Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Total 210374 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-12689 2 Canonical, Openstack 2 Ubuntu Linux, Keystone 2023-03-01 6.5 MEDIUM 8.8 HIGH
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
CVE-2020-3187 1 Cisco 26 Adaptive Security Appliance, Asa 5505, Asa 5505 Firmware and 23 more 2023-03-01 7.5 HIGH 9.1 CRITICAL
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences. An exploit could allow the attacker to view or delete arbitrary files on the targeted system. When the device is reloaded after exploitation of this vulnerability, any files that were deleted are restored. The attacker can only view and delete files within the web services file system. This file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability can not be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. Reloading the affected device will restore all files within the web services file system.
CVE-2023-0909 1 Notepad-- Project 1 Notepad-- 2023-03-01 N/A 5.5 MEDIUM
A vulnerability, which was classified as problematic, was found in cxasm notepad-- 1.22. This affects an unknown part of the component Directory Comparison Handler. The manipulation leads to denial of service. The attack needs to be approached locally. The associated identifier of this vulnerability is VDB-221475.
CVE-2021-29024 1 Invoiceplane 1 Invoiceplane 2023-03-01 5.0 MEDIUM 7.5 HIGH
In InvoicePlane 1.5.11 a misconfigured web server allows unauthenticated directory listing and file download. Allowing an attacker to directory traversal and download files suppose to be private without authentication.
CVE-2021-30048 1 Novel Boutique House-plus Project 1 Novel Boutique House-plus 2023-03-01 5.0 MEDIUM 5.3 MEDIUM
Directory Traversal in the fileDownload function in com/java2nb/common/controller/FileController.java in Novel-plus (?????-plus) 3.5.1 allows attackers to read arbitrary files via the filePath parameter.
CVE-2020-11029 2 Debian, Wordpress 2 Debian Linux, Wordpress 2023-03-01 4.3 MEDIUM 6.1 MEDIUM
In affected versions of WordPress, a vulnerability in the stats() method of class-wp-object-cache.php can be exploited to execute cross-site scripting (XSS) attacks. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
CVE-2020-11027 2 Debian, Wordpress 2 Debian Linux, Wordpress 2023-03-01 5.5 MEDIUM 8.1 HIGH
In affected versions of WordPress, a password reset link emailed to a user does not expire upon changing the user password. Access would be needed to the email account of the user by a malicious party for successful execution. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
CVE-2021-29350 1 Shipment 100-design Material Download System Project 1 Shipment 100-design Material Download System 2023-03-01 6.5 MEDIUM 7.2 HIGH
SQL injection in the getip function in conn/function.php in ??100-???????? 1.1 allows remote attackers to inject arbitrary SQL commands via the X-Forwarded-For header to admin/product_add.php.
CVE-2020-11026 2 Debian, Wordpress 2 Debian Linux, Wordpress 2023-03-01 3.5 LOW 5.4 MEDIUM
In affected versions of WordPress, files with a specially crafted name when uploaded to the Media section can lead to script execution upon accessing the file. This requires an authenticated user with privileges to upload files. This has been patched in version 5.4.1, along with all the previously affected versions via a minor release (5.3.3, 5.2.6, 5.1.5, 5.0.9, 4.9.14, 4.8.13, 4.7.17, 4.6.18, 4.5.21, 4.4.22, 4.3.23, 4.2.27, 4.1.30, 4.0.30, 3.9.31, 3.8.33, 3.7.33).
CVE-2019-13286 2 Fedoraproject, Glyphandcog 2 Fedora, Xpdfreader 2023-03-01 4.3 MEDIUM 5.5 MEDIUM
In Xpdf 4.01.01, there is a heap-based buffer over-read in the function JBIG2Stream::readTextRegionSeg() located at JBIG2Stream.cc. It can, for example, be triggered by sending a crafted PDF document to the pdftoppm tool. It might allow an attacker to cause Information Disclosure.
CVE-2019-13283 2 Fedoraproject, Glyphandcog 2 Fedora, Xpdfreader 2023-03-01 6.8 MEDIUM 7.8 HIGH
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in strncpy from FoFiType1::parse in fofi/FoFiType1.cc because it does not ensure the source string has a valid length before making a fixed-length copy. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.
CVE-2019-13282 2 Fedoraproject, Glyphandcog 2 Fedora, Xpdfreader 2023-03-01 6.8 MEDIUM 7.8 HIGH
In Xpdf 4.01.01, a heap-based buffer over-read could be triggered in SampledFunction::transform in Function.cc when using a large index for samples. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service or an information leak, or possibly have unspecified other impact.
CVE-2019-13281 2 Fedoraproject, Glyphandcog 2 Fedora, Xpdfreader 2023-03-01 6.8 MEDIUM 7.8 HIGH
In Xpdf 4.01.01, a heap-based buffer overflow could be triggered in DCTStream::decodeImage() in Stream.cc when writing to frameBuf memory. It can, for example, be triggered by sending a crafted PDF document to the pdftotext tool. It allows an attacker to use a crafted pdf file to cause Denial of Service, an information leak, or possibly unspecified other impact.
CVE-2020-7485 2 Microsoft, Schneider-electric 4 Windows 7, Windows Nt, Windows Xp and 1 more 2023-03-01 7.5 HIGH 9.8 CRITICAL
**VERSION NOT SUPPORTED WHEN ASSIGNED** A legacy support account in the TriStation software version v4.9.0 and earlier could cause improper access to the TriStation host machine. This was addressed in TriStation version v4.9.1 and v4.10.1 released on May 30, 2013.1
CVE-2019-19921 5 Canonical, Debian, Linuxfoundation and 2 more 5 Ubuntu Linux, Debian Linux, Runc and 2 more 2023-03-01 4.4 MEDIUM 7.0 HIGH
runc through 1.0.0-rc9 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an attacker must be able to spawn two containers with custom volume-mount configurations, and be able to run custom images. (This vulnerability does not affect Docker due to an implementation detail that happens to block the attack.)
CVE-2019-9674 3 Canonical, Netapp, Python 3 Ubuntu Linux, Active Iq Unified Manager, Python 2023-03-01 5.0 MEDIUM 7.5 HIGH
Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause a denial of service (resource consumption) via a ZIP bomb.
CVE-2019-14899 4 Apple, Freebsd, Linux and 1 more 8 Ipados, Iphone Os, Mac Os X and 5 more 2023-03-01 4.9 MEDIUM 7.4 HIGH
A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel.
CVE-2019-11711 2 Debian, Mozilla 4 Debian Linux, Firefox, Firefox Esr and 1 more 2023-03-01 6.8 MEDIUM 8.8 HIGH
When an inner window is reused, it does not consider the use of document.domain for cross-origin protections. If pages on different subdomains ever cooperatively use document.domain, then either page can abuse this to inject script into arbitrary pages on the other subdomain, even those that did not use document.domain to relax their origin security. This vulnerability affects Firefox ESR < 60.8, Firefox < 68, and Thunderbird < 60.8.
CVE-2019-1010155 1 Dlink 2 Dsl-2750u, Dsl-2750u Firmware 2023-03-01 6.4 MEDIUM 9.1 CRITICAL
** DISPUTED ** D-Link DSL-2750U 1.11 is affected by: Authentication Bypass. The impact is: denial of service and information leakage. The component is: login. NOTE: Third parties dispute this issues as not being a vulnerability because although the wizard is accessible without authentication, it can't actually configure anything. Thus, there is no denial of service or information leakage.
CVE-2019-12815 4 Debian, Fedoraproject, Proftpd and 1 more 5 Debian Linux, Fedora, Proftpd and 2 more 2023-03-01 7.5 HIGH 9.8 CRITICAL
An arbitrary file copy vulnerability in mod_copy in ProFTPD up to 1.3.5b allows for remote code execution and information disclosure without authentication, a related issue to CVE-2015-3306.