AA20-126A: APT Groups Target Healthcare and Essential Services

Original release date: May 5, 2020

Summary

This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC).

CISA and NCSC continue to see indications that advanced persistent threat (APT) groups are exploiting the Coronavirus Disease 2019 (COVID-19) pandemic as part of their cyber operations. This joint alert highlights ongoing activity by APT groups against organizations involved in both national and international COVID-19 responses. It describes some of the methods these actors are using to target organizations and provides mitigation advice.

The joint CISA-NCSC Alert: (AA20-099A) COVID-19 Exploited by Malicious Cyber Actors from April 8, 2020, previously detailed the exploitation of the COVID-19 pandemic by cybercriminals and APT groups. This joint CISA-NCSC Alert provides an update to ongoing malicious cyber activity relating to COVID-19. For a graphical summary of CISA’s joint COVID-19 Alerts with NCSC, see the following guide.

COVID-19-related targeting

APT actors are actively targeting organizations involved in both national and international COVID-19 responses. These organizations include healthcare bodies, pharmaceutical companies, academia, medical research organizations, and local governments.

APT actors frequently target organizations in order to collect bulk personal information, intellectual property, and intelligence that aligns with national priorities.

The pandemic has likely raised additional interest for APT actors to gather information related to COVID-19. For example, actors may seek to obtain intelligence on national and international healthcare policy, or acquire sensitive data on COVID-19-related research.

Targeting of pharmaceutical and research organizations

CISA and NCSC are currently investigating a number of incidents in which threat actors are targeting pharmaceutical companies, medical research organizations, and universities. APT groups frequently target such organizations in order to steal sensitive research data and intellectual property for commercial and state benefit. Organizations involved in COVID-19-related research are attractive targets for APT actors looking to obtain information for their domestic research efforts into COVID-19-related medicine.

These organizations’ global reach and international supply chains increase exposure to malicious cyber actors. Actors view supply chains as a weak link that they can exploit to obtain access to better-protected targets. Many supply chain elements have also been affected by the shift to remote working and the new vulnerabilities that have resulted.

Recently CISA and NCSC have seen APT actors scanning the external websites of targeted companies and looking for vulnerabilities in unpatched software. Actors are known to take advantage of Citrix vulnerability CVE-2019-19781[1],[2] and vulnerabilities in virtual private network (VPN) products from Pulse Secure, Fortinet, and Palo Alto.[3],[4]

COVID-19-related password spraying activity

CISA and NCSC are actively investigating large-scale password spraying campaigns conducted by APT groups. These actors are using this type of attack to target healthcare entities in a number of countries—including the United Kingdom and the United States—as well as international healthcare organizations.

Previously, APT groups have used password spraying to target a range of organizations and companies across sectors—including government, emergency services, law enforcement, academia and research organizations, financial institutions, and telecommunications and retail companies.

Technical Details

Password spraying is a commonly used style of brute force attack in which the attacker tries a single and commonly used password against many accounts before moving on to try a second password, and so on. This technique allows the attacker to remain undetected by avoiding rapid or frequent account lockouts. These attacks are successful because, for any given large set of users, there will likely be some with common passwords.

Malicious cyber actors, including APT groups, collate names from various online sources that provide organizational details and use this information to identify possible accounts for targeted institutions. The actors will then “spray” the identified accounts with lists of commonly used passwords.

Once the malicious cyber actor compromises a single account, they will use it to access other accounts where the credentials are reused. Additionally, the actor could attempt to move laterally across the network to steal additional data and implement further attacks against other accounts within the network.

In previous incidents investigated by CISA and NCSC, malicious cyber actors used password spraying to compromise email accounts in an organization and then, in turn, used these accounts to download the victim organization’s Global Address List (GAL). The actors then used the GAL to password spray further accounts.

NCSC has previously provided examples of frequently found passwords, which attackers are known to use in password spray attacks to attempt to gain access to corporate accounts and networks. In these attacks, malicious cyber actors often use passwords based on the month of the year, seasons, and the name of the company or organization.

CISA and NCSC continue to investigate activity linked to large-scale password spraying campaigns. APT actors will continue to exploit COVID-19 as they seek to answer additional intelligence questions relating to the pandemic. CISA and NCSC advise organizations to follow the mitigation advice below in view of this heightened activity.

Mitigations

CISA and NCSC have previously published information for organizations on password spraying and improving password policy. Putting this into practice will significantly reduce the chance of compromise from this kind of attack.

  • CISA alert on password spraying attacks
  • CISA guidance on choosing and protecting passwords
  • CISA guidance on supplementing passwords
  • NCSC guidance on password spraying attacks
  • NCSC guidance on password administration for system owners
  • NCSC guidance on password deny lists

CISA’s Cyber Essentials for small organizations provides guiding principles for leaders to develop a culture of security and specific actions for IT professionals to put that culture into action. Additionally, the UK government’s Cyber Aware campaign provides useful advice for individuals on how to stay secure online during the coronavirus pandemic. This includes advice on protecting passwords, accounts, and devices.

A number of other mitigations will be of use in defending against the campaigns detailed in this report:

  • Update VPNs, network infrastructure devices, and devices being used to remote into work environments with the latest software patches and configurations. See CISA’s guidance on enterprise VPN security and NCSC guidance on virtual private networks for more information.
  • Use multi-factor authentication to reduce the impact of password compromises. See the U.S. National Cybersecurity Awareness Month’s how-to guide for multi-factor authentication. Also see NCSC guidance on multi-factor authentication services and setting up two factor authentication.
  • Protect the management interfaces of your critical operational systems. In particular, use browse-down architecture to prevent attackers easily gaining privileged access to your most vital assets. See the NCSC blog on protecting management interfaces.
  • Set up a security monitoring capability so you are collecting the data that will be needed to analyze network intrusions. See the NCSC introduction to logging security purposes.
  • Review and refresh your incident management processes. See the NCSC guidance on incident management.
  • Use modern systems and software. These have better security built in. If you cannot move off out-of-date platforms and applications straight away, there are short-term steps you can take to improve your position. See the NCSC guidance on obsolete platform security.
  • Further information: Invest in preventing malware-based attacks across various scenarios. See CISA’s guidance on ransomware and protecting against malicious code. Also see the NCSC guidance on mitigating malware and ransomware attacks.

Contact Information

CISA encourages U.S. users and organizations to contribute any additional information that may relate to this threat by emailing [email protected]

The NCSC encourages UK organizations to report any suspicious activity to the NCSC via their website: https://report.ncsc.gov.uk/.

Disclaimers

This report draws on information derived from CISA, NCSC, and industry sources. Any findings and recommendations made have not been provided with the intention of avoiding all risks and following the recommendations will not remove all such risk. Ownership of information risks remains with the relevant system owner at all times.

CISA does not endorse any commercial product or service, including any subjects of analysis. Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply their endorsement, recommendation, or favoring by CISA.

References

  • [1] CISA Alert: Detecting Citrix CVE-2019-19781
  • [2] NCSC Alert: Actors exploiting Citrix products vulnerability
  • [3] CISA Alert: Continued Exploitation of Pulse Secure VPN Vulnerability
  • [4] NCSC Alert: Vulnerabilities exploited in VPN products used worldwide

Revisions

  • May 5, 2020: Initial Version

This product is provided subject to this Notification and this Privacy & Use policy.

CISA Alerts

AA20-099A: COVID-19 Exploited by Malicious Cyber Actors

Original release date: April 8, 2020

Summary

This is a joint alert from the United States Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC).

This alert provides information on exploitation by cybercriminal and advanced persistent threat (APT) groups of the current coronavirus disease 2019 (COVID-19) global pandemic. It includes a non-exhaustive list of indicators of compromise (IOCs) for detection as well as mitigation advice.

Both CISA and NCSC are seeing a growing use of COVID-19-related themes by malicious cyber actors. At the same time, the surge in teleworking has increased the use of potentially vulnerable services, such as virtual private networks (VPNs), amplifying the threat to individuals and organizations.

APT groups and cybercriminals are targeting individuals, small and medium enterprises, and large organizations with COVID-19-related scams and phishing emails. This alert provides an overview of COVID-19-related malicious cyber activity and offers practical advice that individuals and organizations can follow to reduce the risk of being impacted. The IOCs provided within the accompanying .csv and .stix files of this alert are based on analysis from CISA, NCSC, and industry.

Note: this is a fast-moving situation and this alert does not seek to catalogue all COVID-19-related malicious cyber activity. Individuals and organizations should remain alert to increased activity relating to COVID-19 and take proactive steps to protect themselves.

Technical Details

Summary of Attacks

APT groups are using the COVID-19 pandemic as part of their cyber operations. These cyber threat actors will often masquerade as trusted entities. Their activity includes using coronavirus-themed phishing messages or malicious applications, often masquerading as trusted entities that may have been previously compromised. Their goals and targets are consistent with long-standing priorities such as espionage and “hack-and-leak” operations.

Cybercriminals are using the pandemic for commercial gain, deploying a variety of ransomware and other malware.

Both APT groups and cybercriminals are likely to continue to exploit the COVID-19 pandemic over the coming weeks and months. Threats observed include:

  • Phishing, using the subject of coronavirus or COVID-19 as a lure,
  • Malware distribution, using coronavirus- or COVID-19- themed lures,
  • Registration of new domain names containing wording related to coronavirus or COVID-19, and
  • Attacks against newly—and often rapidly—deployed remote access and teleworking infrastructure.

Malicious cyber actors rely on basic social engineering methods to entice a user to carry out a specific action. These actors are taking advantage of human traits such as curiosity and concern around the coronavirus pandemic in order to persuade potential victims to:

  • Click on a link or download an app that may lead to a phishing website, or the downloading of malware, including ransomware.
    • For example, a malicious Android app purports to provide a real-time coronavirus outbreak tracker but instead attempts to trick the user into providing administrative access to install “CovidLock” ransomware on their device.[1]
  • Open a file (such as an email attachment) that contains malware.
    • For example, email subject lines contain COVID-19-related phrases such as “Coronavirus Update” or “2019-nCov: Coronavirus outbreak in your city (Emergency)”

To create the impression of authenticity, malicious cyber actors may spoof sender information in an email to make it appear to come from a trustworthy source, such as the World Health Organization (WHO) or an individual with “Dr.” in their title. In several examples, actors send phishing emails that contain links to a fake email login page. Other emails purport to be from an organization’s human resources (HR) department and advise the employee to open the attachment.

Malicious file attachments containing malware payloads may be named with coronavirus- or COVID-19-related themes, such as “President discusses budget savings due to coronavirus with Cabinet.rtf.”

Note: a non-exhaustive list of IOCs related to this activity is provided within the accompanying .csv and .stix files of this alert.

Phishing

CISA and NCSC have both observed a large volume of phishing campaigns that use the social engineering techniques described above.

Examples of phishing email subject lines include:

  • 2020 Coronavirus Updates,
  • Coronavirus Updates,
  • 2019-nCov: New confirmed cases in your City, and
  • 2019-nCov: Coronavirus outbreak in your city (Emergency).

These emails contain a call to action, encouraging the victim to visit a website that malicious cyber actors use for stealing valuable data, such as usernames and passwords, credit card information, and other personal information.

SMS Phishing

Most phishing attempts come by email but NCSC has observed some attempts to carry out phishing by other means, including text messages (SMS).

Historically, SMS phishing has often used financial incentivesincluding government payments and rebates (such as a tax rebate)as part of the lure. Coronavirus-related phishing continues this financial theme, particularly in light of the economic impact of the epidemic and governments’ employment and financial support packages. For example, a series of SMS messages uses a UK government-themed lure to harvest email, address, name, and banking information. These SMS messages—purporting to be from “COVID” and “UKGOV” (see figure 1)—include a link directly to the phishing site (see figure 2).

Figure 1: UK government-themed SMS phishing

 

Figure 2: UK government-themed phishing page

As this example demonstrates, malicious messages can arrive by methods other than email. In addition to SMS, possible channels include WhatsApp and other messaging services. Malicious cyber actors are likely to continue using financial themes in their phishing campaigns. Specifically, it is likely that they will use new government aid packages responding to COVID-19 as themes in phishing campaigns.

Phishing for credential theft

A number of actors have used COVID-19-related phishing to steal user credentials. These emails include previously mentioned COVID-19 social engineering techniques, sometimes complemented with urgent language to enhance the lure.

If the user clicks on the hyperlink, a spoofed login webpage appears that includes a password entry form. These spoofed login pages may relate to a wide array of online services including—but not limited to—email services provided by Google or Microsoft, or services accessed via government websites.

To further entice the recipient, the websites will often contain COVID-19-related wording within the URL (e.g., “corona-virus-business-update,” “covid19-advisory,” or “cov19esupport”). These spoofed pages are designed to look legitimate or accurately impersonate well-known websites. Often the only way to notice malicious intent is through examining the website URL. In some circumstances, malicious cyber actors specifically customize these spoofed login webpages for the intended victim.

If the victim enters their password on the spoofed page, the attackers will be able to access the victim’s online accounts, such as their email inbox. This access can then be used to acquire personal or sensitive information, or to further disseminate phishing emails, using the victim’s address book.

Phishing for malware deployment

A number of threat actors have used COVID-19-related lures to deploy malware. In most cases, actors craft an email that persuades the victim to open an attachment or download a malicious file from a linked website. When the victim opens the attachment, the malware is executed, compromising the victim’s device.

For example, NCSC has observed various email messages that deploy the “Agent Tesla” keylogger malware. The email appears to be sent from Dr. Tedros Adhanom Ghebreyesus, Director-General of WHO. This email campaign began on Thursday, March 19, 2020. Another similar campaign offers thermometers and face masks to fight the epidemic. The email purports to attach images of these medical products but instead contains a loader for Agent Tesla.

In other campaigns, emails include a Microsoft Excel attachment (e.g., “8651 8-14-18.xls”) or contain URLs linking to a landing page that contains a button that—if clicked—redirects to download an Excel spreadsheet, such as “EMR Letter.xls”. In both cases, the Excel file contains macros that, if enabled, execute an embedded dynamic-link library (DLL) to install the “Get2 loader” malware. Get2 loader has been observed loading the “GraceWire” Trojan.

The “TrickBot” malware has been used in a variety of COVID-19-related campaigns. In one example, emails target Italian users with a document purporting to be information related to COVID-19 (see figure 3). The document contains a malicious macro that downloads a batch file (BAT), which launches JavaScript, which—in turn—pulls down the TrickBot binary, executing it on the system.

Figure 3: Email containing malicious macro targeting Italian users[2]

In many cases, Trojans—such as Trickbot or GraceWire—will download further malicious files, such as Remote Access Trojans (RATs), desktop-sharing clients, and ransomware. In order to maximize the likelihood of payment, cybercriminals will often deploy ransomware at a time when organizations are under increased pressure. Hospitals and health organizations in the United States,[3] Spain,[4] and across Europe[5] have all been recently affected by ransomware incidents.

As always, individuals and organizations should be on the lookout for new and evolving lures. Both CISA[6],[7] and NCSC[8] provide guidance on mitigating malware and ransomware attacks.

Exploitation of new teleworking infrastructure

Many organizations have rapidly deployed new networks, including VPNs and related IT infrastructure, to shift their entire workforce to teleworking.

Malicious cyber actors are taking advantage of this mass move to telework by exploiting a variety of publicly known vulnerabilities in VPNs and other remote working tools and software. In several examples, CISA and NCSC have observed actors scanning for publicly known vulnerabilities in Citrix. Citrix vulnerability, CVE-2019-19781, and its exploitation have been widely reported since early January 2020. Both CISA[9] and NCSC[10] provide guidance on CVE-2019-19781 and continue to investigate multiple instances of this vulnerability’s exploitation.

Similarly, known vulnerabilities affecting VPN products from Pulse Secure, Fortinet, and Palo Alto continue to be exploited. CISA provides guidance on the Pulse Secure vulnerability[11] and NCSC provides guidance on the vulnerabilities in Pulse Secure, Fortinet, and Palo Alto.[12]

Malicious cyber actors are also seeking to exploit the increased use of popular communications platforms—such as Zoom or Microsoft Teams—by sending phishing emails that include malicious files with names such as “zoom-us-zoom_##########.exe” and “microsoft-teams_V#mu#D_##########.exe” (# representing various digits that have been reported online).[13] CISA and NCSC have also observed phishing websites for popular communications platforms. In addition, attackers have been able to hijack teleconferences and online classrooms that have been set up without security controls (e.g., passwords) or with unpatched versions of the communications platform software.[14]

The surge in teleworking has also led to an increase in the use of Microsoft’s Remote Desktop Protocol (RDP). Attacks on unsecured RDP endpoints (i.e., exposed to the internet) are widely reported online,[15] and recent analysis[16] has identified a 127% increase in exposed RDP endpoints. The increase in RDP use could potentially make IT systems—without the right security measures in place—more vulnerable to attack.[17]

Indicators of compromise

CISA and NCSC are working with law enforcement and industry partners to disrupt or prevent these malicious cyber activities and have published a non-exhaustive list of COVID-19-related IOCs via the following links:

  • AA20-099A_WHITE.csv
  • A20-099A_WHITE.stix

In addition, there are a number of useful publicly available resources that provide details of COVID-19-related malicious cyber activity:

  • Recorded Futures’ report, Capitalizing on Coronavirus Panic, Threat Actors Target Victims Worldwide
  • DomainTools’ Free COVID-19 Threat List – Domain Risk Assessments for Coronavirus Threats
  • GitHub list of IOCs used COVID-19-related cyberattack campaigns gathered by GitHub user Parth D. Maniar
  • GitHub list of Malware, spam, and phishing IOCs that involve the use of COVID-19 or coronavirus gathered by SophosLabs
  • Reddit master thread to collect intelligence relevant to COVID-19 malicious cyber threat actor campaigns
  • Tweet regarding the MISP project’s dedicated #COVID2019 MISP instance to share COVID-related cyber threat information

 

Mitigations

Malicious cyber actors are continually adjusting their tactics to take advantage of new situations, and the COVID-19 pandemic is no exception. Malicious cyber actors are using the high appetite for COVID-19-related information as an opportunity to deliver malware and ransomware, and to steal user credentials. Individuals and organizations should remain vigilant. For information regarding the COVID-19 pandemic, use trusted resources, such as the Centers for Disease Control and Prevention (CDC)’s COVID-19 Situation Summary.

Following the CISA and NCSC advice set out below will help mitigate the risk to individuals and organizations from malicious cyber activity related to both COVID-19 and other themes:

  • CISA guidance for defending against COVID-19 cyber scams
  • CISA Insights: Risk Management for Novel Coronavirus (COVID-19), which provides guidance for executives regarding physical, supply chain, and cybersecurity issues related to COVID-19
  • CISA Alert: Enterprise VPN Security
  • CISA webpage providing a repository of the agency’s COVID-19 guidance
  • NCSC guidance to help spot, understand, and deal with suspicious messages and emails
  • NCSC phishing guidance for organizations and cyber security professionals
  • NCSC guidance on mitigating malware and ransomware attacks
  • NCSC guidance on home working
  • NCSC guidance on end user device security

Phishing guidance for individuals

The NCSC’s suspicious email guidance explains what to do if you’ve already clicked on a potentially malicious email, attachment, or link. It provides advice on who to contact if your account or device has been compromised and some of the mitigation steps you can take, such as changing your passwords. It also offers NCSC’s top tips for spotting a phishing email:

  • Authority – Is the sender claiming to be from someone official (e.g., your bank or doctor, a lawyer, a government agency)? Criminals often pretend to be important people or organizations to trick you into doing what they want.
  • Urgency – Are you told you have a limited time to respond (e.g., in 24 hours or immediately)? Criminals often threaten you with fines or other negative consequences.
  • Emotion – Does the message make you panic, fearful, hopeful, or curious? Criminals often use threatening language, make false claims of support, or attempt to tease you into wanting to find out more.
  • Scarcity – Is the message offering something in short supply (e.g., concert tickets, money, or a cure for medical conditions)? Fear of missing out on a good deal or opportunity can make you respond quickly.

Phishing guidance for organizations and cybersecurity professionals

Organizational defenses against phishing often rely exclusively on users being able to spot phishing emails. However, organizations that widen their defenses to include more technical measures can improve resilience against phishing attacks.

In addition to educating users on defending against these attacks, organizations should consider NCSC’s guidance that splits mitigations into four layers, on which to build defenses:

  1. Make it difficult for attackers to reach your users.
  2. Help users identify and report suspected phishing emails (see CISA Tips, Using Caution with Email Attachments and Avoiding Social Engineering and Phishing Scams).
  3. Protect your organization from the effects of undetected phishing emails.
  4. Respond quickly to incidents.

CISA and NCSC also recommend organizations plan for a percentage of phishing attacks to be successful. Planning for these incidents will help minimize the damage caused.

Communications platforms guidance for individuals and organizations

Due to COVID-19, an increasing number of individuals and organizations are turning to communications platforms—such as Zoom and Microsoft Teams— for online meetings. In turn, malicious cyber actors are hijacking online meetings that are not secured with passwords or that use unpatched software.

Tips for defending against online meeting hijacking (Source: FBI Warns of Teleconferencing and Online Classroom Hijacking During COVID-19 Pandemic, FBI press release, March 30, 2020):

  • Do not make meetings public. Instead, require a meeting password or use the waiting room feature and control the admittance of guests.
  • Do not share a link to a meeting on an unrestricted publicly available social media post. Provide the link directly to specific people.
  • Manage screensharing options. Change screensharing to “Host Only.”
  • Ensure users are using the updated version of remote access/meeting applications.
  • Ensure telework policies address requirements for physical and information security.

Disclaimers

This report draws on information derived from CISA, NCSC, and industry sources. Any findings and recommendations made have not been provided with the intention of avoiding all risks and following the recommendations will not remove all such risk. Ownership of information risks remains with the relevant system owner at all times.

CISA does not endorse any commercial product or service, including any subjects of analysis. Any reference to specific commercial products, processes, or services by service mark, trademark, manufacturer, or otherwise, does not constitute or imply their endorsement, recommendation, or favoring by CISA.

References

  • [1] CovidLock ransomware exploits coronavirus with malicious Android app. TechRepublic.com. March 17, 2020.
  • [2] TrickBot Malware Targets Italy in Fake WHO Coronavirus Emails. Bleeping Computer. March 6, 2020.
  • [3] Maze Ransomware Continues to Hit Healthcare Units amid Coronavirus (COVID-19) Outbreak. Security Boulevard. March 19, 2020.
  • [4] Spanish hospitals targeted with coronavirus-themed phishing lures in Netwalker ransomware attacks. Computing.co.uk. March 24, 2020.
  • [5] COVID-19 Testing Center Hit By Cyberattack. Bleeping Computer. March 14, 2020.
  • [6] CISA Tip: Protecting Against Malicious Code
  • [7] CISA Ransomware webpage
  • [8] NCSC Guidance: Mitigating malware and ransomware attacks
  • [9] CISA Alert: Detecting Citrix CVE-2019-19781
  • [10] NCSC Alert: Actors exploiting Citrix products vulnerability
  • [11] CISA Alert: Continued Exploitation of Pulse Secure VPN Vulnerability
  • [12] NCSC Alert: Vulnerabilities exploited in VPN products used worldwide
  • [13] COVID-19 Impact: Cyber Criminals Target Zoom Domains. Check Point blog. March 30, 2020.
  • [14] FBI Press Release: FBI Warns of Teleconferencing and Online Classroom Hijacking During COVID-19 Pandemic
  • [15] Microsoft Security blog: Human-operated ransomware attacks: A preventable disaster. March 5, 2020.
  • [16] Reposify blog: 127% increase in exposed RDPs due to surge in remote work. March 30. 2020.
  • [17] CISA Tip: Securing Network Infrastructure Devices

Revisions

  • April 8, 2020: Initial Version

This product is provided subject to this Notification and this Privacy & Use policy.

CISA Alerts

Vulnerability Summary for the Week of March 2, 2020

Original release date: March 9, 2020

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
apple — multiple_products
 
A denial of service issue was addressed with improved input validation. 2020-02-28 7.8 CVE-2019-8741
MISC
MISC
MISC
MISC
MISC
MISC
MISC
centreon — centreon
 
An issue was discovered in Centreon before 2.8.30, 18.10.8, 19.04.5, and 19.10.2. SQL Injection exists via the include/monitoring/status/Hosts/xml/hostXML.php instance parameter. 2020-03-05 7.5 CVE-2019-17647
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
CONFIRM
centreon — centreon
 
Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request. 2020-02-28 9 CVE-2020-9463
MISC
cisco — remote_phy_device_software A vulnerability in Cisco Remote PHY Device Software could allow an authenticated, local attacker to execute commands on the underlying Linux shell of an affected device with root privileges. The vulnerability exists because the affected software does not properly sanitize user-supplied input. An attacker who has valid administrator access to an affected device could exploit this vulnerability by supplying certain CLI commands with crafted arguments. A successful exploit could allow the attacker to run arbitrary commands as the root user, which could result in a complete system compromise. 2020-03-04 7.2 CVE-2020-3176
CISCO

cisco — webex_network_recording_player_for_microsoft_windows_and_webex_player_for_microsoft_windows

Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements within a Webex recording that is stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a malicious ARF or WRF file to a user through a link or email attachment and persuading the user to open the file on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. 2020-03-04 9.3 CVE-2020-3127
CISCO
MISC

cisco — webex_network_recording_player_for_microsoft_windows_and_webex_player_for_microsoft_windows

Multiple vulnerabilities in Cisco Webex Network Recording Player for Microsoft Windows and Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerabilities are due to insufficient validation of certain elements within a Webex recording that is stored in either the Advanced Recording Format (ARF) or the Webex Recording Format (WRF). An attacker could exploit these vulnerabilities by sending a malicious ARF or WRF file to a user through a link or email attachment and persuading the user to open the file on the local system. A successful exploit could allow the attacker to execute arbitrary code on the affected system with the privileges of the targeted user. 2020-03-04 9.3 CVE-2020-3128
CISCO
d-link — dsl-2680_router
 
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to reboot the router by submitting a reboot.html GET request without being authenticated on the admin interface. 2020-03-04 7.8 CVE-2019-19223
MISC
MISC
MISC
MISC
d-link — dwl-2600ap_devices
 
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Upgrade Firmware functionality in the Web interface, using shell metacharacters in the admin.cgi?action=upgrade firmwareRestore or firmwareServerip parameter. 2020-03-05 7.2 CVE-2019-20501
MISC
MISC
d-link — dwl-2600ap_devices
 
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_save configBackup or downloadServerip parameter. 2020-03-05 7.2 CVE-2019-20500
MISC
MISC
d-link — dwl-2600ap_devices
 
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Restore Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=config_restore configRestore or configServerip parameter. 2020-03-05 7.2 CVE-2019-20499
MISC
MISC
enpeem — enpeem
 
enpeem through 2.2.0 allows execution of arbitrary commands. The “options.dir” argument is provided to the “exec” function without any sanitization. 2020-02-28 7.5 CVE-2019-10801
MISC
MISC
envoy_proxy — envoy
 
CNCF Envoy through 1.13.0 has incorrect Access Control when using SDS with Combined Validation Context. Using the same secret (e.g. trusted CA) across many resources together with the combined validation context could lead to the “static” part of the validation context to be not applied, even though it was visible in the active config dump. 2020-03-04 7.5 CVE-2020-8664
MISC
CONFIRM
envoy_proxy — envoy
 
CNCF Envoy through 1.13.0 TLS inspector bypass. TLS inspector could have been bypassed (not recognized as a TLS client) by a client using only TLS 1.3. Because TLS extensions (SNI, ALPN) were not inspected, those connections might have been matched to a wrong filter chain, possibly bypassing some security restrictions in the process. 2020-03-04 7.5 CVE-2020-8660
MISC
CONFIRM
eset — cyber_security
 
A permissions issue in ESET Cyber Security before 6.8.300.0 for macOS allows a local attacker to escalate privileges by appending data to root-owned files. 2020-03-03 7.2 CVE-2019-19792
MISC
eset — mutliple_products
 
The ESET AV parsing engine allows virus-detection bypass via a crafted BZ2 Checksum field in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux Desktop. 2020-03-05 7.5 CVE-2020-10180
MISC
eyesofnetwork — eonweb An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the user_id field in a cookie. 2020-02-28 7.5 CVE-2020-9465
MISC
MISC
fasterxml — jackson-databind A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code. 2020-03-02 7.5 CVE-2019-14893
CONFIRM
MISC
fasterxml — jackson-databind A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code. 2020-03-02 7.5 CVE-2019-14892
CONFIRM
MISC
huawei — honor_v10_smartphones
 
Honor V10 smartphones with versions earlier than BKL-AL20 10.0.0.156(C00E156R2P4) and versions earlier than BKL-L09 10.0.0.146(C432E4R1P4) have an out of bounds write vulnerability. The software writes data past the end of the intended buffer because of insufficient validation of certain parameter when initializing certain driver program. An attacker could trick the user into installing a malicious application, successful exploit could cause the device to reboot. 2020-02-28 7.1 CVE-2020-1792
MISC
huawei — nip6800_and_secospace_ugs6600_and_usg9500_devices
 
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds read vulnerability. An unauthenticated attacker crafts malformed message with specific parameter and sends the message to the affected products. Due to insufficient validation of message, which may be exploited to cause the device reboot. 2020-02-28 7.8 CVE-2020-1873
MISC
hunan_jinyun_network_technology — pbootcms An issue was discovered in PbootCMS. There is a SQL injection via the api.php/List/index order parameter. 2020-03-02 7.5 CVE-2018-16356
MISC
hunan_jinyun_network_technology — pbootcms An issue was discovered in PbootCMS. There is a SQL injection via the api.php/Cms/search order parameter. 2020-03-02 7.5 CVE-2018-16357
MISC
kill-port-process — kill-port-process The kill-port-process package version < 2.2.0 is vulnerable to a Command Injection vulnerability. 2020-02-28 10 CVE-2019-15609
MISC
mangoraft — giting giting version prior to 0.0.8 allows execution of arbritary commands. The first argument “repo” of function “pull()” is executed by the package without any validation. 2020-02-28 7.5 CVE-2019-10802
MISC
MISC
mikrotik — routeros An issue was discovered in Mikrotik RouterOS. Crafting a packet that has a size of 1 byte and sending it to an IPv6 address of a RouterOS box with IP Protocol 97 will cause RouterOS to reboot imminently. All versions of RouterOS that supports EoIPv6 are vulnerable to this attack. 2020-03-02 7.1 CVE-2018-5951
MISC
mitel — micollab_awv
 
A SQL injection vulnerability in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the session parameter. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts. 2020-03-02 7.5 CVE-2019-19607
MISC
CONFIRM
mitel — micollab_awv
 
A SQL injection vulnerability in in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attack due to insufficient input validation for the registeredList.cgi page. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts. 2020-03-02 7.5 CVE-2019-19608
MISC
CONFIRM
netgear — wnr10004_routers
 
An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the web management interface (setup.cgi) are vulnerable to command injection, allowing remote attackers to execute arbitrary commands, as demonstrated by shell metacharacters in the sysDNSHost parameter. 2020-03-02 7.5 CVE-2019-20488
MISC
netkit-telnet — netkit-telnet
 
utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. 2020-03-06 10 CVE-2020-10188
MISC
MISC
node-pdf-image — node-pdf-image Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input. 2020-02-28 7.5 CVE-2020-8132
MISC
openvpn — openvpn_connect OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\drivers\tap\amd64\win10, which allows local users to gain privileges by copying a malicious drvstore.dll there. 2020-02-28 7.2 CVE-2020-9442
MISC
phpgurukul — daily_expense_tracker_system PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to SQL injection, as demonstrated by the email parameter in index.php or register.php. The SQL injection allows to dump the MySQL database and to bypass the login prompt. 2020-03-05 7.5 CVE-2020-10106
MISC
plat’home — openblocks_iot_vx2
 
OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors. 2020-03-04 8.3 CVE-2020-5535
MISC
MISC
push-dir — push-dir
 
push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable “opt.branch” is not validated before being provided to the “git” command within “index.js#L139”. This could be abused by an attacker to inject arbitrary commands. 2020-02-28 7.5 CVE-2019-10803
MISC
MISC
qualcomm — multiple_snapdragon_products Null-pointer dereference can occur while accessing the segment element info when it is not allocated and assigned in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS405, QCS605, QM215, Rennell, Saipan, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 7.8 CVE-2019-14061
CONFIRM
qualcomm — multiple_snapdragon_products Possible double free issue in WLAN due to lack of checking memory free condition. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8053, MDM9640, SDA660, SDM636, SDM660, SDX20 2020-03-05 7.2 CVE-2018-11838
CONFIRM
qualcomm — multiple_snapdragon_products Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996, MSM8996AU, MSM8998, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCS605, SA6155P, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130 2020-03-05 10 CVE-2019-2311
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possible integer overflow while checking the length of frame which is a 32 bit integer and is added to another 32 bit integer which can lead to unexpected result during the check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MDM9607, MSM8998, QCA6584, QCN7605, QCS605, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130 2020-03-05 10 CVE-2019-14086
CONFIRM
qualcomm — multiple_snapdragon_products
 
Access to the uninitialized variable when the driver tries to unmap the dma buffer of a request which was never mapped in the first place leading to kernel failure in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8009, APQ8053, MDM9607, MDM9640, MSM8909W, MSM8953, QCA6574AU, QCS605, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SM8150, SXR1130 2020-03-05 7.2 CVE-2019-14079
CONFIRM
qualcomm — multiple_snapdragon_products
 
Out-of-bound writes occurs due to lack of check of buffer size will cause buffer overflow only in 32bit architecture. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, MDM9150, MDM9205, MDM9607, MDM9650, MSM8905, Nicobar, QCS405, QCS605, Rennell, SA6155P, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SM6150, SM7150, SM8150, SXR1130 2020-03-05 7.2 CVE-2019-14050
CONFIRM
qualcomm — multiple_snapdragon_products
 
Memory use after free issue in audio due to lack of resource control in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDA845, SDM670, SDM710, SDM845, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 7.2 CVE-2019-14032
CONFIRM
qualcomm — multiple_snapdragon_products
 
Null pointer dereference issue can happen due to improper validation of CSEQ header response received from network in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, Nicobar, QCM2150, QM215, Rennell, SC8180X, SDM429, SDM429W, SDM439, SDM450, SDM632, SDX24, SDX55, SM6150, SM7150, SM8150 2020-03-05 7.8 CVE-2019-10549
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possible buffer overflow in WLAN Parser due to lack of length check when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCN7605, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 10 CVE-2019-14097
CONFIRM
qualcomm — multiple_snapdragon_products
 
The size of a buffer is determined by addition and multiplications operations that have the potential to overflow due to lack of bound check in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, QCS404, Rennell, SC8180X, SDM845, SDM850, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130 2020-03-05 7.2 CVE-2019-14030
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possible Integer underflow in WLAN function due to lack of check of data received from user side in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in QCN7605, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130 2020-03-05 7.2 CVE-2019-14085
CONFIRM
qualcomm — multiple_snapdragon_products
 
While parsing Service Descriptor Extended Attribute received as part of SDF frame, there is a possibility that incorrect length is specified in the attribute length field of extended SSI which can lead to integer underflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096, APQ8098, IPQ6018, IPQ8074, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6390, QCA6574AU, QCA8081, QCA9377, QCA9379, QCN7605, QCS404, QCS405, QCS605, Rennell, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130 2020-03-05 10 CVE-2019-14083
CONFIRM
qualcomm — multiple_snapdragon_products
 
Use after free issue occurs If the real device interface goes down and a route lookup is performed while sending a raw IPv6 message in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8917, MSM8937, MSM8996AU, QCN7605, SDA845, SDM630, SDM636, SDM660, SDX20, SXR1130 2020-03-05 7.2 CVE-2019-10603
CONFIRM
qualcomm — multiple_snapdragon_products
 
Buffer overflow occurs while processing LMP packet in which name length parameter exceeds value specified in BT-specification in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8016, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6390, QCA6574AU, QCA9377, QCA9379, QCA9886, QCM2150, QCN7605, QCS404, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 10 CVE-2019-14095
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possible buffer overflow in WLAN handler due to lack of validation of destination buffer size before copying into it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8098, IPQ8074, MDM9206, MDM9207C, MDM9607, MSM8996, MSM8996AU, MSM8998, QCA6174A, QCA6574AU, QCA8081, QCA9377, QCA9379, QCA9886, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130 2020-03-05 10 CVE-2019-2300
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possible buffer overflow in data offload handler due to lack of check of keydata length when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, QCA9886, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SXR1130, SXR2130 2020-03-05 10 CVE-2019-14098
CONFIRM
qualcomm — multiple_snapdragon_products
 
Buffer overflow can occur in WLAN firmware while parsing beacon/probe_response frames during roaming in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8096, APQ8096AU, IPQ6018, IPQ8074, MDM9607, MDM9640, MDM9650, MSM8996AU, Nicobar, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCS404, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 10 CVE-2019-10546
CONFIRM
qualcomm — multiple_snapdragon_products
 
Potential buffer over-read due to lack of bound check of memory offset passed in WLAN firmware in Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9207C, MDM9607, QCN7605, SM8150 2020-03-05 9.4 CVE-2019-14082
CONFIRM
qualcomm — multiple_snapdragon_products
 
Out of bound write in WLAN driver due to NULL character not properly placed after SSID name in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9150, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SC8180X, SDA845, SDM450, SDX20, SDX24, SDX55, SXR1130 2020-03-05 10 CVE-2019-10526
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possible buffer overflow while processing clientlog and serverlog due to lack of validation of data received in logs in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8096AU, QCS605, SDM439, SM8150, SXR1130 2020-03-05 10 CVE-2019-14045
CONFIRM
red_hat — jboss_keycloak A flaw was found in all versions of the Keycloak operator, before version 8.0.2,(community only) where the operator generates a random admin password when installing Keycloak, however the password remains the same when deployed to the same OpenShift namespace. 2020-03-02 7.5 CVE-2020-1731
CONFIRM
rubetek — smarthome_2020_devices Rubetek SmartHome 2020 devices use unencrypted 433 MHz communication between controllers and beacons, allowing an attacker to sniff and spoof beacon requests remotely. 2020-03-04 7.5 CVE-2020-9550
MISC
MISC
serial-number — serial-number
 
serial-number through 1.3.0 allows execution of arbritary commands. The “cmdPrefix” argument in serialNumber function is used by the “exec” function without any validation. 2020-02-28 7.5 CVE-2019-10804
MISC
MISC
suse — multiple_products A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of salt of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Factory allows local attackers to escalate privileges from user salt to root. This issue affects: SUSE Linux Enterprise Server 12 salt-master version 2019.2.0-46.83.1 and prior versions. SUSE Linux Enterprise Server 15 salt-master version 2019.2.0-6.21.1 and prior versions. openSUSE Factory salt-master version 2019.2.2-3.1 and prior versions. 2020-03-02 7.2 CVE-2019-18897
CONFIRM
suse — multiple_products A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-3.5.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-3.21.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.6.1. openSUSE Factory wicked versions prior to 0.6.62. 2020-03-02 7.5 CVE-2019-18902
CONFIRM
suse — multiple_products
 
A Use After Free vulnerability in wicked of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15; openSUSE Leap 15.1, Factory allows remote attackers to cause DoS or potentially code execution. This issue affects: SUSE Linux Enterprise Server 12 wicked versions prior to 0.6.60-2.18.1. SUSE Linux Enterprise Server 15 wicked versions prior to 0.6.60-28.26.1. openSUSE Leap 15.1 wicked versions prior to 0.6.60-lp151.2.9.1. openSUSE Factory wicked versions prior to 0.6.62. 2020-03-02 7.5 CVE-2019-18903
CONFIRM
suse — multiple_products
 
A Improper Control of Generation of Code vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows the user pcp to run code as root by placing it into /var/log/pcp/configs.sh This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise High Performance Computing 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15-SP1 pcp versions prior to 4.3.1-3.5.3. SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server for SAP 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Software Development Kit 12-SP4 pcp versions prior to 3.11.9-6.14.1. SUSE Linux Enterprise Software Development Kit 12-SP5 pcp versions prior to 3.11.9-6.14.1. openSUSE Leap 15.1 pcp versions prior to 4.3.1-lp151.2.3.1. 2020-03-03 7.2 CVE-2019-3695
CONFIRM
united_nations — unctad_automated_systems_for_customs_data
 
An issue was discovered in UNCTAD ASYCUDA World 2001 through 2020. The Java RMI Server has an Insecure Default Configuration, leading to Java Code Execution from a remote URL because an RMI Distributed Garbage Collector method is called. 2020-03-04 7.5 CVE-2020-9761
MISC
MISC
xiaomi –ai_speaker_mdz_25
 
An issue was discovered on XIAOMI AI speaker MDZ-25-DT 1.34.36, and 1.40.14. Attackers can get root shell by accessing the UART interface and then they can read Wi-Fi SSID or password, read the dialogue text files between users and XIAOMI AI speaker, use Text-To-Speech tools pretend XIAOMI speakers’ voice achieve social engineering attacks, eavesdrop on users and record what XIAOMI AI speaker hears, delete the entire XIAOMI AI speaker system, modify system files, stop voice assistant service, start the XIAOMI AI speaker’s SSH service as a backdoor 2020-03-05 7.2 CVE-2020-8994
MISC
MISC
MISC
zoho — mangeengine_desktop_central
 
Zoho ManageEngine Desktop Central 10 allows remote code execution because of deserialization of untrusted data in getChartImage in the FileStorage class. This is related to the CewolfServlet and MDMLogUploaderServlet servlets. 2020-03-06 10 CVE-2020-10189
MISC
MISC
MISC
zyxel_communications — multiple_network_attached_storage_devices
 
Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. ZyXEL NAS devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to properly sanitize the username parameter that is passed to it. If the username parameter contains certain characters, it can allow command injection with the privileges of the web server that runs on the ZyXEL device. Although the web server does not run as the root user, ZyXEL devices include a setuid utility that can be leveraged to run any command with root privileges. As such, it should be assumed that exploitation of this vulnerability can lead to remote code execution with root privileges. By sending a specially-crafted HTTP POST or GET request to a vulnerable ZyXEL device, a remote, unauthenticated attacker may be able to execute arbitrary code on the device. This may happen by directly connecting to a device if it is directly exposed to an attacker. However, there are ways to trigger such crafted requests even if an attacker does not have direct connectivity to a vulnerable devices. For example, simply visiting a website can result in the compromise of any ZyXEL device that is reachable from the client system. Affected products include: NAS326 before firmware V5.21(AAZF.7)C0 NAS520 before firmware V5.21(AASZ.3)C0 NAS540 before firmware V5.21(AATB.4)C0 NAS542 before firmware V5.21(ABAG.4)C0 ZyXEL has made firmware updates available for NAS326, NAS520, NAS540, and NAS542 devices. Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2 2020-03-04 10 CVE-2020-9054
MISC
MISC
CERT-VN
MISC
CONFIRM

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
360 — f5c_router_firmware By adding some special fields to the uri ofrouter app function, the user could abuse background app cgi functions withoutauthentication. This affects 360 router P0 and F5C. 2020-03-04 5 CVE-2019-3404
CONFIRM
advsys — build_engine Multiple buffer overflow vulnerabilities have been found in Ken Silverman Build Engine 1. An attacker could craft a special map file to execute arbitrary code when the map file is loaded. 2020-03-02 6.8 CVE-2018-20343
MISC
artica — pandora_fms In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. 2020-03-02 6.5 CVE-2020-8500
MISC
atutor — atutor
 
Multiple cross-site request forgery (CSRF) vulnerabilities in ATutor 2.2 allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator account via a request to mods/_core/users/admins/create.php or (2) create a user account via a request to mods/_core/users/create_user.php. 2020-03-02 6.8 CVE-2015-1583
MISC
BID
MISC
CONFIRM
CONFIRM
CONFIRM
avast — avast_av
 
The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. This affects versions before 12 definitions 200114-0 of Antivirus Pro, Antivirus Pro Plus, and Antivirus for Linux. 2020-02-28 4.3 CVE-2020-9399
MISC
MISC
avaya — aura_conferencing
 
A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and earlier. Successful exploitation could potentially allow an unauthenticated attacker to access files that are outside the restricted directory on the remote server. 2020-02-28 5 CVE-2019-7007
CONFIRM
bittorrent — utorrent
 
The bencoding parser in BitTorrent uTorrent through 3.5.5 (build 45505) misparses nested bencoded dictionaries, which allows a remote attacker to cause a denial of service. 2020-03-02 5 CVE-2020-8437
MISC
MISC
CONFIRM
blab — multiple_products
 
An insecure random number generation vulnerability in BlaB! AX, BlaB! AX Pro, BlaB! WS (client), and BlaB! WS Pro (client) version 19.11 allows an attacker (with a guest or user session cookie) to escalate privileges by retrieving the cookie salt value and creating a valid session cookie for an arbitrary user or admin. 2020-02-28 6.5 CVE-2020-9449
MISC
centreon — centreon An issue was discovered in Centreon before 2.8-30, 18.10-8, 19.04-5, and 19.10-2.. It provides sensitive information via an unauthenticated direct request for include/configuration/configObject/host/refreshMacroAjax.php. 2020-03-04 5 CVE-2019-17644
MISC
centreon — centreon
 
An issue was discovered in Centreon before 2.8.31, 18.10.9, 19.04.6, and 19.10.3. It provides sensitive information via an unauthenticated direct request for include/configuration/configObject/service/refreshMacroAjax.php. 2020-03-05 5 CVE-2019-17645
CONFIRM
CONFIRM
CONFIRM
MISC
CONFIRM
CONFIRM
centreon — centreon
 
An issue was discovered in Centreon before 2.8-30,18.10-8, 19.04-5, and 19.10-2. It provides sensitive information via an unauthenticated direct request for include/monitoring/recurrentDowntime/GetXMLHost4Services.php. 2020-03-04 5 CVE-2019-17643
CONFIRM
CONFIRM
CONFIRM
CONFIRM
centreon — centreon
 
An issue was discovered in Centreon before 18.10.8, 19.04.5, and 19.10.2. It provides sensitive information via an unauthenticated direct request for api/external.php?object=centreon_metric&action=listByService. 2020-03-05 5 CVE-2019-17646
CONFIRM
CONFIRM
CONFIRM
MISC
MISC
centreon — centreon
 
An issue was discovered in Centreon before 18.10.8, 19.10.1, and 19.04.2. It allows CSRF with resultant remote command execution via shell metacharacters in a POST to centreon-autodiscovery-server/views/scan/ajax/call.php in the Autodiscovery plugin. 2020-03-05 6.8 CVE-2019-17642
MISC
CONFIRM
CONFIRM
CONFIRM
cisco — asyncos_software_for_cisco_email_appliances
 
A vulnerability in the malware detection functionality in Cisco Advanced Malware Protection (AMP) in Cisco AsyncOS Software for Cisco Email Security Appliances (ESAs) could allow an unauthenticated remote attacker to exhaust resources on an affected device. The vulnerability is due to insufficient control over system memory allocation. An attacker could exploit this vulnerability by sending a crafted email through the targeted device. A successful exploit could allow the attacker to cause an email attachment that contains malware to be delivered to a user and cause email processing delays. 2020-03-04 6.4 CVE-2020-3181
CISCO
cisco — multiple_products
 
A vulnerability in the SSL implementation of the Cisco Intelligent Proximity solution could allow an unauthenticated, remote attacker to view or alter information shared on Cisco Webex video devices and Cisco collaboration endpoints if the products meet the conditions described in the Vulnerable Products section. The vulnerability is due to a lack of validation of the SSL server certificate received when establishing a connection to a Cisco Webex video device or a Cisco collaboration endpoint. An attacker could exploit this vulnerability by using man in the middle (MITM) techniques to intercept the traffic between the affected client and an endpoint, and then using a forged certificate to impersonate the endpoint. Depending on the configuration of the endpoint, an exploit could allow the attacker to view presentation content shared on it, modify any content being presented by the victim, or have access to call controls. This vulnerability does not affect cloud registered collaboration endpoints. 2020-03-04 5.8 CVE-2020-3155
CISCO
cisco — prime_collaboration_provisioning
 
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to obtain sensitive information about an affected device. The vulnerability exists because replies from the web-based management interface include unnecessary server information. An attacker could exploit this vulnerability by inspecting replies received from the web-based management interface. A successful exploit could allow the attacker to obtain details about the operating system, including the web server version that is running on the device, which could be used to perform further attacks. 2020-03-04 5 CVE-2020-3193
CISCO
cisco — prime_network_collaboration_provisioning
 
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. 2020-03-04 4.3 CVE-2020-3192
CISCO
cisco — prime_network_registrar

 

A vulnerability in the web-based interface of Cisco Prime Network Registrar (CPNR) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections in the web-based interface. An attacker could exploit this vulnerability by persuading a targeted user, with an active administrative session on the affected device, to click a malicious link. A successful exploit could allow an attacker to change the device’s configuration, which could include the ability to edit or create user accounts of any privilege level. Some changes to the device’s configuration could negatively impact the availability of networking services for other devices on networks managed by CPNR. 2020-03-04 4.3 CVE-2020-3148
CISCO
cisco — ios_xr_software
 
A vulnerability in the IPsec packet processor of Cisco IOS XR Software could allow an unauthenticated remote attacker to cause a denial of service (DoS) condition for IPsec sessions to an affected device. The vulnerability is due to improper handling of packets by the IPsec packet processor. An attacker could exploit this vulnerability by sending malicious ICMP error messages to an affected device that get punted to the IPsec packet processor. A successful exploit could allow the attacker to deplete IPsec memory, resulting in all future IPsec packets to an affected device being dropped by the device. Manual intervention is required to recover from this situation. 2020-03-04 5 CVE-2020-3190
CISCO
cisco — multiple_products
 
A vulnerability in the web-based management interface of Cisco AsyncOS for Cisco Email Security Appliance (ESA), Cisco Web Security Appliance (WSA), and Cisco Content Security Management Appliance (SMA) could allow an unauthenticated remote attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific HTTP request headers. An attacker could exploit this vulnerability by sending a malformed HTTP request to an affected device. A successful exploit could allow the attacker to trigger a prolonged status of high CPU utilization relative to the GUI process(es). Upon successful exploitation of this vulnerability, an affected device will still be operative, but its response time and overall performance may be degraded. 2020-03-04 5 CVE-2020-3164
CISCO

commscope — arris_tg1692a_firmware

ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password by reading the /login page and performing base64 decoding. 2020-03-04 5 CVE-2020-9476
MISC
MISC
craft_cms — craft_cms The Seomatic component before 3.2.46 for Craft CMS allows Server-Side Template Injection and information disclosure via malformed data to the metacontainers controller. 2020-03-04 5 CVE-2020-9757
MISC
creative_solutions — creative_contact_form_for_joomla
 
An issue was discovered in helpers/mailer.php in the Creative Contact Form extension 4.6.2 before 2019-12-03 for Joomla!. A directory traversal vulnerability resides in the filename field for uploaded attachments via the creativecontactform_upload parameter. An attacker could exploit this vulnerability with the “Send me a copy” option to receive any files of the filesystem via email. 2020-03-04 5 CVE-2020-9364
FULLDISC
MISC
MISC
d-link — dsl-2680_devices A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to change DNS servers without being authenticated on the admin interface by submitting a crafted Forms/dns_1 POST request. 2020-03-04 5 CVE-2019-19225
MISC
MISC
MISC
MISC
d-link — dsl-2680_devices
 
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to download the configuration (binary file) settings by submitting a rom-0 GET request without being authenticated on the admin interface. 2020-03-04 5 CVE-2019-19224
MISC
MISC
MISC
MISC
d-link — dsl-2680_devices
 
A Broken Access Control vulnerability in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an attacker to enable or disable MAC address filtering by submitting a crafted Forms/WlanMacFilter_1 POST request without being authenticated on the admin interface. 2020-03-04 5 CVE-2019-19226
MISC
MISC
MISC
MISC
dl-ink — dir-615jx10_devices fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup_Wizard webpage parameter when f_radius_ip1 is malformed. 2020-03-02 6.5 CVE-2020-9535
MISC
dl-ink — dir-615jx10_devices
 
fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup webpage parameter when f_radius_ip1 is malformed. 2020-03-02 6.5 CVE-2020-9534
MISC

easyio — easyio-30p_devices

EasyIO EasyIO-30P devices before 2.0.5.27 have Incorrect Access Control, related to webuser.js. 2020-03-02 5 CVE-2018-15819
MISC
MISC
easyio — easyio-30p_devices
 
EasyIO EasyIO-30P devices before 2.0.5.27 allow XSS via the dev.htm GDN parameter. 2020-03-02 4.3 CVE-2018-15820
MISC
MISC
efs — easy_chat_server An issue was discovered in EFS Easy Chat Server 3.1. There is a buffer overflow via a long body2.ghp message parameter. 2020-03-05 5 CVE-2019-20502
MISC
envoy_proxy — envoy
 
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when proxying HTTP/1.1 requests or responses with many small (i.e. 1 byte) chunks. 2020-03-04 5 CVE-2020-8659
MISC
CONFIRM
envoy_proxy — envoy
 
CNCF Envoy through 1.13.0 may consume excessive amounts of memory when responding internally to pipelined requests. 2020-03-04 5 CVE-2020-8661
MISC
CONFIRM
eset — cyber_security
 
ESET Cyber Security before 6.8.1.0 is vulnerable to a denial-of-service allowing any user to stop (kill) ESET processes. An attacker can abuse this bug to stop the protection from ESET and launch his attack. 2020-03-03 4 CVE-2019-17549
MISC
facebook — hhvm
 
Insufficient boundary checks when decoding JSON in TryParse reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7. 2020-03-03 5 CVE-2020-1893
CONFIRM
CONFIRM
facebook — hhvm
 
Insufficient boundary checks when decoding JSON in JSON_parser allows read access to out of bounds memory, potentially leading to information leak and DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7. 2020-03-03 6.4 CVE-2020-1892
CONFIRM
CONFIRM
facebook — hhvm
 
Insufficient boundary checks when decoding JSON in handleBackslash reads out of bounds memory, potentially leading to DOS. This issue affects HHVM 4.45.0, 4.44.0, 4.43.0, 4.42.0, 4.41.0, 4.40.0, 4.39.0, versions between 4.33.0 and 4.38.0 (inclusive), versions between 4.9.0 and 4.32.0 (inclusive), and versions prior to 4.8.7. 2020-03-03 5 CVE-2020-1888
CONFIRM
CONFIRM
fasterxml — jackson-databind
 
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). 2020-03-02 6.8 CVE-2020-9546
MISC
MLIST
MISC
MLIST
MLIST
MLIST
MLIST
MISC
fasterxml — jackson-databind
 
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). 2020-03-02 6.8 CVE-2020-9547
MISC
MLIST
MISC
MISC
MLIST
MISC
MLIST
MLIST
MLIST
MISC
MLIST
MISC
fasterxml — jackson_databind
 
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). 2020-03-02 6.8 CVE-2020-9548
MISC
MLIST
MLIST
MLIST
MLIST
MLIST
MISC
fleetco — fleet_maintenance_management
 
Fleetco Fleet Maintenance Management (FMM) 1.2 and earlier allows uploading an arbitrary “.php” file with the application/x-php Content-Type to the accidents_add.php?submit=1 URI, as demonstrated by the value_Images_1 field, which leads to remote command execution on the remote server. Any authenticated user can exploit this. 2020-03-02 6.5 CVE-2018-19798
EXPLOIT-DB
genixcms — genixcms
 
GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broken access control. This issue exists because of an incomplete fix for CVE-2015-2680, in which “token” is used as a CSRF protection mechanism, but without validation that “token” is associated with an administrative user. 2020-03-04 6.8 CVE-2020-10057
MISC
grandit — grandit
 
GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0 do not properly manage sessions, which allows remote attackers to impersonate an arbitrary user and then alter or disclose the information via unspecified vectors. 2020-03-02 6.4 CVE-2020-5539
MISC
MISC
gwtupload — gwtupload The file-upload feature in GwtUpload 1.0.3 allows XSS via a crafted filename. 2020-02-28 4.3 CVE-2020-9447
MISC
hostapd — hostapd
 
hostapd before 2.6, in EAP mode, makes calls to the rand() and random() standard library functions without any preceding srand() or srandom() call, which results in inappropriate use of deterministic values. This was fixed in conjunction with CVE-2016-10743. 2020-02-28 5 CVE-2019-10064
MISC
FULLDISC
MLIST
MLIST
MISC
hp — oneview_global_dashboard
 
HPE OneView Global Dashboard (OVGD) 1.9 has a remote information disclosure vulnerability. HPE OneView Global Dashboard – After Upgrade or Install of OVGD Version 1.9, Appliance Firewall May Leave Ports Open. This is resolved in OVGD 1.91 or later. 2020-03-04 5 CVE-2020-7130
MISC
huawei — nip6800_and_secospace_ugs6600_and_usg9500_devices NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when administrator log in to the device and performs some operations. Successful exploit could cause certain process reboot. 2020-02-28 4.9 CVE-2020-1877
MISC
huawei — nip6800_and_secospace_ugs6600_and_usg9500_devices
 
NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient validation of packets, which may be exploited to cause the process reboot. 2020-02-28 5 CVE-2020-1876
MISC
huawei — nip6800_and_secospace_ugs6600_and_usg9500_devices
 
NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have a invalid pointer access vulnerability. The software system access an invalid pointer when operator logs in to the device and performs some operations. Successful exploit could cause certain process reboot. 2020-02-28 4.9 CVE-2020-1874
MISC
huawei — nip6800_and_secospace_ugs6600_and_usg9500_devices
 
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have have a resource management error vulnerability. An attacker needs to perform specific operations to trigger a function of the affected device. Due to improper resource management of the function, the vulnerability can be exploited to cause service abnormal on affected devices. 2020-02-28 5 CVE-2020-1881
MISC
huawei — nip6800_and_secospace_ugs6600_and_usg9500_devices
 
NIP6800;Secospace USG6600;USG9500 products with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an access control bypass vulnerability. Attackers that can access to the internal network can exploit this vulnerability with careful deployment. Successful exploit may cause the access control to be bypassed, and attackers can directly access the Internet. 2020-02-28 5 CVE-2020-1860
MISC
huawei — pcmanager
 
PCManager with versions earlier than 10.0.5.51 have a privilege escalation vulnerability in Huawei PCManager products. An authenticated, local attacker can perform specific operation to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege. 2020-02-28 4.6 CVE-2020-1844
MISC
humax — hga12r-02_brgcaa_devices HUMAX HGA12R-02 BRGCAA 1.1.53 devices allow Session Hijacking. 2020-03-05 6.4 CVE-2020-9370
MISC
MISC
humax — hga12r-02_brgcaa_devices
 
An issue was discovered on HUMAX HGA12R-02 BRGCAA 1.1.53 devices. A vulnerability in the authentication functionality in the web-based interface could allow an unauthenticated remote attacker to capture packets at the time of authentication and gain access to the cleartext password. An attacker could use this access to create a new user account or control the device. 2020-03-04 5 CVE-2020-9477
MISC
MISC

ibm — bigfix_self-service_application

BigFix Self-Service Application (SSA) is vulnerable to arbitrary code execution if Javascript code is included in Running Message or Post Message HTML. 2020-02-28 6 CVE-2019-4301
CONFIRM
ibm — security_information_queue IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 176206. 2020-03-02 5 CVE-2020-4283
XF
CONFIRM
ibm — security_information_queue
 
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 uses a cross-domain policy file that includes domains that should not be trusted which could disclose sensitive information. IBM X-Force ID: 176335. 2020-03-02 5 CVE-2020-4292
XF
CONFIRM
idm — ultraedit
 
An issue was discovered in IDM UltraEdit through 24.10.0.32. To exploit the vulnerability, on unpatched Windows systems, an attacker could include in the same directory as the affected executable a DLL using the name of a Windows DLL. This DLL must be preloaded by the executable (for example, “ntmarta.dll”). When the installer EXE is executed by the user, the DLL located in the EXE’s current directory will be loaded instead of the Windows DLL, allowing the attacker to run arbitrary code on the affected system. 2020-03-02 6.9 CVE-2017-12580
MISC
MISC
jaba — jaba_xpress_online_shope
 
An issue was discovered in JABA XPress Online Shop through 2018-09-14. It contains an arbitrary file upload vulnerability in the picture-upload feature of ProductEdit.aspx. An authenticated attacker may bypass the frontend filename validation and upload an arbitrary file via FileUploader.aspx.cs in FileUploader.aspx by using empty w and h parameters. This file may contain arbitrary aspx code that may be executed by accessing /Jec/ProductImages/<number>/<filename>. Accessing the file once uploaded does not require authentication. 2020-03-02 6.5 CVE-2018-17058
MISC
juniper — junos
 
Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specific information and will open a wider TCP data channel (gate) from client IP to server IP on all destination TCP ports. In FTP/FTPS client environments to an enterprise network or the Internet, this is the desired behavior as it allows firewall policy to be written to FTP/FTPS servers on well-known control ports without using a policy with destination IP ANY and destination port ANY. Issue The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration.? Note that the ftps-extensions option is not enabled by default. 2020-02-28 5.8 CVE-2015-5361
CONFIRM
mitel — 6800_and_6900_sip_series_phones A key length vulnerability in the implementation of the SRTP 128-bit key on Mitel 6800 and 6900 SIP series phones, versions 5.1.0.2051 SP2 and earlier, could allow an attacker to launch a man-in-the-middle attack when SRTP is used in a call. A successful exploit may allow the attacker to intercept sensitive information. 2020-03-02 4.3 CVE-2019-18863
MISC
CONFIRM
mitel — micollab
 
A cross-site scripting (XSS) vulnerability in the web conferencing component of the Mitel MiCollab application before 9.0.15 for Android could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation in the file upload interface. A successful exploit could allow an attacker to execute arbitrary scripts. 2020-03-02 4.3 CVE-2019-19370
MISC
CONFIRM
mitel — micollab_awv A cross-site scripting (XSS) vulnerability in the web conferencing component of Mitel MiCollab AWV before 8.1.2.2 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation in the join meeting interface. A successful exploit could allow an attacker to execute arbitrary scripts. 2020-03-02 4.3 CVE-2019-19371
MISC
CONFIRM
mozilla — firefox
 
Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 73. 2020-03-02 6.8 CVE-2020-6801
MISC
MISC
mozilla — gateway A reflected XSS vulnerability exists within the gateway, allowing an attacker to craft a specialized URL which could steal the user’s authentication token. When combined with CVE-2020-6803, an attacker could fully compromise the system. 2020-02-28 4.3 CVE-2020-6804
MISC

mozilla — gateway

An open redirect is present on the gateway’s login page, which could cause a user to be redirected to a malicious site after logging in. 2020-02-28 5.8 CVE-2020-6803
MISC
mozilla — thunderbird If a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was not deleted when the data was copied to a new format starting in Thunderbird 60. The new master password is added only on the new file. This could allow the exposure of stored password data outside of user expectations. This vulnerability affects Thunderbird < 68.5. 2020-03-02 4.3 CVE-2020-6794
MISC
MISC
mozilla — thunderbird
 
When processing a message that contains multiple S/MIME signatures, a bug in the MIME processing code caused a null pointer dereference, leading to an unexploitable crash. This vulnerability affects Thunderbird < 68.5. 2020-03-02 4.3 CVE-2020-6795
MISC
MISC
mozilla — thunderbird
 
When processing an email message with an ill-formed envelope, Thunderbird could read data from a random memory location. This vulnerability affects Thunderbird < 68.5. 2020-03-02 4.3 CVE-2020-6793
MISC
MISC
mozilla — thunderbird
 
When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird < 68.5. 2020-03-02 4.3 CVE-2020-6792
MISC
MISC
mozilla — thunderbird_and_firefox_and_firefox_esr Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. This required Firefox to be configured as the default handler for a given file type and for a file downloaded to be opened in a third party application that insufficiently sanitized URL data. In that situation, clicking a link in the third party application could have been used to retrieve and execute files whose location was supplied through command line arguments. Note: This issue only affects Windows operating systems and when Firefox is configured as the default handler for non-default filetypes. Other operating systems are unaffected. This vulnerability affects Firefox < 73 and Firefox < ESR68.5. 2020-03-02 5.1 CVE-2020-6799
MISC
MISC
MISC
mozilla — thunderbird_and_firefox_and_firefox_esr By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user’s computer. The attacker is restricted as they are unable to download non-quarantined files or supply command line arguments to the application, limiting the impact. Note: this issue only occurs on Mac OSX. Other operating systems are unaffected. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5. 2020-03-02 4.3 CVE-2020-6797
MISC
MISC
MISC
MISC
mozilla — thunderbird_and_firefox_and_firefox_esr Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1. 2020-03-02 6.8 CVE-2019-17026
MISC
MISC
MISC
mozilla — thunderbird_and_firefox_and_firefox_esr Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5. 2020-03-02 6.8 CVE-2020-6800
MISC
MISC
MISC
MISC
mozilla — thunderbird_and_firefox_and_firefox_esr
 
If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly could suffer a cross-site scripting vulnerability as a result. In general, this flaw cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but is potentially a risk in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5. 2020-03-02 4.3 CVE-2020-6798
MISC
MISC
MISC
MISC
mozilla — thunderbird_and_firefox_and_firefox_esr
 
A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 73 and Firefox < ESR68.5. 2020-03-02 6.8 CVE-2020-6796
MISC
MISC
MISC
naver — cloud_explorer Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attacker’s server and execute it during the upgrade. 2020-03-03 6.4 CVE-2020-9751
CONFIRM
netgear — wnr10004_routers An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple actions within the WNR1000V4 web management console are vulnerable to an unauthenticated GET request (exploitable directly or through CSRF), as demonstrated by the setup.cgi?todo=save_htp_account URI. 2020-03-02 6.8 CVE-2019-20487
MISC
netgear — wnr10004_routers An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. Multiple pages (setup.cgi and adv_index.htm) within the web management console are vulnerable to stored XSS, as demonstrated by the configuration of the UI language. 2020-03-02 4.3 CVE-2019-20486
MISC
netgear — wnr10004_routers
 
An issue was discovered on NETGEAR WNR1000V4 1.1.0.54 devices. The web management interface (setup.cgi) has an authentication bypass and other problems that ultimately allow an attacker to remotely compromise the device from a malicious webpage. The attacker sends an FW_remote.htm&todo=cfg_init request without a cookie, reads the Set-Cookie header in the 401 Unauthorized response, and then repeats the FW_remote.htm&todo=cfg_init request with the specified cookie. 2020-03-02 5 CVE-2019-20489
MISC
nvida — windows_gpu_display_driver NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component in which an attacker with local system access can corrupt a system file, which may lead to denial of service or escalation of privileges. 2020-03-05 4.6 CVE-2020-5957
N/A
pablo — quick’n_easy_web_server
 
The HTTP service in quickweb.exe in Pablo Quick ‘n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter. It may be possible to achieve remote code execution because of a double free. 2020-02-28 5 CVE-2019-19943
EXPLOIT-DB
pale_moon — pale_moon
 
Pale Moon 28.x before 28.8.4 has a segmentation fault related to module scripting, as demonstrated by a Lacoste web site. 2020-03-02 5 CVE-2020-9545
MISC
MISC
parseplatform — parser-server
 
In parser-server before version 4.1.0, you can fetch all the users objects, by using regex in the NoSQL query. Using the NoSQL, you can use a regex on sessionToken and find valid accounts this way. 2020-03-04 5 CVE-2020-5251
MISC
CONFIRM
patriot — viper_rgb_driver
 
Patriot Viper RGB Driver 1.1 and prior exposes IOCTL and allows insufficient access control. The IOCTL Codes 0x80102050 and 0x80102054 allows a local user with low privileges to read/write 1/2/4 bytes from or to an IO port. This could be leveraged in a number of ways to ultimately run code with elevated privileges. 2020-03-06 4.6 CVE-2020-9756
MISC
pdfresurrect — pdfresurrect
 
In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF document. 2020-03-02 6.8 CVE-2020-9549
MISC
MLIST
phpipam — phpipam
 
An issue was discovered in tools/pass-change/result.php in phpIPAM 1.4. CSRF can be used to change the password of any user/admin, to escalate privileges, and to gain access to more data and functionality. This issue exists due to the lack of a requirement to provide the old password, and the lack of security tokens. 2020-03-04 6.8 CVE-2020-7988
MISC
MISC
pivotal — reactor_netty The HttpClient from Reactor Netty, versions 0.9.x prior to 0.9.5, and versions 0.8.x prior to 0.8.16, may be used incorrectly, leading to a credentials leak during a redirect to a different domain. In order for this to happen, the HttpClient must have been explicitly configured to follow redirects. 2020-03-03 4.9 CVE-2020-5404
CONFIRM
pivotal — reactor_netty
 
Reactor Netty HttpServer, versions 0.9.3 and 0.9.4, is exposed to a URISyntaxException that causes the connection to be closed prematurely instead of producing a 400 response. 2020-03-03 5 CVE-2020-5403
CONFIRM
plat’home — openblocks_iot_vx2 OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment to bypass authentication and to initialize the device via unspecified vectors. 2020-03-04 5.8 CVE-2020-5536
MISC
MISC
prestashop — prestashop
 
In PrestaShop before version 1.7.6.4, when a customer edits their address, they can freely change the id_address in the form, and thus steal someone else’s address. It is the same with CustomerForm, you are able to change the id_customer and change all information of all accounts. The problem is patched in version 1.7.6.4. 2020-03-05 4.9 CVE-2020-5250
MISC
CONFIRM
puma_gem_for_ruby_on_rails — puma_gem_for_ruby_on_rails
 
In Puma (RubyGem) before 4.3.3 and 3.12.4, if an application using Puma allows untrusted input in an early-hints header, an attacker can use a carriage return character to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2020-5247, which fixed this vulnerability but only for regular responses. This has been fixed in 4.3.3 and 3.12.4. 2020-03-02 4 CVE-2020-5249
MISC
CONFIRM
MISC
MISC
puma_gem_for_ruby_on_rails — puma_gem_for_ruby_on_rails
 
In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters. 2020-02-28 5 CVE-2020-5247
CONFIRM
MISC
MISC
qemu — qemu
 
QEMU 4.1.0 has a memory leak in zrle_compress_data in ui/vnc-enc-zrle.c during a VNC disconnect operation because libz is misused, resulting in a situation where memory allocated in deflateInit2 is not freed in deflateEnd. 2020-03-05 4 CVE-2019-20382
MISC
MISC
qt — qt
 
In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption). 2020-02-28 5 CVE-2018-21035
MISC
MISC
qualcomm — multiple_snapdragon_products Compromised reset handler may bypass access control due to AC config is being reset if debug path is enabled to collect secure or non-secure ram dumps in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8096, APQ8096AU, IPQ6018, MDM9205, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS404, QCS405, QCS605, QM215, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130 2020-03-05 6.9 CVE-2019-14071
CONFIRM
qualcomm — multiple_snapdragon_products Unhandled paging request is observed due to dereferencing an already freed object because of race condition between sparse free and sparse bind ioctls which access the same physical entry in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8096AU, APQ8098, MDM9607, MSM8909W, MSM8939, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 6.9 CVE-2019-14072
CONFIRM
qualcomm — multiple_snapdragon_products
 
The secret key used to make the Initial Sequence Number in the TCP SYN packet could be brute forced and therefore can be predicted in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, Nicobar, QCM2150, QM215, SC8180X, SDM429, SDM439, SDM450, SDM632, SDX24, SDX55, SM6150, SM7150, SM8150 2020-03-05 5 CVE-2019-2317
CONFIRM
qualcomm — multiple_snapdragon_products
 
Buffer Over-read when WLAN module gets a WMI message for SAR limits with invalid number of limits to be enforced in Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ8074, MSM8998, QCA8081, QCN7605, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130 2020-03-05 6.6 CVE-2019-14081
CONFIRM
qualcomm — snapdragon_sm8150_device Possible out of bound memory access while playing a crafted clip in media player in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in SM8150 2020-03-05 4.6 CVE-2019-14048
CONFIRM
red_hat — ansible_engine_and_ansible_tower
 
A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variable is not escaped by quote plugin. An attacker could take advantage and run arbitrary commands by overwriting the ansible facts. 2020-03-03 4.6 CVE-2020-1734
CONFIRM
MISC
red_hat — decision_manager_and_process_automation_manager
 
A vulnerability was found in business-central, as shipped in rhdm-7.5.1 and rhpam-7.5.1, where encoded passwords are stored in errai_security_context. The encoding used for storing the passwords is Base64, not an encryption algorithm, and any recovery of these passwords could lead to user passwords being exposed. 2020-03-05 4 CVE-2019-14886
CONFIRM
MISC
redsoftware — pdfescape An untrusted search path vulnerability in the installer of PDFescape Desktop version 4.0.22 and earlier allows an attacker to gain privileges and execute code via DLL hijacking. 2020-03-05 4.4 CVE-2020-9418
CONFIRM
reveal.js — reveal.js
 
Insufficient validation in cross-origin communication (postMessage) in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks. 2020-02-28 4.3 CVE-2020-8127
MISC
safescan — timemoto_tm-616_and_ta-8000
 
Incorrect Access Control in Safescan Timemoto TM-616 and TA-8000 series allows remote attackers to read any file via the administrative API. 2020-03-02 5 CVE-2019-12183
MISC
MISC
sophos — hitmanpro.alert Sophos HitmanPro.Alert before build 861 allows local elevation of privilege. 2020-03-02 4.6 CVE-2020-9540
MISC
suse — linux_enterprise_server UNIX Symbolic Link (Symlink) Following vulnerability in the cronjob shipped with nagios of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11; openSUSE Factory allows local attackers to cause cause DoS or potentially escalate privileges by winning a race. This issue affects: SUSE Linux Enterprise Server 12 nagios version 3.5.1-5.27 and prior versions. SUSE Linux Enterprise Server 11 nagios version 3.0.6-1.25.36.3.1 and prior versions. openSUSE Factory nagios version 4.4.5-2.1 and prior versions. 2020-02-28 6.9 CVE-2019-3698
CONFIRM
suse — multiple_products A Improper Limitation of a Pathname to a Restricted Directory vulnerability in the packaging of pcp of SUSE Linux Enterprise High Performance Computing 15-ESPOS, SUSE Linux Enterprise High Performance Computing 15-LTSS, SUSE Linux Enterprise Module for Development Tools 15, SUSE Linux Enterprise Module for Development Tools 15-SP1, SUSE Linux Enterprise Module for Open Buildservice Development Tools 15, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15, SUSE Linux Enterprise Software Development Kit 12-SP4, SUSE Linux Enterprise Software Development Kit 12-SP5; openSUSE Leap 15.1 allows local user pcp to overwrite arbitrary files with arbitrary content. This issue affects: SUSE Linux Enterprise High Performance Computing 15-ESPOS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise High Performance Computing 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Module for Development Tools 15-SP1 pcp versions prior to 4.3.1-3.5.3. SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server 15-LTSS pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Server for SAP 15 pcp versions prior to 3.11.9-5.8.1. SUSE Linux Enterprise Software Development Kit 12-SP4 pcp versions prior to 3.11.9-6.14.1. SUSE Linux Enterprise Software Development Kit 12-SP5 pcp versions prior to 3.11.9-6.14.1. openSUSE Leap 15.1 pcp versions prior to 4.3.1-lp151.2.3.1. 2020-03-03 4.6 CVE-2019-3696
CONFIRM
testlink — testlink
 
Multiple SQL injection vulnerabilities in TestLink through 1.9.19 allows remote authenticated users to execute arbitrary SQL commands via the (1) tproject_id parameter to keywordsView.php; the (2) req_spec_id parameter to reqSpecCompareRevisions.php; the (3) requirement_id parameter to reqCompareVersions.php; the (4) build_id parameter to planUpdateTC.php; the (5) tplan_id parameter to newest_tcversions.php; the (6) tplan_id parameter to tcCreatedPerUserGUI.php; the (7) tcase_id parameter to tcAssign2Tplan.php; or the (8) testcase_id parameter to tcCompareVersions.php. Authentication is often easy to achieve: a guest account, that can execute this attack, can be created by anyone in the default configuration. 2020-03-05 6.5 CVE-2019-20107
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
timeshift — timeshift init_tmp in TeeJee.FileSystem.vala in Timeshift before 20.03 unsafely reuses a preexisting temporary directory in the predictable location /tmp/timeshift. It follows symlinks in this location or uses directories owned by unprivileged users. Because Timeshift also executes scripts under this location, an attacker can attempt to win a race condition to replace scripts created by Timeshift with attacker-controlled scripts. Upon success, an attacker-controlled script is executed with full root privileges. This logic is practically always triggered when Timeshift runs regardless of the command-line arguments used. 2020-03-05 6.9 CVE-2020-10174
MLIST
MISC
MISC
MISC
valib — valib
 
valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function (hasOwnProperty) from the unsafe user-input to examine an object. It is possible for a crafted payload to overwrite this function to manipulate the inspection results to bypass security checks. 2020-02-28 5 CVE-2019-10805
MISC
MISC
vmware — spring_cloud_config
 
Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack. 2020-03-05 4.3 CVE-2020-5405
CONFIRM
webkit — webkit_and_webkitgtk
 
accessibility/AXObjectCache.cpp in WebKit, as used in WebKitGTK through 2.26.4 and WPE WebKit through 2.26.4, allows a denial of service (application crash) because maintenance of the m_deferredFocusedNodeChange data structure mishandles removal. 2020-03-02 5 CVE-2020-10018
MISC
MISC
wordpress — wordpress The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input (in fields such as Description or Name) in any booking form to be any formula, which then could be exported via the Bookings list tab in /wp-admin/admin.php?page=cpabc_appointments.php. The attacker could achieve remote code execution via CSV injection. 2020-03-04 6.8 CVE-2020-9372
MISC
MISC
MISC
wordpress — wordpress
 
A CSRF vulnerability in the RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote attackers to forge requests on behalf of a site administrator to change all settings for the plugin, including deleting users, creating new roles with escalated privileges, and allowing PHP file uploads via forms. 2020-03-06 6.8 CVE-2020-9454
MISC
MISC
MISC
wordpress — wordpress
 
In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the user controller allows remote authenticated users (with minimal privileges) to elevate their privileges to administrator via class_rm_user_controller.php rm_user_edit. 2020-03-06 6.5 CVE-2020-9456
MISC
MISC
MISC
wordpress — wordpress
 
The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with minimal privileges) to import custom vulnerable forms and change form settings via class_rm_form_settings_controller.php, resulting in privilege escalation. 2020-03-06 6.5 CVE-2020-9457
MISC
MISC
MISC
wordpress — wordpress
 
In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the export function allows remote authenticated users (with minimal privileges) to export submitted form data and settings via class_rm_form_controller.php rm_form_export. 2020-03-06 6.5 CVE-2020-9458
MISC
MISC
MISC
wordpress — wordpress
 
The Export Users to CSV plugin through 1.4.2 for WordPress allows CSV Injection. 2020-02-28 5.8 CVE-2020-9466
MISC
MISC
MISC
wordpress — wordpress
 
The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with minimal privileges) to send arbitrary emails on behalf of the site via class_rm_user_services.php send_email_user_view. 2020-03-06 4 CVE-2020-9455
MISC
MISC
MISC
zammad — zammad An issue was discovered in Zammad 3.0 through 3.2. The WebSocket server crashes when messages in non-JSON format are sent by an attacker. The message format is not properly checked and parsing errors not handled. This leads to a crash of the service process. 2020-03-05 5 CVE-2020-10101
MISC
zammad — zammad An issue was discovered in Zammad 3.0 through 3.2. It may respond with verbose error messages that disclose internal application or infrastructure information. This information could aid attackers in successfully exploiting other vulnerabilities. 2020-03-05 5 CVE-2020-10097
MISC
zammad — zammad
 
An issue was discovered in Zammad 3.0 through 3.2. It returns source code of static resources when submitting an OPTIONS request, rather than a GET request. Disclosure of source code allows for an attacker to formulate more precise attacks. Source code was disclosed for the file 404.html (/zammad/public/404.html) 2020-03-05 5 CVE-2020-10105
MISC
zammad — zammad
 
An issue was discovered in Zammad 3.0 through 3.2. It allows for users to view ticket customer details associated with specific customers. However, the application does not properly implement access controls related to this functionality. As such, users of one company are able to access ticket data from other companies. Due to the multi-tenant nature of this application, users who can access ticket details from one organization to the next allows for users to exfiltrate potentially sensitive data of other companies. 2020-03-05 4 CVE-2020-10100
MISC
zammad — zammad
 
An issue was discovered in Zammad 3.0 through 3.2. After authentication, it transmits sensitive information to the user that may be compromised and used by an attacker to gain unauthorized access. Hashed passwords are returned to the user when visiting a certain URL. 2020-03-05 4 CVE-2020-10104
MISC
zammad — zammad
 
An issue was discovered in Zammad 3.0 through 3.2. It does not prevent caching of confidential data within browser memory. An attacker who either remotely compromises or obtains physical access to a user’s workstation can browse the browser cache contents and obtain sensitive information. The attacker does not need to be authenticated with the application to view this information, as it would be available via the browser cache. 2020-03-05 5 CVE-2020-10096
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
alfresco — alfresco_enterprise_and_community_editions
 
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via an uploaded document, when the attacker has write access to a project. 2020-03-02 3.5 CVE-2020-8778
MISC
MISC
MISC
alfresco — alfresco_enterprise_and_community_editions
 
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via a user profile photo, as demonstrated by a SCRIPT element in an SVG document. 2020-03-02 3.5 CVE-2020-8777
MISC
MISC
MISC
alfresco — alfresco_enterprise_and_community_editions
 
Alfresco Enterprise before 5.2.7 and Alfresco Community before 6.2.0 (rb65251d6-b368) has XSS via the URL property of a file. 2020-03-02 3.5 CVE-2020-8776
MISC
MISC
MISC
cisco — identity_services_engine
 
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient validation of user-supplied input to the web-based management interface. An attacker could exploit this vulnerability by crafting a malicious configuration and saving it to the targeted system. An exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information when an administrator views the configuration. An attacker would need write permissions to exploit this vulnerability successfully. 2020-03-04 3.5 CVE-2020-3157
CISCO
cisco — telepresence_management_suite A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient input validation by the web-based management interface. An attacker could exploit this vulnerability by inserting malicious data in a specific data field in the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected web-based management interface or access sensitive, browser-based information. 2020-03-04 3.5 CVE-2020-3185
CISCO
cisco — webex_meetings_client_for_macos A vulnerability in the multicast DNS (mDNS) protocol configuration of Cisco Webex Meetings Client for MacOS could allow an unauthenticated adjacent attacker to obtain sensitive information about the device on which the Webex client is running. The vulnerability exists because sensitive information is included in the mDNS reply. An attacker could exploit this vulnerability by doing an mDNS query for a particular service against an affected device. A successful exploit could allow the attacker to gain access to sensitive information. 2020-03-04 3.3 CVE-2020-3182
CISCO
d-link — dsl-2680_router
 
A Stored XSS issue in the D-Link DSL-2680 web administration interface (Firmware EU_1.03) allows an authenticated attacker to inject arbitrary JavaScript code into the info.html administration page by sending a crafted Forms/wireless_autonetwork_1 POST request. 2020-03-04 3.5 CVE-2019-19222
MISC
MISC
MISC
MISC
gnu — c_library The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. This is related to sysdeps/ieee754/ldbl-96/e_rem_pio2l.c. 2020-03-04 2.1 CVE-2020-10029
MISC
MISC
hcl — connections HCL Connections 6.5 is vulnerable to possible information leakage. Connections could disclose sensitive information via trace logs to a local user. 2020-03-05 2.1 CVE-2020-4083
CONFIRM
hcl — connections
 
The HCL Connections 5.5 help system is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim’s Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim’s cookie-based authentication credentials. 2020-03-05 3.5 CVE-2020-4082
CONFIRM
huawei — cloudengine_12800 CloudEngine 12800 with versions of V200R001C00SPC600,V200R001C00SPC700,V200R002C01,V200R002C50SPC800,V200R002C50SPC800PWE,V200R003C00SPC810,V200R003C00SPC810PWE,V200R005C00SPC600,V200R005C00SPC800,V200R005C00SPC800PWE,V200R005C10,V200R005C10SPC300 have an information leakage vulnerability in some Huawei products. In some special cases, an authenticated attacker can exploit this vulnerability because the software processes data improperly. Successful exploitation may lead to information leakage. 2020-02-28 2.1 CVE-2020-1861
MISC
huawei — nip6800_and_secospace_ugs6600_and_usg9500_devices NIP6800;Secospace USG6600;USG9500 products versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an invalid pointer access vulnerability. The software system access an invalid pointer when an abnormal condition occurs in certain operation. Successful exploit could cause certain process reboot. Affected product versions include:NIP6800 versions V500R001C30,V500R001C60SPC500;Secospace USG6600 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500;USG9500 versions V500R001C30SPC200,V500R001C30SPC600,V500R001C60SPC500. 2020-02-28 2.1 CVE-2020-1875
MISC
ibm — tivoli_netcool/omnibus_gui IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174907. 2020-03-03 3.5 CVE-2020-4196
XF
CONFIRM
ibm — tivoli_netcool/omnibus_gui IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 174909. 2020-03-03 3.5 CVE-2020-4198
XF
CONFIRM
ibm — tivoli_netcool/omnibus_gui
 
IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174908. 2020-03-03 2.1 CVE-2020-4197
XF
CONFIRM
influxdata — influxdb InfluxDB 0.9.5 has Reflected XSS in the Write Data module. 2020-03-02 3.5 CVE-2018-17572
MISC
CONFIRM
monstra — monstra_cms Monstra CMS 1.6 allows XSS via an uploaded SVG document to the admin/index.php?id=filesmanager&path=uploads/ URI. NOTE: this is a discontinued product. 2020-03-02 3.5 CVE-2018-19599
MISC
phpgurukul — daily_expense_tracker_system PHPGurukul Daily Expense Tracker System 1.0 is vulnerable to stored XSS, as demonstrated by the ExpenseItem or ExpenseCost parameter in manage-expense.php. 2020-03-05 3.5 CVE-2020-10107
CONFIRM
seo_panel — seo_panel The Website Manager module in SEO Panel 3.13.0 and earlier is affected by a stored Cross-Site Scripting (XSS) vulnerability, allowing remote authenticated attackers to inject arbitrary web script or HTML via the websites.php name parameter. 2020-03-02 3.5 CVE-2018-14384
MISC
suse — linux_enterprise_server A UNIX Symbolic Link (Symlink) Following vulnerability in the mysql-systemd-helper of the mariadb packaging of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15 allows local attackers to change the permissions of arbitrary files to 0640. This issue affects: SUSE Linux Enterprise Server 12 mariadb versions prior to 10.2.31-3.25.1. SUSE Linux Enterprise Server 15 mariadb versions prior to 10.2.31-3.26.1. 2020-03-02 2.1 CVE-2019-18901
SUSE
CONFIRM
suse — linux_enterprise_server
 
A UNIX Symbolic Link (Symlink) Following vulnerability in chkstat of SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15, SUSE Linux Enterprise Server 11 set permissions intended for specific binaries on other binaries because it erroneously followed symlinks. The symlinks can’t be controlled by attackers on default systems, so exploitation is difficult. This issue affects: SUSE Linux Enterprise Server 12 permissions versions prior to 2015.09.28.1626-17.27.1. SUSE Linux Enterprise Server 15 permissions versions prior to 20181116-9.23.1. SUSE Linux Enterprise Server 11 permissions versions prior to 2013.1.7-0.6.12.1. 2020-03-02 1.9 CVE-2020-8013
SUSE
CONFIRM
wordpress — wordpress Multiple Stored Cross-site scripting (XSS) vulnerabilities in the Webnus Modern Events Calendar Lite plugin through 5.1.6 for WordPress allows remote authenticated users (with minimal permissions) to inject arbitrary JavaScript, HTML, or CSS via Ajax actions. This affects mec_save_notifications and import_settings. 2020-02-28 3.5 CVE-2020-9459
MISC
MISC
wordpress — wordpress
 
Stored XSS exists in the Appointment Booking Calendar plugin before 1.3.35 for WordPress. In the cpabc_appointments.php file, the Calendar Name input could allow attackers to inject arbitrary JavaScript or HTML. 2020-03-04 3.5 CVE-2020-9371
MISC
MISC
MISC
MISC
zammad — zammad An XSS issue was discovered in Zammad 3.0 through 3.2. Malicious code can be provided by a low-privileged user through the File Upload functionality in Zammad. The malicious JavaScript will execute within the browser of any user who opens a specially crafted link to the uploaded file with an active Zammad session. 2020-03-05 3.5 CVE-2020-10103
MISC
zammad — zammad An XSS issue was discovered in Zammad 3.0 through 3.2. Malicious code can be provided by a low-privileged user through the Ticket functionality in Zammad. The malicious JavaScript will execute within the browser of any user who opens the ticket or has the ticket within the Toolbar. 2020-03-05 3.5 CVE-2020-10099
MISC
zammad — zammad
 
An issue was discovered in Zammad 3.0 through 3.2. The Forgot Password functionality is implemented in a way that would enable an anonymous user to guess valid user emails. In the current implementation, the application responds differently depending on whether the input supplied was recognized as associated with a valid user. This behavior could be used as part of a two-stage automated attack. During the first stage, an attacker would iterate through a list of account names to determine which correspond to valid accounts. During the second stage, the attacker would use a list of common passwords to attempt to brute force credentials for accounts that were recognized by the system in the first stage. 2020-03-05 3.5 CVE-2020-10102
MISC
zammad — zammad
 
An XSS issue was discovered in Zammad 3.0 through 3.2. Malicious code can be provided by a low-privileged user through the Email functionality. The malicious JavaScript will execute within the browser of any user who opens the Ticket with the Article created from that Email. 2020-03-05 3.5 CVE-2020-10098
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
citrix — gateway
 
Citrix Gateway 11.1, 12.0, and 12.1 allows Cache Poisoning. 2020-03-06 not yet calculated CVE-2020-10112
MISC
MISC
citrix — gateway
 
Citrix Gateway 11.1, 12.0, and 12.1 allows Information Exposure Through Caching. 2020-03-06 not yet calculated CVE-2020-10110
MISC
MISC
citrix — gateway
 
Citrix Gateway 11.1, 12.0, and 12.1 has an Inconsistent Interpretation of HTTP Requests. 2020-03-06 not yet calculated CVE-2020-10111
MISC
MISC
ckeditor — ckeditor
 
A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 allows remote attackers to inject arbitrary web script through a crafted “protected” comment (with the cke_protected syntax). 2020-03-07 not yet calculated CVE-2020-9281
MISC
comtrend — comtrend_vr-3033_router
 
Comtrend VR-3033 DE11-416SSG-C01_R02.A2pvI042j1.d26m devices have Multiple Authenticated Command Injection vulnerabilities via the ping and traceroute diagnostic pages, as demonstrated by shell metacharacters in the pingIpAddress parameter to ping.cgi. 2020-03-05 not yet calculated CVE-2020-10173
MISC
d-link — dir-825_devices
 
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the date parameter in a system_time.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected. 2020-03-07 not yet calculated CVE-2020-10216
MISC
MISC
d-link — dir-825_devices
 
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the dns_query_name parameter in a dns_query.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected. 2020-03-07 not yet calculated CVE-2020-10215
MISC
MISC
d-link — dir-825_devices
 
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. There is a stack-based buffer overflow in the httpd binary. It allows an authenticated user to execute arbitrary code via a POST to ntp_sync.cgi with a sufficiently long parameter ntp_server. 2020-03-07 not yet calculated CVE-2020-10214
MISC
d-link — dir-825_devices
 
An issue was discovered on D-Link DIR-825 Rev.B 2.10 devices. They allow remote attackers to execute arbitrary commands via the wps_sta_enrollee_pin parameter in a set_sta_enrollee_pin.cgi POST request. TRENDnet TEW-632BRP 1.010B32 is also affected. 2020-03-07 not yet calculated CVE-2020-10213
MISC
MISC
d-link — dsl-2640b_devices
 
An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. The administrative interface doesn’t perform authentication checks for a firmware-update POST request. Any attacker that can access the administrative interface can install firmware of their choice. 2020-03-05 not yet calculated CVE-2020-9544
MISC
MISC
dell — emc_isilon_onefs
 
Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a lack of thorough authorization checks when SyncIQ is licensed, but encrypted syncs are not marked as required. When this happens, loss of control of the cluster can occur. 2020-03-06 not yet calculated CVE-2020-5328
MISC
dell — security_management_server
 
Dell Security Management Server versions prior to 10.2.10 contain a Java RMI Deserialization of Untrusted Data vulnerability. When the server is exposed to the internet and Windows Firewall is disabled, a remote unauthenticated attacker may exploit this vulnerability by sending a crafted RMI request to execute arbitrary code on the target host. 2020-03-06 not yet calculated CVE-2020-5327
MISC
django_project — django
 
Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untrusted data is used as a tolerance parameter in GIS functions and aggregates on Oracle. By passing a suitably crafted tolerance to GIS functions and aggregates on Oracle, it was possible to break escaping and inject malicious SQL. 2020-03-05 not yet calculated CVE-2020-9402
MISC
MISC
CONFIRM
emerson — valvelink
 
In Emerson ValveLink v12.0.264 to v13.4.118, a vulnerability in the ValveLink software may allow a local, unprivileged, trusted insider to escalate privileges due to insecure configuration parameters. 2020-03-05 not yet calculated CVE-2020-6971
MISC
eset — multiple_devices
 
ESET Archive Support Module before 1294 allows virus-detection bypass via crafted RAR Compression Information in an archive. This affects versions before 1294 of Smart Security Premium, Internet Security, NOD32 Antivirus, Cyber Security Pro (macOS), Cyber Security (macOS), Mobile Security for Android, Smart TV Security, and NOD32 Antivirus 4 for Linux Desktop. 2020-03-06 not yet calculated CVE-2020-10193
MISC
gitlab — gitlab
 
GitLab 10.7 and later through 12.7.2 has Incorrect Access Control. 2020-03-06 not yet calculated CVE-2020-8113
CONFIRM
MISC
MISC
ibm — multiple_products
 
IBM Platform LSF 9.1 and 10.1, IBM Spectrum LSF Suite 10.2, and IBM Spectrum Suite for HPA 10.2 could allow a local user to escalate their privileges due to weak file permissions when specific debug settings are enabled in a Linux or Unix enviornment. IBM X-Force ID: 176137. 2020-03-05 not yet calculated CVE-2020-4278
XF
CONFIRM
juniper — qfx3500_and_qfx3600_switches
 
On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. Entropy increases after the system has been up and running for some time, but immediately after boot, the entropy is very low. This issue only affects the QFX3500 and QFX3600 switches. No other Juniper Networks products or platforms are affected by this weak entropy vulnerability. 2020-02-28 not yet calculated CVE-2015-3006
CONFIRM
lexmark — multiple_devices
 
Various Lexmark products have stored XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=EN_US. 2020-03-06 not yet calculated CVE-2019-19773
CONFIRM
lexmark — multiple_devices
 
Various Lexmark products have reflected XSS in the embedded web server used in older generation Lexmark devices. Affected products are available in http://support.lexmark.com/index?page=content&id=TE935&locale=en&userlocale=EN_US. 2020-03-06 not yet calculated CVE-2019-19772
CONFIRM
monstra — monstra_cms Monstra CMS through 3.0.4 allows remote authenticated users to take over arbitrary user accounts via a modified login parameter to an edit URI, as demonstrated by login=victim to the users/21/edit URI. 2020-03-07 not yet calculated CVE-2020-8439
MISC
MISC
omron — plc_cj_series
 
In all versions of Omron PLC CJ Series, an attacker can send a series of specific data packets within a short period, causing a service error on the PLC Ethernet module, which in turn causes a PLC service denied result. 2020-03-05 not yet calculated CVE-2020-6986
MISC
qualcomm — multiple_snapdragon_products
 
Multiple Buffer Over-read issue can happen due to improper length checks while decoding Service Reject/RAU Reject/PTMSI Realloc cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 2020-03-05 not yet calculated CVE-2019-10552
CONFIRM
qualcomm — multiple_snapdragon_products
 
Multiple Read overflows due to improper length checks while decoding authentication in Cs domain/RAU Reject and TC cmd in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 2020-03-05 not yet calculated CVE-2019-10553
CONFIRM
qualcomm — multiple_snapdragon_products
 
Multiple Read overflows issue due to improper length check while decoding Identity Request in CSdomain/Authentication Reject in CS domain/ PRAU accept/while logging DL message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 2020-03-05 not yet calculated CVE-2019-10554
CONFIRM
qualcomm — multiple_snapdragon_products
 
Stack buffer overflow due to instance id is misplaced inside definition of hardware accelerated effects in makefile in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile in APQ8053, APQ8098, MDM9607, MDM9640, MSM8998, QCS605, SC8180X, SDM439, SDM630, SDM636, SDM660, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 2020-03-05 not yet calculated CVE-2019-10569
CONFIRM
qualcomm — multiple_snapdragon_products
 
Improper input validation while processing SIP URI received from the network will lead to buffer over-read and then to denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 not yet calculated CVE-2019-10577
CONFIRM
qualcomm — multiple_snapdragon_products
 
Stack overflow can occur when SDP is received with multiple payload types in the FMTP attribute of a video M line in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 2020-03-05 not yet calculated CVE-2019-10594
CONFIRM
qualcomm — multiple_snapdragon_products
 
UTCB object has a function pointer called by the reaper to deallocate its memory resources and this address can potentially be corrupted by stack overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in MDM9205, MDM9650, QCS605, SA6155P, SC8180X, SDA845, SDM670, SDM710, SDM845, SDM850, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 not yet calculated CVE-2019-10612
CONFIRM
qualcomm — multiple_snapdragon_products
 
Filling media attribute tag names without validating the destination buffer size which can result in the buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9150, MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 2020-03-05 not yet calculated CVE-2019-10586
CONFIRM
qualcomm — multiple_snapdragon_products
 
Use-after-free in graphics module due to destroying already queued syncobj in error case in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, MDM9607, MSM8909W, MSM8953, MSM8996AU, Nicobar, QCS405, QCS605, Rennell, SA6155P, Saipan, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 not yet calculated CVE-2019-14029
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possibility of heap-buffer-overflow during last iteration of loop while populating image version information in diag command response packet, in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in APQ8053, APQ8096AU, APQ8098, MDM9607, MDM9640, MSM8909W, MSM8917, MSM8953, Nicobar, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDM429, SDM439, SDM450, SDM632, SDM670, SDM710, SDM845, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 not yet calculated CVE-2019-10604
CONFIRM
qualcomm — multiple_snapdragon_products
 
Lack of check that the RX FIFO write index that is read from shared RAM is less than the FIFO size results into memory corruption and potential information leakage in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCM2150, QCS404, QCS405, QCS605, QM215, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 not yet calculated CVE-2019-14000
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possibility of null pointer access if the SPDM commands are executed in the non-standard way in TZ. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8016, MDM9150, MDM9206, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8998, SA6155P, SDX24 2020-03-05 not yet calculated CVE-2019-10616
CONFIRM
qualcomm — multiple_snapdragon_products
 
Buffer overflow can occur when processing non standard SDP video Image attribute parameter in a VILTE\VOLTE call in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8076, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 2020-03-05 not yet calculated CVE-2019-10593
CONFIRM
qualcomm — multiple_snapdragon_products
 
A stack-based buffer overflow exists in the initialization of the identification stage due to lack of check on the number of templates provided. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8096, APQ8096AU, MDM9205, MSM8996, MSM8996AU, Nicobar, QCS404, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130, SXR2130 2020-03-05 not yet calculated CVE-2019-14015
CONFIRM
qualcomm — multiple_snapdragon_products
 
Buffer overflow due to lack of upper bound check on channel length which is used for a loop. in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in APQ8098, IPQ6018, IPQ8074, MSM8998, Nicobar, QCA8081, QCN7605, QCS404, QCS605, Rennell, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130, SXR2130 2020-03-05 not yet calculated CVE-2019-14027
CONFIRM
qualcomm — multiple_snapdragon_products
 
Buffer overwrite during memcpy due to lack of check on SSID length validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 not yet calculated CVE-2019-14028
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possible buffer overflow in WLAN WMI handler due to lack of ssid length check when copying data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996AU, MSM8998, Nicobar, QCA6174A, QCA6574, QCA6574AU, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS404, QCS405, QCS605, Rennell, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 not yet calculated CVE-2019-14026
CONFIRM
qualcomm — multiple_snapdragon_products
 
Null pointer dereference can happen when parsing udta atom which is non-standard and having invalid depth in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909W, MSM8917, MSM8939, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS405, QCS605, QM215, Rennell, SA6155P, Saipan, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 not yet calculated CVE-2019-10591
CONFIRM
qualcomm — multiple_snapdragon_products
 
Out of bound access in msm routing due to lack of check of size before accessing in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8096AU, MDM9607, MSM8905, MSM8909W, Nicobar, QCS405, QCS605, Rennell, Saipan, SDM429W, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 not yet calculated CVE-2019-14068
CONFIRM
qualcomm — multiple_snapdragon_products
 
Buffer Over-read when UE is trying to process the message received form the network without zero termination in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 2020-03-05 not yet calculated CVE-2019-10550
CONFIRM
qualcomm — multiple_snapdragon_products
 
Buffer overflow can occur while parsing RSN IE containing list of PMK ID`s which are more than the buffer size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096, APQ8096AU, APQ8098, IPQ6018, IPQ8074, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCN7605, QCS405, QCS605, SA6155P, SC8180X, SDA660, SDA845, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130 2020-03-05 not yet calculated CVE-2019-14031
CONFIRM
qualcomm — multiple_snapdragon_products
 
Possible Stack overflow can occur when processing a large SDP body or non standard SDP body without right delimiters in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, Rennell, SC8180X, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SDX24, SDX55, SM6150, SM7150, SM8150, SXR1130 2020-03-05 not yet calculated CVE-2019-10587
CONFIRM
rconfig — rconfig
 
An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameter. 2020-03-07 not yet calculated CVE-2020-10220
MISC
responsive_filemanager — responsive_filemanager
 
upload.php in Responsive FileManager 9.13.4 and 9.14.0 allows SSRF via the url parameter because file-extension blocking is mishandled and because it is possible for a DNS hostname to resolve to an internal IP address. For example, an SSRF attempt may succeed if a .ico filename is added to the PATH_INFO. Also, an attacker could create a DNS hostname that resolves to the 0.0.0.0 IP address for DNS pinning. NOTE: this issue exists because of an incomplete fix for CVE-2018-14728. 2020-03-07 not yet calculated CVE-2020-10212
MISC
urllib3 — urllib3
 
The _encode_invalid_chars function in util/url.py in the urllib3 library 1.25.2 through 1.25.7 for Python allows a denial of service (CPU consumption) because of an inefficient algorithm. The percent_encodings array contains all matches of percent encodings. It is not deduplicated. For a URL of length N, the size of percent_encodings may be up to O(N). The next step (normalize existing percent-encoded bytes) also takes up to O(N) for each step, so the total time is O(N^2). If percent_encodings were deduplicated, the time to compute _encode_invalid_chars would be O(kN), where k is at most 484 ((10+6*2)^2). 2020-03-06 not yet calculated CVE-2020-7212
MISC
MISC
MISC
usrsctp — usrsctp
 
usrsctp before 2019-12-20 has out-of-bounds reads in sctp_load_addresses_from_init. 2020-03-06 not yet calculated CVE-2019-20503
MISC
MISC
wftpserver — wing_ftp_server
 
Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on installation directories and configuration files. This allows local users to arbitrarily create FTP users with full privileges, and escalate privileges within the operating system by modifying system files. 2020-03-07 not yet calculated CVE-2020-8635
MISC
wftpserver — wing_ftp_server
 
An issue was discovered in Wing FTP Server 6.2.5 before February 2020. Due to insecure permissions when handling session cookies, a local user may view the contents of the session and session_admin directories, which expose active session cookies within the Wing FTP HTTP interface and administration panel. These cookies may be used to hijack user and administrative sessions, including the ability to execute Lua commands as root within the administration panel. 2020-03-07 not yet calculated CVE-2020-9470
MISC
wftpserver — wing_ftp_server
 
Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on files modified within the HTTP file management interface, resulting in files being saved with world-readable and world-writable permissions. If a sensitive system file were edited this way, a low-privilege user may escalate privileges to root. 2020-03-07 not yet calculated CVE-2020-8634
MISC
whmcssmarters — iptv_smarters_web_tv_player
 
IPTV Smarters WEB TV PLAYER through 2020-02-22 allows attackers to execute OS commands by uploading a script. 2020-03-05 not yet calculated CVE-2020-9380
MISC
MISC
xiaomi — mi_user_interface_operating_system
 
An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. The export component of GetApps(com.xiaomi.mipicks) mishandles the functionality of opening other components. Attackers need to induce users to open specific web pages in a specific network environment. By jumping to the WebView component of Messaging(com.android.MMS) and loading malicious web pages, information leakage can occur. This is fixed on version: 2001122; 11.0.1.54. 2020-03-06 not yet calculated CVE-2020-9530
MISC
xiaomi — mi_user_interface_operating_system
 
An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. In the Web resources of GetApps(com.xiaomi.mipicks), the parameters passed in are read and executed. After reading the resource files, relevant components open the link of the incoming URL. Although the URL is safe and can pass security detection, the data carried in the parameters are loaded and executed. An attacker can use NFC tools to get close enough to a user’s unlocked phone to cause apps to be installed and information to be leaked. This is fixed on version: 2001122. 2020-03-06 not yet calculated CVE-2020-9531
MISC
yubico — yubikey_validation_server
 
The verify endpoint in YubiKey Validation Server before 2.40 does not check the length of SQL queries, which allows remote attackers to cause a denial of service, aka SQL injection. NOTE: this issue is potentially relevant to persons outside Yubico who operate a self-hosted OTP validation service; the issue does NOT affect YubiCloud. 2020-03-05 not yet calculated CVE-2020-10184
MISC
MISC
yubico — yubikey_validation_server
 
The sync endpoint in YubiKey Validation Server before 2.40 allows remote attackers to replay an OTP. NOTE: this issue is potentially relevant to persons outside Yubico who operate a self-hosted OTP validation service with a non-default configuration such as an open sync pool; the issue does NOT affect YubiCloud. 2020-03-05 not yet calculated CVE-2020-10185
MISC
MISC

Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

CISA Bulletins

Vulnerability Summary for the Week of January 13, 2020

Original release date: January 20, 2020

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
deja_vu — crescendo_sales_crm
 
D?j? Vu Crescendo Sales CRM has remote SQL Injection 2020-01-10 7.5 CVE-2014-4984
MISC
MISC
MISC
ether — etherpad-lite The Etherpad Lite ep_imageconvert Plugin has a Remote Command Injection Vulnerability 2020-01-10 7.5 CVE-2013-7380
MISC
MISC
hashbrown_cms — hashbrown_cms
 
A remote code execution issue was discovered in HashBrown CMS through 1.3.3. Server/Entity/Deployer/GitDeployer.js has a Service.AppService.exec call that mishandles the URL, repository, username, and password. 2020-01-13 7.5 CVE-2020-6948
MISC
jcow — jcow_cms
 
A Code Execution vulnerability exists the attachment parameter to index.php in Jcow CMS 4.x to 4.2 and 5.2 to 5.2. 2020-01-14 7.5 CVE-2011-3203
MISC
livezilla — livezilla
 
LiveZilla 5.0.1.4 has a Remote Code Execution vulnerability 2020-01-13 7.5 CVE-2013-6225
MISC
MISC
MISC
microsoft — .net_core__and_.net_framework
 
A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka ‘.NET Framework Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-0605. 2020-01-14 9.3 CVE-2020-0606
N/A
microsoft — .net_framework
 
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ‘.NET Framework Remote Code Execution Injection Vulnerability’. 2020-01-14 10 CVE-2020-0646
N/A
microsoft — asp.net_core
 
A remote code execution vulnerability exists in ASP.NET Core software when the software fails to handle objects in memory.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka ‘ASP.NET Core Remote Code Execution Vulnerability’. 2020-01-14 9.3 CVE-2020-0603
REDHAT
REDHAT
N/A
microsoft — internet_explorer_9_and_10_and_11
 
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka ‘Internet Explorer Memory Corruption Vulnerability’. 2020-01-14 7.6 CVE-2020-0640
N/A
microsoft — multiple_products
 
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka ‘Microsoft Excel Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-0651, CVE-2020-0653. 2020-01-14 9.3 CVE-2020-0650
N/A
microsoft — multiple_products
 
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka ‘Microsoft Excel Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-0650, CVE-2020-0653. 2020-01-14 9.3 CVE-2020-0651
N/A
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists in Windows Media Service that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka ‘Microsoft Windows Elevation of Privilege Vulnerability’. 2020-01-14 7.2 CVE-2020-0641
N/A
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists when Microsoft Windows implements predictable memory section names, aka ‘Windows Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0635. 2020-01-14 7.2 CVE-2020-0644
N/A
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists in Microsoft Windows when Windows fails to properly handle certain symbolic links, aka ‘Windows Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0644. 2020-01-14 7.2 CVE-2020-0635
N/A
MISC
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka ‘Windows Common Log File System Driver Elevation of Privilege Vulnerability’. 2020-01-14 7.2 CVE-2020-0634
N/A
MISC
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0624. 2020-01-14 7.2 CVE-2020-0642
N/A
microsoft — multiple_windows_server_products
 
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka ‘Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-0609. 2020-01-14 10 CVE-2020-0610
N/A
microsoft — multiple_windows_server_products
 
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka ‘Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-0610. 2020-01-14 10 CVE-2020-0609
N/A
mruby — mruby
 
In mruby 2.1.0, there is a use-after-free in hash_values_at in mrbgems/mruby-hash-ext/src/hash-ext.c. 2020-01-11 7.5 CVE-2020-6838
MISC
mruby — mruby
 
In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_to_dbl in string.c. 2020-01-11 7.5 CVE-2020-6839
MISC
mruby — mruby
 
In mruby 2.1.0, there is a use-after-free in hash_slice in mrbgems/mruby-hash-ext/src/hash-ext.c. 2020-01-11 7.5 CVE-2020-6840
MISC
online_tv_database — online_tv_database An SQL Injection vulnerability exists in the ID parameter in Online TV Database 2011. 2020-01-10 7.5 CVE-2011-5020
MISC
oracle — outside_in_technology
 
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Outside In Technology accessible data as well as unauthorized read access to a subset of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L). 2020-01-15 7.5 CVE-2020-2543
MISC
oracle — solaris Vulnerability in the Oracle Solaris product of Oracle Systems (component: Common Desktop Environment). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). 2020-01-15 7.2 CVE-2020-2696
MISC
MISC
FULLDISC
BUGTRAQ
MISC
oracle — weblogic_server
 
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). 2020-01-15 7.5 CVE-2020-2551
MISC
oracle — weblogic_server
 
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Application Container – JavaEE). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). 2020-01-15 7.5 CVE-2020-2546
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
adobe — experience_manager Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. 2020-01-15 4.3 CVE-2019-16467
CONFIRM
adobe — experience_manager
 
Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an expression language injection vulnerability. Successful exploitation could lead to sensitive information disclosure. 2020-01-15 5 CVE-2019-16469
CONFIRM
adobe — experience_manager
 
Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an user interface injection vulnerability. Successful exploitation could lead to sensitive information disclosure. 2020-01-15 5 CVE-2019-16468
CONFIRM
apache — cxf
 
By default, Apache CXF creates a /services page containing a listing of the available endpoint names and addresses. This webpage is vulnerable to a reflected Cross-Site Scripting (XSS) attack, which allows a malicious actor to inject javascript into the web page. Please note that the attack exploits a feature which is not typically not present in modern browsers, who remove dot segments before sending the request. However, Mobile applications may be vulnerable. 2020-01-16 4.3 CVE-2019-17573
CONFIRM
MLIST
arial_software — campaign_enterprise
 
Arial Campaign Enterprise before 11.0.551 stores passwords in clear text and these may be retrieved. 2020-01-10 5 CVE-2012-3823
MISC
XF
arial_software — campaign_enterprise
 
Arial Campaign Enterprise before 11.0.551 has unauthorized access to the User-Edit.asp page, which allows remote attackers to enumerate users’ credentials. 2020-01-10 5 CVE-2012-3822
MISC
XF
arial_software — campaign_enterprise
 
In Arial Campaign Enterprise before 11.0.551, multiple pages are accessible without authentication or authorization. 2020-01-10 5 CVE-2012-3824
MISC
XF
atlassian — bitbucket_server Bitbucket Server and Bitbucket Data Center versions starting from version 3.0.0 before version 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before 6.5.3, from version 6.6.0 before 6.6.3, from version 6.7.0 before 6.7.3, from version 6.8.0 before 6.8.2, and from version 6.9.0 before 6.9.1 had a Remote Code Execution vulnerability via certain user input fields. A remote attacker with user level permissions can exploit this vulnerability to run arbitrary commands on the victim’s systems. Using a specially crafted payload as user input, the attacker can execute arbitrary commands on the victim’s Bitbucket Server or Bitbucket Data Center instance. 2020-01-15 6.5 CVE-2019-15010
MISC
atlassian — bitbucket_server
 
Bitbucket Server and Bitbucket Data Center from version 4.13. before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before 6.5.3, from version 6.6.0 before 6.6.3, from version 6.7.0 before 6.7.3, from version 6.8.0 before 6.8.2, from version 6.9.0 before 6.9.1 had a Remote Code Execution vulnerability via the edit-file request. A remote attacker with write permission on a repository can write to any arbitrary file to the victims Bitbucket Server or Bitbucket Data Center instance using the edit-file endpoint, if the user has Bitbucket Server or Bitbucket Data Center running, and has the permission to write the file at that destination. In some cases, this can result in execution of arbitrary code by the victims Bitbucket Server or Bitbucket Data Center instance. 2020-01-15 6.5 CVE-2019-15012
MISC
atlassian — bitbucket_server_and_bitbucket_data_center
 
Bitbucket Server and Bitbucket Data Center versions starting from 1.0.0 before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before 6.5.3, from version 6.6.0 before 6.6.3, from version 6.7.0 before 6.7.3, from version 6.8.0 before 6.8.2, from version 6.9.0 before 6.9.1 had a Remote Code Execution vulnerability via the post-receive hook. A remote attacker with permission to clone and push files to a repository on the victim’s Bitbucket Server or Bitbucket Data Center instance, can exploit this vulnerability to execute arbitrary commands on the Bitbucket Server or Bitbucket Data Center systems, using a file with specially crafted content. 2020-01-15 6.5 CVE-2019-20097
MISC
axper — vision_ii_devices Axper Vision II 4 devices allow XSS via the DEVICE_NAME (aka Device Name) parameter to the configWebParams.cgi URI. 2020-01-13 4.3 CVE-2020-6848
MISC
cacti — cacti
 
Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $ header to trigger the XSS). 2020-01-16 4.3 CVE-2020-7106
MISC
MLIST
cerberus — cerberus_ftp_server_enterprise_edition Cerberus FTP Server Enterprise Edition prior to versions 11.0.3 and 10.0.18 allows an authenticated attacker to create files, display hidden files, list directories, and list files without the permission to zip and download (or unzip and upload) files. There are multiple ways to bypass certain permissions by utilizing the zip and unzip features. As a result, users without permission can see files, folders, and hidden files, and can create directories without permission. 2020-01-14 5.5 CVE-2020-5196
MISC
MISC
MISC
chamilo — chamilo
 
Chamilo before 1.8.8.6 does not adequately handle user supplied input by the index.php script, which could allow remote attackers to delete arbitrary files. 2020-01-10 6.4 CVE-2012-4030
XF
clickdesk — clickdesk ClickDesk version 4.3 and below has persistent cross site scripting 2020-01-14 4.3 CVE-2014-9211
MISC
MISC
comcrete_cms — concrete5 A Cross-Site Scripting (XSS) vulnerability exists in the rcID parameter in Concrete CMS 5.4.1.1 and earlier. 2020-01-14 4.3 CVE-2011-3183
MISC
dompdf — dompdf
 
DOMPDF before 0.6.2 allows remote code execution, a related issue to CVE-2014-2383. 2020-01-10 6.8 CVE-2014-5013
MISC
MISC
dompdf — dompdf
 
DOMPDF before 0.6.2 allows Information Disclosure. 2020-01-10 4.3 CVE-2014-5011
MISC
MISC
dompdf — dompdf
 
DOMPDF before 0.6.2 allows denial of service. 2020-01-10 4.3 CVE-2014-5012
MISC
MISC
elog — electronic_logbook
 
A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attackers to inject arbitrary web script or HTML via a crafted SVG document to elogd.c. 2020-01-10 4.3 CVE-2019-20376
MISC
elog — electronic_logbook
 
A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4 allows remote attackers to inject arbitrary web script or HTML via the value parameter in a localization (loc) command to elogd.c. 2020-01-10 4.3 CVE-2019-20375
MISC
ganglia — ganglia-web
 
ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php cs parameter. 2020-01-11 4.3 CVE-2019-20379
MISC
ganglia — ganglia-web
 
ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via the header.php ce parameter. 2020-01-11 4.3 CVE-2019-20378
MISC
gitlab — gitlab_community_and_enterprise_edition
 
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 8.13 through 12.6.1. It has Incorrect Access Control. 2020-01-13 4.3 CVE-2019-20148
MISC
CONFIRM
gitlab — gitlab_community_and_enterprise_edition
 
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 9.1 through 12.6.1. It has Incorrect Access Control. 2020-01-13 5 CVE-2019-20147
MISC
CONFIRM
gitlab — gitlab_community_and_enterprise_edition
 
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.4 through 12.6.1. It has Incorrect Access Control. 2020-01-13 4 CVE-2019-20145
MISC
CONFIRM
gitlab — gitlab_community_and_enterprise_edition
 
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.0 through 12.6. It allows Uncontrolled Resource Consumption. 2020-01-13 5 CVE-2019-20146
MISC
CONFIRM
google — chrome
 
Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2020-01-10 6.8 CVE-2020-6377
SUSE
SUSE
SUSE
REDHAT
MISC
MISC
FEDORA
FEDORA
granding_technology — grand_ma_300
 
Grand MA 300 allows a brute-force attack on the PIN. 2020-01-13 5 CVE-2014-5381
MISC
MISC
MISC
MISC
hashbrown_cms — hashbrown_cms
 
A privilege escalation issue was discovered in the postUser function in HashBrown CMS through 1.3.3. An editor user can change the password hash of an admin user’s account, or otherwise reconfigure that account. 2020-01-13 6.5 CVE-2020-6949
MISC

ibm — qradar_security_information_and_event_manager

IBM QRadar SIEM 7.3.0 through 7.3.3 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 166355. 2020-01-10 5 CVE-2019-4559
XF
CONFIRM
jcow — jcow
 
A Cross-Site Scripting (XSS) vulnerability exists in the g parameter to index.php in Jcow CMS 4.2 and earlier. 2020-01-14 4.3 CVE-2011-3202
MISC
jenkins — jenkins
 
A cross-site request forgery vulnerability in Jenkins Amazon EC2 Plugin 1.47 and earlier allows attackers to connect to an attacker-specified URL within the AWS region using attacker-specified credentials IDs obtained through another method. 2020-01-15 6.8 CVE-2020-2090
CONFIRM
kubernetes — kubernetes Versions < 1.5 of the Kubernetes ingress default backend, which handles invalid ingress traffic, exposed prometheus metrics publicly. 2020-01-14 5 CVE-2018-1002104
CONFIRM
markdown2 — markdown2 python-markdown2 before 1.0.1.14 has multiple cross-site scripting (XSS) issues. 2020-01-15 4.3 CVE-2009-3724
MISC
MISC
microsoft — asp.net_core A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka ‘ASP.NET Core Denial of Service Vulnerability’. 2020-01-14 5 CVE-2020-0602
REDHAT
REDHAT
N/A
microsoft — multiple_windows_products An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka ‘Windows Search Indexer Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0631, CVE-2020-0632, CVE-2020-0633. 2020-01-14 4.6 CVE-2020-0630
N/A
microsoft — multiple_windows_products An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka ‘Windows Search Indexer Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632, CVE-2020-0633. 2020-01-14 4.6 CVE-2020-0613
N/A
microsoft — multiple_windows_products An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka ‘Windows Search Indexer Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632, CVE-2020-0633. 2020-01-14 4.6 CVE-2020-0628
N/A
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka ‘Windows Search Indexer Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632, CVE-2020-0633. 2020-01-14 4.6 CVE-2020-0626
N/A
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka ‘Windows Search Indexer Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632, CVE-2020-0633. 2020-01-14 4.6 CVE-2020-0627
N/A
microsoft — multiple_windows_products
 
A remote code execution vulnerability exists in the Windows Remote Desktop Client when a user connects to a malicious server, aka ‘Remote Desktop Client Remote Code Execution Vulnerability’. 2020-01-14 5.1 CVE-2020-0611
N/A
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists when Microsoft Cryptographic Services improperly handles files, aka ‘Microsoft Cryptographic Services Elevation of Privilege Vulnerability’. 2020-01-14 4.6 CVE-2020-0620
N/A
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka ‘Windows Search Indexer Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632, CVE-2020-0633. 2020-01-14 4.6 CVE-2020-0623
N/A
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka ‘Windows Search Indexer Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632, CVE-2020-0633. 2020-01-14 4.6 CVE-2020-0629
N/A
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka ‘Windows Search Indexer Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0613, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632, CVE-2020-0633. 2020-01-14 4.6 CVE-2020-0614
N/A
microsoft — multiple_windows_products
 
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka ‘Microsoft Graphics Components Information Disclosure Vulnerability’. 2020-01-14 4.3 CVE-2020-0607
N/A
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka ‘Windows Search Indexer Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632. 2020-01-14 4.6 CVE-2020-0633
N/A
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka ‘Windows Search Indexer Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632, CVE-2020-0633. 2020-01-14 4.6 CVE-2020-0625
N/A
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka ‘Windows Search Indexer Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0632, CVE-2020-0633. 2020-01-14 4.6 CVE-2020-0631
N/A
microsoft — multiple_windows_products
 
An information disclosure vulnerability exists when Remote Desktop Web Access improperly handles credential information, aka ‘Remote Desktop Web Access Information Disclosure Vulnerability’. 2020-01-14 4 CVE-2020-0637
N/A
microsoft — multiple_windows_products
 
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka ‘Windows CryptoAPI Spoofing Vulnerability’. 2020-01-14 5.8 CVE-2020-0601
MISC
MISC
N/A
microsoft — multiple_windows_products
 
An elevation of privilege vulnerability exists in the way that the Windows Search Indexer handles objects in memory, aka ‘Windows Search Indexer Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0633. 2020-01-14 4.6 CVE-2020-0632
N/A
microsoft — office_and_office_365_proplus A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka ‘Microsoft Office Memory Corruption Vulnerability’. 2020-01-14 6.8 CVE-2020-0652
N/A
MISC
microsoft — windows_10_and_windows_server
 
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0642. 2020-01-14 4.6 CVE-2020-0624
N/A

microsoft — windows_10_and_windows_server_and_windows_server_2019

An elevation of privilege vulnerability exists in the way the Update Notification Manager handles files.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Update Notification Manager Elevation of Privilege Vulnerability’. 2020-01-14 4.6 CVE-2020-0638
N/A
microsoft — windows_10_and_windows_server_and_windows_server_2019
 
A denial of service vulnerability exists when Windows improperly handles hard links, aka ‘Microsoft Windows Denial of Service Vulnerability’. 2020-01-14 4.9 CVE-2020-0616
N/A
MISC
mitel — sip-dect_wireless_devices
 
An encryption key vulnerability on Mitel SIP-DECT wireless devices 8.0 and 8.1 could allow an attacker to launch a man-in-the-middle attack. A successful exploit may allow the attacker to intercept sensitive information. 2020-01-13 4.3 CVE-2019-19891
MISC
CONFIRM
mozilla — firefox Mozilla Firefox before 3.6 is vulnerable to XSS via the rendering of Cascading Style Sheets 2020-01-13 4.3 CVE-2011-2670
MISC
nitro_software — free_pdf_reader
 
The JBIG2Globals library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x90ec NULL Pointer Dereference via crafted Unicode content. 2020-01-10 4.3 CVE-2019-19819
MISC
MISC
nitro_software — free_pdf_reader
 
The JBIG2Decode library in npdf.dll in Nitro Free PDF Reader 12.0.0.112 has a CAPPDAnnotHandlerUtils::PDAnnotHandlerDestroyData2+0x2e8a Out-of-Bounds Read via crafted Unicode content. 2020-01-10 4.3 CVE-2019-19817
MISC
MISC
openjpeg — openjpeg
 
OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in libopenjp2.so. 2020-01-13 5 CVE-2020-6851
MISC
oracle — applications_framework
 
Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Applications Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Applications Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Framework accessible data. CVSS 3.0 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N). 2020-01-15 4.3 CVE-2020-2566
MISC
oracle — applications_framwork Vulnerability in the Oracle Applications Framework product of Oracle E-Business Suite (component: Attachments / File Upload). Supported versions that are affected are 12.2.5-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Applications Framework. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Framework accessible data. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). 2020-01-15 5 CVE-2020-2666
MISC
oracle — banking_corporate_lending

 

Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Corporate Lending accessible data as well as unauthorized read access to a subset of Oracle Banking Corporate Lending accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N). 2020-01-15 5.8 CVE-2020-2717
MISC
oracle — banking_corporate_lending
 
Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Corporate Lending accessible data as well as unauthorized read access to a subset of Oracle Banking Corporate Lending accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). 2020-01-15 5.5 CVE-2020-2715
MISC
oracle — banking_corporate_lending
 
Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Banking Corporate Lending accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). 2020-01-15 4 CVE-2020-2719
MISC
oracle — banking_corporate_lending
 
Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Corporate Lending accessible data as well as unauthorized update, insert or delete access to some of Oracle Banking Corporate Lending accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). 2020-01-15 5.5 CVE-2020-2718
MISC
oracle — banking_corporate_lending
 
Vulnerability in the Oracle Banking Corporate Lending product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 12.3.0-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Corporate Lending accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). 2020-01-15 4 CVE-2020-2716
MISC
oracle — banking_payments
 
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Payments accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). 2020-01-15 4 CVE-2020-2711
MISC
oracle — banking_payments
 
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Banking Payments accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). 2020-01-15 4 CVE-2020-2714
MISC
oracle — banking_payments
 
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Payments accessible data as well as unauthorized read access to a subset of Oracle Banking Payments accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). 2020-01-15 5.5 CVE-2020-2710
MISC
oracle — banking_payments
 
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Banking Payments accessible data as well as unauthorized read access to a subset of Oracle Banking Payments accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N). 2020-01-15 5.8 CVE-2020-2712
MISC
oracle — banking_payments
 
Vulnerability in the Oracle Banking Payments product of Oracle Financial Services Applications (component: Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Payments accessible data as well as unauthorized update, insert or delete access to some of Oracle Banking Payments accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). 2020-01-15 5.5 CVE-2020-2713
MISC
oracle — business_intelligence_enterprise_edition Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Actions). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Business Intelligence Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Business Intelligence Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Business Intelligence Enterprise Edition accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Business Intelligence Enterprise Edition. CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L). 2020-01-15 6.8 CVE-2020-2537
MISC
oracle — business_intelligence_enterprise_edition Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: Analytics Server). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Business Intelligence Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Business Intelligence Enterprise Edition accessible data. CVSS 3.0 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N). 2020-01-15 4.3 CVE-2020-2535
MISC
oracle — crm_technical_foundation Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle CRM Technical Foundation. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle CRM Technical Foundation, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle CRM Technical Foundation accessible data as well as unauthorized update, insert or delete access to some of Oracle CRM Technical Foundation accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 2020-01-15 5.8 CVE-2020-2651
MISC
oracle — crm_technical_foundation
 
Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle CRM Technical Foundation. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle CRM Technical Foundation, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle CRM Technical Foundation accessible data as well as unauthorized update, insert or delete access to some of Oracle CRM Technical Foundation accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 2020-01-15 5.8 CVE-2020-2653
MISC
oracle — crm_technical_foundation
 
Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle CRM Technical Foundation. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle CRM Technical Foundation, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle CRM Technical Foundation accessible data as well as unauthorized update, insert or delete access to some of Oracle CRM Technical Foundation accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 2020-01-15 5.8 CVE-2020-2652
MISC
oracle — crm_technical_foundation
 
Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Message Hooks). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle CRM Technical Foundation. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle CRM Technical Foundation, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle CRM Technical Foundation accessible data. CVSS 3.0 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N). 2020-01-15 4.3 CVE-2020-2596
MISC
oracle — crm_technical_foundation
 
Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite (component: Preferences). Supported versions that are affected are 12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle CRM Technical Foundation. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle CRM Technical Foundation, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle CRM Technical Foundation accessible data. CVSS 3.0 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N). 2020-01-15 4.3 CVE-2020-2657
MISC
oracle — email_center Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Email Center. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Email Center, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Email Center accessible data as well as unauthorized update, insert or delete access to some of Oracle Email Center accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 2020-01-15 5.8 CVE-2020-2671
MISC
oracle — email_center
 
Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Email Center. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Email Center, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Email Center accessible data as well as unauthorized update, insert or delete access to some of Oracle Email Center accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 2020-01-15 5.8 CVE-2020-2672
MISC
oracle — email_center
 
Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Email Center. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Email Center, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Email Center accessible data as well as unauthorized update, insert or delete access to some of Oracle Email Center accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 2020-01-15 5.8 CVE-2020-2670
MISC
oracle — email_center
 
Vulnerability in the Oracle Email Center product of Oracle E-Business Suite (component: Message Display). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Email Center. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Email Center, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Email Center accessible data as well as unauthorized update, insert or delete access to some of Oracle Email Center accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 2020-01-15 5.8 CVE-2020-2669
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Manager Repository). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2616
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Oracle Management Service). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2615
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Connector Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2642
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2610
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Event Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2622
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2612
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Global EM Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2613
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Oracle Management Service). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2644
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Discovery Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2617
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Job System). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2643
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2618
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2619
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2620
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Connector Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2645
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2611
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data as well as unauthorized read access to a subset of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L). 2020-01-15 6.5 CVE-2020-2609
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Connector Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2633
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Application Service Level Mgmt). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2636
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Job System). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2625
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Command Line Interface). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Enterprise Manager Base Platform, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data as well as unauthorized read access to a subset of Enterprise Manager Base Platform accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 4.9 CVE-2020-2646
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Enterprise Config Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2621
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Repository). Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2608
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Host Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2639
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Connector Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2624
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Metrics Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2623
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Cloud Control Manager – OMS). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2626
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Host Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2628
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Extensibility Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2629
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Extensibility Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2630
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Application Service Level Mgmt). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2631
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: System Monitoring). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2632
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: Configuration Standard Framewk). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2634
MISC
oracle — enterprise_manager_base_platform
 
Vulnerability in the Enterprise Manager Base Platform product of Oracle Enterprise Manager (component: System Monitoring). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager Base Platform. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager Base Platform accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager Base Platform accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager Base Platform. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 6.5 CVE-2020-2635
MISC
oracle — financial_services_revenue_management_and_billing
 
Vulnerability in the Oracle Financial Services Revenue Management and Billing product of Oracle Financial Services Applications (component: File Upload). Supported versions that are affected are 2.7.0.0, 2.7.0.1 and 2.8.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Revenue Management and Billing. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Financial Services Revenue Management and Billing, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Financial Services Revenue Management and Billing accessible data as well as unauthorized read access to a subset of Oracle Financial Services Revenue Management and Billing accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 4.9 CVE-2020-2730
MISC
oracle — flexcube_investor_servicing
 
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1.0-12.4.0 and 14.0.0-14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). 2020-01-15 4 CVE-2020-2721
MISC
oracle — flexcube_investor_servicing
 
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1.0-12.4.0 and 14.0.0-14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). 2020-01-15 4 CVE-2020-2724
MISC
oracle — flexcube_investor_servicing
 
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1.0-12.4.0 and 14.0.0-14.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N). 2020-01-15 5.8 CVE-2020-2722
MISC
oracle — flexcube_investor_servicing
 
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1.0-12.4.0 and 14.0.0-14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). 2020-01-15 5.5 CVE-2020-2720
MISC
oracle — flexcube_investor_servicing
 
Vulnerability in the Oracle FLEXCUBE Investor Servicing product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.1.0-12.4.0 and 14.0.0-14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Investor Servicing accessible data as well as unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). 2020-01-15 5.5 CVE-2020-2723
MISC
oracle — flexcube_universal_banking
 
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized update, insert or delete access to some of Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). 2020-01-15 5.5 CVE-2020-2699
MISC
oracle — flexcube_universal_banking
 
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N). 2020-01-15 4 CVE-2020-2684
MISC
oracle — flexcube_universal_banking
 
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). 2020-01-15 5.5 CVE-2020-2683
MISC
oracle — flexcube_universal_banking
 
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). 2020-01-15 4 CVE-2020-2700
MISC
oracle — flexcube_universal_banking
 
Vulnerability in the Oracle FLEXCUBE Universal Banking product of Oracle Financial Services Applications (component: Infrastructure). Supported versions that are affected are 12.0.1-12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle FLEXCUBE Universal Banking. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle FLEXCUBE Universal Banking accessible data as well as unauthorized read access to a subset of Oracle FLEXCUBE Universal Banking accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N). 2020-01-15 5.8 CVE-2020-2685
MISC
oracle — http_server Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Web Listener). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle HTTP Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle HTTP Server accessible data as well as unauthorized read access to a subset of Oracle HTTP Server accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 5.8 CVE-2020-2530
MISC
oracle — http_server
 
Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: OSSL Module). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle HTTP Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle HTTP Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). 2020-01-15 5 CVE-2020-2545
MISC
oracle — human_resources
 
Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Hierarchy Diagrammers). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle Human Resources. While the vulnerability is in Oracle Human Resources, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Human Resources accessible data as well as unauthorized access to critical data or complete access to all Oracle Human Resources accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Human Resources. CVSS 3.0 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L). 2020-01-15 6.5 CVE-2020-2586
MISC
oracle — human_resources
 
Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite (component: Hierarchy Diagrammers). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise Oracle Human Resources. While the vulnerability is in Oracle Human Resources, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Human Resources accessible data as well as unauthorized access to critical data or complete access to all Oracle Human Resources accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Human Resources. CVSS 3.0 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:L). 2020-01-15 6.5 CVE-2020-2587
MISC
oracle — identity_manager Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: OIM – LDAP user and role Synch). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Identity Manager. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Identity Manager accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). 2020-01-15 5 CVE-2020-2728
MISC
oracle — identity_manager
 
Vulnerability in the Identity Manager product of Oracle Fusion Middleware (component: Advanced Console). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Identity Manager. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Identity Manager accessible data as well as unauthorized read access to a subset of Identity Manager accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). 2020-01-15 5.5 CVE-2020-2729
MISC
oracle — ilearning
 
Vulnerability in the Oracle iLearning product of Oracle iLearning (component: Learner Pages). The supported version that is affected is 6.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iLearning, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle iLearning accessible data. CVSS 3.0 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N). 2020-01-15 4.3 CVE-2020-2709
MISC
oracle — istore
 
Vulnerability in the Oracle iStore product of Oracle E-Business Suite (component: Shopping Cart). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle iStore. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iStore, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iStore accessible data as well as unauthorized update, insert or delete access to some of Oracle iStore accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 2020-01-15 5.8 CVE-2020-2582
MISC
oracle — isupport
 
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Others). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle iSupport. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iSupport, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle iSupport accessible data. CVSS 3.0 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N). 2020-01-15 4.3 CVE-2020-2668
MISC
oracle — isupport
 
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Others). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle iSupport. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iSupport, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle iSupport accessible data. CVSS 3.0 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N). 2020-01-15 4.3 CVE-2020-2667
MISC
oracle — isupport
 
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Others). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle iSupport. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iSupport, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iSupport accessible data as well as unauthorized update, insert or delete access to some of Oracle iSupport accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 2020-01-15 5.8 CVE-2020-2661
MISC
oracle — isupport
 
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Others). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle iSupport. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iSupport, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iSupport accessible data as well as unauthorized update, insert or delete access to some of Oracle iSupport accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 2020-01-15 5.8 CVE-2020-2658
MISC
oracle — isupport
 
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Others). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle iSupport. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iSupport, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iSupport accessible data as well as unauthorized update, insert or delete access to some of Oracle iSupport accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 2020-01-15 5.8 CVE-2020-2662
MISC
oracle — isupport
 
Vulnerability in the Oracle iSupport product of Oracle E-Business Suite (component: Others). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle iSupport. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iSupport, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iSupport accessible data as well as unauthorized update, insert or delete access to some of Oracle iSupport accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 2020-01-15 5.8 CVE-2020-2665
MISC
oracle — mysql_client
 
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). 2020-01-15 4.3 CVE-2020-2574
MISC
oracle — mysql_client
 
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). 2020-01-15 4.3 CVE-2020-2573
MISC
oracle — mysql_client
 
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). 2020-01-15 4.3 CVE-2020-2570
MISC
oracle — mysql_server Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). 2020-01-15 4 CVE-2020-2686
MISC
oracle — mysql_server Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Audit Plugin). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N). 2020-01-15 4 CVE-2020-2572
MISC
oracle — mysql_server Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 2020-01-15 4 CVE-2020-2580
MISC
oracle — mysql_server
 
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DML). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 2020-01-15 4 CVE-2020-2588
MISC
oracle — mysql_server
 
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 2020-01-15 4 CVE-2020-2577
MISC
oracle — mysql_server
 
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). 2020-01-15 4 CVE-2020-2579
MISC
oracle — mysql_server
 
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). 2020-01-15 4 CVE-2020-2627
MISC
oracle — mysql_server
 
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.28 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 2020-01-15 4 CVE-2020-2589
MISC
oracle — mysql_server
 
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 2020-01-15 4 CVE-2020-2660
MISC
oracle — mysql_server
 
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). 2020-01-15 4 CVE-2020-2679
MISC
oracle — one-to-one_fulfillment
 
Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite (component: Call Phone Number Page). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle One-to-One Fulfillment. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle One-to-One Fulfillment, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle One-to-One Fulfillment accessible data. CVSS 3.0 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N). 2020-01-15 4.3 CVE-2020-2597
MISC
oracle — outside_in_technology

 

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Outside In Technology accessible data as well as unauthorized read access to a subset of Oracle Outside In Technology accessible data. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N). 2020-01-15 5.8 CVE-2020-2536
MISC
oracle — outside_in_technology
 
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L). 2020-01-15 6.4 CVE-2020-2541
MISC
oracle — outside_in_technology
 
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L). 2020-01-15 6.4 CVE-2020-2542
MISC
oracle — outside_in_technology
 
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L). 2020-01-15 6.4 CVE-2020-2540
MISC
oracle — peoplesoft_enterprise_cc_common_application_objects
 
Vulnerability in the PeopleSoft Enterprise CC Common Application Objects product of Oracle PeopleSoft (component: Approval Framework). Supported versions that are affected are 9.1 and 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise CC Common Application Objects. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise CC Common Application Objects accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). 2020-01-15 5 CVE-2020-2695
MISC
oracle — peoplesoft_enterprise_peopletools
 
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 5.8 CVE-2020-2607
MISC
oracle — primavera_p6_enterprise_project_portfolio_management
 
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: WebAccess). Supported versions that are affected are 15.1.0.0-15.2.18.7, 16.1.0.0-16.2.19.0, 17.1.0.0-17.12.16.0, 18.1.0.0-18.8.16.0 and 19.12.0.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primavera P6 Enterprise Project Portfolio Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Primavera P6 Enterprise Project Portfolio Management accessible data as well as unauthorized read access to a subset of Primavera P6 Enterprise Project Portfolio Management accessible data. CVSS 3.0 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 4.9 CVE-2020-2707
MISC
oracle — reports_developer
 
Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware (component: Security and Authentication). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reports Developer. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Reports Developer, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Reports Developer accessible data as well as unauthorized read access to a subset of Oracle Reports Developer accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 5.8 CVE-2020-2533
MISC
oracle — reports_developer
 
Vulnerability in the Oracle Reports Developer product of Oracle Fusion Middleware (component: Security and Authentication). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Reports Developer. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Reports Developer, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Reports Developer accessible data as well as unauthorized read access to a subset of Oracle Reports Developer accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 5.8 CVE-2020-2534
MISC
oracle — solaris
 
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via SMB to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Solaris. CVSS 3.0 Base Score 5.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L). 2020-01-15 5 CVE-2020-2558
MISC
oracle — vm_virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H). 2020-01-15 4.4 CVE-2020-2702
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H). 2020-01-15 4.4 CVE-2020-2726
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H). 2020-01-15 4.4 CVE-2020-2701
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H). 2020-01-15 4.4 CVE-2020-2698
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). 2020-01-15 4.6 CVE-2020-2682
MISC
oracle — web_applications_desktop_integrator
 
Vulnerability in the Oracle Web Applications Desktop Integrator product of Oracle E-Business Suite (component: Application Service). The supported version that is affected is 12.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Web Applications Desktop Integrator. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Web Applications Desktop Integrator, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Web Applications Desktop Integrator accessible data as well as unauthorized update, insert or delete access to some of Oracle Web Applications Desktop Integrator accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). 2020-01-15 5.8 CVE-2020-2591
MISC
oracle — webcenter_sites
 
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebCenter Sites accessible data as well as unauthorized read access to a subset of Oracle WebCenter Sites accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 5.8 CVE-2020-2539
MISC
oracle — webcenter_sites
 
Vulnerability in the Oracle WebCenter Sites product of Oracle Fusion Middleware (component: Advanced UI). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebCenter Sites. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebCenter Sites accessible data as well as unauthorized read access to a subset of Oracle WebCenter Sites accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebCenter Sites. CVSS 3.0 Base Score 7.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L). 2020-01-15 6.8 CVE-2020-2538
MISC
oracle — weblogic Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). The supported version that is affected is 10.3.6.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). 2020-01-15 6.5 CVE-2020-2549
MISC
oracle — weblogic_server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 4.9 CVE-2020-2547
MISC
oracle — weblogic_server Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N). 2020-01-15 4.3 CVE-2020-2544
MISC
oracle — weblogic_server
 
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). The supported version that is affected is 10.3.6.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 4.9 CVE-2020-2548
MISC
oracle — weblogic_server
 
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebLogic Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data as well as unauthorized read access to a subset of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 4.9 CVE-2020-2552
MISC
oracle — weblogic_server
 
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Console). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle WebLogic Server. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L). 2020-01-15 4.3 CVE-2020-2519
MISC
powerdns — authoritative_server
 
The DNS packet parsing/generation code in PowerDNS (aka pdns) Authoritative Server 3.4.x before 3.4.6 allows remote attackers to cause a denial of service (crash) via crafted query packets. 2020-01-15 5 CVE-2015-5230
MISC
MISC
CONFIRM
ricoh — sp_c250dn_printers
 
Ricoh SP C250DN 1.06 devices allow CSRF. 2020-01-10 6.8 CVE-2019-14304
CONFIRM
serpico_project — serpico An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. It does not use CSRF Tokens to mitigate against CSRF; it uses the Origin header (which must match the request origin). This is problematic in conjunction with XSS: one can escalate privileges from User level to Administrator. 2020-01-15 6.8 CVE-2019-19854
MISC
snews — snews
 
A Cross-Site Scripting (XSS) vulnerability exists in the reorder administrator functions in sNews 1.71. 2020-01-14 4.3 CVE-2011-2706
MISC
MISC
status2k — status2k Status2k does not remove the install directory allowing credential reset. 2020-01-10 5 CVE-2014-5093
MISC
MISC
symantec — endpoint_detection_and_response
 
Symantec Endpoint Detection and Response (SEDR), prior to 4.3.0, may be susceptible to a cross site scripting (XSS) issue. XSS is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. An XSS vulnerability may be used by attackers to potentially bypass access controls such as the same-origin policy. 2020-01-13 4.3 CVE-2019-19547
CONFIRM
tophub — toplist
 
TopList before 2019-09-03 allows XSS via a title. 2020-01-11 4.3 CVE-2019-20377
MISC
websitebaker — websitebaker
 
A Cross Site Request Forgery (CSRF) vulnerability exists in the administrator functions in WebsiteBaker 2.8.1 and earlier due to inadequate confirmation for sensitive transactions. 2020-01-14 6.8 CVE-2011-2934
MISC
wordpress — wordpress The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow nsecure Direct Object Reference (IDOR) via wp-admin/admin-ajax.php to delete any page/post/listing. 2020-01-13 6.4 CVE-2019-20209
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
wordpress — wordpress The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via the chat widget/page message form. 2020-01-13 4.3 CVE-2019-20212
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
wordpress — wordpress
 
Pretty-Link WordPress plugin 1.5.2 has XSS 2020-01-10 4.3 CVE-2011-4595
MISC
MISC
wordpress — wordpress
 
flog plugin 0.1 for WordPress has XSS 2020-01-10 4.3 CVE-2014-4530
MISC
wordpress — wordpress
 
The ultimate-weather plugin 1.0 for WordPress has XSS 2020-01-10 4.3 CVE-2014-4561
MISC
wordpress — wordpress
 
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Reflected XSS via a search query. 2020-01-13 4.3 CVE-2019-20210
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
wordpress — wordpress
 
The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phone Number, or Website. 2020-01-13 4.3 CVE-2019-20211
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
zoho_manageengine — eventlog_analyzer
 
Zoho ManageEngine EventLog Analyzer versions 7 through 9.9 build 9002 have a database Information Disclosure Vulnerability 2020-01-13 5 CVE-2014-6038
MISC
MISC
MISC
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
f5 — big-ip_access_policy_manager
 
In BIG-IP APM portal access on versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, when backend servers serve HTTP pages with special JavaScript code, this can lead to internal portal access name conflict. 2020-01-14 3.5 CVE-2020-5853
CONFIRM

ibm — qradar_security_information_and_event_manager

 

IBM QRadar SIEM 7.3.0 through 7.3.3 uses weak credential storage in some instances which could be decrypted by a local attacker. IBM X-Force ID: 164429. 2020-01-10 2.1 CVE-2019-4508
XF
CONFIRM
itasteam — articlefr
 
Directory traversal vulnerability in application/templates/amelia/loadjs.php in Free Reprintables ArticleFR 3.0.7 and earlier allows local users to read arbitrary files via the s parameter. 2020-01-15 2.1 CVE-2015-6591
MISC
microsoft — multiple_windows_products An information disclosure vulnerability exists when the win32k component improperly provides kernel information, aka ‘Win32k Information Disclosure Vulnerability’. 2020-01-14 2.1 CVE-2020-0608
N/A
microsoft — multiple_windows_products
 
An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka ‘Windows Common Log File System Driver Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2020-0639. 2020-01-14 2.1 CVE-2020-0615
N/A
MISC
microsoft — multiple_windows_products
 
An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface Plus (GDI+) handles objects in memory, allowing an attacker to retrieve information from a targeted system, aka ‘Windows GDI+ Information Disclosure Vulnerability’. 2020-01-14 2.1 CVE-2020-0643
N/A

microsoft — windows_10_and_windows_server_and_windows_server_2016

An information disclosure vulnerability exists when the Microsoft Windows Graphics Component improperly handles objects in memory, aka ‘Microsoft Graphics Component Information Disclosure Vulnerability’. 2020-01-14 2.1 CVE-2020-0622
N/A

microsoft — windows_10_and_windows_server_and_windows_server_2019

A security feature bypass vulnerability exists in Windows 10 when third party filters are called during a password update, aka ‘Windows Security Feature Bypass Vulnerability’. 2020-01-14 2.1 CVE-2020-0621
N/A
opentrade — opentrade
 
OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is executed when an administrator attempts to delete a message that contains JavaScript. 2020-01-11 3.5 CVE-2020-6847
MISC
MISC
CONFIRM
oracle — database_server Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Core RDBMS executes to compromise Core RDBMS. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Core RDBMS accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Core RDBMS. CVSS 3.0 Base Score 3.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L). 2020-01-15 3.3 CVE-2020-2731
MISC
oracle — food_and_beverage_applications
 
Vulnerability in the Oracle Hospitality Suites Management component of Oracle Food and Beverage Applications. Supported versions that are affected are 3.7 and 3.8. Easily exploitable vulnerability allows physical access to compromise Oracle Hospitality Suites Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Suites Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Suites Management accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). 2020-01-15 3.2 CVE-2020-2697
MISC
oracle — mysql_server
 
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Options). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N). 2020-01-15 3.5 CVE-2020-2584
MISC
oracle — mysql_server
 
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Information Schema). Supported versions that are affected are 8.0.18 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N). 2020-01-15 3.5 CVE-2020-2694
MISC
oracle — oracle_business_intelligence_enterprise_edition
 
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion Middleware (component: BI Platform Security). Supported versions that are affected are 12.2.1.3.0 and 12.2.1.4.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Business Intelligence Enterprise Edition accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N). 2020-01-15 2.6 CVE-2020-2531
MISC
oracle — vm_virtualbox Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N). 2020-01-15 2.1 CVE-2020-2692
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N). 2020-01-15 1.9 CVE-2020-2693
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N). 2020-01-15 3.3 CVE-2020-2678
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N). 2020-01-15 2.1 CVE-2020-2681
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N). 2020-01-15 2.1 CVE-2020-2689
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N). 2020-01-15 2.1 CVE-2020-2690
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). 2020-01-15 2.1 CVE-2020-2727
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N). 2020-01-15 2.1 CVE-2020-2691
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H). 2020-01-15 2.1 CVE-2020-2725
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N). 2020-01-15 2.1 CVE-2020-2705
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N). 2020-01-15 2.1 CVE-2020-2704
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36 and prior to 6.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H). 2020-01-15 2.1 CVE-2020-2703
MISC
oracle — weblogic_server
 
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: WLS Core Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle WebLogic Server executes to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebLogic Server accessible data as well as unauthorized update, insert or delete access to some of Oracle WebLogic Server accessible data. CVSS 3.0 Base Score 5.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N). 2020-01-15 3.6 CVE-2020-2550
MISC
serpico_project — serpico An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/add_user/UID allows stored XSS via the author parameter. 2020-01-15 3.5 CVE-2019-19858
CONFIRM
MISC
serpico_project — serpico
 
An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. The User Type on the admin/list_user page allows stored XSS via the type parameter. 2020-01-15 3.5 CVE-2019-19856
CONFIRM
MISC
serpico_project — serpico
 
An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/list_user allows stored XSS via the auth_type parameter. 2020-01-15 3.5 CVE-2019-19855
CONFIRM
MISC
wordpress — wordpress
 
Cross-site scripting (XSS) vulnerability in the Plotly plugin before 1.0.3 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via a post. 2020-01-15 3.5 CVE-2015-5484
MISC
MISC
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
abb — cp651_hmi_products
 
ABB CP651 HMI products revision BSP UN30 v1.76 and prior implement hidden administrative accounts that are used during the provisioning phase of the HMI interface. 2020-01-14 not yet calculated CVE-2019-10995
BID
MISC
abrt_project — automatic_bug_reporting_tool The default event handling scripts in Automatic Bug Reporting Tool (ABRT) allow local users to gain privileges as demonstrated by a symlink attack on a var_log_messages file. 2020-01-14 not yet calculated CVE-2015-1869
MISC
MISC
CONFIRM
CONFIRM
abrt_project — automatic_bug_reporting_tool
 
Directory traversal vulnerability in abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to read, write to, or change ownership of arbitrary files via unspecified vectors to the (1) NewProblem, (2) GetInfo, (3) SetElement, or (4) DeleteElement method. 2020-01-14 not yet calculated CVE-2015-3151
MISC
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
abrt_project — automatic_bug_reporting_tool
 
The abrt-action-install-debuginfo-to-abrt-cache help program in Automatic Bug Reporting Tool (ABRT) does not properly handle the process environment before invoking abrt-action-install-debuginfo, which allows local users to gain privileges. 2020-01-14 not yet calculated CVE-2015-3159
CONFIRM
CONFIRM
CONFIRM
abrt_project — automatic_bug_reporting_tool
 
abrt-dbus in Automatic Bug Reporting Tool (ABRT) allows local users to delete or change the ownership of arbitrary files via the problem directory argument to the (1) ChownProblemDir, (2) DeleteElement, or (3) DeleteProblem method. 2020-01-14 not yet calculated CVE-2015-3150
MISC
MISC
MISC
MISC
MISC
abrt_project — automatic_bug_reporting_tool
 
daemon/abrt-handle-upload.in in Automatic Bug Reporting Tool (ABRT), when moving problem reports from /var/spool/abrt-upload, allows local users to write to arbitrary files or possibly have other unspecified impact via a symlink attack on (1) /var/spool/abrt or (2) /var/tmp/abrt. 2020-01-14 not yet calculated CVE-2015-3147
MISC
MISC
MISC
CONFIRM
MISC
adb_broadband — p.dga4001n_router
 
The ADB (formerly Pirelli Broadband Solutions) P.DGA4001N router with firmware PDG_TEF_SP_4.06L.6, and possibly other routers, uses “1236790” and the MAC address to generate the WPA key. 2020-01-14 not yet calculated CVE-2015-0558
MISC
MISC
MISC
adobe — experience_manager
 
Adobe Experience Manager versions 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure. 2020-01-15 not yet calculated CVE-2019-16466
CONFIRM

aist — delegate

DeleGate 9.9.13 allows local users to gain privileges as demonstrated by the dgcpnod setuid program. 2020-01-15 not yet calculated CVE-2015-7556
MISC
MISC
amcrest — web_server
 
An issue was discovered in Amcrest Web Server 2.520.AC00.18.R 2017-06-29 WEB 3.2.1.453504. The login page responds with JavaScript when one tries to authenticate. An attacker who changes the result parameter (to true) in this JavaScript code can bypass authentication and achieve limited privileges (ability to see every option but not modify them). 2020-01-18 not yet calculated CVE-2020-7222
MISC
angular — angular
 
A Stored Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many application forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS. This can lead to privilege escalation. 2020-01-17 not yet calculated CVE-2019-17127
CONFIRM
MISC
angular — angular
 
A Reflected Client Side Template Injection (CSTI) with Angular was discovered in the SolarWinds Orion Platform 2019.2 HF1 in many forms. An attacker can inject an Angular expression and escape the Angular sandbox to achieve stored XSS. 2020-01-17 not yet calculated CVE-2019-17125
CONFIRM
MISC
apache — airflow
 
In Apache Airflow before 1.10.5 when running with the “classic” UI, a malicious admin user could edit the state of objects in the Airflow metadata database to execute arbitrary javascript on certain page views. The new “RBAC” UI is unaffected. 2020-01-14 not yet calculated CVE-2019-12398
MLIST
MLIST
MLIST
apache — beam
 
The Apache Beam MongoDB connector in versions 2.10.0 to 2.16.0 has an option to disable SSL trust verification. However this configuration is not respected and the certificate verification disables trust verification in every case. This exclusion also gets registered globally which disables trust checking for any code running in the same JVM. 2020-01-15 not yet calculated CVE-2020-1929
MLIST
apache — cxf
 
Apache CXF ships with a OpenId Connect JWK Keys service, which allows a client to obtain the public keys in JWK format, which can then be used to verify the signature of tokens issued by the service. Typically, the service obtains the public key from a local keystore (JKS/PKCS12) by specifing the path of the keystore and the alias of the keystore entry. This case is not vulnerable. However it is also possible to obtain the keys from a JWK keystore file, by setting the configuration parameter “rs.security.keystore.type” to “jwk”. For this case all keys are returned in this file “as is”, including all private key and secret key credentials. This is an obvious security risk if the user has configured the signature keystore file with private or secret key credentials. From CXF 3.3.5 and 3.2.12, it is mandatory to specify an alias corresponding to the id of the key in the JWK file, and only this key is returned. In addition, any private key information is omitted by default. “oct” keys, which contain secret keys, are not returned at all. 2020-01-16 not yet calculated CVE-2019-12423
CONFIRM
MLIST
apache — kafka
 
When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on that Connect cluster to use an externalized secret variable in a substring of a connector configuration property value, then any client can issue a request to the same Connect cluster to obtain the connector’s task configuration and the response will contain the plaintext secret rather than the externalized secrets variables. 2020-01-14 not yet calculated CVE-2019-12399
MLIST
MLIST
MLIST
MLIST
MLIST
automobility_distribution — mycar_controls
 
The MyCar Controls of AutoMobility Distribution Inc., mobile application contains hard-coded admin credentials. A remote unauthenticated attacker may be able to send commands to and retrieve data from a target MyCar unit. This may allow the attacker to learn the location of a target, or gain unauthorized physical access to a vehicle. This issue affects AutoMobility MyCar versions prior to 3.4.24 on iOS and versions prior to 4.1.2 on Android. This issue has additionally been fixed in Carlink, Link, Visions MyCar, and MyCar Kia. 2020-01-15 not yet calculated CVE-2019-9493
MISC
MISC
MISC
CERT-VN
BID
avast — premium_security In Avast Premium Security 19.8.2393, attackers can send a specially crafted request to the local web server run by Avast Antivirus on port 27275 to support Bank Mode functionality. A flaw in the processing of a command allows execution of arbitrary OS commands with the privileges of the currently logged in user. This allows for example attackers who compromised a browser extension to escape from the browser sandbox. 2020-01-13 not yet calculated CVE-2019-18894
MISC
avast — secure_browser
 
XSS in the Video Downloader component before 1.5 of Avast Secure Browser 77.1.1831.91 and AVG Secure Browser 77.0.1790.77 allows websites to execute their code in the context of this component. While Video Downloader is technically a browser extension, it is granted a very wide set of privileges and can for example access cookies and browsing history, spy on the user while they are surfing the web, and alter their surfing experience in almost arbitrary ways. 2020-01-13 not yet calculated CVE-2019-18893
MISC
aveva_and_schnieder_electric — vijeo_citect_and_citectscada_and_power_scada_operation
 
The IEC870IP driver for AVEVA?s Vijeo Citect and Citect SCADA and Schneider Electric?s Power SCADA Operation has a buffer overflow vulnerability that could result in a server-side crash. 2020-01-14 not yet calculated CVE-2019-13537
CONFIRM
MISC
bftpdf — bftpd
 
An issue was discovered in Bftpd before 5.4. There is a heap-based off-by-one error during file-transfer error checking. 2020-01-10 not yet calculated CVE-2020-6835
MISC
MISC
bmc — remedy_ar_system_server AR System Mid Tier in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to “navigate” to arbitrary files via the __report parameter of the BIRT viewer servlet. 2020-01-15 not yet calculated CVE-2015-5071
CONFIRM
MISC
bmc — remedy_ar_system_server
 
The BIRT Engine servlet in the AR System Mid Tier component before 9.0 SP1 for BMC Remedy AR System Server allows remote authenticated users to “navigate” to arbitrary local files via the __imageid parameter. 2020-01-15 not yet calculated CVE-2015-5072
CONFIRM
MISC
broadcom — brcmfmac_drivers The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be constructed to trigger an heap buffer overflow in the brcmf_wowl_nd_results function. This vulnerability can be exploited with compromised chipsets to compromise the host, or when used in combination with CVE-2019-9503, can be used remotely. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions. 2020-01-16 not yet calculated CVE-2019-9500
MISC
MISC
MISC
broadcom — brcmfmac_drivers
 
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the is_wlc_event_frame function will cause this frame to be discarded and unprocessed. If the driver receives the firmware event frame from the host, the appropriate handler is called. This frame validation can be bypassed if the bus used is USB (for instance by a wifi dongle). This can allow firmware event frames from a remote source to be processed. In the worst case scenario, by sending specially-crafted WiFi packets, a remote, unauthenticated attacker may be able to execute arbitrary code on a vulnerable system. More typically, this vulnerability will result in denial-of-service conditions. 2020-01-16 not yet calculated CVE-2019-9503
MISC
MISC
MISC
bsd-mailx — bsd-mailx
 
BSD mailx 8.1.2 and earlier allows remote attackers to execute arbitrary commands via a crafted email address. 2020-01-14 not yet calculated CVE-2014-7844
MISC
MISC
MISC
MISC
MISC
cayin_technology — smp-pro4_devices
 
An issue was discovered on Cayin SMP-PRO4 devices. They allow image_preview.html?filename= reflected XSS. 2020-01-13 not yet calculated CVE-2020-6955
MISC
cayin_technology — smp-pro4_devices
 
An issue was discovered on Cayin SMP-PRO4 devices. A user can discover a saved password by viewing the URL after a Connection String Test. This password is shown in the webpass parameter of a media_folder.cgi?apply_mode=ping_server URI. 2020-01-13 not yet calculated CVE-2020-6954
MISC
centire — yopify Yopify, an e-commerce notification plugin, up to April 06, 2017, leaks the first name, last initial, city, and recent purchase data of customers, all without user authorization. 2020-01-15 not yet calculated CVE-2017-3211
MISC
centreon — infrastructure_monitoring_software
 
Insecure permissions in cwrapper_perl in Centreon Infrastructure Monitoring Software through 19.10 allow local attackers to gain privileges. (cwrapper_perl is a setuid executable allowing execution of Perl scripts with root privileges.) 2020-01-16 not yet calculated CVE-2019-20327
MISC
MISC
cerberus — cerberus_ftp_server
 
The zip API endpoint in Cerberus FTP Server 8 allows an authenticated attacker without zip permission to use the zip functionality via an unrestricted API endpoint. Improper permission verification occurs when calling the file/ajax_download_zip/zip_name endpoint. The result is that a user without permissions can zip and download files even if they do not have permission to view whether the file exists. 2020-01-14 not yet calculated CVE-2020-5194
MISC
MISC
cerberus — cerberus_ftp_server
 
Reflected XSS through an IMG element in Cerberus FTP Server prior to versions 11.0.1 and 10.0.17 allows a remote attacker to execute arbitrary JavaScript or HTML via a crafted public folder URL. This occurs because of the folder_up.png IMG element not properly sanitizing user-inserted directory paths. The path modification must be done on a publicly shared folder for a remote attacker to insert arbitrary JavaScript or HTML. The vulnerability impacts anyone who clicks the malicious link crafted by the attacker. 2020-01-13 not yet calculated CVE-2020-5195
MISC
MISC
MISC
cisco — ironport_web_security_appliance
 
Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks 2020-01-15 not yet calculated CVE-2012-1326
MISC
CONFIRM
cisco — ironport_web_security_appliance
 
Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks 2020-01-15 not yet calculated CVE-2012-1316
MISC
MISC
cisco — ironport_web_security_appliance_asyncos Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks 2020-01-15 not yet calculated CVE-2012-0334
MISC
CONFIRM
cisco — unified_personal_communicator
 
Cisco Unified Personal Communicator 7.0 (1.13056) does not free allocated memory for received data and does not perform validation if memory allocation is successful, causing a remote denial of service condition. 2020-01-16 not yet calculated CVE-2010-3048
MISC
citrix — xenapp_online_plug-in_for_windows_and_receiver_for_windows
 
Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and Citrix Receiver for Windows 3.2 and earlier could allow remote attackers to execute arbitrary code by convincing a target to open a specially crafted file from an SMB or WebDAV fileserver. 2020-01-10 not yet calculated CVE-2012-4603
BID
SECTRACK
SECTRACK
XF
clamav — clamav
 
A vulnerability in the email parsing module Clam AntiVirus (ClamAV) Software versions 0.102.0, 0.101.4 and prior could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to inefficient MIME parsing routines that result in extremely long scan times of specially formatted email files. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process to scan the crafted email file indefinitely, resulting in a denial of service condition. 2020-01-15 not yet calculated CVE-2019-15961
CISCO
CISCO
daum_communications — potplayer
 
PotPlayer 1.5.40688: .avi File Memory Corruption 2020-01-14 not yet calculated CVE-2013-7185
MISC
MISC
drupal — drupal
 
A Cross-Site Scripting vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table descriptions, field names, or labels before display. 2020-01-14 not yet calculated CVE-2011-2714
MISC
MISC
MISC
drupal — drupal
 
An SQL Injection vulnerability exists in Drupal 6.20 with Data 6.x-1.0-alpha14 due to insufficient sanitization of table names or column names. 2020-01-14 not yet calculated CVE-2011-2715
MISC
MISC
eclipse_foundation — eclipse_memory_analyzer
 
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting (XSS) vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump could be specially crafted, or could come from a crafted application or from an application processing malicious data. The vulnerability is present whena report is generated and opened from the Memory Analyzer graphical user interface, or when a report generated in batch mode is then opened in Memory Analyzer or by a web browser. The vulnerability could possibly allow code execution on the local system whenthe report is opened in Memory Analyzer. 2020-01-17 not yet calculated CVE-2019-17634
CONFIRM
eclipse_foundation — eclipse_memory_analyzer
 
Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a deserialization vulnerability if an index file of a parsed heap dump is replaced by a malicious version and the heap dump is reopened in Memory Analyzer. The user must chose to reopen an already parsed heap dump with an untrusted index for the problem to occur. The problem can be averted if the index files from an untrusted source are deleted and the heap dump is opened and reparsed. Also some local configuration data is subject to a deserialization vulnerability if the local data were to be replaced with a malicious version. This can be averted if the local configuration data stored on the file system cannot be changed by an attacker. The vulnerability could possibly allow code execution on the local system. 2020-01-17 not yet calculated CVE-2019-17635
CONFIRM
emc — replistor_server_service
 
EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker. 2020-01-15 not yet calculated CVE-2009-1120
MISC
MISC
ezhometech — ezserve
 
A Code Execution vulnerability exists in the memcpy function when processing AMF requests in Ezhometech EzServer 7.0, which could let a remote malicious user execute arbitrary code or cause a Denial of Service 2020-01-13 not yet calculated CVE-2012-4750
MISC
MISC
MISC
MISC
f5 — multiple_big-ip_products
 
On impacted versions and platforms the Trusted Platform Module (TPM) system integrity check cannot detect modifications to specific system components. This issue only impacts specific engineering hotfixes and platforms. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. The affected Engineering Hotfix builds are as follows: Hotfix-BIGIP-14.1.0.2.0.45.4-ENG Hotfix-BIGIP-14.1.0.2.0.62.4-ENG 2020-01-14 not yet calculated CVE-2020-5851
CONFIRM
f5 — multiple_big-ip_products
 
Undisclosed traffic patterns received may cause a disruption of service to the Traffic Management Microkernel (TMM). This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. This issue only impacts specific engineering hotfixes. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or maintenance releases you obtained from downloads.f5.com. The affected Engineering Hotfix builds are as follows: Hotfix-BIGIP-14.1.2.1.0.83.4-ENG Hotfix-BIGIP-12.1.4.1.0.97.6-ENG Hotfix-BIGIP-11.5.4.2.74.291-HF2 2020-01-14 not yet calculated CVE-2020-5852
CONFIRM
feldtech — easescreen
 
Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 allows Stored XSS via the Debug-Log and Display-Log components. This could be exploited when an attacker sends an crafted string for FTP authentication. 2020-01-17 not yet calculated CVE-2019-20003
MISC
MISC
ffmpeg — ffmpeg
 
Integer overflow in the get_len function in libavutil/lzo.c in FFmpeg before 0.10.14, 1.1.x before 1.1.12, 1.2.x before 1.2.7, 2.0.x before 2.0.5, 2.1.x before 2.1.5, and 2.2.x before 2.2.4 allows remote attackers to execute arbitrary code via a crafted Literal Run. 2020-01-14 not yet calculated CVE-2014-4610
MISC
MISC
MISC
foxit_software — foxit_pdf_reader An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. 2020-01-16 not yet calculated CVE-2019-5131
MISC
foxit_software — foxit_pdf_reader
 
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. 2020-01-16 not yet calculated CVE-2019-5145
MISC
foxit_software — foxit_pdf_reader
 
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. 2020-01-16 not yet calculated CVE-2019-5130
MISC
foxit_software — foxit_pdf_reader
 
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit PDF Reader, version 9.7.0.29435. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. 2020-01-16 not yet calculated CVE-2019-5126
MISC
free — freebox_os_web_interface
 
Freebox OS Web interface 3.0.2 has CSRF which can allow VPN user account creation 2020-01-13 not yet calculated CVE-2014-9382
MISC
MISC
MISC
freelancy — freelancy
 
Freelancy v1.0.0 allows remote command execution via the “file”:”data:application/x-php;base64 substring (in conjunction with “type”:”application/x-php”} to the /api/files/ URI. 2020-01-14 not yet calculated CVE-2020-5505
MISC
gallagher — command_centre_server
 
In Gallagher Command Centre Server versions of v8.10 prior to v8.10.1134(MR4), v8.00 prior to v8.00.1161(MR5), v7.90 prior to v7.90.991(MR5), v7.80 prior to v7.80.960(MR2) and v7.70 or earlier, an unprivileged but authenticated user is able to perform a backup of the Command Centre databases. 2020-01-17 not yet calculated CVE-2019-19801
CONFIRM
gallagher — command_centre_server
 
In Gallagher Command Centre Server v8.10 prior to v8.10.1134(MR4), v8.00 prior to v8.00.1161(MR5), v7.90 prior to v7.90.991(MR5), v7.80 prior to v7.80.960(MR2) and v7.70 or earlier, an authenticated user connecting to OPCUA can view all data that would be replicated in a multi-server setup without privilege checks being applied. 2020-01-17 not yet calculated CVE-2019-19802
CONFIRM
ge-emerson — pacsystems_rx3in/a
 
GE PACSystems RX3i CPE100/115: All versions prior to R9.85,CPE302/305/310/330/400/410: All versions prior to R9.90,CRU/320 All versions(End of Life) may allow an attacker sending specially manipulated packets to cause the module state to change to halt-mode, resulting in a denial-of-service condition. An operator must reboot the CPU module after removing battery or energy pack to recover from halt-mode. 2020-01-16 not yet calculated CVE-2019-13524
MISC
geutebruck — g-code_and_c-cam_ip_cameras
 
Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated user, using a specially crafted URL command, to execute commands as root. 2020-01-17 not yet calculated CVE-2019-10956
MISC
geutebruck — g-code_and_c-cam_ip_cameras
 
Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to network configuration to supply system commands to the server, leading to remote code execution as root. 2020-01-17 not yet calculated CVE-2019-10958
MISC
geutebruck — g-code_and_c-cam_ip_cameras
 
Geutebruck IP Cameras G-Code(EEC-2xxx), G-Cam(EBC-21xx/EFD-22xx/ETHC-22xx/EWPC-22xx): All versions 1.12.0.25 and prior may allow a remote authenticated attacker with access to event configuration to store malicious code on the server, which could later be triggered by a legitimate user resulting in code execution within the user?s browser. 2020-01-17 not yet calculated CVE-2019-10957
MISC
gitlab — gitlab_community_and_enterprise_edition
 
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 12.3 through 12.6.1. It allows Denial of Service. 2020-01-13 not yet calculated CVE-2019-20142
MISC
CONFIRM
gitlab — gitlab_community_and_enterprise_edition
 
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 10.8 through 12.6.1. It has Incorrect Access Control. 2020-01-13 not yet calculated CVE-2019-20144
MISC
CONFIRM
gitlab — gitlab_community_and_enterprise_edition
 
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12.6.1. It has Incorrect Access Control. 2020-01-13 not yet calculated CVE-2020-5197
MISC
CONFIRM
gitlab — gitlab_community_and_enterprise_edition
 
An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 12.6. It has Incorrect Access Control. 2020-01-13 not yet calculated CVE-2019-20143
MISC
CONFIRM
gitlab — gitlab_enterprise_edition
 
An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. Using the project import feature, it was possible for someone to obtain issues from private projects. 2020-01-13 not yet calculated CVE-2020-6832
MISC
CONFIRM
google — android
 
A website running in the InAppBrowser webview on Android could execute arbitrary JavaScript in the main application’s webview using a specially crafted gap-iab: URI. 2020-01-14 not yet calculated CVE-2019-0219
MLIST
MLIST
google — chrome Use after free in media picker in Google Chrome prior to 79.0.3945.88 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. 2020-01-10 not yet calculated CVE-2019-13767
SUSE
MISC
MISC
FEDORA
google — chrome
 
Inappropriate implementation in WebRTC in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. 2020-01-14 not yet calculated CVE-2019-13722
MISC
MISC
granding_technology — grand_ma_300
 
Grand MA 300 allows retrieval of the access PIN from sniffed data. 2020-01-13 not yet calculated CVE-2014-5380
MISC
MISC
MISC
MISC
hikvision — dvr_ds-7204hghi-f1_devices
 
Hikvision DVR DS-7204HGHI-F1 V4.0.1 build 180903 Web Version sends a different response for failed ISAPI/Security/sessionLogin/capabilities login attempts depending on whether the user account exists, which might make it easier to enumerate users. However, only about 4 or 5 failed logins are allowed. 2020-01-14 not yet calculated CVE-2020-7057
MISC
hpe — enhanced_internet_usage_manager
 
A potential security vulnerability has been identified in HPE enhanced Internet Usage Manager (eIUM) versions 8.3 and 9.0. The vulnerability could be used for unauthorized access to information via cross site scripting. HPE has made the following software updates to resolve the vulnerability in eIUM. The eIUM 8.3 FP01 customers are advised to install eIUM83FP01Patch_QXCR1001711284.20190806-1244 patch. The eIUM 9.0 customers are advised to upgrade to eIUM 9.0 FP02 PI5 or later versions. For other versions, please, contact the product support. 2020-01-16 not yet calculated CVE-2019-11997
CONFIRM
hpe — superdome_flex_server
 
HPE Superdome Flex Server is vulnerable to multiple remote vulnerabilities via improper input validation of administrator commands. This vulnerability could allow an Administrator to bypass security restrictions and access multiple remote vulnerabilities including information disclosure, or denial of service. HPE has provided firmware updates that address the above vulnerabilities for the HPE Superdome Flex Server starting with firmware version v3.20.186 (not available online) and v3.20.206 (available online). Apply v3.20.206 (4 December 2019) or a newer version to resolve this issue. Please visit HPE Support Center https://support.hpe.com/hpesc/public/home to obtain the updated firmware for your product. 2020-01-16 not yet calculated CVE-2019-11998
CONFIRM
huawei — p2_devices
 
cn.wps.moffice.common.beans.print.CloudPrintWebView in Kingsoft Office 5.3.1, as used in Huawei P2 devices before V100R001C00B043, falls back to HTTP when the HTTPS connection to the registry fails, which allows man-in-the-middle attackers to conduct downgrade attacks and execute arbitrary Java code by leveraging a network position between the client and the registry to block HTTPS traffic. 2020-01-14 not yet calculated CVE-2014-2271
MISC
MISC
MISC
MISC
MISC
identitypython — pysaml2
 
PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus signature wrapping is effective, i.e., it is affected by XML Signature Wrapping (XSW). The signature information and the node/object that is signed can be in different places and thus the signature verification will succeed, but the wrong data will be used. This specifically affects the verification of assertion that have been signed. 2020-01-13 not yet calculated CVE-2020-5390
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
innovative_interfaces — sierra_library_services_platform
 
Innovative Interfaces Sierra Library Services Platform 1.2_3 does not properly handle query strings with multiple instances of the same parameter, which allows remote attackers to bypass parameter validation via unspecified vectors, possibly related to the Webpac Pro submodule. 2020-01-14 not yet calculated CVE-2014-5138
MISC
intel — chipset_device_software_inf_utility
 
Improper access control in the installer for Intel(R) Chipset Device Software INF Utility before version 10.1.18 may allow an authenticated user to potentially enable denial of service via local access. 2020-01-17 not yet calculated CVE-2019-14596
CONFIRM
intel — daal
 
Improper permissions in Intel(R) DAAL before version 2020 Gold may allow an authenticated user to potentially enable information disclosure via local access. 2020-01-17 not yet calculated CVE-2019-14629
CONFIRM
intel — multiple_processors
 
Insufficient control flow in certain data structures for some Intel(R) Processors with Intel(R) Processor Graphics may allow an unauthenticated user to potentially enable information disclosure via local access. 2020-01-17 not yet calculated CVE-2019-14615
CONFIRM
intel — rwc_3_for_windows
 
Improper permissions in the installer for Intel(R) RWC 3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access. 2020-01-17 not yet calculated CVE-2019-14601
CONFIRM
intel — snmp_subagent_stand-alone_for_windows
 
Uncontrolled search path element in the installer for Intel(R) SNMP Subagent Stand-Alone for Windows* may allow an authenticated user to potentially enable escalation of privilege via local access. 2020-01-17 not yet calculated CVE-2019-14600
CONFIRM
intel — vtune_amplifier_for_windows
 
Improper access control in driver for Intel(R) VTune(TM) Amplifier for Windows* before update 8 may allow an authenticated user to potentially enable escalation of privilege via local access. 2020-01-17 not yet calculated CVE-2019-14613
CONFIRM
intelbras — wrn240_devices
 
Intelbras WRN240 devices do not require authentication to replace the firmware via a POST request to the incoming/Firmware.cfg URI. 2020-01-17 not yet calculated CVE-2019-19142
MISC
jenkins — jenkins

 

XML external entity (XXE) vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via a crafted XML document. 2020-01-15 not yet calculated CVE-2015-1811
MISC
CONFIRM
jenkins — jenkins
 
Jenkins Redgate SQL Change Automation Plugin 2.0.4 and earlier stored an API key unencrypted in job config.xml files on the Jenkins master where they could be viewed by users with Extended Read permission, or access to the master file system. 2020-01-15 not yet calculated CVE-2020-2095
CONFIRM
jenkins — jenkins
 
A cross-site request forgery vulnerability in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers to send an email with fixed content to an attacker-specified recipient. 2020-01-15 not yet calculated CVE-2020-2093
CONFIRM
jenkins — jenkins
 
A missing permission check in Jenkins Health Advisor by CloudBees Plugin 3.0 and earlier allows attackers with Overall/Read permission to send a fixed email to an attacker-specific recipient. 2020-01-15 not yet calculated CVE-2020-2094
CONFIRM
jenkins — jenkins
 
XML external entity (XXE) vulnerability in CloudBees Jenkins before 1.600 and LTS before 1.596.1 allows remote attackers to read arbitrary XML files via an XPath query. 2020-01-15 not yet calculated CVE-2015-1809
MISC
MISC
jenkins — jenkins
 
A cross-site request forgery vulnerability in Jenkins Sounds Plugin 0.5 and earlier allows attacker to execute arbitrary OS commands as the OS user account running Jenkins. 2020-01-15 not yet calculated CVE-2020-2098
CONFIRM
jenkins — jenkins
 
Jenkins Robot Framework Plugin 2.0.0 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks, allowing users with Job/Configure to have Jenkins parse crafted XML documents. 2020-01-15 not yet calculated CVE-2020-2092
CONFIRM
jenkins — jenkins
 
Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the build_now endpoint, resulting in a reflected XSS vulnerability. 2020-01-15 not yet calculated CVE-2020-2096
MISC
MLIST
CONFIRM
jenkins — jenkins
 
Jenkins Sounds Plugin 0.5 and earlier does not perform permission checks in URLs performing form validation, allowing attackers with Overall/Read access to execute arbitrary OS commands as the OS user account running Jenkins. 2020-01-15 not yet calculated CVE-2020-2097
CONFIRM
jenkins — jenkins
 
A missing permission check in Jenkins Amazon EC2 Plugin 1.47 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL within the AWS region using attacker-specified credentials IDs obtained through another method. 2020-01-15 not yet calculated CVE-2020-2091
CONFIRM
joomla! — joomla! Joomla! before 2.5.3 allows Admin Account Creation. 2020-01-15 not yet calculated CVE-2012-1563
MISC
MISC
MISC
joomla! — joomla!
 
Joomla! core before 2.5.3 allows unauthorized password change. 2020-01-15 not yet calculated CVE-2012-1562
MISC
MISC
joomla! — joomla!
 
Joomla! 1.5x through 1.5.12: Missing JEXEC Check 2020-01-15 not yet calculated CVE-2011-4907
MISC
MISC
juniper_networks — junos_os Specific IPv6 packets sent by clients processed by the Routing Engine (RE) are improperly handled. These IPv6 packets are designed to be blocked by the RE from egressing the RE. Instead, the RE allows these specific IPv6 packets to egress the RE, at which point a mbuf memory leak occurs within the Juniper Networks Junos OS device. This memory leak eventually leads to a kernel crash (vmcore), or the device hanging and requiring a power cycle to restore service, creating a Denial of Service (DoS) condition. During the time where mbufs are rising, yet not fully filled, some traffic from client devices may begin to be black holed. To be black holed, this traffic must match the condition where this traffic must be processed by the RE. Continued receipt and attempted egress of these specific IPv6 packets from the Routing Engine (RE) will create an extended Denial of Service (DoS) condition. Scenarios which have been observed are: 1. In a single chassis, single RE scenario, the device will hang without vmcore, or a vmcore may occur and then hang. In this scenario the device needs to be power cycled. 2. In a single chassis, dual RE scenario, the device master RE will fail over to the backup RE. In this scenario, the master and the backup REs need to be reset from time to time when they vmcore. There is no need to power cycle the device. 3. In a dual chassis, single RE scenario, the device will hang without vmcore, or a vmcore may occur and then hang. In this scenario, the two chassis’ design relies upon some type of network level redundancy – VRRP, GRES, NSR, etc. – 3.a In a commanded switchover, where nonstop active routing (NSR) is enabled no session loss is observed. 4. In a dual chassis, dual chassis scenario, rely upon the RE to RE failover as stated in the second scenario. In the unlikely event that the device does not switch RE to RE gracefully, then the fallback position is to the network level services scenario in the third scenario. This issue affects: Juniper Networks Junos OS 16.1 versions prior to 16.1R7-S6; 16.1 version 16.1X70-D10 and later; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S6; 17.4 versions prior to 17.4R2-S9, 17.4R3; 18.1 versions prior to 18.1R3-S7; 18.2 versions prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D50, 18.2X75-D410; 18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3; 18.4 versions prior to 18.4R1-S6, 18.4R2-S2, 18.4R3; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2. This issue does not affect releases prior to Junos OS 16.1R1. 2020-01-15 not yet calculated CVE-2020-1603
CONFIRM
MISC
juniper_networks — junos_os When a device using Juniper Network’s Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may remotely take over the code execution of the JDHDCP process. This issue affect IPv4 JDHCPD services. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D592; 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S6; 17.4 versions prior to 17.4R2-S7, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D60; 18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S3, 19.2R2*. and All versions prior to 19.3R1 on Junos OS Evolved. This issue do not affect versions of Junos OS prior to 15.1, or JDHCPD operating as a local server in non-relay mode. 2020-01-15 not yet calculated CVE-2020-1602
CONFIRM
MISC
juniper_networks — junos_os
 
On EX4300, EX4600, QFX3500, and QFX5100 Series, a vulnerability in the IP firewall filter component may cause the firewall filter evaluation of certain packets to fail. This issue only affects firewall filter evaluation of certain packets destined to the device Routing Engine (RE). This issue does not affect the Layer 2 firewall filter evaluation nor does it affect the Layer 3 firewall filter evaluation destined to connected hosts. This issue may occur when evaluating both IPv4 or IPv6 packets. This issue affects Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D12 on QFX5100 Series and EX4600 Series; 14.1X53 versions prior to 14.1X53-D52 on QFX3500 Series; 14.1X53 versions prior to 14.1X53-D48 on EX4300 Series; 15.1 versions prior to 15.1R7-S3 on EX4300 Series; 16.1 versions prior to 16.1R7 on EX4300 Series; 17.1 versions prior to 17.1R3 on EX4300 Series; 17.2 versions prior to 17.2R3 on EX4300 Series; 17.3 versions prior to 17.3R2-S5, 17.3R3 on EX4300 Series; 17.4 versions prior to 17.4R2 on EX4300 Series; 18.1 versions prior to 18.1R3 on EX4300 Series; 18.2 versions prior to 18.2R2 on EX4300 Series. 2020-01-15 not yet calculated CVE-2020-1604
CONFIRM
juniper_networks — junos_os
 
Juniper Junos OS 13.2 before 13.2R5, 13.2X51, 13.2X52, and 13.3 before 13.3R3 allow local users to bypass intended restrictions and execute arbitrary Python code via vectors involving shell access. 2020-01-15 not yet calculated CVE-2014-6448
CONFIRM
juniper_networks — junos_os
 
A path traversal vulnerability in the Juniper Networks Junos OS device may allow an authenticated J-web user to read files with ‘world’ readable permission and delete files with ‘world’ writeable permission. This issue does not affect system files that can be accessed only by root user. This issue affects Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S13; 12.3X48 versions prior to 12.3X48-D85 on SRX Series; 14.1X53 versions prior to 14.1X53-D51; 15.1F6 versions prior to 15.1F6-S13; 15.1 versions prior to 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110 Series; 16.1 versions prior to 16.1R4-S13, 16.1R7-S5; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R3-S2; 17.3 versions prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions prior to 17.4R2-S9, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3; 18.3 versions prior to 18.3R2-S3, 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S4, 19.1R2. 2020-01-15 not yet calculated CVE-2020-1606
CONFIRM
juniper_networks — junos_os
 
Certain types of malformed Path Computation Element Protocol (PCEP) packets when received and processed by a Juniper Networks Junos OS device serving as a Path Computation Client (PCC) in a PCEP environment using Juniper’s path computational element protocol daemon (pccd) process allows an attacker to cause the pccd process to crash and generate a core file thereby causing a Denial of Service (DoS). Continued receipt of this family of malformed PCEP packets will cause an extended Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S13, 15.1R7-S4; 15.1X49 versions prior to 15.1X49-D180 on SRX Series; 15.1X53 versions prior to 15.1X53-D238, 15.1X53-D496, 15.1X53-D592; 16.1 versions prior to 16.1R7-S4; 16.2 versions prior to 16.2R2-S9; 17.1 versions prior to 17.1R2-S11, 17.1R3; 17.2 versions prior to 17.2R1-S9; 17.2 version 17.2R2 and later prior to 17.2R3-S2; 17.3 versions prior to 17.3R3-S3; 17.4 versions prior to 17.4R2-S2, 17.4R3; 18.1 versions prior to 18.1R3-S2; 18.2 versions prior to 18.2R2-S6, 18.2R3; 18.2X75 versions prior to 18.2X75-D40; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R1-S2, 18.4R2. This issue does not affect releases of Junos OS prior to 15.1R1. 2020-01-15 not yet calculated CVE-2020-1601
CONFIRM
MISC
juniper_networks — junos_os
 
Insufficient Cross-Site Scripting (XSS) protection in J-Web may potentially allow a remote attacker to inject web script or HTML, hijack the target user’s J-Web session and perform administrative actions on the Junos device as the targeted user. This issue affects Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S15; 12.3X48 versions prior to 12.3X48-D86, 12.3X48-D90 on SRX Series; 14.1X53 versions prior to 14.1X53-D51 on EX and QFX Series; 15.1F6 versions prior to 15.1F6-S13; 15.1 versions prior to 15.1R7-S5; 15.1X49 versions prior to 15.1X49-D181, 15.1X49-D190 on SRX Series; 15.1X53 versions prior to 15.1X53-D238 on QFX5200/QFX5110 Series; 15.1X53 versions prior to 15.1X53-D592 on EX2300/EX3400 Series; 16.1 versions prior to 16.1R4-S13, 16.1R7-S5; 16.2 versions prior to 16.2R2-S10; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R1-S9, 17.2R3-S2; 17.3 versions prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions prior to 17.4R2-S6, 17.4R3; 18.1 versions prior to 18.1R3-S7; 18.2 versions prior to 18.2R2-S5, 18.2R3; 18.3 versions prior to 18.3R1-S6, 18.3R2-S1, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2; 19.1 versions prior to 19.1R1-S2, 19.1R2. 2020-01-15 not yet calculated CVE-2020-1607
CONFIRM
juniper_networks — junos_os
 
Receipt of a specific MPLS or IPv6 packet on the core facing interface of an MX Series device configured for Broadband Edge (BBE) service may trigger a kernel crash (vmcore), causing the device to reboot. The issue is specific to the processing of packets destined to BBE clients connected to MX Series subscriber management platforms. This issue affects MX Series running Juniper Networks Junos OS: 17.2 versions starting from17.2R2-S6, 17.2R3 and later releases, prior to 17.2R3-S3; 17.3 versions starting from 17.3R2-S4, 17.3R3-S2 and later releases, prior to 17.3R2-S5, 17.3R3-S5; 17.4 versions starting from 17.4R2 and later releases, prior to 17.4R2-S7,17.4R3; 18.1 versions starting from 18.1R2-S3, 18.1R3 and later releases, prior to 18.1R3-S6; 18.2 versions starting from18.2R1-S1, 18.2R2 and later releases, prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D51, 18.2X75-D60; 18.3 versions prior to 18.3R3; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2. This issue does not affect Juniper Networks Junos OS versions prior to 17.2R2-S6. 2020-01-15 not yet calculated CVE-2020-1608
CONFIRM
juniper_networks — junos_os
 
When a device using Juniper Network’s Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv4 packets who may then arbitrarily execute commands as root on the target device. This issue affects IPv4 JDHCPD services. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D592; 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S6; 17.4 versions prior to 17.4R2-S7, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D60; 18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S3, 19.2R2*. and All versions prior to 19.3R1 on Junos OS Evolved. This issue do not affect versions of Junos OS prior to 15.1, or JDHCPD operating as a local server in non-relay mode. 2020-01-15 not yet calculated CVE-2020-1605
CONFIRM
MISC
juniper_networks — junos_os
 
In a Point-to-Multipoint (P2MP) Label Switched Path (LSP) scenario, an uncontrolled resource consumption vulnerability in the Routing Protocol Daemon (RPD) in Juniper Networks Junos OS allows a specific SNMP request to trigger an infinite loop causing a high CPU usage Denial of Service (DoS) condition. This issue affects both SNMP over IPv4 and IPv6. This issue affects: Juniper Networks Junos OS: 12.3X48 versions prior to 12.3X48-D90; 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D238, 15.1X53-D592; 16.1 versions prior to 16.1R7-S5; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R3-S1; 17.2 versions prior to 17.2R3-S2; 17.3 versions prior to 17.3R3-S7; 17.4 versions prior to 17.4R2-S4, 17.4R3; 18.1 versions prior to 18.1R3-S5; 18.2 versions prior to 18.2R3; 18.2X75 versions prior to 18.2X75-D50; 18.3 versions prior to 18.3R2; 18.4 versions prior to 18.4R2; 19.1 versions prior to 19.1R2. 2020-01-15 not yet calculated CVE-2020-1600
CONFIRM
MISC
juniper_networks — junos_os
 
When a device using Juniper Network’s Dynamic Host Configuration Protocol Daemon (JDHCPD) process on Junos OS or Junos OS Evolved which is configured in relay mode it vulnerable to an attacker sending crafted IPv6 packets who may then arbitrarily execute commands as root on the target device. This issue affects IPv6 JDHCPD services. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S6; 15.1X49 versions prior to 15.1X49-D200; 15.1X53 versions prior to 15.1X53-D592; 16.1 versions prior to 16.1R7-S6; 16.2 versions prior to 16.2R2-S11; 17.1 versions prior to 17.1R2-S11, 17.1R3-S1; 17.2 versions prior to 17.2R2-S8, 17.2R3-S3; 17.3 versions prior to 17.3R3-S6; 17.4 versions prior to 17.4R2-S7, 17.4R3; 18.1 versions prior to 18.1R3-S8; 18.2 versions prior to 18.2R3-S2; 18.2X75 versions prior to 18.2X75-D60; 18.3 versions prior to 18.3R1-S6, 18.3R2-S2, 18.3R3; 18.4 versions prior to 18.4R1-S5, 18.4R2-S3, 18.4R3; 19.1 versions prior to 19.1R1-S3, 19.1R2; 19.2 versions prior to 19.2R1-S3, 19.2R2*. and All versions prior to 19.3R1 on Junos OS Evolved. This issue do not affect versions of Junos OS prior to 15.1, or JDHCPD operating as a local server in non-relay mode. 2020-01-15 not yet calculated CVE-2020-1609
CONFIRM
MISC
juniper_networks — junos_space
 
A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets. This issue affects: Juniper Networks Junos Space versions prior to 19.4R1. 2020-01-15 not yet calculated CVE-2020-1611
MISC
MISC
kitty — kitty_portable
 
Buffer overflow in the chat server in KiTTY Portable 0.65.0.2p and earlier allows remote attackers to execute arbitrary code via a long nickname. 2020-01-15 not yet calculated CVE-2015-7874
MISC
libav — libav
 
Integer overflow in the get_len function in libavutil/lzo.c in Libav before 0.8.13, 9.x before 9.14, and 10.x before 10.2 allows remote attackers to execute arbitrary code via a crafted Literal Run. 2020-01-14 not yet calculated CVE-2014-4609
MISC
MISC
MISC
libmysofa — libmysofa
 
libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute. 2020-01-13 not yet calculated CVE-2020-6860
MISC
libraw — libraw
 
Array index error in smal_decode_segment function in LibRaw before 0.17.1 allows context-dependent attackers to cause memory errors and possibly execute arbitrary code via vectors related to indexes. 2020-01-14 not yet calculated CVE-2015-8366
MISC
MISC
MISC
libraw — libraw
 
The phase_one_correct function in Libraw before 0.17.1 allows attackers to cause memory errors and possibly execute arbitrary code, related to memory object initialization. 2020-01-14 not yet calculated CVE-2015-8367
MISC
MISC
MISC
linux — linux_kernel In the Linux kernel 4.14 longterm through 4.14.165 and 4.19 longterm through 4.19.96 (and 5.x before 5.2), there is a use-after-free (write) in the i915_ppgtt_close function in drivers/gpu/drm/i915/i915_gem_gtt.c, aka CID-7dc40713618c. This is related to i915_gem_context_destroy_ioctl in drivers/gpu/drm/i915/i915_gem_context.c. 2020-01-14 not yet calculated CVE-2020-7053
CONFIRM
MISC
MISC
MISC
linux — linux_kernel The Linux kernel before 2.4.36-rc1 has a race condition. It was possible to bypass systrace policies by flooding the ptraced process with SIGCONT signals, which can can wake up a PTRACED process. 2020-01-15 not yet calculated CVE-2007-4774
MISC
MISC
linux — linux_kernel
 
The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. This occurs because the auto flowlabel of a UDP IPv6 packet relies on a 32-bit hashmd value as a secret, and because jhash (instead of siphash) is used. The hashmd value remains the same starting from boot time, and can be inferred by an attacker. This affects net/core/flow_dissector.c and related code. 2020-01-16 not yet calculated CVE-2019-18282
MISC
CONFIRM
maarch_labs — maarchrm An issue was discovered in Maarch RM before 2.5. A privilege escalation vulnerability allows an authenticated user with lowest privileges to give herself highest administration privileges via a crafted PUT request to an unauthorized resource. 2020-01-17 not yet calculated CVE-2019-15854
CONFIRM
maarch_labs — maarchrm
 
An issue was discovered in Maarch RM before 2.5. A path traversal vulnerability allows an unauthenticated remote attacker to overwrite any files with a crafted POST request if the default installation procedure was followed. This results in a permanent Denial of Service. 2020-01-17 not yet calculated CVE-2019-15855
CONFIRM
magento — magento_community_and_enterprise_edition
 
The create function in app/code/core/Mage/Catalog/Model/Product/Api/V2.php in Magento Community Edition (CE) before 1.9.2.1 and Enterprise Edition (EE) before 1.14.2.1, when used with PHP before 5.4.24 or 5.5.8, allows remote authenticated users to execute arbitrary PHP code via the productData parameter to index.php/api/v2_soap. 2020-01-15 not yet calculated CVE-2015-6497
MISC
MISC
MISC
MISC
MISC
microsoft — .net_core_and_.net_framework
 
A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka ‘.NET Framework Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-0606. 2020-01-14 not yet calculated CVE-2020-0605
N/A
microsoft — dynamics_365_field_service A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka ‘Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability’. 2020-01-14 not yet calculated CVE-2020-0656
N/A
microsoft — multiple_windows_products
 
An information disclosure vulnerability exists in the Windows Common Log File System (CLFS) driver when it fails to properly handle objects in memory, aka ‘Windows Common Log File System Driver Information Disclosure Vulnerability’. This CVE ID is unique from CVE-2020-0615. 2020-01-14 not yet calculated CVE-2020-0639
N/A
microsoft — multiple_windows_products
 
A denial of service vulnerability exists when Microsoft Hyper-V Virtual PCI on a host server fails to properly validate input from a privileged user on a guest operating system, aka ‘Hyper-V Denial of Service Vulnerability’. 2020-01-14 not yet calculated CVE-2020-0617
N/A
microsoft — office_365_proplus
 
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka ‘Microsoft Excel Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2020-0650, CVE-2020-0651. 2020-01-14 not yet calculated CVE-2020-0653
N/A
microsoft — office_online_server
 
A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications correctly, aka ‘Microsoft Office Online Spoofing Vulnerability’. 2020-01-14 not yet calculated CVE-2020-0647
N/A
microsoft — one_drive_for_android
 
A security feature bypass vulnerability exists in Microsoft OneDrive App for Android.This could allow an attacker to bypass the passcode or fingerprint requirements of the App.The security update addresses the vulnerability by correcting the way Microsoft OneDrive App for Android handles sharing links., aka ‘Microsoft OneDrive for Android Security Feature Bypass Vulnerability’. 2020-01-14 not yet calculated CVE-2020-0654
N/A
microsoft — windows_10_and_windows_server An elevation of privilege vulnerability exists in the way that the Windows Subsystem for Linux handles files, aka ‘Windows Subsystem for Linux Elevation of Privilege Vulnerability’. 2020-01-14 not yet calculated CVE-2020-0636
N/A
microsoft — windows_10_and_windows_server_2019
 
A vulnerability in Microsoft Windows 10 1803 and Windows Server 2019 and later systems can allow authenticated RDP-connected clients to gain access to user sessions without needing to interact with the Windows lock screen. Should a network anomaly trigger a temporary RDP disconnect, Automatic Reconnection of the RDP session will be restored to an unlocked state, regardless of how the remote system was left. By interrupting network connectivity of a system, an attacker with access to a system being used as a Windows RDP client can gain access to a connected remote system, regardless of whether or not the remote system was locked. This issue affects Microsoft Windows 10, version 1803 and later, and Microsoft Windows Server 2019, version 2019 and later. 2020-01-15 not yet calculated CVE-2019-9510
MISC
MISC
MISC
CERT-VN
microsoft — windows_server_2016_and_2019
 
A denial of service vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an attacker connects to the target system using RDP and sends specially crafted requests, aka ‘Windows Remote Desktop Gateway (RD Gateway) Denial of Service Vulnerability’. 2020-01-14 not yet calculated CVE-2020-0612
N/A
mikrotik — winbox
 
MikroTik Winbox 3.20 and below is vulnerable to man in the middle attacks. A man in the middle can downgrade the client’s authentication protocol and recover the user’s username and MD5 hashed password. 2020-01-14 not yet calculated CVE-2019-3981
MISC
mz_automation — libiec61850
 
MmsValue_decodeMmsData in mms/iso_mms/server/mms_access_result.c in libIEC61850 through 1.4.0 has a heap-based buffer overflow when parsing the MMS_BIT_STRING data type. 2020-01-14 not yet calculated CVE-2020-7054
MISC
national_security_agency — ghidra
 
An XXE vulnerability in JnlpSupport in Yet Another Java Service Wrapper (YAJSW) 12.14, as used in NSA Ghidra and other products, allows attackers to exfiltrate data from remote hosts and potentially cause denial-of-service. 2020-01-14 not yet calculated CVE-2020-6958
MISC
MISC
MISC
nitro_software — nitro_pdf
 
Nitro PDF 8.5.0.26: A specially crafted DLL file can facilitate Arbitrary Code Execution 2020-01-14 not yet calculated CVE-2013-2773
MISC
node.js — node.js
 
grammar-parser.jison in the hot-formula-parser package before 3.0.1 for Node.js is vulnerable to arbitrary code injection. The package fails to sanitize values passed to the parse function and concatenates them in an eval call. If a value of the formula is taken from user-controlled input, it may allow attackers to run arbitrary commands on the server. 2020-01-11 not yet calculated CVE-2020-6836
MISC
MISC
norton — power_eraser
 
Norton Power Eraser, prior to 5.3.0.67, may be susceptible to a privilege escalation vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevated access to resources that are normally protected from an application or user. 2020-01-14 not yet calculated CVE-2019-19548
CONFIRM
open-xchange — appsuite
 
XML external entity (XXE) vulnerability in Open-Xchange (OX) AppSuite before 7.4.2-rev11 and 7.6.x before 7.6.0-rev9 allows remote attackers to read arbitrary files and possibly other unspecified impact via a crafted OpenDocument Text document. 2020-01-14 not yet calculated CVE-2014-5238
MISC
MISC
MISC
oracle — application_testing_suite
 
Vulnerability in the Oracle Application Testing Suite product of Oracle Enterprise Manager (component: Oracle Flow Builder). Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Application Testing Suite. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Application Testing Suite accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). 2020-01-15 not yet calculated CVE-2020-2673
MISC
oracle — autovue
 
Vulnerability in the Oracle AutoVue product of Oracle Supply Chain (component: Security). The supported version that is affected is 12.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle AutoVue. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle AutoVue accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). 2020-01-15 not yet calculated CVE-2020-2592
MISC
oracle — coherence
 
Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Caching,CacheStore,Invocation). Supported versions that are affected are 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H). 2020-01-15 not yet calculated CVE-2020-2555
MISC
oracle — database_server Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via multiple protocols to compromise Java VM. Successful attacks of this vulnerability can result in takeover of Java VM. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H). 2020-01-15 not yet calculated CVE-2020-2518
MISC
oracle — database_server
 
Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via OracleNet to compromise Database Gateway for ODBC. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Database Gateway for ODBC. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H). 2020-01-15 not yet calculated CVE-2020-2512
MISC
oracle — database_server
 
Vulnerability in the Oracle Applications DBA component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle Applications DBA executes to compromise Oracle Applications DBA. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications DBA accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Applications DBA. CVSS 3.0 Base Score 3.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L). 2020-01-15 not yet calculated CVE-2020-2569
MISC
oracle — database_server
 
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows unauthenticated attacker with network access via OracleNet to compromise Core RDBMS. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Core RDBMS. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H). 2020-01-15 not yet calculated CVE-2020-2510
MISC
oracle — database_server
 
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via OracleNet to compromise Core RDBMS. While the vulnerability is in Core RDBMS, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Core RDBMS. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H). 2020-01-15 not yet calculated CVE-2020-2511
MISC
oracle — database_server
 
Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows low privileged attacker having Create Session privilege with network access via OracleNet to compromise Database Gateway for ODBC. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Database Gateway for ODBC accessible data as well as unauthorized read access to a subset of Database Gateway for ODBC accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Database Gateway for ODBC. CVSS 3.0 Base Score 5.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L). 2020-01-15 not yet calculated CVE-2020-2515
MISC
oracle — database_server
 
Vulnerability in the Database Gateway for ODBC component of Oracle Database Server. Supported versions that are affected are 12.2.0.1, 18c and 19c. Difficult to exploit vulnerability allows high privileged attacker having Create Procedure, Create Database Link privilege with network access via OracleNet to compromise Database Gateway for ODBC. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Database Gateway for ODBC accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Database Gateway for ODBC. CVSS 3.0 Base Score 3.3 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:L). 2020-01-15 not yet calculated CVE-2020-2517
MISC
oracle — database_server
 
Vulnerability in the Oracle Applications DBA component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows low privileged attacker having Local Logon privilege with logon to the infrastructure where Oracle Applications DBA executes to compromise Oracle Applications DBA. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications DBA accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Applications DBA. CVSS 3.0 Base Score 3.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L). 2020-01-15 not yet calculated CVE-2020-2568
MISC
oracle — database_server
 
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Index, Create Table privilege with network access via OracleNet to compromise Core RDBMS. While the vulnerability is in Core RDBMS, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Core RDBMS accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N). 2020-01-15 not yet calculated CVE-2020-2527
MISC
oracle — database_server
 
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1, 18c and 19c. Easily exploitable vulnerability allows high privileged attacker having Create Materialized View, Create Table privilege with network access via OracleNet to compromise Core RDBMS. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Core RDBMS accessible data. CVSS 3.0 Base Score 2.4 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2516
MISC
oracle — demantra_demand_management
 
Vulnerability in the Oracle Demantra Demand Management product of Oracle Supply Chain (component: Security). Supported versions that are affected are 12.2.4, 12.2.4.1, 12.2.5 and 12.2.5.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Demantra Demand Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Demantra Demand Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Demantra Demand Management accessible data. CVSS 3.0 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2557
MISC
oracle — enterprise_manager_for_fusion_middleware
 
Vulnerability in the Enterprise Manager for Fusion Middleware product of Oracle Enterprise Manager (component: APM Mesh). Supported versions that are affected are 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager for Fusion Middleware. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager for Fusion Middleware accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager for Fusion Middleware accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager for Fusion Middleware. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 not yet calculated CVE-2020-2614
MISC
oracle — enterprise_manager_for_oracle_database
 
Vulnerability in the Enterprise Manager for Oracle Database product of Oracle Enterprise Manager (component: Change Manager – web based). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager for Oracle Database. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager for Oracle Database accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager for Oracle Database accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager for Oracle Database. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 not yet calculated CVE-2020-2637
MISC
oracle — enterprise_manager_for_oracle_database
 
Vulnerability in the Enterprise Manager for Oracle Database product of Oracle Enterprise Manager (component: Discovery Framework). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager for Oracle Database. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager for Oracle Database accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager for Oracle Database accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager for Oracle Database. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 not yet calculated CVE-2020-2641
MISC
oracle — enterprise_manager_for_oracle_database
 
Vulnerability in the Enterprise Manager for Oracle Database product of Oracle Enterprise Manager (component: Target Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager for Oracle Database. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager for Oracle Database accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager for Oracle Database accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager for Oracle Database. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 not yet calculated CVE-2020-2640
MISC
oracle — enterprise_manager_for_oracle_database
 
Vulnerability in the Enterprise Manager for Oracle Database product of Oracle Enterprise Manager (component: Enterprise Config Management). Supported versions that are affected are 12.1.0.5, 13.2.0.0 and 13.3.0.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Enterprise Manager for Oracle Database. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Enterprise Manager for Oracle Database accessible data as well as unauthorized update, insert or delete access to some of Enterprise Manager for Oracle Database accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Enterprise Manager for Oracle Database. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:L). 2020-01-15 not yet calculated CVE-2020-2638
MISC
oracle — field_service
 
Vulnerability in the Oracle Field Service product of Oracle E-Business Suite (component: Wireless). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Field Service. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Field Service, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Field Service accessible data as well as unauthorized read access to a subset of Oracle Field Service accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2603
MISC
oracle — financial_close_management
 
Vulnerability in the Hyperion Financial Close Management product of Oracle Hyperion (component: Close Manager). The supported version that is affected is 11.1.2.4. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Hyperion Financial Close Management. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Hyperion Financial Close Management accessible data. CVSS 3.0 Base Score 4.2 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:R/S:U/C:N/I:H/A:N). 2020-01-15 not yet calculated CVE-2020-2563
MISC
oracle — financial_sercies_analytical_applicaitons_infrastructure
 
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure product of Oracle Financial Services Applications (component: Object Migration). Supported versions that are affected are 8.0.4-8.0.8. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Analytical Applications Infrastructure. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Financial Services Analytical Applications Infrastructure accessible data as well as unauthorized update, insert or delete access to some of Oracle Financial Services Analytical Applications Infrastructure accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2688
MISC
oracle — graalvm_enterprise_edition

 

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). The supported version that is affected is 19.3.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM Enterprise Edition. While the vulnerability is in Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GraalVM Enterprise Edition accessible data. CVSS 3.0 Base Score 5.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N). 2020-01-15 not yet calculated CVE-2020-2595
MISC
oracle — graalvm_enterprise_edition
 
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: Java). The supported version that is affected is 19.3.0.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle GraalVM Enterprise Edition. Note: GraalVM Enterprise 19.3 and above includes both Java SE 8 and Java SE 11. CVSS 3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). 2020-01-15 not yet calculated CVE-2020-2604
REDHAT
REDHAT
MISC
oracle — graalvm_enterprise_edition
 
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: LLVM Interpreter). The supported version that is affected is 19.3.0.2. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle GraalVM Enterprise Edition executes to compromise Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GraalVM Enterprise Edition. CVSS 3.0 Base Score 4.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). 2020-01-15 not yet calculated CVE-2020-2581
MISC
oracle — hospitality_cruise_materials_management
 
Vulnerability in the Oracle Hospitality Cruise Materials Management product of Oracle Hospitality Applications (component: MMS All). The supported version that is affected is 7.30.567. Difficult to exploit vulnerability allows physical access to compromise Oracle Hospitality Cruise Materials Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Cruise Materials Management accessible data. CVSS 3.0 Base Score 4.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N). 2020-01-15 not yet calculated CVE-2020-2599
MISC
oracle — hospitality_opera_5
 
Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Printing). The supported version that is affected is 5.5. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality OPERA 5, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Hospitality OPERA 5 accessible data as well as unauthorized read access to a subset of Oracle Hospitality OPERA 5 accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2676
MISC
oracle — hospitality_opera_5
 
Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Login). The supported version that is affected is 5.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality OPERA 5 accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2675
MISC
oracle — hospitality_opera_5
 
Vulnerability in the Oracle Hospitality OPERA 5 product of Oracle Hospitality Applications (component: Login). Supported versions that are affected are 5.5 and 5.6. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality OPERA 5. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality OPERA 5 accessible data. CVSS 3.0 Base Score 5.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N). 2020-01-15 not yet calculated CVE-2020-2677
MISC
oracle — human_resources
 
Vulnerability in the PeopleSoft Enterprise HCM Human Resources product of Oracle PeopleSoft (component: Company Dir / Org Chart Viewer). The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM Human Resources. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise HCM Human Resources accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). 2020-01-15 not yet calculated CVE-2020-2561
MISC
oracle — java_se Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). 2020-01-15 not yet calculated CVE-2020-2654
REDHAT
REDHAT
MISC
oracle — java_se
 
Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2655
REDHAT
REDHAT
MISC
oracle — java_se
 
Vulnerability in the Java SE product of Oracle Java SE (component: JavaFX). The supported version that is affected is Java SE: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N). 2020-01-15 not yet calculated CVE-2020-2585
MISC
oracle — java_se_and_java_se_embedded
 
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2590
REDHAT
REDHAT
MISC
oracle — java_se_and_java_se_embedded
 
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N). 2020-01-15 not yet calculated CVE-2020-2601
REDHAT
REDHAT
MISC
oracle — java_se_and_java_se_embedded
 
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241 and 8u231; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). 2020-01-15 not yet calculated CVE-2020-2659
MISC
oracle — java_se_and_java_se_embedded
 
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2593
REDHAT
REDHAT
MISC
oracle — java_se_and_java_se_embedded
 
Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). 2020-01-15 not yet calculated CVE-2020-2583
REDHAT
REDHAT
MISC
oracle — outside_in_technology
 
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Outside In Technology accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L). 2020-01-15 not yet calculated CVE-2020-2576
MISC
oracle — peoplesoft_enterprise_peopletools
 
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2606
MISC
oracle — peoplesoft_enterprise_peopletools
 
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Tree Manager). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2602
MISC
oracle — peoplesoft_enterprise_peopletools
 
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2600
MISC
oracle — peoplesoft_enterprise_peopletools
 
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: PIA Core Technology). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2663
MISC
oracle — peoplesoft_enterprise_peopletools
 
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Activity Guide). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in PeopleSoft Enterprise PeopleTools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise PeopleTools accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 6.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2598
MISC
oracle — peoplesoft_enterprise_peopletools
 
Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Elastic Search). Supported versions that are affected are 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N). 2020-01-15 not yet calculated CVE-2020-2687
MISC
oracle — primavera_p6_enterprise_project_portfolio_management
 
Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Core). Supported versions that are affected are 16.2.0.0-16.2.19.0, 17.12.0.0-17.12.16.0, 18.8.0.0-18.8.16.0, 19.12.0.0 and 20.1.0.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Primavera P6 Enterprise Project Portfolio Management executes to compromise Primavera P6 Enterprise Project Portfolio Management. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Primavera P6 Enterprise Project Portfolio Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Primavera P6 Enterprise Project Portfolio Management accessible data as well as unauthorized read access to a subset of Primavera P6 Enterprise Project Portfolio Management accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Primavera P6 Enterprise Project Portfolio Management. CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:L). 2020-01-15 not yet calculated CVE-2020-2556
MISC

oracle — retail_customer_management_and_segmentation_foundation

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Internal Operations). The supported version that is affected is 16.0. Easily exploitable vulnerability allows physical access to compromise Oracle Retail Customer Management and Segmentation Foundation. Successful attacks of this vulnerability can result in takeover of Oracle Retail Customer Management and Segmentation Foundation. CVSS 3.0 Base Score 6.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:P/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H). 2020-01-15 not yet calculated CVE-2020-2648
MISC

oracle — retail_customer_management_and_segmentation_foundation

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Security). The supported version that is affected is 18.0. Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Retail Customer Management and Segmentation Foundation. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Retail Customer Management and Segmentation Foundation, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Customer Management and Segmentation Foundation accessible data as well as unauthorized read access to a subset of Oracle Retail Customer Management and Segmentation Foundation accessible data. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2567
MISC

oracle — retail_customer_management_and_segmentation_foundation

 

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Internal Operations). The supported version that is affected is 16.0. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Retail Customer Management and Segmentation Foundation executes to compromise Oracle Retail Customer Management and Segmentation Foundation. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Retail Customer Management and Segmentation Foundation accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). 2020-01-15 not yet calculated CVE-2020-2649
MISC

oracle — retail_customer_management_and_segmentation_foundation

 

Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation product of Oracle Retail Applications (component: Promotions). The supported version that is affected is 16.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Retail Customer Management and Segmentation Foundation. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Retail Customer Management and Segmentation Foundation accessible data as well as unauthorized read access to a subset of Oracle Retail Customer Management and Segmentation Foundation accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2650
MISC
oracle — siebel_crm
 
Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: UIF Open UI). Supported versions that are affected are 19.7 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Siebel UI Framework accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). 2020-01-15 not yet calculated CVE-2020-2559
MISC
oracle — siebel_crm
 
Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: SWSE Server). Supported versions that are affected are 19.10 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Siebel UI Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Siebel UI Framework accessible data. CVSS 3.0 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N). 2020-01-15 not yet calculated CVE-2020-2560
MISC
oracle — siebel_crm
 
Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM (component: EAI). Supported versions that are affected are 19.10 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Siebel UI Framework. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Siebel UI Framework accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). 2020-01-15 not yet calculated CVE-2020-2564
MISC
oracle — solaris Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.0 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H). 2020-01-15 not yet calculated CVE-2020-2647
MISC
oracle — solaris
 
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Consolidation Infrastructure). The supported version that is affected is 11. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H). 2020-01-15 not yet calculated CVE-2020-2565
MISC
oracle — solaris
 
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Kernel). The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attacker with network access via SMB to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Solaris. CVSS 3.0 Base Score 5.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L). 2020-01-15 not yet calculated CVE-2020-2578
MISC
oracle — solaris
 
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.0 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H). 2020-01-15 not yet calculated CVE-2020-2680
MISC
oracle — solaris
 
Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data as well as unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.0 Base Score 4.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2664
MISC
oracle — solaris
 
Vulnerability in the Oracle Solaris product of Oracle Systems (component: X Window System). Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Solaris accessible data as well as unauthorized read access to a subset of Oracle Solaris accessible data. CVSS 3.0 Base Score 4.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2656
MISC
FULLDISC
BUGTRAQ
MISC
oracle — vm_server_for_sparc
 
Vulnerability in the Oracle VM Server for SPARC product of Oracle Systems (component: Templates). The supported version that is affected is 3.6. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM Server for SPARC executes to compromise Oracle VM Server for SPARC. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM Server for SPARC accessible data. CVSS 3.0 Base Score 3.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N). 2020-01-15 not yet calculated CVE-2020-2571
MISC
oracle — vm_virtualbox
 
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). 2020-01-15 not yet calculated CVE-2020-2674
MISC
oracle —  solaris Vulnerability in the Oracle Solaris product of Oracle Systems (component: Filesystem). The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Solaris accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Solaris. CVSS 3.0 Base Score 7.1 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H). 2020-01-15 not yet calculated CVE-2020-2605
MISC
osisoft — pi_vision
 
OSIsoft PI Vision, All versions of PI Vision prior to 2019. The affected product is vulnerable to a cross-site request forgery that may be introduced on the PI Vision administration site. 2020-01-15 not yet calculated CVE-2019-18271
MISC
osisoft — pi_vision
 
OSIsoft PI Vision, PI Vision 2017 R2, PI Vision 2017 R2 SP1, PI Vision 2019. The affected product records the service account password in the installation log files when a non-default service account and password are specified during installation or upgrade. 2020-01-15 not yet calculated CVE-2019-18244
MISC
osisoft — pi_vision
 
OSIsoft PI Vision, All versions of PI Vision prior to 2019. The affected product is vulnerable to an improper access control, which may return unauthorized tag data when viewing analysis data reference attributes. 2020-01-15 not yet calculated CVE-2019-18275
MISC
osisoft — pi_vision
 
OSIsoft PI Vision, PI Vision 2017 R2 and PI Vision 2017 R2 SP1. The affected product is vulnerable to cross-site scripting, which may allow invalid input to be introduced. 2020-01-15 not yet calculated CVE-2019-18273
MISC
pcre — perl_compatible_regular_expression The pcre_compile2 function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code and cause a denial of service (out-of-bounds read) via regular expression with a group containing both a forward referencing subroutine call and a recursive back reference, as demonstrated by “((?+1)())/”. 2020-01-14 not yet calculated CVE-2015-2326
MISC
MISC
MISC
CONFIRM
pcre — perl_compatible_regular_expression
 
The compile_branch function in PCRE before 8.37 allows context-dependent attackers to compile incorrect code, cause a denial of service (out-of-bounds heap read and crash), or possibly have other unspecified impact via a regular expression with a group containing a forward reference repeated a large number of times within a repeated outer group that has a zero minimum quantifier. 2020-01-14 not yet calculated CVE-2015-2325
MISC
MISC
MISC
CONFIRM
phpbb — phpbb
 
phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships. 2020-01-15 not yet calculated CVE-2020-5502
MISC
CONFIRM
phpbb — phpbb
 
phpBB 3.2.8 allows a CSRF attack that can modify a group avatar. 2020-01-15 not yet calculated CVE-2020-5501
MISC
CONFIRM
phpgurukul — car_rental_project
 
PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload of a new profile image. 2020-01-14 not yet calculated CVE-2020-5509
MISC
phpgurukul — hospital_management_system
 
PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilities via the searchdata or Doctorspecialization parameter. 2020-01-14 not yet calculated CVE-2020-5193
MISC
pivotal — pivotal_spring_framework
 
In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a “Content-Disposition” header in the response where the filename attribute is derived from user supplied input. 2020-01-17 not yet calculated CVE-2020-5398
CONFIRM
pivotal — pivotal_spring_framework
 
Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vulnerable because preflight requests should not include credentials and therefore requests should fail authentication. However a notable exception to this are Chrome based browsers when using client certificates for authentication since Chrome sends TLS client certificates in CORS preflight requests in violation of spec requirements. No HTTP body can be sent or received as a result of this attack. 2020-01-17 not yet calculated CVE-2020-5397
CONFIRM
poly — plantronics_hub
 
A local privilege-escalation vulnerability exists in the Poly Plantronics Hub before 3.14 for Windows client application. A local attacker can exploit this issue to gain elevated privileges. 2020-01-17 not yet calculated CVE-2019-15742
MISC
proofpoint — proofpoint_enterprise_protection A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD), in the unpatched versions of PPS through 8.9.22 and 8.14.2 respectively, allows attackers to bypass protection mechanisms (related to extensions, MIME types, virus detection, and journal entries for transmitted files) by sending malformed (not RFC compliant) multipart email. 2020-01-13 not yet calculated CVE-2019-19680
CONFIRM
pyamf — pyamf
 
XML external entity (XXE) vulnerability in PyAMF before 0.8.0 allows remote attackers to cause a denial of service or read arbitrary files via a crafted Action Message Format (AMF) payload. 2020-01-15 not yet calculated CVE-2015-8549
MISC
MISC
MISC
MISC
pyforum — pyforum
 
A backdoor (aka BMSA-2009-07) was found in PyForum v1.0.3 where an attacker who knows a valid user email could force a password reset on behalf of that user. 2020-01-15 not yet calculated CVE-2009-5025
MISC
MISC
MISC
pyinstaller — pyinstaller
 
In PyInstaller before version 3.6, only on Windows, a local privilege escalation vulnerability is present in this particular case: If a software using PyInstaller in “onefile” mode is launched by a privileged user (at least more than the current one) which have his “TempPath” resolving to a world writable directory. This is the case for example if the software is launched as a service or as a scheduled task using a system account (TempPath will be C:\Windows\Temp). In order to be exploitable the software has to be (re)started after the attacker launch the exploit program, so for a service launched at startup, a service restart is needed (e.g. after a crash or an upgrade). 2020-01-14 not yet calculated CVE-2019-16784
CONFIRM
qemu — qemu tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code. 2020-01-16 not yet calculated CVE-2020-7039
CONFIRM
MISC
MISC
MISC
red_hat — enterprise_linux
 
It was found that the Red Hat Enterprise Linux 8 kpatch update did not include the complete fix for CVE-2018-12207. A flaw was found in the way Intel CPUs handle inconsistency between, virtual to physical memory address translations in CPU’s local cache and system software’s Paging structure entries. A privileged guest user may use this flaw to induce a hardware Machine Check Error on the host processor, resulting in a severe DoS scenario by halting the processor. System software like OS OR Virtual Machine Monitor (VMM) use virtual memory system for storing program instructions and data in memory. Virtual Memory system uses Paging structures like Page Tables and Page Directories to manage system memory. The processor’s Memory Management Unit (MMU) uses Paging structure entries to translate program’s virtual memory addresses to physical memory addresses. The processor stores these address translations into its local cache buffer called – Translation Lookaside Buffer (TLB). TLB has two parts, one for instructions and other for data addresses. System software can modify its Paging structure entries to change address mappings OR certain attributes like page size etc. Upon such Paging structure alterations in memory, system software must invalidate the corresponding address translations in the processor’s TLB cache. But before this TLB invalidation takes place, a privileged guest user may trigger an instruction fetch operation, which could use an already cached, but now invalid, virtual to physical address translation from Instruction TLB (ITLB). Thus accessing an invalid physical memory address and resulting in halting the processor due to the Machine Check Error (MCE) on Page Size Change. 2020-01-17 not yet calculated CVE-2019-19339
CONFIRM
redis — hiredis
 
async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values are unchecked. 2020-01-16 not yet calculated CVE-2020-7105
MISC
safend — data_protector_agent An issue exists in Safend Data Protector Agent 3.4.5586.9772 in the securitylayer.log file in the logs.9972 directory, which could let a malicious user decrypt and potentially change the Safend security policies applied to the machine. 2020-01-13 not yet calculated CVE-2012-4767
MISC
MISC
MISC
safend — data_protector_agent
 
A Privilege Escalation vulnerability exists in the SDBagent service in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges. 2020-01-13 not yet calculated CVE-2012-4760
MISC
MISC
MISC
safend — data_protector_agent
 
A Privilege Escalation vulnerability exists in the unquoted Service Binary in SDPAgent or SDBAgent in Safend Data Protector Agent 3.4.5586.9772, which could let a local malicious user obtain privileges. 2020-01-13 not yet calculated CVE-2012-4761
MISC
MISC
MISC
saltstack — salt
 
In SaltStack Salt through 2019.2.0, the salt-api NEST API with the ssh client enabled is vulnerable to command injection. This allows an unauthenticated attacker with network access to the API endpoint to execute arbitrary code on the salt-api host. 2020-01-17 not yet calculated CVE-2019-17361
CONFIRM
MISC
sap — basis Automated Note Search Tool (update provided in SAP Basis 7.0, 7.01, 7.02, 7.31, 7.4, 7.5, 7.51, 7.52, 7.53 and 7.54) does not perform sufficient authorization checks leading to the reading of sensitive information. 2020-01-14 not yet calculated CVE-2020-6307
MISC
CONFIRM
sap — disclosure_management
 
SAP Disclosure Management, before version 10.1, does not validate user input properly in specific use cases leading to Cross-Site Scripting. 2020-01-14 not yet calculated CVE-2020-6303
MISC
CONFIRM
sap — leasing
 
Missing authorization check in a transaction within SAP Leasing (update provided in SAP_APPL 6.18, EA-APPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16 and 6.17). 2020-01-14 not yet calculated CVE-2020-6306
MISC
CONFIRM
sap — netweaver_internet_communication_manager
 
Improper input validation in SAP NetWeaver Internet Communication Manager (update provided in KRNL32NUC & KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT KRNL64NUC & KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49 KERNEL 7.21, 7.49, 7.53) allows an attacker to prevent users from accessing its services through a denial of service. 2020-01-14 not yet calculated CVE-2020-6304
MISC
CONFIRM
sap — process_integration
 
PI Rest Adapter of SAP Process Integration (update provided in SAP_XIAF 7.31, 7.40, 7.50) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. 2020-01-14 not yet calculated CVE-2020-6305
MISC
CONFIRM
schedmd — slurm
 
SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun –uid with incorrect privileges. 2020-01-13 not yet calculated CVE-2019-19728
MISC
MISC
CONFIRM
schedmd — slurm
 
SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak slurmdbd.conf permissions. 2020-01-13 not yet calculated CVE-2019-19727
MISC
MISC
CONFIRM
serpico_project — serpico
 
An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. An admin can change their password without providing the current password, by using interfaces outside the Change Password screen. Thus, requiring the admin to enter an Old Password value on the Change Password screen does not enhance security. This is problematic in conjunction with XSS. 2020-01-15 not yet calculated CVE-2019-19857
MISC
serpico_project — serpico
 
An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. The Add Collaborator allows unlimited data via the author parameter, even if the data does not match anything in the database. 2020-01-15 not yet calculated CVE-2019-19859
MISC
siemens — multiple_nucleus_products
 
A vulnerability has been identified in Nucleus NET (All versions), Nucleus RTOS (All versions), Nucleus ReadyStart for ARM, MIPS, and PPC (All versions < V2017.02.2 with patch “Nucleus 2017.02.02 Nucleus NET Patch”), Nucleus SafetyCert (All versions), Nucleus Source Code (All versions), VSTAR (All versions). By sending specially crafted DHCP packets to a device, an attacker may be able to affect availability and integrity of the device. Adjacent network access, but no authentication and no user interaction is needed to conduct this attack. At the time of advisory publication no public exploitation of this security vulnerability was known. 2020-01-16 not yet calculated CVE-2019-13939
MISC
siemens — multiple_scalance_products
 
A vulnerability has been identified in SCALANCE X-200RNA switch family (All versions), SCALANCE X-300 switch family (incl. X408 and SIPLUS NET variants) (All versions < V4.1.3). Affected devices contain a vulnerability that allows an unauthenticated attacker to violate access-control rules. The vulnerability can be triggered by sending GET request to specific uniform resource locator on the web configuration interface of the device. The security vulnerability could be exploited by an attacker with network access to the affected systems. An attacker could use the vulnerability to obtain sensitive information or change the device configuration. At the time of advisory publication no public exploitation of this security vulnerability was known. 2020-01-16 not yet calculated CVE-2019-13933
MISC
siemens — sinamics_perfect_harmony_gh180_drives
 
A vulnerability has been identified in SINAMICS PERFECT HARMONY GH180 Drives MLFB 6SR32..-…..-…. MLFB 6SR4…-…..-…. MLFB 6SR5…-…..-…. With option A30 (HMIs 12 inches or larger) (All versions), SINAMICS PERFECT HARMONY GH180 Drives MLFB 6SR325.-…..-…. (High Availability) (All versions). The affected device contains a vulnerability that could allow an unauthenticated attacker to restore the affected device to a point where predefined application and operating system protection mechanisms are not in place. Successful exploitation requires physical access to the system, but no system privileges and no user interaction. An attacker could use the vulnerability to compromise confidentialiy, integrity and availability of the device. At the time of advisory publication no public exploitation of this security vulnerability was known. 2020-01-16 not yet calculated CVE-2019-19278
MISC
siemens — sinema_server
 
A vulnerability has been identified in SINEMA Server (All versions < V14.0 SP2 Update 1). Incorrect session validation could allow an attacker with a valid session, with low privileges, to perform firmware updates and other administrative operations on connected devices. The security vulnerability could be exploited by an attacker with network access to the affected system. An attacker must have access to a low privileged account in order to exploit the vulnerability. An attacker could use the vulnerability to compromise confidentiality, integrity, and availability of the affected system and underlying components. At the time of advisory publication no public exploitation of this security vulnerability was known. 2020-01-16 not yet calculated CVE-2019-10940
MISC
siemens — tia_portal_v14
 
A vulnerability has been identified in TIA Portal V14 (All versions), TIA Portal V15 (All versions < V15.1 Upd 4), TIA Portal V16 (All versions). Changing the contents of a configuration file could allow an attacker to execute arbitrary code with SYSTEM privileges. The security vulnerability could be exploited by an attacker with a valid account and limited access rights on the system. No user interaction is required. At the time of advisory publication no public exploitation of this security vulnerability was known. 2020-01-16 not yet calculated CVE-2019-10934
MISC
silicon_integrated_systems — xgi_vga_display_manager
 
Silicon Integrated Systems XGI WindowsXP Display Manager (aka XGI VGA Driver Manager and VGA Display Manager) 6.14.10.1090 allows local users to gain privileges via a crafted 0x96002404 IOCTL call. 2020-01-15 not yet calculated CVE-2015-5466
MISC
MISC
MISC
MISC
simple_machines — simple_machine_forum
 
There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. On some configurations a SMF deployment is shared by several “co-admins” that are not trusted beyond the SMF deployment. This vulnerability allows them to read arbitrary files on the filesystem and therefore gain new privileges by reading the settings.php with the database passwords. 2020-01-15 not yet calculated CVE-2009-5068
MISC
simple_machines — simple_machine_forum
 
Simple Machine Forum (SMF) versions 1.0.4 and earlier have an SQL injection vulnerability that allows remote attackers to inject arbitrary SQL statements. 2020-01-15 not yet calculated CVE-2005-4891
MISC
MISC
simplisafe — ss3_devices
 
Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.0-1.3 allows a local, unauthenticated attacker to pair a rogue keypad to an armed system. 2020-01-16 not yet calculated CVE-2019-3997
MISC
spamdyke — spamdyke
 
spamdyke prior to 4.2.1: STARTTLS reveals plaintext 2020-01-15 not yet calculated CVE-2012-0070
MISC
MISC
sparklabs — viscosity
 
Viscosity 1.8.2 on Windows and macOS allows an unprivileged user to set a subset of OpenVPN parameters, which can be used to load a malicious library into the memory of the OpenVPN process, leading to limited local privilege escalation. (When a VPN connection is initiated using a TLS/SSL client profile, the privileges are dropped, and the library will be loaded, resulting in arbitrary code execution as a user with limited privileges. This greatly reduces the impact of the vulnerability.) 2020-01-14 not yet calculated CVE-2020-5180
CONFIRM
suse — caas_platform
 
The docker-kubic package in SUSE CaaS Platform 3.0 before 17.09.1_ce-7.6.1 provided access to an insecure API locally on the Kubernetes master node. 2020-01-17 not yet calculated CVE-2019-3682
CONFIRM
suse — openqa openQA before commit c172e8883d8f32fced5e02f9b6faaacc913df27b was vulnerable to XSS in the distri and version parameter. This was reported through the bug bounty program of Offensive Security 2020-01-17 not yet calculated CVE-2019-3686
CONFIRM
suse –openstack_cloud_8
 
The keystone-json-assignment package in SUSE Openstack Cloud 8 before commit d7888c75505465490250c00cc0ef4bb1af662f9f every user listed in the /etc/keystone/user-project-map.json was assigned full “member” role access to every project. This allowed these users to access, modify, create and delete arbitrary resources, contrary to expectations. 2020-01-17 not yet calculated CVE-2019-3683
CONFIRM
symantec — norton_download_manager
 
A vulnerability was found in Symantec Norton Download Manager versions prior to 5.6. A remote user can create a specially crafted DLL file that, when placed on the target user’s system, will cause the Norton Download Manager component to load the remote user’s DLL instead of the intended DLL and execute arbitrary code when the Norton Download Manager component is run by the target user. 2020-01-14 not yet calculated CVE-2016-6592
MISC
MISC
MISC
MISC
MISC
CONFIRM
systrace — systrace
 
Systrace before 1.6.0 has insufficient escape policy enforcement. 2020-01-15 not yet calculated CVE-2007-4773
MISC
MISC
MISC
MISC
the_update_framework — tuf
 
TUF (aka The Update Framework) 0.7.2 through 0.12.1 allows Uncontrolled Resource Consumption. 2020-01-14 not yet calculated CVE-2020-6173
MISC
MISC
thomson_reuters — fatca Directory traversal vulnerability in Thomson Reuters for FATCA before 5.2 allows remote attackers to execute arbitrary files via the item parameter. 2020-01-15 not yet calculated CVE-2015-5952
MISC
tiki_wiki — cms_groupware Tiki Wiki CMS Groupware 7.0 has XSS via the GET “ajax” parameter to snarf_ajax.php. 2020-01-15 not yet calculated CVE-2011-4336
MISC
MISC
trend_micro — password_manager A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishing sites. 2020-01-18 not yet calculated CVE-2019-19696
MISC
MISC
MISC
MISC
trend_micro — password_manager
 
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim’s memory processes to extract sensitive information. 2020-01-18 not yet calculated CVE-2019-15625
MISC
MISC
MISC
MISC
trend_micro — security_2019
 
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administrator privileges on the target machine in order to exploit the vulnerability. 2020-01-18 not yet calculated CVE-2019-19697
MISC
MISC
trend_micro — security_2020 A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system. 2020-01-18 not yet calculated CVE-2019-20357
MISC
MISC
vmware — tools
 
The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11. 2020-01-15 not yet calculated CVE-2020-3941
CONFIRM
vmware — workspace_one_sdk
 
VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability. 2020-01-17 not yet calculated CVE-2020-3940
CONFIRM
websitebaker — websitebaker An Arbitrary File Upload vulnerability exists in admin/media/upload.php in WebsiteBaker 2.8.1 and earlier due to a failure to restrict uploaded files with .htaccess, .php4, .php5, and .phtl extensions. 2020-01-14 not yet calculated CVE-2011-2933
MISC
westermo — mrd-315_devices
 
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, backup.asp, sys-power.asp, ifaces-wls.asp, ifaces-wls-pkt.asp, and ifaces-wls-pkt-adv.asp. 2020-01-18 not yet calculated CVE-2020-7227
MISC
whoopsie-daisy — whoopsy-daisy whoopsie-daisy before 0.1.26: Root user can remove arbitrary files 2020-01-15 not yet calculated CVE-2012-0945
MISC
wireshark — wireshark
 
In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using >= and <= to resolve off-by-one errors. 2020-01-16 not yet calculated CVE-2020-7044
MISC
MISC
MISC
wireshark — wireshark
 
In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by validating opcodes. 2020-01-16 not yet calculated CVE-2020-7045
MISC
MISC
MISC
wordpress — wordpress
 
The WordPress plugin, WP Database Reset through 3.1, contains a flaw that gave any authenticated user, with minimal permissions, the ability (with a simple wp-admin/admin.php?db-reset-tables[]=users request) to escalate their privileges to administrator while dropping all other users from the table. 2020-01-16 not yet calculated CVE-2020-7047
MISC
MISC
MISC
wordpress — wordpress
 
The WordPress plugin, WP Database Reset through 3.1, contains a flaw that allowed any unauthenticated user to reset any table in the database to the initial WordPress set-up state (deleting all site content stored in that table), as demonstrated by a wp-admin/admin-post.php?db-reset-tables[]=comments URI. 2020-01-16 not yet calculated CVE-2020-7048
MISC
MISC
MISC
wordpress — wordpress
 
WordPress Advanced Access Manager Plugin before 2.8.2 has an Arbitrary File Overwrite Vulnerability 2020-01-13 not yet calculated CVE-2014-6059
MISC
MISC
MISC
wordpress — wordpress
 
The chained-quiz plugin 1.1.8.1 for WordPress has reflected XSS via the wp-admin/admin-ajax.php total_questions parameter. 2020-01-17 not yet calculated CVE-2020-7104
MISC
wordpress — wordpress
 
The Ultimate FAQ plugin before 1.8.30 for WordPress allows XSS via Display_FAQ to Shortcodes/DisplayFAQs.php. 2020-01-16 not yet calculated CVE-2020-7107
MISC
MISC
MISC
wordpress — wordpress
 
The LearnDash LMS plugin before 3.1.2 for WordPress allows XSS via the ld-profile search field. 2020-01-16 not yet calculated CVE-2020-7108
MISC
MISC
MISC
MISC
wordpress — wordpress
 
Multiple Insecure Direct Object Reference vulnerabilities in includes/core/class-files.php in the Ultimate Member plugin through 2.1.2 for WordPress allow remote attackers to change other users’ profiles and cover photos via a modified user_id parameter. This is related to ajax_image_upload and ajax_resize_image. 2020-01-13 not yet calculated CVE-2020-6859
MISC
MISC
CONFIRM
MISC
zoho_manageengine — applications_manager
 
An issue was discovered in ManageEngine Applications Manager 14 with Build 14360. Integrated PostgreSQL which is built-in in Applications Manager is prone to attack due to lack of file permission security. The malicious users who are in ?Authenticated Users? group can exploit privilege escalation and modify PostgreSQL configuration to execute arbitrary command to escalate and gain full system privilege user access and rights over the system. 2020-01-10 not yet calculated CVE-2019-19475
CONFIRM

zoho_manageengine — desktop_central_and_desktop_central_managed_service_providers

Directory traversal vulnerability in the agentLogUploader servlet in ZOHO ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90055 allows remote attackers to write to and execute arbitrary files as SYSTEM via a .. (dot dot) in the filename parameter. 2020-01-17 not yet calculated CVE-2014-5007
MISC
CONFIRM
zoho_manageengine — eventlog_analyzer
 
ManageEngine EventLog Analyzer version 7 through 9.9 build 9002 has a Credentials Disclosure Vulnerability 2020-01-13 not yet calculated CVE-2014-6039
MISC
MISC
MISC
MISC
zte — f6x2w_devices
 
V6.0.10P2T2 and V6.0.10P2T5 of F6x2W product are impacted by Information leak vulnerability. Unauthorized users could log in directly to obtain page information without entering a verification code. 2020-01-17 not yet calculated CVE-2020-6862
CONFIRM

Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

CISA Bulletins