adobe -- illustrator_cc
| Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-01-29 | 9.3 | CVE-2020-3714
CONFIRM |
adobe -- illustrator_cc
| Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-01-29 | 9.3 | CVE-2020-3713
CONFIRM |
adobe -- illustrator_cc
| Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-01-29 | 9.3 | CVE-2020-3712
CONFIRM |
adobe -- illustrator_cc
| Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-01-29 | 9.3 | CVE-2020-3711
CONFIRM |
adobe -- illustrator_cc
| Adobe Illustrator CC versions 24.0 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-01-29 | 9.3 | CVE-2020-3710
CONFIRM |
alienvault -- ossim
| OSSIM before 4.3.3.1 has tele_compress.php path traversal vulnerability | 2020-01-27 | 7.8 | CVE-2013-6056
MISC |
| amd -- atidxx64.dll_driver | An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.50005. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | 2020-01-25 | 7.8 | CVE-2019-5124
MISC |
amd -- atidxx64.dll_driver
| An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | 2020-01-25 | 7.8 | CVE-2019-5146
MISC |
amd -- atidxx64.dll_driver
| An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13003.1007. A specially crafted pixel shader can cause a denial of service. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be triggered from VMware guest, affecting VMware host. | 2020-01-25 | 7.8 | CVE-2019-5147
MISC |
apache -- spamassassin
| A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious Configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and attempts to exploit the issue will throw warnings. Thanks to Damian Lukowski at credativ for reporting the issue ethically. With this bug unpatched, exploits can be injected in a number of scenarios though doing so remotely is difficult. In addition to upgrading to SA 3.4.4, we again recommend that users should only use update channels or 3rd party .cf files from trusted places. | 2020-01-30 | 9.3 | CVE-2020-1931
CONFIRM
BUGTRAQ
DEBIAN |
apache -- spamassassin
| A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious rule configuration (.cf) files can be configured to run system commands similar to CVE-2018-11805. With this bug unpatched, exploits can be injected in a number of scenarios including the same privileges as spamd is run which may be elevated though doing so remotely is difficult. In addition to upgrading to SA 3.4.4, we again recommend that users should only use update channels or 3rd party .cf files from trusted places. If you cannot upgrade, do not use 3rd party rulesets, do not use sa-compile and do not run spamd as an account with elevated privileges. | 2020-01-30 | 9.3 | CVE-2020-1930
CONFIRM
MLIST
BUGTRAQ
DEBIAN |
asus -- rt-n56u_devices
| ASUS RT-N56U devices allow CSRF. | 2020-01-28 | 9.3 | CVE-2013-3093
MISC |
avast -- secure_browser
| A Local Privilege Escalation issue was discovered in Avast Secure Browser 76.0.1659.101. The vulnerability is due to an insecure ACL set by the AvastBrowserUpdate.exe (which is running as NT AUTHORITY\SYSTEM) when AvastSecureBrowser.exe checks for new updates. When the update check is triggered, the elevated process cleans the ACL of the Update.ini file in %PROGRAMDATA%\Avast Software\Browser\Update\ and sets all privileges to group Everyone. Because any low-privileged user can create, delete, or modify the Update.ini file stored in this location, an attacker with low privileges can create a hard link named Update.ini in this folder, and make it point to a file writable by NT AUTHORITY\SYSTEM. Once AvastBrowserUpdate.exe is triggered by the update check functionality, the DACL is set to a misconfigured value on the crafted Update.ini and, consequently, to the target file that was previously not writable by the low-privileged attacker. | 2020-01-27 | 7.2 | CVE-2019-17190
MISC |
bitdefender -- bitdefender_box_2
| A command injection vulnerability has been discovered in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method `/api/download_image` unsafely handles the production firmware URL supplied by remote servers, leading to arbitrary execution of system commands. In order to exploit the condition, an unauthenticated attacker should impersonate a infrastructure server to trigger this vulnerability. | 2020-01-27 | 10 | CVE-2019-17095
ETC
CONFIRM
ETC |
bitdefender -- bitdefender_box_2
| A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command. | 2020-01-27 | 9.3 | CVE-2019-17096
CONFIRM |
cisco -- sd-wan_solution
| A vulnerability in the WebUI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in the affected solution. An attacker could exploit this vulnerability by configuring a malicious username on the login page of the affected solution. A successful exploit could allow the attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. | 2020-01-26 | 9 | CVE-2019-12629
CISCO |
cisco -- sd-wan_solution_vmanage
| A vulnerability in the CLI of the Cisco SD-WAN Solution vManage software could allow an authenticated, local attacker to elevate privileges to root-level privileges on the underlying operating system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted file to the affected system. An exploit could allow the attacker to elevate privileges to root-level privileges. | 2020-01-26 | 7.2 | CVE-2020-3115
CISCO |
cisco -- small_business_switches
| A vulnerability in the web UI of Cisco Small Business Switches could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of requests sent to the web interface. An attacker could exploit this vulnerability by sending a malicious request to the web interface of an affected device. A successful exploit could allow the attacker to cause an unexpected reload of the device, resulting in a DoS condition. This vulnerability affects firmware releases prior than 1.3.7.18 | 2020-01-30 | 7.8 | CVE-2020-3147
CISCO |
cisco -- webex_video_mesh
| A vulnerability in the web-based management interface of Cisco Webex Video Mesh could allow an authenticated, remote attacker to execute arbitrary commands on the affected system. The vulnerability is due to improper validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by logging in to the web-based management interface with administrative privileges and supplying crafted requests to the application. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system with root privileges on a targeted node. | 2020-01-26 | 9 | CVE-2019-16005
CISCO |
core_security -- vivotek_ip_cameras
| A Command Injection vulnerability exists in Vivotek PT7135 IP Cameras 0300a and 0400a via the system.ntp parameter to the farseer.out binary file, which cold let a malicious user execute arbitrary code. | 2020-01-24 | 9 | CVE-2013-1598
MISC
MISC
MISC
MISC
MISC |
core_security -- vivotek_pt7135_ip_camera
| A Buffer Overflow vulnerability exists in Vivotek PT7135 IP Camera 0300a and 0400a via a specially crafted packet in the Authorization header field sent to the RTSP service, which could let a remote malicious user execute arbitrary code or cause a Denial of Service. | 2020-01-24 | 7.5 | CVE-2013-1595
MISC
MISC
MISC
MISC
MISC |
d-link -- dir-859_devices
| D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because REMOTE_PORT is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters. | 2020-01-29 | 10 | CVE-2019-20216
MISC
MISC
CONFIRM |
d-link -- dir-859_devices
| D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because HTTP_ST is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters. | 2020-01-29 | 10 | CVE-2019-20215
MISC
CONFIRM |
d-link -- dir-859_devices
| D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because SERVER_ID is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters. | 2020-01-29 | 10 | CVE-2019-20217
MISC
MISC
CONFIRM |
d-link -- dsr-250n_devices
| D-Link DSR-250N devices with firmware 1.05B73_WW allow Persistent Root Access because of the admin password for the admin account. | 2020-01-25 | 9 | CVE-2012-6613
EXPLOIT-DB |
dolibarr -- dolibarr
| The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts. | 2020-01-26 | 10 | CVE-2020-7995
MISC
MISC |
exiv2 -- exiv2
| In Jp2Image::readMetadata() in jp2image.cpp in Exiv2 0.27.2, an input file can result in an infinite loop and hang, with high CPU consumption. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted file. | 2020-01-27 | 7.1 | CVE-2019-20421
MISC
MISC |
fudforum -- fudforum_bulletin_board
| PHP Code Injection vulnerability in FUDforum Bulletin Board Software 3.0.4 could allow remote attackers to execute arbitrary code on the system. | 2020-01-27 | 9 | CVE-2013-2267
BID
XF |
geocoder -- geocoder
| sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when within_bounding_box is used in conjunction with untrusted sw_lat, sw_lng, ne_lat, or ne_lng data. | 2020-01-25 | 7.5 | CVE-2020-7981
MISC
MISC |
gitlab -- gitlab_community_and_enterprise_edition
| A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF where the library is utilized. | 2020-01-28 | 7.5 | CVE-2019-5464
MISC
MISC
MISC |
gitlab -- gitlab_community_and_enterprise_edition
| Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user's account. | 2020-01-28 | 7.5 | CVE-2019-15585
MISC
MISC |
git -- git
| A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1354, CVE-2019-1387. | 2020-01-24 | 9.3 | CVE-2019-1352
SUSE
REDHAT
MISC
MISC |
git -- git
| A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1350, CVE-2019-1352, CVE-2019-1387. | 2020-01-24 | 9.3 | CVE-2019-1354
SUSE
MISC
MISC |
git -- git
| A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1350, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. | 2020-01-24 | 9.3 | CVE-2019-1349
SUSE
REDHAT
MISC
MISC |
git -- git
| A remote code execution vulnerability exists when Git for Visual Studio improperly sanitizes input, aka 'Git for Visual Studio Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1349, CVE-2019-1352, CVE-2019-1354, CVE-2019-1387. | 2020-01-24 | 9.3 | CVE-2019-1350
SUSE
MISC
MISC |
gnu -- gnu_coreutils
| Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service (application crash) or possibly have unspecified other impact via long strings. | 2020-01-24 | 7.5 | CVE-2015-4042
MISC
MISC |
handsomeweb -- sos_webpages
| backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash. | 2020-01-28 | 7.5 | CVE-2014-3445
MISC
MISC
MISC
MISC
MISC |
huawei -- e587_3g_mobile_hotspot
| Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI. | 2020-01-27 | 10 | CVE-2013-2612
XF
BID |
i_read_it_somewhere -- i_read_it_somewhere
| IRIS citations management tool through 1.3 allows remote attackers to execute arbitrary commands. | 2020-01-25 | 7.5 | CVE-2013-1744
MISC |
intellian_technologies -- aptus
| The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account. | 2020-01-27 | 10 | CVE-2020-8001
MISC |
intellian_technologies -- aptus_web
| Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account. | 2020-01-27 | 10 | CVE-2020-8000
MISC |
intellian_technologies -- aptus_web
| Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed. | 2020-01-25 | 10 | CVE-2020-7980
MISC
MISC
MISC |
intellian -- aptus
| The Intellian Aptus application 1.0.2 for Android has hardcoded values for DOWNLOAD_API_KEY and FILE_DOWNLOAD_API_KEY. | 2020-01-27 | 7.5 | CVE-2020-7999
MISC |
irfanview -- flashpix_plugin
| IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow Vulnerability | 2020-01-27 | 9.3 | CVE-2013-3486
MISC
MISC |
isof -- isof
| All versions including 0.0.4 of lsof npm module are vulnerable to Command Injection. Every exported method used by the package uses the exec function to parse user input. | 2020-01-29 | 7.5 | CVE-2019-10783
MISC |
jenkins -- jenkins
| Jenkins 2.213 and earlier, LTS 2.204.1 and earlier improperly reuses encryption key parameters in the Inbound TCP Agent Protocol/3, allowing unauthorized attackers with knowledge of agent names to obtain the connection secrets for those agents, which can be used to connect to Jenkins, impersonating those agents. | 2020-01-29 | 7.5 | CVE-2020-2099
MLIST
CONFIRM |
koha -- koha
| SQL injection vulnerability in the MARC framework import/export function (admin/import_export_framework.pl) in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors. NOTE: this can be leveraged by remote attackers using CVE-2014-1924. | 2020-01-24 | 7.5 | CVE-2014-1925
MISC
MISC
MISC
MISC |
koha -- koha
| The MARC framework import/export function (admin/import_export_framework.pl) in Koha before 3.8.23, 3.10.x before 3.10.13, 3.12.x before 3.12.10, and 3.14.x before 3.14.3 does not require authentication, which allows remote attackers to conduct SQL injection attacks via unspecified vectors. | 2020-01-24 | 7.5 | CVE-2014-1924
MISC
MISC
MISC
MISC |
lexmark -- markvision_enterprise
| Directory traversal vulnerability in the ReportDownloadServlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to read arbitrary files via unspecified vectors. | 2020-01-27 | 7.8 | CVE-2014-8742
CONFIRM
MISC |
lexmark -- markvision_enterprise
| Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to write to arbitrary files via unspecified vectors. | 2020-01-27 | 10 | CVE-2014-8741
CONFIRM
MISC |
lorex_technology -- lnc116_and_lnc104_ip_cameras
| Lorex LNC116 and LNC104 IP Cameras have a Remote Authentication Bypass Vulnerability | 2020-01-24 | 7.5 | CVE-2012-6451
MISC
MISC |
lustre -- lustre
| In the Lustre file system before 2.12.3, mdt_object_remote in the mdt module has a NULL pointer dereference and panic due to the lack of validation for specific fields of packets sent by a client. | 2020-01-27 | 7.8 | CVE-2019-20424
MISC
MISC
MISC
MISC |
lustre -- lustre
| In the Lustre file system before 2.12.3, the mdt module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. mdt_file_secctx_unpack does not validate the value of name_size derived from req_capsule_get_size. | 2020-01-27 | 7.8 | CVE-2019-20432
MISC
MISC
MISC
MISC |
lustre -- lustre
| In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustre_msg_string, there is no validation of a certain length value derived from lustre_msg_buflen_v2. | 2020-01-27 | 7.8 | CVE-2019-20425
MISC
MISC
MISC
MISC |
lustre -- lustre
| In the Lustre file system before 2.12.3, the mdt module has an LBUG panic (via a large MDT Body eadatasize field) due to the lack of validation for specific fields of packets sent by a client. | 2020-01-27 | 7.8 | CVE-2019-20430
MISC
MISC
MISC
MISC |
lustre -- lustre
| In the Lustre file system before 2.12.3, the ptlrpc module has an osd_map_remote_to_local out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. osd_bufs_get in the osd_ldiskfs module does not validate a certain length value. | 2020-01-27 | 7.8 | CVE-2019-20431
MISC
MISC
MISC
MISC |
lustre -- lustre
| In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic (via a modified lm_bufcount field) due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between sptlrpc_svc_unwrap_request and lustre_msg_hdr_size_v2. | 2020-01-27 | 7.8 | CVE-2019-20429
MISC
MISC
MISC
MISC |
lustre -- lustre
| In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic due to the lack of validation for specific fields of packets sent by a client. The ldl_request_cancel function mishandles a large lock_count parameter. | 2020-01-27 | 7.8 | CVE-2019-20428
MISC
MISC
MISC
MISC |
lustre -- lustre
| In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlm_cancel_hpreq_check, there is no lock_count bounds check. | 2020-01-27 | 7.8 | CVE-2019-20426
MISC
MISC
MISC
MISC |
lustre -- lustre
| In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. The function target_handle_connect() mishandles a certain size value when a client connects to a server, because of an integer signedness error. | 2020-01-27 | 7.8 | CVE-2019-20423
MISC
MISC
MISC
MISC |
lustre -- lustre
| In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between req_capsule_get_size and tgt_brw_write leads to a tgt_shortio2pages integer signedness error. | 2020-01-27 | 9 | CVE-2019-20427
MISC
MISC
MISC
MISC |
magento -- magento
| Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have an sql injection vulnerability. Successful exploitation could lead to sensitive information disclosure. | 2020-01-29 | 7.8 | CVE-2020-3719
CONFIRM |
magento -- magento
| Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-01-29 | 10 | CVE-2020-3716
CONFIRM |
magento -- magento
| Magento versions 2.3.3 and earlier, 2.2.10 and earlier, 1.14.4.3 and earlier, and 1.9.4.3 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-01-29 | 10 | CVE-2020-3718
CONFIRM |
microsoft -- visual_studio_code
| An elevation of privilege vulnerability exists in Visual Studio Code when it exposes a debug listener to users of a local computer, aka 'Visual Studio Code Elevation of Privilege Vulnerability'. | 2020-01-24 | 7.2 | CVE-2019-1414
MISC |
netgear -- centria_wndr4700_devices
| NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass. | 2020-01-28 | 7.5 | CVE-2013-3071
BID |
netgear -- wndr4700_media_server_devices
| NetGear WNDR4700 Media Server devices with firmware 1.0.0.34 allow remote attackers to cause a denial of service (device crash). | 2020-01-28 | 7.8 | CVE-2013-3074
BID |
netgear -- wnr1000v3
| Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key. | 2020-01-29 | 10 | CVE-2013-3317
EXPLOIT-DB |
netgear -- wnr1000v3
| Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg". | 2020-01-29 | 10 | CVE-2013-3316
EXPLOIT-DB |
| opensmtpd -- opensmtpd | smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation. | 2020-01-29 | 10 | CVE-2020-7247
MISC
MISC
FULLDISC
MISC
CONFIRM
BUGTRAQ
DEBIAN
CERT-VN
CONFIRM |
postgresql -- postgresql
| PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter and causing an error, which triggers the loss of synchronization and part of the protocol message to be treated as a new message, as demonstrated by causing a timeout or query cancellation. | 2020-01-27 | 7.5 | CVE-2015-0244
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM |
red_hat -- openshift_origin
| The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart. | 2020-01-28 | 10 | CVE-2013-2060
MISC
MISC
MISC
MISC |
ruckus -- zoneflex_r500_devices
| Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat${IFS} substring. | 2020-01-29 | 9 | CVE-2020-8438
MISC |
soapbox -- soapbox
| Soapbox through 0.3.1: Sandbox bypass - runs a second instance of Soapbox within a sandboxed Soapbox. | 2020-01-24 | 7.2 | CVE-2012-6302
MISC |
suse -- Linux_enterprise_server_11
| A symlink following vulnerability in the packaging of mailman in SUSE Linux Enterprise Server 11, SUSE Linux Enterprise Server 12; openSUSE Leap 15.1 allowed local attackers to escalate their privileges from user wwwrun to root. Additionally arbitrary files could be changed to group mailman. This issue affects: SUSE Linux Enterprise Server 11 mailman versions prior to 2.1.15-9.6.15.1. SUSE Linux Enterprise Server 12 mailman versions prior to 2.1.17-3.11.1. openSUSE Leap 15.1 mailman version 2.1.29-lp151.2.14 and prior versions. | 2020-01-24 | 7.2 | CVE-2019-3693
SUSE
CONFIRM |
suse -- linux_enterprise_server_11
| The packaging of inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1 allows local attackers to escalate from user inn to root via symlink attacks. This issue affects: SUSE Linux Enterprise Server 11 inn version 2.4.2-170.21.3.1 and prior versions. openSUSE Factory inn version 2.6.2-2.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.2.47 and prior versions. | 2020-01-24 | 7.2 | CVE-2019-3692
CONFIRM |
suse -- opensuse
| UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of gnump3d in openSUSE Leap 15.1 allows local attackers to escalate from user gnump3d to root. This issue affects: openSUSE Leap 15.1 gnump3d version 3.0-lp151.2.1 and prior versions. | 2020-01-24 | 7.2 | CVE-2019-3697
CONFIRM |
suse -- opensuse_factory
| A Symbolic Link (Symlink) Following vulnerability in the packaging of munin in openSUSE Factory, Leap 15.1 allows local attackers to escalate from user munin to root. This issue affects: openSUSE Factory munin version 2.0.49-4.2 and prior versions. openSUSE Leap 15.1 munin version 2.0.40-lp151.1.1 and prior versions. | 2020-01-24 | 7.2 | CVE-2019-3694
CONFIRM |
synacor -- zimbra_collaboration
| Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS. | 2020-01-27 | 7.5 | CVE-2014-8563
CONFIRM
CONFIRM |
tp-link -- tp-link_ip_cameras
| A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code. | 2020-01-29 | 10 | CVE-2013-2573
MISC
MISC
MISC
MISC
MISC |
vtiger -- vtiger_crm
| vtiger CRM 5.4.0 and earlier contain an Authentication Bypass Vulnerability due to improper authentication validation in the validateSession function. | 2020-01-29 | 7.5 | CVE-2013-3215
BID
XF |
vtiger -- vtiger_crm
| vtiger CRM 5.4.0 and earlier contain a PHP Code Injection Vulnerability in 'vtigerolservice.php'. | 2020-01-28 | 7.5 | CVE-2013-3214
EXPLOIT-DB
BID
XF |
webcalendar_project -- webcalendar
| install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter. | 2020-01-27 | 7.5 | CVE-2012-1495
MISC
MISC
MISC
MISC |
xnview -- xnview
| XnView 2.03 has an integer overflow vulnerability | 2020-01-27 | 7.5 | CVE-2013-3493
MISC |
xnview -- xnview
| XnView 2.03 has a stack-based buffer overflow vulnerability | 2020-01-27 | 7.5 | CVE-2013-3492
MISC |
zavio -- zavio_ip_cameras
| A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code. | 2020-01-29 | 10 | CVE-2013-2568
MISC
MISC
MISC
MISC
MISC |
zavio -- zavio_ip_cameras
| A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 in the General.Time.NTP.Server parameter to the sub_C8C8 function of the binary /opt/cgi/view/param, which could let a remove malicious user execute arbitrary code. | 2020-01-29 | 7.5 | CVE-2013-2570
MISC
MISC
MISC
MISC |
No comments:
Post a Comment