Les dernières vulnérabilités publiées sur la National Vulnerability Database (NVD)

CVE-2020-9079 - FusionSphere OpenStack 8.0.0 have a protection mechanism failure vulnerability. The product incorrectly uses a protection mechanism. An attacker has to find a way to exploit the vulnerability to conduct directed attacks against the affected product.
11/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9079
Partager : LinkedIn / Twitter / Facebook

CVE-2020-12777 - A function in Combodo iTop contains a vulnerability of Broken Access Control, which allows unauthorized attacker to inject command and disclose system information.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-12777
Partager : LinkedIn / Twitter / Facebook

CVE-2020-12778 - Combodo iTop does not validate inputted parameters, attackers can inject malicious commands and launch XSS attack.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-12778
Partager : LinkedIn / Twitter / Facebook

CVE-2020-12779 - Combodo iTop contains a stored Cross-site Scripting vulnerability, which can be attacked by uploading file with malicious script.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-12779
Partager : LinkedIn / Twitter / Facebook

CVE-2020-12780 - A security misconfiguration exists in Combodo iTop, which can expose sensitive information.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-12780
Partager : LinkedIn / Twitter / Facebook

CVE-2020-12781 - Combodo iTop contains a cross-site request forgery (CSRF) vulnerability, attackers can execute specific commands via malicious site request forgery.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-12781
Partager : LinkedIn / Twitter / Facebook

CVE-2020-13292 - In GitLab before 13.0.12, 13.1.6 and 13.2.3, it is possible to bypass E-mail verification which is required for OAuth Flow.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-13292
Partager : LinkedIn / Twitter / Facebook

CVE-2020-13293 - In GitLab before 13.0.12, 13.1.6 and 13.2.3 using a branch with a hexadecimal name could override an existing hash.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-13293
Partager : LinkedIn / Twitter / Facebook

CVE-2020-13294 - In GitLab before 13.0.12, 13.1.6 and 13.2.3, access grants were not revoked when a user revoked access to an application.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-13294
Partager : LinkedIn / Twitter / Facebook

CVE-2020-13295 - For GitLab Runner before 13.0.12, 13.1.6, 13.2.3, by replacing dockerd with a malicious server, the Shared Runner is susceptible to SSRF.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-13295
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15139 - In MyBB before version 1.8.24, the custom MyCode (BBCode) for the visual editor doesn't escape input properly when rendering HTML, resulting in a DOM-based XSS vulnerability. The weakness can be exploited by pointing a victim to a page where the visual editor is active (e.g. as a post or Private Message) and operates on a maliciously crafted MyCode message. This may occur on pages where message content is pre-filled using a GET/POST parameter, or on reply pages where a previously saved malicious message is quoted. After upgrading MyBB to 1.8.24, make sure to update the version attribute in the `codebuttons` template for non-default themes to serve the latest version of the patched `jscripts/bbcodes_sceditor.js` file.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15139
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15647 - A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins. This vulnerability affects Firefox for < Android.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15647
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15648 - Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird < 78 and Firefox < 78.0.2.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15648
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15649 - Given an installed malicious file picker application, an attacker was able to steal and upload local files of their choosing, regardless of the actually files picked. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15649
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15650 - Given an installed malicious file picker application, an attacker was able to overwrite local files and thus overwrite Firefox settings (but not access the previous profile). *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 68.11.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15650
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15651 - A unicode RTL order character in the downloaded file name can be used to change the file's name during the download UI flow to change the file extension. This vulnerability affects Firefox for iOS < 28.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15651
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15652 - By observing the stack trace for JavaScript errors in web workers, it was possible to leak the result of a cross-origin redirect. This applied only to content that can be parsed as script. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15652
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15653 - An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15653
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15654 - When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15654
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15655 - A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15655
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15656 - JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15656
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15657 - Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15657
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15658 - The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15658
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15659 - Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15659
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15661 - A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS < 28.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15661
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15662 - A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS < 28.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15662
Partager : LinkedIn / Twitter / Facebook

CVE-2020-17476 - Mibew Messenger before 3.2.7 allows XSS via a crafted user name.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-17476
Partager : LinkedIn / Twitter / Facebook

CVE-2020-17478 - ECDSA/EC/Point.pm in Crypt::Perl before 0.33 does not properly consider timing attacks against the EC point multiplication algorithm.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-17478
Partager : LinkedIn / Twitter / Facebook

CVE-2020-17479 - jpv (aka Json Pattern Validator) before 2.2.2 does not properly validate input, as demonstrated by a corrupted array.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-17479
Partager : LinkedIn / Twitter / Facebook

CVE-2020-17480 - TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the visualchars plugin by using the clipboard or APIs to insert content into the editor.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-17480
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4533 - IBM Jazz Reporting Service 6.0.6, 6.0.6.1, and 7.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 182717.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4533
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4539 - IBM Jazz Reporting Service 6.0.2, 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4539
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4541 - IBM Jazz Reporting Service 7.0 and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 183039.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4541
Partager : LinkedIn / Twitter / Facebook

CVE-2020-6070 - An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this vulnerability.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-6070
Partager : LinkedIn / Twitter / Facebook

CVE-2020-6145 - An SQL injection vulnerability exists in the frappe.desk.reportview.get functionality of ERPNext 11.1.38. A specially crafted HTTP request can cause an SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-6145
Partager : LinkedIn / Twitter / Facebook

CVE-2020-8224 - A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arbitrary code when placing a malicious OpenSSL config into a fixed directory.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8224
Partager : LinkedIn / Twitter / Facebook

CVE-2020-8229 - A memory leak in the OCUtil.dll library used by Nextcloud Desktop Client 2.6.4 can lead to a DoS against the host system.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8229
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9078 - FusionCompute 8.0.0 have local privilege escalation vulnerability. A local, authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause the attacker to obtain a higher privilege and compromise the service.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9078
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9243 - HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerability. The system does not properly limit the depth of recursion, an attacker should trick the user installing and execute a malicious application. Successful exploit could cause a denial of service condition.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9243
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9245 - HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions earlier than 10.1.0.160(C00E160R2P8) have a denial of service vulnerability. Certain system configuration can be modified because of improper authorization. The attacker could trick the user installing and executing a malicious application, successful exploit could cause a denial of service condition of PHONE function.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9245
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9525 - CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an authentication flaw that allows remote attackers to perform a man-in-the-middle attack, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9525
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9526 - CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an information exposure flaw that exposes user session data to supernodes in the network, as demonstrated by passively eavesdropping on user video/audio streams, capturing credentials, and compromising devices.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9526
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9527 - Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20, after 2018-08-09 through 2020), as used by many different vendors in millions of Internet of Things devices, suffers from buffer overflow vulnerability that allows unauthenticated remote attackers to execute arbitrary code via the peer-to-peer (P2P) service. This affects products marketed under the following brand names: Accfly, Alptop, Anlink, Besdersec, BOAVISION, COOAU, CPVAN, Ctronics, D3D Security, Dericam, Elex System, Elite Security, ENSTER, ePGes, Escam, FLOUREON, GENBOLT, Hongjingtian (HJT), ICAMI, Iegeek, Jecurity, Jennov, KKMoon, LEFTEK, Loosafe, Luowice, Nesuniq, Nettoly, ProElite, QZT, Royallite, SDETER, SV3C, SY2L, Tenvis, ThinkValue, TOMLOV, TPTEK, WGCC, and ZILINK.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9527
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9528 - Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from cryptographic issues that allow remote attackers to access user session data, as demonstrated by eavesdropping on user video/audio streams, capturing credentials, and compromising devices. This affects products marketed under the following brand names: Accfly, Alptop, Anlink, Besdersec, BOAVISION, COOAU, CPVAN, Ctronics, D3D Security, Dericam, Elex System, Elite Security, ENSTER, ePGes, Escam, FLOUREON, GENBOLT, Hongjingtian (HJT), ICAMI, Iegeek, Jecurity, Jennov, KKMoon, LEFTEK, Loosafe, Luowice, Nesuniq, Nettoly, ProElite, QZT, Royallite, SDETER, SV3C, SY2L, Tenvis, ThinkValue, TOMLOV, TPTEK, WGCC, and ZILINK.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9528
Partager : LinkedIn / Twitter / Facebook

CVE-2020-9529 - Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different vendors in millions of Internet of Things devices, suffers from a privilege escalation vulnerability that allows attackers on the local network to reset the device's administrator password. This affects products marketed under the following brand names: Accfly, Alptop, Anlink, Besdersec, BOAVISION, COOAU, CPVAN, Ctronics, D3D Security, Dericam, Elex System, Elite Security, ENSTER, ePGes, Escam, FLOUREON, GENBOLT, Hongjingtian (HJT), ICAMI, Iegeek, Jecurity, Jennov, KKMoon, LEFTEK, Loosafe, Luowice, Nesuniq, Nettoly, ProElite, QZT, Royallite, SDETER, SV3C, SY2L, Tenvis, ThinkValue, TOMLOV, TPTEK, WGCC, and ZILINK.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-9529
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16248 - ** DISPUTED ** Prometheus Blackbox Exporter through 0.17.0 allows /probe?target= SSRF. NOTE: follow-on discussion suggests that this might plausibly be interpreted as both intended functionality and also a vulnerability.
09/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16248
Partager : LinkedIn / Twitter / Facebook

CVE-2020-13376 - SecurEnvoy SecurMail 9.3.503 allows attackers to upload executable files and achieve OS command execution via a crafted SecurEnvoyReply cookie.
07/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-13376
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15138 - Prism is vulnerable to Cross-Site Scripting. The easing preview of the Previewers plugin has an XSS vulnerability that allows attackers to execute arbitrary code in Safari and Internet Explorer. This impacts all Safari and Internet Explorer users of Prism >=v1.1.0 that use the _Previewers_ plugin (>=v1.10.0) or the _Previewer: Easing_ plugin (v1.1.0 to v1.9.0). This problem is fixed in version 1.21.0. To workaround the issue without upgrading, disable the easing preview on all impacted code blocks. You need Prism v1.10.0 or newer to apply this workaround.
07/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15138
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15907 - In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and 20.04 before 20.04.1, certain places could execute file or folder names containing JavaScript.
07/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15907
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16167 - Temi Launcher OS 11969 through 13146 has Missing Authentication for a Critical Function.
07/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16167
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16168 - Temi firmware 20190419.165201 does not properly verify that the source of data or communication is valid, aka an Origin Validation Error.
07/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16168
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16169 - Temi Robox OS 117.21 through 119.24 allows Authentication Bypass via an Alternate Path or Channel.
07/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16169
Partager : LinkedIn / Twitter / Facebook

CVE-2020-17352 - Two OS command injection vulnerabilities in the User Portal of Sophos XG Firewall through 2020-08-05 potentially allow an authenticated attacker to remotely execute arbitrary code.
07/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-17352
Partager : LinkedIn / Twitter / Facebook

CVE-2020-8025 - A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 15; openSUSE Leap 15.1, openSUSE Tumbleweed sets the permissions for some of the directories of the pcp package to unintended settings. This issue affects: SUSE Linux Enterprise Server 12-SP4 permissions versions prior to 20170707-3.24.1. SUSE Linux Enterprise Server 15-LTSS permissions versions prior to 20180125-3.27.1. SUSE Linux Enterprise Server for SAP 15 permissions versions prior to 20180125-3.27.1. openSUSE Leap 15.1 permissions versions prior to 20181116-lp151.4.24.1. openSUSE Tumbleweed permissions versions prior to 20200624.
07/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8025
Partager : LinkedIn / Twitter / Facebook

CVE-2020-8026 - A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate their privileges to root. This issue affects: openSUSE Leap 15.2 inn version 2.6.2-lp152.1.26 and prior versions. openSUSE Tumbleweed inn version 2.6.2-4.2 and prior versions. openSUSE Leap 15.1 inn version 2.5.4-lp151.3.3.1 and prior versions.
07/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8026
Partager : LinkedIn / Twitter / Facebook

CVE-2020-13364 - A backdoor in certain Zyxel products allows remote TELNET access via a CGI script. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0.
06/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-13364
Partager : LinkedIn / Twitter / Facebook

CVE-2020-13365 - Certain Zyxel products have a locally accessible binary that allows a non-root user to generate a password for an undocumented user account that can be used for a TELNET session as root. This affects NAS520 V5.21(AASZ.4)C0, V5.21(AASZ.0)C0, V5.11(AASZ.3)C0, and V5.11(AASZ.0)C0; NAS542 V5.11(ABAG.0)C0, V5.20(ABAG.1)C0, and V5.21(ABAG.3)C0; NSA325 v2_V4.81(AALS.0)C0 and V4.81(AAAJ.1)C0; NSA310 4.22(AFK.0)C0 and 4.22(AFK.1)C0; NAS326 V5.21(AAZF.8)C0, V5.11(AAZF.4)C0, V5.11(AAZF.2)C0, and V5.11(AAZF.3)C0; NSA310S V4.75(AALH.2)C0; NSA320S V4.75(AANV.2)C0 and V4.75(AANV.1)C0; NSA221 V4.41(AFM.1)C0; and NAS540 V5.21(AATB.5)C0 and V5.21(AATB.3)C0.
06/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-13365
Partager : LinkedIn / Twitter / Facebook

CVE-2020-13793 - Unsafe storage of AD credentials in Ivanti DSM netinst 5.1 due to a static, hard-coded encryption key.
06/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-13793
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7356 - CAYIN xPost suffers from an unauthenticated SQL Injection vulnerability. Input passed via the GET parameter 'wayfinder_seqid' in wayfinder_meeting_input.jsp is not properly sanitized before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and execute SYSTEM commands.
06/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-7356
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7357 - Cayin CMS suffers from an authenticated OS semi-blind command injection vulnerability using default credentials. This can be exploited to inject and execute arbitrary shell commands as the root user through the 'NTP_Server_IP' HTTP POST parameter in system.cgi page. This issue affects several branches and versions of the CMS application, including CME-SE, CMS-60, CMS-40, CMS-20, and CMS version 8.2, 8.0, and 7.5.
06/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-7357
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7459 - In FreeBSD 12.1-STABLE before r362166, 12.1-RELEASE before p8, 11.4-STABLE before r362167, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, missing length validation code common to mulitple USB network drivers allows a malicious USB device to write beyond the end of an allocated network packet buffer.
06/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-7459
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7460 - In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace program to modify control message headers after they were validation.
06/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-7460
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7817 - MyBrowserPlus downloads the files needed to run the program through the setup file (Setup.inf). At this time, there is a vulnerability in downloading arbitrary files due to insufficient integrity verification of the files.
06/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-7817
Partager : LinkedIn / Twitter / Facebook

CVE-2017-18112 - Affected versions of Atlassian Fisheye allow remote attackers to view the HTTP password of a repository via an Information Disclosure vulnerability in the logging feature. The affected versions are before version 4.8.3.
05/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2017-18112
Partager : LinkedIn / Twitter / Facebook

CVE-2020-13151 - Aerospike Community Edition 4.9.0.5 allows for unauthenticated submission and execution of user-defined functions (UDFs), written in Lua, as part of a database query. It attempts to restrict code execution by disabling os.execute() calls, but this is insufficient. Anyone with network access can use a crafted UDF to execute arbitrary OS commands on all nodes of the cluster at the permission level of the user running the Aerospike service.
05/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-13151
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16252 - The Field Test gem 0.2.0 through 0.3.2 for Ruby allows CSRF.
05/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16252
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16253 - The PgHero gem through 2.6.0 for Ruby allows CSRF.
05/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16253
Partager : LinkedIn / Twitter / Facebook

CVE-2020-17353 - scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, as demonstrated by including dangerous PostScript code.
05/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-17353
Partager : LinkedIn / Twitter / Facebook

CVE-2020-17364 - USVN (aka User-friendly SVN) before 1.0.9 allows XSS via SVN logs.
05/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-17364
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4481 - IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 181848.
05/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4481
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5608 - CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to bypass authentication and send altered communication packets via unspecified vectors.
05/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-5608
Partager : LinkedIn / Twitter / Facebook

CVE-2020-5609 - Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (includes CENTUM VP Small, Basic) R4.01.00 to R6.07.00, B/M9000CS R5.04.01 to R5.05.01, and B/M9000 VP R6.01.01 to R8.03.01 allows a remote unauthenticated attacker to create or overwrite arbitrary files and run arbitrary commands via unspecified vectors.
05/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-5609
Partager : LinkedIn / Twitter / Facebook

CVE-2020-8607 - An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability.
05/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8607
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4631 - IBM Spectrum Protect Plus 10.1.0 through 10.1.6 agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to cause interruption of the service operations. IBM X-Force ID: 185372.
04/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4631
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7823 - DaviewIndy has a Memory corruption vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution.
04/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-7823
Partager : LinkedIn / Twitter / Facebook

CVE-2019-4366 - IBM Cognos Analytics 11.0 and 11.1 is susceptible to an information disclosure vulnerability where an attacker could gain access to cached browser data. IBM X-Force ID: 161748.
03/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-4366
Partager : LinkedIn / Twitter / Facebook

CVE-2019-4589 - IBM Cognos Analytics 11.0 and 11.1 is vulnerable to privlege escalation where the "My schedules and subscriptions" page is visible and accessible to a less privileged user. IBM X-Force ID: 167449.
03/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-4589
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4377 - IBM Cognos Anaytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 179156.
03/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4377
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4549 - IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183317.
03/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4549
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4550 - IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183318.
03/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4550
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4551 - IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183319.
03/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4551
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4552 - IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183320.
03/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4552
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4553 - IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183321.
03/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4553
Partager : LinkedIn / Twitter / Facebook

CVE-2020-4554 - IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183322.
03/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-4554
Partager : LinkedIn / Twitter / Facebook

CVE-2020-8574 - Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service enabled allowing unauthorized code execution to local users.
03/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-8574
Partager : LinkedIn / Twitter / Facebook

Les annonces ayant été modifiées dernièrement

CVE-2020-11984 - Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE
11/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-11984
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16275 - A cross-site scripting (XSS) vulnerability in the Credential Manager component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link.
11/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16275
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16276 - An SQL injection vulnerability in the Assets component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.
11/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16276
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16277 - An SQL injection vulnerability in the Analytics component of SAINT Security Suite 8.0 through 9.8.20 allows a remote, authenticated attacker to gain unauthorized access to the database.
11/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16277
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16278 - A cross-site scripting (XSS) vulnerability in the Permissions component in SAINT Security Suite 8.0 through 9.8.20 could allow arbitrary script to run in the context of a logged-in user when the user clicks on a specially crafted link.
11/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16278
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16845 - Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
11/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16845
Partager : LinkedIn / Twitter / Facebook

CVE-2019-19704 - In JetBrains Upsource before 2020.1, information disclosure is possible because of an incorrect user matching algorithm.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2019-19704
Partager : LinkedIn / Twitter / Facebook

CVE-2020-11852 - DKIM key management page vulnerability on Micro Focus Secure Messaging Gateway (SMG). Affecting all SMG Appliance running releases prior to July 2020. The vulnerability could allow a logged in user with rights to generate DKIM key information to inject system commands into the call to the DKIM system command.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-11852
Partager : LinkedIn / Twitter / Facebook

CVE-2020-12441 - Denial-of-Service (DoS) in Ivanti Service Manager HEAT Remote Control 7.4 due to a buffer overflow in the protocol parser of the ‘HEATRemoteService' agent. The DoS can be triggered by sending a specially crafted network packet.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-12441
Partager : LinkedIn / Twitter / Facebook

CVE-2020-13404 - The ATOS/Sips (aka Atos-Magento) community module 3.0.0 to 3.0.5 for Magento allows command injection.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-13404
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15106 - In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on this data. Therefore, it is possible to forge an extremely large frame size that can unintentionally panic at the expense of any RAFT participant trying to decode the WAL.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15106
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15109 - In solidus before versions 2.8.6, 2.9.6, and 2.10.2, there is an bility to change order address without triggering address validations. This vulnerability allows a malicious customer to craft request data with parameters that allow changing the address of the current order without changing the shipment costs associated with the new shipment. All stores with at least two shipping zones and different costs of shipment per zone are impacted. This problem comes from how checkout permitted attributes are structured. We have a single list of attributes that are permitted across the whole checkout, no matter the step that is being submitted. See the linked reference for more information. As a workaround, if it is not possible to upgrade to a supported patched version, please use this gist in the references section.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15109
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15112 - In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are being read during consensus as an arbitrary etcd consensus participant could go down from a runtime panic when reading the entry.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15112
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15135 - save-server (npm package) before version 1.05 is affected by a CSRF vulnerability, as there is no CSRF mitigation (Tokens etc.). The fix introduced in version version 1.05 unintentionally breaks uploading so version v1.0.7 is the fixed version. This is patched by implementing Double submit. The CSRF attack would require you to navigate to a malicious site while you have an active session with Save-Server (Session key stored in cookies). The malicious user would then be able to perform some actions, including uploading/deleting files and adding redirects. If you are logged in as root, this attack is significantly more severe. They can in addition create, delete and update users. If they updated the password of a user, that user's files would then be available. If the root password is updated, all files would be visible if they logged in with the new password. Note that due to the same origin policy malicious actors cannot view the gallery or the response of any of the methods, nor be sure they succeeded. This issue has been patched in version 1.0.7.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15135
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15701 - An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15701
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15702 - TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to escalate privileges. Fixed in 2.20.1-0ubuntu2.24, 2.20.9 versions prior to 2.20.9-0ubuntu7.16 and 2.20.11 versions prior to 2.20.11-0ubuntu27.6. Was ZDI-CAN-11234.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15702
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15817 - In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15817
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15818 - In JetBrains YouTrack before 2020.2.8527, the subtasks workflow could disclose issue existence.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15818
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15819 - JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15819
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15820 - In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15820
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15821 - In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15821
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15823 - JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15823
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15824 - In JetBrains Kotlin before 1.4.0, there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15824
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15825 - In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15825
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15826 - In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15826
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15827 - In JetBrains ToolBox version 1.17 before 1.17.6856, the set of signature verifications omitted the jetbrains-toolbox.exe file.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15827
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15828 - In JetBrains TeamCity before 2020.1.1, project parameter values can be retrieved by a user without appropriate permissions.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15828
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15829 - In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15829
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15830 - JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15830
Partager : LinkedIn / Twitter / Facebook

CVE-2020-15831 - JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-15831
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16134 - An issue was discovered on Swisscom Internet Box 2, Internet Box Standard, Internet Box Plus prior to 10.04.38, Internet Box 3 prior to 11.01.20, and Internet Box light prior to 08.06.06. Given the (user-configurable) credentials for the local Web interface or physical access to a device's plus or reset button, an attacker can create a user with elevated privileges on the Sysbus-API. This can then be used to modify local or remote SSH access, thus allowing a login session as the superuser.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16134
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16207 - Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by opening specially crafted project files that may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16207
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16211 - Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. An out-of-bounds read vulnerability may be exploited by processing specially crafted project files, which may allow an attacker to read information.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16211
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16213 - Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause the system to write outside the intended buffer area, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16213
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16215 - Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a stack-based buffer overflow, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16215
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16217 - Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A double free vulnerability caused by processing specially crafted project files may allow remote code execution, disclosure/modification of information, or cause the application to crash.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16217
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16219 - Delta Electronics TPEditor Versions 1.97 and prior. An out-of-bounds read may be exploited by processing specially crafted project files. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16219
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16221 - Delta Electronics TPEditor Versions 1.97 and prior. A stack-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16221
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16223 - Delta Electronics TPEditor Versions 1.97 and prior. A heap-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16223
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16225 - Delta Electronics TPEditor Versions 1.97 and prior. A write-what-where condition may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16225
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16227 - Delta Electronics TPEditor Versions 1.97 and prior. An improper input validation may be exploited by processing a specially crafted project file not validated when the data is entered by a user. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16227
Partager : LinkedIn / Twitter / Facebook

CVE-2020-16229 - Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a type confusion condition, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-16229
Partager : LinkedIn / Twitter / Facebook

CVE-2020-17447 - MyBB before 1.8.24 allows XSS because the visual editor mishandles [align], [size], [quote], and [font] in MyCode.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-17447
Partager : LinkedIn / Twitter / Facebook

CVE-2020-17451 - flatCore before 1.5.7 allows XSS by an admin via the acp/acp.php?tn=pages&sub=edit&editpage=1 page_linkname, page_title, page_content, or page_extracontent parameter, or the acp/acp.php?tn=system&sub=sys_pref prefs_pagename, prefs_pagetitle, or prefs_pagesubtitle parameter.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-17451
Partager : LinkedIn / Twitter / Facebook

CVE-2020-17452 - flatCore before 1.5.7 allows upload and execution of a .php file by an admin.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-17452
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7352 - The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows environment. Due to the software shipping with embedded, static RSA private key, an attacker with this key material and local user permissions can effectively send any operating system command to the service for execution in this elevated context. The service listens for such commands on a locally-bound network port, localhost:9978. A Metasploit module has been published which exploits this vulnerability. This issue affects the 2.0.x branch of the software (2.0.12 and earlier) as well as the 1.2.x branch (1.2.64 and earlier). A fix was issued for the 2.0.x branch of the affected software.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-7352
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7361 - The EasyCorp ZenTao Pro application suffers from an OS command injection vulnerability in its '/pro/repo-create.html' component. After authenticating to the ZenTao dashboard, attackers may construct and send arbitrary OS commands via the POST parameter 'path', and those commands will run in an elevated SYSTEM context on the underlying Windows operating system.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-7361
Partager : LinkedIn / Twitter / Facebook

CVE-2020-7810 - hslogin2.dll ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. This is due to a lack of integrity verification of the policy files referenced in the update process, and a remote attacker could induce a user to crafted web page, causing damage such as malicious code infection.
10/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-7810
Partager : LinkedIn / Twitter / Facebook

CVE-2020-11985 - IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively allocated a low severity CVE in 2020.
09/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-11985
Partager : LinkedIn / Twitter / Facebook

CVE-2020-11993 - Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "info" will mitigate this vulnerability for unpatched servers.
09/08/2020 | https://nvd.nist.gov/vuln/detail/CVE-2020-11993
Partager : LinkedIn / Twitter / Facebook