Security Vulnerabilities - CVEs Published In May 2020
In Cherokee through 1.2.104, multiple memory corruption errors may be used by a remote attacker to destabilize the work of a server.
CVSS Score
7.5
EPSS Score
0.041
Published
2020-05-18
In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler_cgi_add_env_pair in handler_cgi.c by sending many request headers, as demonstrated by a GET request with many "Host: 127.0.0.1" headers.
CVSS Score
9.8
EPSS Score
0.013
Published
2020-05-18
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code (that accesses a user's data) via cross-origin requests.
CVSS Score
5.3
EPSS Score
0.002
Published
2020-05-18
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server improperly displays directory names, leading to Stored XSS, which may be used to steal a user's data. This requires user interaction because there is no known direct way for an attacker to create a crafted directory name on a victim's device. However, a crafted directory name can occur if a victim extracts a ZIP archive that was provided by an attacker.
CVSS Score
6.1
EPSS Score
0.002
Published
2020-05-18
An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service.
CVSS Score
7.5
EPSS Score
0.005
Published
2020-05-18
IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a specific set of circumstances may allow a local user to obtain sensitive information that they should not have access to. IBM X-Force ID: 178318.
CVSS Score
2.9
EPSS Score
0.001
Published
2020-05-17
An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13126. Unauthenticated attackers can create users with the Subscriber role even if registration is disabled.
CVSS Score
7.2
EPSS Score
0.014
Published
2020-05-17
An issue was discovered in the Elementor Pro plugin before 2.9.4 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13125. An attacker with the Subscriber role can upload arbitrary executable files to achieve remote code execution. NOTE: the free Elementor plugin is unaffected.
CVSS Score
9.9
EPSS Score
0.085
Published
2020-05-17
Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt.
CVSS Score
6.1
EPSS Score
0.152
Published
2020-05-16
An issue was discovered in Mikrotik-Router-Monitoring-System through 2018-10-22. SQL Injection exists in check_community.php via the parameter community.
CVSS Score
9.8
EPSS Score
0.021
Published
2020-05-16