CVE-2020-24385
In MidnightBSD before 1.2.6 and 1.3 before August 2020, and FreeBSD before 7, a NULL pointer dereference was found in the Linux emulation layer that allows attackers to crash the running kernel. During binary interaction, td->td_emuldata in sys/compat/linux/linux_emul.h is not getting initialized and returns NULL from em_find().
Source: CVE-2020-24385
CVE-2019-10679
Thomson Reuters Eikon 4.0.42144 allows all local users to modify the service executable file because of weak %PROGRAMFILES(X86)%Thomson ReutersEikon permissions.
Source: CVE-2019-10679
CVE-2020-24948
The ao_ccss_import AJAX call in Autoptimize WordPress Plugin 2.7.6 does not ensure that the file provided is a legitimate Zip file, allowing high privilege users to upload arbitrary files, such as PHP, leading to remote command execution.
Source: CVE-2020-24948
CVE-2020-25042
An arbitrary file upload issue exists in Mara CMS 7.5. In order to exploit this, an attacker must have a valid authenticated (admin/manager) session and make a codebase/dir.php?type=filenew request to upload PHP code to codebase/handler.php.
Source: CVE-2020-25042
CVE-2020-25068
Setelsa Conacwin v3.7.1.2 is vulnerable to a local file inclusion vulnerability. This vulnerability allows a remote unauthenticated attacker to read internal files on the server via an http:IP:PORT/../../path/file_to_disclose Directory Traversal URI.
Source: CVE-2020-25068
CVE-2020-24863
A memory corruption vulnerability was found in the kernel function kern_getfsstat in MidnightBSD before 1.2.7 and 1.3 through 2020-08-19, and FreeBSD through 11.4, that allows an attacker to trigger an invalid free and crash the system via a crafted size value in conjunction with an invalid mode.
Source: CVE-2020-24863
CVE-2020-13972
Enghouse Web Chat 6.2.284.34 allows XSS. When one enters their own domain name in the WebServiceLocation parameter, the response from the POST request is displayed, and any JavaScript returned from the external server is executed in the browser. This is related to CVE-2019-16951.
Source: CVE-2020-13972
CVE-2020-16149
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its requestor. Notes: none.
Source: CVE-2020-16149
CVE-2020-25105
eramba c2.8.1 and Enterprise before e2.19.3 has a weak password recovery token (createHash has only a million possibilities).
Source: CVE-2020-25105
CVE-2020-7382
Rapid7 Nexpose installer version prior to 6.6.40 contains an Unquoted Search Path which may allow an attacker on the local machine to insert an arbitrary file into the executable path. This issue affects: Rapid7 Nexpose versions prior to 6.6.40.
Source: CVE-2020-7382