Total
1368 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-27349 | 1 Canonical | 1 Ubuntu Linux | 2020-12-11 | 2.1 LOW | 5.5 MEDIUM |
| Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1.1.1+bzr982-0ubuntu19.5, 1.1.1+bzr982-0ubuntu14.5. | |||||
| CVE-2020-14205 | 1 Divebook Project | 1 Divebook | 2020-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
| The DiveBook plugin 1.1.4 for WordPress is prone to improper access control in the Log Dive form because it fails to perform authorization checks. An attacker may leverage this issue to manipulate the integrity of dive logs. | |||||
| CVE-2020-26231 | 1 Octobercms | 1 October | 2020-12-08 | 4.4 MEDIUM | 6.7 MEDIUM |
| October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. A bypass of CVE-2020-15247 (fixed in 1.0.469 and 1.1.0) was discovered that has the same impact as CVE-2020-15247. An authenticated backend user with the cms.manage_pages, cms.manage_layouts, or cms.manage_partials permissions who would normally not be permitted to provide PHP code to be executed by the CMS due to cms.enableSafeMode being enabled is able to write specific Twig code to escape the Twig sandbox and execute arbitrary PHP. This is not a problem for anyone that trusts their users with those permissions to normally write & manage PHP within the CMS by not having cms.enableSafeMode enabled, but would be a problem for anyone relying on cms.enableSafeMode to ensure that users with those permissions in production do not have access to write & execute arbitrary PHP. Issue has been patched in Build 470 (v1.0.470) and v1.1.1. | |||||
| CVE-2020-26212 | 1 Glpi-project | 1 Glpi | 2020-12-07 | 4.0 MEDIUM | 6.5 MEDIUM |
| GLPI stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.3, any authenticated user has read-only permissions to the planning of every other user, even admin ones. Steps to reproduce the behavior: 1. Create a new planning with 'eduardo.mozart' user (from 'IT' group that belongs to 'Super-admin') into it's personal planning at 'Assistance' > 'Planning'. 2. Copy the CalDAV url and use a CalDAV client (e.g. Thunderbird) to sync the planning with the provided URL. 3. Inform the username and password from any valid user (e.g. 'camila' from 'Proativa' group). 4. 'Camila' has read-only access to 'eduardo.mozart' personal planning. The same behavior happens to any group. E.g. 'Camila' has access to 'IT' group planning, even if she doesn't belong to this group and has a 'Self-service' profile permission). This issue is fixed in version 9.5.3. As a workaround, one can remove the `caldav.php` file to block access to CalDAV server. | |||||
| CVE-2020-2323 | 1 Netflix | 1 Chaos Monkey | 2020-12-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform permission checks in an HTTP endpoint, allowing attackers with Overall/Read permission to access the Chaos Monkey page and to see the history of actions. | |||||
| CVE-2020-29006 | 1 Misp | 1 Misp | 2020-12-03 | 7.5 HIGH | 9.8 CRITICAL |
| MISP before 2.4.135 lacks an ACL check, related to app/Controller/GalaxyElementsController.php and app/Model/GalaxyElement.php. | |||||
| CVE-2017-15680 | 1 Craftercms | 1 Crafter Cms | 2020-11-28 | 6.4 MEDIUM | 6.5 MEDIUM |
| In Crafter CMS Crafter Studio 3.0.1 an IDOR vulnerability exists which allows unauthenticated attackers to view and modify administrative data. | |||||
| CVE-2020-6316 | 1 Sap | 2 Erp, S\/4hana | 2020-11-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check. | |||||
| CVE-2020-3400 | 1 Cisco | 1 Ios Xe | 2020-11-24 | 6.5 MEDIUM | 8.8 HIGH |
| A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated, remote attacker to utilize parts of the web UI for which they are not authorized.The vulnerability is due to insufficient authorization of web UI access requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web UI. A successful exploit could allow the attacker to utilize parts of the web UI for which they are not authorized. This could allow a Read-Only user to perform actions of an Admin user. | |||||
| CVE-2020-2310 | 1 Jenkins | 1 Ansible | 2020-11-10 | 4.0 MEDIUM | 4.3 MEDIUM |
| Missing permission checks in Jenkins Ansible Plugin 1.0 and earlier allow attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | |||||
| CVE-2020-2306 | 1 Jenkins | 1 Mercurial | 2020-11-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Mercurial Plugin 2.11 and earlier allows attackers with Overall/Read permission to obtain a list of names of configured Mercurial installations. | |||||
| CVE-2020-2309 | 1 Jenkins | 1 Kubernetes | 2020-11-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | |||||
| CVE-2020-2308 | 1 Jenkins | 1 Kubernetes | 2020-11-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and earlier allows attackers with Overall/Read permission to list global pod template names. | |||||
| CVE-2020-2313 | 1 Jenkins | 1 Azure Key Vault | 2020-11-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Azure Key Vault Plugin 2.0 and earlier allows attackers with Overall/Read permission to enumerate credentials IDs of credentials stored in Jenkins. | |||||
| CVE-2020-2311 | 1 Jenkins | 1 Aws Global Configuration | 2020-11-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins AWS Global Configuration Plugin 1.5 and earlier allows attackers with Overall/Read permission to replace the global AWS configuration. | |||||
| CVE-2020-2302 | 1 Jenkins | 1 Active Directory | 2020-11-06 | 4.0 MEDIUM | 4.3 MEDIUM |
| A missing permission check in Jenkins Active Directory Plugin 2.19 and earlier allows attackers with Overall/Read permission to access the domain health check diagnostic page. | |||||
| CVE-2020-16260 | 1 Winstonprivacy | 2 Winston, Winston Firmware | 2020-11-04 | 5.0 MEDIUM | 7.5 HIGH |
| Winston 1.5.4 devices do not enforce authorization. This is exploitable from the intranet, and can be combined with other vulnerabilities for remote exploitation. | |||||
| CVE-2019-19885 | 1 Bender | 12 Com465dp, Com465dp Firmware, Com465id and 9 more | 2020-10-26 | 6.4 MEDIUM | 9.1 CRITICAL |
| In Bender COMTRAXX, user authorization is validated for most, but not all, routes in the system. A user with knowledge about the routes can read and write configuration data without prior authorization. This affects COM465IP, COM465DP, COM465ID, CP700, CP907, and CP915 devices before 4.2.0. | |||||
| CVE-2019-5470 | 1 Gitlab | 1 Gitlab | 2020-10-21 | 5.0 MEDIUM | 7.5 HIGH |
| An information disclosure issue was discovered GitLab versions < 12.1.2, < 12.0.4, and < 11.11.6 in the security dashboard which could result in disclosure of vulnerability feedback information. | |||||
| CVE-2020-13626 | 1 Oneplus | 1 App Locker | 2020-10-20 | 2.1 LOW | 4.6 MEDIUM |
| OnePlus App Locker through 2020-10-06 allows physically proximate attackers to use Google Assistant to bypass an authorization check in order to send an SMS message when the SMS application is locked. | |||||