index_ label1 index_ label1
Providing services for federal, state and local government ...
index_ label2 index_ label2
Our commercial entity operations, providing enterprise services ...
index_ label3 index_ label3
How do we prepare for what's to come next? See inside ...
I.T. News
We are constantly interested in the latest and up-to-date technology.
As we move forward with the software development we will continue to use new technologies to improve our products and the customer experience. And we will continue to develop our solutions with both new functionality and increasing integration with the latest major platforms.

As the growing market shares and interests in the I.T. virtualization, we tailored the unique virtualization solution vFleXtor using proven, modern up-to-date technology.

Timely information about security topics and threats:

CISA All NCAS Products
  • Original release date: June 5, 2020

    The Cybersecurity and Infrastructure Security Agency (CISA) is aware of publicly available and functional proof-of-concept (PoC) code that exploits CVE-2020-0796 in unpatched systems. Although Microsoft disclosed and provided updates for this vulnerability in March 2020, malicious cyber actors are targeting unpatched systems with the new PoC, according to recent open-source reports. CISA strongly recommends using a firewall to block SMB ports from the internet and to apply patches to critical- and high-severity vulnerabilities as soon as possible.  

    CISA also encourages users and administrators to review the following resources and apply the necessary updates or workarounds.

    This product is provided subject to this Notification and this Privacy & Use policy.

  • Original release date: June 4, 2020

    Google has released Chrome version 83.0.4103.97 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

    The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.

    This product is provided subject to this Notification and this Privacy & Use policy.

  • Original release date: June 4, 2020

    Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

    The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco security advisories page and apply the necessary updates.

    This product is provided subject to this Notification and this Privacy & Use policy.

  • Original release date: June 3, 2020 | Last revised: June 5, 2020

    Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.

    The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 77, Firefox ESR 68.9, and Thunderbird 68.9.0 and apply the necessary updates.

    This product is provided subject to this Notification and this Privacy & Use policy.

  • Original release date: June 2, 2020

    Cisco has released security updates to address a vulnerability in NX-OS Software. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.

    The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates or workarounds.

    This product is provided subject to this Notification and this Privacy & Use policy.

  • Original release date: June 2, 2020

    Apple has released security updates to address a vulnerability in multiple products. An attacker could exploit this vulnerability to take control of an affected system.

    The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates:

    This product is provided subject to this Notification and this Privacy & Use policy.

  • Original release date: June 1, 2020

    June 1 marks the official start of the 2020 Atlantic hurricane season. The Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails?often containing malicious links or attachments?are common after major natural disasters. Exercise caution in handling emails with hurricane-related subject lines, attachments, or hyperlinks. In addition, be wary of social media pleas, texts, or door-to-door solicitations relating to severe weather events.

    To avoid becoming victims of malicious activity, users and administrators should review the following resources and take preventative measures.

    If you believe you have been a victim of cybercrime, file a complaint with the Federal Bureau of Investigation?s Internet Crime Complaint Center (IC3) at www.ic3.gov.

    This product is provided subject to this Notification and this Privacy & Use policy.

  • Original release date: June 1, 2020

     

    High Vulnerabilities

    Primary
    Vendor -- Product
    Description Published CVSS Score Source & Patch Info
    adminpanel -- adminplanel
     
    Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php hidden parameter. 2020-05-24 7.5 CVE-2020-13433
    MISC
    MISC
    apache -- kylin
     
    Kylin has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation. 2020-05-22 9 CVE-2020-1956
    MISC
    aviatrix -- vpn_client
     
    An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters. 2020-05-22 7.5 CVE-2020-13417
    MISC
    bosch -- recording_station
     
    Improper Access Control in the Kiosk Mode functionality of Bosch Recording Station allows a local unauthenticated attacker to escape from the Kiosk Mode and access the underlying operating system. 2020-05-27 7.2 CVE-2020-6774
    MISC
    cisco -- prime_network_registrar
     
    A vulnerability in the DHCP server of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation of incoming DHCP traffic. An attacker could exploit this vulnerability by sending a crafted DHCP request to an affected device. A successful exploit could allow the attacker to cause a restart of the DHCP server process, causing a DoS condition. 2020-05-22 7.8 CVE-2020-3272
    CISCO
    cisco -- unified_contact_center_express
     
    A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a malicious serialized Java object to a specific listener on an affected system. A successful exploit could allow the attacker to execute arbitrary code as the root user on an affected device. 2020-05-22 10 CVE-2020-3280
    CISCO
    cybozu -- cybozu_desktop_for_windows
     
    Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors. 2020-05-25 7.5 CVE-2020-5537
    JVN
    MISC
    MISC
    dext5 -- dext5_upload A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext5uploadeddata/. 2020-05-25 7.5 CVE-2020-13442
    MISC
    dns-sync -- dns-sync
     
    node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This has been fixed in 0.2.1. 2020-05-28 7.5 CVE-2020-11079
    MISC
    CONFIRM

    kaoni -- ezhttptrans

    Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download and execute arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution. 2020-05-22 7.5 CVE-2020-7813
    MISC
    MISC
    kaoni -- ezhttptrans
     
    Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution by rebooting the victim?s PC. 2020-05-28 7.5 CVE-2020-7812
    MISC
    MISC
    lenovo -- lj4010dn_devices
     
    A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, preventing subsequent print jobs until the printer is rebooted. 2020-05-28 7.8 CVE-2020-8330
    CONFIRM
    lenovo -- lj4010dn_devices
     
    A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, causing an error to be displayed and preventing printer from functioning until the printer is rebooted. 2020-05-28 7.8 CVE-2020-8329
    CONFIRM
    mozilla -- firefox Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76. 2020-05-26 7.5 CVE-2020-12390
    MISC
    MISC
    mozilla -- firefox
     
    Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 76. 2020-05-26 7.5 CVE-2020-12396
    MISC
    MISC
    mozilla -- firefox_and_firefox_esr
     
    The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76. 2020-05-26 7.5 CVE-2020-12389
    MISC
    MISC
    MISC
    mozilla -- firefox_and_firefox_esr
     
    The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76. 2020-05-26 7.5 CVE-2020-12388
    MISC
    MISC
    MISC
    MISC
    mozilla -- firefox_and_firefox_esr_and_thunderbird
     
    Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. 2020-05-26 10 CVE-2020-12395
    MISC
    MISC
    MISC
    MISC
    mozilla -- firefox_and_firefox_esr_and_thunderbird
     
    A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. 2020-05-26 7.5 CVE-2020-6831
    MISC
    MISC
    MISC
    MISC
    python -- python
     
    An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python. When loading a configuration with FromString or FromStream with YAML, one can execute arbitrary Python code, resulting in OS command execution, because safe_load is not used. 2020-05-22 7.5 CVE-2020-13388
    MISC
    MISC
    CONFIRM
    sqlite -- sqlite
     
    ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. 2020-05-27 7.5 CVE-2020-13630
    MISC
    MISC
    sympa -- sympa
     
    Sympa before 6.2.56 allows privilege escalation. 2020-05-27 7.2 CVE-2020-10936
    MISC
    MISC
    MISC
    tenda -- multiple_routers
     
    An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/setcfm funcpara1 parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. 2020-05-22 7.5 CVE-2020-13392
    MISC
    MISC
    tenda -- multiple_routers
     
    An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetNetControlList list parameter for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. 2020-05-22 7.5 CVE-2020-13394
    MISC
    MISC
    tenda -- multiple_routers
     
    An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/saveParentControlInfo deviceId and time parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. 2020-05-22 7.5 CVE-2020-13393
    MISC
    MISC
    tenda -- multiple_routers
     
    An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetSpeedWan speed_dir parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. 2020-05-22 7.5 CVE-2020-13391
    MISC
    MISC
    tenda -- multiple_routers
     
    An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/addressNat entrys and mitInterface parameters for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. 2020-05-22 7.5 CVE-2020-13390
    MISC
    MISC
    tenda -- multiple_routers
     
    An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/openSchedWifi schedStartTime and schedEndTime parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. 2020-05-22 7.5 CVE-2020-13389
    MISC
    MISC
    trend_micro -- interscan_web_security_virtual_appliance
     
    A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance. 2020-05-27 7.5 CVE-2020-8606
    MISC
    MISC
    ubiquiti -- airmax_xm_and_xw_and_ti_series_devices We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:There are certain end-points containing functionalities that are vulnerable to command injection. It is possible to craft an input string that passes the filter check but still contains commands, resulting in remote code execution.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page. 2020-05-26 7.5 CVE-2020-8171
    MISC
    MISC
    MISC
    vim -- vim
     
    In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). 2020-05-28 10 CVE-2019-20807
    MISC
    MISC
    wordpress -- wordpress
     
    An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled. 2020-05-29 7.5 CVE-2020-13693
    MISC
    MISC
    MISC
    Back to top

     

    Medium Vulnerabilities

    Primary
    Vendor -- Product
    Description Published CVSS Score Source & Patch Info
    aviatrix -- controller
     
    An issue was discovered in Aviatrix Controller through 5.1. An attacker with any signed SAML assertion from the Identity Provider can establish a connection (even if that SAML assertion has expired or is from a user who is not authorized to access Aviatrix), aka XML Signature Wrapping. 2020-05-22 5 CVE-2020-13415
    MISC
    aviatrix -- controller
     
    An issue was discovered in Aviatrix Controller before 5.4.1204. An API call on the web interface lacked a session token check to control access, leading to CSRF. 2020-05-22 6.8 CVE-2020-13412
    MISC
    aviatrix -- controller
     
    An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by the software. 2020-05-22 5 CVE-2020-13414
    MISC
    aviatrix -- controller
     
    An issue was discovered in Aviatrix Controller before 5.4.1204. There is a Observable Response Discrepancy from the API, which makes it easier to perform user enumeration via brute force. 2020-05-22 5 CVE-2020-13413
    MISC
    aviatrix -- controller
     
    An issue was discovered in Aviatrix Controller before 5.4.1066. A Controller Web Interface session token parameter is not required on an API call, which opens the application up to a Cross Site Request Forgery (CSRF) vulnerability for password resets. 2020-05-22 4.3 CVE-2020-13416
    MISC
    axel -- axel An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification. 2020-05-26 4.3 CVE-2020-13614
    MISC
    MISC
    centreon -- centreon
     
    Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget. 2020-05-27 4.3 CVE-2020-10946
    MISC
    centreon -- centreon
     
    Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to host-monitoring/src/toolbar.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget. 2020-05-27 4.3 CVE-2020-13628
    MISC
    centreon -- centreon
     
    Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget. 2020-05-27 4.3 CVE-2020-13627
    MISC
    cisco -- amp_for_endpoints_mac_connector
     
    A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP Connector and a denial of service (DoS) condition of the Cisco AMP for Endpoints service. The vulnerability is due to insufficient input validation of specific file attributes. An attacker could exploit this vulnerability by providing a crafted file to a user of an affected system. A successful exploit could allow the attacker to cause the Cisco AMP for Endpoints service to crash, resulting in missed detection and logging of the potentially malicious file. Continued attempts to scan the file could result in a DoS condition of the Cisco AMP for Endpoints service. 2020-05-22 5.8 CVE-2020-3314
    CISCO
    cisco -- prime_collaboration_provisioning_software
     
    A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates user input for specific SQL queries. An attacker could exploit this vulnerability by authenticating to the application with valid administrative credentials and sending malicious requests to an affected system. A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, or delete information from the database that they are not authorized to delete. 2020-05-22 6.5 CVE-2020-3184
    CISCO
    drupal -- drupal
     
    An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. This can be mitigated by disabling the Workspaces module. It does not affect any release other than Drupal 8.7.4. 2020-05-28 6.8 CVE-2019-6342
    CONFIRM
    em-http_request -- em-http-request
     
    EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified. 2020-05-25 6.8 CVE-2020-13482
    MISC
    epson -- eb-1470ui_devices An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. A specially crafted series of HTTP requests can cause authentication bypass resulting in information disclosure. An attacker can send an HTTP request to trigger this vulnerability. 2020-05-22 6.4 CVE-2020-6091
    MISC
    ffipeg -- ffipeg ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c. 2020-05-24 4.3 CVE-2020-13439
    MISC
    ffipeg -- ffipeg ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c. 2020-05-24 4.3 CVE-2020-13438
    MISC
    ffipeg -- ffipeg ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c. 2020-05-24 4.3 CVE-2020-13440
    MISC
    fork -- fork_cms
     
    Fork before 5.8.3 allows XSS via navigation_title or title. 2020-05-27 4.3 CVE-2020-13633
    MISC
    freerdp -- freerdp In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0. 2020-05-29 4 CVE-2020-11018
    CONFIRM
    freerdp -- freerdp
     
    In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0. 2020-05-29 5 CVE-2020-11017
    CONFIRM
    gnome -- glib-networking In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate verification. Applications that fail to provide the server identity, including Balsa before 2.5.11 and 2.6.x before 2.6.1, accept a TLS certificate if the certificate is valid for any host. 2020-05-28 6.4 CVE-2020-13645
    MISC
    MISC
    grafana_labs -- grafana
     
    Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource. 2020-05-24 4.3 CVE-2020-13430
    MISC
    MISC
    CONFIRM
    ibm -- business_automation_workflow
     
    IBM Business Automation Workflow 18 and 19, and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a vitcim to a phishing site. IBM X-Force ID: 181989 2020-05-29 5.8 CVE-2020-4490
    XF
    CONFIRM
    ibm -- mobilefirst_platform_foundation
     
    IBM MobileFirst Platform Foundation 8.0.0.0 stores highly sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 175207. 2020-05-27 5 CVE-2020-4226
    XF
    CONFIRM
    ibm -- mq_for_hpe_nonstop
     
    IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when running in restricted mode. IBM X-Force ID: 178427. 2020-05-29 4.4 CVE-2020-4352
    XF
    CONFIRM

    ibm -- security_identity_governance_and_intelligence

    IBM Security Identity Governance and Intelligence 5.2.6 could disclose highly sensitive information to other authenticated users on the sytem due to incorrect authorization. IBM X-Force ID: 175485. 2020-05-28 4 CVE-2020-4249
    XF
    CONFIRM

    ibm -- security_identity_governance_and_intelligence

    IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 175484. 2020-05-28 4 CVE-2020-4248
    XF
    CONFIRM

    ibm -- security_identity_governance_and_intelligence

    IBM Security Identity Governance and Intelligence 5.2.6 could allow an authenticated user to perform unauthorized commands due to hazardous input validation. IBM X-Force ID: 175335. 2020-05-28 4 CVE-2020-4231
    XF
    CONFIRM

    ibm -- security_identity_governance_and_intelligence

    IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM X-Force ID: 175360. 2020-05-28 5 CVE-2020-4233
    XF
    CONFIRM

    ibm -- security_identity_governance_and_intelligence

    IBM Security Identity Governance and Intelligence 5.2.6 could allow an unauthorized user to obtain sensitive information through user enumeration. IBM X-Force ID: 175422. 2020-05-28 5 CVE-2020-4244
    XF
    CONFIRM

    ibm -- security_identity_governance_and_intelligence

    IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 175423. 2020-05-28 5 CVE-2020-4245
    XF
    CONFIRM
    ibm -- security_identity_governance_and_intelligence
     
    IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credentials which could be used to attempt further attacks against the system. IBM X-Force ID: 175336. 2020-05-28 5 CVE-2020-4232
    XF
    CONFIRM
    ibm -- security_identity_governance_and_intelligence
     
    IBM Security Identity Governance and Intelligence 5.2.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 175481. 2020-05-28 5.5 CVE-2020-4246
    XF
    CONFIRM

    ibm -- spectrum_scale

    IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178424. 2020-05-27 5 CVE-2020-4350
    XF
    CONFIRM
    ibm -- spectrum_scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command. IBM X-Force ID: 179157. 2020-05-27 4 CVE-2020-4378
    XF
    CONFIRM
    ibm -- spectrum_scale
     
    IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178423. 2020-05-27 5 CVE-2020-4349
    XF
    CONFIRM
    ibm -- spectrum_scale
     
    IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 178761. 2020-05-27 4 CVE-2020-4357
    XF
    CONFIRM
    ibm -- spectrum_scale
     
    IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force ID: 178414 2020-05-27 4 CVE-2020-4348
    XF
    CONFIRM
    ibm -- spectrum_scale
     
    IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179158. 2020-05-27 5 CVE-2020-4379
    XF
    CONFIRM
    jerryscript -- jerryscript JerryScript 2.2.0 allows attackers to cause a denial of service (stack consumption) via a proxy operation. 2020-05-27 5 CVE-2020-13623
    MISC
    jerryscript -- jerryscript
     
    parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure. 2020-05-28 5 CVE-2020-13649
    MISC
    MISC
    MISC
    jerryscript -- jerryscript
     
    JerryScript 2.2.0 allows attackers to cause a denial of service (assertion failure) because a property key query for a Proxy object returns unintended data. 2020-05-27 5 CVE-2020-13622
    MISC
    MISC
    joomla! -- joomla!
     
    The XCloner component before 3.5.4 for Joomla! allows Authenticated Local File Disclosure. 2020-05-23 4 CVE-2020-13424
    MISC
    kaminari -- kaminari In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1. 2020-05-28 4.3 CVE-2020-11082
    MISC
    MISC
    CONFIRM
    linux -- linux_kernel
     
    An issue was discovered in the Linux kernel before 5.2. There is a NULL pointer dereference in tw5864_handle_frame() in drivers/media/pci/tw5864/tw5864-video.c, which may cause denial of service, aka CID-2e7682ebfc75. 2020-05-27 5 CVE-2019-20806
    MISC
    MISC
    MISC
    linux -- linux_kernel
     
    A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service. 2020-05-22 5 CVE-2020-10711
    CONFIRM
    CONFIRM
    meinheld -- meinheld meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing. 2020-05-22 4.3 CVE-2020-7658
    MISC
    MISC
    monstra -- monstra_cms Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048. 2020-05-22 6.5 CVE-2020-13384
    MISC
    mozilla -- firefox
     
    Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox < 76. 2020-05-26 5 CVE-2020-12391
    MISC
    MISC
    mozilla -- firefox_and_firefox_esr_and_thunderbird
     
    A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. 2020-05-26 6.8 CVE-2020-12387
    MISC
    MISC
    MISC
    MISC
    mozilla -- firefox_and_firefox_esr_and_thunderbird
     
    The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. 2020-05-26 4.6 CVE-2020-12393
    MISC
    MISC
    MISC
    MISC
    mozilla -- firefox_for_ios
     
    For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token was being used for JS-to-native also, but it isn't needed in this case, and its usage was also leaking this token. This vulnerability affects Firefox for iOS < 25. 2020-05-26 5 CVE-2020-6830
    MISC
    MISC
    mozilla -- thunderbird
     
    By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird < 68.8.0. 2020-05-22 4.3 CVE-2020-12397
    MISC
    MISC
    netgear -- multiple_devices
     
    Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10, and possibly R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500, and R7000P. 2020-05-28 4.3 CVE-2020-13245
    MISC
    MISC
    netqmail -- netqmail
     
    qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability. 2020-05-26 5 CVE-2020-3811
    CONFIRM
    MISC
    CONFIRM
    pi-hole -- pi-hole
     
    Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease. 2020-05-29 6.5 CVE-2020-8816
    CONFIRM
    MISC
    pichi -- pichi
     
    The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification. 2020-05-26 4.3 CVE-2020-13616
    MISC
    MISC
    pixel_&_tonic -- craft_cms The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection. 2020-05-25 5.8 CVE-2020-13486
    MISC
    pixel_&_tonic -- craft_cms
     
    The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header. 2020-05-25 6.4 CVE-2020-13485
    MISC
    MISC
    pixel_&_tonic -- craft_cms
     
    An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action. 2020-05-25 6.8 CVE-2020-13458
    MISC
    protocol_labs -- aegir
     
    In AEgir greater than or equal to 21.7.0 and less than 21.10.1, aegir publish and aegir build may leak secrets from environment variables in the browser bundle published to npm. This has been fixed in 21.10.1. 2020-05-27 5 CVE-2020-11059
    CONFIRM
    puma_gem_for_ruby_on_rails -- puma_gem_for_ruby_on_rails In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5. 2020-05-22 5 CVE-2020-11077
    MISC
    CONFIRM
    puma_gem_for_ruby_on_rails -- puma_gem_for_ruby_on_rails
     
    In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4. 2020-05-22 5 CVE-2020-11076
    MISC
    MISC
    CONFIRM
    qore -- qore
     
    lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification for X.509 certificates. 2020-05-26 4.3 CVE-2020-13615
    MISC
    MISC
    red_hat -- undertow A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling. 2020-05-26 6.4 CVE-2020-10719
    CONFIRM
    sqlite -- sqlite
     
    SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. 2020-05-24 5 CVE-2020-13435
    CONFIRM
    MISC
    sqlite -- sqlite
     
    SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. 2020-05-24 5 CVE-2020-13434
    MLIST
    CONFIRM
    MISC
    MISC
    sqlite -- sqlite
     
    SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. 2020-05-27 5 CVE-2020-13631
    MISC
    MISC
    sqlite -- sqlite
     
    ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. 2020-05-27 5 CVE-2020-13632
    MISC
    MISC

    teradici -- pcoip_standard_agent_for_windows_and_pcoip_graphics_agent_for_windows

    Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe. 2020-05-28 4.6 CVE-2020-13173
    CONFIRM
    trackr -- multiple_devices
     
    TrackR devices through 2020-05-06 allow attackers to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted. 2020-05-23 6.8 CVE-2020-13425
    MISC
    trend_micro -- interscan_web_security_virtual_appliance A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations. Authentication is required to exploit this vulnerability. 2020-05-27 6.5 CVE-2020-8605
    MISC
    MISC
    trend_micro -- interscan_web_security_virtual_appliance A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations. 2020-05-27 5 CVE-2020-8604
    MISC
    MISC
    trend_micro -- interscan_web_security_virtual_appliance
     
    A cross-site scripting vulnerability (XSS) in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web interface of affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. 2020-05-27 4.3 CVE-2020-8603
    MISC
    MISC
    ubiquiti -- airmax_xm_and_xw_and_ti_series_devices
     
    We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Multiple end-points with parameters vulnerable to reflected cross site scripting (XSS), allowing attackers to abuse the user' session information and/or account takeover of the admin user.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page. 2020-05-26 4.3 CVE-2020-8170
    MISC
    MISC
    MISC
    ubiquiti -- airmax_xm_and_xw_and_ti_series_devices
     
    We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Attackers can abuse multiple end-points not protected against cross-site request forgery (CSRF), as a result authenticated users can be persuaded to visit malicious web pages, which allows attackers to perform arbitrary actions, such as downgrade the device's firmware to older versions, modify configuration, upload arbitrary firmware, exfiltrate files and tokens.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page. 2020-05-26 6.8 CVE-2020-8168
    MISC
    MISC
    MISC
    MISC
    MISC
    wordpress -- wordpress An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The action_builder_content function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The panels_data $_POST variable allows for malicious JavaScript to be executed in the victim's browser. 2020-05-28 6.8 CVE-2020-13642
    MISC
    MISC
    wordpress -- wordpress
     
    An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The live editor feature did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The live_editor_panels_data $_POST variable allows for malicious JavaScript to be executed in the victim's browser. 2020-05-28 6.8 CVE-2020-13643
    MISC
    MISC
    wordpress -- wordpress
     
    An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress. The far_options_page function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The find and replace rules could be updated with malicious JavaScript, allowing for that be executed later in the victims browser. 2020-05-28 6.8 CVE-2020-13641
    MISC
    MISC
    wordpress -- wordpress
     
    The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for CVE-2020-12077. 2020-05-29 6.5 CVE-2020-12675
    MISC
    MISC
    youhua -- windows_master
     
    In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xF1002558 2020-05-29 6.1 CVE-2020-13634
    MISC
    MISC
    Back to top

     

    Low Vulnerabilities

    Primary
    Vendor -- Product
    Description Published CVSS Score Source & Patch Info
    centreon -- centreon
     
    Centreon before 19.10.7 exposes Session IDs in server responses. 2020-05-27 3.3 CVE-2020-10945
    MISC
    cisco -- endpoints_linux_connector_software_and_endpoints_mac_connector_software
     
    A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted packet to an affected device. A successful exploit could allow the attacker to cause the Cisco AMP for Endpoints service to crash and restart. 2020-05-22 2.1 CVE-2020-3344
    CISCO
    cisco -- endpoints_linux_connector_software_and_endpoints_mac_connector_software
     
    A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted packet to an affected device. A successful exploit could allow the attacker to cause the Cisco AMP for Endpoints service to crash and restart. 2020-05-22 2.1 CVE-2020-3343
    CISCO
    cmsmadesimple -- cms_made_simple
     
    CMS Made Simple through 2.2.14 allows XSS via a crafted File Picker profile name. 2020-05-28 3.5 CVE-2020-13660
    MISC
    MISC
    cybozu -- kinton_mobile_for_android
     
    Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors. 2020-05-29 2.1 CVE-2020-5573
    MISC
    MISC
    cybozu -- mailwise_for_android
     
    Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecified vectors. 2020-05-29 2.1 CVE-2020-5572
    MISC
    MISC
    dell -- client_consumer_and_commercial_docking_stations
     
    Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The vulnerability is limited to the Dell Dock Firmware Update Utilities during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers. 2020-05-28 2.6 CVE-2020-5357
    MISC
    freerdp -- freerdp
     
    An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c. 2020-05-22 2.1 CVE-2020-13396
    MISC
    MISC
    MISC
    freerdp -- freerdp
     
    An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c. 2020-05-22 2.1 CVE-2020-13398
    MISC
    MISC
    MISC
    freerdp -- freerdp
     
    An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value. 2020-05-22 2.1 CVE-2020-13397
    MISC
    MISC
    MISC
    grafana_labs -- grafana
     
    legend.ts in the piechart-panel (aka Pie Chart Panel) plugin before 1.5.0 for Grafana allows XSS via the Values Header (aka legend header) option. 2020-05-24 3.5 CVE-2020-13429
    MISC
    MISC
    huawei -- p30_smartphones
     
    HUAWEI P30 smartphones with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. A logic error occurs when handling NFC work, an attacker should establish a NFC connection to the target phone, and then do a series of operations on the target phone. Successful exploit could allow a guest user do certain operation which is beyond the guest user's privilege. 2020-05-29 2.1 CVE-2020-1798
    CONFIRM
    ibm -- jazz_reporting_service
     
    IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 180071. 2020-05-28 3.5 CVE-2020-4419
    XF
    CONFIRM
    ibm -- planning_analytics_local
     
    IBM Planning Analytics Local 2.0.0 through 2.0.9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176735. 2020-05-29 3.5 CVE-2020-4306
    XF
    CONFIRM
    ibm -- spectrum_scale
     
    IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 178762. 2020-05-27 3.5 CVE-2020-4358
    XF
    CONFIRM
    mozilla -- firefox
     
    A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulnerability affects Firefox < 76. 2020-05-26 2.1 CVE-2020-12394
    MISC
    MISC
    mozilla -- firefox_and_firefox_esr_and_thunderbird
     
    The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. 2020-05-26 2.1 CVE-2020-12392
    MISC
    MISC
    MISC
    MISC
    netqmail -- netqmail
     
    qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. A local attacker can test for the existence of files and directories anywhere in the filesystem because qmail-verify runs as root and tests for the existence of files in the attacker's home directory, without dropping its privileges first. 2020-05-26 2.1 CVE-2020-3812
    CONFIRM
    MISC
    CONFIRM
    ocproducts -- composr
     
    Composr 10.0.30 allows Persistent XSS via a Usergroup name under the Security configuration. 2020-05-22 3.5 CVE-2020-8789
    MISC
    FULLDISC
    pixel_&_tonic -- craft_cms An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action. 2020-05-25 3.5 CVE-2020-13459
    MISC
    qemu -- qemu
     
    sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process. 2020-05-27 2.1 CVE-2020-13253
    CONFIRM
    CONFIRM
    MISC
    qemu -- qemu
     
    In QEMU 4.2.0, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation. 2020-05-28 2.1 CVE-2020-13361
    CONFIRM
    MISC
    qemu -- qemu
     
    In QEMU 4.2.0, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user. 2020-05-28 2.1 CVE-2020-13362
    CONFIRM
    MISC
    MISC
    wordpress -- wordpress The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. An administrator can exploit this at the wp-admin/post.php?action=edit URI. 2020-05-26 3.5 CVE-2020-13487
    MISC
    MISC
    MISC
    MISC
    wordpress -- wordpress
     
    An issue was discovered in the Accordion plugin before 2.2.9 for WordPress. The unprotected AJAX wp_ajax_accordions_ajax_import_json action allowed any authenticated user with Subscriber or higher permissions the ability to import a new accordion and inject malicious JavaScript as part of the accordion. 2020-05-28 3.5 CVE-2020-13644
    MISC
    MISC
    Back to top

     

    Severity Not Yet Assigned

    Primary
    Vendor -- Product
    Description Published CVSS Score Source & Patch Info
    abb -- device_library_wizard
     
    Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data 2020-05-29 not yet calculated CVE-2020-8482
    CONFIRM
    anchore -- engine
     
    In Anchore Engine version 0.7.0, a specially crafted container image manifest, fetched from a registry, can be used to trigger a shell escape flaw in the anchore engine analyzer service during an image analysis process. The image analysis operation can only be executed by an authenticated user via a valid API request to anchore engine, or if an already added image that anchore is monitoring has its manifest altered to exploit the same flaw. A successful attack can be used to execute commands that run in the analyzer environment, with the same permissions as the user that anchore engine is run as - including access to the credentials that Engine uses to access its own database which have read-write ability, as well as access to the running engien analyzer service environment. By default Anchore Engine is released and deployed as a container where the user is non-root, but if users run Engine directly or explicitly set the user to 'root' then that level of access may be gained in the execution environment where Engine runs. This issue is fixed in version 0.7.1. 2020-05-27 not yet calculated CVE-2020-11075
    MISC
    MISC
    MISC
    CONFIRM
    freerdp -- freerdp
     
    In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11089
    MISC
    MISC
    CONFIRM
    freerdp -- freerdp
     
    In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11088
    MISC
    CONFIRM
    freerdp -- freerdp
     
    In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11086
    MISC
    CONFIRM
    freerdp -- freerdp
     
    In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11085
    MISC
    CONFIRM
    freerdp -- freerdp
     
    In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11043
    CONFIRM
    freerdp -- freerdp
     
    In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). The most likely outcome is a crash of the client instance followed by no or distorted sound or a session disconnect. If a user cannot upgrade to the patched version, a workaround is to disable sound for the session. This has been patched in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11041
    CONFIRM
    freerdp -- freerdp
     
    In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11040
    CONFIRM
    freerdp -- freerdp
     
    In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11039
    CONFIRM
    freerdp -- freerdp
     
    In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists. When using /video redirection, a manipulated server can instruct the client to allocate a buffer with a smaller size than requested due to an integer overflow in size calculation. With later messages, the server can manipulate the client to write data out of bound to the previously allocated buffer. This has been patched in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11038
    CONFIRM
    freerdp -- freerdp
     
    In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11019
    CONFIRM
    freerdp -- freerdp
     
    In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11087
    MISC
    CONFIRM
    huawei -- cloudengine_12800_products
     
    CloudEngine 12800 products with versions of V200R019C00, V200R019C10SPC800, V200R019C00SPC600, V200R019C10; and CloudEngine 6800 products with versions of V200R019C00SPC800 have a denial of service vulnerability. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. 2020-05-29 not yet calculated CVE-2020-1870
    CONFIRM
    huawei -- e6878-370_products
     
    E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow vulnerability. The program copies an input buffer to an output buffer without verification. An attacker in the adjacent network could send a crafted message, successful exploit could lead to stack buffer overflow which may cause malicious code execution. 2020-05-29 not yet calculated CVE-2020-1832
    CONFIRM
    huawei -- honor_9x_smartphones
     
    Honor 9X smartphones with versions earlier than 9.1.1.172(C00E170R8P1) have an improper authentication vulnerability. A logic error occurs when handling clock function, an attacker should do a series of crafted operations quickly before the phone is unlocked, successful exploit could allow the attacker to access clock information without unlock the phone. 2020-05-29 not yet calculated CVE-2020-1833
    CONFIRM
    huawei -- mate_10_smartphones
     
    HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information disclosure vulnerability. The attacker could wake up voice assistant then do a series of crafted voice operation, successful exploit could allow the attacker read certain files without unlock the phone leading to information disclosure. 2020-05-29 not yet calculated CVE-2020-1809
    CONFIRM
    huawei -- mate_20_smartphones
     
    HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper authorization vulnerability. The digital balance function does not sufficiently restrict the using time of certain user, successful exploit could allow the user break the limit of digital balance function after a series of operations with a PC. 2020-05-29 not yet calculated CVE-2020-1831
    CONFIRM
    huawei -- mate_20_smartphones
     
    HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system does not properly restrict certain operation in ADB mode, successful exploit could allow certain user break the limit of digital balance function. 2020-05-29 not yet calculated CVE-2020-1797
    CONFIRM
    kantech -- entrapass_editions
     
    A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files. 2020-05-26 not yet calculated CVE-2020-9046
    CONFIRM
    CERT
    linux -- linux_kernel
     
    A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages within the skb with the granted permission without further processing. 2020-05-26 not yet calculated CVE-2020-10751
    MLIST
    CONFIRM
    CONFIRM
    CONFIRM
    CONFIRM
    micro_focus -- service_management_automation
     
    There is an Incorrect Authorization vulnerability in Micro Focus Service Management Automation (SMA) product affecting version 2018.05 to 2020.02. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation. 2020-05-29 not yet calculated CVE-2020-11844
    CONFIRM
    mulesoft -- mule_ce/ee
     
    A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion. 2020-05-29 not yet calculated CVE-2020-6937
    CONFIRM
    oddjob-mkhomedir -- oddjob-mkhomedir
     
    A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the homedir path. This flaw allows an attacker to leverage this issue by creating a symlink point to a target folder, which then has its ownership transferred to the new home directory's unprivileged user. 2020-05-27 not yet calculated CVE-2020-10737
    CONFIRM
    CONFIRM
    smartdraw -- smartdraw_2020
     
    In SmartDraw 2020 27.0.0.0, the installer gives inherited write permissions to the Authenticated Users group on the SmartDraw 2020 installation folder. Additionally, when the product is installed, two scheduled tasks are created on the machine, SDMsgUpdate (Local) and SDMsgUpdate (TE). The scheduled tasks run in the context of the user who installed the product. Both scheduled tasks attempt to run the same binary, C:\SmartDraw 2020\Messages\SDNotify.exe. The folder Messages doesn't exist by default and (by extension) neither does SDNotify.exe. Due to the weak folder permissions, these can be created by any user. A malicious actor can therefore create a malicious SDNotify.exe binary, and have it automatically run, whenever the user who installed the product logs on to the machine. The malicious SDNotify.exe could, for example, create a new local administrator account on the machine. 2020-05-27 not yet calculated CVE-2020-13386
    MISC
    swarcos -- cpu_ls4000_series_devices
     
    An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device without access control via network. A malicious user could use this vulnerability to get access to the device and disturb operations with connected devices. 2020-05-29 not yet calculated CVE-2020-12493
    CONFIRM
    synk-broker -- synk-broker

     
    All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users with access to Snyk's internal network by creating symlinks to match whitelisted paths. 2020-05-29 not yet calculated CVE-2020-7653
    MISC
    MISC
    synk-broker -- synk-broker

     
    All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG. 2020-05-29 not yet calculated CVE-2020-7654
    MISC
    MISC
    synk-broker -- synk-broker

     
    All versions of snyk-broker before 4.79.0 are vulnerable to Arbitrary File Read. It allows partial file reads for users who have access to Snyk's internal network via patch history from GitHub Commits API. 2020-05-29 not yet calculated CVE-2020-7651
    MISC
    MISC
    synk-broker -- synk-broker

     
    All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users with access to Snyk's internal network via directory traversal. 2020-05-29 not yet calculated CVE-2020-7652
    MISC
    MISC
    synk-broker -- synk-broker

     
    All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. It allows arbitrary file reads to users with access to Snyk's internal network of any files ending in the following extensions: yaml, yml or json. 2020-05-29 not yet calculated CVE-2020-7650
    MISC
    MISC
    synk-broker -- synk-broker
     
    All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users who have access to Snyk's internal network by appending the URL with a fragment identifier and a whitelisted path e.g. `#package.json` 2020-05-29 not yet calculated CVE-2020-7648
    MISC
    MISC
    vivotek -- network_cameras
     
    VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). For example, this affects IT9388-HT devices. 2020-05-28 not yet calculated CVE-2020-11950
    CONFIRM
    vivotek -- network_cameras
     
    testserver.cgi of the web service on VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera's local filesystem. For example, this affects IT9388-HT devices. 2020-05-28 not yet calculated CVE-2020-11949
    CONFIRM
    vmware -- multiple_products
     
    VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC and Horizon Client are installed. 2020-05-29 not yet calculated CVE-2020-3957
    CONFIRM
    vmware -- multiple_products
     
    VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.5.2) and VMware Fusion (11.x before 11.5.2) contain a denial-of-service vulnerability in the shader functionality. Successful exploitation of this issue may allow attackers with non-administrative access to a virtual machine to crash the virtual machine's vmx process leading to a denial of service condition. 2020-05-29 not yet calculated CVE-2020-3958
    CONFIRM
    vmware -- multiple_products
     
    VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.1.0) and VMware Fusion (11.x before 11.1.0) contain a memory leak vulnerability in the VMCI module. A malicious actor with local non-administrative access to a virtual machine may be able to crash the virtual machine's vmx process leading to a partial denial of service. 2020-05-29 not yet calculated CVE-2020-3959
    CONFIRM
    Back to top

    This product is provided subject to this Notification and this Privacy & Use policy.

  • Original release date: May 29, 2020

    VMware has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system.

    The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the VMware Security Advisory VMSA-2020-0011 and apply the necessary updates.

    This product is provided subject to this Notification and this Privacy & Use policy.

  • Original release date: May 29, 2020

    Cisco has released security updates to address SaltStack FrameWork vulnerabilities in Cisco Modeling Labs Corporate Edition (CML) and Virtual Internet Routing Lab Personal Edition (VIRL-PE). A remote attacker could exploit these vulnerabilities to take control of an affected system.

    The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates or workaround.

     

    This product is provided subject to this Notification and this Privacy & Use policy.