Total
2744 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-15185 | 1 Helm | 1 Helm | 2024-11-21 | 4.0 MEDIUM | 2.2 LOW |
| In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one always used. If a repository is compromised, this lowers the level of access that an attacker needs to inject a bad chart into a repository. To perform this attack, an attacker must have write access to the index file (which can occur during a MITM attack on a non-SSL connection). This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review the index file in the Helm repository cache before installing software. | |||||
| CVE-2020-15184 | 1 Helm | 1 Helm | 2024-11-21 | 4.0 MEDIUM | 3.7 LOW |
| In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the `alias` field on a `Chart.yaml` is not properly sanitized. This could lead to the injection of unwanted information into a chart. This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review the `dependencies` field of any untrusted chart, verifying that the `alias` field is either not used, or (if used) does not contain newlines or path characters. | |||||
| CVE-2020-15171 | 1 Xwiki | 1 Xwiki | 2024-11-21 | 6.0 MEDIUM | 6.6 MEDIUM |
| In XWiki before versions 11.10.5 or 12.2.1, any user with SCRIPT right (EDIT right before XWiki 7.4) can gain access to the application server Servlet context which contains tools allowing to instantiate arbitrary Java objects and invoke methods that may lead to arbitrary code execution. The only workaround is to give SCRIPT right only to trusted users. | |||||
| CVE-2020-15164 | 1 Scratch-wiki | 1 Scratch Login | 2024-11-21 | 6.4 MEDIUM | 10.0 CRITICAL |
| in Scratch Login (MediaWiki extension) before version 1.1, any account can be logged into by using the same username with leading, trailing, or repeated underscore(s), since those are treated as whitespace and trimmed by MediaWiki. This affects all users on any wiki using this extension. Since version 1.1, comments by users whose usernames would be trimmed on MediaWiki are ignored when searching for the verification code. | |||||
| CVE-2020-15147 | 1 Cogboard | 1 Red Discord Bot | 2024-11-21 | 6.0 MEDIUM | 8.5 HIGH |
| Red Discord Bot before versions 3.3.12 and 3.4 has a Remote Code Execution vulnerability in the Streams module. This exploit allows Discord users with specifically crafted "going live" messages to inject code into the Streams module's going live message. By abusing this exploit, it's possible to perform destructive actions and/or access sensitive information. As a workaround, unloading the Trivia module with `unload streams` can render this exploit not accessible. It is highly recommended updating to 3.3.12 or 3.4 to completely patch this issue. | |||||
| CVE-2020-15146 | 1 Sylius | 1 Syliusresourcebundle | 2024-11-21 | 6.5 MEDIUM | 9.6 CRITICAL |
| In SyliusResourceBundle before versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4, request parameters injected inside an expression evaluated by `symfony/expression-language` package haven't been sanitized properly. This allows the attacker to access any public service by manipulating that request parameter, allowing for Remote Code Execution. This issue has been patched for versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4. Versions prior to 1.3 were not patched. | |||||
| CVE-2020-15143 | 1 Sylius | 1 Syliusresourcebundle | 2024-11-21 | 6.5 MEDIUM | 7.7 HIGH |
| In SyliusResourceBundle before versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4, rrequest parameters injected inside an expression evaluated by `symfony/expression-language` package haven't been sanitized properly. This allows the attacker to access any public service by manipulating that request parameter, allowing for Remote Code Execution. This issue has been patched for versions 1.3.14, 1.4.7, 1.5.2 and 1.6.4. Versions prior to 1.3 were not patched. | |||||
| CVE-2020-15140 | 1 Cogboard | 1 Red Discord Bot | 2024-11-21 | 5.5 MEDIUM | 8.2 HIGH |
| In Red Discord Bot before version 3.3.11, a RCE exploit has been discovered in the Trivia module: this exploit allows Discord users with specifically crafted usernames to inject code into the Trivia module's leaderboard command. By abusing this exploit, it's possible to perform destructive actions and/or access sensitive information. This critical exploit has been fixed on version 3.3.11. | |||||
| CVE-2020-15111 | 1 Gofiber | 1 Fiber | 2024-11-21 | 5.8 MEDIUM | 4.2 MEDIUM |
| In Fiber before version 1.12.6, the filename that is given in c.Attachment() (https://docs.gofiber.io/ctx#attachment) is not escaped, and therefore vulnerable for a CRLF injection attack. I.e. an attacker could upload a custom filename and then give the link to the victim. With this filename, the attacker can change the name of the downloaded file, redirect to another site, change the authorization header, etc. A possible workaround is to serialize the input before passing it to ctx.Attachment(). | |||||
| CVE-2020-15011 | 3 Canonical, Debian, Gnu | 3 Ubuntu Linux, Debian Linux, Mailman | 2024-11-21 | 2.6 LOW | 4.3 MEDIUM |
| GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page. | |||||
| CVE-2020-14987 | 1 Bloomreach | 1 Experience Manager | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered in Bloomreach Experience Manager (brXM) 4.1.0 through 14.2.2. It allows remote attackers to execute arbitrary code because there is a mishandling of the capability for administrators to write and run Groovy scripts within the updater editor. An attacker must use an AST transforming annotation such as @Grab. | |||||
| CVE-2020-14954 | 6 Canonical, Debian, Fedoraproject and 3 more | 6 Ubuntu Linux, Debian Linux, Fedora and 3 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection." | |||||
| CVE-2020-14928 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| evolution-data-server (eds) through 3.36.3 has a STARTTLS buffering issue that affects SMTP and POP3. When a server sends a "begin TLS" response, eds reads additional data and evaluates it in a TLS context, aka "response injection." | |||||
| CVE-2020-14505 | 1 Advantech | 1 Iview | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Advantech iView, versions 5.6 and prior, has an improper neutralization of special elements used in a command (“command injection”) vulnerability. Successful exploitation of this vulnerability may allow an attacker to send a HTTP GET or POST request that creates a command string without any validation. The attacker may then remotely execute code. | |||||
| CVE-2020-14193 | 1 Atlassian | 1 Automation For Jira | 2024-11-21 | 5.5 MEDIUM | 5.4 MEDIUM |
| Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & <jira-installation>/jira/bin directories via a template injection vulnerability in Jira smart values using mustache partials. The affected versions are those before version 7.1.15. | |||||
| CVE-2020-13942 | 1 Apache | 1 Unomi | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| It is possible to inject malicious OGNL or MVEL scripts into the /context.json public endpoint. This was partially fixed in 1.5.1 but a new attack vector was found. In Apache Unomi version 1.5.2 scripts are now completely filtered from the input. It is highly recommended to upgrade to the latest available version of the 1.5.x release to fix this problem. | |||||
| CVE-2020-13863 | 1 Mitel | 1 Micollab | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| The SAS portal of Mitel MiCollab before 9.1.3 could allow an attacker to access user data by performing a header injection in HTTP responses, due to the improper handling of input parameters. A successful exploit could allow an attacker to access user information. | |||||
| CVE-2020-13445 | 1 Liferay | 1 Liferay Portal | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| In Liferay Portal before 7.3.2 and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 6, the template API does not restrict user access to sensitive objects, which allows remote authenticated users to execute arbitrary code via crafted FreeMarker and Velocity templates. | |||||
| CVE-2020-13262 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a link | |||||
| CVE-2020-12965 | 1 Amd | 126 Athlon 3050ge, Athlon 3050ge Firmware, Athlon 3150g and 123 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| When combined with specific software sequences, AMD CPUs may transiently execute non-canonical loads and store using only the lower 48 address bits potentially resulting in data leakage. | |||||