CVE-2020-8818 - An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. Lack of origin authentication in the IPN callback processing function in Controller/Payment/Callback.php allows an attacker to remotely replace critical plugin settings (merchant ID, secret key, etc.) and therefore bypass the payment process (e.g., spoof an order status by manually sending an IPN callback request with a valid signature but without real payment) and/or receive all of the subsequent payments.
25/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8818
Partager : LinkedIn / Twitter / Facebook

CVE-2020-8819 - An issue was discovered in the CardGate Payments plugin through 3.1.15 for WooCommerce. Lack of origin authentication in the IPN callback processing function in cardgate/cardgate.php allows an attacker to remotely replace critical plugin settings (merchant ID, secret key, etc.) and therefore bypass the payment process (e.g., spoof an order status by manually sending an IPN callback request with a valid signature but without real payment) and/or receive all of the subsequent payments.
25/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8819
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9385 - A NULL Pointer Dereference exists in libzint in Zint 2.7.1 because multiple + characters are mishandled in add_on in upcean.c, when called from eanx in upcean.c during EAN barcode generation.
25/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9385
Partager : LinkedIn / Twitter / Facebook

CVE-2012-0785 - Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2012-0785
Partager : LinkedIn / Twitter / Facebook

CVE-2015-9542 - add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). An attacker could send a crafted password to an application (loading the pam_radius library) and crash it. Arbitrary code execution might be possible, depending on the application, C library, compiler, and other factors.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2015-9542
Partager : LinkedIn / Twitter / Facebook

CVE-2018-13313 - In TOTOLINK A3002RU 1.0.8, the router provides a page that allows the user to change their account name and password. This page, password.htm, contains JavaScript which is used to confirm the user knows their current password before allowing them to change their password. However, this JavaScript contains the current user's password in plaintext.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2018-13313
Partager : LinkedIn / Twitter / Facebook

CVE-2018-14705 - In Drobo 5N2 4.0.5, all optional applications lack any form of authentication/authorization validation. As a result, any user capable of accessing the device over the network may interact with and control these applications. This not only poses a severe risk to the availability of these applications, but also poses severe risks to the confidentiality and integrity of data stored within the applications and the device itself.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2018-14705
Partager : LinkedIn / Twitter / Facebook

CVE-2019-10796 - rpi through 0.0.3 allows execution of arbritary commands. The variable pinNumbver in function GPIO within src/lib/gpio.js is used as part of the arguement of exec function without any sanitization.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-10796
Partager : LinkedIn / Twitter / Facebook

CVE-2019-10798 - rdf-graph-array through 0.3.0-rc6 manipulation of JavaScript objects resutling in Prototype Pollution. The rdf.Graph.prototype.add method could be tricked into adding or modifying properties of Object.prototype.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-10798
Partager : LinkedIn / Twitter / Facebook

CVE-2019-10799 - compile-sass prior to 1.0.5 allows execution of arbritary commands. The function "setupCleanupOnExit(cssPath)" within "dist/index.js" is executed as part of the "rm" command without any sanitization.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-10799
Partager : LinkedIn / Twitter / Facebook

CVE-2019-12510 - In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may bypass all authentication checks on the device's "NETGEAR Genie" SOAP API ("/soap/server_sa") by supplying a malicious X-Forwarded-For header of the device's LAN IP address (192.168.1.1) in every request. As a result, an attacker may modify almost all of the device's settings and view various configuration settings.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-12510
Partager : LinkedIn / Twitter / Facebook

CVE-2019-12511 - In NETGEAR Nighthawk X10-R900 prior to 1.0.4.26, an attacker may execute arbitrary system commands as root by sending a specially-crafted MAC address to the "NETGEAR Genie" SOAP endpoint at AdvancedQoS:GetCurrentBandwidthByMAC. Although this requires QoS being enabled, advanced QoS being enabled, and a valid authentication JWT, additional vulnerabilities (CVE-2019-12510) allow an attacker to interact with the entire SOAP API without authentication. Additionally, DNS rebinding techniques may be used to exploit this vulnerability remotely. Exploiting this vulnerability is somewhat involved. The following limitations apply to the payload and must be overcome for successful exploitation: - No more than 17 characters may be used. - At least one colon must be included to prevent mangling. - A single-quote and meta-character must be used to break out of the existing command. - Parent command remnants after the injection point must be dealt with. - The payload must be in all-caps. Despite these limitations, it is still possible to gain access to an interactive root shell via this vulnerability. Since the web server assigns certain HTTP headers to environment variables with all-caps names, it is possible to insert a payload into one such header and reference the subsequent environment variable in the injection point.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-12511
Partager : LinkedIn / Twitter / Facebook

CVE-2019-12512 - In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, an attacker may execute stored XSS attacks against this device by supplying a malicious X-Forwarded-For header while performing an incorrect login attempt. The value supplied by this header will be inserted into administrative logs, found at Advanced settings->Administration->Logs, and may trigger when the page is viewed. Although this value is inserted into a textarea tag, the attack simply needs to supply a closing textarea tag.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-12512
Partager : LinkedIn / Twitter / Facebook

CVE-2019-12513 - In NETGEAR Nighthawk X10-R900 prior to 1.0.4.24, by sending a DHCP discover request containing a malicious hostname field, an attacker may execute stored XSS attacks against this device. When the malicious DHCP request is received, the device will generate a log entry containing the malicious hostname. This log entry may then be viewed at Advanced settings->Administration->Logs to trigger the exploit. Although this value is inserted into a textarea tag, converted to all-caps, and limited in length, attacks are still possible.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-12513
Partager : LinkedIn / Twitter / Facebook

CVE-2019-15299 - An issue was discovered in Centreon Web through 19.04.3. When a user changes his password on his profile page, the contact_autologin_key field in the database becomes blank when it should be NULL. This makes it possible to partially bypass authentication.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-15299
Partager : LinkedIn / Twitter / Facebook

CVE-2019-17228 - includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress allows unauthenticated options changes.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-17228
Partager : LinkedIn / Twitter / Facebook

CVE-2019-17229 - includes/options.php in the motors-car-dealership-classified-listings (aka Motors - Car Dealer & Classified Ads) plugin through 1.4.0 for WordPress has multiple stored XSS issues.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-17229
Partager : LinkedIn / Twitter / Facebook

CVE-2019-17569 - The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-17569
Partager : LinkedIn / Twitter / Facebook

CVE-2019-18182 - pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the download_with_xfercommand() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted database and package.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-18182
Partager : LinkedIn / Twitter / Facebook

CVE-2019-18183 - pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the apply_deltas() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an attacker-controlled crafted database and delta file.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-18183
Partager : LinkedIn / Twitter / Facebook

CVE-2019-20044 - In Zsh before 5.8, attackers able to execute commands can regain privileges dropped by the --no-PRIVILEGED option. Zsh fails to overwrite the saved uid, so the original privileges can be restored by executing MODULE_PATH=/dir/with/module zmodload with a module that calls setuid().
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-20044
Partager : LinkedIn / Twitter / Facebook

CVE-2019-20480 - In MIELE XGW 3000 ZigBee Gateway before 2.4.0, a malicious website visited by an authenticated admin user or a malicious mail is allowed to make arbitrary changes in the "admin panel" because there is no CSRF protection.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-20480
Partager : LinkedIn / Twitter / Facebook

CVE-2019-20481 - In MIELE XGW 3000 ZigBee Gateway before 2.4.0, the Password Change Function does not require knowledge of the old password. This can be exploited in conjunction with CVE-2019-20480.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-20481
Partager : LinkedIn / Twitter / Facebook

CVE-2019-3670 - Remote Code Execution vulnerability in the web interface in McAfee Web Advisor (WA) 8.0.34745 and earlier allows remote unauthenticated attacker to execute arbitrary code via a cross site scripting attack.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-3670
Partager : LinkedIn / Twitter / Facebook

CVE-2019-4595 - IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 167878.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-4595
Partager : LinkedIn / Twitter / Facebook

CVE-2019-4703 - IBM Spectrum Protect Plus 10.1.0 and 10.5.0, when protecting Microsoft SQL or Microsoft Exchange, could allow an attacker with intimate knowledge of the system to obtain highly sensitive information.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-4703
Partager : LinkedIn / Twitter / Facebook

CVE-2019-4745 - IBM Maximo Asset Management 7.6.1.0 could allow a remote attacker to disclose sensitive information to an authenticated user due to disclosing path information in the URL. IBM X-Force ID: 172883.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-4745
Partager : LinkedIn / Twitter / Facebook

CVE-2020-1935 - In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located behind a reverse proxy that incorrectly handled the invalid Transfer-Encoding header in a particular manner. Such a reverse proxy is considered unlikely.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-1935
Partager : LinkedIn / Twitter / Facebook

CVE-2020-1937 - Kylin has some restful apis which will concatenate SQLs with the user input string, a user is likely to be able to run malicious database queries.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-1937
Partager : LinkedIn / Twitter / Facebook

CVE-2020-1938 - When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exploited in ways that may be surprising. In Apache Tomcat 9.0.0.M1 to 9.0.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99, Tomcat shipped with an AJP Connector enabled by default that listened on all configured IP addresses. It was expected (and recommended in the security guide) that this Connector would be disabled if not required. This vulnerability report identified a mechanism that allowed: - returning arbitrary files from anywhere in the web application - processing any file in the web application as a JSP Further, if the web application allowed file upload and stored those files within the web application (or the attacker was able to control the content of the web application by some other means) then this, along with the ability to process a file as a JSP, made remote code execution possible. It is important to note that mitigation is only required if an AJP port is accessible to untrusted users. Users wishing to take a defence-in-depth approach and block the vector that permits returning arbitrary files and execution as JSP may upgrade to Apache Tomcat 9.0.31, 8.5.51 or 7.0.100 or later. A number of changes were made to the default AJP Connector configuration in 9.0.31 to harden the default configuration. It is likely that users upgrading to 9.0.31, 8.5.51 or 7.0.100 or later will need to make small changes to their configurations.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-1938
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4210 - IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175020.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4210
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4211 - IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175022.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4211
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4212 - IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175023.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4212
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4213 - IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175024.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4213
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4222 - IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175091.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4222
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5186 - DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2).
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-5186
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5187 - DNN (formerly DotNetNuke) through 9.4.4 allows Path Traversal (issue 2 of 2).
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-5187
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5188 - DNN (formerly DotNetNuke) through 9.4.4 has Insecure Permissions.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-5188
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5244 - In BuddyPress before 5.1.2, requests to a certain REST API endpoint can result in private user data getting exposed. Authentication is not needed. This has been patched in version 5.1.2.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-5244
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5245 - Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-5245
Partager : LinkedIn / Twitter / Facebook

CVE-2020-8130 - There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8130
Partager : LinkedIn / Twitter / Facebook

CVE-2020-8131 - Arbitrary filesystem write vulnerability in Yarn 1.21.1 and earlier allows attackers to write to any path on the filesystem and potentially lead to arbitrary code execution by forcing the user to install a malicious package.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8131
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9362 - The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and Total Security for Android.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9362
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9363 - The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9363
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9365 - An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9365
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9366 - A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9366
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9369 - Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service (disk consumption from temporary files, and a flood of notifications to listmasters) via a series of requests with malformed parameters.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9369
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9374 - On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9374
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9381 - controllers/admin.js in Total.js CMS 13 allows remote attackers to execute arbitrary code via a POST to the /admin/api/widgets/ URI. This can be exploited in conjunction with CVE-2019-15954.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9381
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9382 - An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title sanitization allowed for the execution of any wiki page as a widget (as defined by this extension) via MediaWiki's {} parser function.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9382
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9355 - danfruehauf NetworkManager-ssh before 1.2.11 allows privilege escalation because extra options are mishandled.
23/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9355
Partager : LinkedIn / Twitter / Facebook

CVE-2020-8860 - This vulnerability allows remote attackers to execute arbitrary code on affected installations of Samsung Galaxy S10 Firmware G973FXXS3ASJA, O(8.x), P(9.0), Q(10.0) devices with Exynos chipsets. User interaction is required to exploit this vulnerability in that the target must answer a phone call. The specific flaw exists within the Call Control Setup messages. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the baseband processor. Was ZDI-CAN-9658.
22/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8860
Partager : LinkedIn / Twitter / Facebook

CVE-2020-8861 - This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-1330 1.10B01 BETA Wi-Fi range extenders. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper handling of cookies. An attacker can leverage this vulnerability to execute arbitrary code on the router. Was ZDI-CAN-9554.
22/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8861
Partager : LinkedIn / Twitter / Facebook

CVE-2020-8862 - This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2610 Firmware v2.01RC067 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords. The issue results from the lack of proper password checking. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-10082.
22/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8862
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9039 - Couchbase Server 4.x and 5.x before 6.0.0 has Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).
22/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9039
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9340 - fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter.
22/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9340
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9342 - The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Protection For Salesforce, Email and Server Security, and Internet GateKeeper.
22/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9342
Partager : LinkedIn / Twitter / Facebook

CVE-2012-0063 - Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man-in-the-middle attacks and execute arbitrary code ith the permissions of the user running tucan.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2012-0063
Partager : LinkedIn / Twitter / Facebook

CVE-2012-0828 - Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service (xchat client crash) or execute arbitrary code via a UTF-8 line from server containing characters outside of the Basic Multilingual Plane (BMP).
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2012-0828
Partager : LinkedIn / Twitter / Facebook

CVE-2012-1093 - The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2012-1093
Partager : LinkedIn / Twitter / Facebook

CVE-2012-6277 - Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code."
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2012-6277
Partager : LinkedIn / Twitter / Facebook

CVE-2013-3551 - Kernel/Modules/AgentTicketPhone.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.20, 3.1.x before 3.1.16, and 3.2.x before 3.2.7, and OTRS ITSM 3.0.x before 3.0.8, 3.1.x before 3.1.9, and 3.2.x before 3.2.5 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket split mechanism.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2013-3551
Partager : LinkedIn / Twitter / Facebook

CVE-2013-3587 - The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack, a different issue than CVE-2012-4929.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2013-3587
Partager : LinkedIn / Twitter / Facebook

CVE-2013-4088 - Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket split mechanism.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2013-4088
Partager : LinkedIn / Twitter / Facebook

CVE-2014-7914 - btif/src/btif_dm.c in Android before 5.1 does not properly enforce the temporary nature of a Bluetooth pairing, which allows user-assisted remote attackers to bypass intended access restrictions via crafted Bluetooth packets after the tapping of a crafted NFC tag.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2014-7914
Partager : LinkedIn / Twitter / Facebook

CVE-2016-4606 - Curl before 7.49.1 in Apple OS X before macOS Sierra prior to 10.12 allows remote or local attackers to execute arbitrary code, gain sensitive information, cause denial-of-service conditions, bypass security restrictions, and perform unauthorized actions. This may aid in other attacks.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2016-4606
Partager : LinkedIn / Twitter / Facebook

CVE-2019-18846 - OX App Suite through 7.10.2 allows SSRF.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-18846
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19452 - A buffer overflow was found in Patriot Viper RGB through 1.1 when processing IoControlCode 0x80102040. Local attackers (including low integrity processes) can exploit this to gain NT AUTHORITY\SYSTEM privileges.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-19452
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19865 - Atos Unify OpenScape UC Web Client 1.0 allows XSS. An attacker could exploit this by convincing an authenticated user to inject arbitrary JavaScript code in the Profile Name field. A browser would execute this stored XSS payload.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-19865
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19866 - Atos Unify OpenScape UC Web Client 1.0 allows remote attackers to obtain sensitive information. By iterating the value of conferenceId to getMailFunction in the JSON API, one can enumerate all conferences scheduled on the platform, with their numbers and access PINs.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-19866
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5243 - uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. Some regexes are vulnerable to regular expression denial of service (REDoS) due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent header in an HTTP(S) request to maliciously crafted long strings. This has been patched in uap-core 0.7.3.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-5243
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5324 - Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-5324
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5326 - Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the system could perform unauthorized changes to the BIOS Setup configuration settings without requiring the BIOS Admin password by selecting the Optimized Defaults option in the pre-boot iRST Manager.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-5326
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5524 - Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands with root privileges via UPnP function.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-5524
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5525 - Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earlier, Aterm WG2600HS firmware Ver1.3.2 and earlier) allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via management screen.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-5525
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5533 - Cross-site scripting vulnerability in Aterm WG2600HS firmware Ver1.3.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-5533
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5534 - Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network segment to execute arbitrary OS commands with root privileges via unspecified vectors.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-5534
Partager : LinkedIn / Twitter / Facebook

CVE-2020-6841 - D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-6841
Partager : LinkedIn / Twitter / Facebook

CVE-2020-6842 - D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-6842
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7907 - In the JetBrains Scala plugin before 2019.2.1, some artefact dependencies were resolved over unencrypted connections.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-7907
Partager : LinkedIn / Twitter / Facebook

CVE-2011-0699 - Integer signedness error in the btrfs_ioctl_space_info function in the Linux kernel 2.6.37 allows local users to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted slot value.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2011-0699
Partager : LinkedIn / Twitter / Facebook

CVE-2011-2498 - The Linux kernel from v2.3.36 before v2.6.39 allows local unprivileged users to cause a denial of service (memory consumption) by triggering creation of PTE pages.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2011-2498
Partager : LinkedIn / Twitter / Facebook

CVE-2011-4915 - fs/proc/base.c in the Linux kernel through 3.1 allows local users to obtain sensitive keystroke information via access to /proc/interrupts.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2011-4915
Partager : LinkedIn / Twitter / Facebook

CVE-2012-2629 - Multiple cross-site request forgery (CSRF) and cross-site scripting (XSS) vulnerabilities in Axous 1.1.1 and earlier allow remote attackers to hijack the authentication of administrators for requests that (1) add an administrator account via an addnew action to admin/administrators_add.php; or (2) conduct cross-site scripting (XSS) attacks via the page_title parameter to admin/content_pages_edit.php; the (3) category_name[] parameter to admin/products_category.php; the (4) site_name, (5) seo_title, or (6) meta_keywords parameter to admin/settings_siteinfo.php; the (7) company_name, (8) address1, (9) address2, (10) city, (11) state, (12) country, (13) author_first_name, (14) author_last_name, (15) author_email, (16) contact_first_name, (17) contact_last_name, (18) contact_email, (19) general_email, (20) general_phone, (21) general_fax, (22) sales_email, (23) sales_phone, (24) support_email, or (25) support_phone parameter to admin/settings_company.php; or the (26) system_email, (27) sender_name, (28) smtp_server, (29) smtp_username, (30) smtp_password, or (31) order_notice_email parameter to admin/settings_email.php.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2012-2629
Partager : LinkedIn / Twitter / Facebook

CVE-2012-5362 - The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2012-5362
Partager : LinkedIn / Twitter / Facebook

CVE-2012-5363 - The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2012-5363
Partager : LinkedIn / Twitter / Facebook

CVE-2012-5364 - The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2012-5364
Partager : LinkedIn / Twitter / Facebook

CVE-2012-5365 - The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2012-5365
Partager : LinkedIn / Twitter / Facebook

CVE-2012-5366 - The IPv6 implementation in Apple Mac OS X (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2012-5366
Partager : LinkedIn / Twitter / Facebook

CVE-2013-7109 - OpenStack Swift as of 2013-12-15 mishandles PYTHON_EGG_CACHE
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2013-7109
Partager : LinkedIn / Twitter / Facebook

CVE-2014-3484 - Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact via an invalid name length in a DNS response or (2) cause a denial of service (crash) via an invalid name length in a DNS response, related to an infinite loop with no output.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2014-3484
Partager : LinkedIn / Twitter / Facebook

CVE-2014-4019 - ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to read backup files via a direct request for rom-0.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2014-4019
Partager : LinkedIn / Twitter / Facebook

CVE-2014-4650 - The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2014-4650
Partager : LinkedIn / Twitter / Facebook

CVE-2014-4657 - The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2014-4657
Partager : LinkedIn / Twitter / Facebook

CVE-2014-4658 - The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2014-4658
Partager : LinkedIn / Twitter / Facebook

CVE-2014-4659 - Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "deb http://user:pass@server:port/" format.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2014-4659
Partager : LinkedIn / Twitter / Facebook

CVE-2014-4660 - Ansible before 1.5.5 constructs filenames containing user and password fields on the basis of deb lines in sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by leveraging existence of a file that uses the "deb http://user:pass@server:port/" format.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2014-4660
Partager : LinkedIn / Twitter / Facebook

CVE-2014-4678 - The safe_eval function in Ansible before 1.6.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4657.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2014-4678
Partager : LinkedIn / Twitter / Facebook

CVE-2014-7951 - Directory traversal vulnerability in the Android debug bridge (aka adb) in Android 4.0.4 allows physically proximate attackers with a direct connection to the target Android device to write to arbitrary files owned by system via a .. (dot dot) in the tar archive headers.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2014-7951
Partager : LinkedIn / Twitter / Facebook

CVE-2015-2923 - The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.
20/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2015-2923
Partager : LinkedIn / Twitter / Facebook

Les annonces ayant été modifiées dernièrement

CVE-2011-2054 - A vulnerability in the Cisco ASA that could allow a remote attacker to successfully authenticate using the Cisco AnyConnect VPN client if the Secondary Authentication type is LDAP and the password is left blank, providing the primary credentials are correct. The vulnerabilities is due to improper input validation of certain parameters passed to the affected software. An attacker must have the correct primary credentials in order to successfully exploit this vulnerability.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2011-2054
Partager : LinkedIn / Twitter / Facebook

CVE-2012-0844 - Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2012-0844
Partager : LinkedIn / Twitter / Facebook

CVE-2012-3351 - Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javascript, (5) asfunction, or (6) vbscript.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2012-3351
Partager : LinkedIn / Twitter / Facebook

CVE-2014-3622 - Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party filter extension that accesses a certain ksep value.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2014-3622
Partager : LinkedIn / Twitter / Facebook

CVE-2015-5215 - ** DISPUTED ** The default configuration of the Jinja templating engine used in the Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not enable auto-escaping, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via template variables. NOTE: This may be a duplicate of CVE-2015-5216. Moreover, the Jinja development team does not enable auto-escape by default for performance issues as explained in https://jinja.palletsprojects.com/en/master/faq/#why-is-autoescaping-not-the-default.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2015-5215
Partager : LinkedIn / Twitter / Facebook

CVE-2019-4429 - IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 162886.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-4429
Partager : LinkedIn / Twitter / Facebook

CVE-2019-4640 - IBM Security Secret Server 10.7 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code which could result in an attacker executing malicious code. IBM X-Force ID: 170046.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-4640
Partager : LinkedIn / Twitter / Facebook

CVE-2020-1872 - Huawei smart phones P10 Plus with versions earlier than 9.1.0.201(C01E75R1P12T8), earlier than 9.1.0.252(C185E2R1P9T8), earlier than 9.1.0.252(C432E4R1P9T8), and earlier than 9.1.0.255(C576E6R1P8T8) have a digital balance bypass vulnerability. When re-configuring the mobile phone at the digital balance mode, an attacker can perform some operations to bypass the startup wizard, and then open some switch. As a result, the digital balance function is bypassed.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-1872
Partager : LinkedIn / Twitter / Facebook

CVE-2020-3112 - A vulnerability in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to elevate privileges on the application. The vulnerability is due to insufficient access control validation. An attacker could exploit this vulnerability by authenticating with a low-privilege account and sending a crafted request to the API. A successful exploit could allow the attacker to interact with the API with administrative privileges.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-3112
Partager : LinkedIn / Twitter / Facebook

CVE-2020-3113 - A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-3113
Partager : LinkedIn / Twitter / Facebook

CVE-2020-3114 - A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface on an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to follow a malicious link while having an active session on an affected device. A successful exploit could allow the attacker to perform arbitrary actions with the privilege level of the targeted user.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-3114
Partager : LinkedIn / Twitter / Facebook

CVE-2020-3138 - A vulnerability in the upgrade component of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an authenticated, local attacker to install a malicious file when upgrading. The vulnerability is due to insufficient signature validation. An attacker could exploit this vulnerability by providing a crafted upgrade file. A successful exploit could allow the attacker to upload crafted code to the affected device.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-3138
Partager : LinkedIn / Twitter / Facebook

CVE-2020-3153 - A vulnerability in the installer component of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated local attacker to copy user-supplied files to system level directories with system level privileges. The vulnerability is due to the incorrect handling of directory paths. An attacker could exploit this vulnerability by creating a malicious file and copying the file to a system directory. An exploit could allow the attacker to copy malicious files to arbitrary locations with system level privileges. This could include DLL pre-loading, DLL hijacking, and other related attacks. To exploit this vulnerability, the attacker needs valid credentials on the Windows system.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-3153
Partager : LinkedIn / Twitter / Facebook

CVE-2020-3154 - A vulnerability in the web UI of Cisco Cloud Web Security (CWS) could allow an authenticated, remote attacker to execute arbitrary SQL queries. The vulnerability exists because the web-based management interface improperly validates SQL values. An authenticated attacker could exploit this vulnerability sending malicious requests to the affected device. An exploit could allow the attacker to modify values on or return values from the underlying database.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-3154
Partager : LinkedIn / Twitter / Facebook

CVE-2020-3156 - A vulnerability in the logging component of Cisco Identity Services Engine could allow an unauthenticated remote attacker to conduct cross-site scripting attacks. The vulnerability is due to the improper validation of endpoint data stored in logs used by the web-based interface. An attacker could exploit this vulnerability by sending malicious endpoint data to the targeted system. An exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or to access sensitive, browser-based information.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-3156
Partager : LinkedIn / Twitter / Facebook

CVE-2020-3160 - A vulnerability in the Extensible Messaging and Presence Protocol (XMPP) feature of Cisco Meeting Server software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition for users of XMPP conferencing applications. Other applications and processes are unaffected. The vulnerability is due to improper input validation of XMPP packets. An attacker could exploit this vulnerability by sending crafted XMPP packets to an affected device. An exploit could allow the attacker to cause process crashes and a DoS condition for XMPP conferencing applications.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-3160
Partager : LinkedIn / Twitter / Facebook

CVE-2020-3163 - A vulnerability in the Live Data server of Cisco Unified Contact Center Enterprise could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software improperly manages resources when processing inbound Live Data traffic. An attacker could exploit this vulnerability by sending multiple crafted Live Data packets to an affected device. A successful exploit could cause the affected device to run out of buffer resources, which could result in a stack overflow and cause the affected device to reload, resulting in a DoS condition. Note: The Live Data port in Cisco Unified Contact Center Enterprise devices allows only a single TCP connection. To exploit this vulnerability, an attacker would have to send crafted packets to an affected device before a legitimate Live Data client establishes a connection.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-3163
Partager : LinkedIn / Twitter / Facebook

CVE-2020-3764 - Adobe Media Encoder versions 14.0 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-3764
Partager : LinkedIn / Twitter / Facebook

CVE-2020-3765 - Adobe After Effects versions 16.1.2 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-3765
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4200 - IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated attacker to send specially crafted commands to cause a denial of service. IBM X-Force ID: 174914.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4200
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4230 - IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 and 11.5 is vulnerable to an escalation of privilege when an authenticated local attacker with special permissions executes specially crafted Db2 commands. IBM X-Force ID: 175212.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4230
Partager : LinkedIn / Twitter / Facebook

CVE-2020-6061 - An exploitable heap overflow vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to information leaks and other misbehavior. An attacker needs to send an HTTPS request to trigger this vulnerability.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-6061
Partager : LinkedIn / Twitter / Facebook

CVE-2020-6062 - An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to server crash and denial of service. An attacker needs to send an HTTP request to trigger this vulnerability.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-6062
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7796 - Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7 allows SSRF when WebEx zimlet is installed and zimlet JSP is enabled.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-7796
Partager : LinkedIn / Twitter / Facebook

CVE-2020-8813 - graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8813
Partager : LinkedIn / Twitter / Facebook

CVE-2020-8990 - Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 allow Session Fixation.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8990
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9003 - A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress. Successful exploitation of this vulnerability would allow an authenticated low-privileged user to inject arbitrary JavaScript code that is viewed by other users.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9003
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9336 - fauzantrif eLection 2.0 has XSS via the Admin Dashboard -> Settings -> Election -> "message if election is closed" field.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9336
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9338 - SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9338
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9339 - SOPlanning 1.45 allows XSS via the Name or Comment to status.php.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9339
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9341 - CandidATS 2.1.0 is vulnerable to CSRF that allows for an administrator account to be added via the index.php?m=settings&a=addUser URI.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9341
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9350 - Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9350
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9351 - An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request to /tools/developerConsoleOperations.jsp or /isomorphic/IDACall with malformed XML data in the _transaction parameter, the server replies with a verbose error showing where the application resides (the absolute path).
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9351
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9352 - An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a valid payload in the _transaction parameter.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9352
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9353 - An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) loadFile provided by the console functionality on the /tools/developerConsoleOperations.jsp (or /isomorphic/IDACall) URL is affected by unauthenticated Local File Inclusion via directory-traversal sequences in the elem XML element in the _transaction parameter.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9353
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9354 - An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) saveFile provided by the console functionality on the /tools/developerConsoleOperations.jsp (or /isomorphic/IDACall) URL allows an unauthenticated attacker to overwrite files via vectors involving an XML comment and /.. path traversal.
24/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9354
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4135 - IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage.
23/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4135
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4161 - IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 could allow an authenticated attacker to cause a denial of service due to incorrect handling of certain commands. IBM X-Force ID: 174341.
23/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4161
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4204 - IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 174960.
23/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4204
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9327 - In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations.
22/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9327
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9329 - Gogs through 0.11.91 allows attackers to violate the admin-specified repo-creation policy due to an internal/db/repo.go race condition.
22/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9329
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9330 - Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or validate LDAP bind credentials when changing the LDAP connector IP address. A malicious actor who gains access to affected devices (e.g., by using default credentials) can change the LDAP connection IP address to a system owned by the actor without knowledge of the LDAP bind credentials. After changing the LDAP connection IP address, subsequent authentication attempts will result in the printer sending plaintext LDAP (Active Directory) credentials to the actor. Although the credentials may belong to a non-privileged user, organizations frequently use privileged service accounts to bind to Active Directory. The attacker gains a foothold on the Active Directory domain at a minimum, and may use the credentials to take over control of the Active Directory domain. This affects 3655*, 3655i*, 58XX*, 58XXi*, 59XX*, 59XXi*, 6655**, 6655i**, 72XX*, 72XXi*, 78XX**, 78XXi**, 7970**, 7970i**, EC7836**, and EC7856** devices.
22/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9330
Partager : LinkedIn / Twitter / Facebook

CVE-2013-2018 - Multiple SQL injection vulnerabilities in BOINC allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2013-2018
Partager : LinkedIn / Twitter / Facebook

CVE-2013-3323 - A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2013-3323
Partager : LinkedIn / Twitter / Facebook

CVE-2013-4454 - WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2013-4454
Partager : LinkedIn / Twitter / Facebook

CVE-2013-6295 - PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2013-6295
Partager : LinkedIn / Twitter / Facebook

CVE-2014-1947 - Stack-based buffer overflow in the WritePSDImage function in coders/psd.c in ImageMagick 6.5.4 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a large number of layers in a PSD image, involving the L%02ld string, a different vulnerability than CVE-2014-2030.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2014-1947
Partager : LinkedIn / Twitter / Facebook

CVE-2015-0749 - A vulnerability in Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on the affected software. The vulnerabilities is due to improper input validation of certain parameters passed to the affected software. An attacker could exploit this vulnerability by convincing a user to follow a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2015-0749
Partager : LinkedIn / Twitter / Facebook

CVE-2015-5216 - The Identity Provider (IdP) server in Ipsilon 0.1.0 before 1.0.1 does not properly escape certain characters in a Python exception-message template, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via an HTTP response.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2015-5216
Partager : LinkedIn / Twitter / Facebook

CVE-2015-7507 - libnsbmp.c in Libnsbmp 0.1.2 allows context-dependent attackers to cause a denial of service (out-of-bounds read) via a crafted color table to the (1) bmp_decode_rgb or (2) bmp_decode_rle function.
21/02/2020 | https://nvd.nist.gov/vuln/detail/CVE-2015-7507
Partager : LinkedIn / Twitter / Facebook