Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-7518 | 1 Schneider-electric | 1 Easergy Builder | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| A CWE-20: Improper input validation vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker to modify project configuration files. | |||||
| CVE-2020-7519 | 1 Schneider-electric | 1 Easergy Builder | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| A CWE-521: Weak Password Requirements vulnerability exists in Easergy Builder (Version 1.4.7.2 and older) which could allow an attacker to compromise a user account. | |||||
| CVE-2020-15123 | 1 Codecov | 1 Codecov | 2020-07-27 | 6.8 MEDIUM | 9.3 CRITICAL |
| In codecov (npm package) before version 3.7.1 the upload method has a command injection vulnerability. Clients of the codecov-node library are unlikely to be aware of this, so they might unwittingly write code that contains a vulnerability. A similar CVE (CVE-2020-7597 for GHSA-5q88-cjfq-g2mh) was issued but the fix was incomplete. It only blocked &, and command injection is still possible using backticks instead to bypass the sanitizer. The attack surface is low in this case. Particularly in the standard use of codecov, where the module is used directly in a build pipeline, not built against as a library in another application that may supply malicious input and perform command injection. | |||||
| CVE-2020-5611 | 1 Wpsocialrocket | 1 Social Sharing | 2020-07-27 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in Social Sharing Plugin versions prior to 1.2.10 allows remote attackers to hijack the authentication of administrators via unspecified vectors. | |||||
| CVE-2019-17514 | 1 Python | 1 Python | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| library/glob.html in the Python 2 and 3 documentation before 2016 has potentially misleading information about whether sorting occurs, as demonstrated by irreproducible cancer-research results. NOTE: the effects of this documentation cross application domains, and thus it is likely that security-relevant code elsewhere is affected. This issue is not a Python implementation bug, and there are no reports that NMR researchers were specifically relying on library/glob.html. In other words, because the older documentation stated "finds all the pathnames matching a specified pattern according to the rules used by the Unix shell," one might have incorrectly inferred that the sorting that occurs in a Unix shell also occurred for glob.glob. There is a workaround in newer versions of Willoughby nmr-data_compilation-p2.py and nmr-data_compilation-p3.py, which call sort() directly. | |||||
| CVE-2019-9674 | 1 Python | 1 Python | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb. | |||||
| CVE-2020-4447 | 1 Ibm | 1 Filenet Content Manager | 2020-07-27 | 3.5 LOW | 5.4 MEDIUM |
| IBM FileNet Content Manager 5.5.3 and 5.5.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 181227. | |||||
| CVE-2020-8175 | 1 Jpeg-js Project | 1 Jpeg-js | 2020-07-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| Uncontrolled resource consumption in `jpeg-js` before 0.4.0 may allow attacker to launch denial of service attacks using specially a crafted JPEG image. | |||||
| CVE-2017-11738 | 1 Zohocorp | 1 Manageengine Applications Manager | 2020-07-27 | 6.8 MEDIUM | 8.1 HIGH |
| In Zoho ManageEngine Application Manager prior to 14.6 Build 14660, the 'haid' parameter of the '/auditLogAction.do' module is vulnerable to a Time-based Blind SQL Injection attack. | |||||
| CVE-2019-11507 | 1 Pulsesecure | 1 Pulse Connect Secure | 2020-07-27 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Pulse Secure Pulse Connect Secure (PCS) 8.3.x before 8.3R7.1 and 9.0.x before 9.0R3, an XSS issue has been found on the Application Launcher page. | |||||
| CVE-2020-15569 | 1 Milkytracker Project | 1 Milkytracker | 2020-07-27 | 4.3 MEDIUM | 5.5 MEDIUM |
| PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor. | |||||
| CVE-2017-3857 | 1 Cisco | 2 Ios, Ios Xe | 2020-07-27 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS (12.0 through 12.4 and 15.0 through 15.6) and Cisco IOS XE (3.1 through 3.18) could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient validation of L2TP packets. An attacker could exploit this vulnerability by sending a crafted L2TP packet to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. This vulnerability affects Cisco devices that are running a vulnerable release of Cisco IOS or Cisco IOS XE Software if the L2TP feature is enabled for the device and the device is configured as an L2TP Version 2 (L2TPv2) or L2TP Version 3 (L2TPv3) endpoint. By default, the L2TP feature is not enabled. Cisco Bug IDs: CSCuy82078. | |||||
| CVE-2011-0484 | 1 Google | 2 Chrome, Chrome Os | 2020-07-27 | 7.5 HIGH | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly perform DOM node removal, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors that lead to a "stale rendering node." | |||||
| CVE-2020-15916 | 1 Tenda | 2 Ac15, Ac15 Firmware | 2020-07-27 | 10.0 HIGH | 9.8 CRITICAL |
| goform/AdvSetLanip endpoint on Tenda AC15 AC1900 15.03.05.19 devices allows remote attackers to execute arbitrary system commands via shell metacharacters in the lanIp POST parameter. | |||||
| CVE-2011-0477 | 1 Google | 2 Chrome, Chrome Os | 2020-07-27 | 10.0 HIGH | N/A |
| Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 do not properly handle a mismatch in video frame sizes, which allows remote attackers to cause a denial of service (incorrect memory access) or possibly have unspecified other impact via unknown vectors. | |||||
| CVE-2020-15896 | 1 Dlink | 2 Dap-1522, Dap-1522 Firmware | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| An authentication-bypass issue was discovered on D-Link DAP-1522 devices 1.4x before 1.10b04Beta02. There exist a few pages that are directly accessible by any unauthorized user, e.g., logout.php and login.php. This occurs because of checking the value of NO_NEED_AUTH. If the value of NO_NEED_AUTH is 1, the user has direct access to the webpage without any authentication. By appending a query string NO_NEED_AUTH with the value of 1 to any protected URL, any unauthorized user can access the application directly, as demonstrated by bsc_lan.php?NO_NEED_AUTH=1. | |||||
| CVE-2020-15923 | 1 Midasolutions | 1 Eframework | 2020-07-27 | 7.8 HIGH | 7.5 HIGH |
| Mida eFramework through 2.9.0 allows unauthenticated ../ directory traversal. | |||||
| CVE-2020-7681 | 1 Indo-mars | 1 Marscode | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package marscode. There is no path sanitization in the path provided at fs.readFile in index.js. | |||||
| CVE-2020-7682 | 1 Marked-tree Project | 1 Marked-tree | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package marked-tree. There is no path sanitization in the path provided at fs.readFile in index.js. | |||||
| CVE-2020-7683 | 1 Rollup-plugin-server Project | 1 Rollup-plugin-server | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package rollup-plugin-server. There is no path sanitization in readFile operation performed inside the readFileFromContentBase function. | |||||
| CVE-2020-7686 | 1 Rollup-plugin-dev-server Project | 1 Rollup-plugin-dev-server | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package rollup-plugin-dev-server. There is no path sanitization in readFile operation inside the readFileFromContentBase function. | |||||
| CVE-2020-7687 | 1 Fast-http Project | 1 Fast-http | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package fast-http. There is no path sanitization in the path provided at fs.readFile in index.js. | |||||
| CVE-2020-15924 | 1 Midasolutions | 1 Eframework | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| There is a SQL Injection in Mida eFramework through 2.9.0 that leads to Information Disclosure. No authentication is required. The injection point resides in one of the authentication parameters. | |||||
| CVE-2020-15885 | 1 Munkireport Project | 1 Comment | 2020-07-27 | 3.5 LOW | 5.4 MEDIUM |
| A Cross-Site Scripting (XSS) vulnerability in the comment module before 4.0 for MunkiReport allows remote attackers to inject arbitrary web script or HTML by posting a new comment. | |||||
| CVE-2020-1808 | 1 Huawei | 8 Honor 20, Honor 20 Firmware, Honor 20 Pro and 5 more | 2020-07-27 | 5.8 MEDIUM | 7.1 HIGH |
| Honor 20;HONOR 20 PRO;Honor Magic2;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;Honor View 20 smartphones with versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.176(C00E60R2P11);9.1.0.135(C00E133R2P1); versions earlier than 10.1.0.123(C431E22R3P5), versions earlier than 10.1.0.126(C636E5R3P4), versions earlier than 10.1.0.160(C00E160R2P11); versions earlier than 10.1.0.126(C185E8R5P1), versions earlier than 10.1.0.126(C636E9R2P4), versions earlier than 10.1.0.160(C00E160R2P8); versions earlier than 10.0.0.179(C636E3R4P3), versions earlier than 10.0.0.180(C185E3R3P3), versions earlier than 10.0.0.180(C432E10R3P4), versions earlier than 10.0.0.181(C675E5R1P2) have an out of bound read vulnerability. The software reads data past the end of the intended buffer. The attacker tricks the user into installing a crafted application, successful exploit may cause information disclosure or service abnormal. | |||||
| CVE-2020-15884 | 1 Munkireport Project | 1 Munkireport | 2020-07-27 | 6.5 MEDIUM | 8.8 HIGH |
| A SQL injection vulnerability in TableQuery.php in MunkiReport before 5.6.3 allows attackers to execute arbitrary SQL commands via the order[0][dir] field on POST requests to /datatables/data. | |||||
| CVE-2016-1925 | 1 Lha For Unix Project | 1 Lha For Unix | 2020-07-27 | 7.5 HIGH | 9.8 CRITICAL |
| Integer underflow in header.c in lha allows remote attackers to have unspecified impact via a large header size value for the (1) level0 or (2) level1 header in a lha archive, which triggers a buffer overflow. | |||||
| CVE-2016-8859 | 1 Etalabs | 1 Musl | 2020-07-27 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in the TRE library and musl libc allow attackers to cause memory corruption via a large number of (1) states or (2) tags, which triggers an out-of-bounds write. | |||||
| CVE-2017-1000501 | 2 Awstats, Debian | 2 Awstats, Debian Linux | 2020-07-27 | 7.5 HIGH | 9.8 CRITICAL |
| Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution. | |||||
| CVE-2018-7435 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2020-07-27 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the freexl::destroy_cell function. | |||||
| CVE-2018-7436 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2020-07-27 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a pointer dereference of the parse_SST function. | |||||
| CVE-2018-7437 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2020-07-27 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in a memcpy call of the parse_SST function. | |||||
| CVE-2018-7438 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2020-07-27 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the parse_unicode_string function. | |||||
| CVE-2018-7439 | 2 Debian, Freexl Project | 2 Debian Linux, Freexl | 2020-07-27 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in FreeXL before 1.0.5. There is a heap-based buffer over-read in the function read_mini_biff_next_record. | |||||
| CVE-2018-9838 | 1 Ocaml | 1 Ocaml | 2020-07-27 | 7.5 HIGH | 9.8 CRITICAL |
| The caml_ba_deserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object. | |||||
| CVE-2019-17626 | 1 Reportlab | 1 Reportlab | 2020-07-27 | 7.5 HIGH | 9.8 CRITICAL |
| ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code. | |||||
| CVE-2020-12267 | 1 Qt | 1 Qt | 2020-07-27 | 7.5 HIGH | 9.8 CRITICAL |
| setMarkdown in Qt before 5.14.2 has a use-after-free related to QTextMarkdownImporter::insertBlock. | |||||
| CVE-2020-12626 | 2 Debian, Roundcube | 2 Debian Linux, Webmail | 2020-07-27 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Roundcube Webmail before 1.4.4. A CSRF attack can cause an authenticated user to be logged out because POST was not considered. | |||||
| CVE-2015-8837 | 3 Debian, Fedoraproject, Fuseiso Project | 3 Debian Linux, Fedora, Fuseiso | 2020-07-27 | 6.8 MEDIUM | 7.3 HIGH |
| Stack-based buffer overflow in the isofs_real_readdir function in isofs.c in FuseISO 20070708 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long pathname in an ISO file. | |||||
| CVE-2017-11692 | 1 Yaml-cpp Project | 1 Yaml-cpp | 2020-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| The function "Token& Scanner::peek" in scanner.cpp in yaml-cpp 0.5.3 and earlier allows remote attackers to cause a denial of service (assertion failure and application exit) via a '!2' string. | |||||
| CVE-2017-16882 | 1 Icinga | 1 Icinga | 2020-07-27 | 4.6 MEDIUM | 7.8 HIGH |
| Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account (and similarly can have etc/icinga.cfg owned by a non-root account), which allows local users to gain privileges by leveraging access to this non-root account, a related issue to CVE-2017-14312. This also affects bin/icingastats, bin/ido2db, and bin/log2ido. | |||||
| CVE-2019-19725 | 1 Sysstat Project | 1 Sysstat | 2020-07-27 | 7.5 HIGH | 9.8 CRITICAL |
| sysstat through 12.2.0 has a double free in check_file_actlst in sa_common.c. | |||||
| CVE-2020-11958 | 2 Canonical, Re2c | 2 Ubuntu Linux, Re2c | 2020-07-27 | 6.8 MEDIUM | 7.8 HIGH |
| re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/scanner.cc via a long lexeme. | |||||
| CVE-2020-12415 | 1 Mozilla | 1 Firefox | 2020-07-27 | 4.3 MEDIUM | 6.5 MEDIUM |
| When "%2F" was present in a manifest URL, Firefox's AppCache behavior may have become confused and allowed a manifest to be served from a subdirectory. This could cause the appcache to be used to service requests for the top level directory. This vulnerability affects Firefox < 78. | |||||
| CVE-2020-12418 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2020-07-27 | 4.3 MEDIUM | 6.5 MEDIUM |
| Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0. | |||||
| CVE-2020-12419 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2020-07-27 | 9.3 HIGH | 8.8 HIGH |
| When processing callbacks that occurred during window flushing in the parent process, the associated window may die; causing a use-after-free condition. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0. | |||||
| CVE-2020-12421 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2020-07-27 | 4.3 MEDIUM | 6.5 MEDIUM |
| When performing add-on updates, certificate chains terminating in non-built-in-roots were rejected (even if they were legitimately added by an administrator.) This could have caused add-ons to become out-of-date silently without notification to the user. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0. | |||||
| CVE-2020-12422 | 1 Mozilla | 1 Firefox | 2020-07-27 | 7.6 HIGH | 8.8 HIGH |
| In non-standard configurations, a JPEG image created by JavaScript could have caused an internal variable to overflow, resulting in an out of bounds write, memory corruption, and a potentially exploitable crash. This vulnerability affects Firefox < 78. | |||||
| CVE-2020-12424 | 1 Mozilla | 1 Firefox | 2020-07-27 | 4.3 MEDIUM | 6.5 MEDIUM |
| When constructing a permission prompt for WebRTC, a URI was supplied from the content process. This URI was untrusted, and could have been the URI of an origin that was previously granted permission; bypassing the prompt. This vulnerability affects Firefox < 78. | |||||
| CVE-2020-12425 | 1 Mozilla | 1 Firefox | 2020-07-27 | 4.3 MEDIUM | 6.5 MEDIUM |
| Due to confusion processing a hyphen character in Date.parse(), a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox < 78. | |||||