National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 136,753 matching records.
Displaying matches 1401 through 1420.
Vuln ID Summary CVSS Severity
CVE-2020-12478

TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from the TeamPass web root. This may include backups or LDAP debug files.

Published: April 29, 2020; 06:15:12 PM -04:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2020-12477

The REST API functions in TeamPass 2.1.27.36 allow any user with a valid API token to bypass IP address whitelist restrictions via an X-Forwarded-For client HTTP header to the getIp function.

Published: April 29, 2020; 06:15:12 PM -04:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2020-11943

An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload.

Published: April 29, 2020; 06:15:12 PM -04:00
V3.1: 8.8 HIGH
    V2: 6.5 MEDIUM
CVE-2020-11942

An issue was discovered in Open-AudIT 3.2.2. There are Multiple SQL Injections.

Published: April 29, 2020; 06:15:12 PM -04:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2020-11022

In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Published: April 29, 2020; 06:15:11 PM -04:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2016-11061

Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthenticated attacker to execute OS commands on the device.

Published: April 29, 2020; 06:15:11 PM -04:00
V3.1: 9.8 CRITICAL
    V2: 10.0 HIGH
CVE-2020-12471

MonoX through 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or Pages/SocialNetworking/lng/en-US/PhotoGallery.aspx because of deserialization in ModuleGallery.HTML5Upload, ModuleGallery.SilverLightUploadModule, HTML5Upload, and SilverLightUploadHandler.

Published: April 29, 2020; 05:15:12 PM -04:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH
CVE-2020-12470

MonoX through 5.1.40.5152 allows administrators to execute arbitrary code by modifying an ASPX template.

Published: April 29, 2020; 05:15:12 PM -04:00
V3.1: 7.2 HIGH
    V2: 6.5 MEDIUM
CVE-2020-12469

admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection (with resultant file deletion) via serialized data in the subpages value within a block to blocks/edit.

Published: April 29, 2020; 05:15:12 PM -04:00
V3.1: 6.5 MEDIUM
    V2: 5.5 MEDIUM
CVE-2020-12468

Subrion CMS 4.2.1 allows CSV injection via a phrase value within a language. This is related to phrases/add/ and languages/download/.

Published: April 29, 2020; 05:15:11 PM -04:00
V3.1: 7.8 HIGH
    V2: 6.8 MEDIUM
CVE-2020-12467

Subrion CMS 4.2.1 allows session fixation via an alphanumeric value in a session cookie.

Published: April 29, 2020; 05:15:11 PM -04:00
V3.1: 6.5 MEDIUM
    V2: 6.4 MEDIUM
CVE-2020-11024

In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-middle attack. The bug has been fixed in Moonlight v4.0.1 for iOS and tvOS.

Published: April 29, 2020; 05:15:11 PM -04:00
V3.1: 8.2 HIGH
    V2: 4.9 MEDIUM
CVE-2020-11023

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.

Published: April 29, 2020; 05:15:11 PM -04:00
V3.1: 6.1 MEDIUM
    V2: 4.3 MEDIUM
CVE-2019-16011

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the CLI utility. The attacker must be authenticated to access the CLI utility. A successful exploit could allow the attacker to execute commands with root privileges.

Published: April 29, 2020; 05:15:11 PM -04:00
V3.1: 7.8 HIGH
    V2: 7.2 HIGH
CVE-2020-12473

MonoX through 5.1.40.5152 allows admins to execute arbitrary programs by reconfiguring the Converter Executable setting from ffmpeg.exe to a different program.

Published: April 29, 2020; 04:15:12 PM -04:00
V3.1: 7.2 HIGH
    V2: 9.0 HIGH
CVE-2020-12472

MonoX through 5.1.40.5152 allows stored XSS via User Status, Blog Comments, or Blog Description.

Published: April 29, 2020; 04:15:12 PM -04:00
V3.1: 5.4 MEDIUM
    V2: 3.5 LOW
CVE-2020-12465

An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.

Published: April 29, 2020; 03:15:12 PM -04:00
V3.1: 6.7 MEDIUM
    V2: 7.2 HIGH
CVE-2020-12464

usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.

Published: April 29, 2020; 02:15:13 PM -04:00
V3.1: 6.7 MEDIUM
    V2: 7.2 HIGH
CVE-2020-11021

Actions Http-Client (NPM @actions/http-client) before version 1.0.8 can disclose Authorization headers to incorrect domain in certain redirect scenarios. The conditions in which this happens are if consumers of the http-client: 1. make an http request with an authorization header 2. that request leads to a redirect (302) and 3. the redirect url redirects to another domain or hostname Then the authorization header will get passed to the other domain. The problem is fixed in version 1.0.8.

Published: April 29, 2020; 02:15:13 PM -04:00
V3.1: 7.5 HIGH
    V2: 5.0 MEDIUM
CVE-2020-11020

Faye (NPM, RubyGem) versions greater than 0.5.0 and before 1.0.4, 1.1.3 and 1.2.5, has the potential for authentication bypass in the extension system. The vulnerability allows any client to bypass checks put in place by server-side extensions, by appending extra segments to the message channel. It is patched in versions 1.0.4, 1.1.3 and 1.2.5.

Published: April 29, 2020; 02:15:13 PM -04:00
V3.1: 9.8 CRITICAL
    V2: 7.5 HIGH