8-10 VB HIGH and MEDIUM Tables
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
High Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
cisco -- data_center_network_manager | A vulnerability in the REST API of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. The vulnerability exists because different installations share a static encryption key. An attacker could exploit this vulnerability by using the static key to craft a valid session token. A successful exploit could allow the attacker to perform arbitrary actions through the REST API with administrative privileges. | 2020-07-31 | 10 | CVE-2020-3382 CISCO |
cohesive_networks -- cohesive_networks | The administrative interface of Cohesive Networks vns3:vpn appliances before version 4.11.1 is vulnerable to authenticated remote code execution leading to server compromise. | 2020-08-04 | 9 | CVE-2020-15467 MISC MISC |
cisco -- sd-wan_vmanage_software | A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to bypass authorization, enabling them to access sensitive information, modify the system configuration, or impact the availability of the affected system. The vulnerability is due to insufficient authorization checking on the affected system. An attacker could exploit this vulnerability by sending crafted HTTP requests to the web-based management interface of an affected system. A successful exploit could allow the attacker to gain privileges beyond what would normally be authorized for their configured user authorization level. The attacker may be able to access sensitive information, modify the system configuration, or impact the availability of the affected system. | 2020-07-31 | 9 | CVE-2020-3374 CISCO |
cisco -- data_center_network_manager | A vulnerability in the archive utility of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. The vulnerability is due to a lack of proper input validation of paths that are embedded within archive files. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to write arbitrary files in the system with the privileges of the logged-in user. | 2020-07-31 | 9 | CVE-2020-3383 CISCO |
cisco -- data_center_network_manager | A vulnerability in the REST API endpoint of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker with a low-privileged account to bypass authorization on the API of an affected device. The vulnerability is due to insufficient authorization of certain API functions. An attacker could exploit this vulnerability by sending a crafted request to the API using low-privileged credentials. A successful exploit could allow the attacker to perform arbitrary actions through the REST API with administrative privileges. | 2020-07-31 | 9 | CVE-2020-3386 CISCO |
teltonika -- trb2_r_devices | Improper Input Validation in Teltonika firmware TRB2_R_00.02.04.01 allows a remote, authenticated attacker to gain root privileges by uploading a malicious backup archive. | 2020-08-03 | 9 | CVE-2020-5771 MISC |
teltonika -- trb2_r_devices | Improper Input Validation in Teltonika firmware TRB2_R_00.02.04.01 allows a remote, authenticated attacker to gain root privileges by uploading a malicious package file. | 2020-08-03 | 9 | CVE-2020-5772 MISC |
tp-link -- tl-ps310u_devices | TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter. | 2020-08-07 | 8.3 | CVE-2020-15055 MISC |
lindy -- 2.078.000_devices | Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter. | 2020-08-07 | 8.3 | CVE-2020-15059 MISC |
digitus -- 2.073.000.e0008_devices | DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter. | 2020-08-07 | 8.3 | CVE-2020-15063 MISC |
apache -- http_server | Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE | 2020-08-07 | 7.5 | CVE-2020-11984 MLIST MLIST MLIST MLIST MISC GENTOO |
apache -- skywalking | **Resolved** Only when using H2/MySQL/TiDB as Apache SkyWalking storage, there is a SQL injection vulnerability in the wildcard query cases. | 2020-08-05 | 7.5 | CVE-2020-13921 MLIST MISC MLIST |
cisco -- data_center_network_manager | A vulnerability in the Device Manager application of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions on an affected device. The vulnerability is due to a failure in the software to perform proper authentication. An attacker could exploit this vulnerability by browsing to one of the hosted URLs in Cisco DCNM. A successful exploit could allow the attacker to interact with and use certain functions within the Cisco DCNM. | 2020-07-31 | 7.5 | CVE-2020-3376 CISCO |
ibm -- security_verify_access | IBM Security Verify Access 10.7 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 181395. | 2020-08-04 | 7.5 | CVE-2020-4459 XF CONFIRM |
vmware -- kryo_codec | Spring Integration framework provides Kryo Codec implementations as an alternative for Java (de)serialization. When Kryo is configured with default options, all unregistered classes are resolved on demand. This leads to the "deserialization gadgets" exploit when provided data contains malicious code for execution during deserialization. In order to protect against this type of attack, Kryo can be configured to require a set of trusted classes for (de)serialization. Spring Integration should be proactive against blocking unknown "deserialization gadgets" when configuring Kryo in code. | 2020-07-31 | 7.5 | CVE-2020-5413 CONFIRM |
php_factory -- multiple_products | [Calendar01], [Calendar02], [PKOBO-News01], [PKOBO-vote01], [Telop01], [Gallery01], [CalendarForm01], and [Link01] [Calendar01] free edition ver1.0.0, [Calendar02] free edition ver1.0.0, [PKOBO-News01] free edition ver1.0.3 and earlier, [PKOBO-vote01] free edition ver1.0.1 and earlier, [Telop01] free edition ver1.0.0, [Gallery01] free edition ver1.0.3 and earlier, [CalendarForm01] free edition ver1.0.3 and earlier, and [Link01] free edition ver1.0.0 allows remote attackers to bypass authentication and log in to the product with administrative privileges via unspecified vectors. | 2020-08-04 | 7.5 | CVE-2020-5616 MISC MISC MISC MISC MISC MISC MISC MISC MISC |
wowza -- streaming_engine | Wowza Streaming Engine through 2019-11-28 has Insecure Permissions. | 2020-08-03 | 7.2 | CVE-2019-19455 MISC MISC |
ibm -- websphere_application_server | IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local authenticated attacker to gain elevated privileges on the system, caused by improper handling of UNC paths. By scheduling a task with a specially-crafted UNC path, an attacker could exploit this vulnerability to execute arbitrary code with higher privileges. IBM X-Force ID: 182808. | 2020-08-03 | 7.2 | CVE-2020-4534 XF CONFIRM |
Medium Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
ibm -- i2_analyst_notebook | IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183317. | 2020-08-03 | 6.9 | CVE-2020-4549 XF CONFIRM |
ibm -- i2_analyst_notebook | IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183318. | 2020-08-03 | 6.9 | CVE-2020-4550 XF CONFIRM |
ibm -- i2_analyst_notebook | IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183319. | 2020-08-03 | 6.9 | CVE-2020-4551 XF CONFIRM |
ibm -- i2_analyst_notebook | IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183320. | 2020-08-03 | 6.9 | CVE-2020-4552 XF CONFIRM |
ibm -- i2_analyst_notebook | IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183321. | 2020-08-03 | 6.9 | CVE-2020-4553 XF CONFIRM |
ibm -- i2_analyst_notebook | IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 183322. | 2020-08-03 | 6.9 | CVE-2020-4554 XF CONFIRM |
amq -- online_console | It was found that the AMQ Online console is vulnerable to a Cross-Site Request Forgery (CSRF) which is exploitable in cases where preflight checks are not instigated or bypassed. For example authorised users using an older browser with Adobe Flash are vulnerable when targeted by an attacker. This flaw affects all versions of AMQ-Online prior to 1.5.2 and Enmasse versions 0.31.0-rc1 up until but not including 0.32.2. | 2020-08-03 | 6.8 | CVE-2020-14319 MISC |
kde -- ark | In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal. | 2020-08-03 | 6.8 | CVE-2020-16116 MISC CONFIRM CONFIRM FEDORA GENTOO CONFIRM |
tgstation-server -- tgstation-server | In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any file on the server machine (accessible by the owner of the server process) via directory traversal ../ sequences in /Administration/Logs/ requests. The attacker is unable to enumerate files, however. | 2020-07-31 | 6.8 | CVE-2020-16136 MISC MISC |
delta_electronics -- delta_industrial_automation_cncsoft_screen_editor | Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple stack-based buffer overflow vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | 2020-08-04 | 6.8 | CVE-2020-16199 MISC MISC MISC MISC |
delta_electronics -- delta_industrial_automation_cncsoft_screeneditor | Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. An uninitialized pointer may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | 2020-08-04 | 6.8 | CVE-2020-16203 MISC MISC |
delta_electronics -- tpeditor | Delta Electronics TPEditor Versions 1.97 and prior. An out-of-bounds read may be exploited by processing specially crafted project files. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | 2020-08-07 | 6.8 | CVE-2020-16219 MISC |
delta_electronics -- tpeditor | Delta Electronics TPEditor Versions 1.97 and prior. A stack-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | 2020-08-07 | 6.8 | CVE-2020-16221 MISC |
delta_electronics -- tpeditor | Delta Electronics TPEditor Versions 1.97 and prior. A heap-based buffer overflow may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | 2020-08-07 | 6.8 | CVE-2020-16223 MISC |
delta_electronics -- tpeditor | Delta Electronics TPEditor Versions 1.97 and prior. A write-what-where condition may be exploited by processing a specially crafted project file. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | 2020-08-07 | 6.8 | CVE-2020-16225 MISC |
delta_electronics -- tpeditor | Delta Electronics TPEditor Versions 1.97 and prior. An improper input validation may be exploited by processing a specially crafted project file not validated when the data is entered by a user. Successful exploitation of this vulnerability may allow an attacker to read/modify information, execute arbitrary code, and/or crash the application. | 2020-08-07 | 6.8 | CVE-2020-16227 MISC |
php_factory -- calendar01_and_calendar02 | Cross-site request forgery (CSRF) vulnerability in [Calendar01] free edition ver1.0.0 and [Calendar02] free edition ver1.0.0 allows remote attackers to hijack the authentication of administrators via unspecified vectors. | 2020-08-04 | 6.8 | CVE-2020-5615 MISC MISC MISC |
teltonika -- trb2_r_devices | Cross-site request forgery in Teltonika firmware TRB2_R_00.02.04.01 allows a remote attacker to perform sensitive application actions by tricking legitimate users into clicking a crafted link. | 2020-08-03 | 6.8 | CVE-2020-5770 MISC |
hmtalk -- daviewindy | DaviewIndy has a Heap-based overflow vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution. | 2020-08-04 | 6.8 | CVE-2020-7822 MISC MISC |
hmtalk -- daviewindy | DaviewIndy has a Memory corruption vulnerability, triggered when the user opens a malformed image file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution. | 2020-08-04 | 6.8 | CVE-2020-7823 MISC MISC |
cisco -- data_center_network_manager | A vulnerability in the Device Manager application of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to inject arbitrary commands on the affected device. The vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending crafted arguments to a specific field within the application. A successful exploit could allow the attacker to run commands as the administrator on the DCNM. | 2020-07-31 | 6.5 | CVE-2020-3377 CISCO |
cisco -- data_center_network_manager | A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain and modify sensitive information that is stored in the underlying database. | 2020-07-31 | 6.5 | CVE-2020-3462 CISCO |
ibm -- financial_transaction_manager | IBM Financial Transaction Manager 3.2.4 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 177839. | 2020-08-03 | 6.5 | CVE-2020-4328 XF CONFIRM |
vmware -- gemfire | VMware GemFire versions prior to 9.10.0, 9.9.2, 9.8.7, and 9.7.6, and VMware Tanzu GemFire for VMs versions prior to 1.11.1 and 1.10.2, when deployed without a SecurityManager, contain a JMX service available which contains an insecure default configuration. This allows a malicious user to create an MLet mbean leading to remote code execution. | 2020-07-31 | 6.5 | CVE-2020-5396 CONFIRM |
teltonika -- trb2_r_devices | Improper Access Control in Teltonika firmware TRB2_R_00.02.04.01 allows a low privileged user to perform unauthorized write operations. | 2020-08-03 | 6.5 | CVE-2020-5773 MISC |
kee_vault -- keepassrpc | The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 generates insufficiently random numbers, which allows remote attackers to read and modify data in the KeePass database via a WebSocket connection. | 2020-08-03 | 6.4 | CVE-2020-16271 MISC MISC |
kee_vault -- keepassrpc | The SRP-6a implementation in Kee Vault KeePassRPC before 1.12.0 is missing validation for a client-provided parameter, which allows remote attackers to read and modify data in the KeePass database via an A=0 WebSocket connection. | 2020-08-03 | 6.4 | CVE-2020-16272 MISC MISC |
ibm -- cognos_analytics | IBM Cognos Anaytics 11.0 and 11.1 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 179156. | 2020-08-03 | 6.4 | CVE-2020-4377 XF CONFIRM |
tp-link -- tl-ps310u_devices | TP-Link USB Network Server TL-PS310U devices before 2.079.000.t0210 allow an attacker on the same network to denial-of-service the device via long input values. | 2020-08-07 | 6.1 | CVE-2020-15057 MISC |
lindy -- 2.078.000_devices | Lindy 42633 4-Port USB 2.0 Gigabit Network Server 2.078.000 devices allow an attacker on the same network to denial-of-service the device via long input values. | 2020-08-07 | 6.1 | CVE-2020-15061 MISC |
digitus -- 2.073.000.e0008_devices | DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to denial-of-service the device via long input values. | 2020-08-07 | 6.1 | CVE-2020-15065 MISC |
cisco -- data_center_network_manager | A vulnerability in specific REST API endpoints of Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to inject arbitrary commands on the underlying operating system with the privileges of the logged-in user. The vulnerability is due to insufficient validation of user-supplied input to the API. An attacker could exploit this vulnerability by sending a crafted request to the API. A successful exploit could allow the attacker to inject arbitrary commands on the underlying operating system. | 2020-07-31 | 6 | CVE-2020-3384 CISCO |
vmware -- tanzu_application_service | VMware Tanzu Application Service for VMs (2.7.x versions prior to 2.7.19, 2.8.x versions prior to 2.8.13, and 2.9.x versions prior to 2.9.7) contains an App Autoscaler that logs the UAA admin password. This credential is redacted on VMware Tanzu Operations Manager; however, the unredacted logs are available to authenticated users of the BOSH Director. This credential would grant administrative privileges to a malicious user. The same versions of App Autoscaler also log the App Autoscaler Broker password. Prior to newer versions of Operations Manager, this credential was not redacted from logs. This credential allows a malicious user to create, delete, and modify App Autoscaler services instances. Operations Manager started redacting this credential from logs as of its versions 2.7.15, 2.8.6, and 2.9.1. Note that these logs are typically only visible to foundation administrators and operators. | 2020-07-31 | 6 | CVE-2020-5414 CONFIRM |
pghero -- pghero | The PgHero gem through 2.6.0 for Ruby allows CSRF. | 2020-08-05 | 5.8 | CVE-2020-16253 MISC MISC |
nlnet_labs -- routinator | An issue was discovered in NLnet Labs Routinator 0.1.0 through 0.7.1. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Origin Authorisation ".roa" files or X509 Certificate Revocation List files from the RPKI relying party's view. | 2020-08-05 | 5.8 | CVE-2020-17366 MISC |
atlassian -- jira | An issue was discovered in the Gantt-Chart module before 5.5.4 for Jira. Due to a missing privilege check, it is possible to read and write to the module configuration of other users. This can also be used to deliver an XSS payload to other users' dashboards. To exploit this vulnerability, an attacker has to be authenticated. | 2020-08-04 | 5.5 | CVE-2020-15943 MISC FULLDISC MISC MISC |
ibm -- cognos_analytics | IBM Cognos Analytics 11.0 and 11.1 is susceptible to an information disclosure vulnerability where an attacker could gain access to cached browser data. IBM X-Force ID: 161748. | 2020-08-03 | 5 | CVE-2019-4366 XF CONFIRM |
fauc -- i_series_cnc | A denial-of-service vulnerability in the Fanuc i Series CNC (0i-MD and 0i Mate-MD) could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices. | 2020-08-03 | 5 | CVE-2020-12739 JVN MISC JVN MISC |
redhat -- redhat | etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess or brute-force users' passwords with little computational effort. | 2020-08-06 | 5 | CVE-2020-15115 CONFIRM |
sulu -- sulu | In Sulu before versions 1.6.35, 2.0.10, and 2.1.1, when the "Forget password" feature on the login screen is used, Sulu asks the user for a username or email address. If the given string is not found, a response with a `400` error code is returned, along with a error message saying that this user name does not exist. This enables attackers to retrieve valid usernames. Also, the response of the "Forgot Password" request returns the email address to which the email was sent, if the operation was successful. This information should not be exposed, as it can be used to gather email addresses. This problem was fixed in versions 1.6.35, 2.0.10 and 2.1.1. | 2020-08-05 | 5 | CVE-2020-15132 CONFIRM |
acti-- nvr3 | ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unauthenticated attackers to trigger a buffer overflow and application termination via a malformed payload. | 2020-08-04 | 5 | CVE-2020-15956 MISC MISC MISC |
cisco -- data_center_network_manager | A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to obtain confidential information from an affected device. The vulnerability is due to missing authentication on a specific part of the web-based management interface. An attacker could exploit this vulnerability by sending a crafted request to the interface. A successful exploit could allow the attacker to read confidential information from an affected device. | 2020-07-31 | 5 | CVE-2020-3461 CISCO |
richoh -- streamline_nx_client_tool_and_streamline_nx_client | An issue was discovered in RICOH Streamline NX Client Tool and RICOH Streamline NX PC Client that allows attackers to escalate local privileges. | 2020-08-04 | 4.6 | CVE-2019-20001 MISC MISC |
redhat -- redhat | An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are shipped with Red Hat Enterprise Linux. | 2020-08-05 | 4.6 | CVE-2020-14344 SUSE SUSE CONFIRM MISC MISC |
skysea -- client_view | Privilege escalation vulnerability in SKYSEA Client View Ver.12.200.12n to 15.210.05f allows an attacker to obtain unauthorized privileges and modify/obtain sensitive information or perform unintended operations via unspecified vectors. | 2020-08-04 | 4.6 | CVE-2020-5617 MISC MISC |
bitdefender -- endpoint_security | Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivileged process to restart the main service and potentially inject third-party code into a trusted process. This issue affects: Bitdefender Endpoint Security for Mac versions prior to 4.12.80. | 2020-08-03 | 4.6 | CVE-2020-8108 MISC |
huawei -- fusioncomput | Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify some input correctly and authorizes files with incorrect access. Attackers can exploit this vulnerability to launch privilege escalation attack. This can compromise normal service. | 2020-07-31 | 4.6 | CVE-2020-9248 MISC |
ocportal -- ocportal | A reflected Cross-site Scripting (XSS) vulnerability exists in OcPortal 9.0.20 via the OCF_EMOTICON_CELL.tpl FIELD_NAME field to data/emoticons.php. | 2020-08-03 | 4.3 | CVE-2015-9549 MISC MISC |
wowza -- streaming_engine | Wowza Streaming Engine through 2019-11-28 allows XSS (issue 1 of 2). | 2020-08-03 | 4.3 | CVE-2019-19453 MISC MISC |
plesk -- obsidian | A GET-based XSS reflected vulnerability in Plesk Obsidian 18.0.17 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter. | 2020-08-03 | 4.3 | CVE-2020-11583 MISC |
plesk -- onyx | A GET-based XSS reflected vulnerability in Plesk Onyx 17.8.11 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter. | 2020-08-03 | 4.3 | CVE-2020-11584 MISC |
apache -- http_server | IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively allocated a low severity CVE in 2020. | 2020-08-07 | 4.3 | CVE-2020-11985 MISC GENTOO |
apache -- http_server | Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of mod_http2 above "info" will mitigate this vulnerability for unpatched servers. | 2020-08-07 | 4.3 | CVE-2020-11993 MISC MLIST GENTOO |
extreme -- eac_applications | Extreme EAC Appliance 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request. | 2020-08-05 | 4.3 | CVE-2020-13819 CONFIRM MISC MISC |
extreme -- extreme_management_center | Extreme Management Center 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request. | 2020-08-03 | 4.3 | CVE-2020-13820 MISC MISC MISC MISC |
tiki -- tiki | Tiki before 21.2 allows XSS because [\s\/"\'] is not properly considered in lib/core/TikiFilter/PreventXss.php. | 2020-08-03 | 4.3 | CVE-2020-16131 MISC MISC |
limesurvey -- limesurvey | LimeSurvey 4.3.2 allows reflected XSS because application/controllers/LSBaseController.php lacks code to validate parameters. | 2020-08-05 | 4.3 | CVE-2020-16192 MISC |
delta_electronics -- delta_industrial_automation_cncsoft_screen_editor | Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attacker to read information. | 2020-08-04 | 4.3 | CVE-2020-16201 MISC MISC MISC MISC MISC MISC MISC |
field_test -- field_test | The Field Test gem 0.2.0 through 0.3.2 for Ruby allows CSRF. | 2020-08-05 | 4.3 | CVE-2020-16252 MISC MISC |
chartkick -- chartkick | The Chartkick gem through 3.3.2 for Ruby allows Cascading Style Sheets (CSS) Injection (without attribute). | 2020-08-05 | 4.3 | CVE-2020-16254 MISC MISC |
radare2 -- radare2 | radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parse_typedef in type_dwarf.c via a malformed DW_AT_name in the .debug_info section. | 2020-08-03 | 4.3 | CVE-2020-16269 MISC |
amazon -- firexracker | In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on which the issue is triggered. | 2020-08-04 | 4.3 | CVE-2020-16843 MISC |
cisco -- data_center_network_manager | A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. The vulnerability exists because the web-based management interface does not properly validate user-supplied input. An attacker could exploit this vulnerability by intercepting a request from a user and injecting malicious data into an HTTP header. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive browser-based information. | 2020-07-31 | 4.3 | CVE-2020-3460 CISCO |
ibm-- security_identity_governance_and_intelligence | IBM Security Identity Governance and Intelligence 5.2.6 Virtual Appliance could allow a remote attacker to obtain sensitive information using man in the middle techniques due to not properly invalidating session tokens. IBM X-Force ID: 175420. | 2020-08-05 | 4.3 | CVE-2020-4243 XF CONFIRM |
ibm -- financial_transaction_manager | IBM Financial Transaction Manager 3.2.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. | 2020-08-03 | 4.3 | CVE-2020-4560 XF CONFIRM |
jeedom -- jeedom | Jeedom through 4.0.38 allows XSS. | 2020-08-05 | 4.3 | CVE-2020-9036 MISC |
ibm -- cognos_analytics | IBM Cognos Analytics 11.0 and 11.1 is vulnerable to privlege escalation where the "My schedules and subscriptions" page is visible and accessible to a less privileged user. IBM X-Force ID: 167449. | 2020-08-03 | 4 | CVE-2019-4589 XF CONFIRM |
redhat -- redhat | In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoint. This results in a denial of service, since the endpoint can become stuck in a loop of requesting itself until there are no more available file descriptors to accept connections on the gateway. | 2020-08-06 | 4 | CVE-2020-15114 CONFIRM |
ibm -- jazz_foundation_and_engineering_products | IBM Jazz Foundation and IBM Engineering products could allow an authenticated user to send a specially crafted HTTP GET request to read attachments on the server that they should not have access to. IBM X-Force ID: 179539. | 2020-08-04 | 4 | CVE-2020-4410 XF CONFIRM |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.