Original release date: August 17, 2020 

High Vulnerabilities

Primary
Vendor — Product
Description
Published
CVSS Score
Source & Patch Info

apache — http_server
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
2020-08-07
7.5

CVE-2020-11984
MLIST
MLIST
MLIST
MLIST
MLIST
MISC
MLIST
MLIST
GENTOO
CONFIRM

digitus — da-70254_firmware
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.
2020-08-07
8.3

CVE-2020-15063
MISC

firejail_project — firejail
Firejail through 0.9.62 mishandles shell metacharacters during use of the –output or –output-stderr option, which may lead to command injection.
2020-08-11
7.5

CVE-2020-17368
SUSE
MISC
DEBIAN
DEBIAN

flatcore — flatcore
flatCore before 1.5.7 allows upload and execution of a .php file by an admin.
2020-08-09
9

CVE-2020-17452
MISC
MISC

google — android
There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152647751
2020-08-11
7.8

CVE-2020-0254
MISC

google — android
In android_verity_ctr of dm-android-verity.c, there is a possible way to modify a dm-verity protected filesystem due to improperly used crypto. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-157941353References: N/A
2020-08-11
7.2

CVE-2020-0259
MISC

google — android
In SpecializeCommon of com_android_internal_os_Zygote.cpp, there is a permissions bypass due to an incomplete cleanup. This could lead to local escalation of privilege in isolated processes with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-156741968
2020-08-11
7.2

CVE-2020-0257
MISC

google — android
In LoadPartitionTable of gpt.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege when inserting a malicious USB device, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-152874864
2020-08-11
7.2

CVE-2020-0256
MISC

google — android
In clearPropValue of MediaAnalyticsItem.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-8.0 Android-8.1Android ID: A-151644303
2020-08-11
7.2

CVE-2020-0243
MISC

google — android
In reset of NuPlayerDriver.cpp, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the media server with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-151643722
2020-08-11
7.2

CVE-2020-0242
MISC

google — android
In NuPlayerStreamListener of NuPlayerStreamListener.cpp, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-151456667
2020-08-11
7.2

CVE-2020-0241
MISC

google — android
In postNotification of ServiceRecord.java, there is a possible bypass of foreground process restrictions due to an uncaught exception. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.1 Android-9Android ID: A-140108616
2020-08-11
7.2

CVE-2020-0108
MISC

google — android
There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152647365
2020-08-11
10

CVE-2020-0253
MISC

google — android
There is a possible memory corruption due to a use after free.Product: AndroidVersions: Android SoCAndroid ID: A-152236803
2020-08-11
10

CVE-2020-0252
MISC

google — android
There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152647626
2020-08-11
7.8

CVE-2020-0251
MISC

google — android
In NewFixedDoubleArray of factory.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-150706594
2020-08-11
9.3

CVE-2020-0240
MISC

ibm — websphere_application_server
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to execute arbitrary code on the system with a specially-crafted sequence of serialized objects from untrusted sources. The vulnerability only occurs if an undocumented customization has been applied by an administrator. IBM X-Force ID: 184585.
2020-08-13
10

CVE-2020-4589
XF
CONFIRM

json_pattern_validator_project — json_pattern_validator
jpv (aka Json Pattern Validator) before 2.2.2 does not properly validate input, as demonstrated by a corrupted array.
2020-08-10
7.5

CVE-2020-17479
MISC
MISC
MISC
MISC

lindy-international — 42633_firmware
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.
2020-08-07
8.3

CVE-2020-15059
MISC

microfocus — secure_messaging_gateway
DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). Affecting all SMG Appliance running releases prior to July 2020. The vulnerability could allow a logged in user with rights to generate DKIM key information to inject system commands into the call to the DKIM system command.
2020-08-07
9

CVE-2020-11852
MISC

mozilla — firefox
JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
2020-08-10
9.3

CVE-2020-15656
SUSE
MISC
MISC
MISC
MISC

opensuse — tumbleweed
A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-lp152.1.26 and prior versions. openSUSE Tumbleweed inn version 2.6.2-4.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.3.3.1 and prior versions.
2020-08-07
7.2

CVE-2020-8026
CONFIRM

passmark — burnintest
An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The driver’s IOCTL request handler attempts to copy the input buffer onto the stack without checking its size and can cause a buffer overflow. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys.
2020-08-07
7.2

CVE-2020-15479
MISC
MISC
MISC
MISC

passmark — burnintest
An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The kernel driver exposes IOCTL functionality that allows low-privilege users to map arbitrary physical memory into the address space of the calling process. This could lead to arbitrary Ring-0 code execution and escalation of privileges. This affects DirectIo32.sys and DirectIo64.sys.
2020-08-07
7.2

CVE-2020-15480
MISC
MISC
MISC
MISC

robotemi — robox_os
Authentication Bypass Using an Alternate Path or Channel in Robotemi Global Ltd Temi Firmware up to 20190419.165201, Launcher OS prior to 11969-13146, Robox OS prior to 117.21-119.24, and their Android phone app prior to 1.3.3-1.3.7931 allows remote attackers to listen in on any ongoing calls between temi robots and their users if they can brute-force/guess a six-digit value.
2020-08-07
7.5

CVE-2020-16169
MISC
MISC

robotemi — temi
Use of Hard-coded Credentials in Robotemi Global Ltd Temi Firmware up to 20190419.165201, Launcher OS prior to 11969-13146, Robox OS prior to 117.21-119.24, and their Android phone app prior to 1.3.3-1.3.7931 allows remote attackers to gain raised privileges on the temi and have it automatically answer the attacker’s calls, granting audio, video, and motor control.
2020-08-11
7.5

CVE-2020-16170
MISC
MISC

sap — netweaver
SAP NetWeaver AS JAVA, versions – (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2EE-FRMW 7.10, 7.11), does not perform any authentication checks for a web service allowing the attacker to send several payloads and leading to complete denial of service.
2020-08-12
7.8

CVE-2020-6309
MISC
MISC

sap — netweaver_knowledge_management
SAP NetWeaver (Knowledge Management), versions – 7.30, 7.31, 7.40, 7.50, allows the automatic execution of script content in a stored file due to inadequate filtering with the accessing user’s privileges. If the accessing user has administrative privileges, then the execution of the script content could result in complete compromise of system confidentiality, integrity and availability, leading to Stored Cross Site Scripting.
2020-08-12
8.5

CVE-2020-6284
MISC
MISC

securenvoy — securmail
SecurEnvoy SecurMail 9.3.503 allows attackers to upload executable files and achieve OS command execution via a crafted SecurEnvoyReply cookie.
2020-08-07
9.3

CVE-2020-13376
MISC
MISC

thedaylightstudio — fuel_cms
FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items.
2020-08-13
7.5

CVE-2020-17463
MISC
MISC
MISC
CONFIRM

tp-link — tl-ps310u_firmware
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.
2020-08-07
8.3

CVE-2020-15055
MISC

turcom — trcwifizone
Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by visiting manage/control.php and ignoring 302 Redirect responses.
2020-08-11
7.5

CVE-2020-17466
MISC
MISC

zohocorp — manageengine_adselfservice_plus
An elevation of privilege vulnerability exists in ManageEngine ADSelfService Plus before build 6003 because it does not properly enforce user privileges associated with a Certificate dialog. This vulnerability could allow an unauthenticated attacker to escalate privileges on a Windows host. An attacker does not require any privilege on the target system in order to exploit this vulnerability. One option is the self-service option on the Windows login screen. Upon selecting this option, the thick-client software is launched, which connects to a remote ADSelfService Plus server to facilitate self-service operations. An unauthenticated attacker having physical access to the host could trigger a security alert by supplying a self-signed SSL certificate to the client. The View Certificate option from the security alert allows an attacker to export a displayed certificate to a file. This can further cascade to a dialog that can open Explorer as SYSTEM. By navigating from Explorer to windowssystem32, cmd.exe can be launched as a SYSTEM.
2020-08-11
10

CVE-2020-11552
MISC
MISC
FULLDISC
CONFIRM
MISC
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description
Published
CVSS Score
Source & Patch Info

accuity — firco_continuity
A stored Cross-site scripting (XSS) vulnerability in Firco Continuity 6.2.0.0 allows remote unauthenticated attackers to inject arbitrary web script or HTML through the username field of the login page.
2020-08-12
4.3

CVE-2020-16186
MISC

apache — http_server
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above “info” will mitigate this vulnerability for unpatched servers.
2020-08-07
4.3

CVE-2020-11993
MISC
MLIST
MLIST
MLIST
GENTOO
CONFIRM

apache — http_server
Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the ‘Cache-Digest’ header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards. Configuring the HTTP/2 feature via “H2Push off” will mitigate this vulnerability for unpatched servers.
2020-08-07
5

CVE-2020-9490
MISC
MLIST
MLIST
MLIST
GENTOO
CONFIRM

apache — http_server
IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively allocated a low severity CVE in 2020.
2020-08-07
4.3

CVE-2020-11985
MISC
GENTOO

apache — wicket
By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. This would allow an attacker to see possibly sensitive information inside a HTML template that is usually removed during rendering. Affected are Apache Wicket versions 7.16.0, 8.8.0 and 9.0.0-M5
2020-08-11
5

CVE-2020-11976
MISC

artifex — ghostscript
A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16288
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-17538
MISC
MISC

artifex — ghostscript
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
2020-08-13
6.8

CVE-2020-16303
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51.
2020-08-13
6.8

CVE-2020-16302
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16309
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16308
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16294
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16300
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16287
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51.
2020-08-13
6.8

CVE-2020-16304
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16289
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16297
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16301
MISC
MISC

artifex — ghostscript
A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16293
MISC
MISC

artifex — ghostscript
A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16299
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16298
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16305
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16296
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16291
MISC
MISC

artifex — ghostscript
A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16295
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16290
MISC
MISC

artifex — ghostscript
A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
4.3

CVE-2020-16292
MISC
MISC

avaya — ip_office
A vulnerability was discovered in the web interface component of IP Office that may potentially allow a remote, unauthenticated user with network access to gain sensitive information. Affected versions of IP Office include: 9.x, 10.0 through 10.1.0.7 and 11.0 through 11.0.4.2.
2020-08-07
5

CVE-2019-7005
CONFIRM

carson-saint — saint_security_suite
A cross-site scripting (XSS) vulnerability in the Credential Manager component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link.
2020-08-10
4.3

CVE-2020-16275
CONFIRM

carson-saint — saint_security_suite
A cross-site scripting (XSS) vulnerability in the Permissions component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link.
2020-08-10
4.3

CVE-2020-16278
CONFIRM

carson-saint — saint_security_suite
An SQL injection vulnerability in the Assets component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.
2020-08-10
6.5

CVE-2020-16276
CONFIRM

carson-saint — saint_security_suite
An SQL injection vulnerability in the Analytics component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.
2020-08-10
6.5

CVE-2020-16277
CONFIRM

combodo — itop
A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information.
2020-08-10
5

CVE-2020-12777
MISC

combodo — itop
A security misconfiguration exists in Combodo iTop, which can expose sensitive information.
2020-08-10
5

CVE-2020-12780
MISC

combodo — itop
Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery.
2020-08-10
6.8

CVE-2020-12781
MISC

combodo — itop
Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack.
2020-08-10
4.3

CVE-2020-12778
MISC

cs2-network — p2p
CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an information exposure flaw that exposes user session data to supernodes in the network, as demonstrated by passively eavesdropping on user video/audio streams, capturing credentials, and compromising devices.
2020-08-10
4.3

CVE-2020-9526
MISC
MISC

cs2-network — p2p
CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an authentication flaw that allows remote attackers to perform a man-in-the-middle attack, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices.
2020-08-10
6.8

CVE-2020-9525
MISC
MISC

deltaww — tpeditor
Delta Electronics TPEditor Versions 1.97 and prior. A heap-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
2020-08-07
6.8

CVE-2020-16223
MISC
MISC

deltaww — tpeditor
Delta Electronics TPEditor Versions 1.97 and prior. An improper input validation may be exploited by processing a specially crafted project file not validated when the data is entered by a user. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
2020-08-07
6.8

CVE-2020-16227
MISC
MISC

deltaww — tpeditor
Delta Electronics TPEditor Versions 1.97 and prior. An out-of-bounds read may be exploited by processing specially crafted project files. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
2020-08-07
6.8

CVE-2020-16219
MISC
MISC
MISC

deltaww — tpeditor
Delta Electronics TPEditor Versions 1.97 and prior. A write-what-where condition may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
2020-08-07
6.8

CVE-2020-16225
MISC
MISC

deltaww — tpeditor
Delta Electronics TPEditor Versions 1.97 and prior. A stack-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
2020-08-07
6.8

CVE-2020-16221
MISC
MISC

digitus — da-70254_firmware
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to denial-of-service the device via long input values.
2020-08-07
6.1

CVE-2020-15065
MISC

django-celery-results_project — django-celery-results
django-celery-results through 1.2.1 stores task results in the database. Among the data it stores are the variables passed into the tasks. The variables may contain sensitive cleartext information that does not belong unencrypted in the database.
2020-08-11
5

CVE-2020-17495
MISC

f2fs-tools_project — f2fs-tools
An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this vulnerability.
2020-08-10
6.8

CVE-2020-6070
MISC

firejail_project — firejail
Firejail through 0.9.62 does not honor the — end-of-options indicator after the –output option, which may lead to command injection.
2020-08-11
4.6

CVE-2020-17367
SUSE
MISC
MISC
DEBIAN

frappe — erpnext
An SQL injection vulnerability exists in the frappe.desk.reportview.get functionality of ERPNext 11.1.38. A specially crafted HTTP request can cause an SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
2020-08-10
6.5

CVE-2020-6145
MISC

getsymphony — symphony_cms
content/content.blueprintsevents.php in Symphony CMS 3.0.0 allows XSS via fields[‘name’] to appendSubheading.
2020-08-11
4.3

CVE-2020-15071
MISC

gitlab — gitlab
In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override an existing hash.
2020-08-10
5.5

CVE-2020-13293
CONFIRM
MISC
MISC

gitlab — gitlab
In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow.
2020-08-10
5.5

CVE-2020-13292
CONFIRM
MISC
MISC

gitlab — gitlab
For GitLab before 13.0.12, 13.1.6, 13.2.3 user controlled git configuration settings can be modified to result in Server Side Request Forgery.
2020-08-13
4

CVE-2020-13286
CONFIRM
MISC
MISC

gitlab — gitlab
For GitLab before 13.0.12, 13.1.6, 13.2.3 a denial of service exists in the project import feature
2020-08-13
4

CVE-2020-13281
CONFIRM
MISC
MISC

gitlab — gitlab
In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application.
2020-08-10
5.5

CVE-2020-13294
CONFIRM
MISC
MISC

gitlab — runner
For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.
2020-08-10
6.5

CVE-2020-13295
CONFIRM
MISC
MISC

google — android
In postInstantAppNotif of InstantAppNotifier.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-154627439
2020-08-11
4.9

CVE-2020-0248
MISC

google — android
In updatePreferenceIntents of AccountTypePreferenceLoader, there is a possible confused deputy attack due to a race condition. This could lead to local escalation of privilege and launching privileged activities with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-150946634
2020-08-11
6.9

CVE-2020-0238
MISC

google — android
In getDocumentMetadata of DocumentsContract.java, there is a possible disclosure of location metadata from a file due to a permissions bypass. This could lead to local information disclosure from a file (eg. a photo) containing location metadata with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-151095863
2020-08-11
4.9

CVE-2020-0239
MISC

google — android
In Threshold::getHistogram of ImageProcessHelper.java, there is a possible crash loop due to an uncaught exception. This could lead to local denial of service with User execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-10 Android-8.0 Android-8.1Android ID: A-156087409
2020-08-11
4.9

CVE-2020-0247
MISC

google — android
In postInstantAppNotif of InstantAppNotifier.java, there is a possible permission bypass due to a PendingIntent error. This could lead to local information disclosure with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.0 Android-8.1 Android-9Android ID: A-154719656
2020-08-11
4.9

CVE-2020-0249
MISC

google — android
In requestCellInfoUpdateInternal of PhoneInterfaceManager.java, there is a missing permission check. This could lead to local information disclosure of location data with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-154934934
2020-08-11
4.9

CVE-2020-0250
MISC

google — android
In stopZygoteLocked of AppZygote.java, there is an insufficient cleanup. This could lead to local information disclosure in the application that is started next with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10Android ID: A-157598956
2020-08-11
4.9

CVE-2020-0258
MISC
MISC

google — android
There is a possible out of bounds read due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-152225183
2020-08-11
6.4

CVE-2020-0260
MISC

google — asylo
A buffer length validation vulnerability in Asylo versions prior to 0.6.0 allows an attacker to read data they should not have access to. The ‘enc_untrusted_recvfrom’ function generates a return value which is deserialized by ‘MessageReader’, and copied into three different ‘extents’. The length of the third ‘extents’ is controlled by the outside world, and not verified on copy, allowing the attacker to force Asylo to copy trusted memory data into an untrusted buffer of significantly small length.. We recommend updating Asylo to version 0.6.0 or later.
2020-08-12
4

CVE-2020-8905
CONFIRM

google — asylo
An arbitrary memory overwrite vulnerability in the trusted memory of Asylo exists in versions prior to 0.6.0. As the ecall_restore function fails to validate the range of the output_len pointer, an attacker can manipulate the tmp_output_len value and write to an arbitrary location in the trusted (enclave) memory. We recommend updating Asylo to version 0.6.0 or later.
2020-08-12
5.5

CVE-2020-8904
CONFIRM

handysoft — hslogin2.dll
hslogin2.dll ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. This is due to a lack of integrity verification of the policy files referenced in the update process, and a remote attacker could induce a user to crafted web page, causing damage such as malicious code infection.
2020-08-07
6.8

CVE-2020-7810
MISC
MISC

huawei — fusioncompute
FusionCompute 8.0.0 have local privilege escalation vulnerability. A local, authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service.
2020-08-10
4.6

CVE-2020-9078
MISC

huawei — fusionsphere_openstack
FusionSphere OpenStack 8.0.0 have a protection mechanism failure vulnerability. The product incorrectly uses a protection mechanism. An attacker has to find a way to exploit the vulnerability to conduct directed attacks against the affected product.
2020-08-11
5.8

CVE-2020-9079
MISC

huawei — mate_20_firmware
HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Versions earlier than 10.1.0.270(C431E7R1P5),Versions earlier than 10.1.0.270(C635E3R1P5),Versions earlier than 10.1.0.273(C636E7R2P4);HUAWEI Mate 20 X versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8);HUAWEI Mate 20 RS versions Versions earlier than 10.1.0.160(C786E160R3P8);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);Honor20 versions Versions earlier than 10.0.0.175(C00E58R4P11);Honor20 PRO versions Versions earlier than 10.0.0.194(C00E62R8P12);HonorMagic2 versions Versions earlier than 10.0.0.187(C00E61R2P11);HonorV20 versions Versions earlier than 10.0.0.188(C00E62R2P11) have an improper authentication vulnerability. The system does not properly sign certain encrypted file, the attacker should gain the key used to encrypt the file, successful exploit could cause certain file be forged
2020-08-11
4.6

CVE-2020-9244
MISC

huawei — mate_30_firmware
HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service condition.
2020-08-10
4.3

CVE-2020-9243
MISC

huawei — p30_firmware
HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function.
2020-08-10
4.3

CVE-2020-9245
MISC

ibm — event_streams
IBM Event Streams 10.0.0 could allow an authenticated user to perform tasks to a schema due to improper authentication validation. IBM X-Force ID: 186233.
2020-08-14
6.5

CVE-2020-4662
XF
CONFIRM

ibm — jazz_reporting_service
IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182717.
2020-08-10
4.3

CVE-2020-4533
XF
CONFIRM

ibm — jazz_reporting_service
IBM Jazz Reporting Service 6.0.2, 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
2020-08-10
4.3

CVE-2020-4539
XF
CONFIRM

ibm — jazz_reporting_service
IBM Jazz Reporting Service 7.0 and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183039.
2020-08-10
4.3

CVE-2020-4541
XF
CONFIRM

ibm — maximo_asset_management
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 167288.
2020-08-13
4

CVE-2019-4582
XF
CONFIRM

ibm — qradar_security_information_and_event_manager
IBM QRadar 7.2.0 through 7.2.9 could allow an authenticated user to disable the Wincollect service which could aid an attacker in bypassing security mechanisms in future attacks. IBM X-Force ID: 181860.
2020-08-11
4

CVE-2020-4485
XF
CONFIRM

ibm — qradar_security_information_and_event_manager
IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to overwrite or delete arbitrary files due to a flaw after WinCollect installation. IBM X-Force ID: 181861.
2020-08-11
5.5

CVE-2020-4486
XF
CONFIRM

jenkins — email_extension
Jenkins Email Extension Plugin 2.72 and 2.73 transmits and displays the SMTP password in plain text as part of the global Jenkins configuration form, potentially resulting in its exposure.
2020-08-12
5

CVE-2020-2232
MLIST
CONFIRM

jenkins — flaky_test_handler
A cross-site request forgery (CSRF) vulnerability in Jenkins Flaky Test Handler Plugin 1.0.4 and earlier allows attackers to rebuild a project at a previous git revision.
2020-08-12
4.3

CVE-2020-2237
MLIST
CONFIRM

jenkins — pipeline_maven_integration
A missing permission check in Jenkins Pipeline Maven Integration Plugin 3.8.2 and earlier allows users with Overall/Read access to enumerate credentials ID of credentials stored in Jenkins.
2020-08-12
4

CVE-2020-2233
MLIST
CONFIRM

jenkins — pipeline_maven_integration
A missing permission check in Jenkins Pipeline Maven Integration Plugin 3.8.2 and earlier allows users with Overall/Read access to connect to an attacker-specified JDBC URL using attacker-specified credentials IDs obtained through another method, potentially capturing credentials stored in Jenkins.
2020-08-12
4

CVE-2020-2234
MLIST
CONFIRM

jenkins — pipeline_maven_integration
A cross-site request forgery (CSRF) vulnerability in Jenkins Pipeline Maven Integration Plugin 3.8.2 and earlier allows attackers to connect to an attacker-specified JDBC URL using attacker-specified credentials IDs obtained through another method, potentially capturing credentials stored in Jenkins.
2020-08-12
4.3

CVE-2020-2235
MLIST
CONFIRM

jerryscript — jerryscript
** DISPUTED ** JerryScript through 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse(“[]”,a). NOTE: the vendor states that the problem is the lack of the –stack-limit option.
2020-08-13
6.8

CVE-2020-24345
MISC

jetbrains — kotlin
In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.70 is not affected by the issue. Fixed version is 1.4.0) there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.
2020-08-08
6.5

CVE-2020-15824
MISC
MISC

jetbrains — teamcity
In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have.
2020-08-08
4

CVE-2020-15826
MISC
MISC

jetbrains — teamcity
In JetBrains TeamCity before 2020.1.1, project parameter values can be retrieved by a user without appropriate permissions.
2020-08-08
4

CVE-2020-15828
MISC
MISC

jetbrains — teamcity
In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs.
2020-08-08
5

CVE-2020-15829
MISC
MISC

jetbrains — teamcity
In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users’ privileges.
2020-08-08
6.5

CVE-2020-15825
MISC
MISC

jetbrains — teamcity
JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI.
2020-08-08
4.3

CVE-2020-15831
MISC
MISC

jetbrains — teamcity
JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI.
2020-08-08
4.3

CVE-2020-15830
MISC
MISC

jetbrains — toolbox
In JetBrains ToolBox version 1.17 before 1.17.6856, the set of signature verifications omitted the jetbrains-toolbox.exe file.
2020-08-08
5

CVE-2020-15827
MISC
MISC

jetbrains — upsource
In JetBrains Upsource before 2020.1, information disclosure is possible because of an incorrect user matching algorithm.
2020-08-08
5

CVE-2019-19704
MISC
MISC

jetbrains — youtrack
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.
2020-08-08
4

CVE-2020-15821
MISC
MISC

jetbrains — youtrack
In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues.
2020-08-08
6.5

CVE-2020-15817
MISC
MISC

jetbrains — youtrack
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
2020-08-08
5

CVE-2020-15823
MISC
MISC

jetbrains — youtrack
In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence.
2020-08-08
5

CVE-2020-15820
MISC
MISC

jetbrains — youtrack
JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports.
2020-08-08
5

CVE-2020-15819
MISC
MISC

jetbrains — youtrack
In JetBrains YouTrack before 2020.2.8527, the subtasks workflow could disclose issue existence.
2020-08-08
5

CVE-2020-15818
MISC
MISC

lindy-international — 42633_firmware
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values.
2020-08-07
6.1

CVE-2020-15061
MISC

mahara — mahara
In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and 20.04 before 20.04.1, certain places could execute file or folder names containing JavaScript.
2020-08-07
4.3

CVE-2020-15907
MISC
MISC

mibew — messenger
Mibew Messenger before 3.2.7 allows XSS via a crafted user name.
2020-08-10
4.3

CVE-2020-17476
MISC
MISC

mozilla — firefox
A unicode RTL order character in the downloaded file name can be used to change the file’s name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS < 28.
2020-08-10
4.3

CVE-2020-15651
MISC
MISC

mozilla — firefox
A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS < 28.
2020-08-10
4.3

CVE-2020-15661
MISC
MISC

mozilla — firefox
The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
2020-08-10
4.3

CVE-2020-15658
SUSE
MISC
MISC
MISC
MISC

mozilla — firefox
A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
2020-08-10
4.3

CVE-2020-15655
SUSE
MISC
MISC
MISC
MISC

mozilla — firefox
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
2020-08-10
4.3

CVE-2020-15654
SUSE
MISC
MISC
MISC
MISC

mozilla — firefox
By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.
2020-08-10
4.3

CVE-2020-15652
SUSE
SUSE
SUSE
MISC
MISC
MISC
MISC
MISC
MISC

mozilla — firefox
A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS < 28.
2020-08-10
4.3

CVE-2020-15662
MISC
MISC

mozilla — firefox
An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
2020-08-10
4.3

CVE-2020-15653
SUSE
MISC
MISC
MISC
MISC

mozilla — firefox
Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
2020-08-10
6.9

CVE-2020-15657
SUSE
MISC
MISC
MISC
MISC

mozilla — firefox
Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird < 78 and Firefox < 78.0.2.
2020-08-10
4.3

CVE-2020-15648
MISC
MISC
MISC

mozilla — firefox
A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins. This vulnerability affects Firefox for < Android.
2020-08-10
5

CVE-2020-15647
MISC
MISC

mozilla — firefox_esr
Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.
2020-08-10
4.3

CVE-2020-15650
MISC
MISC

mozilla — firefox_esr
Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.
2020-08-10
4.3

CVE-2020-15649
MISC
MISC

mybb — mybb
MyBB before 1.8.24 allows XSS because the visual editor mishandles [align], [size], [quote], and [font] in MyCode.
2020-08-09
4.3

CVE-2020-17447
MISC
MISC

mybb — mybb
In MyBB before version 1.8.24, the custom MyCode (BBCode) for the visual editor doesn’t escape input properly when rendering HTML, resulting in a DOM-based XSS vulnerability. The weakness can be exploited by pointing a victim to a page where the visual editor is active (e.g. as a post or Private Message) and operates on a maliciously crafted MyCode message. This may occur on pages where message content is pre-filled using a GET/POST parameter, or on reply pages where a previously saved malicious message is quoted. After upgrading MyBB to 1.8.24, make sure to update the version attribute in the `codebuttons` template for non-default themes to serve the latest version of the patched `jscripts/bbcodes_sceditor.js` file.
2020-08-10
4.3

CVE-2020-15139
MISC
CONFIRM
MISC

nextcloud — nextcloud
A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arbitrary code when placing a malicious OpenSSL config into a fixed directory.
2020-08-10
4.6

CVE-2020-8224
MISC
MISC

nextcloud — nextcloud
A memory leak in the OCUtil.dll library used by Nextcloud Desktop Client 2.6.4 can lead to a DoS against the host system.
2020-08-10
4.9

CVE-2020-8229
MISC
MISC

nginx — njs
njs through 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c.
2020-08-13
6.8

CVE-2020-24346
MISC

p5-crypt-perl_project — p5-crypt-perl
ECDSA/EC/Point.pm in Crypt::Perl before 0.33 does not properly consider timing attacks against the EC point multiplication algorithm.
2020-08-10
5

CVE-2020-17478
MISC

php-fusion — php-fusion
PHP-Fusion 9.03 allows XSS on the preview page.
2020-08-12
4.3

CVE-2020-17450
MISC

prometheus — blackbox_exporter
** DISPUTED ** Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. NOTE: follow-on discussion suggests that this might plausibly be interpreted as both intended functionality and also a vulnerability.
2020-08-09
5

CVE-2020-16248
MISC
MISC
MISC
MISC
MISC

qemu — qemu
In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c.
2020-08-11
5

CVE-2020-16092
MISC
MISC

redhat — cloudforms
Red Hat CloudForms 4.7 and 5 is affected by a role-based privilege escalation flaw. An attacker with EVM-Operator group can perform actions restricted only to EVM-Super-administrator group, leads to, exporting or importing administrator files.
2020-08-11
6.5

CVE-2020-10783
MISC
MISC

redhat — cloudforms
In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attribute from the fields since there is no server-side validation. This business logic flaw violate the expected behavior.
2020-08-11
6.5

CVE-2020-10778
MISC
MISC

redhat — cloudforms
Red Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level access control bypass due to missing privilege check. Therefore, if an attacker knows the right criteria, it is possible to access some sensitive data within the CloudForms.
2020-08-11
4

CVE-2020-10779
MISC
MISC

redhat — cloudforms
Red Hat CloudForms before 5.11.7.0 was vulnerable to the User Impersonation authorization flaw which allows malicious attacker to create existent and non-existent role-based access control user, with groups and roles. With a selected group of EvmGroup-super_administrator, an attacker can perform any API request as a super administrator.
2020-08-11
6.4

CVE-2020-14325
MISC
MISC

redhat — cloudforms_management_engine
Red Hat CloudForms 4.7 and 5 is affected by CSV Injection flaw, a crafted payload stays dormant till a victim export as CSV and opens the file with Excel. Once the victim opens the file, the formula executes, triggering any number of possible events. While this is strictly not an flaw that affects the application directly, attackers could use the loosely validated parameters to trigger several attack possibilities.
2020-08-11
6.8

CVE-2020-10780
MISC
MISC

redhat — cloudforms_management_engine
A high severity vulnerability was found in all active versions of Red Hat CloudForms before 5.11.7.0. The out of band OS command injection vulnerability can be exploited by authenticated attacker while setuping conversion host through Infrastructure Migration Solution. This flaw allows attacker to execute arbitrary commands on CloudForms server.
2020-08-11
6.5

CVE-2020-14324
MISC
MISC

redhat — cloudforms_management_engine
Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan and attack systems from the internal network which are not normally accessible.
2020-08-11
5.5

CVE-2020-14296
MISC
MISC

redhat — quay
An information disclosure vulnerability was found in Red Hat Quay in versions before 3.3.1. This flaw allows an attacker who can create a build trigger in a repository, to disclose the names of robot accounts and the existence of private repositories within any namespace.
2020-08-11
5

CVE-2020-14313
MISC

robotemi — launcher_os
Missing Authentication for Critical Function in Robotemi Global Ltd Temi Firmware up to 20190419.165201, Launcher OS prior to 11969-13146, Robox OS prior to 117.21-119.24, and their Android phone app prior to 1.3.3-1.3.7931 allows remote attackers to receive and answer calls intended for another temi user. Answering the call this way grants motor control of the temi in addition to audio/video.
2020-08-07
6.4

CVE-2020-16167
MISC
MISC

robotemi — temi_firmware
Origin Validation Error in Robotemi Global Ltd Temi Firmware up to 20190419.165201, Launcher OS prior to 11969-13146, Robox OS prior to 117.21-119.24, and their Android phone app prior to 1.3.3-1.3.7931 allows remote attackers to access the custom API server and MQTT broker used by the temi and send it custom data/requests.
2020-08-07
4.3

CVE-2020-16168
MISC
MISC

roundcube — webmail
Roundcube Webmail before 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document.
2020-08-12
4.3

CVE-2020-16145
CONFIRM
MISC

sabnzbd — sabnzbd
SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operating system.
2020-08-11
6.5

CVE-2020-13124
MISC
CONFIRM
MISC

sap — abap_platform
SAP NetWeaver (ABAP Server) and ABAP Platform, versions – 740, 750, 751, 752, 753, 754, 755, allows a business user to access the list of users in the given system using value help, leading to Information Disclosure.
2020-08-12
4

CVE-2020-6299
MISC
MISC

sap — abap_platform
Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP Platform, versions – 702, 730, 731, 740, 750, allows any authenticated user to enumerate all SAP users, leading to Information Disclosure.
2020-08-12
4

CVE-2020-6310
MISC
MISC

sap — abap_platform
SAP NetWeaver (ABAP Server) and ABAP Platform, versions – 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 753, 755, allows an attacker to inject code that can be executed by the application, leading to Code Injection. An attacker could thereby control the behavior of the application.
2020-08-12
6.5

CVE-2020-6296
MISC
MISC

sap — adaptive_server_enterprise
Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to access encrypted sensitive and confidential information through publicly readable installation log files leading to a compromise of the installed Cockpit. This compromise could enable the attacker to view, modify and/or make unavailable any data associated with the Cockpit, leading to Information Disclosure.
2020-08-12
4.6

CVE-2020-6295
MISC
MISC

sap — businessobjects_business_intelligence_platform
Xvfb of SAP Business Objects Business Intelligence Platform, versions – 4.2, 4.3, platform on Unix does not perform any authentication checks for functionalities that require user identity.
2020-08-12
6.4

CVE-2020-6294
MISC
MISC

sap — generic_market_data
SAP Banking Services (Generic Market Data), versions – 400, 450, 500, allows an unauthorized user to display protected Business Partner Generic Market Data (GMD) and change related GMD key figure values, due to Missing Authorization Check.
2020-08-12
5.5

CVE-2020-6298
MISC
MISC

sap — hcm_travel_management
SAP ERP (HCM Travel Management), versions – 600, 602, 603, 604, 605, 606, 607, 608, allows an authenticated but unauthorized attacker to read, modify and settle trips, resulting in escalation of privileges, due to Missing Authorization Check.
2020-08-12
5.5

CVE-2020-6301
MISC
MISC

sap — netweaver_knowledge_management
SAP NetWeaver (Knowledge Management), versions – 7.30, 7.31, 7.40, 7.50, allows an unauthenticated attacker to upload a malicious file and also to access, modify or make unavailable existing files but the impact is limited to the files themselves and is restricted by other policies such as access control lists and other upload file size restrictions, leading to Unrestricted File Upload.
2020-08-12
6.4

CVE-2020-6293
MISC
MISC

sap — s/4_hana_fiori_ui_for_general_ledger_accounting
SAP S/4 HANA (Fiori UI for General Ledger Accounting), versions 103, 104, does not perform necessary authorization checks for an authenticated user working with attachment service, allowing the attacker to delete attachments due to Missing Authorization Check.
2020-08-12
4

CVE-2020-6273
MISC
MISC

sophos — xg_firewall_firmware
Two OS command injection vulnerabilities in the User Portal of Sophos XG Firewall through 2020-08-05 potentially allow an authenticated attacker to remotely execute arbitrary code.
2020-08-07
6.5

CVE-2020-17352
MISC
MISC

suse — linux_enterprise_high_performance_computing
A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed sets the permissions for some of the directories of the pcp package to unintended settings. This issue affects: SUSE Linux Enterprise Server 12-SP4 permissions versions prior to 20170707-3.24.1. SUSE Linux Enterprise Server 15-LTSS permissions versions prior to 20180125-3.27.1. SUSE Linux Enterprise Server for SAP 15 permissions versions prior to 20180125-3.27.1. openSUSE Leap 15.1 permissions versions prior to 20181116-lp151.4.24.1. openSUSE Tumbleweed permissions versions prior to 20200624.
2020-08-07
4.6

CVE-2020-8025
CONFIRM

telegram — telegram_desktop
Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension.
2020-08-11
6.8

CVE-2020-17448
MISC
MISC
MISC

teradici — cloud_access_connector
The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 24, 2020 (v16 and earlier for the Cloud Access Connector) contains a stored cross-site scripting (XSS) vulnerability which allows a remote unauthenticated attacker to poison log files with malicious JavaScript via the login page which is executed when an administrator views the logs within the application.
2020-08-11
4.3

CVE-2020-13176
MISC

teradici — cloud_access_connector
The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local file inclusion vulnerability which allows an unauthenticated remote attacker to leak LDAP credentials via a specially crafted HTTP request.
2020-08-11
5

CVE-2020-13175
MISC

teradici — graphics_agent
The support bundler in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows versions prior to 20.04.1 and 20.07.0 does not use hard coded paths for certain Windows binaries, which allows an attacker to gain elevated privileges via execution of a malicious binary placed in the system path.
2020-08-11
4.4

CVE-2020-13177
MISC

teradici — graphics_agent
A function in the Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to version 20.04.1 does not properly validate the signature of an external binary, which could allow an attacker to gain elevated privileges via execution in the context of the PCoIP Agent process.
2020-08-11
4.6

CVE-2020-13178
MISC

teradici — managament_console
The web server in the Teradici Managament console versions 20.04 and 20.01.1 did not properly set the X-Frame-Options HTTP header, which could allow an attacker to trick a user into clicking a malicious link via clickjacking.
2020-08-11
4.3

CVE-2020-13174
MISC

themeinprogress — nova_lite
search.php in the Nova Lite theme before 1.3.9 for WordPress allows Reflected XSS.
2020-08-12
4.3

CVE-2020-17362
CONFIRM

tibco — silver_fabric
The VirtualRouter component of TIBCO Software Inc.’s TIBCO Silver Fabric contains a vulnerability that theoretically allows an attacker to inject scripts via URLs. The attacker could theoretically social engineer an authenticated user into submitting the URL, thus executing the script on the affected system with the privileges of the user. Affected releases are TIBCO Software Inc.’s TIBCO Silver Fabric: versions 6.0.0 and below.
2020-08-11
5.8

CVE-2019-17339
CONFIRM

tiny — tinymce
A cross-site scripting (XSS) vulnerability in TinyMCE 5.2.1 and earlier allows remote attackers to inject arbitrary web script when configured in classic editing mode.
2020-08-14
4.3

CVE-2020-12648
MISC

tiny — tinymce
TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor.
2020-08-10
4.3

CVE-2020-17480
MISC
MISC

tp-link — tl-ps310u_firmware
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to denial-of-service the device via long input values.
2020-08-07
6.1

CVE-2020-15057
MISC

vmware — spring_cloud_netflix
Spring Cloud Netflix, versions 2.2.x prior to 2.2.4, versions 2.1.x prior to 2.1.6, and older unsupported versions allow applications to use the Hystrix Dashboard proxy.stream endpoint to make requests to any server reachable by the server hosting the dashboard. A malicious user, or attacker, can send a request to other servers that should not be exposed publicly.
2020-08-07
4

CVE-2020-5412
CONFIRM

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description
Published
CVSS Score
Source & Patch Info

combodo — itop
Combodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script.
2020-08-10
3.5

CVE-2020-12779
MISC

digitus — da-70254_firmware
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.
2020-08-07
2.3

CVE-2020-15064
MISC

digitus — da-70254_firmware
DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.
2020-08-07
3.3

CVE-2020-15062
MISC

flatcore — flatcore
flatCore before 1.5.7 allows XSS by an admin via the acp/acp.php?tn=pages&sub=edit&editpage=1 page_linkname, page_title, page_content, or page_extracontent parameter, or the acp/acp.php?tn=system&sub=sys_pref prefs_pagename, prefs_pagetitle, or prefs_pagesubtitle parameter.
2020-08-09
3.5

CVE-2020-17451
MISC
MISC

gitlab — gitlab
For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issues list via milestone title.
2020-08-13
3.5

CVE-2020-13283
CONFIRM
MISC
MISC

gitlab — gitlab
For GitLab before 13.0.12, 13.1.6, 13.2.3 a cross-site scripting vulnerability exists in the issue reference number tooltip.
2020-08-13
3.5

CVE-2020-13285
CONFIRM
MISC
MISC

gitlab — gitlab
In GitLab before 13.0.12, 13.1.6, and 13.2.3, a stored XSS vulnerability exists in the CI/CD Jobs page
2020-08-12
3.5

CVE-2020-13288
CONFIRM
MISC
MISC

jenkins — jenkins
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the tooltip content of help icons, resulting in a stored cross-site scripting (XSS) vulnerability.
2020-08-12
3.5

CVE-2020-2229
MLIST
CONFIRM

jenkins — jenkins
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the project naming strategy description, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Overall/Manage permission.
2020-08-12
3.5

CVE-2020-2230
MLIST
CONFIRM

jenkins — jenkins
Jenkins 2.251 and earlier, LTS 2.235.3 and earlier does not escape the remote address of the host starting a build via ‘Trigger builds remotely’, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Job/Configure permission or knowledge of the Authentication Token.
2020-08-12
3.5

CVE-2020-2231
MLIST
CONFIRM

jenkins — yet_another_build_visualizer
Jenkins Yet Another Build Visualizer Plugin 1.11 and earlier does not escape tooltip content, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by users with Run/Update permission.
2020-08-12
3.5

CVE-2020-2236
MLIST
CONFIRM

lindy-international — 42633_firmware
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.
2020-08-07
3.3

CVE-2020-15058
MISC

lindy-international — 42633_firmware
Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.
2020-08-07
2.3

CVE-2020-15060
MISC

mcafee — data_loss_prevention
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log files containing plain text credentials.
2020-08-13
2.1

CVE-2020-7307
MISC

mcafee — data_loss_prevention
Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote user to trigger scripts to run in a user’s browser via adding a new label.
2020-08-13
2.3

CVE-2020-7303
MISC

pactware — pactware
In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stored in a recoverable format, and may be retrieved by any user with access to the PACTware workstation.
2020-08-11
2.1

CVE-2020-9403
CONFIRM

php-fusion — php-fusion
PHP-Fusion 9.03 allows XSS via the error_log file.
2020-08-12
3.5

CVE-2020-17449
MISC

redhat — cloudforms
A cross-site scripting flaw was found in Report Menu feature of Red Hat CloudForms 4.7 and 5. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms.
2020-08-11
3.5

CVE-2020-10777
MISC
MISC

sap — businessobjects_business_intelligence_platform
SAP Business Objects Business Intelligence Platform (Central Management Console), versions- 4.2, 4.3, allows an attacker with administrator rights can use the web application to send malicious code to a different end user (victim), as it does not sufficiently encode user-controlled inputs for RecycleBin, resulting in Stored Cross-Site Scripting (XSS) vulnerability.
2020-08-12
3.5

CVE-2020-6300
MISC
MISC

sap — data_intelligence
Under certain conditions the upgrade of SAP Data Hub 2.7 to SAP Data Intelligence, version – 3.0, allows an attacker to access confidential system configuration information, that should otherwise be restricted, leading to Information Disclosure.
2020-08-12
2.1

CVE-2020-6297
MISC
MISC

soplanning — soplanning
SOPlanning 1.46.01 allows persistent XSS via the Project Name, Statutes Comment, Places Comment, or Resources Comment field.
2020-08-11
3.5

CVE-2020-15597
MISC
MISC

sugarcrm — sugarcrm
SugarCRM before 10.1.0 (Q3 2020) allows SQL Injection.
2020-08-12
3.5

CVE-2020-17373
MISC
MISC
MISC
MISC
MISC

sugarcrm — sugarcrm
SugarCRM before 10.1.0 (Q3 2020) allows XSS.
2020-08-12
3.5

CVE-2020-17372
MISC
MISC
MISC
MISC
MISC

teradici — graphics_agent
Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confidential information from a memory dump via forcing a crashing during the single sign-on procedure.
2020-08-11
2.1

CVE-2020-13179
MISC

tp-link — tl-ps310u_firmware
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.
2020-08-07
3.3

CVE-2020-15054
MISC

tp-link — tl-ps310u_firmware
TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.
2020-08-07
2.3

CVE-2020-15056
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description
Published
CVSS Score
Source & Patch Info

abbyy — finereader
 
ABBYY network license server in ABBYY FineReader 15 before Release 4 (aka 15.0.112.2130) allows escalation of privileges by local users via manipulations involving files and using symbolic links.
2020-08-13
not yet calculated

CVE-2019-20383
CONFIRM
MISC
CONFIRM

adobe — git-server
 
The resolveRepositoryPath function doesn’t properly validate user input and a malicious user may traverse to any valid Git repository outside the repoRoot. This issue may lead to unauthorized access of private Git repositories as long as the malicious user knows or brute-forces the location of the repository.
2020-08-14
not yet calculated

CVE-2020-9708
MISC

alps_alpine — touchpad_driver
The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a “fake” DLL file.
2020-08-12
not yet calculated

CVE-2020-15596
MISC
MISC

amazon_web_services — s3_crypto_sdk_for_golang
 
A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC), which then allows an attacker who has write access to the target’s S3 bucket and can observe whether or not an endpoint with access to the key can decrypt a file, they can reconstruct the plaintext with (on average) 128*length (plaintext) queries to the endpoint, by exploiting CBC’s ability to manipulate the bytes of the next block and PKCS5 padding errors. It is recommended to update your SDK to V2 or later, and re-encrypt your files.
2020-08-11
not yet calculated

CVE-2020-8911
CONFIRM
CONFIRM

amazon_web_services — s3_crypto_sdk_for_golang
 
A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorithm of an object in the bucket, which can then allow them to change AES-GCM to AES-CTR. Using this in combination with a decryption oracle can reveal the authentication key used by AES-GCM as decrypting the GMAC tag leaves the authentication key recoverable as an algebraic equation. It is recommended to update your SDK to V2 or later, and re-encrypt your files.
2020-08-11
not yet calculated

CVE-2020-8912
CONFIRM
CONFIRM

artica — web_proxy
Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via service_cmds_peform.
2020-08-12
not yet calculated

CVE-2020-17505
MISC

artica — web_proxy
 
Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php.
2020-08-12
not yet calculated

CVE-2020-17506
MISC
MISC

artifex_software — ghostscript
 
A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51.
2020-08-13
not yet calculated

CVE-2020-16310
MISC
MISC

artifex_software — ghostscript
 
A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51.
2020-08-13
not yet calculated

CVE-2020-16307
MISC
MISC

artifex_software — ghostscript
 
A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51.
2020-08-13
not yet calculated

CVE-2020-16306
MISC
MISC

artifex_software — mujs
 
Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c.
2020-08-13
not yet calculated

CVE-2020-24343
MISC

asyncpg — asyncpg
 
asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code (on a database client) via a crafted server response, because of access to an uninitialized pointer in the array data decoder.
2020-08-12
not yet calculated

CVE-2020-17446
CONFIRM

avaya — aura_communication_manager_and_aura_messaging
 
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the System Management Interface Web component of Avaya Aura Communication Manager and Avaya Aura Messaging. This vulnerability could allow an unauthenticated remote attacker to perform Web administration actions with the privileged level of the authenticated user. Affected versions of Communication Manager are 7.0.x, 7.1.x prior to 7.1.3.5 and 8.0.x. Affected versions of Messaging are 7.0.x, 7.1 and 7.1 SP1.
2020-08-11
not yet calculated

CVE-2020-7029
CONFIRM

blackberry — qnx_software_development_platform
 
An information disclosure and remote code execution vulnerability in the slinger web server of the BlackBerry QNX Software Development Platform versions 6.4.0 to 6.6.0 could allow an attacker to potentially read arbitrary files and run arbitrary executables in the context of the web server.
2020-08-12
not yet calculated

CVE-2020-6932
MISC

cisco — unified_ip_conference_station_7937g
 
** UNSUPPORTED WHEN ASSIGNED ** A denial-of-service in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers restart the device remotely through sending specially crafted packets. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE’s reference information.
2020-08-12
not yet calculated

CVE-2020-16139
MISC
MISC
MISC

cisco — unified_ip_conference_station_7937g
 
** UNSUPPORTED WHEN ASSIGNED ** A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE’s reference information.
2020-08-12
not yet calculated

CVE-2020-16138
MISC
MISC
MISC

cisco — unified_ip_conference_station_7937g
 
** UNSUPPORTED WHEN ASSIGNED ** A privilege escalation issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to reset the credentials for the SSH administrative console to arbitrary values. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE’s reference information.
2020-08-12
not yet calculated

CVE-2020-16137
MISC
MISC
MISC

cms_made_simple — cms_made_simple
 
CMS Made Simple 2.2.14 allows Authenticated Arbitrary File Upload because the File Manager does not block .ptar files, a related issue to CVE-2017-16798.
2020-08-14
not yet calculated

CVE-2020-17462
EXPLOIT-DB

documalis — free_pdf_editor_and_free_pdf_scanner
 
Documalis Free PDF Editor version 5.7.2.26 and Documalis Free PDF Scanner version 5.7.2.122 do not appropriately validate the contents of JPEG images contained within a PDF. Attackers can exploit this vulnerability to trigger a buffer overflow on the stack and gain remote code execution as the user running the Documalis Free PDF Editor or Documalis Free PDF Scanner software.
2020-08-12
not yet calculated

CVE-2020-7374
MISC

dovecot — dovecot
 
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.
2020-08-12
not yet calculated

CVE-2020-12674
MISC
MLIST
DEBIAN
CONFIRM

dovecot — dovecot
 
In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read.
2020-08-12
not yet calculated

CVE-2020-12673
MISC
MLIST
DEBIAN
CONFIRM

dovecot — dovecot
 
In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested MIME parts.
2020-08-12
not yet calculated

CVE-2020-12100
MLIST
MISC
MLIST
DEBIAN

eaton — secure_connect_mobile_app
 
Eaton’s Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user’s account and associated devices.
2020-08-12
not yet calculated

CVE-2020-6653
MISC

evga — precision_x1
 
The WinRing0.sys and WinRing0x64.sys drivers 1.2.0 in EVGA Precision X1 through 1.0.6 allow local users, including low integrity processes, to read and write to arbitrary memory locations. This allows any user to gain NT AUTHORITYSYSTEM privileges by mapping DevicePhysicalMemory into the calling process.
2020-08-11
not yet calculated

CVE-2020-14979
MISC
MISC

fortinet — fortios
 
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server.
2020-08-14
not yet calculated

CVE-2019-5591
CONFIRM

galileo_cms — galileo_cms
 
There is stored cross site scripting (XSS) in Galileo CMS v0.042. Remote authenticated users could inject arbitrary web script or HTML via $page_title in /lib/Galileo/files/templates/page/show.html.ep (aka the PAGE TITLE Field).
2020-08-14
not yet calculated

CVE-2019-7410
CONFIRM
MISC
MISC
MISC

geutebrück — g-cam_and_g-code
 
Using a specially crafted URL command, a remote authenticated user can execute commands as root on the G-Cam and G-Code (Firmware Versions 1.12.0.25 and prior as well as the limited Versions 1.12.13.2 and 1.12.14.5).
2020-08-14
not yet calculated

CVE-2020-16205
MISC

gitlab — gitlab
 
For GitLab before 13.0.12, 13.1.6, 13.2.3 a memory exhaustion flaw exists due to excessive logging of an invite email error message.
2020-08-13
not yet calculated

CVE-2020-13280
CONFIRM
MISC

gitlab — gitlab
 
For GitLab before 13.0.12, 13.1.6, 13.2.3 after a group transfer occurs, members from a parent group keep their access level on the subgroup leading to improper access.
2020-08-13
not yet calculated

CVE-2020-13282
CONFIRM
MISC
MISC

gitlab — gitlab
 
In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page.
2020-08-12
not yet calculated

CVE-2020-13290
CONFIRM
MISC
MISC

gitlab — gitlab
 
In GitLab before 13.2.3, project sharing could temporarily allow too permissive access.
2020-08-12
not yet calculated

CVE-2020-13291
CONFIRM
MISC

gnome — gnome-shell
 
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password shown in cleartext at login time, it is then visible for a brief moment upon a logout. (If the password were never shown in cleartext, only the password length is revealed.)
2020-08-11
not yet calculated

CVE-2020-17489
MISC

google — android
 
A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android’s Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a directory traversal, execute code as the targeted application and access the targeted application’s data on the Android device. We recommend all users update Play Core to version 1.7.2 or later.
2020-08-12
not yet calculated

CVE-2020-8913
CONFIRM

google — android
 
In C2 flame devices, there is a possible bypass of seccomp due to a missing configuration file. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-146059841
2020-08-13
not yet calculated

CVE-2020-0261
MISC

google — go-tpm
 
An improperly initialized ‘migrationAuth’ value in Google’s go-tpm TPM1.2 library versions prior to 0.3.0 can lead an eavesdropping attacker to discover the auth value for a key created with CreateWrapKey. An attacker listening in on the channel can collect both ‘encUsageAuth’ and ‘encMigrationAuth’, and then can calculate ‘usageAuth ^ encMigrationAuth’ as the ‘migrationAuth’ can be guessed for all keys created with CreateWrapKey. TPM2.0 is not impacted by this. We recommend updating your library to 0.3.0 or later, or, if you cannot update, to call CreateWrapKey with a random 20-byte value for ‘migrationAuth’.
2020-08-11
not yet calculated

CVE-2020-8918
CONFIRM

horndis — horndis
 
All versions of HoRNDIS are affected by an integer overflow in the RNDIS packet parsing routines. A malicious USB device can trigger disclosure of unrelated kernel memory to userspace applications on the host, or can cause the kernel to crash. Kernel memory disclosure is especially likely on 32-bit kernels; 64-bit kernels are more likely to crash on attempted exploitation. It is not believed that kernel memory corruption is possible, or that unattended kernel memory disclosure without the collaboration of a userspace program running on the host is possible. The vulnerability is in `HoRNDIS::receivePacket`. `msg_len`, `data_ofs`, and `data_len` can be controlled by an attached USB device, and a negative value of `data_ofs` can bypass the check for `(data_ofs + data_len + 8) > msg_len`, and subsequently can cause a wild pointer copy in the `mbuf_copyback` call. The software is not maintained and no patches are planned. Users of multi-tenant systems with HoRNDIS installed should only connect trusted USB devices to their system.
2020-08-12
not yet calculated

CVE-2020-15137
CONFIRM

huawei — fusioncomput
 
FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information.
2020-08-14
not yet calculated

CVE-2020-9229
MISC

huawei — fusioncomput
 
FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of certain information, attackers may exploit this vulnerability to obtain certain information.
2020-08-14
not yet calculated

CVE-2020-9228
MISC

inet — wireless_daemon
 
eapol.c in iNet wireless daemon (IWD) through 1.8 allows attackers to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4.
2020-08-12
not yet calculated

CVE-2020-17497
MISC

intel — acceleration_stack
 
Improper access control in firmware for Intel(R) PAC with Arria(R) 10 GX FPGA before Intel Acceleration Stack version 1.2.1 may allow a privileged user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8684
MISC

intel — computing_improvement_program
 
Improper access control in subsystem for the Intel(R) Computing Improvement Program before version 2.4.5718 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8736
MISC

intel — distribution_of_openvino_toolkit
 
Incorrect permissions in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2020.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-12287
MISC

intel — graphics_drivers
Out of bounds read in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access.
2020-08-13
not yet calculated

CVE-2020-8682
MISC

intel — graphics_drivers
 
Out-of-bounds write in Kernel Mode Driver for some Intel(R) Graphics Drivers before version 26.20.100.7755 may allow an authenticated user to potentially enable denial of service via local access.
2020-08-13
not yet calculated

CVE-2020-8679
MISC

intel — graphics_drivers
 
Uncaught exception in the system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access.
2020-08-13
not yet calculated

CVE-2020-0512
MISC

intel — graphics_drivers
 
Out of bounds write for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-0513
MISC

intel — graphics_drivers
 
Out of bounds write in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8681
MISC

intel — graphics_drivers
 
Improper buffer restrictions in system driver for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable denial of service via local access.
2020-08-13
not yet calculated

CVE-2020-8683
MISC

intel — graphics_drivers
 
Race condition in some Intel(R) Graphics Drivers before version 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8680
MISC

intel — graphics_drivers
 
Out of bounds read in some Intel(R) Graphics Drivers before versions 15.45.31.5127 and 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-0510
MISC

intel — led_manager
 
Improper authentication in subsystem for Intel (R) LED Manager for NUC before version 1.2.3 may allow privileged user to potentially enable denial of service via local access.
2020-08-13
not yet calculated

CVE-2020-8685
MISC

intel — mailbox
 
Improper permissions in the installer for the Intel(R) Mailbox Interface driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8743
MISC

intel — multiple_products
Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8729
CONFIRM
MISC

intel — multiple_products
 
Incorrect execution-assigned permissions in the file system for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8731
CONFIRM
MISC

intel — multiple_products
 
Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
2020-08-13
not yet calculated

CVE-2020-8713
CONFIRM
MISC

intel — multiple_products
 
Buffer overflow in a daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
2020-08-13
not yet calculated

CVE-2020-8706
CONFIRM
MISC

intel — multiple_products
 
Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
2020-08-13
not yet calculated

CVE-2020-8708
CONFIRM
MISC

intel — multiple_products
 
Heap-based buffer overflow in the firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
2020-08-13
not yet calculated

CVE-2020-8732
CONFIRM
MISC

intel — multiple_products
 
Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable denial of service via local access.
2020-08-13
not yet calculated

CVE-2020-8720
CONFIRM
MISC

intel — multiple_products
 
Improper authentication in socket services for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
2020-08-13
not yet calculated

CVE-2020-8709
CONFIRM
MISC

intel — multiple_products
 
Buffer overflow in daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
2020-08-13
not yet calculated

CVE-2020-8707
CONFIRM
MISC

intel — multiple_products
 
Heap-based overflow for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8730
CONFIRM
MISC

intel — multiple_products
 
Improper input validation in a subsystem for some Intel Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service via local access.
2020-08-13
not yet calculated

CVE-2020-8717
CONFIRM
MISC

intel — multiple_products
 
Cross-site scripting for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
2020-08-13
not yet calculated

CVE-2020-8723
CONFIRM
MISC

intel — multiple_products
 
Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8722
CONFIRM
MISC

intel — multiple_products
 
Improper input validation for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8721
CONFIRM
MISC

intel — multiple_products
 
Buffer overflow in subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8719
CONFIRM
MISC

intel — multiple_products
 
Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8718
CONFIRM
MISC

intel — multiple_products
 
Improper access control in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8711
CONFIRM
MISC

intel — multiple_products
 
Improper access control for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service via local access.
2020-08-13
not yet calculated

CVE-2020-8716
CONFIRM
MISC

intel — multiple_products
 
Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8714
CONFIRM
MISC

intel — multiple_products
 
Buffer overflow in a verification process for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8712
CONFIRM
MISC

intel — multiple_products
 
Buffer overflow in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8710
CONFIRM
MISC

intel — multiple_products
 
Invalid pointer for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable denial of service via local access.
2020-08-13
not yet calculated

CVE-2020-8715
CONFIRM
MISC

intel — nuc
 
Improper input validation in the firmware for Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8742
MISC

intel — proset/wireless_wifi_products
 
Insecure inherited permissions in some Intel(R) PROSet/Wireless WiFi products on Windows* 7 and 8.1 before version 21.40.5.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-0559
MISC

intel — raid_web_console_3
 
Improper input validation in the Intel(R) RAID Web Console 3 for Windows* may allow an unauthenticated user to potentially enable denial of service via network access.
2020-08-13
not yet calculated

CVE-2020-8688
MISC

intel — realsense_d400_series_uwp_driver
 
Improper permissions in the installer for the Intel(R) RealSense(TM) D400 Series UWP driver for Windows* 10 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8763
MISC

intel — rste_software_raid_driver
 
Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8687
MISC

intel — server_board_families
 
Improper initialization in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-12301
CONFIRM
MISC

intel — server_board_families
 
Uninitialized pointer in BIOS firmware for Intel(R) Server Board Families S2600CW, S2600KP, S2600TP, and S2600WT may allow a privileged user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-12300
CONFIRM
MISC

intel — server_board_families
 
Improper input validation in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-12299
CONFIRM
MISC

intel — server_board_m10jnp2sb
 
Improper buffer restrictions in the firmware for Intel(R) Server Board M10JNP2SB before version 7.210 may allow a privileged user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8733
CONFIRM
MISC

intel — ssd_sct
 
Improper access control in the installer for Intel(R) SSD DCT versions before 3.0.23 may allow a privileged user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-8759
MISC

intel — thunderbolt_controllers
 
Reliance on untrusted inputs in a security decision in some Intel(R) Thunderbolt(TM) controllers may allow unauthenticated user to potentially enable information disclosure via physical access.
2020-08-13
not yet calculated

CVE-2019-14630
MISC

intel — wireless_bluetooth_products
 
Improper input validation for some Intel(R) Wireless Bluetooth(R) products may allow an authenticated user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-0555
MISC

intel — wireless_bluetooth_products
 
Race condition in software installer for some Intel(R) Wireless Bluetooth(R) products on Windows* 7, 8.1 and 10 may allow an unprivileged user to potentially enable escalation of privilege via local access.
2020-08-13
not yet calculated

CVE-2020-0554
MISC

intel — wireless_bluetooth_products
 
Out-of-bounds read in kernel mode driver for some Intel(R) Wireless Bluetooth(R) products on Windows* 10, may allow a privileged user to potentially enable information disclosure via local access.
2020-08-13
not yet calculated

CVE-2020-0553
MISC

intel — wireless_bluetooth_products
 
Insufficient control flow management for some Intel(R) Wireless Bluetooth(R) products may allow an unprivileged user to potentially enable denial of service via adjacent access.
2020-08-13
not yet calculated

CVE-2019-14620
MISC

intel — wireless_for_open_source
 
Improper buffer restrictions in the Intel(R) Wireless for Open Source before version 1.5 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
2020-08-13
not yet calculated

CVE-2020-8689
MISC

ise — smart_connect_knx_valliant
 
ise smart connect KNX Vaillant 1.2.839 contain a Denial of Service.
2020-08-14
not yet calculated

CVE-2019-19643
MISC

jerryscript — jerryscript
 
JerryScript through 2.3.0 has a (function({a=arguments}){const arguments}) buffer over-read.
2020-08-13
not yet calculated

CVE-2020-24344
MISC

loway — queuemetrics
 
A SQL injection vulnerability at a tpf URI in Loway QueueMetrics before 19.10.21 allows remote authenticated attackers to execute arbitrary SQL commands via the TPF_XPAR1 parameter.
2020-08-13
not yet calculated

CVE-2020-15925
MISC

loway — queuemetrics
 
A SQL injection vulnerability in the qm_adm/qm_export_stats_run.do endpoint of Loway QueueMetrics before 19.10.21 allows remote authenticated users to execute arbitrary SQL commands via the exportId parameter.
2020-08-13
not yet calculated

CVE-2020-15947
MISC

lua — lua
 
Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row.
2020-08-13
not yet calculated

CVE-2020-24342
MISC
MISC

mantisbt — mantisbt
 
An XSS issue was discovered in MantisBT before 2.24.2. Improper escaping on view_all_bug_page.php allows a remote attacker to inject arbitrary HTML into the page by saving it into a text Custom Field, leading to possible code execution in the browser of any user subsequently viewing the issue (if CSP settings allow it).
2020-08-12
not yet calculated

CVE-2020-16266
CONFIRM
CONFIRM

mcafee — data_loss_prevention
 
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the ADRMS username and password via unprotected log files containing plain text
2020-08-13
not yet calculated

CVE-2020-7306
CONFIRM

mcafee — data_loss_prevention_epo_extension
 
Cross site request forgery vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attacker to embed a CRSF script via adding a new label.
2020-08-13
not yet calculated

CVE-2020-7304
CONFIRM

mcafee — data_loss_prevention_epo_extension
 
Unrestricted Upload of File with Dangerous Type in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to upload malicious files to the DLP case management section via lack of sanity checking.
2020-08-13
not yet calculated

CVE-2020-7302
MISC

mcafee — data_loss_prevention_epo_extension
 
Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated attackers to trigger alerts via the file upload tab in the DLP case management section.
2020-08-12
not yet calculated

CVE-2020-7301
CONFIRM

mcafee — data_loss_prevention_epo_extension
 
Improper Authorization vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attackers to change the configuration when logged in with view only privileges via carefully constructed HTTP post messages.
2020-08-12
not yet calculated

CVE-2020-7300
CONFIRM

mcafee — data_loss_prevention_epo_extension
 
Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows a low privileged remote attacker to create new rule sets via incorrect validation of user credentials.
2020-08-13
not yet calculated

CVE-2020-7305
CONFIRM

megvii — koala
 
Lack of authentication in the network relays used in MEGVII Koala 2.9.1-c3s allows attackers to grant physical access to anyone by sending packet data to UDP port 5000.
2020-08-14
not yet calculated

CVE-2020-17475
MISC

microsoft — composer-setup
 
In Composer-Setup for Windows before version 6.0.0, if the developer’s computer is shared with other users, a local attacker may be able to exploit the following scenarios. 1. A local regular user may modify the existing `C:ProgramDataComposerSetupbincomposer.bat` in order to get elevated command execution when composer is run by an administrator. 2. A local regular user may create a specially crafted dll in the `C:ProgramDataComposerSetupbin` folder in order to get Local System privileges. See: https://itm4n.github.io/windows-server-netman-dll-hijacking. 3. If the directory of the php.exe selected by the user is not in the system path, it is added without checking that it is admin secured, as per Microsoft guidelines. See: https://msrc-blog.microsoft.com/2018/04/04/triaging-a-dll-planting-vulnerability.
2020-08-14
not yet calculated

CVE-2020-15145
MISC
CONFIRM

mozilla — multiple_products
 
Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.
2020-08-10
not yet calculated

CVE-2020-15659
SUSE
SUSE
SUSE
MISC
MISC
MISC
MISC
MISC
MISC

nginx — njs
 
njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be “fluff” in the NGINX use case because there is no remote attack surface.
2020-08-13
not yet calculated

CVE-2020-24349
MISC

nginx — njs
 
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c.
2020-08-13
not yet calculated

CVE-2020-24347
MISC

nginx — njs
 
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c.
2020-08-13
not yet calculated

CVE-2020-24348
MISC

nim — nim
 
In Nim 1.2.4, the standard library browsers mishandles the URL argument to browsers.openDefaultBrowser. This argument can be a local file path that will be opened in the default explorer. An attacker can pass one argument to the underlying open command to execute arbitrary registered system commands.
2020-08-14
not yet calculated

CVE-2020-15692
MISC
CONFIRM

nim — nim
 
In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF injection in the target URL. An injection is possible if the attacker controls any part of the URL provided in a call (such as httpClient.get or httpClient.post), the User-Agent header value, or custom HTTP header names or values.
2020-08-14
not yet calculated

CVE-2020-15693
MISC
CONFIRM

nim — nim
 
In Nim 1.2.4, the standard library httpClient fails to properly validate the server response. For example, httpClient.get().contentLength() does not raise any error if a malicious server provides a negative Content-Length.
2020-08-14
not yet calculated

CVE-2020-15694
MISC
CONFIRM

pactware — pactware
 
In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stored in an insecure manner, and may be modified by an attacker with no knowledge of the current passwords.
2020-08-11
not yet calculated

CVE-2020-9404
CONFIRM

palo_alto_networks — pan-os
 
When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on the decrypted HTTPS web transactions but does not consider Server Name Indication (SNI) field within the TLS Client Hello handshake. This allows a compromised host in a protected network to evade any security policy that uses URL filtering on a firewall configured with SSL Decryption in the Forward Proxy mode. A malicious actor can then use this technique to evade detection of communication on the TLS handshake phase between a compromised host and a remote malicious server. This technique does not increase the risk of a host being compromised in the network. It does not impact the confidentiality or availability of a firewall. This is considered to have a low impact on the integrity of the firewall because the firewall fails to enforce a policy on certain traffic that should have been blocked. This issue does not impact the URL filtering policy enforcement on clear text or encrypted web transactions. This technique can be used only after a malicious actor has compromised a host in the protected network and the TLS/SSL Decryption feature is enabled for the traffic that the attacker controls. Palo Alto Networks is not aware of any malware that uses this technique to exfiltrate data. This issue is applicable to all current versions of PAN-OS.
2020-08-12
not yet calculated

CVE-2020-2035
CONFIRM
CONFIRM

pegasystems — pega_platform
 
Pega Platform 8.2.1 allows LDAP injection because a username can contain a * character and can be of unlimited length. An attacker can specify four characters of a username, followed by the * character, to bypass access control.
2020-08-13
not yet calculated

CVE-2019-16374
MISC
MISC

phpjs — phpjs
 
All versions of phpjs are vulnerable to Prototype Pollution via parse_str.
2020-08-14
not yet calculated

CVE-2020-7700
CONFIRM

phpjs — phpjs
 
madlib-object-utils before 0.1.7 is vulnerable to Prototype Pollution via setValue.
2020-08-14
not yet calculated

CVE-2020-7701
CONFIRM

pnotes — andrey_gruber_pnotes.net
 
A File Upload Vulnerability in PNotes – Andrey Gruber PNotes.NET v3.8.1.2 allows a local attacker to execute arbitrary code via the Miscellaneous ” External Programs by uploading the malicious .exe file to the external program.
2020-08-14
not yet calculated

CVE-2020-22721
MISC

python — python
 
In openapi-python-client before version 0.5.3, clients generated with a maliciously crafted OpenAPI Document can generate arbitrary Python code. Subsequent execution of this malicious client is arbitrary code execution.
2020-08-14
not yet calculated

CVE-2020-15142
MISC
MISC
CONFIRM
MISC

python — python
 
In openapi-python-client before version 0.5.3, there is a path traversal vulnerability. If a user generated a client using a maliciously crafted OpenAPI document, it is possible for generated files to be placed in arbitrary locations on disk.
2020-08-14
not yet calculated

CVE-2020-15141
MISC
MISC
CONFIRM
MISC

qt — qt
 
An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read.
2020-08-12
not yet calculated

CVE-2020-17507
MISC
MISC
MISC
FEDORA

radare2 — radare2
 
radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_parse_algorithmidentifier in libr/util/x509.c. This is due to a malformed object identifier in IMAGE_DIRECTORY_ENTRY_SECURITY.
2020-08-11
not yet calculated

CVE-2020-17487
MISC

rapid_software — rapid_scada
 
Rapid Software LLC Rapid SCADA 5.8.0 is affected by a local privilege escalation vulnerability in the ScadaAgentSvc.exe executable file. An attacker can obtain admin privileges by placing a malicious .exe file in the application and renaming it ScadaAgentSvc.exe, which would result in executing the binary as NT AUTHORITYSYSTEM in a Windows operating system. For example, an attacker can plant a reverse shell from a low privileged user account and by restarting the computer, the malicious service will be started as NT AUTHORITYSYSTEM by giving the attacker full system access to the remote PC.
2020-08-14
not yet calculated

CVE-2020-22722
MISC

readytalk — avian
 
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypass of these checks, and out-of-bounds read/write. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
2020-08-12
not yet calculated

CVE-2020-17360
MISC
MISC

readytalk — avian
 
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h returns silently when a negative length is provided (instead of throwing an exception). This could result in data being lost during the copy, with varying consequences depending on the subsequent use of the destination buffer. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
2020-08-12
not yet calculated

CVE-2020-17361
MISC
MISC

rosariosis — rosariosis
 
Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System < 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET request.
2020-08-12
not yet calculated

CVE-2020-13278
MISC
MISC
CONFIRM

securepoint — securepoint_ssl_vpn_client
 
A local privilege escalation vulnerability in SPSSLVpnService.exe in Securepoint GmbH from Lueneburg Securepoint SSL VPN Client 2.0.28 allows a local attacker to gain privileges via a crafted malicious exe and perform unauthorized actions.
2020-08-14
not yet calculated

CVE-2020-22720
MISC

shenzhen_hichip_vision_technology — multiple_devices
 
Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from cryptographic issues that allow remote attackers to access user session data, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices. This affects products marketed under the following brand names: Accfly, Alptop, Anlink, Besdersec, BOAVISION, COOAU, CPVAN, Ctronics, D3D Security, Dericam, Elex System, Elite Security, ENSTER, ePGes, Escam, FLOUREON, GENBOLT, Hongjingtian (HJT), ICAMI, Iegeek, Jecurity, Jennov, KKMoon, LEFTEK, Loosafe, Luowice, Nesuniq, Nettoly, ProElite, QZT, Royallite, SDETER, SV3C, SY2L, Tenvis, ThinkValue, TOMLOV, TPTEK, WGCC, and ZILINK.
2020-08-10
not yet calculated

CVE-2020-9528
MISC
MISC

shenzhen_hichip_vision_technology — multiple_devices
 
Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20, after 2018-08-09 through 2020), as used by many different vendors in millions of Internet of Things devices, suffers from buffer overflow vulnerability that allows unauthenticated remote attackers to execute arbitrary code via the peer-to-peer (P2P) service. This affects products marketed under the following brand names: Accfly, Alptop, Anlink, Besdersec, BOAVISION, COOAU, CPVAN, Ctronics, D3D Security, Dericam, Elex System, Elite Security, ENSTER, ePGes, Escam, FLOUREON, GENBOLT, Hongjingtian (HJT), ICAMI, Iegeek, Jecurity, Jennov, KKMoon, LEFTEK, Loosafe, Luowice, Nesuniq, Nettoly, ProElite, QZT, Royallite, SDETER, SV3C, SY2L, Tenvis, ThinkValue, TOMLOV, TPTEK, WGCC, and ZILINK.
2020-08-10
not yet calculated

CVE-2020-9527
MISC
MISC

shenzhen_hichip_vision_technology — multiple_devices
 
Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from a privilege escalation vulnerability that allows attackers on the local network to reset the device’s administrator password. This affects products marketed under the following brand names: Accfly, Alptop, Anlink, Besdersec, BOAVISION, COOAU, CPVAN, Ctronics, D3D Security, Dericam, Elex System, Elite Security, ENSTER, ePGes, Escam, FLOUREON, GENBOLT, Hongjingtian (HJT), ICAMI, Iegeek, Jecurity, Jennov, KKMoon, LEFTEK, Loosafe, Luowice, Nesuniq, Nettoly, ProElite, QZT, Royallite, SDETER, SV3C, SY2L, Tenvis, ThinkValue, TOMLOV, TPTEK, WGCC, and ZILINK.
2020-08-10
not yet calculated

CVE-2020-9529
MISC
MISC

siemens — automation_license_manager
 
A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0.8). The application does not properly validate the users’ privileges when executing some operations, which could allow a user with low permissions to arbitrary modify files that should be protected against writing.
2020-08-14
not yet calculated

CVE-2020-7583
MISC

siemens — desigo_cc_and_desigo_cc_compact
 
A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) that contains a remote code execution vulnerability if the Advanced Reporting Engine is enabled. The vulnerability could allow a remote unauthenticated attacker to execute arbitrary commands on the server with SYSTEM privileges.
2020-08-14
not yet calculated

CVE-2020-10055
MISC
MISC

siemens — sicam_a8000_rtu_devices
A vulnerability has been identified in SICAM WEB firmware for SICAM A8000 RTUs (All versions < V05.30). The login screen does not sufficiently sanitize input, which enables an attacker to generate specially crafted log messages. If an unsuspecting victim views the log messages via the web browser, these log messages might be interpreted and executed as code by the web application. This Cross-Site-Scripting (XSS) vulnerability might compromize the confidentiality, integrity and availability of the web application.
2020-08-14
not yet calculated

CVE-2020-15781
MISC

smartcontrol — smartcontrol
 
An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placing a specially crafted DLL file in the search path. This issue was fixed in version 1.0.7, which was released after April 15, 2020. (Note, the version numbering system changed significantly between version 4.3.15 and version 1.0.7.)
2020-08-13
not yet calculated

CVE-2020-7360
MISC

sonatype — nexus_repository_manager
 
Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control.
2020-08-12
not yet calculated

CVE-2020-15868
CONFIRM

spirent — testcenter_and_avalanche
 
An issue was discovered on Spirent TestCenter and Avalanche appliance admin interface firmware. An attacker, who already has access to an SSH restricted shell, can achieve root access via shell metacharacters. The attacker can then, for example, read sensitive files such as appliance admin configuration source code. This affects Spirent TestCenter and Avalanche products which chassis version <= 5.08. The SSH restricted shell is available with default credentials.
2020-08-13
not yet calculated

CVE-2020-11733
MISC
MISC

st_engineering — vpncrypt_m10
 
The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command injection via a text field, which allow full control over this module’s Operating System.
2020-08-12
not yet calculated

CVE-2020-12107
MISC
MISC

st_engineering — vpncrypt_m10
 
The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Administrator account or connect the product to a rogue access point.
2020-08-12
not yet calculated

CVE-2020-12106
MISC
MISC

textpattern — textpattern
 
In Textpattern 4.5.7, an unprivileged author can change an article’s markup setting.
2020-08-14
not yet calculated

CVE-2015-8032
CONFIRM
CONFIRM

textpattern — textpattern
 
In Textpattern 4.5.7, the password-reset feature does not securely tether a hash to a user account.
2020-08-14
not yet calculated

CVE-2015-8033
CONFIRM
CONFIRM

tridium — niagara_and_niagara_enterprise_security
A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hanging and requires a manual restart of Niagara (Versions 4.6.96.28, 4.7.109.20, 4.7.110.32, 4.8.0.110) and Niagara Enterprise Security (Versions 2.4.31, 2.4.45, 4.8.0.35) to correct.
2020-08-13
not yet calculated

CVE-2020-14483
MISC

trousers — toursers
 
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed.
2020-08-13
not yet calculated

CVE-2020-24330
MLIST
MISC
MISC
MISC

trousers — toursers
 
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this daemon).
2020-08-13
not yet calculated

CVE-2020-24331
MLIST
MISC
MISC
MISC

trousers — toursers
 
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack.
2020-08-13
not yet calculated

CVE-2020-24332
MLIST
MISC
MISC
MISC

vbulletin — vbulletin
 
vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759.
2020-08-12
not yet calculated

CVE-2020-17496
MISC
MISC
MISC

vmware — concourse
 
Concourse, versions prior to 6.3.1 and 6.4.1, in installations which use the GitLab auth connector, is vulnerable to identity spoofing by way of configuring a GitLab account with the same full name as another user who is granted access to a Concourse team. GitLab groups do not have this vulnerability, so GitLab users may be moved into groups which are then configured in the Concourse team.
2020-08-12
not yet calculated

CVE-2020-5415
CONFIRM
CONFIRM

wireshark — wireshark
 
In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.
2020-08-13
not yet calculated

CVE-2020-17498
MISC
MISC
MISC

wordpress — worpress
 
A Cross-site scripting (XSS) vulnerability in /inc/class-search.php in the Sell Media plugin v2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the keyword parameter (aka $search_term or the Search field).
2020-08-14
not yet calculated

CVE-2019-6112
CONFIRM
MISC

zalo — zalo_desktop
 
An issue was discovered in Zalo.exe in VNG Zalo Desktop 19.8.1.0. An attacker can run arbitrary commands on a remote Windows machine running the Zalo client by sending the user of the device a crafted file.
2020-08-13
not yet calculated

CVE-2020-16087
MISC
MISC
MISC

zkteco — facedepot_7b_and_zkbiosecurity_server
 
A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to create arbitrary new users, elevate users to administrators, delete users, and download user faces from the database.
2020-08-14
not yet calculated

CVE-2020-17474
MISC

zkteco — facedepot_7b_and_zkbiosecurity_server
 
Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server.
2020-08-14
not yet calculated

CVE-2020-17473
MISC

zoom — zoom
 
A vulnerability related to Dynamic-link Library (“DLL”) loading in the Zoom Sharing Service would allow an attacker who had local access to a machine on which the service was running with elevated privileges to elevate their system privileges as well through use of a malicious DLL. Zoom addressed this issue, which only applies to Windows users, in the 5.0.4 client release.
2020-08-14
not yet calculated

CVE-2020-9767
CONFIRM

Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Leave a Reply