Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-4942 | 1 Adobe | 1 Coldfusion | 2020-05-15 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Unsafe XML External Entity Processing vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-4938 | 1 Adobe | 1 Coldfusion | 2020-05-15 | 4.6 MEDIUM | 7.8 HIGH |
| Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Insecure Library Loading vulnerability. Successful exploitation could lead to local privilege escalation. | |||||
| CVE-2019-18866 | 1 Blaauwproducts | 1 Remote Kiln Control | 2020-05-15 | 5.0 MEDIUM | 7.5 HIGH |
| Unauthenticated SQL injection via the username in the login mechanism in Blaauw Remote Kiln Control through v3.00r4 allows a user to extract arbitrary data from the rkc database. | |||||
| CVE-2019-16112 | 1 Tylertech | 1 Eagle | 2020-05-15 | 6.5 MEDIUM | 8.8 HIGH |
| TylerTech Eagle 2018.3.11 deserializes untrusted user input, resulting in remote code execution via a crafted Java object to the recorder/ServiceManager?service=tyler.empire.settings.SettingManager URI. | |||||
| CVE-2020-11067 | 1 Typo3 | 1 Typo3 | 2020-05-15 | 6.0 MEDIUM | 8.8 HIGH |
| In TYPO3 CMS 9.0.0 through 9.5.16 and 10.0.0 through 10.4.1, it has been discovered that backend user settings (in $BE_USER->uc) are vulnerable to insecure deserialization. In combination with vulnerabilities of third party components, this can lead to remote code execution. A valid backend user account is needed to exploit this vulnerability. This has been fixed in 9.5.17 and 10.4.2. | |||||
| CVE-2019-7733 | 1 Live555 | 1 Streaming Media | 2020-05-15 | 5.0 MEDIUM | 7.5 HIGH |
| In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove. | |||||
| CVE-2019-7201 | 1 Qnap | 1 Netbak Replicator | 2020-05-14 | 7.2 HIGH | 7.8 HIGH |
| An unquoted service path vulnerability is reported to affect the service QVssService in QNAP NetBak Replicator. This vulnerability could allow an authorized but non-privileged local user to execute arbitrary code with elevated system privileges. QNAP have already fixed this issue in QNAP NetBak Replicator 4.5.12.1108. | |||||
| CVE-2020-2012 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| Improper restriction of XML external entity reference ('XXE') vulnerability in Palo Alto Networks Panorama management service allows remote unauthenticated attackers with network access to the Panorama management interface to read arbitrary files on the system. This issue affects: All versions of PAN-OS for Panorama 7.1 and 8.0; PAN-OS for Panorama 8.1 versions earlier than 8.1.13; PAN-OS for Panorama 9.0 versions earlier than 9.0.7. | |||||
| CVE-2020-2014 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-14 | 9.0 HIGH | 8.8 HIGH |
| An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7. | |||||
| CVE-2020-2010 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-14 | 9.0 HIGH | 7.2 HIGH |
| An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7. | |||||
| CVE-2020-2008 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-14 | 9.0 HIGH | 7.2 HIGH |
| An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14. | |||||
| CVE-2020-2006 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-14 | 9.0 HIGH | 8.8 HIGH |
| A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14. | |||||
| CVE-2020-6241 | 1 Sap | 1 Adaptive Server Enterprise | 2020-05-14 | 6.5 MEDIUM | 8.8 HIGH |
| SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted database queries to elevate privileges of users in the system, leading to SQL Injection. | |||||
| CVE-2020-12790 | 1 Nystudio107 | 1 Seomatic | 2020-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| In the SEOmatic plugin before 3.2.49 for Craft CMS, helpers/DynamicMeta.php does not properly sanitize the URL. This leads to Server-Side Template Injection and credentials disclosure via a crafted Twig template after a semicolon. | |||||
| CVE-2019-5500 | 1 Netapp | 14 Aff A200, Aff A200 Firmware, Aff A220 and 11 more | 2020-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| Certain versions of the NetApp Service Processor and Baseboard Management Controller firmware allow a remote unauthenticated attacker to cause a Denial of Service (DoS). | |||||
| CVE-2017-11286 | 1 Adobe | 1 Coldfusion | 2020-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe ColdFusion has an XML external entity (XXE) injection vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. | |||||
| CVE-2020-5837 | 1 Symantec | 1 Endpoint Protection | 2020-05-14 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege. | |||||
| CVE-2020-5835 | 1 Symantec | 1 Endpoint Protection Manager | 2020-05-14 | 4.4 MEDIUM | 7.0 HIGH |
| Symantec Endpoint Protection Manager, prior to 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine. | |||||
| CVE-2020-5896 | 1 F5 | 2 Big-ip Access Policy Manager, Big-ip Access Policy Manager Client | 2020-05-14 | 4.6 MEDIUM | 7.8 HIGH |
| On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Service's temporary folder has weak file and folder permissions. | |||||
| CVE-2020-1718 | 1 Redhat | 3 Jboss Fuse, Keycloak, Openshift Application Runtimes | 2020-05-14 | 6.5 MEDIUM | 8.8 HIGH |
| A flaw was found in the reset credential flow in all Keycloak versions before 8.0.0. This flaw allows an attacker to gain unauthorized access to the application. | |||||
| CVE-2020-5897 | 1 F5 | 2 Big-ip Access Policy Manager, Big-ip Access Policy Manager Client | 2020-05-14 | 6.8 MEDIUM | 8.8 HIGH |
| In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability in the BIG-IP Edge Client Windows ActiveX component. | |||||
| CVE-2019-19162 | 2 Microsoft, Tobesoft | 2 Windows, Xplatform | 2020-05-14 | 6.8 MEDIUM | 7.8 HIGH |
| A use-after-free vulnerability in the TOBESOFT XPLATFORM versions 9.1 to 9.2.2 may lead to code execution on a system running it. | |||||
| CVE-2020-9840 | 1 Apple | 1 Nioextras | 2020-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| In SwiftNIO Extras before 1.4.1, a logic issue was addressed with improved restrictions. | |||||
| CVE-2020-12719 | 1 Wso2 | 7 Api Manager, Api Manager Analytics, Api Microgateway and 4 more | 2020-05-14 | 6.5 MEDIUM | 7.2 HIGH |
| XXE during an EventPublisher update can occur in Management Console in WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integrator 6.4.0 and earlier, IS as Key Manager 5.9.0 and earlier, Identity Server 5.9.0 and earlier, and Identity Server Analytics 5.6.0 and earlier. | |||||
| CVE-2020-10916 | 1 Tp-link | 2 Tl-wa855re, Tl-wa855re Firmware | 2020-05-14 | 5.2 MEDIUM | 8.0 HIGH |
| This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P1[20191213-rel60361] Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the first-time setup process. The issue results from the lack of proper validation on first-time setup requests. An attacker can leverage this vulnerability to reset the password for the Admin account and execute code in the context of the device. Was ZDI-CAN-10003. | |||||
| CVE-2018-16867 | 3 Canonical, Fedoraproject, Qemu | 3 Ubuntu Linux, Fedora, Qemu | 2020-05-14 | 4.4 MEDIUM | 7.8 HIGH |
| A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host. | |||||
| CVE-2018-16847 | 2 Canonical, Qemu | 2 Ubuntu Linux, Qemu | 2020-05-14 | 4.6 MEDIUM | 7.8 HIGH |
| An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process. | |||||
| CVE-2020-9474 | 1 Siedle | 2 Sg 150-0, Sg 150-0 Firmware | 2020-05-14 | 9.0 HIGH | 8.8 HIGH |
| The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows remote code execution via the backup functionality in the web frontend. By using an exploit chain, an attacker with access to the network can get root access on the gateway. | |||||
| CVE-2020-8473 | 1 Abb | 1 800xa Base System | 2020-05-14 | 6.8 MEDIUM | 7.8 HIGH |
| Insufficient folder permissions used by system functions in ABB System 800xA Base (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications. | |||||
| CVE-2020-8472 | 1 Abb | 5 Ac800m, Base Software, Control Builder M and 2 more | 2020-05-14 | 6.8 MEDIUM | 7.8 HIGH |
| Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploited the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications. | |||||
| CVE-2018-7550 | 4 Canonical, Debian, Qemu and 1 more | 9 Ubuntu Linux, Debian Linux, Qemu and 6 more | 2020-05-14 | 4.6 MEDIUM | 8.8 HIGH |
| The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access. | |||||
| CVE-2020-1979 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-13 | 4.6 MEDIUM | 7.8 HIGH |
| A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to execute arbitrary code, bypassing the restricted shell and escalating privileges. This issue affects only PAN-OS 8.1 versions earlier than PAN-OS 8.1.13 on Panorama. This issue does not affect PAN-OS 7.1, PAN-OS 9.0, or later PAN-OS versions. | |||||
| CVE-2017-14201 | 1 Zephyrproject | 1 Zephyr | 2020-05-13 | 4.6 MEDIUM | 7.8 HIGH |
| Use After Free vulnerability in the Zephyr shell allows a serial or telnet connected user to cause denial of service, and possibly remote code execution. This issue affects: Zephyr shell versions prior to 1.14.0 on all. | |||||
| CVE-2017-14202 | 1 Zephyrproject | 1 Zephyr | 2020-05-13 | 4.6 MEDIUM | 7.8 HIGH |
| Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in the shell component of Zephyr allows a serial or telnet connected user to cause a crash, possibly with arbitrary code execution. This issue affects: Zephyr shell versions prior to 1.14.0 on all. | |||||
| CVE-2020-12760 | 1 Opennms | 2 Opennms Horizon, Opennms Meridian | 2020-05-13 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in OpenNMS Horizon before 26.0.1, and Meridian before 2018.1.19 and 2019 before 2019.1.7. The ActiveMQ channel configuration allowed for arbitrary deserialization of Java objects (aka ActiveMQ Minion payload deserialization), leading to remote code execution for any authenticated channel user regardless of its assigned permissions. | |||||
| CVE-2020-12749 | 1 Google | 1 Android | 2020-05-13 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. The S.LSI Wi-Fi drivers have a buffer overflow. The Samsung ID is SVE-2020-16906 (May 2020). | |||||
| CVE-2020-12750 | 1 Google | 1 Android | 2020-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can bypass Factory Reset Protection (FRP) via SPEN. The Samsung ID is SVE-2020-17019 (May 2020). | |||||
| CVE-2020-0022 | 1 Google | 1 Android | 2020-05-13 | 8.3 HIGH | 8.8 HIGH |
| In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143894715 | |||||
| CVE-2014-8688 | 1 Telegram | 1 Messenger | 2020-05-13 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Telegram Messenger 2.6 for iOS and 1.8.2 for Android. Secret chat messages are available in cleartext in process memory and a .db file. | |||||
| CVE-2020-6651 | 1 Eaton | 1 Intelligent Power Manager | 2020-05-12 | 6.0 MEDIUM | 7.3 HIGH |
| Improper Input Validation in Eaton's Intelligent Power Manager (IPM) v 1.67 & prior on file name during configuration file import functionality allows attackers to perform command injection or code execution via specially crafted file names while uploading the configuration file in the application. | |||||
| CVE-2020-6652 | 1 Eaton | 1 Intelligent Power Manager | 2020-05-12 | 4.6 MEDIUM | 7.8 HIGH |
| Incorrect Privilege Assignment vulnerability in Eaton's Intelligent Power Manager (IPM) v1.67 & prior allow non-admin users to upload the system configuration files by sending specially crafted requests. This can result in non-admin users manipulating the system configurations via uploading the configurations with incorrect parameters. | |||||
| CVE-2020-12754 | 1 Google | 1 Android | 2020-05-12 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A crafted application can obtain control of device input via the window system service. The LG ID is LVE-SMP-170011 (May 2020). | |||||
| CVE-2019-18867 | 1 Blaauwproducts | 1 Remote Kiln Control | 2020-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| Browsable directories in Blaauw Remote Kiln Control through v3.00r4 allow an attacker to enumerate sensitive filenames and locations, including source code. This affects /ajax/, /common/, /engine/, /flash/, /images/, /Images/, /jscripts/, /lang/, /layout/, /programs/, and /sms/. | |||||
| CVE-2020-3179 | 1 Cisco | 25 Asa 5505, Asa 5505 Firmware, Asa 5510 and 22 more | 2020-05-12 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the generic routing encapsulation (GRE) tunnel decapsulation feature of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a memory handling error when GRE over IPv6 traffic is processed. An attacker could exploit this vulnerability by sending crafted GRE over IPv6 packets with either IPv4 or IPv6 payload through an affected device. A successful exploit could allow the attacker to cause the device to crash, resulting in a DoS condition. | |||||
| CVE-2020-7473 | 1 Citrix | 1 Sharefile Storagezones Controller | 2020-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| In certain situations, all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users. NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-8982 and CVE-2020-8983 but has essentially the same risk. | |||||
| CVE-2018-20191 | 3 Canonical, Fedoraproject, Qemu | 3 Ubuntu Linux, Fedora, Qemu | 2020-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference). | |||||
| CVE-2018-20125 | 2 Canonical, Qemu | 2 Ubuntu Linux, Qemu | 2020-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings. | |||||
| CVE-2018-20216 | 2 Canonical, Qemu | 2 Ubuntu Linux, Qemu | 2020-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled). | |||||
| CVE-2020-3255 | 1 Cisco | 25 Asa 5505, Asa 5505 Firmware, Asa 5510 and 22 more | 2020-05-12 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the packet processing functionality of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to inefficient memory management. An attacker could exploit this vulnerability by sending a high rate of IPv4 or IPv6 traffic through an affected device. This traffic would need to match a configured block action in an access control policy. An exploit could allow the attacker to cause a memory exhaustion condition on the affected device, which would result in a DoS for traffic transiting the device, as well as sluggish performance of the management interface. Once the flood is stopped, performance should return to previous states. | |||||
| CVE-2020-3309 | 1 Cisco | 1 Firepower Device Manager On-box | 2020-05-12 | 9.0 HIGH | 7.2 HIGH |
| A vulnerability in Cisco Firepower Device Manager (FDM) On-Box software could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation. An attacker could exploit this vulnerability by uploading a malicious file to an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on as well as modify the underlying operating system of an affected device. | |||||