CVE List - 2020 / January
Showing 1401 - 1500 of 1655 CVEs for January 2020 (Page 15 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-15590 | 2020-01-28 | An access control issue exists in < 12.3.5, < 12.2.8,... |
| CVE-2019-15582 | 2020-01-28 | An IDOR was discovered in < 12.3.2, < 12.2.6, and... |
| CVE-2019-5466 | 2020-01-28 | An IDOR was discovered in GitLab CE/EE 11.5 and later... |
| CVE-2019-15581 | 2020-01-28 | An IDOR exists in < 12.3.2, < 12.2.6, and <... |
| CVE-2019-5468 | 2020-01-28 | An privilege escalation issue was discovered in Gitlab versions <... |
| CVE-2019-15579 | 2020-01-28 | An information disclosure exists in < 12.3.2, < 12.2.6, and... |
| CVE-2019-15578 | 2020-01-28 | An information disclosure exists in < 12.3.2, < 12.2.6, and... |
| CVE-2019-5470 | 2020-01-28 | An information disclosure issue was discovered GitLab versions < 12.1.2,... |
| CVE-2019-5472 | 2020-01-28 | An authorization issue was discovered in Gitlab versions < 12.1.2,... |
| CVE-2020-7997 | 2020-01-28 | ASUS WRT-AC66U 3 RT 3.0.0.4.372_67 devices allow XSS via the... |
| CVE-2020-7998 | 2020-01-28 | An arbitrary file upload vulnerability has been discovered in the... |
| CVE-2020-5523 | 2020-01-28 | Android App 'MyPallete' and some of the Android banking applications... |
| CVE-2020-7799 | 2020-01-28 | An issue was discovered in FusionAuth before 1.11.0. An authenticated... |
| CVE-2020-7934 | 2020-01-28 | In LifeRay Portal CE 7.1.0 through 7.2.1 GA2, the First... |
| CVE-2019-17096 | 2020-01-28 | Bitdefender BOX 2 bootstrap get_image_size command injection vulnerability |
| CVE-2014-3445 | 2020-01-28 | backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require... |
| CVE-2014-2581 | 2020-01-28 | Smb4K before 1.1.1 allows remote attackers to obtain credentials via... |
| CVE-2013-1437 | 2020-01-28 | Eval injection vulnerability in the Module-Metadata module before 1.000015 for... |
| CVE-2013-1895 | 2020-01-28 | The py-bcrypt module before 0.3 for Python does not properly... |
| CVE-2012-6114 | 2020-01-28 | The git-changelog utility in git-extras 1.7.0 allows local users to... |
| CVE-2013-2571 | 2020-01-28 | Iris 3.8 before build 1548, as used in Xpient point... |
| CVE-2013-6455 | 2020-01-28 | The CentralAuth extension for MediaWiki before 1.19.10, 1.2x before 1.21.4,... |
| CVE-2013-6451 | 2020-01-28 | Cross-site scripting (XSS) vulnerability in MediaWiki 1.19.9 before 1.19.10, 1.2x... |
| CVE-2014-3230 | 2020-01-28 | The libwww-perl LWP::Protocol::https module 6.04 through 6.06 for Perl, when... |
| CVE-2013-4583 | 2020-01-28 | The parse_cmd function in lib/gitlab_shell.rb in GitLab 5.0 before 5.4.2,... |
| CVE-2013-4582 | 2020-01-28 | The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project... |
| CVE-2014-2914 | 2020-01-28 | fish (aka fish-shell) 2.0.0 before 2.1.1 does not restrict access... |
| CVE-2014-3856 | 2020-01-28 | The funced function in fish (aka fish-shell) 1.23.0 before 2.1.1... |
| CVE-2014-2906 | 2020-01-28 | The psub function in fish (aka fish-shell) 1.16.0 before 2.1.1... |
| CVE-2014-2896 | 2020-01-28 | The DoAlert function in the (1) TLS and (2) DTLS... |
| CVE-2014-2897 | 2020-01-28 | The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before... |
| CVE-2014-2898 | 2020-01-28 | wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified... |
| CVE-2013-0294 | 2020-01-28 | packet.py in pyrad before 2.1 uses weak random numbers to... |
| CVE-2013-2060 | 2020-01-28 | The download_from_url function in OpenShift Origin allows remote attackers to... |
| CVE-2013-4865 | 2020-01-28 | Cross-site request forgery (CSRF) vulnerability in upgrade_step2.sh in MiCasaVerde VeraLite... |
| CVE-2013-4864 | 2020-01-28 | MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to send... |
| CVE-2013-4863 | 2020-01-28 | The HomeAutomationGateway service in MiCasaVerde VeraLite with firmware 1.5.408 allows... |
| CVE-2013-4862 | 2020-01-28 | MiCasaVerde VeraLite with firmware 1.5.408 does not properly restrict access,... |
| CVE-2013-4861 | 2020-01-28 | Directory traversal vulnerability in cgi-bin/cmh/get_file.sh in MiCasaVerde VeraLite with firmware... |
| CVE-2020-8086 | 2020-01-28 | The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody... |
| CVE-2012-6610 | 2020-01-28 | Polycom HDX Video End Points before 3.0.4 and UC APL... |
| CVE-2012-6609 | 2020-01-28 | Directory traversal vulnerability in a_getlog.cgi in Polycom HDX Video End... |
| CVE-2015-7851 | 2020-01-28 | Directory traversal vulnerability in the save_config function in ntpd in... |
| CVE-2020-1940 | 2020-01-28 | The optional initial password change and password expiration features present... |
| CVE-2020-8112 | 2020-01-28 | opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a... |
| CVE-2020-5210 | 2020-01-28 | NetHack command line -w option parsing is subject to a buffer overflow |
| CVE-2020-5209 | 2020-01-28 | NetHack command line parsing of options starting with -de and -i is subject to a buffer overflow |
| CVE-2020-5214 | 2020-01-28 | NetHack error recovery after syntax error in configuration file is subject to a buffer overflow |
| CVE-2020-5213 | 2020-01-28 | NetHack SYMBOL configuration file option is subject to a buffer overflow |
| CVE-2020-5212 | 2020-01-28 | NetHack MENUCOLOR configuration file option is subject to a buffer overflow |
| CVE-2020-5211 | 2020-01-28 | NetHack AUTOCOMPLETE configuration file option is subject to a buffer overflow |
| CVE-2019-17338 | 2020-01-28 | TIBCO Patterns - Search Exposes Cross Site Scripting Vulnerabilities |
| CVE-2015-8012 | 2020-01-28 | lldpd before 0.8.0 allows remote attackers to cause a denial... |
| CVE-2015-8011 | 2020-01-28 | Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd... |
| CVE-2019-4568 | 2020-01-28 | IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS... |
| CVE-2019-4614 | 2020-01-28 | IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS... |
| CVE-2019-4620 | 2020-01-28 | IBM MQ Appliance 8.0 and 9.0 LTS could allow a... |
| CVE-2019-4631 | 2020-01-28 | IBM Security Secret Server 10.7 could allow a remote attacker... |
| CVE-2019-4632 | 2020-01-28 | IBM Security Secret Server 10.7 is vulnerable to cross-site scripting.... |
| CVE-2019-4633 | 2020-01-28 | IBM Security Secret Server 10.7 could allow an attacker to... |
| CVE-2019-4635 | 2020-01-28 | IBM Security Secret Server 10.7 could allow a privileged user... |
| CVE-2019-4636 | 2020-01-28 | IBM Security Secret Server 10.7 could disclose sensitive information to... |
| CVE-2019-4637 | 2020-01-28 | IBM Security Secret Server 10.7 uses incomplete blacklisting for input... |
| CVE-2019-4638 | 2020-01-28 | IBM Security Secret Server 10.7 does not set the secure... |
| CVE-2019-4639 | 2020-01-28 | IBM Security Secret Server 10.7 uses weaker than expected cryptographic... |
| CVE-2019-4679 | 2020-01-28 | IBM Content Navigator 3.0CD could allow an authenticated user to... |
| CVE-2019-4707 | 2020-01-28 | IBM Security Access Manager Appliance 9.0.7.0 is vulnerable to an... |
| CVE-2020-4207 | 2020-01-28 | IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2... |
| CVE-2020-8315 | 2020-01-28 | In Python (CPython) 3.6 through 3.6.10, 3.7 through 3.7.6, and... |
| CVE-2015-5483 | 2020-01-28 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Private Only... |
| CVE-2014-8490 | 2020-01-28 | Cross-site scripting (XSS) vulnerability in TennisConnect COMPONENTS 9.927 allows remote... |
| CVE-2013-2714 | 2020-01-28 | Cross-site Scripting (XSS) in WordPress podPress Plugin 8.8.10.13 could allow... |
| CVE-2013-2748 | 2020-01-28 | Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to... |
| CVE-2013-1599 | 2020-01-28 | A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in... |
| CVE-2013-2764 | 2020-01-28 | Secure Entry Server before 4.7.0 contains a URI Redirection vulnerability... |
| CVE-2013-3071 | 2020-01-28 | NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass. |
| CVE-2013-3074 | 2020-01-28 | NetGear WNDR4700 Media Server devices with firmware 1.0.0.34 allow remote... |
| CVE-2013-3093 | 2020-01-28 | ASUS RT-N56U devices allow CSRF. |
| CVE-2013-1600 | 2020-01-28 | An Authentication Bypass vulnerability exists in upnp/asf-mp4.asf when streaming live... |
| CVE-2020-8417 | 2020-01-28 | The Code Snippets plugin before 2.14.0 for WordPress allows CSRF... |
| CVE-2013-3212 | 2020-01-28 | vtiger CRM 5.4.0 and earlier contain local file-include vulnerabilities in... |
| CVE-2013-3214 | 2020-01-28 | vtiger CRM 5.4.0 and earlier contain a PHP Code Injection... |
| CVE-2013-1601 | 2020-01-28 | An Information Disclosure vulnerability exists due to a failure to... |
| CVE-2020-8420 | 2020-01-28 | An issue was discovered in Joomla! before 3.9.15. A missing... |
| CVE-2020-8421 | 2020-01-28 | An issue was discovered in Joomla! before 3.9.15. Inadequate escaping... |
| CVE-2020-8419 | 2020-01-28 | An issue was discovered in Joomla! before 3.9.15. Missing token... |
| CVE-2013-1602 | 2020-01-28 | An Information Disclosure vulnerability exists due to insufficient validation of... |
| CVE-2020-5215 | 2020-01-28 | Segmentation faultin TensorFlow when converting a Python string to tf.float16 |
| CVE-2013-1603 | 2020-01-28 | An Authentication vulnerability exists in D-LINK WCS-1100 1.02, TESCO DCS-2121... |
| CVE-2020-8425 | 2020-01-28 | Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF... |
| CVE-2020-8424 | 2020-01-28 | Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF... |
| CVE-2020-8426 | 2020-01-28 | The Elementor plugin before 2.8.5 for WordPress suffers from a... |
| CVE-2020-5227 | 2020-01-28 | Feedgen Vulnerable to XML Denial of Service Attacks |
| CVE-2020-8428 | 2020-01-28 | fs/namei.c in the Linux kernel before 5.5 has a may_create_in_sticky... |
| CVE-2019-20215 | 2020-01-29 | D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers... |
| CVE-2019-20216 | 2020-01-29 | D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers... |
| CVE-2019-20217 | 2020-01-29 | D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers... |
| CVE-2020-7965 | 2020-01-29 | flaskparser.py in Webargs 5.x through 5.5.2 doesn't check that the... |
| CVE-2012-4383 | 2020-01-29 | contao prior to 2.11.4 has a sql injection vulnerability |
| CVE-2012-5776 | 2020-01-29 | Dokeos 2.1.1 has multiple XSS issues involving "extra_" parameters in... |