⚠ CVE: CVE-2020-24640
🔴Severity: HIGH
❔ Details: There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system.
☢ References: https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-001.txt
⚠ CVE: CVE-2020-27265
🔴Severity: HIGH
❔ Details: KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions are vulnerable to a stack-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and remotely execute code.
☢ References: https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02
⚠ CVE: CVE-2020-27267
🟡Severity: MEDIUM
❔ Details: KEPServerEX v6.0 to v6.9, ThingWorx Kepware Server v6.8 and v6.9, ThingWorx Industrial Connectivity (all versions), OPC-Aggregator (all versions), Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server v7.68.804 and v7.66, and Software Toolbox TOP Server all 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data.
☢ References: https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02
⚠ CVE: CVE-2020-27263
🟡Severity: MEDIUM
❔ Details: KEPServerEX: v6.0 to v6.9, ThingWorx Kepware Server: v6.8 and v6.9, ThingWorx Industrial Connectivity: All versions, OPC-Aggregator: All versions, Rockwell Automation KEPServer Enterprise, GE Digital Industrial Gateway Server: v7.68.804 and v7.66, Software Toolbox TOP Server: All 6.x versions, are vulnerable to a heap-based buffer overflow. Opening a specifically crafted OPC UA message could allow an attacker to crash the server and potentially leak data.
☢ References: https://us-cert.cisa.gov/ics/advisories/icsa-20-352-02
⚠ CVE: CVE-2020-5685
🔴Severity: HIGH
❔ Details: UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute arbitrary OS commands or cause a denial-of-service (DoS) condition by sending a specially crafted request to a specific URL.
☢ References: https://jvn.jp/en/jp/JVN38784555/index.html
⚠ CVE: CVE-2020-29493
🔴Severity: HIGH
❔ Details: DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a SQL Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of certain SQL commands on the application's backend database, causing unauthorized read and write access to application data. Exploitation may lead to leakage or deletion of sensitive backup data; hence the severity is Critical. Dell EMC recommends customers to upgrade at the earliest opportunity.
☢ References: https://www.dell.com/support/kbdoc/en-us/000181806/dsa-2020-272-dell-emc-avamar-server-security-update-for-multiple-vulnerabilities
⚠ CVE: CVE-2020-5633
🔴Severity: HIGH
❔ Details: Multiple NEC products (Express5800/T110j, Express5800/T110j-S, Express5800/T110j (2nd-Gen), Express5800/T110j-S (2nd-Gen), iStorage NS100Ti, and Express5800/GT110j) where Baseboard Management Controller (BMC) firmware Rev1.09 and earlier is applied allows remote attackers to bypass authentication and then obtain/modify BMC setting information, obtain monitoring information, or reboot/shut down the vulnerable product via unspecified vectors.
☢ References: https://jpn.nec.com/security-info/secinfo/nv21-002.html
⚠ CVE: CVE-2020-29495
🔴Severity: HIGH
❔ Details: DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS with high privileges. This vulnerability is considered critical as it can be leveraged to completely compromise the vulnerable application as well as the underlying operating system. Dell recommends customers to upgrade at the earliest opportunity.
☢ References: https://www.dell.com/support/kbdoc/en-us/000181806/dsa-2020-272-dell-emc-avamar-server-security-update-for-multiple-vulnerabilities
⚠ CVE: CVE-2020-24639
🔴Severity: HIGH
❔ Details: There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating system.
☢ References: https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-001.txt
⚠ CVE: CVE-2021-25323
🟡Severity: MEDIUM
❔ Details: The default setting of MISP 2.4.136 did not enable the requirements (aka requirepasswordconfirmation) to provide the previous password when changing a password.
☢ References: https://github.com/MISP/MISP/commit/afbf95a478b6e94f532ca0776c79da1b08be7eed
⚠ CVE: CVE-2021-22851
🔴Severity: HIGH
❔ Details: HGiga EIP product contains SQL Injection vulnerability. Attackers can inject SQL commands into specific URL parameter (document management page) to obtain database schema and data.
☢ References: https://www.twcert.org.tw/tw/cp-132-4327-50e99-1.html
⚠ CVE: CVE-2021-22850
🔴Severity: HIGH
❔ Details: HGiga EIP product lacks ineffective access control in certain pages that allow attackers to access database or perform privileged functions.
☢ References: https://www.twcert.org.tw/tw/cp-132-4326-3d9d2-1.html
⚠ CVE: CVE-2020-28480
🔴Severity: HIGH
❔ Details: The package jointjs before 3.3.0 are vulnerable to Prototype Pollution via util.setByPath (https://resources.jointjs.com/docs/jointjs/v3.2/joint.htmlutil.setByPath). The path used the access the object's key and set the value is not properly sanitized, leading to a Prototype Pollution.
☢ References: https://github.com/clientIO/joint/pull/1406
⚠ CVE: CVE-2016-0718
🔴Severity: HIGH
❔ Details: Expat allows context-dependent attackers to cause a denial of service (crash) or possibly execute arbitrary code via a malformed input document, which triggers a buffer overflow.
☢ References: http://www.openwall.com/lists/oss-security/2016/05/17/12
⚠ CVE: CVE-2017-17480
🔴Severity: HIGH
❔ Details: In OpenJPEG 2.3.0, a stack-based buffer overflow was discovered in the pgxtovolume function in jp3d/convert.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly remote code execution.
☢ References: https://github.com/uclouvain/openjpeg/issues/1044
⚠ CVE: CVE-2017-7864
🔴Severity: HIGH
❔ Details: FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the ttsizereset function in truetype/ttobjs.c.
☢ References: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=509
⚠ CVE: CVE-2016-10328
🔴Severity: HIGH
❔ Details: FreeType 2 before 2016-12-16 has an out-of-bounds write caused by a heap-based buffer overflow related to the cffparserrun function in cff/cffparse.c.
☢ References: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=289
⚠ CVE: CVE-2021-23926
🟡Severity: MEDIUM
❔ Details: The XML parsers used by XMLBeans up to version 2.6.0 did not set the properties needed to protect the user from malicious XML input. Vulnerabilities include possibilities for XML Entity Expansion attacks. Affects XMLBeans up to and including v2.6.0.
☢ References: https://issues.apache.org/jira/browse/XMLBEANS-517