Total
1442 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-15729 | 1 Gitlab | 1 Gitlab | 2021-07-21 | 7.5 High |
| An issue was discovered in GitLab Community and Enterprise Edition 8.18 through 12.2.1. An internal endpoint unintentionally disclosed information about the last pipeline that ran for a merge request. | ||||
| CVE-2020-11707 | 1 Provideserver | 1 Provide Ftp Server | 2021-07-21 | 8.8 High |
| An issue was discovered in ProVide (formerly zFTPServer) through 13.1. It doesn't enforce permission over Windows Symlinks or Junctions. As a result, a low-privileged user (non-admin) can craft a Junction Link in a directory he has full control of, breaking out of the sandbox. | ||||
| CVE-2020-0115 | 1 Google | 1 Android | 2021-07-21 | 7.8 High |
| In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is a possible settings bypass allowing an app to become the default handler for arbitrary domains. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-150038428 | ||||
| CVE-2020-29454 | 1 Umbraco | 1 Umbraco Cms | 2021-07-21 | 4.3 Medium |
| Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit a logviewer endpoint even if they lack Applications.Settings access. | ||||
| CVE-2020-13335 | 1 Gitlab | 1 Gitlab | 2021-07-21 | 4.3 Medium |
| Improper group membership validation when deleting a user account in GitLab >=7.12 allows a user to delete own account without deleting/transferring their group. | ||||
| CVE-2020-7955 | 1 Hashicorp | 1 Consul | 2021-07-21 | 5.3 Medium |
| HashiCorp Consul and Consul Enterprise 1.4.1 through 1.6.2 did not uniformly enforce ACLs across all API endpoints, resulting in potential unintended information disclosure. Fixed in 1.6.3. | ||||
| CVE-2020-15590 | 1 Privateinternetaccess | 1 Private Internet Access Vpn Client | 2021-07-21 | 7.5 High |
| A vulnerability in the Private Internet Access (PIA) VPN Client for Linux 1.5 through 2.3+ allows remote attackers to bypass an intended VPN kill switch mechanism and read sensitive information via intercepting network traffic. Since 1.5, PIA has supported a “split tunnel” OpenVPN bypass option. The PIA killswitch & associated iptables firewall is designed to protect you while using the Internet. When the kill switch is configured to block all inbound and outbound network traffic, privileged applications can continue sending & receiving network traffic if net.ipv4.ip_forward has been enabled in the system kernel parameters. For example, a Docker container running on a host with the VPN turned off, and the kill switch turned on, can continue using the internet, leaking the host IP (CWE 200). In PIA 2.4.0+, policy-based routing is enabled by default and is used to direct all forwarded packets to the VPN interface automatically. | ||||
| CVE-2020-6752 | 1 Openmicroscopy | 1 Omero | 2021-07-21 | 3.8 Low |
| In OMERO before 5.6.1, group owners can access members' data in other groups. | ||||
| CVE-2020-0981 | 1 Microsoft | 2 Windows 10, Windows Server 2016 | 2021-07-21 | 8.8 High |
| A security feature bypass vulnerability exists when Windows fails to properly handle token relationships.An attacker who successfully exploited the vulnerability could allow an application with a certain integrity level to execute code at a different integrity level, leading to a sandbox escape.The update addresses the vulnerability by correcting how Windows handles token relationships, aka 'Windows Token Security Feature Bypass Vulnerability'. | ||||
| CVE-2020-4873 | 1 Ibm | 1 Planning Analytics | 2021-07-21 | 5.3 Medium |
| IBM Planning Analytics 2.0 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. IBM X-Force ID: 190836. | ||||
| CVE-2019-12492 | 1 Gallagher | 1 Command Centre | 2021-07-21 | N/A |
| Gallagher Command Centre before 7.80.939, 7.90.x before 7.90.961, and 8.x before 8.00.1128 allows arbitrary event creation and information disclosure via the FT Command Centre Service and FT Controller Service services. | ||||
| CVE-2020-3852 | 1 Apple | 1 Safari | 2021-07-21 | 5.3 Medium |
| A logic issue was addressed with improved validation. This issue is fixed in Safari 13.0.5. A URL scheme may be incorrectly ignored when determining multimedia permission for a website. | ||||
| CVE-2020-26506 | 1 Marmind | 1 Marmind | 2021-07-21 | 4.3 Medium |
| An Authorization Bypass vulnerability in the Marmind web application with version 4.1.141.0 allows users with lower privileges to gain control to files uploaded by administrative users. The accessed files were not visible by the low privileged users in the web GUI. | ||||
| CVE-2019-14924 | 1 Gcdwebserver Project | 1 Gcdwebserver | 2021-07-21 | N/A |
| An issue was discovered in GCDWebServer before 3.5.3. The method moveItem in the GCDWebUploader class checks the FileExtension of newAbsolutePath but not oldAbsolutePath. By leveraging this vulnerability, an adversary can make an inaccessible file be available (the credential of the app, for instance). | ||||
| CVE-2020-4249 | 1 Ibm | 1 Security Identity Governance And Intelligence | 2021-07-21 | 6.5 Medium |
| IBM Security Identity Governance and Intelligence 5.2.6 could disclose highly sensitive information to other authenticated users on the sytem due to incorrect authorization. IBM X-Force ID: 175485. | ||||
| CVE-2021-26273 | 1 Ninjarmm | 1 Ninjarmm | 2021-07-08 | 7.8 High |
| The Agent in NinjaRMM 5.0.909 has Incorrect Access Control. | ||||
| CVE-2021-27661 | 1 Johnsoncontrols | 2 F4-snc, F4-snc Firmware | 2021-07-07 | 8.8 High |
| Successful exploitation of this vulnerability could give an authenticated Facility Explorer SNC Series Supervisory Controller (F4-SNC) user an unintended level of access to the controller’s file system, allowing them to access or modify system files by sending specifically crafted web messages to the F4-SNC. | ||||
| CVE-2021-36132 | 1 Mediawiki | 1 Mediawiki | 2021-07-07 | 8.8 High |
| An issue was discovered in the FileImporter extension in MediaWiki through 1.36. For certain relaxed configurations of the $wgFileImporterRequiredRight variable, it might not validate all appropriate user rights, thus allowing a user with insufficient rights to perform operations (specifically file uploads) that they should not be allowed to perform. | ||||
| CVE-2021-32701 | 1 Ory | 1 Oathkeeper | 2021-06-30 | 7.5 High |
| ORY Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. When you make a request to an endpoint that requires the scope `foo` using an access token granted with that `foo` scope, introspection will be valid and that token will be cached. The problem comes when a second requests to an endpoint that requires the scope `bar` is made before the cache has expired. Whether the token is granted or not to the `bar` scope, introspection will be valid. A patch will be released with `v0.38.12-beta.1`. Per default, caching is disabled for the `oauth2_introspection` authenticator. When caching is disabled, this vulnerability does not exist. The cache is checked in [`func (a *AuthenticatorOAuth2Introspection) Authenticate(...)`](https://github.com/ory/oathkeeper/blob/6a31df1c3779425e05db1c2a381166b087cb29a4/pipeline/authn/authenticator_oauth2_introspection.go#L152). From [`tokenFromCache()`](https://github.com/ory/oathkeeper/blob/6a31df1c3779425e05db1c2a381166b087cb29a4/pipeline/authn/authenticator_oauth2_introspection.go#L97) it seems that it only validates the token expiration date, but ignores whether the token has or not the proper scopes. The vulnerability was introduced in PR #424. During review, we failed to require appropriate test coverage by the submitter which is the primary reason that the vulnerability passed the review process. | ||||
| CVE-2010-2525 | 1 Linux | 1 Linux Kernel | 2021-06-28 | 7.8 High |
| A flaw was discovered in gfs2 file system’s handling of acls (access control lists). An unprivileged local attacker could exploit this flaw to gain access or execute any file stored in the gfs2 file system. | ||||