| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-8188 | Hig | 0.57 | 8.8 | 0.01 | Jul 2, 2020 | We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description… | ||
| CVE-2020-8163 | — | Hig | 0.60 | 8.8 | 0.83 | Jul 2, 2020 | The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE. | |
| CVE-2020-8161 | — | Hig | 0.49 | 8.6 | 0.04 | Jul 2, 2020 | A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure. | |
| CVE-2020-4074 | Hig | 0.51 | 8.9 | 0.02 | Jul 2, 2020 | In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, the authentication system is malformed and an attacker is able to forge requests and execute admin commands. The problem is fixed in 1.7.6.6. | ||
| CVE-2020-15082 | Hig | 0.00 | 7.1 | 0.01 | Jul 2, 2020 | In PrestaShop from version 1.6.0.1 and before version 1.7.6.6, the dashboard allows rewriting all configuration variables. The problem is fixed in 1.7.6.6 | ||
| CVE-2019-20894 | — | Hig | 0.42 | 7.5 | 0.02 | Jul 2, 2020 | Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERR_BAD_SSL_CLIENT_AUTH_CERT should have occurred. | |
| CVE-2020-2211 | Hig | 0.57 | 8.8 | 0.02 | Jul 2, 2020 | Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin 1.3 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability. | ||
| CVE-2020-12119 | Hig | 0.53 | 8.1 | 0.00 | Jul 2, 2020 | Ledger Live before 2.7.0 does not handle Bitcoin's Replace-By-Fee (RBF). It increases the user's balance with the value of an unconfirmed transaction as soon as it is received (before the transaction is confirmed) and does not decrease the balance when it is canceled. As a… | ||
| CVE-2020-15503 | Hig | 0.00 | 7.5 | 0.04 | Jul 2, 2020 | LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength. | ||
| CVE-2020-7821 | Hig | 0.51 | 7.8 | 0.02 | Jul 2, 2020 | Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by modifying the value of registry path. This can be leveraged for code execution by rebooting the victim’s PC | ||
| CVE-2020-7820 | Hig | 0.51 | 7.8 | 0.02 | Jul 2, 2020 | Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by setting the arguments to the vulnerable API. This can be leveraged for code execution by rebooting the victim’s PC | ||
| CVE-2020-5911 | Hig | 0.48 | 7.3 | 0.01 | Jul 2, 2020 | In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system. | ||
| CVE-2020-5910 | Hig | 0.49 | 7.5 | 0.01 | Jul 2, 2020 | In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized. | ||
| CVE-2020-15502 | Hig | 0.49 | 7.5 | 0.02 | Jul 2, 2020 | The DuckDuckGo application through 5.58.0 for Android, and through 7.47.1.0 for iOS, sends hostnames of visited web sites within HTTPS .ico requests to servers in the duckduckgo.com domain, which might make visit data available temporarily at a Potentially Unwanted Endpoint.… | ||
| CVE-2020-3402 | Hig | 0.49 | 7.5 | 0.02 | Jul 2, 2020 | A vulnerability in the Java Remote Method Invocation (RMI) interface of Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because certain RMI listeners are not… | ||
| CVE-2019-15312 | Hig | 0.57 | 8.8 | 0.03 | Jul 1, 2020 | An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is a Zolo Halo DNS rebinding attack. The device was found to be vulnerable to DNS rebinding. Combined with one of the many /httpapi.asp endpoint command-execution security issues, the DNS rebinding… | ||
| CVE-2020-7688 | — | Hig | 0.48 | 8.4 | 0.01 | Jul 1, 2020 | The issue occurs because tagName user input is formatted inside the exec function is executed without any checks. | |
| CVE-2020-6089 | Hig | 0.51 | 7.8 | 0.03 | Jul 1, 2020 | An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20. A specially crafted ANI file can cause a buffer overflow resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||
| CVE-2020-12498 | Hig | 0.51 | 7.8 | 0.02 | Jul 1, 2020 | mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation. | ||
| CVE-2020-12497 | Hig | 0.52 | 7.8 | 0.15 | Jul 1, 2020 | PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation. | ||
| CVE-2020-8663 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2020 | Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file descriptors and/or memory when accepting too many connections. | ||
| CVE-2020-5907 | Hig | 0.47 | 7.2 | 0.01 | Jul 1, 2020 | In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, an authorized user provided with access only to the TMOS Shell (tmsh) may be able to conduct arbitrary file read/writes via the built-in sftp functionality. | ||
| CVE-2020-5906 | Hig | 0.53 | 8.1 | 0.01 | Jul 1, 2020 | In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, the BIG-IP system does not properly enforce the access controls for the scp.blacklist files. This allows Admin and Resource Admin users with Secure Copy (SCP) protocol access to read and overwrite blacklisted… | ||
| CVE-2020-5904 | Hig | 0.57 | 8.8 | 0.01 | Jul 1, 2020 | In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a cross-site request forgery (CSRF) vulnerability in the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, exists in an undisclosed page. | ||
| CVE-2020-5899 | Hig | 0.51 | 7.8 | 0.00 | Jul 1, 2020 | In NGINX Controller 3.0.0-3.4.0, recovery code required to change a user's password is transmitted and stored in the database in plain text, which allows an attacker who can intercept the database connection or have read access to the database, to request a password reset using… | ||
| CVE-2020-4420 | Hig | 0.49 | 7.5 | 0.02 | Jul 1, 2020 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated attacker to cause a denial of service due a hang in the execution of a terminate command. IBM X-Force ID: 180076. | ||
| CVE-2020-4363 | Hig | 0.51 | 7.8 | 0.00 | Jul 1, 2020 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force… | ||
| CVE-2020-13383 | Hig | 0.09 | 7.5 | 0.70 | Jul 1, 2020 | openSIS through 7.4 allows Directory Traversal. | ||
| CVE-2020-12605 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2020 | Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs. | ||
| CVE-2020-12604 | Hig | 0.49 | 7.5 | 0.02 | Jul 1, 2020 | Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream. | ||
| CVE-2019-4676 | Hig | 0.51 | 7.8 | 0.01 | Jul 1, 2020 | IBM Security Identity Manager Virtual Appliance 7.0.2 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 171512. | ||
| CVE-2020-5900 | — | Hig | 0.57 | 8.8 | 0.00 | Jul 1, 2020 | In versions 3.0.0-3.4.0, 2.0.0-2.9.0, and 1.0.1, there is insufficient cross-site request forgery (CSRF) protections for the NGINX Controller user interface. | |
| CVE-2020-12603 | Hig | 0.49 | 7.5 | 0.01 | Jul 1, 2020 | Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small (i.e. 1 byte) data frames. | ||
| CVE-2020-15478 | Hig | 0.52 | 7.5 | 0.05 | Jul 1, 2020 | The Journal theme before 3.1.0 for OpenCart allows exposure of sensitive data via SQL errors. | ||
| CVE-2020-15476 | Hig | 0.00 | 7.5 | 0.02 | Jul 1, 2020 | In nDPI through 3.2, the Oracle protocol dissector has a heap-based buffer over-read in ndpi_search_oracle in lib/protocols/oracle.c. | ||
| CVE-2020-14167 | Hig | 0.49 | 7.5 | 0.02 | Jul 1, 2020 | The MessageBundleResource resource in Jira Server and Data Center before version 7.13.4, from 8.5.0 before 8.5.5, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to impact the application's availability via an Denial of Service (DoS) vulnerability. | ||
| CVE-2020-5972 | Hig | 0.46 | 7.1 | 0.00 | Jun 30, 2020 | NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and… | ||
| CVE-2020-5971 | Hig | 0.51 | 7.8 | 0.00 | Jun 30, 2020 | NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software reads from a buffer by using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to code execution, denial of… | ||
| CVE-2020-5970 | Hig | 0.46 | 7.1 | 0.00 | Jun 30, 2020 | NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3). | ||
| CVE-2020-5968 | Hig | 0.51 | 7.8 | 0.00 | Jun 30, 2020 | NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed by using an index or pointer, such as memory or files, which may lead to code… | ||
| CVE-2020-14947 | Hig | 0.05 | 8.8 | 0.19 | Jun 30, 2020 | OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid. | ||
| CVE-2020-9414 | Hig | 0.57 | 8.8 | 0.02 | Jun 30, 2020 | The MFT admin service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contains a vulnerability that theoretically allows an authenticated user with specific permissions to obtain the session identifier… | ||
| CVE-2020-7049 | Hig | 0.48 | 7.3 | 0.01 | Jun 30, 2020 | Nozomi Networks OS before 19.0.4 allows /#/network?tab=network_node_list.html CSV Injection. | ||
| CVE-2020-14474 | Hig | 0.49 | 7.5 | 0.03 | Jun 30, 2020 | The Cellebrite UFED physical device 5.0 through 7.5.0.845 relies on key material hardcoded within both the executable code supporting the decryption process, and within the encrypted files themselves by using a key enveloping technique. The recovered key material is the same for… | ||
| CVE-2020-14058 | Hig | 0.49 | 7.5 | 0.03 | Jun 30, 2020 | An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS.… | ||
| CVE-2020-14482 | Hig | 0.51 | 7.8 | 0.03 | Jun 30, 2020 | Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Opening a specially crafted project file may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash. | ||
| CVE-2020-15087 | Hig | 0.48 | 7.4 | 0.01 | Jun 30, 2020 | In Presto before version 337, authenticated users can bypass authorization checks by directly accessing internal APIs. This impacts Presto server installations with secure internal communication configured. This does not affect installations that have not configured secure… | ||
| CVE-2020-13095 | Hig | 0.57 | 8.8 | 0.02 | Jun 30, 2020 | Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root. | ||
| CVE-2020-4044 | Hig | 0.42 | 7.5 | 0.02 | Jun 30, 2020 | The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the server could then proceed to start their own imposter sesman service listening on… | ||
| CVE-2020-15084 | Hig | 0.43 | 7.7 | 0.01 | Jun 30, 2020 | In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced. When algorithms is not specified in the configuration, with the combination of jwks-rsa, it may lead to authorization bypass. You are… |
- risk 0.57cvss 8.8epss 0.01
We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description…
- risk 0.60cvss 8.8epss 0.83
The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE.
- risk 0.49cvss 8.6epss 0.04
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
- risk 0.51cvss 8.9epss 0.02
In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, the authentication system is malformed and an attacker is able to forge requests and execute admin commands. The problem is fixed in 1.7.6.6.
- risk 0.00cvss 7.1epss 0.01
In PrestaShop from version 1.6.0.1 and before version 1.7.6.6, the dashboard allows rewriting all configuration variables. The problem is fixed in 1.7.6.6
- risk 0.42cvss 7.5epss 0.02
Traefik 2.x, in certain configurations, allows HTTPS sessions to proceed without mutual TLS verification in a situation where ERR_BAD_SSL_CLIENT_AUTH_CERT should have occurred.
- risk 0.57cvss 8.8epss 0.02
Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin 1.3 and earlier does not configure its YAML parser to prevent the instantiation of arbitrary types, resulting in a remote code execution vulnerability.
- risk 0.53cvss 8.1epss 0.00
Ledger Live before 2.7.0 does not handle Bitcoin's Replace-By-Fee (RBF). It increases the user's balance with the value of an unconfirmed transaction as soon as it is received (before the transaction is confirmed) and does not decrease the balance when it is canceled. As a…
- risk 0.00cvss 7.5epss 0.04
LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength.
- risk 0.51cvss 7.8epss 0.02
Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by modifying the value of registry path. This can be leveraged for code execution by rebooting the victim’s PC
- risk 0.51cvss 7.8epss 0.02
Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by setting the arguments to the vulnerable API. This can be leveraged for code execution by rebooting the victim’s PC
- risk 0.48cvss 7.3epss 0.01
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download of Kubernetes packages from an HTTP URL On Debian/Ubuntu system.
- risk 0.49cvss 7.5epss 0.01
In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messaging services in use by the NGINX Controller do not require any form of authentication, so any successful connection would be authorized.
- risk 0.49cvss 7.5epss 0.02
The DuckDuckGo application through 5.58.0 for Android, and through 7.47.1.0 for iOS, sends hostnames of visited web sites within HTTPS .ico requests to servers in the duckduckgo.com domain, which might make visit data available temporarily at a Potentially Unwanted Endpoint.…
- risk 0.49cvss 7.5epss 0.02
A vulnerability in the Java Remote Method Invocation (RMI) interface of Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because certain RMI listeners are not…
- risk 0.57cvss 8.8epss 0.03
An issue was discovered on Zolo Halo devices via the Linkplay firmware. There is a Zolo Halo DNS rebinding attack. The device was found to be vulnerable to DNS rebinding. Combined with one of the many /httpapi.asp endpoint command-execution security issues, the DNS rebinding…
- risk 0.48cvss 8.4epss 0.01
The issue occurs because tagName user input is formatted inside the exec function is executed without any checks.
- risk 0.51cvss 7.8epss 0.03
An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20. A specially crafted ANI file can cause a buffer overflow resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability.
- risk 0.51cvss 7.8epss 0.02
mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation.
- risk 0.52cvss 7.8epss 0.15
PLCopen XML file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier can lead to a stack-based overflow. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation.
- risk 0.49cvss 7.5epss 0.01
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file descriptors and/or memory when accepting too many connections.
- risk 0.47cvss 7.2epss 0.01
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, an authorized user provided with access only to the TMOS Shell (tmsh) may be able to conduct arbitrary file read/writes via the built-in sftp functionality.
- risk 0.53cvss 8.1epss 0.01
In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, the BIG-IP system does not properly enforce the access controls for the scp.blacklist files. This allows Admin and Resource Admin users with Secure Copy (SCP) protocol access to read and overwrite blacklisted…
- risk 0.57cvss 8.8epss 0.01
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a cross-site request forgery (CSRF) vulnerability in the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, exists in an undisclosed page.
- risk 0.51cvss 7.8epss 0.00
In NGINX Controller 3.0.0-3.4.0, recovery code required to change a user's password is transmitted and stored in the database in plain text, which allows an attacker who can intercept the database connection or have read access to the database, to request a password reset using…
- risk 0.49cvss 7.5epss 0.02
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated attacker to cause a denial of service due a hang in the execution of a terminate command. IBM X-Force ID: 180076.
- risk 0.51cvss 7.8epss 0.00
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force…
- risk 0.09cvss 7.5epss 0.70
openSIS through 7.4 allows Directory Traversal.
- risk 0.49cvss 7.5epss 0.01
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when processing HTTP/1.1 headers with long field names or requests with long URLs.
- risk 0.49cvss 7.5epss 0.02
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to increased memory usage in the case where an HTTP/2 client requests a large payload but does not send enough window updates to consume the entire stream and does not reset the stream.
- risk 0.51cvss 7.8epss 0.01
IBM Security Identity Manager Virtual Appliance 7.0.2 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 171512.
- risk 0.57cvss 8.8epss 0.00
In versions 3.0.0-3.4.0, 2.0.0-2.9.0, and 1.0.1, there is insufficient cross-site request forgery (CSRF) protections for the NGINX Controller user interface.
- risk 0.49cvss 7.5epss 0.01
Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive amounts of memory when proxying HTTP/2 requests or responses with many small (i.e. 1 byte) data frames.
- risk 0.52cvss 7.5epss 0.05
The Journal theme before 3.1.0 for OpenCart allows exposure of sensitive data via SQL errors.
- risk 0.00cvss 7.5epss 0.02
In nDPI through 3.2, the Oracle protocol dissector has a heap-based buffer over-read in ndpi_search_oracle in lib/protocols/oracle.c.
- risk 0.49cvss 7.5epss 0.02
The MessageBundleResource resource in Jira Server and Data Center before version 7.13.4, from 8.5.0 before 8.5.5, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to impact the application's availability via an Denial of Service (DoS) vulnerability.
- risk 0.46cvss 7.1epss 0.00
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer variables are not initialized and may be freed later, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and…
- risk 0.51cvss 7.8epss 0.00
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software reads from a buffer by using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to code execution, denial of…
- risk 0.46cvss 7.1epss 0.00
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x (prior to 9.4) and version 10.x (prior to 10.3).
- risk 0.51cvss 7.8epss 0.00
NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software does not restrict or incorrectly restricts operations within the boundaries of a resource that is accessed by using an index or pointer, such as memory or files, which may lead to code…
- risk 0.05cvss 8.8epss 0.19
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid.
- risk 0.57cvss 8.8epss 0.02
The MFT admin service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center and TIBCO Managed File Transfer Internet Server contains a vulnerability that theoretically allows an authenticated user with specific permissions to obtain the session identifier…
- risk 0.48cvss 7.3epss 0.01
Nozomi Networks OS before 19.0.4 allows /#/network?tab=network_node_list.html CSV Injection.
- risk 0.49cvss 7.5epss 0.03
The Cellebrite UFED physical device 5.0 through 7.5.0.845 relies on key material hardcoded within both the executable code supporting the decryption process, and within the encrypted files themselves by using a key enveloping technique. The recovered key material is the same for…
- risk 0.49cvss 7.5epss 0.03
An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS.…
- risk 0.51cvss 7.8epss 0.03
Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Opening a specially crafted project file may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.
- risk 0.48cvss 7.4epss 0.01
In Presto before version 337, authenticated users can bypass authorization checks by directly accessing internal APIs. This impacts Presto server installations with secure internal communication configured. This does not affect installations that have not configured secure…
- risk 0.57cvss 8.8epss 0.02
Little Snitch version 4.5.1 and older changed ownership of a directory path controlled by the user. This allowed the user to escalate to root by linking the path to a directory containing code executed by root.
- risk 0.42cvss 7.5epss 0.02
The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the server could then proceed to start their own imposter sesman service listening on…
- risk 0.43cvss 7.7epss 0.01
In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced. When algorithms is not specified in the configuration, with the combination of jwks-rsa, it may lead to authorization bypass. You are…