Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-11006 | 1 Shopizer | 1 Shopizer | 2020-05-13 | 3.5 LOW | 5.4 MEDIUM |
| In Shopizer before version 2.11.0, a script can be injected in various forms and saved in the database, then executed when information is fetched from backend. This has been patched in version 2.11.0. | |||||
| CVE-2020-12737 | 1 Maxum | 1 Rumpus | 2020-05-13 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authenticated users can perform a path traversal using double escaped characters, enabling read access to arbitrary files on the server. | |||||
| CVE-2017-8842 | 1 Lrzip Project | 1 Lrzip | 2020-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted archive. | |||||
| CVE-2017-8843 | 1 Lrzip Project | 1 Lrzip | 2020-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| The join_pthread function in stream.c in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive. | |||||
| CVE-2017-8845 | 1 Lrzip Project | 1 Lrzip | 2020-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| The lzo1x_decompress function in lzo1x_d.ch in LZO 2.08, as used in lrzip 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive. | |||||
| CVE-2017-8847 | 1 Lrzip Project | 1 Lrzip | 2020-05-13 | 4.3 MEDIUM | 5.5 MEDIUM |
| The bufRead::get() function in libzpaq/libzpaq.h in liblrzip.so in lrzip 0.631 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted archive. | |||||
| CVE-2020-11102 | 1 Qemu | 1 Qemu | 2020-05-13 | 6.8 MEDIUM | 5.6 MEDIUM |
| hw/net/tulip.c in QEMU 4.2.0 has a buffer overflow during the copying of tx/rx buffers because the frame size is not validated against the r/w data length. | |||||
| CVE-2020-4195 | 1 Ibm | 1 Api Connect | 2020-05-12 | 3.5 LOW | 5.4 MEDIUM |
| IBM API Connect V2018.4.1.0 through 2018.4.1.10 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 174859. | |||||
| CVE-2014-1423 | 2 Signond Project, Ubports | 2 Signond, Ubuntu Touch | 2020-05-12 | 4.3 MEDIUM | 5.5 MEDIUM |
| signond before 8.57+15.04.20141127.1-0ubuntu1, as used in Ubuntu Touch, did not properly restrict applications from querying oath tokens due to incorrect checks and the missing installation of the signon-apparmor-extension. An attacker could use this create a malicious click app that collects oauth tokens for other applications, exposing sensitive information. | |||||
| CVE-2015-7946 | 1 Ubports | 1 Unity8 | 2020-05-12 | 2.1 LOW | 4.6 MEDIUM |
| Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in Unity8 shipped elsewhere. This allows an attacker to enable the MTP service by opening the emergency dialer. Fixed in 8.11+16.04.20160111.1-0ubuntu1 and 8.11+15.04.20160122-0ubuntu1. | |||||
| CVE-2020-12765 | 1 Solis | 1 Miolo | 2020-05-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Solis Miolo 2.0 allows index.php?module=install&action=view&item= Directory Traversal. | |||||
| CVE-2019-18870 | 1 Blaauwproducts | 1 Remote Kiln Control | 2020-05-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to download arbitrary files from the host machine. | |||||
| CVE-2020-4092 | 1 Hcltech | 1 Hcl Nomad | 2020-05-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| "If port encryption is not enabled on the Domino Server, HCL Nomad on Android and iOS Platforms will communicate in clear text and does not currently have a user interface option to change the setting to request an encrypted communication channel with the Domino server. This can potentially expose sensitive information including but not limited to server names, user IDs and document content." | |||||
| CVE-2020-3256 | 1 Cisco | 1 Hosted Collaboration Mediation Fulfillment | 2020-05-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| A vulnerability in the web-based management interface of Cisco Hosted Collaboration Mediation Fulfillment (HCM-F) Software could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system. To exploit this vulnerability, an attacker would need administrative privileges on the Cisco HCM-F Software. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by sending malicious requests that contain references in XML entities to an affected system. A successful exploit could allow the attacker to retrieve files from the local system, resulting in the disclosure of sensitive information. | |||||
| CVE-2020-12764 | 1 Solis | 1 Gnuteca | 2020-05-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Gnuteca 3.8 allows file.php?folder=/&file= Directory Traversal. | |||||
| CVE-2020-3178 | 1 Cisco | 1 Content Security Management Appliance | 2020-05-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| Multiple vulnerabilities in the web-based GUI of Cisco AsyncOS Software for Cisco Content Security Management Appliance (SMA) could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerabilities are due to improper input validation of the parameters of an HTTP request. An attacker could exploit these vulnerabilities by intercepting an HTTP request and modifying it to redirect a user to a specific malicious URL. A successful exploit could allow the attacker to redirect a user to a malicious web page or to obtain sensitive browser-based information. This type of attack is commonly referred to as an open redirect attack and is used in phishing attacks to get users to unknowingly visit malicious sites. | |||||
| CVE-2018-19489 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2020-05-12 | 1.9 LOW | 4.7 MEDIUM |
| v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming. | |||||
| CVE-2018-19364 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2020-05-12 | 2.1 LOW | 5.5 MEDIUM |
| hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome. | |||||
| CVE-2020-3253 | 1 Cisco | 1 Firepower Threat Defense | 2020-05-12 | 7.2 HIGH | 6.7 MEDIUM |
| A vulnerability in the support tunnel feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to access the shell of an affected device even though expert mode is disabled. The vulnerability is due to improper configuration of the support tunnel feature. An attacker could exploit this vulnerability by enabling the support tunnel, setting a key, and deriving the tunnel password. A successful exploit could allow the attacker to run any system command with root access on an affected device. | |||||
| CVE-2018-20124 | 2 Canonical, Qemu | 2 Ubuntu Linux, Qemu | 2020-05-12 | 2.1 LOW | 5.5 MEDIUM |
| hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value. | |||||
| CVE-2018-20126 | 3 Canonical, Opensuse, Qemu | 3 Ubuntu Linux, Leap, Qemu | 2020-05-12 | 2.1 LOW | 5.5 MEDIUM |
| hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. | |||||
| CVE-2018-20123 | 3 Canonical, Fedoraproject, Qemu | 3 Ubuntu Linux, Fedora, Qemu | 2020-05-12 | 2.1 LOW | 5.5 MEDIUM |
| pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error. | |||||
| CVE-2020-3246 | 1 Cisco | 1 Umbrella | 2020-05-12 | 4.3 MEDIUM | 4.3 MEDIUM |
| A vulnerability in the web server of Cisco Umbrella could allow an unauthenticated, remote attacker to perform a carriage return line feed (CRLF) injection attack against a user of an affected service. The vulnerability is due to insufficient validation of user input. An attacker could exploit this vulnerability by persuading a user to access a crafted URL. A successful exploit could allow the attacker to inject arbitrary HTTP headers into valid HTTP responses sent to the browser of the user. | |||||
| CVE-2020-3308 | 1 Cisco | 2 Firepower Management Center, Firepower Threat Defense | 2020-05-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| A vulnerability in the Image Signature Verification feature of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker with administrator-level credentials to install a malicious software patch on an affected device. The vulnerability is due to improper verification of digital signatures for patch images. An attacker could exploit this vulnerability by crafting an unsigned software patch to bypass signature checks and loading it on an affected device. A successful exploit could allow the attacker to boot a malicious software patch image. | |||||
| CVE-2020-12142 | 1 Silver-peak | 44 Nx-1000, Nx-1000 Firmware, Nx-10k and 41 more | 2020-05-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| 1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative access and shell access to the EdgeConnect appliance. An admin user can access IPSec seed and nonce parameters using the CLI, REST APIs, and the Linux shell. | |||||
| CVE-2020-9387 | 1 Mahara | 1 Mahara | 2020-05-12 | 3.5 LOW | 4.3 MEDIUM |
| In Mahara 19.04 before 19.04.5 and 19.10 before 19.10.3, account details are shared in the Elasticsearch results for accounts that are not accessible when the config setting 'Isolated institutions' is turned on. | |||||
| CVE-2020-3311 | 1 Cisco | 1 Firepower Management Center | 2020-05-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| A vulnerability in the web interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. The vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerability by intercepting and modifying an HTTP request from a user. A successful exploit could allow the attacker to redirect the user to a specific malicious web page. | |||||
| CVE-2020-12143 | 1 Silver-peak | 44 Nx-1000, Nx-1000 Firmware, Nx-10k and 41 more | 2020-05-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| The certificate used to identify Orchestrator to EdgeConnect devices is not validated, which makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted Orchestrator. | |||||
| CVE-2020-10630 | 1 Sae-it | 2 Net-line Fw-50, Net-line Fw-50 Firmware | 2020-05-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| SAE IT-systems FW-50 Remote Telemetry Unit (RTU). The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in the output used as a webpage that is served to other users. | |||||
| CVE-2020-12144 | 1 Silver-peak | 44 Nx-1000, Nx-1000 Firmware, Nx-10k and 41 more | 2020-05-12 | 4.0 MEDIUM | 4.9 MEDIUM |
| The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated. This makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted portal. | |||||
| CVE-2019-20768 | 1 Servicenow | 1 It Service Management | 2020-05-12 | 3.5 LOW | 5.4 MEDIUM |
| ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS via crafted sysparm_item_guid and sys_id parameters in an Incident Request to service_catalog.do. | |||||
| CVE-2020-12679 | 1 Mitel | 2 Mivoice Connect, Shoretel Conference Web | 2020-05-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| A reflected cross-site scripting (XSS) vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScript and HTML via the PATH_INFO to home.php. | |||||
| CVE-2020-3315 | 1 Cisco | 19 Csr1000v, Firepower Management Center, Firepower Threat Defense and 16 more | 2020-05-12 | 5.0 MEDIUM | 5.3 MEDIUM |
| Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass the configured file policies on an affected system. The vulnerability is due to errors in how the Snort detection engine handles specific HTTP responses. An attacker could exploit this vulnerability by sending crafted HTTP packets that would flow through an affected system. A successful exploit could allow the attacker to bypass the configured file policies and deliver a malicious payload to the protected network. | |||||
| CVE-2020-10859 | 1 Zohocorp | 1 Manageengine Desktop Central | 2020-05-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| Zoho ManageEngine Desktop Central before 10.0.484 allows authenticated arbitrary file writes during ZIP archive extraction via Directory Traversal in a crafted AppDependency API request. | |||||
| CVE-2020-12687 | 1 Serpico Project | 1 Serpico | 2020-05-12 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Serpico before 1.3.3. The /admin/attacments_backup endpoint can be requested by non-admin authenticated users. This means that an attacker with a user account can retrieve all of the attachments of all users (including administrators) from the database. | |||||
| CVE-2020-12706 | 1 Php-fusion | 1 Php-fusion | 2020-05-12 | 3.5 LOW | 5.4 MEDIUM |
| Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the go parameter to faq/faq_admin.php or shoutbox_panel/shoutbox_admin.php | |||||
| CVE-2020-12708 | 1 Php-fusion | 1 Php-fusion | 2020-05-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the cat_id parameter to downloads/downloads.php or article.php. NOTE: this might overlap CVE-2012-6043. | |||||
| CVE-2016-1222 | 1 Kobe-beauty | 1 Php-contact-form | 2020-05-12 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Kobe Beauty php-contact-form before 2016-05-18 allows remote attackers to inject arbitrary web script or HTML via a crafted URI. | |||||
| CVE-2020-2181 | 1 Jenkins | 1 Credentials Binding | 2020-05-11 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets in the build log when the build contains no build steps. | |||||
| CVE-2020-2182 | 1 Jenkins | 1 Credentials Binding | 2020-05-11 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins Credentials Binding Plugin 1.22 and earlier does not mask (i.e., replace with asterisks) secrets containing a `$` character in some circumstances. | |||||
| CVE-2020-2188 | 1 Jenkins | 1 Amazon Ec2 | 2020-05-11 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Amazon EC2 Plugin 1.50.1 and earlier in form-related methods allowed users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins. | |||||
| CVE-2020-2183 | 1 Jenkins | 1 Copy Artifact | 2020-05-11 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Copy Artifact Plugin 1.43.1 and earlier performs improper permission checks, allowing attackers to copy artifacts from jobs they have no permission to access. | |||||
| CVE-2020-12696 | 1 Iframe Project | 1 Iframe | 2020-05-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| The iframe plugin before 4.5 for WordPress does not sanitize a URL. | |||||
| CVE-2018-15726 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2020-05-11 | 4.6 MEDIUM | 5.3 MEDIUM |
| The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Privilege Escalation Vulnerability. | |||||
| CVE-2018-15749 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2020-05-11 | 2.1 LOW | 5.5 MEDIUM |
| The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability. | |||||
| CVE-2016-1156 | 3 Apple, Linecorp, Microsoft | 3 Mac Os X, Line, Windows | 2020-05-11 | 3.5 LOW | 5.7 MEDIUM |
| LINE 4.3.0.724 and earlier on Windows and 4.3.1 and earlier on OS X allows remote authenticated users to cause a denial of service (application crash) via a crafted post that is mishandled when displaying a Timeline. | |||||
| CVE-2017-8545 | 1 Microsoft | 1 Outlook | 2020-05-11 | 4.3 MEDIUM | 6.5 MEDIUM |
| A spoofing vulnerability exists in when Microsoft Outlook for Mac does not sanitize html properly, aka "Microsoft Outlook for Mac Spoofing Vulnerability". | |||||
| CVE-2019-1263 | 1 Microsoft | 3 Excel, Office, Office 365 Proplus | 2020-05-11 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'. | |||||
| CVE-2010-5321 | 1 Linux | 1 Linux Kernel | 2020-05-11 | 4.9 MEDIUM | 4.3 MEDIUM |
| Memory leak in drivers/media/video/videobuf-core.c in the videobuf subsystem in the Linux kernel 2.6.x through 4.x allows local users to cause a denial of service (memory consumption) by leveraging /dev/video access for a series of mmap calls that require new allocations, a different vulnerability than CVE-2007-6761. NOTE: as of 2016-06-18, this affects only 11 drivers that have not been updated to use videobuf2 instead of videobuf. | |||||
| CVE-2018-15668 | 1 Bloop | 1 Airmail 3 | 2020-05-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. The "send" command in the airmail:// URL scheme allows an external application to send arbitrary emails from an active account. URL parameters for the "send" command with the "attachment_" prefix designate attachment parameters. If the value of an attachment parameter corresponds to an accessible file path, the file is attached to the outbound message. In addition, relative file paths are acceptable attachment parameter values. The handler can be invoked using any method that invokes the URL handler such as a hyperlink in an email. The user is not prompted when the handler processes the "send" command, thus leading to automatic transmission of an email with designated attachments from the target account to a target address. | |||||