PT-2020-8676 · Mongodb · Mongodb Server +1

Name of the Vulnerable Software and Affected Versions: MongoDB Server versions prior to 4.0.5 MongoDB Server versions prior to 3.6.10 Description: A user authorized to perform database queries may trigger denial of service by issuing specially crafted queries, which perform an $elemMatch...

Frenchbread Private-ip Code Issue Vulnerability

Frenchbread Private-ip is a Js codebase for checking if an Ip is private by Frenchbread individual developers. A security vulnerability exists in the Frenchbread Private-ip package prior to v1.0.5 that stems from insufficient regular expressions to adequately filter the reserved IP range, resulti...

Apple Safari Input Validation Error Vulnerability

Apple Safari is a web browser from Apple, Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. A security vulnerability exists in Apple Safari versions prior to 13.0.5, which stems from a logic issue where URL schemes may be incorrectly ignored when determining...

CVE-2020-10044

A vulnerability has been identified in SICAM MMU All versions V2.05, SICAM SGU All versions, SICAM T All versions V2.18. An attacker with access to the network could be able to install specially crafted firmware to the device...

Mattermost Server Cross-Site Scripting Vulnerability (CNVD-2020-48243)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A cross-site scripting vulnerability exists in Mattermost Server versions prior to 4.2.0, prior to 4.1.1, and prior to 4.0.5. The vulnerability stems from a lack of proper validation of client data ...

Mattermost Server Input Validation Error Vulnerability (CNVD-2020-48241)

Mattermost Server is the United States Mattermost company's set of open source messaging platform. A security vulnerability exists in Mattermost Server versions prior to 4.2.0, 4.1.1, and 4.0.5. An attacker could exploit the vulnerability to conduct a phishing attack...

dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair()

A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index a UInt is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption...

IBM UrbanCode Deploy Information Disclosure Vulnerability (CNVD-2020-24013)

IBM UrbanCode Deploy UCD is a set of application automation deployment tools from IBM in the United States. The tool is based on an application deployment automation management information model, and through remote agent technology, to realize the complex application in different environments, su...

CVE-2020-1988

An unquoted search path vulnerability in the Windows release of Global Protect Agent allows an authenticated local user with file creation privileges on the root of the OS disk C:\ or to Program Files directory to gain system privileges. This issue affects Palo Alto Networks GlobalProtect Agent 5...

CVE-2020-1976

A denial-of-service DoS vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash. This issue affects GlobalProtect 5.0.5 and earlier versions of GlobalProtect 5.0 on Mac OS...

TmaxSoft JEUS Path Traversal Vulnerability

TmaxSoft JEUS is a Web application server from TmaxSoft Korea. A path traversal vulnerability exists in TmaxSoft JEUS 7 Fix0 version to 5 and TmaxSoft JEUS 8Fix0 version to 1. The vulnerability stems from a failure of a networked system or product to properly filter for specific elements in the...

CVE-2019-17119

Multiple SQL injection vulnerabilities in Logs.jsp in WiKID 2FA Enterprise Server through 4.2.0-b2053 allow authenticated users to execute arbitrary SQL commands via the source or subString parameter...

CVE-2019-7990

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2019-7980

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution...

CVE-2019-7972

Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution...

Adobe Photoshop CC Out-of-Bounds Read Vulnerability (CNVD-2019-27667)

Adobe Photoshop, or "PS" for short, is an image processing software developed and distributed by Adobe.Photoshop CC is the Creative Cloud version of Photoshop. An out-of-bounds read vulnerability exists in Adobe Photoshop CC 19.1.8, 20.0.5 and earlier versions. An attacker could exploit this...

Adobe Photoshop CC Type Obfuscation Vulnerability (CNVD-2019-28666)

Adobe Photoshop, or "PS" for short, is an image processing software developed and distributed by Adobe.Photoshop CC is the Creative Cloud version of Photoshop. A type confusion vulnerability exists in Adobe Photoshop CC 19.1.8, 20.0.5 and earlier versions. An attacker can exploit this vulnerabili...

HPE 3PAR Service Processor Override Access Vulnerability

HPE 3PAR Service Processor SP is a suite of virtual service processors deployed on the VMware vSphere hypervisor from HPE, USA. An over-the-horizon access vulnerability exists in HPE 3PAR Service Processor versions prior to 5.0.5.1. An attacker could exploit this vulnerability to gain authorized...

CVE-2019-5396

A remote authentication bypass vulnerability was discovered in HPE 3PAR Service Processor versions: prior to 5.0.5.1...

CVE-2018-9193

A researcher has disclosed several vulnerabilities against FortiClient for Windows version 6.0.5 and below, version 5.6.6, the combination of these vulnerabilities can turn into an exploit chain, which allows a user to gain system privileges on Microsoft Windows...