Vulnerability Summary for the Week of October 26, 2020

Original release date: November 2, 2020

The CISA Weekly Vulnerability Summary Bulletin is created using information from the NIST NVD. In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

High Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
apple — airport_base_station_firmware	An out-of-bounds read was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to leak memory.	2020-10-27	7.5	CVE-2019-8581 MISC MISC
apple — airport_base_station_firmware	A use after free issue was addressed with improved memory management. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution.	2020-10-27	7.5	CVE-2019-8578 MISC MISC
apple — airport_base_station_firmware	A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause arbitrary code execution.	2020-10-27	7.5	CVE-2019-8572 MISC MISC
apple — airport_base_station_firmware	A null pointer dereference was addressed with improved input validation. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A remote attacker may be able to cause a system denial of service.	2020-10-27	7.8	CVE-2019-8588 MISC MISC
apple — icloud	An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. A remote attacker may be able to cause unexpected application termination or arbitrary code execution.	2020-10-27	7.5	CVE-2019-8746 MISC MISC MISC MISC MISC MISC MISC MISC
apple — icloud	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.	2020-10-27	9.3	CVE-2019-8835 MISC MISC MISC MISC MISC MISC
apple — icloud	Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2.	2020-10-27	7.5	CVE-2019-8749 MISC MISC MISC MISC MISC MISC MISC MISC
apple — icloud	Multiple memory corruption issues were addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iTunes 12.10.1 for Windows. Multiple issues in libxml2.	2020-10-27	7.5	CVE-2019-8756 MISC MISC MISC MISC MISC MISC MISC MISC
apple — icloud	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.	2020-10-27	9.3	CVE-2019-8844 MISC MISC MISC MISC MISC MISC MISC
apple — icloud	A logic issue was addressed with improved validation. This issue is fixed in iCloud for Windows 7.17, iTunes 12.10.4 for Windows, iCloud for Windows 10.9.2, tvOS 13.3.1, Safari 13.0.5, iOS 13.3.1 and iPadOS 13.3.1. A DOM object context may not have had a unique security origin.	2020-10-27	7.2	CVE-2020-3864 MISC MISC MISC MISC MISC MISC
apple — icloud	A use after free issue was addressed with improved memory management. This issue is fixed in tvOS 13.3, iCloud for Windows 10.9, iOS 13.3 and iPadOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. Processing maliciously crafted web content may lead to arbitrary code execution.	2020-10-27	9.3	CVE-2019-8846 MISC MISC MISC MISC MISC MISC
apple — ipad_os	A memory corruption vulnerability was addressed with improved locking. This issue is fixed in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.	2020-10-27	9.3	CVE-2019-8740 MISC MISC MISC
apple — ipados	An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iOS 12.4.4, watchOS 5.3.4. Processing malicious video via FaceTime may lead to arbitrary code execution.	2020-10-27	9.3	CVE-2019-8830 MISC MISC MISC MISC MISC MISC
apple — ipados	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges.	2020-10-27	9.3	CVE-2019-8828 MISC MISC MISC MISC
apple — ipados	An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.3 and iPadOS 13.3. An application may be able to execute arbitrary code with kernel privileges.	2020-10-27	7.2	CVE-2019-8841 MISC
apple — ipados	An out-of-bounds read was addressed with improved input validation. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Processing a maliciously crafted image may lead to arbitrary code execution.	2020-10-27	9.3	CVE-2020-3880 MISC MISC MISC MISC
apple — ipados	A memory corruption vulnerability was addressed with improved locking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6.1, tvOS 13.2, iOS 13.2 and iPadOS 13.2. An application may be able to execute arbitrary code with kernel privileges.	2020-10-27	9.3	CVE-2019-8829 MISC MISC MISC MISC
apple — ipados	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges.	2020-10-27	9.3	CVE-2019-8838 MISC MISC MISC MISC
apple — ipados	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave, iOS 14.0 and iPadOS 14.0. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution.	2020-10-27	9.3	CVE-2020-9973 MISC MISC
apple — ipados	A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with system privileges.	2020-10-27	9.3	CVE-2019-8832 MISC MISC MISC MISC
apple — ipados	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. An application may be able to execute arbitrary code with system privileges.	2020-10-27	9.3	CVE-2019-8831 MISC MISC MISC MISC MISC
apple — ipados	A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6.1.2, iOS 13.3.1 and iPadOS 13.3.1, tvOS 13.3.1. An application may be able to execute arbitrary code with kernel privileges.	2020-10-27	9.3	CVE-2019-8836 MISC MISC MISC
apple — ipados	A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, tvOS 13.3. An application may be able to execute arbitrary code with kernel privileges.	2020-10-27	9.3	CVE-2019-8833 MISC MISC MISC MISC
apple — iphone_os	An input validation issue was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, watchOS 5.2.1. A remote attacker may be able to cause a system denial of service.	2020-10-27	7.8	CVE-2019-8573 MISC MISC MISC
apple — iphone_os	A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with kernel privileges.	2020-10-27	9.3	CVE-2019-8718 MISC MISC MISC
apple — iphone_os	A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. An application may be able to execute arbitrary code with kernel privileges.	2020-10-27	9.3	CVE-2019-8709 MISC MISC MISC MISC MISC
apple — iphone_os	The issue was addressed with improved permissions logic. This issue is fixed in iOS 13.1 and iPadOS 13.1, tvOS 13. A malicious application may be able to determine kernel memory layout.	2020-10-27	7.1	CVE-2019-8780 MISC MISC
apple — iphone_os	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15, iOS 13. An application may be able to execute arbitrary code with system privileges.	2020-10-27	9.3	CVE-2019-8715 MISC MISC MISC
apple — iphone_os	A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.	2020-10-27	7.2	CVE-2019-8528 MISC MISC MISC
apple — iphone_os	An out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. A remote attacker may be able to leak memory.	2020-10-27	7.5	CVE-2019-8547 MISC MISC MISC MISC
apple — iphone_os	A validation issue existed in Trust Anchor Management. This issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An untrusted radius server certificate may be trusted.	2020-10-27	7.5	CVE-2019-8531 MISC MISC MISC
apple — iphone_os	A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 6, iOS 13, tvOS 13. An application may be able to execute arbitrary code with system privileges.	2020-10-27	10	CVE-2019-8712 MISC MISC MISC
apple — iphone_os	The issue was addressed with improved validation on the FaceTime server. This issue is fixed in macOS Mojave 10.14.3 Supplemental Update, iOS 12.1.4. A thorough security audit of the FaceTime service uncovered an issue with Live Photos .	2020-10-27	7.5	CVE-2019-7288 MISC MISC
apple — iphone_os	A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. An application may be able to execute arbitrary code with kernel privileges.	2020-10-27	7.2	CVE-2019-8525 MISC MISC MISC MISC
apple — mac_os_x	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with system privileges.	2020-10-27	10	CVE-2019-8716 MISC
apple — mac_os_x	A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A malicious application may be able to access restricted files.	2020-10-27	9.3	CVE-2019-8837 MISC
apple — mac_os_x	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to execute arbitrary code with kernel privileges.	2020-10-27	9.3	CVE-2019-8852 MISC
apple — mac_os_x	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to execute arbitrary code with kernel privileges.	2020-10-27	9.3	CVE-2019-8847 MISC
apple — mac_os_x	A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. An application may be able to execute arbitrary code with kernel privileges.	2020-10-27	9.3	CVE-2019-8824 MISC
apple — mac_os_x	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application may be able to execute arbitrary code with system privileges.	2020-10-27	9.3	CVE-2020-3863 MISC
apple — mac_os_x	A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. Processing a maliciously crafted string may lead to heap corruption.	2020-10-27	7.5	CVE-2019-8767 MISC MISC
apple — mac_os_x	A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. A buffer overflow may result in arbitrary code execution.	2020-10-27	7.5	CVE-2020-9866 MISC
apple — mac_os_x	A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. A malicious application may be able to execute arbitrary code with system privileges.	2020-10-27	9.3	CVE-2019-8539 MISC
apple — mac_os_x	A memory consumption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra. A malicious application may be able to execute arbitrary code with system privileges.	2020-10-27	9.3	CVE-2018-4452 MISC MISC
apple — mac_os_x	A logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. A malicious application may be able to execute arbitrary code with kernel privileges.	2020-10-27	7.2	CVE-2019-8534 MISC
apple — mac_os_x	This issue is fixed in macOS Mojave 10.14. A memory corruption issue was addressed with improved input validation.	2020-10-27	9.3	CVE-2018-4451 MISC
apple — mac_os_x	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Catalina 10.15. An application may be able to execute arbitrary code with system privileges.	2020-10-27	9.3	CVE-2019-8776 MISC
arubanetworks — airwave_glass	A remote unauthorized access vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.	2020-10-26	7.5	CVE-2020-7124 MISC
arubanetworks — airwave_glass	A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.	2020-10-26	9	CVE-2020-24631 MISC
arubanetworks — airwave_glass	A remote execution of arbitrary commandss vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.	2020-10-26	9	CVE-2020-24632 MISC
arubanetworks — airwave_glass	A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.	2020-10-26	7.5	CVE-2020-7127 MISC
crmeb — crmeb	A SSRF vulnerability exists in the downloadimage interface of CRMEB 3.0, which can remotely download arbitrary files on the server and remotely execute arbitrary code.	2020-10-23	7.5	CVE-2020-25466 MISC MISC MISC
fruitywifi_project — fruitywifi	FruityWifi through 2.4 has an unsafe Sudo configuration [(ALL : ALL) NOPASSWD: ALL]. This allows an attacker to perform a system-level (root) local privilege escalation, allowing an attacker to gain complete persistent access to the local system.	2020-10-23	7.2	CVE-2020-24848 MISC
getgophish — gophish	Gophish before 0.11.0 allows the creation of CSV sheets that contain malicious content.	2020-10-28	9.3	CVE-2020-24707 MISC MISC MISC
ibm — i2_analysts_notebook	IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187868.	2020-10-29	9.3	CVE-2020-4721 XF CONFIRM
ibm — i2_analysts_notebook	IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system.	2020-10-29	9.3	CVE-2020-4724 XF CONFIRM
ibm — i2_analysts_notebook	IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187870.	2020-10-29	9.3	CVE-2020-4722 XF CONFIRM
ibm — i2_analysts_notebook	IBM i2 Analyst Notebook 9.2.0 and 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 187873.	2020-10-29	9.3	CVE-2020-4723 XF CONFIRM
illumos — illumos	An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c.	2020-10-26	7.5	CVE-2020-27678 MISC
kde — partition_manager	An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcore_externalcommand helper contains a logic flaw in which the service invoking D-Bus is not properly checked. An attacker on the local machine can replace /etc/fstab, and execute mount and other partitioning related commands, while KDE Partition Manager is running. the mount command can then be used to gain full root privileges.	2020-10-26	7.2	CVE-2020-27187 MISC MISC CONFIRM
konzept-ix — publixone	A RemoteFunctions endpoint with missing access control in konzept-ix publiXone before 2020.015 allows attackers to disclose sensitive user information, send arbitrary e-mails, escalate the privileges of arbitrary user accounts, and have unspecified other impact.	2020-10-27	7.5	CVE-2020-27183 MISC MISC
oscommerce — oscommerce	osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option.	2020-10-28	10	CVE-2020-27976 MISC

Medium Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
1password — command-line	An issue was discovered in beta versions of the 1Password command-line tool prior to 0.5.5 and in beta versions of the 1Password SCIM bridge prior to 0.7.3. An insecure random number generator was used to generate various keys. An attacker with access to the user’s encrypted data may be able to perform brute-force calculations of encryption keys and thus succeed at decryption.	2020-10-27	5	CVE-2020-10256 MISC CONFIRM MISC
antsword_project — antsword	AntSword 2.1.8.1 contains a cross-site scripting (XSS) vulnerability in the View Site funtion. When viewing an added site, an XSS payload can be injected in cookies view which can lead to remote code execution.	2020-10-26	4.3	CVE-2020-25470 MISC
antsword_project — antsword	A cross-site scripting (XSS) vulnerability AntSword v2.0.7 can remotely execute system commands.	2020-10-26	6.8	CVE-2020-18766 MISC
apple — airport_base_station_firmware	A denial of service issue was addressed with improved memory handling. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. An attacker in a privileged position may be able to perform a denial of service attack.	2020-10-27	4	CVE-2019-7291 MISC MISC
apple — airport_base_station_firmware	The issue was addressed with improved data deletion. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. A base station factory reset may not delete all user information.	2020-10-27	5	CVE-2019-8575 MISC MISC
apple — airport_base_station_firmware	Source-routed IPv4 packets were disabled by default. This issue is fixed in AirPort Base Station Firmware Update 7.8.1, AirPort Base Station Firmware Update 7.9.1. Source-routed IPv4 packets may be unexpectedly accepted.	2020-10-27	5	CVE-2019-8580 MISC MISC
apple — icloud	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	2020-10-27	6.8	CVE-2019-8728 MISC MISC MISC MISC MISC MISC MISC
apple — icloud	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 13, iCloud for Windows 7.14, iCloud for Windows 10.7, Safari 13, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	2020-10-27	6.8	CVE-2019-8734 MISC MISC MISC MISC MISC MISC MISC
apple — icloud	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	2020-10-27	6.8	CVE-2019-8751 MISC MISC MISC MISC MISC MISC MISC
apple — icloud	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution.	2020-10-27	6.8	CVE-2019-8639 MISC MISC MISC MISC MISC
apple — icloud	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in watchOS 5.2, iCloud for Windows 7.11, iOS 12.2, iTunes 12.9.4 for Windows, Safari 12.1. Processing maliciously crafted web content may lead to arbitrary code execution.	2020-10-27	6.8	CVE-2019-8638 MISC MISC MISC MISC MISC
apple — icloud	The HTTP referrer header may be used to leak browsing history. The issue was resolved by downgrading all third party referrers to their origin. This issue is fixed in Safari 13.0.3, iTunes 12.10.2 for Windows, iCloud for Windows 10.9.2, tvOS 13.2, iOS 13.2 and iPadOS 13.2, iCloud for Windows 7.15. Visiting a maliciously crafted website may reveal the sites a user has visited.	2020-10-27	4.3	CVE-2019-8827 MISC MISC MISC MISC MISC MISC
apple — icloud	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	2020-10-27	6.8	CVE-2019-8752 MISC MISC MISC MISC MISC MISC MISC
apple — icloud	Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, iCloud for Windows 7.14, tvOS 13, watchOS 6, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	2020-10-27	6.8	CVE-2019-8773 MISC MISC MISC MISC MISC MISC MISC
apple — icloud	This issue was addressed with improved checks. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An application may be able to gain elevated privileges.	2020-10-27	6.8	CVE-2019-8848 MISC MISC MISC MISC MISC MISC MISC
apple — icloud	A validation issue was addressed with improved logic. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, iCloud for Windows 10.7, tvOS 13, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to universal cross site scripting.	2020-10-27	4.3	CVE-2019-8762 MISC MISC MISC MISC MISC MISC
apple — icloud	A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13, iCloud for Windows 10.7, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iCloud for Windows 7.14, iTunes 12.10.1 for Windows. Processing maliciously crafted web content may lead to arbitrary code execution.	2020-10-27	6.8	CVE-2019-8825 MISC MISC MISC MISC MISC MISC
apple — icloud	A configuration issue was addressed with additional restrictions. This issue is fixed in tvOS 13.3, watchOS 6.1.1, iCloud for Windows 10.9, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra, iOS 13.3 and iPadOS 13.3, iTunes 12.10.3 for Windows, iCloud for Windows 7.16. An attacker in a privileged network position may be able to bypass HSTS for a limited number of specific top-level domains previously not in the HSTS preload list.	2020-10-27	4	CVE-2019-8834 MISC MISC MISC MISC MISC MISC MISC
apple — icloud	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iCloud for Windows 7.12, tvOS 12.3, iTunes 12.9.5 for Windows, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. Processing a maliciously crafted font may result in the disclosure of process memory.	2020-10-27	4.3	CVE-2019-8582 MISC MISC MISC MISC MISC
apple — icloud	A memory consumption issue was addressed with improved memory handling. This issue is fixed in iCloud for Windows 7.7, watchOS 5, Safari 12, iOS 12, iTunes 12.9 for Windows, tvOS 12. Unexpected interaction causes an ASSERT failure.	2020-10-27	5	CVE-2018-4474 MISC MISC MISC MISC MISC MISC
apple — icloud	A logic issue was addressed with improved state management. This issue is fixed in iOS 12.1.3, iCloud for Windows 7.10, iTunes 12.9.3 for Windows, Safari 12.0.3, tvOS 12.1.2. Processing maliciously crafted web content may disclose sensitive user information.	2020-10-27	4.3	CVE-2019-8570 MISC MISC MISC MISC MISC
apple — ipad_os	A resource exhaustion issue was addressed with improved input validation. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15. Parsing a maliciously crafted iBooks file may lead to a persistent denial-of-service.	2020-10-27	4.3	CVE-2019-8774 MISC MISC
apple — ipad_os	A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may lead to arbitrary code execution.	2020-10-27	6.8	CVE-2019-8706 MISC MISC MISC MISC MISC
apple — ipados	An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6. Processing a maliciously crafted audio file may disclose restricted memory.	2020-10-27	4.3	CVE-2019-8850 MISC MISC MISC MISC MISC
apple — ipados	A logic issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, iOS 12.4.3, watchOS 6.1, iOS 13.2 and iPadOS 13.2. AirDrop transfers may be unexpectedly accepted while in Everyone mode.	2020-10-27	4.3	CVE-2019-8796 MISC MISC MISC MISC
apple — ipados	An API issue existed in the handling of outgoing phone calls initiated with Siri. This issue was addressed with improved state handling. This issue is fixed in iOS 13.3 and iPadOS 13.3, watchOS 6.1.1, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. Calls made using Siri may be initiated using the wrong cellular plan on devices with two active plans.	2020-10-27	4.3	CVE-2019-8856 MISC MISC MISC
apple — ipados	This issue was addressed by verifying host keys when connecting to a previously-known SSH server. This issue is fixed in iOS 13.1 and iPadOS 13.1. An attacker in a privileged network position may be able to intercept SSH traffic from the “Run script over SSH” action.	2020-10-27	4	CVE-2019-8901 MISC
apple — iphone_os	This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15, watchOS 6, iOS 13, tvOS 13. Processing maliciously crafted web content may lead to a cross site scripting attack.	2020-10-27	4.3	CVE-2019-8753 MISC MISC MISC MISC
apple — iphone_os	A resource exhaustion issue was addressed with improved input validation. This issue is fixed in tvOS 12.1, iOS 12.1. Processing a maliciously crafted message may lead to a denial of service.	2020-10-27	4.3	CVE-2018-4381 MISC MISC
apple — iphone_os	A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15, tvOS 12.3, watchOS 5.2.1, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, iOS 13. Playing a malicious audio file may lead to arbitrary code execution.	2020-10-27	6.8	CVE-2019-8592 MISC MISC MISC MISC MISC MISC MISC MISC
apple — iphone_os	A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, tvOS 12.3, watchOS 5.2.1, macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3. An attacker in a privileged network position can modify driver state.	2020-10-27	4	CVE-2019-8612 MISC MISC MISC MISC MISC
apple — iphone_os	A memory corruption issue existed in the handling of IPv6 packets. This issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15, tvOS 13, macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, watchOS 6, iOS 13. A malicious application may be able to determine kernel memory layout.	2020-10-27	4.3	CVE-2019-8744 MISC MISC MISC MISC MISC
apple — iphone_os	A denial of service issue was addressed with improved validation. This issue is fixed in iOS 12.4, tvOS 12.4, watchOS 5.3. Processing a maliciously crafted image may lead to a denial of service.	2020-10-27	4.3	CVE-2019-8668 MISC MISC MISC
apple — iphone_os	An input validation issue was addressed with improved input validation. This issue is fixed in iOS 12.3, watchOS 5.2.1. Processing a maliciously crafted message may lead to a denial of service.	2020-10-27	4.3	CVE-2019-8664 MISC MISC
apple — iphone_os	A user privacy issue was addressed by removing the broadcast MAC address. This issue is fixed in macOS Catalina 10.15, watchOS 6, iOS 13, tvOS 13. A device may be passively tracked by its Wi-Fi MAC address.	2020-10-27	5	CVE-2019-8854 MISC MISC MISC MISC
apple — iphone_os	A denial of service issue was addressed with improved validation. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. Processing a maliciously crafted vcf file may lead to a denial of service.	2020-10-27	4.3	CVE-2019-8538 MISC MISC MISC
apple — iphone_os	A permissions issue was addressed by removing vulnerable code and adding additional checks. This issue is fixed in watchOS 5.2, iOS 12.2. A malicious application may be able to access restricted files.	2020-10-27	4.3	CVE-2019-8532 MISC MISC
apple — iphone_os	An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofing.	2020-10-27	4.3	CVE-2018-4391 MISC MISC MISC
apple — iphone_os	A logic issue was addressed with improved restrictions. This issue is fixed in watchOS 5.2, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.2. A sandboxed process may be able to circumvent sandbox restrictions.	2020-10-27	5	CVE-2019-8618 MISC MISC MISC
apple — iphone_os	A logic issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3. Users removed from an iMessage conversation may still be able to alter state.	2020-10-27	5	CVE-2019-8631 MISC MISC MISC
apple — iphone_os	A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, iOS 12.3, tvOS 12.3, watchOS 5.3. An application may be able to read restricted memory.	2020-10-27	5	CVE-2019-8633 MISC MISC MISC MISC
apple — iphone_os	An inconsistent user interface issue was addressed with improved state management. This issue is fixed in macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan, watchOS 4.3, iOS 12.1. Processing a maliciously crafted text message may lead to UI spoofing.	2020-10-27	4.3	CVE-2018-4390 MISC MISC MISC
apple — itunes	A logic issue was addressed with improved state management. This issue is fixed in Safari 12.0.2, iOS 12.1.1, tvOS 12.1.1, iTunes 12.9.2 for Windows. Processing maliciously crafted web content may disclose sensitive user information.	2020-10-27	4.3	CVE-2018-4444 MISC MISC MISC MISC
apple — itunes	An information disclosure issue existed in the handling of the Storage Access API. This issue was addressed with improved logic. This issue is fixed in iOS 13.3 and iPadOS 13.3, tvOS 13.3, Safari 13.0.4, iTunes 12.10.3 for Windows. Visiting a maliciously crafted website may reveal sites a user has visited.	2020-10-27	4.3	CVE-2019-8898 MISC MISC MISC MISC
apple — mac_os_x	This issue was addressed by removing additional entitlements. This issue is fixed in macOS Mojave 10.14.1, Security Update 2018-002 High Sierra, Security Update 2018-005 Sierra. A malicious application may be able to access restricted files.	2020-10-27	4.3	CVE-2018-4468 MISC
apple — mac_os_x	A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15. Processing maliciously crafted web content may lead to arbitrary code execution.	2020-10-27	6.8	CVE-2019-8826 MISC
apple — mac_os_x	An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.	2020-10-27	6.8	CVE-2020-9961 MISC
apple — mac_os_x	A validation issue existed in the handling of symlinks. This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted package may lead to arbitrary code execution.	2020-10-27	6.8	CVE-2019-6238 MISC
apple — mac_os_x	A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position can modify driver state.	2020-10-27	5	CVE-2019-8564 MISC
apple — mac_os_x	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.	2020-10-27	6.5	CVE-2019-8696 MISC
apple — mac_os_x	This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. Parsing a maliciously crafted text file may lead to disclosure of user information.	2020-10-27	4.3	CVE-2019-8761 MISC MISC
apple — mac_os_x	A cross-origin issue existed with “iframe” elements. This was addressed with improved tracking of security origins. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. A malicious HTML document may be able to render iframes with sensitive user information.	2020-10-27	4.3	CVE-2019-8754 MISC
apple — mac_os_x	An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. A malicious application may be able to overwrite arbitrary files.	2020-10-27	5.8	CVE-2020-3855 MISC
apple — mac_os_x	This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A malicious application may be able to elevate privileges.	2020-10-27	6.8	CVE-2019-8509 MISC MISC
apple — mac_os_x	A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.	2020-10-27	6.5	CVE-2019-8675 MISC
apple — mac_os_x	A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.3, Security Update 2019-001 High Sierra, Security Update 2019-001 Sierra, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra. A malicious application may be able to elevate privileges.	2020-10-27	6.8	CVE-2018-4467 MISC MISC
apple — mac_os_x	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. A local user may be able to cause unexpected system termination or read kernel memory.	2020-10-27	6.6	CVE-2019-8759 MISC MISC
apple — mac_os_x	This issue was addressed with improved checks This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra. An application may be able to trigger a sysdiagnose.	2020-10-27	4.3	CVE-2020-9786 MISC
apple — mac_os_x	An issue existed in the parsing of URLs. This issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra. A malicious website may be able to exfiltrate autofilled data in Safari.	2020-10-27	4.3	CVE-2020-9857 MISC
apple — mac_os_x	An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Catalina 10.15. A malicious application may be able to access restricted files.	2020-10-27	4.3	CVE-2019-8855 MISC
apple — mac_os_x	A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An application may be able to read restricted memory.	2020-10-27	4.3	CVE-2019-8853 MISC MISC
apple — mac_os_x	A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An attacker in a privileged position may be able to perform a denial of service attack.	2020-10-27	4.3	CVE-2019-8839 MISC
apple — mac_os_x	An input validation issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An application may be able to gain elevated privileges.	2020-10-27	4.6	CVE-2019-8579 MISC
apple — mac_os_x	An input validation issue was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. An attacker in a privileged network position may be able to leak sensitive user information.	2020-10-27	4	CVE-2019-8736 MISC MISC
apple — mac_os_x	A denial of service issue was addressed with improved validation. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15. An attacker in a privileged position may be able to perform a denial of service attack.	2020-10-27	4	CVE-2019-8737 MISC MISC
apple — mac_os_x	This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. A remote attacker may be able to unexpectedly alter application state.	2020-10-27	5	CVE-2020-9941 MISC
apple — mac_os_x	An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting access to encrypted data. This issue is fixed in macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. Encrypted data may be inappropriately accessed.	2020-10-27	5	CVE-2020-9774 MISC
apple — music	This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in Apple Music 3.4.0 for Android. A malicious application may be able to leak a user’s credentials.	2020-10-27	4.3	CVE-2020-9982 MISC
apple — safari	A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed in Safari 13.0.5. Processing a maliciously crafted URL may lead to arbitrary javascript code execution.	2020-10-27	5.8	CVE-2020-9860 MISC
apple — safari	This issue was addressed with improved iframe sandbox enforcement. This issue is fixed in Safari 13.0.1, iOS 13. Maliciously crafted web content may violate iframe sandboxing policy.	2020-10-27	4.3	CVE-2019-8771 MISC MISC
arubanetworks — airwave_glass	A remote escalation of privilege vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.	2020-10-26	6.5	CVE-2020-7125 MISC
arubanetworks — airwave_glass	A remote server-side request forgery (ssrf) vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.	2020-10-26	5	CVE-2020-7126 MISC
belkin — linksys_wrt_160nl_firmware	UNSUPPORTED WHEN ASSIGNED Belkin LINKSYS WRT160NL 1.0.04.002_US_20130619 devices have a stack-based buffer overflow vulnerability because of sprintf in create_dir in mini_httpd. Successful exploitation leads to arbitrary code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.	2020-10-23	6.5	CVE-2020-26561 MISC
checkpoint — zonealarm	Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware.	2020-10-27	4.6	CVE-2020-6023 MISC
fireeye — email_malware_protection_system	eMPS prior to eMPS 9.0 FireEye EX 3500 devices allows remote authenticated users to conduct SQL injection attacks via the sort, sort_by, search{URL], or search[attachment] parameter to the email search feature.	2020-10-26	4	CVE-2020-25034 MISC
fruitywifi_project — fruitywifi	A Cross-Site Request Forgery (CSRF) vulnerability is identified in FruityWifi through 2.4. Due to a lack of CSRF protection in page_config_adv.php, an unauthenticated attacker can lure the victim to visit his website by social engineering or another attack vector. Due to this issue, an unauthenticated attacker can change the newSSID and hostapd_wpa_passphrase.	2020-10-23	4.3	CVE-2020-24847 MISC
getgophish — gophish	Gophish through 0.10.1 does not invalidate the gophish cookie upon logout.	2020-10-28	5	CVE-2020-24713 MISC
getgophish — gophish	Gophish before 0.11.0 allows SSRF attacks.	2020-10-28	5	CVE-2020-24710 MISC MISC MISC
getgophish — gophish	The Reset button on the Account Settings page in Gophish before 0.11.0 allows attackers to cause a denial of service via a clickjacking attack	2020-10-28	4.3	CVE-2020-24711 MISC MISC MISC
git-tag-annotation-action_project — git-tag-annotation-action	In the git-tag-annotation-action (open source GitHub Action) before version 1.0.1, an attacker can execute arbitrary (*) shell commands if they can control the value of [the `tag` input] or manage to alter the value of [the `GITHUB_REF` environment variable]. The problem has been patched in version 1.0.1. If you don’t use the `tag` input you are most likely safe. The `GITHUB_REF` environment variable is protected by the GitHub Actions environment so attacks from there should be impossible. If you must use the `tag` input and cannot upgrade to `> 1.0.0` make sure that the value is not controlled by another Action.	2020-10-26	6.5	CVE-2020-15272 MISC MISC CONFIRM
grafana — grafana	Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.	2020-10-28	4.3	CVE-2020-24303 MISC MISC
hp — bluedata_epic	The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized interception and/or retrieval. Specifically, they display the kdc_admin_password in the source file of the url “/bdswebui/assignusers/”.	2020-10-26	4	CVE-2020-7196 MISC
ibm — i2_ibase	IBM i2 iBase 8.9.13 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 184574.	2020-10-30	5	CVE-2020-4584 XF CONFIRM
ibm — i2_ibase	IBM i2 iBase 8.9.13 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 184579.	2020-10-30	6.8	CVE-2020-4588 XF CONFIRM
ibm — security_directory_server	IBM Security Directory Server 6.4.0 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 166624.	2020-10-29	5	CVE-2019-4563 XF CONFIRM
ibm — security_directory_server	IBM Security Directory Server 6.4.0 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 165949.	2020-10-29	5	CVE-2019-4547 XF CONFIRM
ibm — sterling_connect	IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. Bysending a specially crafted request, the attacker could cause the application to crash. IBM X-Force ID: 188906.	2020-10-28	5	CVE-2020-4767 XF CONFIRM
ibm — websphere_application_server	IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing “dot dot” sequences (/../) to view arbitrary files on the system.	2020-10-28	4	CVE-2020-4782 XF CONFIRM
iobit — malware_fighter	An issue exits in IOBit Malware Fighter version 8.0.2.547. Local escalation of privileges is possible by dropping a malicious DLL file into the WindowsApps folder.	2020-10-27	6.9	CVE-2020-23864 MISC
konzept-ix — publixone	konzept-ix publiXone before 2020.015 allows attackers to download files by iterating over the IXCopy fileID parameter.	2020-10-27	5	CVE-2020-27180 MISC MISC
konzept-ix — publixone	A hardcoded AES key in CipherUtils.java in the Java applet of konzept-ix publiXone before 2020.015 allows attackers to craft password-reset tokens or decrypt server-side configuration files.	2020-10-27	6.4	CVE-2020-27181 MISC MISC
konzept-ix — publixone	Multiple cross-site scripting (XSS) vulnerabilities in konzept-ix publiXone before 2020.015 allow remote attackers to inject arbitrary JavaScript or HTML via appletError.jsp, job_jacket_detail.jsp, ixedit/editor_component.jsp, or the login form.	2020-10-27	4.3	CVE-2020-27182 MISC MISC
motion_project — motion	A Denial of Service condition in Motion-Project Motion 3.2 through 4.3.1 allows remote unauthenticated users to cause a webu.c segmentation fault and kill the main process via a crafted HTTP request.	2020-10-26	5	CVE-2020-26566 MISC MISC MISC
neopost — neopost_mail_accounting	NeoPost Mail Accounting Software Pro 5.0.6 allows php/Commun/FUS_SCM_BlockStart.php?code= XSS.	2020-10-28	4.3	CVE-2020-27974 MISC
netapp — clustered_data_ontap	Clustered Data ONTAP versions 9.7 through 9.7P7 are susceptible to a vulnerability which allows an attacker with access to an intercluster LIF to cause a Denial of Service (DoS).	2020-10-27	5	CVE-2020-8579 MISC
npmjs — npm-user-validate	This affects the package npm-user-validate before 1.0.1. The regex that validates user emails took exponentially longer to process long input strings beginning with @ characters.	2020-10-27	5	CVE-2020-7754 CONFIRM CONFIRM CONFIRM CONFIRM
nvidia — geforce_experience	NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web Helper NodeJS Web Server in which an uncontrolled search path is used to load a node module, which may lead to code execution, denial of service, escalation of privileges, and information disclosure.	2020-10-23	4.4	CVE-2020-5977 CONFIRM
nvidia — geforce_experience	NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure.	2020-10-23	4.6	CVE-2020-5990 CONFIRM
nvidia — geforce_experience	NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services in which a folder is created by nvcontainer.exe under normal user login with LOCAL_SYSTEM privileges which may lead to a denial of service or escalation of privileges.	2020-10-23	4.6	CVE-2020-5978 CONFIRM
octopus — octopus_deploy	In Octopus Deploy through 2020.4.2, an attacker could redirect users to an external site via a modified HTTP Host header.	2020-10-26	5.8	CVE-2020-26161 MISC MISC
open-xchange — open-xchange_appsuite	OX App Suite through 7.10.3 allows SSRF via the the /ajax/messaging/message message API.	2020-10-23	4	CVE-2020-15002 CONFIRM MISC
open-xchange — open-xchange_appsuite	OX App Suite through 7.10.3 allows Information Exposure because a user can obtain the IP address and User-Agent string of a different user (via the session API during shared Drive access).	2020-10-23	4	CVE-2020-15003 CONFIRM MISC
oscommerce — oscommerce	osCommerce Phoenix CE before 1.0.5.4 allows admin/define_language.php CSRF.	2020-10-28	6.8	CVE-2020-27975 MISC
pulsesecure — pulse_secure_desktop_client	A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction.	2020-10-28	6.5	CVE-2020-8260 MISC
pulsesecure — pulse_secure_desktop_client	A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege.	2020-10-28	4.6	CVE-2020-8250 MISC
pulsesecure — pulse_secure_desktop_client	A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to escalate privilege.	2020-10-28	4.6	CVE-2020-8248 MISC
pulsesecure — pulse_secure_desktop_client	A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary file reading vulnerability is fixed using encrypted URL blacklisting that prevents these messages.	2020-10-28	4	CVE-2020-8255 MISC
sonicwall — global_vpn_client	SonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading (DLL hijacking) vulnerability. Successful exploitation could lead to remote code execution in the target system.	2020-10-28	6.9	CVE-2020-5145 CONFIRM
systeminformation — systeminformation	This affects the package systeminformation before 4.27.11. This package is vulnerable to Command Injection. The attacker can concatenate curl’s parameters to overwrite Javascript files and then execute any OS commands.	2020-10-26	6.5	CVE-2020-7752 CONFIRM CONFIRM CONFIRM
thembay — greenmart	The search functionality of the Greenmart theme 2.4.2 for WordPress is vulnerable to XSS.	2020-10-27	4.3	CVE-2020-16140 MISC
trim_project — trim	All versions of package trim are vulnerable to Regular Expression Denial of Service (ReDoS) via trim().	2020-10-27	5	CVE-2020-7753 MISC MISC MISC MISC
verifone — mx900_firmware	Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have a race condition for RBAC bypass.	2020-10-23	4.4	CVE-2019-14711 MISC
verifone — mx900_firmware	Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager.	2020-10-23	4.6	CVE-2019-14719 MISC
verifone — mx900_firmware	Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbitrary command injection and privilege escalation.	2020-10-23	4.6	CVE-2019-14718 MISC
verifone — p400_firmware	Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation.	2020-10-23	4.6	CVE-2019-14715 MISC
verifone — verix_os	Verifone VerixV Pinpad Payment Terminals with QT000530 have an undocumented physical access mode (aka VerixV shell.out).	2020-10-23	4.6	CVE-2019-14716 MISC
verifone — verix_os	Verifone VerixV Pinpad Payment Terminals with QT000530 allow bypass of integrity and origin control for S1G file generation.	2020-10-23	4.6	CVE-2019-14712 MISC
verifone — verix_os	Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 have a Buffer Overflow via the Run system call.	2020-10-23	4.6	CVE-2019-14717 MISC
victor_cms_project — victor_cms	A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the database.	2020-10-27	5	CVE-2020-23945 MISC
vmware — horizon_client	VMware Horizon Client for Windows (5.x prior to 5.5.0) contains an information disclosure vulnerability. A malicious attacker with local privileges on the machine where Horizon Client for Windows is installed may be able to retrieve hashed credentials if the client crashes.	2020-10-23	4	CVE-2020-3998 MISC

Low Vulnerabilities

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
apple — ipados	A trust issue was addressed by removing a legacy API. This issue is fixed in iOS 14.0 and iPadOS 14.0, tvOS 14.0. An attacker may be able to misuse a trust relationship to download malicious content.	2020-10-27	2.1	CVE-2020-9979 MISC MISC
apple — ipados	This issue was resolved by replacing device names with a random identifier. This issue is fixed in iOS 13.1 and iPadOS 13.1, macOS Catalina 10.15, watchOS 6, tvOS 13. An attacker in physical proximity may be able to passively observe device names in AWDL communications.	2020-10-27	2.1	CVE-2019-8799 MISC MISC MISC MISC
apple — ipados	A validation issue was addressed with improved logic. This issue is fixed in macOS Catalina 10.15, iOS 13.1 and iPadOS 13.1, tvOS 13, watchOS 6, iOS 13. A local app may be able to read a persistent account identifier.	2020-10-27	2.1	CVE-2019-8809 MISC MISC MISC MISC MISC
apple — iphone_os	A lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 12.1.1. A local attacker may be able to share items from the lock screen.	2020-10-27	3.6	CVE-2018-4428 MISC
apple — iphone_os	This issue was addressed with a new entitlement. This issue is fixed in iOS 12.1. A local user may be able to read a persistent device identifier.	2020-10-27	2.1	CVE-2018-4339 MISC
apple — iphone_os	The issue was addressed with improved data deletion. This issue is fixed in iOS 13. Deleted calls remained visible on the device.	2020-10-27	2.1	CVE-2019-8732 MISC
apple — iphone_os	A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006, macOS Catalina 10.15, iOS 13. A local user may be able to check for the existence of arbitrary files.	2020-10-27	2.1	CVE-2019-8708 MISC MISC MISC
apple — iphone_os	A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, iOS 12.1.1, watchOS 5.1.2, macOS Mojave 10.14.2, Security Update 2018-003 High Sierra, Security Update 2018-006 Sierra, tvOS 12.1.1. A local user may be able to read kernel memory.	2020-10-27	2.1	CVE-2018-4448 MISC MISC MISC MISC MISC
apple — iphone_os	A configuration issue was addressed with additional restrictions. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra, watchOS 5, iOS 12, tvOS 12, macOS Mojave 10.14. A malicious application may be able to modify protected parts of the file system.	2020-10-27	2.1	CVE-2018-4433 MISC MISC MISC MISC MISC
apple — mac_os_x	A lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. A local attacker may be able to view contacts from the lock screen.	2020-10-27	2.1	CVE-2019-8777 MISC
apple — mac_os_x	A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. In certain configurations, a remote attacker may be able to submit arbitrary print jobs.	2020-10-27	2.6	CVE-2019-8842 MISC
checkpoint — zonealarm	Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files while restoring files in Anti-Ransomware.	2020-10-27	3.6	CVE-2020-6022 MISC
comtrend — ar-5387un_firmware	A cross-site scripting (XSS) vulnerability on Comtrend AR-5387un devices with A731-410JAZ-C04_R02.A2pD035g.d23i firmware allows remote attackers to inject arbitrary web script or HTML via the Service Description parameter while creating a WAN service.	2020-10-23	3.5	CVE-2018-8062 MISC
getgophish — gophish	Cross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via the Host field on the send profile form.	2020-10-28	3.5	CVE-2020-24708 MISC MISC
getgophish — gophish	Cross Site Scripting (XSS) vulnerability in Gophish before 0.11.0 via the IMAP Host field on the account settings page.	2020-10-28	3.5	CVE-2020-24712 MISC MISC MISC
getgophish — gophish	Cross Site Scripting (XSS) vulnerability in Gophish through 0.10.1 via a crafted landing page or email template.	2020-10-28	3.5	CVE-2020-24709 MISC
ibm — resilient_security_orchestration_automation_and_response	IBM Resilient SOAR V38.0 could allow an attacker on the internal net work to provide the server with a spoofed source IP address. IBM X-Force ID: 190567.	2020-10-29	3.3	CVE-2020-4864 XF CONFIRM
open-xchange — open-xchange_appsuite	OX App Suite through 7.10.3 allows stats/diagnostic?param= XSS.	2020-10-23	3.5	CVE-2020-15004 MISC MISC
openr — opentmpfiles	opentmpfiles through 0.3.1 allows local users to take ownership of arbitrary files because d entries are mishandled and allow a symlink attack.	2020-10-26	2.1	CVE-2017-18925 MISC
pulsesecure — pulse_secure_desktop	Pulse Secure Desktop Client 9.0Rx before 9.0R5 and 9.1Rx before 9.1R4 on Windows reveals users’ passwords if Save Settings is enabled.	2020-10-27	1.9	CVE-2020-8956 MISC
pulsesecure — pulse_secure_desktop_client	A vulnerability in the authenticated user web interface of Pulse Connect Secure < 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) through the CGI file.	2020-10-28	3.5	CVE-2020-8263 MISC
requarks — wiki.js	In Wiki.js before version 2.5.162, an XSS payload can be injected in a page title and executed via the search results. While the title is properly escaped in both the navigation links and the actual page title, it is not the case in the search results. Commit a57d9af34c15adbf460dde6553d964efddf433de fixes this vulnerability (version 2.5.162) by properly escaping the text content displayed in the search results.	2020-10-26	3.5	CVE-2020-15274 MISC MISC CONFIRM
verifone — mx900_firmware	Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow installation of unsigned packages.	2020-10-23	2.1	CVE-2019-14713 MISC
vmware — horizon	VMware Horizon Server (7.x prior to 7.10.3 or 7.13.0) contains a Cross Site Scripting (XSS) vulnerability. Successful exploitation of this issue may allow an attacker to inject malicious script which will be executed.	2020-10-23	3.5	CVE-2020-3997 MISC
yourls — yourls	Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel, Versions 1.5 – 1.7.10. An authenticated user must modify a PHP plugin with a malicious payload and upload it, resulting in multiple stored XSS issues.	2020-10-23	3.5	CVE-2020-27388 MISC MISC MISC
zte — evdc	A ZTE product is impacted by an XSS vulnerability. The vulnerability is caused by the lack of correct verification of client data in the WEB module. By inserting malicious scripts into the web module, a remote attacker could trigger an XSS attack when the user browses the web page. Then the attacker could use the vulnerability to steal user cookies or destroy the page structure. This affects: eVDC ZXCLOUD-iROSV6.03.04	2020-10-26	3.5	CVE-2020-6876 MISC

Severity Not Yet Assigned

Primary Vendor — Product	Description	Published	CVSS Score	Source & Patch Info
apple — ios_and_ipados	The issue was addressed with improved validation when an iCloud Link is created. This issue is fixed in iOS 13.3 and iPadOS 13.3. Live Photo audio and video data may be shared via iCloud links even if Live Photo is disabled in the Share Sheet carousel.	2020-10-27	not yet calculated	CVE-2019-8857 MISC
apple — macos	A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A Mac may not lock immediately upon wake.	2020-10-27	not yet calculated	CVE-2019-8851 MISC
apple — macos	A logic issue was addressed with improved validation. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra. A sandboxed process may be able to circumvent sandbox restrictions.	2020-10-27	not yet calculated	CVE-2019-8640 MISC
apple — macos	A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra, macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An application may be able to execute arbitrary code with system privileges.	2020-10-27	not yet calculated	CVE-2019-8569 MISC MISC
apple — macos	An issue existed in the handling of S-MIME certificates. This issue was addressed with improved validation of S-MIME certificates. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. Processing a maliciously crafted mail message may lead to S/MIME signature spoofing.	2020-10-27	not yet calculated	CVE-2019-8642 MISC
apple — macos	A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. A remote attacker may be able to overwrite existing files.	2020-10-27	not yet calculated	CVE-2020-9782 MISC
apple — macos	An issue existed in the handling of encrypted Mail. This issue was addressed with improved isolation of MIME in Mail. This issue is fixed in macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra. An attacker in a privileged network position may be able to intercept the contents of S/MIME-encrypted e-mail.	2020-10-27	not yet calculated	CVE-2019-8645 MISC
apple — macos	A use after free issue was addressed with improved memory management. This issue is fixed in macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra, macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra. An application may be able to gain elevated privileges.	2020-10-27	not yet calculated	CVE-2020-3851 MISC MISC
apple — macos	This was addressed with additional checks by Gatekeeper on files mounted through a network share. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. Extracting a zip file containing a symbolic link to an endpoint in an NFS mount that is attacker controlled may bypass Gatekeeper.	2020-10-27	not yet calculated	CVE-2019-8656 MISC
apple — macos	This issue is fixed in macOS Mojave 10.14. A permissions issue existed in DiskArbitration. This was addressed with additional ownership checks.	2020-10-27	not yet calculated	CVE-2018-4296 MISC
apple — macos_catalina	A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10.15.1, Security Update 2019-001, and Security Update 2019-006. A user who shares their screen may not be able to end screen sharing.	2020-10-27	not yet calculated	CVE-2019-8858 MISC
apple — multiple_products	A memory corruption issue was addressed with improved validation. This issue is fixed in Safari 13.0.1, iOS 13.1 and iPadOS 13.1, tvOS 13. Processing maliciously crafted web content may lead to arbitrary code execution.	2020-10-27	not yet calculated	CVE-2020-9932 MISC MISC MISC
apple — safari	A logic issue was addressed with improved validation. This issue is fixed in Safari 13.0.5. A URL scheme may be incorrectly ignored when determining multimedia permission for a website.	2020-10-27	not yet calculated	CVE-2020-3852 MISC
apple — swift_for_ubuntu	This issue was addresses by updating incorrect URLSession file descriptors management logic to match Swift 5.0. This issue is fixed in Swift 5.1.1 for Ubuntu. Incorrect management of file descriptors in URLSession could lead to inadvertent data disclosure.	2020-10-27	not yet calculated	CVE-2019-8790 MISC
apple — xcode	An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 11.3. Compiling with untrusted sources may lead to arbitrary code execution with user privileges.	2020-10-27	not yet calculated	CVE-2019-8840 MISC
arista — cloudvision_exchange_server	Arista’s CloudVision eXchange (CVX) server before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (crash and restart) in the ControllerOob agent via a malformed control-plane packet.	2020-10-26	not yet calculated	CVE-2020-13100 CONFIRM
arista — eos	Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause traffic loss or incorrect forwarding of traffic via a malformed link-state PDU to the IS-IS router.	2020-10-26	not yet calculated	CVE-2020-15897 CONFIRM
basercms — basercms	baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. The issue affects the following components: Edit feed settings, Edit widget area, Sub site new registration, New category registration. Arbitrary JavaScript may be executed by entering specific characters in the account that can access the file upload function category list, subsite setting list, widget area edit, and feed list on the management screen. The issue was introduced in version 4.0.0. It is fixed in version 4.4.1.	2020-10-30	not yet calculated	CVE-2020-15273 MISC CONFIRM MISC
basercms — basercms	baserCMS before version 4.4.1 is vulnerable to Cross-Site Scripting. Arbitrary JavaScript may be executed by entering a crafted nickname in blog comments. The issue affects the blog comment component. It is fixed in version 4.4.1.	2020-10-30	not yet calculated	CVE-2020-15276 MISC MISC CONFIRM
basercms — basercms	baserCMS before version 4.4.1 is affected by Remote Code Execution (RCE). Code may be executed by logging in as a system administrator and uploading an executable script file such as a PHP file. The Edit template component is vulnerable. The issue is fixed in version 4.4.1.	2020-10-30	not yet calculated	CVE-2020-15277 MISC MISC CONFIRM
broadleaf_commerce — broadleaf_framework	Broadleaf Commerce 5.1.14-GA is affected by cross-site scripting (XSS) due to a slow HTTP post vulnerability.	2020-10-29	not yet calculated	CVE-2020-21266 MISC
canonical — ubuntu	There is no input validation on the Locale property in an apt transaction. An unprivileged user can supply a full path to a writable directory, which lets aptd read a file as root. Having a symlink in place results in an error message if the file exists, and no error otherwise. This way an unprivileged user can check for the existence of any files on the system as root.	2020-10-31	not yet calculated	CVE-2020-15703 CONFIRM MISC
chart.js — chart.js	This affects the package chart.js before 2.9.4. The options parameter is not properly sanitized when it is processed. When the options are processed, the existing options (or the defaults options) are deeply merged with provided options. However, during this operation, the keys of the object being set are not checked, leading to a prototype pollution.	2020-10-29	not yet calculated	CVE-2020-7746 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
citadel — webcit	Citadel WebCit through 926 allows unauthenticated remote attackers to enumerate valid users within the platform. NOTE: this was reported to the vendor in a publicly archived “Multiple Security Vulnerabilities in WebCit 926” thread.	2020-10-28	not yet calculated	CVE-2020-27740 MISC MISC
citadel — webcit	Multiple cross-site scripting (XSS) vulnerabilities in Citadel WebCit through 926 allow remote attackers to inject arbitrary web script or HTML via multiple pages and parameters. NOTE: this was reported to the vendor in a publicly archived “Multiple Security Vulnerabilities in WebCit 926” thread.	2020-10-28	not yet calculated	CVE-2020-27741 MISC MISC
citadel — webcit	An Insecure Direct Object Reference vulnerability in Citadel WebCit through 926 allows authenticated remote attackers to read someone else’s emails via the msg_confirm_move template. NOTE: this was reported to the vendor in a publicly archived “Multiple Security Vulnerabilities in WebCit 926” thread.	2020-10-28	not yet calculated	CVE-2020-27742 MISC MISC
citadel — webcit	A Weak Session Management vulnerability in Citadel WebCit through 926 allows unauthenticated remote attackers to hijack recently logged-in users’ sessions. NOTE: this was reported to the vendor in a publicly archived “Multiple Security Vulnerabilities in WebCit 926” thread.	2020-10-28	not yet calculated	CVE-2020-27739 MISC MISC
click_studios — passwordstate	An issue was discovered in Click Studios Passwordstate 8.9 (Build 8973).If the user of the system has assigned himself a PIN code for entering from a mobile device using the built-in generator (4 digits), a remote attacker has the opportunity to conduct a brute force attack on this PIN code. As result, remote attacker retrieves all passwords from another systems, available for affected account.	2020-10-29	not yet calculated	CVE-2020-27747 MISC MISC
codemirror — codemirror	This affects the package codemirror before 5.58.2; the package org.apache.marmotta.webjars:codemirror before 5.58.2. The vulnerable regular expression is located in https://github.com/codemirror/CodeMirror/blob/cdb228ac736369c685865b122b736cd0d397836c/mode/javascript/javascript.jsL129. The ReDOS vulnerability of the regex is mainly due to the sub-pattern (s\|/.?/)	2020-10-30	not yet calculated	CVE-2020-7760 CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM
commscope — ruckus	Ruckus through 1.5.1.0.21 is affected by remote command injection. An authenticated user can submit a query to the API (/service/v1/createUser endpoint), injecting arbitrary commands that will be executed as root user via web.py.	2020-10-26	not yet calculated	CVE-2020-26878 MISC MISC MISC CONFIRM MISC MISC
commscope — rukus_vriot	Ruckus vRioT through 1.5.1.0.21 has an API backdoor that is hardcoded into validate_token.py. An unauthenticated attacker can interact with the service API by using a backdoor value as the Authorization header.	2020-10-26	not yet calculated	CVE-2020-26879 MISC MISC MISC CONFIRM MISC MISC
commvault — commcell	In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder.	2020-10-29	not yet calculated	CVE-2020-25780 MISC
cyberark — privileged_session_manager	CyberArk Privileged Session Manager (PSM) 10.9.0.15 allows attackers to discover internal pathnames by reading an error popup message after two hours of idle time.	2020-10-28	not yet calculated	CVE-2020-25374 MISC MISC
dat.gui — dat.gui	All versions of package dat.gui are vulnerable to Regular Expression Denial of Service (ReDoS) via specifically crafted rgb and rgba values.	2020-10-27	not yet calculated	CVE-2020-7755 MISC MISC
debian — blueman	Blueman is a GTK+ Bluetooth Manager. In Blueman before 2.1.4, the DhcpClient method of the D-Bus interface to blueman-mechanism is prone to an argument injection vulnerability. The impact highly depends on the system configuration. If Polkit-1 is disabled and for versions lower than 2.0.6, any local user can possibly exploit this. If Polkit-1 is enabled for version 2.0.6 and later, a possible attacker needs to be allowed to use the `org.blueman.dhcp.client` action. That is limited to users in the wheel group in the shipped rules file that do have the privileges anyway. On systems with ISC DHCP client (dhclient), attackers can pass arguments to `ip link` with the interface name that can e.g. be used to bring down an interface or add an arbitrary XDP/BPF program. On systems with dhcpcd and without ISC DHCP client, attackers can even run arbitrary scripts by passing `-c/path/to/script` as an interface name. Patches are included in 2.1.4 and master that change the DhcpClient D-Bus method(s) to accept BlueZ network object paths instead of network interface names. A backport to 2.0(.8) is also available. As a workaround, make sure that Polkit-1-support is enabled and limit privileges for the `org.blueman.dhcp.client` action to users that are able to run arbitrary commands as root anyway in /usr/share/polkit-1/rules.d/blueman.rules.	2020-10-27	not yet calculated	CVE-2020-15238 MISC MISC MISC CONFIRM DEBIAN
eyesofnetwork — eonweb	An issue was discovered in EyesOfNetwork eonweb 5.3-7 through 5.3-8. The eonweb web interface is prone to a SQL injection, allowing an unauthenticated attacker to exploit the username_available function of the includes/functions.php file (which is called by login.php).	2020-10-29	not yet calculated	CVE-2020-27886 MISC MISC MISC
eyesofnetwork — eonweb	An issue was discovered in EyesOfNetwork 5.3 through 5.3-8. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the nmap_binary parameter to lilac/autodiscovery.php.	2020-10-29	not yet calculated	CVE-2020-27887 MISC MISC MISC
f5 — big-ip	On BIG-IP LTM 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.1, the Traffic Management Microkernel (TMM) process may consume excessive resources when processing SSL traffic and client authentication are enabled on the client SSL profile.	2020-10-29	not yet calculated	CVE-2020-5936 MISC
f5 — big-ip	On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels with configured, authenticated peers, the peer may negotiate a different key length than the BIG-IP configuration would otherwise allow.	2020-10-29	not yet calculated	CVE-2020-5938 MISC
f5 — big-ip	On BIG-IP AFM 15.1.0-15.1.0.5, the Traffic Management Microkernel (TMM) may produce a core file while processing layer 4 (L4) behavioral denial-of-service (DoS) traffic.	2020-10-29	not yet calculated	CVE-2020-5937 MISC
f5 — big-ip	On BIG-IP 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, Virtual servers with a OneConnect profile may incorrectly handle WebSockets related HTTP response headers, causing TMM to restart.	2020-10-29	not yet calculated	CVE-2020-5931 MISC
f5 — big-ip	On BIG-IP ASM 15.1.0-15.1.0.5, a cross-site scripting (XSS) vulnerability exists in the BIG-IP ASM Configuration utility response and blocking pages. An authenticated user with administrative privileges can specify a response page with any content, including JavaScript code that will be executed when preview is opened.	2020-10-29	not yet calculated	CVE-2020-5932 MISC
f5 — big-ip	On BIG-IP APM 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when multiple HTTP requests from the same client to configured SAML Single Logout (SLO) URL are passing through a TCP Keep-Alive connection, traffic to TMM can be disrupted.	2020-10-29	not yet calculated	CVE-2020-5934 MISC
f5 — big-ip	On BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when handling MQTT traffic through a BIG-IP virtual server associated with an MQTT profile and an iRule performing manipulations on that traffic, TMM may produce a core file.	2020-10-29	not yet calculated	CVE-2020-5935 MISC
f5 — big-ip	On versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, when a BIG-IP system that has a virtual server configured with an HTTP compression profile processes compressed HTTP message payloads that require deflation, a Slowloris-style attack can trigger an out-of-memory condition on the BIG-IP system.	2020-10-29	not yet calculated	CVE-2020-5933 MISC
facebook — hermes	An out-of-bounds read in the JavaScript Interpreter in Facebook Hermes prior to commit 8cb935cd3b2321c46aa6b7ed8454d95c75a7fca0 allows attackers to cause a denial of service attack or possible further memory corruption via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected.	2020-10-26	not yet calculated	CVE-2020-1915 CONFIRM CONFIRM
fastreport — fastreport	An issue was discovered in FastReport before 2020.4.0. It lacks a ScriptSecurity feature and therefore may mishandle (for example) GetType, typeof, TypeOf, DllImport, LoadLibrary, and GetProcAddress.	2020-10-29	not yet calculated	CVE-2020-27998 MISC MISC MISC
firefly_iii — firefly_iii	An XSS vulnerability in the auto-complete function of the description field (for new or edited transactions) in Firefly III before 5.4.5 allows the user to execute JavaScript via suggested transaction titles. NOTE: this is exploitable only in a non-default configuration where Content Security Policy headers are disabled.	2020-10-28	not yet calculated	CVE-2020-27981 MISC MISC
genexis — platnium-4410-v2-1.28_devices	Genexis Platinum-4410 P4410-V2-1.28 devices allow stored XSS in the WLAN SSID parameter. This could allow an attacker to perform malicious actions in which the XSS popup will affect all privileged users.	2020-10-28	not yet calculated	CVE-2020-27980 MISC MISC
god_kings — god_kings	The God Kings application 0.60.1 for Android exposes a broadcast receiver to other apps called com.innogames.core.frontend.notifications.receivers.LocalNotificationBroadcastReceiver. The purpose of this broadcast receiver is to show an in-game push notification to the player. However, the application does not enforce any authorization schema on the broadcast receiver, allowing any application to send fully customizable in-game push notifications.	2020-10-28	not yet calculated	CVE-2020-25204 MISC
hewlett_packard — storeserv_management_console	SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the managed arrays. HPE has provided an update to HPE StoreServ Management Console (SSMC) software 3.7.0.0* Upgrade to HPE 3PAR StoreServ Management Console 3.7.1.1 or later.	2020-10-26	not yet calculated	CVE-2020-7197 MISC
hrsale — hrsale	Hrsale 2.0.0 allows download?type=files&filename=../ directory traversal to read arbitrary files.	2020-10-29	not yet calculated	CVE-2020-27993 MISC
lookatme — lookatme	In lookatme (python/pypi package) versions prior to 2.3.0, the package automatically loaded the built-in “terminal” and “file_loader” extensions. Users that use lookatme to render untrusted markdown may have malicious shell commands automatically run on their system. This is fixed in version 2.3.0. As a workaround, the `lookatme/contrib/terminal.py` and `lookatme/contrib/file_loader.py` files may be manually deleted. Additionally, it is always recommended to be aware of what is being rendered with lookatme.	2020-10-26	not yet calculated	CVE-2020-15271 MISC MISC MISC CONFIRM MISC
mediawiki — mediawiki	The RandomGameUnit extension for MediaWiki through 1.35 was not properly escaping various title-related data. When certain varieties of games were created within MediaWiki, their names or titles could be manipulated to generate stored XSS within the RandomGameUnit extension.	2020-10-28	not yet calculated	CVE-2020-27957 MISC MISC
micro_focus — multiple_products	Code execution with escalated privileges vulnerability in Micro Focus products Operation Bridge Manager and Operation Bridge (containerized). The vulneravility affects: 1.) Operation Bridge Manager versions: 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) versions: 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. The vulnerability could allow local attackers to execute code with escalated privileges.	2020-10-27	not yet calculated	CVE-2020-11858 MISC MISC MISC
micro_focus — multiple_products	Arbitrary code execution vlnerability in Operation bridge Manager, Application Performance Management and Operations Bridge (containerized) vulnerability in Micro Focus products products Operation Bridge Manager, Operation Bridge (containerized) and Application Performance Management. The vulneravility affects: 1.) Operation Bridge Manager versions 2020.05, 2019.11, 2019.05, 2018.11, 2018.05, 10.63,10.62, 10.61, 10.60, 10.12, 10.11, 10.10 and all earlier versions. 2.) Operations Bridge (containerized) 2020.05, 2019.08, 2019.05, 2018.11, 2018.08, 2018.05. 2018.02 and 2017.11. 3.) Application Performance Management versions 9,51, 9.50 and 9.40 with uCMDB 10.33 CUP 3. The vulnerability could allow Arbitrary code execution.	2020-10-27	not yet calculated	CVE-2020-11854 MISC MISC MISC MISC
mozilla — firefox	When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox < 80 and Firefox for Android < 80.	2020-10-28	not yet calculated	CVE-2020-6829 MISC MISC MISC
nvida — dgx_servers	NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which software allows an attacker to upload or transfer files that can be automatically processed within the product’s environment, which may lead to remote code execution.	2020-10-29	not yet calculated	CVE-2020-11486 CONFIRM
nvida — dgx_servers	NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which the Pseudo-Random Number Generator (PRNG) algorithm used in the JSOL package that implements the IPMI protocol is not cryptographically strong, which may lead to information disclosure.	2020-10-29	not yet calculated	CVE-2020-11616 CONFIRM
nvida — dgx_servers	NVIDIA DGX servers, DGX-1 with BMC firmware versions prior to 3.38.30. DGX-2 with BMC firmware versions prior to 1.06.06 and all DGX A100 Servers with all BMC firmware versions, contains a vulnerability in the AMI BMC firmware in which the use of a hard-coded RSA 1024 key with weak ciphers may lead to information disclosure.	2020-10-29	not yet calculated	CVE-2020-11487 CONFIRM
nvida — dgx_servers	NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a vulnerability in the AMI BMC firmware in which an attacker with administrative privileges can obtain the hash of the BMC/IPMI user password, which may lead to information disclosure.	2020-10-29	not yet calculated	CVE-2020-11484 CONFIRM
nvida — dgx_servers	NVIDIA DGX servers, all BMC firmware versions prior to 3.38.30, contain a vulnerability in the AMI BMC firmware in which it uses a hard-coded RC4 cipher key, which may lead to information disclosure.	2020-10-29	not yet calculated	CVE-2020-11615 CONFIRM
nvida — dgx_servers	NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contain a vulnerability in the AMI BMC firmware in which default SNMP community strings are used, which may lead to information disclosure.	2020-10-29	not yet calculated	CVE-2020-11489 CONFIRM
nvida — dgx_servers	NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30, contains a Cross-Site Request Forgery (CSRF) vulnerability in the AMI BMC firmware in which the web application does not sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request, which can lead to information disclosure or code execution.	2020-10-29	not yet calculated	CVE-2020-11485 CONFIRM
nvida — dgx_servers	NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which software does not validate the RSA 1024 public key used to verify the firmware signature, which may lead to information disclosure or code execution.	2020-10-29	not yet calculated	CVE-2020-11488 CONFIRM
nvida — dgx_servers	NVIDIA DGX servers, all DGX-1 with BMC firmware versions prior to 3.38.30 and all DGX-2 with BMC firmware versions prior to 1.06.06, contains a vulnerability in the AMI BMC firmware in which the firmware includes hard-coded credentials, which may lead to elevation of privileges or information disclosure.	2020-10-29	not yet calculated	CVE-2020-11483 CONFIRM
nvidia — cuda_toolkit	NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure.	2020-10-30	not yet calculated	CVE-2020-5991 CONFIRM
openrc — openrc	checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files because a non-terminal path component can be a symlink.	2020-10-27	not yet calculated	CVE-2018-21269 MISC
pam_tacplus — libtac	libtac in pam_tacplus through 1.5.1 lacks a check for a failure of RAND_bytes()/RAND_pseudo_bytes(). This could lead to use of a non-random/predictable session_id.	2020-10-26	not yet calculated	CVE-2020-27743 MISC MISC
pathval — pathval	This affects all versions of package pathval.	2020-10-26	not yet calculated	CVE-2020-7751 MISC MISC
pimcore — pimcore	The package pimcore/pimcore from 6.7.2 and before 6.8.3 are vulnerable to SQL Injection in data classification functionality in ClassificationstoreController. This can be exploited by sending a specifically-crafted input in the relationIds parameter as demonstrated by the following request: http://vulnerable.pimcore.example/admin/classificationstore/relations?relationIds=[{“keyId”%3a”””,”groupId”%3a”‘asd’))+or+1%3d1+union+(select+1,2,3,4,5,6,name,8,password,”,11,12,”,14+from+users)+–+”}]	2020-10-30	not yet calculated	CVE-2020-7759 CONFIRM CONFIRM
pulse_secure — desktop_client	A vulnerability in the Pulse Secure Desktop Client < 9.1R9 could allow the attacker to perform a MITM Attack if end users are convinced to connect to a malicious server.	2020-10-28	not yet calculated	CVE-2020-8241 MISC
pulse_secure — desktop_client	A vulnerability in the Pulse Secure Desktop Client < 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. This vulnerability only affects Windows PDC if the Embedded Browser is configured with the Credential Provider.	2020-10-28	not yet calculated	CVE-2020-8240 MISC
pulse_secure — desktop_client	A vulnerability in the Pulse Secure Desktop Client < 9.1R9 is vulnerable to the client registry privilege escalation attack. This fix also requires Server Side Upgrade due to Standalone Host Checker Client (Windows) and Windows PDC.	2020-10-28	not yet calculated	CVE-2020-8239 MISC
pulse_secure — desktop_client	A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to perform buffer overflow.	2020-10-28	not yet calculated	CVE-2020-8249 MISC
pulse_secure — desktop_client	A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. This vulnerability only affects Windows PDC.To improve the security of connections between Pulse clients and Pulse Connect Secure, see below recommendation(s):Disable Dynamic certificate trust for PDC.	2020-10-28	not yet calculated	CVE-2020-8254 MISC
pulse_secure — pulse_connect_secure_and_pulse_policy_secure	An XML external entity (XXE) vulnerability in Pulse Connect Secure (PCS) before 9.1R9 and Pulse Policy Secure (PPS) before 9.1R9 allows remote authenticated admins to conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request.	2020-10-27	not yet calculated	CVE-2020-15352 MISC
pulse_secure — pulse_connect_secure_and_pulse_policy_secure	A vulnerability in the Pulse Connect Secure / Pulse Policy Secure < 9.1R9 is vulnerable to arbitrary cookie injection.	2020-10-28	not yet calculated	CVE-2020-8261 MISC
pulse_secure — pulse_connect_secure_and_pulse_policy_secure	A vulnerability in the Pulse Connect Secure / Pulse Policy Secure below 9.1R9 could allow attackers to conduct Cross-Site Scripting (XSS) and Open Redirection for authenticated user web interface.	2020-10-28	not yet calculated	CVE-2020-8262 MISC
qnap — qts	If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20200107; QTS 4.3.3.1161 on build 20200109; QTS 4.2.6 on build 20200109.	2020-10-28	not yet calculated	CVE-2018-19953 CONFIRM
qnap — qts	If exploited, this cross-site scripting vulnerability could allow remote attackers to inject malicious code. QNAP has already fixed these issues in the following QTS versions. QTS 4.4.2.1270 build 20200410 and later QTS 4.4.1.1261 build 20200330 and later QTS 4.3.6.1263 build 20200330 and later QTS 4.3.4.1282 build 20200408 and later QTS 4.3.3.1252 build 20200409 and later QTS 4.2.6 build 20200421 and later	2020-10-28	not yet calculated	CVE-2018-19943 CONFIRM
qnap — qts	If exploited, this command injection vulnerability could allow remote attackers to run arbitrary commands. QNAP has already fixed the issue in the following QTS versions. QTS 4.4.2.1231 on build 20200302; QTS 4.4.1.1201 on build 20200130; QTS 4.3.6.1218 on build 20200214; QTS 4.3.4.1190 on build 20200107; QTS 4.3.3.1161 on build 20200109; QTS 4.2.6 on build 20200109.	2020-10-28	not yet calculated	CVE-2018-19949 CONFIRM
qsc — q-sys_core_manager	An issue was discovered in QSC Q-SYS Core Manager 8.2.1. By utilizing the TFTP service running on UDP port 69, a remote attacker can perform a directory traversal and obtain operating system files via a TFTP GET request, as demonstrated by reading /etc/passwd or /proc/version.	2020-10-28	not yet calculated	CVE-2020-24990 MISC MISC MISC
rapid7 — metasploit	Rapid7’s Metasploit msfvenom framework handles APK files in a way that allows for a malicious user to craft and publish a file that would execute arbitrary commands on a victim’s machine.	2020-10-29	not yet calculated	CVE-2020-7384 MISC
red_discord_bot — mod_module	Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user’s control. By abusing this exploit, it is possible to perform destructive actions within the guild the user has high privileges in. This exploit has been fixed in version 3.4.1. As a workaround, unloading the Mod module with unload mod or, disabling the massban command with command disable global massban can render this exploit not accessible. We still highly recommend updating to 3.4.1 to completely patch this issue.	2020-10-28	not yet calculated	CVE-2020-15278 MISC MISC CONFIRM
red_hat — ansible	A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality	2020-10-29	not yet calculated	CVE-2020-25646 MISC
sal — sal	Sal is a multi-tenanted reporting dashboard for Munki with the ability to display information from Facter. In Sal through version 4.1.6 there is an XSS vulnerability on the machine_list view.	2020-10-29	not yet calculated	CVE-2020-26205 MISC CONFIRM
samba — winbind	A null pointer dereference flaw was found in samba’s Winbind service in versions before 4.11.15, before 4.12.9 and before 4.13.1. A local user could use this flaw to crash the winbind service causing denial of service.	2020-10-29	not yet calculated	CVE-2020-14323 MISC MISC
sec_consult — publixone	konzept-ix publiXone before 2020.015 allows attackers to take over arbitrary user accounts by crafting password-reset tokens.	2020-10-27	not yet calculated	CVE-2020-27179 MISC MISC
sectona — spectra	Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID value.	2020-10-28	not yet calculated	CVE-2020-25966 MISC MISC
shibboleth — identity_provider	Shibboleth Identify Provider 3.x before 3.4.6 has a denial of service flaw. A remote unauthenticated attacker can cause a login flow to trigger Java heap exhaustion due to the creation of objects in the Java Servlet container session.	2020-10-28	not yet calculated	CVE-2020-27978 MISC
smartstorenet — smartstorenet	An issue was discovered in SmartStoreNET before 4.0.1. It does not properly consider the need for a CustomModelPartAttribute decoration in certain ModelBase.CustomProperties situations.	2020-10-29	not yet calculated	CVE-2020-27996 MISC MISC
sonicwall — global_vpn	SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elevate privileges to SYSTEM through loaded process hijacking vulnerability.	2020-10-28	not yet calculated	CVE-2020-5144 CONFIRM
sourcecodester — car_rental_management_system	An Arbitrary File Upload in the Upload Image component in SourceCodester Car Rental Management System 1.0 allows the user to conduct remote code execution via admin/index.php?page=manage_car because .php files can be uploaded to admin/assets/uploads/ (under the web root).	2020-10-28	not yet calculated	CVE-2020-27956 MISC MISC
sourceforge — dual_dhcp_dns_server	An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the DualServer.exe binary.	2020-10-28	not yet calculated	CVE-2020-26133 MISC MISC
sourceforge — home_dns_server	An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary.	2020-10-28	not yet calculated	CVE-2020-26132 MISC MISC
sourceforge — open_dhcp_server	Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0.1Beta. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenDHCPServer.exe (Regular) or the OpenDHCPLdap.exe (LDAP Based) binary.	2020-10-28	not yet calculated	CVE-2020-26131 MISC MISC
sourceforge — open_tftp_server	Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the OpenTFTPServerSP.exe binary.	2020-10-28	not yet calculated	CVE-2020-26130 MISC MISC
sourceforge — snap7	The Snap7 server component in version 1.4.1, when an attacker sends a crafted packet with COTP protocol the last-data-unit flag set to No and S7 writes a var function, the Snap7 server will be crashed.	2020-10-28	not yet calculated	CVE-2020-22552 MISC MISC MISC
synology — diskstation_manager	Cleartext transmission of sensitive information vulnerability in DDNS in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.	2020-10-29	not yet calculated	CVE-2020-27656 CONFIRM
synology — diskstation_manager	Synology DiskStation Manager (DSM) before 6.2.3-25426-2 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.	2020-10-29	not yet calculated	CVE-2020-27650 CONFIRM
synology — diskstation_manager	Algorithm downgrade vulnerability in QuickConnect in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.	2020-10-29	not yet calculated	CVE-2020-27652 CONFIRM MISC
synology — diskstation_manager	Improper certificate validation vulnerability in OpenVPN client in Synology DiskStation Manager (DSM) before 6.2.3-25426-2 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.	2020-10-29	not yet calculated	CVE-2020-27648 CONFIRM MISC
synology — router_manager	Synology Router Manager (SRM) before 1.2.4-8081 does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.	2020-10-29	not yet calculated	CVE-2020-27658 CONFIRM MISC
synology — router_manager	Cleartext transmission of sensitive information vulnerability in DDNS in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to eavesdrop authentication information of DNSExit via unspecified vectors.	2020-10-29	not yet calculated	CVE-2020-27657 CONFIRM
synology — router_manager	Improper certificate validation vulnerability in OpenVPN client in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.	2020-10-29	not yet calculated	CVE-2020-27649 CONFIRM MISC
synology — router_manager	Improper access control vulnerability in lbd in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to execute arbitrary commands via port (1) 7786/tcp or (2) 7787/tcp.	2020-10-29	not yet calculated	CVE-2020-27654 CONFIRM MISC MISC
synology — router_manager	Synology Router Manager (SRM) before 1.2.4-8081 does not set the Secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session.	2020-10-29	not yet calculated	CVE-2020-27651 CONFIRM MISC
synology — router_manager	Algorithm downgrade vulnerability in QuickConnect in Synology Router Manager (SRM) before 1.2.4-8081 allows man-in-the-middle attackers to spoof servers and obtain sensitive information via unspecified vectors.	2020-10-29	not yet calculated	CVE-2020-27653 CONFIRM MISC
synology — router_manager	Improper access control vulnerability in Synology Router Manager (SRM) before 1.2.4-8081 allows remote attackers to access restricted resources via inbound QuickConnect traffic.	2020-10-29	not yet calculated	CVE-2020-27655 CONFIRM
texas_instruments — cc2538_devices	The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Read Reporting Configuration Response message. It crashes in zclHandleExternal().	2020-10-27	not yet calculated	CVE-2020-27891 MISC MISC
texas_instruments — cc2538_devices	The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Discover Commands Received Response message or a ZCL Discover Commands Generated Response message. It crashes in zclParseInDiscCmdsRspCmd().	2020-10-27	not yet calculated	CVE-2020-27892 MISC MISC
texas_instruments — cc2538_devices	The Zigbee protocol implementation on Texas Instruments CC2538 devices with Z-Stack 3.0.1 does not properly process a ZCL Write Attributes No Response message. It crashes in zclParseInWriteCmd() and does not update the specific attribute’s value.	2020-10-27	not yet calculated	CVE-2020-27890 MISC MISC
trend_micro — antivirus_for_mac	Trend Micro Antivirus for Mac 2020 (Consumer) contains an Error Message Information Disclosure vulnerability that if exploited, could allow kernel pointers and debug messages to leak to userland. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.	2020-10-30	not yet calculated	CVE-2020-27015 N/A N/A
trend_micro — antivirus_for_mac	Trend Micro Antivirus for Mac 2020 (Consumer) contains a race condition vulnerability in the Web Threat Protection Blocklist component, that if exploited, could allow an attacker to case a kernel panic or crash. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.	2020-10-30	not yet calculated	CVE-2020-27014 N/A N/A
ubiquiti — unifi_meshing_access_point_unifi_controller_devices	An issue was discovered on Ubiquiti UniFi Meshing Access Point UAP-AC-M 4.3.21.11325 and UniFi Controller 6.0.28 devices. Cached credentials are not erased from an access point returning wirelessly from a disconnected state. This may provide unintended network access.	2020-10-27	not yet calculated	CVE-2020-27888 MISC
vbulletin — vbulletin	vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. ALSO NOTE: CVE-2020-7373 is a duplicate of CVE-2020-17496. CVE-2020-17496 is the preferred CVE ID to track this vulnerability.	2020-10-30	not yet calculated	CVE-2020-7373 MISC MISC MISC MISC
vmware — tanzu	Single Sign-On for Vmware Tanzu all versions prior to 1.11.3 ,1.12.x versions prior to 1.12.4 and 1.13.x prior to 1.13.1 are vulnerable to user impersonation attack.If two users are logged in to the SSO operator dashboard at the same time, with the same username, from two different identity providers, one can acquire the token of the other and thus operate with their permissions. Note: Foundation may be vulnerable only if: 1) The system zone is set up to use a SAML identity provider 2) There are internal users that have the same username as users in the external SAML provider 3) Those duplicate-named users have the scope to access the SSO operator dashboard 4) The vulnerability doesn’t appear with LDAP because of chained authentication.	2020-10-31	not yet calculated	CVE-2020-5425 CONFIRM
western_digital — my_cloud_devices	Addressed multiple stack buffer overflow vulnerabilities that could allow an attacker to carry out escalation of privileges through unauthorized remote code execution in Western Digital My Cloud devices before 5.04.114.	2020-10-27	not yet calculated	CVE-2020-12830 MISC CONFIRM
western_digital — my_cloud_devices	Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140.	2020-10-27	not yet calculated	CVE-2020-25765 MISC CONFIRM
western_digital — my_cloud_nas_devices	Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization and insufficient validation of user input in Western Digital My Cloud NAS devices prior to 5.04.114	2020-10-27	not yet calculated	CVE-2020-27159 MISC CONFIRM
western_digital — my_cloud_nas_devices	Addressed remote code execution vulnerability in AvailableApps.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114 (issue 3 of 3).	2020-10-27	not yet calculated	CVE-2020-27160 MISC CONFIRM
western_digital — my_cloud_nas_devices	Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of privileges in Western Digital My Cloud NAS devices prior to 5.04.114.	2020-10-27	not yet calculated	CVE-2020-27158 MISC CONFIRM
western_digital — my_cloud_nas_devices	An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow remote code execution with resultant escalation of privileges.	2020-10-29	not yet calculated	CVE-2020-27744 MISC
winston_privacy — winston_privacy	Winston 1.5.4 devices do not enforce authorization. This is exploitable from the intranet, and can be combined with other vulnerabilities for remote exploitation.	2020-10-28	not yet calculated	CVE-2020-16260 MISC MISC
winston_privacy — winston_privacy	Winston 1.5.4 devices allow a U-Boot interrupt, resulting in local root access.	2020-10-28	not yet calculated	CVE-2020-16261 MISC MISC
winston_privacy — winston_privacy	Winston 1.5.4 devices have a local www-data user that is overly permissioned, resulting in root privilege escalation.	2020-10-28	not yet calculated	CVE-2020-16262 MISC MISC
winston_privacy — winston_privacy	Winston 1.5.4 devices have an SSH user account with access from bastion hosts. This is undocumented in device documents and is not announced to the user.	2020-10-28	not yet calculated	CVE-2020-16259 MISC MISC
winston_privacy — winston_privacy	Winston 1.5.4 devices make use of a Monit service (not managed during the normal user process) which is configured with default credentials.	2020-10-28	not yet calculated	CVE-2020-16258 MISC MISC
winston_privacy — winston_privacy	Winston 1.5.4 devices are vulnerable to command injection via the API.	2020-10-28	not yet calculated	CVE-2020-16257 MISC MISC
winston_privacy — winston_privacy	The API on Winston 1.5.4 devices is vulnerable to CSRF.	2020-10-28	not yet calculated	CVE-2020-16256 MISC MISC
winston_privacy — winston_privacy	Winston 1.5.4 devices have a CORS configuration that trusts arbitrary origins. This allows requests to be made and viewed by arbitrary origins.	2020-10-28	not yet calculated	CVE-2020-16263 MISC MISC
wire — wire	Wire before 2020-10-16 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a format string. This affects Wire AVS (Audio, Video, and Signaling) 5.3 through 6.x before 6.4, the Wire Secure Messenger application before 3.49.918 for Android, and the Wire Secure Messenger application before 3.61 for iOS. This occurs via the value parameter to sdp_media_set_lattr in peerflow/sdp.c.	2020-10-27	not yet calculated	CVE-2020-27853 MISC
wso2 — api_manager	Cross-Site Scripting (XSS) vulnerability on WSO2 API Manager 3.1.0. By exploiting a Cross-site scripting vulnerability the attacker can hijack a logged-in user’s session by stealing cookies which means that a malicious hacker can change the logged-in user’s password and invalidate the session of the victim while the hacker maintains access.	2020-10-29	not yet calculated	CVE-2020-27885 MISC MISC
wso2 — enterprise_integrator	WSO2 Enterprise Integrator 6.6.0 or earlier contains a stored cross-site scripting (XSS) vulnerability in BPMN explorer tasks.	2020-10-29	not yet calculated	CVE-2020-25516 MISC MISC
zohocorp — manageengine_applications_manager	SQL Injection in Zoho ManageEngine Applications Manager 14 before 14560 allows an attacker to execute commands on the server via the MyPage.do template_resid parameter.	2020-10-29	not yet calculated	CVE-2020-27995 MISC

This product is provided subject to this Notification and this Privacy & Use policy.