Search
Total
1247 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-1003043 | 1 Jenkins | 1 Slack Notification | 2020-09-30 | 3.5 LOW | 7.5 HIGH |
| A missing permission check in Jenkins Slack Notification Plugin 2.19 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2019-1003047 | 1 Jenkins | 1 Fortify On Demand Uploader | 2020-09-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| A missing permission check in Jenkins Fortify on Demand Uploader Plugin 3.0.10 and earlier allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server. | |||||
| CVE-2019-1003006 | 1 Jenkins | 1 Groovy | 2020-09-29 | 6.5 MEDIUM | 8.8 HIGH |
| A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.0 and earlier in src/main/java/hudson/plugins/groovy/StringScriptSource.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM. | |||||
| CVE-2019-1003025 | 1 Jenkins | 1 Cloud Foundry | 2020-09-29 | 4.0 MEDIUM | 8.8 HIGH |
| A exposure of sensitive information vulnerability exists in Jenkins Cloud Foundry Plugin 2.3.1 and earlier in AbstractCloudFoundryPushDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | |||||
| CVE-2020-2282 | 1 Jenkins | 1 Implied Labels | 2020-09-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins Implied Labels Plugin 0.6 and earlier does not perform a permission check in an HTTP endpoint, allowing attackers with Overall/Read permission to configure the plugin. | |||||
| CVE-2020-0266 | 1 Google | 1 Android | 2020-09-23 | 7.2 HIGH | 7.8 HIGH |
| In factory reset protection, there is a possible FRP bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-111086459 | |||||
| CVE-2020-0341 | 1 Google | 1 Android | 2020-09-22 | 4.6 MEDIUM | 7.8 HIGH |
| In DisplayManager, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-144920149 | |||||
| CVE-2020-0372 | 1 Google | 1 Android | 2020-09-21 | 2.1 LOW | 5.5 MEDIUM |
| In ActivityManager, there is a possible access to protected data due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-119673147 | |||||
| CVE-2020-0375 | 1 Google | 1 Android | 2020-09-21 | 7.2 HIGH | 7.8 HIGH |
| In Telephony, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege and the setting of supported EUICC countries with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-156253476 | |||||
| CVE-2020-0277 | 1 Google | 1 Android | 2020-09-21 | 4.6 MEDIUM | 7.8 HIGH |
| In NetworkPolicyManagerService, there is a possible permissions bypass due to a missing permission check. This could lead to local escalation of privilege allowing a malicious app to modify the device's data plan with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-148627993 | |||||
| CVE-2020-0314 | 1 Google | 1 Android | 2020-09-21 | 2.1 LOW | 5.5 MEDIUM |
| In AudioService, there are missing permission checks. This could lead to local information disclosure of audio configuration with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-154934920 | |||||
| CVE-2020-0289 | 1 Google | 1 Android | 2020-09-21 | 2.1 LOW | 5.5 MEDIUM |
| In PackageManager, there is a missing permission check. This could lead to local information disclosure across users with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153996872 | |||||
| CVE-2020-0290 | 1 Google | 1 Android | 2020-09-21 | 2.1 LOW | 5.5 MEDIUM |
| In PackageManager, there is a missing permission check. This could lead to local information disclosure across users with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153996866 | |||||
| CVE-2020-0401 | 1 Google | 1 Android | 2020-09-21 | 7.2 HIGH | 7.8 HIGH |
| In setInstallerPackageName of PackageManagerService.java, there is a missing permission check. This could lead to local escalation of privilege and granting spurious permissions with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10 Android-11Android ID: A-150857253 | |||||
| CVE-2020-2255 | 1 Jenkins | 1 Blue Ocean | 2020-09-18 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL. | |||||
| CVE-2020-2260 | 1 Jenkins | 1 Perfecto | 2020-09-18 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Perfecto Plugin 1.17 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified HTTP URL using attacker-specified credentials. | |||||
| CVE-2020-2267 | 1 Jenkins | 1 Mongodb | 2020-09-18 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins MongoDB Plugin 1.3 and earlier allows attackers with Overall/Read permission to gain access to some metadata of any arbitrary files on the Jenkins controller. | |||||
| CVE-2020-2272 | 1 Jenkins | 1 Elastest | 2020-09-18 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins ElasTest Plugin 1.2.1 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials. | |||||
| CVE-2018-15429 | 1 Cisco | 1 Hyperflex Hx Data Platform | 2020-09-16 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability in the web-based UI of Cisco HyperFlex HX Data Platform Software could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to a lack of proper input and authorization of HTTP requests. An attacker could exploit this vulnerability by sending a malicious HTTP request to the web-based UI of an affected system. A successful exploit could allow the attacker to access files that may contain sensitive data. | |||||
| CVE-2019-16236 | 4 Canonical, Debian, Dino and 1 more | 4 Ubuntu Linux, Debian Linux, Dino and 1 more | 2020-09-14 | 5.0 MEDIUM | 7.5 HIGH |
| Dino before 2019-09-10 does not check roster push authorization in module/roster/module.vala. | |||||
| CVE-2020-3394 | 1 Cisco | 65 Nexus 3016, Nexus 3048, Nexus 3064 and 62 more | 2020-09-09 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in the Enable Secret feature of Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode could allow an authenticated, local attacker to issue the enable command and get full administrative privileges. To exploit this vulnerability, the attacker would need to have valid credentials for the affected device. The vulnerability is due to a logic error in the implementation of the enable command. An attacker could exploit this vulnerability by logging in to the device and issuing the enable command. A successful exploit could allow the attacker to gain full administrative privileges without using the enable password. Note: The Enable Secret feature is disabled by default. | |||||
| CVE-2020-2242 | 1 Jenkins | 1 Database | 2020-09-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| A missing permission check in Jenkins database Plugin 1.6 and earlier allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified database server using attacker-specified credentials. | |||||
| CVE-2020-3443 | 1 Cisco | 1 Smart Software Manager On-prem | 2020-09-02 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability in Cisco Smart Software Manager On-Prem (SSM On-Prem) could allow an authenticated, remote attacker to elevate privileges and execute commands with higher privileges. The vulnerability is due to insufficient authorization of the System Operator role capabilities. An attacker could exploit this vulnerability by logging in with the System Operator role, performing a series of actions, and then assuming a new higher privileged role. A successful exploit could allow the attacker to perform all actions associated with the privilege of the assumed role. If that role is an administrative role, the attacker would gain full access to the device. | |||||
| CVE-2019-1003077 | 1 Jenkins | 1 Audit To Database | 2020-09-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| A missing permission check in Jenkins Audit to Database Plugin in the DbAuditPublisherDescriptorImpl#doTestJdbcConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server. | |||||
| CVE-2019-1003059 | 1 Jenkins | 1 Ftp Publisher | 2020-09-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| A missing permission check in Jenkins FTP publisher Plugin in the FTPPublisher.DescriptorImpl#doLoginCheck method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server. | |||||
| CVE-2019-10868 | 2 Debian, Tryton | 2 Debian Linux, Trytond | 2020-08-26 | 4.0 MEDIUM | 6.5 MEDIUM |
| In trytond/model/modelstorage.py in Tryton 4.2 before 4.2.21, 4.4 before 4.4.19, 4.6 before 4.6.14, 4.8 before 4.8.10, and 5.0 before 5.0.6, an authenticated user can order records based on a field for which he has no access right. This may allow the user to guess values. | |||||
| CVE-2019-13047 | 1 Toaruos | 1 Toaruos | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| kernel/sys/syscall.c in ToaruOS through 1.10.9 has incorrect access control in sys_sysfunc case 9 for TOARU_SYS_FUNC_SETHEAP, allowing arbitrary kernel pages to be mapped into user land, leading to root access. | |||||
| CVE-2019-12944 | 1 Gluehome | 2 Glue Smart Lock, Glue Smart Lock Firmware | 2020-08-24 | 4.3 MEDIUM | 7.5 HIGH |
| Glue Smart Lock 2.7.8 devices do not properly block guest access in certain situations where the network connection is unavailable. | |||||
| CVE-2019-12942 | 1 Ttlock | 1 Ttlock | 2020-08-24 | 3.3 LOW | 6.5 MEDIUM |
| TTLock devices do not properly block guest access in certain situations where the network connection to the cloud is unavailable. | |||||
| CVE-2019-12926 | 1 Mailenable | 1 Mailenable | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| MailEnable Enterprise Premium 10.23 did not use appropriate access control checks in a number of areas. As a result, it was possible to perform a number of actions, when logged in as a user, that that user should not have had permission to perform. It was also possible to gain access to areas within the application for which the accounts used were supposed to have insufficient access. | |||||
| CVE-2019-12875 | 1 Alpinelinux | 1 Abuild | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| Alpine Linux abuild through 3.4.0 allows an unprivileged member of the abuild group to add an untrusted package via a --keys-dir option that causes acceptance of an untrusted signing key. | |||||
| CVE-2019-12734 | 1 Sitevision | 1 Sitevision | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| SiteVision 4 has Incorrect Access Control. | |||||
| CVE-2019-12470 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| Wikimedia MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed log in RevisionDelete page is exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. | |||||
| CVE-2019-12469 | 2 Debian, Mediawiki | 2 Debian Linux, Mediawiki | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| MediaWiki through 1.32.1 has Incorrect Access Control. Suppressed username or log in Special:EditTags are exposed. Fixed in 1.32.2, 1.31.2, 1.30.2 and 1.27.6. | |||||
| CVE-2019-12274 | 1 Rancher | 1 Rancher | 2020-08-24 | 4.0 MEDIUM | 8.8 HIGH |
| In Rancher 1 and 2 through 2.2.3, unprivileged users (if allowed to deploy nodes) can gain admin access to the Rancher management plane because node driver options intentionally allow posting certain data to the cloud. The problem is that a user could choose to post a sensitive file such as /root/.kube/config or /var/lib/rancher/management-state/cred/kubeconfig-system.yaml. | |||||
| CVE-2019-12168 | 1 Four-faith | 2 F3x24, F3x24 Firmware | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| Four-Faith Wireless Mobile Router F3x24 v1.0 devices allow remote code execution via the Command Shell (aka Administration > Commands) screen. | |||||
| CVE-2019-11875 | 1 Blueprism | 1 Robotic Process Automation | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| In AutomateAppCore.dll in Blue Prism Robotic Process Automation 6.4.0.8445, a vulnerability in access control can be exploited to escalate privileges. The vulnerability allows for abusing the application for fraud or unauthorized access to certain information. The attack requires a valid user account to connect to the Blue Prism server, but the roles associated to this account are not required to have any permissions. First of all, the application files are modified to grant full permissions on the client side. In a test environment (or his own instance of the software) an attacker is able to grant himself full privileges also on the server side. He can then, for instance, create a process with malicious behavior and export it to disk. With the modified client, it is possible to import the exported file as a release and overwrite any existing process in the database. Eventually, the bots execute the malicious process. The server does not check the user's permissions for the aforementioned actions, such that a modification of the client software enables this kind of attack. Possible scenarios may involve changing bank accounts or setting passwords. | |||||
| CVE-2019-11761 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2020-08-24 | 5.8 MEDIUM | 5.4 MEDIUM |
| By using a form with a data URI it was possible to gain access to the privileged JSONView object that had been cloned into content. Impact from exposing this object appears to be minimal, however it was a bypass of existing defense in depth mechanisms. This vulnerability affects Firefox < 70, Thunderbird < 68.2, and Firefox ESR < 68.2. | |||||
| CVE-2019-1170 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 7.2 HIGH | 8.8 HIGH |
| An elevation of privilege vulnerability exists when reparse points are created by sandboxed processes allowing sandbox escape, aka 'Windows NTFS Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-11611 | 1 Doorgets | 1 Doorgets Cms | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/download.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information. | |||||
| CVE-2019-11610 | 1 Doorgets | 1 Doorgets Cms | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information. | |||||
| CVE-2019-11609 | 1 Doorgets | 1 Doorgets Cms | 2020-08-24 | 6.4 MEDIUM | 8.2 HIGH |
| doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/movefile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information or make the server unserviceable. | |||||
| CVE-2019-11608 | 1 Doorgets | 1 Doorgets Cms | 2020-08-24 | 6.4 MEDIUM | 8.2 HIGH |
| doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/renamefile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information or make the server unserviceable. | |||||
| CVE-2019-11607 | 1 Doorgets | 1 Doorgets Cms | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copydir.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information. | |||||
| CVE-2019-11702 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| A hyperlink using protocols associated with Internet Explorer, such as IE.HTTP:, can be used to open local files at a known location with Internet Explorer if a user approves execution when prompted. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 67.0.2. | |||||
| CVE-2019-11606 | 1 Doorgets | 1 Doorgets Cms | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copyfile.php. A remote unauthenticated attacker can exploit this vulnerability to obtain server-sensitive information. | |||||
| CVE-2019-11700 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| A hyperlink using the res: protocol can be used to open local files at a known location in Internet Explorer if a user approves execution when prompted. *Note: this issue only occurs on Windows. Other operating systems are unaffected.*. This vulnerability affects Firefox < 67. | |||||
| CVE-2019-10849 | 1 Computrols | 1 Computrols Building Automation Software | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure. | |||||
| CVE-2019-1010304 | 1 Mirumee | 1 Saleor | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Saleor Issue was introduced by merge commit: e1b01bad0703afd08d297ed3f1f472248312cc9c. This commit was released as part of 2.0.0 release is affected by: Incorrect Access Control. The impact is: Important. The component is: ProductVariant type in GraphQL API. The attack vector is: Unauthenticated user can access the GraphQL API (which is by default publicly exposed under `/graphql/` URL) and fetch products data which may include admin-restricted shop's revenue data. The fixed version is: 2.3.1. | |||||
| CVE-2017-1000086 | 1 Jenkins | 1 Periodic Backup | 2020-08-24 | 6.0 MEDIUM | 8.0 HIGH |
| The Periodic Backup Plugin did not perform any permission checks, allowing any user with Overall/Read access to change its settings, trigger backups, restore backups, download backups, and also delete all previous backups via log rotation. Additionally, the plugin was not requiring requests to its API be sent via POST, thereby opening itself to Cross-Site Request Forgery attacks. | |||||