CVE List - 2020 / January
Showing 1001 - 1100 of 1655 CVEs for January 2020 (Page 11 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2011-5282 | 2020-01-21 | mIRC prior to 7.22 has a message leak because chopping... |
| CVE-2012-5190 | 2020-01-21 | Prizm Content Connect 5.1 has an Arbitrary File Upload Vulnerability |
| CVE-2019-14765 | 2020-01-21 | Incorrect Access Control in AfficheExplorateurParam() in DIMO YellowBox CRM before... |
| CVE-2019-14766 | 2020-01-21 | Path Traversal in the file browser of DIMO YellowBox CRM... |
| CVE-2019-14767 | 2020-01-21 | In DIMO YellowBox CRM before 6.3.4, Path Traversal in images/Apparence... |
| CVE-2019-14768 | 2020-01-21 | An Arbitrary File Upload issue in the file browser of... |
| CVE-2019-3864 | 2020-01-21 | A vulnerability was discovered in all quay-2 versions before quay-3.0.0,... |
| CVE-2020-7211 | 2020-01-21 | tftp.c in libslirp 4.1.0, as used in QEMU 4.2.0, does... |
| CVE-2020-7229 | 2020-01-21 | An issue was discovered in Simplejobscript.com SJS before 1.65. There... |
| CVE-2020-7213 | 2020-01-21 | Parallels 13 uses cleartext HTTP as part of the update... |
| CVE-2020-6857 | 2020-01-21 | CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded... |
| CVE-2019-19392 | 2020-01-21 | The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly DotNetNuke) allows... |
| CVE-2015-2784 | 2020-01-21 | The papercrop gem before 0.3.0 for Ruby on Rails does... |
| CVE-2019-18932 | 2020-01-21 | log.c in Squid Analysis Report Generator (sarg) through 2.3.11 allows... |
| CVE-2020-5202 | 2020-01-21 | apt-cacher-ng through 3.3 allows local users to obtain sensitive information... |
| CVE-2019-19411 | 2020-01-21 | USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200... |
| CVE-2020-1840 | 2020-01-21 | HUAWEI Mate 20 smart phones with versions earlier than 10.0.0.175(C00E70R3P8)... |
| CVE-2014-2680 | 2020-01-21 | The update process in Xmind 3.4.1 and earlier allow remote... |
| CVE-2016-11018 | 2020-01-21 | An issue was discovered in the Huge-IT gallery-images plugin before... |
| CVE-2019-19592 | 2020-01-21 | Jama Connect 8.44.0 is vulnerable to stored Cross-Site Scripting |
| CVE-2020-6849 | 2020-01-21 | The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allows wp-admin/admin.php?page=marketo_fat CSRF... |
| CVE-2019-17357 | 2020-01-21 | Cacti through 1.2.7 is affected by a graphs.php?template_id= SQL injection... |
| CVE-2019-17584 | 2020-01-21 | The Meinberg SyncBox/PTP/PTPv2 devices have default SSH keys which allow... |
| CVE-2020-6638 | 2020-01-21 | Grin through 2.1.1 has Insufficient Validation. |
| CVE-2020-7040 | 2020-01-21 | storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname,... |
| CVE-2019-18426 | 2020-01-21 | A vulnerability in WhatsApp Desktop versions prior to 0.3.9309 when... |
| CVE-2020-7594 | 2020-01-21 | MultiTech Conduit MTCDT-LVW2-24XX 1.4.17-ocea-13592 devices allow remote authenticated administrators to... |
| CVE-2019-19886 | 2020-01-21 | Trustwave ModSecurity 3.0.0 through 3.0.3 allows an attacker to send... |
| CVE-2020-1788 | 2020-01-21 | Honor V30 smartphones with versions earlier than 10.0.1.135(C00E130R4P1) have an... |
| CVE-2019-20388 | 2020-01-21 | xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory... |
| CVE-2019-20387 | 2020-01-21 | repodata_schema2id in repodata.c in libsolv before 0.7.6 has a heap-based... |
| CVE-2020-7595 | 2020-01-21 | xmlStringLenDecodeEntities in parser.c in libxml2 2.9.10 has an infinite loop... |
| CVE-2019-19413 | 2020-01-21 | There is an integer overflow vulnerability in LDAP client of... |
| CVE-2019-19414 | 2020-01-21 | There is an integer overflow vulnerability in LDAP server of... |
| CVE-2019-20391 | 2020-01-22 | An invalid memory access flaw is present in libyang before... |
| CVE-2019-20392 | 2020-01-22 | An invalid memory access flaw is present in libyang before... |
| CVE-2019-20393 | 2020-01-22 | A double-free is present in libyang before v1.0-r1 in the... |
| CVE-2019-20394 | 2020-01-22 | A double-free is present in libyang before v1.0-r3 in the... |
| CVE-2019-20395 | 2020-01-22 | A stack consumption issue is present in libyang before v1.0-r1... |
| CVE-2019-20396 | 2020-01-22 | A segmentation fault is present in yyparse in libyang before... |
| CVE-2019-20397 | 2020-01-22 | A double-free is present in libyang before v1.0-r1 in the... |
| CVE-2019-20398 | 2020-01-22 | A NULL pointer dereference is present in libyang before v1.0-r3... |
| CVE-2018-17981 | 2020-01-22 | Lifesize Express ls ex2_4.7.10 2000 (14) devices allow XSS via... |
| CVE-2019-16791 | 2020-01-22 | downgrade of effective Strict Transport Security (STS) policy in postfix-mta-sts-resolver |
| CVE-2019-12490 | 2020-01-22 | An issue was discovered in Simple Machines Forum (SMF) before... |
| CVE-2011-4943 | 2020-01-22 | ImpressPages CMS v1.0.12 has Unspecified Remote Code Execution (fixed in... |
| CVE-2018-16266 | 2020-01-22 | The Enlightenment system service in Tizen allows an unprivileged process... |
| CVE-2018-16262 | 2020-01-22 | The pkgmgr system service in Tizen allows an unprivileged process... |
| CVE-2018-16263 | 2020-01-22 | The PulseAudio system service in Tizen allows an unprivileged process... |
| CVE-2018-16264 | 2020-01-22 | The BlueZ system service in Tizen allows an unprivileged process... |
| CVE-2018-16265 | 2020-01-22 | The bt/bt_core system service in Tizen allows an unprivileged process... |
| CVE-2018-16267 | 2020-01-22 | The system-popup system service in Tizen allows an unprivileged process... |
| CVE-2018-16268 | 2020-01-22 | The SoundServer/FocusServer system services in Tizen allow an unprivileged process... |
| CVE-2018-16269 | 2020-01-22 | The wnoti system service in Samsung Galaxy Gear series allows... |
| CVE-2018-16270 | 2020-01-22 | Samsung Galaxy Gear series before build RE2 includes the hcidump... |
| CVE-2018-16271 | 2020-01-22 | The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy... |
| CVE-2018-16272 | 2020-01-22 | The wpa_supplicant system service in Samsung Galaxy Gear series allows... |
| CVE-2019-10780 | 2020-01-22 | BibTeX-ruby before 5.1.0 allows shell command injection due to unsanitized... |
| CVE-2019-10781 | 2020-01-22 | In schema-inspector before 1.6.9, a maliciously crafted JavaScript object can... |
| CVE-2019-6858 | 2020-01-22 | A CWE-427:Uncontrolled Search Path Element vulnerability exists in MSX Configurator... |
| CVE-2020-7228 | 2020-01-22 | The Calculated Fields Form plugin through 1.0.353 for WordPress suffers... |
| CVE-2020-6959 | 2020-01-22 | The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS... |
| CVE-2020-6960 | 2020-01-22 | The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS... |
| CVE-2011-3582 | 2020-01-22 | A Cross-site Request Forgery (CSRF) vulnerability exists in Advanced Electron... |
| CVE-2011-3595 | 2020-01-22 | Multiple Cross-site Scripting (XSS) vulnerabilities exist in Joomla! through 1.7.0... |
| CVE-2011-3610 | 2020-01-22 | A Cross-site Scripting (XSS) vulnerability exists in the Serendipity freetag... |
| CVE-2011-3611 | 2020-01-22 | A File Inclusion vulnerability exists in act parameter to admin.php... |
| CVE-2020-7109 | 2020-01-22 | The Elementor Page Builder plugin before 2.8.4 for WordPress does... |
| CVE-2019-6146 | 2020-01-22 | It has been reported that cross-site scripting (XSS) is possible... |
| CVE-2011-3612 | 2020-01-22 | Cross-Site Request Forgery (CSRF) vulnerability exists in panel.php in UseBB... |
| CVE-2011-3613 | 2020-01-22 | An issue exists in Vanilla Forums before 2.0.17.9 due to... |
| CVE-2011-3614 | 2020-01-22 | An Access Control vulnerability exists in the Facebook, Twitter, and... |
| CVE-2011-3621 | 2020-01-22 | A reverse proxy issue exists in FluxBB before 1.4.7 when... |
| CVE-2019-5647 | 2020-01-22 | Rapid7 AppSpider Chrome Plugin Insufficient Session Expiration |
| CVE-2012-4919 | 2020-01-22 | Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability |
| CVE-2019-19834 | 2020-01-22 | Directory Traversal in ruckus_cli2 in Ruckus Wireless Unleashed through 200.7.10.102.64... |
| CVE-2019-19836 | 2020-01-22 | AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through 200.7.10.102.64 allows... |
| CVE-2019-16792 | 2020-01-22 | HTTP Request Smuggling: Content-Length Sent Twice in Waitress |
| CVE-2019-19843 | 2020-01-22 | Incorrect access control in the web interface in Ruckus Wireless... |
| CVE-2020-5221 | 2020-01-22 | Directory Traversal (Chroot Escape) vulnerability in uftpd |
| CVE-2016-4761 | 2020-01-22 | WebKitGTK+ before 2.14.0: A use-after-free vulnerability can allow remote attackers... |
| CVE-2011-3622 | 2020-01-22 | A Cross-Site Scripting (XSS) vulnerability exists in the admin login... |
| CVE-2019-19841 | 2020-01-22 | emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers... |
| CVE-2019-19842 | 2020-01-22 | emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers... |
| CVE-2019-19840 | 2020-01-22 | A stack-based buffer overflow in zap_parse_args in zap.c in zap... |
| CVE-2020-7915 | 2020-01-22 | An issue was discovered on Eaton 5P 850 devices. The... |
| CVE-2019-20399 | 2020-01-22 | A timing vulnerability in the Scalar::check_overflow function in Parity libsecp256k1-rs... |
| CVE-2019-14885 | 2020-01-23 | A flaw was found in the JBoss EAP Vault system... |
| CVE-2019-17201 | 2020-01-23 | FastTrack Admin By Request 6.1.0.0 supports group policies that are... |
| CVE-2019-17202 | 2020-01-23 | FastTrack Admin By Request 6.1.0.0 supports group policies that are... |
| CVE-2019-17570 | 2020-01-23 | An untrusted deserialization was found in the org.apache.xmlrpc.parser.XmlRpcResponseParser:addResult method of... |
| CVE-2019-18222 | 2020-01-23 | The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto... |
| CVE-2020-5223 | 2020-01-23 | Persistent XSS vulnerability in filename of attached file in PrivateBin |
| CVE-2020-5217 | 2020-01-23 | Directive injection when using dynamic overrides with user input in RubyGems secure_headers |
| CVE-2020-5216 | 2020-01-23 | Limited header injection when using dynamic overrides with user input in RubyGems secure_headers |
| CVE-2020-7210 | 2020-01-23 | Umbraco CMS 8.2.2 allows CSRF to enable/disable or delete user... |
| CVE-2019-19837 | 2020-01-23 | Incorrect access control in the web interface in Ruckus Wireless... |
| CVE-2019-19835 | 2020-01-23 | SSRF in AjaxRestrictedCmdStat in zap in Ruckus Wireless Unleashed through... |
| CVE-2020-6843 | 2020-01-23 | Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS. This... |
| CVE-2019-19838 | 2020-01-23 | emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers... |