Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-4290 | 1 Ibm | 1 Security Information Queue | 2020-04-08 | 5.5 MEDIUM | 5.4 MEDIUM |
| IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could allow any authenticated user to spoof the configuration owner of any other user which disclose sensitive information or allow for unauthorized access. IBM X-Force ID: 176333. | |||||
| CVE-2020-4291 | 1 Ibm | 1 Security Information Queue | 2020-04-08 | 4.3 MEDIUM | 4.3 MEDIUM |
| IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, 1.0.4, and 1.0.5 could disclose sensitive information to an unauthorized user due to insufficient timeout functionality in the Web UI. IBM X-Force ID: 176334. | |||||
| CVE-2020-11626 | 1 Primekey | 1 Ejbca | 2020-04-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in EJBCA before 6.15.2.6 and 7.x before 7.3.1.2. Two Cross Side Scripting (XSS) vulnerabilities have been found in the Public Web and the Certificate/CRL download servlets. | |||||
| CVE-2017-18672 | 1 Google | 1 Android | 2020-04-08 | 4.9 MEDIUM | 5.5 MEDIUM |
| An issue was discovered on Samsung mobile devices with L(5.0/5.1), M(6.0), and N(7.x) software. Because of incorrect exception handling for Intents, a local attacker can force a reboot within framework.jar. The Samsung ID is SVE-2017-8390 (May 2017). | |||||
| CVE-2017-18667 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 4.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Attackers can prevent users from learning that SMS storage space has been exhausted. The Samsung ID is SVE-2017-8702 (June 2017). | |||||
| CVE-2016-11048 | 1 Google | 1 Android | 2020-04-08 | 2.1 LOW | 4.6 MEDIUM |
| An issue was discovered on Samsung mobile devices with L(5.0/5.1) (Spreadtrum or Marvell chipsets) software. There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2016-5421 (March 2016). | |||||
| CVE-2016-11050 | 1 Samsung | 10 Note2, Note2 Firmware, Note3 and 7 more | 2020-04-08 | 2.1 LOW | 4.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with S3(KK), Note2(KK), S4(L), Note3(L), and S5(L) software. An attacker can rewrite the IMEI by flashing crafted firmware. The Samsung ID is SVE-2016-5562 (March 2016). | |||||
| CVE-2016-11053 | 1 Google | 1 Android | 2020-04-08 | 2.1 LOW | 4.6 MEDIUM |
| An issue was discovered on Samsung mobile devices with software through 2015-11-11 (supporting FRP/RL). There is a Factory Reset Protection (FRP) bypass. The Samsung ID is SVE-2015-5131 (January 2016). | |||||
| CVE-2017-18653 | 1 Google | 1 Android | 2020-04-08 | 4.0 MEDIUM | 4.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. The Email application allows attackers to send emails on behalf of any user via a broadcasted intent. The Samsung ID is SVE-2017-9357 (September 2017). | |||||
| CVE-2017-18656 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is a buffer over-read in a trustlet. The Samsung ID is SVE-2017-8890 (August 2017). | |||||
| CVE-2020-11512 | 1 Idxbroker | 1 Impress For Idx Broker | 2020-04-08 | 3.5 LOW | 5.4 MEDIUM |
| Stored XSS in the IMPress for IDX Broker WordPress plugin before 2.6.2 allows authenticated attackers with minimal (subscriber-level) permissions to save arbitrary JavaScript in the plugin's settings panel via the idx_update_recaptcha_key AJAX action and a crafted idx_recaptcha_site_key parameter, which would then be executed in the browser of any administrator visiting the panel. This could be used to create new administrator-level accounts. | |||||
| CVE-2017-18657 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with M(6.0) and N(7.x) software. There is an arbitrary write in a trustlet. The Samsung ID is SVE-2017-8893 (August 2017). | |||||
| CVE-2017-18658 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with M(6.0) software. The multiwindow_facade API allows attackers to cause a NullPointerException and system halt via an attempted screen touch of a non-existing display. The Samsung ID is SVE-2017-9383 (August 2017). | |||||
| CVE-2017-18659 | 1 Google | 1 Android | 2020-04-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.x) software. Attackers can crash system processes via a broadcast to AdaptiveDisplayColorService. The Samsung ID is SVE-2017-8290 (July 2017). | |||||
| CVE-2020-11515 | 1 Rankmath | 1 Rankmath | 2020-04-07 | 5.8 MEDIUM | 6.1 MEDIUM |
| The Rank Math plugin through 1.0.40.2 for WordPress allows unauthenticated remote attackers to create new URIs (that redirect to an external web site) via the unsecured rankmath/v1/updateRedirection REST API endpoint. In other words, this is not an "Open Redirect" issue; instead, it allows the attacker to create a new URI with an arbitrary name (e.g., the /exampleredirect URI). | |||||
| CVE-2016-11041 | 1 Google | 1 Android | 2020-04-07 | 2.1 LOW | 4.6 MEDIUM |
| An issue was discovered on Samsung mobile devices with KK(4.4) software. Attackers can bypass the lockscreen by sending an AT command over USB. The Samsung ID is SVE-2015-5301 (June 2016). | |||||
| CVE-2016-11032 | 1 Google | 1 Android | 2020-04-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Samsung mobile devices with M(6.0) software. An attacker can disable all Sound functionality by broadcasting an unprotected intent. The Samsung IDs are SVE-2016-7179 and SVE-2016-7182 (November 2016). | |||||
| CVE-2020-8142 | 1 Revive-adserver | 1 Revive Adserver | 2020-04-07 | 4.6 MEDIUM | 6.8 MEDIUM |
| A security restriction bypass vulnerability has been discovered in Revive Adserver version < 5.0.5 by HackerOne user hoangn144. Revive Adserver, like many other applications, requires the logged in user to type the current password in order to change the e-mail address or the password. It was however possible for anyone with access to a Revive Adserver admin user interface to bypass such check and change e-email address or password of the currently logged in user by altering the form payload.The attack requires physical access to the user interface of a logged in user. If the POST payload was altered by turning the “pwold” parameter into an array, Revive Adserver would fetch and authorise the operation even if no password was provided. | |||||
| CVE-2020-8096 | 1 Bitdefender | 1 Antimalware Software Development Kit | 2020-04-07 | 4.6 MEDIUM | 5.3 MEDIUM |
| Untrusted Search Path vulnerability in Bitdefender High-Level Antimalware SDK for Windows allows an attacker to load third party code from a DLL library in the search path. This issue affects: Bitdefender High-Level Antimalware SDK for Windows versions prior to 3.0.1.204 . | |||||
| CVE-2019-15233 | 1 Oldstreetsolutions | 1 Live Input Macros | 2020-04-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Live:Text Box macro in the Old Street Live Input Macros app before 2.11 for Confluence has XSS, leading to theft of the Administrator Session Cookie. | |||||
| CVE-2020-2172 | 1 Jenkins | 1 Code Coverage Api | 2020-04-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| Jenkins Code Coverage API Plugin 1.1.4 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | |||||
| CVE-2020-2173 | 1 Jenkins | 1 Gatling | 2020-04-07 | 3.5 LOW | 5.4 MEDIUM |
| Jenkins Gatling Plugin 1.2.7 and earlier prevents Content-Security-Policy headers from being set for Gatling reports served by the plugin, resulting in an XSS vulnerability exploitable by users able to change report content. | |||||
| CVE-2020-2174 | 1 Jenkins | 1 Awseb Deployment | 2020-04-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| Jenkins AWSEB Deployment Plugin 0.3.19 and earlier does not escape various values printed as part of form validation output, resulting in a reflected cross-site scripting vulnerability. | |||||
| CVE-2020-2175 | 1 Jenkins | 1 Fitnesse | 2020-04-07 | 3.5 LOW | 5.4 MEDIUM |
| Jenkins FitNesse Plugin 1.31 and earlier does not correctly escape report contents before showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users able to control the XML input files processed by the plugin. | |||||
| CVE-2020-2176 | 1 Jenkins | 1 Usemango Runner | 2020-04-07 | 3.5 LOW | 5.4 MEDIUM |
| Multiple form validation endpoints in Jenkins useMango Runner Plugin 1.4 and earlier do not escape values received from the useMango service, resulting in a cross-site scripting (XSS) vulnerability exploitable by users able to control the values returned from the useMango service. | |||||
| CVE-2020-6171 | 1 Communilink | 1 Clink Office | 2020-04-07 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the index page of the CLink Office 2.0 management console allows remote attackers to inject arbitrary web script or HTML via the lang parameter. | |||||
| CVE-2020-5300 | 1 Ory | 1 Hydra | 2020-04-07 | 3.5 LOW | 5.3 MEDIUM |
| In Hydra (an OAuth2 Server and OpenID Certified™ OpenID Connect Provider written in Go), before version 1.4.0+oryOS.17, when using client authentication method 'private_key_jwt' [1], OpenId specification says the following about assertion `jti`: "A unique identifier for the token, which can be used to prevent reuse of the token. These tokens MUST only be used once, unless conditions for reuse were negotiated between the parties". Hydra does not check the uniqueness of this `jti` value. Exploiting this vulnerability is somewhat difficult because: - TLS protects against MITM which makes it difficult to intercept valid tokens for replay attacks - The expiry time of the JWT gives only a short window of opportunity where it could be replayed This has been patched in version v1.4.0+oryOS.17 | |||||
| CVE-2018-11751 | 1 Puppet | 1 Puppet Server | 2020-04-07 | 4.8 MEDIUM | 5.4 MEDIUM |
| Previous versions of Puppet Agent didn't verify the peer in the SSL connection prior to downloading the CRL. This issue is resolved in Puppet Agent 6.4.0. | |||||
| CVE-2020-11547 | 1 Paessler | 1 Prtg Network Monitor | 2020-04-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm. | |||||
| CVE-2020-11457 | 1 Netgate | 1 Pfsense | 2020-04-06 | 3.5 LOW | 5.4 MEDIUM |
| pfSense before 2.4.5 has stored XSS in system_usermanager_addprivs.php in the WebGUI via the descr parameter (aka full name) of a user. | |||||
| CVE-2019-16533 | 1 Draytek | 8 Vigor2925 Firmware, Vigor2925ac, Vigor2925fn and 5 more | 2020-04-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS. NOTE: this is an end-of-life product. | |||||
| CVE-2019-16534 | 1 Draytek | 8 Vigor2925 Firmware, Vigor2925ac, Vigor2925fn and 5 more | 2020-04-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product. | |||||
| CVE-2019-17231 | 1 Mageewp | 1 Onetone | 2020-04-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| includes/theme-functions.php in the OneTone theme through 3.0.6 for WordPress has multiple stored XSS issues. | |||||
| CVE-2020-8143 | 1 Revive-adserver | 1 Revive Adserver | 2020-04-06 | 5.8 MEDIUM | 6.1 MEDIUM |
| An Open Redirect vulnerability was discovered in Revive Adserver version < 5.0.5 and reported by HackerOne user hoangn144. A remote attacker could trick logged-in users to open a specifically crafted link and have them redirected to any destination.The CSRF protection of the “/www/admin/*-modify.php” could be skipped if no meaningful parameter was sent. No action was performed, but the user was still redirected to the target page, specified via the “returnurl” GET parameter. | |||||
| CVE-2020-11499 | 1 Firmware Analysis And Comparison Tool Project | 1 Firmware Analysis And Comparison Tool | 2020-04-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| Firmware Analysis and Comparison Tool (FACT) 3 has Stored XSS when updating analysis details via a localhost web request, as demonstrated by mishandling of the tags and version fields in helperFunctions/mongo_task_conversion.py. | |||||
| CVE-2017-9831 | 1 Libmtp Project | 1 Libmtp | 2020-04-05 | 4.6 MEDIUM | 6.8 MEDIUM |
| An integer overflow vulnerability in the ptp_unpack_EOS_CustomFuncEx function of the ptp-pack.c file of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable. | |||||
| CVE-2017-9832 | 1 Libmtp Project | 1 Libmtp | 2020-04-05 | 4.6 MEDIUM | 6.8 MEDIUM |
| An integer overflow vulnerability in ptp-pack.c (ptp_unpack_OPL function) of libmtp (version 1.1.12 and below) allows attackers to cause a denial of service (out-of-bounds memory access) or maybe remote code execution by inserting a mobile device into a personal computer through a USB cable. | |||||
| CVE-2020-3887 | 1 Apple | 6 Icloud, Ipad Os, Iphone Os and 3 more | 2020-04-03 | 4.3 MEDIUM | 4.3 MEDIUM |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4, tvOS 13.4, Safari 13.1, iTunes for Windows 12.10.5, iCloud for Windows 10.9.3, iCloud for Windows 7.18. A download's origin may be incorrectly associated. | |||||
| CVE-2020-3888 | 1 Apple | 2 Ipad Os, Iphone Os | 2020-04-03 | 4.3 MEDIUM | 4.3 MEDIUM |
| A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 13.4. A maliciously crafted page may interfere with other web contexts. | |||||
| CVE-2018-20872 | 1 I-lan | 1 Draytekl Firmware | 2020-04-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| DrayTek routers before 2018-05-23 allow CSRF attacks to change DNS or DHCP settings, a related issue to CVE-2017-11649. | |||||
| CVE-2018-11802 | 1 Apache | 1 Solr | 2020-04-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Apache Solr, the cluster can be partitioned into multiple collections and only a subset of nodes actually host any given collection. However, if a node receives a request for a collection it does not host, it proxies the request to a relevant node and serves the request. Solr bypasses all authorization settings for such requests. This affects all Solr versions prior to 7.7 that use the default authorization mechanism of Solr (RuleBasedAuthorizationPlugin). | |||||
| CVE-2020-11452 | 1 Microstrategy | 1 Microstrategy Web | 2020-04-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| Microstrategy Web 10.4 includes functionality to allow users to import files or data from external resources such as URLs or databases. By providing an external URL under attacker control, it's possible to send requests to external resources (aka SSRF) or leak files from the local system using the file:// stream wrapper. | |||||
| CVE-2020-11454 | 1 Microstrategy | 1 Microstrategy Web | 2020-04-03 | 3.5 LOW | 5.4 MEDIUM |
| Microstrategy Web 10.4 is vulnerable to Stored XSS in the HTML Container and Insert Text features in the window, allowing for the creation of a new dashboard. In order to exploit this vulnerability, a user needs to get access to a shared dashboard or have the ability to create a dashboard on the application. | |||||
| CVE-2020-11491 | 1 Zevenet | 1 Zen Load Balancer | 2020-04-03 | 4.0 MEDIUM | 4.9 MEDIUM |
| Monitoring::Logs in Zen Load Balancer 3.10.1 allows remote authenticated admins to conduct absolute path traversal attacks, as demonstrated by a filelog=/etc/shadow request to index.cgi. | |||||
| CVE-2019-19091 | 1 Abb | 1 Esoms | 2020-04-03 | 4.0 MEDIUM | 4.3 MEDIUM |
| For ABB eSOMS versions 4.0 to 6.0.3, HTTPS responses contain comments with sensitive information about the application. An attacker might use this detail information to specifically craft the attack. | |||||
| CVE-2019-19002 | 1 Abb | 1 Esoms | 2020-04-03 | 3.5 LOW | 5.4 MEDIUM |
| For ABB eSOMS versions 4.0 to 6.0.2, the X-XSS-Protection HTTP response header is not set in responses from the web server. For older web browser not supporting Content Security Policy, this might increase the risk of Cross Site Scripting. | |||||
| CVE-2019-19003 | 1 Abb | 1 Esoms | 2020-04-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| For ABB eSOMS versions 4.0 to 6.0.2, the HTTPOnly flag is not set. This can allow Javascript to access the cookie contents, which in turn might enable Cross Site Scripting. | |||||
| CVE-2019-19000 | 1 Abb | 1 Esoms | 2020-04-03 | 6.4 MEDIUM | 6.5 MEDIUM |
| For ABB eSOMS 4.0 to 6.0.3, the Cache-Control and Pragma HTTP header(s) have not been properly configured within the application response. This can potentially allow browsers and proxies to cache sensitive information. | |||||
| CVE-2019-19001 | 1 Abb | 1 Esoms | 2020-04-03 | 4.3 MEDIUM | 6.5 MEDIUM |
| For ABB eSOMS versions 4.0 to 6.0.2, the X-Frame-Options header is not configured in HTTP response. This can potentially allow 'ClickJacking' attacks where an attacker can frame parts of the application on a malicious web site, revealing sensitive user information such as authentication credentials. | |||||
| CVE-2019-19096 | 1 Abb | 1 Esoms | 2020-04-03 | 3.6 LOW | 6.1 MEDIUM |
| The Redis data structure component used in ABB eSOMS versions 6.0 to 6.0.2 stores credentials in clear text. If an attacker has file system access, this can potentially compromise the credentials' confidentiality. | |||||