CWE:
 

Tytuł
Data
Autor
Med.
Revive Adserver 5.0.4 Security Bypass / Open Redirect
14.03.2020
Matteo Beccati


Common Weakness Enumeration (CWE)

CVE
Szczegóły
Opis
2020-05-27
Low
CVE-2020-4348

Vendor: IBM
Software: Spectrum scale
 

 
IBM Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.4 could allow an authenticated GUI user to perform unauthorized actions due to missing function level access control. IBM X-Force ID: 178414

 
2020-05-14
Low
CVE-2020-0064

Vendor: Google
Software: Android
 

 
An improper authorization while processing the provisioning data.Product: AndroidVersions: Android SoCAndroid ID: A-149866855

 
Medium
CVE-2020-12875

Vendor: Veritas
Software: Aptare
 

 
Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application.

 
Medium
CVE-2020-12874

Vendor: Veritas
Software: Aptare
 

 
Veritas APTARE versions prior to 10.4 included code that bypassed the normal login process when specific authentication credentials were provided to the server.

 
Low
CVE-2020-0090

Vendor: Google
Software: Android
 

 
An improper authorization in the receiver component of Email.Product: AndroidVersions: Android SoCAndroid ID: A-149813048

 
Low
CVE-2020-0065

Vendor: Google
Software: Android
 

 
An improper authorization in the receiver component of the Android Suite Daemon.Product: AndroidVersions: Android SoCAndroid ID: A-149813448

 
2020-05-13
Medium
CVE-2020-1998

Vendor: Paloaltonetworks
Software: Pan-os
 

 
An improper authorization vulnerability in PAN-OS that mistakenly uses the permissions of local linux users instead of the intended SAML permissions of the account when the username is shared for the purposes of SSO authentication. This can result in authentication bypass and unintended resource access for the user. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.6; PAN-OS 9.1 versions earlier than 9.1.1; All versions of PAN-OS 8.0.

 
2020-05-11
Medium
CVE-2020-12745

Vendor: Google
Software: Android
 

 
An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can bypass the locked-state protection mechanism and access clipboard content via USSD. The Samsung ID is SVE-2019-16556 (May 2020).

 
2020-05-08
Medium
CVE-2020-12720

Vendor: Vbulletin
Software: Vbulletin
 

 
vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control.

 
2020-05-06
Medium
CVE-2020-12669

Vendor: Dolibarr
Software: Dolibarr
 

 
core/get_menudiv.php in Dolibarr before 11.0.4 allows remote authenticated attackers to bypass intended access restrictions via a non-alphanumeric menu parameter.

 

 


Copyright 2020, cxsecurity.com

 

Back to Top