Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-10588 | 1 V2rayl Project | 1 V2rayl | 2020-03-17 | 7.2 HIGH | 7.8 HIGH |
| v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh are owned by a low-privileged user but execute as root via Sudo. | |||||
| CVE-2020-10589 | 1 V2rayl Project | 1 V2rayl | 2020-03-17 | 7.2 HIGH | 7.8 HIGH |
| v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/config.json is owned by a low-privileged user but contains commands that are executed as root, after v2rayL.service is restarted via Sudo. | |||||
| CVE-2020-7253 | 1 Mcafee | 1 Agent | 2020-03-17 | 2.1 LOW | 4.4 MEDIUM |
| Improper access control vulnerability in masvc.exe in McAfee Agent (MA) prior to 5.6.4 allows local users with administrator privileges to disable self-protection via a McAfee supplied command-line utility. | |||||
| CVE-2020-7254 | 1 Mcafee | 1 Advanced Threat Defense | 2020-03-17 | 4.6 MEDIUM | 7.8 HIGH |
| Privilege Escalation vulnerability in the command line interface in McAfee Advanced Threat Defense (ATD) 4.x prior to 4.8.2 allows local users to execute arbitrary code via improper access controls on the sudo command. | |||||
| CVE-2019-9473 | 1 Google | 1 Android | 2020-03-17 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A-115363533 | |||||
| CVE-2019-9474 | 1 Google | 1 Android | 2020-03-17 | 5.0 MEDIUM | 7.5 HIGH |
| In Bluetooth, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A-79996267 | |||||
| CVE-2020-0795 | 1 Microsoft | 3 Business Productivity Servers, Sharepoint Enterprise Server, Sharepoint Foundation | 2020-03-17 | 3.5 LOW | 5.4 MEDIUM |
| This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint Reflective XSS Vulnerability'. This CVE ID is unique from CVE-2020-0891. | |||||
| CVE-2019-5158 | 1 Wago | 1 E\!cockpit | 2020-03-17 | 4.3 MEDIUM | 7.8 HIGH |
| An exploitable firmware downgrade vulnerability exists in the firmware update package functionality of the WAGO e!COCKPIT automation software v1.6.1.5. A specially crafted firmware update file can allow an attacker to install an older firmware version while the user thinks a newer firmware version is being installed. An attacker can create a custom firmware update package with invalid metadata in order to trigger this vulnerability. | |||||
| CVE-2020-0884 | 1 Microsoft | 2 Visual Studio 2017, Visual Studio 2019 | 2020-03-17 | 4.3 MEDIUM | 3.7 LOW |
| A spoofing vulnerability exists in Microsoft Visual Studio as it includes a reply URL that is not secured by SSL, aka 'Microsoft Visual Studio Spoofing Vulnerability'. | |||||
| CVE-2020-0891 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2020-03-17 | 3.5 LOW | 5.4 MEDIUM |
| This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially crafted request to an affected SharePoint server, aka 'Microsoft SharePoint Reflective XSS Vulnerability'. This CVE ID is unique from CVE-2020-0795. | |||||
| CVE-2020-0894 | 1 Microsoft | 3 Sharepoint Enterprise Server, Sharepoint Foundation, Sharepoint Server | 2020-03-17 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka 'Microsoft Office SharePoint XSS Vulnerability'. This CVE ID is unique from CVE-2020-0893. | |||||
| CVE-2020-0903 | 1 Microsoft | 1 Exchange Server | 2020-03-17 | 3.5 LOW | 5.4 MEDIUM |
| A cross-site-scripting (XSS) vulnerability exists when Microsoft Exchange Server does not properly sanitize a specially crafted web request to an affected Exchange server, aka 'Microsoft Exchange Server Spoofing Vulnerability'. | |||||
| CVE-2020-0905 | 1 Microsoft | 2 Dynamics 365 Business Central, Dynamics Nav | 2020-03-17 | 6.0 MEDIUM | 8.0 HIGH |
| An remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'. | |||||
| CVE-2019-9099 | 1 Moxa | 12 Mb3170, Mb3170 Firmware, Mb3180 and 9 more | 2020-03-17 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A Buffer overflow in the built-in web server allows remote attackers to initiate DoS, and probably to execute arbitrary code (issue 1 of 2). | |||||
| CVE-2019-14625 | 1 Intel | 2 Field Programmable Gate Array Programmable Acceleration Card N3000, Field Programmable Gate Array Programmable Acceleration Card N3000 Firmware | 2020-03-17 | 2.1 LOW | 4.4 MEDIUM |
| Improper access control in on-card storage for the Intel® FPGA Programmable Acceleration Card N3000, all versions, may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2020-6858 | 1 Hotels | 1 Styx | 2020-03-17 | 4.3 MEDIUM | 6.5 MEDIUM |
| Hotels Styx through 1.0.0.beta8 allows HTTP response splitting due to CRLF Injection. This is exploitable if untrusted user input can appear in a response header. | |||||
| CVE-2018-14502 | 1 Kibokolabs | 1 Chained Quiz | 2020-03-17 | 7.5 HIGH | 9.8 CRITICAL |
| controllers/quizzes.php in the Kiboko Chained Quiz plugin before 1.0.9 for WordPress allows remote unauthenticated users to execute arbitrary SQL commands via the 'answer' and 'answers' parameters. | |||||
| CVE-2020-10376 | 1 Technicolor | 2 Tc7337net, Tc7337net Firmware | 2020-03-17 | 5.0 MEDIUM | 9.8 CRITICAL |
| Technicolor TC7337NET 08.89.17.23.03 devices allow remote attackers to discover passwords by sniffing the network for an "Authorization: Basic" HTTP header. | |||||
| CVE-2019-9096 | 1 Moxa | 12 Mb3170, Mb3170 Firmware, Mb3180 and 9 more | 2020-03-17 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. Insufficient password requirements for the MGate web application may allow an attacker to gain access by brute-forcing account passwords. | |||||
| CVE-2019-9097 | 1 Moxa | 12 Mb3170, Mb3170 Firmware, Mb3180 and 9 more | 2020-03-17 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A high rate of transit traffic may cause a low-memory condition and a denial of service. | |||||
| CVE-2019-9098 | 1 Moxa | 12 Mb3170, Mb3170 Firmware, Mb3180 and 9 more | 2020-03-17 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. An Integer overflow in the built-in web server allows remote attackers to initiate DoS. | |||||
| CVE-2019-5178 | 1 Wago | 2 Pfc200, Pfc200 Firmware | 2020-03-17 | 4.6 MEDIUM | 7.8 HIGH |
| An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is overflowed with the call to sprintf() for any hostname values that are greater than 1024-len(‘/etc/config-tools/change_hostname hostname=‘) in length. A hostname value of length 0x3fd will cause the service to crash. | |||||
| CVE-2019-5179 | 1 Wago | 2 Pfc200, Pfc200 Firmware | 2020-03-17 | 4.6 MEDIUM | 7.8 HIGH |
| An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. | |||||
| CVE-2019-5180 | 1 Wago | 2 Pfc200, Pfc200 Firmware | 2020-03-17 | 4.6 MEDIUM | 7.8 HIGH |
| An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is overflowed with the call to sprintf() for any ip values that are greater than 1024-len(‘/etc/config-tools/config_interfaces interface=X1 state=enabled ip-address=‘) in length. A ip value of length 0x3da will cause the service to crash. | |||||
| CVE-2020-0799 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2020-03-17 | 7.2 HIGH | 7.8 HIGH |
| An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka 'Windows Kernel Elevation of Privilege Vulnerability'. | |||||
| CVE-2019-5181 | 1 Wago | 2 Pfc200, Pfc200 Firmware | 2020-03-17 | 4.6 MEDIUM | 7.8 HIGH |
| An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can cause a stack buffer overflow, resulting in code execution. An attacker can send a specially crafted packet to trigger the parsing of this cache file. The destination buffer sp+0x440 is overflowed with the call to sprintf() for any subnetmask values that are greater than 1024-len(‘/etc/config-tools/config_interfaces interface=X1 state=enabled subnet-mask=‘) in length. A subnetmask value of length 0x3d9 will cause the service to crash. | |||||
| CVE-2019-4555 | 1 Ibm | 1 Cognos Analytics | 2020-03-17 | 3.5 LOW | 5.4 MEDIUM |
| IBM Cognos Analytics 11.0 and 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 166204. | |||||
| CVE-2020-0789 | 1 Microsoft | 1 Visual Studio 2019 | 2020-03-17 | 6.6 MEDIUM | 7.1 HIGH |
| A denial of service vulnerability exists when the Visual Studio Extension Installer Service improperly handles hard links, aka 'Visual Studio Extension Installer Service Denial of Service Vulnerability'. | |||||
| CVE-2020-2099 | 1 Jenkins | 1 Jenkins | 2020-03-17 | 7.5 HIGH | 8.6 HIGH |
| Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents. | |||||
| CVE-2020-2100 | 1 Jenkins | 1 Jenkins | 2020-03-17 | 5.0 MEDIUM | 5.8 MEDIUM |
| Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848. | |||||
| CVE-2020-2101 | 1 Jenkins | 1 Jenkins | 2020-03-17 | 3.5 LOW | 5.3 MEDIUM |
| Jenkins 2.218 and earlier, LTS 2.204.1 and earlier did not use a constant-time comparison function for validating connection secrets, which could potentially allow an attacker to use a timing attack to obtain this secret. | |||||
| CVE-2020-2102 | 1 Jenkins | 1 Jenkins | 2020-03-17 | 3.5 LOW | 5.3 MEDIUM |
| Jenkins 2.218 and earlier, LTS 2.204.1 and earlier used a non-constant time comparison function when validating an HMAC. | |||||
| CVE-2020-2103 | 1 Jenkins | 1 Jenkins | 2020-03-17 | 4.0 MEDIUM | 5.4 MEDIUM |
| Jenkins 2.218 and earlier, LTS 2.204.1 and earlier exposed session identifiers on a user's detail object in the whoAmI diagnostic page. | |||||
| CVE-2020-2104 | 1 Jenkins | 1 Jenkins | 2020-03-17 | 4.0 MEDIUM | 4.3 MEDIUM |
| Jenkins 2.218 and earlier, LTS 2.204.1 and earlier allowed users with Overall/Read access to view a JVM memory usage chart. | |||||
| CVE-2020-2105 | 1 Jenkins | 1 Jenkins | 2020-03-17 | 4.3 MEDIUM | 5.4 MEDIUM |
| REST API endpoints in Jenkins 2.218 and earlier, LTS 2.204.1 and earlier were vulnerable to clickjacking attacks. | |||||
| CVE-2017-11695 | 1 Mozilla | 1 Network Security Services | 2020-03-16 | 4.6 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in the alloc_segs function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file. | |||||
| CVE-2017-11696 | 1 Mozilla | 1 Network Security Services | 2020-03-16 | 4.6 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in the __hash_open function in lib/dbm/src/hash.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file. | |||||
| CVE-2017-11697 | 1 Mozilla | 1 Network Security Services | 2020-03-16 | 4.6 MEDIUM | 7.8 HIGH |
| The __hash_open function in hash.c:229 in Mozilla Network Security Services (NSS) allows context-dependent attackers to cause a denial of service (floating point exception and crash) via a crafted cert8.db file. | |||||
| CVE-2017-11698 | 1 Mozilla | 1 Network Security Services | 2020-03-16 | 4.6 MEDIUM | 7.8 HIGH |
| Heap-based buffer overflow in the __get_page function in lib/dbm/src/h_page.c in Mozilla Network Security Services (NSS) allows context-dependent attackers to have unspecified impact using a crafted cert8.db file. | |||||
| CVE-2012-5570 | 1 Basic Webmail Project | 1 Basic Webmail | 2020-03-16 | 4.0 MEDIUM | 4.3 MEDIUM |
| The Basic webmail module 6.x-1.x before 6.x-1.2 for Drupal allows remote authenticated users with the "access basic_webmail" permission to read arbitrary users' email addresses. | |||||
| CVE-2020-10091 | 1 Gitlab | 1 Gitlab | 2020-03-16 | 4.3 MEDIUM | 6.1 MEDIUM |
| GitLab 9.3 through 12.8.1 allows XSS. A cross-site scripting vulnerability was found when viewing particular file types. | |||||
| CVE-2020-0779 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-03-16 | 2.1 LOW | 5.5 MEDIUM |
| An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0798, CVE-2020-0814, CVE-2020-0842, CVE-2020-0843. | |||||
| CVE-2017-8073 | 2 Debian, Weechat | 2 Debian Linux, Weechat | 2020-03-16 | 5.0 MEDIUM | 7.5 HIGH |
| WeeChat before 1.7.1 allows a remote crash by sending a filename via DCC to the IRC plugin. This occurs in the irc_ctcp_dcc_filename_without_quotes function during quote removal, with a buffer overflow. | |||||
| CVE-2020-9464 | 1 Beckhoff | 2 Bk9000, Bk9000 Firmware | 2020-03-16 | 7.8 HIGH | 7.5 HIGH |
| A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP Bus Coupler BK9000. After an attack has occurred, the device's functionality can be restored by rebooting. | |||||
| CVE-2020-10387 | 1 Chadhaajay | 1 Phpkb | 2020-03-16 | 4.0 MEDIUM | 4.9 MEDIUM |
| Path Traversal in admin/download.php in Chadha PHPKB Standard Multi-Language 9 allows remote attackers to download files from the server using a dot-dot-slash sequence (../) via the GET parameter file. | |||||
| CVE-2020-0700 | 1 Microsoft | 2 Azure Devops Server, Team Foundation Server | 2020-03-16 | 3.5 LOW | 5.4 MEDIUM |
| A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'. | |||||
| CVE-2019-10807 | 1 Blamer Project | 1 Blamer | 2020-03-16 | 7.5 HIGH | 9.8 CRITICAL |
| Blamer versions prior to 1.0.1 allows execution of arbitrary commands. It is possible to inject arbitrary commands as part of the arguments provided to blamer. | |||||
| CVE-2020-9436 | 1 Phoenixcontact | 12 Tc Cloud Client 1002-4g, Tc Cloud Client 1002-4g Firmware, Tc Cloud Client 1002-txtx and 9 more | 2020-03-16 | 9.0 HIGH | 8.8 HIGH |
| PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17, and TC CLOUD CLIENT 1002-TXTX through 1.03.17 devices allow authenticated users to inject system commands through a modified POST request to a specific URL. | |||||
| CVE-2020-9435 | 1 Phoenixcontact | 12 Tc Cloud Client 1002-4g, Tc Cloud Client 1002-4g Firmware, Tc Cloud Client 1002-txtx and 9 more | 2020-03-16 | 5.0 MEDIUM | 7.5 HIGH |
| PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17, and TC CLOUD CLIENT 1002-TXTX through 1.03.17 devices contain a hardcoded certificate (and key) that is used by default for web-based services on the device. Impersonation, man-in-the-middle, or passive decryption attacks are possible if the generic certificate is not replaced by a device-specific certificate during installation. | |||||
| CVE-2020-10255 | 3 Micron, Samsung, Skhynix | 6 Ddr4 Sdram, Lpddr4, Ddr4 and 3 more | 2020-03-16 | 9.3 HIGH | 9.0 CRITICAL |
| Modern DRAM chips (DDR4 and LPDDR4 after 2015) are affected by a vulnerability in deployment of internal mitigations against RowHammer attacks known as Target Row Refresh (TRR), aka the TRRespass issue. To exploit this vulnerability, the attacker needs to create certain access patterns to trigger bit flips on affected memory modules, aka a Many-sided RowHammer attack. This means that, even when chips advertised as RowHammer-free are used, attackers may still be able to conduct privilege-escalation attacks against the kernel, conduct privilege-escalation attacks against the Sudo binary, and achieve cross-tenant virtual-machine access by corrupting RSA keys. The issue affects chips produced by SK Hynix, Micron, and Samsung. NOTE: tracking DRAM supply-chain issues is not straightforward because a single product model from a single vendor may use DRAM chips from different manufacturers. | |||||