Vulnerabilities (CVE)

CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2011-4117 1 Cpan 1 Batch\ 2020-02-05 5.0 MEDIUM 7.5 HIGH
The Batch::BatchRun module 1.03 for Perl does not properly handle temporary files.
CVE-2014-8328 1 Dynamic Content Elements Project 1 Dynamic Content Elements 2020-02-05 5.0 MEDIUM 5.3 MEDIUM
The default configuration in the Dynamic Content Elements (dce) extension before 0.11.5 for TYPO3 allows remote attackers to obtain sensitive installation environment information by reading the update check request.
CVE-2013-2631 1 Tinywebgallery 1 Tinywebgallery 2020-02-05 5.0 MEDIUM 5.3 MEDIUM
TinyWebGallery (TWG) 1.8.9 and earlier contains a full path disclosure vulnerability which allows remote attackers to obtain sensitive information through the parameters "twg_browserx" and "twg_browsery" in the page image.php.
CVE-2020-6959 1 Honeywell 12 Hnmswvms, Hnmswvms Firmware, Hnmswvmslt and 9 more 2020-02-05 7.5 HIGH 9.8 CRITICAL
The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR PE prior to Version NVR 5.6 Build 595 T2-Patch, and MPNVRSWXX prior to Version NVR 5.6 Build 595 T2-Patch are vulnerable to an unsafe deserialization of untrusted data. An attacker may be able to remotely modify deserialized data without authentication using a specially crafted web request, resulting in remote code execution.
CVE-2015-3611 1 Fortinet 1 Fortimanager 2020-02-05 9.0 HIGH 8.8 HIGH
A Command Injection vulnerability exists in FortiManager 5.2.1 and earlier and FortiManager 5.0.10 and earlier via unspecified vectors, which could let a malicious user run systems commands when executing a report.
CVE-2015-3612 1 Fortinet 1 Fortimanager 2020-02-05 3.5 LOW 5.4 MEDIUM
A Cross-site Scripting (XSS) vulnerability exists in FortiManager 5.2.1 and earlier and 5.0.10 and earlier via an unspecified parameter in the FortiWeb auto update service page.
CVE-2020-8496 1 Kronos 1 Web Time And Attendance 2020-02-05 3.5 LOW 4.8 MEDIUM
In Kronos Web Time and Attendance (webTA) 4.1.x and later 4.x versions before 5.0, there is a Stored XSS vulnerability by setting the Application Banner input field of the /ApplicationBanner page as an authenticated administrator.
CVE-2014-8141 2 Redhat, Unzip Project 6 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Eus and 3 more 2020-02-05 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in the getZip64Data function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
CVE-2020-8493 1 Kronos 1 Web Time And Attendance 2020-02-05 3.5 LOW 4.8 MEDIUM
A stored XSS vulnerability in Kronos Web Time and Attendance (webTA) affects 3.8.x and later 3.x versions before 4.0 via multiple input fields (Login Message, Banner Message, and Password Instructions) of the com.threeis.webta.H261configMenu servlet via an authenticated administrator.
CVE-2015-3613 1 Fortinet 1 Fortimanager 2020-02-05 7.5 HIGH 9.8 CRITICAL
A vulnerability exists in in FortiManager 5.2.1 and earlier and 5.0.10 and earlier in the WebUI FTP backup page
CVE-2018-11479 1 Windscribe 1 Windscribe 2020-02-05 7.2 HIGH 7.8 HIGH
The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \\.\pipe\WindscribeService named pipe endpoint that allows the Windscribe VPN process to connect and execute an OpenVPN process or other processes (like taskkill, etc.). There is no validation of the program name before constructing the lpCommandLine argument for a CreateProcess call. An attacker can run any malicious process with SYSTEM privileges through this named pipe.
CVE-2013-2673 1 Brother 2 Mfc-9970cdw, Mfc-9970cdw Firmware 2020-02-05 4.6 MEDIUM 6.8 MEDIUM
Brother MFC-9970CDW 1.10 firmware L devices contain a security bypass vulnerability which allows physically proximate attackers to gain unauthorized access.
CVE-2014-9211 1 Clickdesk 1 Clickdesk 2020-02-05 4.3 MEDIUM 6.1 MEDIUM
ClickDesk version 4.3 and below has persistent cross site scripting
CVE-2020-5215 1 Google 1 Tensorflow 2020-02-05 4.3 MEDIUM 7.5 HIGH
In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the graph mode. This issue can lead to denial of service in inference/training where a malicious attacker can send a data point which contains a string instead of a tf.float16 value. Similar effects can be obtained by manipulating saved models and checkpoints whereby replacing a scalar tf.float16 value with a scalar string will trigger this issue due to automatic conversions. This can be easily reproduced by tf.constant("hello", tf.float16), if eager execution is enabled. This issue is patched in TensorFlow 1.15.1 and 2.0.1 with this vulnerability patched. TensorFlow 2.1.0 was released after we fixed the issue, thus it is not affected. Users are encouraged to switch to TensorFlow 1.15.1, 2.0.1 or 2.1.0.
CVE-2019-20174 1 Auth0 1 Lock 2020-02-05 4.3 MEDIUM 6.1 MEDIUM
Auth0 Lock before 11.21.0 allows XSS when additionalSignUpFields is used with an untrusted placeholder.
CVE-2020-5228 1 Apereo 1 Opencast 2020-02-05 5.0 MEDIUM 7.5 HIGH
Opencast before 8.1 and 7.6 allows unauthorized public access to all media and metadata by default via OAI-PMH. OAI-PMH is part of the default workflow and is activated by default, requiring active user intervention of users to protect media. This leads to users unknowingly handing out public access to events without their knowledge. The problem has been addressed in Opencast 7.6 and 8.1 where the OAI-PMH endpoint is configured to require users with `ROLE_ADMIN` by default. In addition to this, Opencast 9 removes the OAI-PMH publication from the default workflow, making the publication a conscious decision users have to make by updating their workflows.
CVE-2020-5229 1 Apereo 1 Opencast 2020-02-05 5.5 MEDIUM 8.1 HIGH
Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. Furthermore, the hashes are salted using the username instead of a random salt, causing hashes for users with the same username and password to collide which is problematic especially for popular users like the default `admin` user. This essentially means that for an attacker, it might be feasible to reconstruct a user's password given access to these hashes. Note that attackers needing access to the hashes means that they must gain access to the database in which these are stored first to be able to start cracking the passwords. The problem is addressed in Opencast 8.1 which now uses the modern and much stronger bcrypt password hashing algorithm for storing passwords. Note, that old hashes remain MD5 until the password is updated. For a list of users whose password hashes are stored using MD5, take a look at the `/user-utils/users/md5.json` REST endpoint.
CVE-2014-8139 2 Redhat, Unzip Project 7 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus and 4 more 2020-02-05 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in the CRC32 verification in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
CVE-2013-2672 1 Brother 2 Mfc-9970cdw, Mfc-9970cdw Firmware 2020-02-05 5.0 MEDIUM 7.5 HIGH
Brother MFC-9970CDW devices with firmware 0D allow cleartext submission of passwords.
CVE-2020-8505 1 Arox 1 School Management Software Php\/mysql 2020-02-05 4.3 MEDIUM 6.5 MEDIUM
School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=deleteadmin CSRF to delete a user.
CVE-2014-8140 2 Redhat, Unzip Project 7 Enterprise Linux Desktop, Enterprise Linux Server, Enterprise Linux Server Aus and 4 more 2020-02-05 6.8 MEDIUM 7.8 HIGH
Heap-based buffer overflow in the test_compr_eb function in Info-ZIP UnZip 6.0 and earlier allows remote attackers to execute arbitrary code via a crafted zip file in the -t command argument to the unzip command.
CVE-2013-2674 1 Brother 2 Mfc-9970cdw, Mfc-9970cdw Firmware 2020-02-05 5.0 MEDIUM 7.5 HIGH
Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure vulnerability which allows remote attackers to view sensitive information from referrer logs due to inadequate handling of HTTP referrer headers.
CVE-2014-8322 1 Aircrack-ng 1 Aircrack-ng 2020-02-05 7.5 HIGH 9.8 CRITICAL
Stack-based buffer overflow in the tcp_test function in aireplay-ng.c in Aircrack-ng before 1.2 RC 1 allows remote attackers to execute arbitrary code via a crafted length parameter value.
CVE-2014-8321 1 Aircrack-ng 1 Aircrack-ng 2020-02-05 4.6 MEDIUM 7.8 HIGH
Stack-based buffer overflow in the gps_tracker function in airodump-ng.c in Aircrack-ng before 1.2 RC 1 allows local users to execute arbitrary code or gain privileges via unspecified vectors.
CVE-2016-4676 1 Apple 2 Mac Os X, Safari 2020-02-05 5.0 MEDIUM 7.5 HIGH
A Cross-origin vulnerability exists in WebKit in Apple Safari before 10.0.1 when processing location attributes, which could let a remote malicious user obtain sensitive information.
CVE-2019-20141 1 Laborator 1 Neon 2020-02-05 4.3 MEDIUM 6.1 MEDIUM
An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter.
CVE-2020-8592 1 Eginnovations 1 Eg Manager 2020-02-05 7.5 HIGH 9.8 CRITICAL
eG Manager 7.1.2 allows SQL Injection via the user parameter to com.eg.LoginHelperServlet (aka the Forgot Password feature).
CVE-2020-8504 1 Arox 1 School Management Software Php\/mysql 2020-02-05 4.3 MEDIUM 6.5 MEDIUM
School Management Software PHP/mySQL through 2019-03-14 allows office_admin/?action=addadmin CSRF to add an administrative user.
CVE-2011-4912 1 Joomla 1 Joomla\! 2020-02-05 5.0 MEDIUM 5.3 MEDIUM
Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout bypass.
CVE-2020-3941 2 Microsoft, Vmware 2 Windows, Tools 2020-02-05 4.4 MEDIUM 7.0 HIGH
The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11.
CVE-2020-8440 1 Simplejobscript 1 Simplejobscript 2020-02-05 7.5 HIGH 9.8 CRITICAL
controllers/page_apply.php in Simplejobscript.com SJS through 1.66 is prone to unauthenticated Remote Code Execution by uploading a PHP script as a resume.
CVE-2017-3200 1 Graniteds 1 Graniteds 2020-02-05 6.8 MEDIUM 8.1 HIGH
The Java implementation of AMF3 deserializers used in GraniteDS, version 3.1.1.G, may allow instantiation of arbitrary classes via their public parameter-less constructor and subsequently call arbitrary Java Beans setter methods. The ability to exploit this vulnerability depends on the availability of classes in the class path that make use of deserialization. A remote attacker with the ability to spoof or control information may be able to send serialized Java objects with pre-set properties that result in arbitrary code execution when deserialized.
CVE-2013-5989 2020-02-05 N/A N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2011-4969. Reason: This candidate is a duplicate of CVE-2011-4969. Notes: All CVE users should reference CVE-2011-4969 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2014-3893 2020-02-05 N/A N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-0114. Reason: This candidate is a duplicate of CVE-2014-0114. Notes: All CVE users should reference CVE-2014-0114 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2011-4088 3 Abrt Project, Fedoraproject, Redhat 5 Abrt, Fedora, Enterprise Linux Desktop and 2 more 2020-02-05 5.0 MEDIUM 7.5 HIGH
ABRT might allow attackers to obtain sensitive information from crash reports.
CVE-2019-19968 1 Pandorafms 1 Pandora Fms 2020-02-05 3.5 LOW 5.4 MEDIUM
PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent Management, Report Builder, and Graph Builder components. An authenticated user can inject dangerous content into a data store that is later read and included in dynamic content.
CVE-2020-5222 1 Apereo 1 Opencast 2020-02-05 6.5 MEDIUM 8.8 HIGH
Opencast before 7.6 and 8.1 enables a remember-me cookie based on a hash created from the username, password, and an additional system key. This means that an attacker getting access to a remember-me token for one server can get access to all servers which allow log-in using the same credentials without ever needing the credentials. This problem is fixed in Opencast 7.6 and Opencast 8.1
CVE-2014-5039 1 Eucalyptus 1 Eucalyptus Management Console 2020-02-05 6.8 MEDIUM 9.6 CRITICAL
Cross-site scripting (XSS) vulnerability in Eucalyptus Management Console (EMC) 4.0.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2017-9462 3 Debian, Mercurial, Redhat 8 Debian Linux, Mercurial, Enterprise Linux Desktop and 5 more 2020-02-05 9.0 HIGH 8.8 HIGH
In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.
CVE-2020-5206 1 Apereo 1 Opencast 2020-02-05 6.4 MEDIUM 10.0 CRITICAL
In Opencast before 7.6 and 8.1, using a remember-me cookie with an arbitrary username can cause Opencast to assume proper authentication for that user even if the remember-me cookie was incorrect given that the attacked endpoint also allows anonymous access. This way, an attacker can, for example, fake a remember-me token, assume the identity of the global system administrator and request non-public content from the search service without ever providing any proper authentication. This problem is fixed in Opencast 7.6 and Opencast 8.1
CVE-2014-3809 1 Nokia 6 1830 Photonic Service Switch-16, 1830 Photonic Service Switch-16 Firmware, 1830 Photonic Service Switch-32 and 3 more 2020-02-05 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in the management interface in Alcatel-Lucent 1830 Photonic Service Switch (PSS) 6.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the myurl parameter to menu/pop.html.
CVE-2020-5852 1 F5 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more 2020-02-05 5.0 MEDIUM 7.5 HIGH
Undisclosed traffic patterns received may cause a disruption of service to the Traffic Management Microkernel (TMM). This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. This issue only impacts specific engineering hotfixes. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. The affected Engineering Hotfix builds are as follows: Hotfix-BIGIP-14.1.2.1.0.83.4-ENG Hotfix-BIGIP-12.1.4.1.0.97.6-ENG Hotfix-BIGIP-11.5.4.2.74.291-HF2
CVE-2019-3864 1 Redhat 1 Quay 2020-02-05 6.8 MEDIUM 8.8 HIGH
A vulnerability was discovered in all quay-2 versions before quay-3.0.0, in the Quay web GUI where POST requests include a specific parameter which is used as a CSRF token. The token is not refreshed for every request or when a user logged out and in again. An attacker could use a leaked token to gain access to the system using the user's account.
CVE-2019-19392 1 Fordnn 1 Usersexportimport 2020-02-05 7.5 HIGH 9.8 CRITICAL
The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly DotNetNuke) allows an unprivileged user to import (create) new users with Administrator privileges, as demonstrated by Roles="Administrators" in XML or CSV data.
CVE-2012-5626 1 Redhat 6 Jboss Brms, Jboss Enterprise Application Platform, Jboss Enterprise Web Server and 3 more 2020-02-05 5.0 MEDIUM 7.5 HIGH
EJB method in Red Hat JBoss BRMS 5; Red Hat JBoss Enterprise Application Platform 5; Red Hat JBoss Operations Network 3.1; Red Hat JBoss Portal 4 and 5; Red Hat JBoss SOA Platform 4.2, 4.3, and 5; in Red Hat JBoss Enterprise Web Server 1 ignores roles specified using the @RunAs annotation.
CVE-2015-8851 1 Node-uuid Project 1 Node-uuid 2020-02-05 5.0 MEDIUM 7.5 HIGH
node-uuid before 1.4.4 uses insufficiently random data to create a GUID, which could make it easier for attackers to have unspecified impact via brute force guessing.
CVE-2019-5468 1 Gitlab 1 Gitlab 2020-02-05 6.5 MEDIUM 8.8 HIGH
An privilege escalation issue was discovered in Gitlab versions < 12.1.2, < 12.0.4, and < 11.11.6 when Mattermost slash commands are used with a blocked account.
CVE-2018-19441 1 Neatorobotics 2 Botvac Connected, Botvac Connected Firmware 2020-02-05 1.9 LOW 4.7 MEDIUM
An issue was discovered in Neato Botvac Connected 2.2.0. The GenerateRobotPassword function of the NeatoCrypto library generates insufficiently random numbers for robot secret_key values used for local and cloud authentication/authorization. If an attacker knows the serial number and is able to estimate the time of first provisioning of a robot, he is able to brute force the generated secret_key of the robot. This is because the entropy of the secret_key exclusively relies on these two values, due to not seeding the random generator and using several constant inputs for secret_key computation. Serial numbers are printed on the packaging and equal the MAC address of the robot.
CVE-2014-9481 1 Mediawiki 1 Mediawiki 2020-02-05 4.3 MEDIUM 5.9 MEDIUM
The Scribunto extension for MediaWiki allows remote attackers to obtain the rollback token and possibly other sensitive information via a crafted module, related to unstripping special page HTML.
CVE-2013-3322 1 Netapp 1 Oncommand System Manager 2020-02-05 9.0 HIGH 7.2 HIGH
NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to inject arbitrary commands in the Halt/Reboot interface.