# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
7501 |
CVE-2020-5336 |
74 |
|
Exec Code |
2020-05-04 |
2020-05-07 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL injection vulnerability. An unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to execute malicious JavaScript code on the affected system. |
7502 |
CVE-2020-5330 |
200 |
|
+Info |
2020-04-10 |
2020-04-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Dell EMC Networking X-Series firmware versions 3.0.1.2 and older, Dell EMC Networking PC5500 firmware versions 4.1.0.22 and older and Dell EMC PowerEdge VRTX Switch Modules firmware versions 2.0.0.77 and older contain an information disclosure vulnerability. A remote unauthenticated attacker could exploit this vulnerability to retrieve sensitive data by sending a specially crafted request to the affected endpoints. |
7503 |
CVE-2020-5329 |
601 |
|
|
2021-07-29 |
2021-08-06 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
Dell EMC Avamar Server contains an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links. |
7504 |
CVE-2020-5323 |
74 |
|
+Priv |
2021-07-19 |
2022-07-15 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
None |
Partial |
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an injection vulnerability. A remote authenticated malicious user with low privileges could potentially exploit this vulnerability to gain access to sensitive information or cause denial-of-service. |
7505 |
CVE-2020-5321 |
20 |
|
|
2021-07-19 |
2021-07-29 |
5.5 |
None |
Remote |
Low |
??? |
None |
Partial |
Partial |
Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an improper input validation vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to spawn tasks with elevated privileges. |
7506 |
CVE-2020-5318 |
863 |
|
|
2020-02-06 |
2020-02-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Dell EMC Isilon OneFS versions 8.1.2, 8.1.0.4, 8.1.0.3, and 8.0.0.7 contain a vulnerability in some configurations. An attacker may exploit this vulnerability to gain access to restricted files. The non-RAN HTTP and WebDAV file-serving components have a vulnerability wherein when either are enabled, and Basic Authentication is enabled for either or both components, files are accessible without authentication. |
7507 |
CVE-2020-5313 |
125 |
|
Overflow |
2020-01-03 |
2020-02-18 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. |
7508 |
CVE-2020-5304 |
74 |
|
|
2020-06-08 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The dashboard in WhiteSource Application Vulnerability Management (AVM) before version 20.4.1 allows Log Injection via a %0A%0D substring in the idp parameter to the /saml/login URI. This closes the current log and creates a new log with one line of data. The attacker can also insert malicious data and false entries. |
7509 |
CVE-2020-5284 |
22 |
|
Dir. Trav. |
2020-03-30 |
2020-04-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Next.js versions before 9.3.2 have a directory traversal vulnerability. Attackers could craft special requests to access files in the dist directory (.next). This does not affect files outside of the dist directory (.next). In general, the dist directory only holds build assets unless your application intentionally stores other assets under this directory. This issue is fixed in version 9.3.2. |
7510 |
CVE-2020-5281 |
732 |
|
|
2020-03-25 |
2020-03-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
In Perun before version 3.9.1, VO or group manager can modify configuration of the LDAP extSource to retrieve all from Perun LDAP. Issue is fixed in version 3.9.1 by sanitisation of the input. |
7511 |
CVE-2020-5280 |
22 |
|
Dir. Trav. File Inclusion |
2020-03-25 |
2020-03-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
http4s before versions 0.18.26, 0.20.20, and 0.21.2 has a local file inclusion vulnerability. This vulnerability applies to all users of org.http4s.server.staticcontent.FileService, org.http4s.server.staticcontent.ResourceService and org.http4s.server.staticcontent.WebjarService. URI normalization is applied incorrectly. Requests whose path info contain ../ or // can expose resources outside of the configured location. This issue is patched in versions 0.18.26, 0.20.20, and 0.21.2. Note that 0.19.0 is a deprecated release and has never been supported. |
7512 |
CVE-2020-5275 |
863 |
|
|
2020-03-30 |
2020-04-09 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
In symfony/security-http before versions 4.4.7 and 5.0.7, when a `Firewall` checks access control rule, it iterate overs each rule's attributes and stops as soon as the accessDecisionManager decides to grant access on the attribute, preventing the check of next attributes that should have been take into account in an unanimous strategy. The accessDecisionManager is now called with all attributes at once, allowing the unanimous strategy being applied on each attribute. This issue is patched in versions 4.4.7 and 5.0.7. |
7513 |
CVE-2020-5274 |
209 |
|
|
2020-03-30 |
2020-04-01 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
In Symfony before versions 5.0.5 and 4.4.5, some properties of the Exception were not properly escaped when the `ErrorHandler` rendered it stacktrace. In addition, the stacktrace were displayed even in a non-debug configuration. The ErrorHandler now escape alls properties of the exception, and the stacktrace is only display in debug configuration. This issue is patched in symfony/http-foundation versions 4.4.5 and 5.0.5 |
7514 |
CVE-2020-5270 |
601 |
|
XSS |
2020-04-20 |
2020-04-23 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
In PrestaShop between versions 1.7.6.0 and 1.7.6.5, there is an open redirection when using back parameter. The impacts can be many, and vary from the theft of information and credentials to the redirection to malicious websites containing attacker-controlled content, which in some cases even cause XSS attacks. So even though an open redirection might sound harmless at first, the impacts of it can be severe should it be exploitable. The problem is fixed in 1.7.6.5 |
7515 |
CVE-2020-5260 |
522 |
|
|
2020-04-14 |
2021-03-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store and retrieve passwords or other credentials from secure storage provided by the operating system. Specially-crafted URLs that contain an encoded newline can inject unintended values into the credential helper protocol stream, causing the credential helper to retrieve the password for one server (e.g., good.example.com) for an HTTP request being made to another server (e.g., evil.example.com), resulting in credentials for the former being sent to the latter. There are no restrictions on the relationship between the two, meaning that an attacker can craft a URL that will present stored credentials for any host to a host of their choosing. The vulnerability can be triggered by feeding a malicious URL to git clone. However, the affected URLs look rather suspicious; the likely vector would be through systems which automatically clone URLs not visible to the user, such as Git submodules, or package systems built around Git. The problem has been patched in the versions published on April 14th, 2020, going back to v2.17.x. Anyone wishing to backport the change further can do so by applying commit 9a6bbee (the full release includes extra checks for git fsck, but that commit is sufficient to protect clients against the vulnerability). The patched versions are: 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26.1. |
7516 |
CVE-2020-5259 |
74 |
|
|
2020-03-10 |
2020-03-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In affected versions of dojox (NPM package), the jqMix method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. This has been patched in versions 1.11.10, 1.12.8, 1.13.7, 1.14.6, 1.15.3 and 1.16.2 |
7517 |
CVE-2020-5258 |
94 |
|
|
2020-03-10 |
2022-07-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In affected versions of dojo (NPM package), the deepCopy method is vulnerable to Prototype Pollution. Prototype Pollution refers to the ability to inject properties into existing JavaScript language construct prototypes, such as objects. An attacker manipulates these attributes to overwrite, or pollute, a JavaScript application object prototype of the base object by injecting other values. This has been patched in versions 1.12.8, 1.13.7, 1.14.6, 1.15.3 and 1.16.2 |
7518 |
CVE-2020-5257 |
89 |
|
Sql Bypass |
2020-03-13 |
2020-03-18 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
In Administrate (rubygem) before version 0.13.0, when sorting by attributes on a dashboard, the direction parameter was not validated before being interpolated into the SQL query. This could present a SQL injection if the attacker were able to modify the `direction` parameter and bypass ActiveRecord SQL protections. Whilst this does have a high-impact, to exploit this you need access to the Administrate dashboards, which we would expect to be behind authentication. This is patched in wersion 0.13.0. |
7519 |
CVE-2020-5251 |
863 |
|
|
2020-03-04 |
2020-03-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
In parser-server before version 4.1.0, you can fetch all the users objects, by using regex in the NoSQL query. Using the NoSQL, you can use a regex on sessionToken and find valid accounts this way. |
7520 |
CVE-2020-5248 |
798 |
|
|
2020-05-12 |
2020-05-14 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
GLPI before before version 9.4.6 has a vulnerability involving a default encryption key. GLPIKEY is public and is used on every instance. This means anyone can decrypt sensitive data stored using this key. It is possible to change the key before installing GLPI. But on existing instances, data must be reencrypted with the new key. Problem is we can not know which columns or rows in the database are using that; espcially from plugins. Changing the key without updating data would lend in bad password sent from glpi; but storing them again from the UI will work. |
7521 |
CVE-2020-5247 |
113 |
|
XSS Http R.Spl. |
2020-02-28 |
2022-05-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters. |
7522 |
CVE-2020-5244 |
200 |
|
+Info |
2020-02-24 |
2020-02-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
In BuddyPress before 5.1.2, requests to a certain REST API endpoint can result in private user data getting exposed. Authentication is not needed. This has been patched in version 5.1.2. |
7523 |
CVE-2020-5243 |
400 |
|
DoS |
2020-02-21 |
2020-02-25 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. Some regexes are vulnerable to regular expression denial of service (REDoS) due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent header in an HTTP(S) request to maliciously crafted long strings. This has been patched in uap-core 0.7.3. |
7524 |
CVE-2020-5240 |
863 |
|
|
2020-03-13 |
2020-03-18 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
In wagtail-2fa before 1.4.1, any user with access to the CMS can view and delete other users 2FA devices by going to the correct path. The user does not require special permissions in order to do so. By deleting the other users device they can disable the target users 2FA devices and potentially compromise the account if they figure out their password. The problem has been patched in version 1.4.1. |
7525 |
CVE-2020-5233 |
601 |
|
|
2020-01-30 |
2020-04-09 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
OAuth2 Proxy before 5.0 has an open redirect vulnerability. Authentication tokens could be silently harvested by an attacker. This has been patched in version 5.0. |
7526 |
CVE-2020-5230 |
74 |
|
|
2020-01-30 |
2020-02-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Opencast before 8.1 and 7.6 allows almost arbitrary identifiers for media packages and elements to be used. This can be problematic for operation and security since such identifiers are sometimes used for file system operations which may lead to an attacker being able to escape working directories and write files to other locations. In addition, Opencast's Id.toString(…) vs Id.compact(…) behavior, the latter trying to mitigate some of the file system problems, can cause errors due to identifier mismatch since an identifier may unintentionally change. This issue is fixed in Opencast 7.6 and 8.1. |
7527 |
CVE-2020-5229 |
327 |
|
|
2020-01-30 |
2020-02-05 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
Opencast before 8.1 stores passwords using the rather outdated and cryptographically insecure MD5 hash algorithm. Furthermore, the hashes are salted using the username instead of a random salt, causing hashes for users with the same username and password to collide which is problematic especially for popular users like the default `admin` user. This essentially means that for an attacker, it might be feasible to reconstruct a user's password given access to these hashes. Note that attackers needing access to the hashes means that they must gain access to the database in which these are stored first to be able to start cracking the passwords. The problem is addressed in Opencast 8.1 which now uses the modern and much stronger bcrypt password hashing algorithm for storing passwords. Note, that old hashes remain MD5 until the password is updated. For a list of users whose password hashes are stored using MD5, take a look at the `/user-utils/users/md5.json` REST endpoint. |
7528 |
CVE-2020-5228 |
862 |
|
|
2020-01-30 |
2020-02-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Opencast before 8.1 and 7.6 allows unauthorized public access to all media and metadata by default via OAI-PMH. OAI-PMH is part of the default workflow and is activated by default, requiring active user intervention of users to protect media. This leads to users unknowingly handing out public access to events without their knowledge. The problem has been addressed in Opencast 7.6 and 8.1 where the OAI-PMH endpoint is configured to require users with `ROLE_ADMIN` by default. In addition to this, Opencast 9 removes the OAI-PMH publication from the default workflow, making the publication a conscious decision users have to make by updating their workflows. |
7529 |
CVE-2020-5227 |
776 |
|
DoS |
2020-01-28 |
2020-02-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Feedgen (python feedgen) before 0.9.0 is susceptible to XML Denial of Service attacks. The *feedgen* library allows supplying XML as content for some of the available fields. This XML will be parsed and integrated into the existing XML tree. During this process, feedgen is vulnerable to XML Denial of Service Attacks (e.g. XML Bomb). This becomes a concern in particular if feedgen is used to include content from untrused sources and if XML (including XHTML) is directly included instead of providing plain tex content only. This problem has been fixed in feedgen 0.9.0 which disallows XML entity expansion and external resources. |
7530 |
CVE-2020-5225 |
532 |
|
|
2020-01-24 |
2020-01-31 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
Log injection in SimpleSAMLphp before version 1.18.4. The www/erroreport.php script, which receives error reports and sends them via email to the system administrator, did not properly sanitize the report identifier obtained from the request. This allows an attacker, under specific circumstances, to inject new log lines by manually crafting this report ID. When configured to use the file logging handler, SimpleSAMLphp will output all its logs by appending each log line to a given file. Since the reportID parameter received in a request sent to www/errorreport.php was not properly sanitized, it was possible to inject newline characters into it, effectively allowing a malicious user to inject new log lines with arbitrary content. |
7531 |
CVE-2020-5220 |
200 |
|
+Info |
2020-01-27 |
2020-02-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Sylius ResourceBundle accepts and uses any serialisation groups to be passed via a HTTP header. This might lead to data exposure by using an unintended serialisation group - for example it could make Shop API use a more permissive group from Admin API. Anyone exposing an API with ResourceBundle's controller is affected. The vulnerable versions are: <1.3 || >=1.3.0 <=1.3.12 || >=1.4.0 <=1.4.5 || >=1.5.0 <=1.5.0 || >=1.6.0 <=1.6.2. The patch is provided for Sylius ResourceBundle 1.3.13, 1.4.6, 1.5.1 and 1.6.3, but not for any versions below 1.3. |
7532 |
CVE-2020-5217 |
74 |
|
|
2020-01-23 |
2020-05-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.8.0, 5.1.0, and 6.2.0. If user-supplied input was passed into append/override_content_security_policy_directives, a semicolon could be injected leading to directive injection. This could be used to e.g. override a script-src directive. Duplicate directives are ignored and the first one wins. The directives in secure_headers are sorted alphabetically so they pretty much all come before script-src. A previously undefined directive would receive a value even if SecureHeaders::OPT_OUT was supplied. The fixed versions will silently convert the semicolons to spaces and emit a deprecation warning when this happens. This will result in innocuous browser console messages if being exploited/accidentally used. In future releases, we will raise application errors resulting in 500s. Depending on what major version you are using, the fixed versions are 6.2.0, 5.1.0, 3.8.0. |
7533 |
CVE-2020-5216 |
74 |
|
|
2020-01-23 |
2020-02-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In Secure Headers (RubyGem secure_headers), a directive injection vulnerability is present in versions before 3.9.0, 5.2.0, and 6.3.0. If user-supplied input was passed into append/override_content_security_policy_directives, a newline could be injected leading to limited header injection. Upon seeing a newline in the header, rails will silently create a new Content-Security-Policy header with the remaining value of the original string. It will continue to create new headers for each newline. This has been fixed in 6.3.0, 5.2.0, and 3.9.0. |
7534 |
CVE-2020-5207 |
444 |
|
|
2020-01-27 |
2020-02-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator. |
7535 |
CVE-2020-5205 |
384 |
|
|
2020-01-09 |
2020-01-17 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
In Pow (Hex package) before 1.0.16, the use of Plug.Session in Pow.Plug.Session is susceptible to session fixation attacks if a persistent session store is used for Plug.Session, such as Redis or a database. Cookie store, which is used in most Phoenix apps, doesn't have this vulnerability. |
7536 |
CVE-2020-5196 |
276 |
|
Bypass |
2020-01-14 |
2020-01-17 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
Cerberus FTP Server Enterprise Edition prior to versions 11.0.3 and 10.0.18 allows an authenticated attacker to create files, display hidden files, list directories, and list files without the permission to zip and download (or unzip and upload) files. There are multiple ways to bypass certain permissions by utilizing the zip and unzip features. As a result, users without permission can see files, folders, and hidden files, and can create directories without permission. |
7537 |
CVE-2020-5194 |
863 |
|
|
2020-01-14 |
2021-07-21 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
The zip API endpoint in Cerberus FTP Server 8 allows an authenticated attacker without zip permission to use the zip functionality via an unrestricted API endpoint. Improper permission verification occurs when calling the file/ajax_download_zip/zip_name endpoint. The result is that a user without permissions can zip and download files even if they do not have permission to view whether the file exists. |
7538 |
CVE-2020-5183 |
476 |
|
Mem. Corr. |
2020-01-08 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
FTPGetter Professional 5.97.0.223 is vulnerable to a memory corruption bug when a user sends a specially crafted string to the application. This memory corruption bug can possibly be classified as a NULL pointer dereference. |
7539 |
CVE-2020-5143 |
203 |
|
|
2020-10-12 |
2020-10-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management administrator username enumeration based on the server responses. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0. |
7540 |
CVE-2020-5140 |
125 |
|
DoS |
2020-10-12 |
2020-10-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0. |
7541 |
CVE-2020-5139 |
763 |
|
DoS |
2020-10-12 |
2020-10-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial of Service (DoS) due to the release of Invalid pointer and leads to a firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0. |
7542 |
CVE-2020-5138 |
787 |
|
DoS Overflow |
2020-10-12 |
2021-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to SonicOS crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0. |
7543 |
CVE-2020-5137 |
120 |
|
DoS Overflow |
2020-10-12 |
2020-10-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service and leads to firewall crash. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. |
7544 |
CVE-2020-5133 |
120 |
|
DoS Overflow |
2020-10-12 |
2020-10-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due to buffer overflow, which leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. |
7545 |
CVE-2020-5132 |
|
|
|
2020-09-30 |
2020-10-07 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible DNS flaw known as domain name collision vulnerability. When the users publicly display their organization’s internal domain names in the SSL-VPN authentication page, an attacker with knowledge of internal domain names can potentially take advantage of this vulnerability. |
7546 |
CVE-2020-5130 |
20 |
|
|
2020-07-17 |
2020-07-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n and earlier. |
7547 |
CVE-2020-5129 |
444 |
|
DoS |
2020-03-26 |
2020-03-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attacker to cause HTTP server crash which leads to Denial of Service. This vulnerability affected SMA1000 Version 12.1.0-06411 and earlier. |
7548 |
CVE-2020-5024 |
|
|
DoS |
2021-03-11 |
2021-04-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated attacker to cause a denial of service due a hang in the SSL handshake response. IBM X-Force ID: 193660. |
7549 |
CVE-2020-5023 |
400 |
|
|
2021-02-10 |
2021-02-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
IBM Spectrum Protect Plus 10.1.0 through 10.1.7 could allow a remote user to inject arbitrary data iwhich could cause the serivce to crash due to excess resource consumption. IBM X-Force ID: 193659. |
7550 |
CVE-2020-5022 |
200 |
|
+Info |
2021-01-08 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow unauthenticated and unauthorized access to VDAP proxy which can result in an attacker obtaining information they are not authorized to access. IBM X-Force ID: 193658. |