Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-21213 | 1 Netgear | 20 D3600, D3600 Firmware, D6000 and 17 more | 2020-05-01 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D7800 before 1.0.1.30, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.96, WNDR4300 before 1.0.2.98, WNDR4300v2 before 1.0.0.50, and WNDR4500v3 before 1.0.0.50. | |||||
| CVE-2018-21170 | 1 Netgear | 10 Ex2700, Ex2700 Firmware, R7800 and 7 more | 2020-05-01 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects EX2700 before 1.0.1.28, R7800 before 1.0.2.40, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.50, and WN3100RPv2 before 1.0.0.56. | |||||
| CVE-2020-11004 | 1 Admidio | 1 Admidio | 2020-05-01 | 5.0 MEDIUM | 7.5 HIGH |
| SQL Injection was discovered in Admidio before version 3.3.13. The main cookie parameter is concatenated into a SQL query without any input validation/sanitization, thus an attacker without logging in, can send a GET request with arbitrary SQL queries appended to the cookie parameter and execute SQL queries. The vulnerability impacts the confidentiality of the system. This has been patched in version 3.3.13. | |||||
| CVE-2017-18709 | 1 Netgear | 4 R8300, R8300 Firmware, R8500 and 1 more | 2020-05-01 | 4.6 MEDIUM | 7.8 HIGH |
| Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R8300 before 1.0.2.94 and R8500 before 1.0.2.94. | |||||
| CVE-2018-21221 | 1 Netgear | 6 D3600, D3600 Firmware, D6000 and 3 more | 2020-05-01 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, and R9000 before 1.0.2.52. | |||||
| CVE-2018-21158 | 1 Netgear | 2 R7800, R7800 Firmware | 2020-05-01 | 5.8 MEDIUM | 8.8 HIGH |
| NETGEAR R7800 devices before 1.0.2.46 are affected by incorrect configuration of security settings. | |||||
| CVE-2018-21217 | 1 Netgear | 8 D3600, D3600 Firmware, D6000 and 5 more | 2020-05-01 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, and R6100 before 1.0.1.20. | |||||
| CVE-2018-21216 | 1 Netgear | 8 D3600, D3600 Firmware, D6000 and 5 more | 2020-05-01 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.67, D6000 before 1.0.0.67, D6100 before 1.0.0.56, and R6100 before 1.0.1.20. | |||||
| CVE-2018-21177 | 1 Netgear | 16 D6100, D6100 Firmware, R6100 and 13 more | 2020-05-01 | 6.5 MEDIUM | 7.2 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D6100 before 1.0.0.57, R6100 before 1.0.1.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. | |||||
| CVE-2018-21181 | 1 Netgear | 26 D7800, D7800 Firmware, Ex2700 and 23 more | 2020-05-01 | 6.5 MEDIUM | 7.2 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects D7800 before 1.0.1.28, EX2700 before 1.0.1.32, EX6200v2 before 1.0.1.56, R7500v2 before 1.0.3.24, R7800 before 1.0.2.40, R9000 before 1.0.3.6, WN2000RPTv3 before 1.0.1.20, WN3000RPv3 before 1.0.2.52, WN3100RPv2 before 1.0.0.42, WNDR3700v4 before 1.0.2.92, WNDR4300 before 1.0.2.94, WNDR4300v2 before 1.0.0.50, WNDR4500v3 before 1.0.0.50, and WNR2000v5 before 1.0.0.62. | |||||
| CVE-2020-12070 | 1 Advanced-woo-search | 1 Advanced Woo Search | 2020-05-01 | 5.0 MEDIUM | 7.5 HIGH |
| The Advanced Woo Search plugin version through 1.99 for Wordpress suffers from a sensitive information disclosure vulnerability in every ajax search request via the sql field to includes/class-aws-search.php. | |||||
| CVE-2018-21135 | 1 Netgear | 18 R6700, R6700 Firmware, R7500 and 15 more | 2020-05-01 | 6.5 MEDIUM | 7.2 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R6700 before 1.0.1.48, R7500 before 1.0.0.124, R7800 before 1.0.2.58, R8900 before 1.0.4.2, R9000 before 1.0.4.2, WNDR3700v4 before 1.0.2.102, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.56, WNDR4500v3 before 1.0.0.56, and WNR2000v5-R2000 before 1.0.0.68. | |||||
| CVE-2018-21139 | 1 Netgear | 98 D1500, D1500 Firmware, D500 and 95 more | 2020-05-01 | 5.0 MEDIUM | 7.5 HIGH |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects D1500 before 1.0.0.27, D500 before 1.0.0.27, D6100 before 1.0.0.58, D6200 before 1.1.00.30, D6220 before 1.0.0.46, D6400 before 1.0.0.82, D7000 before 1.0.1.68, D7000v2 before 1.0.0.51, D7800 before 1.0.1.42, D8500 before 1.0.3.42, DC112A before 1.0.0.40, DGN2200Bv4 before 1.0.0.102, DGN2200v4 before 1.0.0.102, JNR1010v2 before 1.1.0.54, JR6150 before 1.0.1.18, JWNR2010v5 before 1.1.0.54, PR2000 before 1.0.0.24, R6020 before 1.0.0.34, R6050 before 1.0.1.18, R6080 before 1.0.0.34, R6100 before 1.0.1.22, R6120 before 1.0.0.42, R6220 before 1.1.0.68, R6250 before 1.0.4.30, R6300v2 before 1.0.4.32, R6400 before 1.0.1.44, R6400v2 before 1.0.2.60, R6700 before 1.0.1.48, R6700v2 before 1.2.0.24, R6800 before 1.2.0.24, R6900 before 1.0.1.48, R6900P before 1.3.1.44, R6900v2 before 1.2.0.24, R7000 before 1.0.9.34, R7000P before 1.3.1.44, R7100LG before 1.0.0.48, R7300 before 1.0.0.68, R7500 before 1.0.0.124, R7500v2 before 1.0.3.38, R7900 before 1.0.2.16, R7900P before 1.4.1.24, R8000 before 1.0.4.18, R8000P before 1.4.1.24, R8300 before 1.0.2.122, R8500 before 1.0.2.122, WN3000RP before 1.0.0.68, WN3000RPv2 before 1.0.0.68, WNDR3400v3 before 1.0.1.18, WNDR3700v4 before 1.0.2.102, WNDR3700v5 before 1.1.0.54, WNDR4300v1 before 1.0.2.104, WNDR4300v2 before 1.0.0.56, WNDR4500v3 before 1.0.0.56, WNR1000v4 before 1.1.0.54, WNR2020 before 1.1.0.54, WNR2050 before 1.1.0.54, and WNR3500Lv2 before 1.2.0.54. | |||||
| CVE-2020-12118 | 1 Binance | 1 Tss-lib | 2020-05-01 | 6.4 MEDIUM | 8.2 HIGH |
| The keygen protocol implementation in Binance tss-lib before 1.2.0 allows attackers to generate crafted h1 and h2 parameters in order to compromise a signing round or obtain sensitive information from other parties. | |||||
| CVE-2018-21164 | 1 Netgear | 4 R6220, R6220 Firmware, Wndr3700 and 1 more | 2020-05-01 | 6.5 MEDIUM | 7.2 HIGH |
| Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6220 before 1.1.0.64 and WNDR3700v5 before 1.1.0.54. | |||||
| CVE-2017-18705 | 1 Netgear | 18 D7800, D7800 Firmware, R6100 and 15 more | 2020-05-01 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D7800 before 1.0.1.28, R6100 before 1.0.1.20, R7500 before 1.0.0.118, R7500v2 before 1.0.3.20, R7800 before 1.0.2.40, R9000 before 1.0.2.52, WNDR3700v4 before 1.0.2.88, WNDR4300 before 1.0.2.90, WNDR4300v2 before 1.0.0.48, WNDR4500v3 before 1.0.0.48, and WNR2000v5 before 1.0.0.62. | |||||
| CVE-2020-12479 | 1 Teampass | 1 Teampass | 2020-05-01 | 6.5 MEDIUM | 8.8 HIGH |
| TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a PHP file include vulnerability via a crafted HTTP request with sources/users.queries.php newValue directory traversal. | |||||
| CVE-2019-4750 | 1 Ibm | 1 Cloud App Management | 2020-05-01 | 6.8 MEDIUM | 8.8 HIGH |
| IBM Cloud App Management 2019.3.0 and 2019.4.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 173310. | |||||
| CVE-2017-18708 | 1 Netgear | 4 R8300, R8300 Firmware, R8500 and 1 more | 2020-05-01 | 6.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by CSRF. This affects R8300 before 1.0.2.94 and R8500 before 1.0.2.94. | |||||
| CVE-2019-15791 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2020-05-01 | 4.6 MEDIUM | 7.8 HIGH |
| In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl completes this fd is closed, which then puts a reference to that file, leading to a refcount underflow. | |||||
| CVE-2019-15792 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2020-05-01 | 4.6 MEDIUM | 7.8 HIGH |
| In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() calls fdget(oldfd), then without further checks passes the resulting file* into shiftfs_real_fdget(), which casts file->private_data, a void* that points to a filesystem-dependent type, to a "struct shiftfs_file_info *". As the private_data is not required to be a pointer, an attacker can use this to cause a denial of service or possibly execute arbitrary code. | |||||
| CVE-2019-15793 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2020-05-01 | 4.6 MEDIUM | 8.8 HIGH |
| In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into init_user_ns, whereas they should have been translated into the s_user_ns for the lower filesystem. This resulted in using ids other than the intended ones in the lower fs, which likely did not map into the shifts s_user_ns. A local attacker could use this to possibly bypass discretionary access control permissions. | |||||
| CVE-2020-1804 | 1 Huawei | 2 Honor V10, Honor V10 Firmware | 2020-05-01 | 5.8 MEDIUM | 7.1 HIGH |
| Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 1 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1805 and CVE-2020-1806. | |||||
| CVE-2020-1805 | 1 Huawei | 2 Honor V10, Honor V10 Firmware | 2020-05-01 | 5.8 MEDIUM | 7.1 HIGH |
| Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 2 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1804 and CVE-2020-1806. | |||||
| CVE-2020-6822 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2020-05-01 | 6.8 MEDIUM | 8.8 HIGH |
| On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in <code>GMPDecodeData</code>. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75. | |||||
| CVE-2020-10712 | 1 Redhat | 1 Openshift Container Platform | 2020-04-30 | 6.4 MEDIUM | 8.2 HIGH |
| A flaw was found in OpenShift Container Platform version 4.1 and later. Sensitive information was found to be logged by the image registry operator allowing an attacker able to gain access to those logs, to read and write to the storage backing the internal image registry. The highest threat from this vulnerability is to data integrity. | |||||
| CVE-2020-8477 | 1 Abb | 1 800xa Information Manager | 2020-04-30 | 6.8 MEDIUM | 8.8 HIGH |
| The installations for ABB System 800xA Information Manager versions 5.1, 6.0 to 6.0.3.2 and 6.1 wrongly contain an auxiliary component. An attacker is able to use this for an XSS-like attack to an authenticated local user, which might lead to execution of arbitrary code. | |||||
| CVE-2020-8474 | 1 Abb | 1 800xa Base System | 2020-04-30 | 4.6 MEDIUM | 7.8 HIGH |
| Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause system functions to stop or malfunction. | |||||
| CVE-2020-5571 | 1 Sharp | 20 Aquos Compact Sh-m06, Aquos Compact Sh-m06 Firmware, Aquos L2 and 17 more | 2020-04-30 | 5.0 MEDIUM | 7.5 HIGH |
| SHARP AQUOS series (AQUOS SH-M02 build number 01.00.05 and earlier, AQUOS SH-RM02 build number 01.00.04 and earlier, AQUOS mini SH-M03 build number 01.00.04 and earlier, AQUOS Keitai SH-N01 build number 01.00.01 and earlier, AQUOS L2 (UQ mobile/J:COM) build number 01.00.05 and earlier, AQUOS sense lite SH-M05 build number 03.00.04 and earlier, AQUOS sense (UQ mobile) build number 03.00.03 and earlier, AQUOS compact SH-M06 build number 02.00.02 and earlier, AQUOS sense plus SH-M07 build number 02.00.02 and earlier, AQUOS sense2 SH-M08 build number 02.00.05 and earlier, and AQUOS sense2 (UQ mobile) build number 02.00.06 and earlier) allow an attacker to obtain the sensitive information of the device via malicious applications installed on the device. | |||||
| CVE-2020-12128 | 1 File Transfer Ifamily Project | 1 File Transfer Ifamily | 2020-04-30 | 5.0 MEDIUM | 7.5 HIGH |
| DONG JOO CHO File Transfer iFamily 2.1 allows directory traversal related to the ./etc/ path. | |||||
| CVE-2020-7350 | 1 Rapid7 | 1 Metasploit | 2020-04-30 | 6.8 MEDIUM | 7.8 HIGH |
| Rapid7 Metasploit Framework versions before 5.0.85 suffers from an instance of CWE-78: OS Command Injection, wherein the libnotify plugin accepts untrusted user-supplied data via a remote computer's hostname or service name. An attacker can create a specially-crafted hostname or service name to be imported by Metasploit from a variety of sources and trigger a command injection on the operator's terminal. Note, only the Metasploit Framework and products that expose the plugin system is susceptible to this issue -- notably, this does not include Rapid7 Metasploit Pro. Also note, this vulnerability cannot be triggered through a normal scan operation -- the attacker would have to supply a file that is processed with the db_import command. | |||||
| CVE-2020-1806 | 1 Huawei | 2 Honor V10, Honor V10 Firmware | 2020-04-30 | 5.8 MEDIUM | 7.1 HIGH |
| Huawei Honor V10 smartphones with versions earlier than 10.0.0.156(C00E156R2P4) has three out of bounds vulnerabilities. Certain driver program does not sufficiently validate certain parameters received, that would lead to several bytes out of bound read. Successful exploit may cause information disclosure or service abnormal. This is 3 out of 3 out of bounds vulnerabilities found. Different than CVE-2020-1804 and CVE-2020-1805. | |||||
| CVE-2020-5864 | 1 F5 | 1 Nginx Controller | 2020-04-30 | 5.8 MEDIUM | 7.4 HIGH |
| In versions of NGINX Controller prior to 3.2.0, communication between NGINX Controller and NGINX Plus instances skip TLS verification by default. | |||||
| CVE-2020-10506 | 1 The School Manage System Project | 1 The School Manage System | 2020-04-30 | 5.0 MEDIUM | 7.5 HIGH |
| The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Path Traversal, allowing attackers to access arbitrary files. | |||||
| CVE-2020-10512 | 1 Hgiga | 1 Oaklouds Ccm\@il | 2020-04-30 | 9.0 HIGH | 8.8 HIGH |
| HGiga C&Cmail CCMAILQ before olln-calendar-6.0-100.i386.rpm and CCMAILN before olln-calendar-5.0-100.i386.rpm contains a SQL Injection vulnerability which allows attackers to injecting SQL commands in the URL parameter to execute unauthorized commands. | |||||
| CVE-2020-5567 | 1 Cybozu | 1 Garoon | 2020-04-30 | 5.0 MEDIUM | 7.5 HIGH |
| Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu. | |||||
| CVE-2020-8773 | 1 Pega | 1 Platform | 2020-04-30 | 6.0 MEDIUM | 8.9 HIGH |
| The Richtext Editor in Pega Platform before 8.2.6 is affected by a Stored Cross-Site Scripting (XSS) vulnerability. | |||||
| CVE-2020-8775 | 1 Pega | 1 Platform | 2020-04-30 | 6.0 MEDIUM | 8.9 HIGH |
| Pega Platform before version 8.2.6 is affected by a Stored Cross-Site Scripting (XSS) vulnerability in the comment tags. | |||||
| CVE-2017-18728 | 1 Netgear | 8 D6200, D6200 Firmware, R6700 and 5 more | 2020-04-30 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2017-18729 | 1 Netgear | 14 D6200, D6200 Firmware, R6020 and 11 more | 2020-04-30 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6020 before 1.0.0.30, R6080 before 1.0.0.30, R6120 before 1.0.0.36, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2017-18730 | 1 Netgear | 14 D6200, D6200 Firmware, R6020 and 11 more | 2020-04-30 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D6200 before 1.1.00.24, R6020 before 1.0.0.30, R6080 before 1.0.0.30, R6120 before 1.0.0.36, R6700v2 before 1.1.0.42, R6800 before 1.1.0.42, and R6900v2 before 1.1.0.42. | |||||
| CVE-2017-18731 | 1 Netgear | 8 R6100, R6100 Firmware, R7500 and 5 more | 2020-04-30 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects R6100 before 1.0.1.16, R7500 before 1.0.0.112, R7500v2 before 1.0.3.20, R7800 before 1.0.2.36, and WNR2000v5 before 1.0.0.58. | |||||
| CVE-2018-21138 | 1 Netgear | 4 D3600, D3600 Firmware, D6000 and 1 more | 2020-04-30 | 5.8 MEDIUM | 8.8 HIGH |
| Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects D3600 before 1.0.0.76 and D6000 before 1.0.0.76. | |||||
| CVE-2020-10893 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2020-04-30 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects embedded in a PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-10189. | |||||
| CVE-2020-10902 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2020-04-30 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-10462. | |||||
| CVE-2020-8774 | 1 Pega | 1 Pega Platform | 2020-04-30 | 6.8 MEDIUM | 8.8 HIGH |
| Pega Platform before version 8.2.6 is affected by a Reflected Cross-Site Scripting vulnerability in the "ActionStringID" function. | |||||
| CVE-2018-21160 | 1 Netgear | 1 Readynas Os | 2020-04-30 | 6.8 MEDIUM | 8.8 HIGH |
| NETGEAR ReadyNAS devices before 6.9.3 are affected by CSRF. | |||||
| CVE-2020-1757 | 1 Redhat | 6 Jboss Data Grid, Jboss Enterprise Application Platform, Jboss Fuse and 3 more | 2020-04-30 | 5.5 MEDIUM | 8.1 HIGH |
| A flaw was found in all undertow-2.x.x SP1 versions prior to undertow-2.0.30.SP1, all undertow-1.x.x and undertow-2.x.x versions prior to undertow-2.1.0.Final, where the Servlet container causes servletPath to normalize incorrectly by truncating the path after semicolon which may lead to an application mapping resulting in the security bypass. | |||||
| CVE-2020-10897 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2020-04-30 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-10193. | |||||
| CVE-2020-10896 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2020-04-30 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D objects in PDF files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-10192. | |||||