Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-7264 | 1 Mcafee | 1 Endpoint Security | 2020-05-18 | 3.6 LOW | 8.4 HIGH |
| Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 Hotfix 199847 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. | |||||
| CVE-2020-7265 | 1 Mcafee | 1 Endpoint Security | 2020-05-18 | 3.6 LOW | 8.4 HIGH |
| Privilege Escalation vulnerability in McAfee Endpoint Security (ENS) for Mac prior to 10.6.9 allows local users to delete files the user would otherwise not have access to via manipulating symbolic links to redirect a McAfee delete action to an unintended file. This is achieved through running a malicious script or program on the target machine. | |||||
| CVE-2020-9502 | 1 Dahuasecurity | 40 Ipc-hdbw1320e-w, Ipc-hdbw1320e-w Firmware, Ipc-hx2xxx and 37 more | 2020-05-18 | 7.5 HIGH | 9.8 CRITICAL |
| Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities. During normal user access, an attacker can use the predicted Session ID to construct a data packet to attack the device. | |||||
| CVE-2012-0953 | 1 Nvidia | 1 Display Driver | 2020-05-18 | 4.4 MEDIUM | 5.0 MEDIUM |
| A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53. | |||||
| CVE-2019-9682 | 1 Dahuasecurity | 40 Ipc-hdbw1320e-w, Ipc-hdbw1320e-w Firmware, Ipc-hx2xxx and 37 more | 2020-05-18 | 6.8 MEDIUM | 8.1 HIGH |
| Dahua devices with Build time before December 2019 use strong security login mode by default, but in order to be compatible with the normal login of early devices, some devices retain the weak security login mode that users can control. If the user uses a weak security login method, an attacker can monitor the device network to intercept network packets to attack the device. So it is recommended that the user disable this login method. | |||||
| CVE-2019-3025 | 1 Oracle | 1 Hospitality Res 3700 | 2020-05-18 | 6.8 MEDIUM | 9.0 CRITICAL |
| Vulnerability in the Oracle Hospitality RES 3700 component of Oracle Food and Beverage Applications. The supported version that is affected is 5.7. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality RES 3700. While the vulnerability is in Oracle Hospitality RES 3700, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality RES 3700. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H). | |||||
| CVE-2016-1113 | 1 Adobe | 1 Coldfusion | 2020-05-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2020-0024 | 1 Google | 1 Android | 2020-05-18 | 4.4 MEDIUM | 7.8 HIGH |
| In onCreate of SettingsBaseActivity.java, there is a possible unauthorized setting modification due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-137015265 | |||||
| CVE-2020-4345 | 1 Ibm | 1 I | 2020-05-18 | 1.9 LOW | 3.3 LOW |
| IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a specific set of circumstances may allow a local user to obtain sensitive information that they should not have access to. IBM X-Force ID: 178318. | |||||
| CVE-2019-2388 | 1 Mongodb | 1 Ops Manager | 2020-05-18 | 5.0 MEDIUM | 5.3 MEDIUM |
| In affected Ops Manager versions there is an exposed http route was that may allow attackers to view a specific access log of a publicly exposed Ops Manager instance. This issue affects: MongoDB Inc. MongoDB Ops Manager 4.0 versions 4.0.9, 4.0.10 and MongoDB Ops Manager 4.1 version 4.1.5. | |||||
| CVE-2020-13121 | 1 Rcos | 1 Submitty | 2020-05-18 | 5.8 MEDIUM | 6.1 MEDIUM |
| Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt. | |||||
| CVE-2012-0952 | 1 Nvidia | 1 Display Driver | 2020-05-18 | 4.4 MEDIUM | 5.0 MEDIUM |
| A heap buffer overflow was discovered in the device control ioctl in the Linux driver for Nvidia graphics cards, which may allow an attacker to overflow 49 bytes. This issue was fixed in version 295.53. | |||||
| CVE-2010-4684 | 1 Cisco | 1 Ios | 2020-05-18 | 7.1 HIGH | N/A |
| Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, allows remote attackers to cause a denial of service (device crash) via a TFTP copy over IPv6, aka Bug ID CSCtb28877. | |||||
| CVE-2020-12252 | 1 Gigamon | 1 Gigavue | 2020-05-18 | 6.0 MEDIUM | 6.2 MEDIUM |
| An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an arbitrary file upload for an authenticated user. If an executable file is uploaded into the www-root directory, then it could yield remote code execution via the filename parameter. | |||||
| CVE-2020-12251 | 1 Gigamon | 1 Gigavue | 2020-05-18 | 3.5 LOW | 2.2 LOW |
| An issue was discovered in Gigamon GigaVUE 5.5.01.11. The upload functionality allows an authenticated user to change the filename value (in the POST method) from the original filename to achieve directory traversal via a ../ sequence and, for example, obtain a complete directory listing of the machine. | |||||
| CVE-2020-0094 | 1 Google | 1 Android | 2020-05-18 | 4.6 MEDIUM | 7.8 HIGH |
| In setImageHeight and setImageWidth of ExifUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-148223871 | |||||
| CVE-2013-4330 | 1 Apache | 1 Camel | 2020-05-18 | 6.8 MEDIUM | N/A |
| Apache Camel before 2.9.7, 2.10.0 before 2.10.7, 2.11.0 before 2.11.2, and 2.12.0 allows remote attackers to execute arbitrary simple language expressions by including "$simple{}" in a CamelFileName message header to a (1) FILE or (2) FTP producer. | |||||
| CVE-2014-0002 | 1 Apache | 1 Camel | 2020-05-18 | 7.5 HIGH | N/A |
| The XSLT component in Apache Camel before 2.11.4 and 2.12.x before 2.12.3 allows remote attackers to read arbitrary files and possibly have other unspecified impact via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | |||||
| CVE-2014-0003 | 1 Apache | 1 Camel | 2020-05-18 | 7.5 HIGH | N/A |
| The XSLT component in Apache Camel 2.11.x before 2.11.4, 2.12.x before 2.12.3, and possibly earlier versions allows remote attackers to execute arbitrary Java methods via a crafted message. | |||||
| CVE-2020-6244 | 1 Sap | 1 Business Client | 2020-05-18 | 4.4 MEDIUM | 7.8 HIGH |
| SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to inject malicious code as a DLL file in untrusted directories that can be executed by the application, due to uncontrolled search path element. An attacker could thereby control the behavior of the application. | |||||
| CVE-2017-11285 | 1 Adobe | 1 Coldfusion | 2020-05-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| Adobe ColdFusion has a cross-site scripting (XSS) vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. | |||||
| CVE-2020-10620 | 1 Opto22 | 1 Softpac Project | 2020-05-18 | 7.5 HIGH | 9.8 CRITICAL |
| Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC communication does not include any credentials. This allows an attacker with network access to directly communicate with SoftPAC, including, for example, stopping the service remotely. | |||||
| CVE-2020-0100 | 1 Google | 1 Android | 2020-05-18 | 2.1 LOW | 5.5 MEDIUM |
| In onTransact of IHDCP.cpp, there is a possible out of bounds read due to incorrect error handling. This could lead to local information disclosure of data from a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-8.0Android ID: A-150156584 | |||||
| CVE-2020-2005 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability exists when visiting malicious websites with the Palo Alto Networks GlobalProtect Clientless VPN that can compromise the user's active session. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; All versions of PAN-OS 8.0. | |||||
| CVE-2020-1996 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-18 | 5.0 MEDIUM | 5.3 MEDIUM |
| A missing authorization vulnerability in the management server component of PAN-OS Panorama allows a remote unauthenticated user to inject messages into the management server ms.log file. This vulnerability can be leveraged to obfuscate an ongoing attack or fabricate log entries in the ms.log file This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.9. | |||||
| CVE-2020-12742 | 1 Iubenda | 1 Iubenda-cookie-law-solution | 2020-05-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| The iubenda-cookie-law-solution plugin before 2.3.5 for WordPress does not restrict URL sanitization to http protocols. | |||||
| CVE-2020-2013 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-18 | 6.8 MEDIUM | 8.8 HIGH |
| A cleartext transmission of sensitive information vulnerability in Palo Alto Networks PAN-OS Panorama that discloses an authenticated PAN-OS administrator's PAN-OS session cookie. When an administrator issues a context switch request into a managed firewall with an affected PAN-OS Panorama version, their PAN-OS session cookie is transmitted over cleartext to the firewall. An attacker with the ability to intercept this network traffic between the firewall and Panorama can access the administrator's account and further manipulate devices managed by Panorama. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; PAN-OS 9.1 versions earlier than 9.1.1; All version of PAN-OS 8.0; | |||||
| CVE-2020-11531 | 1 Zohocorp | 2 Manageengine Adaudit Plus, Manageengine Datasecurity Plus | 2020-05-18 | 6.5 MEDIUM | 8.8 HIGH |
| The DataEngine Xnode Server application in Zoho ManageEngine DataSecurity Plus prior to 6.0.1 does not validate the database schema name when handling a DR-SCHEMA-SYNC request. This allows an authenticated attacker to execute code in the context of the product by writing a JSP file to the webroot directory via directory traversal. | |||||
| CVE-2020-12102 | 1 Tiny File Manager Project | 1 Tiny File Manager | 2020-05-18 | 6.8 MEDIUM | 7.7 HIGH |
| In Tiny File Manager 2.4.1, there is a Path Traversal vulnerability in the ajax recursive directory listing functionality. This allows authenticated users to enumerate directories and files on the filesystem (outside of the application scope). | |||||
| CVE-2020-12103 | 1 Tiny File Manager Project | 1 Tiny File Manager | 2020-05-18 | 4.0 MEDIUM | 7.7 HIGH |
| In Tiny File Manager 2.4.1 there is a vulnerability in the ajax file backup copy functionality which allows authenticated users to create backup copies of files (with .bak extension) outside the scope in the same directory in which they are stored. | |||||
| CVE-2019-15878 | 1 Freebsd | 1 Freebsd | 2020-05-18 | 4.6 MEDIUM | 7.8 HIGH |
| In FreeBSD 12.1-STABLE before r352509, 11.3-STABLE before r352509, and 11.3-RELEASE before p9, an unprivileged local user can trigger a use-after-free situation due to improper checking in SCTP when an application tries to update an SCTP-AUTH shared key. | |||||
| CVE-2019-15879 | 1 Freebsd | 1 Freebsd | 2020-05-18 | 5.8 MEDIUM | 7.4 HIGH |
| In FreeBSD 12.1-STABLE before r356908, 12.1-RELEASE before p5, 11.3-STABLE before r356908, and 11.3-RELEASE before p9, a race condition in the cryptodev module permitted a data structure in the kernel to be used after it was freed, allowing an unprivileged process can overwrite arbitrary kernel memory. | |||||
| CVE-2020-10612 | 1 Opto22 | 1 Softpac Project | 2020-05-18 | 6.4 MEDIUM | 9.1 CRITICAL |
| Opto 22 SoftPAC Project Version 9.6 and prior. SoftPACAgent communicates with SoftPACMonitor over network Port 22000. However, this port is open without any restrictions. This allows an attacker with network access to control the SoftPACAgent service including updating SoftPAC firmware, starting or stopping service, or writing to certain registry values. | |||||
| CVE-2020-10616 | 1 Opto22 | 1 Softpac Project | 2020-05-18 | 6.8 MEDIUM | 8.8 HIGH |
| Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the service starts. | |||||
| CVE-2020-12046 | 1 Opto22 | 1 Softpac Project | 2020-05-18 | 3.5 LOW | 5.7 MEDIUM |
| Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC’s firmware files’ signatures are not verified upon firmware update. This allows an attacker to replace legitimate firmware files with malicious files. | |||||
| CVE-2020-12042 | 1 Opto22 | 1 Softpac Project | 2020-05-18 | 4.0 MEDIUM | 6.5 MEDIUM |
| Opto 22 SoftPAC Project Version 9.6 and prior. Paths specified within the zip files used to update the SoftPAC firmware are not sanitized. As a result, an attacker with user privileges can gain arbitrary file write access with system access. | |||||
| CVE-2020-10233 | 1 Sleuthkit | 1 The Sleuth Kit | 2020-05-17 | 6.4 MEDIUM | 9.1 CRITICAL |
| In version 4.8.0 and earlier of The Sleuth Kit (TSK), there is a heap-based buffer over-read in ntfs_dinode_lookup in fs/ntfs.c. | |||||
| CVE-2019-19034 | 1 Zohocorp | 1 Manageengine Assetexplorer | 2020-05-15 | 6.5 MEDIUM | 7.2 HIGH |
| Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager (SCCM) database username when dynamically generating a command to schedule scans for SCCM. This allows an attacker to execute arbitrary commands on the AssetExplorer Server with NT AUTHORITY/SYSTEM privileges. | |||||
| CVE-2020-8982 | 1 Citrix | 1 Sharefile Storagezones Controller | 2020-05-15 | 5.0 MEDIUM | 7.5 HIGH |
| An unauthenticated arbitrary file read issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or inside Citrix Cloud itself (both are internet facing). NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-7473 and CVE-2020-8983. | |||||
| CVE-2020-8983 | 1 Citrix | 1 Sharefile Storagezones Controller | 2020-05-15 | 5.0 MEDIUM | 7.5 HIGH |
| An arbitrary file write issue exists in all versions of Citrix ShareFile StorageZones (aka storage zones) Controller, including the most recent 5.10.x releases as of May 2020, which allows remote code execution. RCE and file access is granted to everything hosted by ShareFile, be it on-premise or inside Citrix Cloud itself (both are internet facing). NOTE: unlike most CVEs, exploitability depends on the product version that was in use when a particular setup step was performed, NOT the product version that is in use during a current assessment of a CVE consumer's product inventory. Specifically, the vulnerability can be exploited if a storage zone was created by one of these product versions: 5.9.0, 5.8.0, 5.7.0, 5.6.0, 5.5.0, or earlier. This CVE differs from CVE-2020-7473 and CVE-2020-8982. | |||||
| CVE-2020-13093 | 1 Ispyconnect | 1 Agent Dvr | 2020-05-15 | 5.0 MEDIUM | 5.3 MEDIUM |
| iSpyConnect.com Agent DVR before 2.7.1.0 allows directory traversal. | |||||
| CVE-2020-0220 | 1 Google | 1 Android | 2020-05-15 | 4.6 MEDIUM | 6.7 MEDIUM |
| In crus_afe_callback of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-139739561 | |||||
| CVE-2020-12608 | 1 Solarwinds | 1 Managed Service Provider Patch Management Engine | 2020-05-15 | 9.3 HIGH | 7.8 HIGH |
| An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config\. This can lead to code execution by changing the CacheService.xml SISServerURL parameter. | |||||
| CVE-2020-2011 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-15 | 7.8 HIGH | 7.5 HIGH |
| An improper input validation vulnerability in the configuration daemon of Palo Alto Networks PAN-OS Panorama allows for a remote unauthenticated user to send a specifically crafted registration request to the device that causes the configuration service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS Panorama services by restarting the device and putting it into maintenance mode. This issue affects: All versions of PAN-OS 7.1, PAN-OS 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7; PAN-OS 9.1 versions earlier than 9.1.0. | |||||
| CVE-2020-2015 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-15 | 9.0 HIGH | 8.8 HIGH |
| A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; PAN-OS 9.1 versions earlier than 9.1.1; All versions of PAN-OS 8.0. | |||||
| CVE-2020-0102 | 1 Google | 1 Android | 2020-05-15 | 4.6 MEDIUM | 7.8 HIGH |
| In GattServer::SendResponse of gatt_server.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143231677 | |||||
| CVE-2020-2016 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-15 | 8.5 HIGH | 7.0 HIGH |
| A race condition due to insecure creation of a file in a temporary directory vulnerability in PAN-OS allows for root privilege escalation from a limited linux user account. This allows an attacker who has escaped the restricted shell as a low privilege administrator, possibly by exploiting another vulnerability, to escalate privileges to become root user. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; All versions of PAN-OS 8.0. | |||||
| CVE-2020-10654 | 1 Pingidentity | 1 Pingid Ssh Integration | 2020-05-15 | 7.5 HIGH | 9.8 CRITICAL |
| Ping Identity PingID SSH before 4.0.14 contains a heap buffer overflow in PingID-enrolled servers. This condition can be potentially exploited into a Remote Code Execution vector on the authenticating endpoint. | |||||
| CVE-2020-2004 | 1 Paloaltonetworks | 1 Globalprotect | 2020-05-15 | 1.7 LOW | 5.5 MEDIUM |
| Under certain circumstances a user's password may be logged in cleartext in the PanGPS.log diagnostic file when logs are collected for troubleshooting on GlobalProtect app (also known as GlobalProtect Agent) for MacOS and Windows. For this issue to occur all of these conditions must be true: (1) 'Save User Credential' option should be set to 'Yes' in the GlobalProtect Portal's Agent configuration, (2) the GlobalProtect user manually selects a gateway, (3) and the logging level is set to 'Dump' while collecting troubleshooting logs. This issue does not affect GlobalProtect app on other platforms (for example iOS/Android/Linux). This issue affects GlobalProtect app 5.0 versions earlier than 5.0.9, GlobalProtect app 5.1 versions earlier than 5.1.2 on Windows or MacOS. Since becoming aware of the issue, Palo Alto Networks has safely deleted all the known GlobalProtectLogs zip files sent by customers with the credentials. We now filter and remove these credentials from all files sent to Customer Support. The GlobalProtectLogs zip files uploaded to Palo Alto Networks systems were only accessible by authorized personnel with valid Palo Alto Networks credentials. We do not have any evidence of malicious access or use of these credentials. | |||||
| CVE-2020-10876 | 2 Mica, Oklok Project | 2 Fingerprint Bluetooth Padlock Fb50, Oklok | 2020-05-15 | 5.0 MEDIUM | 7.5 HIGH |
| The OKLOK (3.1.1) mobile companion app for Fingerprint Bluetooth Padlock FB50 (2.3) does not correctly implement its timeout on the four-digit verification code that is required for resetting passwords, nor does it properly restrict excessive verification attempts. This allows an attacker to brute force the four-digit verification code in order to bypass email verification and change the password of a victim account. | |||||