National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 129,600 matching records.
Displaying matches 281 through 300.
Vuln ID Summary CVSS Severity
CVE-2019-20327

Insecure permissions in cwrapper_perl in Centreon Infrastructure Monitoring Software through 19.10 allow local attackers to gain privileges. (cwrapper_perl is a setuid executable allowing execution of Perl scripts with root privileges.)

Published: January 16, 2020; 10:15:18 AM -05:00
V3.1: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2020-7108

The LearnDash LMS plugin before 3.1.2 for WordPress allows XSS via the ld-profile search field.

Published: January 16, 2020; 12:15:12 AM -05:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2020-7107

The Ultimate FAQ plugin before 1.8.30 for WordPress allows XSS via Display_FAQ to Shortcodes/DisplayFAQs.php.

Published: January 16, 2020; 12:15:11 AM -05:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2020-7106

Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS).

Published: January 15, 2020; 11:15:11 PM -05:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2020-7105

async.c and dict.c in libhiredis.a in hiredis through 0.14.0 allow a NULL pointer dereference because malloc return values are unchecked.

Published: January 15, 2020; 11:15:11 PM -05:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2020-7045

In Wireshark 3.0.x before 3.0.8, the BT ATT dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by validating opcodes.

Published: January 15, 2020; 11:15:11 PM -05:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2020-7044

In Wireshark 3.2.x before 3.2.1, the WASSP dissector could crash. This was addressed in epan/dissectors/packet-wassp.c by using >= and <= to resolve off-by-one errors.

Published: January 15, 2020; 11:15:11 PM -05:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2019-19859

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. The Add Collaborator allows unlimited data via the author parameter, even if the data does not match anything in the database.

Published: January 15, 2020; 06:15:11 PM -05:00
V3.1: 5.3 MEDIUM
    V2: 5.0 MEDIUM
CVE-2019-19858

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/add_user/UID allows stored XSS via the author parameter.

Published: January 15, 2020; 06:15:11 PM -05:00
V3.1: 4.8 MEDIUM
    V2: 3.5 LOW
CVE-2019-19857

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. An admin can change their password without providing the current password, by using interfaces outside the Change Password screen. Thus, requiring the admin to enter an Old Password value on the Change Password screen does not enhance security. This is problematic in conjunction with XSS.

Published: January 15, 2020; 06:15:11 PM -05:00
V3.1: 6.5 MEDIUM
    V2: 5.0 MEDIUM
CVE-2019-19856

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. The User Type on the admin/list_user page allows stored XSS via the type parameter.

Published: January 15, 2020; 06:15:11 PM -05:00
V3.1: 4.8 MEDIUM
    V2: 3.5 LOW
CVE-2019-19855

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. admin/list_user allows stored XSS via the auth_type parameter.

Published: January 15, 2020; 06:15:11 PM -05:00
V3.1: 4.8 MEDIUM
    V2: 3.5 LOW
CVE-2019-19854

An issue was discovered in Serpico (aka SimplE RePort wrIting and CollaboratiOn tool) 1.3.0. It does not use CSRF Tokens to mitigate against CSRF; it uses the Origin header (which must match the request origin). This is problematic in conjunction with XSS: one can escalate privileges from User level to Administrator.

Published: January 15, 2020; 06:15:11 PM -05:00
V3.1: 8.8 HIGH
    V2: 6.8 MEDIUM
CVE-2019-20097

Bitbucket Server and Bitbucket Data Center versions starting from 1.0.0 before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before 6.5.3, from version 6.6.0 before 6.6.3, from version 6.7.0 before 6.7.3, from version 6.8.0 before 6.8.2, from version 6.9.0 before 6.9.1 had a Remote Code Execution vulnerability via the post-receive hook. A remote attacker with permission to clone and push files to a repository on the victim's Bitbucket Server or Bitbucket Data Center instance, can exploit this vulnerability to execute arbitrary commands on the Bitbucket Server or Bitbucket Data Center systems, using a file with specially crafted content.

Published: January 15, 2020; 04:15:12 PM -05:00
V3.1: 8.8 HIGH
    V2: 6.5 MEDIUM
CVE-2019-15012

Bitbucket Server and Bitbucket Data Center from version 4.13. before 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before 6.5.3, from version 6.6.0 before 6.6.3, from version 6.7.0 before 6.7.3, from version 6.8.0 before 6.8.2, from version 6.9.0 before 6.9.1 had a Remote Code Execution vulnerability via the edit-file request. A remote attacker with write permission on a repository can write to any arbitrary file to the victims Bitbucket Server or Bitbucket Data Center instance using the edit-file endpoint, if the user has Bitbucket Server or Bitbucket Data Center running, and has the permission to write the file at that destination. In some cases, this can result in execution of arbitrary code by the victims Bitbucket Server or Bitbucket Data Center instance.

Published: January 15, 2020; 04:15:12 PM -05:00
V3.1: 8.8 HIGH
    V2: 6.5 MEDIUM
CVE-2019-15010

Bitbucket Server and Bitbucket Data Center versions starting from version 3.0.0 before version 5.16.11, from version 6.0.0 before 6.0.11, from version 6.1.0 before 6.1.9, from version 6.2.0 before 6.2.7, from version 6.3.0 before 6.3.6, from version 6.4.0 before 6.4.4, from version 6.5.0 before 6.5.3, from version 6.6.0 before 6.6.3, from version 6.7.0 before 6.7.3, from version 6.8.0 before 6.8.2, and from version 6.9.0 before 6.9.1 had a Remote Code Execution vulnerability via certain user input fields. A remote attacker with user level permissions can exploit this vulnerability to run arbitrary commands on the victim's systems. Using a specially crafted payload as user input, the attacker can execute arbitrary commands on the victim's Bitbucket Server or Bitbucket Data Center instance.

Published: January 15, 2020; 04:15:12 PM -05:00
V3.1: 8.8 HIGH
    V2: 6.5 MEDIUM
CVE-2009-5068

There is a file disclosure vulnerability in SMF (Simple Machines Forum) affecting versions through v2.0.3. On some configurations a SMF deployment is shared by several "co-admins" that are not trusted beyond the SMF deployment. This vulnerability allows them to read arbitrary files on the filesystem and therefore gain new privileges by reading the settings.php with the database passwords.

Published: January 15, 2020; 04:15:11 PM -05:00
V3.1: 7.2 HIGH
    V2: 3.5 LOW
CVE-2009-5025

A backdoor (aka BMSA-2009-07) was found in PyForum v1.0.3 where an attacker who knows a valid user email could force a password reset on behalf of that user.

Published: January 15, 2020; 04:15:11 PM -05:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2009-3724

python-markdown2 before 1.0.1.14 has multiple cross-site scripting (XSS) issues.

Published: January 15, 2020; 04:15:11 PM -05:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2020-3941

The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11.

Published: January 15, 2020; 03:15:25 PM -05:00
(not available)