CVE List - 2020 / February
Showing 701 - 800 of 1397 CVEs for February 2020 (Page 8 of 14)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-8950 | 2020-02-12 | The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic... |
| CVE-2020-5399 | 2020-02-12 | CredHub does not properly enable TLS for MySQL database connections |
| CVE-2011-4906 | 2020-02-12 | Tiny browser in TinyMCE 3.0 editor in Joomla! before 1.5.13 allows file upload and arbitrary PHP code execution. |
| CVE-2011-4908 | 2020-02-12 | TinyBrowser plugin for Joomla! before 1.5.13 allows arbitrary file upload via upload.php. |
| CVE-2013-4602 | 2020-02-12 | A Denial of Service (infinite loop) vulnerability exists in Avira AntiVir Engine before 8.2.12.58 via an unspecified function in the PDF Scanner Engine. |
| CVE-2013-5106 | 2020-02-12 | A Code Execution vulnerability exists in select.py when using python-mode 2012-12-19. |
| CVE-2013-6022 | 2020-02-12 | A Cross-Site Scripting (XSS) vulnerability exists in Tiki Wiki CMG Groupware 11.0 via the id paraZeroClipboard.swf, which could let a remote malicious user execute arbitrary code. |
| CVE-2020-8955 | 2020-02-12 | irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact via a malformed... |
| CVE-2020-1975 | 2020-02-12 | Missing XML Validation in PAN-OS Web Interface |
| CVE-2020-1976 | 2020-02-12 | GlobalProtect on MacOS: Local denial-of-service (DoS) vulnerability. |
| CVE-2020-1977 | 2020-02-12 | Expedition Migration Tool: Insufficient Cross Site Request Forgery protection. |
| CVE-2020-6975 | 2020-02-12 | Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a malicious file to the... |
| CVE-2020-6973 | 2020-02-12 | Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Version 1.2. Multiple cross-site scripting vulnerabilities exist that could allow an attacker to cause a denial-of-service condition. |
| CVE-2019-18915 | 2020-02-12 | A potential security vulnerability has been identified with certain versions of HP System Event Utility prior to version 1.4.33. This vulnerability may allow a local attacker to execute arbitrary code... |
| CVE-2020-7208 | 2020-02-12 | LinuxKI v6.0-1 and earlier is vulnerable to an XSS which is resolved in release 6.0-2. |
| CVE-2020-7209 | 2020-02-12 | LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution which is resolved in release 6.0-2. |
| CVE-2019-5322 | 2020-02-12 | A remotely exploitable information disclosure vulnerability is present in Aruba Intelligent Edge Switch models 5400, 3810, 2920, 2930, 2530 with GigT port, 2530 10/100 port, or 2540. The vulnerability impacts... |
| CVE-2018-3987 | 2020-02-12 | An exploitable information disclosure vulnerability exists in the 'Secret Chats' functionality of Rakuten Viber on Android 9.3.0.6. The 'Secret Chats' functionality allows a user to delete all traces of a... |
| CVE-2020-5241 | 2020-02-12 | XSS/Script injection vulnerability in matestack |
| CVE-2020-5239 | 2020-02-13 | Unspecified vulnerability in the fetchmail script in Mailu |
| CVE-2020-8964 | 2020-02-13 | TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to bypass authentication by... |
| CVE-2020-8963 | 2020-02-13 | TimeTools SC7105 1.0.007, SC9205 1.0.007, SC9705 1.0.007, SR7110 1.0.007, SR9210 1.0.007, SR9750 1.0.007, SR9850 1.0.007, T100 1.0.003, T300 1.0.003, and T550 1.0.003 devices allow remote attackers to execute arbitrary OS... |
| CVE-2020-8953 | 2020-02-13 | OpenVPN Access Server 2.8.x before 2.8.1 allows LDAP authentication bypass (except when a user is enrolled in two-factor authentication). |
| CVE-2020-8962 | 2020-02-13 | A stack-based buffer overflow was found on the D-Link DIR-842 REVC with firmware v3.13B09 HOTFIX due to the use of strcpy for LOGINPASSWORD when handling a POST request to the... |
| CVE-2019-14652 | 2020-02-13 | explorer.js in Amazon AWS JavaScript S3 Explorer (aka aws-js-s3-explorer) v2 alpha before 2019-08-02 allows XSS in certain circumstances. |
| CVE-2020-0014 | 2020-02-13 | It is possible for a malicious application to construct a TYPE_TOAST window manually and make that window clickable. This could lead to a local escalation of privilege with no additional... |
| CVE-2020-0015 | 2020-02-13 | In onCreate of CertInstaller.java, there is a possible way to overlay the Certificate Installation dialog by a malicious application. This could lead to local escalation of privilege with no additional... |
| CVE-2019-2200 | 2020-02-13 | In updatePermissions of PermissionManagerService.java, it may be possible for a malicious app to obtain a custom permission from another app due to a permission bypass. This could lead to local... |
| CVE-2020-0017 | 2020-02-13 | In multiple places, it was possible for the primary user’s dictionary to be visible to and modifiable by secondary users. This could lead to local information disclosure with no additional... |
| CVE-2020-0018 | 2020-02-13 | In MotionEntry::appendDescription of InputDispatcher.cpp, there is a possible log information disclosure. This could lead to local disclosure of user input with System execution privileges needed. User interaction is not needed... |
| CVE-2020-0020 | 2020-02-13 | In getAttributeRange of ExifInterface.java, there is a possible failure to redact location information from media files due to an incorrect bounds check. This could lead to local information disclosure with... |
| CVE-2020-0021 | 2020-02-13 | In removeUnusedPackagesLPw of PackageManagerService.java, there is a possible permanent denial-of-service due to a missing package dependency test. This could lead to remote denial of service with User execution privileges needed.... |
| CVE-2020-0022 | 2020-02-13 | In reassemble_and_dispatch of packet_fragmenter.cc, there is possible out of bounds write due to an incorrect bounds calculation. This could lead to remote code execution over Bluetooth with no additional execution... |
| CVE-2020-0023 | 2020-02-13 | In setPhonebookAccessPermission of AdapterService.java, there is a possible disclosure of user contacts over bluetooth due to a missing permission check. This could lead to local information disclosure if a malicious... |
| CVE-2020-0005 | 2020-02-13 | In btm_read_remote_ext_features_complete of btm_acl.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2020-0026 | 2020-02-13 | In Parcel::continueWrite of Parcel.cpp, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User... |
| CVE-2020-0027 | 2020-02-13 | In HidRawSensor::batch of HidRawSensor.cpp, there is a possible out of bounds write due to an unexpected switch fallthrough. This could lead to local escalation of privilege with no additional execution... |
| CVE-2020-0028 | 2020-02-13 | In notifyNetworkTested and related functions of NetworkMonitor.java, there is a possible bypass of private DNS settings. This could lead to remote information disclosure with no additional execution privileges needed. User... |
| CVE-2020-0030 | 2020-02-13 | In binder_thread_release of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2020-3720 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3734 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have a buffer error vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3721 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3735 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3739 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3738 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3736 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3733 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3728 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3731 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3730 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3729 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3732 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3740 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3723 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3727 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3725 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3722 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3726 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3724 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3737 | 2020-02-13 | Adobe Framemaker versions 2019.0.4 and below have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2019-18791 | 2020-02-13 | Lexmark printer MS812 and multiple older generation Lexmark devices have a stored XSS vulnerability in the embedded web server. The vulnerability can be exploited to expose session credentials and other... |
| CVE-2020-3742 | 2020-02-13 | Adobe Acrobat and Reader versions, 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code... |
| CVE-2020-8800 | 2020-02-13 | SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection. |
| CVE-2020-8801 | 2020-02-13 | SuiteCRM through 7.11.11 allows PHAR Deserialization. |
| CVE-2020-8802 | 2020-02-13 | SuiteCRM through 7.11.11 has Incorrect Access Control via action_saveHTMLField Bean Manipulation. |
| CVE-2020-8803 | 2020-02-13 | SuiteCRM through 7.11.11 allows Directory Traversal to include arbitrary .php files within the webroot via add_to_prospect_list. |
| CVE-2020-8804 | 2020-02-13 | SuiteCRM through 7.11.10 allows SQL Injection via the SOAP API, the EmailUIAjax interface, or the MailMerge module. |
| CVE-2020-8614 | 2020-02-13 | An issue was discovered on Askey AP4000W TDC_V1.01.003 devices. An attacker can perform Remote Code Execution (RCE) by sending a specially crafted network packer to the bd_svr service listening on... |
| CVE-2019-4592 | 2020-02-13 | IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10 could allow an unauthorized user to access and modify operation aspects of the ITM monitoring server possibly leading to an effective denial of... |
| CVE-2019-4666 | 2020-02-13 | IBM UrbanCode Deploy (UCD) 7.0.3 and IBM UrbanCode Build 6.1.5 could allow a local user to obtain sensitive information by unmasking certain secure values in documents. IBM X-Force ID: 171248. |
| CVE-2020-7051 | 2020-02-13 | Codologic Codoforum through 4.8.4 allows stored XSS in the login area. This is relevant in conjunction with CVE-2020-5842 because session cookies lack the HttpOnly flag. The impact is account takeover. |
| CVE-2020-3748 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary... |
| CVE-2020-3763 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to arbitrary file... |
| CVE-2020-3756 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to memory leak... |
| CVE-2020-3762 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to arbitrary file... |
| CVE-2020-3743 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary... |
| CVE-2020-3746 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary... |
| CVE-2020-3747 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure... |
| CVE-2020-3744 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure... |
| CVE-2020-3749 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary... |
| CVE-2020-3753 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a stack exhaustion vulnerability. Successful exploitation could lead to memory leak... |
| CVE-2020-3755 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure... |
| CVE-2020-3751 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary... |
| CVE-2020-3745 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary... |
| CVE-2020-3752 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code... |
| CVE-2020-3754 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have a buffer error vulnerability. Successful exploitation could lead to arbitrary code... |
| CVE-2020-3750 | 2020-02-13 | Adobe Acrobat and Reader versions 2019.021.20061 and earlier, 2017.011.30156 and earlier, 2017.011.30156 and earlier, and 2015.006.30508 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary... |
| CVE-2020-3757 | 2020-02-13 | Adobe Flash Player versions 32.0.0.321 and earlier, 32.0.0.314 and earlier, 32.0.0.321 and earlier, and 32.0.0.255 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3760 | 2020-02-13 | Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. |
| CVE-2020-3759 | 2020-02-13 | Adobe Digital Editions versions 4.5.10 and below have a buffer errors vulnerability. Successful exploitation could lead to information disclosure. |
| CVE-2020-3741 | 2020-02-13 | Adobe Experience Manager versions 6.5, and 6.4 have an uncontrolled resource consumption vulnerability. Successful exploitation could lead to denial-of-service. |
| CVE-2019-10785 | 2020-02-13 | dojox is vulnerable to Cross-site Scripting in all versions before version 1.16.1, 1.15.2, 1.14.5, 1.13.6, 1.12.7 and 1.11.9. This is due to dojox.xmpp.util.xmlEncode only encoding the first occurrence of each... |
| CVE-2012-1500 | 2020-02-13 | Stored XSS vulnerability in UpdateFieldJson.jspa in JIRA 4.4.3 and GreenHopper before 5.9.8 allows an attacker to inject arbitrary script code. |
| CVE-2012-1903 | 2020-02-13 | XSS in Telligent Community 5.6.583.20496 via a flash file and related to the allowScriptAccess parameter. |
| CVE-2020-0560 | 2020-02-13 | Improper permissions in the installer for the Intel(R) Renesas Electronics(R) USB 3.0 Driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-8981 | 2020-02-13 | A cross-site scripting (XSS) vulnerability was discovered in the Source Integration plugin before 1.6.2 and 2.x before 2.3.1 for MantisBT. The repo_delete.php Delete Repository page allows execution of arbitrary code... |
| CVE-2020-0564 | 2020-02-13 | Improper permissions in the installer for Intel(R) RWC3 for Windows before version 7.010.009.000 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-0563 | 2020-02-13 | Improper permissions in the installer for Intel(R) MPSS before version 3.8.6 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-0562 | 2020-02-13 | Improper permissions in the installer for Intel(R) RWC2, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-0561 | 2020-02-13 | Improper initialization in the Intel(R) SGX SDK before v2.6.100.1 may allow an authenticated user to potentially enable escalation of privilege via local access. |