CVE List - 2020 / February
Showing 1 - 100 of 1397 CVEs for February 2020 (Page 1 of 14)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-8515 | 2020-02-01 | DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and... |
| CVE-2019-20446 | 2020-02-02 | In xml.rs in GNOME librsvg before 2.46.2, a crafted SVG... |
| CVE-2020-8516 | 2020-02-02 | The daemon in Tor through 0.4.1.8 and 0.4.2.x through 0.4.2.6... |
| CVE-2020-8514 | 2020-02-02 | An issue was discovered in Rumpus 8.2.10 on macOS. By... |
| CVE-2020-8508 | 2020-02-03 | nsak64.sys in Norman Malware Cleaner 2.08.08 allows users to call... |
| CVE-2020-3925 | 2020-02-03 | ServiSign Windows Versions- Remote Code Execution via LoadLibrary |
| CVE-2020-3926 | 2020-02-03 | ServiSign Windows Versions- Arbitrary File Access |
| CVE-2020-3927 | 2020-02-03 | ServiSign Windows Versions- Arbitrary File Deletion |
| CVE-2020-7471 | 2020-02-03 | Django 1.11 before 1.11.28, 2.2 before 2.2.10, and 3.0 before... |
| CVE-2019-18193 | 2020-02-03 | In Unisys Stealth (core) 3.4.108.0, 3.4.209.x, 4.0.027.x and 4.0.114, key... |
| CVE-2014-8328 | 2020-02-03 | The default configuration in the Dynamic Content Elements (dce) extension... |
| CVE-2013-2621 | 2020-02-03 | Open Redirection Vulnerability in the redir.php script in Telaen before... |
| CVE-2020-7993 | 2020-02-03 | Prototype 1.6.0.1 allows remote authenticated users to forge ticket creation... |
| CVE-2013-2622 | 2020-02-03 | Cross-site Scripting (XSS) in UebiMiau 2.7.11 and earlier allows remote... |
| CVE-2013-2623 | 2020-02-03 | Cross-site Scripting (XSS) in Telaen before 1.3.1 allows remote attackers... |
| CVE-2013-2624 | 2020-02-03 | Telean before 1.3.1 contains a full path disclosure vulnerability which... |
| CVE-2013-2631 | 2020-02-03 | TinyWebGallery (TWG) 1.8.9 and earlier contains a full path disclosure... |
| CVE-2019-19119 | 2020-02-03 | An issue was discovered in PRTG 7.x through 19.4.53. Due... |
| CVE-2020-8510 | 2020-02-03 | An issue was discovered in phpABook 0.9 Intermediate. On the... |
| CVE-2020-8545 | 2020-02-03 | Global.py in AIL framework 2.8 allows path traversal. |
| CVE-2019-11251 | 2020-02-03 | kubectl cp allows symlink directory traversal |
| CVE-2020-8547 | 2020-02-03 | phpList 3.5.0 allows type juggling for admin login bypass because... |
| CVE-2019-16893 | 2020-02-03 | The Web Management of TP-Link TP-SG105E V4 1.0.0 Build 20181120... |
| CVE-2020-8548 | 2020-02-03 | massCode 1.0.0-alpha.6 allows XSS via crafted Markdown text, with resultant... |
| CVE-2013-2646 | 2020-02-03 | TP-LINK TL-WR1043ND V1_120405 devices contain an unspecified denial of service... |
| CVE-2013-2672 | 2020-02-03 | Brother MFC-9970CDW devices with firmware 0D allow cleartext submission of... |
| CVE-2020-8549 | 2020-02-03 | Stored XSS in the Strong Testimonials plugin before 2.40.1 for... |
| CVE-2019-4732 | 2020-02-03 | IBM SDK, Java Technology Edition Version 7.0.0.0 through 7.0.10.55, 7.1.0.0... |
| CVE-2020-4224 | 2020-02-03 | IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to... |
| CVE-2020-5182 | 2020-02-03 | The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing.... |
| CVE-2013-2673 | 2020-02-03 | Brother MFC-9970CDW 1.10 firmware L devices contain a security bypass... |
| CVE-2016-4676 | 2020-02-03 | A Cross-origin vulnerability exists in WebKit in Apple Safari before... |
| CVE-2019-20174 | 2020-02-03 | Auth0 Lock before 11.21.0 allows XSS when additionalSignUpFields is used... |
| CVE-2013-2674 | 2020-02-03 | Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure... |
| CVE-2019-18567 | 2020-02-03 | Bromium client - out of bound read results in race condition causing Kernel memory leaks or denial of service |
| CVE-2020-8592 | 2020-02-03 | eG Manager 7.1.2 allows SQL Injection via the user parameter... |
| CVE-2020-8591 | 2020-02-03 | eG Manager 7.1.2 allows authentication bypass via a com.egurkha.EgLoginServlet?uname=admin&upass=&accessKey=eGm0n1t0r request. |
| CVE-2019-9501 | 2020-02-03 | Broadcom wl driver is vulnerable to heap buffer overflow |
| CVE-2019-9502 | 2020-02-03 | Broadcom wl driver is vulnerable to heap buffer overflow |
| CVE-2020-8597 | 2020-02-03 | eap.c in pppd in ppp 2.4.2 through 2.4.8 has an... |
| CVE-2020-5235 | 2020-02-04 | Out-of-memory condition in Nanopb is potentially exploitable |
| CVE-2020-5236 | 2020-02-04 | Catastrophic backtracking in regex allows Denial of Service in Waitress |
| CVE-2020-3937 | 2020-02-04 | SysJust Syuan-Gu-Da-Shih-SQL injection |
| CVE-2020-3938 | 2020-02-04 | SysJust Syuan-Gu-Da-Shih -Request-Forgery |
| CVE-2020-3939 | 2020-02-04 | SysJust Syuan-Gu-Da-Shih -Cross-Site Scripting(XSS) |
| CVE-2011-4937 | 2020-02-04 | Joomla! 1.7.1 has core information disclosure due to inadequate error... |
| CVE-2011-3629 | 2020-02-04 | Joomla! core 1.7.1 allows information disclosure due to weak encryption |
| CVE-2012-5618 | 2020-02-04 | Ushahidi before 2.6.1 has insufficient entropy for forgot-password tokens. |
| CVE-2011-4912 | 2020-02-04 | Joomla! com_mailto 1.5.x through 1.5.13 has an automated mail timeout... |
| CVE-2012-5686 | 2020-02-04 | ZPanel 10.0.1 has insufficient entropy for its password reset process. |
| CVE-2013-1422 | 2020-02-04 | webcalendar before 1.2.7 shows the reason for a failed login... |
| CVE-2013-7051 | 2020-02-04 | D-Link DIR-100 4.03B07: cli.cgi security bypass due to failure to... |
| CVE-2013-7052 | 2020-02-04 | D-Link DIR-100 4.03B07: security bypass via an error in the... |
| CVE-2013-7053 | 2020-02-04 | D-Link DIR-100 4.03B07: cli.cgi CSRF |
| CVE-2013-7054 | 2020-02-04 | D-Link DIR-100 4.03B07: cli.cgi XSS |
| CVE-2013-7055 | 2020-02-04 | D-Link DIR-100 4.03B07 has PPTP and poe information disclosure |
| CVE-2013-2676 | 2020-02-04 | Brother MFC-9970CDW 1.10 firmware L devices contain an information disclosure... |
| CVE-2019-9674 | 2020-02-04 | Lib/zipfile.py in Python through 3.7.2 allows remote attackers to cause... |
| CVE-2019-19968 | 2020-02-04 | PandoraFMS 742 suffers from multiple XSS vulnerabilities, affecting the Agent... |
| CVE-2013-2678 | 2020-02-04 | Cisco Linksys E4200 1.0.05 Build 7 routers contain a Local... |
| CVE-2019-19273 | 2020-02-04 | On Samsung mobile devices with O(8.0) and P(9.0) software and... |
| CVE-2019-4451 | 2020-02-04 | IBM Security Identity Manager 6.0.0 is vulnerable to cross-site scripting.... |
| CVE-2019-4540 | 2020-02-04 | IBM Security Directory Server 6.4.0 uses weaker than expected cryptographic... |
| CVE-2019-4541 | 2020-02-04 | IBM Security Directory Server 6.4.0 uses incomplete blacklisting for input... |
| CVE-2019-4548 | 2020-02-04 | IBM Security Directory Server 6.4.0 could allow a remote attacker... |
| CVE-2019-4550 | 2020-02-04 | IBM Security Directory Server 6.4.0 is deployed with active debugging... |
| CVE-2019-4551 | 2020-02-04 | IBM Security Directory Server 6.4.0 does not perform an authentication... |
| CVE-2019-4562 | 2020-02-04 | IBM Security Directory Server 6.4.0 stores sensitive information in URLs.... |
| CVE-2019-4674 | 2020-02-04 | IBM Security Identity Manager 7.0.1 could allow a remote attacker... |
| CVE-2019-4675 | 2020-02-04 | IBM Security Identity Manager 7.0.1 contains hard-coded credentials, such as... |
| CVE-2020-4163 | 2020-02-04 | IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under... |
| CVE-2020-7221 | 2020-02-04 | mysql_install_db in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from... |
| CVE-2019-10784 | 2020-02-04 | phppgadmin through 7.12.1 allows sensitive actions to be performed without... |
| CVE-2020-8615 | 2020-02-04 | A CSRF vulnerability in the Tutor LMS plugin before 1.5.3... |
| CVE-2020-8124 | 2020-02-04 | Insufficient validation and sanitization of user input exists in url-parse... |
| CVE-2020-8125 | 2020-02-04 | Flaw in input validation in npm package klona version 1.1.0... |
| CVE-2019-15610 | 2020-02-04 | Improper authorization in the Circles app 0.17.7 causes retaining access... |
| CVE-2019-15611 | 2020-02-04 | Violation of Secure Design Principles in the iOS App 2.23.0... |
| CVE-2019-15612 | 2020-02-04 | A bug in Nextcloud Server 15.0.2 causes pending 2FA logins... |
| CVE-2019-15613 | 2020-02-04 | A bug in Nextcloud Server 17.0.1 causes the workflow rules... |
| CVE-2019-15614 | 2020-02-04 | Missing sanitization in the iOS App 2.24.4 causes an XSS... |
| CVE-2019-15615 | 2020-02-04 | A wrong check for the system time in the Android... |
| CVE-2019-15616 | 2020-02-04 | Dangling remote share attempts in Nextcloud 16 allow a DNS... |
| CVE-2019-15617 | 2020-02-04 | A missing check in Nextcloud Server 17.0.0 allowed an attacker... |
| CVE-2019-15618 | 2020-02-04 | Missing escaping of HTML in the Updater of Nextcloud 15.0.5... |
| CVE-2019-15619 | 2020-02-04 | Improper neutralization of file names, conversation names and board names... |
| CVE-2019-15620 | 2020-02-04 | Improper access control in Nextcloud Talk 6.0.3 leaks the existance... |
| CVE-2019-15621 | 2020-02-04 | Improper permissions preservation in Nextcloud Server 16.0.1 causes sharees to... |
| CVE-2019-15622 | 2020-02-04 | Not strictly enough sanitization in the Nextcloud Android app 3.6.0... |
| CVE-2019-15623 | 2020-02-04 | Exposure of Private Information in Nextcloud Server 16.0.1 causes the... |
| CVE-2019-15624 | 2020-02-04 | Improper Input Validation in Nextcloud Server 15.0.7 allows group admins... |
| CVE-2020-8115 | 2020-02-04 | A reflected XSS vulnerability has been discovered in the publicly... |
| CVE-2020-8116 | 2020-02-04 | Prototype pollution vulnerability in dot-prop npm package versions before 4.2.1... |
| CVE-2020-8117 | 2020-02-04 | Improper preservation of permissions in Nextcloud Server 14.0.3 causes the... |
| CVE-2020-8118 | 2020-02-04 | An authenticated server-side request forgery in Nextcloud server 16.0.1 allowed... |
| CVE-2020-8119 | 2020-02-04 | Improper authorization in Nextcloud server 17.0.0 causes leaking of previews... |
| CVE-2020-8120 | 2020-02-04 | A reflected Cross-Site Scripting vulnerability in Nextcloud Server 16.0.1 was... |
| CVE-2020-8121 | 2020-02-04 | A bug in Nextcloud Server 14.0.4 could expose more data... |
| CVE-2020-8122 | 2020-02-04 | A missing check in Nextcloud Server 14.0.3 could give recipient... |
| CVE-2020-8123 | 2020-02-04 | A denial of service exists in strapi v3.0.0-beta.18.3 and earlier... |