Search
Total
2662 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-23131 | 1 Joomla | 1 Joomla\! | 2021-03-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Joomla! 3.2.0 through 3.9.24. Missing input validation within the template manager. | |||||
| CVE-2020-15978 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Android and 2 more | 2021-03-05 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient data validation in navigation in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. | |||||
| CVE-2019-19942 | 1 Swisscom | 3 Centro Business, Centro Grande, Centro Grande Firmware | 2021-03-04 | 5.0 MEDIUM | 7.5 HIGH |
| Missing output sanitation in Swisscom Centro Grande Centro Grande before 6.16.12, Centro Business 1.0 (ADB) before 7.10.18, and Centro Business 2.0 before 8.02.04 allows a remote attacker to perform DNS spoofing against the web interface via crafted hostnames in DHCP requests. | |||||
| CVE-2020-24453 | 1 Intel | 1 Epid Software Development Kit | 2021-02-23 | 4.6 MEDIUM | 7.8 HIGH |
| Improper input validation in the Intel(R) EPID SDK before version 8, may allow an authenticated user to potentially enable an escalation of privilege via local access. | |||||
| CVE-2020-7849 | 2 Microsoft, Uprism | 2 Windows, Curix | 2021-02-23 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability of uPrism.io CURIX(Video conferecing solution) could allow an unauthenticated attacker to execute arbitrary code. This vulnerability is due to insufficient input(server domain) validation. An attacker could exploit this vulnerability through crafted URL. | |||||
| CVE-2020-12385 | 1 Intel | 1 Graphics Drivers | 2021-02-22 | 4.6 MEDIUM | 7.8 HIGH |
| Improper input validation in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-12377 | 1 Intel | 48 Bmc Firmware, Hns2600bpb, Hns2600bpb24 and 45 more | 2021-02-22 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient input validation in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-12366 | 1 Intel | 1 Graphics Drivers | 2021-02-22 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficient input validation in some Intel(R) Graphics Drivers before version 27.20.100.8587 may allow a privileged user to potentially enable an escalation of privilege via local access. | |||||
| CVE-2021-27179 | 1 Fiberhome | 2 Hg6245d, Hg6245d Firmware | 2021-02-12 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on FiberHome HG6245D devices through RP2613. It is possible to crash the telnet daemon by sending a certain 0a 65 6e 61 62 6c 65 0a 02 0a 1a 0a string. | |||||
| CVE-2019-12520 | 3 Canonical, Debian, Squid-cache | 3 Ubuntu Linux, Debian Linux, Squid | 2021-02-11 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Squid through 4.7 and 5. When receiving a request, Squid checks its cache to see if it can serve up a response. It does this by making a MD5 hash of the absolute URL of the request. If found, it servers the request. The absolute URL can include the decoded UserInfo (username and password) for certain protocols. This decoded info is prepended to the domain. This allows an attacker to provide a username that has special characters to delimit the domain, and treat the rest of the URL as a path or query string. An attacker could first make a request to their domain using an encoded username, then when a request for the target domain comes in that decodes to the exact URL, it will serve the attacker's HTML instead of the real HTML. On Squid servers that also act as reverse proxies, this allows an attacker to gain access to features that only reverse proxies can use, such as ESI. | |||||
| CVE-2020-9430 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2021-02-09 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field. | |||||
| CVE-2020-15694 | 1 Nim-lang | 1 Nim | 2021-02-08 | 5.0 MEDIUM | 7.5 HIGH |
| In Nim 1.2.4, the standard library httpClient fails to properly validate the server response. For example, httpClient.get().contentLength() does not raise any error if a malicious server provides a negative Content-Length. | |||||
| CVE-2019-0070 | 1 Juniper | 3 Junos, Nfx150, Nfx250 | 2021-02-05 | 7.2 HIGH | 8.8 HIGH |
| An Improper Input Validation weakness allows a malicious local attacker to elevate their permissions to take control of other portions of the NFX platform they should not be able to access, and execute commands outside their authorized scope of control. This leads to the attacker being able to take control of the entire system. This issue affects: Juniper Networks Junos OS versions prior to 18.2R1 on NFX Series. | |||||
| CVE-2021-3176 | 1 Mitel | 1 Businesscti Enterprise | 2021-02-05 | 6.0 MEDIUM | 8.0 HIGH |
| The chat window of the Mitel BusinessCTI Enterprise (MBC-E) Client for Windows before 6.4.15 and 7.x before 7.1.2 could allow an attacker to gain access to user information by sending certain code, due to improper input validation of http links. A successful exploit could allow an attacker to view user information and application data. | |||||
| CVE-2020-27828 | 2 Fedoraproject, Jasper Project | 2 Fedora, Jasper | 2021-02-03 | 6.8 MEDIUM | 7.8 HIGH |
| There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availability. | |||||
| CVE-2021-1139 | 1 Cisco | 1 Smart Software Manager Satellite | 2021-01-29 | 9.0 HIGH | 8.8 HIGH |
| Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-1141 | 1 Cisco | 1 Smart Software Manager Satellite | 2021-01-29 | 9.0 HIGH | 8.8 HIGH |
| Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2021-1299 | 1 Cisco | 12 Sd-wan Firmware, Sd-wan Vbond Orchestrator, Sd-wan Vmanage and 9 more | 2021-01-27 | 9.0 HIGH | 8.8 HIGH |
| Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to perform command injection attacks against an affected device, which could allow the attacker to take certain actions with root privileges on the device. For more information about these vulnerabilities, see the Details section of this advisory. | |||||
| CVE-2020-25275 | 2 Debian, Dovecot | 2 Debian Linux, Dovecot | 2021-01-20 | 5.0 MEDIUM | 7.5 HIGH |
| Dovecot before 2.3.13 has Improper Input Validation in lda, lmtp, and imap, leading to an application crash via a crafted email message with certain choices for ten thousand MIME parts. | |||||
| CVE-2021-21605 | 1 Jenkins | 1 Jenkins | 2021-01-19 | 6.0 MEDIUM | 8.0 HIGH |
| Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure permission to choose agent names that cause Jenkins to override the global `config.xml` file. | |||||
| CVE-2021-1060 | 7 Citrix, Linux, Microsoft and 4 more | 7 Hypervisor, Linux Kernel, Windows and 4 more | 2021-01-14 | 3.6 LOW | 7.1 HIGH |
| NVIDIA vGPU software contains a vulnerability in the guest kernel mode driver and vGPU plugin, in which an input index is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). | |||||
| CVE-2021-0313 | 1 Google | 1 Android | 2021-01-13 | 7.8 HIGH | 7.5 HIGH |
| In isWordBreakAfter of LayoutUtils.cpp, there is a possible way to slow or crash a TextView due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-9, Android-10, Android-11, Android-8.0, Android-8.1; Android ID: A-170968514. | |||||
| CVE-2021-1065 | 5 Citrix, Nutanix, Nvidia and 2 more | 5 Hypervisor, Ahv, Virtual Gpu Manager and 2 more | 2021-01-11 | 3.6 LOW | 7.1 HIGH |
| NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which input data is not validated, which may lead to tampering of data or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3). | |||||
| CVE-2018-25002 | 1 Sunhater | 1 Kcfinder | 2021-01-11 | 6.5 MEDIUM | 8.8 HIGH |
| uploader.php in the KCFinder integration project through 2018-06-01 for Drupal mishandles validation, aka SA-CONTRIB-2018-024. NOTE: This project is not covered by Drupal's security advisory policy. | |||||
| CVE-2016-6433 | 1 Cisco | 1 Firepower Management Center | 2021-01-05 | 9.0 HIGH | 8.8 HIGH |
| The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872. | |||||
| CVE-2017-14169 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2021-01-04 | 6.8 MEDIUM | 8.8 HIGH |
| In the mxf_read_primer_pack function in libavformat/mxfdec.c in FFmpeg 3.3.3 -> 2.4, an integer signedness error might occur when a crafted file, which claims a large "item_num" field such as 0xffffffff, is provided. As a result, the variable "item_num" turns negative, bypassing the check for a large value. | |||||
| CVE-2020-35616 | 1 Joomla | 1 Joomla\! | 2020-12-30 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations. | |||||
| CVE-2019-11781 | 1 Odoo | 1 Odoo | 2020-12-23 | 6.8 MEDIUM | 8.8 HIGH |
| Improper input validation in portal component in Odoo Community 12.0 and earlier and Odoo Enterprise 12.0 and earlier, allows remote attackers to trick victims into modifying their account via crafted links, leading to privilege escalation. | |||||
| CVE-2020-7838 | 2 Microsoft, Onstove | 2 Windows, Stove | 2020-12-21 | 6.8 MEDIUM | 8.8 HIGH |
| A arbitrary code execution vulnerability exists in the way that the Stove client improperly validates input value. An attacker could execute arbitrary code when the user access to crafted web page. This issue affects: Smilegate STOVE Client 0.0.4.72. | |||||
| CVE-2020-27154 | 1 Mitel | 1 Businesscti Enterprise | 2020-12-21 | 6.5 MEDIUM | 8.8 HIGH |
| The chat window of Mitel BusinessCTI Enterprise (MBC-E) Client for Windows before 6.4.11 and 7.x before 7.0.3 could allow an attacker to gain access to user information by sending arbitrary code, due to improper input validation. A successful exploit could allow an attacker to view the user information and application data. | |||||
| CVE-2020-25195 | 1 Hosteng | 6 H0-ecom100, H0-ecom100 Firmware, H2-ecom100 and 3 more | 2020-12-18 | 7.8 HIGH | 7.5 HIGH |
| The length of the input fields of Host Engineering H0-ECOM100, H2-ECOM100, and H4-ECOM100 modules are verified only on the client side when receiving input from the configuration web server, which may allow an attacker to bypass the check and send input to crash the device. | |||||
| CVE-2017-14063 | 1 Asynchttpclient Project | 1 Async-http-client | 2020-12-16 | 5.0 MEDIUM | 7.5 HIGH |
| Async Http Client (aka async-http-client) before 2.0.35 can be tricked into connecting to a host different from the one extracted by java.net.URI if a '?' character occurs in a fragment identifier. Similar bugs were previously identified in cURL (CVE-2016-8624) and Oracle Java 8 java.net.URL. | |||||
| CVE-2020-17439 | 2 Contiki-os, Uip Project | 2 Contiki, Uip | 2020-12-15 | 7.5 HIGH | 8.3 HIGH |
| An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that the incoming DNS replies match outgoing DNS queries in newdata() in resolv.c. Also, arbitrary DNS replies are parsed if there was any outgoing DNS query with a transaction ID that matches the transaction ID of an incoming reply. Provided that the default DNS cache is quite small (only four records) and that the transaction ID has a very limited set of values that is quite easy to guess, this can lead to DNS cache poisoning. | |||||
| CVE-2020-26243 | 1 Nanopb Project | 1 Nanopb | 2020-12-07 | 4.3 MEDIUM | 7.5 HIGH |
| Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an oneof field contains a static submessage that contains a dynamic field, and the message being decoded contains the submessage multiple times. This is rare in normal messages, but it is a concern when untrusted data is parsed. This is fixed in versions 0.3.9.7 and 0.4.4. The following workarounds are available: 1) Set the option `no_unions` for the oneof field. This will generate fields as separate instead of C union, and avoids triggering the problematic code. 2) Set the type of the submessage field inside oneof to `FT_POINTER`. This way the whole submessage will be dynamically allocated and the problematic code is not executed. 3) Use an arena allocator for nanopb, to make sure all memory can be released afterwards. | |||||
| CVE-2020-10971 | 1 Wavlink | 6 Wl-wn530hg4, Wl-wn530hg4 Firmware, Wl-wn575a3 and 3 more | 2020-12-04 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered on Wavlink Jetstream devices where a crafted POST request can be sent to adm.cgi that will result in the execution of the supplied command if there is an active session at the same time. The POST request itself is not validated to ensure it came from the active session. Affected devices are: Wavlink WN530HG4, Wavlink WN575A3, Wavlink WN579G3,Wavlink WN531G3, Wavlink WN533A8, Wavlink WN531A6, Wavlink WN551K1, Wavlink WN535G3, Wavlink WN530H4, Wavlink WN57X93, WN572HG3, Wavlink WN578A2, Wavlink WN579G3, Wavlink WN579X3, and Jetstream AC3000/ERAC3000 | |||||
| CVE-2020-5680 | 1 Ec-cube | 1 Ec-cube | 2020-12-03 | 5.0 MEDIUM | 7.5 HIGH |
| Improper input validation vulnerability in EC-CUBE versions from 3.0.5 to 3.0.18 allows a remote attacker to cause a denial-of-service (DoS) condition via unspecified vector. | |||||
| CVE-2020-7841 | 1 Tobesoft | 1 Xplatform | 2020-12-02 | 6.8 MEDIUM | 8.8 HIGH |
| Improper input validation vulnerability exists in TOBESOFT XPLATFORM which could cause arbitrary .hta file execution when the command string is begun with http://, https://, mailto:// | |||||
| CVE-2020-14230 | 1 Hcltech | 1 Domino | 2020-12-01 | 5.0 MEDIUM | 7.5 HIGH |
| HCL Domino is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. A remote unauthenticated attacker could exploit this vulnerability using a specially-crafted email message to hang the server. Versions previous to releases 9.0.1 FP10 IF6, 10.0.1 FP5 and 11.0.1 are affected. | |||||
| CVE-2020-14234 | 1 Hcltech | 1 Domino | 2020-12-01 | 5.0 MEDIUM | 7.5 HIGH |
| HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an attacker the ability to crash the server. Versions previous to release 9.0.1 FP10 IF6 and release 10.0.1 are affected. | |||||
| CVE-2020-14258 | 1 Hcltech | 1 Notes | 2020-12-01 | 5.0 MEDIUM | 7.5 HIGH |
| HCL Notes is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. A remote unauthenticated attacker could exploit this vulnerability using a specially-crafted email message to hang the client. Versions 9, 10 and 11 are affected. | |||||
| CVE-2020-25151 | 1 Nexcom | 2 Nio 50, Nio 50 Firmware | 2020-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| The affected product does not properly validate input, which may allow an attacker to execute a denial-of-service attack on the NIO 50 (all versions). | |||||
| CVE-2020-27253 | 1 Rockwellautomation | 1 Factorytalk Linx | 2020-11-30 | 7.8 HIGH | 7.5 HIGH |
| A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device. | |||||
| CVE-2018-16723 | 1 V-secure | 1 Jingyun Antivirus | 2020-11-25 | 4.6 MEDIUM | 7.8 HIGH |
| In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12364020. | |||||
| CVE-2018-16722 | 1 V-secure | 1 Jingyun Antivirus | 2020-11-25 | 4.6 MEDIUM | 7.8 HIGH |
| In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12360094, a related issue to CVE-2018-16305. | |||||
| CVE-2018-16721 | 1 V-secure | 1 Jingyun Antivirus | 2020-11-25 | 4.6 MEDIUM | 7.8 HIGH |
| In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12360090, a related issue to CVE-2018-16306. | |||||
| CVE-2018-16720 | 1 V-secure | 1 Jingyun Antivirus | 2020-11-25 | 4.6 MEDIUM | 7.8 HIGH |
| In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x1236001c, a related issue to CVE-2018-16304. | |||||
| CVE-2018-16719 | 1 V-secure | 1 Jingyun Antivirus | 2020-11-25 | 4.6 MEDIUM | 7.8 HIGH |
| In Jingyun Antivirus v2.4.2.39, the driver file (hookbody.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00221482. | |||||
| CVE-2020-12347 | 1 Intel | 1 Data Center Manager | 2020-11-20 | 6.5 MEDIUM | 8.8 HIGH |
| Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable escalation of privilege via network access. | |||||
| CVE-2020-8268 | 1 Json8-merge-patch Project | 1 Json8-merge-patch | 2020-11-18 | 5.0 MEDIUM | 7.5 HIGH |
| Prototype pollution vulnerability in json8-merge-patch npm package < 1.0.3 may allow attackers to inject or modify methods and properties of the global object constructor. | |||||
| CVE-2016-6128 | 5 Canonical, Debian, Libgd and 2 more | 5 Ubuntu Linux, Debian Linux, Libgd and 2 more | 2020-11-16 | 5.0 MEDIUM | 7.5 HIGH |
| The gdImageCropThreshold function in gd_crop.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 7.0.9, allows remote attackers to cause a denial of service (application crash) via an invalid color index. | |||||