Search Results (Refine Search)

Search Parameters:
There are 145,141 matching records.
Displaying matches 361 through 380.
Vuln ID Summary CVSS Severity
CVE-2020-11860

Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in Cross-Site Scripting (XSS)

Published: November 16, 2020; 8:15:13 PM -0500
V3.1: 6.1 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-26225

In PrestaShop Product Comments before version 4.2.0, an attacker could inject malicious web code into the users' web browsers by creating a malicious link. The problem was introduced in version 4.0.0 and is fixed in 4.2.0

Published: November 16, 2020; 5:15:12 PM -0500
V3.x:(not available)
V2.0:(not available)
CVE-2020-26224

In PrestaShop before version 1.7.6.9 an attacker is able to list all the orders placed on the website without being logged by abusing the function that allows a shopping cart to be recreated from an order already placed. The problem is fixed in 1.7.6.9.

Published: November 16, 2020; 5:15:12 PM -0500
V3.x:(not available)
V2.0:(not available)
CVE-2020-28693

An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an authenticated remote attacker to upload PHP code through a zip file by uploading a theme, and executing the PHP file via an HTTP GET request to /themes/<php_file_name>

Published: November 16, 2020; 4:15:13 PM -0500
V3.x:(not available)
V2.0:(not available)
CVE-2020-27486

Garmin Forerunner 235 before 8.20 is affected by: Buffer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the string length provided in the data section of the PRG file. It allocates memory for the string immediately, and then copies the string into the TVM object by using a function similar to strcpy. This copy can exceed the length of the allocated string data and overwrite heap data. A successful exploit would allow a ConnectIQ app store application to escape and perform activities outside the restricted application execution environment.

Published: November 16, 2020; 4:15:13 PM -0500
V3.x:(not available)
V2.0:(not available)
CVE-2020-27485

Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check the index provided when accessing the local variable in the LGETV and LPUTV instructions. This provides the ability to both read and write memory outside the bounds of the TVM context allocation. It can be leveraged to construct a use-after-free scenario, leading to a constrained read/write primitive across the entire MAX32630 address space. A successful exploit would allow a ConnectIQ app store application to escape and perform activities outside the restricted application execution environment.

Published: November 16, 2020; 4:15:13 PM -0500
V3.x:(not available)
V2.0:(not available)
CVE-2020-27484

Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check for overflow when allocating the array for the NEWA instruction. This a constrained read/write primitive across the entire MAX32630 address space. A successful exploit would allow a ConnectIQ app store application to escape and perform activities outside the restricted application execution environment.

Published: November 16, 2020; 4:15:13 PM -0500
V3.x:(not available)
V2.0:(not available)
CVE-2020-27483

Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the offset provided for the stack value duplication instruction, DUP. The offset is unchecked and memory prior to the start of the execution stack can be read and treated as a TVM object. A successful exploit could use the vulnerability to leak runtime information such as the heap handle or pointer for a number of TVM context variables. Some reachable values may be controlled enough to forge a TVM object on the stack, leading to possible remote code execution.

Published: November 16, 2020; 4:15:13 PM -0500
V3.x:(not available)
V2.0:(not available)
CVE-2020-26217

XStream before version 1.4.14 is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker to run arbitrary shell commands only by manipulating the processed input stream. Only users who rely on blocklists are affected. Anyone using XStream's Security Framework allowlist is not affected. The linked advisory provides code workarounds for users who cannot upgrade. The issue is fixed in version 1.4.14.

Published: November 16, 2020; 4:15:12 PM -0500
V3.x:(not available)
V2.0:(not available)
CVE-2020-26510

Airleader Master <= 6.21 devices have default credentials that can be used to access the exposed Tomcat Manager for deployment of a new .war file, with resultant remote code execution.

Published: November 16, 2020; 2:15:13 PM -0500
V3.x:(not available)
V2.0:(not available)
CVE-2020-26509

Airleader Master and Easy <= 6.21 devices have default credentials that can be used for a denial of service.

Published: November 16, 2020; 2:15:13 PM -0500
V3.x:(not available)
V2.0:(not available)
CVE-2020-26508

The WebTools component on Canon Oce ColorWave 3500 5.1.1.0 devices allows attackers to retrieve stored SMB credentials via the export feature, even though these are intentionally inaccessible in the UI.

Published: November 16, 2020; 2:15:13 PM -0500
V3.x:(not available)
V2.0:(not available)
CVE-2020-28692

In Gila CMS 1.16.0, an attacker can upload a shell to tmp directy and abuse .htaccess through the logs function for executing PHP files.

Published: November 16, 2020; 1:15:12 PM -0500
V3.x:(not available)
V2.0:(not available)
CVE-2020-23490

There was a local file disclosure vulnerability in AVideo < 8.9 via the proxy streaming. An unauthenticated attacker can exploit this issue to read an arbitrary file on the server. Which could leak database credentials or other sensitive information such as /etc/passwd file.

Published: November 16, 2020; 1:15:12 PM -0500
V3.x:(not available)
V2.0:(not available)
CVE-2020-23489

The import.json.php file before 8.9 for Avideo is vulnerable to a File Deletion vulnerability. This allows the deletion of configuration.php, which leads to certain privilege checks not being in place, and therefore a user can escalate privileges to admin.

Published: November 16, 2020; 1:15:12 PM -0500
V3.x:(not available)
V2.0:(not available)
CVE-2020-4763

IBM Sterling File Gateway 6.0.0.0 through 6.0.3.2 and 2.2.0.0 through 2.2.6.5 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 188897.

Published: November 16, 2020; 12:15:14 PM -0500
V3.1: 4.3 MEDIUM
V2.0: 4.3 MEDIUM
CVE-2020-4705

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 187190.

Published: November 16, 2020; 12:15:14 PM -0500
V3.1: 4.8 MEDIUM
V2.0: 3.5 LOW
CVE-2020-4700

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user belonging to a specific user group to create a user or group with administrative privileges. IBM X-Force ID: 187077.

Published: November 16, 2020; 12:15:14 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.5 MEDIUM
CVE-2020-4692

IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.2 and 5.2.0.0 through 5.2.6.5 could allow an authenticated user to obtain sensitive information from the Dashboard UI. IBM X-Force ID: 186780.

Published: November 16, 2020; 12:15:13 PM -0500
V3.1: 6.5 MEDIUM
V2.0: 4.0 MEDIUM
CVE-2020-4672

IBM Business Automation Workflow 20.0.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 186285.

Published: November 16, 2020; 12:15:13 PM -0500
V3.1: 5.4 MEDIUM
V2.0: 3.5 LOW