2021

CVE-2021-1639 25 Feb 2021
Visual Studio Code Remote Code Execution Vulnerability
CVE-2021-1698 25 Feb 2021
Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1732.
CVE-2021-1721 25 Feb 2021
.NET Core and Visual Studio Denial of Service Vulnerability
CVE-2021-1722 25 Feb 2021
Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24077.
CVE-2021-1724 25 Feb 2021
Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
CVE-2021-1726 25 Feb 2021
Microsoft SharePoint Spoofing Vulnerability
CVE-2021-1727 25 Feb 2021
Windows Installer Elevation of Privilege Vulnerability
CVE-2021-1728 25 Feb 2021
System Center Operations Manager Elevation of Privilege Vulnerability
CVE-2021-1730 25 Feb 2021
Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-24085.
CVE-2021-1731 25 Feb 2021
PFX Encryption Security Feature Bypass Vulnerability
CVE-2021-1732 25 Feb 2021
Windows Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1698.
CVE-2021-1733 25 Feb 2021
Sysinternals PsExec Elevation of Privilege Vulnerability
CVE-2021-1734 25 Feb 2021
Windows Remote Procedure Call Information Disclosure Vulnerability
CVE-2021-24066 25 Feb 2021
Microsoft SharePoint Remote Code Execution Vulnerability
CVE-2021-24067 25 Feb 2021
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24068, CVE-2021-24069, CVE-2021-24070.
CVE-2021-24068 25 Feb 2021
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24069, CVE-2021-24070.
CVE-2021-24069 25 Feb 2021
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24068, CVE-2021-24070.
CVE-2021-24070 25 Feb 2021
Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24068, CVE-2021-24069.
CVE-2021-24071 25 Feb 2021
Microsoft SharePoint Information Disclosure Vulnerability
CVE-2021-24072 25 Feb 2021
Microsoft SharePoint Server Remote Code Execution Vulnerability
CVE-2021-24073 25 Feb 2021
Skype for Business and Lync Spoofing Vulnerability
CVE-2021-24074 25 Feb 2021
Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24094.
CVE-2021-24075 25 Feb 2021
Windows Network File System Denial of Service Vulnerability
CVE-2021-24076 25 Feb 2021
Microsoft Windows VMSwitch Information Disclosure Vulnerability
CVE-2021-24077 25 Feb 2021
Windows Fax Service Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1722.
CVE-2021-24078 25 Feb 2021
Windows DNS Server Remote Code Execution Vulnerability
CVE-2021-24079 25 Feb 2021
Windows Backup Engine Information Disclosure Vulnerability
CVE-2021-24080 25 Feb 2021
Windows Trust Verification API Denial of Service Vulnerability
CVE-2021-24081 25 Feb 2021
Microsoft Windows Codecs Library Remote Code Execution Vulnerability
CVE-2021-24082 25 Feb 2021
Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability
CVE-2021-24083 25 Feb 2021
Windows Address Book Remote Code Execution Vulnerability
CVE-2021-24084 25 Feb 2021
Windows Mobile Device Management Information Disclosure Vulnerability
CVE-2021-24085 25 Feb 2021
Microsoft Exchange Server Spoofing Vulnerability This CVE ID is unique from CVE-2021-1730.
CVE-2021-24086 25 Feb 2021
Windows TCP/IP Denial of Service Vulnerability
CVE-2021-24087 25 Feb 2021
Azure IoT CLI extension Elevation of Privilege Vulnerability
CVE-2021-24088 25 Feb 2021
Windows Local Spooler Remote Code Execution Vulnerability
CVE-2021-24091 25 Feb 2021
Windows Camera Codec Pack Remote Code Execution Vulnerability
CVE-2021-24092 25 Feb 2021
Microsoft Defender Elevation of Privilege Vulnerability
CVE-2021-24093 25 Feb 2021
Windows Graphics Component Remote Code Execution Vulnerability
CVE-2021-24094 25 Feb 2021
Windows TCP/IP Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24074.
CVE-2021-24096 25 Feb 2021
Windows Kernel Elevation of Privilege Vulnerability
CVE-2021-24098 25 Feb 2021
Windows Console Driver Denial of Service Vulnerability
CVE-2021-24099 25 Feb 2021
Skype for Business and Lync Denial of Service Vulnerability
CVE-2021-24100 25 Feb 2021
Microsoft Edge for Android Information Disclosure Vulnerability
CVE-2021-24101 25 Feb 2021
Microsoft Dataverse Information Disclosure Vulnerability
CVE-2021-24102 25 Feb 2021
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-24103.
CVE-2021-24103 25 Feb 2021
Windows Event Tracing Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-24102.
CVE-2021-24105 25 Feb 2021
Package Managers Configurations Remote Code Execution Vulnerability
CVE-2021-24106 25 Feb 2021
Windows DirectX Information Disclosure Vulnerability
CVE-2021-24109 25 Feb 2021
Microsoft Azure Kubernetes Service Elevation of Privilege Vulnerability

2020

CVE-2020-17162 25 Feb 2021
Microsoft Windows Security Feature Bypass Vulnerability
CVE-2020-27543 25 Feb 2021
The restify-paginate package 0.0.5 for Node.js allows remote attackers to cause a Denial-of-Service by omitting the HTTP Host header. A Restify-based web service would crash with an uncaught exception.
CVE-2020-23534 25 Feb 2021
A server-side request forgery (SSRF) vulnerability in Upgrade.php of gopeak masterlab 2.1.5, via the 'source' parameter.
CVE-2020-8032 25 Feb 2021
A Insecure Temporary File vulnerability in the packaging of cyrus-sasl of openSUSE Factory allows local attackers to escalate to root. This issue affects: openSUSE Factory cyrus-sasl version 2.1.27-4.2 and prior versions.
CVE-2020-36254 25 Feb 2021
scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.
CVE-2020-9051 24 Feb 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.
CVE-2020-9052 24 Feb 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.
CVE-2020-9053 24 Feb 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.
CVE-2020-11987 24 Feb 2021
Apache Batik 1.13 is vulnerable to server-side request forgery, caused by improper input validation by the NodePickerPanel. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.
CVE-2020-11988 24 Feb 2021
Apache XmlGraphics Commons 2.4 is vulnerable to server-side request forgery, caused by improper input validation by the XMPParser. By using a specially-crafted argument, an attacker could exploit this vulnerability to cause the underlying server to make arbitrary GET requests.
CVE-2020-4931 24 Feb 2021
IBM MQ 9.1 LTS, 9.2 LTS, and 9.1 CD AMQP Channels could allow an authenticated user to cause a denial of service due to an issue processing messages. IBM X-Force ID: 191747.
CVE-2020-27224 24 Feb 2021
In Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code.
CVE-2020-7836 24 Feb 2021
VOICEYE WSActiveBridgeES versions prior to 2.1.0.3 contains a stack-based buffer overflow vulnerability caused by improper bound checking parameter given by attack. It finally leads to a stack-based buffer overflow via access to crafted web page.
CVE-2020-28599 24 Feb 2021
A stack-based buffer overflow vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-7846 24 Feb 2021
Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcoded cryptographic key. It finally leads to a file download and execution via access to crafted web page.
CVE-2020-12702 24 Feb 2021
Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier) allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during the pairing process.
CVE-2020-27782 23 Feb 2021
A flaw was found in the Undertow AJP connector. Malicious requests and abrupt connection closes could be triggered by an attacker using query strings with non-RFC compliant characters resulting in a denial of service. The highest threat from this vulnerability is to system availability. This affects Undertow 2.1.5.SP1, 2.0.33.SP2, and 2.2.3.SP1.
CVE-2020-28587 23 Feb 2021
A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, which will cause a heap-based buffer overflow. An attacker can entice the victim to open a document to trigger this vulnerability. This affects SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014).
CVE-2020-7120 23 Feb 2021
A local authenticated buffer overflow vulnerability was discovered in Aruba ClearPass Policy Manager version(s): Prior to 6.9.5, 6.8.8-HF1, 6.7.14-HF1. A vulnerability in ClearPass OnGuard could allow local authenticated users to cause a buffer overflow condition. A successful exploit could allow a local attacker to execute arbitrary code within the context the binary is running in, which is a lower privileged account.
CVE-2020-8297 23 Feb 2021
Nextcloud Deck before 1.0.2 suffers from an insecure direct object reference (IDOR) vulnerability that permits users with a duplicate user identifier to access deck data of a previous deleted user.
CVE-2020-16243 23 Feb 2021
Multiple buffer overflow vulnerabilities exist when LeviStudioU (Version 2019-09-21 and prior) processes project files. Opening a specially crafted project file could allow an attacker to exploit and execute code under the privileges of the application.
CVE-2020-25161 23 Feb 2021
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an administrator.
CVE-2020-26609 23 Feb 2021
fastadmin V1.0.0.20200506_beta contains a cross-site scripting (XSS) vulnerability which may allow an attacker to obtain administrator credentials to log in to the background.
CVE-2020-28430 23 Feb 2021
All versions of package nuance-gulp-build-common are vulnerable to Command Injection via the index.js file. PoC: /var a = require("nuance-gulp-build-common") a.run("touch JHU")
CVE-2020-28431 23 Feb 2021
All versions of package wc-cmd are vulnerable to Command Injection via the index.js file. PoC: var a =require("wc-cmd"); a("touch JHU")
CVE-2020-28432 23 Feb 2021
All versions of package theme-core are vulnerable to Command Injection via the lib/utils.js file, which is required by main entry of the package. PoC: var a =require("theme-core"); a.utils.sh("touch JHU")
CVE-2020-4953 23 Feb 2021
IBM Planning Analytics 2.0 could allow a remote authenticated attacker to obtain information about an organization's internal structure by exposing sensitive information in HTTP repsonses. IBM X-Force ID: 192029.
CVE-2020-7847 23 Feb 2021
The ipTIME NAS product allows an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. This issue affects: pTIME NAS 1.4.36.
CVE-2020-28429 23 Feb 2021
All versions of package geojson2kml are vulnerable to Command Injection via the index.js file. PoC: var a =require("geojson2kml"); a("./","& touch JHU",function(){})
CVE-2020-14359 23 Feb 2021
A vulnerability was found in all versions of keycloak, where on using lower case HTTP headers (via cURL) we can bypass our Gatekeeper. Lower case headers are also accepted by some webservers (e.g. Jetty). This means there is no protection when we put a Gatekeeper in front of a Jetty server and use lowercase headers.
CVE-2020-8902 23 Feb 2021
Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery (SSRF) attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to render internal sites it has access to, and display it as a screenshot. Suggested mitigations are to upgrade your rendertron to version 3.0.0, or, if you cannot update, to secure the infrastructure to limit the headless chrome's access to your internal domain.
CVE-2020-13697 23 Feb 2021
An issue was discovered in RouterNanoHTTPD.java in NanoHTTPD through 2.3.1. The GeneralHandler class implements a basic GET handler that prints debug information as an HTML page. Any web server that extends this class without implementing its own GET handler is vulnerable to reflected XSS, because the GeneralHandler GET handler prints user input passed through the query string without any sanitization.
CVE-2020-25690 23 Feb 2021
An out-of-bounds write flaw was found in FontForge in versions before 20200314 while parsing SFD files containing certain LayerCount tokens. This flaw allows an attacker to manipulate the memory allocated on the heap, causing the application to crash or execute arbitrary code. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-27768 23 Feb 2021
In ImageMagick, there is an outside the range of representable values of type 'unsigned int' at MagickCore/quantum-private.h. This flaw affects ImageMagick versions prior to 7.0.9-0.
CVE-2020-27819 23 Feb 2021
An issue was discovered in libxls before and including 1.6.1 when reading Microsoft Excel files. A NULL pointer dereference vulnerability exists when parsing XLS cells in libxls/xls2csv.c:199. It could allow a remote attacker to cause a denial of service via crafted XLS file.
CVE-2020-29075 (v3: 7.1) 23 Feb 2021
Acrobat Reader DC versions 2020.013.20066 (and earlier), 2020.001.30010 (and earlier) and 2017.011.30180 (and earlier) are affected by an information exposure vulnerability, that could enable an attacker to get a DNS interaction and track if the user has opened or closed a PDF file when loaded from the filesystem without a prompt. User interaction is required to exploit this vulnerability.
CVE-2020-35852 23 Feb 2021
Chatbox is affected by cross-site scripting (XSS). An attacker has to upload any XSS payload with SVG, XML file in Chatbox. There is no restriction on file upload in Chatbox which leads to stored XSS.
CVE-2020-29448 22 Feb 2021
The ConfluenceResourceDownloadRewriteRule class in Confluence Server and Confluence Data Center before version 6.13.18, from 6.14.0 before 7.4.6, and from 7.5.0 before 7.8.3 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check.
CVE-2020-29453 22 Feb 2021
The CachingResourceDownloadRewriteRule class in Jira Server and Jira Data Center before version 8.5.11, from 8.6.0 before 8.13.3, and from 8.14.0 before 8.15.0 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF directories via an incorrect path access check.
CVE-2020-36232 22 Feb 2021
The MessageBundleWhiteList class of atlassian-gadgets before version 4.2.37, from version 4.3.0 before 4.3.14, from version 4.3.2.0 before 4.3.2.4, from version 4.4.0 before 4.4.12, and from version 5.0.0 before 5.0.1 allowed unexpected DNS lookups and requests to arbitrary services as it incorrectly obtained application base url information from the executing http request which could be attacker controlled.
CVE-2020-22474 22 Feb 2021
In webERP 4.15, the ManualContents.php file allows users to specify the "Language" parameter, which can lead to local file inclusion.
CVE-2020-22475 22 Feb 2021
"Tasks" application version before 9.7.3 is affected by insecure permissions. The VoiceCommandActivity application component allows arbitrary applications on a device to add tasks with no restrictions.
CVE-2020-24175 22 Feb 2021
Buffer overflow in Yz1 0.30 and 0.32, as used in IZArc 4.4, ZipGenius 6.3.2.3116, and Explzh (extension) 8.14, allows attackers to execute arbitrary code via a crafted archive file, related to filename handling.
CVE-2020-19762 22 Feb 2021
Automated Logic Corporation (ALC) WebCTRL System 6.5 and prior allows remote attackers to execute any JavaScript code via a XSS payload for the first parameter in a GET request.
CVE-2020-21224 22 Feb 2021
A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote attacker can send a malicious login packet to the control server
CVE-2020-11147 22 Feb 2021
Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2020-11163 22 Feb 2021
Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
CVE-2020-11170 22 Feb 2021
Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
CVE-2020-11177 22 Feb 2021
User can overwrite Security Code NV item without knowing current SPC due to improper validation of SPC code setting and device lock in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
CVE-2020-11187 22 Feb 2021
Possible memory corruption in BSI module due to improper validation of parameter count in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Mobile

2019

CVE-2019-25024 19 Feb 2021
OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_service parameter.
CVE-2019-18243 18 Feb 2021
HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through the registry. This may allow privilege escalation.
CVE-2019-18255 18 Feb 2021
HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through section objects. This may allow privilege escalation.
CVE-2019-25019 14 Feb 2021
LimeSurvey before 4.0.0-RC4 allows SQL injection via the participant model.
CVE-2019-19004 11 Feb 2021
A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attackers to provide an unexpected input value to malloc via a malformed bitmap image.
CVE-2019-19005 11 Feb 2021
A bitmap double free in main.c in autotrace 0.31.1 allows attackers to cause an unspecified impact via a malformed bitmap image. This may occur after the use-after-free in CVE-2017-9182.
CVE-2019-17582 9 Feb 2021
A use-after-free in the _zip_dirent_read function of zip_dirent.c in libzip 1.2.0 allows attackers to have an unspecified impact by attempting to unzip a malformed ZIP archive. NOTE: the discoverer states "This use-after-free is triggered prior to the double free reported in CVE-2017-12858."
CVE-2019-16268 3 Feb 2021
Zoho ManageEngine Remote Access Plus 10.0.259 allows HTML injection via the Description field on the Admin - User Administration userMgmt.do?actionToCall=ShowUser screen.
CVE-2019-25017 2 Feb 2021
An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious rcp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rcp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). This issue is similar to CVE-2019-6111 and CVE-2019-7283. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8.
CVE-2019-25018 2 Feb 2021
In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on the client side. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8.
CVE-2019-20468 1 Feb 2021
An issue was discovered in SeTracker2 for TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It has unnecessary permissions such as READ_EXTERNAL_STORAGE, WRITE_EXTERNAL_STORAGE, and READ_CONTACTS.
CVE-2019-20470 1 Feb 2021
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. It performs actions based on certain SMS commands. This can be used to set up a voice communication channel from the watch to any telephone number, initiated by sending a specific SMS and using the default password, e.g., pw,,call, triggers an outbound call from the watch. The password is sometimes available because of CVE-2019-20471.
CVE-2019-20471 1 Feb 2021
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. When using the device at initial setup, a default password is used (123456) for administrative purposes. There is no prompt to change this password. Note that this password can be used in combination with CVE-2019-20470.
CVE-2019-20473 1 Feb 2021
An issue was discovered on TK-Star Q90 Junior GPS horloge 3.1042.9.8656 devices. Any SIM card used with the device cannot have a PIN configured. If a PIN is configured, the device simply produces a "Remove PIN and restart!" message, and cannot be used. This makes it easier for an attacker to use the SIM card by stealing the device.
CVE-2019-25014 29 Jan 2021
A NULL pointer dereference was found in pkg/proxy/envoy/v2/debug.go getResourceVersion in Istio pilot before 1.5.0-alpha.0. If a particular HTTP GET request is made to the pilot API endpoint, it is possible to cause the Go runtime to panic (resulting in a denial of service to the istio-pilot application).
CVE-2019-25016 28 Jan 2021
There is an unsafe incomplete reset of PATH in OpenDoas 6.6 through 6.8 when changing the user context.
CVE-2019-11295 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11296 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11297 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11298 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11299 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11300 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11301 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11302 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11303 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11304 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11305 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11306 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11307 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11308 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11309 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11310 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11311 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11312 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11313 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11314 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11315 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11316 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-11317 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.
CVE-2019-25015 26 Jan 2021
LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafted SSID.
CVE-2019-16961 15 Jan 2021
SolarWinds Web Help Desk 12.7.0 allows XSS via a Schedule Name.
CVE-2019-4160 13 Jan 2021
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 158577.
CVE-2019-4687 13 Jan 2021
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 171823.
CVE-2019-4702 13 Jan 2021
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
CVE-2019-3405 11 Jan 2021
In the 3.1.3.64296 and lower version of 360F5, the third party can trigger the device to send a deauth frame by constructing and sending a specific illegal 802.11 Null Data Frame, which will cause other wireless terminals connected to disconnect from the wireless, so as to attack the router wireless by DoS. At present, the vulnerability has been effectively handled, and users can fix the vulnerability after updating the firmware version.
CVE-2019-18642 7 Jan 2021
Rock RMS version before 8.6 is vulnerable to account takeover by tampering with the user ID parameter in the profile update feature. The lack of validation and use of sequential user IDs allows any user to change account details of any other user. This vulnerability could be used to change the email address of another account, even the administrator account. Upon changing another account's email address, performing a password reset to the new email address could allow an attacker to take over any account.
CVE-2019-18643 7 Jan 2021
Rock RMS versions before 8.10 and versions 9.0 through 9.3 fails to properly validate files uploaded in the application. The only protection mechanism is a file-extension blacklist that can be bypassed by adding multiple spaces and periods after the file name. This could allow an attacker to upload ASPX code and gain remote code execution on the application. The application typically runs as LocalSystem as mandated in the installation guide. Patched in versions 8.10 and 9.4.
CVE-2019-16954 6 Jan 2021
SolarWinds Web Help Desk 12.7.0 allows HTML injection via a Comment in a Help Request ticket.
CVE-2019-16962 6 Jan 2021
Zoho ManageEngine Desktop Central 10.0.430 allows HTML injection via a modified Report Name in a New Custom Report.
CVE-2019-20484 5 Jan 2021
An issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could download or upload project files by opening the Project URL directly in the browser after logging in.

2018

CVE-2018-3633 25 Feb 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2018-10330 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10331 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10332 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10333 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10334 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10335 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10336 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10337 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10338 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10339 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10340 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10341 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10342 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10343 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10344 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10345 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10346 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10347 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10348 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-10349 26 Jan 2021
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2018. Notes: none.
CVE-2018-11005 11 Jan 2021
A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
CVE-2018-11006 11 Jan 2021
An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
CVE-2018-11007 11 Jan 2021
A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
CVE-2018-11008 11 Jan 2021
An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
CVE-2018-11009 11 Jan 2021
A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
CVE-2018-11010 11 Jan 2021
A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53.
CVE-2018-11246 11 Jan 2021
K7TSMngr.exe in K7Computing K7AntiVirus Premium 15.1.0.53 has a Memory Leak.
CVE-2018-8044 11 Jan 2021
K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: Local Process Execution (local). The component is: K7Sentry.sys.
CVE-2018-8724 11 Jan 2021
K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local). The component is: K7TSMngr.exe.
CVE-2018-8725 11 Jan 2021
K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.
CVE-2018-8726 11 Jan 2021
K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.
CVE-2018-9332 11 Jan 2021
K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local).
CVE-2018-9333 11 Jan 2021
K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe.
CVE-2018-18688 7 Jan 2021
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or annotations, Body Updates are displayed to the user without any action by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects LibreOffice, Master PDF Editor, Nitro Pro, Nitro Reader, Nuance Power PDF Standard, PDF Editor 6 Pro, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, Perfect PDF 10 Premium, and Perfect PDF Reader.
CVE-2018-18689 7 Jan 2021
The Portable Document Format (PDF) specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, a Signature Wrapping vulnerability exists in multiple products. An attacker can use /ByteRange and xref manipulations that are not detected by the signature-validation logic. This affects Foxit Reader before 9.4 and PhantomPDF before 8.3.9 and 9.x before 9.4. It also affects eXpert PDF 12 Ultimate, Expert PDF Reader, Nitro Pro, Nitro Reader, PDF Architect 6, PDF Editor 6 Pro, PDF Experte 9 Ultimate, PDFelement6 Pro, PDF Studio Viewer 2018, PDF Studio Pro, PDF-XChange Editor and Viewer, Perfect PDF 10 Premium, Perfect PDF Reader, Soda PDF, and Soda PDF Desktop.
CVE-2018-20313 7 Jan 2021
Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyPreviewAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
CVE-2018-20314 7 Jan 2021
Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCheckLicence race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
CVE-2018-20315 7 Jan 2021
Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
CVE-2018-20316 7 Jan 2021
Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode.
CVE-2018-19418 7 Jan 2021
Foxit PDF ActiveX before 5.5.1 allows remote code execution via command injection because of the lack of a security permission control.
CVE-2018-20309 7 Jan 2021
Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyGetAppEdition race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
CVE-2018-20310 7 Jan 2021
Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
CVE-2018-20311 7 Jan 2021
Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyCPDFAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read.
CVE-2018-20312 7 Jan 2021
Foxit Reader before 9.5, and PhantomPDF before 8.3.10 and 9.x before 9.5, has a proxyDoAction race condition that can cause a stack-based buffer overflow or an out-of-bounds read, a different issue than CVE-2018-20310 because of a different opcode.
CVE-2018-25002 1 Jan 2021
uploader.php in the KCFinder integration project through 2018-06-01 for Drupal mishandles validation, aka SA-CONTRIB-2018-024. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2018-19941 31 Dec 2020
A vulnerability has been reported to affect QNAP NAS. If exploited, this vulnerability allows an attacker to access sensitive information stored in cleartext inside cookies via certain widely-available tools. QNAP have already fixed this vulnerability in the following versions: QTS 4.5.1.1456 build 20201015 (and later) QuTS hero h4.5.1.1472 build 20201031 (and later) QuTScloud c4.5.2.1379 build 20200730 (and later)
CVE-2018-19944 31 Dec 2020
A cleartext transmission of sensitive information vulnerability has been reported to affect certain QTS devices. If exploited, this vulnerability allows a remote attacker to gain access to sensitive information. QNAP have already fixed this vulnerability in the following versions: QTS 4.4.3.1354 build 20200702 (and later)
CVE-2018-19945 31 Dec 2020
A vulnerability has been reported to affect earlier QNAP devices running QTS 4.3.4 to 4.3.6. Caused by improper limitations of a pathname to a restricted directory, this vulnerability allows for renaming arbitrary files on the target system, if exploited. QNAP have already fixed this vulnerability in the following versions: QTS 4.3.6.0895 build 20190328 (and later) QTS 4.3.4.0899 build 20190322 (and later) This issue does not affect QTS 4.4.x or QTS 4.5.x.
CVE-2018-25001 31 Dec 2020
An issue was discovered in the libpulse-binding crate before 2.5.0 for Rust. proplist::Iterator can cause a use-after-free.

2017

CVE-2017-20001 1 Jan 2021
The AES encryption project 7.x and 8.x for Drupal does not sufficiently prevent attackers from decrypting data, aka SA-CONTRIB-2017-027. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2017-14451 2 Dec 2020
An exploitable out-of-bounds read vulnerability exists in libevm (Ethereum Virtual Machine) of CPP-Ethereum. A specially crafted smart contract code can cause an out-of-bounds read which can subsequently trigger an out-of-bounds write resulting in remote code execution. An attacker can create/send malicious smart contract to trigger this vulnerability.
CVE-2017-2910 2 Dec 2020
An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0. A specially crafted xls file can cause a memory corruption resulting in remote code execution. An attacker can send malicious xls file to trigger this vulnerability.
CVE-2017-15680 27 Nov 2020
In Crafter CMS Crafter Studio 3.0.1 an IDOR vulnerability exists which allows unauthenticated attackers to view and modify administrative data.
CVE-2017-15681 27 Nov 2020
In Crafter CMS Crafter Studio 3.0.1 a directory traversal vulnerability exists which allows unauthenticated attackers to overwrite files from the operating system which can lead to RCE.
CVE-2017-15682 27 Nov 2020
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
CVE-2017-15683 27 Nov 2020
In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.
CVE-2017-15684 27 Nov 2020
Crafter CMS Crafter Studio 3.0.1 has a directory traversal vulnerability which allows unauthenticated attackers to view files from the operating system.
CVE-2017-15685 27 Nov 2020
Crafter CMS Crafter Studio 3.0.1 is affected by: XML External Entity (XXE). An unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.
CVE-2017-15686 27 Nov 2020
Crafter CMS Crafter Studio 3.0.1 is affected by: Cross Site Scripting (XSS), which allows remote attackers to steal users’ cookies.
CVE-2017-18926 6 Nov 2020
raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates the maximum nspace declarations for the XML writer, leading to heap-based buffer overflows (sometimes seen in raptor_qname_format_as_xml).
CVE-2017-15140 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15141 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15142 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15143 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15144 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15145 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15146 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15147 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15148 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15149 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15150 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15151 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15152 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15153 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15154 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15155 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15156 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15157 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15158 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15159 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15160 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15161 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15162 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15163 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15164 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15165 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15166 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15167 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15168 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15169 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15170 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15171 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15172 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15173 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15174 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15175 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15176 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15177 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2017-15178 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.

2016

CVE-2016-20001 1 Jan 2021
The REST/JSON project 7.x-1.x for Drupal allows node access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20002 1 Jan 2021
The REST/JSON project 7.x-1.x for Drupal allows comment access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20003 1 Jan 2021
The REST/JSON project 7.x-1.x for Drupal allows user enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20004 1 Jan 2021
The REST/JSON project 7.x-1.x for Drupal allows field access bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20005 1 Jan 2021
The REST/JSON project 7.x-1.x for Drupal allows user registration bypass, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20006 1 Jan 2021
The REST/JSON project 7.x-1.x for Drupal allows blockage of user logins, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20007 1 Jan 2021
The REST/JSON project 7.x-1.x for Drupal allows session name guessing, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-20008 1 Jan 2021
The REST/JSON project 7.x-1.x for Drupal allows session enumeration, aka SA-CONTRIB-2016-033. NOTE: This project is not covered by Drupal's security advisory policy.
CVE-2016-9021 31 Dec 2020
Exponent CMS before 2.6.0 has improper input validation in storeController.php.
CVE-2016-9022 31 Dec 2020
Exponent CMS before 2.6.0 has improper input validation in usersController.php.
CVE-2016-9023 31 Dec 2020
Exponent CMS before 2.6.0 has improper input validation in cron/find_help.php.
CVE-2016-9025 31 Dec 2020
Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php.
CVE-2016-9026 31 Dec 2020
Exponent CMS before 2.6.0 has improper input validation in fileController.php.
CVE-2016-15001 10 Dec 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2016-0743 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2016-0744 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2016-0745 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2016-11086 24 Sep 2020
lib/oauth/consumer.rb in the oauth-ruby gem through 0.5.4 for Ruby does not verify server X.509 certificates if a certificate bundle cannot be found, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.
CVE-2016-6498 17 Aug 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none.
CVE-2016-6499 17 Aug 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none.
CVE-2016-6502 17 Aug 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2016. Notes: none.
CVE-2016-11085 16 Aug 2020
php/qmn_options_questions_tab.php in the quiz-master-next plugin before 4.7.9 for WordPress allows CSRF, with resultant stored XSS, via the question_name parameter because js/admin_question.js mishandles parsing inside of a SCRIPT element.
CVE-2016-7063 21 Jul 2020
A flaw was found in pritunl-client before version 1.0.1116.6. Arbitrary write to user specified path may lead to privilege escalation.
CVE-2016-7064 21 Jul 2020
A flaw was found in pritunl-client before version 1.0.1116.6. A lack of signature verification leads to sensitive information leakage
CVE-2016-11062 19 Jun 2020
An issue was discovered in Mattermost Server before 3.5.1. E-mail address verification can be bypassed.
CVE-2016-11063 19 Jun 2020
An issue was discovered in Mattermost Server before 3.5.1. XSS can occur via file preview.
CVE-2016-11064 19 Jun 2020
An issue was discovered in Mattermost Desktop App before 3.4.0. Strings could be executed as code via injection.
CVE-2016-11065 19 Jun 2020
An issue was discovered in Mattermost Server before 3.3.0. An attacker could use the WebSocket feature to send pop-up messages to users or change a post's appearance.
CVE-2016-11066 19 Jun 2020
An issue was discovered in Mattermost Server before 3.2.0. The initial_load API disclosed unnecessary personal information.
CVE-2016-11067 19 Jun 2020
An issue was discovered in Mattermost Server before 3.2.0. It allowed crafted posts that could cause a web browser to hang.
CVE-2016-11068 19 Jun 2020
An issue was discovered in Mattermost Server before 3.2.0. Attackers could read LDAP fields via injection.
CVE-2016-11069 19 Jun 2020
An issue was discovered in Mattermost Server before 3.2.0. It mishandles brute-force attempts at password change.
CVE-2016-11070 19 Jun 2020
An issue was discovered in Mattermost Server before 3.1.0. It allows XSS via theme color-code values.
CVE-2016-11071 19 Jun 2020
An issue was discovered in Mattermost Server before 3.1.0. It allows XSS because the noreferrer and noopener protection mechanisms were not in place.
CVE-2016-11072 19 Jun 2020
An issue was discovered in Mattermost Server before 3.0.2. The purposes of a session ID and a Session Token were mishandled.
CVE-2016-11073 19 Jun 2020
An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a Legal or Support setting.
CVE-2016-11074 19 Jun 2020
An issue was discovered in Mattermost Server before 3.0.0. A password-reset link could be reused.
CVE-2016-11075 19 Jun 2020
An issue was discovered in Mattermost Server before 3.0.0. It allows attackers to obtain sensitive information about team URLs via an API.
CVE-2016-11076 19 Jun 2020
An issue was discovered in Mattermost Server before 3.0.0. It does not ensure that a cookie is used over SSL.
CVE-2016-11077 19 Jun 2020
An issue was discovered in Mattermost Server before 3.0.0. It has a superfluous API in which the System Admin can change the account name and e-mail address of an LDAP account.
CVE-2016-11078 19 Jun 2020
An issue was discovered in Mattermost Server before 3.0.0. It potentially allows attackers to obtain sensitive information (credential fields within config.json) via the System Console UI.
CVE-2016-11079 19 Jun 2020
An issue was discovered in Mattermost Server before 3.0.0. It allows XSS via a redirect URL.
CVE-2016-11080 19 Jun 2020
An issue was discovered in Mattermost Server before 3.0.0. It offers superfluous APIs for a Team Administrator to view account details.
CVE-2016-11081 19 Jun 2020
An issue was discovered in Mattermost Server before 2.2.0. It allows unintended access to information stored by a web browser.
CVE-2016-11082 19 Jun 2020
An issue was discovered in Mattermost Server before 2.2.0. It allows XSS via a crafted link.
CVE-2016-11083 19 Jun 2020
An issue was discovered in Mattermost Server before 2.2.0. It allows XSS because it configures files to be opened in a browser window.
CVE-2016-11084 19 Jun 2020
An issue was discovered in Mattermost Server before 2.1.0. It allows XSS via CSRF.
CVE-2016-11061 (v3: 9.8) 29 Apr 2020
Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, and 7970i devices before 073.xxx.086.15410 do not properly escape parameters in the support/remoteUI/configrui.php script, which can allow an unauthenticated attacker to execute OS commands on the device.
CVE-2016-11057 (v3: 7.5) 28 Apr 2020
Certain NETGEAR devices are affected by mishandling of repeated URL calls. This affects JNR1010v2 before 2017-01-06, WNR614 before 2017-01-06, WNR618 before 2017-01-06, JWNR2000v5 before 2017-01-06, WNR2020 before 2017-01-06, JWNR2010v5 before 2017-01-06, WNR1000v4 before 2017-01-06, WNR2020v2 before 2017-01-06, R6220 before 2017-01-06, and WNDR3700v5 before 2017-01-06.
CVE-2016-11058 (v3: 7.5) 28 Apr 2020
The NETGEAR genie application before 2.4.34 for Android is affected by mishandling of hard-coded API keys and session IDs.

2015

CVE-2015-9550 24 Nov 2020
An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. By sending a specific hel,xasf packet to the WAN interface, it is possible to open the web management interface on the WAN interface.
CVE-2015-9551 24 Nov 2020
An issue was discovered on TOTOLINK A850R-V1 through 1.0.1-B20150707.1612 and F1-V2 through 1.1-B20150708.1646 devices. There is Remote Code Execution in the management interface via the formSysCmd sysCmd parameter.
CVE-2015-0300 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2015-1823 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2015-1824 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2015-1825 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2015-1826 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2015-7379 7 Oct 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2015-7380 7 Oct 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2015-4719 24 Sep 2020
The client API authentication mechanism in Pexip Infinity before 10 allows remote attackers to gain privileges via a crafted request.
CVE-2015-8032 14 Aug 2020
In Textpattern 4.5.7, an unprivileged author can change an article's markup setting.
CVE-2015-8033 14 Aug 2020
In Textpattern 4.5.7, the password-reset feature does not securely tether a hash to a user account.
CVE-2015-9549 3 Aug 2020
A reflected Cross-site Scripting (XSS) vulnerability exists in OcPortal 9.0.20 via the OCF_EMOTICON_CELL.tpl FIELD_NAME field to data/emoticons.php.
CVE-2015-5238 21 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2015-3796. Reason: This candidate is a reservation duplicate of CVE-2015-3796. Notes: All CVE users should reference CVE-2015-3796 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2015-9548 19 Jun 2020
An issue was discovered in Mattermost Server before 1.2.0. It allows attackers to cause a denial of service (memory consumption) via a small compressed file that has a large size when uncompressed.
CVE-2015-7946 (v3: 4.6) 7 May 2020
Information Exposure vulnerability in Unity8 as used on the Ubuntu phone and possibly also in Unity8 shipped elsewhere. This allows an attacker to enable the MTP service by opening the emergency dialer. Fixed in 8.11+16.04.20160111.1-0ubuntu1 and 8.11+15.04.20160122-0ubuntu1.
CVE-2015-8546 (v3: 9.8) 10 Apr 2020
An issue was discovered on Samsung mobile devices with software through 2015-11-12, affecting the Galaxy S6/S6 Edge, Galaxy S6 Edge+, and Galaxy Note5 with the Shannon333 chipset. There is a stack-based buffer overflow in the baseband process that is exploitable for remote code execution via a fake base station. The Samsung ID is SVE-2015-5123 (December 2015).
CVE-2015-5524 (v3: 9.8) 10 Apr 2020
An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-05-13. There is a buffer overflow in datablock_write because the amount of received data is not validated. The Samsung ID is SVE-2015-4018 (December 2015).
CVE-2015-9546 (v3: 4.8) 10 Apr 2020
An issue was discovered on Samsung mobile devices with KK(4.4) and later software through 2015-06-16. In some cases, HTTP is used for an Inputmethod, rather than HTTPS. A man-in-the-middle attacker can modify the client-server data stream to insert directory traversal sequences into an extracted file path. The Samsung ID is SVE-2015-4363 (November 2015).
CVE-2015-9547 (v3: 7.5) 10 Apr 2020
An issue was discovered on Samsung mobile devices with JBP(4.3) and KK(4.4.2) software. Because the READ_LOGS permission is mishandled, sensitive information is disclosed in a world-readable copy of the log file if the error message is "Unhandled exception in Dalvik VM," "Application not responding ANR event," or "Crash on an application's native code." The Samsung ID is SVE-2015-2885 (October 2015).
CVE-2015-9544 (v3: 7.1) 7 Apr 2020
An issue was discovered in xdLocalStorage through 2.0.5. The receiveMessage() function in xdLocalStoragePostMessageApi.js does not implement any validation of the origin of web messages. Remote attackers who can entice a user to load a malicious site can exploit this issue to impact the confidentiality and integrity of data in the local storage of the vulnerable site via malicious web messages.
CVE-2015-9545 (v3: 7.1) 7 Apr 2020
An issue was discovered in xdLocalStorage through 2.0.5. The receiveMessage() function in xdLocalStorage.js does not implement any validation of the origin of web messages. Remote attackers who can entice a user to load a malicious site can exploit this issue to impact the confidentiality and integrity of data in the local storage of the vulnerable site via malicious web messages.
CVE-2015-7333 (v3: 7.8) 27 Mar 2020
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior where the SUService.exe /type INF and INF_BY_COMPATIBLE_ID command types could allow a user to execute arbitrary code with elevated privileges.
CVE-2015-7334 (v3: 7.8) 27 Mar 2020
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior where the SUService.exe /type COMMAND type could allow a user to execute arbitrary code with elevated privileges.
CVE-2015-7335 (v3: 7) 27 Mar 2020
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A race condition was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow a user to execute arbitrary code with elevated privileges.
CVE-2015-7336 (v3: 7.5) 27 Mar 2020
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was reported (fixed and publicly disclosed in 2015) in Lenovo System Update version 5.07.0008 and prior that could allow the signature check of an update to be bypassed.
CVE-2015-5684 (v3: 9.8) 27 Mar 2020
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A buffer overflow vulnerability was reported, (fixed and publicly disclosed in 2015) in the Lenovo Service Engine (LSE), affecting various versions of BIOS for Lenovo Notebooks, that could allow a remote user to execute arbitrary code on the system.
CVE-2015-8534 (v3: 7.8) 27 Mar 2020
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A local privilege escalation vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center (LSC) prior to version 3.3.002 that could allow a user to execute arbitrary code with elevated privileges.
CVE-2015-8535 (v3: 7.8) 27 Mar 2020
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A directory traversal vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center (LSC) prior to version 3.3.002 that could allow a user to execute arbitrary code with elevated privileges.
CVE-2015-8536 (v3: 8.8) 27 Mar 2020
MITRE is populating this ID because it was assigned prior to Lenovo becoming a CNA. A vulnerability was discovered (fixed and publicly disclosed in 2015) in Lenovo Solution Center (LSC) prior to version 3.3.002 that could allow cross-site request forgery.
CVE-2015-3641 (v3: 7.5) 12 Mar 2020
bitcoind and Bitcoin-Qt prior to 0.10.2 allow attackers to cause a denial of service (disabled functionality such as a client application crash) via an "Easy" attack.
CVE-2015-7338 (v3: 7.2) 9 Mar 2020
SQL Injection exists in AcyMailing Joomla Component before 4.9.5 via exportgeolocorder in a geolocation_longitude request to index.php.
CVE-2015-7339 (v3: 8.8) 9 Mar 2020
JCE Joomla Component 2.5.0 to 2.5.2 allows arbitrary file upload via a .php file extension for an image file to the /com_jce/editor/libraries/classes/browser.php script.
CVE-2015-7340 (v3: 7.2) 9 Mar 2020
JEvents Joomla Component before 3.4.0 RC6 has SQL Injection via evid in a Manage Events action.
CVE-2015-7341 (v3: 8.8) 9 Mar 2020
JNews Joomla Component before 8.5.0 allows arbitrary File Upload via Subscribers or Templates, as demonstrated by the .php5 extension.
CVE-2015-7342 (v3: 7.2) 9 Mar 2020
JNews Joomla Component before 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, or Newsletters Search Field.
CVE-2015-7343 (v3: 4.8) 9 Mar 2020
JNews Joomla Component before 8.5.0 has XSS via the mailingsearch parameter.
CVE-2015-7344 (v3: 4.8) 9 Mar 2020
HikaShop Joomla Component before 2.6.0 has XSS via an injected payload[/caption].
CVE-2015-7968 (v3: 4.3) 9 Mar 2020
nwbc_ext2int in SAP NetWeaver Application Server before Security Note 2183189 allows XXE attacks for local file inclusion via the sap/bc/ui2/nwbc/nwbc_ext2int/ URI.
CVE-2015-1583 (v3: 8.8) 2 Mar 2020
Multiple cross-site request forgery (CSRF) vulnerabilities in ATutor 2.2 allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator account via a request to mods/_core/users/admins/create.php or (2) create a user account via a request to mods/_core/users/create_user.php.
CVE-2015-3006 (v3: 6.5) 28 Feb 2020
On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. Entropy increases after the system has been up and running for some time, but immediately after boot, the entropy is very low. This issue only affects the QFX3500 and QFX3600 switches. No other Juniper Networks products or platforms are affected by this weak entropy vulnerability.
CVE-2015-5361 (v3: 6.5) 28 Feb 2020
Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specific information and will open a wider TCP data channel (gate) from client IP to server IP on all destination TCP ports. In FTP/FTPS client environments to an enterprise network or the Internet, this is the desired behavior as it allows firewall policy to be written to FTP/FTPS servers on well-known control ports without using a policy with destination IP ANY and destination port ANY. Issue The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration.? Note that the ftps-extensions option is not enabled by default.
CVE-2015-2992 (v3: 6.1) 27 Feb 2020
Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability.
CVE-2015-5686 (v3: 8.8) 27 Feb 2020
Parts of the Puppet Enterprise Console 3.x were found to be susceptible to clickjacking and CSRF (Cross-Site Request Forgery) attacks. This would allow an attacker to redirect user input to an untrusted site or hijack a user session.
CVE-2015-5201 (v3: 7.5) 25 Feb 2020
VDSM and libvirt in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H) 7-7.x before 7-7.2-20151119.0 and 6-6.x before 6-6.7-20151117.0 as packaged in Red Hat Enterprise Virtualization before 3.5.6 when VSDM is run with -spice disable-ticketing and a VM is suspended and then restored, allows remote attackers to log in without authentication via unspecified vectors.
CVE-2015-0565 (v3: 10) 25 Feb 2020
NaCl in 2015 allowed the CLFLUSH instruction, making rowhammer attacks possible.
CVE-2015-9542 (v3: 7.5) 24 Feb 2020
add_password in pam_radius_auth.c in pam_radius 1.4.0 does not correctly check the length of the input password, and is vulnerable to a stack-based buffer overflow during memcpy(). An attacker could send a crafted password to an application (loading the pam_radius library) and crash it. Arbitrary code execution might be possible, depending on the application, C library, compiler, and other factors.
CVE-2015-4410 (v3: 7.5) 20 Feb 2020
The Moped::BSON::ObjecId.legal? method in rubygem-moped before commit dd5a7c14b5d2e466f7875d079af71ad19774609b allows remote attackers to cause a denial of service (worker resource consumption) or perform a cross-site scripting (XSS) attack via a crafted string.
CVE-2015-4411 (v3: 7.5) 20 Feb 2020
The Moped::BSON::ObjecId.legal? method in mongodb/bson-ruby before 3.0.4 as used in rubygem-moped allows remote attackers to cause a denial of service (worker resource consumption) via a crafted string. NOTE: This issue is due to an incomplete fix to CVE-2015-4410.
CVE-2015-2923 (v3: 6.5) 20 Feb 2020
The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in FreeBSD through 10.1 allows remote attackers to reconfigure a hop-limit setting via a small hop_limit value in a Router Advertisement (RA) message.

2014

CVE-2014-7820 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2014-7855 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2014-7856 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2014-10402 16 Sep 2020
An issue was discovered in the DBI module through 1.643 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute in the data source name (DSN). NOTE: this issue exists because of an incomplete fix for CVE-2014-10401.
CVE-2014-10401 11 Sep 2020
An issue was discovered in the DBI module before 1.632 for Perl. DBD::File drivers can open files from folders other than those specifically passed via the f_dir attribute.
CVE-2014-1420 11 Sep 2020
On desktop, Ubuntu UI Toolkit's StateSaver would serialise data on tmp/ files which an attacker could use to expose potentially sensitive data. StateSaver would also open files without the O_EXCL flag. An attacker could exploit this to launch a symlink attack, though this is partially mitigated by symlink and hardlink restrictions in Ubuntu. Fixed in 1.1.1188+14.10.20140813.4-0ubuntu1.
CVE-2014-1422 22 Jul 2020
In Ubuntu's trust-store, if a user revokes location access from an application, the location is still available to the application because the application will honour incorrect, cached permissions. This is because the cache was not ordered by creation time by the Select struct in src/core/trust/impl/sqlite3/store.cpp. Fixed in trust-store (Ubuntu) version 1.1.0+15.04.20150123-0ubuntu1 and trust-store (Ubuntu RTM) version 1.1.0+15.04.20150123~rtm-0ubuntu1.
CVE-2014-7173 (v3: 9.8) 1 Jun 2020
FarLinX X25 Gateway through 2014-09-25 allows command injection via shell metacharacters to sysSaveMonitorData.php, fsx25MonProxy.php, syseditdate.php, iframeupload.php, or sysRestoreX25Cplt.php.
CVE-2014-7174 (v3: 5.3) 1 Jun 2020
FarLinX X25 Gateway through 2014-09-25 allows directory traversal via the log-handling feature.
CVE-2014-7175 (v3: 9.8) 1 Jun 2020
FarLinX X25 Gateway through 2014-09-25 allows attackers to write arbitrary data to fsUI.xyz via fsSaveUIPersistence.php.
CVE-2014-8937 (v3: 7.5) 1 Jun 2020
Lexiglot through 2014-11-20 allows denial of service because api/update.php launches svn update operations that use a great deal of resources.
CVE-2014-8938 (v3: 7.8) 1 Jun 2020
Lexiglot through 2014-11-20 allows local users to obtain sensitive information by listing a process because the username and password are on the command line.
CVE-2014-8939 (v3: 5.3) 1 Jun 2020
Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (full path) via an include/smarty/plugins/modifier.date_format.php request if PHP has a non-recommended configuration that produces warning messages.
CVE-2014-8940 (v3: 5.3) 1 Jun 2020
Lexiglot through 2014-11-20 allows remote attackers to obtain sensitive information (names and details of projects) by visiting the /update.log URI.
CVE-2014-8941 (v3: 9.8) 1 Jun 2020
Lexiglot through 2014-11-20 allows SQL injection via an admin.php?page=users&from_id= or admin.php?page=history&limit= URI.
CVE-2014-8942 (v3: 8.8) 1 Jun 2020
Lexiglot through 2014-11-20 allows CSRF.
CVE-2014-8943 (v3: 8.8) 1 Jun 2020
Lexiglot through 2014-11-20 allows SSRF via the admin.php?page=projects svn_url parameter.
CVE-2014-8944 (v3: 5.4) 1 Jun 2020
Lexiglot through 2014-11-20 allows XSS (Reflected) via the username, or XSS (Stored) via the admin.php?page=config install_name, intro_message, or new_file_content parameter.
CVE-2014-8945 (v3: 9.8) 1 Jun 2020
admin.php?page=projects in Lexiglot through 2014-11-20 allows command injection via username and password fields.
CVE-2014-9702 (v3: 7.5) 1 Jun 2020
system/classes/DbPDO.php in Cmfive through 2015-03-15, when database connectivity malfunctions, allows remote attackers to obtain sensitive information (username and password) via any request, such as a password reset request.
CVE-2014-1423 (v3: 5.5) 7 May 2020
signond before 8.57+15.04.20141127.1-0ubuntu1, as used in Ubuntu Touch, did not properly restrict applications from querying oath tokens due to incorrect checks and the missing installation of the signon-apparmor-extension. An attacker could use this create a malicious click app that collects oauth tokens for other applications, exposing sensitive information.
CVE-2014-2721 (v3: 8.8) 19 Mar 2020
In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect.
CVE-2014-2722 (v3: 8.8) 19 Mar 2020
In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect.
CVE-2014-2723 (v3: 8.8) 19 Mar 2020
In FortiBalancer 400, 1000, 2000 and 3000, a platform-specific remote access vulnerability has been discovered that may allow a remote user to gain privileged access to affected systems using SSH. The vulnerability is caused by a configuration error, and is not the result of an underlying SSH defect.
CVE-2014-1634 (v3: 9.8) 9 Mar 2020
SQL Injection exists in Advanced Newsletter Magento extension before 2.3.5 via the /store/advancednewsletter/index/subscribeajax/an_category_id/ PATH_INFO.
CVE-2014-7914 (v3: 8.1) 21 Feb 2020
btif/src/btif_dm.c in Android before 5.1 does not properly enforce the temporary nature of a Bluetooth pairing, which allows user-assisted remote attackers to bypass intended access restrictions via crafted Bluetooth packets after the tapping of a crafted NFC tag.
CVE-2014-3557 20 Feb 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2014-4019 (v3: 7.5) 20 Feb 2020
ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK stores sensitive information under the web root with insufficient access control, which allows remote attackers to read backup files via a direct request for rom-0.
CVE-2014-4650 (v3: 9.8) 20 Feb 2020
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct directory traversal attacks and execute unintended code via a crafted character sequence, as demonstrated by a %2f separator.
CVE-2014-7951 (v3: 4.6) 20 Feb 2020
Directory traversal vulnerability in the Android debug bridge (aka adb) in Android 4.0.4 allows physically proximate attackers with a direct connection to the target Android device to write to arbitrary files owned by system via a .. (dot dot) in the tar archive headers.
CVE-2014-4657 (v3: 9.8) 20 Feb 2020
The safe_eval function in Ansible before 1.5.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions.
CVE-2014-4658 (v3: 5.5) 20 Feb 2020
The vault subsystem in Ansible before 1.5.5 does not set the umask before creation or modification of a vault file, which allows local users to obtain sensitive key information by reading a file.
CVE-2014-4659 (v3: 5.5) 20 Feb 2020
Ansible before 1.5.5 sets 0644 permissions for sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by reading a file that uses the "deb http://user:pass@server:port/" format.
CVE-2014-3484 (v3: 9.8) 20 Feb 2020
Multiple stack-based buffer overflows in the __dn_expand function in network/dn_expand.c in musl libc 1.1x before 1.1.2 and 0.9.13 through 1.0.3 allow remote attackers to (1) have unspecified impact via an invalid name length in a DNS response or (2) cause a denial of service (crash) via an invalid name length in a DNS response, related to an infinite loop with no output.
CVE-2014-4660 (v3: 5.5) 20 Feb 2020
Ansible before 1.5.5 constructs filenames containing user and password fields on the basis of deb lines in sources.list, which might allow local users to obtain sensitive credential information in opportunistic circumstances by leveraging existence of a file that uses the "deb http://user:pass@server:port/" format.
CVE-2014-4678 (v3: 9.8) 20 Feb 2020
The safe_eval function in Ansible before 1.6.4 does not properly restrict the code subset, which allows remote attackers to execute arbitrary code via crafted instructions. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-4657.
CVE-2014-9617 (v3: 6.1) 19 Feb 2020
Open redirect vulnerability in remotereporter/load_logfiles.php in Netsweeper before 4.0.5 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
CVE-2014-9606 (v3: 6.1) 19 Feb 2020
Multiple cross-site scripting (XSS) vulnerabilities in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allow remote attackers to inject arbitrary web script or HTML via the (1) server parameter to remotereporter/load_logfiles.php, (2) customctid parameter to webadmin/policy/category_table_ajax.php, (3) urllist parameter to webadmin/alert/alert.php, (4) QUERY_STRING to webadmin/ajaxfilemanager/ajax_get_file_listing.php, or (5) PATH_INFO to webadmin/policy/policy_table_ajax.php/.
CVE-2014-9607 (v3: 6.1) 19 Feb 2020
Cross-site scripting (XSS) vulnerability in remotereporter/load_logfiles.php in Netsweeper 4.0.3 and 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the url parameter.
CVE-2014-9608 (v3: 6.1) 19 Feb 2020
Cross-site scripting (XSS) vulnerability in webadmin/policy/group_table_ajax.php/ in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2014-9609 (v3: 5.3) 19 Feb 2020
Directory traversal vulnerability in webadmin/reporter/view_server_log.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to list directory contents via a .. (dot dot) in the log parameter in a stats action.
CVE-2014-9612 (v3: 9.8) 19 Feb 2020
SQL injection vulnerability in remotereporter/load_logfiles.php in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to execute arbitrary SQL commands via the server parameter.
CVE-2014-9613 (v3: 9.8) 19 Feb 2020
Multiple SQL injection vulnerabilities in Netsweeper before 2.6.29.10 allow remote attackers to execute arbitrary SQL commands via the (1) login parameter to webadmin/auth/verification.php or (2) dpid parameter to webadmin/deny/index.php.
CVE-2014-9614 (v3: 9.8) 19 Feb 2020
The Web Panel in Netsweeper before 4.0.5 has a default password of branding for the branding account, which makes it easier for remote attackers to obtain access via a request to webadmin/.
CVE-2014-9615 (v3: 6.1) 19 Feb 2020
Cross-site scripting (XSS) vulnerability in Netsweeper 4.0.4 allows remote attackers to inject arbitrary web script or HTML via the url parameter to webadmin/deny/index.php.
CVE-2014-2228 (v3: 9.8) 19 Feb 2020
The XStream extension in HP Fortify SCA before 2.2 RC3 allows remote attackers to execute arbitrary code via unsafe deserialization of XML messages.
CVE-2014-2727 (v3: 9.8) 19 Feb 2020
The STARTTLS implementation in MailMarshal before 7.2 allows plaintext command injection.
CVE-2014-3622 (v3: 9.8) 19 Feb 2020
Use-after-free vulnerability in the add_post_var function in the Posthandler component in PHP 5.6.x before 5.6.1 might allow remote attackers to execute arbitrary code by leveraging a third-party filter extension that accesses a certain ksep value.
CVE-2014-3879 (v3: 9.8) 18 Feb 2020
OpenPAM Nummularia 9.2 through 10.0 does not properly handle the error reported when an include directive refers to a policy that does not exist, which causes the loaded policy chain to no be discarded and allows context-dependent attackers to bypass authentication via a login (1) without a password or (2) with an incorrect password.
CVE-2014-4966 (v3: 9.8) 18 Feb 2020
Ansible before 1.6.7 does not prevent inventory data with "{{" and "lookup" substrings, and does not prevent remote data with "{{" substrings, which allows remote attackers to execute arbitrary code via (1) crafted lookup('pipe') calls or (2) crafted Jinja2 data.

2013

CVE-2013-20001 12 Feb 2021
An issue was discovered in OpenZFS through 2.0.3. When an NFS share is exported to IPv6 addresses via the sharenfs feature, there is a silent failure to parse the IPv6 address data, and access is allowed to everyone. IPv6 restrictions from the configuration are not applied.
CVE-2013-2512 26 Jan 2021
The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic.
CVE-2013-1053 13 Jan 2021
In crypt.c of remote-login-service, the cryptographic algorithm used to cache usernames and passwords is insecure. An attacker could use this vulnerability to recover usernames and passwords from the file. This issue affects version 1.0.0-0ubuntu3 and prior versions.
CVE-2013-6502 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2013-6503 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2013-6504 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2013-6505 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2013-6506 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2013-7490 11 Sep 2020
An issue was discovered in the DBI module before 1.632 for Perl. Using many arguments to methods for Callbacks may lead to memory corruption.
CVE-2013-7491 11 Sep 2020
An issue was discovered in the DBI module before 1.628 for Perl. Stack corruption occurs when a user-defined function requires a non-trivial amount of memory and the Perl stack gets reallocated.
CVE-2013-0802 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2013. Notes: none.
CVE-2013-1703 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2013. Notes: none.
CVE-2013-7489 26 Jun 2020
The Beaker library through 1.11.0 for Python is affected by deserialization of untrusted data, which could lead to arbitrary code execution.
CVE-2013-7488 (v3: 7.5) 7 Apr 2020
perl-Convert-ASN1 (aka the Convert::ASN1 module for Perl) through 0.27 allows remote attackers to cause an infinite loop via unexpected input.
CVE-2013-7487 (v3: 9.8) 21 Mar 2020
On Swann DVR04B, DVR08B, DVR-16CIF, and DVR16B devices, raysharpdvr application has a vulnerable call to “system”, which allows remote attackers to execute arbitrary code via TCP port 9000.
CVE-2013-1753 (v3: 7.5) 11 Mar 2020
The gzip_decode function in the xmlrpc client library in Python 3.4 and earlier allows remote attackers to cause a denial of service (memory consumption) via a crafted HTTP request.
CVE-2013-3587 (v3: 5.9) 21 Feb 2020
The HTTPS protocol, as used in unspecified web applications, can encrypt compressed data without properly obfuscating the length of the unencrypted data, which makes it easier for man-in-the-middle attackers to obtain plaintext secret values by observing length differences during a series of guesses in which a string in an HTTP request URL potentially matches an unknown string in an HTTP response body, aka a "BREACH" attack, a different issue than CVE-2012-4929.
CVE-2013-4088 (v3: 6.5) 21 Feb 2020
Kernel/Modules/AgentTicketWatcher.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.21, 3.1.x before 3.1.17, and 3.2.x before 3.2.8 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket split mechanism.
CVE-2013-3551 (v3: 6.5) 21 Feb 2020
Kernel/Modules/AgentTicketPhone.pm in Open Ticket Request System (OTRS) 3.0.x before 3.0.20, 3.1.x before 3.1.16, and 3.2.x before 3.2.7, and OTRS ITSM 3.0.x before 3.0.8, 3.1.x before 3.1.9, and 3.2.x before 3.2.5 does not properly restrict tickets, which allows remote attackers with a valid agent login to read restricted tickets via a crafted URL involving the ticket split mechanism.
CVE-2013-7109 (v3: 7.3) 20 Feb 2020
OpenStack Swift as of 2013-12-15 mishandles PYTHON_EGG_CACHE
CVE-2013-2018 (v3: 9.8) 20 Feb 2020
Multiple SQL injection vulnerabilities in BOINC allow remote attackers to execute arbitrary SQL commands via unspecified vectors.
CVE-2013-5581 19 Feb 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2013-4226 (v3: 6.5) 18 Feb 2020
The Authenticated User Page Caching (Authcache) module 7.x-1.x before 7.x-1.5 for Drupal does not properly restrict access to cached pages, which allows remote attackers with the same role-combination as the superuser to obtain sensitive information via the cached pages of the superuser.
CVE-2013-4228 (v3: 4.3) 18 Feb 2020
The OG access fields (visibility fields) implementation in Organic Groups (OG) module 7.x-2.x before 7.x-2.3 for Drupal does not properly restrict access to private groups, which allows remote authenticated users to guess node IDs, subscribe to, and read the content of arbitrary private groups via unspecified vectors.
CVE-2013-3323 (v3: 9.8) 18 Feb 2020
A Privilege Escalation Vulnerability exists in IBM Maximo Asset Management 7.5, 7.1, and 6.2, when WebSeal with Basic Authentication is used, due to a failure to invalidate the authentication session, which could let a malicious user obtain unauthorized access.
CVE-2013-6295 (v3: 9.8) 18 Feb 2020
PrestaShop 1.5.5 vulnerable to privilege escalation via a Salesman account via upload module
CVE-2013-2679 (v3: 6.1) 18 Feb 2020
Multiple cross-site scripting (XSS) vulnerabilities in Cisco Linksys E4200 router with firmware 1.0.05 build 7 allow remote attackers to inject arbitrary web script or HTML via the (1) log_type, (2) ping_ip, (3) ping_size, (4) submit_type, or (5) traceroute_ip parameter to apply.cgi or (6) new_workgroup or (7) submit_button parameter to storage/apply.cgi.
CVE-2013-4227 (v3: 8.8) 18 Feb 2020
Cross-site request forgery (CSRF) vulnerability in the persona_xsrf_token function in persona.module in the Mozilla Persona module 7.x-1.x before 7.x-1.11 for Drupal allows remote attackers to hijack the authentication of aribitrary users via a security token that is not a string data type.
CVE-2013-4454 (v3: 9.1) 18 Feb 2020
WordPress Portable phpMyAdmin Plugin 1.4.1 has Multiple Security Bypass Vulnerabilities
CVE-2013-5594 (v3: 4.3) 18 Feb 2020
Mozilla Firefox before 25 allows modification of anonymous content of pluginProblem.xml binding
CVE-2013-7324 (v3: 5.3) 17 Feb 2020
Webkit-GTK 2.x (any version with HTML5 audio/video support based on GStreamer) allows remote attackers to trigger unexpectedly high sound volume via malicious javascript. NOTE: this WebKit-GTK behavior complies with existing W3C standards and existing practices for GNOME desktop integration.
CVE-2013-3722 (v3: 7.5) 17 Feb 2020
A Denial of Service (infinite loop) exists in OpenSIPS before 1.10 in lookup.c.
CVE-2013-3738 (v3: 9.8) 17 Feb 2020
A File Inclusion vulnerability exists in Zabbix 2.0.6 due to inadequate sanitization of request strings in CGI scripts, which could let a remote malicious user execute arbitrary code.
CVE-2013-4211 (v3: 9.8) 14 Feb 2020
A Code Execution Vulnerability exists in OpenX Ad Server 2.8.10 due to a backdoor in flowplayer-3.1.1.min.js library, which could let a remote malicious user execute arbitrary PHP code
CVE-2013-4791 (v3: 5.4) 14 Feb 2020
PrestaShop before 1.4.11 allows Logistician, translators and other low level profiles/accounts to inject a persistent XSS vector on TinyMCE.
CVE-2013-4792 (v3: 5.5) 14 Feb 2020
PrestaShop before 1.4.11 allows logout CSRF.
CVE-2013-5212 (v3: 6.1) 14 Feb 2020
Cross-site Scripting (XSS) in EasyXDM before 2.4.18 allows remote attackers to inject arbitrary web script or html via the easyxdm.swf file.
CVE-2013-5687 (v3: 7.5) 14 Feb 2020
RiskNet Acquirer before hotfix 6.0 b7+ADHOC-443 ApplicationServiceBean contains a service information disclosure.
CVE-2013-6277 (v3: 7.5) 13 Feb 2020
QNAP VioCard 300 has hardcoded RSA private keys.
CVE-2013-7098 (v3: 9.8) 13 Feb 2020
OpenConnect VPN client with GnuTLS before 5.02 contains a heap overflow if MTU is increased on reconnection.
CVE-2013-6360 (v3: 7.5) 13 Feb 2020
TRENDnet TS-S402 has a backdoor to enable TELNET.
CVE-2013-6362 (v3: 9.8) 13 Feb 2020
Xerox ColorCube and WorkCenter devices in 2013 had hardcoded FTP and shell user accounts.
CVE-2013-7173 (v3: 9.8) 13 Feb 2020
Belkin n750 routers have a buffer overflow.
CVE-2013-7287 (v3: 9.8) 13 Feb 2020
MobileIron VSP < 5.9.1 and Sentry < 5.0 has an insecure encryption scheme.
CVE-2013-6927 (v3: 5.5) 13 Feb 2020
Internet TRiLOGI Server (unknown versions) could allow a local user to bypass security and create a local user account.
CVE-2013-1634 (v3: 7.5) 13 Feb 2020
A denial of service vulnerability exists in some motherboard implementations of Intel e1000e/82574L network controller devices through 2013-02-06 where the device can be brought into a non-processing state when parsing 32 hex, 33 hex, or 34 hex byte values at the 0x47f offset. NOTE: A followup statement from Intel suggests that the root cause of this issue was an incorrectly configured EEPROM image.
CVE-2013-1400 (v3: 9.8) 13 Feb 2020
Multiple SQL injection vulnerabilities in CWPPoll.js in WordPress Poll Plugin 34.5 for WordPress allow attackers to execute arbitrary SQL commands via the pollid or poll_id parameter in a viewPollResults or userlogs action.
CVE-2013-1401 (v3: 9.8) 13 Feb 2020
Multiple security bypass vulnerabilities in the editAnswer, deleteAnswer, addAnswer, and deletePoll functions in WordPress Poll Plugin 34.5 for WordPress allow a remote attacker to add, edit, and delete an answer and delete a poll.
CVE-2013-0295 13 Feb 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2013-0342. Reason: This candidate is a duplicate of [ID]. Notes: All CVE users should reference CVE-2013-0342 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2013-5106 (v3: 8.8) 12 Feb 2020
A Code Execution vulnerability exists in select.py when using python-mode 2012-12-19.

2012

CVE-2012-10001 6 Jan 2021
The Limit Login Attempts plugin before 1.7.1 for WordPress does not clear auth cookies upon a lockout, which might make it easier for remote attackers to conduct brute-force authentication attempts.
CVE-2012-0955 2 Dec 2020
software-properties was vulnerable to a person-in-the-middle attack due to incorrect TLS certificate validation in softwareproperties/ppa.py. software-properties didn't check TLS certificates under python2 and only checked certificates under python3 if a valid certificate bundle was provided. Fixed in software-properties version 0.92.
CVE-2012-6157 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2012-5528 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2012-5555 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2012-6154 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2012-6155 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2012-6156 5 Nov 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.
CVE-2012-3338 1 Sep 2020
IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to bypass security restrictions, caused by improper restrictions on the create new user account functionality. An attacker could exploit this vulnerability to create unprivileged user accounts. IBM X-Force ID: 78286.
CVE-2012-3340 1 Sep 2020
IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to XML external entity injection, caused by improper validation of user-supplied input. A remote authenticated attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID: 78291.
CVE-2012-3341 1 Sep 2020
IBM InfoSphere Guardium 7.0, 8.0, 8.01, and 8.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability using a specially-crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials. IBM X-Force ID: 78294.
CVE-2012-3336 1 Sep 2020
IBM InfoSphere Guardium 8.0, 8.01, and 8.2 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to multiple scripts, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 78282.
CVE-2012-3337 1 Sep 2020
IBM InfoSphere Guardium 8.0, 8.01, and 8.2 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to download arbitrary files on the system. IBM X-Force ID: 78284.
CVE-2012-6473 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6474 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6475 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6476 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6477 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6478 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6479 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6480 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6481 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6482 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6483 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6484 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6485 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6486 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6487 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6488 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6489 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6490 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6491 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-6492 10 Jul 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2012. Notes: none.
CVE-2012-0952 8 May 2020
A heap buffer overflow was discovered in the device control ioctl in the Linux driver for Nvidia graphics cards, which may allow an attacker to overflow 49 bytes. This issue was fixed in version 295.53.
CVE-2012-0953 8 May 2020
A race condition was discovered in the Linux drivers for Nvidia graphics which allowed an attacker to exfiltrate kernel memory to userspace. This issue was fixed in version 295.53.
CVE-2012-1101 (v3: 5.5) 11 Mar 2020
systemd 37-1 does not properly handle non-existent services, which causes a denial of service (failure of login procedure).
CVE-2012-1094 (v3: 7.5) 10 Mar 2020
JBoss AS 7 prior to 7.1.1 and mod_cluster do not handle default hostname in the same way, which can cause the excluded-contexts list to be mismatched and the root context to be exposed.
CVE-2012-1096 (v3: 5.5) 10 Mar 2020
NetworkManager 0.9 and earlier allows local users to use other users' certificates or private keys when making a connection via the file path when adding a new connection.
CVE-2012-0785 (v3: 7.5) 24 Feb 2020
Hash collision attack vulnerability in Jenkins before 1.447, Jenkins LTS before 1.424.2, and Jenkins Enterprise by CloudBees 1.424.x before 1.424.2.1 and 1.400.x before 1.400.0.11 could allow remote attackers to cause a considerable CPU load, aka "the Hash DoS attack."
CVE-2012-1093 (v3: 7.8) 21 Feb 2020
The init script in the Debian x11-common package before 1:7.6+12 is vulnerable to a symlink attack that can lead to a privilege escalation during package installation.
CVE-2012-0828 (v3: 9.8) 21 Feb 2020
Heap-based buffer overflow in Xchat-WDK before 1499-4 (2012-01-18) xchat 2.8.6 on Maemo architecture could allow remote attackers to cause a denial of service (xchat client crash) or execute arbitrary code via a UTF-8 line from server containing characters outside of the Basic Multilingual Plane (BMP).
CVE-2012-0844 (v3: 5.5) 21 Feb 2020
Information-disclosure vulnerability in Netsurf through 2.8 due to a world-readable cookie jar.
CVE-2012-6277 (v3: 7.8) 21 Feb 2020
Multiple unspecified vulnerabilities in Autonomy KeyView IDOL before 10.16, as used in Symantec Mail Security for Microsoft Exchange before 6.5.8, Symantec Mail Security for Domino before 8.1.1, Symantec Messaging Gateway before 10.0.1, Symantec Data Loss Prevention (DLP) before 11.6.1, IBM Notes 8.5.x, IBM Lotus Domino 8.5.x before 8.5.3 FP4, and other products, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, related to "a number of underlying issues" in which "some of these cases demonstrated memory corruption with attacker-controlled input and could be exploited to run arbitrary code."
CVE-2012-0063 (v3: 8.1) 21 Feb 2020
Insecure plugin update mechanism in tucan through 0.3.10 could allow remote attackers to perform man-in-the-middle attacks and execute arbitrary code ith the permissions of the user running tucan.
CVE-2012-5236 20 Feb 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVE-2012-2599 20 Feb 2020
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2012-3835. Reason: This issue was MERGED into CVE-2012-3835 in accordance with CVE content decisions, because it is the same type of vulnerability and affects the same versions. Notes: All CVE users should reference CVE-2012-3835 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.
CVE-2012-3351 (v3: 6.1) 20 Feb 2020
Multiple cross-site scripting (XSS) vulnerabilities in LongTail Video JW Player through 5.10.2295 allow remote attackers to inject arbitrary web script or HTML via the (1) link, (2) logo.link, or (3) aboutlink parameter, or a nested URI scheme name for (4) javascript, (5) asfunction, or (6) vbscript.
CVE-2012-5362 (v3: 7.5) 20 Feb 2020
The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2010-4669.
CVE-2012-5363 (v3: 7.5) 20 Feb 2020
The IPv6 implementation in FreeBSD and NetBSD (unknown versions, year 2012 and earlier) allows remote attackers to cause a denial of service via a flood of ICMPv6 Neighbor Solicitation messages, a different vulnerability than CVE-2011-2393.
CVE-2012-5364 (v3: 7.5) 20 Feb 2020
The IPv6 implementation in Microsoft Windows 7 and earlier allows remote attackers to cause a denial of service via a flood of ICMPv6 Router Advertisement packets containing multiple Routing entries.