Total
981 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6603 | 1 Promise | 1 Webpam Proe | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Promise Technology WebPam Pro-E devices allow remote attackers to conduct XSS, HTTP Response Splitting, and CRLF Injection attacks via JavaScript code in a PHPSESSID cookie. | |||||
| CVE-2019-12966 | 1 Fehelper Project | 1 Fehelper | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| FeHelper through 2019-06-19 allows arbitrary code execution during a JSON format operation, as demonstrated by the {"a":(function(){confirm(1)})()} input. | |||||
| CVE-2019-12463 | 1 Librenms | 1 Librenms | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in LibreNMS 1.50.1. The scripts that handle graphing options (includes/html/graphs/common.inc.php and includes/html/graphs/graphs.inc.php) do not sufficiently validate or encode several fields of user supplied input. Some parameters are filtered with mysqli_real_escape_string, which is only useful for preventing SQL injection attacks; other parameters are unfiltered. This allows an attacker to inject RRDtool syntax with newline characters via the html/graph.php and html/graph-realtime.php scripts. RRDtool syntax is quite versatile and an attacker could leverage this to perform a number of attacks, including disclosing directory structure and filenames, disclosing file content, denial of service, or writing arbitrary files. NOTE: relative to CVE-2019-10665, this requires authentication and the pathnames differ. | |||||
| CVE-2018-7032 | 1 Myrepos Project | 1 Myrepos | 2020-08-24 | 5.1 MEDIUM | 7.5 HIGH |
| webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack. | |||||
| CVE-2019-19389 | 1 Jetbrains | 1 Ktor | 2020-08-24 | 3.5 LOW | 5.4 MEDIUM |
| JetBrains Ktor framework before version 1.2.6 was vulnerable to HTTP Response Splitting. | |||||
| CVE-2019-4396 | 1 Ibm | 1 Cloud Orchestrator | 2020-08-24 | 3.5 LOW | 5.4 MEDIUM |
| IBM Cloud Orchestrator 2.4 through 2.4.0.5 and 2.5 through 2.5.0.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability to inject arbitrary HTTP headers and cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning or cross-site scripting, and possibly obtain sensitive information. IBM X-Force ID: 162236. | |||||
| CVE-2019-11073 | 1 Paessler | 1 Prtg Network Monitor | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| A Remote Code Execution vulnerability exists in PRTG Network Monitor before 19.4.54.1506 that allows attackers to execute code due to insufficient sanitization when passing arguments to the HttpTransactionSensor.exe binary. In order to exploit the vulnerability, remote authenticated administrators need to create a new HTTP Transaction Sensor and set specific settings when the sensor is executed. | |||||
| CVE-2019-13915 | 1 B3log | 1 Wide | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| b3log Wide before 1.6.0 allows three types of attacks to access arbitrary files. First, the attacker can write code in the editor, and compile and run it approximately three times to read an arbitrary file. Second, the attacker can create a symlink, and then place the symlink into a ZIP archive. An unzip operation leads to read access, and write access (depending on file permissions), to the symlink target. Third, the attacker can import a Git repository that contains a symlink, similarly leading to read and write access. | |||||
| CVE-2019-10665 | 1 Librenms | 1 Librenms | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in LibreNMS through 1.47. The scripts that handle the graphing options (html/includes/graphs/common.inc.php and html/includes/graphs/graphs.inc.php) do not sufficiently validate or encode several fields of user supplied input. Some parameters are filtered with mysqli_real_escape_string, which is only useful for preventing SQL injection attacks; other parameters are unfiltered. This allows an attacker to inject RRDtool syntax with newline characters via the html/graph.php script. RRDtool syntax is quite versatile and an attacker could leverage this to perform a number of attacks, including disclosing directory structure and filenames, file content, denial of service, or writing arbitrary files. | |||||
| CVE-2020-16087 | 2 Microsoft, Vng | 2 Windows, Zalo Desktop | 2020-08-19 | 9.3 HIGH | 8.6 HIGH |
| An issue was discovered in Zalo.exe in VNG Zalo Desktop 19.8.1.0. An attacker can run arbitrary commands on a remote Windows machine running the Zalo client by sending the user of the device a crafted file. | |||||
| CVE-2019-8325 | 3 Debian, Opensuse, Rubygems | 3 Debian Linux, Leap, Rubygems | 2020-08-19 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in RubyGems 2.6 and later through 3.0.2. Since Gem::CommandManager#run calls alert_error without escaping, escape sequence injection is possible. (There are many ways to cause an error.) | |||||
| CVE-2019-8322 | 3 Debian, Opensuse, Rubygems | 3 Debian Linux, Leap, Rubygems | 2020-08-19 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in RubyGems 2.6 and later through 3.0.2. The gem owner command outputs the contents of the API response directly to stdout. Therefore, if the response is crafted, escape sequence injection may occur. | |||||
| CVE-2019-8323 | 3 Debian, Opensuse, Rubygems | 3 Debian Linux, Leap, Rubygems | 2020-08-19 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in RubyGems 2.6 and later through 3.0.2. Gem::GemcutterUtilities#with_response may output the API response to stdout as it is. Therefore, if the API side modifies the response, escape sequence injection may occur. | |||||
| CVE-2010-4654 | 2 Debian, Freedesktop | 2 Debian Linux, Poppler | 2020-08-18 | 9.3 HIGH | 7.8 HIGH |
| poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack. | |||||
| CVE-2012-4196 | 5 Canonical, Mozilla, Opensuse and 2 more | 14 Ubuntu Linux, Firefox, Firefox Esr and 11 more | 2020-08-12 | 6.4 MEDIUM | N/A |
| Mozilla Firefox before 16.0.2, Firefox ESR 10.x before 10.0.10, Thunderbird before 16.0.2, Thunderbird ESR 10.x before 10.0.10, and SeaMonkey before 2.13.2 allow remote attackers to bypass the Same Origin Policy and read the Location object via a prototype property-injection attack that defeats certain protection mechanisms for this object. | |||||
| CVE-2017-17531 | 1 Gnu | 1 Global | 2020-08-08 | 6.8 MEDIUM | 8.8 HIGH |
| gozilla.c in GNU GLOBAL 4.8.6 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL. | |||||
| CVE-2020-16254 | 1 Chartkick Project | 1 Chartkick | 2020-08-06 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Chartkick gem through 3.3.2 for Ruby allows Cascading Style Sheets (CSS) Injection (without attribute). | |||||
| CVE-2017-18923 | 1 Beronet | 16 Bf16001e1box, Bf16001t1box, Bf4001e1box and 13 more | 2020-08-05 | 5.0 MEDIUM | 7.5 HIGH |
| beroNet VoIP Gateways before 3.0.16 have a PHP script that allows downloading arbitrary files, including ones with credentials. | |||||
| CVE-2020-14505 | 1 Advantech | 1 Iview | 2020-07-22 | 7.5 HIGH | 9.8 CRITICAL |
| Advantech iView, versions 5.6 and prior, has an improper neutralization of special elements used in a command (“command injection”) vulnerability. Successful exploitation of this vulnerability may allow an attacker to send a HTTP GET or POST request that creates a command string without any validation. The attacker may then remotely execute code. | |||||
| CVE-2020-5246 | 1 Traccar | 1 Traccar | 2020-07-16 | 4.0 MEDIUM | 6.5 MEDIUM |
| Traccar GPS Tracking System before version 4.9 has a LDAP injection vulnerability. It occurs when user input is being used in LDAP search filter. By providing specially crafted input, an attacker can modify the logic of the LDAP query and get admin privileges. The issue only impacts instances with LDAP configuration and where users can craft their own names. This has been patched in version 4.9. | |||||