National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 136,434 matching records.
Displaying matches 421 through 440.
Vuln ID Summary CVSS Severity
CVE-2020-6092

An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects. A specially crafted PDF file can trigger an integer overflow that can lead to arbitrary code execution. In order to trigger this vulnerability, victim must open a malicious file.

Published: May 18, 2020; 01:15:10 PM -04:00
V3.1: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2020-6074

An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155. A specially crafted PDF document can cause a use-after-free which can lead to remote code execution. An attacker can provide a malicious file to trigger this vulnerability.

Published: May 18, 2020; 01:15:10 PM -04:00
V3.1: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2020-13136

D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer.

Published: May 18, 2020; 01:15:10 PM -04:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2020-13135

D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the local network, as demonstrated by a Squid Proxy.

Published: May 18, 2020; 01:15:10 PM -04:00
V3.1: 6.5 MEDIUM
    V2: 3.3 LOW
CVE-2019-19456

A Reflected XSS was found in the server selection box inside the login page at: enginemanager/loginfailed.html in Wowza Streaming Engine <= 4.x.x.

Published: May 18, 2020; 01:15:10 PM -04:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-19454

An arbitrary file download was found in the "Download Log" functionality of Wowza Streaming Engine <= 4.x.x

Published: May 18, 2020; 01:15:10 PM -04:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2020-11551

An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote write of arbitrary Wi-Fi configuration data such as authentication details (e.g., the Web-admin password), network settings, DNS settings, system administration interface configuration, etc.

Published: May 18, 2020; 12:15:11 PM -04:00
V3.1: 8.8 HIGH
    V2: 5.8 MEDIUM
CVE-2020-11550

An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote leak of sensitive/arbitrary Wi-Fi information, such as SSIDs and Pre-Shared-Keys (PSK).

Published: May 18, 2020; 12:15:11 PM -04:00
V3.1: 6.5 MEDIUM
    V2: 3.3 LOW
CVE-2020-11549

An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The root account has the same password as the Web-admin component. Thus, by exploiting CVE-2020-11551, it is possible to achieve remote code execution with root privileges on the embedded Linux system.

Published: May 18, 2020; 12:15:11 PM -04:00
V3.1: 8.8 HIGH
    V2: 8.3 HIGH
CVE-2019-7247

An issue was discovered in AODDriver2.sys in AMD OverDrive. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x81112ee0 and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.

Published: May 18, 2020; 12:15:11 PM -04:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2019-7246

An issue was discovered in atillk64.sys in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility 5.11.9.0. The vulnerable driver exposes a wrmsr instruction and does not properly filter the Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.

Published: May 18, 2020; 12:15:11 PM -04:00
V3.1: 6.7 MEDIUM
    V2: 4.6 MEDIUM
CVE-2020-8035

The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An attacker can obtain access to a victim's webmail account by making them visit a malicious URL.

Published: May 18, 2020; 11:15:11 AM -04:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2020-12801

If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice's default ODF file format, then affected versions of LibreOffice default that subsequent saves of the document are unencrypted. This may lead to a user accidentally saving a MSOffice file format document unencrypted while believing it to be encrypted. This issue affects: LibreOffice 6-3 series versions prior to 6.3.6; 6-4 series versions prior to 6.4.3.

Published: May 18, 2020; 11:15:11 AM -04:00
V3.1: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2020-12256

rConfig 3.9.4 is vulnerable to reflected XSS. The devicemgmnt.php file improperly validates user input. An attacker can exploit this by crafting arbitrary JavaScript in the deviceId GET parameter to devicemgmnt.php.

Published: May 18, 2020; 11:15:10 AM -04:00
V3.1: 5.4 MEDIUM
    V2: 3.5 LOW
CVE-2020-12255

rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. vendor.crud.php accepts a file upload by checking content-type without considering the file extension and header. Thus, an attacker can exploit this by uploading a .php file to vendor.php that contains arbitrary PHP code and changing the content-type to image/gif.

Published: May 18, 2020; 11:15:10 AM -04:00
V3.1: 8.8 HIGH
    V2: 6.5 MEDIUM
CVE-2020-10967

In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.

Published: May 18, 2020; 11:15:10 AM -04:00
V3.1: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2020-9524

Cross Site scripting vulnerability on Micro Focus Enterprise Server and Enterprise developer, affecting all versions prior to version 5.0 Patch Update 8. The vulnerability could allow an attacker to trigger administrative actions when an administrator viewed malicious data left by the attacker (stored XSS) or followed a malicious link (reflected XSS).

Published: May 18, 2020; 10:15:12 AM -04:00
V3.1: 5.4 MEDIUM
    V2: 3.5 LOW
CVE-2020-12258

rConfig 3.9.4 is vulnerable to session fixation because session expiry and randomization are mishandled. The application can reuse a session via PHPSESSID. Also, an attacker can exploit this vulnerability in conjunction with CVE-2020-12256 or CVE-2020-12259.

Published: May 18, 2020; 10:15:11 AM -04:00
V3.1: 9.1 CRITICAL
    V2: 6.4 MEDIUM
CVE-2020-12257

rConfig 3.9.4 is vulnerable to cross-site request forgery (CSRF) because it lacks implementation of CSRF protection such as a CSRF token. An attacker can leverage this vulnerability by creating a form (add a user, delete a user, or edit a user).

Published: May 18, 2020; 10:15:11 AM -04:00
V3.1: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2020-10958

In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.

Published: May 18, 2020; 10:15:11 AM -04:00
V3.1: 5.3 MEDIUM
    V2: 5.0 MEDIUM