Working VB HIGH Table
Released
Mar 30, 2020
Document ID
SB20-090
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
Vulnerability Severity:
High Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| asus -- asuswrt | An issue was discovered in ASUSWRT 3.0.0.4.384.20308. When processing the /start_apply.htm POST data, there is a command injection issue via shell metacharacters in the fb_email parameter. By using this issue, an attacker can control the router and get shell. | 2020-03-20 | 10 | CVE-2018-20334 MISC |
| netsas -- enigma_netowrk_management_solution | An OS command injection vulnerability in the discover_and_manage CGI script in NETSAS Enigma NMS 65.0.0 and prior allows an attacker to execute arbitrary code because of improper neutralization of shell metacharacters in the ip_address variable within an snmp_browser action. | 2020-03-20 | 10 | CVE-2019-16072 MISC |
| tellabs -- optical_line_terminal_1150_firmware | Tellabs Optical Line Terminal (OLT) 1150 devices allow Remote Command Execution via the -l option to TELNET or SSH. | 2020-03-20 | 10 | CVE-2019-19148 MISC |
| google -- android | An issue was discovered on Samsung mobile devices with P(9.0) (TEEGRIS and Qualcomm chipsets). There is arbitrary memory overwrite in the SEM Trustlet, leading to arbitrary code execution. The Samsung IDs are SVE-2019-14651, SVE-2019-14666 (November 2019). | 2020-03-24 | 10 | CVE-2019-20537 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos chipsets) software. A buffer overflow in the HDCP Trustlet affects secure TEEGRIS memory. The Samsung ID is SVE-2019-15283 (November 2019). | 2020-03-24 | 10 | CVE-2019-20545 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the EXT_FR Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14847 (August 2019). | 2020-03-24 | 10 | CVE-2019-20583 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the HDCP Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14850 (August 2019). | 2020-03-24 | 10 | CVE-2019-20584 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. There is type confusion in the SEC_FR Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14851 (August 2019). | 2020-03-24 | 10 | CVE-2019-20585 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (with TEEGRIS) software. There is type confusion in the FINGERPRINT Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14864 (August 2019). | 2020-03-24 | 10 | CVE-2019-20586 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (with TEEGRIS) software. There is type confusion in the MLDAP Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14867 (August 2019). | 2020-03-24 | 10 | CVE-2019-20587 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a baseband heap overflow. The Samsung ID is SVE-2018-13187 (February 2019). | 2020-03-24 | 10 | CVE-2019-20621 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a baseband stack overflow. The Samsung ID is SVE-2018-13188 (February 2019). | 2020-03-24 | 10 | CVE-2019-20622 CONFIRM |
| it-novum -- openitcockpit | openITCOCKPIT before 3.7.3 has a web-based terminal that allows attackers to execute arbitrary OS commands via shell metacharacters that are mishandled on an su command line in app/Lib/SudoMessageInterface.php. | 2020-03-25 | 10 | CVE-2020-10789 MISC CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 (February 2020). | 2020-03-24 | 10 | CVE-2020-10835 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. The Esecomm Trustlet allows a stack overflow and arbitrary code execution. The Samsung ID is SVE-2019-15984 (February 2020). | 2020-03-24 | 10 | CVE-2020-10837 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos 9810 chipsets) software. Arbitrary memory mapping exists in TEE. The Samsung ID is SVE-2019-16665 (February 2020). | 2020-03-24 | 10 | CVE-2020-10848 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 (January 2020). | 2020-03-24 | 10 | CVE-2020-10850 CONFIRM |
| adobe -- acrobat_reader | Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution . | 2020-03-25 | 10 | CVE-2020-3805 CONFIRM |
| maliform -- maliform | mailform version 1.04 allows remote attackers to execute arbitrary PHP code via unspecified vectors. | 2020-03-25 | 10 | CVE-2020-5553 MISC |
| shihonkanri_plus_goout_project -- shihonkanri_plus_goout | Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote attackers to execute arbitrary OS commands via unspecified vectors. | 2020-03-25 | 10 | CVE-2020-5556 MISC |
| wl-enq_project -- wi-enq | WL-Enq 1.11 and 1.12 allows remote attackers to execute arbitrary OS commands with the administrative privilege via unspecified vectors. | 2020-03-25 | 10 | CVE-2020-5560 MISC |
| keijiban_tsumiki_project -- keijiban_tsumiki | Keijiban Tsumiki v1.15 allows remote attackers to execute arbitrary OS commands via unspecified vectors. | 2020-03-25 | 10 | CVE-2020-5561 MISC |
| grandstream -- grandstream_ucm6200 | The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. An attacker can use this vulnerability to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions before 1.0.20.17. | 2020-03-23 | 10 | CVE-2020-5722 MISC MISC |
| Rockwell_automation -- factorytalk_diagnostics | In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryTalk Services Platform, FactoryTalk Diagnostics exposes a .NET Remoting endpoint via RNADiagnosticsSrv.exe at TCPtcp/8082, which can insecurely deserialize untrusted data. | 2020-03-23 | 10 | CVE-2020-6967 MISC |
| moxa -- eds-g516e_series_firmware | In Moxa EDS-G516E Series firmware, Version 5.2 or lower, an attacker may gain access to the system without proper authentication. | 2020-03-24 | 10 | CVE-2020-6981 MISC |
| moxa -- pt-7528_series_firmware | In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, these devices use a hard-coded service code for access to the console. | 2020-03-24 | 10 | CVE-2020-6985 MISC |
| moxa -- eds-g516e_series_firmware | In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service. | 2020-03-24 | 10 | CVE-2020-7007 MISC |
| quest -- foglight_eveolve | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Quest Foglight Evolve 9.0.0. Authentication is not required to exploit this vulnerability. The specific flaw exists within the __service__ user account. The product contains a hard-coded password for this account. An attacker can leverage this vulnerability to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-9553. | 2020-03-23 | 10 | CVE-2020-8868 MISC MISC |
| google -- chrome | Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2020-03-23 | 9.3 | CVE-2020-6422 SUSE SUSE MISC MISC FEDORA FEDORA FEDORA GENTOO DEBIAN |
| google -- chrome | Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2020-03-23 | 9.3 | CVE-2020-6424 SUSE SUSE MISC MISC FEDORA FEDORA FEDORA GENTOO DEBIAN |
| google -- chrome | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2020-03-23 | 9.3 | CVE-2020-6427 SUSE SUSE MISC MISC FEDORA FEDORA FEDORA GENTOO DEBIAN |
| google -- chrome | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2020-03-23 | 9.3 | CVE-2020-6428 SUSE SUSE MISC MISC FEDORA FEDORA FEDORA GENTOO DEBIAN |
| google -- chrome | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2020-03-23 | 9.3 | CVE-2020-6429 SUSE SUSE MISC MISC FEDORA FEDORA FEDORA GENTOO DEBIAN |
| google -- chrome | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 2020-03-23 | 9.3 | CVE-2020-6449 SUSE SUSE MISC MISC FEDORA FEDORA FEDORA GENTOO DEBIAN |
| rivet_killer -- control_center | An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate parameters, leading to a stack-based buffer overflow, which can lead to code execution or escalation of privileges. | 2020-03-20 | 9 | CVE-2019-15661 MISC CONFIRM MISC |
| rivet_killer -- control_center | An issue was discovered in Rivet Killer Control Center before 2.1.1352. IOCTL 0x120004 in KfeCo10X64.sys fails to validate an offset passed as a parameter during a memory operation, leading to an arbitrary write primitive that can lead to code execution or escalation of privileges. | 2020-03-20 | 9 | CVE-2019-15665 MISC CONFIRM MISC |
| vestacp -- vesta_control_panel | Vesta Control Panel (VestaCP) through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demonstrated by an FTP session that renames .bash_logout to a .bash_logout' substring followed by shell metacharacters. | 2020-03-22 | 9 | CVE-2020-10808 MISC MISC MISC |
| cutephp -- cutenews | CuteNews 2.0.1 allows remote authenticated attackers to execute arbitrary PHP code via unspecified vectors. | 2020-03-25 | 9 | CVE-2020-5558 MISC |
| dlink -- multiple_products | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper implementation of the authentication algorithm. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the router. Was ZDI-CAN-9470. | 2020-03-23 | 8.3 | CVE-2020-8863 MISC MISC |
| dlink -- multiple_products | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DIR-867, DIR-878, and DIR-882 routers with firmware 1.10B04. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of HNAP login requests. The issue results from the lack of proper handling of empty passwords. An attacker can leverage this vulnerability to execute arbitrary code on the router. Was ZDI-CAN-9471. | 2020-03-23 | 8.3 | CVE-2020-8864 MISC MISC |
| asus -- asuswrt | An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI. | 2020-03-20 | 7.8 | CVE-2018-20335 MISC |
| simple_machines -- simple_machines_forum | An issue was discovered in Simple Machines Forum (SMF) before release 2.0.17. There is SSRF related to Subs-Package.php and Subs.php because user-supplied data is used directly in curl calls. | 2020-03-20 | 7.5 | CVE-2019-11574 MISC MISC |
| wordpress -- wordpress | The WP Live Chat Support plugin before 8.0.33 for WordPress accepts certain REST API calls without invoking the wplc_api_permission_check protection mechanism. | 2020-03-20 | 7.5 | CVE-2019-12498 CONFIRM CONFIRM MISC |
| dlink -- dap-1650 | An issue was discovered on D-Link DAP-1650 devices before 1.04B02_J65H Hot Fix. Attackers can execute arbitrary commands. | 2020-03-21 | 7.5 | CVE-2019-12767 CONFIRM |
| linbit -- csync2 | An issue was discovered in LINBIT csync2 through 2.0. csync_daemon_session in daemon.c neglects to force a failure of a hello command when the configuration requires use of SSL. | 2020-03-20 | 7.5 | CVE-2019-15522 MISC |
| apache -- traffic_server | There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and scheme parsing. Upgrade to versions 7.1.9 and 8.0.6 or later versions. | 2020-03-23 | 7.5 | CVE-2019-17559 MISC |
| apache -- traffic_server | There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and chunked encoding. Upgrade to versions 7.1.9 and 8.0.6 or later versions. | 2020-03-23 | 7.5 | CVE-2019-17565 MISC |
| sparkdevnetwork -- rock_rms | Rock RMS before 1.8.6 mishandles vCard access control within the People/GetVCard/REST controller. | 2020-03-20 | 7.5 | CVE-2019-18641 CONFIRM MISC |
| google -- android | An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), P(9.0), and Q(10.0) software. Arbitrary code execution is possible on the lock screen. The Samsung ID is SVE-2019-15266 (December 2019). | 2020-03-24 | 7.5 | CVE-2019-20530 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with N(7.1), O(8.x), and P(9.0) (released in China) software. The Firewall application mishandles the PermissionWhiteLists protection mechanism. The Samsung ID is SVE-2019-14299 (November 2019). | 2020-03-24 | 7.5 | CVE-2019-20536 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (Exynos chipsets) software. There is an out-of-bounds write in the ICCC Trustlet. The Samsung ID is SVE-2019-15274 (November 2019). | 2020-03-24 | 7.5 | CVE-2019-20544 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with P(9.0) devices (Qualcomm chipsets) software. There is a buffer overflow in the bootloader. The Samsung ID is SVE-2019-15399 (November 2019). | 2020-03-24 | 7.5 | CVE-2019-20548 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Broadcom chipsets) software. A heap out-of-bounds access can occur during LE Packet reception in Broadcom Bluetooth. The Samsung ID is SVE-2019-15724 (November 2019). | 2020-03-24 | 7.5 | CVE-2019-20549 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. Arbitrary memory read and write operations can occur in RKP. The Samsung ID is SVE-2019-15143 (October 2019). | 2020-03-24 | 7.5 | CVE-2019-20553 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with P(9.0) (SM6150, SM8150, SM8150_FUSION, exynos7885, exynos9610, and exynos9820 chipsets) software. RKP memory corruption allows attackers to control the effective address in EL2. The Samsung ID is SVE-2019-15221 (October 2019). | 2020-03-24 | 7.5 | CVE-2019-20556 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. There is a Buffer Overflow in the Touch Screen Driver. The Samsung ID is SVE-2019-14990 (October 2019). | 2020-03-24 | 7.5 | CVE-2019-20558 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. The BIOSUB Trustlet has an out of bounds write. The Samsung ID is SVE-2019-15261 (October 2019). | 2020-03-24 | 7.5 | CVE-2019-20560 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. The bootloader has an integer signedness error. The Samsung ID is SVE-2019-15230 (October 2019). | 2020-03-24 | 7.5 | CVE-2019-20561 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with P(9.0) (with TEEGRIS) software. There is a buffer overflow in the BIOSUB Trustlet. The Samsung ID is SVE-2019-15264 (October 2019). | 2020-03-24 | 7.5 | CVE-2019-20562 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) (with TEEGRIS) software. The SEC_FR trustlet has an out of bounds write. The Samsung ID is SVE-2019-15272 (October 2019). | 2020-03-24 | 7.5 | CVE-2019-20563 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with any (before September 2019 for SMP1300 Exynos modem chipsets) software. Attackers can trigger stack corruption in the Shannon modem via a crafted RP-Originator/Destination address. The Samsung ID is SVE-2019-14858 (September 2019). | 2020-03-24 | 7.5 | CVE-2019-20566 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A up_parm heap overflow leads to code execution in the bootloader. The Samsung ID is SVE-2019-14993 (September 2019). | 2020-03-24 | 7.5 | CVE-2019-20567 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.x) (with TEEGRIS) software. There is type confusion in the WVDRM Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2019-14885 (September 2019). | 2020-03-24 | 7.5 | CVE-2019-20571 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.1) and P(9.0) (Exynos chipsets) software. load_kernel has a buffer overflow via untrusted data. The Samsung ID is SVE-2019-14939 (September 2019). | 2020-03-24 | 7.5 | CVE-2019-20572 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with P(9.0) (Exynos 9820 chipsets) software. A Buffer overflow occurs when loading the UH Partition during Secure Boot. The Samsung ID is SVE-2019-14412 (August 2019). | 2020-03-24 | 7.5 | CVE-2019-20578 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) (Exynos chipsets) software. A stack overflow in the HDCP Trustlet causes arbitrary code execution. The Samsung ID is SVE-2019-14665 (August 2019). | 2020-03-24 | 7.5 | CVE-2019-20581 CONFIRM |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.x) and P(9.0) devices (Exynos9810 chipsets) software. There is a use after free in the ion driver. The Samsung ID is SVE-2019-14837 (August 2019). | 2020-03-24 | 7.5 | CVE-2019-20582 CONFIRM |
| rbsoft -- autoupdater | AutoUpdater.cs in AutoUpdater.NET before 1.5.8 allows XXE. | 2020-03-23 | 7.5 | CVE-2019-20627 MISC MISC |
| svglib--svglib | The svglib package through 0.9.3 for Python allows XXE attacks via an svg2rlg call. | 2020-03-20 | 7.5 | CVE-2020-10799 MISC |
| ez_publish -- ez_publish_kernel | eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php execution. | 2020-03-22 | 7.5 | CVE-2020-10806 MISC |
| google -- android | An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The Widevine Trustlet allows read and write operations on arbitrary memory locations. The Samsung ID is SVE-2019-15873 (February 2020). | 2020-03-24 | 7.5 | CVE-2020-10836 CONFIRM |
| rcongif -- rconfig | rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped. | 2020-03-23 | 7.5 | CVE-2020-10879 MISC EXPLOIT-DB |
| graphicsmagick -- graphicsmagick | GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c. | 2020-03-24 | 7.5 | CVE-2020-10938 MISC |
| s9y -- serendipity | Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename. | 2020-03-25 | 7.5 | CVE-2020-10964 MISC MISC |
| apache -- traffic_server | There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and Transfer-Encoding and Content length headers. Upgrade to versions 7.1.9 and 8.0.6 or later versions. | 2020-03-23 | 7.5 | CVE-2020-1944 MISC |
| adobe -- photoshop | Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a buffer errors vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-03-25 | 7.5 | CVE-2020-3775 CONFIRM |
| adobe -- photoshop | Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a heap corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-03-25 | 7.5 | CVE-2020-3783 CONFIRM |
| adobe -- photoshop | Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-03-25 | 7.5 | CVE-2020-3784 CONFIRM |
| adobe -- photoshop | Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-03-25 | 7.5 | CVE-2020-3785 CONFIRM |
| adobe -- photoshop | Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-03-25 | 7.5 | CVE-2020-3786 CONFIRM |
| adobe -- photoshop | Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-03-25 | 7.5 | CVE-2020-3787 CONFIRM |
| adobe -- photoshop | Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-03-25 | 7.5 | CVE-2020-3788 CONFIRM |
| adobe -- photoshop | Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. | 2020-03-25 | 7.5 | CVE-2020-3789 CONFIRM |
| adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution . | 2020-03-25 | 7.5 | CVE-2020-3792 CONFIRM |
| adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution . | 2020-03-25 | 7.5 | CVE-2020-3793 CONFIRM |
| adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution . | 2020-03-25 | 7.5 | CVE-2020-3795 CONFIRM |
| adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution . | 2020-03-25 | 7.5 | CVE-2020-3797 CONFIRM |
| adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution . | 2020-03-25 | 7.5 | CVE-2020-3799 CONFIRM |
| adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution . | 2020-03-25 | 7.5 | CVE-2020-3801 CONFIRM |
| adobe -- acrobat_and_reader | Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution . | 2020-03-25 | 7.5 | CVE-2020-3807 CONFIRM |
| videolabs -- libmicrodns | An exploitable code execution vulnerability exists in the label-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the rr_decode function's return value is not checked, leading to a double free that could be exploited to execute arbitrary code. An attacker can send an mDNS message to trigger this vulnerability. | 2020-03-24 | 7.5 | CVE-2020-6072 MISC |
| moxa -- pt-7528_series_firmware | In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service condition or execute arbitrary code. | 2020-03-24 | 7.5 | CVE-2020-6989 MISC |
| moxa -- pt-7528_series_firmware | In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, the application utilizes weak password requirements, which may allow an attacker to gain unauthorized access. | 2020-03-24 | 7.5 | CVE-2020-6995 MISC |
| Schneider-electric -- ecostructure_control_expert_and_unity_pro | A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection'), reflective DLL, vulnerability exists in EcoStruxure Control Expert (all versions prior to 14.1 Hot Fix), Unity Pro (all versions), Modicon M340 (all versions prior to V3.20), Modicon M580 (all versions prior to V3.10), which, if exploited, could allow attackers to transfer malicious code to the controller. | 2020-03-23 | 7.5 | CVE-2020-7475 MISC |
| Schneider-electric -- andover_continuum | A CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability exists in Andover Continuum (All versions), which could cause files on the application server filesystem to be viewable when an attacker interferes with an application's processing of XML data. | 2020-03-23 | 7.5 | CVE-2020-7480 MISC |
| liferay -- liferay_portal | Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS). | 2020-03-20 | 7.5 | CVE-2020-7961 MISC CONFIRM |
| uppy -- uppy | The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems. | 2020-03-20 | 7.5 | CVE-2020-8135 MISC |
| blamer -- blamer | Code injection vulnerability in blamer 1.0.0 and earlier may result in remote code execution when the input can be controlled by an attacker. | 2020-03-20 | 7.5 | CVE-2020-8137 MISC |
| zend -- zendto | lib/NSSDropbox.php in ZendTo prior to 5.22-2 Beta failed to properly check for equality when validating the session cookie, allowing an attacker to gain administrative access with a large number of requests. | 2020-03-24 | 7.5 | CVE-2020-8986 MISC |
| wordpress -- wordpress | An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoints, unauthenticated users can retrieve pricing table information, create new tables, or import/modify a table. | 2020-03-23 | 7.5 | CVE-2020-9392 MISC |
| naver -- cloud_explorer | Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the filesystem as a system privilege through its named pipe. | 2020-03-23 | 7.5 | CVE-2020-9752 CONFIRM |
| weechat-- weechat | An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affected). When a new IRC message 005 is received with longer nick prefixes, a buffer overflow and possibly a crash can happen when a new mode is set for a nick. | 2020-03-23 | 7.5 | CVE-2020-9760 MISC MLIST GENTOO MISC |
| homeee -- brain_cube | The bootloader of the homee Brain Cube V2 through 2.23.0 allows attackers with physical access to gain root access by manipulating the U-Boot environment via the CLI after connecting to the internal UART interface. | 2020-03-20 | 7.2 | CVE-2019-16258 MISC MISC |
| parallels -- parallels_desktop | This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the IOCTL handler. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Was ZDI-CAN-10028. | 2020-03-23 | 7.2 | CVE-2020-8875 MISC |
| tesla -- tesla | The driving interface of Tesla Model 3 vehicles in any release before 2020.4.10 allows Denial of Service to occur due to improper process separation, which allows attackers to disable the speedometer, web browser, climate controls, turn signal visual and sounds, navigation, autopilot notifications, along with other miscellaneous functions from the main screen. | 2020-03-20 | 7.1 | CVE-2020-10558 MISC |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.