkins master file system. | 2020-03-09 | 8.5 | CVE-2020-2139 MLIST CONFIRM |
| lexmark -- markvision_exterprise | Lexmark Markvision Enterprise (MVE) before 2.4.1 allows remote attackers to execute arbitrary commands by uploading files. ( | 2020-03-09 | 7.5 | CVE-2016-6918 MISC |
| magento -- advanced_newsletter | SQL Injection exists in Advanced Newsletter Magento extension before 2.3.5 via the /store/advancednewsletter/index/subscribeajax/an_category_id/ PATH_INFO. | 2020-03-09 | 10 | CVE-2014-1634 MISC |
| palo_alto_networks -- pan-os | A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation. This issue allows a local attacker who bypassed the restricted shell to execute commands as a low privileged user and gain root access on the PAN-OS hardware or virtual appliance. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. | 2020-03-11 | 7.2 | CVE-2020-1981 CONFIRM |
| palo_alto_networks -- pan-os | A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13, and all later versions. | 2020-03-11 | 7.2 | CVE-2020-1980 CONFIRM |
| phpgurukul -- job_portal | An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution. | 2020-03-08 | 7.5 | CVE-2020-10225 MISC MISC |
| phpgurukul -- online_book_store | An unauthenticated file upload vulnerability has been identified in admin_add.php in PHPGurukul Online Book Store 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution. | 2020-03-08 | 7.5 | CVE-2020-10224 MISC MISC |
| quest -- kace_k1000_systems_management_appliance | service/krashrpt.php in Quest KACE K1000 Systems Management Appliance before 6.4 SP3 (6.4.120822) allows a remote attacker to execute code via shell metacharacters in the kuid parameter. | 2020-03-09 | 7.5 | CVE-2019-20504 MISC |
| rconfig -- rconfig | lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter. | 2020-03-08 | 9 | CVE-2020-10221 MISC MISC MISC |
| rconfig -- rconfig | An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter. | 2020-03-07 | 7.5 | CVE-2020-10220 MISC MISC |
| responsive_filemanager -- responsive_filemanager | upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. For example, an SSRF attempt may succeed if a .ico filename is added to the PATH_INFO. Also, an attacker could create a DNS hostname that resolves to the 0.0.0.0 IP address for DNS pinning. NOTE: this issue exists because of an incomplete fix for CVE-2018-14728. | 2020-03-07 | 7.5 | CVE-2020-10212 MISC |
| ricoh -- multiple_devices | A vulnerability with the SmartService API Service option exists whereby an unauthorized user could potentially exploit this to upload malicious code to the server that could be executed at system level privileges. This affects Johnson Controls' Kantech EntraPass Corporate Edition versions 8.0 and prior; Kantech EntraPass Global Edition versions 8.0 and prior. | 2020-03-10 | 10 | CVE-2019-7589 CONFIRM CERT |
| sap -- solution_manager | SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from unauthenticated sources. This allows an attacker to control all remote functions on the Agent due to Missing Authentication Check. | 2020-03-10 | 7.5 | CVE-2020-6198 MISC MISC |
| sap -- solution_manager | SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager. | 2020-03-10 | 7.5 | CVE-2020-6207 MISC MISC |
| siemens -- multiple_simatic_devices | A vulnerability has been identified in SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions >= V2.5 and < V20.8), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions >= V2.5 and < V2.8), SIMATIC S7-1500 Software Controller (All versions >= V2.5 and < V20.8). Affected devices contain a vulnerability that allows an unauthenticated attacker to trigger a Denial-of-Service condition. The vulnerability can be triggered if specially crafted UDP packets are sent to the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the device availability. | 2020-03-10 | 7.8 | CVE-2019-19281 MISC |
siemens -- simatic_s7-300_cpu_family_and_sinumerik_840d_sl | A vulnerability has been identified in SIMATIC S7-300 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V3.X.17), SINUMERIK 840D sl (All versions). Specially crafted packets sent to port 102/tcp (Profinet) could cause the affected device to go into defect mode. A restart is required in order to recover the system. Successful exploitation requires an attacker to have network access to port 102/tcp, with no authentication. No user interation is required. At the time of advisory publication no public exploitation of this security vulnerability was known. | 2020-03-10 | 7.8 | CVE-2019-18336 MISC |
| siemens -- siprotec_4_and_sprotec_devices | A vulnerability has been identified in SIPROTEC 4 and SIPROTEC Compact relays equipped with EN100 Ethernet communication modules (All versions). Specially crafted packets sent to port 50000/UDP of the EN100 Ethernet communication modules could cause a Denial-of-Service of the affected device. A manual reboot is required to recover the service of the device. At the time of advisory publication no public exploitation of this security vulnerability was known to Siemens. | 2020-03-10 | 7.8 | CVE-2019-19279 MISC |
| sleuth_kit -- sleuth_kit | In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a stack buffer overflow vulnerability in the YAFFS file timestamp parsing logic in yaffsfs_istat() in fs/yaffs.c. | 2020-03-09 | 7.5 | CVE-2020-10232 MISC MLIST |
| substack -- minimist | minimist before 1.2.2 could be tricked into adding or modifying properties of Object.prototype using a "constructor" or "__proto__" payload. | 2020-03-11 | 7.5 | CVE-2020-7598 MISC |
| sumavision -- enhanced_multimedia_router | goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of arbitrary users with elevated privileges (administrator) on a device, as demonstrated by a setString=new_user<*1*>administrator<*1*>123456 request. | 2020-03-11 | 7.5 | CVE-2020-10181 MISC MISC |
| tibco_software -- spotfire_analytics_platform_for_aws_marketplace | The Spotfire library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace and TIBCO Spotfire Server contains a vulnerability that theoretically allows an attacker with write permissions to the Spotfire Library, but not "Script Author" group permission, to modify attributes of files and objects saved to the library such that the system treats them as trusted. This could allow an attacker to cause the Spotfire Web Player, Analyst clients, and TERR Service into executing arbitrary code with the privileges of the system account that started those processes. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace: versions 10.8.0 and below and TIBCO Spotfire Server: versions 7.11.9 and below, versions 7.12.0, 7.13.0, 7.14.0, 10.0.0, 10.0.1, 10.1.0, 10.2.0, 10.3.0, 10.3.1, 10.3.2, 10.3.3, 10.3.4, 10.3.5, and 10.3.6, versions 10.4.0, 10.5.0, 10.6.0, 10.6.1, 10.7.0, and 10.8.0. | 2020-03-11 | 9 | CVE-2020-9408 CONFIRM CONFIRM |
| twisted_matrix -- twisted_web | In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value was set to zero, the request body was interpreted as a pipelined request. | 2020-03-12 | 7.5 | CVE-2020-10108 MISC MISC |
| twisted_matrix -- twisted_web | In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remainder of the request body was interpreted as a pipelined request. | 2020-03-12 | 7.5 | CVE-2020-10109 MISC MISC |
| urllib3 -- urllib3 | The _encode_invalid_chars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service (CPU consumption) because of an inefficient algorithm. The percent_encodings array contains all matches of percent encodings. It is not deduplicated. For a URL of length N, the size of percent_encodings may be up to O(N). The next step (normalize existing percent-encoded bytes) also takes up to O(N) for each step, so the total time is O(N^2). If percent_encodings were deduplicated, the time to compute _encode_invalid_chars would be O(kN), where k is at most 484 ((10+6*2)^2). | 2020-03-06 | 7.8 | CVE-2020-7212 MISC MISC MISC |
| wago -- pfc200_devices | An exploitable remote code execution vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). A specially crafted XML file will direct the Cloud Connectivity service to download and execute a shell script with root privileges. | 2020-03-11 | 9 | CVE-2019-5161 MISC |
| wago -- pfc200_devices | An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14). At 0x1e3f0 the extracted dns value from the xml file is used as an argument to /etc/config-tools/edit_dns_server %s dns-server-nr=%d dns-server-name=<contents of dns node> using sprintf(). This command is later executed via a call to system(). This is done in a loop and there is no limit to how many dns entries will be parsed from the xml file. | 2020-03-11 | 9.3 | CVE-2019-5167 MISC |
| wftpserver -- wing_ftp_server | Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on files modified within the HTTP file management interface, resulting in files being saved with world-readable and world-writable permissions. If a sensitive system file were edited this way, a low-privilege user may escalate privileges to root. | 2020-03-07 | 7.2 | CVE-2020-8634 MISC |
| wftpserver -- wing_ftp_server | Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on installation directories and configuration files. This allows local users to arbitrarily create FTP users with full privileges, and escalate privileges within the operating system by modifying system files. | 2020-03-07 | 7.2 | CVE-2020-8635 MISC |
| wordpress -- wordpress | The ThemeREX Addons plugin before 2020-03-09 for WordPress lacks access control on the /trx_addons/v2/get/sc_layout REST API endpoint, allowing for PHP functions to be executed by any users, because includes/plugin.rest-api.php calls trx_addons_rest_get_sc_layout with an unsafe sc parameter. | 2020-03-10 | 7.5 | CVE-2020-10257 MISC |
| zoho -- manageengine_desktop_central | An XML external entity (XXE) vulnerability in Zoho ManageEngine Desktop Central before the 07-Mar-2020 update allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. | 2020-03-11 | 7.5 | CVE-2020-8540 CONFIRM |
| zoho -- manageengine_desktop_central | Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution because of deserialization of untrusted data in getChartImage in the FileStorage class. This is related to the CewolfServlet and MDMLogUploaderServlet servlets. | 2020-03-06 | 10 | CVE-2020-10189 MISC MISC MISC CONFIRM MISC |
Medium Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| ansible -- ansible | A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belong to the destination folder. An attacker could take advantage of this flaw by crafting an archive anywhere in the file system, using a path traversal. This issue is fixed in 2.10. | 2020-03-09 | 4.6 | CVE-2020-1737 CONFIRM MISC FEDORA FEDORA |
| ansible -- ansible | A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with become user, the temporary directory is created in /var/tmp. This directory is created with "umask 77 && mkdir -p <dir>"; this operation does not fail if the directory already exists and is owned by another user. An attacker could take advantage to gain control of the become user as the target directory can be retrieved by iterating '/proc/<pid>/cmdline'. | 2020-03-11 | 4.4 | CVE-2020-1733 CONFIRM MISC |
| avast -- antitrack | Avast AntiTrack before 1.5.1.172 and AVG Antitrack before 2.0.0.178 proxies traffic to HTTPS sites but does not validate certificates, and thus a man-in-the-middle can host a malicious website using a self-signed certificate. No special action necessary by the victim using AntiTrack with "Allow filtering of HTTPS traffic for tracking detection" enabled. (This is the default configuration.) | 2020-03-09 | 5.8 | CVE-2020-8987 CONFIRM MISC |
| barracuda -- load_balancer_adc | Authenticated, administrative access to a Barracuda Load Balancer ADC running unpatched firmware <= v6.4 allows one to edit the LDAP service configuration of the balancer and change the LDAP server to an attacker-controlled system, without having to re-enter LDAP credentials. These steps can be used by any authenticated administrative user to expose the LDAP credentials configured in the LDAP connector over the network. | 2020-03-12 | 5.5 | CVE-2019-5648 MISC |
| bwa_technology -- direx-pro_devices | BWA DiREX-Pro 1.2181 devices allow full path disclosure via an invalid name array parameter to val_soft.php3. | 2020-03-09 | 5 | CVE-2020-10249 MISC |
| bwa_technology -- direx-pro_devices | BWA DiREX-Pro 1.2181 devices allow remote attackers to discover passwords via a direct request to val_users.php3. | 2020-03-09 | 5 | CVE-2020-10248 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a ticket via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10489 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to post a comment on any article via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10483 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/add-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new article template via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10482 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/add-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new glossary term via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10481 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/add-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new category via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10480 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10502 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10498 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10500 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/manage-articles.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10485 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10503 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10504 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/add-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to create a custom field via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10484 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/add-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a new news article via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10479 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10499 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10495 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10487 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10490 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10497 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10496 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10494 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10493 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10492 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10491 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a comment via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10486 MISC |
chadha -- phpkb_standard_multi-language | CSRF in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a news article via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10488 MISC |
| chadha -- phpkb_standard_multi-language | The way the Referer header in article.php is handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/report-referrers.php (vulnerable file admin/include/functions-articles.php). | 2020-03-12 | 4.3 | CVE-2020-10388 MISC |
| chadha -- phpkb_standard_multi-language | admin/include/operations.php (via admin/email-harvester.php) in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject untrusted input inside CSV files via the POST parameter data. | 2020-03-12 | 4 | CVE-2020-10460 MISC |
| chadha -- phpkb_standard_multi-language | Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file. | 2020-03-12 | 4 | CVE-2020-10387 MISC |
| chadha -- phpkb_standard_multi-language | Path Traversal in admin/imagepaster/image-renaming.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to rename any file on the webserver using a dot-dot-slash sequence (../) via the POST parameter imgName (for the new name) and imgUrl (for the current file to be renamed). | 2020-03-12 | 4 | CVE-2020-10457 MISC |
| chadha -- phpkb_standard_multi-language | Path Traversal in admin/assetmanager/assetmanager.php (vulnerable function saved in admin/assetmanager/functions.php) in Chadha PHPKB Standard Multi-Language 9 allows attackers to list the files that are stored on the webserver using a dot-dot-slash sequence (../) via the POST parameter inpCurrFolder. | 2020-03-12 | 4 | CVE-2020-10459 MISC |
| chadha -- phpkb_standard_multi-language | CSRF in admin/manage-settings.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to change the global settings, potentially gaining code execution or causing a denial of service, via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10478 MISC |
| chadha -- phpkb_standard_multi-language | The way comments in article.php (vulnerable function in include/functions-article.php) are handled in Chadha PHPKB Standard Multi-Language 9 allows attackers to execute Stored (Blind) XSS (injecting arbitrary web script or HTML) in admin/manage-comments.php, via the GET parameter cmt. | 2020-03-12 | 4.3 | CVE-2020-10461 MISC |
| chadha -- phpkb_standard_multi-language | Path Traversal in admin/imagepaster/operations.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete any folder on the webserver using a dot-dot-slash sequence (../) via the GET parameter crdir, when the GET parameter action is set to df, causing a Denial of Service. | 2020-03-12 | 5.5 | CVE-2020-10458 MISC |
| chadha -- phpkb_standard_multi-language | OS Command Injection in export.php (vulnerable function called from include/functions-article.php) in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by saving the code to be executed as the wkhtmltopdf path via admin/save-settings.php. | 2020-03-12 | 6.5 | CVE-2020-10390 MISC |
chadha -- phpkb_standard_multi-languagee | CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request. | 2020-03-12 | 4.3 | CVE-2020-10501 MISC |
| citrix -- gateway | Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. | 2020-03-06 | 5.8 | CVE-2020-10112 MISC MISC MISC |
| citrix -- gateway | Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent Interpretation of HTTP Requests. | 2020-03-06 | 5 | CVE-2020-10111 MISC MISC MISC |
| citrix -- gateway | Citrix Gateway 11.1, 12.0, and 12.1 allows Information Exposure Through Caching. | 2020-03-06 | 5 | CVE-2020-10110 MISC MISC MISC |
| citrix -- sd-wan_center_and_netscaler_sd-wan_center | Citrix SD-WAN Center 10.2.x before 10.2.1 and NetScaler SD-WAN Center 10.0.x before 10.0.7 allow XSS. | 2020-03-10 | 4.3 | CVE-2019-11345 CONFIRM |
| ckeditor -- ckeditor | A cross-site scripting (XSS) vulnerability in the WSC plugin through 5.5.7.5 for CKEditor 4 allows remote attackers to run arbitrary web script inside an IFRAME element by injecting a crafted HTML element into the editor. | 2020-03-10 | 4.3 | CVE-2020-9440 MISC |
| ckeditor -- ckeditor | A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted "protected" comment (with the cke_protected syntax). | 2020-03-07 | 4.3 | CVE-2020-9281 MISC |
| dojo -- dojo | In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. This has been patched in versions 1.12.8, 1.13.7, 1.14.6, 1.15.3 and 1.16.2 | 2020-03-10 | 5 | CVE-2020-5258 MISC CONFIRM MLIST |
| dojo -- dojo | In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. This has been patched in versions 1.11.10, 1.12.8, 1.13.7, 1.14.6, 1.15.3 and 1.16.2 | 2020-03-10 | 5 | CVE-2020-5259 MISC CONFIRM MLIST |
| eclipse -- theia | In Eclipse Theia versions 0.3.9 through 0.15.0, one of the default pre-packaged Theia extensions is "Mini-Browser", published as "@theia/mini-browser" on npmjs.com. This extension, for its own needs, exposes a HTTP endpoint that allows to read the content of files on the host's filesystem, given their path, without restrictions on the requester's origin. This design is vulnerable to being exploited remotely through a DNS rebinding attack or a drive-by download of a carefully crafted exploit. | 2020-03-10 | 5.8 | CVE-2019-17636 CONFIRM |
| eset -- archive_support_module | ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux Desktop. | 2020-03-06 | 5 | CVE-2020-10193 MISC |
| facebook -- thrift | Java Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2019.12.09.00. | 2020-03-10 | 5 | CVE-2019-11938 MISC MISC CONFIRM |
| facebook -- thrift | C++ Facebook Thrift servers would not error upon receiving messages declaring containers of sizes larger than the payload. As a result, malicious clients could send short messages which would result in a large memory allocation, potentially leading to denial of service. This issue affects Facebook Thrift prior to v2020.02.03.00. | 2020-03-10 | 5 | CVE-2019-3553 MISC MISC CONFIRM |
| froxlor -- froxlor | An issue was discovered in Froxlor before 0.10.14. Remote attackers with access to the installation routine could have executed arbitrary code via the database configuration options that were passed unescaped to exec, because of _backupExistingDatabase in install/lib/class.FroxlorInstall.php. | 2020-03-09 | 6.5 | CVE-2020-10235 MISC MISC MISC MISC |
| gitlab -- enterprise_edition | An issue was discovered in GitLab Enterprise Edition 8.3 through 12.0.2. The color codes decoder was vulnerable to a resource depletion attack if specific formats were used. It has Incorrect Access Control. | 2020-03-10 | 4.3 | CVE-2019-13010 MISC CONFIRM |
| gitlab -- enterprise_edition | An issue was discovered in GitLab Enterprise Edition 11.7 through 11.11. The epic details page contained a lack of input validation and output encoding issue which resulted in a persistent XSS vulnerability on child epics. | 2020-03-10 | 4.3 | CVE-2019-12442 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_edition | An issue was discovered in GitLab Community and Enterprise Edition 8.9 through 11.11. Wiki Pages contained a lack of input validation which resulted in a persistent XSS vulnerability. | 2020-03-10 | 4.3 | CVE-2019-12444 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 8.3 through 11.11. It allows Information Exposure through an Error Message. | 2020-03-10 | 5 | CVE-2019-12446 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 8.4 through 11.11. The protected branches feature contained a access control issue which resulted in a bypass of the protected branches restriction rules. It has Incorrect Access Control. | 2020-03-10 | 5 | CVE-2019-12441 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 9.0 and through 12.0.2. Users with access to issues, but not the repository were able to view the number of related merge requests on an issue. It has Incorrect Access Control. | 2020-03-10 | 4 | CVE-2019-13006 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 11.10 through 12.0.2. When specific encoded characters were added to comments, the comments section would become inaccessible. It has Incorrect Access Control (issue 1 of 2). | 2020-03-10 | 5 | CVE-2019-13004 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 11.11 through 12.0.2. When an admin enabled one of the service templates, it was triggering an action that leads to resource depletion. It allows Uncontrolled Resource Consumption. | 2020-03-10 | 4 | CVE-2019-13007 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 11.9 through 11.11. Unprivileged users were able to access labels, status and merge request counts of confidential issues via the milestone details page. It has Improper Access Control. | 2020-03-10 | 4 | CVE-2019-12429 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition before 12.0.3. One of the parsers used by Gilab CI was vulnerable to a resource exhaustion attack. It allows Uncontrolled Resource Consumption. | 2020-03-10 | 5 | CVE-2019-13003 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 9.2 through 12.0.2. Uploaded files associated with unsaved personal snippets were accessible to unauthorized users due to improper permission settings. It allows Uncontrolled Resource Consumption. | 2020-03-10 | 4 | CVE-2019-13009 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 8.13 through 11.11. Non-member users who subscribed to issue notifications could access the title of confidential issues through the unsubscription page. It allows Information Disclosure. | 2020-03-10 | 4 | CVE-2019-12432 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 11.7 through 11.11. It has Improper Input Validation. Restricted visibility settings allow creating internal projects in private groups, leading to multiple permission issues. | 2020-03-10 | 5 | CVE-2019-12433 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 8.13 through 11.11. Restricted users could access the metadata of private milestones through the Search API. It has Improper Access Control. | 2020-03-10 | 4 | CVE-2019-12431 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 11.11. A specially crafted payload would allow an authenticated malicious user to execute commands remotely through the repository download feature. It allows Command Injection. | 2020-03-10 | 6.5 | CVE-2019-12430 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 11.9 and later through 12.0.2. GitLab Snippets were vulnerable to an authorization issue that allowed unauthorized users to add comments to a private snippet. It allows authentication bypass. | 2020-03-10 | 4 | CVE-2019-13001 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 11.10 through 12.0.2. Unauthorized users were able to read pipeline information of the last merge request. It has Incorrect Access Control. | 2020-03-10 | 4 | CVE-2019-13002 MISC CONFIRM |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 10.6 through 11.11. Users could guess the URL slug of private projects through the contrast of the destination URLs of issues linked in comments. It allows Information Disclosure. | 2020-03-10 | 4 | CVE-2019-12434 MISC CONFIRM |
| gitlab -- gitlab_enterprise_and_community_editions | An issue was discovered in GitLab Enterprise Edition and Community Edition 1.10 through 12.0.2. The GitLab graphql service was vulnerable to multiple authorization issues that disclosed restricted user, group, and repository metadata to unauthorized users. It has Incorrect Access Control. | 2020-03-10 | 4 | CVE-2019-13005 MISC CONFIRM |
| gitlab -- gitlab_enterprise_edition | An issue was discovered in GitLab Enterprise Edition 10.6 through 12.0.2. The GitHub project integration was vulnerable to an SSRF vulnerability which allowed an attacker to make requests to local network resources. It has Incorrect Access Control. | 2020-03-10 | 5 | CVE-2019-13121 MISC CONFIRM |
| gitlab -- gitlab_enterprise_edition | An issue was discovered in GitLab Enterprise Edition 8.11.0 through 12.0.2. By using brute-force a user with access to a project, but not it's repository could create a list of merge requests template names. It has excessive algorithmic complexity. | 2020-03-10 | 4 | CVE-2019-13011 MISC CONFIRM |
| google -- android | In setRequirePmfInternal of sta_network.cpp, there is a possible default value being improperly applied due to a logic error. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142797954 | 2020-03-10 | 5 | CVE-2020-0083 MISC |
| google -- android | In convertHidlNanDataPathInitiatorRequestToLegacy, and convertHidlNanDataPathIndicationResponseToLegacy of hidl_struct_util.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143789898 | 2020-03-10 | 4.6 | CVE-2020-0053 MISC |
| google -- android | In query of TelephonyProvider.java, there is a possible access to SIM card info due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-140622024 | 2020-03-10 | 4.9 | CVE-2020-0035 MISC |
| google -- android | In Pixel Recorder, there is a possible permissions bypass allowing arbitrary apps to record audio. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145504977 | 2020-03-10 | 4.9 | CVE-2020-0061 MISC |
| google -- android | In Euicc, there is a possible information disclosure due to an included test Certificate. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-143232031 | 2020-03-10 | 5 | CVE-2020-0062 MISC |
| google -- android | In triggerAugmentedAutofillLocked and related functions of Session.java, it is possible for Augmented Autofill to display sensitive information to the user inappropriately. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141703197 | 2020-03-10 | 4.7 | CVE-2020-0031 MISC |
| google -- android | In StatsService::command of StatsService.cpp, there is possible memory corruption due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141243101 | 2020-03-10 | 6.9 | CVE-2020-0045 MISC |
| google -- android | In nfa_hciu_send_msg of nfa_hci_utils.cc, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-124521372 | 2020-03-10 | 4.6 | CVE-2020-0050 MISC |
| google -- android | In onCreate of SettingsHomepageActivity, there is a possible tapjacking attack. This could lead to local escalation of privilege in Settings with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-138442483 | 2020-03-10 | 4.4 | CVE-2020-0051 MISC |
| google -- android | In WifiNetworkSuggestionsManager of WifiNetworkSuggestionsManager.java, there is a possible permission revocation due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146642727 | 2020-03-10 | 4.6 | CVE-2020-0054 MISC |
| google -- android | In setBluetoothTethering of PanService.java, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege to activate tethering with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-134487438 | 2020-03-10 | 4.6 | CVE-2020-0085 MISC |
| google -- android | In onReadBuffer() of StreamingSource.cpp, there is a possible information disclosure due to uninitialized data. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140177694 | 2020-03-10 | 4.3 | CVE-2020-0049 MISC |
| google -- android | In the netlink driver, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-65025077 | 2020-03-10 | 6.9 | CVE-2020-0066 MISC |
| google -- android | In several functions of NotificationManagerService.java, there are missing permission checks. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143339775 | 2020-03-10 | 4.6 | CVE-2020-0084 MISC |
| google -- android | In SurfaceFlinger, it is possible to override UI confirmation screen protected by the TEE. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-143128911 | 2020-03-10 | 4.4 | CVE-2020-0063 MISC |
| google -- android | In DrmPlugin::releaseSecureStops of DrmPlugin.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-137284652 | 2020-03-10 | 4.6 | CVE-2020-0046 MISC |
| halvotec -- raquest | An issue was discovered in Halvotec RAQuest 10.23.10801.0. The login page is vulnerable to wildcard injection, allowing an attacker to enumerate the list of users sharing an identical password. | 2020-03-09 | 5 | CVE-2019-19614 MISC MISC |
| ibm -- spectrum_scale | The IBM Spectrum Scale 4.2 and 5.0 file system component is affected by a denial of service security vulnerability. An attacker can force the Spectrum Scale mmfsd/mmsdrserv daemons to unexpectedly exit, impacting the functionality of the Spectrum Scale cluster and the availability of file systems managed by Spectrum Scale. IBM X-Force ID: 175067. | 2020-03-09 | 5 | CVE-2020-4217 XF CONFIRM |
| imagemagick -- imagemagick | In ImageMagick 7.0.9, an out-of-bounds read vulnerability exists within the ReadHEICImageByID function in coders\heic.c. It can be triggered via an image with a width or height value that exceeds the actual size of the image. | 2020-03-10 | 4.3 | CVE-2020-10251 MISC |
| jenkins -- jenkins | Jenkins Logstash Plugin 2.3.1 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure. | 2020-03-09 | 5 | CVE-2020-2143 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Sonar Quality Gates Plugin 1.3.1 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure. | 2020-03-09 | 5 | CVE-2020-2150 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Audit Trail Plugin 3.2 and earlier does not escape the error message for the URL Patterns field form validation, resulting in a reflected cross-site scripting vulnerability. | 2020-03-09 | 4.3 | CVE-2020-2140 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins OpenShift Deployer Plugin 1.2.0 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure. | 2020-03-09 | 5 | CVE-2020-2155 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Mac Plugin 1.1.0 and earlier does not validate SSH host keys when connecting agents created by the plugin, enabling man-in-the-middle attacks. | 2020-03-09 | 5.8 | CVE-2020-2146 MLIST CONFIRM |
| jenkins -- jenkins | Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted method calls on objects that implement GroovyInterceptable. | 2020-03-09 | 6.5 | CVE-2020-2135 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Skytap Cloud CI Plugin 2.07 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. | 2020-03-09 | 4 | CVE-2020-2157 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Rundeck Plugin 3.6.6 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 2020-03-09 | 5.5 | CVE-2020-2144 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Cobertura Plugin 1.15 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | 2020-03-09 | 5.5 | CVE-2020-2138 MLIST CONFIRM |
| jenkins -- jenkins | A missing permission check in Jenkins Mac Plugin 1.1.0 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified SSH server using attacker-specified credentials. | 2020-03-09 | 4 | CVE-2020-2148 MLIST CONFIRM |
| jenkins -- jenkins | A cross-site request forgery vulnerability in Jenkins P4 Plugin 1.10.10 and earlier allows attackers to trigger builds or add a labels in Perforce. | 2020-03-09 | 4.3 | CVE-2020-2141 MLIST CONFIRM |
| jenkins -- jenkins | A cross-site request forgery vulnerability in Jenkins Mac Plugin 1.1.0 and earlier allows attackers to connect to an attacker-specified SSH server using attacker-specified credentials. | 2020-03-09 | 4.3 | CVE-2020-2147 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Subversion Release Manager Plugin 1.2 and earlier does not escape the error message for the Repository URL field form validation, resulting in a reflected cross-site scripting vulnerability. | 2020-03-09 | 4.3 | CVE-2020-2152 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Literate Plugin 1.0 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. | 2020-03-09 | 6.5 | CVE-2020-2158 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins DeployHub Plugin 8.0.14 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. | 2020-03-09 | 4 | CVE-2020-2156 MLIST CONFIRM |
| jenkins -- jenkins | Sandbox protection in Jenkins Script Security Plugin 1.70 and earlier could be circumvented through crafted constructor calls and crafted constructor bodies. | 2020-03-09 | 6.5 | CVE-2020-2134 MLIST CONFIRM |
| jenkins -- jenkins | A missing permission check in Jenkins P4 Plugin 1.10.10 and earlier allows attackers with Overall/Read permission to trigger builds. | 2020-03-09 | 4 | CVE-2020-2142 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Backlog Plugin 2.4 and earlier transmits configured credentials in plain text as part of job configuration forms, potentially resulting in their exposure. | 2020-03-09 | 4 | CVE-2020-2153 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Quality Gates Plugin 2.5 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure. | 2020-03-09 | 5 | CVE-2020-2151 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Repository Connector Plugin 1.2.6 and earlier transmits configured credentials in plain text as part of its global Jenkins configuration form, potentially resulting in their exposure. | 2020-03-09 | 5 | CVE-2020-2149 MLIST CONFIRM |
| joomla! -- joomla! | JEvents Joomla Component before 3.4.0 RC6 has SQL Injection via evid in a Manage Events action. | 2020-03-09 | 6.5 | CVE-2015-7340 MISC |
| joomla! -- joomla! | SQL Injection exists in AcyMailing Joomla Component before 4.9.5 via exportgeolocorder in a geolocation_longitude request to index.php. | 2020-03-09 | 6.5 | CVE-2015-7338 MISC |
| joomla! -- joomla! | JNews Joomla Component before 8.5.0 allows arbitrary File Upload via Subscribers or Templates, as demonstrated by the .php5 extension. | 2020-03-09 | 6.5 | CVE-2015-7341 MISC |
| joomla! -- joomla! | JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /com_jce/editor/libraries/classes/browser.php script. | 2020-03-09 | 6.5 | CVE-2015-7339 MISC |
| joomla! -- joomla! | JNews Joomla Component before 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, or Newsletters Search Field. | 2020-03-09 | 6.5 | CVE-2015-7342 MISC |
| lexmark -- markvision_enterprises | Lexmark Markvision Enterprise before 2.3.0 misuses the Apache Commons Collections Library, leading to remote code execution because of Java deserialization. | 2020-03-09 | 6.8 | CVE-2016-1487 MISC |
| lexmark -- multiple_devices | Lexmark X, W, T, E, C, 6500e, and 25xxN devices before 2011-11-15 allow attackers to obtain sensitive information via a hidden email address in a Scan To Email shortcut. | 2020-03-09 | 5 | CVE-2011-3269 MISC |
| lexmark -- multiple_devices | Lexmark X, W, T, E, and C devices before 2012-02-09 allow attackers to obtain sensitive information by reading passwords within exported settings. | 2020-03-09 | 5 | CVE-2011-4538 MISC |
| livezilla -- live_chat | An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 (Helpdesk). A blind JavaScript injection lies in the name parameter. Triggering this can fetch the username and passwords of the helpdesk employees in the URI. This leads to a privilege escalation, from unauthenticated to user-level access, leading to full account takeover. The attack fetches multiple credentials because they are stored in the database (stored XSS). This affects the mobile/chat URI via the lgn and psswrd parameters. | 2020-03-09 | 4.3 | CVE-2020-9758 MISC |
| mahara -- mahara | In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before 19.10.2, certain personal information is discoverable inspecting network responses on the 'Edit access' screen when sharing portfolios. | 2020-03-09 | 4 | CVE-2020-9282 MISC CONFIRM |
| mahara -- mahara | In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before 19.10.2, file metadata information is disclosed to group members in the Elasticsearch result list despite them not having access to that artefact anymore. | 2020-03-09 | 4 | CVE-2020-9386 MISC CONFIRM |
| metasys -- multiple_products | XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1. | 2020-03-10 | 6.4 | CVE-2020-9044 CONFIRM CERT |
| micro_focus -- service_manager_release_control | There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Service Manager Release Control versions 9.50 and 9.60. The vulnerability may result in the ability of malicious users to perform UI redress attacks. | 2020-03-09 | 4.9 | CVE-2020-9517 CONFIRM |
| microsoft -- application_inspector | A remote code execution vulnerability exists in Application Inspector version v1.0.23 or earlier when the tool reflects example code snippets from third-party source files into its HTML output, aka 'Remote Code Execution Vulnerability in Application Inspector'. | 2020-03-12 | 6.8 | CVE-2020-0872 MISC |
| microsoft -- windows_10_and_windows_server | An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka 'Win32k Information Disclosure Vulnerability'. | 2020-03-12 | 5 | CVE-2020-0876 MISC |
| misp -- misp | MISP 2.4.122 has Persistent XSS in the sighting popover tool. This is related to app/View/Elements/Events/View/sighting_field.ctp. | 2020-03-09 | 4.3 | CVE-2020-10247 MISC |
| misp -- misp | MISP 2.4.122 has reflected XSS via unsanitized URL parameters. This is related to app/View/Users/statistics_orgs.ctp. | 2020-03-09 | 4.3 | CVE-2020-10246 MISC |
| monstra -- monstra_cms | Monstra CMS through 3.0.4 allows remote authenticated users to take over arbitrary user accounts via a modified login parameter to an edit URI, as demonstrated by login=victim to the users/21/edit URI. | 2020-03-07 | 4 | CVE-2020-8439 MISC MISC |
| moxa -- multiple_mgate_devices | An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Sensitive information is sent to the web server in cleartext, which may allow an attacker to discover the credentials if they are able to observe traffic between the web browser and the server. | 2020-03-11 | 5 | CVE-2019-9101 CONFIRM MISC |
| moxa -- multiple_mgate_devices | An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An attacker may be able to intercept weakly encrypted passwords and gain administrative access. | 2020-03-11 | 5 | CVE-2019-9095 CONFIRM MISC |
| moxa -- multiple_mgate_devices | An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A predictable mechanism of generating tokens allows remote attackers to bypass the cross-site request forgery (CSRF) protection mechanism. | 2020-03-11 | 6.8 | CVE-2019-9102 CONFIRM MISC |
| moxa -- multiple_mgate_devices | An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An attacker can access sensitive information (e.g., conduct username disclosure attacks) on the built-in WEB-service without authorization. | 2020-03-11 | 5 | CVE-2019-9103 CONFIRM MISC |
| moxa -- multiple_mgate_devices | An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. The application's configuration file contains parameters that represent passwords in cleartext. | 2020-03-11 | 5 | CVE-2019-9104 CONFIRM MISC |
| munkireport -- munkireport | An issue was discovered in Munkireport before 5.3.0.3923. An unauthenticated actor can send a custom XSS payload through the /report/broken_client endpoint. The payload will be executed by any authenticated users browsing the application. This concerns app/views/listings/default.php. | 2020-03-09 | 4.3 | CVE-2020-10192 MISC MISC |
| munkireport -- munkireport | An issue was discovered in MunkiReport before 5.3.0. An authenticated user could achieve SQL Injection in app/models/tablequery.php by crafting a special payload on the /datatables/data endpoint. | 2020-03-09 | 6.5 | CVE-2020-10190 MISC MISC |
| nethack -- nethack | NetHack before version 3.6.0 allowed malicious use of escaping of characters in the configuration file (usually .nethackrc) which could be exploited. This bug is patched in NetHack 3.6.0. | 2020-03-10 | 4.6 | CVE-2020-5253 MISC CONFIRM |
| nethack -- nethack | In NetHack before 3.6.6, some out-of-bound values for the hilite_status option can be exploited. NetHack 3.6.6 resolves this issue. | 2020-03-10 | 4.6 | CVE-2020-5254 CONFIRM |
| networkmanager -- networkmanager | NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection. | 2020-03-10 | 4.9 | CVE-2012-1096 MISC MISC MISC MISC MISC MISC |
| nitro_software -- nitro_pro | npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to JBIG2Decode CNxJBIG2DecodeStream Heap Corruption at npdf!CAPPDAnnotHandlerUtils::create_popup_for_markup+0x12fbe via a crafted PDF document. | 2020-03-08 | 5.8 | CVE-2020-10223 MISC MISC |
| nitro_software -- nitro_pro | npdf.dll in Nitro Pro before 13.13.2.242 is vulnerable to Heap Corruption at npdf!nitro::get_property+2381 via a crafted PDF document. | 2020-03-08 | 5.8 | CVE-2020-10222 MISC MISC |
| nvidia -- windows_gpu_display_driver | NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can plant a malicious DLL file, which may lead to code execution, denial of service, or information disclosure. | 2020-03-11 | 4.4 | CVE-2020-5958 N/A |
| openshift -- enterprise | It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up to, including 4.3, multiple containers modify the permissions of /etc/passwd to make them modifiable by users other than root. An attacker with access to the running container can exploit this to modify /etc/passwd to add a user and escalate their privileges. This CVE is specific to the openshift/apb-tools-container. | 2020-03-09 | 4.4 | CVE-2020-1706 CONFIRM |
| otrs -- open_ticket_request_system | An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.8. A customer user can use the search results to disclose information from their "company" tickets (with the same CustomerID), even when the CustomerDisableCompanyTicketAccess setting is turned on. | 2020-03-10 | 4 | CVE-2019-13457 CONFIRM MISC |
| palo_alto_networks -- pan-os | A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a local authenticated user to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. This issue is fixed in PAN-OS 8.1.13 and all later PAN-OS 8.1 versions. | 2020-03-11 | 4.6 | CVE-2020-1979 CONFIRM |
| paseto_toolkit -- jpaseto | JPaseto before 0.3.0 generates weak hashes when using v2.local tokens. | 2020-03-09 | 5 | CVE-2020-10244 CONFIRM |
| phpbb -- phpbb | Missing form token validation in phpBB 3.2.7 allows CSRF in deleting post attachments. | 2020-03-11 | 4.3 | CVE-2019-16107 MISC CONFIRM |
| python -- python | The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request. | 2020-03-11 | 5 | CVE-2013-1753 CONFIRM |
| qemu -- qemu | hw/display/bochs-display.c in QEMU 4.0.0 does not ensure a sufficient PCI config space allocation, leading to a buffer overflow involving the PCIe extended config space. | 2020-03-10 | 4.6 | CVE-2019-15034 MISC |
| red_hat -- jboss_as | JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed. | 2020-03-10 | 5 | CVE-2012-1094 MISC MISC |
| sap -- business_objects_business_intelligence_platform | SAP Business Objects Business Intelligence Platform (Crystal Reports), versions- 4.1, 4.2, allows an attacker with basic authorization to inject code that can be executed by the application and thus allowing the attacker to control the behaviour of the application, leading to Remote Code Execution. Although the mode of attack is only Local, multiple applications can be impacted as a result of the vulnerability. | 2020-03-10 | 4.6 | CVE-2020-6208 MISC MISC MISC |
| sap -- businessobjects_mobile | SAP BusinessObjects Mobile (MobileBIService), version 4.2, allows an attacker to generate multiple requests, using which he can block all the threads resulting in a Denial of Service. | 2020-03-10 | 5 | CVE-2020-6196 MISC MISC |
| sap -- cloud_platform_integration_for_data_services | SAP Cloud Platform Integration for Data Services, version 1.0, allows user inputs to be reflected as error or warning massages. This could mislead the victim to follow malicious instructions inserted by external attackers, leading to Cross Site Request Forgery. | 2020-03-10 | 4.3 | CVE-2020-6206 MISC MISC |
| sap -- commerce | The SAP Commerce (Testweb Extension), versions- 6.6, 6.7, 1808, 1811, 1905, does not sufficiently encode user-controlled inputs, due to which certain GET URL parameters are reflected in the HTTP responses without escaping/sanitization, leading to Reflected Cross Site Scripting. | 2020-03-10 | 4.3 | CVE-2020-6201 MISC MISC |
| sap -- disclosure_management | SAP Disclosure Management, version 10.1, does not perform necessary authorization checks for an authenticated user, allowing access to administration accounts by a user with no roles, leading to Missing Authorization Check. | 2020-03-10 | 6.5 | CVE-2020-6209 MISC MISC |
| sap -- enable_now | SAP Enable Now, before version 1911, sends the Session ID cookie value in URL. This might be stolen from the browser history or log files, leading to Information Disclosure. | 2020-03-10 | 5.5 | CVE-2020-6178 MISC MISC |
| sap -- fiori_launchpad | SAP Fiori Launchpad, versions- 753, 754, does not sufficiently encode user-controlled inputs, and hence allowing the attacker to inject the meta tag into the launchpad html using the vulnerable parameter, leading to reflected Cross-Site Scripting (XSS) vulnerability. | 2020-03-10 | 4.3 | CVE-2020-6210 MISC MISC |
| sap -- multiple_products | The view FIMENAV_COMPCERT in SAP ERP (MENA Certificate Management), EAPPGLO version 607, SAP_FIN versions- 618, 730 and SAP S/4HANA (MENA Certificate Management), S4CORE versions- 100, 101, 102, 103, 104; does not have any authorization check to it due to which an attacker without an authorization group can maintain any company certificate, leading to Missing Authorization Check. | 2020-03-10 | 5.5 | CVE-2020-6199 MISC MISC |
| sap -- netweaver_application | nwbc_ext2int in SAP NetWeaver Application Server before Security Note 2183189 allows XXE attacks for local file inclusion via the sap/bc/ui2/nwbc/nwbc_ext2int/ URI. | 2020-03-09 | 4 | CVE-2015-7968 MISC |
| sap -- netweaver_application_server_java | SAP NetWeaver Application Server Java (User Management Engine), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; does not sufficiently validate the LDAP data source configuration XML document accepted from an untrusted source, leading to Missing XML Validation. | 2020-03-10 | 6.5 | CVE-2020-6202 MISC MISC |
| sap -- netweaver_as_abap_business_server_pages | SAP NetWeaver AS ABAP Business Server Pages (Smart Forms), SAP_BASIS versions- 7.00, 7.01, 7.02, 7.10, 7.11, 7.30, 7.31, 7.40, 7.50, 7.51, 7.52, 7.53, 7.54; does not sufficiently encode user controlled inputs, allowing an unauthenticated attacker to non-permanently deface or modify displayed content and/or steal authentication information of the user and/or impersonate the user and access all information with the same rights as the target user, leading to Reflected Cross Site Scripting Vulnerability. | 2020-03-10 | 4.3 | CVE-2020-6205 MISC MISC |
| sap -- netweaver_uddi_server | SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs, leading to Path Traversal. | 2020-03-10 | 6.4 | CVE-2020-6203 MISC MISC |
| sap -- treasury_and_risk_management | The selection query in SAP Treasury and Risk Management (Transaction Management) (EA-FINSERV?versions 600, 603, 604, 605, 606, 616, 617, 618, 800 and S4CORE versions 101, 102, 103, 104) returns more records than it should be when selecting and displaying the contract number, leading to Missing Authorization Check. | 2020-03-10 | 4 | CVE-2020-6204 MISC MISC |
| siemens -- sinvr_3_central_control_server_and_video_server | A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The DOWNLOADS section in the web interface of the SiNVR 3 Central Control Server (CCS) contains a path traversal vulnerability that could allow an authenticated remote attacker to access and download arbitrary files from the server where CCS is installed. | 2020-03-10 | 4 | CVE-2019-19290 MISC |
| siemens -- sinvr_3_central_control_server_and_video_server | A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The SiNVR 3 Central Control Server (CCS) does not enforce logging of security-relevant activities in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker could exploit this vulnerability to perform covert actions that are not visible in the application log. | 2020-03-10 | 4 | CVE-2019-19295 MISC |
| siemens -- sinvr_3_central_control_server_and_video_server | A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The two FTP services (default ports 21/tcp and 5411/tcp) of the SiNVR 3 Video Server contain a path traversal vulnerability that could allow an authenticated remote attacker to access and download arbitrary files from the server, if the FTP services are enabled. | 2020-03-10 | 4.9 | CVE-2019-19296 MISC |
| siemens -- sinvr_3_central_control_server_and_video_server | A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The streaming service (default port 5410/tcp) of the SiNVR 3 Video Server applies weak cryptography when exposing device (camera) passwords. This could allow an unauthenticated remote attacker to read and decrypt the passwords and conduct further attacks. | 2020-03-10 | 5 | CVE-2019-19299 MISC |
| siemens -- sinvr_3_central_control_server_and_video_server | A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The SiNVR 3 Central Control Server (CCS) contains an SQL injection vulnerability in its XML-based communication protocol as provided by default on ports 5444/tcp and 5440/tcp. An authenticated remote attacker could exploit this vulnerability to read or modify the CCS database and potentially execute administrative database operations or operating system commands. | 2020-03-10 | 6.5 | CVE-2019-19292 MISC |
| siemens -- sinvr_3_central_control_server_and_video_server | A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The streaming service (default port 5410/tcp) of the SiNVR 3 Video Server contains a input validation vulnerability, that could allow an unauthenticated remote attacker to cause a Denial-of-Service condition by sending malformed HTTP requeats. | 2020-03-10 | 5 | CVE-2019-19298 MISC |
| siemens -- sinvr_3_central_control_server_and_video_server | A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The web interface of the SiNVR 3 Central Control Server (CCS) contains a reflected Cross-site Scripting (XSS) vulnerability that could allow an unauthenticated remote attacker to steal sensitive data or execute administrative actions on behalf of a legitimate administrator of the CCS web interface. | 2020-03-10 | 4.3 | CVE-2019-19293 MISC |
| siemens -- sinvr_3_central_control_server_and_video_server | A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The streaming service (default port 5410/tcp) of the SiNVR 3 Video Server contains a path traversal vulnerability, that could allow an unauthenticated remote attacker to access and download arbitrary files from the server. | 2020-03-10 | 5 | CVE-2019-19297 MISC |
| siemens -- siport_mp | A vulnerability has been identified in SIPORT MP (All versions < 3.1.4). Vulnerable versions of the device allow the creation of special accounts ("service users") with administrative privileges that could enable a remote authenticated attacker to perform actions that are not visible to other users of the system, such as granting persons access to a secured area. | 2020-03-10 | 5.5 | CVE-2019-19277 MISC |
| siemens -- spectrum_power_5 | A vulnerability has been identified in Spectrum Power™ 5 (All versions < v5.50 HF02). The web server could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. If deployed according to recommended system configuration, Siemens consideres the environmental vector as CR:L/IR:M/AR:H/MAV:A (4.1). | 2020-03-10 | 4.3 | CVE-2020-7579 MISC |
| sleuthkit -- sleuthkit | In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap-based buffer over-read in ntfs_dinode_lookup in fs/ntfs.c. | 2020-03-09 | 6.4 | CVE-2020-10233 MISC |
| twisted -- twisted | Twisted before 16.3.1 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect CGI applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect a CGI application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, aka an "httpoxy" issue. | 2020-03-11 | 5 | CVE-2016-1000111 CONFIRM CONFIRM CONFIRM MISC |
| usrsctp -- usrsctp | usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init. | 2020-03-06 | 4.3 | CVE-2019-20503 SUSE MISC MISC MLIST GENTOO GENTOO DEBIAN |
| utilitify -- utilitify | utilitify prior to 1.0.3 allows modification of object properties. The merge method could be tricked into adding or modifying properties of the Object.prototype. | 2020-03-11 | 6.5 | CVE-2019-10808 MISC MISC |
| vega-util -- vega-util | vega-util prior to 1.13.1 allows manipulation of object prototype. The 'vega.mergeConfig' method within vega-util could be tricked into adding or modifying properties of the Object.prototype. | 2020-03-09 | 4 | CVE-2019-10806 MISC MISC |
| wago -- pfc200_devices | An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14). An attacker can send a specially crafted XML cache file At 0x1e8a8 the extracted domainname value from the xml file is used as an argument to /etc/config-tools/edit_dns_server domain-name=<contents of domainname node> using sprintf().This command is later executed via a call to system(). | 2020-03-11 | 6.8 | CVE-2019-5168 MISC |
| wago -- e!cockpit | A cleartext transmission vulnerability exists in the network communication functionality of WAGO e!Cockpit version 1.5.1.1. An attacker with access to network traffic can easily intercept, interpret, and manipulate data coming from, or destined for e!Cockpit. This includes passwords, configurations, and binaries being transferred to endpoints. | 2020-03-11 | 5 | CVE-2019-5107 MISC |
| wago -- pfc100_and_pfc2000_devices | The WBM web application on firmwares prior to 03.02.02 and 03.01.07 on the WAGO PFC100 and PFC2000, respectively, runs on a lighttpd web server and makes use of the FastCGI module, which is intended to provide high performance for all Internet applications without the penalties of Web server APIs. However, the default configuration of this module appears to limit the number of concurrent php-cgi processes to two, which can be abused to cause a denial of service of the entire web server. This affects WAGO PFC200 Firmware version 03.00.39(12) and version 03.01.07(13), and WAGO PFC100 Firmware version 03.00.39(12) and version 03.02.02(14). | 2020-03-11 | 5 | CVE-2019-5149 MISC |
| wago -- pfc200_devices | An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). A specially crafted HTTPS POST request can cause the software to connect to an unauthorized host, resulting in unauthorized access to firmware update functionality. An attacker can send an authenticated HTTPS POST request to direct the Cloud Connectivity software to connect to an attacker controlled Azure IoT Hub node. | 2020-03-11 | 6.5 | CVE-2019-5160 MISC |
| western_digital -- multiple_sandisk_devices | Western Digital SanDisk SanDisk X300, X300s, X400, and X600 devices: The firmware update authentication method relies on a symmetric HMAC digest. The key used to validate this digest is present in a protected area of the device, and if extracted could be used to install arbitrary firmware to other devices. | 2020-03-10 | 6.3 | CVE-2019-10706 MISC MISC MISC |
| western_digital -- sandisk_x600_devices | Western Digital SanDisk X600 devices in certain configurations, a vulnerability in the access control mechanism of the drive may allow data to be decrypted without knowledge of proper authentication credentials. | 2020-03-10 | 4.3 | CVE-2019-10705 MISC MISC MISC |
wftpserver -- wing_ftp_server | An issue was discovered in Wing FTP Server 6.2.5 before February 2020. Due to insecure permissions when handling session cookies, a local user may view the contents of the session and session_admin directories, which expose active session cookies within the Wing FTP HTTP interface and administration panel. These cookies may be used to hijack user and administrative sessions, including the ability to execute Lua commands as root within the administration panel. | 2020-03-07 | 6.9 | CVE-2020-9470 MISC |
| wordpress -- wordpress | An issue was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress. There is SQL injection via the rm_analytics_show_form rm_form_id parameter. | 2020-03-12 | 5.5 | CVE-2020-8435 MISC MISC MISC |
| wordpress -- wordpress | XSS was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress via the rm_form_id, rm_tr, or form_name parameter. | 2020-03-12 | 4.3 | CVE-2020-8436 MISC MISC MISC |
| xiaomi -- mi_user_interface_operating_system | An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. In the Web resources of GetApps(com.xiaomi.mipicks), the parameters passed in are read and executed. After reading the resource files, relevant components open the link of the incoming URL. Although the URL is safe and can pass security detection, the data carried in the parameters are loaded and executed. An attacker can use NFC tools to get close enough to a user's unlocked phone to cause apps to be installed and information to be leaked. This is fixed on version: 2001122. | 2020-03-06 | 4.3 | CVE-2020-9531 MISC MISC MISC |
| xiaomi -- mi_user_interface_operating_system | An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. The export component of GetApps(com.xiaomi.mipicks) mishandles the functionality of opening other components. Attackers need to induce users to open specific web pages in a specific network environment. By jumping to the WebView component of Messaging(com.android.MMS) and loading malicious web pages, information leakage can occur. This is fixed on version: 2001122; 11.0.1.54. | 2020-03-06 | 4.3 | CVE-2020-9530 MISC MISC |
| zoho -- password_manager_pro | In ZOHO Password Manager Pro (PMP) 8.3.0 (Build 8303) and 8.4.0 (Build 8400,8401,8402), underprivileged users can obtain sensitive information (entry password history) via a vulnerable hidden service. | 2020-03-09 | 4 | CVE-2016-1159 MISC MISC CONFIRM MISC |
Low Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-glossary.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10405 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p. | 2020-03-12 | 3.5 | CVE-2020-10468 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-user.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10410 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-template.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10409 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-subscriber.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10408 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-news.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10407 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p. | 2020-03-12 | 3.5 | CVE-2020-10466 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/sitemap-generator.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10454 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-discussed.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10439 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p. | 2020-03-12 | 3.5 | CVE-2020-10465 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/import-csv.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10412 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-subscribers.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10430 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/optimize-database.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10437 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-printed.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10443 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/my-profile.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10436 MISC |
chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-field.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10393 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-group.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10395 MISC |
chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-glossary.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10394 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/email-harvester.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10411 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. | 2020-03-12 | 3.5 | CVE-2020-10476 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/import-html.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10413 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-category.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10402 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/index-attachments.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10414 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/manage-fields.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. | 2020-03-12 | 3.5 | CVE-2020-10470 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-drafts.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10422 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. | 2020-03-12 | 3.5 | CVE-2020-10472 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. | 2020-03-12 | 3.5 | CVE-2020-10473 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. | 2020-03-12 | 3.5 | CVE-2020-10474 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-language.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10396 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. | 2020-03-12 | 3.5 | CVE-2020-10477 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-traffic.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10450 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-comment.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10403 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-articles.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10417 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/index.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10415 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/kb-backup.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10416 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-categories.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10419 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/trash-box.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10456 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/edit-comment.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p. | 2020-03-12 | 3.5 | CVE-2020-10467 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-field.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10404 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-attachments.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10418 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-glossary.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10425 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-rated.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10444 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-user.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10451 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p. | 2020-03-12 | 3.5 | CVE-2020-10464 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-search.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10449 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-failed-login.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10447 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-category.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10446 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-referrers.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10448 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-departments.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10421 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-user.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10399 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/search-users.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10453 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-news.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10397 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/save-article.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10452 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-article.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10391 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/article-collaboration.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10400 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-article.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10401 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. | 2020-03-12 | 3.5 | CVE-2020-10469 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-feedbacks.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10423 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-template.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10398 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-fields.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10424 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p. | 2020-03-12 | 3.5 | CVE-2020-10463 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-mailed.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10440 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/manage-articles.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. | 2020-03-12 | 3.5 | CVE-2020-10471 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-monthly.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10441 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/edit-group.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10406 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-groups.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10426 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-languages.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10427 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-settings.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10429 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-comments.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10420 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-templates.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10431 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-news.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10428 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-tickets.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10432 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-users.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10433 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/my-languages.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10435 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article-popular.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10442 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/report-article.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10445 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/reply-ticket.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10438 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/translate.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10455 MISC |
| chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/manage-versions.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10434 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/edit-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter p. | 2020-03-12 | 3.5 | CVE-2020-10462 MISC |
chadha -- phpkb_standard_multi-language | The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS (injecting arbitrary web script or HTML) in admin/add-category.php by adding a question mark (?) followed by the payload. | 2020-03-12 | 3.5 | CVE-2020-10392 MISC |
| froxlor -- froxlor | An issue was discovered in Froxlor through 0.10.15. The installer wrote configuration parameters including passwords into files in /tmp, setting proper permissions only after writing the sensitive data. A local attacker could have disclosed the information if he read the file at the right time, because of _createUserdataConf in install/lib/class.FroxlorInstall.php. | 2020-03-09 | 2.1 | CVE-2020-10237 MISC |
| froxlor -- froxlor | An issue was discovered in Froxlor before 0.10.14. It created files with static names in /tmp during installation if the installation directory was not writable. This allowed local attackers to cause DoS or disclose information out of the config files, because of _createUserdataConf in install/lib/class.FroxlorInstall.php. | 2020-03-09 | 3.6 | CVE-2020-10236 MISC MISC MISC |
| gitlab -- gitlab_community_and_enterprise_editions | An issue was discovered in GitLab Community and Enterprise Edition 8.4 through 11.11. A malicious user could execute JavaScript code on notes by importing a specially crafted project file. It allows XSS. | 2020-03-10 | 3.5 | CVE-2019-12445 MISC CONFIRM |
| google -- android | In btm_process_inq_results of btm_inq.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141620271 | 2020-03-10 | 2.1 | CVE-2020-0057 MISC |
| google -- android | In getProcessPss of ActivityManagerService.java, there is a possible side channel information disclosure. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-127989044 | 2020-03-10 | 1.9 | CVE-2020-0087 MISC |
| google -- android | In the WifiConfigManager, there is a possible storage of location history which can only be deleted by triggering a factory reset. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-140065828 | 2020-03-10 | 2.1 | CVE-2020-0029 MISC |
| google -- android | In smsSelected of AnswerFragment.java, there is a way to send an SMS from the lock screen due to a permissions bypass. This could lead to local escalation of privilege on the lock screen with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-137102479 | 2020-03-10 | 1.9 | CVE-2020-0052 MISC |
| google -- android | In l2c_rcv_acl_data of l2c_main.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141745011 | 2020-03-10 | 2.1 | CVE-2020-0058 MISC |
| google -- android | In btm_ble_batchscan_filter_track_adv_vse_cback of btm_ble_batchscan.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-142543524 | 2020-03-10 | 2.1 | CVE-2020-0059 MISC |
| google -- android | In setMasterMute of AudioService.java, there is a missing permission check. This could lead to local silencing of audio with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141622311 | 2020-03-10 | 2.1 | CVE-2020-0047 MISC |
| google -- android | In btu_hcif_connection_comp_evt of btu_hcif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141619686 | 2020-03-10 | 2.1 | CVE-2020-0056 MISC |
| google -- android | In onTransact of IAudioFlinger.cpp, there is a possible stack information leak due to uninitialized data. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-139417189 | 2020-03-10 | 2.1 | CVE-2020-0048 MISC |
| google -- android | In set_nonce of fpc_ta_qc_auth.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-137650219 | 2020-03-10 | 2.1 | CVE-2020-0044 MISC |
| google -- android | In authorize_enrol of fpc_ta_hw_auth.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-137650218 | 2020-03-10 | 2.1 | CVE-2020-0043 MISC |
| google -- android | In fpc_ta_hw_auth_unwrap_key of fpc_ta_hw_auth_qsee.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-137649599 | 2020-03-10 | 2.1 | CVE-2020-0042 MISC |
| google -- android | In l2c_link_process_num_completed_pkts of l2c_link.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-141617601 | 2020-03-10 | 2.1 | CVE-2020-0055 MISC |
| google -- android | In query of SmsProvider.java and MmsSmsProvider.java, there is a possible permission bypass due to SQL injection. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143229845 | 2020-03-10 | 2.1 | CVE-2020-0060 MISC |
| hcl -- connections | HCL Connections v5.5, v6.0, and v6.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | 2020-03-09 | 3.5 | CVE-2020-4084 CONFIRM |
| ibm -- infosphere_information_server | IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174342. | 2020-03-10 | 3.5 | CVE-2020-4162 XF CONFIRM |
| ibm -- tivoli_workload_scheduler | IBM Tivoli Workload Scheduler 9.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 168508. | 2020-03-10 | 3.5 | CVE-2019-4608 XF CONFIRM |
| jenkins -- jenkins | Jenkins Git Plugin 4.2.0 and earlier does not escape the error message for the repository URL for Microsoft TFS field form validation, resulting in a stored cross-site scripting vulnerability. | 2020-03-09 | 3.5 | CVE-2020-2136 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Timestamper Plugin 1.11.1 and earlier does not sanitize HTML formatting of its output, resulting in a stored XSS vulnerability exploitable by attackers with Overall/Administer permission. | 2020-03-09 | 3.5 | CVE-2020-2137 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Zephyr for JIRA Test Management Plugin 1.5 and earlier stores its credentials in plain text in a global configuration file on the Jenkins master file system. | 2020-03-09 | 2.1 | CVE-2020-2154 MLIST CONFIRM |
| jenkins -- jenkins | Jenkins Zephyr Enterprise Test Management Plugin 1.9.1 and earlier stores its Zephyr password in plain text on the Jenkins master file system. | 2020-03-09 | 2.1 | CVE-2020-2145 MLIST CONFIRM |
| joomla! -- joomla! | JNews Joomla Component before 8.5.0 has XSS via the mailingsearch parameter. | 2020-03-09 | 3.5 | CVE-2015-7343 MISC |
| joomla! -- joomla! | HikaShop Joomla Component before 2.6.0 has XSS via an injected payload[/caption]. | 2020-03-09 | 3.5 | CVE-2015-7344 MISC |
| lexmark -- multiple_devices | Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=EN_US. | 2020-03-06 | 3.5 | CVE-2019-19772 CONFIRM |
| lexmark -- multiple_devices | Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=EN_US. | 2020-03-06 | 3.5 | CVE-2019-19773 CONFIRM |
| munkireport -- munkireport | An issue was discovered in MunkiReport before 5.3.0. An authenticated actor can send a custom XSS payload through the /module/comment/save endpoint. The payload will be executed by any authenticated users browsing the application. This concerns app/controllers/client.php:detail. | 2020-03-09 | 3.5 | CVE-2020-10191 MISC MISC |
| ramp -- altitudecdn_altimeter | Ramp AltitudeCDN Altimeter before 2.4.0 allows authenticated Stored XSS via the vdms/ipmapping.jsp location field to the dms/rest/services/datastore/createOrEditValueForKey URI. | 2020-03-10 | 3.5 | CVE-2020-10372 MISC |
| sap -- commerce | The SAP Commerce (SmartEdit Extension), versions- 6.6, 6.7, 1808, 1811, is vulnerable to client-side angularjs template injection, a variant of Cross-Site-Scripting (XSS) that exploits the templating facilities of the angular framework. | 2020-03-10 | 3.5 | CVE-2020-6200 MISC MISC |
| sap -- enable_now | SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. The Insufficient Session Expiration may allow attackers with local access, for instance, to still download the portables. | 2020-03-10 | 2.1 | CVE-2020-6197 MISC MISC |
| siemens -- sinvr_3_central_control_server_and_video_server | A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The FTP service of the SiNVR 3 Central Control Server (CCS) maintains a log file that stores login credentials in cleartext. In configurations where the FTP service is enabled, authenticated remote attackers could extract login credentials of other users of the service. | 2020-03-10 | 3.5 | CVE-2019-19291 MISC |
| siemens -- sinvr_3_central_control_server_and_video_serverN/A | A vulnerability has been identified in SiNVR 3 Central Control Server (CCS) (all versions), SiNVR 3 Video Server (all versions). The web interface of the SiNVR 3 Central Control Server (CCS) contains multiple stored Cross-site Scripting (XSS) vulnerabilities in several input fields. This could allow an authenticated remote attacker to inject malicious JavaScript code into the CCS web application that is later executed in the browser context of any other user who views the relevant CCS web content. | 2020-03-10 | 3.5 | CVE-2019-19294 MISC |
| wago -- pfc200_devies | An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). The destination buffer sp+0x440 is overflowed with the call to sprintf() for any domainname values that are greater than 1024-len(‘/etc/config-tools/edit_dns_server domain-name=‘) in length. A domainname value of length 0x3fa will cause the service to crash. | 2020-03-12 | 2.1 | CVE-2019-5177 MISC |
| western_digital -- sandisk _devices | Western Digital SanDisk X300, X300s, X400, and X600 devices: A vulnerability in the wear-leveling algorithm of the drive may cause cryptographically sensitive parameters (such as data encryption keys) to remain on the drive media after their intended erasure. | 2020-03-10 | 2.1 | CVE-2019-11686 MISC MISC MISC |
Severity Not Yet Assigned
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| abacus -- oauth_login | oauth/oauth2/v1/saml/ in Abacus OAuth Login 2019_01_r4_20191021_0000 before prior to R4 (20.11.2019 Hotfix) allows Reflected Cross Site Scripting (XSS) via an error message. | 2020-03-11 | not yet calculated | CVE-2019-19381 MISC MISC |
| administrate_gem_for_ruby_on_rails -- administrate_gem_for_ruby_on_rails | In Administrate (rubygem) before version 0.13.0, when sorting by attributes on a dashboard, the direction parameter was not validated before being interpolated into the SQL query. This could present a SQL injection if the attacker were able to modify the `direction` parameter and bypass ActiveRecord SQL protections. Whilst this does have a high-impact, to exploit this you need access to the Administrate dashboards, which we would expect to be behind authentication. This is patched in wersion 0.13.0. | 2020-03-13 | not yet calculated | CVE-2020-5257 MISC CONFIRM |
| ansible -- ansible | A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to other users within the same node. An attacker could take advantage by reading the cmdline file from that particular PID on the procfs. | 2020-03-12 | not yet calculated | CVE-2020-1739 CONFIRM MISC FEDORA FEDORA |
| anttix_linux_and_mx_linux -- anttix_linux_and_mx_linux | antiX and MX Linux allow local users to achieve root access via "persist-config --command /bin/sh" because of the Sudo configuration. | 2020-03-14 | not yet calculated | CVE-2020-10587 MISC MISC |
| apache -- commons_configuration | Apache Commons Configuration uses a third-party library to parse YAML files which by default allows the instantiation of classes if the YAML includes special statements. Apache Commons Configuration versions 2.2, 2.3, 2.4, 2.5, 2.6 did not change the default settings of this library. So if a YAML file was loaded from an untrusted source, it could therefore load and execute code out of the control of the host application. | 2020-03-13 | not yet calculated | CVE-2020-1953 MISC MLIST |
| beckhoff -- bk9000_devices | A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP Bus Coupler BK9000. After an attack has occurred, the device's functionality can be restored by rebooting. | 2020-03-12 | not yet calculated | CVE-2020-9464 MISC |
| bitcoin -- bitcoind_and_bitcoin-qt | bitcoind and Bitcoin-Qt prior to 0.10.2 allow attackers to cause a denial of service (disabled functionality such as a client application crash) via an "Easy" attack. | 2020-03-12 | not yet calculated | CVE-2015-3641 MISC |
| bitcoin -- bitcoind_and_bitcoin-qt | bitcoind and Bitcoin-Qt prior to 0.15.1 have a stack-based buffer overflow if an attacker-controlled SOCKS proxy server is used. This results from an integer signedness error when the proxy server responds with an acknowledgement of an unexpected target domain name. | 2020-03-12 | not yet calculated | CVE-2017-18350 MISC MISC |
| bitcoin -- bitcoind_and_bitcoin-qt | bitcoind and Bitcoin-Qt prior to 0.17.1 allow injection of arbitrary data into the debug log via an RPC call. | 2020-03-12 | not yet calculated | CVE-2018-20586 MISC |
| blamer -- blamer | Blamer versions prior to 1.0.1 allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of the arguments provided to blamer. | 2020-03-11 | not yet calculated | CVE-2019-10807 MISC MISC |
| brother -- multiple_printers | Some Brother printers (such as the HL-L8360CDW v1.20) were affected by different information disclosure vulnerabilities that provided sensitive information to an unauthenticated user who visits a specific URL. | 2020-03-13 | not yet calculated | CVE-2019-13194 MISC MISC MISC |
| brother -- multiple_printers | Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a stack buffer overflow vulnerability as the web server did not parse the cookie value properly. This would allow an attacker to execute arbitrary code on the device. | 2020-03-13 | not yet calculated | CVE-2019-13193 MISC MISC MISC |
| brother -- multiple_printers | Some Brother printers (such as the HL-L8360CDW v1.20) were affected by a heap buffer overflow vulnerability as the IPP service did not parse attribute names properly. This would allow an attacker to execute arbitrary code on the device. | 2020-03-13 | not yet calculated | CVE-2019-13192 MISC MISC MISC |
| chadha -- phpkb_standard_multi-language | admin/imagepaster/image-upload.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by uploading a .php file in the admin/js/ directory. | 2020-03-12 | not yet calculated | CVE-2020-10386 MISC |
| chadha -- phpkb_standard_multi-language | Reflected XSS in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to inject arbitrary web script or HTML via the GET parameter sort. | 2020-03-12 | not yet calculated | CVE-2020-10475 MISC |
| chadha -- phpkb_standard_multi-language | admin/save-settings.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to achieve Code Execution by injecting PHP code into any POST parameter when saving global settings. | 2020-03-12 | not yet calculated | CVE-2020-10389 MISC |
| dell -- emc_xtremio_xms_devices | Dell EMC XtremIO XMS versions prior to 6.3.0 contain an information disclosure vulnerability where OS users’ passwords are logged in local files. Malicious local users with access to the log files may use the exposed passwords to gain access to XtremIO with the privileges of the compromised user. | 2020-03-13 | not yet calculated | CVE-2019-18576 MISC |
| dell -- emc_xtremio_xms_devices | Dell EMC XtremIO XMS versions prior to 6.3.0 contain a stored cross-site scripting vulnerability. A low-privileged malicious remote user of XtremIO may exploit this vulnerability to store malicious HTML or JavaScript code in application fields. When victim users access the injected page through their browsers, the malicious code may be executed by the web browser in the context of the vulnerable web application. | 2020-03-13 | not yet calculated | CVE-2019-18578 MISC |
| dell -- emc_xtremio_xms_devices | Dell EMC XtremIO XMS versions prior to 6.3.0 contain an incorrect permission assignment vulnerability. A malicious local user with XtremIO xinstall privileges may exploit this vulnerability to gain root access. | 2020-03-13 | not yet calculated | CVE-2019-18577 MISC |
| dell -- wyse_management_suite | Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability. A remote authenticated malicious user with low privileges could exploit this vulnerability to store malicious payload in the device heartbeat request. When victim users access the submitted data through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application. | 2020-03-13 | not yet calculated | CVE-2019-3769 MISC |
| dell -- wyse_management_suite | Dell Wyse Management Suite versions prior to 1.4.1 contain a stored cross-site scripting vulnerability when unregistering a device. A remote authenticated malicious user with low privileges could exploit this vulnerability to store malicious HTML or JavaScript code. When victim users access the submitted data through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable application. | 2020-03-13 | not yet calculated | CVE-2019-3770 MISC |
| devome -- grr | An issue was discovered in DEVOME GRR before 3.4.1c. frmcontactlist.php mishandles a SQL query. | 2020-03-13 | not yet calculated | CVE-2020-10563 MISC MISC |
| devome -- grr | An issue was discovered in DEVOME GRR before 3.4.1c. admin_edit_room.php mishandles file uploads. | 2020-03-13 | not yet calculated | CVE-2020-10562 MISC MISC |
| fortinet -- fortiadc | An improper neutralization of input vulnerability in Fortinet FortiADC 5.3.3 and earlier may allow an attacker to execute a stored Cross Site Scripting (XSS) via a field in the traffic group interface. | 2020-03-13 | not yet calculated | CVE-2019-6699 CONFIRM |
| fortinet -- fortisiem | A Cross-Site Request Forgery (CSRF) vulnerability in the user interface of Fortinet FortiSIEM 5.2.5 could allow a remote, unauthenticated attacker to perform arbitrary actions using an authenticated user's session by persuading the victim to follow a malicious link. | 2020-03-12 | not yet calculated | CVE-2019-17653 CONFIRM |
| fortinet -- fortisolator | An improper neutralization of input vulnerability in the URL Description in Fortinet FortiIsolator version 1.2.2 allows a remote authenticated attacker to perform a cross site scripting attack (XSS). | 2020-03-12 | not yet calculated | CVE-2020-6643 CONFIRM |
| fortinet -- fortitray | An unquoted service path vulnerability in the FortiClient FortiTray component of FortiClientWindows v6.2.2 and prior allow an attacker to gain elevated privileges via the FortiClientConsole executable service path. | 2020-03-12 | not yet calculated | CVE-2019-17658 CONFIRM |
| fortinet -- fortiweb | An information exposure vulnerability in Fortinet FortiWeb 6.2.0 CLI and earlier may allow an authenticated user to view sensitive information being logged via diagnose debug commands. | 2020-03-13 | not yet calculated | CVE-2019-16157 CONFIRM |
| fortinet -- fortiweb | An Improper Neutralization of Input vulnerability in the Anomaly Detection Parameter Name in Fortinet FortiWeb 6.0.5, 6.2.0, and 6.1.1 may allow a remote unauthenticated attacker to perform a Cross Site Scripting attack (XSS). | 2020-03-12 | not yet calculated | CVE-2019-16156 CONFIRM |
| freebsd -- bhyve | grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command (read_* or write_*) by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhyve process, resulting in code execution as root on the host OS. | 2020-03-14 | not yet calculated | CVE-2020-10565 MISC |
| freebsd -- bhyve | grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, mishandles font loading by a guest through a grub2.cfg file, leading to a buffer overflow. | 2020-03-14 | not yet calculated | CVE-2020-10566 MISC |
| freedesktop -- systemd | systemd 37-1 does not properly handle non-existent services, which causes a denial of service (failure of login procedure). | 2020-03-11 | not yet calculated | CVE-2012-1101 MISC MISC MISC CONFIRM |
| gitlab -- gitlab | GitLab 12.2 through 12.8.1 allows Denial of Service. A denial of service vulnerability impacting the designs for public issues was discovered. | 2020-03-13 | not yet calculated | CVE-2020-10082 MISC CONFIRM |
| gitlab -- gitlab | GitLab 12.1 through 12.8.1 allows XSS. A cross-site scripting vulnerability was present in a particular view relating to the Grafana integration. | 2020-03-13 | not yet calculated | CVE-2020-10092 MISC CONFIRM |
| gitlab -- gitlab | GitLab 12.1 through 12.8.1 allows XSS. A stored cross-site scripting vulnerability was discovered when displaying merge requests. | 2020-03-13 | not yet calculated | CVE-2020-10076 MISC CONFIRM |
| gitlab -- gitlab | GitLab 8.3 through 12.8.1 allows Information Disclosure. It was possible for certain non-members to access the Contribution Analytics page of a private group. | 2020-03-13 | not yet calculated | CVE-2020-10080 MISC CONFIRM |
| gitlab -- gitlab | GitLab before 12.8.2 allows Information Disclosure. Badge images were not being proxied, causing mixed content warnings as well as leaking the IP address of the user. | 2020-03-13 | not yet calculated | CVE-2020-10087 MISC CONFIRM |
| gitlab -- gitlab | GitLab 12.5 through 12.8.1 has Insecure Permissions. Depending on particular group settings, it was possible for invited groups to be given the incorrect permission level. | 2020-03-13 | not yet calculated | CVE-2020-10088 MISC CONFIRM |
| gitlab -- gitlab | GitLab 8.11 through 12.8.1 allows a Denial of Service when using several features to recursively request eachother, | 2020-03-13 | not yet calculated | CVE-2020-10089 MISC CONFIRM |
| gitlab -- gitlab | GitLab 11.7 through 12.8.1 allows Information Disclosure. Under certain group conditions, group epic information was unintentionally being disclosed. | 2020-03-13 | not yet calculated | CVE-2020-10090 MISC CONFIRM |
| gitlab -- gitlab | GitLab 12.7 through 12.8.1 has Insecure Permissions. Under certain conditions involving groups, project authorization changes were not being applied. | 2020-03-13 | not yet calculated | CVE-2020-10083 MISC CONFIRM |
| gitlab -- gitlab | GitLab 9.3 through 12.8.1 allows XSS. A cross-site scripting vulnerability was found when viewing particular file types. | 2020-03-13 | not yet calculated | CVE-2020-10091 MISC CONFIRM |
| gitlab -- gitlab | GitLab 7.10 through 12.8.1 has Incorrect Access Control. Under certain conditions where users should have been required to configure two-factor authentication, it was not being required. | 2020-03-13 | not yet calculated | CVE-2020-10079 MISC CONFIRM |
| gitlab -- gitlab | GitLab before 12.8.2 has Incorrect Access Control. It was internally discovered that the LFS import process could potentially be used to incorrectly access LFS objects not owned by the user. | 2020-03-13 | not yet calculated | CVE-2020-10081 MISC CONFIRM |
| gitlab -- gitlab | GitLab 10.4 through 12.8.1 allows Directory Traversal. A particular endpoint was vulnerable to a directory traversal vulnerability, leading to arbitrary file read. | 2020-03-13 | not yet calculated | CVE-2020-10086 MISC CONFIRM |
| gitlab -- gitlab | GitLab 12.3.5 through 12.8.1 allows Information Disclosure. A particular view was exposing merge private merge request titles. | 2020-03-13 | not yet calculated | CVE-2020-10085 MISC CONFIRM |
| gitlab -- gitlab | GitLab 12.1 through 12.8.1 allows XSS. The merge request submission form was determined to have a stored cross-site scripting vulnerability. | 2020-03-13 | not yet calculated | CVE-2020-10078 MISC CONFIRM |
| gitlab -- gitlab | GitLab 12.8.x before 12.8.6, when sign-up is enabled, allows remote attackers to bypass email domain restrictions within the two-day grace period for an unconfirmed email address. | 2020-03-12 | not yet calculated | CVE-2020-10535 MISC |
| gitlab -- gitlab | GitLab 12.5 through 12.8.1 allows HTML Injection. A particular error header was potentially susceptible to injection or potentially other vulnerabilities via unescaped input. | 2020-03-13 | not yet calculated | CVE-2020-10075 MISC CONFIRM |
| gitlab -- gitlab | GitLab 10.1 through 12.8.1 has Incorrect Access Control. A scenario was discovered in which a GitLab account could be taken over through an expired link. | 2020-03-13 | not yet calculated | CVE-2020-10074 MISC CONFIRM |
| gitlab -- gitlab_enterprise_edition | GitLab EE 3.0 through 12.8.1 allows SSRF. An internal investigation revealed that a particular deprecated service was creating a server side request forgery risk. | 2020-03-13 | not yet calculated | CVE-2020-10077 MISC CONFIRM |
| gitlab -- gitlab_enterprise_edition | GitLab EE 11.6 through 12.8.1 allows Information Disclosure. Sending a specially crafted request to the vulnerability_feedback endpoint could result in the exposure of a private project namespace | 2020-03-13 | not yet calculated | CVE-2020-10084 MISC CONFIRM |
| gitlab -- gitlab_enterprise_edition | GitLab EE 12.4.2 through 12.8.1 allows Denial of Service. It was internally discovered that a potential denial of service involving permissions checks could impact a project home page. | 2020-03-13 | not yet calculated | CVE-2020-10073 MISC CONFIRM |
| halvotec -- raquest | An issue was discovered in Halvotec RaQuest 10.23.10801.0. One of the exposed web services allows an anonymous user to access the list of connected users as well as the session cookie for each user. | 2020-03-13 | not yet calculated | CVE-2019-19611 MISC |
| hotels.com -- styx | Hotels Styx through 1.0.0.beta8 allows HTTP response splitting due to CRLF Injection. This is exploitable if untrusted user input can appear in a response header. | 2020-03-12 | not yet calculated | CVE-2020-6858 MISC MISC |
| huawei -- honor_v30_smartphone | Huawei smartphone Honor V30 with versions earlier than OxfordS-AN00A 10.0.1.167(C00E166R4P1) have an improper authentication vulnerability. Authentication to target component is improper when device performs an operation. Attackers exploit this vulnerability to obtain some information by loading malicious application, leading to information leak. | 2020-03-12 | not yet calculated | CVE-2020-9064 CONFIRM |
| huawei -- usg6000v_virtual_service_gateway | Huawei USG6000V with versions V500R001C20SPC300, V500R003C00SPC100, and V500R005C00SPC100 have an out-of-bounds read vulnerability. Due to a logical flaw in a JSON parsing routine, a remote, unauthenticated attacker could exploit this vulnerability to disrupt service in the affected products. | 2020-03-12 | not yet calculated | CVE-2020-1863 CONFIRM |
| intel -- bluez | Improper access control in subsystem for BlueZ before version 5.53 may allow an unauthenticated user to potentially enable escalation of privilege and denial of service via adjacent access. | 2020-03-12 | not yet calculated | CVE-2020-0556 CONFIRM |
| intel -- fpga_programmable_acceleration_card_n3000 | Improper access control in PCIe function for the Intel® FPGA Programmable Acceleration Card N3000, all versions, may allow a privileged user to potentially enable escalation of privilege via local access. | 2020-03-12 | not yet calculated | CVE-2019-14626 CONFIRM |
| intel -- fpga_programmable_acceleration_card_n3000 | Improper access control in on-card storage for the Intel® FPGA Programmable Acceleration Card N3000, all versions, may allow a privileged user to potentially enable denial of service via local access. | 2020-03-12 | not yet calculated | CVE-2019-14625 CONFIRM |
intel -- graphics_drivers | Uncontrolled search path in Intel(R) Graphics Drivers before version 26.20.100.7158 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2020-03-12 | not yet calculated | CVE-2020-0565 CONFIRM |
| intel -- graphics_drivers | Buffer overflow in Intel(R) Graphics Drivers before version 26.20.100.6912 may allow an authenticated user to potentially enable a denial of service via local access. | 2020-03-12 | not yet calculated | CVE-2020-0501 CONFIRM |
| intel -- graphics_drivers | Unquoted service path in Intel(R) Graphics Drivers before versions 15.33.49.5100, 15.36.38.5117, 15.40.44.5107, 15.45.30.5103, and 26.20.100.7212 may allow an authenticated user to potentially enable denial of service via local access. | 2020-03-12 | not yet calculated | CVE-2020-0507 CONFIRM |
| intel -- graphics_drivers | Incorrect default permissions in the installer for Intel(R) Graphics Drivers before versions 15.33.49.5100, 15.36.38.5117, 15.40.44.5107, 15.45.30.5103, and 26.20.100.7212 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2020-03-12 | not yet calculated | CVE-2020-0508 CONFIRM |
| intel -- graphics_drivers | Uncaught exception in system driver for Intel(R) Graphics Drivers before version 15.40.44.5107 may allow an authenticated user to potentially enable a denial of service via local access. | 2020-03-12 | not yet calculated | CVE-2020-0511 CONFIRM |
| intel -- graphics_drivers | Improper initialization in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.29.5077, and 26.20.100.7000 may allow a privileged user to potentially enable a denial of service via local access. | 2020-03-12 | not yet calculated | CVE-2020-0506 CONFIRM |
| intel -- graphics_drivers | Improper conditions check in Intel(R) Graphics Drivers before versions 15.33.49.5100, 15.36.38.5117, 15.40.44.5107, 15.45.30.5103, and 26.20.100.7212 may allow an authenticated user to potentially enable information disclosure and denial of service via local | 2020-03-12 | not yet calculated | CVE-2020-0505 CONFIRM |
| intel -- graphics_drivers | Buffer overflow in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.30.5103, and 26.20.100.7158 may allow an authenticated user to potentially enable a denial of service via local access. | 2020-03-12 | not yet calculated | CVE-2020-0504 CONFIRM |
| intel -- graphics_drivers | Improper access control in Intel(R) Graphics Drivers before version 26.20.100.7463 may allow an authenticated user to potentially enable denial of service via local access. | 2020-03-12 | not yet calculated | CVE-2020-0516 CONFIRM |
| intel -- graphics_drivers | Improper access control in Intel(R) Graphics Drivers before version 26.20.100.7212 may allow an authenticated user to potentially enable information disclosure via local access. | 2020-03-12 | not yet calculated | CVE-2020-0503 CONFIRM |
| intel -- graphics_drivers | Improper access control in Intel(R) Graphics Drivers before version 26.20.100.6912 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2020-03-12 | not yet calculated | CVE-2020-0502 CONFIRM |
| intel -- graphics_drivers | Improper default permissions in the installer for Intel(R) Graphics Drivers before versions 26.20.100.7463 and 15.45.30.5103 may allow an authenticated user to potentially enable escalation of privilege via local access. | 2020-03-12 | not yet calculated | CVE-2020-0514 CONFIRM |
| intel -- graphics_drivers | Uncontrolled search path element in the installer for Intel(R) Graphics Drivers before versions 26.20.100.7584, 15.45.30.5103, 15.40.44.5107, 15.36.38.5117, and 15.33.49.5100 may allow an authenticated user to potentially enable escalation of privilege via local access | 2020-03-12 | not yet calculated | CVE-2020-0515 CONFIRM |
| intel -- graphics_drivers | Improper access control for Intel(R) Graphics Drivers before versions 15.33.49.5100 and 15.36.38.5117 may allow an authenticated user to potentially enable escalation of privilege or denial of service via local access. | 2020-03-12 | not yet calculated | CVE-2020-0519 CONFIRM |
| intel -- graphics_drivers | Out-of-bounds write in Intel(R) Graphics Drivers before version 15.36.38.5117 may allow an authenticated user to potentially enable escalation of privilege or denial of service via local access. | 2020-03-12 | not yet calculated | CVE-2020-0517 CONFIRM |
| intel -- graphics_drivers | Path traversal in igdkmd64.sys for Intel(R) Graphics Drivers before versions 15.45.30.5103, 15.40.44.5107, 15.36.38.5117 and 15.33.49.5100 may allow an authenticated user to potentially enable escalation of privilege or denial of service via local access. | 2020-03-12 | not yet calculated | CVE-2020-0520 CONFIRM |
| intel -- graphics_drivers | Improper input validation in Intel(R) Graphics Drivers before version 26.20.100.7212 may allow an authenticated user to enable denial of service via local access. | 2020-03-12 | not yet calculated | CVE-2020-0567 CONFIRM |
| intel -- max_10_fpga | Improper configuration in block design for Intel(R) MAX(R) 10 FPGA all versions may allow an authenticated user to potentially enable information disclosure via physical access. | 2020-03-12 | not yet calculated | CVE-2020-0574 CONFIRM |
| intel -- multiple_processors | Load value injection in some Intel(R) Processors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. The list of affected products is provided in intel-sa-00334: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00334.html | 2020-03-12 | not yet calculated | CVE-2020-0551 CONFIRM |
| intel -- multiple_processors | Improper data forwarding in some data cache for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. The list of affected products is provided in intel-sa-00330: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00330.html | 2020-03-12 | not yet calculated | CVE-2020-0550 CONFIRM |
| intel -- nuc | Improper input validation in firmware for Intel(R) NUC may allow a privileged user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html | 2020-03-12 | not yet calculated | CVE-2020-0526 CONFIRM |
| intel -- nuc | Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html | 2020-03-12 | not yet calculated | CVE-2020-0530 CONFIRM |
intel -- optane_dc_persistent_memory_module_management_software | Unquoted service path in Intel(R) Optane(TM) DC Persistent Memory Module Management Software before version 1.0.0.3461 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access. | 2020-03-12 | not yet calculated | CVE-2020-0546 CONFIRM |
| intel -- smart_sound_technology | Improper access control in the subsystem for Intel(R) Smart Sound Technology may allow an authenticated user to potentially enable escalation of privilege via local access. This affects Intel® Smart Sound Technology before versions: 10th Generation Intel® Core™ i7 Processors, version 3431 and 8th Generation Intel® Core™ Processors, version 3349. | 2020-03-12 | not yet calculated | CVE-2020-0583 CONFIRM |
| invision_power_services -- invision_power_board | Invision Power Board (aka IPB or IP.Board) 2.x through 3.0.4, when Internet Explorer 5 is used, allows XSS via a .txt attachment. | 2020-03-13 | not yet calculated | CVE-2009-5159 MISC MISC MISC MISC |
| kde -- applications | messagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv="REFRESH" value. | 2020-03-12 | not yet calculated | CVE-2018-19516 MISC |
| kyocera -- ecosys_m5526cdw_printers | Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the okhtmlfile and failhtmlfile parameters of several functionalities of the web application that would allow an unauthenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device. | 2020-03-13 | not yet calculated | CVE-2019-13202 MISC |
| kyocera -- ecosys_m5526cdw_printers | Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the URI paths of the web application that would allow an unauthenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device. | 2020-03-13 | not yet calculated | CVE-2019-13197 MISC |
| kyocera -- ecosys_m5526cdw_printers | Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) did not implement any mechanism to avoid CSRF. Successful exploitation of this vulnerability can lead to the takeover of a local account on the device. | 2020-03-13 | not yet calculated | CVE-2019-13199 MISC |
| kyocera -- ecosys_m5526cdw_printers | Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in multiple parameters of the Document Boxes functionality of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device. | 2020-03-13 | not yet calculated | CVE-2019-13206 MISC |
| kyocera -- ecosys_m5526cdw_printers | Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the LPD service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS) in the LPD service and potentially execute arbitrary code on the device. | 2020-03-13 | not yet calculated | CVE-2019-13201 MISC |
| kyocera -- ecosys_m5526cdw_printers | The web application of several Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was affected by Reflected XSS. Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions. | 2020-03-13 | not yet calculated | CVE-2019-13200 MISC |
| kyocera -- ecosys_m5526cdw_printers | The web application of some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was vulnerable to path traversal, allowing an unauthenticated user to retrieve arbitrary files, or check if files or folders existed within the file system. | 2020-03-13 | not yet calculated | CVE-2019-13195 MISC |
| kyocera -- ecosys_m5526cdw_printers | The web application of several Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) was affected by Stored XSS. Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions. | 2020-03-13 | not yet calculated | CVE-2019-13198 MISC |
| kyocera -- ecosys_m5526cdw_printers | Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by a buffer overflow vulnerability in the arg4 and arg9 parameters of several functionalities of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device. | 2020-03-13 | not yet calculated | CVE-2019-13196 MISC |
| kyocera -- ecosys_m5526cdw_printers | Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by an integer overflow vulnerability in the arg3 parameter of several functionalities of the web application that would allow an authenticated attacker to perform a Denial of Service attack, crashing the device, or potentially execute arbitrary code on the device. | 2020-03-13 | not yet calculated | CVE-2019-13203 MISC |
| kyocera -- ecosys_m5526cdw_printers | Some Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were affected by multiple buffer overflow vulnerabilities in the IPP service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS), and potentially execute arbitrary code on the device. | 2020-03-13 | not yet calculated | CVE-2019-13204 MISC |
| kyocera -- ecosys_m5526cdw_printers | All configuration parameters of certain Kyocera printers (such as the ECOSYS M5526cdw 2R7_2000.001.701) were accessible by unauthenticated users. This information was only presented in the menus when authenticated, and the pages that loaded this information were also protected. However, all files that contained the configuration parameters were accessible. These files contained sensitive information, such as users, community strings, and other passwords configured in the printer. | 2020-03-13 | not yet calculated | CVE-2019-13205 MISC |
| lag_digital -- wagtail-2fa | In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so. By deleting the other users device they can disable the target users 2FA devices and potentially compromise the account if they figure out their password. The problem has been patched in version 1.4.1. | 2020-03-13 | not yet calculated | CVE-2020-5240 MISC CONFIRM |
| lenovo -- xclarity_administrator | An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered Windows OS credentials, used to perform driver updates of managed systems, being written to a log file in clear text. This only affects LXCA version 2.6.0 when performing a Windows driver update. Affected logs are only accessible to authorized users in the First Failure Data Capture (FFDC) service log and log files on LXCA. | 2020-03-13 | not yet calculated | CVE-2019-19756 CONFIRM |
| lexmark -- multiple_devices | Certain older Lexmark devices (C, M, X, and 6500e before 2018-12-18) contain a directory traversal vulnerability in the embedded web server. | 2020-03-10 | not yet calculated | CVE-2018-18894 MISC CONFIRM |
| mcafee -- advanced_threat_defense | Privilege Escalation vulnerability in the command line interface in McAfee Advanced Threat Defense (ATD) 4.x prior to 4.8.2 allows local users to execute arbitrary code via improper access controls on the sudo command. | 2020-03-12 | not yet calculated | CVE-2020-7254 CONFIRM |
| mcafee -- mcafee_agent | Improper access control vulnerability in masvc.exe in McAfee Agent (MA) prior to 5.6.4 allows local users with administrator privileges to disable self-protection via a McAfee supplied command-line utility. | 2020-03-12 | not yet calculated | CVE-2020-7253 CONFIRM |
| mediawiki -- mediawiki | In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0, an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to the case in which an IP address is contained in two ranges, one of which is locally disabled. | 2020-03-12 | not yet calculated | CVE-2020-10534 MISC MISC |
| meetecho -- janus | An issue was discovered in Janus through 0.9.1. janus_audiobridge.c has a double mutex unlock when listing private rooms in AudioBridge. | 2020-03-14 | not yet calculated | CVE-2020-10573 MISC |
| meetecho -- janus | An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "query_logger" Admin API request, because of a typo in the JSON validation. | 2020-03-14 | not yet calculated | CVE-2020-10574 MISC |
| meetecho -- janus | An issue was discovered in Janus through 0.9.1. plugins/janus_videocall.c in the VideoCall plugin mishandles session management because a race condition causes some references to be freed too early or too many times. | 2020-03-14 | not yet calculated | CVE-2020-10575 MISC |
| meetecho -- janus | An issue was discovered in Janus through 0.9.1. plugins/janus_voicemail.c in the VoiceMail plugin has a race condition that could cause a server crash. | 2020-03-14 | not yet calculated | CVE-2020-10576 MISC |
| meetecho -- janus | An issue was discovered in Janus through 0.9.1. janus.c has multiple concurrent threads that misuse the source property of a session, leading to a race condition when claiming sessions. | 2020-03-14 | not yet calculated | CVE-2020-10577 MISC |
microsoft -- azure_devop_server_2019_and_team_foundation_server_2017_and_2018 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0700 MISC |
microsoft -- azure_devop_server_2019_and_team_foundation_server_2017_and_2018 | An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815. | 2020-03-12 | not yet calculated | CVE-2020-0758 MISC |
| microsoft -- azure_devops_server_2019 | An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0758. | 2020-03-12 | not yet calculated | CVE-2020-0815 MISC |
microsoft -- business_productivity_servers_and_sharepoint_enterprise_server_2016_and_sharepoint_foundation_2013 | This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint Reflective XSS Vulnerability'. This CVE ID is unique from CVE-2020-0891. | 2020-03-12 | not yet calculated | CVE-2020-0795 MISC |
microsoft -- chakracore_and_internet_explorer_11_and_microsoft_edge | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. | 2020-03-12 | not yet calculated | CVE-2020-0768 MISC |
| microsoft -- chakracore_and_microsoft_edge | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. | 2020-03-12 | not yet calculated | CVE-2020-0823 MISC |
| microsoft -- chakracore_and_microsoft_edge | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833. | 2020-03-12 | not yet calculated | CVE-2020-0848 MISC |
| microsoft -- chakracore_and_microsoft_edge | An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user’s computer or data.To exploit the vulnerability, an attacker must know the memory address of where the object was created.The update addresses the vulnerability by changing the way certain functions handle objects in memory., aka 'Scripting Engine Information Disclosure Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0813 MISC |
| microsoft -- chakracore_and_microsoft_edge | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0811. | 2020-03-12 | not yet calculated | CVE-2020-0812 MISC |
| microsoft -- chakracore_and_microsoft_edge | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0812. | 2020-03-12 | not yet calculated | CVE-2020-0811 MISC |
| microsoft -- chakracore_and_microsoft_edge | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. | 2020-03-12 | not yet calculated | CVE-2020-0826 MISC |
| microsoft -- chakracore_and_microsoft_edge | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. | 2020-03-12 | not yet calculated | CVE-2020-0827 MISC |
| microsoft -- chakracore_and_microsoft_edge | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. | 2020-03-12 | not yet calculated | CVE-2020-0828 MISC |
| microsoft -- chakracore_and_microsoft_edge | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. | 2020-03-12 | not yet calculated | CVE-2020-0829 MISC |
| microsoft -- chakracore_and_microsoft_edge | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. | 2020-03-12 | not yet calculated | CVE-2020-0825 MISC |
| microsoft -- chakracore_and_microsoft_edge | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. | 2020-03-12 | not yet calculated | CVE-2020-0831 MISC |
microsoft -- chakracore_and_microsoft_edge_and_internet_explorer_11 | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0831, CVE-2020-0832, CVE-2020-0833, CVE-2020-0848. | 2020-03-12 | not yet calculated | CVE-2020-0830 MISC |
| microsoft -- exchange_server_2016_and_2019 | A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0903 MISC |
| microsoft -- internet_explorer_11 | A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0824 MISC |
| microsoft -- internet_explorer_11 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0832, CVE-2020-0848. | 2020-03-12 | not yet calculated | CVE-2020-0833 MISC |
| microsoft -- internet_explorer_9_and_11 | A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0847 MISC |
| microsoft -- internet_explorer_9_and_11 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0768, CVE-2020-0823, CVE-2020-0825, CVE-2020-0826, CVE-2020-0827, CVE-2020-0828, CVE-2020-0829, CVE-2020-0830, CVE-2020-0831, CVE-2020-0833, CVE-2020-0848. | 2020-03-12 | not yet calculated | CVE-2020-0832 MISC |
| microsoft -- microsoft_edge | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0816 MISC |
| microsoft -- multiple_products | An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0905 MISC |
| microsoft -- multiple_products | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0852, CVE-2020-0855. | 2020-03-12 | not yet calculated | CVE-2020-0892 MISC |
| microsoft -- multiple_products | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0855, CVE-2020-0892. | 2020-03-12 | not yet calculated | CVE-2020-0852 MISC |
| microsoft -- multiple_products | An information disclosure vulnerability exists in Windows when the Windows Imaging Component fails to properly handle objects in memory, aka 'Windows Imaging Component Information Disclosure Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0853 MISC |
| microsoft -- multiple_products | An information disclosure vulnerability exists when the Windows Network Driver Interface Specification (NDIS) improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Network Driver Interface Specification (NDIS) Information Disclosure Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0861 MISC |
| microsoft -- multiple_products | An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows ActiveX Installer Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0770, CVE-2020-0773. | 2020-03-12 | not yet calculated | CVE-2020-0860 MISC |
| microsoft -- multiple_products | An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0859 MISC |
| microsoft -- multiple_products | An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka 'Windows Search Indexer Elevation of Privilege Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0857 MISC |
| microsoft -- multiple_products | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0851, CVE-2020-0852, CVE-2020-0855, CVE-2020-0892. | 2020-03-12 | not yet calculated | CVE-2020-0850 MISC |
| microsoft -- multiple_products | An elevation of privilege vulnerability exists when the "Public Account Pictures" folder improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0776. | 2020-03-12 | not yet calculated | CVE-2020-0858 MISC |
| microsoft -- multiple_products | An elevation of privilege vulnerability exists when Windows improperly handles hard links, aka 'Windows Hard Link Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0840, CVE-2020-0841, CVE-2020-0849. | 2020-03-12 | not yet calculated | CVE-2020-0896 MISC |
| microsoft -- multiple_products | An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0793 MISC |
| microsoft -- multiple_products | An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system.An attacker could then run a specially crafted application that could exploit the vulnerability and take control of an affected system.The update addresses the vulnerability by not permitting Diagnostics Hub Standard Collector or the Visual Studio Standard Collector to create files in arbitrary locations., aka 'Diagnostic Hub Standard Collector Elevation of Privilege Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0810 MISC |
| microsoft -- multiple_sharepoint_products | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0893. | 2020-03-12 | not yet calculated | CVE-2020-0894 MISC |
| microsoft -- multiple_sharepoint_products | This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint Reflective XSS Vulnerability'. This CVE ID is unique from CVE-2020-0795. | 2020-03-12 | not yet calculated | CVE-2020-0891 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866, CVE-2020-0897. | 2020-03-12 | not yet calculated | CVE-2020-0797 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0799 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0898. | 2020-03-12 | not yet calculated | CVE-2020-0791 MISC |
microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0779, CVE-2020-0798, CVE-2020-0842, CVE-2020-0843. | 2020-03-12 | not yet calculated | CVE-2020-0814 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0772. | 2020-03-12 | not yet calculated | CVE-2020-0806 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0877, CVE-2020-0887. | 2020-03-12 | not yet calculated | CVE-2020-0788 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0803, CVE-2020-0845. | 2020-03-12 | not yet calculated | CVE-2020-0804 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows ActiveX Installer Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0770, CVE-2020-0860. | 2020-03-12 | not yet calculated | CVE-2020-0773 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0800, CVE-2020-0865, CVE-2020-0866, CVE-2020-0897. | 2020-03-12 | not yet calculated | CVE-2020-0864 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0798, CVE-2020-0814, CVE-2020-0842, CVE-2020-0843. | 2020-03-12 | not yet calculated | CVE-2020-0779 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0802, CVE-2020-0803, CVE-2020-0804, CVE-2020-0845. | 2020-03-12 | not yet calculated | CVE-2020-0778 MISC |
| microsoft -- multiple_windows_products | An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774, CVE-2020-0874, CVE-2020-0880, CVE-2020-0882. | 2020-03-12 | not yet calculated | CVE-2020-0879 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0858. | 2020-03-12 | not yet calculated | CVE-2020-0776 MISC |
| microsoft -- multiple_windows_products | An information disclosure vulnerability exists when Windows Error Reporting improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Error Reporting Information Disclosure Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0775 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory, aka 'Windows Network List Service Elevation of Privilege Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0780 MISC |
| microsoft -- multiple_windows_products | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0874, CVE-2020-0879, CVE-2020-0880, CVE-2020-0882. | 2020-03-12 | not yet calculated | CVE-2020-0774 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows CSC Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0771. | 2020-03-12 | not yet calculated | CVE-2020-0769 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Device Setup Manager improperly handles file operations, aka 'Windows Device Setup Manager Elevation of Privilege Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0819 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0785 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0803, CVE-2020-0804. | 2020-03-12 | not yet calculated | CVE-2020-0845 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0690 MISC |
| microsoft -- multiple_windows_products | An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0820 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows CSC Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0769. | 2020-03-12 | not yet calculated | CVE-2020-0771 MISC |
| microsoft -- multiple_windows_products | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows Graphics Component Information Disclosure Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0885 MISC |
microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0788, CVE-2020-0877. | 2020-03-12 | not yet calculated | CVE-2020-0887 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations, aka 'Windows Language Pack Installer Elevation of Privilege Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0822 MISC |
| microsoft -- multiple_windows_products | A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0684 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0783. | 2020-03-12 | not yet calculated | CVE-2020-0781 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when Windows improperly handles hard links, aka 'Windows Hard Link Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0841, CVE-2020-0849, CVE-2020-0896. | 2020-03-12 | not yet calculated | CVE-2020-0840 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when Windows improperly handles hard links, aka 'Windows Hard Link Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0840, CVE-2020-0849, CVE-2020-0896. | 2020-03-12 | not yet calculated | CVE-2020-0841 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0779, CVE-2020-0798, CVE-2020-0814, CVE-2020-0843. | 2020-03-12 | not yet calculated | CVE-2020-0842 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0779, CVE-2020-0798, CVE-2020-0814, CVE-2020-0842. | 2020-03-12 | not yet calculated | CVE-2020-0843 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0844 MISC |
| microsoft -- multiple_windows_products | A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0645 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0787 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0802, CVE-2020-0804, CVE-2020-0845. | 2020-03-12 | not yet calculated | CVE-2020-0803 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows ActiveX Installer Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0773, CVE-2020-0860. | 2020-03-12 | not yet calculated | CVE-2020-0770 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0781. | 2020-03-12 | not yet calculated | CVE-2020-0783 MISC |
| microsoft -- multiple_windows_products | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0801, CVE-2020-0807, CVE-2020-0869. | 2020-03-12 | not yet calculated | CVE-2020-0809 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could run arbitrary code with elevated system privileges, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0779, CVE-2020-0814, CVE-2020-0842, CVE-2020-0843. | 2020-03-12 | not yet calculated | CVE-2020-0798 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0778, CVE-2020-0803, CVE-2020-0804, CVE-2020-0845. | 2020-03-12 | not yet calculated | CVE-2020-0802 MISC |
| microsoft -- multiple_windows_products | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0807, CVE-2020-0809, CVE-2020-0869. | 2020-03-12 | not yet calculated | CVE-2020-0801 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security context of the local system, aka 'Windows ALPC Elevation of Privilege Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0834 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when Windows improperly handles hard links, aka 'Windows Hard Link Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0840, CVE-2020-0841, CVE-2020-0896. | 2020-03-12 | not yet calculated | CVE-2020-0849 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866, CVE-2020-0897. | 2020-03-12 | not yet calculated | CVE-2020-0800 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when Windows Error Reporting improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0806. | 2020-03-12 | not yet calculated | CVE-2020-0772 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866, CVE-2020-0897. | 2020-03-12 | not yet calculated | CVE-2020-0777 MISC |
| microsoft -- multiple_windows_products | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774, CVE-2020-0874, CVE-2020-0879, CVE-2020-0882. | 2020-03-12 | not yet calculated | CVE-2020-0880 MISC |
| microsoft -- multiple_windows_products | An information disclosure vulnerability exists when Windows Network Connections Service fails to properly handle objects in memory, aka 'Windows Network Connections Service Information Disclosure Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0871 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0788, CVE-2020-0887. | 2020-03-12 | not yet calculated | CVE-2020-0877 MISC |
| microsoft -- multiple_windows_products | An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774, CVE-2020-0879, CVE-2020-0880, CVE-2020-0882. | 2020-03-12 | not yet calculated | CVE-2020-0874 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0866. | 2020-03-12 | not yet calculated | CVE-2020-0897 MISC |
| microsoft -- multiple_windows_products | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0774, CVE-2020-0874, CVE-2020-0879, CVE-2020-0880. | 2020-03-12 | not yet calculated | CVE-2020-0882 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0868. | 2020-03-12 | not yet calculated | CVE-2020-0867 MISC |
| microsoft -- multiple_windows_products | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0801, CVE-2020-0807, CVE-2020-0809. | 2020-03-12 | not yet calculated | CVE-2020-0869 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka 'Windows Update Orchestrator Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0867. | 2020-03-12 | not yet calculated | CVE-2020-0868 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0865, CVE-2020-0897. | 2020-03-12 | not yet calculated | CVE-2020-0866 MISC |
| microsoft -- multiple_windows_products | An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0777, CVE-2020-0797, CVE-2020-0800, CVE-2020-0864, CVE-2020-0866, CVE-2020-0897. | 2020-03-12 | not yet calculated | CVE-2020-0865 MISC |
| microsoft -- multiple_windows_products | A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0881. | 2020-03-12 | not yet calculated | CVE-2020-0883 MISC |
| microsoft -- multiple_windows_products | A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+ Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0883. | 2020-03-12 | not yet calculated | CVE-2020-0881 MISC |
| microsoft -- office_2016_and_2019_and_office_365_proplus | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0852, CVE-2020-0855, CVE-2020-0892. | 2020-03-12 | not yet calculated | CVE-2020-0851 MISC |
microsoft -- office_2019_for_mac_and_office_365_proplus | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0852, CVE-2020-0892. | 2020-03-12 | not yet calculated | CVE-2020-0855 MISC |
| microsoft -- remote_desktop_connection_manager | An information disclosure vulnerability exists in the Remote Desktop Connection Manager (RDCMan) application when it improperly parses XML input containing a reference to an external entity, aka 'Remote Desktop Connection Manager Information Disclosure Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0765 MISC |
| microsoft -- service_fabric | An elevation of privilege vulnerability exists in Service Fabric File Store Service under certain conditions, aka 'Service Fabric Elevation of Privilege'. | 2020-03-12 | not yet calculated | CVE-2020-0902 MISC |
microsoft -- sharepoint_enterprise_server_2013_and_2016_and_sharepointserver_2019 | A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0894. | 2020-03-12 | not yet calculated | CVE-2020-0893 MISC |
| microsoft -- visual_studio_2017_and_2019 | A spoofing vulnerability exists in Microsoft Visual Studio as it includes a reply URL that is not secured by SSL, aka 'Microsoft Visual Studio Spoofing Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0884 MISC |
| microsoft -- visual_studio_2019 | A denial of service vulnerability exists when the Visual Studio Extension Installer Service improperly handles hard links, aka 'Visual Studio Extension Installer Service Denial of Service Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0789 MISC |
| microsoft -- windows_10_and_windows_server | An information vulnerability exists when Windows Connected User Experiences and Telemetry Service improperly discloses file information, aka 'Connected User Experiences and Telemetry Service Information Disclosure Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0863 MISC |
| microsoft -- windows_10_and_windows_server | An elevation of privilege vulnerability exists when Windows Defender Security Center handles certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Windows Defender Security Center Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0763. | 2020-03-12 | not yet calculated | CVE-2020-0762 MISC |
| microsoft -- windows_10_and_windows_server_2016 | An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0791. | 2020-03-12 | not yet calculated | CVE-2020-0898 MISC |
| microsoft -- windows_10_and_windows_server_2016 | A denial of service vulnerability exists when the Windows Tile Object Service improperly handles hard links, aka 'Windows Tile Object Service Denial of Service Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0786 MISC |
microsoft -- windows_10_and_windows_server_and_windows_server_2019 | An elevation of privilege vulnerability exists when Windows Mobile Device Management (MDM) Diagnostics improperly handles junctions, aka 'Windows Mobile Device Management Diagnostics Elevation of Privilege Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0854 MISC |
microsoft -- windows_10_and_windows_server_and_windows_server_2019 | An elevation of privilege vulnerability exists when Windows Defender Security Center handles certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Windows Defender Security Center Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0762. | 2020-03-12 | not yet calculated | CVE-2020-0763 MISC |
microsoft -- windows_10_and_windows_server_and_windows_server_2019 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0801, CVE-2020-0809, CVE-2020-0869. | 2020-03-12 | not yet calculated | CVE-2020-0807 MISC |
microsoft -- windows_10_and_windows_server_and_windows_server_2019 | An elevation of privilege vulnerability exists in the way the Provisioning Runtime validates certain file operations, aka 'Provisioning Runtime Elevation of Privilege Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0808 MISC |
| micrsoft -- windows_10_and_windows_server | A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'. | 2020-03-12 | not yet calculated | CVE-2020-0796 MISC MISC MISC |
| moxa -- mulitple_mgate_devices | An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Insufficient password requirements for the MGate web application may allow an attacker to gain access by brute-forcing account passwords. | 2020-03-11 | not yet calculated | CVE-2019-9096 CONFIRM MISC |
| moxa -- mulitple_mgate_devices | An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A Buffer overflow in the built-in web server allows remote attackers to initiate DoS, and probably to execute arbitrary code (issue 1 of 2). | 2020-03-11 | not yet calculated | CVE-2019-9099 CONFIRM MISC |
| moxa -- mulitple_mgate_devices | An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A high rate of transit traffic may cause a low-memory condition and a denial of service. | 2020-03-11 | not yet calculated | CVE-2019-9097 CONFIRM MISC |
| moxa -- mulitple_mgate_devices | An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An Integer overflow in the built-in web server allows remote attackers to initiate DoS. | 2020-03-11 | not yet calculated | CVE-2019-9098 CONFIRM MISC |
multiple_vendors -- multiple_dynamic_random_access_memory_chips | Modern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh (TRR), aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain access patterns to trigger bit flips on affected memory modules, aka a Many-sided RowHammer attack. This means that, even when chips advertised as RowHammer-free are used, attackers may still be able to conduct privilege-escalation attacks against the kernel, conduct privilege-escalation attacks against the Sudo binary, and achieve cross-tenant virtual-machine access by corrupting RSA keys. The issue affects chips produced by SK Hynix, Micron, and Samsung. NOTE: tracking DRAM supply-chain issues is not straightforward because a single product model from a single vendor may use DRAM chips from different manufacturers. | 2020-03-10 | not yet calculated | CVE-2020-10255 MISC MISC MISC MISC MISC MISC |
| multiple_vendors -- multiple_products | The implementations of PKCS#1 v1.5 key transport mechanism for XMLEncryption in JBossWS and Apache WSS4J before 1.6.5 is susceptible to a Bleichenbacher attack. | 2020-03-11 | not yet calculated | CVE-2011-2487 MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC MISC |
| netapp -- storagegride | StorageGRID (formerly StorageGRID Webscale) versions 10.0.0 through 11.3 prior to 11.2.0.8 and 11.3.0.4 are susceptible to a vulnerability which allows an unauthenticated remote attacker to cause a Denial of Service (DoS). | 2020-03-13 | not yet calculated | CVE-2020-8571 CONFIRM |
| netgear -- cg3700b_voo_device | The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses the same default 8 character passphrase for the administrative console and the WPA2 pre-shared key. Either an attack against HTTP Basic Authentication or an attack against WPA2 could be used to determine this passphrase. | 2020-03-13 | not yet calculated | CVE-2019-13393 MISC |
| netgear -- cg3700b_voo_device | The Voo branded NETGEAR CG3700b custom firmware V2.02.03 uses HTTP Basic Authentication over cleartext HTTP. | 2020-03-13 | not yet calculated | CVE-2019-13394 MISC |
| netgear -- cg3700b_voo_device | The Voo branded NETGEAR CG3700b custom firmware V2.02.03 allows CSRF against all /goform/ URIs. An attacker can modify all settings including WEP/WPA/WPA2 keys, restore the router to factory settings, or even upload an entire malicious configuration file. | 2020-03-13 | not yet calculated | CVE-2019-13395 MISC |
| nvidia -- vgpu_graphics_driver | NVIDIA vGPU graphics driver for guest OS contains a vulnerability in which an incorrect resource clean up on a failure path can impact the guest VM, leading to denial of service. | 2020-03-12 | not yet calculated | CVE-2020-5961 N/A |
| nvidia -- virtual_gpu_manager | NVIDIA Virtual GPU Manager contains a vulnerability in the kernel module (nvidia.ko), where a null pointer dereference may occur, which may lead to denial of service. | 2020-03-12 | not yet calculated | CVE-2020-5960 N/A |
| nvidia -- virtual_gpu_manager | NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin in which an input index value is incorrectly validated which may lead to denial of service. | 2020-03-12 | not yet calculated | CVE-2020-5959 N/A |
| openstack -- manila | OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete, or share resources that do not belong to them, because of a context-free lookup of a UUID. Attackers may also create resources, such as shared file systems and groups of shares on such share networks. | 2020-03-12 | not yet calculated | CVE-2020-9543 MLIST MISC CONFIRM |
| opera_software -- opera_for_android | Opera through 53 on Android allows Address Bar Spoofing. Characters from several languages are displayed in Right-to-Left order, due to mishandling of several Unicode characters. The rendering mechanism, in conjunction with the "first strong character" concept, may improperly operate on a numerical IP address or an alphabetic string, leading to a spoofed URL. | 2020-03-12 | not yet calculated | CVE-2019-12278 MISC MISC |
| osquery -- osquery | Incorrect validation of the TLS SNI hostname in osquery versions after 2.9.0 and before 4.2.0 could allow an attacker to MITM osquery traffic in the absence of a configured root chain of trust. | 2020-03-13 | not yet calculated | CVE-2020-1887 CONFIRM CONFIRM |
| otrs -- open_ticket_request_system | An issue was discovered in Open Ticket Request System (OTRS) 7.0 through 7.0.6. An attacker who is logged into OTRS as a customer user can use the search result screens to disclose information from internal FAQ articles, a different vulnerability than CVE-2019-9753. | 2020-03-10 | not yet calculated | CVE-2019-10065 MISC CONFIRM |
| phoenix_contact -- multiple_tc_products | PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17, and TC CLOUD CLIENT 1002-TXTX through 1.03.17 devices allow authenticated users to inject system commands through a modified POST request to a specific URL. | 2020-03-12 | not yet calculated | CVE-2020-9436 MISC FULLDISC MISC MISC |
| phoenix_contact -- multiple_tc_products | PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17, and TC CLOUD CLIENT 1002-TXTX through 1.03.17 devices contain a hardcoded certificate (and key) that is used by default for web-based services on the device. Impersonation, man-in-the-middle, or passive decryption attacks are possible if the generic certificate is not replaced by a device-specific certificate during installation. | 2020-03-12 | not yet calculated | CVE-2020-9435 MISC FULLDISC MISC MISC |
| poly -- hdx_series_devices | An issue was discovered in Poly (formerly Polycom) HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator's page. The value received from the user is the factor value of a shell script on the equipment. By entering a special character (such as a single quote) in a CN or other CSR field, one can insert a command into a factor value. A system command can be executed as root. | 2020-03-12 | not yet calculated | CVE-2019-11355 MISC |
| primetek -- primefaces | An XSS issue was discovered in tooltip/tooltip.js in PrimeTek PrimeFaces 7.0.11. In a web application using PrimeFaces, an attacker can provide JavaScript code in an input field whose data is later used as a tooltip title without any input validation. | 2020-03-13 | not yet calculated | CVE-2020-10544 MISC |
| psd-tools -- psd-tools | An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data. | 2020-03-14 | not yet calculated | CVE-2020-10571 MISC MISC |
| puppet -- puppet_server_and_puppetdb | Puppet Server and PuppetDB provide useful performance and debugging information via their metrics API endpoints. For PuppetDB this may contain things like hostnames. Puppet Server reports resource names and titles for defined types (which may contain sensitive information) as well as function names and class names. Previously, these endpoints were open to the local network. PE 2018.1.13 & 2019.4.0, Puppet Server 6.9.1 & 5.3.12, and PuppetDB 6.9.1 & 5.2.13 disable trapperkeeper-metrics /v1 metrics API and only allows /v2 access on localhost by default. This affects Puppet Enterprise 2018.1.x stream prior to 2018.1.13, and prior to 2019.4.0; Puppet Server prior to 6.9.1, and prior to 5.3.12; PuppetDB prior to 6.9.1, and prior to 5.2.13. | 2020-03-11 | not yet calculated | CVE-2020-7943 CONFIRM |
| qcms -- qcms | An arbitrary file read vulnerability exists in system/controller/backend/template.php in QCMS v3.0.1. | 2020-03-14 | not yet calculated | CVE-2020-10578 MISC |
| querymen -- querymen | querymen prior to 2.1.4 allows modification of object properties. The parameters of exported function handler(type, name, fn) can be controlled by users without any sanitization. This could be abused for Prototype Pollution attacks. | 2020-03-12 | not yet calculated | CVE-2020-7600 MISC MISC |
| responsive_filemanager -- responsive_filemanager | An issue was discovered in Responsive Filemanager through 9.14.0. In the ajax_calls.php file in the save_img action in the name parameter, there is no validation of what kind of extension is sent. This makes it possible to execute PHP code if a legitimate JPEG image contains this code in the EXIF data, and the .php extension is used in the name parameter. (A potential fast patch is to disable the save_img action in the config file.) | 2020-03-14 | not yet calculated | CVE-2020-10567 MISC |
| ricoh -- sp_c250dn_devices | Ricoh SP C250DN 1.05 devices have an Authentication Method Vulnerable to Brute Force Attacks. Some Ricoh printers did not implement account lockout. Therefore, it was possible to obtain the local account credentials by brute force. | 2020-03-13 | not yet calculated | CVE-2019-14299 MISC MISC |
| ricoh -- sp_c250dn_devices | Ricoh SP C250DN 1.05 devices have a fixed password. FTP service credential were found to be hardcoded within the printer firmware. This would allow to an attacker to access and read information stored on the shared FTP folders. | 2020-03-13 | not yet calculated | CVE-2019-14309 MISC MISC |
| ricoh -- sp_c250dn_devices | Ricoh SP C250DN 1.05 devices allow denial of service (issue 1 of 3). Some Ricoh printers were affected by a wrong LPD service implementation that lead to a denial of service vulnerability. | 2020-03-13 | not yet calculated | CVE-2019-14303 MISC MISC |
| ricoh -- sp_c250dn_devices | Ricoh SP C250DN 1.05 devices allow denial of service (issue 2 of 3). Unauthenticated crafted packets to the IPP service will cause a vulnerable device to crash. A memory corruption has been identified in the way of how the embedded device parsed the IPP packets | 2020-03-13 | not yet calculated | CVE-2019-14310 MISC MISC |
| safescan -- timemoto | Directory Traversal in Safescan Timemoto and TA-8000 series version 1.0 allows unauthenticated remote attackers to execute code via the administrative API. | 2020-03-13 | not yet calculated | CVE-2019-12182 MISC MISC MISC MISC |
| sapplica -- sentrifugo | A Blind SQL Injection issue was discovered in Sapplica Sentrifugo 3.2 via the index.php/holidaygroups/add id parameter because of the HolidaydatesController.php addAction function. | 2020-03-13 | not yet calculated | CVE-2020-10218 MISC EXPLOIT-DB |
| siemens -- multiple_products | A vulnerability has been identified in OpenPCS 7 V8.1 (All versions), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions), SIMATIC BATCH V8.1 (All versions), SIMATIC BATCH V8.2 (All versions), SIMATIC BATCH V9.0 (All versions), SIMATIC NET PC Software (All versions < V16 update 1), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions), SIMATIC PCS 7 V9.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions), SIMATIC WinCC (TIA Portal) V13 (All versions < V13 SP2), SIMATIC WinCC (TIA Portal) V14.0.1 (All versions), SIMATIC WinCC (TIA Portal) V15.1 (All versions), SIMATIC WinCC (TIA Portal) V16 (All versions), SIMATIC WinCC V7.3 (All versions), SIMATIC WinCC V7.4 (All versions), SIMATIC WinCC V7.5 (All versions < V7.5.1 Upd1). Through specially crafted messages, when encrypted communication is enabled, an attacker with network access could use the vulnerability to compromise the availability of the system by causing a Denial-of-Service condition. Successful exploitation requires no system privileges and no user interaction. | 2020-03-10 | not yet calculated | CVE-2019-19282 MISC |
| siemens -- s_600_series_devices | A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0), SCALANCE S612 (All versions >= V3.0), SCALANCE S623 (All versions >= V3.0), SCALANCE S627-2M (All versions >= V3.0). The integrated configuration web server of the affected devices could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed. At the stage of publishing this security advisory no public exploitation is known. The vendor has confirmed the vulnerability and provides mitigations to resolve it. | 2020-03-10 | not yet calculated | CVE-2019-6585 MISC |
| technicolor -- tc7337net_devices | Technicolor TC7337NET 08.89.17.23.03 devices allow remote attackers to discover passwords by sniffing the network for an "Authorization: Basic" HTTP header. | 2020-03-11 | not yet calculated | CVE-2020-10376 MISC |
| torpeodquery -- torpeodquery | Torpedo Query before 2.5.3 mishandles the LIKE operator in ConditionBuilder.java, LikeCondition.java, and NotLikeCondition.java. | 2020-03-12 | not yet calculated | CVE-2019-11343 MISC MISC |
| trendmicro -- password_manager_for_windows | Trend Micro Password Manager for Windows version 5.0 is affected by a DLL hijacking vulnerability would could potentially allow an attacker privleged escalation. | 2020-03-12 | not yet calculated | CVE-2020-8469 N/A |
unicode -- international_components_for_unicode_for_c/c++ | An issue was discovered in International Components for Unicode (ICU) for C/C++ through 66.1. An integer overflow, leading to a heap-based buffer overflow, exists in the UnicodeString::doAppend() function in common/unistr.cpp. | 2020-03-12 | not yet calculated | CVE-2020-10531 REDHAT MISC MISC MISC MISC MISC GENTOO MISC |
| untis -- webuntis | Untis WebUntis before 2020.9.6 allows CSRF for certain combinations of rights and modules. | 2020-03-13 | not yet calculated | CVE-2020-10540 MISC |
| vesta -- vesta_control_panel | Vesta Control Panel (VestaCP) 0.9.7 through 0.9.8-23 is vulnerable to an authenticated command execution that can result in remote root access on the server. The platform works with PHP as the frontend language and uses shell scripts to execute system actions. PHP executes shell script through the dangerous command exec. This function can be dangerous if arguments passed to it are not filtered. Every user input in VestaCP that is used as an argument is filtered with the escapeshellarg function. This function comes from the PHP library directly and its description is as follows: "escapeshellarg() adds single quotes around a string and quotes/escapes any existing single quotes allowing you to pass a string directly to a shell function and having it be treated as a single safe argument." It means that if you give Username, it will have 'Username' as a replacement. This works well and protects users from exploiting this potentially dangerous exec function. Unfortunately, VestaCP uses this escapeshellarg function incorrectly in several places. | 2020-03-10 | not yet calculated | CVE-2019-9859 MISC |
| wago -- e!cockpit | A hard-coded encryption key vulnerability exists in the authentication functionality of WAGO e!Cockpit version 1.5.1.1. An attacker with access to communications between e!Cockpit and CoDeSyS Gateway can trivially recover the password of any user attempting to log in, in plain text. | 2020-03-11 | not yet calculated | CVE-2019-5106 MISC |
| wago -- e!cockpit | An exploitable firmware downgrade vulnerability exists in the firmware update package functionality of the WAGO e!COCKPIT automation software v1.6.1.5. A specially crafted firmware update file can allow an attacker to install an older firmware version while the user thinks a newer firmware version is being installed. An attacker can create a custom firmware update package with invalid metadata in order to trigger this vulnerability. | 2020-03-11 | not yet calculated | CVE-2019-5158 MISC |
| wago -- e!cockpit | An exploitable improper input validation vulnerability exists in the firmware update functionality of WAGO e!COCKPIT automation software v1.6.0.7. A specially crafted firmware update file can allow an attacker to write arbitrary files to arbitrary locations on WAGO controllers as a part of executing a firmware update, potentially resulting in code execution. An attacker can create a malicious firmware update package file using any zip utility. The user must initiate a firmware update through e!COCKPIT and choose the malicious wup file using the file browser to trigger the vulnerability. | 2020-03-11 | not yet calculated | CVE-2019-5159 MISC |
| wago -- pfc100_and_pfc200_devices | An exploitable timing discrepancy vulnerability exists in the authentication functionality of the Web-Based Management (WBM) web application on WAGO PFC100/200 controllers. The WBM application makes use of the PHP crypt() function which can be exploited to disclose hashed user credentials. This affects WAGO PFC200 Firmware version 03.00.39(12) and version 03.01.07(13), and WAGO PFC100 Firmware version 03.00.39(12). | 2020-03-11 | not yet calculated | CVE-2019-5135 MISC |
| wago -- pfc200_devices | An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1e9fc the extracted subnetmask value from the xml file is used as an argument to /etc/config-tools/config_interfaces interface=X1 state=enabled subnet-mask=<contents of subnetmask node> using sprintf(). This command is later executed via a call to system(). | 2020-03-11 | not yet calculated | CVE-2019-5174 MISC |
| wago -- pfc200_devices | An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1e9fc the extracted state value from the xml file is used as an argument to /etc/config-tools/config_interfaces interface=X1 state=<contents of state node> using sprintf(). This command is later executed via a call to system(). | 2020-03-11 | not yet calculated | CVE-2019-5173 MISC |
| wago -- pfc200_devices | An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1e87c the extracted hostname value from the xml file is used as an argument to /etc/config-tools/change_hostname hostname=<contents of hostname node> using sprintf(). This command is later executed via a call to system(). | 2020-03-12 | not yet calculated | CVE-2019-5170 MISC |
| wago -- pfc200_devices | An exploitable regular expression without anchors vulnerability exists in the Web-Based Management (WBM) authentication functionality of WAGO PFC200 versions 03.00.39(12) and 03.01.07(13), and WAGO PFC100 version 03.00.39(12). A specially crafted authentication request can bypass regular expression filters, resulting in sensitive information disclosure. | 2020-03-11 | not yet calculated | CVE-2019-5134 MISC |
| wago -- pfc200_devices | An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file.At 0x1ea28 the extracted type value from the xml file is used as an argument to /etc/config-tools/config_interfaces interface=X1 state=enabled config-type=<contents of type node> using sprintf(). This command is later executed via a call to system(). | 2020-03-11 | not yet calculated | CVE-2019-5175 MISC |
| wago -- pfc200_devices | An exploitable command injection vulnerability exists in the cloud connectivity functionality of WAGO PFC200 versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). An attacker can inject operating system commands into the TimeoutPrepared parameter value contained in the firmware update command. | 2020-03-11 | not yet calculated | CVE-2019-5156 MISC |
| wago -- pfc200_devices | An exploitable command injection vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). An attacker can inject OS commands into the TimeoutUnconfirmed parameter value contained in the Firmware Update command. | 2020-03-11 | not yet calculated | CVE-2019-5157 MISC |
| wago -- pfc200_devices | An exploitable stack buffer overflow vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in code execution. An attacker can send a specially crafted packet to trigger the parsing of this cache file. | 2020-03-11 | not yet calculated | CVE-2019-5166 MISC |
| wago -- pfc200_devices | An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to inject OS commands. An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1e900 the extracted gateway value from the xml file is used as an argument to /etc/config-tools/config_default_gateway number=0 state=enabled value=<contents of gateway node> using sprintf(). This command is later executed via a call to system(). | 2020-03-12 | not yet calculated | CVE-2019-5169 MISC |
| wago -- pfc200_devices | An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send specially crafted packet at 0x1ea48 to the extracted hostname value from the xml file that is used as an argument to /etc/config-tools/config_interfaces interface=X1 state=enabled ip-address=<contents of ip node> using sprintf(). | 2020-03-12 | not yet calculated | CVE-2019-5171 MISC |
| wago -- pfc200_devices | An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in code execution. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is overflowed with the call to sprintf() for any subnetmask values that are greater than 1024-len(‘/etc/config-tools/config_interfaces interface=X1 state=enabled subnet-mask=‘) in length. A subnetmask value of length 0x3d9 will cause the service to crash. | 2020-03-12 | not yet calculated | CVE-2019-5181 MISC |
| wago -- pfc200_devices | An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. At 0x1e840 the extracted ntp value from the xml file is used as an argument to /etc/config-tools/config_sntp time-server-%d=<contents of ntp node> using sprintf(). This command is later executed via a call to system(). This is done in a loop and there is no limit to how many ntp entries will be parsed from the xml file. | 2020-03-11 | not yet calculated | CVE-2019-5172 MISC |
| wago -- pfc200_devices | An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x40 is overflowed with the call to sprintf() for any gateway values that are greater than 512-len(‘/etc/config-tools/config_default_gateway number=0 state=enabled value=‘) in length. A gateway value of length 0x7e2 will cause the service to crash. | 2020-03-12 | not yet calculated | CVE-2019-5176 MISC |
| wago -- pfc200_devices | An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. | 2020-03-12 | not yet calculated | CVE-2019-5179 MISC |
| wago -- pfc200_devices | An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is overflowed with the call to sprintf() for any hostname values that are greater than 1024-len(‘/etc/config-tools/change_hostname hostname=‘) in length. A hostname value of length 0x3fd will cause the service to crash. | 2020-03-12 | not yet calculated | CVE-2019-5178 MISC |
| wago -- pfc200_devices | An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is overflowed with the call to sprintf() for any ip values that are greater than 1024-len(‘/etc/config-tools/config_interfaces interface=X1 state=enabled ip-address=‘) in length. A ip value of length 0x3da will cause the service to crash. | 2020-03-12 | not yet calculated | CVE-2019-5180 MISC |
| wago -- pfc200_devices | An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file.The destination buffer sp+0x440 is overflowed with the call to sprintf() for any type values that are greater than 1024-len(‘/etc/config-tools/config_interfaces interface=X1 state=enabled config-type=‘) in length. A type value of length 0x3d9 will cause the service to crash. | 2020-03-11 | not yet calculated | CVE-2019-5182 MISC |
| wago -- pfc200_devices | An exploitable command injection vulnerability exists in the cloud connectivity feature of WAGO PFC200. An attacker can inject operating system commands into any of the parameter values contained in the firmware update command. This affects WAGO PFC200 Firmware version 03.02.02(14), version 03.01.07(13), and version 03.00.39(12) | 2020-03-11 | not yet calculated | CVE-2019-5155 MISC |
| watchguard -- fireware | The AD Helper component in WatchGuard Fireware before 5.8.5.10317 allows remote attackers to discover cleartext passwords via the /domains/list URI. | 2020-03-12 | not yet calculated | CVE-2020-10532 MISC MISC |
| wordpress -- wordpress | controllers/quizzes.php in the Kiboko Chained Quiz plugin before 1.0.9 for WordPress allows remote unauthenticated users to execute arbitrary SQL commands via the 'answer' and 'answers' parameters. | 2020-03-10 | not yet calculated | CVE-2018-14502 MISC MISC |
| wordpress -- wordpress | The sitepress-multilingual-cms (WPML) plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of requests that leverage unintended comparisons of integers to strings. | 2020-03-14 | not yet calculated | CVE-2020-10568 MISC MISC |
| wordpress -- wordpress | The popup-builder plugin before 3.64.1 for WordPress allows information disclosure and settings modification, leading to in-scope privilege escalation via admin-post actions to com/classes/Actions.php. By sending a POST request to wp-admin/admin-post.php, an authenticated attacker with minimal (subscriber-level) permissions can modify the plugin's settings to allow arbitrary roles (including subscribers) access to plugin functionality by setting the action parameter to sgpbSaveSettings, export a list of current newsletter subscribers by setting the action parameter to csv_file, or obtain system configuration information including webserver configuration and a list of installed plugins by setting the action parameter to sgpb_system_info. | 2020-03-13 | not yet calculated | CVE-2020-10195 MISC MISC |
| wordpress -- wordpress | An XSS vulnerability in the popup-builder plugin before 3.64.1 for WordPress allows remote attackers to inject arbitrary JavaScript into existing popups via an unsecured ajax action in com/classes/Ajax.php. It is possible for an unauthenticated attacker to insert malicious JavaScript in several of the popup's fields by sending a request to wp-admin/admin-ajax.php with the POST action parameter of sgpb_autosave and including additional data in an allPopupData parameter, including the popup's ID (which is visible in the source of the page in which the popup is inserted) and arbitrary JavaScript which will then be executed in the browsers of visitors to that page. Because the plugin functionality automatically adds script tags to data entered into these fields, this injection will typically bypass most WAF applications. | 2020-03-13 | not yet calculated | CVE-2020-10196 MISC MISC |
| wordpress -- wordpress | An issue was discovered in the File Upload plugin before 4.13.0 for WordPress. A directory traversal can lead to remote code execution by uploading a crafted txt file into the lib directory, because of a wfu_include_lib call. | 2020-03-13 | not yet calculated | CVE-2020-10564 MISC MISC MISC |
| xerox -- phaser_3320_printers | Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement account lockout. Local account credentials may be extracted from the device via brute force guessing attacks. | 2020-03-13 | not yet calculated | CVE-2019-13166 MISC MISC |
| xerox -- phaser_3320_printers | Multiple Stored XSS vulnerabilities were found in the Xerox Web Application, used by the Phaser 3320 V53.006.16.000 and other printers. Successful exploitation of this vulnerability can lead to session hijacking of the administrator in the web application or the execution of unwanted actions. | 2020-03-13 | not yet calculated | CVE-2019-13167 MISC MISC |
| xerox -- phaser_3320_printers | Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Content-Type HTTP Header of the web application that would allow an attacker to execute arbitrary code on the device. | 2020-03-13 | not yet calculated | CVE-2019-13169 MISC MISC |
| xerox -- phaser_3320_printers | Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the Authentication Cookie of the web application that would allow an attacker to execute arbitrary code on the device. | 2020-03-13 | not yet calculated | CVE-2019-13172 MISC MISC |
| xerox -- phaser_3320_printers | Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by one or more stack-based buffer overflow vulnerabilities in the Google Cloud Print implementation that would allow an unauthenticated attacker to execute arbitrary code on the device. This was caused by an insecure handling of the register parameters, because the size used within a memcpy() function, which copied the action value into a local variable, was not checked properly. | 2020-03-13 | not yet calculated | CVE-2019-13171 MISC MISC |
| xerox -- phaser_3320_printers | Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the request parser of the IPP service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS) and potentially execute arbitrary code on the device. | 2020-03-13 | not yet calculated | CVE-2019-13165 MISC MISC |
| xerox -- phaser_3320_printers | Some Xerox printers (such as the Phaser 3320 V53.006.16.000) did not implement any mechanism to avoid CSRF attacks. Successful exploitation of this vulnerability can lead to the takeover of a local account on the device. | 2020-03-13 | not yet calculated | CVE-2019-13170 MISC MISC |
| xerox -- phaser_3320_printers | Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the attributes parser of the IPP service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS) and potentially execute arbitrary code on the device. | 2020-03-13 | not yet calculated | CVE-2019-13168 MISC MISC |
| yii2cmf -- yii2cmf | yidashi yii2cmf 2.0 has XSS via the /search q parameter. | 2020-03-12 | not yet calculated | CVE-2018-10704 MISC MISC |
| zoho -- managenegine_opmanager | Zoho ManageEngine OpManager before 12.4.179 allows remote code execution via a specially crafted Mail Server Settings v1 API request. This was fixed in 12.5.108. | 2020-03-13 | not yet calculated | CVE-2020-10541 MISC |
| zoho -- managengine_applications_manager | Zoho ManageEngine Applications Manager 14590 and before allows a remote unauthenticated attacker to disclose license related information via WieldFeedServlet servlet | 2020-03-13 | not yet calculated | CVE-2019-19799 MISC MISC |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.