We are constantly interested in the latest and up-to-date technology.
As we move forward with the software development we will continue to use new technologies to improve our products and the customer experience. And we will continue to develop our solutions with both new functionality and increasing integration with the latest major platforms.
As the growing market shares and interests in the I.T. virtualization, we tailored the unique virtualization solution vFleXtor using proven, modern up-to-date technology.
Timely information about security topics and threats:
CISA All NCAS Products
CISA All NCAS Products
- Original release date: June 5, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) is aware of publicly available and functional proof-of-concept (PoC) code that exploits CVE-2020-0796 in unpatched systems. Although Microsoft disclosed and provided updates for this vulnerability in March 2020, malicious cyber actors are targeting unpatched systems with the new PoC, according to recent open-source reports. CISA strongly recommends using a firewall to block SMB ports from the internet and to apply patches to critical- and high-severity vulnerabilities as soon as possible.
CISA also encourages users and administrators to review the following resources and apply the necessary updates or workarounds.
- Microsoft Security Guidance for CVE-2020-0796
- Microsoft Advisory ADV200005
- CERT Coordination Center?s Vulnerability Note VU#872016
This product is provided subject to this Notification and this Privacy & Use policy.
- Original release date: June 4, 2020
Google has released Chrome version 83.0.4103.97 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Chrome Release and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
- Original release date: June 4, 2020
Cisco has released security updates to address vulnerabilities in multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco security advisories page and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
- Original release date: June 3, 2020 | Last revised: June 5, 2020
Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisories for Firefox 77, Firefox ESR 68.9, and Thunderbird 68.9.0 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
- Original release date: June 2, 2020
Cisco has released security updates to address a vulnerability in NX-OS Software. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates or workarounds.
This product is provided subject to this Notification and this Privacy & Use policy.
- Original release date: June 2, 2020
Apple has released security updates to address a vulnerability in multiple products. An attacker could exploit this vulnerability to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Apple security pages for the following products and apply the necessary updates:
- macOS Catalina 10.15.5 Supplemental Update, Security Update 2020-003 High Sierra
- tvOS 13.4.6 for Apple TV 4K and Apple TV HD
- watchOS 6.2.6 for Apple Watch Series 1 and later
- iOS 13.5.1 and iPadOS 13.5.1
This product is provided subject to this Notification and this Privacy & Use policy.
- Original release date: June 1, 2020
June 1 marks the official start of the 2020 Atlantic hurricane season. The Cybersecurity and Infrastructure Security Agency (CISA) warns users to remain on alert for malicious cyber activity targeting potential disaster victims and charitable donors following a hurricane. Fraudulent emails?often containing malicious links or attachments?are common after major natural disasters. Exercise caution in handling emails with hurricane-related subject lines, attachments, or hyperlinks. In addition, be wary of social media pleas, texts, or door-to-door solicitations relating to severe weather events.
To avoid becoming victims of malicious activity, users and administrators should review the following resources and take preventative measures.
- Staying Alert to Disaster-related Scams
- Before Giving to a Charity
- Staying Safe on Social Networking Sites
- Avoiding Social Engineering and Phishing Attacks
- Using Caution with Email Attachments
If you believe you have been a victim of cybercrime, file a complaint with the Federal Bureau of Investigation?s Internet Crime Complaint Center (IC3) at www.ic3.gov.
This product is provided subject to this Notification and this Privacy & Use policy.
- Original release date: June 1, 2020
High Vulnerabilities
Back to topPrimary
Vendor -- ProductDescription Published CVSS Score Source & Patch Info adminpanel -- adminplanel
Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php hidden parameter. 2020-05-24 7.5 CVE-2020-13433
MISC
MISCapache -- kylin
Kylin has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation. 2020-05-22 9 CVE-2020-1956
MISCaviatrix -- vpn_client
An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters. 2020-05-22 7.5 CVE-2020-13417
MISCbosch -- recording_station
Improper Access Control in the Kiosk Mode functionality of Bosch Recording Station allows a local unauthenticated attacker to escape from the Kiosk Mode and access the underlying operating system. 2020-05-27 7.2 CVE-2020-6774
MISCcisco -- prime_network_registrar
A vulnerability in the DHCP server of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient input validation of incoming DHCP traffic. An attacker could exploit this vulnerability by sending a crafted DHCP request to an affected device. A successful exploit could allow the attacker to cause a restart of the DHCP server process, causing a DoS condition. 2020-05-22 7.8 CVE-2020-3272
CISCOcisco -- unified_contact_center_express
A vulnerability in the Java Remote Management Interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a malicious serialized Java object to a specific listener on an affected system. A successful exploit could allow the attacker to execute arbitrary code as the root user on an affected device. 2020-05-22 10 CVE-2020-3280
CISCOcybozu -- cybozu_desktop_for_windows
Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors. 2020-05-25 7.5 CVE-2020-5537
JVN
MISC
MISCdext5 -- dext5_upload A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext5uploadeddata/. 2020-05-25 7.5 CVE-2020-13442
MISCdns-sync -- dns-sync
node-dns-sync (npm module dns-sync) through 0.2.0 allows execution of arbitrary commands . This issue may lead to remote code execution if a client of the library calls the vulnerable method with untrusted input. This has been fixed in 0.2.1. 2020-05-28 7.5 CVE-2020-11079
MISC
CONFIRMkaoni -- ezhttptrans
Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download and execute arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution. 2020-05-22 7.5 CVE-2020-7813
MISC
MISCkaoni -- ezhttptrans
Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution by rebooting the victim?s PC. 2020-05-28 7.5 CVE-2020-7812
MISC
MISClenovo -- lj4010dn_devices
A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, preventing subsequent print jobs until the printer is rebooted. 2020-05-28 7.8 CVE-2020-8330
CONFIRMlenovo -- lj4010dn_devices
A denial of service vulnerability was reported in the firmware prior to version 1.01 used in Lenovo Printer LJ4010DN that could be triggered by a remote user sending a crafted packet to the device, causing an error to be displayed and preventing printer from functioning until the printer is rebooted. 2020-05-28 7.8 CVE-2020-8329
CONFIRMmozilla -- firefox Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76. 2020-05-26 7.5 CVE-2020-12390
MISC
MISCmozilla -- firefox
Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 76. 2020-05-26 7.5 CVE-2020-12396
MISC
MISCmozilla -- firefox_and_firefox_esr
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76. 2020-05-26 7.5 CVE-2020-12389
MISC
MISC
MISCmozilla -- firefox_and_firefox_esr
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76. 2020-05-26 7.5 CVE-2020-12388
MISC
MISC
MISC
MISCmozilla -- firefox_and_firefox_esr_and_thunderbird
Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. 2020-05-26 10 CVE-2020-12395
MISC
MISC
MISC
MISCmozilla -- firefox_and_firefox_esr_and_thunderbird
A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. 2020-05-26 7.5 CVE-2020-6831
MISC
MISC
MISC
MISCpython -- python
An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python. When loading a configuration with FromString or FromStream with YAML, one can execute arbitrary Python code, resulting in OS command execution, because safe_load is not used. 2020-05-22 7.5 CVE-2020-13388
MISC
MISC
CONFIRMsqlite -- sqlite
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. 2020-05-27 7.5 CVE-2020-13630
MISC
MISCsympa -- sympa
Sympa before 6.2.56 allows privilege escalation. 2020-05-27 7.2 CVE-2020-10936
MISC
MISC
MISCtenda -- multiple_routers
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/setcfm funcpara1 parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. 2020-05-22 7.5 CVE-2020-13392
MISC
MISCtenda -- multiple_routers
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetNetControlList list parameter for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. 2020-05-22 7.5 CVE-2020-13394
MISC
MISCtenda -- multiple_routers
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/saveParentControlInfo deviceId and time parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. 2020-05-22 7.5 CVE-2020-13393
MISC
MISCtenda -- multiple_routers
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetSpeedWan speed_dir parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. 2020-05-22 7.5 CVE-2020-13391
MISC
MISCtenda -- multiple_routers
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/addressNat entrys and mitInterface parameters for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. 2020-05-22 7.5 CVE-2020-13390
MISC
MISCtenda -- multiple_routers
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/openSchedWifi schedStartTime and schedEndTime parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. 2020-05-22 7.5 CVE-2020-13389
MISC
MISCtrend_micro -- interscan_web_security_virtual_appliance
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance. 2020-05-27 7.5 CVE-2020-8606
MISC
MISCubiquiti -- airmax_xm_and_xw_and_ti_series_devices We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:There are certain end-points containing functionalities that are vulnerable to command injection. It is possible to craft an input string that passes the filter check but still contains commands, resulting in remote code execution.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page. 2020-05-26 7.5 CVE-2020-8171
MISC
MISC
MISCvim -- vim
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). 2020-05-28 10 CVE-2019-20807
MISC
MISCwordpress -- wordpress
An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled. 2020-05-29 7.5 CVE-2020-13693
MISC
MISC
MISCMedium Vulnerabilities
Back to topPrimary
Vendor -- ProductDescription Published CVSS Score Source & Patch Info aviatrix -- controller
An issue was discovered in Aviatrix Controller through 5.1. An attacker with any signed SAML assertion from the Identity Provider can establish a connection (even if that SAML assertion has expired or is from a user who is not authorized to access Aviatrix), aka XML Signature Wrapping. 2020-05-22 5 CVE-2020-13415
MISCaviatrix -- controller
An issue was discovered in Aviatrix Controller before 5.4.1204. An API call on the web interface lacked a session token check to control access, leading to CSRF. 2020-05-22 6.8 CVE-2020-13412
MISCaviatrix -- controller
An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by the software. 2020-05-22 5 CVE-2020-13414
MISCaviatrix -- controller
An issue was discovered in Aviatrix Controller before 5.4.1204. There is a Observable Response Discrepancy from the API, which makes it easier to perform user enumeration via brute force. 2020-05-22 5 CVE-2020-13413
MISCaviatrix -- controller
An issue was discovered in Aviatrix Controller before 5.4.1066. A Controller Web Interface session token parameter is not required on an API call, which opens the application up to a Cross Site Request Forgery (CSRF) vulnerability for password resets. 2020-05-22 4.3 CVE-2020-13416
MISCaxel -- axel An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification. 2020-05-26 4.3 CVE-2020-13614
MISC
MISCcentreon -- centreon
Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the page parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget. 2020-05-27 4.3 CVE-2020-10946
MISCcentreon -- centreon
Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to host-monitoring/src/toolbar.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget. 2020-05-27 4.3 CVE-2020-13628
MISCcentreon -- centreon
Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget. 2020-05-27 4.3 CVE-2020-13627
MISCcisco -- amp_for_endpoints_mac_connector
A vulnerability in the file scan process of Cisco AMP for Endpoints Mac Connector Software could cause the scan engine to crash during the scan of local files, resulting in a restart of the AMP Connector and a denial of service (DoS) condition of the Cisco AMP for Endpoints service. The vulnerability is due to insufficient input validation of specific file attributes. An attacker could exploit this vulnerability by providing a crafted file to a user of an affected system. A successful exploit could allow the attacker to cause the Cisco AMP for Endpoints service to crash, resulting in missed detection and logging of the potentially malicious file. Continued attempts to scan the file could result in a DoS condition of the Cisco AMP for Endpoints service. 2020-05-22 5.8 CVE-2020-3314
CISCOcisco -- prime_collaboration_provisioning_software
A vulnerability in the web-based management interface of Cisco Prime Collaboration Provisioning Software could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability exists because the web-based management interface improperly validates user input for specific SQL queries. An attacker could exploit this vulnerability by authenticating to the application with valid administrative credentials and sending malicious requests to an affected system. A successful exploit could allow the attacker to view information that they are not authorized to view, make changes to the system that they are not authorized to make, or delete information from the database that they are not authorized to delete. 2020-05-22 6.5 CVE-2020-3184
CISCOdrupal -- drupal
An access bypass vulnerability exists when the experimental Workspaces module in Drupal 8 core is enabled. This can be mitigated by disabling the Workspaces module. It does not affect any release other than Drupal 8.7.4. 2020-05-28 6.8 CVE-2019-6342
CONFIRMem-http_request -- em-http-request
EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified. 2020-05-25 6.8 CVE-2020-13482
MISCepson -- eb-1470ui_devices An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of Epson EB-1470Ui MAIN: 98009273ESWWV107 MAIN2: 8X7325WWV303. A specially crafted series of HTTP requests can cause authentication bypass resulting in information disclosure. An attacker can send an HTTP request to trigger this vulnerability. 2020-05-22 6.4 CVE-2020-6091
MISCffipeg -- ffipeg ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c. 2020-05-24 4.3 CVE-2020-13439
MISCffipeg -- ffipeg ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c. 2020-05-24 4.3 CVE-2020-13438
MISCffipeg -- ffipeg ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c. 2020-05-24 4.3 CVE-2020-13440
MISCfork -- fork_cms
Fork before 5.8.3 allows XSS via navigation_title or title. 2020-05-27 4.3 CVE-2020-13633
MISCfreerdp -- freerdp In FreeRDP less than or equal to 2.0.0, a possible resource exhaustion vulnerability can be performed. Malicious clients could trigger out of bound reads causing memory allocation with random size. This has been fixed in 2.1.0. 2020-05-29 4 CVE-2020-11018
CONFIRMfreerdp -- freerdp
In FreeRDP less than or equal to 2.0.0, by providing manipulated input a malicious client can create a double free condition and crash the server. This is fixed in version 2.1.0. 2020-05-29 5 CVE-2020-11017
CONFIRMgnome -- glib-networking In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate verification. Applications that fail to provide the server identity, including Balsa before 2.5.11 and 2.6.x before 2.6.1, accept a TLS certificate if the certificate is valid for any host. 2020-05-28 6.4 CVE-2020-13645
MISC
MISCgrafana_labs -- grafana
Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource. 2020-05-24 4.3 CVE-2020-13430
MISC
MISC
CONFIRMibm -- business_automation_workflow
IBM Business Automation Workflow 18 and 19, and IBM Business Process Manager 8.0, 8.5, and 8.6 could allow a remote attacker to bypass security restrictions, caused by a reverse tabnabbing flaw. An attacker could exploit this vulnerability and redirect a vitcim to a phishing site. IBM X-Force ID: 181989 2020-05-29 5.8 CVE-2020-4490
XF
CONFIRMibm -- mobilefirst_platform_foundation
IBM MobileFirst Platform Foundation 8.0.0.0 stores highly sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 175207. 2020-05-27 5 CVE-2020-4226
XF
CONFIRMibm -- mq_for_hpe_nonstop
IBM MQ on HPE NonStop 8.0.4 and 8.1.0 is vulnerable to a privilege escalation attack when running in restricted mode. IBM X-Force ID: 178427. 2020-05-29 4.4 CVE-2020-4352
XF
CONFIRMibm -- security_identity_governance_and_intelligence
IBM Security Identity Governance and Intelligence 5.2.6 could disclose highly sensitive information to other authenticated users on the sytem due to incorrect authorization. IBM X-Force ID: 175485. 2020-05-28 4 CVE-2020-4249
XF
CONFIRMibm -- security_identity_governance_and_intelligence
IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 175484. 2020-05-28 4 CVE-2020-4248
XF
CONFIRMibm -- security_identity_governance_and_intelligence
IBM Security Identity Governance and Intelligence 5.2.6 could allow an authenticated user to perform unauthorized commands due to hazardous input validation. IBM X-Force ID: 175335. 2020-05-28 4 CVE-2020-4231
XF
CONFIRMibm -- security_identity_governance_and_intelligence
IBM Security Identity Governance and Intelligence 5.2.6 could allow a remote attacker to obtain sensitive information, caused by the failure to set the secure flag for the session cookie in SSL mode. By intercepting its transmission within an HTTP session, an attacker could exploit this vulnerability to capture the cookie and obtain sensitive information. IBM X-Force ID: 175360. 2020-05-28 5 CVE-2020-4233
XF
CONFIRMibm -- security_identity_governance_and_intelligence
IBM Security Identity Governance and Intelligence 5.2.6 could allow an unauthorized user to obtain sensitive information through user enumeration. IBM X-Force ID: 175422. 2020-05-28 5 CVE-2020-4244
XF
CONFIRMibm -- security_identity_governance_and_intelligence
IBM Security Identity Governance and Intelligence 5.2.6 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 175423. 2020-05-28 5 CVE-2020-4245
XF
CONFIRMibm -- security_identity_governance_and_intelligence
IBM Security Identity Governance and Intelligence 5.2.6 could allow an attacker to enumerate usernames to find valid login credentials which could be used to attempt further attacks against the system. IBM X-Force ID: 175336. 2020-05-28 5 CVE-2020-4232
XF
CONFIRMibm -- security_identity_governance_and_intelligence
IBM Security Identity Governance and Intelligence 5.2.6 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 175481. 2020-05-28 5.5 CVE-2020-4246
XF
CONFIRMibm -- spectrum_scale
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178424. 2020-05-27 5 CVE-2020-4350
XF
CONFIRMibm -- spectrum_scale IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a privileged authenticated user to perform unauthorized actions using a specially crated HTTP POST command. IBM X-Force ID: 179157. 2020-05-27 4 CVE-2020-4378
XF
CONFIRMibm -- spectrum_scale
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 178423. 2020-05-27 5 CVE-2020-4349
XF
CONFIRMibm -- spectrum_scale
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 178761. 2020-05-27 4 CVE-2020-4357
XF
CONFIRMibm -- spectrum_scale
IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force ID: 178414 2020-05-27 4 CVE-2020-4348
XF
CONFIRMibm -- spectrum_scale
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 179158. 2020-05-27 5 CVE-2020-4379
XF
CONFIRMjerryscript -- jerryscript JerryScript 2.2.0 allows attackers to cause a denial of service (stack consumption) via a proxy operation. 2020-05-27 5 CVE-2020-13623
MISCjerryscript -- jerryscript
parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure. 2020-05-28 5 CVE-2020-13649
MISC
MISC
MISCjerryscript -- jerryscript
JerryScript 2.2.0 allows attackers to cause a denial of service (assertion failure) because a property key query for a Proxy object returns unintended data. 2020-05-27 5 CVE-2020-13622
MISC
MISCjoomla! -- joomla!
The XCloner component before 3.5.4 for Joomla! allows Authenticated Local File Disclosure. 2020-05-23 4 CVE-2020-13424
MISCkaminari -- kaminari In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1. 2020-05-28 4.3 CVE-2020-11082
MISC
MISC
CONFIRMlinux -- linux_kernel
An issue was discovered in the Linux kernel before 5.2. There is a NULL pointer dereference in tw5864_handle_frame() in drivers/media/pci/tw5864/tw5864-video.c, which may cause denial of service, aka CID-2e7682ebfc75. 2020-05-27 5 CVE-2019-20806
MISC
MISC
MISClinux -- linux_kernel
A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the' ebitmap_netlbl_import' routine. While processing the CIPSO restricted bitmap tag in the 'cipso_v4_parsetag_rbm' routine, it sets the security attribute to indicate that the category bitmap is present, even if it has not been allocated. This issue leads to a NULL pointer dereference issue while importing the same category bitmap into SELinux. This flaw allows a remote network user to crash the system kernel, resulting in a denial of service. 2020-05-22 5 CVE-2020-10711
CONFIRM
CONFIRMmeinheld -- meinheld meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing. 2020-05-22 4.3 CVE-2020-7658
MISC
MISCmonstra -- monstra_cms Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048. 2020-05-22 6.5 CVE-2020-13384
MISCmozilla -- firefox
Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox < 76. 2020-05-26 5 CVE-2020-12391
MISC
MISCmozilla -- firefox_and_firefox_esr_and_thunderbird
A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. 2020-05-26 6.8 CVE-2020-12387
MISC
MISC
MISC
MISCmozilla -- firefox_and_firefox_esr_and_thunderbird
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. 2020-05-26 4.6 CVE-2020-12393
MISC
MISC
MISC
MISCmozilla -- firefox_for_ios
For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token was being used for JS-to-native also, but it isn't needed in this case, and its usage was also leaking this token. This vulnerability affects Firefox for iOS < 25. 2020-05-26 5 CVE-2020-6830
MISC
MISCmozilla -- thunderbird
By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird < 68.8.0. 2020-05-22 4.3 CVE-2020-12397
MISC
MISCnetgear -- multiple_devices
Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10, and possibly R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500, and R7000P. 2020-05-28 4.3 CVE-2020-13245
MISC
MISCnetqmail -- netqmail
qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability. 2020-05-26 5 CVE-2020-3811
CONFIRM
MISC
CONFIRMpi-hole -- pi-hole
Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease. 2020-05-29 6.5 CVE-2020-8816
CONFIRM
MISCpichi -- pichi
The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification. 2020-05-26 4.3 CVE-2020-13616
MISC
MISCpixel_&_tonic -- craft_cms The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection. 2020-05-25 5.8 CVE-2020-13486
MISCpixel_&_tonic -- craft_cms
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header. 2020-05-25 6.4 CVE-2020-13485
MISC
MISCpixel_&_tonic -- craft_cms
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action. 2020-05-25 6.8 CVE-2020-13458
MISCprotocol_labs -- aegir
In AEgir greater than or equal to 21.7.0 and less than 21.10.1, aegir publish and aegir build may leak secrets from environment variables in the browser bundle published to npm. This has been fixed in 21.10.1. 2020-05-27 5 CVE-2020-11059
CONFIRMpuma_gem_for_ruby_on_rails -- puma_gem_for_ruby_on_rails In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request's body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5. 2020-05-22 5 CVE-2020-11077
MISC
CONFIRMpuma_gem_for_ruby_on_rails -- puma_gem_for_ruby_on_rails
In Puma (RubyGem) before 4.3.4 and 3.12.5, an attacker could smuggle an HTTP response, by using an invalid transfer-encoding header. The problem has been fixed in Puma 3.12.5 and Puma 4.3.4. 2020-05-22 5 CVE-2020-11076
MISC
MISC
CONFIRMqore -- qore
lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification for X.509 certificates. 2020-05-26 4.3 CVE-2020-13615
MISC
MISCred_hat -- undertow A flaw was found in Undertow in versions before 2.1.1.Final, regarding the processing of invalid HTTP requests with large chunk sizes. This flaw allows an attacker to take advantage of HTTP request smuggling. 2020-05-26 6.4 CVE-2020-10719
CONFIRMsqlite -- sqlite
SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. 2020-05-24 5 CVE-2020-13435
CONFIRM
MISCsqlite -- sqlite
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. 2020-05-24 5 CVE-2020-13434
MLIST
CONFIRM
MISC
MISCsqlite -- sqlite
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. 2020-05-27 5 CVE-2020-13631
MISC
MISCsqlite -- sqlite
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. 2020-05-27 5 CVE-2020-13632
MISC
MISCteradici -- pcoip_standard_agent_for_windows_and_pcoip_graphics_agent_for_windows
Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe. 2020-05-28 4.6 CVE-2020-13173
CONFIRMtrackr -- multiple_devices
TrackR devices through 2020-05-06 allow attackers to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted. 2020-05-23 6.8 CVE-2020-13425
MISCtrend_micro -- interscan_web_security_virtual_appliance A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations. Authentication is required to exploit this vulnerability. 2020-05-27 6.5 CVE-2020-8605
MISC
MISCtrend_micro -- interscan_web_security_virtual_appliance A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations. 2020-05-27 5 CVE-2020-8604
MISC
MISCtrend_micro -- interscan_web_security_virtual_appliance
A cross-site scripting vulnerability (XSS) in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web interface of affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. 2020-05-27 4.3 CVE-2020-8603
MISC
MISCubiquiti -- airmax_xm_and_xw_and_ti_series_devices
We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Multiple end-points with parameters vulnerable to reflected cross site scripting (XSS), allowing attackers to abuse the user' session information and/or account takeover of the admin user.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page. 2020-05-26 4.3 CVE-2020-8170
MISC
MISC
MISCubiquiti -- airmax_xm_and_xw_and_ti_series_devices
We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Attackers can abuse multiple end-points not protected against cross-site request forgery (CSRF), as a result authenticated users can be persuaded to visit malicious web pages, which allows attackers to perform arbitrary actions, such as downgrade the device's firmware to older versions, modify configuration, upload arbitrary firmware, exfiltrate files and tokens.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page. 2020-05-26 6.8 CVE-2020-8168
MISC
MISC
MISC
MISC
MISCwordpress -- wordpress An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The action_builder_content function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The panels_data $_POST variable allows for malicious JavaScript to be executed in the victim's browser. 2020-05-28 6.8 CVE-2020-13642
MISC
MISCwordpress -- wordpress
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The live editor feature did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The live_editor_panels_data $_POST variable allows for malicious JavaScript to be executed in the victim's browser. 2020-05-28 6.8 CVE-2020-13643
MISC
MISCwordpress -- wordpress
An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress. The far_options_page function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The find and replace rules could be updated with malicious JavaScript, allowing for that be executed later in the victims browser. 2020-05-28 6.8 CVE-2020-13641
MISC
MISCwordpress -- wordpress
The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for CVE-2020-12077. 2020-05-29 6.5 CVE-2020-12675
MISC
MISCyouhua -- windows_master
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xF1002558 2020-05-29 6.1 CVE-2020-13634
MISC
MISCLow Vulnerabilities
Back to topPrimary
Vendor -- ProductDescription Published CVSS Score Source & Patch Info centreon -- centreon
Centreon before 19.10.7 exposes Session IDs in server responses. 2020-05-27 3.3 CVE-2020-10945
MISCcisco -- endpoints_linux_connector_software_and_endpoints_mac_connector_software
A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted packet to an affected device. A successful exploit could allow the attacker to cause the Cisco AMP for Endpoints service to crash and restart. 2020-05-22 2.1 CVE-2020-3344
CISCOcisco -- endpoints_linux_connector_software_and_endpoints_mac_connector_software
A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted packet to an affected device. A successful exploit could allow the attacker to cause the Cisco AMP for Endpoints service to crash and restart. 2020-05-22 2.1 CVE-2020-3343
CISCOcmsmadesimple -- cms_made_simple
CMS Made Simple through 2.2.14 allows XSS via a crafted File Picker profile name. 2020-05-28 3.5 CVE-2020-13660
MISC
MISCcybozu -- kinton_mobile_for_android
Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors. 2020-05-29 2.1 CVE-2020-5573
MISC
MISCcybozu -- mailwise_for_android
Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecified vectors. 2020-05-29 2.1 CVE-2020-5572
MISC
MISCdell -- client_consumer_and_commercial_docking_stations
Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The vulnerability is limited to the Dell Dock Firmware Update Utilities during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers. 2020-05-28 2.6 CVE-2020-5357
MISCfreerdp -- freerdp
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c. 2020-05-22 2.1 CVE-2020-13396
MISC
MISC
MISCfreerdp -- freerdp
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c. 2020-05-22 2.1 CVE-2020-13398
MISC
MISC
MISCfreerdp -- freerdp
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value. 2020-05-22 2.1 CVE-2020-13397
MISC
MISC
MISCgrafana_labs -- grafana
legend.ts in the piechart-panel (aka Pie Chart Panel) plugin before 1.5.0 for Grafana allows XSS via the Values Header (aka legend header) option. 2020-05-24 3.5 CVE-2020-13429
MISC
MISChuawei -- p30_smartphones
HUAWEI P30 smartphones with versions earlier than 10.1.0.135(C00E135R2P11) have an improper authentication vulnerability. A logic error occurs when handling NFC work, an attacker should establish a NFC connection to the target phone, and then do a series of operations on the target phone. Successful exploit could allow a guest user do certain operation which is beyond the guest user's privilege. 2020-05-29 2.1 CVE-2020-1798
CONFIRMibm -- jazz_reporting_service
IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 180071. 2020-05-28 3.5 CVE-2020-4419
XF
CONFIRMibm -- planning_analytics_local
IBM Planning Analytics Local 2.0.0 through 2.0.9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 176735. 2020-05-29 3.5 CVE-2020-4306
XF
CONFIRMibm -- spectrum_scale
IBM Spectrum Scale 5.0.0.0 through 5.0.4.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 178762. 2020-05-27 3.5 CVE-2020-4358
XF
CONFIRMmozilla -- firefox
A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulnerability affects Firefox < 76. 2020-05-26 2.1 CVE-2020-12394
MISC
MISCmozilla -- firefox_and_firefox_esr_and_thunderbird
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. 2020-05-26 2.1 CVE-2020-12392
MISC
MISC
MISC
MISCnetqmail -- netqmail
qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. A local attacker can test for the existence of files and directories anywhere in the filesystem because qmail-verify runs as root and tests for the existence of files in the attacker's home directory, without dropping its privileges first. 2020-05-26 2.1 CVE-2020-3812
CONFIRM
MISC
CONFIRMocproducts -- composr
Composr 10.0.30 allows Persistent XSS via a Usergroup name under the Security configuration. 2020-05-22 3.5 CVE-2020-8789
MISC
FULLDISCpixel_&_tonic -- craft_cms An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action. 2020-05-25 3.5 CVE-2020-13459
MISCqemu -- qemu
sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process. 2020-05-27 2.1 CVE-2020-13253
CONFIRM
CONFIRM
MISCqemu -- qemu
In QEMU 4.2.0, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation. 2020-05-28 2.1 CVE-2020-13361
CONFIRM
MISCqemu -- qemu
In QEMU 4.2.0, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user. 2020-05-28 2.1 CVE-2020-13362
CONFIRM
MISC
MISCwordpress -- wordpress The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. An administrator can exploit this at the wp-admin/post.php?action=edit URI. 2020-05-26 3.5 CVE-2020-13487
MISC
MISC
MISC
MISCwordpress -- wordpress
An issue was discovered in the Accordion plugin before 2.2.9 for WordPress. The unprotected AJAX wp_ajax_accordions_ajax_import_json action allowed any authenticated user with Subscriber or higher permissions the ability to import a new accordion and inject malicious JavaScript as part of the accordion. 2020-05-28 3.5 CVE-2020-13644
MISC
MISCSeverity Not Yet Assigned
Back to topPrimary
Vendor -- ProductDescription Published CVSS Score Source & Patch Info abb -- device_library_wizard
Insecure storage of sensitive information in ABB Device Library Wizard versions 6.0.X, 6.0.3.1 and 6.0.3.2 allows unauthenticated low privilege user to read file that contains confidential data 2020-05-29 not yet calculated CVE-2020-8482
CONFIRManchore -- engine
In Anchore Engine version 0.7.0, a specially crafted container image manifest, fetched from a registry, can be used to trigger a shell escape flaw in the anchore engine analyzer service during an image analysis process. The image analysis operation can only be executed by an authenticated user via a valid API request to anchore engine, or if an already added image that anchore is monitoring has its manifest altered to exploit the same flaw. A successful attack can be used to execute commands that run in the analyzer environment, with the same permissions as the user that anchore engine is run as - including access to the credentials that Engine uses to access its own database which have read-write ability, as well as access to the running engien analyzer service environment. By default Anchore Engine is released and deployed as a container where the user is non-root, but if users run Engine directly or explicitly set the user to 'root' then that level of access may be gained in the execution environment where Engine runs. This issue is fixed in version 0.7.1. 2020-05-27 not yet calculated CVE-2020-11075
MISC
MISC
MISC
CONFIRMfreerdp -- freerdp
In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11089
MISC
MISC
CONFIRMfreerdp -- freerdp
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11088
MISC
CONFIRMfreerdp -- freerdp
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11086
MISC
CONFIRMfreerdp -- freerdp
In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11085
MISC
CONFIRMfreerdp -- freerdp
In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11043
CONFIRMfreerdp -- freerdp
In FreeRDP less than or equal to 2.0.0, an outside controlled array index is used unchecked for data used as configuration for sound backend (alsa, oss, pulse, ...). The most likely outcome is a crash of the client instance followed by no or distorted sound or a session disconnect. If a user cannot upgrade to the patched version, a workaround is to disable sound for the session. This has been patched in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11041
CONFIRMfreerdp -- freerdp
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11040
CONFIRMfreerdp -- freerdp
In FreeRDP less than or equal to 2.0.0, when using a manipulated server with USB redirection enabled (nearly) arbitrary memory can be read and written due to integer overflows in length checks. This has been patched in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11039
CONFIRMfreerdp -- freerdp
In FreeRDP less than or equal to 2.0.0, an Integer Overflow to Buffer Overflow exists. When using /video redirection, a manipulated server can instruct the client to allocate a buffer with a smaller size than requested due to an integer overflow in size calculation. With later messages, the server can manipulate the client to write data out of bound to the previously allocated buffer. This has been patched in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11038
CONFIRMfreerdp -- freerdp
In FreeRDP less than or equal to 2.0.0, when running with logger set to "WLOG_TRACE", a possible crash of application could occur due to a read of an invalid array index. Data could be printed as string to local terminal. This has been fixed in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11019
CONFIRMfreerdp -- freerdp
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0. 2020-05-29 not yet calculated CVE-2020-11087
MISC
CONFIRMhuawei -- cloudengine_12800_products
CloudEngine 12800 products with versions of V200R019C00, V200R019C10SPC800, V200R019C00SPC600, V200R019C10; and CloudEngine 6800 products with versions of V200R019C00SPC800 have a denial of service vulnerability. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. 2020-05-29 not yet calculated CVE-2020-1870
CONFIRMhuawei -- e6878-370_products
E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow vulnerability. The program copies an input buffer to an output buffer without verification. An attacker in the adjacent network could send a crafted message, successful exploit could lead to stack buffer overflow which may cause malicious code execution. 2020-05-29 not yet calculated CVE-2020-1832
CONFIRMhuawei -- honor_9x_smartphones
Honor 9X smartphones with versions earlier than 9.1.1.172(C00E170R8P1) have an improper authentication vulnerability. A logic error occurs when handling clock function, an attacker should do a series of crafted operations quickly before the phone is unlocked, successful exploit could allow the attacker to access clock information without unlock the phone. 2020-05-29 not yet calculated CVE-2020-1833
CONFIRMhuawei -- mate_10_smartphones
HUAWEI Mate 10 smartphones with versions earlier than 10.0.0.143(C00E143R2P4) have an information disclosure vulnerability. The attacker could wake up voice assistant then do a series of crafted voice operation, successful exploit could allow the attacker read certain files without unlock the phone leading to information disclosure. 2020-05-29 not yet calculated CVE-2020-1809
CONFIRMhuawei -- mate_20_smartphones
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper authorization vulnerability. The digital balance function does not sufficiently restrict the using time of certain user, successful exploit could allow the user break the limit of digital balance function after a series of operations with a PC. 2020-05-29 not yet calculated CVE-2020-1831
CONFIRMhuawei -- mate_20_smartphones
HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.185(C00E74R3P8) have an improper authorization vulnerability. The system does not properly restrict certain operation in ADB mode, successful exploit could allow certain user break the limit of digital balance function. 2020-05-29 not yet calculated CVE-2020-1797
CONFIRMkantech -- entrapass_editions
A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files. 2020-05-26 not yet calculated CVE-2020-9046
CONFIRM
CERTlinux -- linux_kernel
A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the skb and allow or deny the rest of the messages within the skb with the granted permission without further processing. 2020-05-26 not yet calculated CVE-2020-10751
MLIST
CONFIRM
CONFIRM
CONFIRM
CONFIRMmicro_focus -- service_management_automation
There is an Incorrect Authorization vulnerability in Micro Focus Service Management Automation (SMA) product affecting version 2018.05 to 2020.02. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation. 2020-05-29 not yet calculated CVE-2020-11844
CONFIRMmulesoft -- mule_ce/ee
A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion. 2020-05-29 not yet calculated CVE-2020-6937
CONFIRModdjob-mkhomedir -- oddjob-mkhomedir
A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into the newly created home and changes its ownership to the home's user without properly checking the homedir path. This flaw allows an attacker to leverage this issue by creating a symlink point to a target folder, which then has its ownership transferred to the new home directory's unprivileged user. 2020-05-27 not yet calculated CVE-2020-10737
CONFIRM
CONFIRMsmartdraw -- smartdraw_2020
In SmartDraw 2020 27.0.0.0, the installer gives inherited write permissions to the Authenticated Users group on the SmartDraw 2020 installation folder. Additionally, when the product is installed, two scheduled tasks are created on the machine, SDMsgUpdate (Local) and SDMsgUpdate (TE). The scheduled tasks run in the context of the user who installed the product. Both scheduled tasks attempt to run the same binary, C:\SmartDraw 2020\Messages\SDNotify.exe. The folder Messages doesn't exist by default and (by extension) neither does SDNotify.exe. Due to the weak folder permissions, these can be created by any user. A malicious actor can therefore create a malicious SDNotify.exe binary, and have it automatically run, whenever the user who installed the product logs on to the machine. The malicious SDNotify.exe could, for example, create a new local administrator account on the machine. 2020-05-27 not yet calculated CVE-2020-13386
MISCswarcos -- cpu_ls4000_series_devices
An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device without access control via network. A malicious user could use this vulnerability to get access to the device and disturb operations with connected devices. 2020-05-29 not yet calculated CVE-2020-12493
CONFIRMsynk-broker -- synk-broker
All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users with access to Snyk's internal network by creating symlinks to match whitelisted paths. 2020-05-29 not yet calculated CVE-2020-7653
MISC
MISCsynk-broker -- synk-broker
All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG. 2020-05-29 not yet calculated CVE-2020-7654
MISC
MISCsynk-broker -- synk-broker
All versions of snyk-broker before 4.79.0 are vulnerable to Arbitrary File Read. It allows partial file reads for users who have access to Snyk's internal network via patch history from GitHub Commits API. 2020-05-29 not yet calculated CVE-2020-7651
MISC
MISCsynk-broker -- synk-broker
All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users with access to Snyk's internal network via directory traversal. 2020-05-29 not yet calculated CVE-2020-7652
MISC
MISCsynk-broker -- synk-broker
All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. It allows arbitrary file reads to users with access to Snyk's internal network of any files ending in the following extensions: yaml, yml or json. 2020-05-29 not yet calculated CVE-2020-7650
MISC
MISCsynk-broker -- synk-broker
All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users who have access to Snyk's internal network by appending the URL with a fragment identifier and a whitelisted path e.g. `#package.json` 2020-05-29 not yet calculated CVE-2020-7648
MISC
MISCvivotek -- network_cameras
VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). For example, this affects IT9388-HT devices. 2020-05-28 not yet calculated CVE-2020-11950
CONFIRMvivotek -- network_cameras
testserver.cgi of the web service on VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera's local filesystem. For example, this affects IT9388-HT devices. 2020-05-28 not yet calculated CVE-2020-11949
CONFIRMvmware -- multiple_products
VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC and Horizon Client are installed. 2020-05-29 not yet calculated CVE-2020-3957
CONFIRMvmware -- multiple_products
VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.5.2) and VMware Fusion (11.x before 11.5.2) contain a denial-of-service vulnerability in the shader functionality. Successful exploitation of this issue may allow attackers with non-administrative access to a virtual machine to crash the virtual machine's vmx process leading to a denial of service condition. 2020-05-29 not yet calculated CVE-2020-3958
CONFIRMvmware -- multiple_products
VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.1.0) and VMware Fusion (11.x before 11.1.0) contain a memory leak vulnerability in the VMCI module. A malicious actor with local non-administrative access to a virtual machine may be able to crash the virtual machine's vmx process leading to a partial denial of service. 2020-05-29 not yet calculated CVE-2020-3959
CONFIRMThis product is provided subject to this Notification and this Privacy & Use policy.
- Original release date: May 29, 2020
VMware has released security updates to address vulnerabilities affecting multiple products. An attacker could exploit one of these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the VMware Security Advisory VMSA-2020-0011 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
- Original release date: May 29, 2020
Cisco has released security updates to address SaltStack FrameWork vulnerabilities in Cisco Modeling Labs Corporate Edition (CML) and Virtual Internet Routing Lab Personal Edition (VIRL-PE). A remote attacker could exploit these vulnerabilities to take control of an affected system.
The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Cisco Security Advisory and apply the necessary updates or workaround.
This product is provided subject to this Notification and this Privacy & Use policy.
