Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-0736 | 1 Novell | 2 Linux Desktop, Open Enterprise Server | 2020-02-24 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in the pam_micasa PAM authentication module in CASA on Novell Linux Desktop 9 and Open Enterprise Server 1 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2006-0997 | 1 Novell | 2 Netware, Open Enterprise Server | 2020-02-24 | 5.0 MEDIUM | N/A |
| The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) permits encryption with a NULL key, which results in cleartext communication that allows remote attackers to read an SSL protected session by sniffing network traffic. | |||||
| CVE-2006-0998 | 1 Novell | 2 Netware, Open Enterprise Server | 2020-02-24 | 5.0 MEDIUM | N/A |
| The SSL server implementation in NILE.NLM in Novell NetWare 6.5 and Novell Open Enterprise Server (OES) sometimes selects a weak cipher instead of an available stronger cipher, which makes it easier for remote attackers to sniff and decrypt an SSL protected session. | |||||
| CVE-2020-6181 | 1 Sap | 2 Abap Platform, Netweaver | 2020-02-21 | 5.0 MEDIUM | 5.8 MEDIUM |
| Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 730, 731, 740 and SAP ABAP Platform (SAP_BASIS versions 750, 751, 752, 753, 754), allows an attacker to include invalidated data in the HTTP response header sent to a Web user, leading to HTTP Response Splitting vulnerability. | |||||
| CVE-2013-6927 | 1 Triplc | 1 Trilogi Server | 2020-02-20 | 2.1 LOW | 5.5 MEDIUM |
| Internet TRiLOGI Server (unknown versions) could allow a local user to bypass security and create a local user account. | |||||
| CVE-2013-1924 | 1 Skill | 1 Commerce Skrill | 2020-02-19 | 5.0 MEDIUM | 7.5 HIGH |
| Commerce Skrill (Formerly Moneybookers) has an Access bypass vulnerability in all versions prior to 7.x-1.2 | |||||
| CVE-2019-17440 | 1 Paloaltonetworks | 3 Pa-7050, Pa-7080, Pan-os | 2020-02-17 | 10.0 HIGH | 9.8 CRITICAL |
| Improper restriction of communications to Log Forwarding Card (LFC) on PA-7000 Series devices with second-generation Switch Management Card (SMC) may allow an attacker with network access to the LFC to gain root access to PAN-OS. This issue affects PAN-OS 9.0 versions prior to 9.0.5-h3 on PA-7080 and PA-7050 devices with an LFC installed and configured. This issue does not affect PA-7000 Series deployments using the first-generation SMC and the Log Processing Card (LPC). This issue does not affect any other PA series devices. This issue does not affect devices without an LFC. This issue does not affect PAN-OS 8.1 or prior releases. This issue only affected a very limited number of customers and we undertook individual outreach to help them upgrade. At the time of publication, all identified customers have upgraded SW or content and are not impacted. | |||||
| CVE-2020-0729 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-02-14 | 6.8 MEDIUM | 8.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the same user rights as the local user, aka 'LNK Remote Code Execution Vulnerability'. | |||||
| CVE-2020-0696 | 1 Microsoft | 3 Office, Office 365 Proplus, Outlook | 2020-02-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats, aka 'Microsoft Outlook Security Feature Bypass Vulnerability'. | |||||
| CVE-2013-1202 | 1 Cisco | 1 Ace Application Control Engine Module A2 | 2020-02-11 | 5.0 MEDIUM | 7.5 HIGH |
| Cisco ACE A2(3.6) allows log retention DoS. | |||||
| CVE-2019-19670 | 1 Maxum | 1 Rumpus Ftp | 2020-02-11 | 4.3 MEDIUM | 6.1 MEDIUM |
| A HTTP Response Splitting vulnerability was identified in the Web Settings Component of Web File Manager in Rumpus FTP Server 8.2.9.1. A successful exploit can result in stored XSS, website defacement, etc. via ExtraHTTPHeader to RAPR/WebSettingsGeneralSet.html. | |||||
| CVE-2019-15611 | 1 Nextcloud | 1 Nextcloud | 2020-02-11 | 4.0 MEDIUM | 4.9 MEDIUM |
| Violation of Secure Design Principles in the iOS App 2.23.0 causes the app to leak its login and token to other Nextcloud services when search e.g. for federated users or registering for push notifications. | |||||
| CVE-2013-2009 | 1 Automattic | 1 Wp Super Cache | 2020-02-10 | 6.8 MEDIUM | 8.8 HIGH |
| WordPress WP Super Cache Plugin 1.2 has Remote PHP Code Execution | |||||
| CVE-2013-3629 | 1 Ispconfig | 1 Ispconfig | 2020-02-10 | 6.5 MEDIUM | 8.8 HIGH |
| ISPConfig 3.0.5.2 has Arbitrary PHP Code Execution | |||||
| CVE-2014-2247 | 1 Siemens | 1 Simatic S7-1500 Cpu Firmware | 2020-02-10 | 5.8 MEDIUM | N/A |
| The integrated web server on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allows remote attackers to inject headers via unspecified vectors. | |||||
| CVE-2014-2253 | 1 Siemens | 1 Simatic S7-1500 Cpu Firmware | 2020-02-10 | 6.1 MEDIUM | N/A |
| Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted Profinet packets. | |||||
| CVE-2014-2255 | 1 Siemens | 1 Simatic S7-1500 Cpu Firmware | 2020-02-10 | 7.8 HIGH | N/A |
| Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTP packets. | |||||
| CVE-2014-2257 | 1 Siemens | 1 Simatic S7-1500 Cpu Firmware | 2020-02-10 | 7.8 HIGH | N/A |
| Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted ISO-TSAP packets. | |||||
| CVE-2014-2259 | 1 Siemens | 1 Simatic S7-1500 Cpu Firmware | 2020-02-10 | 7.8 HIGH | N/A |
| Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 allow remote attackers to cause a denial of service (defect-mode transition) via crafted HTTPS packets. | |||||
| CVE-2014-2251 | 1 Siemens | 1 Simatic S7-1500 Cpu Firmware | 2020-02-10 | 8.3 HIGH | N/A |
| The random-number generator on Siemens SIMATIC S7-1500 CPU PLC devices with firmware before 1.5.0 does not have sufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms and hijack sessions via unspecified vectors. | |||||