Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-17444 | 1 Altran | 1 Picotcp | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in picoTCP 1.7.0. The routine for processing the next header field (and deducing whether the IPv6 extension headers are valid) doesn't check whether the header extension length field would overflow. Therefore, if it wraps around to zero, iterating through the extension headers will not increment the current data pointer. This leads to an infinite loop and Denial-of-Service in pico_ipv6_check_headers_sequence() in pico_ipv6.c. | |||||
| CVE-2020-17443 | 1 Altran | 1 Picotcp | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in picoTCP 1.7.0. The code for creating an ICMPv6 echo replies doesn't check whether the ICMPv6 echo request packet's size is shorter than 8 bytes. If the size of the incoming ICMPv6 request packet is shorter than this, the operation that calculates the size of the ICMPv6 echo replies has an integer wrap around, leading to memory corruption and, eventually, Denial-of-Service in pico_icmp6_send_echoreply_not_frag in pico_icmp6.c. | |||||
| CVE-2020-13985 | 1 Contiki-os | 1 Contiki | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c. | |||||
| CVE-2020-5950 | 1 F5 | 1 Big-ip Advanced Firewall Manager | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the admin role. | |||||
| CVE-2020-28440 | 1 Corenlp-js-interface Project | 1 Corenlp-js-interface | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| All versions of package corenlp-js-interface are vulnerable to Command Injection via the main function. | |||||
| CVE-2020-28439 | 1 Corenlp-js-prefab Project | 1 Corenlp-js-prefab | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.' Vulnerability can be exploited with the following PoC: | |||||
| CVE-2020-4633 | 1 Ibm | 1 Resilient Security Orchestration Automation And Response | 2021-07-21 | 9.0 HIGH | 8.8 HIGH |
| IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbitrary code on the system, caused by formula injection due to improper input validation. | |||||
| CVE-2020-7788 | 2 Debian, Ini Project | 2 Debian Linux, Ini | 2021-07-21 | 7.5 HIGH | 7.3 HIGH |
| This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context. | |||||
| CVE-2020-26416 | 1 Gitlab | 1 Gitlab | 2021-07-21 | 2.1 LOW | 4.4 MEDIUM |
| Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs. This affects versions >=8.4 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2. | |||||
| CVE-2020-26415 | 1 Gitlab | 1 Gitlab | 2021-07-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API. This affects GitLab >=12.2 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2. | |||||
| CVE-2020-26412 | 1 Gitlab | 1 Gitlab | 2021-07-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Removed group members were able to use the To-Do functionality to retrieve updated information on confidential epics starting in GitLab EE 13.2 before 13.6.2. | |||||
| CVE-2020-26408 | 1 Gitlab | 1 Gitlab | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A limited information disclosure vulnerability exists in Gitlab CE/EE from >= 12.2 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2 that allows an attacker to view limited information in user's private profile | |||||
| CVE-2020-26409 | 1 Gitlab | 1 Gitlab | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6, <13.6.2 that allows an attacker to trigger uncontrolled resource by bypassing input validation in markdown fields. | |||||
| CVE-2020-25838 | 1 Microfocus | 1 Filr | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Unauthorized disclosure of sensitive information vulnerability in Micro Focus Filr product. Affecting all 3.x and 4.x versions. The vulnerability could be exploited to disclose unauthorized sensitive information. | |||||
| CVE-2020-29311 | 1 Ubilling | 1 Ubilling | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command that is injected inside the config file and being triggered by another part of the software. | |||||
| CVE-2020-25967 | 2 Fastadmin, Microsoft | 2 Fastadmin, Windows | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to a Server-Side Template Injection (SSTI) vulnerability. | |||||
| CVE-2020-12594 | 1 Broadcom | 1 Symantec Messaging Gateway | 2021-07-21 | 9.0 HIGH | 7.2 HIGH |
| A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance. This affects SMG prior to 10.7.4. | |||||
| CVE-2020-25499 | 1 Totolink | 26 A3002r, A3002r Firmware, A3002ru-v1 and 23 more | 2021-07-21 | 9.0 HIGH | 8.8 HIGH |
| TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's 'Run Command'. An attacker can use this functionality to execute arbitrary OS commands on the router. | |||||
| CVE-2020-28086 | 1 Zx2c4 | 1 Password-store | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| pass through 1.7.3 has a possibility of using a password for an unintended resource. For exploitation to occur, the user must do a git pull, decrypt a password, and log into a remote service with the password. If an attacker controls the central Git server or one of the other members' machines, and also controls one of the services already in the password store, they can rename one of the password files in the Git repository to something else: pass doesn't correctly verify that the content of a file matches the filename, so a user might be tricked into decrypting the wrong password and sending that to a service that the attacker controls. NOTE: for environments in which this threat model is of concern, signing commits can be a solution. | |||||
| CVE-2020-26829 | 1 Sap | 1 Netweaver Application Server Java | 2021-07-21 | 9.0 HIGH | 10.0 CRITICAL |
| SAP NetWeaver AS JAVA (P2P Cluster Communication), versions - 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows arbitrary connections from processes because of missing authentication check, that are outside the cluster and even outside the network segment dedicated for the internal cluster communication. As result, an unauthenticated attacker can invoke certain functions that would otherwise be restricted to system administrators only, including access to system administration functions or shutting down the system completely. | |||||
| CVE-2020-26816 | 1 Sap | 1 Netweaver Application Server Java | 2021-07-21 | 2.7 LOW | 4.5 MEDIUM |
| SAP AS JAVA (Key Storage Service), versions - 7.10, 7.11, 7.20 ,7.30, 7.31, 7.40, 7.50, has the key material which is stored in the SAP NetWeaver AS Java Key Storage service stored in the database in the DER encoded format and is not encrypted. This enables an attacker who has administrator access to the SAP NetWeaver AS Java to decode the keys because of missing encryption and get some application data and client credentials of adjacent systems. This highly impacts Confidentiality as information disclosed could contain client credentials of adjacent systems. | |||||
| CVE-2020-29656 | 1 Asus | 2 Rt-ac88u, Rt-ac88u Firmware | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure vulnerability exists in RT-AC88U Download Master before 3.1.0.108. A direct access to /downloadmaster/dm_apply.cgi?action_mode=initial&download_type=General&special_cgi=get_language makes it possible to reach "unknown functionality" in a "known to be easy" manner via an unspecified "public exploit." | |||||
| CVE-2020-27614 | 1 Anydesk | 1 Anydesk | 2021-07-21 | 7.2 HIGH | 7.8 HIGH |
| AnyDesk for macOS versions 6.0.2 and older have a vulnerability in the XPC interface that does not properly validate client requests and allows local privilege escalation. | |||||
| CVE-2020-27906 | 1 Apple | 1 Macos | 2021-07-21 | 9.3 HIGH | 8.8 HIGH |
| Multiple integer overflows were addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. A remote attacker may be able to cause unexpected application termination or heap corruption. | |||||
| CVE-2020-27905 | 1 Apple | 4 Ipados, Iphone Os, Tvos and 1 more | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A malicious application may be able to execute arbitrary code with system privileges. | |||||
| CVE-2020-27903 | 1 Apple | 1 Macos | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Big Sur 11.0.1. An application may be able to gain elevated privileges. | |||||
| CVE-2020-27902 | 1 Apple | 2 Ipados, Iphone Os | 2021-07-21 | 2.1 LOW | 4.6 MEDIUM |
| An authentication issue was addressed with improved state management. This issue is fixed in iOS 14.2 and iPadOS 14.2. A person with physical access to an iOS device may be able to access stored passwords without authentication. | |||||
| CVE-2020-27900 | 1 Apple | 1 Macos | 2021-07-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue existed in the handling of snapshots. The issue was resolved with improved permissions logic. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to preview files it does not have access to. | |||||
| CVE-2020-27895 | 1 Apple | 1 Itunes | 2021-07-21 | 4.3 MEDIUM | 3.3 LOW |
| An information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling. This issue is fixed in iTunes 12.11 for Windows. A malicious application may be able to access local users Apple IDs. | |||||
| CVE-2020-9999 | 1 Apple | 7 Icloud, Ipados, Iphone Os and 4 more | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iTunes for Windows 12.10.9. Processing a maliciously crafted text file may lead to arbitrary code execution. | |||||
| CVE-2020-28946 | 1 Plummac | 2 Ik-401, Ik-401 Firmware | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An improper webserver configuration on Plum IK-401 devices with firmware before 1.02 allows an attacker (with network access to the device) to obtain the configuration file, including hashed credential data. Successful exploitation could allow access to hashed credential data with a single unauthenticated GET request. | |||||
| CVE-2020-29540 | 1 Systransoft | 1 Pure Neural Server | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| API calls in the Translation API feature in Systran Pure Neural Server before 9.7.0 allow a threat actor to use the Systran Pure Neural Server as a Denial-of-Service proxy by sending a large amount of translation requests to a destination host on any given TCP port regardless of whether a web service is running on the destination port. | |||||
| CVE-2020-5800 | 1 Eat Spray Love Project | 1 Eat Spray Love | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass authentication and retrieve or modify information that they would not normally have access to. | |||||
| CVE-2020-27408 | 1 Os4ed | 1 Opensis | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| OpenSIS Community Edition through 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated attacker to change the password of arbitrary users. | |||||
| CVE-2020-29561 | 1 Boom-core | 1 Risvc-boom | 2021-07-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in SonicBOOM riscv-boom 3.0.0. For LR, it does not avoid acquiring a reservation in the case where a load translates successfully but still generates an exception. | |||||
| CVE-2020-23740 | 1 Drivergenius | 1 Drivergenius | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| In DriverGenius 9.61.5480.28 there is a local privilege escalation vulnerability in the driver wizard, attackers can use constructed programs to increase user privileges. | |||||
| CVE-2020-28175 | 1 Almico | 1 Speedfan | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| There is a local privilege escalation vulnerability in Alfredo Milani Comparetti SpeedFan 4.52. Attackers can use constructed programs to increase user privileges | |||||
| CVE-2020-28251 | 1 Netscout | 7 Airmagnet Enterprise, Sensor4-r1s1w1-e, Sensor4-r2s1-e and 4 more | 2021-07-21 | 9.3 HIGH | 8.1 HIGH |
| NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system. The attacker must complete a straightforward password-cracking exercise. | |||||
| CVE-2020-23735 | 1 Saibo | 1 Cyber Game Accelerator | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| In Saibo Cyber Game Accelerator 3.7.9 there is a local privilege escalation vulnerability. Attackers can use the constructed program to increase user privileges | |||||
| CVE-2020-28937 | 1 Openclinic Project | 1 Openclinic | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Protected Health Information (PHI) stored in the application, via a direct request for the /tests/ URI. | |||||
| CVE-2020-29454 | 1 Umbraco | 1 Umbraco Cms | 2021-07-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access. | |||||
| CVE-2020-28583 | 1 Trendmicro | 2 Apex One, Officescan | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information. | |||||
| CVE-2020-28582 | 1 Trendmicro | 2 Apex One, Officescan | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents. | |||||
| CVE-2020-28577 | 1 Trendmicro | 2 Apex One, Officescan | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names. | |||||
| CVE-2020-28576 | 1 Trendmicro | 2 Apex One, Officescan | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information. | |||||
| CVE-2020-28573 | 1 Trendmicro | 2 Apex One, Officescan | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal the total agents managed by the server. | |||||
| CVE-2020-4128 | 1 Hcltech | 1 Domino | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| HCL Domino is susceptible to a lockout policy bypass vulnerability in the ID Vault service. An unauthenticated attacker could use this vulnerability to mount a brute force attack against the ID Vault service. | |||||
| CVE-2020-9115 | 1 Huawei | 1 Manageone | 2021-07-21 | 9.0 HIGH | 7.2 HIGH |
| ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, ,6.5.1.1.B050, 8.0.0 and 8.0.1 have a command injection vulnerability. An attacker with high privileges may exploit this vulnerability through some operations on the plug-in component. Due to insufficient input validation of some parameters, the attacker can exploit this vulnerability to inject commands to the target device. | |||||
| CVE-2020-4126 | 1 Hcltech | 1 Hcl Inotes | 2021-07-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting its transmission within an http session. Fixes are available in HCL Domino and iNotes versions 10.0.1 FP6 and 11.0.1 FP2 and later. | |||||
| CVE-2020-16850 | 1 Mitsubishielectric | 38 R00cpu, R00cpu Firmware, R01cpu and 35 more | 2021-07-21 | 7.8 HIGH | 7.5 HIGH |
| Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. This denial of service attack exposes Improper Input Validation. After halting, physical access to the PLC is required in order to restore production, and the device state is lost. This is related to R04CPU, RJ71GF11-T2, R04CPU, and RJ71GF11-T2. | |||||