Search
Total
1326 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-26076 | 1 Cisco | 1 Iot Field Network Director | 2020-11-28 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to view sensitive database information on an affected device. The vulnerability is due to the absence of authentication for sensitive information. An attacker could exploit this vulnerability by sending crafted curl commands to an affected device. A successful exploit could allow the attacker to view sensitive database information on the affected device. | |||||
| CVE-2017-9512 | 1 Atlassian | 2 Crucible, Fisheye | 2020-11-25 | 5.0 MEDIUM | 7.5 HIGH |
| The mostActiveCommitters.do resource in Atlassian Fisheye and Crucible, before version 4.4.1 allows anonymous remote attackers to access sensitive information, for example email addresses of committers, as it lacked permission checks. | |||||
| CVE-2019-13314 | 1 Redhat | 1 Virt-bootstrap | 2020-11-07 | 2.1 LOW | 7.8 HIGH |
| virt-bootstrap 1.1.0 allows local users to discover a root password by listing a process, because this password may be present in the --root-password option to virt_bootstrap.py. | |||||
| CVE-2018-10583 | 5 Apache, Canonical, Debian and 2 more | 7 Openoffice, Ubuntu Linux, Debian Linux and 4 more | 2020-10-21 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document. | |||||
| CVE-2020-15235 | 1 Ractf | 1 Core | 2020-10-19 | 5.0 MEDIUM | 7.5 HIGH |
| In RACTF before commit f3dc89b, unauthenticated users are able to get the value of sensitive config keys that would normally be hidden to everyone except admins. All versions after commit f3dc89b9f6ab1544a289b3efc06699b13d63e0bd(3/10/20) are patched. | |||||
| CVE-2019-3781 | 1 Cloudfoundry | 1 Command Line Interface | 2020-10-19 | 3.5 LOW | 8.8 HIGH |
| Cloud Foundry CLI, versions prior to v6.43.0, improperly exposes passwords when verbose/trace/debugging is turned on. A local unauthenticated or remote authenticated malicious user with access to logs may gain part or all of a users password. | |||||
| CVE-2019-1653 | 1 Cisco | 4 Rv320, Rv320 Firmware, Rv325 and 1 more | 2020-10-05 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. Cisco has released firmware updates that address this vulnerability. | |||||
| CVE-2020-12777 | 1 Combodo | 1 Itop | 2020-09-25 | 5.0 MEDIUM | 7.5 HIGH |
| A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information. | |||||
| CVE-2018-17956 | 1 Opensuse | 1 Yast2-samba-provision | 2020-09-18 | 2.1 LOW | 7.8 HIGH |
| In yast2-samba-provision up to and including version 1.0.1 the password for samba shares was provided on the command line to tools used by yast2-samba-provision, allowing local attackers to read them in the process list | |||||
| CVE-2018-12923 | 1 Bwssystems | 1 Ha Bridge | 2020-09-16 | 5.0 MEDIUM | 7.5 HIGH |
| BWS Systems HA-Bridge devices allow remote attackers to obtain potentially sensitive information via a direct request for the #!/system URI. | |||||
| CVE-2018-15964 | 1 Adobe | 1 Coldfusion | 2020-09-04 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2011-3147 | 1 Openstack | 1 Nova | 2020-09-03 | 5.0 MEDIUM | 8.6 HIGH |
| Versions of nova before 2012.1 could expose hypervisor host files to a guest operating system when processing a maliciously constructed qcow filesystem. | |||||
| CVE-2017-6318 | 2 Opensuse, Sane-backends Project | 2 Leap, Sane-backends | 2020-09-01 | 5.0 MEDIUM | 7.5 HIGH |
| saned in sane-backends 1.0.25 allows remote attackers to obtain sensitive memory information via a crafted SANE_NET_CONTROL_OPTION packet. | |||||
| CVE-2019-19631 | 1 Bigswitch | 3 Big Cloud Fabric, Big Monitoring Fabric, Multi-cloud Director | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Big Switch Big Monitoring Fabric 6.2 through 6.2.4, 6.3 through 6.3.9, 7.0 through 7.0.3, and 7.1 through 7.1.3; Big Cloud Fabric 4.5 through 4.5.5, 4.7 through 4.7.7, 5.0 through 5.0.1, and 5.1 through 5.1.4; and Multi-Cloud Director through 1.1.0. A read-only user can access sensitive information via an API endpoint that reveals session cookies of authenticated administrators, leading to privilege escalation. | |||||
| CVE-2019-4140 | 1 Ibm | 1 Spectrum Protect | 2020-08-24 | 3.6 LOW | 7.1 HIGH |
| IBM Tivoli Storage Manager Server (IBM Spectrum Protect 7.1 and 8.1) could allow a local user to replace existing databases by restoring old data. IBM X-Force ID: 158336. | |||||
| CVE-2019-9126 | 1 D-link | 2 Dir-825 Rev.b, Dir-825 Rev.b Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is an information disclosure vulnerability via requests for the router_info.xml document. This will reveal the PIN code, MAC address, routing table, firmware version, update time, QOS information, LAN information, and WLAN information of the device. | |||||
| CVE-2019-15085 | 1 Prise | 1 Adas | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in PRiSE adAS 1.7.0. The current database password is embedded in the change password form. | |||||
| CVE-2018-18467 | 1 Conversations | 1 Conversations | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Daniel Gultsch Conversations 2.3.4. It is possible to spoof a custom message to an existing opened conversation by sending an intent. | |||||
| CVE-2018-12318 | 1 Asustor | 2 As602t, Data Master | 2020-08-24 | 4.0 MEDIUM | 8.8 HIGH |
| Information disclosure in the SNMP settings page in ASUSTOR ADM version 3.1.1 allows attackers to obtain the SNMP password in cleartext. | |||||
| CVE-2019-13313 | 1 Libosinfo | 1 Libosinfo | 2020-08-24 | 2.1 LOW | 7.8 HIGH |
| libosinfo 1.5.0 allows local users to discover credentials by listing a process, because credentials are passed to osinfo-install-script via the command line. | |||||
| CVE-2019-19550 | 1 Senior | 1 Rubiweb | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37 allows admin access to sensitive information of affected users using vulnerable versions. The attacker only needs to provide the correct URL. | |||||
| CVE-2019-19007 | 1 Intelbras | 2 Iwr 3000n, Iwr 3000n Firmware | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| Intelbras IWR 3000N 1.8.7 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled, a related issue to CVE-2019-17600. | |||||
| CVE-2019-14301 | 1 Ricoh | 104 M 2700, M 2700 Firmware, M 2701 and 101 more | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue 1 of 2). | |||||
| CVE-2019-11633 | 1 Honeypress Project | 1 Honeypress | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| HoneyPress through 2016-09-27 can be fingerprinted by attackers because of the ingrained unique www.atxsec.com and ayylmao.wpengine.com hostnames within the fake WordPress templates. This allows attackers to discover and avoid this honeypot system. | |||||
| CVE-2018-4217 | 1 Apple | 1 Mac Os X | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In macOS High Sierra before 10.13.5, a privacy issue in the handling of Open Directory records was addressed with improved indexing. | |||||
| CVE-2019-1019 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 6.0 MEDIUM | 8.5 HIGH |
| A security feature bypass vulnerability exists where a NETLOGON message is able to obtain the session key and sign messages.To exploit this vulnerability, an attacker could send a specially crafted authentication request, aka 'Microsoft Windows Security Feature Bypass Vulnerability'. | |||||
| CVE-2019-7259 | 1 Nortekcontrol | 4 Linear Emerge Elite, Linear Emerge Elite Firmware, Linear Emerge Essential and 1 more | 2020-08-24 | 4.0 MEDIUM | 8.8 HIGH |
| Linear eMerge E3-Series devices allow Authorization Bypass with Information Disclosure. | |||||
| CVE-2019-7388 | 1 Dlink | 2 Dir-823g, Dir-823g Firmware | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to get sensitive information (such as MAC address) about all clients in the WLAN via the GetClientInfo HNAP API. Consequently, an attacker can achieve information disclosure without authentication. | |||||
| CVE-2018-20483 | 1 Gnu | 1 Wget | 2020-08-24 | 2.1 LOW | 7.8 HIGH |
| set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local users to obtain sensitive information (e.g., credentials contained in the URL) by reading this attribute, as demonstrated by getfattr. This also applies to Referer information in the user.xdg.referrer.url metadata attribute. According to 2016-07-22 in the Wget ChangeLog, user.xdg.origin.url was partially based on the behavior of fwrite_xattr in tool_xattr.c in curl. | |||||
| CVE-2019-14666 | 1 Glpi-project | 1 Glpi | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| GLPI through 9.4.3 is prone to account takeover by abusing the ajax/autocompletion.php autocompletion feature. The lack of correct validation leads to recovery of the token generated via the password reset functionality, and thus an authenticated attacker can set an arbitrary password for any user. This vulnerability can be exploited to take control of admin account. This vulnerability could be also abused to obtain other sensitive fields like API keys or password hashes. | |||||
| CVE-2014-3462 | 2 Encfs Project, Opensuse | 3 Encfs, Leap, Opensuse | 2020-08-21 | 5.0 MEDIUM | 7.5 HIGH |
| The ".encfs6.xml" configuration file in encfs before 1.7.5 allows remote attackers to access sensitive data by setting "blockMACBytes" to 0 and adding 8 to "blockMACRandBytes". | |||||
| CVE-2018-1433 | 1 Ibm | 14 San Volume Controller, San Volume Controller Firmware, Spectrum Virtualize and 11 more | 2020-08-19 | 5.0 MEDIUM | 7.5 HIGH |
| IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM X-Force ID: 139473. | |||||
| CVE-2018-1438 | 1 Ibm | 14 San Volume Controller, San Volume Controller Firmware, Spectrum Virtualize and 11 more | 2020-08-19 | 5.0 MEDIUM | 7.5 HIGH |
| IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DLSnap could allow an unauthenticated attacker to read arbitrary files on the system. IBM X-Force ID: 139566. | |||||
| CVE-2020-15647 | 2 Google, Mozilla | 2 Android, Firefox | 2020-08-12 | 5.0 MEDIUM | 7.4 HIGH |
| A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins. This vulnerability affects Firefox for < Android. | |||||
| CVE-2019-1575 | 1 Paloaltonetworks | 1 Pan-os | 2020-08-11 | 6.5 MEDIUM | 8.8 HIGH |
| Information disclosure in PAN-OS 7.1.23 and earlier, PAN-OS 8.0.18 and earlier, PAN-OS 8.1.8-h4 and earlier, and PAN-OS 9.0.2 and earlier may allow for an authenticated user with read-only privileges to extract the API key of the device and/or the username/password from the XML API (in PAN-OS) and possibly escalate privileges granted to them. | |||||
| CVE-2010-2943 | 4 Avaya, Canonical, Linux and 1 more | 10 Aura Communication Manager, Aura Presence Services, Aura Session Manager and 7 more | 2020-08-10 | 6.4 MEDIUM | 8.1 HIGH |
| The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle. | |||||
| CVE-2014-1505 | 7 Canonical, Debian, Mozilla and 4 more | 17 Ubuntu Linux, Debian Linux, Firefox and 14 more | 2020-08-05 | 5.0 MEDIUM | 7.5 HIGH |
| The SVG filter implementation in Mozilla Firefox before 28.0, Firefox ESR 24.x before 24.4, Thunderbird before 24.4, and SeaMonkey before 2.25 allows remote attackers to obtain sensitive displacement-correlation information, and possibly bypass the Same Origin Policy and read text from a different domain, via a timing attack involving feDisplacementMap elements, a related issue to CVE-2013-1693. | |||||
| CVE-2018-1999009 | 1 Octobercms | 1 October | 2020-08-03 | 6.8 MEDIUM | 8.1 HIGH |
| October CMS version prior to Build 437 contains a Local File Inclusion vulnerability in modules/system/traits/ViewMaker.php#244 (makeFileContents function) that can result in Sensitive information disclosure and remote code execution. This attack appear to be exploitable remotely if the /backend path is accessible. This vulnerability appears to have been fixed in Build 437. | |||||
| CVE-2018-8890 | 1 Blackberry | 1 Unified Endpoint Manager | 2020-07-15 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability in the Management Console of BlackBerry UEM 12.8.0 and 12.8.1 could allow an attacker to take over a UEM user's session and perform administrative actions in the context of the user. | |||||
| CVE-2020-15502 | 1 Duckduckgo | 1 Duckduckgo | 2020-07-14 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** The DuckDuckGo application through 5.58.0 for Android, and through 7.47.1.0 for iOS, sends hostnames of visited web sites within HTTPS .ico requests to servers in the duckduckgo.com domain, which might make visit data available temporarily at a Potentially Unwanted Endpoint. NOTE: the vendor has stated "the favicon service adheres to our strict privacy policy." | |||||
| CVE-2018-3854 | 1 Intuit | 1 Quicken 2018 | 2020-07-14 | 3.6 LOW | 7.1 HIGH |
| An exploitable information disclosure vulnerability exists in the password protection functionality of Quicken Deluxe 2018 for Mac version 5.2.2. A specially crafted sqlite3 request can cause the removal of the password protection, allowing an attacker to access and modify the data without knowing the password. An attacker needs to have access to the password-protected files to trigger this vulnerability. | |||||
| CVE-2019-18679 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2020-07-11 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Squid 2.x, 3.x, and 4.x through 4.8. Due to incorrect data management, it is vulnerable to information disclosure when processing HTTP Digest Authentication. Nonce tokens contain the raw byte value of a pointer that sits within heap memory allocation. This information reduces ASLR protections and may aid attackers isolating memory areas to target for remote code execution attacks. | |||||
| CVE-2020-14929 | 1 Alpine Project | 1 Alpine | 2020-07-03 | 5.0 MEDIUM | 7.5 HIGH |
| Alpine before 2.23 silently proceeds to use an insecure connection after a /tls is sent in certain circumstances involving PREAUTH, which is a less secure behavior than the alternative of closing the connection and letting the user decide what they would like to do. | |||||
| CVE-2016-11066 | 1 Mattermost | 1 Mattermost Server | 2020-06-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information. | |||||
| CVE-2020-4045 | 1 Scuttlebutt | 1 Ssb-db | 2020-06-17 | 5.0 MEDIUM | 7.5 HIGH |
| SSB-DB version 20.0.0 has an information disclosure vulnerability. The get() method is supposed to only decrypt messages when you explicitly ask it to, but there is a bug where it's decrypting any message that it can. This means that it is returning the decrypted content of private messages, which a malicious peer could use to get access to private data. This only affects peers running SSB-DB@20.0.0 who also have private messages, and is only known to be exploitable if you're also running SSB-OOO (default in SSB-Server), which exposes a thin wrapper around get() to anonymous peers. This is fixed in version 20.0.1. Note that users of SSB-Server verion 16.0.0 should upgrade to 16.0.1 to get the fixed version of SSB-DB. | |||||
| CVE-2018-14730 | 1 Browserify-hot Module Replacement Project | 1 Browserify-hot Module Replacement | 2020-06-10 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Browserify-HMR. Attackers are able to steal developer's code because the origin of requests is not checked by the WebSocket server, which is used for HMR (Hot Module Replacement). Anyone can receive the HMR message sent by the WebSocket server via a ws://127.0.0.1:3123/ connection from any origin. | |||||
| CVE-2019-20836 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2020-06-05 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Foxit Reader and PhantomPDF before 9.5. It has mishandling of cloud credentials, as demonstrated by Google Drive. | |||||
| CVE-2020-13764 | 1 Rocketgenius | 1 Gravityforms | 2020-06-03 | 5.0 MEDIUM | 7.5 HIGH |
| common.php in the Gravity Forms plugin before 2.4.9 for WordPress can leak hashed passwords because user_pass is not considered a special case for a $current_user->get($property) call. | |||||
| CVE-2016-6415 | 1 Cisco | 3 Ios, Ios Xe, Ios Xr | 2020-06-03 | 5.0 MEDIUM | 7.5 HIGH |
| The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association (SA) negotiation request, aka Bug IDs CSCvb29204 and CSCvb36055 or BENIGNCERTAIN. | |||||
| CVE-2017-8899 | 1 Invisioncommunity | 1 Invision Power Board | 2020-06-03 | 6.8 MEDIUM | 8.1 HIGH |
| Invision Power Services (IPS) Community Suite 4.1.19.2 and earlier has a composite of Stored XSS and Information Disclosure issues in the attachments feature found in User CP. This can be triggered by any Invision Power Board user and can be used to gain access to moderator/admin accounts. The primary cause is the ability to upload an SVG document with a crafted attribute such an onload; however, full path disclosure is required for exploitation. | |||||