info[at]nsec.ir
(+۹۸)-۳۱-۳۳۹۱۵۳۳۶

آسیب‌پذیری‌های حیاتی هفته چهارم دی‌ماه

 

 

این هفته آسیب‌پذیری‌های زیادی با سطح خطر حیاتی در محصولات مهم مایکروسافت(ویندوز، اینترنت اکسپلورر، آفیس و ...) و اوراکل(MySQL، VirtualBox و ...) شناسایی شده است. از آسیب‌پذیری‌های محصولات پرکاربرد و محبوب دیگری که در این هفته منتشر شده‌اند می‌توان به آسیب‌پذیری‌های حیاتی محصولات Adobe، سرورهای HPE و روترهای Juniper اشاره کرد. همچنین در یکی از مهم‌ترین افزونه‌های سامانۀ مدیریت محتوای وردپرس به نام Database Reset، دو آسیب‌پذیری حیاتی و مهم برای دور زدن احراز اصالت وجود داشت.

 

‌آسیب‌پذیری محصولات پرکاربرد در هفتۀ چهارم دی‌ماه
نوع آسیب‌پذیری محصول آسیب‌پذیر شناسۀ آسیب‌پذیری

information disclosur

Adobe Experience Manager Expression Language Injection

CVE-2019-16469

information disclosure

Adobe Experience Manager User Interface Injection

CVE-2019-16468

cross site scripting

Adobe Experience Manager Reflected

CVE-2019-16467

CVE-2019-16466

memory corruption

Adobe Experience Manager arbitrary code execution

CVE-2020-3710

CVE-2020-3711

CVE-2020-3712

CVE-2020-3713

CVE-2020-3714

weak authentication

Apache Beam MongoDB Connector Certificate Verification

CVE-2020-1929

information disclosure

Apache Kafka Connect Cluster Plaintext

CVE-2019-12399

cross site scripting

Apache CXF Endpoint services

CVE-2019-17573

information disclosure

Apache CXF OpenId Connect JWK Keys Service Key

CVE-2019-12423

privilege escalation

Avast Premium Security Web Server

CVE-2019-18894

cross site scripting

Avast/AVG Secure Browser Video Downloader

CVE-2019-18893

Remote Code Execution

Bitbucket Server/Data Center Post-Receive Hook

CVE-2019-20097

Remote Code Execution

Bitbucket Server/Data Center Edit-File Request

CVE-2019-15012

Remote Code Execution

Bitbucket Server/Data Center Input Field

CVE-2019-15010

memory corruption

Broadcom brcmfmac WiFi Driver Frame Validation is_wlc_event_frame

CVE-2019-9503

memory corruption

Broadcom brcmfmac WiFi Driver Wake-up on Wireless LAN brcmf_wowl_nd_results

CVE-2019-9500

denial of service

ClamAV Antivirus MIME Parser

CVE-2019-15961

privilege escalation

Centreon Infrastructure Monitoring Software Perl cwrapper_perl

CVE-2019-20327

privilege escalation

Cerberus FTP Server Enterprise Edition

CVE-2020-5196

information disclosure

Cerberus FTP Server zip API Endpoint zip_name

CVE-2020-5194

cross site scripting

Cerberus FTP Server Public Folder Reflected

CVE-2020-5195

unknown vulnerability

Eclipse Memory Analyzer Heap Dump Parser Deserialization

CVE-2019-17635

cross site scripting

Eclipse Memory Analyzer HTML Report

CVE-2019-17634

memory corruption

Foxit PDF Reader Javascript Engine Use-After-Free

CVE-2019-5145

CVE-2019-5131

CVE-2019-5130

CVE-2019-5126

Remote Code Execution

Foxit PDF Reader Javascript Field Action Validate  Vulnerability

CVE-2019-5126

Arbitrary Code Execution

Foxit PDF Reader Javascript createTemplate Invalid Page

CVE-2019-5130

Remote Code Execution

Foxit PDF Reader JavaScript field keystroke action  vulnerability

CVE-2019-5145

Remote Code Execution

Foxit PDF Reader JavaScript field action OnBlur  vulnerability

CVE-2019-5131

Remote Code Execution

Geutebruck G-Code/G-Cam

CVE-2019-10958

privilege escalation

Geutebruck G-Code/G-Cam URL

CVE-2019-10956

Remote Code Execution

Geutebruck G-Code/G-Cam

CVE-2019-10957

information disclosure

GitLab Enterprise Edition Project Import

CVE-2020-6832

privilege escalation

GitLab Community Edition/Enterprise Edition Access Control

CVE-2020-5197

CVE-2019-20148

CVE-2019-20147

CVE-2019-20145

CVE-2019-20144

CVE-2019-20143

denial of service

GitLab Community Edition/Enterprise Edition Resource Exhaustion

CVE-2019-20146

denial of service

GitLab Community Edition/Enterprise Edition

CVE-2019-20142

privilege escalation

HashBrown CMS postUser

CVE-2020-6949

Remote Code Execution

HashBrown CMS GitDeployer.js Service.AppService.exec

CVE-2020-6948

privilege escalation

HPE Superdome Flex Server

CVE-2019-11998

cross site scripting

HPE enhanced Internet Usage Manager

CVE-2019-11997

cross site scripting

InAppBrowser Webview gap-iab URI

CVE-2019-0219

privilege escalation

Intelbras WRN240 Firmware Firmware.cfg

CVE-2019-19142

information disclosure

Intel DAAL Permission

CVE-2019-14629

information disclosure

Intel CPU Processor Graphics

CVE-2019-14615

privilege escalation

Intel VTune Amplifier Access Control

CVE-2019-14613

privilege escalation

Intel RWC 3 Permission

CVE-2019-14601

privilege escalation

Intel SNMP Subagent Stand-Alone Installer

CVE-2019-14600

denial of service

Intel Chipset Device Software INF Utility

CVE-2019-14596

Local File Inclusion

Juniper Junos Space

CVE-2020-1611

privilege escalation

Juniper Junos JDHCPD Command

CVE-2020-1609

denial of service

Juniper Junos Subscriber Management Crash

CVE-2020-1608

cross site scripting

Juniper Junos J-Web

CVE-2020-1607

directory traversal

Juniper Junos J-Web

CVE-2020-1606

privilege escalation

Juniper Junos JDHCPD Command

CVE-2020-1605

privilege escalation

Juniper Junos IP Firewall Filter

CVE-2020-1604

denial of service

Juniper Junos Routing Engine Memory Leak

CVE-2020-1603

Arbitrary Code Execution

Juniper Junos JDHCPD

CVE-2020-1602

denial of service

Juniper Junos pccd Crash

CVE-2020-1601

denial of service

Juniper Junos SNMP Loop

CVE-2020-1600

information disclosure

Linux Kernel Flow Dissector flow_dissector.c

CVE-2019-18282

memory corruption

Linux Kernel i915_gem_gtt.c i915_ppgtt_close

CVE-2020-7053

cross site scripting

Microsoft Dynamics 365 Field Service

CVE-2020-0656

privilege escalation

Microsoft Windows Memory Section

CVE-2020-0644

memory corruption

Microsoft Windows Win32k

CVE-2020-0642

privilege escalation

Microsoft Windows Media Service

CVE-2020-0641

privilege escalation

Microsoft Windows Update Notification Manager

CVE-2020-0638

privilege escalation

Microsoft Windows Subsystem for Linux

CVE-2020-0636

privilege escalation

Microsoft Windows Symbolic Link

CVE-2020-0635

memory corruption

Microsoft Windows Common Log File System Driver

CVE-2020-0634

memory corruption

Microsoft Windows Windows Search Indexer

CVE-2020-0633

CVE-2020-0632

CVE-2020-0631

CVE-2020-0630

CVE-2020-0629

CVE-2020-0628

CVE-2020-0627

CVE-2020-0626

CVE-2020-0625

CVE-2020-0614

CVE-2020-0613

memory corruption

Microsoft Windows Win32k

CVE-2020-0624

privilege escalation

Microsoft Windows Windows Search Indexer

CVE-2020-0623

weak authentication

Microsoft Windows Third Party Filter

CVE-2020-0621

privilege escalation

Microsoft Windows Cryptographic Services

CVE-2020-0620

denial of service

Microsoft Windows Hyper-V

CVE-2020-0617

denial of service

Microsoft Windows Remote Desktop Gateway

CVE-2020-0612

denial of service

Microsoft Windows Hard Link

CVE-2020-0616

privilege escalation

Microsoft Windows Remote Desktop

CVE-2020-0611

privilege escalation

Microsoft Windows Remote Desktop Gateway

CVE-2020-0610

CVE-2020-0609

information disclosure

Microsoft Windows GDI+

CVE-2020-0643

information disclosure

Microsoft Windows Common Log File System Driver

CVE-2020-0639

CVE-2020-0615

information disclosure

Microsoft Windows Remote Desktop Credentials

CVE-2020-0637

information disclosure

Microsoft Windows Graphics Component

CVE-2020-0622

information disclosure

Microsoft Windows Win32k

CVE-2020-0608

information disclosure

Microsoft Windows Graphics Component

CVE-2020-0607

spoofing

Microsoft Windows CryptoAPI Crypt32.dll

CVE-2020-0601

weak authentication

Microsoft Windows RDP Session Lockscreen

CVE-2019-9510

denial of service

Microsoft ASP.NET Core Web Request

CVE-2020-0602

memory corruption

Microsoft ASP.NET Core

CVE-2020-0603

memory corruption

Microsoft Internet Explorer

CVE-2020-0640

memory corruption

Microsoft Internet Explorer VBScript

CVE-2019-1485

privilege escalation

Microsoft .NET Framework

CVE-2020-0646

privilege escalation

Microsoft .NET Core/.NET Framework Source Markup File

CVE-2020-0606

CVE-2020-0605

weak authentication

Microsoft OneDrive Security Feature

CVE-2020-0654

memory corruption

Microsoft Office Excel

CVE-2020-0653

memory corruption

Microsoft Office

CVE-2020-0652

memory corruption

Microsoft Excel

CVE-2020-0651

memory corruption

Microsoft Excel

CVE-2020-0650

privilege escalation

Microsoft Office Online Server Cross-Origin

CVE-2020-0647

privilege escalation

Microsoft Edge Security Feature

CVE-2019-1413

memory corruption

Microsoft Edge/ChakraCore Scripting Engine

CVE-2019-1428

CVE-2019-1427

CVE-2019-1426

privilege escalation

Nucleus NET

CVE-2019-13939

memory corruption

mruby hash-ext.c hash_slice

CVE-2020-6840

denial of service

Oracle MySQL Server Optimizer

CVE-2020-2579

denial of service

Oracle MySQL Server Optimizer

CVE-2020-2686

denial of service

Oracle MySQL Server Parser

CVE-2020-2627

denial of service

Oracle MySQL Server InnoDB

CVE-2020-2577

CVE-2020-2589

denial of service

Oracle MySQL Server DDL

CVE-2020-2580

denial of service

Oracle MySQL Server DML

CVE-2020-2588

denial of service

Oracle MySQL Server Optimizer

CVE-2020-2660

denial of service

Oracle MySQL Server Optimizer

CVE-2020-2679

denial of service

Oracle Database Server Core RDBMS

CVE-2020-2511

unknown vulnerability

Oracle Database Server Core RDBMS

CVE-2020-2510

unknown vulnerability

Oracle Database Server Java VM

CVE-2020-2518

denial of service

Oracle Database Server Workload Manager

CVE-2019-10072

denial of service

Oracle Database Server Database Gateway for ODBC

CVE-2020-2512

denial of service

Oracle Database Server Database Gateway for ODBC

CVE-2020-2515

information disclosure

Oracle Secure Global Desktop

CVE-2019-1547

cross site scripting

Oracle Secure Global Desktop Web Server

CVE-2019-10092

information disclosure

Oracle VM VirtualBox

CVE-2020-2693

information disclosure

Oracle VM VirtualBox

CVE-2020-2727

cross site scripting

Oracle Secure Global Desktop

CVE-2019-17091

unknown vulnerability

Oracle VM VirtualBox

CVE-2020-2678

denial of service

Oracle VM VirtualBox

CVE-2020-2725

information disclosure

Oracle VM VirtualBox

CVE-2020-2705

CVE-2020-2704

CVE-2020-2692

CVE-2020-2691

CVE-2020-2690

CVE-2020-2689

CVE-2020-2681

 

denial of service

Oracle VM VirtualBox

CVE-2020-2703

unknown vulnerability

Oracle VM VirtualBox

CVE-2020-2726

CVE-2020-2702

CVE-2020-2701

CVE-2020-2698

unknown vulnerability

Oracle Secure Global Desktop Web Services

CVE-2019-0227

unknown vulnerability

Oracle VM VirtualBox

CVE-2020-2682

CVE-2020-2674

information disclosure

Oracle Utilities Framework Common

CVE-2014-3004

 

Oracle Utilities Mobile Workforce Management Next Gen Mobile Application

CVE-2019-11358

cross site scripting

Oracle Real-Time Scheduler Next Gen Mobile Application

CVE-2019-11358

privilege escalation

Oracle Utilities Work and Asset Management ‪(v1)‬

CVE-2016-1000031

unknown vulnerability

Oracle Demantra Demand Management Security

CVE-2020-2557

information disclosure

Oracle AutoVue Security

CVE-2019-10247

CVE-2020-2592

unknown vulnerability

Oracle Agile PLM Framework Web Services

CVE-2019-0227

denial of service

Oracle Agile PLM Security

CVE-2019-10072

CVE-2017-12626

unknown vulnerability

Oracle Agile Engineering Data Management Install

CVE-2019-0232

unknown vulnerability

Oracle Agile PLM MCAD Connector CAX Client

CVE-2016-6814

unknown vulnerability

Oracle VM Server for SPARC Templates

CVE-2020-2571

unknown vulnerability

Oracle Solaris SMB Server

CVE-2019-9579

unknown vulnerability

Oracle Solaris X Window System

CVE-2020-2656

unknown vulnerability

Oracle Solaris Filesystem

CVE-2020-2664

denial of service

Oracle Solaris Kernel

CVE-2020-2647

denial of service

Oracle Solaris Kernel

CVE-2020-2578

CVE-2020-2558

 

denial of service

Oracle Solaris Filesystem

CVE-2020-2680

cross site scripting

Oracle Tape Library ACSLS Software

CVE-2019-11358

denial of service

Oracle Solaris Filesystem

CVE-2020-2605

denial of service

Oracle Tape Library ACSLS Software

CVE-2018-15756

denial of service

Oracle Tape Library ACSLS Application Server

CVE-2019-2725

unknown vulnerability

Oracle Solaris Consolidation Infrastructure

CVE-2020-2565

unknown vulnerability

Oracle Solaris Common Desktop Environment

CVE-2020-2696

privilege escalation

Oracle Tape Library ACSLS Software

CVE-2016-1000031

privilege escalation

Oracle Tape Library ACSLS Application Server

CVE-2019-2729

information disclosure

Oracle Sun ZFS Storage Appliance Kit Operating System Image

CVE-2019-9636

information disclosure

Oracle Siebel UI Framework SWSE Server

CVE-2020-2560

information disclosure

Oracle Siebel UI Framework UIF Open UI

CVE-2020-2559

information disclosure

Oracle Siebel UI Framework EAI

CVE-2020-2564

unknown vulnerability

Oracle Siebel UI Framework EAI

CVE-2019-14379

unknown vulnerability

Oracle Siebel Engineering - Installer & Deployment Siebel Approval Manager

CVE-2019-14379

information disclosure

Oracle Internal Operations

CVE-2020-2649

unknown vulnerability

Oracle Security

CVE-2020-2567

information disclosure

Oracle Retail Predictive Application Server RPAS Fusion Client

CVE-2019-12415

information disclosure

Oracle Retail Predictive Application Server RPAS Fusion Client

CVE-2019-12415

information disclosure

Oracle Retail Clearance Optimization Engine General Application

CVE-2019-12415

cross site scripting

Oracle Retail Assortment Planning Application Core

CVE-2019-17091

unknown vulnerability

Oracle Internal Operations

CVE-2020-2648

unknown vulnerability

Oracle Promotions

CVE-2020-2650

unknown vulnerability

Oracle Retail Order Broker System Administration

CVE-2019-0227

unknown vulnerability

Oracle Retail Order Broker System Administration

CVE-2018-8039

memory corruption

Oracle Retail Markdown Optimization Common Component Integration

CVE-2016-1181

memory corruption

Oracle Retail Clearance Optimization Engine Dataset Component

CVE-2016-1181

unknown vulnerability

Oracle Retail Markdown Optimization Common Component Integration

CVE-2018-1258

unknown vulnerability

Oracle Retail Clearance Optimization Engine Dataset Component

CVE-2018-1258

unknown vulnerability

Oracle Retail Sales Audit Operational Insights

CVE-2019-2904

information disclosure

Redgate SQL Change Automation Plugin config.xml

CVE-2020-2095

denial of service

Red Hat Enterprise Linux Address Translation

CVE-2019-19339

privilege escalation

Siemens SCALANCE X-200RNA/SCALANCE X-300 Web Configuration Interface

CVE-2019-13933

privilege escalation

Siemens SINAMICS PERFECT HARMONY GH180

CVE-2019-19278

privilege escalation

Siemens SINEMA Server Session

CVE-2019-10940

cross site scripting

Symantec Endpoint Detection and Response Access Control

CVE-2019-19547

privilege escalation

SuSE Openstack Cloud keystone-json-assignment Package user-project-map.json

CVE-2019-3683

privilege escalation

SuSE CaaS Platform docker-kubic package

CVE-2019-3682

privilege escalation

TIA Portal

CVE-2019-10934

privilege escalation

VMware Tools

CVE-2020-3941

information disclosure

VMware Workspace ONE SDK

CVE-2020-3940

denial of service

Wireshark BT ATT Dissector packet-btatt.c

CVE-2020-7045

denial of service

Wireshark WASSP Dissector packet-wassp.c

CVE-2020-7044

privilege escalation

WordPress WP Database Reset

CVE-2020-7047

denial of service

WordPress WP Database Reset  

CVE-2020-7048

authorization bypass

WordPress InfiniteWP

-

authorization bypass

WordPress WP Time Capsule

-

cross site scripting

WordPress Ultimate FAQ Plugin DisplayFAQs.php

CVE-2020-7107

cross site scripting

WordPress LearnDash LMS Plugin Search

CVE-2020-7108

XSS

WordPress Chained-quiz

CVE-2020-7104

XSS

WordPress resima-ara unauthenticated

-

External Entity Access

Yet Another Java Service Wrapper JnlpSupport XML

CVE-2020-6958