CVE Daily
← All years

All CVEs — 2020

Page 5/122.

Browse all CVEs by publication year. Use filters to refine.

CVSS ≥ 0.0
2020-12-18
High

CVE-2020-26174

tangro Business Workflow before 1.18.1 requests a list of allowed filetypes from the server and restricts uploads to the filetypes contained in this list. However, this restriction is enforced in the…

CVSS: 8.8 CWE: CWE-434
Read more
Low

CVE-2020-26173

An incorrect access control implementation in Tangro Business Workflow before 1.18.1 allows an attacker to download documents (PDF) by providing a valid document ID and token. No further authenticati…

CVSS: 3.1 CWE: CWE-306
Read more
Medium

CVE-2020-26172

Every login in tangro Business Workflow before 1.18.1 generates the same JWT token, which allows an attacker to reuse the token when a session is active. The JWT token does not contain an expiration…

CVSS: 4.2 CWE: CWE-294
Read more
Medium

CVE-2020-26171

In tangro Business Workflow before 1.18.1, the documentId of attachment uploads to /api/document/attachments/upload can be manipulated. By doing this, users can add attachments to workitems that do n…

CVSS: 4.3 CWE: CWE-639
Read more
High

CVE-2020-35553

An issue was discovered on Samsung mobile devices with Q(10.0) and R(11.0) (Qualcomm SM8250 chipsets) software. They allows attackers to cause a denial of service (unlock failure) by triggering a pow…

CVSS: 7.5 CWE: CWE-920
Read more
Critical

CVE-2020-35551

An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. They allow attackers to conduct RPMB state-change attacks because an unauthorized RPMB w…

CVSS: 9.8 CWE: CWE-294
Read more
Medium

CVE-2019-16957

SolarWinds Web Help Desk 12.7.0 allows XSS via the First Name field of a User Account.

CVSS: 5.4 CWE: CWE-79
Read more
Medium

CVE-2019-16955

SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded SVG document in a request.

CVSS: 5.4 CWE: CWE-79
Read more
Medium

CVE-2020-35480

An issue was discovered in MediaWiki before 1.35.1. Missing users (accounts that don't exist) and hidden users (accounts that have been explicitly hidden due to being abusive, or similar) that the vi…

CVSS: 5.3 CWE: CWE-203
Read more
Medium

CVE-2020-35479

MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does not escape in all code paths. For example, the return of Language::userTimeAndDate is is alway…

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-35478

MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. MediaWiki:blanknamespace potentially can be output as raw HTML with SCRIPT tags via LogFormatter::makePageLink(). This affects MediaWiki…

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-35477

MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries in some situations. If one sets MediaWiki:Mainpage to Special:MyLanguage/Main Page, visits a log entry on Special:Log, and toggl…

CVSS: 5.3 CWE: CWE-670
Read more
High

CVE-2020-35475

In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can contain raw HTML. XSS can happen when a user visits Special:UserRights but does not have rights to ch…

CVSS: 7.5 CWE: CWE-79
Read more
Medium

CVE-2020-35474

In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text leads to XSS because the definition of MediaWiki:recentchanges-legend-watchlistexpiry can be changed onwiki so that t…

CVSS: 6.1 CWE: CWE-79
Read more
High

CVE-2020-27154

The chat window of Mitel BusinessCTI Enterprise (MBC-E) Client for Windows before 6.4.11 and 7.x before 7.0.3 could allow an attacker to gain access to user information by sending arbitrary code, due…

CVSS: 8.8 CWE: CWE-20
Read more
Medium

CVE-2020-25611

The AWV portal of Mitel MiCollab before 9.2 could allow an attacker to gain access to conference information by sending arbitrary code due to improper input validation, aka XSS. Successful exploitati…

CVSS: 6.1 CWE: CWE-20
Read more
Medium

CVE-2020-25609

The NuPoint Messenger Portal of Mitel MiCollab before 9.2 could allow an authenticated attacker to execute arbitrary scripts due to insufficient input validation, aka XSS. A successful exploit could…

CVSS: 5.4 CWE: CWE-79
Read more
High

CVE-2020-25608

The SAS portal of Mitel MiCollab before 9.2 could allow an attacker to access user credentials due to improper input validation, aka SQL Injection.

CVSS: 7.2 CWE: CWE-20
Read more
Medium

CVE-2020-25606

The AWV component of Mitel MiCollab before 9.2 could allow an attacker to view system information by sending arbitrary code due to improper input validation, aka XSS.

CVSS: 6.1 CWE: CWE-20
Read more
High

CVE-2020-7838

A arbitrary code execution vulnerability exists in the way that the Stove client improperly validates input value. An attacker could execute arbitrary code when the user access to crafted web page. T…

CVSS: 8.8 CWE: CWE-20
Read more
Critical

CVE-2020-27780

A flaw was found in Linux-Pam in versions prior to 1.5.1 in the way it handle empty passwords for non-existing users. When the user doesn't exist PAM try to authenticate with root and in the case of…

CVSS: 9.8 CWE: CWE-287
Read more
Medium

CVE-2020-13528

An information disclosure vulnerability exists in the Web Manager and telnet CLI functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP reques…

CVSS: 5.3 CWE: CWE-319
Read more
Medium

CVE-2020-13527

An authentication bypass vulnerability exists in the Web Manager functionality of Lantronix XPort EDGE 3.0.0.0R11, 3.1.0.0R9, 3.4.0.0R12 and 4.2.0.0R7. A specially crafted HTTP request can cause incr…

CVSS: 4.5 CWE: CWE-352
Read more
Medium

CVE-2020-13518

An information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c402084 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause the disclosure of sensi…

CVSS: 6.5 CWE: CWE-269
Read more
Medium

CVE-2020-13517

An information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c406104 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause the disclosure of sensi…

CVSS: 5.5 CWE: CWE-269
Read more
Medium

CVE-2020-13516

An information disclosure vulnerability exists in the WinRing0x64 Driver IRP 0x9c406144 functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) can cause the disclosure of sensi…

CVSS: 6.5 CWE: CWE-269
Read more
Medium

CVE-2020-13511

An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) using the IRP 0x9c4060d…

CVSS: 6.5 CWE: CWE-269
Read more
Medium

CVE-2020-13510

An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) using the IRP 0x9c4060d…

CVSS: 6.5 CWE: CWE-269
Read more
Medium

CVE-2020-13509

An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged I/O Read IRPs functionality of NZXT CAM 4.8.0. A specially crafted I/O request packet (IRP) Using the IRP 0x9c4060c…

CVSS: 6.5 CWE: CWE-269
Read more
2020-12-17
Medium

CVE-2020-20142

Cross Site Scripting (XSS) vulnerability in the "To Remote CSV" component under "Open" Menu in Flexmonster Pivot Table & Charts 2.7.17.

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-20141

Cross Site Scripting (XSS) vulnerability in the To OLAP (XMLA) component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17.

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-20140

Cross Site Scripting (XSS) vulnerability in Remote Report component under the Open menu in Flexmonster Pivot Table & Charts 2.7.17.

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-20139

Cross Site Scripting (XSS) vulnerability in the Remote JSON component Under the Connect menu in Flexmonster Pivot Table & Charts 2.7.17.

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-20138

Cross Site Scripting (XSS) vulnerability in the Showtime2 Slideshow module in CMS Made Simple (CMSMS) 2.2.4.

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-12523

On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the L…

CVSS: 5.4 CWE: CWE-909
Read more
Critical

CVE-2020-12522

The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/x…

CVSS: 10.0 CWE: CWE-78
Read more
Medium

CVE-2020-12521

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system ser…

CVSS: 6.5 CWE: CWE-20
Read more
High

CVE-2020-12519

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i.e. to open a reverse shell with root privileges.

CVSS: 8.8 CWE: CWE-269
Read more
Medium

CVE-2020-12518

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks.

CVSS: 5.5 CWE: CWE-200
Read more
High

CVE-2020-12517

On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an authenticated low privileged user could embed malicious Javascript code to gain admin rights when the admin user visits the vu…

CVSS: 8.8 CWE: CWE-79
Read more
Critical

CVE-2020-8466

A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could allow an unauthenticated attacker to execut…

CVSS: 9.8 CWE: CWE-78
Read more
Critical

CVE-2020-8465

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSRF bypass (CVE-2020-8461) and authenticat…

CVSS: 9.8 CWE: CWE-287
Read more
High

CVE-2020-8464

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to send requests that appear to come from the localhost which could expose the product's admin…

CVSS: 7.5 CWE: CWE-918
Read more
High

CVE-2020-8463

A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to bypass a global authorization check for anonymous users by manipulating request paths.

CVSS: 7.5 CWE: CWE-22
Read more
Medium

CVE-2020-8462

A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product.

CVSS: 4.8 CWE: CWE-79
Read more
High

CVE-2020-8461

A CSRF protection bypass vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to get a victim's browser to send a specifically encoded request without…

CVSS: 8.8 CWE: CWE-352
Read more
Medium

CVE-2020-27010

A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product in a manner separate…

CVSS: 4.8 CWE: CWE-79
Read more
Critical

CVE-2020-35545

Time-based SQL injection exists in Spotweb 1.4.9 via the query string.

CVSS: 9.8 CWE: CWE-89
Read more
Critical

CVE-2020-26276

Fleet is an open source osquery manager. In Fleet before version 3.5.1, due to issues in Go's standard library XML parsing, a valid SAML response may be mutated by an attacker to modify the trusted d…

CVSS: 10.0 CWE: CWE-290
Read more
Low

CVE-2020-4846

IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information cou…

CVSS: 2.7 CWE: CWE-209
Read more
Medium

CVE-2020-4845

IBM Security Key Lifecycle Manager 3.0.1 and 4.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fun…

CVSS: 5.4 CWE: CWE-79
Read more
High

CVE-2020-35491

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.

CVSS: 8.1 CWE: CWE-502
Read more
High

CVE-2020-35490

FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.

CVSS: 8.1 CWE: CWE-502
Read more
Critical

CVE-2020-35489

The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters.

CVSS: 10.0 CWE: CWE-434
Read more
High

CVE-2020-15294

Compiler Optimization Removal or Modification of Security-critical Code vulnerability in IntPeParseUnwindData() results in multiple dereferences to the same pointer. If the pointer is located in memo…

CVSS: 7.8 CWE: CWE-733
Read more
Medium

CVE-2020-15293

Memory corruption in IntLixCrashDumpDmesg, IntLixTaskFetchCmdLine, IntLixFileReadDentry and IntLixFileGetPath due to insufficient guest-data input validation may lead to denial of service conditions.

CVSS: 6.1 CWE: CWE-20
Read more
Medium

CVE-2020-15292

Lack of validation on data read from guest memory in IntPeGetDirectory, IntPeParseUnwindData, IntLogExceptionRecord, IntKsymExpandSymbol and IntLixTaskDumpTree may lead to out-of-bounds read or it co…

CVSS: 5.5 CWE: CWE-20
Read more
Critical

CVE-2020-22083

jsonpickle through 1.4.1 allows remote code execution during deserialization of a malicious payload through the decode() function. Note: It has been argued that this is expected and clearly documente…

CVSS: 9.8 CWE: CWE-502
Read more
Medium

CVE-2020-35177

HashiCorp Vault and Vault Enterprise 1.4.1 and newer allowed the enumeration of users via the LDAP auth method. Fixed in 1.5.6 and 1.6.1.

CVSS: 5.3 CWE: CWE-209
Read more
High

CVE-2020-29652

A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.

CVSS: 7.5 CWE: CWE-476
Read more
High

CVE-2020-27199

The Magic Home Pro application 1.5.1 for Android allows Authentication Bypass. The security control that the application currently has in place is a simple Username and Password authentication functi…

CVSS: 7.5 CWE: CWE-287
Read more
Medium

CVE-2020-35123

In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has…

CVSS: 6.5 CWE: CWE-611
Read more
Critical

CVE-2020-25011

A sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to get username and pa…

CVSS: 9.8 CWE: CWE-732
Read more
Critical

CVE-2020-25010

An arbitrary code execution vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to upload a malicious script…

CVSS: 9.8 CWE: CWE-434
Read more
High

CVE-2020-25095

LogRhythm Platform Manager (PM) 7.4.9 allows CSRF. The Web interface is vulnerable to Cross-site WebSocket Hijacking (CSWH). If a logged-in PM user visits a malicious site in the same browser session…

CVSS: 8.8 CWE: CWE-352
Read more
Critical

CVE-2020-25094

LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit this, an attacker can inject arbitrary program names and arguments into a WebSocket. These are forwarded to any remote server wit…

CVSS: 9.8 CWE: CWE-78
Read more
Critical

CVE-2020-35197

The official memcached docker images before 1.5.11-alpine (Alpine specific) contain a blank password for a root user. System using the memcached docker container deployed by affected versions of the…

CVSS: 9.8 CWE: CWE-306
Read more
Critical

CVE-2020-35196

The official rabbitmq docker images before 3.7.13-beta.1-management-alpine (Alpine specific) contain a blank password for a root user. System using the rabbitmq docker container deployed by affected…

CVSS: 9.8 CWE: CWE-306
Read more
Critical

CVE-2020-35195

The official haproxy docker images before 1.8.18-alpine (Alpine specific) contain a blank password for a root user. System using the haproxy docker container deployed by affected versions of the dock…

CVSS: 9.8 CWE: CWE-306
Read more
Critical

CVE-2020-35192

The official vault docker images before 0.11.6 contain a blank password for a root user. System using the vault docker container deployed by affected versions of the docker image may allow a remote a…

CVSS: 9.8 CWE: CWE-306
Read more
Critical

CVE-2020-35191

The official drupal docker images before 8.5.10-fpm-alpine (Alpine specific) contain a blank password for a root user. System using the drupal docker container deployed by affected versions of the do…

CVSS: 9.8 CWE: CWE-306
Read more
Critical

CVE-2020-35190

The official plone Docker images before version of 4.3.18-alpine (Alpine specific) contain a blank password for a root user. System using the plone docker container deployed by affected versions of t…

CVSS: 9.8 CWE: CWE-306
Read more
Critical

CVE-2020-35186

The official adminer docker images before 4.7.0-fastcgi contain a blank password for a root user. System using the adminer docker container deployed by affected versions of the docker image may allow…

CVSS: 9.8 CWE: CWE-306
Read more
Critical

CVE-2020-35184

The official composer docker images before 1.8.3 contain a blank password for a root user. System using the composer docker container deployed by affected versions of the docker image may allow a rem…

CVSS: 9.8 CWE: CWE-306
Read more
Medium

CVE-2020-29436

Sonatype Nexus Repository Manager 3.x before 3.29.0 allows a user with admin privileges to configure the system to gain access to content outside of NXRM via an XXE vulnerability. Fixed in version 3.…

CVSS: 6.5 CWE: CWE-611
Read more
Critical

CVE-2020-35189

The official kong docker images before 1.0.2-alpine (Alpine specific) contain a blank password for a root user. System using the kong docker container deployed by affected versions of the docker imag…

CVSS: 9.8 CWE: CWE-306
Read more
Critical

CVE-2020-35187

The official telegraf docker images before 1.9.4-alpine (Alpine specific) contain a blank password for a root user. System using the telegraf docker container deployed by affected versions of the doc…

CVSS: 9.8 CWE: CWE-306
Read more
Critical

CVE-2020-35185

The official ghost docker images before 2.16.1-alpine (Alpine specific) contain a blank password for a root user. System using the ghost docker container deployed by affected versions of the docker i…

CVSS: 9.8 CWE: CWE-306
Read more
2020-12-16
Medium

CVE-2020-4908

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 returns the product version and release information on the login dialog. This information could be used in further attack…

CVSS: 5.3 CWE: CWE-200
Read more
Medium

CVE-2020-4907

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the…

CVSS: 5.3 CWE: CWE-209
Read more
Low

CVE-2020-4906

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to be stored locally which can be read by another user on the system.

CVSS: 3.3 CWE: CWE-922
Read more
Medium

CVE-2020-4904

IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions t…

CVSS: 6.5 CWE: CWE-352
Read more
Medium

CVE-2020-4658

IBM Sterling File Gateway 2.2.0.0 through 6.0.3.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fu…

CVSS: 6.1 CWE: CWE-79
Read more
Medium

CVE-2020-4657

IBM Sterling B2B Integrator 5.2.0.0 through 6.0.3.2 Standard Edition is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alter…

CVSS: 6.1 CWE: CWE-79
Read more
High

CVE-2020-28931

Lack of an anti-CSRF token in the entire administrative interface in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacker to force an administrator to execute external POST requests by…

CVSS: 8.8 CWE: CWE-352
Read more
Medium

CVE-2020-28930

A Cross-Site Scripting (XSS) issue in the 'update user' and 'delete user' functionalities in settings/users.php in EPSON EPS TSE Server 8 (21.0.11) allows an authenticated attacker to inject a JavaSc…

CVSS: 5.4 CWE: CWE-79
Read more
Critical

CVE-2020-28929

Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacker to remotely retrieve administrative hashed credentials via the maintenan…

CVSS: 9.8 CWE: CWE-306
Read more
Medium

CVE-2020-26274

In systeminformation (npm package) before version 4.31.1 there is a command injection vulnerability. The problem was fixed in version 4.31.1 with a shell string sanitation fix.

CVSS: 6.4 CWE: CWE-78
Read more
Critical

CVE-2020-7781

This affects the package connection-tester before 0.2.1. The injection point is located in line 15 in index.js. The following PoC demonstrates the vulnerability:

CVSS: 9.8 CWE: CWE-78
Read more
High

CVE-2020-35133

irfanView 4.56 contains an error processing parsing files of type .pcx. Which leads to out-of-bounds writing at i_view32+0xdb60.

CVSS: 7.5 CWE: CWE-434
Read more
High

CVE-2020-7837

An issue was discovered in ML Report Program. There is a stack-based buffer overflow in function sub_41EAF0 at MLReportDeamon.exe. The function will call vsprintf without checking the length of strin…

CVSS: 7.5 CWE: CWE-121
Read more
Medium

CVE-2019-14481

AdRem NetCrunch 10.6.0.4587 has a Cross-Site Request Forgery (CSRF) vulnerability in the NetCrunch web client. Successful exploitation requires a logged-in user to open a malicious page and leads to…

CVSS: 5.4 CWE: CWE-352
Read more
High

CVE-2019-14479

AdRem NetCrunch 10.6.0.4587 allows Remote Code Execution. In the NetCrunch web client, a read-only administrator can execute arbitrary code on the server running the NetCrunch server software.

CVSS: 8.8 CWE: CWE-78
Read more
Medium

CVE-2019-14478

AdRem NetCrunch 10.6.0.4587 has a stored Cross-Site Scripting (XSS) vulnerability in the NetCrunch web client. The user's input data is not properly encoded when being echoed back to the user. This d…

CVSS: 5.4 CWE: CWE-79
Read more
Medium

CVE-2019-14476

AdRem NetCrunch 10.6.0.4587 has a Server-Side Request Forgery (SSRF) vulnerability in the NetCrunch server. Every user can trick the server into performing SMB requests to other systems.

CVSS: 6.5 CWE: CWE-918
Read more
High

CVE-2020-5360

Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability resulting i…

CVSS: 7.5 CWE: CWE-127
Read more
Medium

CVE-2020-5359

Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to an Unchecked Return Value Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability to mo…

CVSS: 5.8 CWE: CWE-544
Read more
Medium

CVE-2020-26198

Dell EMC iDRAC9 versions prior to 4.32.10.00 and 4.40.00.00 contain a reflected cross-site scripting vulnerability in the iDRAC9 web application. A remote attacker could potentially exploit this vuln…

CVSS: 6.1 CWE: CWE-79
Read more
Critical

CVE-2019-14482

AdRem NetCrunch 10.6.0.4587 has a hardcoded SSL private key vulnerability in the NetCrunch web client. The same hardcoded SSL private key is used across different customers' installations when no oth…

CVSS: 9.8 CWE: CWE-798
Read more
Critical

CVE-2019-14480

AdRem NetCrunch 10.6.0.4587 has an Improper Session Handling vulnerability in the NetCrunch web client, which can lead to an authentication bypass or escalation of privileges.

CVSS: 9.8 CWE: CWE-200
Read more
Medium

CVE-2019-14477

AdRem NetCrunch 10.6.0.4587 has Improper Credential Storage since the internal user database is readable by low-privileged users and passwords in the database are weakly encoded or encrypted.

CVSS: 5.5 CWE: CWE-522
Read more
High

CVE-2020-29607

A file upload restriction bypass vulnerability in Pluck CMS before 4.7.13 allows an admin privileged user to gain access in the host through the "manage files" functionality, which may result in remo…

CVSS: 7.2 CWE: CWE-434
Read more
High

CVE-2020-25622

An issue was discovered in SolarWinds N-Central 12.3.0.670. The AdvancedScripts HTTP endpoint allows CSRF.

CVSS: 8.8 CWE: CWE-352
Read more
High

CVE-2020-25621

An issue was discovered in SolarWinds N-Central 12.3.0.670. The local database does not require authentication: security is only based on ability to access a network interface. The database has keys…

CVSS: 8.4 CWE: CWE-306
Read more
High

CVE-2020-25620

An issue was discovered in SolarWinds N-Central 12.3.0.670. Hard-coded Credentials exist by default for local user accounts named support@n-able.com and nableadmin@n-able.com. These allow logins to t…

CVSS: 7.8 CWE: CWE-798
Read more
High

CVE-2020-14254

TLS-RSA cipher suites are not disabled in HCL BigFix Inventory up to v10.0.2. If TLS 2.0 and secure ciphers are not enabled then an attacker can passively record traffic and later decrypt it.

CVSS: 7.5 CWE: CWE-327
Read more
Medium

CVE-2020-14248

BigFix Inventory up to v10.0.2 does not set the secure flag for the session cookie in an https session, which can cause the cookie to be sent in http requests and make it easier for remote attackers…

CVSS: 5.3 CWE: CWE-319
Read more
High

CVE-2020-29363

An issue was discovered in p11-kit 0.23.6 through 0.23.21. A heap-based buffer overflow has been discovered in the RPC protocol used by p11-kit server/remote commands and the client library. When the…

CVSS: 7.5 CWE: CWE-787
Read more
Medium

CVE-2020-29362

An issue was discovered in p11-kit 0.21.1 through 0.23.21. A heap-based buffer over-read has been discovered in the RPC protocol used by thep11-kit server/remote commands and the client library. When…

CVSS: 5.3 CWE: CWE-125
Read more
High

CVE-2020-29361

An issue was discovered in p11-kit 0.21.1 through 0.23.21. Multiple integer overflows have been discovered in the array allocations in the p11-kit library and the p11-kit list command, where overflow…

CVSS: 7.5 CWE: CWE-190
Read more
High

CVE-2020-25618

An issue was discovered in SolarWinds N-Central 12.3.0.670. The sudo configuration has incorrect access control because the nable web user account is effectively able to run arbitrary OS commands as…

CVSS: 8.8 CWE: CWE-78
Read more
High

CVE-2020-25617

An issue was discovered in SolarWinds N-Central 12.3.0.670. The AdvancedScripts HTTP endpoint allows Relative Path Traversal by an authenticated user of the N-Central Administration Console (NAC), le…

CVSS: 8.8 CWE: CWE-22
Read more
High

CVE-2020-28458

All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806.

CVSS: 7.3 CWE: CWE-1321
Read more
High

CVE-2020-5683

Directory traversal vulnerability in GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier GROWI versions prior to v4.2.3 (v4.2…

CVSS: 7.5 CWE: CWE-22
Read more
High

CVE-2020-5682

Improper input validation in GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier GROWI versions prior to v4.2.3 (v4.2 Series),…

CVSS: 7.5 CWE: CWE-20
Read more
Critical

CVE-2020-35476

A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is…

CVSS: 9.8 CWE: CWE-78
Read more
Medium

CVE-2020-26273

osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. In osquery before version 4.6.0, by using sqlite's ATTACH verb, someone with administrative access to o…

CVSS: 5.2 CWE: CWE-77
Read more
Medium

CVE-2020-26259

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerabi…

CVSS: 6.8 CWE: CWE-78
Read more
Medium

CVE-2020-26258

XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side Forgery Request vulnerability can be activated when unmarshalling. The vulnerabil…

CVSS: 6.3 CWE: CWE-918
Read more
Critical

CVE-2020-35469

The Software AG Terracotta Server OSS Docker image 5.4.1 contains a blank password for the root user. Systems deployed using affected versions of the Terracotta Server OSS container may allow a remot…

CVSS: 9.8 CWE: CWE-306
Read more