Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-12476 | 1 Suse | 3 Obs-service-tar Scm, Opensuse Factory, Suse Linux Enterprise Server | 2020-02-05 | 6.4 MEDIUM | 7.5 HIGH |
| Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory allows remote attackers with control over a repository to overwrite files on the machine of the local user if a malicious service is executed. This issue affects: SUSE Linux Enterprise Server 15 obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74:. openSUSE Factory obs-service-tar_scm versions prior to 0.9.2.1537788075.fefaa74. | |||||
| CVE-2019-19824 | 1 Totolink | 16 A3002ru, A3002ru Firmware, A702r and 13 more | 2020-02-05 | 9.0 HIGH | 8.8 HIGH |
| On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0. | |||||
| CVE-2011-4937 | 1 Joomla | 1 Joomla\! | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| Joomla! 1.7.1 has core information disclosure due to inadequate error checking. | |||||
| CVE-2011-3629 | 1 Joomla | 1 Joomla\! | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| Joomla! core 1.7.1 allows information disclosure due to weak encryption | |||||
| CVE-2019-4540 | 1 Ibm | 1 Security Directory Server | 2020-02-05 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 165813. | |||||
| CVE-2019-14867 | 2 Fedoraproject, Freeipa | 2 Fedora, Freeipa | 2020-02-05 | 6.8 MEDIUM | 8.8 HIGH |
| A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way the internal function ber_scanf() was used in some components of the IPA server, which parsed kerberos key data. An unauthenticated attacker who could trigger parsing of the krb principal key could cause the IPA server to crash or in some conditions, cause arbitrary code to be executed on the server hosting the IPA server. | |||||
| CVE-2019-5636 | 1 Beckhoff | 1 Twincat | 2020-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| When a Beckhoff TwinCAT Runtime receives a malformed UDP packet, the ADS Discovery Service shuts down. Note that the TwinCAT devices are still performing as normal. This issue affects TwinCAT 2 version 2304 (and prior) and TwinCAT 3.1 version 4204.0 (and prior). | |||||
| CVE-2019-5637 | 1 Beckhoff | 3 Twincat, Twincat Cx2030, Twincat Cx5140 | 2020-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| When Beckhoff TwinCAT is configured to use the Profinet driver, a denial of service of the controller could be reached by sending a malformed UDP packet to the device. This issue affects TwinCAT 2 version 2304 (and prior) and TwinCAT 3.1 version 4204.0 (and prior). | |||||
| CVE-2017-14807 | 1 Suse | 2 Studio Onsite, Susestudio-ui-server | 2020-02-04 | 5.5 MEDIUM | 8.1 HIGH |
| An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susestudio-ui-server of SUSE Studio onsite allows remote attackers with admin privileges in Studio to alter SQL statements, allowing for extraction and modification of data. This issue affects: SUSE Studio onsite susestudio-ui-server version 1.3.17-56.6.3 and prior versions. | |||||
| CVE-2013-7051 | 1 D-link | 2 Dir-100, Dir-100 Firmware | 2020-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to check authentication parameters | |||||
| CVE-2012-6610 | 1 Polycom | 3 Hdx 8000, Hdx Video End Points, Uc Apl | 2020-02-04 | 9.0 HIGH | 8.8 HIGH |
| Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote authenticated users to execute arbitrary commands as demonstrated by a ; (semicolon) to the ping command feature. | |||||
| CVE-2012-6609 | 1 Polycom | 3 Hdx 8000, Hdx Video End Points, Uc Apl | 2020-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in a_getlog.cgi in Polycom HDX Video End Points before 3.0.4 and UC APL before 2.7.1.J allows remote attackers to read arbitrary files via a .. (dot dot) in the name parameter. | |||||
| CVE-2014-2277 | 1 Perltidy Project | 1 Perltidy | 2020-02-04 | 3.6 LOW | 7.1 HIGH |
| The make_temporary_filename function in perltidy 20120701-1 and earlier allows local users to obtain sensitive information or write to arbitrary files via a symlink attack, related to use of the tmpnam function. | |||||
| CVE-2013-2574 | 1 Foscam | 2 Fi8620, Fi8620 Firmware | 2020-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| An Access vulnerability exists in FOSCAM IP Camera FI8620 due to insufficient access restrictions in the /tmpfs/ and /log/ directories, which could let a malicious user obtain sensitive information. | |||||
| CVE-2013-7053 | 1 D-link | 2 Dir-100, Dir-100 Firmware | 2020-02-04 | 6.8 MEDIUM | 8.8 HIGH |
| D-Link DIR-100 4.03B07: cli.cgi CSRF | |||||
| CVE-2017-17763 | 1 Liveqos | 1 Superbeam | 2020-02-04 | 7.6 HIGH | 7.5 HIGH |
| SuperBeam through 4.1.3, when using the LAN or WiFi Direct Share feature, does not use HTTPS or any integrity-protection mechanism for file transfer, which makes it easier for remote attackers to send crafted files, as demonstrated by APK injection. | |||||
| CVE-2013-1895 | 2 Fedoraproject, Python | 2 Fedora, Py-bcrypt | 2020-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| The py-bcrypt module before 0.3 for Python does not properly handle concurrent memory access, which allows attackers to bypass authentication via multiple authentication requests, which trigger the password hash to be overwritten. | |||||
| CVE-2017-17497 | 1 Htacg | 1 Tidy | 2020-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| In Tidy 5.7.0, the prvTidyTidyMetaCharset function in clean.c allows attackers to cause a denial of service (Segmentation Fault), because the currentNode variable in the "children of the head" processing feature is modified in the loop without validating the new value. | |||||
| CVE-2013-4862 | 1 Micasaverde | 2 Veralite, Veralite Firmware | 2020-02-04 | 5.5 MEDIUM | 8.1 HIGH |
| MiCasaVerde VeraLite with firmware 1.5.408 does not properly restrict access, which allows remote authenticated users to (1) update the firmware via the squashfs parameter to upgrade_step2.sh or (2) obtain hashed passwords via the cgi-bin/cmh/backup.sh page. | |||||
| CVE-2013-4863 | 1 Micasaverde | 2 Veralite, Veralite Firmware | 2020-02-04 | 9.0 HIGH | 8.8 HIGH |
| The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows (1) remote attackers to execute arbitrary Lua code via a RunLua action in a request to upnp/control/hag on port 49451 or (2) remote authenticated users to execute arbitrary Lua code via a RunLua action in a request to port_49451/upnp/control/hag. | |||||
| CVE-2020-7998 | 1 Super File Explorer Project | 1 Super File Explorer | 2020-02-04 | 9.0 HIGH | 8.8 HIGH |
| An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the root path. By default, there is no password set for the FTP or Web UI service. | |||||
| CVE-2020-5207 | 1 Jetbrains | 1 Ktor | 2020-02-04 | 5.0 MEDIUM | 7.5 HIGH |
| In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator. | |||||
| CVE-2014-7302 | 1 Hp | 1 Sgi Tempo | 2020-02-04 | 7.2 HIGH | 7.8 HIGH |
| SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to change the permissions of arbitrary files by executing /opt/sgi/sgimc/bin/vx. | |||||
| CVE-2014-7303 | 1 Hp | 1 Sgi Tempo | 2020-02-04 | 7.2 HIGH | 7.8 HIGH |
| SGI Tempo, as used on SGI ICE-X systems, uses weak permissions for certain files, which allows local users to obtain password hashes and possibly other unspecified sensitive information by reading etc/dbdump.db. | |||||
| CVE-2019-17094 | 1 Belkin | 2 Wemo Insight Switch, Wemo Insight Switch Firmware | 2020-02-04 | 7.2 HIGH | 7.8 HIGH |
| A Stack-based Buffer Overflow vulnerability in libbelkin_api.so component of Belkin WeMo Insight Switch firmware allows a local attacker to obtain code execution on the device. This issue affects: Belkin WeMo Insight Switch firmware version 2.00.11396 and prior versions. | |||||
| CVE-2013-4583 | 1 Gitlab | 2 Gitlab, Gitlab-shell | 2020-02-03 | 6.5 MEDIUM | 8.8 HIGH |
| The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, and Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to gain privileges and clone arbitrary repositories. | |||||
| CVE-2019-17102 | 1 Bitdefender | 2 Box 2, Box 2 Firmware | 2020-02-03 | 9.3 HIGH | 8.1 HIGH |
| An exploitable command execution vulnerability exists in the recovery partition of Bitdefender BOX 2, version 2.0.1.91. The API method `/api/update_setup` does not perform firmware signature checks atomically, leading to an exploitable race condition (TOCTTOU) that allows arbitrary execution of system commands. This issue affects: Bitdefender Bitdefender BOX 2 versions prior to 2.1.47.36. | |||||
| CVE-2015-5290 | 1 Ratbox | 1 Ircd-ratbox | 2020-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial of Service vulnerability exists in ircd-ratbox 3.0.9 in the MONITOR Command Handler. | |||||
| CVE-2018-7777 | 1 Schneider-electric | 1 U.motion Builder | 2020-02-03 | 6.5 MEDIUM | 8.8 HIGH |
| The vulnerability is due to insufficient handling of update_file request parameter on update_module.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. A remote, authenticated attacker can exploit this vulnerability by sending a crafted request to the target server. | |||||
| CVE-2013-3212 | 1 Vtiger | 1 Vtiger Crm | 2020-02-03 | 6.8 MEDIUM | 8.1 HIGH |
| vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in 'customerportal.php' which allows remote attackers to view files and execute local script code. | |||||
| CVE-2018-5960 | 1 Tribalsystems | 1 Zenario | 2020-02-03 | 6.5 MEDIUM | 8.8 HIGH |
| Zenario v7.1 - v7.6 has SQL injection via the `Name` input field of organizer.php or admin_boxes.ajax.php in the `Categories - Edit` module. | |||||
| CVE-2016-1000104 | 2 Apache, Opensuse | 3 Mod Fcgid, Leap, Opensuse | 2020-02-03 | 6.5 MEDIUM | 8.8 HIGH |
| A security Bypass vulnerability exists in the FcgidPassHeader Proxy in mod_fcgid through 2016-07-07. | |||||
| CVE-2020-5210 | 1 Nethack | 1 Nethack | 2020-02-03 | 4.6 MEDIUM | 7.8 HIGH |
| In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence command line options. Users should upgrade to NetHack 3.6.5. | |||||
| CVE-2020-5209 | 1 Nethack | 1 Nethack | 2020-02-03 | 4.6 MEDIUM | 7.8 HIGH |
| In NetHack before 3.6.5, unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems that have NetHack installed suid/sgid and shared systems that allow users to influence command line options. Users should upgrade to NetHack 3.6.5. | |||||
| CVE-2018-16263 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2020-02-03 | 5.8 MEDIUM | 8.8 HIGH |
| The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | |||||
| CVE-2018-16266 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2020-02-03 | 4.8 MEDIUM | 8.1 HIGH |
| The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | |||||
| CVE-2018-16262 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2020-02-03 | 5.8 MEDIUM | 8.8 HIGH |
| The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. Such actions include installing, decrypting, and killing other packages. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | |||||
| CVE-2018-16267 | 2 Linux, Samsung | 2 Tizen, Galaxy Gear | 2020-02-03 | 4.8 MEDIUM | 8.1 HIGH |
| The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations. Such actions include the triggering system poweroff menu, and prompting a popup with arbitrary strings. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | |||||
| CVE-2019-13521 | 1 Rockwellautomation | 1 Arena Simulation | 2020-02-03 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities. | |||||
| CVE-2014-2906 | 1 Fishshell | 1 Fish | 2020-02-03 | 4.4 MEDIUM | 7.0 HIGH |
| The psub function in fish (aka fish-shell) 1.16.0 before 2.1.1 does not properly create temporary files, which allows local users to execute arbitrary commands via a temporary file with a predictable name. | |||||
| CVE-2014-3856 | 1 Fishshell | 1 Fish | 2020-02-03 | 4.4 MEDIUM | 7.0 HIGH |
| The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1 does not properly create temporary files, which allows local users to gain privileges via a temporary file with a predictable name. | |||||
| CVE-2019-13519 | 1 Rockwellautomation | 1 Arena Simulation | 2020-02-03 | 6.8 MEDIUM | 7.8 HIGH |
| A maliciously crafted program file opened by an unsuspecting user of Rockwell Automation Arena Simulation Software version 16.00.00 and earlier may result in the limited exposure of information related to the targeted workstation. Rockwell Automation has released version 16.00.01 of Arena Simulation Software to address the reported vulnerabilities. | |||||
| CVE-2013-5116 | 1 Evernote | 1 Evernote | 2020-02-03 | 6.6 MEDIUM | 7.1 HIGH |
| Evernote prior to 5.5.1 has insecure password change | |||||
| CVE-2020-7965 | 1 Webargs Project | 1 Webargs | 2020-02-03 | 6.8 MEDIUM | 8.8 HIGH |
| flaskparser.py in Webargs 5.x through 5.5.2 doesn't check that the Content-Type header is application/json when receiving JSON input. If the request body is valid JSON, it will accept it even if the content type is application/x-www-form-urlencoded. This allows for JSON POST requests to be made across domains, leading to CSRF. | |||||
| CVE-2019-12998 | 1 Elementsproject | 1 C-lightning | 2020-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| c-lightning before 0.7.1 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "It can be used for testing, but it should not be used for real funds." | |||||
| CVE-2019-12999 | 1 Lightning | 1 Network Daemon | 2020-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| Lightning Network Daemon (lnd) before 0.7 allows attackers to trigger loss of funds because of Incorrect Access Control. | |||||
| CVE-2019-13000 | 1 Acinq | 1 Eclair | 2020-02-03 | 5.0 MEDIUM | 7.5 HIGH |
| Eclair through 0.3 allows attackers to trigger loss of funds because of Incorrect Access Control. NOTE: README.md states "it is beta-quality software and don't put too much money in it." | |||||
| CVE-2012-4606 | 1 Citrix | 1 Xenserver | 2020-02-03 | 4.6 MEDIUM | 7.8 HIGH |
| Citrix XenServer 4.1, 6.0, 5.6 SP2, 5.6 Feature Pack 1, 5.6 Common Criteria, 5.6, 5.5, 5.0, and 5.0 Update 3 contains a Local Privilege Escalation Vulnerability which could allow local users with access to a guest operating system to gain elevated privileges. | |||||
| CVE-2014-3868 | 1 Zeuscart | 1 Zeuscart | 2020-02-03 | 6.5 MEDIUM | 8.8 HIGH |
| Multiple SQL injection vulnerabilities in ZeusCart 4.x. | |||||
| CVE-2018-8019 | 2 Apache, Debian | 2 Tomcat Native, Debian Linux | 2020-02-03 | 4.3 MEDIUM | 7.4 HIGH |
| When using an OCSP responder Apache Tomcat Native 1.2.0 to 1.2.16 and 1.1.23 to 1.1.34 did not correctly handle invalid responses. This allowed for revoked client certificates to be incorrectly identified. It was therefore possible for users to authenticate with revoked certificates when using mutual TLS. Users not using OCSP checks are not affected by this vulnerability. | |||||