Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-2014 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-14 | 9.0 HIGH | 8.8 HIGH |
| An OS Command Injection vulnerability in PAN-OS management server allows authenticated users to inject and execute arbitrary shell commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7. | |||||
| CVE-2020-2010 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-14 | 9.0 HIGH | 7.2 HIGH |
| An OS command injection vulnerability in PAN-OS management interface allows an authenticated administrator to execute arbitrary OS commands with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14; PAN-OS 9.0 versions earlier than 9.0.7. | |||||
| CVE-2020-2008 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-14 | 9.0 HIGH | 7.2 HIGH |
| An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14. | |||||
| CVE-2020-2006 | 1 Paloaltonetworks | 1 Pan-os | 2020-05-14 | 9.0 HIGH | 8.8 HIGH |
| A stack-based buffer overflow vulnerability in the management server component of PAN-OS that allows an authenticated user to potentially execute arbitrary code with root privileges. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14. | |||||
| CVE-2020-6241 | 1 Sap | 1 Adaptive Server Enterprise | 2020-05-14 | 6.5 MEDIUM | 8.8 HIGH |
| SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted database queries to elevate privileges of users in the system, leading to SQL Injection. | |||||
| CVE-2020-12790 | 1 Nystudio107 | 1 Seomatic | 2020-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| In the SEOmatic plugin before 3.2.49 for Craft CMS, helpers/DynamicMeta.php does not properly sanitize the URL. This leads to Server-Side Template Injection and credentials disclosure via a crafted Twig template after a semicolon. | |||||
| CVE-2017-11284 | 1 Adobe | 1 Coldfusion | 2020-05-14 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. | |||||
| CVE-2019-5500 | 1 Netapp | 14 Aff A200, Aff A200 Firmware, Aff A220 and 11 more | 2020-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| Certain versions of the NetApp Service Processor and Baseboard Management Controller firmware allow a remote unauthenticated attacker to cause a Denial of Service (DoS). | |||||
| CVE-2017-11286 | 1 Adobe | 1 Coldfusion | 2020-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe ColdFusion has an XML external entity (XXE) injection vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. | |||||
| CVE-2017-11283 | 1 Adobe | 1 Coldfusion | 2020-05-14 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe ColdFusion has an Untrusted Data Deserialization vulnerability. This affects Update 4 and earlier versions for ColdFusion 2016, and Update 12 and earlier versions for ColdFusion 11. | |||||
| CVE-2020-12439 | 1 Grin | 1 Grin | 2020-05-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| Grin before 3.1.0 allows attackers to adversely affect availability of data on a Mimblewimble blockchain. | |||||
| CVE-2016-4159 | 1 Adobe | 1 Coldfusion | 2020-05-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 10 before Update 20, 11 before Update 9, and 2016 before Update 2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2016-1115 | 1 Adobe | 1 Coldfusion | 2020-05-14 | 4.3 MEDIUM | 5.9 MEDIUM |
| Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 mishandles wildcards in name fields of X.509 certificates, which might allow man-in-the-middle attackers to spoof servers via a crafted certificate. | |||||
| CVE-2016-1114 | 1 Adobe | 1 Coldfusion | 2020-05-14 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe ColdFusion 10 before Update 19, 11 before Update 8, and 2016 before Update 1 allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections library. | |||||
| CVE-2020-5837 | 1 Symantec | 1 Endpoint Protection | 2020-05-14 | 4.6 MEDIUM | 7.8 HIGH |
| Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log files that are replaced by symbolic links, which can lead to a potential elevation of privilege. | |||||
| CVE-2020-5835 | 1 Symantec | 1 Endpoint Protection Manager | 2020-05-14 | 4.4 MEDIUM | 7.0 HIGH |
| Symantec Endpoint Protection Manager, prior to 14.3, has a race condition in client remote deployment which may result in an elevation of privilege on the remote machine. | |||||
| CVE-2020-6245 | 1 Sap | 1 Businessobjects Business Intelligence Platform | 2020-05-14 | 4.6 MEDIUM | 6.7 MEDIUM |
| SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker with access to local instance, to inject file or code that can be executed by the application due to Improper Control of Resource Identifiers. | |||||
| CVE-2020-5834 | 1 Symantec | 1 Endpoint Protection Manager | 2020-05-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to a directory traversal attack that could allow a remote actor to determine the size of files in the directory. | |||||
| CVE-2020-12697 | 1 Dkd | 1 Direct Mail | 2020-05-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| The direct_mail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries. | |||||
| CVE-2020-12699 | 1 Dkd | 1 Direct Mail | 2020-05-14 | 5.8 MEDIUM | 6.1 MEDIUM |
| The direct_mail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl. | |||||
| CVE-2020-11541 | 1 Techsmith | 1 Snagit | 2020-05-14 | 2.1 LOW | 5.5 MEDIUM |
| In TechSmith SnagIt 11.2.1 through 20.0.3, an XML External Entity (XXE) injection issue exists that would allow a local attacker to exfiltrate data under the local Administrator account. | |||||
| CVE-2020-5896 | 1 F5 | 2 Big-ip Access Policy Manager, Big-ip Access Policy Manager Client | 2020-05-14 | 4.6 MEDIUM | 7.8 HIGH |
| On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Service's temporary folder has weak file and folder permissions. | |||||
| CVE-2020-1718 | 1 Redhat | 3 Jboss Fuse, Keycloak, Openshift Application Runtimes | 2020-05-14 | 6.5 MEDIUM | 8.8 HIGH |
| A flaw was found in the reset credential flow in all Keycloak versions before 8.0.0. This flaw allows an attacker to gain unauthorized access to the application. | |||||
| CVE-2020-5248 | 1 Glpi-project | 1 Glpi | 2020-05-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| GLPI before before version 9.4.6 has a vulnerability involving a default encryption key. GLPIKEY is public and is used on every instance. This means anyone can decrypt sensitive data stored using this key. It is possible to change the key before installing GLPI. But on existing instances, data must be reencrypted with the new key. Problem is we can not know which columns or rows in the database are using that; espcially from plugins. Changing the key without updating data would lend in bad password sent from glpi; but storing them again from the UI will work. | |||||
| CVE-2020-5897 | 1 F5 | 2 Big-ip Access Policy Manager, Big-ip Access Policy Manager Client | 2020-05-14 | 6.8 MEDIUM | 8.8 HIGH |
| In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability in the BIG-IP Edge Client Windows ActiveX component. | |||||
| CVE-2020-5898 | 1 F5 | 2 Big-ip Access Policy Manager, Big-ip Access Policy Manager Client | 2020-05-14 | 4.9 MEDIUM | 5.5 MEDIUM |
| In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer received from the userland. A local user on the Windows client system can send crafted DeviceIoControl requests to \\.\urvpndrv device causing the Windows kernel to crash. | |||||
| CVE-2020-7647 | 1 Jooby | 1 Jooby | 2020-05-14 | 5.0 MEDIUM | 5.3 MEDIUM |
| All versions before 1.6.7 and all versions after 2.0.0 inclusive and before 2.8.2 of io.jooby:jooby and org.jooby:jooby are vulnerable to Directory Traversal via two separate vectors. | |||||
| CVE-2019-19162 | 2 Microsoft, Tobesoft | 2 Windows, Xplatform | 2020-05-14 | 6.8 MEDIUM | 7.8 HIGH |
| A use-after-free vulnerability in the TOBESOFT XPLATFORM versions 9.1 to 9.2.2 may lead to code execution on a system running it. | |||||
| CVE-2020-5833 | 1 Symantec | 1 Endpoint Protection Manager | 2020-05-14 | 2.1 LOW | 3.3 LOW |
| Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to an out of bounds vulnerability, which is a type of issue that results in an existing application reading memory outside of the bounds of the memory that had been allocated to the program. | |||||
| CVE-2020-9840 | 1 Apple | 1 Nioextras | 2020-05-14 | 5.0 MEDIUM | 7.5 HIGH |
| In SwiftNIO Extras before 1.4.1, a logic issue was addressed with improved restrictions. | |||||
| CVE-2020-12719 | 1 Wso2 | 7 Api Manager, Api Manager Analytics, Api Microgateway and 4 more | 2020-05-14 | 6.5 MEDIUM | 7.2 HIGH |
| XXE during an EventPublisher update can occur in Management Console in WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integrator 6.4.0 and earlier, IS as Key Manager 5.9.0 and earlier, Identity Server 5.9.0 and earlier, and Identity Server Analytics 5.6.0 and earlier. | |||||
| CVE-2020-12718 | 1 Php-fusion | 1 Php-fusion | 2020-05-14 | 3.5 LOW | 5.4 MEDIUM |
| In administration/comments.php in PHP-Fusion 9.03.50, an authenticated attacker can take advantage of a stored XSS vulnerability in the Preview Comment feature. The protection mechanism can be bypassed by using HTML event handlers such as ontoggle. | |||||
| CVE-2020-10916 | 1 Tp-link | 2 Tl-wa855re, Tl-wa855re Firmware | 2020-05-14 | 5.2 MEDIUM | 8.0 HIGH |
| This vulnerability allows network-adjacent attackers to escalate privileges on affected installations of TP-Link TL-WA855RE Firmware Ver: 855rev4-up-ver1-0-1-P1[20191213-rel60361] Wi-Fi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the first-time setup process. The issue results from the lack of proper validation on first-time setup requests. An attacker can leverage this vulnerability to reset the password for the Admin account and execute code in the context of the device. Was ZDI-CAN-10003. | |||||
| CVE-2016-3712 | 6 Canonical, Citrix, Debian and 3 more | 11 Ubuntu Linux, Xenserver, Debian Linux and 8 more | 2020-05-14 | 2.1 LOW | 5.5 MEDIUM |
| Integer overflow in the VGA module in QEMU allows local guest OS users to cause a denial of service (out-of-bounds read and QEMU process crash) by editing VGA registers in VBE mode. | |||||
| CVE-2016-4439 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2020-05-14 | 4.6 MEDIUM | 6.7 MEDIUM |
| The esp_reg_write function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check command buffer length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) or potentially execute arbitrary code on the QEMU host via unspecified vectors. | |||||
| CVE-2016-4441 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2020-05-14 | 2.1 LOW | 6.0 MEDIUM |
| The get_cmd function in hw/scsi/esp.c in the 53C9X Fast SCSI Controller (FSC) support in QEMU does not properly check DMA length, which allows local guest OS administrators to cause a denial of service (out-of-bounds write and QEMU process crash) via unspecified vectors, involving an SCSI command. | |||||
| CVE-2020-10706 | 1 Redhat | 1 Openshift Container Platform | 2020-05-14 | 4.6 MEDIUM | 6.6 MEDIUM |
| A flaw was found in OpenShift Container Platform where OAuth tokens are not encrypted when the encryption of data at rest is enabled. This flaw allows an attacker with access to a backup to obtain OAuth tokens and then use them to log into the cluster as any user who logged into the cluster via the WebUI or via the command line in the last 24 hours. Once the backup is older than 24 hours the OAuth tokens are no longer valid. | |||||
| CVE-2018-16867 | 3 Canonical, Fedoraproject, Qemu | 3 Ubuntu Linux, Fedora, Qemu | 2020-05-14 | 4.4 MEDIUM | 7.8 HIGH |
| A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, this allows to read/write arbitrary files which may lead do DoS scenario OR possibly lead to code execution on the host. | |||||
| CVE-2016-1000007 | 1 Redhat | 1 Pagure | 2020-05-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| Pagure 2.2.1 XSS in raw file endpoint | |||||
| CVE-2018-16847 | 2 Canonical, Qemu | 2 Ubuntu Linux, Qemu | 2020-05-14 | 4.6 MEDIUM | 7.8 HIGH |
| An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process. | |||||
| CVE-2020-9474 | 1 Siedle | 2 Sg 150-0, Sg 150-0 Firmware | 2020-05-14 | 9.0 HIGH | 8.8 HIGH |
| The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows remote code execution via the backup functionality in the web frontend. By using an exploit chain, an attacker with access to the network can get root access on the gateway. | |||||
| CVE-2020-8473 | 1 Abb | 1 800xa Base System | 2020-05-14 | 6.8 MEDIUM | 7.8 HIGH |
| Insufficient folder permissions used by system functions in ABB System 800xA Base (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications. | |||||
| CVE-2019-19927 | 2 Linux, Opensuse | 2 Linux Kernel, Leap | 2020-05-14 | 3.6 LOW | 6.0 MEDIUM |
| In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on kernel.ubuntu.com), mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read access in ttm_put_pages in drivers/gpu/drm/ttm/ttm_page_alloc.c. This is related to the vmwgfx or ttm module. | |||||
| CVE-2020-8472 | 1 Abb | 5 Ac800m, Base Software, Control Builder M and 2 more | 2020-05-14 | 6.8 MEDIUM | 7.8 HIGH |
| Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploited the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications. | |||||
| CVE-2018-7550 | 4 Canonical, Debian, Qemu and 1 more | 9 Ubuntu Linux, Debian Linux, Qemu and 6 more | 2020-05-14 | 4.6 MEDIUM | 8.8 HIGH |
| The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access. | |||||
| CVE-2020-9473 | 1 Siedle | 2 Sg 150-0, Sg 150-0 Firmware | 2020-05-14 | 8.5 HIGH | 6.6 MEDIUM |
| The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 has a passwordless ftp ssh user. By using an exploit chain, an attacker with access to the network can get root access on the gateway. | |||||
| CVE-2018-5683 | 4 Canonical, Debian, Qemu and 1 more | 9 Ubuntu Linux, Debian Linux, Qemu and 6 more | 2020-05-14 | 2.1 LOW | 6.0 MEDIUM |
| The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation. | |||||
| CVE-2020-11062 | 1 Glpi-project | 1 Glpi | 2020-05-14 | 3.5 LOW | 5.4 MEDIUM |
| In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version 9.4.6. | |||||
| CVE-2016-4454 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2020-05-14 | 3.6 LOW | 6.0 MEDIUM |
| The vmsvga_fifo_read_raw function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to obtain sensitive host memory information or cause a denial of service (QEMU process crash) by changing FIFO registers and issuing a VGA command, which triggers an out-of-bounds read. | |||||
| CVE-2016-4453 | 3 Canonical, Debian, Qemu | 3 Ubuntu Linux, Debian Linux, Qemu | 2020-05-14 | 4.9 MEDIUM | 4.4 MEDIUM |
| The vmsvga_fifo_run function in hw/display/vmware_vga.c in QEMU allows local guest OS administrators to cause a denial of service (infinite loop and QEMU process crash) via a VGA command. | |||||