Security Vulnerabilities - CVEs Published In June 2020
An exploitable path traversal vulnerability exists in the Zoom client, version 4.6.10 processes messages including animated GIFs. A specially crafted chat message can cause an arbitrary file write, which could potentially be abused to achieve arbitrary code execution. An attacker needs to send a specially crafted message to a target user or a group to exploit this vulnerability.
CVSS Score
8.5
EPSS Score
0.007
Published
2020-06-08
IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to server side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 182713.
CVSS Score
7.3
EPSS Score
0.001
Published
2020-06-08
A security misconfiguration vulnerability exists in the SDK of some Realtek ADSL/PON Modem SoC firmware, which allows attackers using a default password to execute arbitrary commands remotely via the build-in network monitoring tool.
CVSS Score
9.6
EPSS Score
0.004
Published
2020-06-08
SolarWinds Advanced Monitoring Agent before 10.8.9 allows local users to gain privileges via a Trojan horse .exe file, because everyone can write to a certain .exe file.
CVSS Score
7.3
EPSS Score
0.007
Published
2020-06-07
The Ignition component before 2.0.5 for Laravel mishandles globals, _get, _post, _cookie, and _env. NOTE: in the 1.x series, versions 1.16.15 and later are unaffected as a consequence of the CVE-2021-43996 fix.
CVSS Score
9.8
EPSS Score
0.004
Published
2020-06-07
Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfs_read_reply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds check.
CVSS Score
9.1
EPSS Score
0.004
Published
2020-06-07
FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c.
CVSS Score
5.5
EPSS Score
0.005
Published
2020-06-07
ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding.
CVSS Score
7.1
EPSS Score
0.003
Published
2020-06-07
HESK before 3.1.10 allows reflected XSS.
CVSS Score
6.1
EPSS Score
0.004
Published
2020-06-07
handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961 allows an attacker to download arbitrary files via the savefilepath field.
CVSS Score
7.5
EPSS Score
0.003
Published
2020-06-07