CVE List - 2020 / January
Showing 401 - 500 of 1655 CVEs for January 2020 (Page 5 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-20374 | 2020-01-09 | A mutation cross-site scripting (XSS) issue in Typora through 0.9.9.31.2... |
| CVE-2019-20376 | 2020-01-10 | A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4... |
| CVE-2019-20375 | 2020-01-10 | A cross-site scripting (XSS) vulnerability in Electronic Logbook (ELOG) 3.1.4... |
| CVE-2014-5013 | 2020-01-10 | DOMPDF before 0.6.2 allows remote code execution, a related issue... |
| CVE-2014-5012 | 2020-01-10 | DOMPDF before 0.6.2 allows denial of service. |
| CVE-2014-5011 | 2020-01-10 | DOMPDF before 0.6.2 allows Information Disclosure. |
| CVE-2014-4984 | 2020-01-10 | Déjà Vu Crescendo Sales CRM has remote SQL Injection |
| CVE-2014-5081 | 2020-01-10 | sphider prior to 1.3.6, sphider-pro prior to 3.2, and sphider-plus... |
| CVE-2014-4982 | 2020-01-10 | LPAR2RRD ≤ 4.53 and ≤ 3.5 has arbitrary command injection... |
| CVE-2014-4530 | 2020-01-10 | flog plugin 0.1 for WordPress has XSS |
| CVE-2014-4561 | 2020-01-10 | The ultimate-weather plugin 1.0 for WordPress has XSS |
| CVE-2013-6231 | 2020-01-10 | SpagoBI before 4.1 has Privilege Escalation via an error in... |
| CVE-2013-7380 | 2020-01-10 | The Etherpad Lite ep_imageconvert Plugin has a Remote Command Injection... |
| CVE-2011-4595 | 2020-01-10 | Pretty-Link WordPress plugin 1.5.2 has XSS |
| CVE-2013-6430 | 2020-01-10 | The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring... |
| CVE-2014-5092 | 2020-01-10 | Status2k allows Remote Command Execution in admin/options/editpl.php. |
| CVE-2014-5093 | 2020-01-10 | Status2k does not remove the install directory allowing credential reset. |
| CVE-2020-1765 | 2020-01-10 | Spoofing of From field in several screens |
| CVE-2020-1766 | 2020-01-10 | Improper handling of uploaded inline images |
| CVE-2020-1767 | 2020-01-10 | Possible to send drafted messages as wrong agent |
| CVE-2019-4508 | 2020-01-10 | IBM QRadar SIEM 7.3.0 through 7.3.3 uses weak credential storage... |
| CVE-2019-4559 | 2020-01-10 | IBM QRadar SIEM 7.3.0 through 7.3.3 discloses sensitive information to... |
| CVE-2020-6162 | 2020-01-10 | An issue was discovered in Bftpd 5.3. Under certain circumstances,... |
| CVE-2012-3822 | 2020-01-10 | Arial Campaign Enterprise before 11.0.551 has unauthorized access to the... |
| CVE-2012-3823 | 2020-01-10 | Arial Campaign Enterprise before 11.0.551 stores passwords in clear text... |
| CVE-2012-3824 | 2020-01-10 | In Arial Campaign Enterprise before 11.0.551, multiple pages are accessible... |
| CVE-2012-4030 | 2020-01-10 | Chamilo before 1.8.8.6 does not adequately handle user supplied input... |
| CVE-2019-18194 | 2020-01-10 | TotalAV 2020 4.14.31 has a quarantine flaw that allows privilege... |
| CVE-2019-14304 | 2020-01-10 | Ricoh SP C250DN 1.06 devices allow CSRF. |
| CVE-2019-14306 | 2020-01-10 | Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue... |
| CVE-2019-14302 | 2020-01-10 | On Ricoh SP C250DN 1.06 devices, a debug port can... |
| CVE-2019-14301 | 2020-01-10 | Ricoh SP C250DN 1.06 devices have Incorrect Access Control (issue... |
| CVE-2011-5020 | 2020-01-10 | An SQL Injection vulnerability exists in the ID parameter in... |
| CVE-2019-18588 | 2020-01-10 | Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell... |
| CVE-2012-4284 | 2020-01-10 | A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac... |
| CVE-2012-3821 | 2020-01-10 | A Security Bypass vulnerability exists in the activate.asp page in... |
| CVE-2012-4603 | 2020-01-10 | Citrix XenApp Online Plug-in for Windows 12.1 and earlier, and... |
| CVE-2020-6835 | 2020-01-10 | An issue was discovered in Bftpd before 5.4. There is... |
| CVE-2019-13767 | 2020-01-10 | Use after free in media picker in Google Chrome prior... |
| CVE-2020-6377 | 2020-01-10 | Use after free in audio in Google Chrome prior to... |
| CVE-2019-19475 | 2020-01-10 | An issue was discovered in ManageEngine Applications Manager 14 with... |
| CVE-2020-6836 | 2020-01-11 | grammar-parser.jison in the hot-formula-parser package before 3.0.1 for Node.js is... |
| CVE-2020-6840 | 2020-01-11 | In mruby 2.1.0, there is a use-after-free in hash_slice in... |
| CVE-2020-6839 | 2020-01-11 | In mruby 2.1.0, there is a stack-based buffer overflow in... |
| CVE-2020-6838 | 2020-01-11 | In mruby 2.1.0, there is a use-after-free in hash_values_at in... |
| CVE-2019-20379 | 2020-01-11 | ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via... |
| CVE-2019-20378 | 2020-01-11 | ganglia-web (aka Ganglia Web Frontend) through 3.7.5 allows XSS via... |
| CVE-2019-20377 | 2020-01-11 | TopList before 2019-09-03 allows XSS via a title. |
| CVE-2020-6847 | 2020-01-11 | OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is... |
| CVE-2020-6848 | 2020-01-13 | Axper Vision II 4 devices allow XSS via the DEVICE_NAME... |
| CVE-2020-6851 | 2020-01-13 | OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor... |
| CVE-2020-6860 | 2020-01-13 | libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in... |
| CVE-2014-6059 | 2020-01-13 | WordPress Advanced Access Manager Plugin before 2.8.2 has an Arbitrary... |
| CVE-2014-6038 | 2020-01-13 | Zoho ManageEngine EventLog Analyzer versions 7 through 9.9 build 9002... |
| CVE-2014-6039 | 2020-01-13 | ManageEngine EventLog Analyzer version 7 through 9.9 build 9002 has... |
| CVE-2014-5380 | 2020-01-13 | Grand MA 300 allows retrieval of the access PIN from... |
| CVE-2014-5381 | 2020-01-13 | Grand MA 300 allows a brute-force attack on the PIN. |
| CVE-2013-6225 | 2020-01-13 | LiveZilla 5.0.1.4 has a Remote Code Execution vulnerability |
| CVE-2011-2670 | 2020-01-13 | Mozilla Firefox before 3.6 is vulnerable to XSS via the... |
| CVE-2014-9382 | 2020-01-13 | Freebox OS Web interface 3.0.2 has CSRF which can allow... |
| CVE-2019-19547 | 2020-01-13 | Symantec Endpoint Detection and Response (SEDR), prior to 4.3.0, may... |
| CVE-2019-18893 | 2020-01-13 | XSS in the Video Downloader component before 1.5 of Avast... |
| CVE-2019-18894 | 2020-01-13 | In Avast Premium Security 19.8.2393, attackers can send a specially... |
| CVE-2020-6859 | 2020-01-13 | Multiple Insecure Direct Object Reference vulnerabilities in includes/core/class-files.php in the... |
| CVE-2019-20209 | 2020-01-13 | The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook... |
| CVE-2019-20210 | 2020-01-13 | The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook... |
| CVE-2020-5195 | 2020-01-13 | Reflected XSS through an IMG element in Cerberus FTP Server... |
| CVE-2019-20211 | 2020-01-13 | The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook... |
| CVE-2019-19891 | 2020-01-13 | An encryption key vulnerability on Mitel SIP-DECT wireless devices 8.0... |
| CVE-2019-20212 | 2020-01-13 | The CTHthemes CityBook before 2.3.4, TownHub before 1.0.6, and EasyBook... |
| CVE-2020-5390 | 2020-01-13 | PySAML2 before 5.0.0 does not check that the signature in... |
| CVE-2019-19728 | 2020-01-13 | SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 executes srun... |
| CVE-2019-19727 | 2020-01-13 | SchedMD Slurm before 18.08.9 and 19.x before 19.05.5 has weak... |
| CVE-2012-4767 | 2020-01-13 | An issue exists in Safend Data Protector Agent 3.4.5586.9772 in... |
| CVE-2020-6949 | 2020-01-13 | A privilege escalation issue was discovered in the postUser function... |
| CVE-2020-6948 | 2020-01-13 | A remote code execution issue was discovered in HashBrown CMS... |
| CVE-2012-4760 | 2020-01-13 | A Privilege Escalation vulnerability exists in the SDBagent service in... |
| CVE-2012-4761 | 2020-01-13 | A Privilege Escalation vulnerability exists in the unquoted Service Binary... |
| CVE-2012-4750 | 2020-01-13 | A Code Execution vulnerability exists in the memcpy function when... |
| CVE-2020-6832 | 2020-01-13 | An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0... |
| CVE-2020-5197 | 2020-01-13 | An issue was discovered in GitLab Community Edition (CE) and... |
| CVE-2019-20148 | 2020-01-13 | An issue was discovered in GitLab Community Edition (CE) and... |
| CVE-2019-20147 | 2020-01-13 | An issue was discovered in GitLab Community Edition (CE) and... |
| CVE-2019-20146 | 2020-01-13 | An issue was discovered in GitLab Community Edition (CE) and... |
| CVE-2019-20145 | 2020-01-13 | An issue was discovered in GitLab Community Edition (CE) and... |
| CVE-2019-20144 | 2020-01-13 | An issue was discovered in GitLab Community Edition (CE) and... |
| CVE-2019-20143 | 2020-01-13 | An issue was discovered in GitLab Community Edition (CE) and... |
| CVE-2019-20142 | 2020-01-13 | An issue was discovered in GitLab Community Edition (CE) and... |
| CVE-2019-19680 | 2020-01-13 | A file-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS /... |
| CVE-2020-6955 | 2020-01-13 | An issue was discovered on Cayin SMP-PRO4 devices. They allow... |
| CVE-2020-6954 | 2020-01-13 | An issue was discovered on Cayin SMP-PRO4 devices. A user... |
| CVE-2020-6958 | 2020-01-13 | An XXE vulnerability in JnlpSupport in Yet Another Java Service... |
| CVE-2020-5196 | 2020-01-14 | Cerberus FTP Server Enterprise Edition prior to versions 11.0.3 and... |
| CVE-2020-5194 | 2020-01-14 | The zip API endpoint in Cerberus FTP Server 8 allows... |
| CVE-2014-9211 | 2020-01-14 | ClickDesk version 4.3 and below has persistent cross site scripting |
| CVE-2019-0219 | 2020-01-14 | A website running in the InAppBrowser webview on Android could... |
| CVE-2013-2773 | 2020-01-14 | Nitro PDF 8.5.0.26: A specially crafted DLL file can facilitate... |
| CVE-2019-12399 | 2020-01-14 | When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1,... |
| CVE-2013-7185 | 2020-01-14 | PotPlayer 1.5.40688: .avi File Memory Corruption |
| CVE-2020-5851 | 2020-01-14 | On impacted versions and platforms the Trusted Platform Module (TPM)... |