Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-14398 | 1 Razer | 1 Synapse | 2020-05-20 | 4.6 MEDIUM | 7.8 HIGH |
| rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently gain privileges, via a methodology involving a handle to \Device\PhysicalMemory, IOCTL 0x22A064, and ZwMapViewOfSection. | |||||
| CVE-2020-5579 | 1 Strangerstudios | 1 Paid Memberships Pro | 2020-05-20 | 6.5 MEDIUM | 7.2 HIGH |
| SQL injection vulnerability in the Paid Memberships versions prior to 2.3.3 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2019-17066 | 1 Ivanti | 1 Workspace Control | 2020-05-20 | 7.2 HIGH | 7.8 HIGH |
| In Ivanti WorkSpace Control before 10.4.40.0, a user can elevate rights on the system by hijacking certain user registries. This is possible because pwrgrid.exe first checks the Current User registry hives (HKCU) when starting an application with elevated rights. | |||||
| CVE-2020-11807 | 1 Sourcefabric | 1 Newscoop | 2020-05-20 | 4.6 MEDIUM | 7.8 HIGH |
| Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code (and sometimes terminal commands) on a server by making an avatar update and then visiting the avatar file under the /images/ path. | |||||
| CVE-2020-11549 | 1 Netgear | 6 Rbs50y, Rbs50y Firmware, Srr60 and 3 more | 2020-05-20 | 8.3 HIGH | 8.8 HIGH |
| An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The root account has the same password as the Web-admin component. Thus, by exploiting CVE-2020-11551, it is possible to achieve remote code execution with root privileges on the embedded Linux system. | |||||
| CVE-2020-4411 | 2 Ibm, Linux | 3 Aix, Spectrum Scale, Linux Kernel | 2020-05-19 | 4.9 MEDIUM | 7.1 HIGH |
| The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system. To exploit this vulnerability, a local attacker could invoke a subset of ioctls on the Spectrum Scale device with non-valid arguments. This could allow the attacker to crash the kernel. IBM X-Force ID: 179986. | |||||
| CVE-2020-12255 | 1 Rconfig | 1 Rconfig | 2020-05-19 | 6.5 MEDIUM | 8.8 HIGH |
| rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. vendor.crud.php accepts a file upload by checking content-type without considering the file extension and header. Thus, an attacker can exploit this by uploading a .php file to vendor.php that contains arbitrary PHP code and changing the content-type to image/gif. | |||||
| CVE-2020-11071 | 1 Simpleledger | 1 Slpjs | 2020-05-19 | 5.0 MEDIUM | 8.6 HIGH |
| SLPJS (npm package slpjs) before version 0.27.2, has a vulnerability where users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. This is fixed in version 0.27.2. | |||||
| CVE-2020-1998 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-19 | 6.5 MEDIUM | 8.8 HIGH |
| An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the purposes of SSO authentication. This can result in authentication bypass and unintended resource access for the user. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; PAN-OS 9.1 versions earlier than 9.1.1; All versions of PAN-OS 8.0. | |||||
| CVE-2020-11072 | 1 Simpleledger | 1 Slp-validate | 2020-05-19 | 5.0 MEDIUM | 8.6 HIGH |
| In SLP Validate (npm package slp-validate) before version 1.2.1, users could experience false-negative validation outcomes for MINT transaction operations. A poorly implemented SLP wallet could allow spending of the affected tokens which would result in the destruction of a user's minting baton. This has been fixed in slp-validate in version 1.2.1. Additonally, slpjs version 0.27.2 has a related fix under related CVE-2020-11071. | |||||
| CVE-2020-2002 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-19 | 6.8 MEDIUM | 8.1 HIGH |
| An authentication bypass by spoofing vulnerability exists in the authentication daemon and User-ID components of Palo Alto Networks PAN-OS by failing to verify the integrity of the Kerberos key distribution center (KDC) before authenticating users. This affects all forms of authentication that use a Kerberos authentication profile. A man-in-the-middle type of attacker with the ability to intercept communication between PAN-OS and KDC can login to PAN-OS as an administrator. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; All version of PAN-OS 8.0. | |||||
| CVE-2020-2007 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-19 | 9.0 HIGH | 7.2 HIGH |
| An OS command injection vulnerability in the management server component of PAN-OS allows an authenticated user to potentially execute arbitrary commands with root privileges. This issue affects: All PAN-OS 7.1 versions; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7. | |||||
| CVE-2020-13128 | 1 Gwtupload Project | 1 Gwtupload | 2020-05-19 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service. | |||||
| CVE-2020-2009 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-19 | 9.0 HIGH | 7.2 HIGH |
| An external control of filename vulnerability in the SD WAN component of Palo Alto Networks PAN-OS Panorama allows an authenticated administrator to send a request that results in the creation and write of an arbitrary file on all firewalls managed by the Panorama. In some cases this results in arbitrary code execution with root permissions. This issue affects: All versions of PAN-OS 7.1; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7. | |||||
| CVE-2018-19321 | 1 Gigabyte | 4 Aorus Graphics Engine, App Center, Oc Guru Ii and 1 more | 2020-05-19 | 7.2 HIGH | 7.8 HIGH |
| The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges. | |||||
| CVE-2018-19322 | 1 Gigabyte | 4 Aorus Graphics Engine, App Center, Oc Guru Ii and 1 more | 2020-05-19 | 4.6 MEDIUM | 7.8 HIGH |
| The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges. | |||||
| CVE-2019-7630 | 1 Gigabyte | 1 App Center | 2020-05-19 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges. | |||||
| CVE-2020-8100 | 1 Bitdefender | 1 Engines | 2020-05-19 | 5.0 MEDIUM | 7.5 HIGH |
| Improper Input Validation vulnerability in the cevakrnl.rv0 module as used in the Bitdefender Engines allows an attacker to trigger a denial of service while scanning a specially-crafted sample. This issue affects: Bitdefender Bitdefender Engines versions prior to 7.84063. | |||||
| CVE-2019-15429 | 1 Panasonic | 2 Eluga I9, Eluga I9 Firmware | 2020-05-19 | 7.2 HIGH | 7.8 HIGH |
| The Panasonic ELUGA_I9 Android device with a build fingerprint of Panasonic/ELUGA_I9/ELUGA_I9:7.0/NRD90M/1501740649:user/release-keys contains a pre-installed app with a package name of com.ovvi.modem app (versionCode=1, versionName=1) that allows unauthorized attacker-controlled at command via a confused deputy attack. This capability can be accessed by any app co-located on the device. | |||||
| CVE-2020-12257 | 1 Rconfig | 1 Rconfig | 2020-05-18 | 6.8 MEDIUM | 8.8 HIGH |
| rConfig 3.9.4 is vulnerable to cross-site request forgery (CSRF) because it lacks implementation of CSRF protection such as a CSRF token. An attacker can leverage this vulnerability by creating a form (add a user, delete a user, or edit a user). | |||||
| CVE-2019-20390 | 1 Intelliants | 1 Subrion | 2020-05-18 | 5.8 MEDIUM | 8.1 HIGH |
| A Cross-Site Request Forgery (CSRF) vulnerability was discovered in Subrion CMS 4.2.1 that allows a remote attacker to remove files on the server without a victim's knowledge, by enticing an authenticated user to visit an attacker's web page. The application fails to validate the CSRF token for a GET request. An attacker can craft a panel/uploads/read.json?cmd=rm URL (removing this token) and send it to the victim. | |||||
| CVE-2020-7267 | 1 Mcafee | 1 Virusscan Enterprise | 2020-05-18 | 3.6 LOW | 8.4 HIGH |
| Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Linux prior to 2.0.3 Hotfix 2635000 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. | |||||
| CVE-2020-7266 | 1 Mcafee | 1 Virusscan Enterprise | 2020-05-18 | 3.6 LOW | 8.4 HIGH |
| Privilege Escalation vulnerability in McAfee VirusScan Enterprise (VSE) for Windows prior to 8.8 Patch 14 Hotfix 116778 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. | |||||
| CVE-2020-7264 | 1 Mcafee | 1 Endpoint Security | 2020-05-18 | 3.6 LOW | 8.4 HIGH |
| Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. | |||||
| CVE-2020-7265 | 1 Mcafee | 1 Endpoint Security | 2020-05-18 | 3.6 LOW | 8.4 HIGH |
| Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. | |||||
| CVE-2019-9682 | 1 Dahuasecurity | 40 Ipc-hdbw1320e-w, Ipc-hdbw1320e-w Firmware, Ipc-hx2xxx and 37 more | 2020-05-18 | 6.8 MEDIUM | 8.1 HIGH |
| Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. If the user uses a weak security login method, an attacker can monitor the device network to intercept network packets to attack the device. So it is recommended that the user disable this login method. | |||||
| CVE-2020-0024 | 1 Google | 1 Android | 2020-05-18 | 4.4 MEDIUM | 7.8 HIGH |
| In onCreate of SettingsBaseActivity.java, there is a possible unauthorized setting modification due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-137015265 | |||||
| CVE-2020-0094 | 1 Google | 1 Android | 2020-05-18 | 4.6 MEDIUM | 7.8 HIGH |
| In setImageHeight and setImageWidth of ExifUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-148223871 | |||||
| CVE-2020-6244 | 1 Sap | 1 Business Client | 2020-05-18 | 4.4 MEDIUM | 7.8 HIGH |
| SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. An attacker could thereby control the behavior of the application. | |||||
| CVE-2020-2013 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-18 | 6.8 MEDIUM | 8.8 HIGH |
| A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected PAN-OS Panorama version, their PAN-OS session cookie is transmitted over cleartext to the firewall. An attacker with the ability to intercept this network traffic between the firewall and Panorama can access the administrator's account and further manipulate devices managed by Panorama. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; PAN-OS 9.1 versions earlier than 9.1.1; All version of PAN-OS 8.0; | |||||
| CVE-2020-11531 | 1 Zohocorp | 2 Manageengine Adaudit Plus, Manageengine Datasecurity Plus | 2020-05-18 | 6.5 MEDIUM | 8.8 HIGH |
| The DataEngine Xnode Server application in Zoho ManageEngine DataSecurity Plus prior to 6.0.1 does not validate the database schema name when handling a DR-SCHEMA-SYNC request. This allows an authenticated attacker to execute code in the context of the product by writing a JSP file to the webroot directory via directory traversal. | |||||
| CVE-2020-12102 | 1 Tiny File Manager Project | 1 Tiny File Manager | 2020-05-18 | 6.8 MEDIUM | 7.7 HIGH |
| In Tiny File Manager 2.4.1, there is a Path Traversal vulnerability in the ajax recursive directory listing functionality. This allows authenticated users to enumerate directories and files on the filesystem (outside of the application scope). | |||||
| CVE-2020-12103 | 1 Tiny File Manager Project | 1 Tiny File Manager | 2020-05-18 | 4.0 MEDIUM | 7.7 HIGH |
| In Tiny File Manager 2.4.1 there is a vulnerability in the ajax file backup copy functionality which allows authenticated users to create backup copies of files (with .bak extension) outside the scope in the same directory in which they are stored. | |||||
| CVE-2019-15878 | 1 Freebsd | 1 Freebsd | 2020-05-18 | 4.6 MEDIUM | 7.8 HIGH |
| In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and 11.3-RELEASE before p9, an unprivileged local user can trigger a use-after-free situation due to improper checking in SCTP when an application tries to update an SCTP-AUTH shared key. | |||||
| CVE-2019-15879 | 1 Freebsd | 1 Freebsd | 2020-05-18 | 5.8 MEDIUM | 7.4 HIGH |
| In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite arbitrary kernel memory. | |||||
| CVE-2020-10616 | 1 Opto22 | 1 Softpac Project | 2020-05-18 | 6.8 MEDIUM | 8.8 HIGH |
| Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the service starts. | |||||
| CVE-2019-19034 | 1 Zohocorp | 1 Manageengine Assetexplorer | 2020-05-15 | 6.5 MEDIUM | 7.2 HIGH |
| Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager (SCCM) database username when dynamically generating a command to schedule scans for SCCM. This allows an attacker to execute arbitrary commands on the AssetExplorer Server with NT AUTHORITY/SYSTEM privileges. | |||||
| CVE-2020-8982 | 1 Citrix | 1 Sharefile Storagezones Controller | 2020-05-15 | 5.0 MEDIUM | 7.5 HIGH |
| An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or inside Citrix Cloud itself (both are internet facing). NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-7473 and CVE-2020-8983. | |||||
| CVE-2020-8983 | 1 Citrix | 1 Sharefile Storagezones Controller | 2020-05-15 | 5.0 MEDIUM | 7.5 HIGH |
| An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or inside Citrix Cloud itself (both are internet facing). NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-7473 and CVE-2020-8982. | |||||
| CVE-2020-12608 | 1 Solarwinds | 1 Managed Service Provider Patch Management Engine | 2020-05-15 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config\. This can lead to code execution by changing the CacheService.xml SISServerURL parameter. | |||||
| CVE-2020-2011 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-15 | 7.8 HIGH | 7.5 HIGH |
| An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS Panorama services by restarting the device and putting it into maintenance mode. This issue affects: All versions of PAN-OS 7.1, PAN-OS 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7; PAN-OS 9.1 versions earlier than 9.1.0. | |||||
| CVE-2020-2015 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-15 | 9.0 HIGH | 8.8 HIGH |
| A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; PAN-OS 9.1 versions earlier than 9.1.1; All versions of PAN-OS 8.0. | |||||
| CVE-2020-0102 | 1 Google | 1 Android | 2020-05-15 | 4.6 MEDIUM | 7.8 HIGH |
| In GattServer::SendResponse of gatt_server.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143231677 | |||||
| CVE-2020-2016 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-15 | 8.5 HIGH | 7.0 HIGH |
| A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account. This allows an attacker who has escaped the restricted shell as a low privilege administrator, possibly by exploiting another vulnerability, to escalate privileges to become root user. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; All versions of PAN-OS 8.0. | |||||
| CVE-2020-10876 | 2 Mica, Oklok Project | 2 Fingerprint Bluetooth Padlock Fb50, Oklok | 2020-05-15 | 5.0 MEDIUM | 7.5 HIGH |
| The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) does not correctly implement its timeout on the four-digit verification code that is required for resetting passwords, nor does it properly restrict excessive verification attempts. This allows an attacker to brute force the four-digit verification code in order to bypass email verification and change the password of a victim account. | |||||
| CVE-2020-7285 | 1 Mcafee | 1 Mvision Endpoint | 2020-05-15 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege Escalation vulnerability in McAfee MVISION Endpoint prior to 20.5.0.94 allows a malicious script or program to perform functions that the local executing user has not been granted access to. | |||||
| CVE-2020-5576 | 1 Sixapart | 1 Movable Type | 2020-05-15 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||||
| CVE-2020-5577 | 1 Sixapart | 1 Movable Type | 2020-05-15 | 6.5 MEDIUM | 8.8 HIGH |
| Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanced 7 r.4606 (7.2.1) and earlier (Movable Type Advanced 7), Movable Type for AWS 7 r.4606 (7.2.1) and earlier (Movable Type for AWS 7), Movable Type 6.5.3 and earlier (Movable Type 6.5), Movable Type Advanced 6.5.3 and earlier (Movable Type Advanced 6.5), Movable Type 6.3.11 and earlier (Movable Type 6.3), Movable Type Advanced 6.3.11 and earlier (Movable Type 6.3), Movable Type Premium 1.29 and earlier, and Movable Type Premium Advanced 1.29 and earlier) allow remote authenticated attackers to upload arbitrary files and execute a php script via unspecified vectors. | |||||
| CVE-2020-6249 | 1 Sap | 3 Master Data Governance \(s4core\), Master Data Governance \(s4fnd\), Master Data Governance \(sap Bs Fnd\) | 2020-05-15 | 6.5 MEDIUM | 8.8 HIGH |
| The use of an admin backend report within SAP Master Data Governance, versions - S4CORE 101, S4FND 102, 103, 104, SAP_BS_FND 748; allows an attacker to execute crafted database queries, exposing the backend database, leading to SQL Injection. | |||||
| CVE-2020-6253 | 1 Sap | 1 Adaptive Server Enterprise | 2020-05-15 | 6.5 MEDIUM | 7.2 HIGH |
| Under certain conditions, SAP Adaptive Server Enterprise (Web Services), versions 15.7, 16.0, allows an authenticated user to execute crafted database queries to elevate their privileges, modify database objects, or execute commands they are not otherwise authorized to execute, leading to SQL Injection. | |||||