Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-8417 | 1 Codesnippets | 1 Code Snippets | 2020-02-06 | 6.8 MEDIUM | 8.8 HIGH |
| The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu. | |||||
| CVE-2020-6849 | 1 Hutchhouse | 1 Marketo Forms And Tracking | 2020-02-06 | 6.8 MEDIUM | 8.8 HIGH |
| The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allows wp-admin/admin.php?page=marketo_fat CSRF with resultant XSS. | |||||
| CVE-2019-4613 | 1 Ibm | 1 Planning Analytics | 2020-02-06 | 6.8 MEDIUM | 8.8 HIGH |
| IBM Planning Analytics 2.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 168524. | |||||
| CVE-2014-5236 | 1 Open-xchange | 1 Open-xchange Appsuite | 2020-02-06 | 5.0 MEDIUM | 7.5 HIGH |
| Multiple absolute path traversal vulnerabilities in documentconverter in Open-Xchange (OX) AppSuite before 7.4.2-rev10 and 7.6.x before 7.6.0-rev10 allow remote attackers to read application files via a full pathname in a crafted (1) OLE Object or (2) image in an OpenDocument text file. | |||||
| CVE-2020-8009 | 1 Motu | 21 112d, 1248, 16a and 18 more | 2020-02-06 | 5.0 MEDIUM | 7.5 HIGH |
| AVB MOTU devices through 2020-01-22 allow /.. Directory Traversal, as demonstrated by reading the /etc/passwd file. | |||||
| CVE-2020-7972 | 1 Gitlab | 1 Gitlab | 2020-02-06 | 5.0 MEDIUM | 7.5 HIGH |
| GitLab EE 12.2 has Insecure Permissions (issue 2 of 2). | |||||
| CVE-2019-18412 | 1 Jetbrains | 1 Idetalk | 2020-02-06 | 5.0 MEDIUM | 7.5 HIGH |
| JetBrains IDETalk plugin before version 193.4099.10 allows XXE | |||||
| CVE-2019-3682 | 1 Suse | 1 Caas Platform | 2020-02-06 | 4.6 MEDIUM | 7.8 HIGH |
| The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node. | |||||
| CVE-2018-13041 | 1 Linktoken Project | 1 Linktoken | 2020-02-06 | 5.0 MEDIUM | 7.5 HIGH |
| The mint function of a smart contract implementation for Link Platform (LNK), an Ethereum ERC20 token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13474 | 1 Fanschaintoken Project | 1 Fanschaintoken | 2020-02-06 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for FansChainToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2013-0725 | 1 Hexagongeospatial | 1 Erdas Er Viewer | 2020-02-06 | 6.9 MEDIUM | 7.8 HIGH |
| ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities | |||||
| CVE-2020-8545 | 1 Circl | 1 Ail Framework | 2020-02-06 | 5.0 MEDIUM | 7.5 HIGH |
| Global.py in AIL framework 2.8 allows path traversal. | |||||
| CVE-2013-2646 | 1 Tp-link | 2 Tl-wr1043nd, Tl-wr1043nd Firmware | 2020-02-06 | 5.0 MEDIUM | 7.5 HIGH |
| TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified denial of service vulnerability. | |||||
| CVE-2020-7978 | 1 Gitlab | 1 Gitlab | 2020-02-06 | 5.0 MEDIUM | 7.5 HIGH |
| GitLab EE 12.6 and later through 12.7.2 allows Denial of Service. | |||||
| CVE-2019-19823 | 11 Ciktel, Coship, Fg-products and 8 more | 36 Mesh Router, Mesh Router Firmware, Emta Ap and 33 more | 2020-02-06 | 5.0 MEDIUM | 7.5 HIGH |
| A certain router administration interface (that includes Realtek APMIB 0.11f for Boa 0.94.14rc21) stores cleartext administrative passwords in flash memory and in a file. This affects TOTOLINK A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0; Rutek RTK 11N AP through 2019-12-12; Sapido GR297n through 2019-12-12; CIK TELECOM MESH ROUTER through 2019-12-12; KCTVJEJU Wireless AP through 2019-12-12; Fibergate FGN-R2 through 2019-12-12; Hi-Wifi MAX-C300N through 2019-12-12; HCN MAX-C300N through 2019-12-12; T-broad GN-866ac through 2019-12-12; Coship EMTA AP through 2019-12-12; and IO-Data WN-AC1167R through 2019-12-12. | |||||
| CVE-2013-6358 | 1 Prestashop | 1 Prestashop | 2020-02-06 | 9.0 HIGH | 8.8 HIGH |
| PrestaShop 1.5.5 allows remote authenticated attackers to execute arbitrary code by uploading a crafted profile and then accessing it in the module/ directory. | |||||
| CVE-2015-0949 | 2 Dell, Hp | 4 Latitude E6430, Latitude E6430 Firmware, Elitebook 850 G1 and 1 more | 2020-02-06 | 4.6 MEDIUM | 7.8 HIGH |
| The System Management Mode (SMM) implementation in Dell Latitude E6430 BIOS Revision A09, HP EliteBook 850 G1 BIOS revision L71 Ver. 01.09, and possibly other BIOS implementations does not ensure that function calls operate on SMRAM memory locations, which allows local users to bypass the Secure Boot protection mechanism and gain privileges by leveraging write access to physical memory. | |||||
| CVE-2020-5232 | 1 Ens.domains | 1 Ethereum Name Service | 2020-02-06 | 4.9 MEDIUM | 8.7 HIGH |
| A user who owns an ENS domain can set a trapdoor, allowing them to transfer ownership to another user, and later regain ownership without the new owners consent or awareness. A new ENS deployment is being rolled out that fixes this vulnerability in the ENS registry. | |||||
| CVE-2017-3199 | 1 Graniteds | 1 Graniteds | 2020-02-06 | 6.8 MEDIUM | 8.1 HIGH |
| The Java implementation of GraniteDS, version 3.1.1.GA, AMF3 deserializers derives class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized. | |||||
| CVE-2011-4115 | 1 Cpan | 1 Parallel\ | 2020-02-05 | 6.4 MEDIUM | 7.5 HIGH |
| Parallel::ForkManager module before 1.0.0 for Perl does not properly handle temporary files. | |||||
| CVE-2011-4116 | 1 Cpan | 1 File\ | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| _is_safe in the File::Temp module for Perl does not properly handle symlinks. | |||||
| CVE-2011-4117 | 1 Cpan | 1 Batch\ | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| The Batch::BatchRun module 1.03 for Perl does not properly handle temporary files. | |||||
| CVE-2015-3611 | 1 Fortinet | 1 Fortimanager | 2020-02-05 | 9.0 HIGH | 8.8 HIGH |
| A Command Injection vulnerability exists in FortiManager 5.2.1 and earlier and FortiManager 5.0.10 and earlier via unspecified vectors, which could let a malicious user run systems commands when executing a report. | |||||
| CVE-2014-8141 | 2 Redhat, Unzip Project | 6 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Eus and 3 more | 2020-02-05 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. | |||||
| CVE-2018-11479 | 1 Windscribe | 1 Windscribe | 2020-02-05 | 7.2 HIGH | 7.8 HIGH |
| The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \\.\pipe\WindscribeService named pipe endpoint that allows the Windscribe VPN process to connect and execute an OpenVPN process or other processes (like taskkill, etc.). There is no validation of the program name before constructing the lpCommandLine argument for a CreateProcess call. An attacker can run any malicious process with SYSTEM privileges through this named pipe. | |||||
| CVE-2020-5215 | 1 Google | 1 Tensorflow | 2020-02-05 | 4.3 MEDIUM | 7.5 HIGH |
| In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker can send a data point which contains a string instead of a tf.float16 value. Similar effects can be obtained by manipulating saved models and checkpoints whereby replacing a scalar tf.float16 value with a scalar string will trigger this issue due to automatic conversions. This can be easily reproduced by tf.constant("hello", tf.float16), if eager execution is enabled. This issue is patched in TensorFlow 1.15.1 and 2.0.1 with this vulnerability patched. TensorFlow 2.1.0 was released after we fixed the issue, thus it is not affected. Users are encouraged to switch to TensorFlow 1.15.1, 2.0.1 or 2.1.0. | |||||
| CVE-2020-5228 | 1 Apereo | 1 Opencast | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| Opencast before 8.1 and 7.6 allows unauthorized public access to all media and metadata by default via OAI-PMH. OAI-PMH is part of the default workflow and is activated by default, requiring active user intervention of users to protect media. This leads to users unknowingly handing out public access to events without their knowledge. The problem has been addressed in Opencast 7.6 and 8.1 where the OAI-PMH endpoint is configured to require users with `ROLE_ADMIN` by default. In addition to this, Opencast 9 removes the OAI-PMH publication from the default workflow, making the publication a conscious decision users have to make by updating their workflows. | |||||
| CVE-2020-5229 | 1 Apereo | 1 Opencast | 2020-02-05 | 5.5 MEDIUM | 8.1 HIGH |
| Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. Furthermore, the hashes are salted using the username instead of a random salt, causing hashes for users with the same username and password to collide which is problematic especially for popular users like the default `admin` user. This essentially means that for an attacker, it might be feasible to reconstruct a user's password given access to these hashes. Note that attackers needing access to the hashes means that they must gain access to the database in which these are stored first to be able to start cracking the passwords. The problem is addressed in Opencast 8.1 which now uses the modern and much stronger bcrypt password hashing algorithm for storing passwords. Note, that old hashes remain MD5 until the password is updated. For a list of users whose password hashes are stored using MD5, take a look at the `/user-utils/users/md5.json` REST endpoint. | |||||
| CVE-2014-8139 | 2 Redhat, Unzip Project | 7 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus and 4 more | 2020-02-05 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. | |||||
| CVE-2013-2672 | 1 Brother | 2 Mfc-9970cdw, Mfc-9970cdw Firmware | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| Brother MFC-9970CDW devices with firmware 0D allow cleartext submission of passwords. | |||||
| CVE-2014-8140 | 2 Redhat, Unzip Project | 7 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus and 4 more | 2020-02-05 | 6.8 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command. | |||||
| CVE-2013-2674 | 1 Brother | 2 Mfc-9970cdw, Mfc-9970cdw Firmware | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which allows remote attackers to view sensitive information from referrer logs due to inadequate handling of HTTP referrer headers. | |||||
| CVE-2014-8321 | 1 Aircrack-ng | 1 Aircrack-ng | 2020-02-05 | 4.6 MEDIUM | 7.8 HIGH |
| Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors. | |||||
| CVE-2016-4676 | 1 Apple | 2 Mac Os X, Safari | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| A Cross-origin vulnerability exists in WebKit in Apple Safari before 10.0.1 when processing location attributes, which could let a remote malicious user obtain sensitive information. | |||||
| CVE-2020-3941 | 2 Microsoft, Vmware | 2 Windows, Tools | 2020-02-05 | 4.4 MEDIUM | 7.0 HIGH |
| The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11. | |||||
| CVE-2017-3200 | 1 Graniteds | 1 Graniteds | 2020-02-05 | 6.8 MEDIUM | 8.1 HIGH |
| The Java implementation of AMF3 deserializers used in GraniteDS, version 3.1.1.G, may allow instantiation of arbitrary classes via their public parameter-less constructor and subsequently call arbitrary Java Beans setter methods. The ability to exploit this vulnerability depends on the availability of classes in the class path that make use of deserialization. A remote attacker with the ability to spoof or control information may be able to send serialized Java objects with pre-set properties that result in arbitrary code execution when deserialized. | |||||
| CVE-2011-4088 | 3 Abrt Project, Fedoraproject, Redhat | 5 Abrt, Fedora, Enterprise Linux Desktop and 2 more | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| ABRT might allow attackers to obtain sensitive information from crash reports. | |||||
| CVE-2020-5222 | 1 Apereo | 1 Opencast | 2020-02-05 | 6.5 MEDIUM | 8.8 HIGH |
| Opencast before 7.6 and 8.1 enables a remember-me cookie based on a hash created from the username, password, and an additional system key. This means that an attacker getting access to a remember-me token for one server can get access to all servers which allow log-in using the same credentials without ever needing the credentials. This problem is fixed in Opencast 7.6 and Opencast 8.1 | |||||
| CVE-2017-9462 | 3 Debian, Mercurial, Redhat | 8 Debian Linux, Mercurial, Enterprise Linux Desktop and 5 more | 2020-02-05 | 9.0 HIGH | 8.8 HIGH |
| In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name. | |||||
| CVE-2020-5852 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| Undisclosed traffic patterns received may cause a disruption of service to the Traffic Management Microkernel (TMM). This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. This issue only impacts specific engineering hotfixes. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. The affected Engineering Hotfix builds are as follows: Hotfix-BIGIP-14.1.2.1.0.83.4-ENG Hotfix-BIGIP-12.1.4.1.0.97.6-ENG Hotfix-BIGIP-11.5.4.2.74.291-HF2 | |||||
| CVE-2019-3864 | 1 Redhat | 1 Quay | 2020-02-05 | 6.8 MEDIUM | 8.8 HIGH |
| A vulnerability was discovered in all quay-2 versions before quay-3.0.0, in the Quay web GUI where POST requests include a specific parameter which is used as a CSRF token. The token is not refreshed for every request or when a user logged out and in again. An attacker could use a leaked token to gain access to the system using the user's account. | |||||
| CVE-2012-5626 | 1 Redhat | 6 Jboss Brms, Jboss Enterprise Application Platform, Jboss Enterprise Web Server and 3 more | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation. | |||||
| CVE-2015-8851 | 1 Node-uuid Project | 1 Node-uuid | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for attackers to have unspecified impact via brute force guessing. | |||||
| CVE-2019-5468 | 1 Gitlab | 1 Gitlab | 2020-02-05 | 6.5 MEDIUM | 8.8 HIGH |
| An privilege escalation issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 when Mattermost slash commands are used with a blocked account. | |||||
| CVE-2013-3322 | 1 Netapp | 1 Oncommand System Manager | 2020-02-05 | 9.0 HIGH | 7.2 HIGH |
| NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to inject arbitrary commands in the Halt/Reboot interface. | |||||
| CVE-2014-3119 | 1 Web2project | 1 Web2project | 2020-02-05 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple SQL injection vulnerabilities in web2Project 3.1 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) search_string parameter in the contacts module to index.php or allow remote attackers to execute arbitrary SQL commands via the updatekey parameter to (2) do_updatecontact.php or (3) updatecontact.php. | |||||
| CVE-2014-8126 | 1 Wisc | 1 Htcondor | 2020-02-05 | 6.5 MEDIUM | 8.8 HIGH |
| The scheduler in HTCondor before 8.2.6 allows remote authenticated users to execute arbitrary code. | |||||
| CVE-2020-8093 | 1 Bitdefender | 1 Antivirus | 2020-02-05 | 4.6 MEDIUM | 7.8 HIGH |
| A vulnerability in the AntivirusforMac binary as used in Bitdefender Antivirus for Mac allows an attacker to inject a library using DYLD environment variable to cause third-party code execution | |||||
| CVE-2020-7240 | 1 Meinbergglobal | 4 Lantime M1000, Lantime M1000 Firmware, Lantime M300 and 1 more | 2020-02-05 | 9.0 HIGH | 8.8 HIGH |
| ** DISPUTED ** Meinberg Lantime M300 and M1000 devices allow attackers (with privileges to configure a device) to execute arbitrary OS commands by editing the /config/netconf.cmd script (aka Extended Network Configuration). Note: According to the description, the vulnerability requires a fully authenticated super-user account using a webUI function that allows super users to edit a script supposed to execute OS commands. The given weakness enumeration (CWE-78) is not applicable in this case as it refers to abusing functions/input fields not supposed to be accepting OS commands by using 'Special Elements.' | |||||
| CVE-2020-7984 | 1 Solarwinds | 1 N-central | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| SolarWinds N-central before 12.1 SP1 HF5 and 12.2 before SP1 HF2 allows remote attackers to retrieve cleartext domain admin credentials from the Agent & Probe settings, and obtain other sensitive information. The attacker can use a customer ID to self register and read any aspects of the agent/appliance configuration. | |||||