| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A vulnerability was found in Ansible Engine versions 2.9.x before 2.9.3, 2.8.x before 2.8.8, 2.7.x before 2.7.16 and earlier, where in Ansible's nxos_file_copy module can be used to copy files to a flash or bootflash on NXOS devices. Malicious code could craft the filename parameter to perform OS command injections. This could result in a loss of confidentiality of the system among other issues. |
| The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmget_not_zero or get_task_mm calls. |
| In the Linux kernel before 4.16.4, a double-locking error in drivers/usb/dwc3/gadget.c may potentially cause a deadlock with f_hid. |
| Insufficient initialization in Intel(R) SGX SDK Windows versions 2.4.100.51291 and earlier, and Linux versions 2.6.100.51363 and earlier, may allow an authenticated user to enable information disclosure, escalation of privilege or denial of service via local access. |
| Improper initialization in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow a privileged user to potentially enable denial of service via local access. |
| In Docker 19.03.x before 19.03.1 linked against the GNU C Library (aka glibc), code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container. |
| Double free issue in NPU due to lack of resource locking mechanism to avoid race condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, QCS405, Rennell, Saipan, SC8180X, SDX55, SM8150, SM8250, SXR2130 |
| A vulnerability has been identified in Desigo PX automation controllers PXC00-E.D, PXC50-E.D, PXC100-E.D, PXC200-E.D with Desigo PX Web modules PXA40-W0, PXA40-W1, PXA40-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC00-U, PXC64-U, PXC128-U with Desigo PX Web modules PXA30-W0, PXA30-W1, PXA30-W2 (All firmware versions < V6.00.320), Desigo PX automation controllers PXC22.1-E.D, PXC36-E.D, PXC36.1-E.D with activated web server (All firmware versions < V6.00.320). The device contains a vulnerability that could allow an attacker to cause a denial of service condition on the device's web server by sending a specially crafted HTTP message to the web server port (tcp/80). The security vulnerability could be exploited by an attacker with network access to an affected device. Successful exploitation requires no system privileges and no user interaction. An attacker could use the vulnerability to compromise the availability of the device's web service. While the device itself stays operational, the web server responds with HTTP status code 404 (Not found) to any further request. A reboot is required to recover the web interface. At the time of advisory publication no public exploitation of this security vulnerability was known. |
| Use-after-free in content delivery manager in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
| Insufficient policy enforcement in downloads in Google Chrome on Windows prior to 79.0.3945.79 allowed a local attacker to spoof downloaded files via local code. |
| In IntelliSpace Perinatal, Versions K and prior, a vulnerability within the IntelliSpace Perinatal application environment could enable an unauthorized attacker with physical access to a locked application screen, or an authorized remote desktop session host application user to break-out from the containment of the application and access unauthorized resources from the Windows operating system as the limited-access Windows user. Due to potential Windows vulnerabilities, it may be possible for additional attack methods to be used to escalate privileges on the operating system. |
| On AVTECH Room Alert 3E devices before 2.2.5, an attacker with access to the device's web interface may escalate privileges from an unauthenticated user to administrator by performing a cmd.cgi?action=ResetDefaults&src=RA reset and using the default credentials to get in. |
| TP-Link Archer C3200 V1 and Archer C2 V1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. A DHCP Request is sent to the router with a certain Transaction ID field. Following the DHCP protocol, the router responds with an ACK or NAK message. Studying the NAK case revealed that the router erroneously sends the NAK to both Host and Guest networks with the same Transaction ID as found in the DHCP Request. This allows encoding of data to be sent cross-router into the 32-bit Transaction ID field. |
| D-link DIR-825AC G1 devices have Insufficient Compartmentalization between a host network and a guest network that are established by the same device. A DHCP Request is sent to the router with a certain Transaction ID field. Following the DHCP protocol, the router responds with an ACK or NAK message. Studying the NAK case revealed that the router erroneously sends the NAK to both Host and Guest networks with the same Transaction ID as found in the DHCP Request. This allows encoding of data to be sent cross-router into the 32-bit Transaction ID field. |
| Compal CH7465LG CH7465LG-NCIP-6.12.18.24-5p8-NOSH devices have Incorrect Access Control because of Improper Input Validation. The attacker can send a maliciously modified POST (HTTP) request containing shell commands, which will be executed on the device, to an backend API endpoint of the cable modem. |
| ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the SyncImageSettings function in MagickCore/image.c. This is related to AcquireImage in magick/image.c. |
| ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the ReadPANGOImage function in coders/pango.c. |
| ImageMagick 7.0.8-34 has a "use of uninitialized value" vulnerability in the WriteJP2Image function in coders/jp2.c. |
| The QMP guest_exec command in QEMU 4.0.0 and earlier is prone to OS command injection, which allows the attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU's -qmp interface is meant to be used by trusted users. If one is able to access this interface via a tcp socket open to the internet, then it is an insecure configuration issue |
| The QMP migrate command in QEMU version 4.0.0 and earlier is vulnerable to OS command injection, which allows the remote attacker to achieve code execution, denial of service, or information disclosure by sending a crafted QMP command to the listening server. Note: This has been disputed as a non-issue since QEMU's -qmp interface is meant to be used by trusted users. If one is able to access this interface via a tcp socket open to the internet, then it is an insecure configuration issue |
