CVE List - 2020 / January
Showing 1001 - 1100 of 1655 CVEs for January 2020 (Page 11 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2012-5190 | 2020-01-21 | Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability |
| CVE-2019-14765 | 2020-01-21 | Incorrect Access Control in AfficheExplorateurParam() in DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to use administrative controllers. |
| CVE-2019-14766 | 2020-01-21 | Path Traversal in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to browse the server filesystem. |
| CVE-2019-14767 | 2020-01-21 | In DIMO YellowBox CRM before 6.3.4, Path Traversal in images/Apparence (dossier=../) and servletrecuperefichier (document=../) allows an unauthenticated user to download arbitrary files from the server. |
| CVE-2019-14768 | 2020-01-21 | An Arbitrary File Upload issue in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to deploy a new WebApp WAR file to the Tomcat... |
| CVE-2019-3864 | 2020-01-21 | A vulnerability was discovered in all quay-2 versions before quay-3.0.0, in the Quay web GUI where POST requests include a specific parameter which is used as a CSRF token. The... |
| CVE-2020-7211 | 2020-01-21 | tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows. |
| CVE-2020-7229 | 2020-01-21 | An issue was discovered in Simplejobscript.com SJS before 1.65. There is unauthenticated SQL injection via the search engine. The parameter is landing_location. The function is countSearchedJobs(). The file is _lib/class.Job.php. |
| CVE-2020-7213 | 2020-01-21 | Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Users of out-of-date versions are presented with a pop-up window for a parallels_updates.xml file on the... |
| CVE-2020-6857 | 2020-01-21 | CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption key. The key for local FTP server passwords is hard-coded in the binary. |
| CVE-2019-19392 | 2020-01-21 | The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly DotNetNuke) allows an unprivileged user to import (create) new users with Administrator privileges, as demonstrated by Roles="Administrators" in XML or CSV data. |
| CVE-2015-2784 | 2020-01-21 | The papercrop gem before 0.3.0 for Ruby on Rails does not properly handle crop input. |
| CVE-2019-18932 | 2020-01-21 | log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory... |
| CVE-2020-5202 | 2020-01-21 | apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142,... |
| CVE-2019-19411 | 2020-01-21 | USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 have an information leakage vulnerability. Due to improper processing of the initialization vector used in a specific encryption algorithm, an... |
| CVE-2020-1840 | 2020-01-21 | HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability. A local attacker with high privilege can execute a specific command to exploit this vulnerability.... |
| CVE-2014-2680 | 2020-01-21 | The update process in Xmind 3.4.1 and earlier allow remote attackers to execute arbitrary code via a man-in-the-middle attack. |
| CVE-2016-11018 | 2020-01-21 | An issue was discovered in the Huge-IT gallery-images plugin before 1.9.0 for WordPress. The headers Client-Ip and X-Forwarded-For are prone to unauthenticated SQL injection. The affected file is gallery-images.php. The... |
| CVE-2019-19592 | 2020-01-21 | Jama Connect 8.44.0 is vulnerable to stored Cross-Site Scripting |
| CVE-2020-6849 | 2020-01-21 | The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allows wp-admin/admin.php?page=marketo_fat CSRF with resultant XSS. |
| CVE-2019-17357 | 2020-01-21 | Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template... |
| CVE-2019-17584 | 2020-01-21 | The Meinberg SyncBox/PTP/PTPv2 devices have default SSH keys which allow attackers to get root access to the devices. All firmware versions up to v5.34o, v5.34s, v5.32* or 5.34g are affected.... |
| CVE-2020-6638 | 2020-01-21 | Grin through 2.1.1 has Insufficient Validation. |
| CVE-2020-7040 | 2020-01-21 | storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock... |
| CVE-2019-18426 | 2020-01-21 | A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when paired with WhatsApp for iPhone versions prior to 2.20.10 allows cross-site scripting and local file reading. Exploiting the vulnerability requires... |
| CVE-2020-7594 | 2020-01-21 | MultiTech Conduit MTCDT-LVW2-24XX 1.4.17-ocea-13592 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Debug Options page and entering shell metacharacters in the interface JSON field... |
| CVE-2019-19886 | 2020-01-21 | Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to send crafted requests that may, when sent quickly in large volumes, lead to the server becoming slow or unresponsive (Denial of... |
| CVE-2020-1788 | 2020-01-21 | Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an improper authentication vulnerability. Certain applications do not properly validate the identity of another application who would call its interface. An... |
| CVE-2019-20388 | 2020-01-21 | xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak. |
| CVE-2019-20387 | 2020-01-21 | repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based buffer over-read via a last schema whose length is less than the length of the input schema. |
| CVE-2020-7595 | 2020-01-21 | xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop in a certain end-of-file situation. |
| CVE-2019-19413 | 2020-01-21 | There is an integer overflow vulnerability in LDAP client of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to... |
| CVE-2019-19414 | 2020-01-21 | There is an integer overflow vulnerability in LDAP server of some Huawei products. Due to insufficient input validation, a remote attacker could exploit this vulnerability by sending malformed packets to... |
| CVE-2019-20391 | 2020-01-22 | An invalid memory access flaw is present in libyang before v1.0-r3 in the function resolve_feature_value() when an if-feature statement is used inside a bit. Applications that use libyang to parse... |
| CVE-2019-20392 | 2020-01-22 | An invalid memory access flaw is present in libyang before v1.0-r1 in the function resolve_feature_value() when an if-feature statement is used inside a list key node, and the feature used... |
| CVE-2019-20393 | 2020-01-22 | A double-free is present in libyang before v1.0-r1 in the function yyparse() when an empty description is used. Applications that use libyang to parse untrusted input yang files may be... |
| CVE-2019-20394 | 2020-01-22 | A double-free is present in libyang before v1.0-r3 in the function yyparse() when a type statement in used in a notification statement. Applications that use libyang to parse untrusted input... |
| CVE-2019-20395 | 2020-01-22 | A stack consumption issue is present in libyang before v1.0-r1 due to the self-referential union type containing leafrefs. Applications that use libyang to parse untrusted input yang files may crash. |
| CVE-2019-20396 | 2020-01-22 | A segmentation fault is present in yyparse in libyang before v1.0-r1 due to a malformed pattern statement value during lys_parse_path parsing. |
| CVE-2019-20397 | 2020-01-22 | A double-free is present in libyang before v1.0-r1 in the function yyparse() when an organization field is not terminated. Applications that use libyang to parse untrusted input yang files may... |
| CVE-2019-20398 | 2020-01-22 | A NULL pointer dereference is present in libyang before v1.0-r3 in the function lys_extension_instances_free() due to a copy of unresolved extensions in lys_restr_dup(). Applications that use libyang to parse untrusted... |
| CVE-2018-17981 | 2020-01-22 | Lifesize Express ls ex2_4.7.10 2000 (14) devices allow XSS via the interface/interface.php brand parameter. |
| CVE-2019-16791 | 2020-01-22 | downgrade of effective Strict Transport Security (STS) policy in postfix-mta-sts-resolver |
| CVE-2019-12490 | 2020-01-22 | An issue was discovered in Simple Machines Forum (SMF) before 2.0.16. Reverse tabnabbing can occur because of use of _blank for external links. |
| CVE-2011-4943 | 2020-01-22 | ImpressPages CMS v1.0.12 has Unspecified Remote Code Execution (fixed in v1.0.13) |
| CVE-2018-16266 | 2020-01-22 | The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and... |
| CVE-2018-16262 | 2020-01-22 | The pkgmgr system service in Tizen allows an unprivileged process to perform package management actions, due to improper D-Bus security policy configurations. Such actions include installing, decrypting, and killing other... |
| CVE-2018-16263 | 2020-01-22 | The PulseAudio system service in Tizen allows an unprivileged process to control its A2DP MediaEndpoint, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based... |
| CVE-2018-16264 | 2020-01-22 | The BlueZ system service in Tizen allows an unprivileged process to partially control Bluetooth or acquire sensitive information, due to improper D-Bus security policy configurations. This affects Tizen before 5.0... |
| CVE-2018-16265 | 2020-01-22 | The bt/bt_core system service in Tizen allows an unprivileged process to create a system user interface and control the Bluetooth pairing process, due to improper D-Bus security policy configurations. This... |
| CVE-2018-16267 | 2020-01-22 | The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations. Such actions include the triggering system poweroff menu,... |
| CVE-2018-16268 | 2020-01-22 | The SoundServer/FocusServer system services in Tizen allow an unprivileged process to perform media-related system actions, due to improper D-Bus security policy configurations. Such actions include playing an arbitrary sound file... |
| CVE-2018-16269 | 2020-01-22 | The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations. This affects... |
| CVE-2018-16270 | 2020-01-22 | Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. This allows an unprivileged process to dump Bluetooth HCI packets to an arbitrary... |
| CVE-2018-16271 | 2020-01-22 | The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy configurations. An arbitrary... |
| CVE-2018-16272 | 2020-01-22 | The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations. This... |
| CVE-2019-10780 | 2020-01-22 | BibTeX-ruby before 5.1.0 allows shell command injection due to unsanitized user input being passed directly to the built-in Ruby Kernel.open method through BibTeX.open. |
| CVE-2019-10781 | 2020-01-22 | In schema-inspector before 1.6.9, a maliciously crafted JavaScript object can bypass the `sanitize()` and the `validate()` function used within schema-inspector. |
| CVE-2019-6858 | 2020-01-22 | A CWE-427:Uncontrolled Search Path Element vulnerability exists in MSX Configurator (Software Version prior to V1.0.8.1), which could cause privilege escalation when injecting a malicious DLL. |
| CVE-2020-7228 | 2020-01-22 | The Calculated Fields Form plugin through 1.0.353 for WordPress suffers from multiple Stored XSS vulnerabilities present in the input forms. These can be exploited by an authenticated user. |
| CVE-2020-6959 | 2020-01-22 | The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE... |
| CVE-2020-6960 | 2020-01-22 | The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE... |
| CVE-2011-3582 | 2020-01-22 | A Cross-site Request Forgery (CSRF) vulnerability exists in Advanced Electron Forums (AEF) through 1.0.9 due to inadequate confirmation for sensitive transactions in the administrator functions. |
| CVE-2011-3595 | 2020-01-22 | Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0 in index.php in the search word, extension, asset, and author parameters. |
| CVE-2011-3610 | 2020-01-22 | A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag plugin before 3.30 in the tagcloud parameter to plugins/serendipity_event_freetag/tagcloud.swf. |
| CVE-2011-3611 | 2020-01-22 | A File Inclusion vulnerability exists in act parameter to admin.php in UseBB before 1.0.12. |
| CVE-2020-7109 | 2020-01-22 | The Elementor Page Builder plugin before 2.8.4 for WordPress does not sanitize data during creation of a new template. |
| CVE-2019-6146 | 2020-01-22 | It has been reported that cross-site scripting (XSS) is possible in Forcepoint Web Security, version 8.x, via host header injection. CVSSv3.0: 5.3 (Medium) (/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) |
| CVE-2011-3612 | 2020-01-22 | Cross-Site Request Forgery (CSRF) vulnerability exists in panel.php in UseBB before 1.0.12. |
| CVE-2011-3613 | 2020-01-22 | An issue exists in Vanilla Forums before 2.0.17.9 due to the way cookies are handled. |
| CVE-2011-3614 | 2020-01-22 | An Access Control vulnerability exists in the Facebook, Twitter, and Embedded plugins in Vanilla Forums before 2.0.17.9. |
| CVE-2011-3621 | 2020-01-22 | A reverse proxy issue exists in FluxBB before 1.4.7 when FORUM_BEHIND_REVERSE_PROXY is enabled. |
| CVE-2019-5647 | 2020-01-22 | Rapid7 AppSpider Chrome Plugin Insufficient Session Expiration |
| CVE-2012-4919 | 2020-01-22 | Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability |
| CVE-2019-19834 | 2020-01-22 | Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote attacker to jailbreak the CLI via enable->debug->script->exec with ../../../bin/sh as the parameter. |
| CVE-2019-19836 | 2020-01-22 | AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote code execution via a POST request that uses tools/_rcmdstat.jsp to write to a specified filename. |
| CVE-2019-16792 | 2020-01-22 | HTTP Request Smuggling: Content-Length Sent Twice in Waitress |
| CVE-2019-19843 | 2020-01-22 | Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote credential fetch via an unauthenticated HTTP request involving a symlink with /tmp and web/user/wps_tool_cache. |
| CVE-2020-5221 | 2020-01-22 | Directory Traversal (Chroot Escape) vulnerability in uftpd |
| CVE-2016-4761 | 2020-01-22 | WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers to cause a DoS |
| CVE-2011-3622 | 2020-01-22 | A Cross-Site Scripting (XSS) vulnerability exists in the admin login screen in Phorum before 5.2.18. |
| CVE-2019-19841 | 2020-01-22 | emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute. |
| CVE-2019-19842 | 2020-01-22 | emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute. |
| CVE-2019-19840 | 2020-01-22 | A stack-based buffer overflow in zap_parse_args in zap.c in zap in Ruckus Unleashed through 200.7.10.102.64 allows remote code execution via an unauthenticated HTTP request. |
| CVE-2020-7915 | 2020-01-22 | An issue was discovered on Eaton 5P 850 devices. The Ubicacion SAI field allows XSS attacks by an administrator. |
| CVE-2019-20399 | 2020-01-22 | A timing vulnerability in the Scalar::check_overflow function in Parity libsecp256k1-rs before 0.3.1 potentially allows an attacker to leak information via a side-channel attack. |
| CVE-2019-14885 | 2020-01-23 | A flaw was found in the JBoss EAP Vault system in all versions before 7.2.6.GA. Confidential information of the system property's security attribute value is revealed in the JBoss EAP... |
| CVE-2019-17201 | 2020-01-23 | FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. When a user requests... |
| CVE-2019-17202 | 2020-01-23 | FastTrack Admin By Request 6.1.0.0 supports group policies that are supposed to allow only a select range of users to elevate to Administrator privilege at will. If a user does... |
| CVE-2019-17570 | 2020-01-23 | An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of Apache XML-RPC (aka ws-xmlrpc) library. A malicious XML-RPC server could target a XML-RPC client causing it to execute arbitrary code.... |
| CVE-2019-18222 | 2020-01-23 | The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local... |
| CVE-2020-5223 | 2020-01-23 | Persistent XSS vulnerability in filename of attached file in PrivateBin |
| CVE-2020-5217 | 2020-01-23 | Directive injection when using dynamic overrides with user input in RubyGems secure_headers |
| CVE-2020-5216 | 2020-01-23 | Limited header injection when using dynamic overrides with user input in RubyGems secure_headers |
| CVE-2020-7210 | 2020-01-23 | Umbraco CMS 8.2.2 allows CSRF to enable/disable or delete user accounts. |
| CVE-2019-19837 | 2020-01-23 | Incorrect access control in the web interface in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote information disclosure of bin/web.conf via HTTP requests. |
| CVE-2019-19835 | 2020-01-23 | SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows a remote denial of service via the server attribute to the tools/_rcmdstat.jsp URI. |
| CVE-2020-6843 | 2020-01-23 | Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS. This issue was fixed in version 11.0 Build 11010, SD-83959. |
| CVE-2019-19838 | 2020-01-23 | emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute. |
| CVE-2019-19839 | 2020-01-23 | emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute. |