Export limit exceeded: 335505 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 335505 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 10059 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (10059 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-10779 | 1 Redhat | 2 Cloudforms, Cloudforms Managementengine | 2024-11-21 | 6.5 Medium |
| Red Hat CloudForms 4.7 and 5 leads to insecure direct object references (IDOR) and functional level access control bypass due to missing privilege check. Therefore, if an attacker knows the right criteria, it is possible to access some sensitive data within the CloudForms. | ||||
| CVE-2020-10778 | 1 Redhat | 2 Cloudforms, Cloudforms Managementengine | 2024-11-21 | 6.0 Medium |
| In Red Hat CloudForms 4.7 and 5, the read only widgets can be edited by inspecting the forms and dropping the disabled attribute from the fields since there is no server-side validation. This business logic flaw violate the expected behavior. | ||||
| CVE-2020-10775 | 2 Oracle, Redhat | 3 Virtualization, Ovirt-engine, Rhev Manager | 2024-11-21 | 5.3 Medium |
| An Open redirect vulnerability was found in ovirt-engine versions 4.4 and earlier, where it allows remote attackers to redirect users to arbitrary web sites and attempt phishing attacks. Once the target has opened the malicious URL in their browser, the critical part of the URL is no longer visible. The highest threat from this vulnerability is on confidentiality. | ||||
| CVE-2020-10773 | 2 Linux, Redhat | 2 Linux Kernel, Enterprise Linux | 2024-11-21 | 4.4 Medium |
| A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data. | ||||
| CVE-2020-10761 | 4 Canonical, Opensuse, Qemu and 1 more | 5 Ubuntu Linux, Leap, Qemu and 2 more | 2024-11-21 | 5 Medium |
| An assertion failure issue was found in the Network Block Device(NBD) Server in all QEMU versions before QEMU 5.0.1. This flaw occurs when an nbd-client sends a spec-compliant request that is near the boundary of maximum permitted request length. A remote nbd-client could use this flaw to crash the qemu-nbd server resulting in a denial of service. | ||||
| CVE-2020-10725 | 5 Dpdk, Fedoraproject, Opensuse and 2 more | 6 Data Plane Development Kit, Fedora, Leap and 3 more | 2024-11-21 | 7.7 High |
| A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that host. This is caused by a missing validity check of the descriptor address in the function `virtio_dev_rx_batch_packed()`. | ||||
| CVE-2020-10709 | 1 Redhat | 1 Ansible Tower | 2024-11-21 | 7.1 High |
| A security flaw was found in Ansible Tower when requesting an OAuth2 token with an OAuth2 application. Ansible Tower uses the token to provide authentication. This flaw allows an attacker to obtain a refresh token that does not expire. The original token granted to the user still has access to Ansible Tower, which allows any user that can gain access to the token to be fully authenticated to Ansible Tower. This flaw affects Ansible Tower versions before 3.6.4 and Ansible Tower versions before 3.5.6. | ||||
| CVE-2020-10704 | 4 Debian, Fedoraproject, Opensuse and 1 more | 4 Debian Linux, Fedora, Leap and 1 more | 2024-11-21 | 7.5 High |
| A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user can cause a stack overflow leading to a denial of service. The highest threat from this vulnerability is to system availability. This issue affects all samba versions before 4.10.15, before 4.11.8 and before 4.12.2. | ||||
| CVE-2020-10683 | 6 Canonical, Dom4j Project, Netapp and 3 more | 44 Ubuntu Linux, Dom4j, Oncommand Api Services and 41 more | 2024-11-21 | 9.8 Critical |
| dom4j before 2.0.3 and 2.1.x before 2.1.3 allows external DTDs and External Entities by default, which might enable XXE attacks. However, there is popular external documentation from OWASP showing how to enable the safe, non-default behavior in any application that uses dom4j. | ||||
| CVE-2020-10629 | 1 Advantech | 1 Webaccess\/nms | 2024-11-21 | 7.5 High |
| WebAccess/NMS (versions prior to 3.0.2) does not sanitize XML input. Specially crafted XML input could allow an attacker to read sensitive files. | ||||
| CVE-2020-10598 | 1 Bd | 4 Pyxis Anesthesia Station Es, Pyxis Anesthesia Station Es Firmware, Pyxis Medstation Es and 1 more | 2024-11-21 | 6.1 Medium |
| In BD Pyxis MedStation ES System v1.6.1 and Pyxis Anesthesia (PAS) ES System v1.6.1, a restricted desktop environment escape vulnerability exists in the kiosk mode functionality of affected devices. Specially crafted inputs could allow the user to escape the restricted environment, resulting in access to sensitive data. | ||||
| CVE-2020-10581 | 1 Invigo | 1 Automatic Device Management | 2024-11-21 | 7.5 High |
| Multiple session validity check issues in several administration functionalities of Invigo Automatic Device Management (ADM) through 5.0 allow remote attackers to read potentially sensitive data hosted by the application. | ||||
| CVE-2020-10573 | 1 Meetecho | 1 Janus | 2024-11-21 | 7.5 High |
| An issue was discovered in Janus through 0.9.1. janus_audiobridge.c has a double mutex unlock when listing private rooms in AudioBridge. | ||||
| CVE-2020-10286 | 1 Ufactory | 6 Xarm 5 Lite, Xarm 5 Lite Firmware, Xarm 6 and 3 more | 2024-11-21 | 8.8 High |
| the main user account has restricted privileges but is in the sudoers group and there is not any mechanism in place to prevent sudo su or sudo -i to be run gaining unrestricted access to sensible files, encryption, or issue orders that disrupt robot operation. | ||||
| CVE-2020-10284 | 1 Ufactory | 1 Xarm Studio | 2024-11-21 | 9.1 Critical |
| No authentication is required to control the robot inside the network, moreso the latest available user manual shows an option that lets the user to add a password to the robot but as in xarm_studio 1.3.0 the option is missing from the menu. Assuming manual control, even by forcefully removing the current operator from an active session. | ||||
| CVE-2020-10277 | 3 Easyrobotics, Mobile-industrial-robots, Uvd-robots | 20 Er-flex, Er-flex Firmware, Er-lite and 17 more | 2024-11-21 | 6.4 Medium |
| There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extraction of sensible files (such as the shadow file) or privilege escalation by manually adding a new user with sudo privileges on the machine. | ||||
| CVE-2020-10271 | 4 Aliasrobotics, Enabled-robotics, Mobile-industrial-robotics and 1 more | 20 Mir100, Mir1000, Mir1000 Firmware and 17 more | 2024-11-21 | 9.8 Critical |
| MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph to all network interfaces, wireless and wired. This is the result of a bad set up and can be mitigated by appropriately configuring ROS and/or applying custom patches as appropriate. Currently, the ROS computational graph can be accessed fully from the wired exposed ports. In combination with other flaws such as CVE-2020-10269, the computation graph can also be fetched and interacted from wireless networks. This allows a malicious operator to take control of the ROS logic and correspondingly, the complete robot given that MiR's operations are centered around the framework (ROS). | ||||
| CVE-2020-10238 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 7.5 High |
| An issue was discovered in Joomla! before 3.9.16. Various actions in com_templates lack the required ACL checks, leading to various potential attack vectors. | ||||
| CVE-2020-10143 | 1 Macrium | 1 Reflect | 2024-11-21 | 7.8 High |
| Macrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR variable as C:\openssl\. Macrium Reflect contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate path to a specially-crafted openssl.cnf file to achieve arbitrary code execution with SYSTEM privileges. | ||||
| CVE-2020-10139 | 1 Acronis | 1 True Image | 2024-11-21 | 7.8 High |
| Acronis True Image 2021 includes an OpenSSL component that specifies an OPENSSLDIR variable as a subdirectory within C:\jenkins_agent\. Acronis True Image contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate path to a specially-crafted openssl.cnf file to achieve arbitrary code execution with SYSTEM privileges. | ||||