Search
Total
753 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-7725 | 1 Guidesmiths | 1 Worksmith | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package worksmith are vulnerable to Prototype Pollution via the setValue function. | |||||
| CVE-2020-7717 | 1 Dot-notes Project | 1 Dot-notes | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package dot-notes are vulnerable to Prototype Pollution via the create function. | |||||
| CVE-2020-24753 | 1 Objective Open Cbor Run-time Project | 1 Objective Open Cbor Run-time | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption vulnerability in Objective Open CBOR Run-time (oocborrt) in versions before 2020-08-12 could allow an attacker to execute code via crafted Concise Binary Object Representation (CBOR) input to the cbor2json decoder. An uncaught error while decoding CBOR Major Type 3 text strings leads to the use of an attacker-controllable uninitialized stack value. This can be used to modify memory, causing a crash or potentially exploitable heap corruption. | |||||
| CVE-2019-17426 | 1 Mongoosejs | 1 Mongoose | 2021-07-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| Automattic Mongoose through 5.7.4 allows attackers to bypass access control (in some applications) because any query object with a _bsontype attribute is ignored. For example, adding "_bsontype":"a" can sometimes interfere with a query filter. NOTE: this CVE is about Mongoose's failure to work around this _bsontype special case that exists in older versions of the bson parser (aka the mongodb/js-bson project). | |||||
| CVE-2020-12079 | 1 Beakerbrowser | 1 Beaker | 2021-07-21 | 7.5 HIGH | 10.0 CRITICAL |
| Beaker before 0.8.9 allows a sandbox escape, enabling system access and code execution. This occurs because Electron context isolation is not used, and therefore an attacker can conduct a prototype-pollution attack against the Electron internal messaging API. | |||||
| CVE-2019-3463 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands. | |||||
| CVE-2019-9659 | 2 Chuango, Eminent | 22 A11 Pstn\/lcd\/rfid Touch Alarm System, A11 Pstn\/lcd\/rfid Touch Alarm System Firmware, A8 Pstn Alarm System and 19 more | 2021-07-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| The Chuango 433 MHz burglar-alarm product line uses static codes in the RF remote control, allowing an attacker to arm, disarm, or trigger the alarm remotely via replay attacks, as demonstrated by Chuango branded products, and non-Chuango branded products such as the Eminent EM8617 OV2 Wifi Alarm System. | |||||
| CVE-2019-3476 | 1 Microfocus | 1 Data Protector | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Remote arbitrary code execution in Micro Focus Data Protector, version 10.03 this vulnerability could allow remote arbitrary code execution. | |||||
| CVE-2019-10844 | 1 Sony | 1 Neural Network Libraries | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| nbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries (aka nnabla) through v1.0.14 relies on the HOME environment variable, which might be untrusted. | |||||
| CVE-2019-5160 | 1 Wago | 2 Pfc200, Pfc200 Firmware | 2021-07-21 | 6.5 MEDIUM | 9.1 CRITICAL |
| An exploitable improper host validation vulnerability exists in the Cloud Connectivity functionality of WAGO PFC200 Firmware versions 03.02.02(14), 03.01.07(13), and 03.00.39(12). A specially crafted HTTPS POST request can cause the software to connect to an unauthorized host, resulting in unauthorized access to firmware update functionality. An attacker can send an authenticated HTTPS POST request to direct the Cloud Connectivity software to connect to an attacker controlled Azure IoT Hub node. | |||||
| CVE-2019-20780 | 1 Google | 1 Android | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, and 8.1 software. Certain security settings, related to whether packages are verified and accepted only from known sources, are mishandled. The LG ID is LVE-SMP-190002 (April 2019). | |||||
| CVE-2019-18939 | 2 Eq-3, Hm-print Project | 5 Homematic Ccu2, Homematic Ccu2 Firmware, Homematic Ccu3 and 2 more | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| eQ-3 Homematic CCU2 2.47.20 and CCU3 3.47.18 with the HM-Print AddOn through 1.2a installed allow Remote Code Execution by unauthenticated attackers with access to the web interface via the exec.cgi and exec1.cgi scripts, which execute TCL script content from an HTTP POST request. | |||||
| CVE-2020-10180 | 1 Eset | 5 Cyber Security, Mobile Security, Nod32 Antivirus and 2 more | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux Desktop. | |||||
| CVE-2019-9115 | 1 Irisnet | 1 Irisnet-crypto | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| In irisnet-crypto before 1.1.7 for IRISnet, the util/utils.js file allows code execution because of unsafe eval usage. | |||||
| CVE-2020-7715 | 1 Deep-get-set Project | 1 Deep-get-set | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package deep-get-set are vulnerable to Prototype Pollution via the main function. | |||||
| CVE-2019-9927 | 1 Caret | 1 Caret | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Caret before 2019-02-22 allows Remote Code Execution. | |||||
| CVE-2020-0609 | 1 Microsoft | 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0610. | |||||
| CVE-2019-16915 | 1 Netgate | 1 Pfsense | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in pfSense through 2.4.4-p3. widgets/widgets/picture.widget.php uses the widgetkey parameter directly without sanitization (e.g., a basename call) for a pathname to file_get_contents or file_put_contents. | |||||
| CVE-2020-12274 | 1 Testlink | 1 Testlink | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| In TestLink 1.9.20, the lib/cfields/cfieldsExport.php goback_url parameter causes a security risk because it depends on client input and is not constrained to lib/cfields/cfieldsView.php at the web site associated with the session. | |||||
| CVE-2020-11896 | 1 Treck | 1 Tcp\/ip | 2021-07-21 | 9.3 HIGH | 10.0 CRITICAL |
| The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. | |||||
| CVE-2020-6948 | 1 Hashbrowncms | 1 Hashbrown Cms | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| A remote code execution issue was discovered in HashBrown CMS through 1.3.3. Server/Entity/Deployer/GitDeployer.js has a Service.AppService.exec call that mishandles the URL, repository, username, and password. | |||||
| CVE-2019-18370 | 1 Mi | 2 Millet Router 3g, Millet Router 3g Firmware | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The backup file is in tar.gz format. After uploading, the application uses the tar zxf command to decompress, so one can control the contents of the files in the decompressed directory. In addition, the application's sh script for testing upload and download speeds reads a URL list from /tmp/speedtest_urls.xml, and there is a command injection vulnerability, as demonstrated by api/xqnetdetect/netspeed. | |||||
| CVE-2020-7673 | 1 Node-extend Project | 1 Node-extend | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. User input provided to the argument `A` of `extend` function`(A,B,as,isAargs)` located within `lib/extend.js` is executed by the `eval` function, resulting in code execution. | |||||
| CVE-2020-7714 | 1 Realseriousgames | 1 Confucious | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package confucious are vulnerable to Prototype Pollution via the set function. | |||||
| CVE-2020-11975 | 1 Apache | 1 Unomi | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| Apache Unomi allows conditions to use OGNL scripting which offers the possibility to call static Java classes from the JDK that could execute code with the permission level of the running Java process. | |||||
| CVE-2019-1010149 | 1 Zzcms | 1 Zzcms | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| zzcms version 8.3 and earlier is affected by: File Delete to Code Execution. The impact is: zzcms File Delete to Code Execution. The component is: user/licence_save.php. | |||||
| CVE-2020-7721 | 1 Node-oojs Project | 1 Node-oojs | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package node-oojs are vulnerable to Prototype Pollution via the setPath function. | |||||
| CVE-2019-16759 | 1 Vbulletin | 1 Vbulletin | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request. | |||||
| CVE-2020-0610 | 1 Microsoft | 3 Windows Server 2012, Windows Server 2016, Windows Server 2019 | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0609. | |||||
| CVE-2019-20478 | 1 Ruamel.yaml Project | 1 Ruamel.yaml | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| In ruamel.yaml through 0.16.7, the load method allows remote code execution if the application calls this method with an untrusted argument. In other words, this issue affects developers who are unaware of the need to use methods such as safe_load in these use cases. | |||||
| CVE-2019-9791 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| The type inference system allows the compilation of functions that can cause type confusions between arbitrary objects when compiled through the IonMonkey just-in-time (JIT) compiler and when the constructor function is entered through on-stack replacement (OSR). This allows for possible arbitrary reading and writing of objects during an exploitable crash. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66. | |||||
| CVE-2020-12106 | 1 Stengg | 2 Vpncrypt M10, Vpncrypt M10 Firmware | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Administrator account or connect the product to a rogue access point. | |||||
| CVE-2020-8598 | 1 Trendmicro | 3 Apex One, Officescan, Worry-free Business Security | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. Authentication is not required to exploit this vulnerability. | |||||
| CVE-2020-3794 | 1 Adobe | 1 Coldfusion | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| ColdFusion versions ColdFusion 2016, and ColdFusion 2018 have a file inclusion vulnerability. Successful exploitation could lead to arbitrary code execution of files located in the webroot or its subdirectory. | |||||
| CVE-2020-7713 | 1 Arr-flatten-unflatten Project | 1 Arr-flatten-unflatten | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package arr-flatten-unflatten are vulnerable to Prototype Pollution via the constructor. | |||||
| CVE-2019-17132 | 1 Vbulletin | 1 Vbulletin | 2021-07-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| vBulletin through 5.5.4 mishandles custom avatars. | |||||
| CVE-2020-28271 | 1 Deephas Project | 1 Deephas | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution. | |||||
| CVE-2019-9750 | 1 Iotivity | 1 Iotivity | 2021-07-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. The reflected traffic is 6 times bigger than spoofed requests. This occurs because the construction of a "4.01 Unauthorized" response is mishandled. NOTE: the vendor states "While this is an interesting attack, there is no plan for maintainer to fix, as we are migrating to IoTivity Lite." | |||||
| CVE-2019-8756 | 1 Apple | 5 Icloud, Itunes, Mac Os X and 2 more | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2. | |||||
| CVE-2020-0796 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2021-07-21 | 7.5 HIGH | 10.0 CRITICAL |
| A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'. | |||||
| CVE-2020-25614 | 1 Xmlquery Project | 1 Xmlquery | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| xmlquery before 1.3.1 lacks a check for whether a LoadURL response is in the XML format, which allows attackers to cause a denial of service (SIGSEGV) at xmlquery.(*Node).InnerText or possibly have unspecified other impact. | |||||
| CVE-2019-6203 | 1 Apple | 3 Iphone Os, Mac Os X, Tvos | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| A logic issue was addressed with improved state management. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2. An attacker in a privileged network position may be able to intercept network traffic. | |||||
| CVE-2020-11901 | 1 Treck | 1 Tcp\/ip | 2021-07-21 | 9.3 HIGH | 9.0 CRITICAL |
| The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response. | |||||
| CVE-2019-3980 | 1 Solarwinds | 1 Dameware Mini Remote Control | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication which can allow a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable run under the Local System account. | |||||
| CVE-2019-3464 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands. | |||||
| CVE-2020-3943 | 2 Microsoft, Vmware | 2 Windows, Vrealize Operations | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service which is not securely configured. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to execute arbitrary code in vRealize Operations. | |||||
| CVE-2019-16871 | 1 Beckhoff | 1 Twincat | 2021-07-21 | 9.3 HIGH | 9.8 CRITICAL |
| Beckhoff Embedded Windows PLCs through 3.1.4024.0, and Beckhoff Twincat on Windows Engineering stations, allow an attacker to achieve Remote Code Execution (as SYSTEM) via the Beckhoff ADS protocol. | |||||
| CVE-2019-9794 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability was discovered where specific command line arguments are not properly discarded during Firefox invocation as a shell handler for URLs. This could be used to retrieve and execute files whose location is supplied through these command line arguments if Firefox is configured as the default URI handler for a given URI scheme in third party applications and these applications insufficiently sanitize URL data. *Note: This issue only affects Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Thunderbird < 60.6, Firefox ESR < 60.6, and Firefox < 66. | |||||
| CVE-2020-11548 | 1 Search Meter Project | 1 Search Meter | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. The attacker could achieve remote code execution via CSV injection if a wp-admin/index.php?page=search-meter Export is performed. | |||||
| CVE-2020-7726 | 1 Safe-object2 Project | 1 Safe-object2 | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package safe-object2 are vulnerable to Prototype Pollution via the setter function. | |||||