Search
Total
846 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-7625 | 1 Op-browser Project | 1 Op-browser | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| op-browser through 1.0.6 is vulnerable to Command Injection. It allows execution of arbitrary commands via the url function. | |||||
| CVE-2020-7631 | 1 Diskusage-ng Project | 1 Diskusage-ng | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| diskusage-ng through 0.2.4 is vulnerable to Command Injection.It allows execution of arbitrary commands via the path argument. | |||||
| CVE-2020-7629 | 1 Install-package Project | 1 Install-package | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| install-package through 0.4.0 is vulnerable to Command Injection. It allows execution of arbitrary commands via the options argument. | |||||
| CVE-2020-7635 | 1 Compass-compile Project | 1 Compass-compile | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| compass-compile through 0.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via tha options argument. | |||||
| CVE-2020-7634 | 1 Heroku-addonpool Project | 1 Heroku-addonpool | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| heroku-addonpool through 0.1.15 is vulnerable to Command Injection. | |||||
| CVE-2020-7633 | 1 Apiconnect-cli-plugins Project | 1 Apiconnect-cli-plugins | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| apiconnect-cli-plugins through 6.0.1 is vulnerable to Command Injection.It allows execution of arbitrary commands via the pluginUri argument. | |||||
| CVE-2020-7697 | 1 Mock2easy Project | 1 Mock2easy | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| This affects all versions of package mock2easy. a malicious user could inject commands through the _data variable: Affected Area require('../server/getJsonByCurl')(mock2easy, function (error, stdout) { if (error) { return res.json(500, error); } res.json(JSON.parse(stdout)); }, '', _data.interfaceUrl, query, _data.cookie,_data.interfaceType); | |||||
| CVE-2020-7694 | 1 Encode | 1 Uvicorn | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package uvicorn. The request logger provided by the package is vulnerable to ASNI escape sequence injection. Whenever any HTTP request is received, the default behaviour of uvicorn is to log its details to either the console or a log file. When attackers request crafted URLs with percent-encoded escape sequences, the logging component will log the URL after it's been processed with urllib.parse.unquote, therefore converting any percent-encoded characters into their single-character equivalent, which can have special meaning in terminal emulators. By requesting URLs with crafted paths, attackers can: * Pollute uvicorn's access logs, therefore jeopardising the integrity of such files. * Use ANSI sequence codes to attempt to interact with the terminal emulator that's displaying the logs (either in real time or from a file). | |||||
| CVE-2020-7814 | 2 Microsoft, Raonwiz | 2 Windows, Raon K Upload | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| RAONWIZ v2018.0.2.50 and eariler versions contains a vulnerability that could allow remote files to be downloaded and excuted by lack of validation to file extension, witch can used as remote-code-excution attacks by hackers File download & execution vulnerability in ____COMPONENT____ of RAONWIZ RAON KUpload allows ____ATTACKER/ATTACK____ to cause ____IMPACT____. This issue affects: RAONWIZ RAON KUpload 2018.0.2.50 versions prior to 2018.0.2.51 on Windows. | |||||
| CVE-2020-7815 | 2 Microsoft, Tobesoft | 2 Windows, Xplatform | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| XPLATFORM v9.2.260 and eariler versions contain a vulnerability that could allow remote files to be downloaded by setting the arguments to the vulnerable method. this can be leveraged for code execution. File download vulnerability in ____COMPONENT____ of TOBESOFT XPLATFORM allows ____ATTACKER/ATTACK____ to cause ____IMPACT____. This issue affects: TOBESOFT XPLATFORM 9.2.250 versions prior to 9.2.260 on Windows. | |||||
| CVE-2020-7769 | 1 Nodemailer | 1 Nodemailer | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| This affects the package nodemailer before 6.4.16. Use of crafted recipient email addresses may result in arbitrary command flag injection in sendmail transport for sending mails. | |||||
| CVE-2020-7785 | 1 Node-ps Project | 1 Node-ps | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| This affects all versions of package node-ps. The injection point is located in line 72 in lib/index.js. | |||||
| CVE-2020-7782 | 1 Spritesheet-js Project | 1 Spritesheet-js | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| This affects all versions of package spritesheet-js. It depends on a vulnerable package platform-command. The injection point is located in line 32 in lib/generator.js, which is triggered by main entry of the package. | |||||
| CVE-2020-7799 | 1 Fusionauth | 1 Fusionauth | 2021-07-21 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered in FusionAuth before 1.11.0. An authenticated user, allowed to edit e-mail templates (Home -> Settings -> Email Templates) or themes (Home -> Settings -> Themes), can execute commands on the underlying operating system by abusing freemarker.template.utility.Execute in the Apache FreeMarker engine that processes custom templates. | |||||
| CVE-2020-9254 | 1 Huawei | 2 P30 Pro, P30 Pro Firmware | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution. | |||||
| CVE-2020-9314 | 1 Oracle | 1 Iplanet Web Server | 2021-07-21 | 4.9 MEDIUM | 4.8 MEDIUM |
| ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. This issue exists because of an incomplete fix for CVE-2012-0516. NOTE: a related support policy can be found in the www.oracle.com references attached to this CVE. | |||||
| CVE-2020-9347 | 1 Zohocorp | 1 Manageengine Password Manager Pro | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** Zoho ManageEngine Password Manager Pro through 10.x has a CSV Excel Macro Injection vulnerability via a crafted name that is mishandled by the Export Passwords feature. NOTE: the vendor disputes the significance of this report because they expect CSV risk mitigation to be provided by an external application, and do not plan to add CSV constraints to their own products. | |||||
| CVE-2020-9406 | 1 Iblsoft | 1 Online Weather | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| IBL Online Weather before 4.3.5a allows unauthenticated eval injection via the queryBCP method of the Auxiliary Service. | |||||
| CVE-2020-9428 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing. | |||||
| CVE-2020-7766 | 1 Json-ptr Project | 1 Json-ptr | 2021-07-21 | 7.5 HIGH | 7.3 HIGH |
| This affects all versions of package json-ptr. The issue occurs in the set operation (https://flitbit.github.io/json-ptr/classes/_src_pointer_.jsonpointer.htmlset) when the force flag is set to true. The function recursively set the property in the target object, however it does not properly check the key being set, leading to a prototype pollution. | |||||
| CVE-2020-35734 | 1 Batflat | 1 Batflat | 2021-07-21 | 6.5 MEDIUM | 7.2 HIGH |
| ** UNSUPPORTED WHEN ASSIGNED ** Sruu.pl in Batflat 1.3.6 allows an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Users tab. To exploit this, one must login to the administration panel and edit an arbitrary user's data (username, displayed name, etc.). NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | |||||
| CVE-2020-22275 | 1 Easyregistrationforms | 1 Easy Registration Forms | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an attacker to submit an entry with malicious CSV commands. After that, when the system administrator generates CSV output from the forms information, there is no check on this inputs and the codes are executable. | |||||
| CVE-2019-14761 | 1 Kaiostech | 1 Kaios | 2021-07-21 | 1.9 LOW | 4.4 MEDIUM |
| An issue was discovered in KaiOS 2.5. The pre-installed Note application is vulnerable to HTML and JavaScript injection attacks. A local attacker can inject arbitrary HTML into the Note application. At a bare minimum, this allows an attacker to take control over the Note application's UI (e.g., display a malicious prompt to the user asking them to re-enter credentials such as their KaiOS credentials to continue using the application) and also allows an attacker to abuse any of the privileges available to the mobile application. | |||||
| CVE-2019-14760 | 1 Kaiostech | 1 Kaios | 2021-07-21 | 1.9 LOW | 4.4 MEDIUM |
| An issue was discovered in KaiOS 2.5. The pre-installed Recorder application is vulnerable to HTML and JavaScript injection attacks. A local attacker can inject arbitrary HTML into the Recorder application. At a bare minimum, this allows an attacker to take control over the Recorder application's UI (e.g., display a malicious prompt to the user asking them to re-enter credentials such as their KaiOS credentials to continue using the application) and also allows an attacker to abuse any of the privileges available to the mobile application. | |||||
| CVE-2019-14759 | 1 Kaiostech | 1 Kaios | 2021-07-21 | 1.9 LOW | 4.4 MEDIUM |
| An issue was discovered in KaiOS 1.0, 2.5, and 2.5.1. The pre-installed Radio application is vulnerable to HTML and JavaScript injection attacks. A local attacker can inject arbitrary HTML into the Radio application. At a bare minimum, this allows an attacker to take control over the Radio application's UI (e.g., display a malicious prompt to the user asking them to re-enter credentials such as their KaiOS credentials to continue using the application) and also allows an attacker to abuse any of the privileges available to the mobile application. | |||||
| CVE-2020-1443 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2021-07-21 | 3.5 LOW | 5.4 MEDIUM |
| A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft SharePoint Spoofing Vulnerability'. | |||||
| CVE-2020-13247 | 1 Boolebox | 1 Boolebox | 2021-07-21 | 8.5 HIGH | 7.3 HIGH |
| BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area. | |||||
| CVE-2020-14965 | 1 Tp-link | 4 Tl-wr740n, Tl-wr740n Firmware, Tl-wr740nd and 1 more | 2021-07-21 | 3.5 LOW | 4.8 MEDIUM |
| On TP-Link TL-WR740N v4 and TL-WR740ND v4 devices, an attacker with access to the admin panel can inject HTML code and change the HTML context of the target pages and stations in the access-control settings via targets_lists_name or hosts_lists_name. The vulnerability can also be exploited through a CSRF, requiring no authentication as an administrator. | |||||
| CVE-2020-12782 | 1 Openfind | 2 Mailaudit, Mailgates | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Openfind MailGates contains a Command Injection flaw, when receiving email with specific strings, malicious code in the mail attachment will be triggered and gain unauthorized access to system files. | |||||
| CVE-2020-7596 | 1 Codecov | 1 Nodejs Uploader | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| Codecov npm module before 3.6.2 allows remote attackers to execute arbitrary commands via the "gcov-args" argument. | |||||
| CVE-2021-22232 | 1 Gitlab | 1 Gitlab | 2021-07-08 | 3.5 LOW | 5.4 MEDIUM |
| HTML injection was possible via the full name field before versions 13.11.6, 13.12.6, and 14.0.2 in GitLab CE | |||||
| CVE-2021-20574 | 1 Ibm | 1 Security Identity Manager Adapter | 2021-07-07 | 6.5 MEDIUM | 8.8 HIGH |
| IBM Security Identity Manager Adapters 6.0 and 7.0 could allow a remote authenticated attacker to conduct an LDAP injection. By using a specially crafted request, an attacker could exploit this vulnerability and takeover other accounts. IBM X-Force ID: 199252. | |||||
| CVE-2021-23400 | 1 Nodemailer | 1 Nodemailer | 2021-07-06 | 6.8 MEDIUM | 8.8 HIGH |
| The package nodemailer before 6.6.1 are vulnerable to HTTP Header Injection if unsanitized user input that may contain newlines and carriage returns is passed into an address object. | |||||
| CVE-2021-20101 | 1 Machform | 1 Machform | 2021-07-02 | 5.8 MEDIUM | 6.1 MEDIUM |
| Machform prior to version 16 is vulnerable to HTTP host header injection due to improperly validated host headers. This could cause a victim to receive malformed content. | |||||
| CVE-2021-20736 | 1 Weseek | 1 Growi | 2021-07-01 | 6.4 MEDIUM | 9.1 CRITICAL |
| NoSQL injection vulnerability in GROWI versions prior to v4.2.20 allows a remote attacker to obtain and/or alter the information stored in the database via unspecified vectors. | |||||
| CVE-2021-29676 | 1 Ibm | 1 Security Verify | 2021-06-30 | 5.8 MEDIUM | 5.4 MEDIUM |
| IBM Security Verify (IBM Security Verify Privilege Vault 10.9.66) is vulnerable to link injection. By persuading a victim to click on a specially-crafted URL link, a remote attacker could exploit this vulnerability to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking | |||||
| CVE-2021-29955 | 1 Mozilla | 2 Firefox, Firefox Esr | 2021-06-30 | 2.6 LOW | 5.3 MEDIUM |
| A transient execution vulnerability, named Floating Point Value Injection (FPVI) allowed an attacker to leak arbitrary memory addresses and may have also enabled JIT type confusion attacks. (A related vulnerability, Speculative Code Store Bypass (SCSB), did not affect Firefox.). This vulnerability affects Firefox ESR < 78.9 and Firefox < 87. | |||||
| CVE-2021-29084 | 1 Synology | 2 Diskstation Manager, Diskstation Manager Unified Controller | 2021-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in Security Advisor report management component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2021-29085 | 1 Synology | 2 Diskstation Manager, Diskstation Manager Unified Controller | 2021-06-29 | 5.0 MEDIUM | 7.5 HIGH |
| Improper neutralization of special elements in output used by a downstream component ('Injection') vulnerability in file sharing management component in Synology DiskStation Manager (DSM) before 6.2.3-25426-3 allows remote attackers to read arbitrary files via unspecified vectors. | |||||
| CVE-2018-25016 | 1 Greenbone | 2 Greenbone Os, Greenbone Security Assistant | 2021-06-25 | 7.5 HIGH | 9.8 CRITICAL |
| Greenbone Security Assistant (GSA) before 7.0.3 and Greenbone OS (GOS) before 5.0.0 allow Host Header Injection. | |||||
| CVE-2021-0567 | 1 Google | 1 Android | 2021-06-24 | 4.6 MEDIUM | 7.8 HIGH |
| In isRestricted of RemoteViews.java, there is a possible way to inject font files due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-179461812 | |||||
| CVE-2020-27212 | 1 St | 95 Stm32cubel4 Firmware, Stm32l412c8, Stm32l412cb and 92 more | 2021-06-08 | 4.4 MEDIUM | 7.0 HIGH |
| STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can be degraded from RDP level 2 (no access via debug interface) to level 1 (limited access via debug interface) by injecting a fault during the boot phase. | |||||
| CVE-2021-29414 | 1 St | 95 Stm32cubel4 Firmware, Stm32l412c8, Stm32l412cb and 92 more | 2021-06-08 | 3.6 LOW | 6.1 MEDIUM |
| STMicroelectronics STM32L4 devices through 2021-03-29 have incorrect physical access control. | |||||
| CVE-2020-36308 | 2 Debian, Redmine | 2 Debian Linux, Redmine | 2021-06-01 | 5.0 MEDIUM | 5.3 MEDIUM |
| Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discover the subject of a non-visible issue by performing a CSV export and reading time entries. | |||||
| CVE-2021-22879 | 2 Fedoraproject, Nextcloud | 2 Fedora, Desktop | 2021-05-27 | 6.8 MEDIUM | 8.8 HIGH |
| Nextcloud Desktop Client prior to 3.1.3 is vulnerable to resource injection by way of missing validation of URLs, allowing a malicious server to execute remote commands. User interaction is needed for exploitation. | |||||
| CVE-2021-29502 | 1 Warnsystem Project | 1 Warnsystem | 2021-05-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| WarnSystem is a cog (plugin) for the Red discord bot. A vulnerability has been found in the code that allows any user to access sensible informations by setting up a specific template which is not properly sanitized. The problem has been patched in version 1.3.18. Users should update and type `!warnsysteminfo` to check that their version is 1.3.18 or above. As a workaround users may unload the WarnSystem cog or disable the `!warnset description` command globally. | |||||
| CVE-2021-27614 | 1 Sap | 2 Business-one-hana-chef-cookbook, Business One | 2021-05-21 | 3.6 LOW | 7.1 HIGH |
| SAP Business One Hana Chef Cookbook, versions - 8.82, 9.0, 9.1, 9.2, 9.3, 10.0, used to install SAP Business One on SAP HANA, allows an attacker to inject code that can be executed by the application. An attacker could thereby control the behaviour of the application thereby highly impacting the integrity and availability of the application. | |||||
| CVE-2021-29501 | 1 Dav-cogs Project | 1 Dav-cogs | 2021-05-19 | 4.0 MEDIUM | 6.5 MEDIUM |
| Ticketer is a command based ticket system cog (plugin) for the red discord bot. A vulnerability allowing discord users to expose sensitive information has been found in the Ticketer cog. Please upgrade to version 1.0.1 as soon as possible. As a workaround users may unload the ticketer cog to disable the exploitable code. | |||||
| CVE-2021-27611 | 1 Sap | 1 Netweaver As Abap | 2021-05-19 | 4.6 MEDIUM | 6.7 MEDIUM |
| SAP NetWeaver AS ABAP, versions - 700, 701, 702, 730, 731, allow a high privileged attacker to inject malicious code by executing an ABAP report when the attacker has access to the local SAP system. The attacker could then get access to data, overwrite them, or execute a denial of service. | |||||
| CVE-2021-30214 | 1 Eng | 1 Knowage | 2021-05-14 | 3.5 LOW | 5.4 MEDIUM |
| Knowage Suite 7.3 is vulnerable to Stored Client-Side Template Injection in '/knowage/restful-services/signup/update' via the 'name' parameter. | |||||