Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2014-3476 | 2 Openstack, Suse | 2 Keystone, Cloud | 2020-06-02 | 6.0 MEDIUM | N/A |
| OpenStack Identity (Keystone) before 2013.2.4, 2014.1 before 2014.1.2, and Juno before Juno-2 does not properly handle chained delegation, which allows remote authenticated users to gain privileges by leveraging a (1) trust or (2) OAuth token with impersonation enabled to create a new token with additional roles. | |||||
| CVE-2013-4222 | 4 Canonical, Fedoraproject, Openstack and 1 more | 4 Ubuntu Linux, Fedora, Keystone and 1 more | 2020-06-02 | 6.5 MEDIUM | N/A |
| OpenStack Identity (Keystone) Folsom, Grizzly 2013.1.3 and earlier, and Havana before havana-3 does not properly revoke user tokens when a tenant is disabled, which allows remote authenticated users to retain access via the token. | |||||
| CVE-2020-10959 | 1 Mediawiki | 1 Mediawiki | 2020-06-02 | 5.8 MEDIUM | 6.1 MEDIUM |
| resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page. | |||||
| CVE-2014-3621 | 3 Canonical, Openstack, Redhat | 4 Ubuntu Linux, Keystone, Enterprise Linux and 1 more | 2020-06-02 | 4.0 MEDIUM | N/A |
| The catalog url replacement in OpenStack Identity (Keystone) before 2013.2.3 and 2014.1 before 2014.1.2.1 allows remote authenticated users to read sensitive configuration options via a crafted endpoint, as demonstrated by "$(admin_token)" in the publicurl endpoint field. | |||||
| CVE-2020-10739 | 1 Istio | 1 Istio | 2020-06-02 | 5.0 MEDIUM | 7.5 HIGH |
| Istio 1.4.x before 1.4.9 and Istio 1.5.x before 1.5.4 contain the following vulnerability when telemetry v2 is enabled: by sending a specially crafted packet, an attacker could trigger a Null Pointer Exception resulting in a Denial of Service. This could be sent to the ingress gateway or a sidecar, triggering a null pointer exception which results in a denial of service. This also affects servicemesh-proxy where a null pointer exception flaw was found in servicemesh-proxy. When running Telemetry v2 (not on by default in version 1.4.x), an attacker could send a specially crafted packet to the ingress gateway or proxy sidecar, triggering a denial of service. | |||||
| CVE-2014-3520 | 1 Openstack | 1 Keystone | 2020-06-02 | 6.5 MEDIUM | N/A |
| OpenStack Identity (Keystone) before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated trustees to gain access to an unauthorized project for which the trustor has certain roles via the project ID in a V2 API trust token request. | |||||
| CVE-2014-0204 | 1 Openstack | 1 Keystone | 2020-06-02 | 6.5 MEDIUM | N/A |
| OpenStack Identity (Keystone) before 2014.1.1 does not properly handle when a role is assigned to a group that has the same ID as a user, which allows remote authenticated users to gain privileges that are assigned to a group with the same ID. | |||||
| CVE-2015-3646 | 2 Openstack, Oracle | 2 Keystone, Solaris | 2020-06-02 | 4.0 MEDIUM | N/A |
| OpenStack Identity (Keystone) before 2014.1.5 and 2014.2.x before 2014.2.4 logs the backend_argument configuration option content, which allows remote authenticated users to obtain passwords and other sensitive backend information by reading the Keystone logs. | |||||
| CVE-2015-7546 | 2 Openstack, Oracle | 3 Keystone, Keystonemiddleware, Solaris | 2020-06-02 | 6.0 MEDIUM | 7.5 HIGH |
| The identity service in OpenStack Identity (Keystone) before 2015.1.3 (Kilo) and 8.0.x before 8.0.2 (Liberty) and keystonemiddleware (formerly python-keystoneclient) before 1.5.4 (Kilo) and Liberty before 2.3.3 does not properly invalidate authorization tokens when using the PKI or PKIZ token providers, which allows remote authenticated users to bypass intended access restrictions and gain access to cloud resources by manipulating byte fields within a revoked token. | |||||
| CVE-2019-11843 | 1 Mailpoet | 1 Mailpoet | 2020-06-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| The MailPoet plugin before 3.23.2 for WordPress allows remote attackers to inject arbitrary web script or HTML using extra parameters in the URL (Reflective Server-Side XSS). | |||||
| CVE-2014-8945 | 1 Piwigo | 1 Lexiglot | 2020-06-02 | 7.5 HIGH | 9.8 CRITICAL |
| admin.php?page=projects in Lexiglot through 2014-11-20 allows command injection via username and password fields. | |||||
| CVE-2014-8944 | 1 Piwigo | 1 Lexiglot | 2020-06-02 | 3.5 LOW | 5.4 MEDIUM |
| Lexiglot through 2014-11-20 allows XSS (Reflected) via the username, or XSS (Stored) via the admin.php?page=config install_name, intro_message, or new_file_content parameter. | |||||
| CVE-2014-8943 | 1 Piwigo | 1 Lexiglot | 2020-06-02 | 6.5 MEDIUM | 8.8 HIGH |
| Lexiglot through 2014-11-20 allows SSRF via the admin.php?page=projects svn_url parameter. | |||||
| CVE-2014-8942 | 1 Piwigo | 1 Lexiglot | 2020-06-02 | 6.8 MEDIUM | 8.8 HIGH |
| Lexiglot through 2014-11-20 allows CSRF. | |||||
| CVE-2014-8941 | 1 Piwigo | 1 Lexiglot | 2020-06-02 | 7.5 HIGH | 9.8 CRITICAL |
| Lexiglot through 2014-11-20 allows SQL injection via an admin.php?page=users&from_id= or admin.php?page=history&limit= URI. | |||||
| CVE-2011-1108 | 1 Google | 1 Chrome | 2020-06-02 | 6.8 MEDIUM | N/A |
| Google Chrome before 9.0.597.107 does not properly implement JavaScript dialogs, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted HTML document. | |||||
| CVE-2014-8940 | 1 Piwigo | 1 Lexiglot | 2020-06-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (names and details of projects) by visiting the /update.log URI. | |||||
| CVE-2014-8939 | 1 Piwigo | 1 Lexiglot | 2020-06-02 | 4.3 MEDIUM | 5.3 MEDIUM |
| Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (full path) via an include/smarty/plugins/modifier.date_format.php request if PHP has a non-recommended configuration that produces warning messages. | |||||
| CVE-2020-4503 | 1 Ibm | 1 Planning Analytics Local | 2020-06-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182283. | |||||
| CVE-2020-11950 | 1 Vivotek | 400 Cc8160, Cc8160\(hs\), Cc8160\(hs\) Firmware and 397 more | 2020-06-02 | 9.0 HIGH | 8.8 HIGH |
| VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). For example, this affects IT9388-HT devices. | |||||
| CVE-2020-1831 | 1 Huawei | 2 Mate 20, Mate 20 Firmware | 2020-06-02 | 1.9 LOW | 2.4 LOW |
| HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper authorization vulnerability. The digital balance function does not sufficiently restrict the using time of certain user, successful exploit could allow the user break the limit of digital balance function after a series of operations with a PC. | |||||
| CVE-2020-4018 | 1 Atlassian | 2 Crucible, Fisheye | 2020-06-02 | 6.8 MEDIUM | 8.8 HIGH |
| The setup resources in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to complete the setup process via a cross-site request forgery (CSRF) vulnerability. | |||||
| CVE-2014-8938 | 1 Piwigo | 1 Lexiglot | 2020-06-02 | 2.1 LOW | 7.8 HIGH |
| Lexiglot through 2014-11-20 allows local users to obtain sensitive information by listing a process because the username and password are on the command line. | |||||
| CVE-2014-8937 | 1 Piwigo | 1 Lexiglot | 2020-06-02 | 5.0 MEDIUM | 7.5 HIGH |
| Lexiglot through 2014-11-20 allows denial of service because api/update.php launches svn update operations that use a great deal of resources. | |||||
| CVE-2019-20805 | 1 Upx Project | 1 Upx | 2020-06-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| p_lx_elf.cpp in UPX before 3.96 has an integer overflow during unpacking via crafted values in a PT_DYNAMIC segment. | |||||
| CVE-2020-7659 | 1 Celluloid | 1 Reel | 2020-06-02 | 5.0 MEDIUM | 7.5 HIGH |
| reel through 0.6.1 allows Request Smuggling attacks due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct HTTP request smuggling attacks by sending the Content-Length header twice. Furthermore, invalid Transfer Encoding headers were found to be parsed as valid which could be leveraged for TE:CL smuggling attacks. Note: This project is deprecated, and is not maintained any more. | |||||
| CVE-2020-12828 | 1 Pango | 1 Virtual Private Network Software Development Kit | 2020-06-02 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in AnchorFree VPN SDK before 1.3.3.218. The VPN SDK service takes certain executable locations over a socket bound to localhost. Binding to the socket and providing a path where a malicious executable file resides leads to executing the malicious executable file with SYSTEM privileges. | |||||
| CVE-2020-4013 | 1 Atlassian | 2 Crucible, Fisheye | 2020-06-02 | 3.5 LOW | 5.4 MEDIUM |
| The review resource in Atlassian Fisheye and Crucible before version 4.8.1 allows remote attackers to inject arbitrary HTML or Javascript via a cross site scripting (XSS) vulnerability through the review objectives. | |||||
| CVE-2020-4360 | 1 Ibm | 1 Planning Analytics Local | 2020-06-02 | 3.5 LOW | 5.4 MEDIUM |
| IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 178765. | |||||
| CVE-2020-4366 | 1 Ibm | 1 Planning Analytics Local | 2020-06-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 178965. | |||||
| CVE-2020-4367 | 1 Ibm | 1 Planning Analytics Local | 2020-06-02 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Planning Analytics Local 2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179001. | |||||
| CVE-2020-4431 | 1 Ibm | 1 Planning Analytics Local | 2020-06-02 | 3.5 LOW | 5.4 MEDIUM |
| IBM Planning Analytics Local 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 180761. | |||||
| CVE-2020-2767 | 2 Netapp, Oracle | 7 Active Iq Unified Manager, E-series Santricity Os Controller, Snapmanager and 4 more | 2020-06-02 | 5.8 MEDIUM | 4.8 MEDIUM |
| Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). | |||||
| CVE-2020-2778 | 2 Netapp, Oracle | 7 Active Iq Unified Manager, E-series Santricity Os Controller, Snapmanager and 4 more | 2020-06-02 | 4.3 MEDIUM | 3.7 LOW |
| Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). | |||||
| CVE-2020-13227 | 1 Sysax | 1 Multi Server | 2020-06-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Sysax Multi Server 6.90. An attacker can determine the username (under which the web server is running) by triggering an invalid path permission error. This bypasses the fakepath protection mechanism. | |||||
| CVE-2020-13229 | 1 Sysax | 1 Multi Server | 2020-06-02 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Sysax Multi Server 6.90. A session can be hijacked if one observes the sid value in any /scgi URI, because it is an authentication token. | |||||
| CVE-2015-5707 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2020-06-02 | 4.6 MEDIUM | N/A |
| Integer overflow in the sg_start_req function in drivers/scsi/sg.c in the Linux kernel 2.6.x through 4.x before 4.1 allows local users to cause a denial of service or possibly have unspecified other impact via a large iov_count value in a write request. | |||||
| CVE-2020-1832 | 1 Huawei | 2 E6878-370, E6878-370 Firmware | 2020-06-02 | 5.8 MEDIUM | 8.8 HIGH |
| E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow vulnerability. The program copies an input buffer to an output buffer without verification. An attacker in the adjacent network could send a crafted message, successful exploit could lead to stack buffer overflow which may cause malicious code execution. | |||||
| CVE-2016-6384 | 1 Cisco | 2 Ios, Ios Xe | 2020-06-02 | 7.8 HIGH | 7.5 HIGH |
| Cisco IOS 12.2 through 12.4 and 15.0 through 15.6 and IOS XE 3.1 through 3.17 and 16.2 allow remote attackers to cause a denial of service (device reload) via crafted fields in an H.323 message, aka Bug ID CSCux04257. | |||||
| CVE-2018-19654 | 1 Sales \& Company Management System Project | 1 Sales \& Company Management System | 2020-06-02 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. There is a discrepancy in username checking between a component that does string validation, and a component that is supposed to query a MySQL database. Thus, it is possible to register a new account with a duplicate username, as demonstrated by use of the test%c2 string when a test account already exists. | |||||
| CVE-2018-18545 | 1 Fiyo | 1 Fiyo Cms | 2020-06-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| Fiyo CMS 2.0.7 has XSS via the dapur\apps\app_user\edit_user.php name parameter. | |||||
| CVE-2018-19355 | 2 Mypresta, Prestashop | 2 Customer Files Upload, Prestashop | 2020-06-02 | 7.5 HIGH | 9.8 CRITICAL |
| modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop (1.5 through 1.7) allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product (for upload destinations under modules/productfiles), order (for upload destinations under modules/files), or cart (for upload destinations under modules/cartfiles). | |||||
| CVE-2020-13694 | 1 Quickbox | 1 Quickbox | 2020-06-02 | 9.0 HIGH | 8.8 HIGH |
| In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user can execute sudo mysql without a password, which means that the www-data user can execute arbitrary OS commands via the mysql -e option. | |||||
| CVE-2020-13758 | 1 Bitrix | 1 Bitrix24 | 2020-06-02 | 4.3 MEDIUM | 6.1 MEDIUM |
| modules/security/classes/general.post_filter.php/post_filter.php in the Web Application Firewall in Bitrix24 through 20.0.950 allows XSS by placing %00 before the payload. | |||||
| CVE-2014-7174 | 1 Farsite | 2 Farlinx X25 Gateway, Farlinx X25 Gateway Firmware | 2020-06-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| FarLinX X25 Gateway through 2014-09-25 allows directory traversal via the log-handling feature. | |||||
| CVE-2014-7175 | 1 Farsite | 2 Farlinx X25 Gateway, Farlinx X25 Gateway Firmware | 2020-06-02 | 7.5 HIGH | 9.8 CRITICAL |
| FarLinX X25 Gateway through 2014-09-25 allows attackers to write arbitrary data to fsUI.xyz via fsSaveUIPersistence.php. | |||||
| CVE-2014-7173 | 1 Farsite | 2 Farlinx X25 Gateway, Farlinx X25 Gateway Firmware | 2020-06-02 | 7.5 HIGH | 9.8 CRITICAL |
| FarLinX X25 Gateway through 2014-09-25 allows command injection via shell metacharacters to sysSaveMonitorData.php, fsx25MonProxy.php, syseditdate.php, iframeupload.php, or sysRestoreX25Cplt.php. | |||||
| CVE-2020-13386 | 1 Smartdraw | 1 Smartdraw 2020 | 2020-06-01 | 4.4 MEDIUM | 7.3 HIGH |
| In SmartDraw 2020 27.0.0.0, the installer gives inherited write permissions to the Authenticated Users group on the SmartDraw 2020 installation folder. Additionally, when the product is installed, two scheduled tasks are created on the machine, SDMsgUpdate (Local) and SDMsgUpdate (TE). The scheduled tasks run in the context of the user who installed the product. Both scheduled tasks attempt to run the same binary, C:\SmartDraw 2020\Messages\SDNotify.exe. The folder Messages doesn't exist by default and (by extension) neither does SDNotify.exe. Due to the weak folder permissions, these can be created by any user. A malicious actor can therefore create a malicious SDNotify.exe binary, and have it automatically run, whenever the user who installed the product logs on to the machine. The malicious SDNotify.exe could, for example, create a new local administrator account on the machine. | |||||
| CVE-2020-8482 | 1 Abb | 1 Device Library Wizard | 2020-06-01 | 2.1 LOW | 5.5 MEDIUM |
| Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data | |||||
| CVE-2018-20225 | 1 Pypa | 1 Pip | 2020-06-01 | 6.8 MEDIUM | 7.8 HIGH |
| ** DISPUTED ** An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number). NOTE: it has been reported that this is intended functionality and the user is responsible for using --extra-index-url securely. | |||||