BGD e-GOV CIRT project Common Vulnerabilities and Exposures (CVE) Report
Issue Date: 23-January-2020 Issue Number:03
Vulnerability Publish Date CSVV CVE ID & Description Patch Application: Microsoft Windows Remote 14-JAN-2020 9.8 CVE-2020-0609 https://portal.msrc. Desktop Gateway CRITICAL CVE-2020-0610 microsoft.com/en- (RD Gateway) A remote code execution vulnerability US/security- Remote Code exists in Windows Remote Desktop guidance/advisory/C Execution Gateway (RD Gateway) when an VE-2020-0609 Vulnerability unauthenticated attacker connects to https://portal.msrc. the target system using RDP and sends microsoft.com/en- specially crafted requests, aka US/security- 'Windows Remote Desktop Gateway guidance/advisory/C (RD Gateway) Remote Code Execution VE-2020-0610 Vulnerability'.
.NET Framework 14-JAN-2020 9.8 CVE-2020-0646 https://portal.msrc. Remote Code CRITICAL A remote code execution vulnerability microsoft.com/en- Execution Injection exists when the Microsoft .NET US/security- Vulnerability Framework fails to validate input guidance/advisory/C properly, aka '.NET Framework Remote VE-2020-0646 Code Execution Injection Vulnerability'.
Windows CryptoAPI 14-JAN-2020 8.1 CVE-2020-0601 https://portal.msrc. Spoofing High A spoofing vulnerability exists in the microsoft.com/en- Vulnerability way Windows CryptoAPI (Crypt32.dll) US/security- validates Elliptic Curve Cryptography guidance/advisory/C (ECC) certificates. An attacker could VE-2020-0601 exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
Microsoft Excel 14-JAN-2020 7.8 CVE-2020-0653 https://portal.msrc. Remote Code HIGH CVE-2020-0650 microsoft.com/en- Execution CVE-2020-0651 US/security- Vulnerability A remote code execution vulnerability guidance/advisory/C exists in Microsoft Excel software when VE-2020-0653 the software fails to properly handle CV Scoring Scale 0 0.1-3.9 4-6.9 7-8.9 9-10 (CVSS) None Low Medium High Critical
1
Vulnerability Publish Date CSVV CVE ID & Description Patch objects in memory, aka 'Microsoft https://portal.msrc. Excel Remote Code Execution microsoft.com/en- Vulnerability'. US/security- guidance/advisory/C VE-2020-0650 https://portal.msrc. microsoft.com/en- US/security- guidance/advisory/C VE-2020-0651 Microsoft Office 14-JAN-2020 7.8 CVE-2020-0652 https://portal.msrc. Memory Corruption HIGH A remote code execution vulnerability microsoft.com/en- Vulnerability exists in Microsoft Office software US/security- when the software fails to properly guidance/advisory/C handle objects in memory, aka VE-2020-0652 'Microsoft Office Memory Corruption Vulnerability'.
Windows Elevation 14-JAN-2020 7.8 CVE-2020-0644 https://portal.msrc. of Privilege HIGH CVE-2020-0635 microsoft.com/en- Vulnerability An elevation of privilege vulnerability US/security- exists when Microsoft Windows guidance/advisory/C implements predictable memory VE-2020-0644 section names, aka 'Windows Elevation https://portal.msrc. of Privilege Vulnerability'. microsoft.com/en- US/security- guidance/advisory/C VE-2020-0635 Win32k Elevation of 14-JAN-2020 7.8 CVE-2020-0642 https://portal.msrc. Privilege HIGH CVE-2020-0624 microsoft.com/en- Vulnerability An elevation of privilege vulnerability US/security- exists in Windows when the Win32k guidance/advisory/C component fails to properly handle VE-2020-0642 objects in memory, aka 'Win32k https://portal.msrc. Elevation of Privilege Vulnerability'. microsoft.com/en- US/security- guidance/advisory/C VE-2020-0624 Update Notification 14-JAN-2020 7.8 CVE-2020-0638 https://portal.msrc. Manager Elevation HIGH An elevation of privilege vulnerability microsoft.com/en- of Privilege exists in the way the Update US/security- Vulnerability Notification Manager handles files.To guidance/advisory/C exploit this vulnerability, an attacker VE-2020-0638 would first have to gain execution on the victim system, aka 'Update Notification Manager Elevation of Privilege Vulnerability'.
CV Scoring Scale 0 0.1-3.9 4-6.9 7-8.9 9-10 (CVSS) None Low Medium High Critical
2
Vulnerability Publish Date CSVV CVE ID & Description Patch Windows Common 14-JAN-2020 7.8 CVE-2020-0634 https://portal.msrc. Log File System HIGH An elevation of privilege vulnerability microsoft.com/en- Driver Elevation of exists when the Windows Common Log US/security- Privilege File System (CLFS) driver improperly guidance/advisory/C Vulnerability handles objects in memory, aka VE-2020-0634 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'.
Windows Search 14-JAN-2020 7.8 CVE-2020-0633, CVE-2020-0613, https://portal.msrc. Indexer Elevation of HIGH CVE-2020-0614, CVE-2020-0623, microsoft.com/en- Privilege CVE-2020-0625, CVE-2020-0626, US/security- Vulnerability CVE-2020-0627, CVE-2020-0628, guidance/advisory/C CVE-2020-0629, CVE-2020-0630, VE-2020-0633 CVE-2020-0631, CVE-2020-0632 https://portal.msrc. An elevation of privilege vulnerability microsoft.com/en- exists in the way that the Windows US/security- Search Indexer handles objects in guidance/advisory/C memory, aka 'Windows Search Indexer VE-2020-0613 Elevation of Privilege Vulnerability'. https://portal.msrc. microsoft.com/en- US/security- guidance/advisory/C VE-2020-0614 https://portal.msrc. microsoft.com/en- US/security- guidance/advisory/C VE-2020-0623 https://portal.msrc. microsoft.com/en- US/security- guidance/advisory/C VE-2020-0625 https://portal.msrc. microsoft.com/en- US/security- guidance/advisory/C VE-2020-0626 https://portal.msrc. microsoft.com/en- US/security- guidance/advisory/C VE-2020-0627 https://portal.msrc. microsoft.com/en- US/security-
CV Scoring Scale 0 0.1-3.9 4-6.9 7-8.9 9-10 (CVSS) None Low Medium High Critical
3
Vulnerability Publish Date CSVV CVE ID & Description Patch guidance/advisory/C VE-2020-0628 https://portal.msrc. microsoft.com/en- US/security- guidance/advisory/C VE-2020-0629 https://portal.msrc. microsoft.com/en- US/security- guidance/advisory/C VE-2020-0630 https://portal.msrc. microsoft.com/en- US/security- guidance/advisory/C VE-2020-0631 https://portal.msrc. microsoft.com/en- US/security- guidance/advisory/C VE-2020-0632 Internet Explorer 14-JAN-2020 7.5 CVE-2020-0640 https://portal.msrc. Memory Corruption HIGH A remote code execution vulnerability microsoft.com/en- Vulnerability exists when Internet Explorer US/security- improperly accesses objects in guidance/advisory/C memory, aka 'Internet Explorer VE-2020-0640 Memory Corruption Vulnerability'.
Application: Citrix Vulnerability in Citrix 27-DEC-2019 9.8 CVE-2019-19781 https://support.citri Application Delivery CRITICAL An issue was discovered in Citrix x.com/article/CTX26 Controller, Citrix Application Delivery Controller (ADC) 7027 Gateway, and Citrix and Gateway 10.5, 11.1, 12.0, 12.1, and SD-WAN WANOP 13.0. They allow Directory Traversal. appliance Authentication 21-OCT-2019 9.8 CVE-2019-18225 https://support.citri Bypass Vulnerability CRITICAL An issue was discovered in Citrix x.com/article/CTX26 in the Management Application Delivery Controller (ADC) 1055 Interface of Citrix and Gateway before 10.5 build 70.8, Application Delivery 11.x before 11.1 build 63.9, 12.0 before Controller and Citrix build 62.10, 12.1 before build 54.16, Gateway and 13.0 before build 41.28. An attacker with management-interface access can bypass authentication to obtain appliance administrative access. These products formerly used the NetScaler brand name. CV Scoring Scale 0 0.1-3.9 4-6.9 7-8.9 9-10 (CVSS) None Low Medium High Critical
4
Vulnerability Publish Date CSVV CVE ID & Description Patch Application: Cisco Cisco Data Center 02-JAN-2020 9.8 CVE-2019-15975 https://tools.cisco.c Network Manager CRITICAL CVE-2019-15976 om/security/center/ Authentication CVE-2019-15977 content/CiscoSecuri Bypass Multiple vulnerabilities in the tyAdvisory/cisco-sa- Vulnerabilities authentication mechanisms of Cisco 20200102-dcnm- Data Center Network Manager (DCNM) auth-bypass could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device.
Cisco Data Center 02-JAN-2020 7.2 CVE-2019-15978 https://tools.cisco.c Network Manager High CVE-2019-15979 om/security/center/ Command Injection Multiple vulnerabilities in the REST and content/CiscoSecuri Vulnerabilities SOAP API endpoints of Cisco Data tyAdvisory/cisco-sa- Center Network Manager (DCNM) 20200102-dcnm- could allow an authenticated, remote comm-inject attacker with administrative privileges on the DCNM application to inject arbitrary commands on the underlying operating system (OS).
Cisco Data Center 02-JAN-2020 7.2 CVE-2019-15984 https://tools.cisco.c Network Manager High CVE-2019-15985 om/security/center/ SQL Injection Multiple vulnerabilities in the REST and content/CiscoSecuri Vulnerabilities SOAP API endpoints of Cisco Data tyAdvisory/cisco-sa- Center Network Manager (DCNM) 20200102-dcnm-sql- could allow an authenticated, remote inject attacker to execute arbitrary SQL commands on an affected device. To exploit these vulnerabilities, an attacker would need administrative privileges on the DCNM application.
Cisco Data Center 02-JAN-2020 7.2 CVE-2019-15980 https://tools.cisco.c Network Manager High CVE-2019-15981 om/security/center/ Path Traversal CVE-2019-15982 content/CiscoSecuri Vulnerabilities Multiple vulnerabilities in the REST and tyAdvisory/cisco-sa- SOAP API endpoints and the 20200102-dcnm- Application Framework feature of path-trav Cisco Data Center Network Manager (DCNM) could allow an authenticated, remote attacker to conduct directory traversal attacks on an affected device. To exploit these vulnerabilities, an
CV Scoring Scale 0 0.1-3.9 4-6.9 7-8.9 9-10 (CVSS) None Low Medium High Critical
5
Vulnerability Publish Date CSVV CVE ID & Description Patch attacker would need administrative privileges on the DCNM application.
Application: Apache Apache cordova- 14-JAN-2020 9.8 CVE-2019-0219 https://lists.apache. plugin-inappbrowser CRITICAL A website running in the InAppBrowser org/thread.html/19 CVE-2019-0219 webview on Android could execute 7482d5ab80c0bff4a Privilege Escalation arbitrary JavaScript in the main 5ec16e1b0466df383 Vulnerability application's webview using a specially 89d9a4b5331d777f crafted gap-iab: URI. 14fc%40%3Cdev.cor dova.apache.org%3 E
Apache Solr RCE 07-MAR-2019 9.8 CVE-2019-0192 http://mail- CVE-2019-0192 CRITICAL In Apache Solr versions 5.0.0 to 5.5.5 archives.us.apache. and 6.0.0 to 6.6.5, the Config API allows org/mod_mbox/ww to configure the JMX server via an HTTP w- POST request. By pointing it to a announce/201903. malicious RMI server, an attacker could mbox/%3CCAECwjA take advantage of Solr's unsafe V1buZwg%2BMcV9E deserialization to trigger remote code AQ19MeAWztPVJYD execution on the Solr side. 4zGK8kQdADFYij1w %40mail.gmail.com %3E https://lists.apache. org/thread.html/ec9 c572fb803b26ba031 8777977ee6d6a2fb3 a2c50d9b4224e541 d5d@%3Cdev.lucen e.apache.org%3E Apache Tomcat CVE- 23-DEC-2019 9.8 CVE-2019-17563 https://lists.opensus 2019-17563 Session CRITICAL When using FORM authentication with e.org/opensuse- Fixation Apache Tomcat 9.0.0.M1 to 9.0.29, security- Vulnerability 8.5.0 to 8.5.49 and 7.0.0 to 7.0.98 there announce/2020- was a narrow window where an 01/msg00013.html attacker could perform a session https://lists.apache. fixation attack. The window was org/thread.html/8b considered too narrow for an exploit to 4c1db8300117b28a be practical but, erring on the side of 0f3f743c0b9e3f964 caution, this issue has been treated as 687a690cdf9662a88 a security vulnerability. 4bbd%40
6
Vulnerability Publish Date CSVV CVE ID & Description Patch Execution can be exploited to remotely execute 638439416e3e1476 Vulnerability arbitrary code when combined with a 1c@
7
Vulnerability Publish Date CSVV CVE ID & Description Patch Apache 12-DEC-2019 6.7 CVE-2018-11805 Upgrading to SpamAssassin up to Medium In Apache SpamAssassin before 3.4.3, version 3.4.3. 3.4.2 CF File nefarious CF files can be configured to https://lists.apache. privilege escalation run system commands without any org/thread.html/6f8 output or errors. With this, exploits can 9f82a573ea616dce5 be injected in a number of scenarios. In 3ec67e52d963618a addition to upgrading to SA 3.4.3, we 9f9ac71da5c1efdbd recommend that users should only use 166@
Application: Samba Samba Releases 21-JAN-2020 6.5 CVE-2019-19344 https://www.samba Security Updates Medium There is a use-after-free issue in all .org/samba/security samba 4.9.x versions before 4.9.18, all /CVE-2019- samba 4.10.x versions before 4.10.12 19344.html and all samba 4.11.x versions before 4.11.5, essentially due to a call to realloc() while other local variables still point at the original buffer.
Samba Releases 21-JAN-2020 6.5 CVE-2019-14907 https://www.samba Security Updates Medium All samba versions 4.9.x before 4.9.18, .org/samba/security 4.10.x before 4.10.12 and 4.11.x before /CVE-2019- 4.11.5 have an issue where if it is set 14907.html with "log level = 3" (or above) then the string obtained from the client, after a failed character conversion, is printed. Such strings can be provided during the NTLMSSP authentication exchange. In the Samba AD DC in particular, this may cause a long-lived process (such as the RPC server) to terminate. (In the file server case, the most likely target, smbd, operates as process-per-client and so a crash there is harmless).
Samba Releases 21-JAN-2020 5.4 CVE-2019-14902 https://www.samba Security Updates Medium There is an issue in all samba 4.11.x .org/samba/security versions before 4.11.5, all samba 4.10.x /CVE-2019- versions before 4.10.12 and all samba 14902.html CV Scoring Scale 0 0.1-3.9 4-6.9 7-8.9 9-10 (CVSS) None Low Medium High Critical
8
Vulnerability Publish Date CSVV CVE ID & Description Patch 4.9.x versions before 4.9.18, where the removal of the right to create or modify a subtree would not automatically be taken away on all domain controllers.
Application: Oracle Oracle WebLogic 15-JAN-2020 9.8 CVE-2020-2551 https://www.oracle. Server Vulnerability CRITICAL Vulnerability in the Oracle WebLogic com/security- Server product of Oracle Fusion alerts/cpujan2020.h Middleware (component: WLS Core tml Components). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server.
Oracle Solaris 10 15-JAN-2020 8.8 CVE-2020-2696 https://www.oracle. Common Desktop High Vulnerability in the Oracle Solaris com/security- Environment product of Oracle Systems alerts/cpujan2020.h unknown (component: Common Desktop tml vulnerability Environment). The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While the vulnerability is in Oracle Solaris, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Solaris.
Oracle Security 15-JAN-2020 7.5 CVE-2020-2726 https://www.oracle. Updates High Vulnerability in the Oracle VM com/security- VirtualBox product of Oracle alerts/cpujan2020.h Virtualization (component: Core). tml Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the CV Scoring Scale 0 0.1-3.9 4-6.9 7-8.9 9-10 (CVSS) None Low Medium High Critical
9
Vulnerability Publish Date CSVV CVE ID & Description Patch vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox.
Oracle Security 15-JAN-2020 7.1 CVE-2020-2713 https://www.oracle. Updates High Vulnerability in the Oracle Banking com/security- Payments product of Oracle Financial alerts/cpujan2020.h Services Applications (component: tml Core). Supported versions that are affected are 14.1.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Payments. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Payments accessible data as well as unauthorized update, insert or delete access to some of Oracle Banking Payments accessible data.
Oracle Security 15-JAN-2020 7.1 CVE-2020-2718 https://www.oracle. Updates High Vulnerability in the Oracle Banking com/security- Corporate Lending product of Oracle alerts/cpujan2020.h Financial Services Applications tml (component: Core). Supported versions that are affected are 12.3.0- 12.4.0 and 14.0.0-14.3.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Banking Corporate Lending. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Banking Corporate Lending accessible data as well as unauthorized update, insert or delete access to some of Oracle Banking Corporate Lending accessible data. CVSS 3.0 Base Score 7.1
Oracle Security 15-JAN-2020 7.1 CVE-2020-2723 https://www.oracle. Updates High Vulnerability in the Oracle FLEXCUBE com/security- Investor Servicing product of Oracle alerts/cpujan2020.h Financial Services Applications tml CV Scoring Scale 0 0.1-3.9 4-6.9 7-8.9 9-10 (CVSS) None Low Medium High Critical
10
Vulnerability Publish Date CSVV CVE ID & Description Patch (component: Infrastructure). Supported versions that are affected are 12.1.0-12.4.0 and 14.0.0-14.1.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle FLEXCUBE Investor Servicing. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle FLEXCUBE Investor Servicing accessible data as well as unauthorized update, insert or delete access to some of Oracle FLEXCUBE Investor Servicing accessible data.
Application: VMware VMware Security 15-JAN-2020 7.8 CVE-2020-3941 https://www.vmwar Advisories High The repair operation of VMware Tools e.com/security/advi for Windows 10.x.y has a race sories/VMSA-2020- condition which may allow for privilege 0002.html escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11.
Application: Intel Intel Security 14-DEC-2020 6.5 CVE-2019-14600 https://www.intel.c Updates Medium Uncontrolled search path element in om/content/www/u the installer for Intel(R) SNMP s/en/security- Subagent Stand-Alone for Windows* center/advisory/inte may allow an authenticated user to l-sa-00300.html potentially enable escalation of privilege via local access.
Intel Security 14-JAN-2020 6.3 CVE-2019-14615 https://www.intel.c Updates Medium Insufficient control flow in certain data om/content/www/u structures for some Intel(R) Processors s/en/security- with Intel(R) Processor Graphics may center/advisory/inte allow an unauthenticated user to l-sa-00314.html potentially enable information disclosure via local access. Intel Security 14-JAN-2020 5.9 CVE-2019-14596 https://www.intel.c Updates Medium Improper access control in the installer om/content/www/u for Intel(R) Chipset Device Software INF s/en/security- Utility before version 10.1.18 may CV Scoring Scale 0 0.1-3.9 4-6.9 7-8.9 9-10 (CVSS) None Low Medium High Critical
11
Vulnerability Publish Date CSVV CVE ID & Description Patch allow an authenticated user to center/advisory/inte potentially enable denial of service via l-sa-00306.html local access.
Application: Wordpress Email Subscribers & 08-JAN-2020 9.8 CVE-2019-20361 Upgrading to Newsletters up to CRITICAL There was a flaw in the WordPress version 4.3.1. 4.3.0 on WordPress plugin, Email Subscribers & hash sql injection Newsletters before 4.3.1, that allowed SQL statements to be passed to the database in the hash parameter (a blind SQL injection vulnerability).
Minimal Coming 09-JAN-2020 8.8 CVE-2020-6167 https://wordpress.o Soon & HIGH A flaw in the WordPress plugin, rg/plugins/minimal- Maintenance Mode Minimal Coming Soon & Maintenance coming-soon- Plugin up to 2.10 on Mode through 2.10, allows a CSRF maintenance- WordPress cross site attack to enable maintenance mode, mode/#developers request forgery inject XSS, modify several important settings, or include remote files as a logo.
CityBook - 13-JAN-2020 7.5 CVE-2019-20209 - WordPress Theme HIGH The CTHthemes CityBook before 2.3.4, Vulnerability TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow nsecure Direct Object Reference (IDOR) via wp-admin/admin-ajax.php to delete any page/post/listing.
CityBook WordPress 13-JAN-2020 6.1 CVE-2019-20211 - Theme Vulnerability HIGH The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook before 1.2.2 themes for WordPress allow Persistent XSS via Listing Address, Listing Latitude, Listing Longitude, Email Address, Description, Name, Job or Position, Description, Service Name, Address, Latitude, Longitude, Phone Number, or Website.
Application: Google-Android
CV Scoring Scale 0 0.1-3.9 4-6.9 7-8.9 9-10 (CVSS) None Low Medium High Critical
12
Vulnerability Publish Date CSVV CVE ID & Description Patch Google – Android 08-JAN-2020 8.8 CVE-2020-0002 https://source.andr Security Updates High In ih264d_init_decoder of oid.com/security/bu ih264d_api.c, there is a possible out of lletin/2020-01-01 bounds write due to a use after free. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation Product: Android Versions: Android-8.0, Android-8.1, Android-9, and Android- 10 Android ID: A-142602711
Google – Android 06-JAN-2020 7.8 CVE-2019-9468 https://source.andr Security Updates High In export_key_der of export_key.cpp, oid.com/security/bu there is possible memory corruption lletin/pixel/2019-12- due to a double free. This could lead to 01 local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A- 139683471
Google – Android 07-JAN-2020 5.5 CVE-2019-9465 https://source.andr Security Updates MEDIUM In the Titan M handling of oid.com/security/bu cryptographic operations, there is a lletin/pixel/2019-12- possible information disclosure due to 01 an unusual root cause. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-10 Android ID: A- 133258003
Application: Google-Chrome Google Chrome 10-JAN-2020 8.8 CVE-2020-6377 https://chromerelea Security Updates High Use after free in audio in Google ses.googleblog.com/ Chrome prior to 79.0.3945.117 allowed 2020/01/stable- a remote attacker to potentially exploit channel-update-for- heap corruption via a crafted HTML desktop.html page.
Application: Mozilla CV Scoring Scale 0 0.1-3.9 4-6.9 7-8.9 9-10 (CVSS) None Low Medium High Critical
13
Vulnerability Publish Date CSVV CVE ID & Description Patch Security 08-JAN-2020 8.8 CVE-2019-11757 https://www.mozill vulnerabilities fixed High When following the value's prototype a.org/security/advis in - Firefox 70 chain, it was possible to retain a ories/mfsa2019-33/ reference to a locale, delete it, and https://www.mozill subsequently reference it. This a.org/security/advis resulted in a use-after-free and a ories/mfsa2019-34/ potentially exploitable crash. This https://www.mozill vulnerability affects Firefox < 70, a.org/security/advis Thunderbird < 68.2, and Firefox ESR < ories/mfsa2019-35/ 68.2.
Application: Huawei Buffer Error 03-JAN-2020 7.5 CVE-2019-5304 https://www.huawe Vulnerability in High Some Huawei products have a buffer i.com/en/psirt/secu Some Huawei error vulnerability. An rity- Products unauthenticated, remote attacker advisories/huawei- could send specific MPLS Echo Request sa-20200102-01- messages to the target products. Due buffer-en to insufficient input validation of some parameters in the messages, successful exploit may cause the device to reset.
Denial of Service 03-JAN-2020 5.5 CVE-2020-1785 https://www.huawe Vulnerability in Medium Mate 10 Pro;Honor V10;Honor i.com/en/psirt/secu Several 10;Nova 4 smartphones have a denial rity- Smartphones of service vulnerability. The system advisories/huawei- does not properly check the status of sa-20200102-03- certain module during certain smartphone-en operations, an attacker should trick the user into installing a malicious application, successful exploit could cause reboot of the smartphone.
Application: Adobe Adobe Illustrator CC 17-JAN-2020 9.8 CVE-2020-3710, CVE-2020-3711, CVE- Upgrade to Adobe < 24.0.2 Multiple Critical 2020-3712, CVE-2020-3713, CVE- Illustrator CC 24.0.2 Vulnerabilites 2020-3714 or later. The version of Adobe Illustrator CC on https://helpx.adobe the remote Windows hosts is prior to .com/security/prod 24.0.2. It is, therefore, affected ucts/illustrator/apsb multiple memory corruption 20-03.html vulnerabilities which could lead to arbitrary code execution on the remote host. An unauthenticated, local attacker could exploit these issues to execute arbitrary commands on the host.
CV Scoring Scale 0 0.1-3.9 4-6.9 7-8.9 9-10 (CVSS) None Low Medium High Critical
14
Vulnerability Publish Date CSVV CVE ID & Description Patch Adobe Experience 15-JAN-2020 7.5 CVE-2019-16467 https://helpx.adobe Manager multiple High CVE-2019-16468 .com/security/prod vulnerabilities CVE-2019-16469 ucts/experience- Adobe Experience Manager versions manager/apsb20- 6.5, 6.4, 6.3, 6.2, 6.1, and 6.0 have an 01.html user interface injection vulnerability. Successful exploitation could lead to sensitive information disclosure.
Application: Cacti Cacti 1.2.8 15-JAN-2020 6.1 CVE-2020-7106 - data_sources.php Medium Cacti 1.2.8 has stored XSS in header cross site data_sources.php, scripting color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS).
CV Scoring Scale 0 0.1-3.9 4-6.9 7-8.9 9-10 (CVSS) None Low Medium High Critical
15