Total
29575 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-19778 | 1 Shopxo | 1 Shopxo | 2024-11-21 | 9.8 Critical |
| Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows remote attackers to gain privileges in "/index.php" by manipulating the parameter "user_id" in the HTML request. | ||||
| CVE-2020-19641 | 1 Insma | 2 Wifi Mini Spy 1080p Hd Security Ip Camera, Wifi Mini Spy 1080p Hd Security Ip Camera Firmware | 2024-11-21 | 8.8 High |
| An issue was discovered in INSMA Wifi Mini Spy 1080P HD Security IP Camera 1.9.7 B. Authenticated attackers with the "Operator" Privilege can gain admin privileges via a crafted request to '/goform/formUserMng'. | ||||
| CVE-2020-19417 | 1 Emerson | 2 Wireless 1420 Gateway, Wireless 1420 Gateway Firmware | 2024-11-21 | 8.8 High |
| Emerson Smart Wireless Gateway 1420 4.6.59 allows non-privileged users (such as the default account 'maint') to perform administrative tasks by sending specially crafted HTTP requests to the application. | ||||
| CVE-2020-18741 | 1 Thinksaas | 1 Thinksaas | 2024-11-21 | 5.3 Medium |
| Improper Authorization in ThinkSAAS v2.7 allows remote attackers to modify the description of any user's photo via the "photoid%5B%5D" and "photodesc%5B%5D" parameters in the component "index.php?app=photo." | ||||
| CVE-2020-18170 | 1 Abloy | 1 Key Manager | 2024-11-21 | 9.8 Critical |
| An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager Version 7.14301.0.0 allows attackers to escalate privileges via a change in permissions. | ||||
| CVE-2020-17521 | 4 Apache, Netapp, Oracle and 1 more | 24 Atlas, Groovy, Snapcenter and 21 more | 2024-11-21 | 5.5 Medium |
| Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Users not using the extension methods mentioned in the advisory are not affected, but may wish to read the advisory for further details. Versions Affected: 2.0 to 2.4.20, 2.5.0 to 2.5.13, 3.0.0 to 3.0.6, and 4.0.0-alpha-1. Fixed in versions 2.4.21, 2.5.14, 3.0.7, 4.0.0-alpha-2. | ||||
| CVE-2020-17514 | 1 Apache | 1 Fineract | 2024-11-21 | 7.4 High |
| Apache Fineract prior to 1.5.0 disables HTTPS hostname verification in ProcessorHelper in the configureClient method. Under typical deployments, a man in the middle attack could be successful. | ||||
| CVE-2020-17440 | 2 Contiki-os, Uip Project | 2 Contiki, Uip | 2024-11-21 | 7.5 High |
| An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that domain names present in the DNS responses have '\0' termination. This results in errors when calculating the offset of the pointer that jumps over domain name bytes in DNS response packets when a name lacks this termination, and eventually leads to dereferencing the pointer at an invalid/arbitrary address, within newdata() and parse_name() in resolv.c. | ||||
| CVE-2020-16969 | 1 Microsoft | 1 Exchange Server | 2024-11-21 | 7.1 High |
| <p>An information disclosure vulnerability exists in how Microsoft Exchange validates tokens when handling certain messages. An attacker who successfully exploited the vulnerability could use this to gain further information from a user.</p> <p>To exploit the vulnerability, an attacker could include specially crafted OWA messages that could be loaded, without warning or filtering, from the attacker-controlled URL. This callback vector provides an information disclosure tactic used in web beacons and other types of tracking systems.</p> <p>The security update corrects the way that Exchange handles these token validations.</p> | ||||
| CVE-2020-16849 | 1 Canon | 56 Ir2202n, Ir2202n Firmware, Ir2204f and 53 more | 2024-11-21 | 7.5 High |
| An issue was discovered on Canon MF237w 06.07 devices. An "Improper Handling of Length Parameter Inconsistency" issue in the IPv4/ICMPv4 component, when handling a packet sent by an unauthenticated network attacker, may expose Sensitive Information. | ||||
| CVE-2020-16244 | 1 Ge | 1 Asset Performance Management Classic | 2024-11-21 | 7.2 High |
| GE Digital APM Classic, Versions 4.4 and prior. Salt is not used for hash calculation of passwords, making it possible to decrypt passwords. This design flaw, along with the IDOR vulnerability, puts the entire platform at high risk because an authenticated user can retrieve all user account data and then retrieve the actual passwords. | ||||
| CVE-2020-16230 | 1 Hms-networks | 4 Ewon Cosy, Ewon Cosy Firmware, Ewon Flexy and 1 more | 2024-11-21 | 2.3 Low |
| All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources. An attacker with local access and high privileges could inject scripts into the Cross-origin Resource Sharing (CORS) configuration that could abuse this vulnerability, allowing the attacker to retrieve limited confidential information through sniffing. | ||||
| CVE-2020-16120 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 5.1 Medium |
| Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpoint controlled by the user, like a removable device. This was introduced in kernel version 4.19 by commit d1d04ef ("ovl: stack file ops"). This was fixed in kernel version 5.8 by commits 56230d9 ("ovl: verify permissions in ovl_path_open()"), 48bd024 ("ovl: switch to mounter creds in readdir") and 05acefb ("ovl: check permission to open real file"). Additionally, commits 130fdbc ("ovl: pass correct flags for opening real directory") and 292f902 ("ovl: call secutiry hook in ovl_real_ioctl()") in kernel 5.8 might also be desired or necessary. These additional commits introduced a regression in overlay mounts within user namespaces which prevented access to files with ownership outside of the user namespace. This regression was mitigated by subsequent commit b6650da ("ovl: do not fail because of O_NOATIMEi") in kernel 5.11. | ||||
| CVE-2020-15959 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-11-21 | 4.3 Medium |
| Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering. | ||||
| CVE-2020-15939 | 1 Fortinet | 1 Fortisandbox | 2024-11-21 | 4.3 Medium |
| An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration file via the recovery URL. | ||||
| CVE-2020-15860 | 1 Parallels | 1 Remote Application Server | 2024-11-21 | 9.9 Critical |
| Parallels Remote Application Server (RAS) 17.1.1 has a Business Logic Error causing remote code execution. It allows an authenticated user to execute any application in the backend operating system through the web application, despite the affected application not being published. In addition, it was discovered that it is possible to access any host in the internal domain, even if it has no published applications or the mentioned host is no longer associated with that server farm. | ||||
| CVE-2020-15768 | 1 Gradle | 2 Enterprise, Enterprise Cache Node | 2024-11-21 | 7.5 High |
| An issue was discovered in Gradle Enterprise 2017.3 - 2020.2.4 and Gradle Enterprise Build Cache Node 1.0 - 9.2. Unrestricted HTTP header reflection in Gradle Enterprise allows remote attackers to obtain authentication cookies, if they are able to discover a separate XSS vulnerability. This potentially allows an attacker to impersonate another user. Gradle Enterprise affected application request paths:/info/headers, /cache-info/headers, /admin-info/headers, /distribution-broker-info/headers. Gradle Enterprise Build Cache Node affected application request paths:/cache-node-info/headers. | ||||
| CVE-2020-15687 | 1 Linuxfoundation | 1 Acrn | 2024-11-21 | 7.5 High |
| Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a corrupt state and Denial of Service (DoS) for previously assigned PCIe devices to the Service VM at runtime. | ||||
| CVE-2020-15665 | 1 Mozilla | 1 Firefox | 2024-11-21 | 4.3 Medium |
| Firefox did not reset the address bar after the beforeunload dialog was shown if the user chose to remain on the page. This could have resulted in an incorrect URL being shown when used in conjunction with other unexpected browser behaviors. This vulnerability affects Firefox < 80. | ||||
| CVE-2020-15662 | 1 Mozilla | 1 Firefox | 2024-11-21 | 6.5 Medium |
| A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS < 28. | ||||