Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-4582 | 1 Ibm | 1 Maximo Asset Management | 2020-08-13 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 167288. | |||||
| CVE-2020-2233 | 1 Jenkins | 1 Pipeline Maven Integration | 2020-08-13 | 4.0 MEDIUM | 6.5 MEDIUM |
| A missing permission check in Jenkins Pipeline Maven Integration Plugin 3.8.2 and earlier allows users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins. | |||||
| CVE-2020-15071 | 1 Getsymphony | 1 Symphony | 2020-08-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| content/content.blueprintsevents.php in Symphony CMS 3.0.0 allows XSS via fields['name'] to appendSubheading. | |||||
| CVE-2020-8905 | 1 Google | 1 Asylo | 2020-08-13 | 4.0 MEDIUM | 6.5 MEDIUM |
| A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. The 'enc_untrusted_recvfrom' function generates a return value which is deserialized by 'MessageReader', and copied into three different 'extents'. The length of the third 'extents' is controlled by the outside world, and not verified on copy, allowing the attacker to force Asylo to copy trusted memory data into an untrusted buffer of significantly small length.. We recommend updating Asylo to version 0.6.0 or later. | |||||
| CVE-2020-6300 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2020-08-13 | 3.5 LOW | 4.8 MEDIUM |
| SAP Business Objects Business Intelligence Platform (Central Management Console), versions- 4.2, 4.3, allows an attacker with administrator rights can use the web application to send malicious code to a different end user (victim), as it does not sufficiently encode user-controlled inputs for RecycleBin, resulting in Stored Cross-Site Scripting (XSS) vulnerability. | |||||
| CVE-2018-15913 | 1 Cloudera | 1 Cloudera Manager | 2020-08-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Cloudera Manager 5.x through 5.15.0. One type of page in Cloudera Manager uses a 'returnUrl' parameter to redirect the user to another page in Cloudera Manager once a wizard is completed. The validity of this parameter was not checked. As a result, the user could be automatically redirected to an attacker's external site or perform a malicious JavaScript function that results in cross-site scripting (XSS). This was fixed by not allowing any value in the returnUrl parameter with patterns such as http://, https://, //, or javascript. The only exceptions to this rule are the SAML Login/Logout URLs, which remain supported since they are explicitly configured and they are not passed via the returnUrl parameter. | |||||
| CVE-2020-10777 | 1 Redhat | 1 Cloudforms | 2020-08-12 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site scripting flaw was found in Report Menu feature of Red Hat CloudForms 4.7 and 5. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms. | |||||
| CVE-2014-3611 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2020-08-12 | 4.7 MEDIUM | 4.7 MEDIUM |
| Race condition in the __kvm_migrate_pit_timer function in arch/x86/kvm/i8254.c in the KVM subsystem in the Linux kernel through 3.17.2 allows guest OS users to cause a denial of service (host OS crash) by leveraging incorrect PIT emulation. | |||||
| CVE-2020-12135 | 2 Mongodb, Whoopsie Project | 2 C Driver, Whoopsie | 2020-08-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input. | |||||
| CVE-2020-15570 | 1 Whoopsie Project | 1 Whoopsie | 2020-08-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file. | |||||
| CVE-2020-15650 | 2 Google, Mozilla | 2 Android, Firefox Esr | 2020-08-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11. | |||||
| CVE-2020-15649 | 2 Google, Mozilla | 2 Android, Firefox Esr | 2020-08-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11. | |||||
| CVE-2020-15648 | 1 Mozilla | 2 Firefox, Thunderbird | 2020-08-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird < 78 and Firefox < 78.0.2. | |||||
| CVE-2009-3621 | 6 Canonical, Fedoraproject, Linux and 3 more | 8 Ubuntu Linux, Fedora, Linux Kernel and 5 more | 2020-08-12 | 4.9 MEDIUM | 5.5 MEDIUM |
| net/unix/af_unix.c in the Linux kernel 2.6.31.4 and earlier allows local users to cause a denial of service (system hang) by creating an abstract-namespace AF_UNIX listening socket, performing a shutdown operation on this socket, and then performing a series of connect operations to this socket. | |||||
| CVE-2013-6673 | 5 Canonical, Fedoraproject, Mozilla and 2 more | 10 Ubuntu Linux, Fedora, Firefox and 7 more | 2020-08-12 | 4.3 MEDIUM | 5.9 MEDIUM |
| Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 do not recognize a user's removal of trust from an EV X.509 certificate, which makes it easier for man-in-the-middle attackers to spoof SSL servers in opportunistic circumstances via a valid certificate that is unacceptable to the user. | |||||
| CVE-2020-15907 | 1 Mahara | 1 Mahara | 2020-08-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and 20.04 before 20.04.1, certain places could execute file or folder names containing JavaScript. | |||||
| CVE-2019-19529 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2020-08-12 | 6.9 MEDIUM | 6.3 MEDIUM |
| In the Linux kernel before 5.3.11, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/can/usb/mcba_usb.c driver, aka CID-4d6636498c41. | |||||
| CVE-2020-14319 | 1 Redhat | 2 Amq Online, Enmasse | 2020-08-12 | 4.0 MEDIUM | 5.9 MEDIUM |
| It was found that the AMQ Online console is vulnerable to a Cross-Site Request Forgery (CSRF) which is exploitable in cases where preflight checks are not instigated or bypassed. For example authorised users using an older browser with Adobe Flash are vulnerable when targeted by an attacker. This flaw affects all versions of AMQ-Online prior to 1.5.2 and Enmasse versions 0.31.0-rc1 up until but not including 0.32.2. | |||||
| CVE-2019-17639 | 1 Eclipse | 1 Openj9 | 2020-08-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Eclipse OpenJ9 prior to version 0.21 on Power platforms, calling the System.arraycopy method with a length longer than the length of the source or destination array can, in certain specially crafted code patterns, cause the current method to return prematurely with an undefined return value. This allows whatever value happens to be in the return register at that time to be used as if it matches the method's declared return type. | |||||
| CVE-2020-16248 | 1 Prometheus | 1 Blackbox Exporter | 2020-08-12 | 5.0 MEDIUM | 5.8 MEDIUM |
| ** DISPUTED ** Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. NOTE: follow-on discussion suggests that this might plausibly be interpreted as both intended functionality and also a vulnerability. | |||||
| CVE-2020-5412 | 1 Vmware | 1 Spring Cloud Netflix | 2020-08-11 | 4.0 MEDIUM | 6.5 MEDIUM |
| Spring Cloud Netflix, versions 2.2.x prior to 2.2.4, versions 2.1.x prior to 2.1.6, and older unsupported versions allow applications to use the Hystrix Dashboard proxy.stream endpoint to make requests to any server reachable by the server hosting the dashboard. A malicious user, or attacker, can send a request to other servers that should not be exposed publicly. | |||||
| CVE-2020-4485 | 1 Ibm | 1 Qradar Security Information And Event Manager | 2020-08-11 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM QRadar 7.2.0 through 7.2.9 could allow an authenticated user to disable the Wincollect service which could aid an attacker in bypassing security mechanisms in future attacks. IBM X-Force ID: 181860. | |||||
| CVE-2020-15945 | 1 Lua | 1 Lua | 2020-08-11 | 2.1 LOW | 5.5 MEDIUM |
| Lua through 5.4.0 has a segmentation fault in changedline in ldebug.c (e.g., when called by luaG_traceexec) because it incorrectly expects that an oldpc value is always updated upon a return of the flow of control to a function. | |||||
| CVE-2020-16117 | 2 Debian, Gnome | 2 Debian Linux, Evolution-data-server | 2020-08-11 | 4.3 MEDIUM | 5.9 MEDIUM |
| In GNOME evolution-data-server before 3.35.91, a malicious server can crash the mail client with a NULL pointer dereference by sending an invalid (e.g., minimal) CAPABILITY line on a connection attempt. This is related to imapx_free_capability and imapx_connect_to_server. | |||||
| CVE-2020-9243 | 1 Huawei | 2 Mate 30, Mate 30 Firmware | 2020-08-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service condition. | |||||
| CVE-2020-14337 | 1 Redhat | 1 Ansible Tower | 2020-08-11 | 5.0 MEDIUM | 5.8 MEDIUM |
| A data exposure flaw was found in Tower, where sensitive data was revealed from the HTTP return error codes. This flaw allows an unauthenticated, remote attacker to retrieve pages from the default organization and verify existing usernames. The highest threat from this vulnerability is to data confidentiality. | |||||
| CVE-2020-17480 | 1 Tiny | 1 Tinymce | 2020-08-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor. | |||||
| CVE-2020-16275 | 1 Carson-saint | 1 Saint Security Suite | 2020-08-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the Credential Manager component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link. | |||||
| CVE-2020-16278 | 1 Carson-saint | 1 Saint Security Suite | 2020-08-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the Permissions component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link. | |||||
| CVE-2020-8607 | 2 Microsoft, Trendmicro | 13 Windows, Antivirus Toolkit, Apex One and 10 more | 2020-08-11 | 7.2 HIGH | 6.7 MEDIUM |
| An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability. | |||||
| CVE-2020-15870 | 1 Sonatype | 1 Nexus Repository Manager 3 | 2020-08-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (Issue 2 of 2). | |||||
| CVE-2020-15869 | 1 Sonatype | 1 Nexus Repository Manager 3 | 2020-08-11 | 4.3 MEDIUM | 5.4 MEDIUM |
| Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (issue 1 of 2). | |||||
| CVE-2010-3078 | 5 Canonical, Linux, Opensuse and 2 more | 6 Ubuntu Linux, Linux Kernel, Opensuse and 3 more | 2020-08-11 | 2.1 LOW | 5.5 MEDIUM |
| The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an ioctl call. | |||||
| CVE-2010-2942 | 6 Avaya, Canonical, Linux and 3 more | 13 Aura Communication Manager, Aura Presence Services, Aura Session Manager and 10 more | 2020-08-11 | 2.1 LOW | 5.5 MEDIUM |
| The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members when performing dump operations, which allows local users to obtain potentially sensitive information from kernel memory via vectors related to (1) the tcf_gact_dump function in net/sched/act_gact.c, (2) the tcf_mirred_dump function in net/sched/act_mirred.c, (3) the tcf_nat_dump function in net/sched/act_nat.c, (4) the tcf_simp_dump function in net/sched/act_simple.c, and (5) the tcf_skbedit_dump function in net/sched/act_skbedit.c. | |||||
| CVE-2020-17364 | 1 Usvn | 1 User-friendly Svn | 2020-08-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| USVN (aka User-friendly SVN) before 1.0.9 allows XSS via SVN logs. | |||||
| CVE-2017-18112 | 1 Atlassian | 1 Fisheye | 2020-08-11 | 4.0 MEDIUM | 6.5 MEDIUM |
| Affected versions of Atlassian Fisheye allow remote attackers to view the HTTP password of a repository via an Information Disclosure vulnerability in the logging feature. The affected versions are before version 4.8.3. | |||||
| CVE-2020-16847 | 1 Extremenetworks | 1 Extreme Management Center | 2020-08-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| Extreme Analytics in Extreme Management Center before 8.5.0.169 allows unauthenticated reflected XSS via a parameter in a GET request, aka CFD-4887. | |||||
| CVE-2020-17476 | 1 Mibew | 1 Messenger | 2020-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Mibew Messenger before 3.2.7 allows XSS via a crafted user name. | |||||
| CVE-2020-4541 | 1 Ibm | 1 Jazz Reporting Service | 2020-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Jazz Reporting Service 7.0 and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183039. | |||||
| CVE-2020-4533 | 1 Ibm | 1 Jazz Reporting Service | 2020-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182717. | |||||
| CVE-2020-4539 | 1 Ibm | 1 Jazz Reporting Service | 2020-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Jazz Reporting Service 6.0.2, 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | |||||
| CVE-2020-16211 | 1 Advantech | 1 Webaccess\/hmi Designer | 2020-08-10 | 4.3 MEDIUM | 5.5 MEDIUM |
| Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. An out-of-bounds read vulnerability may be exploited by processing specially crafted project files, which may allow an attacker to read information. | |||||
| CVE-2020-17451 | 1 Flatcore | 1 Flatcore | 2020-08-10 | 3.5 LOW | 4.8 MEDIUM |
| flatCore before 1.5.7 allows XSS by an admin via the acp/acp.php?tn=pages&sub=edit&editpage=1 page_linkname, page_title, page_content, or page_extracontent parameter, or the acp/acp.php?tn=system&sub=sys_pref prefs_pagename, prefs_pagetitle, or prefs_pagesubtitle parameter. | |||||
| CVE-2020-15819 | 1 Jetbrains | 1 Youtrack | 2020-08-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports. | |||||
| CVE-2020-15821 | 1 Jetbrains | 1 Youtrack | 2020-08-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft. | |||||
| CVE-2020-15830 | 1 Jetbrains | 1 Teamcity | 2020-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI. | |||||
| CVE-2020-15831 | 1 Jetbrains | 1 Teamcity | 2020-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI. | |||||
| CVE-2020-15912 | 1 Tesla | 2 Model 3, Model 3 Firmware | 2020-08-10 | 3.3 LOW | 6.5 MEDIUM |
| ** DISPUTED ** Tesla Model 3 vehicles allow attackers to open a door by leveraging access to a legitimate key card, and then using NFC Relay. NOTE: the vendor has developed Pin2Drive to mitigate this issue. | |||||
| CVE-2019-11255 | 2 Kubernetes, Redhat | 4 External-provisioner, External-resizer, External-snapshotter and 1 more | 2020-08-10 | 5.5 MEDIUM | 6.5 MEDIUM |
| Improper input validation in Kubernetes CSI sidecar containers for external-provisioner (<v0.4.3, <v1.0.2, v1.1, <v1.2.2, <v1.3.1), external-snapshotter (<v0.4.2, <v1.0.2, v1.1, <1.2.2), and external-resizer (v0.1, v0.2) could result in unauthorized PersistentVolume data access or volume mutation during snapshot, restore from snapshot, cloning and resizing operations. | |||||
| CVE-2020-11110 | 1 Grafana | 1 Grafana | 2020-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| Grafana through 6.7.1 allows stored XSS due to insufficient input protection in the originalUrl field, which allows an attacker to inject JavaScript code that will be executed after clicking on Open Original Dashboard after visiting the snapshot. | |||||