Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-18281 | 2 Debian, Qt | 2 Debian Linux, Qtbase | 2020-02-18 | 4.3 MEDIUM | 4.3 MEDIUM |
| An out-of-bounds memory access in the generateDirectionalRuns() function in qtextengine.cpp in Qt qtbase 5.11.x and 5.12.x before 5.12.5 allows attackers to cause a denial of service by crashing an application via a text file containing many directional characters. | |||||
| CVE-2013-2637 | 2 Opensuse, Otrs | 3 Opensuse, Faq, Otrs Itsm | 2020-02-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| A Cross-Site Scripting (XSS) Vulnerability exists in OTRS ITSM prior to 3.2.4, 3.1.8, and 3.0.7 and FAQ prior to 2.1.4 and 2.0.8 via changes, workorder items, and FAQ articles, which could let a remote malicious user execute arbitrary code. | |||||
| CVE-2020-1975 | 1 Paloaltonetworks | 1 Pan-os | 2020-02-18 | 6.5 MEDIUM | 8.8 HIGH |
| Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This issue affects PAN-OS 8.1 versions earlier than PAN-OS 8.1.12 and PAN-OS 9.0 versions earlier than PAN-OS 9.0.6. This issue does not affect PAN-OS 7.1, PAN-OS 8.0, or PAN-OS 9.1 or later versions. | |||||
| CVE-2020-8953 | 1 Openvpn | 1 Openvpn Access Server | 2020-02-18 | 7.5 HIGH | 9.8 CRITICAL |
| OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication). | |||||
| CVE-2019-14652 | 1 Amazon | 1 Aws Javascript S3 Explorer | 2020-02-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| explorer.js in Amazon AWS JavaScript S3 Explorer (aka aws-js-s3-explorer) v2 alpha before 2019-08-02 allows XSS in certain circumstances. | |||||
| CVE-2019-2200 | 1 Google | 1 Android | 2020-02-18 | 6.9 MEDIUM | 7.3 HIGH |
| In updatePermissions of PermissionManagerService.java, it may be possible for a malicious app to obtain a custom permission from another app due to a permission bypass. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-67319274 | |||||
| CVE-2020-8614 | 1 Askey | 2 Ap4000w, Ap4000w Firmware | 2020-02-18 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Askey AP4000W TDC_V1.01.003 devices. An attacker can perform Remote Code Execution (RCE) by sending a specially crafted network packer to the bd_svr service listening on TCP port 54188. | |||||
| CVE-2011-3336 | 4 Apple, Freebsd, Openbsd and 1 more | 4 Mac Os X, Freebsd, Openbsd and 1 more | 2020-02-18 | 7.8 HIGH | 7.5 HIGH |
| regcomp in the BSD implementation of libc is vulnerable to denial of service due to stack exhaustion. | |||||
| CVE-2016-3113 | 1 Redhat | 1 Ovirt-engine | 2020-02-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in ovirt-engine allows remote attackers to inject arbitrary web script or HTML. | |||||
| CVE-2010-1450 | 1 Python | 1 Python | 2020-02-18 | 7.5 HIGH | N/A |
| Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attackers to have an unspecified impact via an image file containing crafted data that triggers improper processing within the (1) longimagedata or (2) expandrow function. | |||||
| CVE-2010-1449 | 1 Python | 1 Python | 2020-02-18 | 7.5 HIGH | N/A |
| Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to have an unspecified impact via a large image that triggers a buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-3143.12. | |||||
| CVE-2020-5239 | 1 Mailu | 1 Mailu | 2020-02-18 | 6.5 MEDIUM | 8.8 HIGH |
| In Mailu before version 1.7, an authenticated user can exploit a vulnerability in Mailu fetchmail script and gain full access to a Mailu instance. Mailu servers that have open registration or untrusted users are most impacted. The master and 1.7 branches are patched on our git repository. All Docker images published on docker.io/mailu for tags 1.5, 1.6, 1.7 and master are patched. For detailed instructions about patching and securing the server afterwards, see https://github.com/Mailu/Mailu/issues/1354 | |||||
| CVE-2009-4134 | 1 Python | 1 Python | 2020-02-18 | 5.0 MEDIUM | N/A |
| Buffer underflow in the rgbimg module in Python 2.5 allows remote attackers to cause a denial of service (application crash) via a large ZSIZE value in a black-and-white (aka B/W) RGB image that triggers an invalid pointer dereference. | |||||
| CVE-2008-4097 | 1 Oracle | 1 Mysql | 2020-02-18 | 4.6 MEDIUM | N/A |
| MySQL 5.0.51a allows local users to bypass certain privilege checks by calling CREATE TABLE on a MyISAM table with modified (1) DATA DIRECTORY or (2) INDEX DIRECTORY arguments that are associated with symlinks within pathnames for subdirectories of the MySQL home data directory, which are followed when tables are created in the future. NOTE: this vulnerability exists because of an incomplete fix for CVE-2008-2079. | |||||
| CVE-2013-5582 | 1 Ammyy | 1 Ammyy Admin | 2020-02-18 | 6.8 MEDIUM | 7.8 HIGH |
| Ammyy Admin 3.2 and earlier stores the client ID at a fixed memory location, which might make it easier for user-assisted remote attackers to bypass authentication by running a local program that extracts a field from the AA_v3.2.exe file. | |||||
| CVE-2013-4602 | 1 Avira | 10 Antivir Mailgate, Antivir Mailgate Suite, Antivir Personal and 7 more | 2020-02-18 | 7.1 HIGH | 5.5 MEDIUM |
| A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine. | |||||
| CVE-2018-1062 | 1 Redhat | 1 Ovirt-engine | 2020-02-18 | 3.5 LOW | 5.3 MEDIUM |
| A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable Discard and Wipe After Delete flags for VM disks managed by oVirt, could cause a disk to be incompletely zeroed when removed from a VM. If the same storage blocks happen to be later allocated to a new disk attached to another VM, potentially sensitive data could be revealed to privileged users of that VM. | |||||
| CVE-2018-10920 | 1 Nic | 1 Knot Resolver | 2020-02-18 | 4.3 MEDIUM | 6.8 MEDIUM |
| Improper input validation bug in DNS resolver component of Knot Resolver before 2.4.1 allows remote attacker to poison cache. | |||||
| CVE-2020-1976 | 1 Paloaltonetworks | 1 Globalprotect | 2020-02-18 | 4.9 MEDIUM | 5.5 MEDIUM |
| A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash. This issue affects GlobalProtect 5.0.5 and earlier versions of GlobalProtect 5.0 on Mac OS. | |||||
| CVE-2020-5241 | 1 Matestack | 1 Ui-core | 2020-02-18 | 3.5 LOW | 5.4 MEDIUM |
| matestack-ui-core (RubyGem) before 0.7.4 is vulnerable to XSS/Script injection. This vulnerability is patched in version 0.7.4. | |||||
| CVE-2020-7051 | 1 Codologic | 1 Codoforum | 2020-02-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| Codologic Codoforum through 4.8.4 allows stored XSS in the login area. This is relevant in conjunction with CVE-2020-5842 because session cookies lack the HttpOnly flag. The impact is account takeover. | |||||
| CVE-2020-7208 | 1 Hp | 1 Linuxki | 2020-02-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| LinuxKI v6.0-1 and earlier is vulnerable to an XSS which is resolved in release 6.0-2. | |||||
| CVE-2014-9261 | 1 Codologic | 1 Codoforum | 2020-02-18 | 5.0 MEDIUM | N/A |
| The sanitize function in Codoforum 2.5.1 does not properly implement filtering for directory traversal sequences, which allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter to index.php. | |||||
| CVE-2020-6066 | 1 Accusoft | 1 Imagegear | 2020-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG SOFx parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||
| CVE-2010-4897 | 1 Bluecms Project | 1 Bluecms | 2020-02-18 | 7.5 HIGH | N/A |
| SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitrary SQL commands via the X-Forwarded-For HTTP header in a send action. | |||||
| CVE-2018-14500 | 1 Joyplus-cms Project | 1 Joyplus-cms | 2020-02-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| joyplus-cms 1.6.0 has XSS via the manager/collect/collect_vod_zhuiju.php keyword parameter. | |||||
| CVE-2009-5146 | 2020-02-18 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2017-5689 | 1 Intel | 1 Active Management Technology Firmware | 2020-02-18 | 10.0 HIGH | 9.8 CRITICAL |
| An unprivileged network attacker could gain system privileges to provisioned Intel manageability SKUs: Intel Active Management Technology (AMT) and Intel Standard Manageability (ISM). An unprivileged local attacker could provision manageability features gaining unprivileged network or local system privileges on Intel manageability SKUs: Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology (SBT). | |||||
| CVE-2020-6067 | 1 Accusoft | 1 Imagegear | 2020-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll TIFF tifread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted TIFF file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||
| CVE-2020-6069 | 1 Accusoft | 1 Imagegear | 2020-02-18 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG jpegread precision parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||
| CVE-2010-5332 | 1 Linux | 1 Linux Kernel | 2020-02-18 | 4.6 MEDIUM | 5.6 MEDIUM |
| In the Linux kernel before 2.6.37, an out of bounds array access happened in drivers/net/mlx4/port.c. When searching for a free entry in either mlx4_register_vlan() or mlx4_register_mac(), and there is no free entry, the loop terminates without updating the local variable free thus causing out of array bounds access. | |||||
| CVE-2019-19203 | 2 Fedoraproject, Oniguruma Project | 2 Fedora, Oniguruma | 2020-02-18 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Oniguruma 6.x before 6.9.4_rc2. In the function gb18030_mbc_enc_len in file gb18030.c, a UChar pointer is dereferenced without checking if it passed the end of the matched string. This leads to a heap-based buffer over-read. | |||||
| CVE-2019-16865 | 2 Fedoraproject, Python | 2 Fedora, Pillow | 2020-02-18 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Pillow before 6.2.0. When reading specially crafted invalid image files, the library can either allocate very large amounts of memory or take an extremely long period of time to process the image. | |||||
| CVE-2020-5313 | 2 Fedoraproject, Python | 2 Fedora, Pillow | 2020-02-18 | 5.8 MEDIUM | 7.1 HIGH |
| libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. | |||||
| CVE-2020-0027 | 1 Google | 1 Android | 2020-02-18 | 7.2 HIGH | 7.8 HIGH |
| In HidRawSensor::batch of HidRawSensor.cpp, there is a possible out of bounds write due to an unexpected switch fallthrough. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-144040966 | |||||
| CVE-2020-8124 | 1 Url-parse Project | 1 Url-parse | 2020-02-18 | 5.0 MEDIUM | 5.3 MEDIUM |
| Insufficient validation and sanitization of user input exists in url-parse npm package version 1.4.4 and earlier may allow attacker to bypass security checks. | |||||
| CVE-2020-0020 | 1 Google | 1 Android | 2020-02-18 | 4.9 MEDIUM | 5.5 MEDIUM |
| In getAttributeRange of ExifInterface.java, there is a possible failure to redact location information from media files due to an incorrect bounds check. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-143118731 | |||||
| CVE-2020-8594 | 1 Ninjaforms | 1 Ninja Forms | 2020-02-18 | 3.5 LOW | 5.4 MEDIUM |
| The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninja_forms[recaptcha_site_key], ninja_forms[recaptcha_secret_key], ninja_forms[recaptcha_lang], or ninja_forms[date_format]. | |||||
| CVE-2018-14086 | 1 Mytoken Project | 1 Mytoken | 2020-02-18 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in a smart contract implementation for SingaporeCoinOrigin (SCO), an Ethereum token. The contract has an integer overflow. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell(). | |||||
| CVE-2018-14084 | 1 Myadvancedtoken Project | 1 Myadvancedtoken | 2020-02-18 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in a smart contract implementation for MKCB, an Ethereum token. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell(). | |||||
| CVE-2013-4792 | 1 Prestashop | 1 Prestashop | 2020-02-18 | 3.5 LOW | 5.5 MEDIUM |
| PrestaShop before 1.4.11 allows logout CSRF. | |||||
| CVE-2013-2108 | 1 Undolog | 1 Cleanfix | 2020-02-18 | 4.3 MEDIUM | 5.4 MEDIUM |
| WordPress WP Cleanfix Plugin 2.4.4 has CSRF | |||||
| CVE-2020-8998 | 2020-02-18 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2020-8847 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2020-02-18 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPEG2000 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9414. | |||||
| CVE-2020-8846 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2020-02-18 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of text field objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9400. | |||||
| CVE-2020-5216 | 1 Twitter | 1 Secure Headers | 2020-02-18 | 5.0 MEDIUM | 5.8 MEDIUM |
| In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.9.0, 5.2.0, and 6.3.0. If user-supplied input was passed into append/override_content_security_policy_directives, a newline could be injected leading to limited header injection. Upon seeing a newline in the header, rails will silently create a new Content-Security-Policy header with the remaining value of the original string. It will continue to create new headers for each newline. This has been fixed in 6.3.0, 5.2.0, and 3.9.0. | |||||
| CVE-2013-4791 | 1 Prestashop | 1 Prestashop | 2020-02-18 | 3.5 LOW | 5.4 MEDIUM |
| PrestaShop before 1.4.11 allows Logistician, translators and other low level profiles/accounts to inject a persistent XSS vector on TinyMCE. | |||||
| CVE-2020-8845 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2020-02-18 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of watermarks in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9358. | |||||
| CVE-2020-8856 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2020-02-18 | 6.8 MEDIUM | 7.8 HIGH |
| This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25608. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of watermarks. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9640. | |||||
| CVE-2018-14087 | 1 Encryptedtoken Project | 1 Encryptedtoken | 2020-02-18 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in a smart contract implementation for EUC (EUC), an Ethereum token. The contract has an integer overflow. If the owner sets the value of buyPrice to a large number in setPrices() then the "msg.value * buyPrice" will cause an integer overflow in the fallback function. | |||||