Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-25151 | 1 Nexcom | 2 Nio 50, Nio 50 Firmware | 2020-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| The affected product does not properly validate input, which may allow an attacker to execute a denial-of-service attack on the NIO 50 (all versions). | |||||
| CVE-2020-8272 | 1 Citrix | 1 Sd-wan | 2020-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| Authentication Bypass resulting in exposure of SD-WAN functionality in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8 | |||||
| CVE-2020-27131 | 1 Cisco | 1 Security Manager | 2020-11-30 | 10.0 HIGH | 9.8 CRITICAL |
| Multiple vulnerabilities in the Java deserialization function that is used by Cisco Security Manager could allow an unauthenticated, remote attacker to execute arbitrary commands on an affected device. These vulnerabilities are due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit these vulnerabilities by sending a malicious serialized Java object to a specific listener on an affected system. A successful exploit could allow the attacker to execute arbitrary commands on the device with the privileges of NT AUTHORITY\SYSTEM on the Windows target host. Cisco has not released software updates that address these vulnerabilities. | |||||
| CVE-2020-27255 | 1 Rockwellautomation | 1 Factorytalk Linx | 2020-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which could result in the leaking of sensitive information. This information disclosure could lead to the bypass of address space layout randomization (ASLR). | |||||
| CVE-2020-27251 | 1 Rockwellautomation | 1 Factorytalk Linx | 2020-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could result in remote code execution. | |||||
| CVE-2020-27253 | 1 Rockwellautomation | 1 Factorytalk Linx | 2020-11-30 | 7.8 HIGH | 7.5 HIGH |
| A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious packet resulting in a denial-of-service condition on the device. | |||||
| CVE-2020-27125 | 1 Cisco | 1 Security Manager | 2020-11-30 | 5.0 MEDIUM | 9.8 CRITICAL |
| A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to access sensitive information on an affected system. The vulnerability is due to insufficient protection of static credentials in the affected software. An attacker could exploit this vulnerability by viewing source code. A successful exploit could allow the attacker to view static credentials, which the attacker could use to carry out further attacks. | |||||
| CVE-2020-8273 | 1 Citrix | 1 Sd-wan | 2020-11-30 | 9.0 HIGH | 8.8 HIGH |
| Privilege escalation of an authenticated user to root in Citrix SD-WAN center versions before 11.2.2, 11.1.2b and 10.2.8. | |||||
| CVE-2020-11963 | 1 Evenroute | 2 Iqrouter, Iqrouter Firmware | 2020-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has a required step for setting a secure password on the system), makes this CVE invalid. This vulnerability is “true for any unconfigured release of OpenWRT, and true of many other new Linux distros prior to being configured for the first time”. | |||||
| CVE-2020-11966 | 1 Evenroute | 2 Iqrouter, Iqrouter Firmware | 2020-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote attackers to change the root password arbitrarily. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has a required step for setting a secure password on the system), makes this CVE invalid. This vulnerability is “true for any unconfigured release of OpenWRT, and true of many other new Linux distros prior to being configured for the first time”. | |||||
| CVE-2020-11968 | 1 Evenroute | 2 Iqrouter, Iqrouter Firmware | 2020-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** In the web-panel in IQrouter through 3.3.1, remote attackers can read system logs because of Incorrect Access Control. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has a required step for setting a secure password on the system), makes this CVE invalid. This vulnerability is “true for any unconfigured release of OpenWRT, and true of many other new Linux distros prior to being configured for the first time”. | |||||
| CVE-2020-27130 | 1 Cisco | 1 Security Manager | 2020-11-30 | 6.4 MEDIUM | 9.1 CRITICAL |
| A vulnerability in Cisco Security Manager could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper validation of directory traversal character sequences within requests to an affected device. An attacker could exploit this vulnerability by sending a crafted request to the affected device. A successful exploit could allow the attacker to download arbitrary files from the affected device. | |||||
| CVE-2020-11851 | 1 Microfocus | 1 Arcsight Logger | 2020-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code. | |||||
| CVE-2020-26224 | 1 Prestashop | 1 Prestashop | 2020-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| In PrestaShop before version 1.7.6.9 an attacker is able to list all the orders placed on the website without being logged by abusing the function that allows a shopping cart to be recreated from an order already placed. The problem is fixed in 1.7.6.9. | |||||
| CVE-2020-28947 | 1 Misp | 1 Misp | 2020-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| In MISP 2.4.134, XSS exists in the template element index view because the id parameter is mishandled. | |||||
| CVE-2020-26225 | 1 Prestashop | 1 Product Comments | 2020-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| In PrestaShop Product Comments before version 4.2.0, an attacker could inject malicious web code into the users' web browsers by creating a malicious link. The problem was introduced in version 4.0.0 and is fixed in 4.2.0 | |||||
| CVE-2020-12320 | 1 Intel | 1 Scs Add-on For Microsoft Sccm | 2020-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| Uncontrolled search path in Intel(R) SCS Add-on for Microsoft* SCCM before version 2.1.10 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-26548 | 1 Aviatrix | 1 Controller | 2020-11-30 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered in Aviatrix Controller before R5.4.1290. There is an insecure sudo rule: a user exists that can execute all commands as any user on the system. | |||||
| CVE-2020-26549 | 1 Aviatrix | 1 Controller | 2020-11-30 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Aviatrix Controller before R5.4.1290. The htaccess protection mechanism to prevent requests to directories can be bypassed for file downloading. | |||||
| CVE-2020-8271 | 1 Citrix | 1 Sd-wan | 2020-11-30 | 10.0 HIGH | 9.8 CRITICAL |
| Unauthenticated remote code execution with root privileges in Citrix SD-WAN Center versions before 11.2.2, 11.1.2b and 10.2.8 | |||||
| CVE-2020-11193 | 1 Qualcomm | 184 Apq8009, Apq8009 Firmware, Apq8009w and 181 more | 2020-11-30 | 10.0 HIGH | 9.8 CRITICAL |
| u'Buffer over read can happen while parsing mkv clip due to improper typecasting of data returned from atomsize' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8009W, APQ8017, APQ8037, APQ8053, APQ8064AU, APQ8096, APQ8096AU, APQ8096SG, APQ8098, MDM9206, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS405, QCS410, QCS4290, QCS603, QCS605, QCS610, QCS6125, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SDA429W, SDA640, SDA660, SDA670, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM455, SDM630, SDM632, SDM636, SDM640, SDM660, SDM670, SDM710, SDM830, SDM845, SDW2500, SDX20, SDX20M, SDX50M, SDX55, SDX55M, SM4125, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR1120, SXR1130, SXR2130, SXR2130P, WCD9330 | |||||
| CVE-2020-8767 | 1 Intel | 1 Quartus Prime | 2020-11-30 | 2.1 LOW | 5.5 MEDIUM |
| Uncaught exception in the Intel(R) 50GbE IP Core for Intel(R) Quartus Prime before version 20.2 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2020-7772 | 1 Doc-path Project | 1 Doc-path | 2020-11-30 | 10.0 HIGH | 9.8 CRITICAL |
| This affects the package doc-path before 2.1.2. | |||||
| CVE-2020-2490 | 1 Qnap | 1 Qts | 2020-11-30 | 6.5 MEDIUM | 7.2 HIGH |
| If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907. | |||||
| CVE-2019-19876 | 1 Br-automation | 1 Industrial Automation Aprol | 2020-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An EnMon PHP script was vulnerable to SQL injection, a different vulnerability than CVE-2019-10006. | |||||
| CVE-2019-19877 | 1 Br-automation | 1 Industrial Automation Aprol | 2020-11-30 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. An attacker can get access to sensitive information outside the working directory via Directory Traversal attacks against AprolSqlServer, a different vulnerability than CVE-2019-16357. | |||||
| CVE-2020-2492 | 1 Qnap | 1 Qts | 2020-11-30 | 6.5 MEDIUM | 7.2 HIGH |
| If exploited, the command injection vulnerability could allow remote attackers to execute arbitrary commands. This issue affects: QNAP Systems Inc. QTS versions prior to 4.4.3.1421 on build 20200907. | |||||
| CVE-2020-28927 | 1 Magicpin | 1 Magicpin | 2020-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| There is a Stored XSS in Magicpin v2.1 in the User Registration section. Each time an admin visits the manage user section from the admin panel, the XSS triggers and the attacker can able to steal the cookie according to the crafted payload. | |||||
| CVE-2020-12927 | 1 Amd | 1 Vbios Flash Tool Software Development Kit | 2020-11-30 | 7.2 HIGH | 7.8 HIGH |
| A potential vulnerability in a dynamically loaded AMD driver in AMD VBIOS Flash Tool SDK may allow any authenticated user to escalate privileges to NT authority system. | |||||
| CVE-2020-12926 | 1 Amd | 1 Trusted Platform Modules Reference | 2020-11-30 | 4.4 MEDIUM | 6.4 MEDIUM |
| The Trusted Platform Modules (TPM) reference software may not properly track the number of times a failed shutdown happens. This can leave the TPM in a state where confidential key material in the TPM may be able to be compromised. AMD believes that the attack requires physical access of the device because the power must be repeatedly turned on and off. This potential attack may be used to change confidential information, alter executables signed by key material in the TPM, or create a denial of service of the device. | |||||
| CVE-2020-29133 | 1 Coremail Xt Project | 1 Coremail Xt | 2020-11-30 | 4.3 MEDIUM | 6.1 MEDIUM |
| jsp/upload.jsp in Coremail XT 5.0 allows XSS via an uploaded personal signature, as demonstrated by a .jpg.html filename in the signImgFile parameter. | |||||
| CVE-2020-26223 | 1 Spreecommerce | 1 Spree | 2020-11-30 | 4.0 MEDIUM | 6.5 MEDIUM |
| Spree is a complete open source e-commerce solution built with Ruby on Rails. In Spree from version 3.7 and before versions 3.7.13, 4.0.5, and 4.1.12, there is an authorization bypass vulnerability. The perpetrator could query the API v2 Order Status endpoint with an empty string passed as an Order token. This is patched in versions 3.7.11, 4.0.4, or 4.1.11 depending on your used Spree version. Users of Spree < 3.7 are not affected. | |||||
| CVE-2020-28994 | 1 Karenderia Multiple Restaurant System Project | 1 Karenderia Multiple Restaurant System | 2020-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL injection vulnerability was discovered in Karenderia Multiple Restaurant System, affecting versions 5.4.2 and below. The vulnerability allows for an unauthenticated attacker to perform various tasks such as modifying and leaking all contents of the database. | |||||
| CVE-2020-29002 | 1 Mediawiki | 1 Mediawiki | 2020-11-30 | 3.5 LOW | 4.8 MEDIUM |
| includes/CologneBlueTemplate.php in the CologneBlue skin for MediaWiki through 1.35 allows XSS via a qbfind message supplied by an administrator. | |||||
| CVE-2020-29003 | 1 Mediawiki | 1 Mediawiki | 2020-11-30 | 3.5 LOW | 5.4 MEDIUM |
| The PollNY extension for MediaWiki through 1.35 allows XSS via an answer option for a poll question, entered during Special:CreatePoll or Special:UpdatePoll. | |||||
| CVE-2020-8761 | 1 Intel | 1 Converged Security And Manageability Engine | 2020-11-30 | 2.1 LOW | 4.6 MEDIUM |
| Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to potentially enable information disclosure via physical access. | |||||
| CVE-2020-12329 | 1 Intel | 1 Vtune Profiler | 2020-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| Uncontrolled search path in the Intel(R) VTune(TM) Profiler before version 2020 Update 1 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-15249 | 1 Octobercms | 1 October | 2020-11-30 | 3.5 LOW | 5.4 MEDIUM |
| October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, backend users with access to upload files were permitted to upload SVG files without any sanitization applied to the uploaded files. Since SVG files support being parsed as HTML by browsers, this means that they could theoretically upload Javascript that would be executed on a path under the website's domain (i.e. /storage/app/media/evil.svg), but they would have to convince their target to visit that location directly in the target's browser as the backend does not display SVGs inline anywhere, SVGs are only displayed as image resources in the backend and are thus unable to be executed. Issue has been patched in Build 469 (v1.0.469) & v1.1.0. | |||||
| CVE-2020-12333 | 1 Intel | 1 Quickassist Technology | 2020-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| Insufficiently protected credentials in the Intel(R) QAT for Linux before version 1.7.l.4.10.0 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-0573 | 1 Intel | 1 Csi2 Host Controller | 2020-11-30 | 2.1 LOW | 5.5 MEDIUM |
| Out of bounds read in the Intel CSI2 Host Controller driver may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2020-12335 | 1 Intel | 1 Processor Identification Utility | 2020-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| Improper permissions in the installer for the Intel(R) Processor Identification Utility before version 6.4.0603 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-8766 | 1 Intel | 1 Software Guard Extensions Data Center Attestation Primitives | 2020-11-30 | 3.3 LOW | 6.5 MEDIUM |
| Improper conditions check in the Intel(R) SGX DCAP software before version 1.6 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2020-24719 | 1 Couchbase | 1 Couchbase Server | 2020-11-30 | 10.0 HIGH | 9.8 CRITICAL |
| Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. Communication between Erlang nodes is done by exchanging a shared secret (aka "magic cookie"). There are cases where the magic cookie is included in the content of the logs. An attacker can use the cookie to attach to an Erlang node and run OS level commands on the system running the Erlang node. Affects version: 6.5.1. Fix version: 6.6.0. | |||||
| CVE-2020-8750 | 1 Intel | 1 Trusted Execution Engine | 2020-11-30 | 4.6 MEDIUM | 7.8 HIGH |
| Use after free in Kernel Mode Driver for Intel(R) TXE versions before 3.1.80 and 4.0.30 may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-28642 | 1 Infinitewp | 1 Infinitewp | 2020-11-30 | 7.5 HIGH | 9.8 CRITICAL |
| In InfiniteWP Admin Panel before 3.1.12.3, resetPasswordSendMail generates a weak password-reset code, which makes it easier for remote attackers to conduct admin Account Takeover attacks. | |||||
| CVE-2014-9519 | 1 Infinitewp | 1 Infinitewp | 2020-11-30 | 7.5 HIGH | N/A |
| SQL injection vulnerability in login.php in InfiniteWP Admin Panel before 2.4.3 allows remote attackers to execute arbitrary SQL commands via the email parameter. | |||||
| CVE-2014-9520 | 1 Infinitewp | 1 Infinitewp | 2020-11-30 | 7.5 HIGH | N/A |
| SQL injection vulnerability in execute.php in InfiniteWP Admin Panel before 2.4.4 allows remote attackers to execute arbitrary SQL commands via the historyID parameter. | |||||
| CVE-2014-9521 | 1 Infinitewp | 1 Infinitewp | 2020-11-30 | 7.5 HIGH | N/A |
| Unrestricted file upload vulnerability in uploadScript.php in InfiniteWP Admin Panel before 2.4.4, when the allWPFiles query parameter is set, allows remote attackers to execute arbitrary code by uploading a file with a double extension, then accessing it via a direct request to the file in the uploads directory, as demonstrated by the .php.swp filename. | |||||
| CVE-2020-0599 | 1 Intel | 122 Atom 230, Atom 230 Firmware, Atom 330 and 119 more | 2020-11-30 | 4.6 MEDIUM | 6.7 MEDIUM |
| Improper access control in the PMC for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-8354 | 1 Lenovo | 2 Notebook, Notebook Firmware | 2020-11-30 | 7.2 HIGH | 6.7 MEDIUM |
| A potential vulnerability in the SMI callback function used in the VariableServiceSmm driver in some Lenovo Notebook models may allow arbitrary code execution. | |||||