National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 131,483 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2020-6804

A reflected XSS vulnerability exists within the gateway, allowing an attacker to craft a specialized URL which could steal the user's authentication token. When combined with CVE-2020-6803, an attacker could fully compromise the system.

Published: February 28, 2020; 06:15:11 PM -05:00
(not available)
CVE-2020-6803

An open redirect is present on the gateway's login page, which could cause a user to be redirected to a malicious site after logging in.

Published: February 28, 2020; 06:15:11 PM -05:00
(not available)
CVE-2015-5361

Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specific information and will open a wider TCP data channel (gate) from client IP to server IP on all destination TCP ports. In FTP/FTPS client environments to an enterprise network or the Internet, this is the desired behavior as it allows firewall policy to be written to FTP/FTPS servers on well-known control ports without using a policy with destination IP ANY and destination port ANY. Issue The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration.‚Äč Note that the ftps-extensions option is not enabled by default.

Published: February 28, 2020; 06:15:11 PM -05:00
(not available)
CVE-2015-3006

On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. Entropy increases after the system has been up and running for some time, but immediately after boot, the entropy is very low. This issue only affects the QFX3500 and QFX3600 switches. No other Juniper Networks products or platforms are affected by this weak entropy vulnerability.

Published: February 28, 2020; 06:15:11 PM -05:00
(not available)
CVE-2019-7007

A directory traversal vulnerability has been found in the Avaya Equinox Management(iView)versions R9.1.9.0 and earlier. Successful exploitation could potentially allow an unauthenticated attacker to access files that are outside the restricted directory on the remote server.

Published: February 28, 2020; 05:15:10 PM -05:00
(not available)
CVE-2019-4301

BigFix Self-Service Application (SSA) is vulnerable to arbitrary code execution if Javascript code is included in Running Message or Post Message HTML.

Published: February 28, 2020; 05:15:10 PM -05:00
(not available)
CVE-2020-9459

Multiple Stored Cross-site scripting (XSS) vulnerabilities in the Webnus Modern Events Calendar Lite plugin through 5.1.6 for WordPress allows remote authenticated users (with minimal permissions) to inject arbitrary JavaScript, HTML, or CSS via Ajax actions. This affects mec_save_notifications and import_settings.

Published: February 28, 2020; 04:15:13 PM -05:00
(not available)
CVE-2020-9449

An insecure random number generation vulnerability in BlaB! AX, BlaB! AX Pro, BlaB! WS (client), and BlaB! WS Pro (client) version 19.11 allows an attacker (with a guest or user session cookie) to escalate privileges by retrieving the cookie salt value and creating a valid session cookie for an arbitrary user or admin.

Published: February 28, 2020; 04:15:13 PM -05:00
(not available)
CVE-2019-10805

valib through 2.0.0 allows Internal Property Tampering. A maliciously crafted JavaScript object can bypass several inspection functions provided by valib. Valib uses a built-in function (hasOwnProperty) from the unsafe user-input to examine an object. It is possible for a crafted payload to overwrite this function to manipulate the inspection results to bypass security checks.

Published: February 28, 2020; 04:15:13 PM -05:00
(not available)
CVE-2019-10804

serial-number through 1.3.0 allows execution of arbritary commands. The "cmdPrefix" argument in serialNumber function is used by the "exec" function without any validation.

Published: February 28, 2020; 04:15:13 PM -05:00
(not available)
CVE-2019-10803

push-dir through 0.4.1 allows execution of arbritary commands. Arguments provided as part of the variable "opt.branch" is not validated before being provided to the "git" command within "index.js#L139". This could be abused by an attacker to inject arbitrary commands.

Published: February 28, 2020; 04:15:13 PM -05:00
(not available)
CVE-2019-10802

giting version prior to 0.0.8 allows execution of arbritary commands. The first argument "repo" of function "pull()" is executed by the package without any validation.

Published: February 28, 2020; 04:15:12 PM -05:00
(not available)
CVE-2019-10801

enpeem through 2.2.0 allows execution of arbitrary commands. The "options.dir" argument is provided to the "exec" function without any sanitization.

Published: February 28, 2020; 04:15:12 PM -05:00
(not available)
CVE-2018-21035

In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).

Published: February 28, 2020; 04:15:12 PM -05:00
(not available)
CVE-2020-9466

The Export Users to CSV plugin through 1.4.2 for WordPress allows CSV Injection.

Published: February 28, 2020; 03:15:11 PM -05:00
(not available)
CVE-2020-9465

An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the user_id field in a cookie.

Published: February 28, 2020; 03:15:11 PM -05:00
(not available)
CVE-2020-8132

Lack of input validation in pdf-image npm package version <= 2.0.0 may allow an attacker to run arbitrary code if PDF file path is constructed based on untrusted user input.

Published: February 28, 2020; 03:15:11 PM -05:00
(not available)
CVE-2020-8127

Insufficient validation in cross-origin communication (postMessage) in reveal.js version 3.9.1 and earlier allow attackers to perform cross-site scripting attacks.

Published: February 28, 2020; 03:15:11 PM -05:00
(not available)
CVE-2019-19943

The HTTP service in quickweb.exe in Pablo Quick 'n Easy Web Server 3.3.8 allows Remote Unauthenticated Heap Memory Corruption via a large host or domain parameter. It may be possible to achieve remote code execution because of a double free.

Published: February 28, 2020; 03:15:11 PM -05:00
(not available)
CVE-2019-15609

The kill-port-process package version < 2.2.0 is vulnerable to a Command Injection vulnerability.

Published: February 28, 2020; 03:15:11 PM -05:00
(not available)