Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-7644 | 1 Fun-map Project | 1 Fun-map | 2021-07-21 | 6.8 MEDIUM | 8.1 HIGH |
| fun-map through 3.3.1 is vulnerable to Prototype Pollution. The function assocInM could be tricked into adding or modifying properties of 'Object.prototype' using a '__proto__' payload. | |||||
| CVE-2020-4329 | 1 Ibm | 1 Websphere Application Server | 2021-07-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 20.0.0.4 could allow a remote, authenticated attacker to obtain sensitive information, caused by improper parameter checking. This could be exploited to conduct spoofing attacks. IBM X-Force ID: 177841. | |||||
| CVE-2020-12078 | 1 Opmantek | 1 Open-audit | 2021-07-21 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is passed to the exec function in the discoveries_helper.php file (inside the all_ip_list function) without being filtered, which means that the attacker can provide a payload instead of a valid IP address. | |||||
| CVE-2020-12286 | 1 Octopus | 1 Octopus Deploy | 2021-07-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Octopus Deploy before 2019.12.9 and 2020 before 2020.1.12, the TaskView permission is not scoped to any dimension. For example, a scoped user who is scoped to only one tenant can view server tasks scoped to any other tenant. | |||||
| CVE-2020-5566 | 1 Cybozu | 1 Garoon | 2021-07-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Improper authorization vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to alter the application's data via the applications 'E-mail' and 'Messages'. | |||||
| CVE-2020-7609 | 1 Node-rules Project | 1 Node-rules | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| node-rules including 3.0.0 and prior to 5.0.0 allows injection of arbitrary commands. The argument rules of function "fromJSON()" can be controlled by users without any sanitization. | |||||
| CVE-2019-15234 | 1 Ushareit | 1 Shareit | 2021-07-21 | 7.8 HIGH | 7.5 HIGH |
| SHAREit through 4.0.6.177 does not check the full message length from the received packet header (which is used to allocate memory for the next set of data). This could lead to a system denial of service due to uncontrolled memory allocation. This is different from CVE-2019-14941. | |||||
| CVE-2019-14941 | 1 Ushareit | 1 Shareit | 2021-07-21 | 7.8 HIGH | 7.5 HIGH |
| SHAREit through 4.0.6.177 does not check the body length from the received packet header (which is used to allocate memory for the next set of data). This could lead to a system denial of service due to uncontrolled memory allocation. | |||||
| CVE-2020-9072 | 1 Huawei | 2 Osd, Osd Firmware | 2021-07-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Huawei OSD product with versions earlier than OSD_uwp_9.0.32.0 have a local privilege escalation vulnerability. An authenticated, local attacker can constructs a specific file path to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. | |||||
| CVE-2020-7135 | 1 Hp | 1 Service Pack For Proliant | 2021-07-21 | 4.6 MEDIUM | 7.8 HIGH |
| A potential security vulnerability has been identified in the disk drive firmware installers named Supplemental Update / Online ROM Flash Component on HPE servers running Linux. The vulnerable software is included in the HPE Service Pack for ProLiant (SPP) releases 2018.06.0, 2018.09.0, and 2018.11.0. The vulnerable software is the Supplemental Update / Online ROM Flash Component for Linux (x64) software. The installer in this software component could be locally exploited to execute arbitrary code. Drive Models can be found in the Vulnerability Resolution field of the security bulletin. The 2019_03 SPP and Supplemental update / Online ROM Flash Component for Linux (x64) after 2019.03.0 has fixed this issue. | |||||
| CVE-2020-1845 | 1 Huawei | 1 Pcmanager | 2021-07-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Huawei PCManager product with versions earlier than 10.0.5.53 have a local privilege escalation vulnerability. An authenticated, local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. | |||||
| CVE-2020-1807 | 1 Huawei | 2 Mate 20, Mate 20 Firmware | 2021-07-21 | 3.6 LOW | 3.5 LOW |
| HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.188(C00E74R3P8) have an improper authorization vulnerability. The software does not properly restrict certain user's modification of certain configuration file, successful exploit could allow the attacker to bypass app lock after a series of operation in ADB mode. | |||||
| CVE-2020-12242 | 1 Valvesoftware | 1 Source | 2021-07-21 | 7.2 HIGH | 7.8 HIGH |
| Valve Source allows local users to gain privileges by writing to the /tmp/hl2_relaunch file, which is later executed in the context of a different user account. | |||||
| CVE-2020-12138 | 1 Amd | 1 Atillk64 | 2021-07-21 | 9.0 HIGH | 8.8 HIGH |
| AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process. This could enable low-privileged users to achieve NT AUTHORITY\SYSTEM privileges via a DeviceIoControl call associated with MmMapIoSpace, IoAllocateMdl, MmBuildMdlForNonPagedPool, or MmMapLockedPages. | |||||
| CVE-2020-12120 | 1 Prestashop | 1 Correos Express | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| The Correos Express addon for PrestaShop 1.6 through 1.7 allows remote attackers to obtain sensitive information, such as a service's owner password that can be used to modify orders via SOAP. Attackers can also retrieve information about orders or buyers. | |||||
| CVE-2020-11821 | 1 Rukovoditel | 1 Rukovoditel | 2021-07-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Rukovoditel 2.5.2, users' passwords and usernames are stored in a cookie with URL encoding, base64 encoding, and hashing. Thus, an attacker can easily apply brute force on them. | |||||
| CVE-2019-20002 | 1 Solarwinds | 1 Webhelpdesk | 2021-07-21 | 6.0 MEDIUM | 7.8 HIGH |
| Formula Injection exists in the export feature in SolarWinds WebHelpDesk 12.7.1 via a value (provided by a low-privileged user in the Subject field of a help request form) that is mishandled in a TicketActions/view?tab=group TSV export by an admin user. | |||||
| CVE-2020-9489 | 2 Apache, Oracle | 5 Tika, Communications Messaging Server, Flexcube Private Banking and 2 more | 2021-07-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or corrupted files can also cause out of memory errors and/or infinite loops in Tika's ICNSParser, MP3Parser, MP4Parser, SAS7BDATParser, OneNoteParser and ImageParser. Apache Tika users should upgrade to 1.24.1 or later. The vulnerabilities in the MP4Parser were partially fixed by upgrading the com.googlecode:isoparser:1.1.22 dependency to org.tallison:isoparser:1.9.41.2. For unrelated security reasons, we upgraded org.apache.cxf to 3.3.6 as part of the 1.24.1 release. | |||||
| CVE-2020-12274 | 1 Testlink | 1 Testlink | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| In TestLink 1.9.20, the lib/cfields/cfieldsExport.php goback_url parameter causes a security risk because it depends on client input and is not constrained to lib/cfields/cfieldsView.php at the web site associated with the session. | |||||
| CVE-2020-12273 | 1 Testlink | 1 Testlink | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| In TestLink 1.9.20, a crafted login.php viewer parameter exposes cleartext credentials. | |||||
| CVE-2020-10997 | 1 Percona | 1 Xtrabackup | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Percona XtraBackup before 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table. | |||||
| CVE-2020-12265 | 1 Decompress Project | 1 Decompress | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| The decompress package before 4.2.1 for Node.js is vulnerable to Arbitrary File Write via ../ in an archive member, when a symlink is used, because of Directory Traversal. | |||||
| CVE-2020-7134 | 1 Hp | 1 Hpe Iot \+ Gcp | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A remote access to sensitive data vulnerability was discovered in HPE IOT + GCP version(s): 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. | |||||
| CVE-2020-7133 | 1 Hp | 1 Hpe Iot \+ Gcp | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| A unauthorized remote access vulnerability was discovered in HPE IOT + GCP version(s): 1.4.0, 1.4.1, 1.4.2, 1.2.4.2. | |||||
| CVE-2020-7131 | 1 Hp | 3 Blade Maintenance Entity, Integrated Maintenance Entity, Maintenance Entity | 2021-07-21 | 9.0 HIGH | 9.0 CRITICAL |
| This document describes a security vulnerability in Blade Maintenance Entity, Integrated Maintenance Entity and Maintenance Entity products. All J/H-series NonStop systems have a security vulnerability associated with an open UDP port 17185 on the Maintenance LAN which could result in information disclosure, denial-of-service attacks or local memory corruption against the affected system and a complete control of the system may also be possible. This vulnerability exists only if one gains access to the Maintenance LAN to which Blade Maintenance Entity, Integrated Maintenance Entity or Maintenance Entity product is connected. **Workaround:** Block the UDP port 17185(In the Maintenance LAN Network Switch/Firewall). Fix: Install following SPRs, which are already available: * T1805A01^AAI (Integrated Maintenance Entity) * T4805A01^AAZ (Blade Maintenance Entity). These SPRs are also usable with the following RVUs: * J06.19.00 ? J06.23.01. No fix planned for the following RVUs: J06.04.00 ? J06.18.01. No fix planned for H-Series NonStop systems. No fix planned for the product T2805 (Maintenance Entity). | |||||
| CVE-2020-6828 | 2 Google, Mozilla | 2 Android, Firefox Esr | 2021-07-21 | 6.4 MEDIUM | 7.5 HIGH |
| A malicious Android application could craft an Intent that would have been processed by Firefox for Android and potentially result in a file overwrite in the user's profile directory. One exploitation vector for this would be to supply a user.js file providing arbitrary malicious preference values. Control of arbitrary preferences can lead to sufficient compromise such that it is generally equivalent to arbitrary code execution.<br> *Note: This issue only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.7. | |||||
| CVE-2020-6826 | 1 Mozilla | 1 Firefox | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis reported memory safety bugs present in Firefox 74. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 75. | |||||
| CVE-2020-6825 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75. | |||||
| CVE-2020-6823 | 1 Mozilla | 1 Firefox | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>, controlling the redirect_uri, and through the Promise returned, obtain the Auth code and gain access to the user's account at the service provider. This vulnerability affects Firefox < 75. | |||||
| CVE-2020-6821 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memory was uninitialized, leading to potentially sensitive data disclosure. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75. | |||||
| CVE-2020-4267 | 1 Ibm | 2 Mq, Mq Appliance | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| IBM MQ and MQ Appliance 8.0, 9.1 LTS, and 9.1 CD could allow an authenticated user cause a denial of service due to a memory leak. IBM X-Force ID: 175840. | |||||
| CVE-2020-5869 | 1 F5 | 1 Big-iq Centralized Management | 2021-07-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization is not secure by TLS and may allow on-path attackers to read / modify confidential data in transit. | |||||
| CVE-2020-8797 | 1 Juplink | 2 Rx4-1500, Rx4-1500 Firmware | 2021-07-21 | 6.9 MEDIUM | 6.7 MEDIUM |
| Juplink RX4-1500 v1.0.3 allows remote attackers to gain root access to the Linux subsystem via an unsanitized exec call (aka Command Line Injection), if the undocumented telnetd service is enabled and the attacker can authenticate as admin from the local network. | |||||
| CVE-2020-4415 | 1 Ibm | 1 Spectrum Protect | 2021-07-21 | 10.0 HIGH | 9.8 CRITICAL |
| IBM Spectrum Protect 7.1 and 8.1 server is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. This could allow a remote attacker to execute arbitrary code on the system with the privileges of an administrator or user associated with the Spectrum Protect server or cause the Spectrum Protect server to crash. IBM X-Force ID: 179990. | |||||
| CVE-2020-4353 | 1 Ibm | 1 Maas360 | 2021-07-21 | 2.1 LOW | 4.6 MEDIUM |
| IBM MaaS360 6.82 could allow a user with pysical access to the device to crash the application which may enable the user to access restricted applications and device settings. IBM X-Force ID: 178505. | |||||
| CVE-2020-4202 | 1 Ibm | 1 Urbancode Deploy | 2021-07-21 | 6.0 MEDIUM | 8.8 HIGH |
| IBM UrbanCode Deploy (UCD) 7.0.3.0 and 7.0.4.0 could allow an authenticated user to impersonate another user if the server is configured to enable Distributed Front End (DFE). IBM X-Force ID: 174955. | |||||
| CVE-2020-11939 | 1 Ntop | 1 Ndpi | 2021-07-21 | 7.5 HIGH | 9.8 CRITICAL |
| In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concat_hash_string in ssh.c. Due to the granular nature of the overflow primitive and the ability to control both the contents and layout of the nDPI library's heap memory through remote input, this vulnerability may be abused to achieve full Remote Code Execution against any network inspection stack that is linked against nDPI and uses it to perform network traffic analysis. | |||||
| CVE-2019-9183 | 2 Contiki-ng, Contiki-os | 2 Contiki-ng, Contiki | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Contiki-NG through 4.3 and Contiki through 3.0. A buffer overflow is present due to an integer underflow during 6LoWPAN fragment processing in the face of truncated fragments in os/net/ipv6/sicslowpan.c. This results in accesses of unmapped memory, crashing the application. An attacker can cause a denial-of-service via a crafted 6LoWPAN frame. | |||||
| CVE-2019-4735 | 2 Apple, Ibm | 2 Iphone Os, Maas360 | 2021-07-21 | 2.1 LOW | 4.6 MEDIUM |
| IBM MaaS360 3.96.62 for iOS could allow an attacker with physical access to the device to obtain sensitive information from the agent outside of the container. IBM X-Force ID: 172705. | |||||
| CVE-2020-12079 | 1 Beakerbrowser | 1 Beaker | 2021-07-21 | 7.5 HIGH | 10.0 CRITICAL |
| Beaker before 0.8.9 allows a sandbox escape, enabling system access and code execution. This occurs because Electron context isolation is not used, and therefore an attacker can conduct a prototype-pollution attack against the Electron internal messaging API. | |||||
| CVE-2020-12074 | 1 Webtoffee | 1 Import Export Wordpress Users | 2021-07-21 | 6.5 MEDIUM | 8.8 HIGH |
| The users-customers-import-export-for-wp-woocommerce plugin before 1.3.9 for WordPress allows subscribers to import administrative accounts via CSV. | |||||
| CVE-2020-11506 | 1 Gitlab | 1 Gitlab | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GitLab 10.7.0 and later through 12.9.2. A Workhorse bypass could lead to job artifact uploads and file disclosure (Exposure of Sensitive Information) via request smuggling. | |||||
| CVE-2020-11505 | 1 Gitlab | 1 Gitlab | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) before 12.7.9, 12.8.x before 12.8.9, and 12.9.x before 12.9.3. A Workhorse bypass could lead to NuGet package and file disclosure (Exposure of Sensitive Information) via request smuggling. | |||||
| CVE-2020-4085 | 1 Hcltech | 1 Connections | 2021-07-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| "HCL Connections is vulnerable to possible information leakage and could disclose sensitive information via stack trace to a local user." | |||||
| CVE-2020-11938 | 1 Jetbrains | 1 Teamcity | 2021-07-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2. | |||||
| CVE-2020-11693 | 1 Jetbrains | 1 Youtrack | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| JetBrains YouTrack before 2020.1.659 was vulnerable to DoS that could be caused by attaching a malformed TIFF file to an issue. | |||||
| CVE-2020-11691 | 1 Jetbrains | 1 Hub | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains Hub before 2020.1.12099, content spoofing in the Hub OAuth error message was possible. | |||||
| CVE-2020-11686 | 1 Jetbrains | 1 Teamcity | 2021-07-21 | 4.0 MEDIUM | 2.7 LOW |
| In JetBrains TeamCity before 2019.1.4, a project administrator was able to retrieve some TeamCity server settings. | |||||
| CVE-2020-11685 | 1 Jetbrains | 1 Goland | 2021-07-21 | 5.0 MEDIUM | 7.5 HIGH |
| In JetBrains GoLand before 2019.3.2, the plugin repository was accessed via HTTP instead of HTTPS. | |||||
| CVE-2020-11539 | 1 Titan | 2 Sf Rush Smart Band, Sf Rush Smart Band Firmware | 2021-07-21 | 4.8 MEDIUM | 8.1 HIGH |
| An issue was discovered on Tata Sonata Smart SF Rush 1.12 devices. It has been identified that the smart band has no pairing (mode 0 Bluetooth LE security level) The data being transmitted over the air is not encrypted. Adding to this, the data being sent to the smart band doesn't have any authentication or signature verification. Thus, any attacker can control a parameter of the device. | |||||