Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-10918 | 1 Automationdirect | 13 C-more Hmi Ea9 Firmware, Ea9-pgmsw, Ea9-rhmi and 10 more | 2020-07-28 | 5.0 MEDIUM | 7.5 HIGH |
| This vulnerability allows remote attackers to bypass authentication on affected installations of C-MORE HMI EA9 Firmware version 6.52 touch screen panels. Authentication is not required to exploit this vulnerability. The specific flaw exists within the authentication mechanism. The issue is due to insufficient authentication on post-authentication requests. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from unauthenticated users. Was ZDI-CAN-10182. | |||||
| CVE-2020-15633 | 1 D-link | 6 Dir-867, Dir-867 Firmware, Dir-878 and 3 more | 2020-07-28 | 5.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.20B10_BETA. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP requests. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the router. Was ZDI-CAN-10835. | |||||
| CVE-2020-7520 | 1 Schneider-electric | 1 Software Update Utility | 2020-07-28 | 4.0 MEDIUM | 4.7 MEDIUM |
| A CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability exists in Schneider Electric Software Update (SESU), V2.4.0 and prior, which could cause execution of malicious code on the victim's machine. In order to exploit this vulnerability, an attacker requires privileged access on the engineering workstation to modify a Windows registry key which would divert all traffic updates to go through a server in the attacker's possession. A man-in-the-middle attack is then used to complete the exploit. | |||||
| CVE-2020-15126 | 1 Parseplatform | 1 Parse Server | 2020-07-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| In parser-server from version 3.5.0 and before 4.3.0, an authenticated user using the viewer GraphQL query can by pass all read security on his User object and can also by pass all objects linked via relation or Pointer on his User object. | |||||
| CVE-2014-0160 | 10 Canonical, Debian, Fedoraproject and 7 more | 31 Ubuntu Linux, Debian Linux, Fedora and 28 more | 2020-07-28 | 5.0 MEDIUM | 7.5 HIGH |
| The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote attackers to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrated by reading private keys, related to d1_both.c and t1_lib.c, aka the Heartbleed bug. | |||||
| CVE-2020-10917 | 1 Nec | 1 Esmpro Manager | 2020-07-28 | 7.5 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RMI service. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10007. | |||||
| CVE-2009-0884 | 1 Filezilla-project | 1 Filezilla Server | 2020-07-28 | 4.3 MEDIUM | N/A |
| Buffer overflow in FileZilla Server before 0.9.31 allows remote attackers to cause a denial of service via unspecified vectors related to SSL/TLS packets. | |||||
| CVE-2006-6565 | 1 Filezilla-project | 1 Filezilla Server | 2020-07-28 | 4.0 MEDIUM | N/A |
| FileZilla Server before 0.9.22 allows remote attackers to cause a denial of service (crash) via a wildcard argument to the (1) LIST or (2) NLST commands, which results in a NULL pointer dereference, a different set of vectors than CVE-2006-6564. NOTE: CVE analysis suggests that the problem might be due to a malformed PORT command. | |||||
| CVE-2005-0851 | 1 Filezilla-project | 1 Filezilla Server | 2020-07-28 | 5.0 MEDIUM | N/A |
| FileZilla FTP server before 0.9.6, when using MODE Z (zlib compression), allows remote attackers to cause a denial of service (infinite loop) via certain file uploads or directory listings. | |||||
| CVE-2005-0850 | 1 Filezilla-project | 1 Filezilla Server | 2020-07-28 | 5.0 MEDIUM | N/A |
| FileZilla FTP server before 0.9.6 allows remote attackers to cause a denial of service via a request for a filename containing an MS-DOS device name such as CON, NUL, COM1, LPT1, and others. | |||||
| CVE-2019-11252 | 1 Kubernetes | 1 Kubernetes | 2020-07-28 | 5.0 MEDIUM | 6.5 MEDIUM |
| The Kubernetes kube-controller-manager in versions v1.0-v1.17 is vulnerable to a credential leakage via error messages in mount failure logs and events for AzureFile and CephFS volumes. | |||||
| CVE-2020-15092 | 1 Northwestern | 1 Timelinejs | 2020-07-28 | 3.5 LOW | 4.8 MEDIUM |
| In TimelineJS before version 3.7.0, some user data renders as HTML. An attacker could implement an XSS exploit with maliciously crafted content in a number of data fields. This risk is present whether the source data for the timeline is stored on Google Sheets or in a JSON configuration file. Most TimelineJS users configure their timeline with a Google Sheets document. Those users are exposed to this vulnerability if they grant write access to the document to a malicious inside attacker, if the access of a trusted user is compromised, or if they grant public write access to the document. Some TimelineJS users configure their timeline with a JSON document. Those users are exposed to this vulnerability if they grant write access to the document to a malicious inside attacker, if the access of a trusted user is compromised, or if write access to the system hosting that document is otherwise compromised. Version 3.7.0 of TimelineJS addresses this in two ways. For content which is intended to support limited HTML markup for styling and linking, that content is "sanitized" before being added to the DOM. For content intended for simple text display, all markup is stripped. Very few users of TimelineJS actually install the TimelineJS code on their server. Most users publish a timeline using a URL hosted on systems we control. The fix for this issue is published to our system such that **those users will automatically begin using the new code**. The only exception would be users who have deliberately edited the embed URL to "pin" their timeline to an earlier version of the code. Some users of TimelineJS use it as a part of a wordpress plugin (knight-lab-timelinejs). Version 3.7.0.0 of that plugin and newer integrate the updated code. Users are encouraged to update the plugin rather than manually update the embedded version of TimelineJS. | |||||
| CVE-2020-4405 | 1 Ibm | 1 Verify Gateway | 2020-07-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 could disclose potentially sensitive information to an authenticated user due to world readable log files. IBM X-Force ID: 179484. | |||||
| CVE-2020-4408 | 1 Ibm | 1 Qradar Advisory | 2020-07-28 | 2.1 LOW | 4.6 MEDIUM |
| The IBM QRadar Advisor 1.1 through 2.5.2 with Watson App for IBM QRadar SIEM does not adequately mask all passwords during input, which could be obtained by a physical attacker nearby. IBM X-Force ID: 179536. | |||||
| CVE-2019-4731 | 1 Ibm | 1 Mq Appliance | 2020-07-28 | 2.1 LOW | 5.5 MEDIUM |
| IBM MQ Appliance 9.1.4.CD could allow a local attacker to obtain highly sensitive information by inclusion of sensitive data within trace. IBM X-Force ID: 172616. | |||||
| CVE-2020-15085 | 1 Mirumee | 1 Saleor | 2020-07-28 | 2.1 LOW | 6.1 MEDIUM |
| In Saleor Storefront before version 2.10.3, request data used to authenticate customers was inadvertently cached in the browser's local storage mechanism, including credentials. A malicious user with direct access to the browser could extract the email and password. In versions prior to 2.10.0 persisted the cache even after the user logged out. This is fixed in version 2.10.3. A workaround is to manually clear application data (browser's local storage) after logging into Saleor Storefront. | |||||
| CVE-2017-12122 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2020-07-28 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2017-14440 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2020-07-28 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2. A specially crafted ILBM image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2017-14441 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2020-07-28 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2. A specially crafted ICO image can cause an integer overflow, cascading to a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2017-14442 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2020-07-28 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2. A specially crafted BMP image can cause a stack overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2017-14448 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2020-07-28 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a heap overflow resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2017-14449 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2020-07-28 | 6.8 MEDIUM | 8.8 HIGH |
| A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2. A specially crafted XCF image can cause a Double-Free situation to occur. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2017-14450 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2020-07-28 | 5.8 MEDIUM | 7.1 HIGH |
| A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2. A specially crafted GIF image can lead to a buffer overflow on a global section. An attacker can display an image to trigger this vulnerability. | |||||
| CVE-2018-3837 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2020-07-28 | 4.3 MEDIUM | 5.5 MEDIUM |
| An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted PCX image can cause an out-of-bounds read on the heap, resulting in information disclosure . An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2018-3838 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2020-07-28 | 4.3 MEDIUM | 6.5 MEDIUM |
| An exploitable information vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds read on the heap, resulting in information disclosure. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2018-3839 | 2 Debian, Libsdl | 2 Debian Linux, Sdl Image | 2020-07-28 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability. | |||||
| CVE-2020-4317 | 1 Ibm | 3 Intelligent Operations Center, Intelligent Operations Center For Emergency Management, Water Operations For Waternamics | 2020-07-28 | 3.5 LOW | 5.4 MEDIUM |
| IBM Intelligent Operations Center for Emergency Management, Intelligent Operations Center (IOC), and IBM Water Operations for Waternamics are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 177355. | |||||
| CVE-2020-4318 | 1 Ibm | 3 Intelligent Operations Center, Intelligent Operations Center For Emergency Management, Water Operations For Waternamics | 2020-07-28 | 3.5 LOW | 5.4 MEDIUM |
| IBM Intelligent Operations Center for Emergency Management, Intelligent Operations Center (IOC), and IBM Water Operations for Waternamics are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 177356. | |||||
| CVE-2020-4465 | 1 Ibm | 1 Mq Appliance | 2020-07-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS is vulnerable to a buffer overflow vulnerability due to an error within the channel processing code. A remote attacker could overflow the buffer using an older client and cause a denial of service. IBM X-Force ID: 181562. | |||||
| CVE-2020-15712 | 1 Rconfig | 1 Rconfig | 2020-07-28 | 4.0 MEDIUM | 4.3 MEDIUM |
| rConfig 3.9.5 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a crafted request to the ajaxGetFileByPath.php script containing hexadecimal encoded "dot dot" sequences (%2f..%2f) in the path parameter to view arbitrary files on the system. | |||||
| CVE-2020-15713 | 1 Rconfig | 1 Rconfig | 2020-07-28 | 6.5 MEDIUM | 8.8 HIGH |
| rConfig 3.9.5 is vulnerable to SQL injection. A remote authenticated attacker could send crafted SQL statements to the devices.php script using the sortBy parameter, which could allow the attacker to view, add, modify, or delete information in the back-end database. | |||||
| CVE-2020-15714 | 1 Rconfig | 1 Rconfig | 2020-07-28 | 6.5 MEDIUM | 8.8 HIGH |
| rConfig 3.9.5 is vulnerable to SQL injection. A remote authenticated attacker could send crafted SQL statements to the devices.crud.php script using the custom_Location parameter, which could allow the attacker to view, add, modify, or delete information in the back-end database. | |||||
| CVE-2020-15715 | 1 Rconfig | 1 Rconfig | 2020-07-28 | 6.5 MEDIUM | 9.9 CRITICAL |
| rConfig 3.9.5 could allow a remote authenticated attacker to execute arbitrary code on the system, because of an error in the search.crud.php script. An attacker could exploit this vulnerability using the nodeId parameter. | |||||
| CVE-2011-4800 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in Serv-U FTP Server before 11.1.0.5 allows remote authenticated users to read and write arbitrary files, and list and create arbitrary directories, via a "..:/" (dot dot colon forward slash) in the (1) list, (2) put, or (3) get commands. | |||||
| CVE-2017-2718 | 1 Huawei | 1 Fusionsphere Openstack | 2020-07-28 | 8.3 HIGH | 8.8 HIGH |
| FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation on one port. An attacker can exploit the vulnerabilities to gain root privileges by sending some messages with malicious commands. | |||||
| CVE-2009-4815 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 4.0 MEDIUM | N/A |
| Directory traversal vulnerability in Serv-U before 9.2.0.1 allows remote authenticated users to read arbitrary files via unspecified vectors. | |||||
| CVE-2009-3655 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 5.0 MEDIUM | N/A |
| Rhino Software Serv-U 7.0.0.1 through 8.2.0.3 allows remote attackers to cause a denial of service (server crash) via unspecified vectors related to the "SITE SET TRANSFERPROGRESS ON" FTP command. | |||||
| CVE-2009-4006 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the TEA decoding algorithm in RhinoSoft Serv-U FTP server 7.0.0.1, 9.0.0.5, and other versions before 9.1.0.0 allows remote attackers to execute arbitrary code via a long hexadecimal string. | |||||
| CVE-2008-3731 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in Serv-U File Server 7.0.0.1, and other versions before 7.2.0.1, allows remote authenticated users to cause a denial of service (daemon crash) via an SSH session with SFTP commands for directory creation and logging. | |||||
| CVE-2008-4500 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 4.0 MEDIUM | N/A |
| Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted stou command, probably related to MS-DOS device names, as demonstrated using "con:1". | |||||
| CVE-2008-4501 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 9.0 HIGH | N/A |
| Directory traversal vulnerability in the FTP server in Serv-U 7.0.0.1 through 7.3, including 7.2.0.1, allows remote authenticated users to overwrite or create arbitrary files via a ..\ (dot dot backslash) in the RNTO command. | |||||
| CVE-2009-0967 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 4.0 MEDIUM | N/A |
| The FTP server in Serv-U 7.0.0.1 through 7.4.0.1 allows remote authenticated users to cause a denial of service (service hang) via a large number of SMNT commands without an argument. | |||||
| CVE-2009-1031 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 7.8 HIGH | N/A |
| Directory traversal vulnerability in the FTP server in Rhino Software Serv-U File Server 7.0.0.1 through 7.4.0.1 allows remote attackers to create arbitrary directories via a \.. (backslash dot dot) in an MKD request. | |||||
| CVE-2017-16821 | 1 B3log | 1 Symphony | 2020-07-28 | 3.5 LOW | 5.4 MEDIUM |
| b3log Symphony (aka Sym) 2.2.0 has XSS in processor/AdminProcessor.java in the admin console, as demonstrated by a crafted X-Forwarded-For HTTP header that is mishandled during display of a client IP address in /admin/user/userid. | |||||
| CVE-2005-3467 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 5.0 MEDIUM | N/A |
| Serv-U FTP Server before 6.1.0.4 allows attackers to cause a denial of service (crash) via (1) malformed packets and possibly other unspecified issues with unknown impact and attack vectors including (2) use of "~" in a pathname, and (3) memory consumption of the daemon. NOTE: it is not clear whether items (2) and above are vulnerabilities. | |||||
| CVE-2001-0054 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in FTP Serv-U before 2.5i allows remote attackers to escape the FTP root and read arbitrary files by appending a string such as "/..%20." to a CD command, a variant of a .. (dot dot) attack. | |||||
| CVE-2001-1463 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 7.5 HIGH | N/A |
| The remote administration client for RhinoSoft Serv-U 3.0 sends the user password in plaintext even when S/KEY One-Time Password (OTP) authentication is enabled, which allows remote attackers to sniff passwords. | |||||
| CVE-2002-2393 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 5.0 MEDIUM | N/A |
| Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series of MKD commands. | |||||
| CVE-2004-0330 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 10.0 HIGH | N/A |
| Buffer overflow in Serv-U ftp before 5.0.0.4 allows remote authenticated users to execute arbitrary code via a long time zone argument to the MDTM command. | |||||
| CVE-2004-1675 | 1 Solarwinds | 1 Serv-u File Server | 2020-07-28 | 5.0 MEDIUM | N/A |
| Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application crash) via a STORE UNIQUE (STOU) command with an MS-DOS device name argument such as (1) COM1, (2) LPT1, (3) PRN, or (4) AUX. | |||||