Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-14162 | 1 Pi-hole | 1 Pi-hole | 2021-07-21 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered in Pi-Hole through 5.0. The local www-data user has sudo privileges to execute the pihole core script as root without a password, which could allow an attacker to obtain root access via shell metacharacters to this script's setdns command. | |||||
| CVE-2020-12620 | 1 Pi-hole | 1 Pi-hole | 2021-07-21 | 7.2 HIGH | 7.8 HIGH |
| Pi-hole 4.4 allows a user able to write to /etc/pihole/dns-servers.conf to escalate privileges through command injection (shell metacharacters after an IP address). | |||||
| CVE-2020-3698 | 1 Qualcomm | 92 Apq8009, Apq8009 Firmware, Apq8017 and 89 more | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Out of bound write while QoS DSCP mapping due to improper input validation for data received from association response frame in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCM2150, QCN7605, QCS405, QCS605, QM215, SA6155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX55, SM8150, SM8250, SXR2130 | |||||
| CVE-2019-14130 | 1 Qualcomm | 18 Kamorta, Kamorta Firmware, Qcs404 and 15 more | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| Memory corruption can occurs in trusted application if offset size from HLOS is more than actual mapped buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130 | |||||
| CVE-2019-14123 | 1 Qualcomm | 18 Kamorta, Kamorta Firmware, Qcs404 and 15 more | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| Possible buffer overflow and over read possible due to missing bounds checks for fixed limits if we consider widevine HLOS client as non-trustable in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130 | |||||
| CVE-2019-14100 | 1 Qualcomm | 18 Mdm9206, Mdm9206 Firmware, Mdm9207c and 15 more | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| Register write via debugfs is disabled by default to prevent register writing via debugfs. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9207C, MDM9607, Nicobar, QCS405, SA6155P, SC8180X, SDX55, SM8150 | |||||
| CVE-2020-5610 | 1 Toyota | 1 Global Techstream | 2021-07-21 | 9.3 HIGH | 7.8 HIGH |
| Global TechStream (GTS) for TOYOTA dealers version 15.10.032 and earlier allows an attacker to cause a denial-of-service (DoS) condition and execute arbitrary code via unspecified vectors. | |||||
| CVE-2020-14316 | 2 Kubevirt, Redhat | 2 Kubevirt, Openshift Virtualization | 2021-07-21 | 6.5 MEDIUM | 9.9 CRITICAL |
| A flaw was found in kubevirt 0.29 and earlier. Virtual Machine Instances (VMIs) can be used to gain access to the host's filesystem. Successful exploitation allows an attacker to assume the privileges of the VM process on the host system. In worst-case scenarios an attacker can read and modify any file on the system where the VMI is running. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | |||||
| CVE-2019-20033 | 1 Nec | 2 Sv8100, Sv8100 Firmware | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| On Aspire-derived NEC PBXes, including all versions of SV8100 devices, a set of documented, static login credentials may be used to access the DIM interface. | |||||
| CVE-2019-20029 | 1 Nec | 8 Sl1100, Sl1100 Firmware, Sl2100 and 5 more | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable privilege escalation vulnerability exists in the WebPro functionality of Aspire-derived NEC PBXes, including all versions of SV8100, SV9100, SL1100 and SL2100 devices. A specially crafted HTTP POST can cause privilege escalation resulting in a higher privileged account, including an undocumented developer level of access. | |||||
| CVE-2019-20028 | 1 Nec | 8 Sl1100, Sl1100 Firmware, Sl2100 and 5 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Aspire-derived NEC PBXes operating InMail software, including all versions of SV8100, SV9100, SL1100 and SL2100 devices allow unauthenticated read-only access to voicemails, greetings, and voice response system content through a system's WebPro administration interface. | |||||
| CVE-2019-20026 | 1 Nec | 2 Sv9100, Sv9100 Firmware | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| The WebPro interface in NEC SV9100 software releases 7.0 or higher allows unauthenticated remote attackers to reset all existing usernames and passwords to default values via a crafted request. | |||||
| CVE-2020-13699 | 2 Microsoft, Teamviewer | 2 Windows, Teamviewer | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstrated by a teamviewer10: --play URL. An attacker could force a victim to send an NTLM authentication request and either relay the request or capture the hash for offline password cracking. This affects teamviewer10, teamviewer8, teamviewerapi, tvchat1, tvcontrol1, tvfiletransfer1, tvjoinv8, tvpresent1, tvsendfile1, tvsqcustomer1, tvsqsupport1, tvvideocall1, and tvvpn1. The issue is fixed in 8.0.258861, 9.0.258860, 10.0.258873, 11.0.258870, 12.0.258869, 13.2.36220, 14.2.56676, 14.7.48350, and 15.8.3. | |||||
| CVE-2020-4644 | 1 Ibm | 1 Planning Analytics Local | 2021-07-21 | 5.8 MEDIUM | 5.4 MEDIUM |
| IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 185716. | |||||
| CVE-2020-4573 | 1 Ibm | 1 Security Key Lifecycle Manager | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could disclose sensitive information due to responding to unauthenticated HTTP requests. IBM X-Force ID: 184180. | |||||
| CVE-2020-4572 | 1 Ibm | 1 Security Key Lifecycle Manager | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184179. | |||||
| CVE-2020-4567 | 1 Ibm | 1 Security Key Lifecycle Manager | 2021-07-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| IBM Tivoli Key Lifecycle Manager 3.0.1 and 4.0 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 184156. | |||||
| CVE-2020-2076 | 1 Sick | 1 Package Analytics | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. An attacker can send unauthorized requests, bypass current authentication controls presented by the application and could potentially write files without authentication. | |||||
| CVE-2020-9692 | 1 Magento | 1 Magento | 2021-07-21 | 8.5 HIGH | 6.5 MEDIUM |
| Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a security mitigation bypass vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-7698 | 1 Gerapy | 1 Gerapy | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| This affects the package Gerapy from 0 and before 0.9.3. The input being passed to Popen, via the project_configure endpoint, isn’t being sanitized. | |||||
| CVE-2020-7697 | 1 Mock2easy Project | 1 Mock2easy | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| This affects all versions of package mock2easy. a malicious user could inject commands through the _data variable: Affected Area require('../server/getJsonByCurl')(mock2easy, function (error, stdout) { if (error) { return res.json(500, error); } res.json(JSON.parse(stdout)); }, '', _data.interfaceUrl, query, _data.cookie,_data.interfaceType); | |||||
| CVE-2020-13997 | 1 Shopware | 1 Shopware | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Shopware before 6.2.3, the database password is leaked to an unauthenticated user when a DriverException occurs and verbose error handling is enabled. | |||||
| CVE-2020-15408 | 1 Pulsesecure | 2 Pulse Connect Secure, Pulse Secure Desktop Client | 2021-07-21 | 5.8 MEDIUM | 4.6 MEDIUM |
| An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. An authenticated attacker can access the admin page console via the end-user web interface because of a rewrite. | |||||
| CVE-2020-13919 | 1 Ruckuswireless | 25 C110, E510, H320 and 22 more | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. | |||||
| CVE-2020-13918 | 1 Ruckuswireless | 25 C110, E510, H320 and 22 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for a jailbreak) via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. | |||||
| CVE-2020-13917 | 1 Ruckuswireless | 25 C110, E510, H320 and 22 more | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. | |||||
| CVE-2020-13915 | 1 Ruckuswireless | 25 C110, E510, H320 and 22 more | 2021-07-21 | 6.4 MEDIUM | 7.5 HIGH |
| Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. | |||||
| CVE-2020-13914 | 1 Ruckuswireless | 25 C110, E510, H320 and 22 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. | |||||
| CVE-2020-4375 | 1 Ibm | 1 Mq Appliance | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS could allow an attacker to cause a denial of service due to a memory leak caused by an error creating a dynamic queue. IBM X-Force ID: 179080. | |||||
| CVE-2020-4319 | 1 Ibm | 1 Mq Appliance | 2021-07-21 | 3.5 LOW | 4.3 MEDIUM |
| IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 LTS, and 9.1 CD could allow under special circumstances, an authenticated user to obtain sensitive information due to a data leak from an error message within the pre-v7 pubsub logic. IBM X-Force ID: 177402. | |||||
| CVE-2020-12880 | 1 Pulsesecure | 2 Pulse Connect Secure, Pulse Policy Secure | 2021-07-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is available and can be retrieved. (The source code is otherwise inaccessible because the appliance has its hard disks encrypted, and no root shell is available during normal operation.) | |||||
| CVE-2020-1425 | 1 Microsoft | 1 Windows 10 | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| A remoted code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory, aka 'Microsoft Windows Codecs Library Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1457. | |||||
| CVE-2020-4498 | 1 Ibm | 1 Mq Appliance | 2021-07-21 | 2.1 LOW | 4.4 MEDIUM |
| IBM MQ Appliance 9.1 LTS and 9.1 CD could allow a local privileged user to obtain highly sensitve information due to inclusion of data within trace files. IBM X-Force ID: 182118. | |||||
| CVE-2020-15593 | 2 Microsoft, Riverbed | 2 Windows, Steelcentral Aternity Agent | 2021-07-21 | 7.2 HIGH | 7.8 HIGH |
| SteelCentral Aternity Agent 11.0.0.120 on Windows mishandles IPC. It uses an executable running as a high privileged Windows service to perform administrative tasks and collect data from other processes. It distributes functionality among different processes and uses IPC (Inter-Process Communication) primitives to enable the processes to cooperate. Any user in the system is allowed to access the interprocess communication channel AternityAgentAssistantIpc, retrieve a serialized object and call object methods remotely. Among others, the methods allow any user to: (1) Create and/or overwrite arbitrary XML files across the system; (2) Create arbitrary directories across the system; and (3) Load arbitrary plugins (i.e., C# assemblies) from the "%PROGRAMFILES(X86)/Aternity Information Systems/Assistant/plugins” directory and execute code contained in them. | |||||
| CVE-2020-9251 | 1 Huawei | 2 Mate 20, P30 Firmware | 2021-07-21 | 2.1 LOW | 2.4 LOW |
| HUAWEI Mate 20 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have an improper authorization vulnerability. The software does not properly restrict certain operation in certain scenario, the attacker should do certain configuration before the user turns on student mode function. Successful exploit could allow the attacker to bypass the limit of student mode function. Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8). | |||||
| CVE-2020-9077 | 1 Huawei | 2 P30, P30 Firmware | 2021-07-21 | 4.3 MEDIUM | 3.3 LOW |
| HUAWEI P30 smart phones with versions earlier than 10.1.0.160(C00E160R2P11) have an information exposure vulnerability. The system does not properly authenticate the application that access a specified interface. Attackers can trick users into installing malicious software to exploit this vulnerability and obtain some information about the device. Successful exploit may cause information disclosure. | |||||
| CVE-2020-7694 | 1 Encode | 1 Uvicorn | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| This affects all versions of package uvicorn. The request logger provided by the package is vulnerable to ASNI escape sequence injection. Whenever any HTTP request is received, the default behaviour of uvicorn is to log its details to either the console or a log file. When attackers request crafted URLs with percent-encoded escape sequences, the logging component will log the URL after it's been processed with urllib.parse.unquote, therefore converting any percent-encoded characters into their single-character equivalent, which can have special meaning in terminal emulators. By requesting URLs with crafted paths, attackers can: * Pollute uvicorn's access logs, therefore jeopardising the integrity of such files. * Use ANSI sequence codes to attempt to interact with the terminal emulator that's displaying the logs (either in real time or from a file). | |||||
| CVE-2020-15477 | 1 Raspberrytorte | 1 Raspberrytortoise | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| The WebControl in RaspberryTortoise through 2012-10-28 is vulnerable to remote code execution via shell metacharacters in a URI. The file nodejs/raspberryTortoise.js has no validation on the parameter incomingString before passing it to the child_process.exec function. | |||||
| CVE-2020-15391 | 1 Devspace | 1 Devspace | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| The UI in DevSpace 4.13.0 allows web sites to execute actions on pods (on behalf of a victim) because of a lack of authentication for the WebSocket protocol. This leads to remote code execution. | |||||
| CVE-2020-12638 | 1 Espressif | 3 Esp-idf, Esp8266 Nonos Sdk, Esp8266 Rtos Sdk | 2021-07-21 | 4.3 MEDIUM | 6.8 MEDIUM |
| An encryption-bypass issue was discovered on Espressif ESP-IDF devices through 4.2, ESP8266_NONOS_SDK devices through 3.0.3, and ESP8266_RTOS_SDK devices through 3.3. Broadcasting forged beacon frames forces a device to change its authentication mode to OPEN, effectively disabling its 802.11 encryption. | |||||
| CVE-2020-11440 | 1 Windriver | 1 Vxworks | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| httpRpmFs in WebCLI in Wind River VxWorks 5.5 through 7 SR0640 has no check for an escape from the web root. | |||||
| CVE-2020-4400 | 1 Ibm | 1 Verify Gateway | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 179478. | |||||
| CVE-2020-9683 | 2 Adobe, Microsoft | 3 Photoshop, Photoshop Cc, Windows | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-9677 | 2 Adobe, Microsoft | 2 Prelude, Windows | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-9664 | 1 Magento | 1 Magento | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a php object injection vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-15894 | 1 D-link | 2 Dir-816l, Dir-816l Firmware | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. There exists an exposed administration function in getcfg.php, which can be used to call various services. It can be utilized by an attacker to retrieve various sensitive information, such as admin login credentials, by setting the value of _POST_SERVICES in the query string to DEVICE.ACCOUNT. | |||||
| CVE-2020-15892 | 1 D-link | 2 Dap-1520, Dap-1520 Firmware | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in apply.cgi on D-Link DAP-1520 devices before 1.10b04Beta02. Whenever a user performs a login action from the web interface, the request values are being forwarded to the ssi binary. On the login page, the web interface restricts the password input field to a fixed length of 15 characters. The problem is that validation is being done on the client side, hence it can be bypassed. When an attacker manages to intercept the login request (POST based) and tampers with the vulnerable parameter (log_pass), to a larger length, the request will be forwarded to the webserver. This results in a stack-based buffer overflow. A few other POST variables, (transferred as part of the login request) are also vulnerable: html_response_page and log_user. | |||||
| CVE-2020-15806 | 1 Codesys | 16 Control For Beaglebone, Control For Empc-a\/imx6, Control For Iot2000 and 13 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation. | |||||
| CVE-2020-6535 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2021-07-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had compromised the renderer process to inject scripts or HTML into a privileged page via a crafted HTML page. | |||||
| CVE-2020-6533 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||