Total
1628 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-19301 | 1 Vaethink | 1 Vaethink | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in the vae_admin_rule database table of vaeThink v1.0.1 allows attackers to execute arbitrary code via a crafted payload in the condition parameter. | |||||
| CVE-2020-19005 | 1 Zrlog | 1 Zrlog | 2024-11-21 | 3.5 LOW | 5.7 MEDIUM |
| zrlog v2.1.0 has a vulnerability with the permission check. If admin account is logged in, other unauthorized users can download the database backup file directly. | |||||
| CVE-2020-18701 | 1 Talelin | 1 Lin-cms-flask | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication token upon logout, which allows for replaying packets. | |||||
| CVE-2020-17448 | 1 Telegram | 1 Telegram Desktop | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an extension. | |||||
| CVE-2020-17354 | 1 Lilypond | 1 Lilypond | 2024-11-21 | N/A | 8.6 HIGH |
| LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-lookup or output-def-scope, as demonstrated by dangerous Scheme code in a .ly file that causes arbitrary code execution during conversion to a different file format. NOTE: in 2.24 and later versions, safe mode is removed, and the product no longer tries to block code execution when external files are used. | |||||
| CVE-2020-17049 | 2 Microsoft, Samba | 4 Windows Server 2012, Windows Server 2016, Windows Server 2019 and 1 more | 2024-11-21 | 9.0 HIGH | 6.6 MEDIUM |
| A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determines if a service ticket can be used for delegation via Kerberos Constrained Delegation (KCD). To exploit the vulnerability, a compromised service that is configured to use KCD could tamper with a service ticket that is not valid for delegation to force the KDC to accept it. The update addresses this vulnerability by changing how the KDC validates service tickets used with KCD. | |||||
| CVE-2020-16904 | 1 Microsoft | 1 Azure Functions | 2024-11-21 | 7.5 HIGH | 5.3 MEDIUM |
| <p>An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.</p> <p>An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTTP Function without proper authorization.</p> <p>This security update addresses the vulnerability by correctly validating access keys used to access HTTP Functions.</p> | |||||
| CVE-2020-16630 | 1 Ti | 7 15.4-stack, Ble5-stack, Dynamic Multi-protocal Manager and 4 more | 2024-11-21 | 4.3 MEDIUM | 6.8 MEDIUM |
| TI’s BLE stack caches and reuses the LTK’s property for a bonded mobile. A LTK can be an unauthenticated-and-no-MITM-protection key created by Just Works or an authenticated-and-MITM-protection key created by Passkey Entry, Numeric Comparison or OOB. Assume that a victim mobile uses secure pairing to pair with a victim BLE device based on TI chips and generate an authenticated-and-MITM-protection LTK. If a fake mobile with the victim mobile’s MAC address uses Just Works and pairs with the victim device, the generated LTK still has the property of authenticated-and-MITM-protection. Therefore, the fake mobile can access attributes with the authenticated read/write permission. | |||||
| CVE-2020-16241 | 1 Philips | 2 Suresigns Vs4, Suresigns Vs4 Firmware | 2024-11-21 | 2.1 LOW | 2.1 LOW |
| Philips SureSigns VS4, A.07.107 and prior. The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor. | |||||
| CVE-2020-15664 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| By holding a reference to the eval() function from an about:blank window, a malicious webpage could have gained access to the InstallTrigger object which would allow them to prompt the user to install an extension. Combined with user confusion, this could result in an unintended or malicious extension being installed. This vulnerability affects Firefox < 80, Thunderbird < 78.2, Thunderbird < 68.12, Firefox ESR < 68.12, Firefox ESR < 78.2, and Firefox for Android < 80. | |||||
| CVE-2020-15590 | 1 Privateinternetaccess | 1 Private Internet Access Vpn Client | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the Private Internet Access (PIA) VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a “split tunnel” OpenVPN bypass option. The PIA killswitch & associated iptables firewall is designed to protect you while using the Internet. When the kill switch is configured to block all inbound and outbound network traffic, privileged applications can continue sending & receiving network traffic if net.ipv4.ip_forward has been enabled in the system kernel parameters. For example, a Docker container running on a host with the VPN turned off, and the kill switch turned on, can continue using the internet, leaking the host IP (CWE 200). In PIA 2.4.0+, policy-based routing is enabled by default and is used to direct all forwarded packets to the VPN interface automatically. | |||||
| CVE-2020-15513 | 1 Mittwald | 1 Typo3 Forum | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The typo3_forum extension before 1.2.1 for TYPO3 has Incorrect Access Control. | |||||
| CVE-2020-15278 | 1 Cogboard | 1 Red Discord Bot | 2024-11-21 | 6.0 MEDIUM | 7.7 HIGH |
| Red Discord Bot before version 3.4.1 has an unauthorized privilege escalation exploit in the Mod module. This exploit allows Discord users with a high privilege level within the guild to bypass hierarchy checks when the application is in a specific condition that is beyond that user's control. By abusing this exploit, it is possible to perform destructive actions within the guild the user has high privileges in. This exploit has been fixed in version 3.4.1. As a workaround, unloading the Mod module with unload mod or, disabling the massban command with command disable global massban can render this exploit not accessible. We still highly recommend updating to 3.4.1 to completely patch this issue. | |||||
| CVE-2020-15126 | 1 Parseplatform | 1 Parse Server | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| In parser-server from version 3.5.0 and before 4.3.0, an authenticated user using the viewer GraphQL query can by pass all read security on his User object and can also by pass all objects linked via relation or Pointer on his User object. | |||||
| CVE-2020-15120 | 1 Ihatemoney | 1 I Hate Money | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| In "I hate money" before version 4.1.5, an authenticated member of one project can modify and delete members of another project, without knowledge of this other project's private code. This can be further exploited to access all bills of another project without knowledge of this other project's private code. With the default configuration, anybody is allowed to create a new project. An attacker can create a new project and then use it to become authenticated and exploit this flaw. As such, the exposure is similar to an unauthenticated attack, because it is trivial to become authenticated. This is fixed in version 4.1.5. | |||||
| CVE-2020-15110 | 1 Jupyterhub | 1 Kubespawner | 2024-11-21 | 5.5 MEDIUM | 6.8 MEDIUM |
| In jupyterhub-kubespawner before 0.12, certain usernames will be able to craft particular server names which will grant them access to the default server of other users who have matching usernames. This has been fixed in 0.12. | |||||
| CVE-2020-15084 | 1 Auth0 | 1 Express-jwt | 2024-11-21 | 4.3 MEDIUM | 7.7 HIGH |
| In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced. When algorithms is not specified in the configuration, with the combination of jwks-rsa, it may lead to authorization bypass. You are affected by this vulnerability if all of the following conditions apply: - You are using express-jwt - You do not have **algorithms** configured in your express-jwt configuration. - You are using libraries such as jwks-rsa as the **secret**. You can fix this by specifying **algorithms** in the express-jwt configuration. See linked GHSA for example. This is also fixed in version 6.0.0. | |||||
| CVE-2020-14486 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
| An attacker may bypass permission/authorization checks in OpenClinic GA 5.09.02 and 5.89.05b by ignoring the redirect of a permission failure, which may allow unauthorized execution of commands. | |||||
| CVE-2020-14321 | 1 Moodle | 1 Moodle | 2024-11-21 | N/A | 8.8 HIGH |
| In Moodle before 3.9.1, 3.8.4, 3.7.7 and 3.5.13, teachers of a course were able to assign themselves the manager role within that course. | |||||
| CVE-2020-14214 | 1 Zammad | 1 Zammad | 2024-11-21 | 5.8 MEDIUM | 6.5 MEDIUM |
| Zammad before 3.3.1, when Domain Based Assignment is enabled, relies on a claimed e-mail address for authorization decisions. An attacker can register a new account that will have access to all tickets of an arbitrary Organization. | |||||