National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 129,578 matching records.
Displaying matches 121 through 140.
Vuln ID Summary CVSS Severity
CVE-2020-6849

The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allows wp-admin/admin.php?page=marketo_fat CSRF with resultant XSS.

Published: January 21, 2020; 02:15:14 PM -05:00
(not available)
CVE-2020-1840

HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8) have an insufficient authentication vulnerability. A local attacker with high privilege can execute a specific command to exploit this vulnerability. Successful exploitation may cause information leak and compromise the availability of the smart phones.Affected product versions include: HUAWEI Mate 20 versions Versions earlier than 10.0.0.175(C00E70R3P8)

Published: January 21, 2020; 02:15:14 PM -05:00
(not available)
CVE-2019-19592

Jama Connect 8.44.0 is vulnerable to stored Cross-Site Scripting

Published: January 21, 2020; 02:15:13 PM -05:00
(not available)
CVE-2019-19411

USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 have an information leakage vulnerability. Due to improper processing of the initialization vector used in a specific encryption algorithm, an attacker who gains access to this cryptographic primitive may exploit this vulnerability to cause the value of the confidentiality associated with its use to be diminished.

Published: January 21, 2020; 02:15:13 PM -05:00
(not available)
CVE-2019-17357

Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection vulnerability affecting how template identifiers are handled when a string and id composite value are used to identify the template type and id. An authenticated attacker can exploit this to extract data from the database, or an unauthenticated remote attacker could exploit this via Cross-Site Request Forgery.

Published: January 21, 2020; 02:15:13 PM -05:00
(not available)
CVE-2016-11018

An issue was discovered in the Huge-IT gallery-images plugin before 1.9.0 for WordPress. The headers Client-Ip and X-Forwarded-For are prone to unauthenticated SQL injection. The affected file is gallery-images.php. The affected function is huge_it_image_gallery_ajax_callback().

Published: January 21, 2020; 02:15:12 PM -05:00
(not available)
CVE-2014-2680

The update process in Xmind 3.4.1 and earlier allow remote attackers to execute arbitrary code via a man-in-the-middle attack.

Published: January 21, 2020; 02:15:12 PM -05:00
(not available)
CVE-2020-5202

apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardcoded TCP port. The /usr/lib/apt-cacher-ng/acngtool program attempts to connect to apt-cacher-ng via TCP on localhost port 3142, even if the explicit SocketPath=/var/run/apt-cacher-ng/socket command-line option is passed. The cron job /etc/cron.daily/apt-cacher-ng (which is active by default) attempts this periodically. Because 3142 is an unprivileged port, any local user can try to bind to this port and will receive requests from acngtool. There can be sensitive data in these requests, e.g., if AdminAuth is enabled in /etc/apt-cacher-ng/security.conf. This sensitive data can leak to unprivileged local users that manage to bind to this port before the apt-cacher-ng daemon can.

Published: January 21, 2020; 01:15:13 PM -05:00
(not available)
CVE-2019-19344

There is a use-after-free issue in all samba 4.9.x versions before 4.9.18, all samba 4.10.x versions before 4.10.12 and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.

Published: January 21, 2020; 01:15:12 PM -05:00
(not available)
CVE-2019-18932

log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows local privilege escalation. By default, it uses a fixed temporary directory /tmp/sarg. As the root user, sarg creates this directory or reuses an existing one in an insecure manner. An attacker can pre-create the directory, and place symlinks in it (after winning a /tmp/sarg/denied.int_unsort race condition). The outcome will be corrupted or newly created files in privileged file system locations.

Published: January 21, 2020; 01:15:12 PM -05:00
(not available)
CVE-2019-14907

All samba versions 4.9.x before 4.9.18, 4.10.x before 4.10.12 and 4.11.x before 4.11.5 have an issue where if it is set with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process(such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless).

Published: January 21, 2020; 01:15:12 PM -05:00
(not available)
CVE-2019-14902

There is an issue in all samba 4.11.x versions before 4.11.5, all samba 4.10.x versions before 4.10.12 and all samba 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.

Published: January 21, 2020; 01:15:12 PM -05:00
(not available)
CVE-2015-2784

The papercrop gem before 0.3.0 for Ruby on Rails does not properly handle crop input.

Published: January 21, 2020; 01:15:12 PM -05:00
(not available)
CVE-2020-7229

An issue was discovered in Simplejobscript.com SJS before 1.65. There is unauthenticated SQL injection via the search engine. The parameter is landing_location. The function is countSearchedJobs(). The file is _lib/class.Job.php.

Published: January 21, 2020; 12:15:12 PM -05:00
(not available)
CVE-2020-7213

Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Users of out-of-date versions are presented with a pop-up window for a parallels_updates.xml file on the http://update.parallels.com web site.

Published: January 21, 2020; 12:15:12 PM -05:00
(not available)
CVE-2020-7211

tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does not prevent ..\ directory traversal on Windows.

Published: January 21, 2020; 12:15:12 PM -05:00
(not available)
CVE-2020-6857

CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption key. The key for local FTP server passwords is hard-coded in the binary.

Published: January 21, 2020; 12:15:12 PM -05:00
(not available)
CVE-2019-19392

The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly DotNetNuke) allows an unprivileged user to import (create) new users with Administrator privileges, as demonstrated by Roles="Administrators" in XML or CSV data.

Published: January 21, 2020; 12:15:12 PM -05:00
(not available)
CVE-2019-3864

A vulnerability was discovered in all quay-2 versions before quay-3.0.0, in the Quay web GUI where POST requests include a specific parameter which is used as a CSRF token. The token is not refreshed for every request or when a user logged out and in again. An attacker could use a leaked token to gain access to the system using the user's account.

Published: January 21, 2020; 11:15:13 AM -05:00
(not available)
CVE-2019-14768

An Arbitrary File Upload issue in the file browser of DIMO YellowBox CRM before 6.3.4 allows a standard authenticated user to deploy a new WebApp WAR file to the Tomcat server via Path Traversal, allowing remote code execution with SYSTEM privileges.

Published: January 21, 2020; 11:15:12 AM -05:00
(not available)