Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-15489 | 1 Wavlink | 2 Wl-wn530hg4, Wl-wn530hg4 Firmware | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple shell metacharacter injection vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges. | |||||
| CVE-2019-15312 | 1 Linkplay | 1 Linkplay | 2021-07-21 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is a Zolo Halo DNS rebinding attack. The device was found to be vulnerable to DNS rebinding. Combined with one of the many /httpapi.asp endpoint command-execution security issues, the DNS rebinding attack could allow an attacker to compromise the victim device from the Internet. | |||||
| CVE-2019-15311 | 1 Linkplay | 1 Linkplay | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is Zolo Halo LAN remote code execution. The Zolo Halo Bluetooth speaker had a GoAhead web server listening on the port 80. The /httpapi.asp endpoint of the GoAhead web server was also vulnerable to multiple command execution vulnerabilities. | |||||
| CVE-2019-15310 | 1 Linkplay | 1 Linkplay | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on various devices via the Linkplay firmware. There is WAN remote code execution without user interaction. An attacker could retrieve the AWS key from the firmware and obtain full control over Linkplay's AWS estate, including S3 buckets containing device firmware. When combined with an OS command injection vulnerability within the XML Parsing logic of the firmware update process, an attacker would be able to gain code execution on any device that attempted to update. Note that by default all devices tested had automatic updates enabled. | |||||
| CVE-2020-13619 | 1 Locutus | 1 Locutus Php | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| php/exec/escapeshellarg in Locutus PHP through 2.0.11 allows an attacker to achieve code execution. | |||||
| CVE-2020-5908 | 1 F5 | 1 Big-ip Access Policy Manager | 2021-07-21 | 2.1 LOW | 5.5 MEDIUM |
| In versions bundled with BIG-IP APM 12.1.0-12.1.5 and 11.6.1-11.6.5.2, Edge Client for Linux exposes full session ID in the local log files. | |||||
| CVE-2020-5905 | 1 F5 | 11 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 8 more | 2021-07-21 | 6.0 MEDIUM | 4.3 MEDIUM |
| In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network > WCCP page, the system does not sanitize all user-provided data before display. | |||||
| CVE-2020-5899 | 1 F5 | 1 Nginx Controller | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| In NGINX Controller 3.0.0-3.4.0, recovery code required to change a user's password is transmitted and stored in the database in plain text, which allows an attacker who can intercept the database connection or have read access to the database, to request a password reset using the email address of another registered user then retrieve the recovery code. | |||||
| CVE-2020-4414 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2021-07-21 | 3.6 LOW | 4.4 MEDIUM |
| IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local attacker to perform unauthorized actions on the system, caused by improper usage of shared memory. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information or cause a denial of service. IBM X-Force ID: 179989. | |||||
| CVE-2020-4355 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service, caused by improper handling of Secure Sockets Layer (SSL) renegotiation requests. By sending specially-crafted requests, a remote attacker could exploit this vulnerability to increase the resource usage on the system. IBM X-Force ID: 178507. | |||||
| CVE-2020-12605 | 1 Envoyproxy | 1 Envoy | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs. | |||||
| CVE-2020-5755 | 1 Webroot | 1 Endpoint Agents | 2021-07-21 | 6.9 MEDIUM | 7.8 HIGH |
| Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" directory against renaming. This could allow attackers to trigger a crash or wait upon Webroot service restart to rewrite and hijack dlls in this directory for privilege escalation. | |||||
| CVE-2020-5742 | 1 Plex | 1 Media Server | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Improper Access Control in Plex Media Server prior to June 15, 2020 allows any origin to execute cross-origin application requests. | |||||
| CVE-2020-11969 | 1 Apache | 1 Tomee | 2021-07-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| If Apache TomEE is configured to use the embedded ActiveMQ broker, and the broker URI includes the useJMX=true parameter, a JMX port is opened on TCP port 1099, which does not include authentication. This affects Apache TomEE 8.0.0-M1 - 8.0.1, Apache TomEE 7.1.0 - 7.1.2, Apache TomEE 7.0.0-M1 - 7.0.7, Apache TomEE 1.0.0 - 1.7.5. | |||||
| CVE-2020-13651 | 1 Digdash | 1 Digdash | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 before p20200421, and 2019R2 before p20200430. It allows a user to provide data that will be used to generate the JNLP file used by a client to obtain the right Java application. By providing an attacker-controlled URL, the client will obtain a rogue JNLP file specifying the installation of malicious JAR archives and executed with full privileges on the client computer. | |||||
| CVE-2020-3961 | 2 Microsoft, Vmware | 2 Windows, Horizon Client | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. A local user on the system where the software is installed may exploit this issue to run commands as any user. | |||||
| CVE-2020-9075 | 1 Huawei | 5 Secospace Usg6300, Secospace Usg6300 Firmware, Secospace Usg6600 Firmware and 2 more | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Huawei products Secospace USG6300;USG6300E with versions of V500R001C30,V500R001C50,V500R001C60,V500R001C80,V500R005C00,V500R005C10;V600R006C00 have a vulnerability of insufficient input verification. An attacker with limited privilege can exploit this vulnerability to access a specific directory. Successful exploitation of this vulnerability may lead to information leakage. | |||||
| CVE-2020-1813 | 1 Huawei | 2 P30, P30 Firmware | 2021-07-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| HUAWEI P30 smart phone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. Due to improper authentication of specific interface, in specific scenario attackers could access specific interface without authentication. Successful exploit could allow the attacker to perform unauthorized operations. | |||||
| CVE-2020-8675 | 1 Intel | 2 Innovation Engine, Innovation Engine Firmware | 2021-07-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| Insufficient control flow management in firmware build and signing tool for Intel(R) Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2020-4494 | 3 Ibm, Linux, Microsoft | 5 Aix, Spectrum Protect Client, Spectrum Protect For Space Management and 2 more | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.1.9.1 (AIX) web user interfaces could allow an attacker to bypass authentication due to improper session validation which can result in access to unauthorized resources. IBM X-Force ID: 182019. | |||||
| CVE-2020-4477 | 1 Ibm | 1 Spectrum Protect Plus | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM Spectrum Protect Plus 10.1.0 through 10.1.5 discloses highly sensitive information in plain text in the virgo log file which could be used in further attacks against the system. IBM X-Force ID: 181779. | |||||
| CVE-2020-4471 | 1 Ibm | 1 Spectrum Protect Plus | 2021-07-21 | 6.4 MEDIUM | 6.5 MEDIUM |
| IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an unauthenticated attacker to cause a denial of service or hijack DNS sessions by send a specially crafted HTTP command to the remote server. IBM X-Force ID: 181726. | |||||
| CVE-2020-0566 | 1 Intel | 1 Trusted Execution Engine Firmware | 2021-07-21 | 4.6 MEDIUM | 6.8 MEDIUM |
| Improper Access Control in subsystem for Intel(R) TXE versions before 3.175 and 4.0.25 may allow an unauthenticated user to potentially enable escalation of privilege via physical access. | |||||
| CVE-2020-0542 | 1 Intel | 1 Converged Security Management Engine Firmware | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| Improper buffer restrictions in subsystem for Intel(R) CSME versions before 12.0.64, 13.0.32, 14.0.33 and 14.5.12 may allow an authenticated user to potentially enable escalation of privilege, information disclosure or denial of service via local access. | |||||
| CVE-2020-0533 | 1 Intel | 1 Converged Security Management Engine Firmware | 2021-07-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Reversible one-way hash in Intel(R) CSME versions before 11.8.76, 11.12.77 and 11.22.77 may allow a privileged user to potentially enable escalation of privilege, denial of service or information disclosure via local access. | |||||
| CVE-2020-0528 | 1 Intel | 158 Core I5-7200u, Core I5-7200u Firmware, Core I5-7260u and 155 more | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| Improper buffer restrictions in BIOS firmware for 7th, 8th, 9th and 10th Generation Intel(R) Core(TM) Processor families may allow an authenticated user to potentially enable escalation of privilege and/or denial of service via local access. | |||||
| CVE-2020-0527 | 1 Intel | 10 Ssd D3-s4510, Ssd D3-s4510 Firmware, Ssd Dc P4510 and 7 more | 2021-07-21 | 2.1 LOW | 4.4 MEDIUM |
| Insufficient control flow management in firmware for some Intel(R) Data Center SSDs may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2020-10752 | 1 Redhat | 1 Openshift Container Platform | 2021-07-21 | 6.0 MEDIUM | 7.5 HIGH |
| A flaw was found in the OpenShift API Server, where it failed to sufficiently protect OAuthTokens by leaking them into the logs when an API Server panic occurred. This flaw allows an attacker with the ability to cause an API Server error to read the logs, and use the leaked OAuthToken to log into the API Server with the leaked token. | |||||
| CVE-2020-9636 | 1 Adobe | 1 Framemaker | 2021-07-21 | 6.8 MEDIUM | 8.8 HIGH |
| Adobe Framemaker versions 2019.0.5 and below have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2020-13250 | 1 Hashicorp | 1 Consul | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| HashiCorp Consul and Consul Enterprise include an HTTP API (introduced in 1.2.0) and DNS (introduced in 1.4.3) caching feature that was vulnerable to denial of service. Fixed in 1.6.6 and 1.7.4. | |||||
| CVE-2020-12797 | 1 Hashicorp | 1 Consul | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| HashiCorp Consul and Consul Enterprise failed to enforce changes to legacy ACL token rules due to non-propagation to secondary data centers. Introduced in 1.4.0, fixed in 1.6.6 and 1.7.4. | |||||
| CVE-2020-11614 | 1 Mids\' Reborn Hero Designer Project | 1 Mids\' Reborn Hero Designer | 2021-07-21 | 6.8 MEDIUM | 8.1 HIGH |
| Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files after download. An attacker can perform a man-in-the-middle attack against this connection and replace executable files with malicious versions, which the operating system then executes under the context of the user running Hero Designer. | |||||
| CVE-2020-11613 | 1 Mids\' Reborn Hero Designer Project | 1 Mids\' Reborn Hero Designer | 2021-07-21 | 4.4 MEDIUM | 7.8 HIGH |
| Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group has Modify permissions to the installation folder. Because of this, any user on the system can replace binaries or plant malicious DLLs to obtain elevated, or different, privileges, depending on the context of the user that runs the application. | |||||
| CVE-2020-0233 | 1 Google | 1 Android | 2021-07-21 | 7.2 HIGH | 7.8 HIGH |
| In main of main.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-150225255 | |||||
| CVE-2020-0219 | 1 Google | 1 Android | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| In onCreate of SliceDeepLinkSpringBoard.java there is a possible insecure Intent. This could lead to local elevation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-122836081 | |||||
| CVE-2020-0218 | 1 Google | 1 Android | 2021-07-21 | 4.4 MEDIUM | 7.0 HIGH |
| In loadSoundModel and related functions of SoundTriggerHwService.cpp, there is possible out of bounds write due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-136005905 | |||||
| CVE-2020-12751 | 1 Google | 1 Android | 2021-07-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), and Q(10.0) software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung ID is SVE-2020-16943 (May 2020). | |||||
| CVE-2020-12745 | 1 Google | 1 Android | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can bypass the locked-state protection mechanism and access clipboard content via USSD. The Samsung ID is SVE-2019-16556 (May 2020). | |||||
| CVE-2020-5538 | 1 Jalinfotec | 1 Pallet Control | 2021-07-21 | 7.2 HIGH | 7.8 HIGH |
| Improper Access Control in PALLET CONTROL Ver. 6.3 and earlier allows authenticated attackers to execute arbitrary code with the SYSTEM privilege on the computer where PALLET CONTROL is installed via unspecified vectors. PalletControl 7 to 9.1 are not affected by this vulnerability, however under the environment where PLS Management Add-on Module is used, all versions are affected. | |||||
| CVE-2020-9315 | 1 Oracle | 1 Iplanet Web Server | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Control for admingui/version URIs in the Administration console, as demonstrated by unauthenticated read access to encryption keys. NOTE: a related support policy can be found in the www.oracle.com references attached to this CVE. | |||||
| CVE-2020-9314 | 1 Oracle | 1 Iplanet Web Server | 2021-07-21 | 4.9 MEDIUM | 4.8 MEDIUM |
| ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x allows image injection in the Administration console via the productNameSrc parameter to an admingui URI. This issue exists because of an incomplete fix for CVE-2012-0516. NOTE: a related support policy can be found in the www.oracle.com references attached to this CVE. | |||||
| CVE-2020-12761 | 1 Enlightenment | 1 Imlib2 | 2021-07-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map. | |||||
| CVE-2019-20794 | 1 Linux | 1 Linux Kernel | 2021-07-21 | 4.7 MEDIUM | 4.7 MEDIUM |
| An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion. | |||||
| CVE-2020-12755 | 1 Kde | 1 Kio-extras | 2021-07-21 | 2.1 LOW | 3.3 LOW |
| fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended KWallet storage of a password. | |||||
| CVE-2020-11532 | 1 Zohocorp | 2 Manageengine Adaudit Plus, Manageengine Datasecurity Plus | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| Zoho ManageEngine DataSecurity Plus prior to 6.0.1 uses default admin credentials to communicate with a DataEngine Xnode server. This allows an attacker to bypass authentication for this server and execute all operations in the context of admin user. | |||||
| CVE-2020-12680 | 1 Avira | 1 Free Antivirus | 2021-07-21 | 2.1 LOW | 5.5 MEDIUM |
| ** DISPUTED ** Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials. The functions of the executable file Avira.PWM.NativeMessaging.exe are aimed at collecting credentials stored in Chrome, Firefox, Opera, and Edge. The executable does not verify the calling program and thus a request such as fetchChromePasswords or fetchCredentials will succeed. NOTE: some third parties have stated that this is "not a vulnerability." | |||||
| CVE-2020-9475 | 1 Siedle | 2 Sg 150-0, Sg 150-0 Firmware | 2021-07-21 | 6.9 MEDIUM | 7.0 HIGH |
| The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows local privilege escalation via a race condition in logrotate. By using an exploit chain, an attacker with access to the network can get root access on the gateway. | |||||
| CVE-2020-12116 | 1 Zohocorp | 1 Manageengine Opmanager | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a crafted request. | |||||
| CVE-2020-5745 | 1 Tecnick | 1 Tcexam | 2021-07-21 | 4.3 MEDIUM | 7.4 HIGH |
| Cross-site request forgery in TCExam 14.2.2 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. | |||||
| CVE-2020-5743 | 1 Tecnick | 1 Tcexam | 2021-07-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to access test metadata for which they don't have permission. | |||||