This article is contributed. See the original author and article here.

Original release date: November 2, 2020

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor — Product
DescriptionPublishedCVSS ScoreSource & Patch Info
apple — airport_base_station_firmwareAn out-of-bounds read was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to leak memory.2020-10-277.5CVE-2019-8581
MISC
MISC
apple — airport_base_station_firmwareA use after free issue was addressed with improved memory management. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution.2020-10-277.5CVE-2019-8578
MISC
MISC
apple — airport_base_station_firmwareA null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution.2020-10-277.5CVE-2019-8572
MISC
MISC
apple — airport_base_station_firmwareA null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause a system denial of service.2020-10-277.8CVE-2019-8588
MISC
MISC
apple — icloudAn out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.2020-10-277.5CVE-2019-8746
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.2020-10-279.3CVE-2019-8835
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudMultiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2.2020-10-277.5CVE-2019-8749
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudMultiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2.2020-10-277.5CVE-2019-8756
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.2020-10-279.3CVE-2019-8844
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudA logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin.2020-10-277.2CVE-2020-3864
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudA use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.2020-10-279.3CVE-2019-8846
MISC
MISC
MISC
MISC
MISC
MISC
apple — ipad_osA memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.2020-10-279.3CVE-2019-8740
MISC
MISC
MISC
apple — ipadosAn out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iOS 12.4.4, watchOS 5.3.4. Processing malicious video via FaceTime may lead to arbitrary code execution.2020-10-279.3CVE-2019-8830
MISC
MISC
MISC
MISC
MISC
MISC
apple — ipadosA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges.2020-10-279.3CVE-2019-8828
MISC
MISC
MISC
MISC
apple — ipadosAn information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.3 and iPadOS 13.3. An application may be able to execute arbitrary code with kernel privileges.2020-10-277.2CVE-2019-8841
MISC
apple — ipadosAn out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Processing a maliciously crafted image may lead to arbitrary code execution.2020-10-279.3CVE-2020-3880
MISC
MISC
MISC
MISC
apple — ipadosA memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6.1, tvOS 13.2, iOS 13.2 and iPadOS 13.2. An application may be able to execute arbitrary code with kernel privileges.2020-10-279.3CVE-2019-8829
MISC
MISC
MISC
MISC
apple — ipadosA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges.2020-10-279.3CVE-2019-8838
MISC
MISC
MISC
MISC
apple — ipadosAn out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.2020-10-279.3CVE-2020-9973
MISC
MISC
apple — ipadosA memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with system privileges.2020-10-279.3CVE-2019-8832
MISC
MISC
MISC
MISC
apple — ipadosA memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. An application may be able to execute arbitrary code with system privileges.2020-10-279.3CVE-2019-8831
MISC
MISC
MISC
MISC
MISC
apple — ipadosA memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges.2020-10-279.3CVE-2019-8836
MISC
MISC
MISC
apple — ipadosA memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges.2020-10-279.3CVE-2019-8833
MISC
MISC
MISC
MISC
apple — iphone_osAn input validation issue was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause a system denial of service.2020-10-277.8CVE-2019-8573
MISC
MISC
MISC
apple — iphone_osA memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.2020-10-279.3CVE-2019-8718
MISC
MISC
MISC
apple — iphone_osA memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be able to execute arbitrary code with kernel privileges.2020-10-279.3CVE-2019-8709
MISC
MISC
MISC
MISC
MISC
apple — iphone_osThe issue was addressed with improved permissions logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13. A malicious application may be able to determine kernel memory layout.2020-10-277.1CVE-2019-8780
MISC
MISC
apple — iphone_osA memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15, iOS 13. An application may be able to execute arbitrary code with system privileges.2020-10-279.3CVE-2019-8715
MISC
MISC
MISC
apple — iphone_osA use after free issue was addressed with improved memory management. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.2020-10-277.2CVE-2019-8528
MISC
MISC
MISC
apple — iphone_osAn out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. A remote attacker may be able to leak memory.2020-10-277.5CVE-2019-8547
MISC
MISC
MISC
MISC
apple — iphone_osA validation issue existed in Trust Anchor Management. This issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An untrusted radius server certificate may be trusted.2020-10-277.5CVE-2019-8531
MISC
MISC
MISC
apple — iphone_osA memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges.2020-10-2710CVE-2019-8712
MISC
MISC
MISC
apple — iphone_osThe issue was addressed with improved validation on the FaceTime server. This issue is fixed in macOS Mojave 10.14.3 Supplemental Update, iOS 12.1.4. A thorough security audit of the FaceTime service uncovered an issue with Live Photos .2020-10-277.5CVE-2019-7288
MISC
MISC
apple — iphone_osA memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.2020-10-277.2CVE-2019-8525
MISC
MISC
MISC
MISC
apple — mac_os_xA memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges.2020-10-2710CVE-2019-8716
MISC
apple — mac_os_xA logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A malicious application may be able to access restricted files.2020-10-279.3CVE-2019-8837
MISC
apple — mac_os_xA memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to execute arbitrary code with kernel privileges.2020-10-279.3CVE-2019-8852
MISC
apple — mac_os_xA memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to execute arbitrary code with kernel privileges.2020-10-279.3CVE-2019-8847
MISC
apple — mac_os_xA memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with kernel privileges.2020-10-279.3CVE-2019-8824
MISC
apple — mac_os_xA memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application may be able to execute arbitrary code with system privileges.2020-10-279.3CVE-2020-3863
MISC
apple — mac_os_xA memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. Processing a maliciously crafted string may lead to heap corruption.2020-10-277.5CVE-2019-8767
MISC
MISC
apple — mac_os_xA buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. A buffer overflow may result in arbitrary code execution.2020-10-277.5CVE-2020-9866
MISC
apple — mac_os_xA memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary code with system privileges.2020-10-279.3CVE-2019-8539
MISC
apple — mac_os_xA memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra. A malicious application may be able to execute arbitrary code with system privileges.2020-10-279.3CVE-2018-4452
MISC
MISC
apple — mac_os_xA logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. A malicious application may be able to execute arbitrary code with kernel privileges.2020-10-277.2CVE-2019-8534
MISC
apple — mac_os_xThis issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation.2020-10-279.3CVE-2018-4451
MISC
apple — mac_os_xA memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with system privileges.2020-10-279.3CVE-2019-8776
MISC
arubanetworks — airwave_glassA remote unauthorized access vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.2020-10-267.5CVE-2020-7124
MISC
arubanetworks — airwave_glassA remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.2020-10-269CVE-2020-24631
MISC
arubanetworks — airwave_glassA remote execution of arbitrary commandss vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.2020-10-269CVE-2020-24632
MISC
arubanetworks — airwave_glassA remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.2020-10-267.5CVE-2020-7127
MISC
crmeb — crmebA SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely download arbitrary files on the server and remotely execute arbitrary code.2020-10-237.5CVE-2020-25466
MISC
MISC
MISC
fruitywifi_project — fruitywifiFruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system.2020-10-237.2CVE-2020-24848
MISC
getgophish — gophishGophish before 0.11.0 allows the creation of CSV sheets that contain malicious content.2020-10-289.3CVE-2020-24707
MISC
MISC
MISC
ibm — i2_analysts_notebookIBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187868.2020-10-299.3CVE-2020-4721
XF
CONFIRM
ibm — i2_analysts_notebookIBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.2020-10-299.3CVE-2020-4724
XF
CONFIRM
ibm — i2_analysts_notebookIBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187870.2020-10-299.3CVE-2020-4722
XF
CONFIRM
ibm — i2_analysts_notebookIBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187873.2020-10-299.3CVE-2020-4723
XF
CONFIRM
illumos — illumosAn issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c.2020-10-267.5CVE-2020-27678
MISC
kde — partition_managerAn issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related commands, while KDE Partition Manager is running. the mount command can then be used to gain full root privileges.2020-10-267.2CVE-2020-27187
MISC
MISC
CONFIRM
konzept-ix — publixoneA RemoteFunctions endpoint with missing access control in konzept-ix publiXone before 2020.015 allows attackers to disclose sensitive user information, send arbitrary e-mails, escalate the privileges of arbitrary user accounts, and have unspecified other impact.2020-10-277.5CVE-2020-27183
MISC
MISC
oscommerce — oscommerceosCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option.2020-10-2810CVE-2020-27976
MISC

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
DescriptionPublishedCVSS ScoreSource & Patch Info
1password — command-lineAn issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user’s encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption.2020-10-275CVE-2020-10256
MISC
CONFIRM
MISC
antsword_project — antswordAntSword 2.1.8.1 contains a cross-site scripting (XSS) vulnerability in the View Site funtion. When viewing an added site, an XSS payload can be injected in cookies view which can lead to remote code execution.2020-10-264.3CVE-2020-25470
MISC
antsword_project — antswordA cross-site scripting (XSS) vulnerability AntSword v2.0.7 can remotely execute system commands.2020-10-266.8CVE-2020-18766
MISC
apple — airport_base_station_firmwareA denial of service issue was addressed with improved memory handling. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. An attacker in a privileged position may be able to perform a denial of service attack.2020-10-274CVE-2019-7291
MISC
MISC
apple — airport_base_station_firmwareThe issue was addressed with improved data deletion. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A base station factory reset may not delete all user information.2020-10-275CVE-2019-8575
MISC
MISC
apple — airport_base_station_firmwareSource-routed IPv4 packets were disabled by default. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. Source-routed IPv4 packets may be unexpectedly accepted.2020-10-275CVE-2019-8580
MISC
MISC
apple — icloudMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.2020-10-276.8CVE-2019-8728
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.2020-10-276.8CVE-2019-8734
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.2020-10-276.8CVE-2019-8751
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution.2020-10-276.8CVE-2019-8639
MISC
MISC
MISC
MISC
MISC
apple — icloudMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution.2020-10-276.8CVE-2019-8638
MISC
MISC
MISC
MISC
MISC
apple — icloudThe HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15. Visiting a maliciously crafted website may reveal the sites a user has visited.2020-10-274.3CVE-2019-8827
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.2020-10-276.8CVE-2019-8752
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudMultiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.2020-10-276.8CVE-2019-8773
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudThis issue was addressed with improved checks. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An application may be able to gain elevated privileges.2020-10-276.8CVE-2019-8848
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudA validation issue was addressed with improved logic. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, tvOS 13, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to universal cross site scripting.2020-10-274.3CVE-2019-8762
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudA memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 10.7, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.2020-10-276.8CVE-2019-8825
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudA configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An attacker in a privileged network position may be able to bypass HSTS for a limited number of specific top-level domains previously not in the HSTS preload list.2020-10-274CVE-2019-8834
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudAn out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iCloud for Windows 7.12, tvOS 12.3, iTunes 12.9.5 for Windows, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. Processing a maliciously crafted font may result in the disclosure of process memory.2020-10-274.3CVE-2019-8582
MISC
MISC
MISC
MISC
MISC
apple — icloudA memory consumption issue was addressed with improved memory handling. This issue is fixed in iCloud for Windows 7.7, watchOS 5, Safari 12, iOS 12, iTunes 12.9 for Windows, tvOS 12. Unexpected interaction causes an ASSERT failure.2020-10-275CVE-2018-4474
MISC
MISC
MISC
MISC
MISC
MISC
apple — icloudA logic issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, iCloud for Windows 7.10, iTunes 12.9.3 for Windows, Safari 12.0.3, tvOS 12.1.2. Processing maliciously crafted web content may disclose sensitive user information.2020-10-274.3CVE-2019-8570
MISC
MISC
MISC
MISC
MISC
apple — ipad_osA resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service.2020-10-274.3CVE-2019-8774
MISC
MISC
apple — ipad_osA memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may lead to arbitrary code execution.2020-10-276.8CVE-2019-8706
MISC
MISC
MISC
MISC
MISC
apple — ipadosAn out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may disclose restricted memory.2020-10-274.3CVE-2019-8850
MISC
MISC
MISC
MISC
MISC
apple — ipadosA logic issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iOS 12.4.3, watchOS 6.1, iOS 13.2 and iPadOS 13.2. AirDrop transfers may be unexpectedly accepted while in Everyone mode.2020-10-274.3CVE-2019-8796
MISC
MISC
MISC
MISC
apple — ipadosAn API issue existed in the handling of outgoing phone calls initiated with Siri. This issue was addressed with improved state handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. Calls made using Siri may be initiated using the wrong cellular plan on devices with two active plans.2020-10-274.3CVE-2019-8856
MISC
MISC
MISC
apple — ipadosThis issue was addressed by verifying host keys when connecting to a previously-known SSH server. This issue is fixed in iOS 13.1 and iPadOS 13.1. An attacker in a privileged network position may be able to intercept SSH traffic from the “Run script over SSH” action.2020-10-274CVE-2019-8901
MISC
apple — iphone_osThis issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15, watchOS 6, iOS 13, tvOS 13. Processing maliciously crafted web content may lead to a cross site scripting attack.2020-10-274.3CVE-2019-8753
MISC
MISC
MISC
MISC
apple — iphone_osA resource exhaustion issue was addressed with improved input validation. This issue is fixed in tvOS 12.1, iOS 12.1. Processing a maliciously crafted message may lead to a denial of service.2020-10-274.3CVE-2018-4381
MISC
MISC
apple — iphone_osA memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, tvOS 12.3, watchOS 5.2.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, iOS 13. Playing a malicious audio file may lead to arbitrary code execution.2020-10-276.8CVE-2019-8592
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple — iphone_osA logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, tvOS 12.3, watchOS 5.2.1, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. An attacker in a privileged network position can modify driver state.2020-10-274CVE-2019-8612
MISC
MISC
MISC
MISC
MISC
apple — iphone_osA memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. A malicious application may be able to determine kernel memory layout.2020-10-274.3CVE-2019-8744
MISC
MISC
MISC
MISC
MISC
apple — iphone_osA denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.4, tvOS 12.4, watchOS 5.3. Processing a maliciously crafted image may lead to a denial of service.2020-10-274.3CVE-2019-8668
MISC
MISC
MISC
apple — iphone_osAn input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service.2020-10-274.3CVE-2019-8664
MISC
MISC
apple — iphone_osA user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in macOS Catalina 10.15, watchOS 6, iOS 13, tvOS 13. A device may be passively tracked by its Wi-Fi MAC address.2020-10-275CVE-2019-8854
MISC
MISC
MISC
MISC
apple — iphone_osA denial of service issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. Processing a maliciously crafted vcf file may lead to a denial of service.2020-10-274.3CVE-2019-8538
MISC
MISC
MISC
apple — iphone_osA permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in watchOS 5.2, iOS 12.2. A malicious application may be able to access restricted files.2020-10-274.3CVE-2019-8532
MISC
MISC
apple — iphone_osAn inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofing.2020-10-274.3CVE-2018-4391
MISC
MISC
MISC
apple — iphone_osA logic issue was addressed with improved restrictions. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. A sandboxed process may be able to circumvent sandbox restrictions.2020-10-275CVE-2019-8618
MISC
MISC
MISC
apple — iphone_osA logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3. Users removed from an iMessage conversation may still be able to alter state.2020-10-275CVE-2019-8631
MISC
MISC
MISC
apple — iphone_osA validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3, watchOS 5.3. An application may be able to read restricted memory.2020-10-275CVE-2019-8633
MISC
MISC
MISC
MISC
apple — iphone_osAn inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofing.2020-10-274.3CVE-2018-4390
MISC
MISC
MISC
apple — itunesA logic issue was addressed with improved state management. This issue is fixed in Safari 12.0.2, iOS 12.1.1, tvOS 12.1.1, iTunes 12.9.2 for Windows. Processing maliciously crafted web content may disclose sensitive user information.2020-10-274.3CVE-2018-4444
MISC
MISC
MISC
MISC
apple — itunesAn information disclosure issue existed in the handling of the Storage Access API. This issue was addressed with improved logic. This issue is fixed in iOS 13.3 and iPadOS 13.3, tvOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows. Visiting a maliciously crafted website may reveal sites a user has visited.2020-10-274.3CVE-2019-8898
MISC
MISC
MISC
MISC
apple — mac_os_xThis issue was addressed by removing additional entitlements. This issue is fixed in macOS Mojave 10.14.1, Security Update 2018-002 High Sierra, Security Update 2018-005 Sierra. A malicious application may be able to access restricted files.2020-10-274.3CVE-2018-4468
MISC
apple — mac_os_xA memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. Processing maliciously crafted web content may lead to arbitrary code execution.2020-10-276.8CVE-2019-8826
MISC
apple — mac_os_xAn out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.2020-10-276.8CVE-2020-9961
MISC
apple — mac_os_xA validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted package may lead to arbitrary code execution.2020-10-276.8CVE-2019-6238
MISC
apple — mac_os_xA logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state.2020-10-275CVE-2019-8564
MISC
apple — mac_os_xA buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.2020-10-276.5CVE-2019-8696
MISC
apple — mac_os_xThis issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. Parsing a maliciously crafted text file may lead to disclosure of user information.2020-10-274.3CVE-2019-8761
MISC
MISC
apple — mac_os_xA cross-origin issue existed with “iframe” elements. This was addressed with improved tracking of security origins. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. A malicious HTML document may be able to render iframes with sensitive user information.2020-10-274.3CVE-2019-8754
MISC
apple — mac_os_xAn access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. A malicious application may be able to overwrite arbitrary files.2020-10-275.8CVE-2020-3855
MISC
apple — mac_os_xThis issue was addressed by removing the vulnerable code. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A malicious application may be able to elevate privileges.2020-10-276.8CVE-2019-8509
MISC
MISC
apple — mac_os_xA buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.2020-10-276.5CVE-2019-8675
MISC
apple — mac_os_xA memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra. A malicious application may be able to elevate privileges.2020-10-276.8CVE-2018-4467
MISC
MISC
apple — mac_os_xAn out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A local user may be able to cause unexpected system termination or read kernel memory.2020-10-276.6CVE-2019-8759
MISC
MISC
apple — mac_os_xThis issue was addressed with improved checks This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra. An application may be able to trigger a sysdiagnose.2020-10-274.3CVE-2020-9786
MISC
apple — mac_os_xAn issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra. A malicious website may be able to exfiltrate autofilled data in Safari.2020-10-274.3CVE-2020-9857
MISC
apple — mac_os_xAn access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to access restricted files.2020-10-274.3CVE-2019-8855
MISC
apple — mac_os_xA validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to read restricted memory.2020-10-274.3CVE-2019-8853
MISC
MISC
apple — mac_os_xA buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An attacker in a privileged position may be able to perform a denial of service attack.2020-10-274.3CVE-2019-8839
MISC
apple — mac_os_xAn input validation issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An application may be able to gain elevated privileges.2020-10-274.6CVE-2019-8579
MISC
apple — mac_os_xAn input validation issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. An attacker in a privileged network position may be able to leak sensitive user information.2020-10-274CVE-2019-8736
MISC
MISC
apple — mac_os_xA denial of service issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. An attacker in a privileged position may be able to perform a denial of service attack.2020-10-274CVE-2019-8737
MISC
MISC
apple — mac_os_xThis issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. A remote attacker may be able to unexpectedly alter application state.2020-10-275CVE-2020-9941
MISC
apple — mac_os_xAn issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting access to encrypted data. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Encrypted data may be inappropriately accessed.2020-10-275CVE-2020-9774
MISC
apple — musicThis issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Apple Music 3.4.0 for Android. A malicious application may be able to leak a user’s credentials.2020-10-274.3CVE-2020-9982
MISC
apple — safariA custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 13.0.5. Processing a maliciously crafted URL may lead to arbitrary javascript code execution.2020-10-275.8CVE-2020-9860
MISC
apple — safariThis issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy.2020-10-274.3CVE-2019-8771
MISC
MISC
arubanetworks — airwave_glassA remote escalation of privilege vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.2020-10-266.5CVE-2020-7125
MISC
arubanetworks — airwave_glassA remote server-side request forgery (ssrf) vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.2020-10-265CVE-2020-7126
MISC
belkin — linksys_wrt_160nl_firmware** UNSUPPORTED WHEN ASSIGNED ** Belkin LINKSYS WRT160NL 1.0.04.002_US_20130619 devices have a stack-based buffer overflow vulnerability because of sprintf in create_dir in mini_httpd. Successful exploitation leads to arbitrary code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.2020-10-236.5CVE-2020-26561
MISC
checkpoint — zonealarmCheck Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware.2020-10-274.6CVE-2020-6023
MISC
fireeye — email_malware_protection_systemeMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sort, sort_by, search{URL], or search[attachment] parameter to the email search feature.2020-10-264CVE-2020-25034
MISC
fruitywifi_project — fruitywifiA Cross-Site Request Forgery (CSRF) vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in page_config_adv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticated attacker can change the newSSID and hostapd_wpa_passphrase.2020-10-234.3CVE-2020-24847
MISC
getgophish — gophishGophish through 0.10.1 does not invalidate the gophish cookie upon logout.2020-10-285CVE-2020-24713
MISC
getgophish — gophishGophish before 0.11.0 allows SSRF attacks.2020-10-285CVE-2020-24710
MISC
MISC
MISC
getgophish — gophishThe Reset button on the Account Settings page in Gophish before 0.11.0 allows attackers to cause a denial of service via a clickjacking attack2020-10-284.3CVE-2020-24711
MISC
MISC
MISC
git-tag-annotation-action_project — git-tag-annotation-actionIn the git-tag-annotation-action (open source GitHub Action) before version 1.0.1, an attacker can execute arbitrary (*) shell commands if they can control the value of [the `tag` input] or manage to alter the value of [the `GITHUB_REF` environment variable]. The problem has been patched in version 1.0.1. If you don’t use the `tag` input you are most likely safe. The `GITHUB_REF` environment variable is protected by the GitHub Actions environment so attacks from there should be impossible. If you must use the `tag` input and cannot upgrade to `> 1.0.0` make sure that the value is not controlled by another Action.2020-10-266.5CVE-2020-15272
MISC
MISC
CONFIRM
grafana — grafanaGrafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.2020-10-284.3CVE-2020-24303
MISC
MISC
hp — bluedata_epicThe HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval. Specifically, they display the kdc_admin_password in the source file of the url “/bdswebui/assignusers/”.2020-10-264CVE-2020-7196
MISC
ibm — i2_ibaseIBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184574.2020-10-305CVE-2020-4584
XF
CONFIRM
ibm — i2_ibaseIBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 184579.2020-10-306.8CVE-2020-4588
XF
CONFIRM
ibm — security_directory_serverIBM Security Directory Server 6.4.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 166624.2020-10-295CVE-2019-4563
XF
CONFIRM
ibm — security_directory_serverIBM Security Directory Server 6.4.0 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 165949.2020-10-295CVE-2019-4547
XF
CONFIRM
ibm — sterling_connectIBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. Bysending a specially crafted request, the attacker could cause the application to crash. IBM X-Force ID: 188906.2020-10-285CVE-2020-4767
XF
CONFIRM
ibm — websphere_application_serverIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system.2020-10-284CVE-2020-4782
XF
CONFIRM
iobit — malware_fighterAn issue exits in IOBit Malware Fighter version 8.0.2.547. Local escalation of privileges is possible by dropping a malicious DLL file into the WindowsApps folder.2020-10-276.9CVE-2020-23864
MISC
konzept-ix — publixonekonzept-ix publiXone before 2020.015 allows attackers to download files by iterating over the IXCopy fileID parameter.2020-10-275CVE-2020-27180
MISC
MISC
konzept-ix — publixoneA hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files.2020-10-276.4CVE-2020-27181
MISC
MISC
konzept-ix — publixoneMultiple cross-site scripting (XSS) vulnerabilities in konzept-ix publiXone before 2020.015 allow remote attackers to inject arbitrary JavaScript or HTML via appletError.jsp, job_jacket_detail.jsp, ixedit/editor_component.jsp, or the login form.2020-10-274.3CVE-2020-27182
MISC
MISC
motion_project — motionA Denial of Service condition in Motion-Project Motion 3.2 through 4.3.1 allows remote unauthenticated users to cause a webu.c segmentation fault and kill the main process via a crafted HTTP request.2020-10-265CVE-2020-26566
MISC
MISC
MISC
neopost — neopost_mail_accountingNeoPost Mail Accounting Software Pro 5.0.6 allows php/Commun/FUS_SCM_BlockStart.php?code= XSS.2020-10-284.3CVE-2020-27974
MISC
netapp — clustered_data_ontapClustered Data ONTAP versions 9.7 through 9.7P7 are susceptible to a vulnerability which allows an attacker with access to an intercluster LIF to cause a Denial of Service (DoS).2020-10-275CVE-2020-8579
MISC
npmjs — npm-user-validateThis affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters.2020-10-275CVE-2020-7754
CONFIRM
CONFIRM
CONFIRM
CONFIRM
nvidia — geforce_experienceNVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.2020-10-234.4CVE-2020-5977
CONFIRM
nvidia — geforce_experienceNVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.2020-10-234.6CVE-2020-5990
CONFIRM
nvidia — geforce_experienceNVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges.2020-10-234.6CVE-2020-5978
CONFIRM
octopus — octopus_deployIn Octopus Deploy through 2020.4.2, an attacker could redirect users to an external site via a modified HTTP Host header.2020-10-265.8CVE-2020-26161
MISC
MISC
open-xchange — open-xchange_appsuiteOX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/message message API.2020-10-234CVE-2020-15002
CONFIRM
MISC
open-xchange — open-xchange_appsuiteOX App Suite through 7.10.3 allows Information Exposure because a user can obtain the IP address and User-Agent string of a different user (via the session API during shared Drive access).2020-10-234CVE-2020-15003
CONFIRM
MISC
oscommerce — oscommerceosCommerce Phoenix CE before 1.0.5.4 allows admin/define_language.php CSRF.2020-10-286.8CVE-2020-27975
MISC
pulsesecure — pulse_secure_desktop_clientA vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction.2020-10-286.5CVE-2020-8260
MISC
pulsesecure — pulse_secure_desktop_clientA vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege.2020-10-284.6CVE-2020-8250
MISC
pulsesecure — pulse_secure_desktop_clientA vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege.2020-10-284.6CVE-2020-8248
MISC
pulsesecure — pulse_secure_desktop_clientA vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary file reading vulnerability is fixed using encrypted URL blacklisting that prevents these messages.2020-10-284CVE-2020-8255
MISC
sonicwall — global_vpn_clientSonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system.2020-10-286.9CVE-2020-5145
CONFIRM
systeminformation — systeminformationThis affects the package systeminformation before 4.27.11. This package is vulnerable to Command Injection. The attacker can concatenate curl’s parameters to overwrite Javascript files and then execute any OS commands.2020-10-266.5CVE-2020-7752
CONFIRM
CONFIRM
CONFIRM
thembay — greenmartThe search functionality of the Greenmart theme 2.4.2 for WordPress is vulnerable to XSS.2020-10-274.3CVE-2020-16140
MISC
trim_project — trimAll versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().2020-10-275CVE-2020-7753
MISC
MISC
MISC
MISC
verifone — mx900_firmwareVerifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass.2020-10-234.4CVE-2019-14711
MISC
verifone — mx900_firmwareVerifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager.2020-10-234.6CVE-2019-14719
MISC
verifone — mx900_firmwareVerifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbitrary command injection and privilege escalation.2020-10-234.6CVE-2019-14718
MISC
verifone — p400_firmwareVerifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation.2020-10-234.6CVE-2019-14715
MISC
verifone — verix_osVerifone VerixV Pinpad Payment Terminals with QT000530 have an undocumented physical access mode (aka VerixV shell.out).2020-10-234.6CVE-2019-14716
MISC
verifone — verix_osVerifone VerixV Pinpad Payment Terminals with QT000530 allow bypass of integrity and origin control for S1G file generation.2020-10-234.6CVE-2019-14712
MISC
verifone — verix_osVerifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 have a Buffer Overflow via the Run system call.2020-10-234.6CVE-2019-14717
MISC
victor_cms_project — victor_cmsA SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the database.2020-10-275CVE-2020-23945
MISC
vmware — horizon_clientVMware Horizon Client for Windows (5.x prior to 5.5.0) contains an information disclosure vulnerability. A malicious attacker with local privileges on the machine where Horizon Client for Windows is installed may be able to retrieve hashed credentials if the client crashes.2020-10-234CVE-2020-3998
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
DescriptionPublishedCVSS ScoreSource & Patch Info
apple — ipadosA trust issue was addressed by removing a legacy API. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0. An attacker may be able to misuse a trust relationship to download malicious content.2020-10-272.1CVE-2020-9979
MISC
MISC
apple — ipadosThis issue was resolved by replacing device names with a random identifier. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15, watchOS 6, tvOS 13. An attacker in physical proximity may be able to passively observe device names in AWDL communications.2020-10-272.1CVE-2019-8799
MISC
MISC
MISC
MISC
apple — ipadosA validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, watchOS 6, iOS 13. A local app may be able to read a persistent account identifier.2020-10-272.1CVE-2019-8809
MISC
MISC
MISC
MISC
MISC
apple — iphone_osA lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 12.1.1. A local attacker may be able to share items from the lock screen.2020-10-273.6CVE-2018-4428
MISC
apple — iphone_osThis issue was addressed with a new entitlement. This issue is fixed in iOS 12.1. A local user may be able to read a persistent device identifier.2020-10-272.1CVE-2018-4339
MISC
apple — iphone_osThe issue was addressed with improved data deletion. This issue is fixed in iOS 13. Deleted calls remained visible on the device.2020-10-272.1CVE-2019-8732
MISC
apple — iphone_osA logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15, iOS 13. A local user may be able to check for the existence of arbitrary files.2020-10-272.1CVE-2019-8708
MISC
MISC
MISC
apple — iphone_osA memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.1.1, watchOS 5.1.2, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra, tvOS 12.1.1. A local user may be able to read kernel memory.2020-10-272.1CVE-2018-4448
MISC
MISC
MISC
MISC
MISC
apple — iphone_osA configuration issue was addressed with additional restrictions. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, watchOS 5, iOS 12, tvOS 12, macOS Mojave 10.14. A malicious application may be able to modify protected parts of the file system.2020-10-272.1CVE-2018-4433
MISC
MISC
MISC
MISC
MISC
apple — mac_os_xA lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. A local attacker may be able to view contacts from the lock screen.2020-10-272.1CVE-2019-8777
MISC
apple — mac_os_xA buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. In certain configurations, a remote attacker may be able to submit arbitrary print jobs.2020-10-272.6CVE-2019-8842
MISC
checkpoint — zonealarmCheck Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware.2020-10-273.6CVE-2020-6022
MISC
comtrend — ar-5387un_firmwareA cross-site scripting (XSS) vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04_R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service.2020-10-233.5CVE-2018-8062
MISC
getgophish — gophishCross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via the Host field on the send profile form.2020-10-283.5CVE-2020-24708
MISC
MISC
getgophish — gophishCross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via the IMAP Host field on the account settings page.2020-10-283.5CVE-2020-24712
MISC
MISC
MISC
getgophish — gophishCross Site Scripting (XSS) vulnerability in Gophish through 0.10.1 via a crafted landing page or email template.2020-10-283.5CVE-2020-24709
MISC
ibm — resilient_security_orchestration_automation_and_responseIBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server with a spoofed source IP address. IBM X-Force ID: 190567.2020-10-293.3CVE-2020-4864
XF
CONFIRM
open-xchange — open-xchange_appsuiteOX App Suite through 7.10.3 allows stats/diagnostic?param= XSS.2020-10-233.5CVE-2020-15004
MISC
MISC
openr — opentmpfilesopentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d entries are mishandled and allow a symlink attack.2020-10-262.1CVE-2017-18925
MISC
pulsesecure — pulse_secure_desktopPulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users’ passwords if Save Settings is enabled.2020-10-271.9CVE-2020-8956
MISC
pulsesecure — pulse_secure_desktop_clientA vulnerability in the authenticated user web interface of Pulse Connect Secure < 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) through the CGI file.2020-10-283.5CVE-2020-8263
MISC
requarks — wiki.jsIn Wiki.js before version 2.5.162, an XSS payload can be injected in a page title and executed via the search results. While the title is properly escaped in both the navigation links and the actual page title, it is not the case in the search results. Commit a57d9af34c15adbf460dde6553d964efddf433de fixes this vulnerability (version 2.5.162) by properly escaping the text content displayed in the search results.2020-10-263.5CVE-2020-15274
MISC
MISC
CONFIRM
verifone — mx900_firmwareVerifone MX900 series Pinpad Payment Terminals with OS 30251000 allow installation of unsigned packages.2020-10-232.1CVE-2019-14713
MISC
vmware — horizonVMware Horizon Server (7.x prior to 7.10.3 or 7.13.0) contains a Cross Site Scripting (XSS) vulnerability. Successful exploitation of this issue may allow an attacker to inject malicious script which will be executed.2020-10-233.5CVE-2020-3997
MISC
yourls — yourlsMultiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel, Versions 1.5 – 1.7.10. An authenticated user must modify a PHP plugin with a malicious payload and upload it, resulting in multiple stored XSS issues.2020-10-233.5CVE-2020-27388
MISC
MISC
MISC
zte — evdcA ZTE product is impacted by an XSS vulnerability. The vulnerability is caused by the lack of correct verification of client data in the WEB module. By inserting malicious scripts into the web module, a remote attacker could trigger an XSS attack when the user browses the web page. Then the attacker could use the vulnerability to steal user cookies or destroy the page structure. This affects: eVDC ZXCLOUD-iROSV6.03.042020-10-263.5CVE-2020-6876
MISC

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
DescriptionPublishedCVSS ScoreSource & Patch Info
apple — ios_and_ipados
 
The issue was addressed with improved validation when an iCloud Link is created. This issue is fixed in iOS 13.3 and iPadOS 13.3. Live Photo audio and video data may be shared via iCloud links even if Live Photo is disabled in the Share Sheet carousel.2020-10-27not yet calculatedCVE-2019-8857
MISC
apple — macosA logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A Mac may not lock immediately upon wake.2020-10-27not yet calculatedCVE-2019-8851
MISC
apple — macosA logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra. A sandboxed process may be able to circumvent sandbox restrictions.2020-10-27not yet calculatedCVE-2019-8640
MISC

apple — macos

A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An application may be able to execute arbitrary code with system privileges.2020-10-27not yet calculatedCVE-2019-8569
MISC
MISC
apple — macosAn issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted mail message may lead to S/MIME signature spoofing.2020-10-27not yet calculatedCVE-2019-8642
MISC
apple — macos
 
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A remote attacker may be able to overwrite existing files.2020-10-27not yet calculatedCVE-2020-9782
MISC
apple — macos
 
An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail.2020-10-27not yet calculatedCVE-2019-8645
MISC
apple — macos
 
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application may be able to gain elevated privileges.2020-10-27not yet calculatedCVE-2020-3851
MISC
MISC
apple — macos
 
This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. Extracting a zip file containing a symbolic link to an endpoint in an NFS mount that is attacker controlled may bypass Gatekeeper.2020-10-27not yet calculatedCVE-2019-8656
MISC
apple — macos
 
This issue is fixed in macOS Mojave 10.14. A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks.2020-10-27not yet calculatedCVE-2018-4296
MISC
apple — macos_catalina
 
A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. A user who shares their screen may not be able to end screen sharing.2020-10-27not yet calculatedCVE-2019-8858
MISC
apple — multiple_products
 
A memory corruption issue was addressed with improved validation. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, tvOS 13. Processing maliciously crafted web content may lead to arbitrary code execution.2020-10-27not yet calculatedCVE-2020-9932
MISC
MISC
MISC
apple — safari
 
A logic issue was addressed with improved validation. This issue is fixed in Safari 13.0.5. A URL scheme may be incorrectly ignored when determining multimedia permission for a website.2020-10-27not yet calculatedCVE-2020-3852
MISC
apple — swift_for_ubuntu
 
This issue was addresses by updating incorrect URLSession file descriptors management logic to match Swift 5.0. This issue is fixed in Swift 5.1.1 for Ubuntu. Incorrect management of file descriptors in URLSession could lead to inadvertent data disclosure.2020-10-27not yet calculatedCVE-2019-8790
MISC
apple — xcode
 
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 11.3. Compiling with untrusted sources may lead to arbitrary code execution with user privileges.2020-10-27not yet calculatedCVE-2019-8840
MISC
arista — cloudvision_exchange_server
 
Arista’s CloudVision eXchange (CVX) server before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (crash and restart) in the ControllerOob agent via a malformed control-plane packet.2020-10-26not yet calculatedCVE-2020-13100
CONFIRM
arista — eos
 
Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause traffic loss or incorrect forwarding of traffic via a malformed link-state PDU to the IS-IS router.2020-10-26not yet calculatedCVE-2020-15897
CONFIRM
basercms — basercms
 
baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. The issue affects the following components: Edit feed settings, Edit widget area, Sub site new registration, New category registration. Arbitrary JavaScript may be executed by entering specific characters in the account that can access the file upload function category list, subsite setting list, widget area edit, and feed list on the management screen. The issue was introduced in version 4.0.0. It is fixed in version 4.4.1.2020-10-30not yet calculatedCVE-2020-15273
MISC
CONFIRM
MISC
basercms — basercms
 
baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. Arbitrary JavaScript may be executed by entering a crafted nickname in blog comments. The issue affects the blog comment component. It is fixed in version 4.4.1.2020-10-30not yet calculatedCVE-2020-15276
MISC
MISC
CONFIRM
basercms — basercms
 
baserCMS before version 4.4.1 is affected by Remote Code Execution (RCE). Code may be executed by logging in as a system administrator and uploading an executable script file such as a PHP file. The Edit template component is vulnerable. The issue is fixed in version 4.4.1.2020-10-30not yet calculatedCVE-2020-15277
MISC
MISC
CONFIRM
broadleaf_commerce — broadleaf_framework
 
Broadleaf Commerce 5.1.14-GA is affected by cross-site scripting (XSS) due to a slow HTTP post vulnerability.2020-10-29not yet calculatedCVE-2020-21266
MISC
canonical — ubuntu
 
There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an unprivileged user can check for the existence of any files on the system as root.2020-10-31not yet calculatedCVE-2020-15703
CONFIRM
MISC
chart.js — chart.js
 
This affects the package chart.js before 2.9.4. The options parameter is not properly sanitized when it is processed. When the options are processed, the existing options (or the defaults options) are deeply merged with provided options. However, during this operation, the keys of the object being set are not checked, leading to a prototype pollution.2020-10-29not yet calculatedCVE-2020-7746
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
citadel — webcit
 
Citadel WebCit through 926 allows unauthenticated remote attackers to enumerate valid users within the platform. NOTE: this was reported to the vendor in a publicly archived “Multiple Security Vulnerabilities in WebCit 926” thread.2020-10-28not yet calculatedCVE-2020-27740
MISC
MISC
citadel — webcit
 
Multiple cross-site scripting (XSS) vulnerabilities in Citadel WebCit through 926 allow remote attackers to inject arbitrary web script or HTML via multiple pages and parameters. NOTE: this was reported to the vendor in a publicly archived “Multiple Security Vulnerabilities in WebCit 926” thread.2020-10-28not yet calculatedCVE-2020-27741
MISC
MISC
citadel — webcit
 
An Insecure Direct Object Reference vulnerability in Citadel WebCit through 926 allows authenticated remote attackers to read someone else’s emails via the msg_confirm_move template. NOTE: this was reported to the vendor in a publicly archived “Multiple Security Vulnerabilities in WebCit 926” thread.2020-10-28not yet calculatedCVE-2020-27742
MISC
MISC
citadel — webcit
 
A Weak Session Management vulnerability in Citadel WebCit through 926 allows unauthenticated remote attackers to hijack recently logged-in users’ sessions. NOTE: this was reported to the vendor in a publicly archived “Multiple Security Vulnerabilities in WebCit 926” thread.2020-10-28not yet calculatedCVE-2020-27739
MISC
MISC
click_studios — passwordstate
 
An issue was discovered in Click Studios Passwordstate 8.9 (Build 8973).If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator (4 digits), a remote attacker has the opportunity to conduct a brute force attack on this PIN code. As result, remote attacker retrieves all passwords from another systems, available for affected account.2020-10-29not yet calculatedCVE-2020-27747
MISC
MISC
codemirror — codemirror
 
This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS vulnerability of the regex is mainly due to the sub-pattern (s|/*.*?*/)*2020-10-30not yet calculatedCVE-2020-7760
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
commscope — ruckus
 
Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can submit a query to the API (/service/v1/createUser endpoint), injecting arbitrary commands that will be executed as root user via web.py.2020-10-26not yet calculatedCVE-2020-26878
MISC
MISC
MISC
CONFIRM
MISC
MISC
commscope — rukus_vriot
 
Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor value as the Authorization header.2020-10-26not yet calculatedCVE-2020-26879
MISC
MISC
MISC
CONFIRM
MISC
MISC
commvault — commcell
 
In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder.2020-10-29not yet calculatedCVE-2020-25780
MISC
cyberark — privileged_session_manager
 
CyberArk Privileged Session Manager (PSM) 10.9.0.15 allows attackers to discover internal pathnames by reading an error popup message after two hours of idle time.2020-10-28not yet calculatedCVE-2020-25374
MISC
MISC
dat.gui — dat.gui
 
All versions of package dat.gui are vulnerable to Regular Expression Denial of Service (ReDoS) via specifically crafted rgb and rgba values.2020-10-27not yet calculatedCVE-2020-7755
MISC
MISC
debian — blueman
 
Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any local user can possibly exploit this. If Polkit-1 is enabled for version 2.0.6 and later, a possible attacker needs to be allowed to use the `org.blueman.dhcp.client` action. That is limited to users in the wheel group in the shipped rules file that do have the privileges anyway. On systems with ISC DHCP client (dhclient), attackers can pass arguments to `ip link` with the interface name that can e.g. be used to bring down an interface or add an arbitrary XDP/BPF program. On systems with dhcpcd and without ISC DHCP client, attackers can even run arbitrary scripts by passing `-c/path/to/script` as an interface name. Patches are included in 2.1.4 and master that change the DhcpClient D-Bus method(s) to accept BlueZ network object paths instead of network interface names. A backport to 2.0(.8) is also available. As a workaround, make sure that Polkit-1-support is enabled and limit privileges for the `org.blueman.dhcp.client` action to users that are able to run arbitrary commands as root anyway in /usr/share/polkit-1/rules.d/blueman.rules.2020-10-27not yet calculatedCVE-2020-15238
MISC
MISC
MISC
CONFIRM
DEBIAN
eyesofnetwork — eonweb
 
An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to exploit the username_available function of the includes/functions.php file (which is called by login.php).2020-10-29not yet calculatedCVE-2020-27886
MISC
MISC
MISC
eyesofnetwork — eonweb
 
An issue was discovered in EyesOfNetwork 5.3 through 5.3-8. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the nmap_binary parameter to lilac/autodiscovery.php.2020-10-29not yet calculatedCVE-2020-27887
MISC
MISC
MISC
f5 — big-ipOn BIG-IP LTM 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.1, the Traffic Management Microkernel (TMM) process may consume excessive resources when processing SSL traffic and client authentication are enabled on the client SSL profile.2020-10-29not yet calculatedCVE-2020-5936
MISC
f5 — big-ip
 
On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels with configured, authenticated peers, the peer may negotiate a different key length than the BIG-IP configuration would otherwise allow.2020-10-29not yet calculatedCVE-2020-5938
MISC
f5 — big-ip
 
On BIG-IP AFM 15.1.0-15.1.0.5, the Traffic Management Microkernel (TMM) may produce a core file while processing layer 4 (L4) behavioral denial-of-service (DoS) traffic.2020-10-29not yet calculatedCVE-2020-5937
MISC
f5 — big-ip
 
On BIG-IP 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, Virtual servers with a OneConnect profile may incorrectly handle WebSockets related HTTP response headers, causing TMM to restart.2020-10-29not yet calculatedCVE-2020-5931
MISC
f5 — big-ip
 
On BIG-IP ASM 15.1.0-15.1.0.5, a cross-site scripting (XSS) vulnerability exists in the BIG-IP ASM Configuration utility response and blocking pages. An authenticated user with administrative privileges can specify a response page with any content, including JavaScript code that will be executed when preview is opened.2020-10-29not yet calculatedCVE-2020-5932
MISC
f5 — big-ip
 
On BIG-IP APM 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when multiple HTTP requests from the same client to configured SAML Single Logout (SLO) URL are passing through a TCP Keep-Alive connection, traffic to TMM can be disrupted.2020-10-29not yet calculatedCVE-2020-5934
MISC
f5 — big-ip
 
On BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when handling MQTT traffic through a BIG-IP virtual server associated with an MQTT profile and an iRule performing manipulations on that traffic, TMM may produce a core file.2020-10-29not yet calculatedCVE-2020-5935
MISC
f5 — big-ip
 
On versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, when a BIG-IP system that has a virtual server configured with an HTTP compression profile processes compressed HTTP message payloads that require deflation, a Slowloris-style attack can trigger an out-of-memory condition on the BIG-IP system.2020-10-29not yet calculatedCVE-2020-5933
MISC
facebook — hermes
 
An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.2020-10-26not yet calculatedCVE-2020-1915
CONFIRM
CONFIRM
fastreport — fastreport
 
An issue was discovered in FastReport before 2020.4.0. It lacks a ScriptSecurity feature and therefore may mishandle (for example) GetType, typeof, TypeOf, DllImport, LoadLibrary, and GetProcAddress.2020-10-29not yet calculatedCVE-2020-27998
MISC
MISC
MISC
firefly_iii — firefly_iii
 
An XSS vulnerability in the auto-complete function of the description field (for new or edited transactions) in Firefly III before 5.4.5 allows the user to execute JavaScript via suggested transaction titles. NOTE: this is exploitable only in a non-default configuration where Content Security Policy headers are disabled.2020-10-28not yet calculatedCVE-2020-27981
MISC
MISC
genexis — platnium-4410-v2-1.28_devices
 
Genexis Platinum-4410 P4410-V2-1.28 devices allow stored XSS in the WLAN SSID parameter. This could allow an attacker to perform malicious actions in which the XSS popup will affect all privileged users.2020-10-28not yet calculatedCVE-2020-27980
MISC
MISC
god_kings — god_kings
 
The God Kings application 0.60.1 for Android exposes a broadcast receiver to other apps called com.innogames.core.frontend.notifications.receivers.LocalNotificationBroadcastReceiver. The purpose of this broadcast receiver is to show an in-game push notification to the player. However, the application does not enforce any authorization schema on the broadcast receiver, allowing any application to send fully customizable in-game push notifications.2020-10-28not yet calculatedCVE-2020-25204
MISC
hewlett_packard — storeserv_management_console
 
SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* Upgrade to HPE 3PAR StoreServ Management Console 3.7.1.1 or later.2020-10-26not yet calculatedCVE-2020-7197
MISC
hrsale — hrsale
 
Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files.2020-10-29not yet calculatedCVE-2020-27993
MISC
lookatme — lookatme
 
In lookatme (python/pypi package) versions prior to 2.3.0, the package automatically loaded the built-in “terminal” and “file_loader” extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. As a workaround, the `lookatme/contrib/terminal.py` and `lookatme/contrib/file_loader.py` files may be manually deleted. Additionally, it is always recommended to be aware of what is being rendered with lookatme.2020-10-26not yet calculatedCVE-2020-15271
MISC
MISC
MISC
CONFIRM
MISC
mediawiki — mediawiki 
 
The RandomGameUnit extension for MediaWiki through 1.35 was not properly escaping various title-related data. When certain varieties of games were created within MediaWiki, their names or titles could be manipulated to generate stored XSS within the RandomGameUnit extension.2020-10-28not yet calculatedCVE-2020-27957
MISC
MISC
micro_focus — multiple_products
 
Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) versions: 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. The vulnerability could allow local attackers to execute code with escalated privileges.2020-10-27not yet calculatedCVE-2020-11858
MISC
MISC
MISC
micro_focus — multiple_products
 
Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.) Application Performance Management versions 9,51, 9.50 and 9.40 with uCMDB 10.33 CUP 3. The vulnerability could allow Arbitrary code execution.2020-10-27not yet calculatedCVE-2020-11854
MISC
MISC
MISC
MISC
mozilla — firefox
 
When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox < 80 and Firefox for Android < 80.2020-10-28not yet calculatedCVE-2020-6829
MISC
MISC
MISC
nvida — dgx_serversNVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product’s environment, which may lead to remote code execution.2020-10-29not yet calculatedCVE-2020-11486
CONFIRM
nvida — dgx_servers
 
NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which the Pseudo-Random Number Generator (PRNG) algorithm used in the JSOL package that implements the IPMI protocol is not cryptographically strong, which may lead to information disclosure.2020-10-29not yet calculatedCVE-2020-11616
CONFIRM
nvida — dgx_servers
 
NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with weak ciphers may lead to information disclosure.2020-10-29not yet calculatedCVE-2020-11487
CONFIRM
nvida — dgx_servers
 
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a vulnerability in the AMI BMC firmware in which an attacker with administrative privileges can obtain the hash of the BMC/IPMI user password, which may lead to information disclosure.2020-10-29not yet calculatedCVE-2020-11484
CONFIRM
nvida — dgx_servers
 
NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure.2020-10-29not yet calculatedCVE-2020-11615
CONFIRM
nvida — dgx_servers
 
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure.2020-10-29not yet calculatedCVE-2020-11489
CONFIRM
nvida — dgx_servers
 
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request, which can lead to information disclosure or code execution.2020-10-29not yet calculatedCVE-2020-11485
CONFIRM
nvida — dgx_servers
 
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which software does not validate the RSA 1024 public key used to verify the firmware signature, which may lead to information disclosure or code execution.2020-10-29not yet calculatedCVE-2020-11488
CONFIRM
nvida — dgx_servers
 
NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information disclosure.2020-10-29not yet calculatedCVE-2020-11483
CONFIRM
nvidia — cuda_toolkit
 
NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure.2020-10-30not yet calculatedCVE-2020-5991
CONFIRM
openrc — openrc
 
checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files because a non-terminal path component can be a symlink.2020-10-27not yet calculatedCVE-2018-21269
MISC
pam_tacplus — libtac
 
libtac in pam_tacplus through 1.5.1 lacks a check for a failure of RAND_bytes()/RAND_pseudo_bytes(). This could lead to use of a non-random/predictable session_id.2020-10-26not yet calculatedCVE-2020-27743
MISC
MISC
pathval — pathvalThis affects all versions of package pathval.2020-10-26not yet calculatedCVE-2020-7751
MISC
MISC
pimcore — pimcore
 
The package pimcore/pimcore from 6.7.2 and before 6.8.3 are vulnerable to SQL Injection in data classification functionality in ClassificationstoreController. This can be exploited by sending a specifically-crafted input in the relationIds parameter as demonstrated by the following request: http://vulnerable.pimcore.example/admin/classificationstore/relations?relationIds=[{“keyId”%3a”””,”groupId”%3a”‘asd’))+or+1%3d1+union+(select+1,2,3,4,5,6,name,8,password,”,11,12,”,14+from+users)+–+”}]2020-10-30not yet calculatedCVE-2020-7759
CONFIRM
CONFIRM
pulse_secure — desktop_client
 
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a MITM Attack if end users are convinced to connect to a malicious server.2020-10-28not yet calculatedCVE-2020-8241
MISC
pulse_secure — desktop_client
 
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. This vulnerability only affects Windows PDC if the Embedded Browser is configured with the Credential Provider.2020-10-28not yet calculatedCVE-2020-8240
MISC
pulse_secure — desktop_client
 
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 is vulnerable to the client registry privilege escalation attack. This fix also requires Server Side Upgrade due to Standalone Host Checker Client (Windows) and Windows PDC.2020-10-28not yet calculatedCVE-2020-8239
MISC
pulse_secure — desktop_client
 
A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to perform buffer overflow.2020-10-28not yet calculatedCVE-2020-8249
MISC
pulse_secure — desktop_client
 
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. This vulnerability only affects Windows PDC.To improve the security of connections between Pulse clients and Pulse Connect Secure, see below recommendation(s):Disable Dynamic certificate trust for PDC.2020-10-28not yet calculatedCVE-2020-8254
MISC
pulse_secure — pulse_connect_secure_and_pulse_policy_secure
 
An XML external entity (XXE) vulnerability in Pulse Connect Secure (PCS) before 9.1R9 and Pulse Policy Secure (PPS) before 9.1R9 allows remote authenticated admins to conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.2020-10-27not yet calculatedCVE-2020-15352
MISC
pulse_secure — pulse_connect_secure_and_pulse_policy_secure
 
A vulnerability in the Pulse Connect Secure / Pulse Policy Secure < 9.1R9 is vulnerable to arbitrary cookie injection.2020-10-28not yet calculatedCVE-2020-8261
MISC
pulse_secure — pulse_connect_secure_and_pulse_policy_secure
 
A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface.2020-10-28not yet calculatedCVE-2020-8262
MISC
qnap — qtsIf exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20200107; QTS 4.3.3.1161 on build 20200109; QTS 4.2.6 on build 20200109.2020-10-28not yet calculatedCVE-2018-19953
CONFIRM
qnap — qts
 
If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build 20200330 and later QTS 4.3.4.1282 build 20200408 and later QTS 4.3.3.1252 build 20200409 and later QTS 4.2.6 build 20200421 and later2020-10-28not yet calculatedCVE-2018-19943
CONFIRM
qnap — qts
 
If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20200107; QTS 4.3.3.1161 on build 20200109; QTS 4.2.6 on build 20200109.2020-10-28not yet calculatedCVE-2018-19949
CONFIRM
qsc — q-sys_core_manager
 
An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version.2020-10-28not yet calculatedCVE-2020-24990
MISC
MISC
MISC
rapid7 — metasploit
 
Rapid7’s Metasploit msfvenom framework handles APK files in a way that allows for a malicious user to craft and publish a file that would execute arbitrary commands on a victim’s machine.2020-10-29not yet calculatedCVE-2020-7384
MISC
red_discord_bot — mod_module
 
Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user’s control. By abusing this exploit, it is possible to perform destructive actions within the guild the user has high privileges in. This exploit has been fixed in version 3.4.1. As a workaround, unloading the Mod module with unload mod or, disabling the massban command with command disable global massban can render this exploit not accessible. We still highly recommend updating to 3.4.1 to completely patch this issue.2020-10-28not yet calculatedCVE-2020-15278
MISC
MISC
CONFIRM
red_hat — ansible
 
A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality2020-10-29not yet calculatedCVE-2020-25646
MISC
sal — sal
 
Sal is a multi-tenanted reporting dashboard for Munki with the ability to display information from Facter. In Sal through version 4.1.6 there is an XSS vulnerability on the machine_list view.2020-10-29not yet calculatedCVE-2020-26205
MISC
CONFIRM
samba — winbind
 
A null pointer dereference flaw was found in samba’s Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.2020-10-29not yet calculatedCVE-2020-14323
MISC
MISC
sec_consult — publixone
 
konzept-ix publiXone before 2020.015 allows attackers to take over arbitrary user accounts by crafting password-reset tokens.2020-10-27not yet calculatedCVE-2020-27179
MISC
MISC
sectona — spectra
 
Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID value.2020-10-28not yet calculatedCVE-2020-25966
MISC
MISC
shibboleth — identity_provider
 
Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated attacker can cause a login flow to trigger Java heap exhaustion due to the creation of objects in the Java Servlet container session.2020-10-28not yet calculatedCVE-2020-27978
MISC
smartstorenet — smartstorenet
 
An issue was discovered in SmartStoreNET before 4.0.1. It does not properly consider the need for a CustomModelPartAttribute decoration in certain ModelBase.CustomProperties situations.2020-10-29not yet calculatedCVE-2020-27996
MISC
MISC
sonicwall — global_vpn
 
SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability.2020-10-28not yet calculatedCVE-2020-5144
CONFIRM
sourcecodester — car_rental_management_system
 
An Arbitrary File Upload in the Upload Image component in SourceCodester Car Rental Management System 1.0 allows the user to conduct remote code execution via admin/index.php?page=manage_car because .php files can be uploaded to admin/assets/uploads/ (under the web root).2020-10-28not yet calculatedCVE-2020-27956
MISC
MISC
sourceforge — dual_dhcp_dns_server
 
An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the DualServer.exe binary.2020-10-28not yet calculatedCVE-2020-26133
MISC
MISC
sourceforge — home_dns_server
 
An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary.2020-10-28not yet calculatedCVE-2020-26132
MISC
MISC
sourceforge — open_dhcp_server
 
Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0.1Beta. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenDHCPServer.exe (Regular) or the OpenDHCPLdap.exe (LDAP Based) binary.2020-10-28not yet calculatedCVE-2020-26131
MISC
MISC
sourceforge — open_tftp_server
 
Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the OpenTFTPServerSP.exe binary.2020-10-28not yet calculatedCVE-2020-26130
MISC
MISC
sourceforge — snap7
 
The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP protocol the last-data-unit flag set to No and S7 writes a var function, the Snap7 server will be crashed.2020-10-28not yet calculatedCVE-2020-22552
MISC
MISC
MISC
synology — diskstation_manager

 

Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.2020-10-29not yet calculatedCVE-2020-27656
CONFIRM
synology — diskstation_manager
 
Synology DiskStation Manager (DSM) before 6.2.3-25426-2 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.2020-10-29not yet calculatedCVE-2020-27650
CONFIRM
synology — diskstation_manager
 
Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.2020-10-29not yet calculatedCVE-2020-27652
CONFIRM
MISC
synology — diskstation_manager
 
Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.2020-10-29not yet calculatedCVE-2020-27648
CONFIRM
MISC
synology — router_managerSynology Router Manager (SRM) before 1.2.4-8081 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.2020-10-29not yet calculatedCVE-2020-27658
CONFIRM
MISC
synology — router_managerCleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.2020-10-29not yet calculatedCVE-2020-27657
CONFIRM
synology — router_manager
 
Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.2020-10-29not yet calculatedCVE-2020-27649
CONFIRM
MISC
synology — router_manager
 
Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.2020-10-29not yet calculatedCVE-2020-27654
CONFIRM
MISC
MISC
synology — router_manager
 
Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.2020-10-29not yet calculatedCVE-2020-27651
CONFIRM
MISC
synology — router_manager
 
Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.2020-10-29not yet calculatedCVE-2020-27653
CONFIRM
MISC
synology — router_manager
 
Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic.2020-10-29not yet calculatedCVE-2020-27655
CONFIRM
texas_instruments — cc2538_devices

 

The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Read Reporting Configuration Response message. It crashes in zclHandleExternal().2020-10-27not yet calculatedCVE-2020-27891
MISC
MISC
texas_instruments — cc2538_devices

 

The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Discover Commands Received Response message or a ZCL Discover Commands Generated Response message. It crashes in zclParseInDiscCmdsRspCmd().2020-10-27not yet calculatedCVE-2020-27892
MISC
MISC
texas_instruments — cc2538_devices
 
The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Write Attributes No Response message. It crashes in zclParseInWriteCmd() and does not update the specific attribute’s value.2020-10-27not yet calculatedCVE-2020-27890
MISC
MISC
trend_micro — antivirus_for_mac
 
Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.2020-10-30not yet calculatedCVE-2020-27015
N/A
N/A
trend_micro — antivirus_for_mac
 
Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel panic or crash. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.2020-10-30not yet calculatedCVE-2020-27014
N/A
N/A

ubiquiti — unifi_meshing_access_point_unifi_controller_devices

An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Cached credentials are not erased from an access point returning wirelessly from a disconnected state. This may provide unintended network access.2020-10-27not yet calculatedCVE-2020-27888
MISC
vbulletin — vbulletin
 
vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. ALSO NOTE: CVE-2020-7373 is a duplicate of CVE-2020-17496. CVE-2020-17496 is the preferred CVE ID to track this vulnerability.2020-10-30not yet calculatedCVE-2020-7373
MISC
MISC
MISC
MISC
vmware — tanzu
 
Single Sign-On for Vmware Tanzu all versions prior to 1.11.3 ,1.12.x versions prior to 1.12.4 and 1.13.x prior to 1.13.1 are vulnerable to user impersonation attack.If two users are logged in to the SSO operator dashboard at the same time, with the same username, from two different identity providers, one can acquire the token of the other and thus operate with their permissions. Note: Foundation may be vulnerable only if: 1) The system zone is set up to use a SAML identity provider 2) There are internal users that have the same username as users in the external SAML provider 3) Those duplicate-named users have the scope to access the SSO operator dashboard 4) The vulnerability doesn’t appear with LDAP because of chained authentication.2020-10-31not yet calculatedCVE-2020-5425
CONFIRM
western_digital — my_cloud_devices
 
Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114.2020-10-27not yet calculatedCVE-2020-12830
MISC
CONFIRM
western_digital — my_cloud_devices
 
Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140.2020-10-27not yet calculatedCVE-2020-25765
MISC
CONFIRM
western_digital — my_cloud_nas_devices
 
Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.1142020-10-27not yet calculatedCVE-2020-27159
MISC
CONFIRM
western_digital — my_cloud_nas_devices
 
Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 (issue 3 of 3).2020-10-27not yet calculatedCVE-2020-27160
MISC
CONFIRM
western_digital — my_cloud_nas_devices
 
Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114.2020-10-27not yet calculatedCVE-2020-27158
MISC
CONFIRM
western_digital — my_cloud_nas_devices
 
An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges.2020-10-29not yet calculatedCVE-2020-27744
MISC
winston_privacy — winston_privacyWinston 1.5.4 devices do not enforce authorization. This is exploitable from the intranet, and can be combined with other vulnerabilities for remote exploitation.2020-10-28not yet calculatedCVE-2020-16260
MISC
MISC
winston_privacy — winston_privacyWinston 1.5.4 devices allow a U-Boot interrupt, resulting in local root access.2020-10-28not yet calculatedCVE-2020-16261
MISC
MISC
winston_privacy — winston_privacyWinston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root privilege escalation.2020-10-28not yet calculatedCVE-2020-16262
MISC
MISC
winston_privacy — winston_privacy
 
Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is undocumented in device documents and is not announced to the user.2020-10-28not yet calculatedCVE-2020-16259
MISC
MISC
winston_privacy — winston_privacy
 
Winston 1.5.4 devices make use of a Monit service (not managed during the normal user process) which is configured with default credentials.2020-10-28not yet calculatedCVE-2020-16258
MISC
MISC
winston_privacy — winston_privacy
 
Winston 1.5.4 devices are vulnerable to command injection via the API.2020-10-28not yet calculatedCVE-2020-16257
MISC
MISC
winston_privacy — winston_privacy
 
The API on Winston 1.5.4 devices is vulnerable to CSRF.2020-10-28not yet calculatedCVE-2020-16256
MISC
MISC
winston_privacy — winston_privacy
 
Winston 1.5.4 devices have a CORS configuration that trusts arbitrary origins. This allows requests to be made and viewed by arbitrary origins.2020-10-28not yet calculatedCVE-2020-16263
MISC
MISC
wire — wire
 
Wire before 2020-10-16 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a format string. This affects Wire AVS (Audio, Video, and Signaling) 5.3 through 6.x before 6.4, the Wire Secure Messenger application before 3.49.918 for Android, and the Wire Secure Messenger application before 3.61 for iOS. This occurs via the value parameter to sdp_media_set_lattr in peerflow/sdp.c.2020-10-27not yet calculatedCVE-2020-27853
MISC
wso2 — api_manager
 
Cross-Site Scripting (XSS) vulnerability on WSO2 API Manager 3.1.0. By exploiting a Cross-site scripting vulnerability the attacker can hijack a logged-in user’s session by stealing cookies which means that a malicious hacker can change the logged-in user’s password and invalidate the session of the victim while the hacker maintains access.2020-10-29not yet calculatedCVE-2020-27885
MISC
MISC
wso2 — enterprise_integrator
 
WSO2 Enterprise Integrator 6.6.0 or earlier contains a stored cross-site scripting (XSS) vulnerability in BPMN explorer tasks.2020-10-29not yet calculatedCVE-2020-25516
MISC
MISC
zohocorp — manageengine_applications_managerSQL Injection in Zoho ManageEngine Applications Manager 14 before 14560 allows an attacker to execute commands on the server via the MyPage.do template_resid parameter.2020-10-29not yet calculatedCVE-2020-27995
MISC

Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Brought to you by Dr. Ware, Microsoft Office 365 Silver Partner, Charleston SC.

%d bloggers like this: