| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-14519 | Hig | 0.49 | 7.5 | 0.01 | Sep 16, 2020 | This vulnerability allows an attacker to use the internal WebSockets API for CodeMeter (All versions prior to 7.00 are affected, including Version 7.0 or newer with the affected WebSockets API still enabled. This is especially relevant for systems or devices where a web browser… | ||
| CVE-2020-14515 | Hig | 0.49 | 7.5 | 0.01 | Sep 16, 2020 | CodeMeter (All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code) has an issue in the license-file signature checking mechanism, which allows attackers to build arbitrary license files, including forging a valid license file as if it were a… | ||
| CVE-2020-14513 | Hig | 0.49 | 7.5 | 0.02 | Sep 16, 2020 | CodeMeter (All versions prior to 6.81) and the software using it may crash while processing a specifically crafted license file due to unverified length fields. | ||
| CVE-2020-6146 | Hig | 0.63 | 8.8 | 0.78 | Sep 16, 2020 | An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13.2.242 and 13.16.2.300. When drawing the contents of a page and selecting the stroke color from an 'ICCBased' colorspace, the application will read a length from the file and use… | ||
| CVE-2020-13259 | Hig | 0.61 | 8.8 | 0.05 | Sep 16, 2020 | A vulnerability in the web-based management interface of RAD SecFlow-1v os-image SF_0290_2.3.01.26 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF… | ||
| CVE-2020-10718 | Hig | 0.49 | 7.5 | 0.01 | Sep 16, 2020 | A flaw was found in Wildfly before wildfly-embedded-13.0.0.Final, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a public method, which can bypass the security manager. The highest threat from… | ||
| CVE-2020-25040 | — | Hig | 0.57 | 8.8 | 0.02 | Sep 16, 2020 | Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different vulnerability than CVE-2020-25039. | |
| CVE-2020-25039 | — | Hig | 0.53 | 8.1 | 0.02 | Sep 16, 2020 | Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution. | |
| CVE-2020-14306 | Hig | 0.00 | 8.8 | 0.01 | Sep 16, 2020 | An incorrect access control flaw was found in the operator, openshift-service-mesh/istio-rhel8-operator all versions through 1.1.3. This flaw allows an attacker with a basic level of access to the cluster to deploy a custom gateway/pod to any namespace, potentially gaining… | ||
| CVE-2020-7532 | Hig | 0.51 | 7.8 | 0.01 | Sep 16, 2020 | A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack x70 Security Administrator (V1.2.0 and prior) which could allow arbitrary code execution when an attacker builds a custom .SDB file containing a malicious serialized buffer. | ||
| CVE-2020-7531 | Hig | 0.51 | 7.8 | 0.01 | Sep 16, 2020 | A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows an attacker to place executables in a specific folder and run code whenever RemoteConnect is executed by the user. | ||
| CVE-2020-7530 | Hig | 0.57 | 8.8 | 0.01 | Sep 16, 2020 | A CWE-285 Improper Authorization vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows improper access to executable code folders. | ||
| CVE-2020-7528 | Hig | 0.51 | 7.8 | 0.01 | Sep 16, 2020 | A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which could allow arbitrary code execution when an attacker builds a custom .PRJ file containing a malicious serialized buffer. | ||
| CVE-2020-4409 | Hig | 0.53 | 8.2 | 0.01 | Sep 16, 2020 | IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to redirect a user to a malicious… | ||
| CVE-2020-1748 | — | Hig | 0.49 | 7.5 | 0.01 | Sep 16, 2020 | A flaw was found in all supported versions before wildfly-elytron-1.6.8.Final-redhat-00001, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by… | |
| CVE-2020-10758 | Hig | 0.42 | 7.5 | 0.02 | Sep 16, 2020 | A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body. | ||
| CVE-2020-24889 | Hig | 0.51 | 7.8 | 0.01 | Sep 16, 2020 | A buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::GetNormalizedModel in src/metadata/normalize_model.cpp may lead to context-dependent arbitrary code execution. | ||
| CVE-2020-14382 | Hig | 0.51 | 7.8 | 0.01 | Sep 16, 2020 | A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file… | ||
| CVE-2020-10733 | Hig | 0.47 | 7.3 | 0.01 | Sep 16, 2020 | The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working directory take precedence over the intended executables. An attacker having… | ||
| CVE-2020-7733 | — | Hig | 0.42 | 7.5 | 0.04 | Sep 16, 2020 | The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA. | |
| CVE-2020-2276 | Hig | 0.57 | 8.8 | 0.02 | Sep 16, 2020 | Jenkins Selection tasks Plugin 1.0 and earlier executes a user-specified program on the Jenkins controller, allowing attackers with Job/Configure permission to execute an arbitrary system command on the Jenkins controller as the OS user that the Jenkins process is running as. | ||
| CVE-2020-2268 | Hig | 0.57 | 8.8 | 0.01 | Sep 16, 2020 | A cross-site request forgery (CSRF) vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller. | ||
| CVE-2020-2261 | Hig | 0.57 | 8.8 | 0.01 | Sep 16, 2020 | Jenkins Perfecto Plugin 1.17 and earlier executes a command on the Jenkins controller, allowing attackers with Job/Configure permission to run arbitrary commands on the Jenkins controller | ||
| CVE-2020-14393 | Hig | 0.46 | 7.1 | 0.01 | Sep 16, 2020 | A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data. | ||
| CVE-2020-25559 | Hig | 0.51 | 7.8 | 0.02 | Sep 16, 2020 | gnuplot 5.5 is affected by double free when executing print_set_output. This may result in context-dependent arbitrary code execution. | ||
| CVE-2020-25453 | Hig | 0.61 | 8.8 | 0.06 | Sep 15, 2020 | An issue was discovered in BlackCat CMS before 1.4. There is a CSRF vulnerability (bypass csrf_token) that allows remote arbitrary code execution. | ||
| CVE-2020-11977 | — | Hig | 0.47 | 7.2 | 0.03 | Sep 15, 2020 | In Apache Syncope 2.1.X releases prior to 2.1.7, when the Flowable extension is enabled, an administrator with workflow entitlements can use Shell Service Tasks to perform malicious operations, including but not limited to file read, file write, and code execution. | |
| CVE-2020-9416 | Hig | 0.53 | 8.2 | 0.01 | Sep 15, 2020 | The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Desktop, and TIBCO Spotfire Server contains a vulnerability that theoretically allows a legitimate user to inject scripts. If… | ||
| CVE-2020-15172 | Hig | 0.00 | 8.7 | 0.02 | Sep 15, 2020 | The Act module for Red Discord Bot before commit 6b9f3b86 is vulnerable to Remote Code Execution. With this exploit, Discord users can use specially crafted messages to perform destructive actions and/or access sensitive information. Unloading the Act module with `unload act`… | ||
| CVE-2020-15148 | Hig | 0.57 | 8.9 | 0.79 | Sep 15, 2020 | Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.38. A possible workaround without upgrading is available in the linked advisory. | ||
| CVE-2020-14362 | Hig | 0.51 | 7.8 | 0.01 | Sep 15, 2020 | A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system… | ||
| CVE-2020-14361 | Hig | 0.51 | 7.8 | 0.01 | Sep 15, 2020 | A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system… | ||
| CVE-2020-14346 | Hig | 0.51 | 7.8 | 0.01 | Sep 15, 2020 | A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as… | ||
| CVE-2020-15179 | Hig | 0.00 | 8.0 | 0.01 | Sep 15, 2020 | The ScratchSig extension for MediaWiki before version 1.0.1 allows stored Cross-Site Scripting. Using tag inside tag, attackers with edit permission can execute scripts on visitors' browser. With MediaWiki JavaScript API, this can potentially lead to… | ||
| CVE-2020-15178 | — | Hig | 0.45 | 8.0 | 0.01 | Sep 15, 2020 | In PrestaShop contactform module (prestashop/contactform) before version 4.3.0, an attacker is able to inject JavaScript while using the contact form. The `message` field was incorrectly unescaped, possibly allowing attackers to execute arbitrary JavaScript in a victim's browser. | |
| CVE-2020-8342 | Hig | 0.47 | 7.3 | 0.00 | Sep 15, 2020 | A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allow escalation of privilege. | ||
| CVE-2020-4703 | Hig | 0.52 | 8.0 | 0.02 | Sep 15, 2020 | IBM Spectrum Protect Plus 10.1.0 through 10.1.6 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server. This vulnerability is due to an incomplete fix for CVE-2020-4470. IBM X-Force… | ||
| CVE-2020-4521 | Hig | 0.58 | 8.8 | 0.06 | Sep 15, 2020 | IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in Java. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary… | ||
| CVE-2020-23451 | Hig | 0.57 | 8.8 | 0.01 | Sep 15, 2020 | Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function. | ||
| CVE-2020-16101 | Hig | 0.49 | 7.5 | 0.01 | Sep 15, 2020 | It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service due to an out-of-bounds buffer access. Affected versions are v8.20 prior to v8.20.1166(MR3), v8.10 prior to v8.10.1211(MR5), v8.00 prior to v8.00.1228(MR6), all versions of… | ||
| CVE-2020-16100 | Hig | 0.49 | 7.5 | 0.01 | Sep 15, 2020 | It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service's DCOM websocket thread due to improper shutdown of closed websocket connections, preventing it from accepting future DCOM websocket (Configuration Client) connections.… | ||
| CVE-2020-16097 | Hig | 0.47 | 7.3 | 0.00 | Sep 15, 2020 | On controllers running versions of v8.20 prior to vCR8.20.200221b (distributed in v8.20.1093(MR2)), v8.10 prior to vGR8.10.179 (distributed in v8.10.1211(MR5)), v8.00 prior to vGR8.00.165 (Distributed in v8.00.1228(MR6)), v7.90 prior to vGR7.90.165 (distributed in… | ||
| CVE-2020-14345 | Hig | 0.51 | 7.8 | 0.01 | Sep 15, 2020 | A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | ||
| CVE-2020-24925 | Hig | 0.49 | 7.5 | 0.01 | Sep 15, 2020 | A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure… | ||
| CVE-2020-13303 | Hig | 0.46 | 7.1 | 0.01 | Sep 15, 2020 | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Due to improper verification of permissions, an unauthorized user can access a private repository within a public project. | ||
| CVE-2020-15590 | Hig | 0.49 | 7.5 | 0.03 | Sep 14, 2020 | A vulnerability in the Private Internet Access (PIA) VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a “split tunnel”… | ||
| CVE-2020-13298 | Hig | 0.47 | 7.2 | 0.01 | Sep 14, 2020 | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure. | ||
| CVE-2020-11881 | Hig | 0.49 | 7.5 | 0.04 | Sep 14, 2020 | An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964. | ||
| CVE-2020-10229 | Hig | 0.57 | 8.8 | 0.01 | Sep 14, 2020 | A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts. | ||
| CVE-2020-10228 | Hig | 0.57 | 8.8 | 0.03 | Sep 14, 2020 | A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution. |
- risk 0.49cvss 7.5epss 0.01
This vulnerability allows an attacker to use the internal WebSockets API for CodeMeter (All versions prior to 7.00 are affected, including Version 7.0 or newer with the affected WebSockets API still enabled. This is especially relevant for systems or devices where a web browser…
- risk 0.49cvss 7.5epss 0.01
CodeMeter (All versions prior to 6.90 when using CmActLicense update files with CmActLicense Firm Code) has an issue in the license-file signature checking mechanism, which allows attackers to build arbitrary license files, including forging a valid license file as if it were a…
- risk 0.49cvss 7.5epss 0.02
CodeMeter (All versions prior to 6.81) and the software using it may crash while processing a specifically crafted license file due to unverified length fields.
- risk 0.63cvss 8.8epss 0.78
An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13.2.242 and 13.16.2.300. When drawing the contents of a page and selecting the stroke color from an 'ICCBased' colorspace, the application will read a length from the file and use…
- risk 0.61cvss 8.8epss 0.05
A vulnerability in the web-based management interface of RAD SecFlow-1v os-image SF_0290_2.3.01.26 could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. The vulnerability is due to insufficient CSRF…
- risk 0.49cvss 7.5epss 0.01
A flaw was found in Wildfly before wildfly-embedded-13.0.0.Final, where the embedded managed process API has an exposed setting of the Thread Context Classloader (TCCL). This setting is exposed as a public method, which can bypass the security manager. The highest threat from…
- risk 0.57cvss 8.8epss 0.02
Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different vulnerability than CVE-2020-25039.
- risk 0.53cvss 8.1epss 0.02
Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution.
- risk 0.00cvss 8.8epss 0.01
An incorrect access control flaw was found in the operator, openshift-service-mesh/istio-rhel8-operator all versions through 1.1.3. This flaw allows an attacker with a basic level of access to the cluster to deploy a custom gateway/pod to any namespace, potentially gaining…
- risk 0.51cvss 7.8epss 0.01
A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack x70 Security Administrator (V1.2.0 and prior) which could allow arbitrary code execution when an attacker builds a custom .SDB file containing a malicious serialized buffer.
- risk 0.51cvss 7.8epss 0.01
A CWE-284 Improper Access Control vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows an attacker to place executables in a specific folder and run code whenever RemoteConnect is executed by the user.
- risk 0.57cvss 8.8epss 0.01
A CWE-285 Improper Authorization vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which allows improper access to executable code folders.
- risk 0.51cvss 7.8epss 0.01
A CWE-502 Deserialization of Untrusted Data vulnerability exists in SCADAPack 7x Remote Connect (V3.6.3.574 and prior) which could allow arbitrary code execution when an attacker builds a custom .PRJ file containing a malicious serialized buffer.
- risk 0.53cvss 8.2epss 0.01
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote attacker to conduct phishing attacks, using a tabnabbing attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to redirect a user to a malicious…
- risk 0.49cvss 7.5epss 0.01
A flaw was found in all supported versions before wildfly-elytron-1.6.8.Final-redhat-00001, where the WildFlySecurityManager checks were bypassed when using custom security managers, resulting in an improper authorization. This flaw leads to information exposure by…
- risk 0.42cvss 7.5epss 0.02
A vulnerability was found in Keycloak before 11.0.1 where DoS attack is possible by sending twenty requests simultaneously to the specified keycloak server, all with a Content-Length header value that exceeds the actual byte count of the request body.
- risk 0.51cvss 7.8epss 0.01
A buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::GetNormalizedModel in src/metadata/normalize_model.cpp may lead to context-dependent arbitrary code execution.
- risk 0.51cvss 7.8epss 0.01
A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file…
- risk 0.47cvss 7.3epss 0.01
The Windows installer for PostgreSQL 9.5 - 12 invokes system-provided executables that do not have fully-qualified paths. Executables in the directory where the installer loads or the current working directory take precedence over the intended executables. An attacker having…
- risk 0.42cvss 7.5epss 0.04
The package ua-parser-js before 0.7.22 are vulnerable to Regular Expression Denial of Service (ReDoS) via the regex for Redmi Phones and Mi Pad Tablets UA.
- risk 0.57cvss 8.8epss 0.02
Jenkins Selection tasks Plugin 1.0 and earlier executes a user-specified program on the Jenkins controller, allowing attackers with Job/Configure permission to execute an arbitrary system command on the Jenkins controller as the OS user that the Jenkins process is running as.
- risk 0.57cvss 8.8epss 0.01
A cross-site request forgery (CSRF) vulnerability in Jenkins MongoDB Plugin 1.3 and earlier allows attackers to gain access to some metadata of any arbitrary files on the Jenkins controller.
- risk 0.57cvss 8.8epss 0.01
Jenkins Perfecto Plugin 1.17 and earlier executes a command on the Jenkins controller, allowing attackers with Job/Configure permission to run arbitrary commands on the Jenkins controller
- risk 0.46cvss 7.1epss 0.01
A buffer overflow was found in perl-DBI < 1.643 in DBI.xs. A local attacker who is able to supply a string longer than 300 characters could cause an out-of-bounds write, affecting the availability of the service or integrity of data.
- risk 0.51cvss 7.8epss 0.02
gnuplot 5.5 is affected by double free when executing print_set_output. This may result in context-dependent arbitrary code execution.
- risk 0.61cvss 8.8epss 0.06
An issue was discovered in BlackCat CMS before 1.4. There is a CSRF vulnerability (bypass csrf_token) that allows remote arbitrary code execution.
- risk 0.47cvss 7.2epss 0.03
In Apache Syncope 2.1.X releases prior to 2.1.7, when the Flowable extension is enabled, an administrator with workflow entitlements can use Shell Service Tasks to perform malicious operations, including but not limited to file read, file write, and code execution.
- risk 0.53cvss 8.2epss 0.01
The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Desktop, and TIBCO Spotfire Server contains a vulnerability that theoretically allows a legitimate user to inject scripts. If…
- risk 0.00cvss 8.7epss 0.02
The Act module for Red Discord Bot before commit 6b9f3b86 is vulnerable to Remote Code Execution. With this exploit, Discord users can use specially crafted messages to perform destructive actions and/or access sensitive information. Unloading the Act module with `unload act`…
- risk 0.57cvss 8.9epss 0.79
Yii 2 (yiisoft/yii2) before version 2.0.38 is vulnerable to remote code execution if the application calls `unserialize()` on arbitrary user input. This is fixed in version 2.0.38. A possible workaround without upgrading is available in the linked advisory.
- risk 0.51cvss 7.8epss 0.01
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system…
- risk 0.51cvss 7.8epss 0.01
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system…
- risk 0.51cvss 7.8epss 0.01
A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as…
- risk 0.00cvss 8.0epss 0.01
The ScratchSig extension for MediaWiki before version 1.0.1 allows stored Cross-Site Scripting. Using tag inside tag, attackers with edit permission can execute scripts on visitors' browser. With MediaWiki JavaScript API, this can potentially lead to…
- risk 0.45cvss 8.0epss 0.01
In PrestaShop contactform module (prestashop/contactform) before version 4.3.0, an attacker is able to inject JavaScript while using the contact form. The `message` field was incorrectly unescaped, possibly allowing attackers to execute arbitrary JavaScript in a victim's browser.
- risk 0.47cvss 7.3epss 0.00
A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allow escalation of privilege.
- risk 0.52cvss 8.0epss 0.02
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server. This vulnerability is due to an incomplete fix for CVE-2020-4470. IBM X-Force…
- risk 0.58cvss 8.8epss 0.06
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in Java. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary…
- risk 0.57cvss 8.8epss 0.01
Spiceworks Version <= 7.5.00107 is affected by CSRF which can lead to privilege escalation via "/settings/v1/users" function.
- risk 0.49cvss 7.5epss 0.01
It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service due to an out-of-bounds buffer access. Affected versions are v8.20 prior to v8.20.1166(MR3), v8.10 prior to v8.10.1211(MR5), v8.00 prior to v8.00.1228(MR6), all versions of…
- risk 0.49cvss 7.5epss 0.01
It is possible for an unauthenticated remote DCOM websocket connection to crash the Command Centre service's DCOM websocket thread due to improper shutdown of closed websocket connections, preventing it from accepting future DCOM websocket (Configuration Client) connections.…
- risk 0.47cvss 7.3epss 0.00
On controllers running versions of v8.20 prior to vCR8.20.200221b (distributed in v8.20.1093(MR2)), v8.10 prior to vGR8.10.179 (distributed in v8.10.1211(MR5)), v8.00 prior to vGR8.00.165 (Distributed in v8.00.1228(MR6)), v7.90 prior to vGR7.90.165 (distributed in…
- risk 0.51cvss 7.8epss 0.01
A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
- risk 0.49cvss 7.5epss 0.01
A Sensitive Source Code Path Disclosure vulnerability is found in ElkarBackup v1.3.3. An attacker is able to view the path of the source code jobs/sort where entire source code path is displayed in the browser itself helping the attacker identify the code structure…
- risk 0.46cvss 7.1epss 0.01
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Due to improper verification of permissions, an unauthorized user can access a private repository within a public project.
- risk 0.49cvss 7.5epss 0.03
A vulnerability in the Private Internet Access (PIA) VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a “split tunnel”…
- risk 0.47cvss 7.2epss 0.01
A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Conan package upload functionality was not properly validating the supplied parameters, which resulted in the limited files disclosure.
- risk 0.49cvss 7.5epss 0.04
An array index error in MikroTik RouterOS 6.41.3 through 6.46.5, and 7.x through 7.0 Beta5, allows an unauthenticated remote attacker to crash the SMB server via modified setup-request packets, aka SUP-12964.
- risk 0.57cvss 8.8epss 0.01
A CSRF issue in vtecrm vtenext 19 CE allows attackers to carry out unwanted actions on an administrator's behalf, such as uploading files, adding users, and deleting accounts.
- risk 0.57cvss 8.8epss 0.03
A file upload vulnerability in vtecrm vtenext 19 CE allows authenticated users to upload files with a .pht extension, resulting in remote code execution.