CVE List - 2020 / January
Showing 1 - 100 of 1655 CVEs for January 2020 (Page 1 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-5179 | 2020-01-01 | Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to... |
| CVE-2019-20203 | 2020-01-01 | The Authorized Addresses feature in the Postie plugin 1.9.40 for... |
| CVE-2019-20204 | 2020-01-01 | The Postie plugin 1.9.40 for WordPress allows XSS, as demonstrated... |
| CVE-2019-20205 | 2020-01-01 | libsixel 1.8.4 has an integer overflow in sixel_frame_resize in frame.c. |
| CVE-2019-20208 | 2020-01-01 | dimC_Read in isomedia/box_code_3gpp.c in GPAC from 0.5.2 to 0.8.0 has... |
| CVE-2016-1000027 | 2020-01-02 | Pivotal Spring Framework through 5.3.16 suffers from a potential remote... |
| CVE-2019-20213 | 2020-01-02 | D-Link DIR-859 routers before v1.07b03_beta allow Unauthenticated Information Disclosure via... |
| CVE-2019-20218 | 2020-01-02 | selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack... |
| CVE-2019-20223 | 2020-01-02 | In Support Incident Tracker (SiT!) 3.67, the id parameter is... |
| CVE-2019-20222 | 2020-01-02 | In Support Incident Tracker (SiT!) 3.67, the Short Application Name... |
| CVE-2019-20221 | 2020-01-02 | In Support Incident Tracker (SiT!) 3.67, Load Plugins input in... |
| CVE-2019-20220 | 2020-01-02 | In Support Incident Tracker (SiT!) 3.67, the search_id parameter in... |
| CVE-2019-20225 | 2020-01-02 | MyBB before 1.8.22 allows an open redirect on login. |
| CVE-2019-20219 | 2020-01-02 | ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor in... |
| CVE-2019-14859 | 2020-01-02 | A flaw was found in all python-ecdsa versions before 0.13.3,... |
| CVE-2019-14862 | 2020-01-02 | There is a vulnerability in knockout before version 3.5.0-beta, where... |
| CVE-2019-14863 | 2020-01-02 | There is a vulnerability in all angular versions before 1.5.0-beta.0,... |
| CVE-2019-14864 | 2020-01-02 | Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible... |
| CVE-2019-10158 | 2020-01-02 | A flaw was found in Infinispan through version 9.4.14.Final. An... |
| CVE-2013-3936 | 2020-01-02 | Multiple cross-site scripting (XSS) vulnerabilities in Opsview before 4.4.1 and... |
| CVE-2013-3935 | 2020-01-02 | Cross-site request forgery (CSRF) vulnerability in Opsview before 4.4.1 and... |
| CVE-2019-10775 | 2020-01-02 | ecstatic have a denial of service vulnerability. Successful exploitation could... |
| CVE-2013-4532 | 2020-01-02 | Qemu 1.1.2+dfsg to 2.1+dfsg suffers from a buffer overrun which... |
| CVE-2013-4752 | 2020-01-02 | Symfony 2.0.X before 2.0.24, 2.1.X before 2.1.12, 2.2.X before 2.2.5,... |
| CVE-2014-0048 | 2020-01-02 | An issue was found in Docker before 1.6.0. Some programs... |
| CVE-2019-10205 | 2020-01-02 | A flaw was found in the way Red Hat Quay... |
| CVE-2014-0104 | 2020-01-02 | In fence-agents before 4.0.17 does not verify remote SSL certificates... |
| CVE-2014-0161 | 2020-01-02 | ovirt-engine-sdk-python before 3.4.0.7 and 3.5.0.4 does not verify that the... |
| CVE-2013-3619 | 2020-01-02 | Intelligent Platform Management Interface (IPMI) with firmware for Supermicro X9... |
| CVE-2013-3620 | 2020-01-02 | Hardcoded WSMan credentials in Intelligent Platform Management Interface (IPMI) with... |
| CVE-2013-7485 | 2020-01-02 | Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX)... |
| CVE-2013-7486 | 2020-01-02 | Cross-site scripting (XSS) vulnerability in the backend in Open-Xchange (OX)... |
| CVE-2013-6242 | 2020-01-02 | Cross-site scripting (XSS) vulnerability in the frontend in Open-Xchange (OX)... |
| CVE-2013-7062 | 2020-01-02 | Multiple cross-site scripting (XSS) vulnerabilities in Zope, as used in... |
| CVE-2014-4553 | 2020-01-02 | Cross-site Scripting (XSS) in the spreadshirt-rss-3d-cube-flash-gallery plugin 2014 for WordPress... |
| CVE-2010-3782 | 2020-01-02 | obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to... |
| CVE-2013-3946 | 2020-01-02 | Heap-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37... |
| CVE-2013-3945 | 2020-01-02 | The MrSID plugin (MrSID.dll) before 4.37 for IrfanView allows remote... |
| CVE-2013-3944 | 2020-01-02 | Stack-based buffer overflow in the MrSID plugin (MrSID.dll) before 4.37... |
| CVE-2014-0169 | 2020-01-02 | In JBoss EAP 6 a security domain is configured to... |
| CVE-2013-3941 | 2020-01-02 | Xjp2.dll in XnView before 2.13 allows remote attackers to execute... |
| CVE-2013-3939 | 2020-01-02 | xnview.exe in XnView before 2.13 does not properly handle RLE... |
| CVE-2013-3937 | 2020-01-02 | Heap-based buffer overflow in xnview.exe in XnView before 2.13 allows... |
| CVE-2014-0183 | 2020-01-02 | Versions of Katello as shipped with Red Hat Subscription Asset... |
| CVE-2013-3931 | 2020-01-02 | Cross-site scripting (XSS) vulnerability in the Jomres (com_jomres) component before... |
| CVE-2013-3932 | 2020-01-02 | SQL injection vulnerability in the Jomres (com_jomres) component before 7.3.1... |
| CVE-2014-0011 | 2020-01-02 | Multiple heap-based buffer overflows in the ZRLE_DECODE function in common/rfb/zrleDecode.h... |
| CVE-2013-3247 | 2020-01-02 | Heap-based buffer overflow in xnview.exe in XnView before 2.03 allows... |
| CVE-2013-3246 | 2020-01-02 | Stack-based buffer overflow in xnview.exe in XnView before 2.03 allows... |
| CVE-2013-7351 | 2020-01-02 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in Shaarli allow... |
| CVE-2014-0245 | 2020-01-02 | It was found that the implementation of the GTNSubjectCreatingInterceptor class... |
| CVE-2014-3590 | 2020-01-02 | Versions of Foreman as shipped with Red Hat Satellite 6... |
| CVE-2013-0737 | 2020-01-02 | Cross-site scripting (XSS) vulnerability in BoltWire 3.5 and earlier allows... |
| CVE-2013-1642 | 2020-01-02 | Multiple cross-site scripting (XSS) vulnerabilities in QuiXplorer before 2.5.5 allow... |
| CVE-2013-1420 | 2020-01-02 | Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.2.1... |
| CVE-2014-6275 | 2020-01-02 | FusionForge before 5.3.2 use scripts that run under the shared... |
| CVE-2014-8182 | 2020-01-02 | An off-by-one error leading to a crash was discovered in... |
| CVE-2019-20329 | 2020-01-02 | OpenLambda 2019-09-10 allows DNS rebinding attacks against the OL server... |
| CVE-2020-5395 | 2020-01-03 | FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c. |
| CVE-2020-5496 | 2020-01-03 | FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines()... |
| CVE-2020-5313 | 2020-01-03 | libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. |
| CVE-2020-5312 | 2020-01-03 | libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode... |
| CVE-2020-5311 | 2020-01-03 | libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow. |
| CVE-2020-5310 | 2020-01-03 | libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer... |
| CVE-2019-20330 | 2020-01-03 | FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking. |
| CVE-2019-19441 | 2020-01-03 | HUAWEI P30 smart phones with versions earlier than 10.0.0.166(C00E66R1P11) have... |
| CVE-2020-1871 | 2020-01-03 | USG9500 with software of V500R001C30SPC100; V500R001C30SPC200; V500R001C30SPC600; V500R001C60SPC500; V500R005C00SPC100; V500R005C00SPC200... |
| CVE-2019-5304 | 2020-01-03 | Some Huawei products have a buffer error vulnerability. An unauthenticated,... |
| CVE-2020-1785 | 2020-01-03 | Mate 10 Pro;Honor V10;Honor 10;Nova 4 smartphones have a denial... |
| CVE-2019-19311 | 2020-01-03 | GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6 allows XSS... |
| CVE-2019-19086 | 2020-01-03 | Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue... |
| CVE-2019-19087 | 2020-01-03 | Gitlab Enterprise Edition (EE) before 12.5.1 has Insecure Permissions (issue... |
| CVE-2019-19088 | 2020-01-03 | Gitlab Enterprise Edition (EE) 11.3 through 12.4.2 allows Directory Traversal. |
| CVE-2019-19254 | 2020-01-03 | GitLab Community Edition (CE) and Enterprise Edition (EE). 9.6 and... |
| CVE-2012-4451 | 2020-01-03 | Multiple cross-site scripting (XSS) vulnerabilities in Zend Framework 2.0.x before... |
| CVE-2019-19255 | 2020-01-03 | GitLab Enterprise Edition (EE) 12.3 and later through 12.5 has... |
| CVE-2019-19256 | 2020-01-03 | GitLab Enterprise Edition (EE) 12.2 and later through 12.5 has... |
| CVE-2019-19257 | 2020-01-03 | GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5... |
| CVE-2019-19258 | 2020-01-03 | GitLab Enterprise Edition (EE) 10.8 and later through 12.5 has... |
| CVE-2019-19259 | 2020-01-03 | GitLab Enterprise Edition (EE) 11.3 and later through 12.5 allows... |
| CVE-2019-19260 | 2020-01-03 | GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5... |
| CVE-2019-19261 | 2020-01-03 | GitLab Enterprise Edition (EE) 6.7 and later through 12.5 allows... |
| CVE-2019-19262 | 2020-01-03 | GitLab Enterprise Edition (EE) 11.9 and later through 12.5 has... |
| CVE-2019-19263 | 2020-01-03 | GitLab Enterprise Edition (EE) 8.2 and later through 12.5 has... |
| CVE-2019-19309 | 2020-01-03 | GitLab Enterprise Edition (EE) 8.90 and later through 12.5 has... |
| CVE-2019-19310 | 2020-01-03 | GitLab Enterprise Edition (EE) 9.0 and later through 12.5 allows... |
| CVE-2019-5063 | 2020-01-03 | An exploitable heap buffer overflow vulnerability exists in the data... |
| CVE-2019-5064 | 2020-01-03 | An exploitable heap buffer overflow vulnerability exists in the data... |
| CVE-2019-11993 | 2020-01-03 | A security vulnerability has been identified in HPE SimpliVity 380... |
| CVE-2019-11994 | 2020-01-03 | A security vulnerability has been identified in HPE SimpliVity 380... |
| CVE-2012-5693 | 2020-01-03 | Bulb Security Smartphone Pentest Framework (SPF) before 0.1.3 allows remote... |
| CVE-2012-5878 | 2020-01-03 | Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allows... |
| CVE-2014-4196 | 2020-01-03 | Cross-site scripting (XSS) vulnerability in bsi.dll in Bank Soft Systems... |
| CVE-2014-10398 | 2020-01-03 | Multiple cross-site scripting (XSS) vulnerabilities in bsi.dll in Bank Soft... |
| CVE-2014-5140 | 2020-01-03 | The bindReplace function in the query factory in includes/classes/database.php in... |
| CVE-2014-5516 | 2020-01-03 | Cross-site request forgery (CSRF) vulnerability in the Storefront Application in... |
| CVE-2014-8337 | 2020-01-03 | Unrestricted file upload vulnerability in includes/classes/uploadify-v2.1.4/uploadify.php in HelpDEZk 1.0.1 and... |
| CVE-2014-8516 | 2020-01-03 | Unrestricted file upload vulnerability in Visual Mining NetCharts Server allows... |
| CVE-2019-19959 | 2020-01-03 | ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO... |
| CVE-2019-9537 | 2020-01-03 | Telos Automated Message Handling System reflected XSS in uploaditem.asp |