Total
68 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-35623 | 1 Mediawiki | 1 Mediawiki | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the CasAuth extension for MediaWiki through 1.35.1. Due to improper username validation, it allowed user impersonation with trivial manipulations of certain characters within a given username. An ordinary user may be able to login as a "bureaucrat user" who has a similar username, as demonstrated by usernames that differ only in (1) bidirectional override symbols or (2) blank space. | |||||
| CVE-2020-35566 | 2 Helmholz, Mbconnectline | 4 Myrex24, Myrex24.virtual, Mbconnect24 and 1 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2. An attacker can read arbitrary JSON files via Local File Inclusion. | |||||
| CVE-2020-26233 | 1 Microsoft | 1 Git Credential Manager Core | 2024-11-21 | 3.6 LOW | 7.3 HIGH |
| Git Credential Manager Core (GCM Core) is a secure Git credential helper built on .NET Core that runs on Windows and macOS. In Git Credential Manager Core before version 2.0.289, when recursively cloning a Git repository on Windows with submodules, Git will first clone the top-level repository and then recursively clone all submodules by starting new Git processes from the top-level working directory. If a malicious git.exe executable is present in the top-level repository then this binary will be started by Git Credential Manager Core when attempting to read configuration, and not git.exe as found on the %PATH%. This only affects GCM Core on Windows, not macOS or Linux-based distributions. GCM Core version 2.0.289 contains the fix for this vulnerability, and is available from the project's GitHub releases page. GCM Core 2.0.289 is also bundled in the latest Git for Windows release; version 2.29.2(3). As a workaround, users should avoid recursively cloning untrusted repositories with the --recurse-submodules option. | |||||
| CVE-2020-23448 | 1 Newbee-mall Project | 1 Newbee-mall | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| newbee-mall all versions are affected by incorrect access control to remotely gain privileges through AdminLoginInterceptor.java. The authentication logic of the system's background /admin is in code AdminLoginInterceptor, which can be bypassed. | |||||
| CVE-2020-13311 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. Wiki was vulnerable to a parser attack that prohibits anyone from accessing the Wiki functionality through the user interface. | |||||
| CVE-2020-12279 | 2 Debian, Libgit2 | 2 Debian Linux, Libgit2 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1353. | |||||
| CVE-2020-12278 | 2 Debian, Libgit2 | 2 Debian Linux, Libgit2 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution when cloning a repository. This issue is similar to CVE-2019-1352. | |||||
| CVE-2020-10574 | 1 Meetecho | 1 Janus | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "query_logger" Admin API request, because of a typo in the JSON validation. | |||||
| CVE-2019-9901 | 1 Envoyproxy | 1 Envoy | 2024-11-21 | 7.5 HIGH | 6.5 MEDIUM |
| Envoy 1.9.0 and before does not normalize HTTP URL paths. A remote attacker may craft a relative path, e.g., something/../admin, to bypass access control, e.g., a block on /admin. A backend server could then interpret the non-normalized path and provide an attacker access beyond the scope provided for by the access control policy. | |||||
| CVE-2019-9616 | 1 Ofcms Project | 1 Ofcms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in OFCMS before 1.1.3. Remote attackers can execute arbitrary code because blocking of .jsp and .jspx files does not consider (for example) file.jsp::$DATA to the admin/ueditor/uploadScrawl URI. | |||||
| CVE-2019-8908 | 1 Wtcms Project | 1 Wtcms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in WTCMS 1.0. It allows remote attackers to execute arbitrary PHP code by going to the "Setting -> Mailbox configuration -> Registration email template" screen, and uploading an image file, as demonstrated by a .php filename and the "Content-Type: image/gif" header. | |||||
| CVE-2019-8395 | 1 Zohocorp | 1 Manageengine Servicedesk Plus | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10007 via an attachment to a request. | |||||
| CVE-2019-7731 | 1 Mywebsql | 1 Mywebsql | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file. | |||||
| CVE-2019-6289 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variation of the .php extension, as demonstrated by the 1.pHP filename. | |||||
| CVE-2019-1351 | 2 Microsoft, Opensuse | 3 Visual Studio 2017, Visual Studio 2019, Leap | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A tampering vulnerability exists when Git for Visual Studio improperly handles virtual drive paths, aka 'Git for Visual Studio Tampering Vulnerability'. | |||||
| CVE-2019-19921 | 5 Canonical, Debian, Linuxfoundation and 2 more | 5 Ubuntu Linux, Debian Linux, Runc and 2 more | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
| runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.) | |||||
| CVE-2019-19493 | 1 Kentico | 1 Kentico | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Kentico before 12.0.50 allows file uploads in which the Content-Type header is inconsistent with the file extension, leading to XSS. | |||||
| CVE-2019-17575 | 1 Wbce | 1 Wbce Cms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A file-rename filter bypass exists in admin/media/rename.php in WBCE CMS 1.4.0 and earlier. This can be exploited by an authenticated user with admin privileges to rename a media filename and extension. (For example: place PHP code in a .jpg file, and then change the file's base name to filename.ph and change the file's extension to p. Because of concatenation, the name is then treated as filename.php.) At the result, remote attackers can execute arbitrary PHP code. | |||||
| CVE-2019-12837 | 1 Gencat | 1 Portal D\'acces A La Universitat | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| The Java API in accesuniversitat.gencat.cat 1.7.5 allows remote attackers to get personal information of all registered students via several API endpoints. | |||||
| CVE-2019-0816 | 2 Canonical, Microsoft | 2 Ubuntu Linux, Azure | 2024-11-21 | 1.9 LOW | 5.1 MEDIUM |
| A security feature bypass exists in Azure SSH Keypairs, due to a change in the provisioning logic for some Linux images that use cloud-init, aka 'Azure SSH Keypairs Security Feature Bypass Vulnerability'. | |||||