Search
Total
445 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-11875 | 1 Blueprism | 1 Robotic Process Automation | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| In AutomateAppCore.dll in Blue Prism Robotic Process Automation 6.4.0.8445, a vulnerability in access control can be exploited to escalate privileges. The vulnerability allows for abusing the application for fraud or unauthorized access to certain information. The attack requires a valid user account to connect to the Blue Prism server, but the roles associated to this account are not required to have any permissions. First of all, the application files are modified to grant full permissions on the client side. In a test environment (or his own instance of the software) an attacker is able to grant himself full privileges also on the server side. He can then, for instance, create a process with malicious behavior and export it to disk. With the modified client, it is possible to import the exported file as a release and overwrite any existing process in the database. Eventually, the bots execute the malicious process. The server does not check the user's permissions for the aforementioned actions, such that a modification of the client software enables this kind of attack. Possible scenarios may involve changing bank accounts or setting passwords. | |||||
| CVE-2019-1170 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 7.2 HIGH | 8.8 HIGH |
| An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape, aka 'Windows NTFS Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-11611 | 1 Doorgets | 1 Doorgets Cms | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/download.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information. | |||||
| CVE-2019-11610 | 1 Doorgets | 1 Doorgets Cms | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information. | |||||
| CVE-2019-11609 | 1 Doorgets | 1 Doorgets Cms | 2020-08-24 | 6.4 MEDIUM | 8.2 HIGH |
| doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/movefile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information or make the server unserviceable. | |||||
| CVE-2019-11608 | 1 Doorgets | 1 Doorgets Cms | 2020-08-24 | 6.4 MEDIUM | 8.2 HIGH |
| doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/renamefile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information or make the server unserviceable. | |||||
| CVE-2019-11607 | 1 Doorgets | 1 Doorgets Cms | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copydir.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information. | |||||
| CVE-2019-11606 | 1 Doorgets | 1 Doorgets Cms | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copyfile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information. | |||||
| CVE-2019-10849 | 1 Computrols | 1 Computrols Building Automation Software | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure. | |||||
| CVE-2019-1010246 | 1 Mailcleaner | 1 Mailcleaner | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| MailCleaner before c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9 is affected by: Unauthenticated MySQL database password information disclosure. The impact is: MySQL database content disclosure (e.g. username, password). The component is: The API call in the function allowAction() in NewslettersController.php. The attack vector is: HTTP Get request. The fixed version is: c888fbb6aaa7c5f8400f637bcf1cbb844de46cd9. | |||||
| CVE-2019-1010066 | 1 Llnl | 1 Model Specific Registers-safe | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Lawrence Livermore National Laboratory msr-safe v1.1.0 is affected by: Incorrect Access Control. The impact is: An attacker could modify model specific registers. The component is: ioctl handling. The attack vector is: An attacker could exploit a bug in ioctl interface whitelist checking, in order to write to model specific registers, normally a function reserved for the root user. The fixed version is: v1.2.0. | |||||
| CVE-2019-0573 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists when the Windows Data Sharing Service improperly handles file operations, aka "Windows Data Sharing Service Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. This CVE ID is unique from CVE-2019-0571, CVE-2019-0572, CVE-2019-0574. | |||||
| CVE-2019-0566 | 1 Microsoft | 4 Edge, Windows 10, Windows Server 2016 and 1 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| An elevation of privilege vulnerability exists in Microsoft Edge Browser Broker COM object, aka "Microsoft Edge Elevation of Privilege Vulnerability." This affects Microsoft Edge. | |||||
| CVE-2019-0555 | 1 Microsoft | 6 Windows 10, Windows 8.1, Windows Rt 8.1 and 3 more | 2020-08-24 | 4.4 MEDIUM | 7.8 HIGH |
| An elevation of privilege vulnerability exists in the Microsoft XmlDocument class that could allow an attacker to escape from the AppContainer sandbox in the browser, aka "Microsoft XmlDocument Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. | |||||
| CVE-2019-0349 | 1 Sap | 1 Advanced Business Application Programming Platform Kernel | 2020-08-24 | 6.5 MEDIUM | 7.2 HIGH |
| SAP Kernel (ABAP Debugger), versions KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, KERNEL 7.21, 7.49, 7.53, 7.73, 7.75, 7.76, 7.77, allows a user to execute “Go to statement” without possessing the authorization S_DEVELOP DEBUG 02, resulting in Missing Authorization Check | |||||
| CVE-2019-0280 | 1 Sap | 1 Treasury And Risk Management | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| SAP Treasury and Risk Management (EA-FINSERV 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18 and 8.0; S4CORE 1.01, 1.02 and 1.03), does not perform necessary authorization checks for authorization objects T_DEAL_DP and T_DEAL_PD , resulting in escalation of privileges. | |||||
| CVE-2019-0279 | 1 Sap | 1 Business Application Software Integrated Solution | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| ABAP BASIS function modules INST_CREATE_R3_RFC_DEST, INST_CREATE_TCPIP_RFCDEST, and INST_CREATE_TCPIP_RFC_DEST in SAP BASIS (fixed in versions 7.0 to 7.02, 7.10 to 7.30, 7.31, 7.40, 7.50 to 7.53) do not perform necessary authorization checks in all circumstances for an authenticated user, resulting in escalation of privileges. | |||||
| CVE-2019-0258 | 1 Sap | 1 Disclosure Management | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| SAP Disclosure Management, version 10.01, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | |||||
| CVE-2019-0257 | 1 Sap | 1 Netweaver Abap | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from 7.74 to 7.75) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | |||||
| CVE-2019-0270 | 1 Sap | 5 Advanced Business Application Programming Platform Kernel, Advanced Business Application Programming Platform Krnl32nuc, Advanced Business Application Programming Platform Krnl32uc and 2 more | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| ABAP Server of SAP NetWeaver and ABAP Platform fail to perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has been corrected in the following versions: KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.74, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.73, 7.74, 8.04, KERNEL 7.21, 7.45, 7.49, 7.53, 7.73, 7.74, 7.75, 8.04. | |||||
| CVE-2019-0243 | 1 Sap | 1 Bw\/4hana | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| Under some circumstances, masterdata maintenance in SAP BW/4HANA (fixed in DW4CORE version 1.0 (SP08)) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | |||||
| CVE-2018-19754 | 1 Oracle | 1 Tarantella Enterprise | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| Tarantella Enterprise before 3.11 allows bypassing Access Control. | |||||
| CVE-2018-19079 | 2 Foscam, Opticam | 6 C2, C2 Application Firmware, C2 System Firmware and 3 more | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SystemReboot method allows unauthenticated reboot. | |||||
| CVE-2018-17491 | 1 Hidglobal | 1 Easylobby Solo | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| EasyLobby Solo could allow a local attacker to gain elevated privileges on the system. By visiting the kiosk and typing "esc" to exit the program, an attacker could exploit this vulnerability to perform unauthorized actions on the computer. | |||||
| CVE-2018-17490 | 1 Hidglobal | 1 Easylobby Solo | 2020-08-24 | 3.6 LOW | 7.1 HIGH |
| EasyLobby Solo is vulnerable to a denial of service. By visiting the kiosk and accessing the task manager, a local attacker could exploit this vulnerability to kill the process or launch new processes at will. | |||||
| CVE-2018-10093 | 1 Audiocodes | 2 420hd Ip Phone, 420hd Ip Phone Firmware | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution. | |||||
| CVE-2018-10092 | 1 Dolibarr | 1 Dolibarr | 2020-08-24 | 6.0 MEDIUM | 8.0 HIGH |
| The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads. | |||||
| CVE-2017-13209 | 1 Google | 1 Android | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| In the ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller which could allow an application or service to replace a HAL service with its own service. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-68217907. | |||||
| CVE-2017-1000086 | 1 Jenkins | 1 Periodic Backup | 2020-08-24 | 6.0 MEDIUM | 8.0 HIGH |
| The Periodic Backup Plugin did not perform any permission checks, allowing any user with Overall/Read access to change its settings, trigger backups, restore backups, download backups, and also delete all previous backups via log rotation. Additionally, the plugin was not requiring requests to its API be sent via POST, thereby opening itself to Cross-Site Request Forgery attacks. | |||||
| CVE-2020-6298 | 1 Sap | 1 Generic Market Data | 2020-08-14 | 5.5 MEDIUM | 8.1 HIGH |
| SAP Banking Services (Generic Market Data), versions - 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data (GMD) and change related GMD key figure values, due to Missing Authorization Check. | |||||
| CVE-2020-6301 | 1 Sap | 1 Hcm Travel Management | 2020-08-13 | 5.5 MEDIUM | 8.1 HIGH |
| SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check. | |||||
| CVE-2020-14520 | 1 Inductiveautomation | 1 Ignition Gateway | 2020-08-11 | 5.0 MEDIUM | 7.5 HIGH |
| The affected product is vulnerable to an information leak, which may allow an attacker to obtain sensitive information on the Ignition 8 (all versions prior to 8.0.13). | |||||
| CVE-2020-5396 | 1 Vmware | 2 Gemfire, Tanzu Gemfire For Virtual Machines | 2020-08-04 | 6.5 MEDIUM | 8.8 HIGH |
| VMware GemFire versions prior to 9.10.0, 9.9.2, 9.8.7, and 9.7.6, and VMware Tanzu GemFire for VMs versions prior to 1.11.1 and 1.10.2, when deployed without a SecurityManager, contain a JMX service available which contains an insecure default configuration. This allows a malicious user to create an MLet mbean leading to remote code execution. | |||||
| CVE-2015-0571 | 1 Linux | 1 Linux Kernel | 2020-07-31 | 9.3 HIGH | 7.8 HIGH |
| The WLAN (aka Wi-Fi) driver for the Linux kernel 3.x and 4.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, does not verify authorization for private SET IOCTL calls, which allows attackers to gain privileges via a crafted application, related to wlan_hdd_hostapd.c and wlan_hdd_wext.c. | |||||
| CVE-2020-5368 | 1 Dell | 4 Vxrail D560, Vxrail D560 Firmware, Vxrail D560f and 1 more | 2020-07-13 | 5.0 MEDIUM | 7.5 HIGH |
| Dell EMC VxRail versions 4.7.410 and 4.7.411 contain an improper authentication vulnerability. A remote unauthenticated attacker may exploit this vulnerability to obtain sensitive information in an encrypted form. | |||||
| CVE-2020-6268 | 1 Sap | 2 Erp \(ea-finserv\), Erp \(s4core\) | 2020-06-16 | 5.5 MEDIUM | 8.1 HIGH |
| Statutory Reporting for Insurance Companies in SAP ERP (EA-FINSERV versions - 600, 603, 604, 605, 606, 616, 617, 618, 800 and S4CORE versions 101, 102, 103, 104) does not execute the required authorization checks for an authenticated user, allowing an attacker to view and tamper with certain restricted data leading to Missing Authorization Check. | |||||
| CVE-2020-13425 | 1 Thetrackr | 2 Trackr, Trackr Firmware | 2020-05-26 | 6.8 MEDIUM | 7.1 HIGH |
| TrackR devices through 2020-05-06 allow attackers to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted. | |||||
| CVE-2020-6209 | 1 Sap | 1 Disclosure Management | 2020-04-24 | 6.0 MEDIUM | 7.5 HIGH |
| SAP Disclosure Management, version 10.1, does not perform necessary authorization checks for an authenticated user, allowing access to administration accounts by a user with no roles, leading to Missing Authorization Check. | |||||
| CVE-2018-21047 | 1 Google | 1 Android | 2020-04-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with O(8.x) software. There is a Factory Reset Protection (FRP) bypass via the voice assistant because Internet access begins before the Setup Wizard finishes. The Samsung ID is SVE-2018-12894 (November 2018). | |||||
| CVE-2017-18677 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. Because of an unprotected Intent, an attacker can reset the configuration of certain applications. The Samsung ID is SVE-2016-7142 (April 2017). | |||||
| CVE-2017-18666 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Applications can send arbitrary premium SMS messages. The Samsung ID is SVE-2017-8701 (June 2017). | |||||
| CVE-2019-18581 | 1 Dell | 6 Emc Data Protection Advisor, Emc Idpa Dp4400, Emc Idpa Dp5800 and 3 more | 2020-03-24 | 9.0 HIGH | 7.2 HIGH |
| Dell EMC Data Protection Advisor versions 6.3, 6.4, 6.5, 18.2 versions prior to patch 83, and 19.1 versions prior to patch 71 contain a server missing authorization vulnerability in the REST API. A remote authenticated malicious user with administrative privileges may potentially exploit this vulnerability to alter the application’s allowable list of OS commands. This may lead to arbitrary OS command execution as the regular user runs the DPA service on the affected system. | |||||
| CVE-2018-13063 | 1 Easyappointments | 1 Easy\!appointments | 2020-03-18 | 5.0 MEDIUM | 7.5 HIGH |
| Easy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts. | |||||
| CVE-2020-0054 | 1 Google | 1 Android | 2020-03-11 | 4.6 MEDIUM | 7.8 HIGH |
| In WifiNetworkSuggestionsManager of WifiNetworkSuggestionsManager.java, there is a possible permission revocation due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-146642727 | |||||
| CVE-2012-6614 | 1 D-link | 2 Dsr-250n, Dsr-250n Firmware | 2020-03-05 | 9.0 HIGH | 7.2 HIGH |
| D-Link DSR-250N devices before 1.08B31 allow remote authenticated users to obtain "persistent root access" via the BusyBox CLI, as demonstrated by overwriting the super user password. | |||||
| CVE-2012-0055 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2020-02-28 | 7.2 HIGH | 7.8 HIGH |
| OverlayFS in the Linux kernel before 3.0.0-16.28, as used in Ubuntu 10.0.4 LTS and 11.10, is missing inode security checks which could allow attackers to bypass security restrictions and perform unauthorized actions. | |||||
| CVE-2019-19989 | 1 Seling | 1 Visual Access Manager | 2020-02-27 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29. Several PHP pages, and other type of files, are reachable by any user without checking for user identity and authorization. | |||||
| CVE-2020-6188 | 1 Sap | 2 Erp, S\/4 Hana | 2020-02-19 | 6.5 MEDIUM | 8.8 HIGH |
| VAT Pro-Rata reports in SAP ERP (SAP_APPL versions 600, 602, 603, 604, 605, 606, 616 and SAP_FIN versions 617, 618, 700, 720, 730) and SAP S/4 HANA (versions 100, 101, 102, 103, 104) do not perform necessary authorization checks for an authenticated user leading to Missing Authorization Check. | |||||
| CVE-2020-5228 | 1 Apereo | 1 Opencast | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| Opencast before 8.1 and 7.6 allows unauthorized public access to all media and metadata by default via OAI-PMH. OAI-PMH is part of the default workflow and is activated by default, requiring active user intervention of users to protect media. This leads to users unknowingly handing out public access to events without their knowledge. The problem has been addressed in Opencast 7.6 and 8.1 where the OAI-PMH endpoint is configured to require users with `ROLE_ADMIN` by default. In addition to this, Opencast 9 removes the OAI-PMH publication from the default workflow, making the publication a conscious decision users have to make by updating their workflows. | |||||
| CVE-2018-19830 | 1 Business Alliance Financial Circle Project | 1 Business Alliance Financial Circle | 2020-01-14 | 5.0 MEDIUM | 7.5 HIGH |
| The UBSexToken() function of a smart contract implementation for Business Alliance Financial Circle (BAFC), an tradable Ethereum ERC20 token, allows attackers to change the owner of the contract, because the function is public (by default) and does not check the caller's identity. | |||||