CVE List - 2020 / March
Showing 601 - 700 of 1754 CVEs for March 2020 (Page 7 of 18)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-10483 | 2020-03-12 | CSRF in admin/ajax-hub.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to post a comment on any article via a crafted request. |
| CVE-2020-10484 | 2020-03-12 | CSRF in admin/add-field.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to create a custom field via a crafted request. |
| CVE-2020-10485 | 2020-03-12 | CSRF in admin/manage-articles.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article via a crafted request. |
| CVE-2020-10486 | 2020-03-12 | CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a comment via a crafted request. |
| CVE-2020-10487 | 2020-03-12 | CSRF in admin/manage-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a glossary term via a crafted request. |
| CVE-2020-10488 | 2020-03-12 | CSRF in admin/manage-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a news article via a crafted request. |
| CVE-2020-10489 | 2020-03-12 | CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a ticket via a crafted request. |
| CVE-2020-10490 | 2020-03-12 | CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a department via a crafted request. |
| CVE-2020-10491 | 2020-03-12 | CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to add a department via a crafted request. |
| CVE-2020-10492 | 2020-03-12 | CSRF in admin/manage-templates.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete an article template via a crafted request. |
| CVE-2020-10493 | 2020-03-12 | CSRF in admin/edit-glossary.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a glossary term, given the id, via a crafted request. |
| CVE-2020-10494 | 2020-03-12 | CSRF in admin/edit-news.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a news article, given the id, via a crafted request. |
| CVE-2020-10495 | 2020-03-12 | CSRF in admin/edit-template.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article template, given the id, via a crafted request. |
| CVE-2020-10496 | 2020-03-12 | CSRF in admin/edit-article.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit an article, given the id, via a crafted request. |
| CVE-2020-10497 | 2020-03-12 | CSRF in admin/manage-categories.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to delete a category via a crafted request. |
| CVE-2020-10498 | 2020-03-12 | CSRF in admin/edit-category.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a category, given the id, via a crafted request. |
| CVE-2020-10499 | 2020-03-12 | CSRF in admin/manage-tickets.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to close any ticket, given the id, via a crafted request. |
| CVE-2020-10500 | 2020-03-12 | CSRF in admin/reply-ticket.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to reply to any ticket, given the id, via a crafted request. |
| CVE-2020-10501 | 2020-03-12 | CSRF in admin/manage-departments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a department, given the id, via a crafted request. |
| CVE-2020-10502 | 2020-03-12 | CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to approve any comment, given the id, via a crafted request. |
| CVE-2020-10503 | 2020-03-12 | CSRF in admin/manage-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to disapprove any comment, given the id, via a crafted request. |
| CVE-2020-10504 | 2020-03-12 | CSRF in admin/edit-comments.php in Chadha PHPKB Standard Multi-Language 9 allows attackers to edit a comment, given the id, via a crafted request. |
| CVE-2020-9436 | 2020-03-12 | PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17,... |
| CVE-2020-9435 | 2020-03-12 | PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002T-4G VZW through 2.05.3, TC ROUTER 3002T-4G ATT through 2.05.3, TC CLOUD CLIENT 1002-4G through 2.03.17,... |
| CVE-2020-9464 | 2020-03-12 | A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP Bus Coupler BK9000. After an attack has occurred, the device's functionality can be restored by rebooting. |
| CVE-2020-8436 | 2020-03-12 | XSS was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress via the rm_form_id, rm_tr, or form_name parameter. |
| CVE-2020-8435 | 2020-03-12 | An issue was discovered in the RegistrationMagic plugin 4.6.0.0 for WordPress. There is SQL injection via the rm_analytics_show_form rm_form_id parameter. |
| CVE-2020-6858 | 2020-03-12 | Hotels Styx through 1.0.0.beta8 allows HTTP response splitting due to CRLF Injection. This is exploitable if untrusted user input can appear in a response header. |
| CVE-2020-0645 | 2020-03-12 | A tampering vulnerability exists when Microsoft IIS Server improperly handles malformed request headers, aka 'Microsoft IIS Server Tampering Vulnerability'. |
| CVE-2020-0684 | 2020-03-12 | A remote code execution vulnerability exists in Microsoft Windows that could allow remote code execution if a .LNK file is processed.An attacker who successfully exploited this vulnerability could gain the... |
| CVE-2020-0690 | 2020-03-12 | An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'. |
| CVE-2020-0700 | 2020-03-12 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'. |
| CVE-2020-0758 | 2020-03-12 | An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege... |
| CVE-2020-0762 | 2020-03-12 | An elevation of privilege vulnerability exists when Windows Defender Security Center handles certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system,... |
| CVE-2020-0763 | 2020-03-12 | An elevation of privilege vulnerability exists when Windows Defender Security Center handles certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the system,... |
| CVE-2020-0765 | 2020-03-12 | An information disclosure vulnerability exists in the Remote Desktop Connection Manager (RDCMan) application when it improperly parses XML input containing a reference to an external entity, aka 'Remote Desktop Connection... |
| CVE-2020-0768 | 2020-03-12 | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique... |
| CVE-2020-0769 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka... |
| CVE-2020-0770 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system,... |
| CVE-2020-0771 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows CSC Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka... |
| CVE-2020-0772 | 2020-03-12 | An elevation of privilege vulnerability exists when Windows Error Reporting improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows... |
| CVE-2020-0773 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows ActiveX Installer Service improperly handles memory.To exploit this vulnerability, an attacker would first have to gain execution on the victim system,... |
| CVE-2020-0774 | 2020-03-12 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka 'Windows GDI Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-0874,... |
| CVE-2020-0775 | 2020-03-12 | An information disclosure vulnerability exists when Windows Error Reporting improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka 'Windows... |
| CVE-2020-0776 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles file operations.To exploit this vulnerability, an attacker would first have to gain execution on the victim... |
| CVE-2020-0777 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0778 | 2020-03-12 | An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0779 | 2020-03-12 | An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0798,... |
| CVE-2020-0780 | 2020-03-12 | An elevation of privilege vulnerability exists in the way that the Windows Network List Service handles objects in memory, aka 'Windows Network List Service Elevation of Privilege Vulnerability'. |
| CVE-2020-0781 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0783 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows Universal Plug and Play (UPnP) service improperly handles objects in memory, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0785 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows User Profile Service (ProfSvc) improperly handles symlinks, aka 'Windows User Profile Service Elevation of Privilege Vulnerability'. |
| CVE-2020-0786 | 2020-03-12 | A denial of service vulnerability exists when the Windows Tile Object Service improperly handles hard links, aka 'Windows Tile Object Service Denial of Service Vulnerability'. |
| CVE-2020-0788 | 2020-03-12 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0789 | 2020-03-12 | A denial of service vulnerability exists when the Visual Studio Extension Installer Service improperly handles hard links, aka 'Visual Studio Extension Installer Service Denial of Service Vulnerability'. |
| CVE-2020-0787 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows Background Intelligent Transfer Service (BITS) improperly handles symbolic links, aka 'Windows Background Intelligent Transfer Service Elevation of Privilege Vulnerability'. |
| CVE-2020-0791 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows Graphics Component improperly handles objects in memory, aka 'Windows Graphics Component Elevation of Privilege Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0793 | 2020-03-12 | An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly handles file operations, aka 'Diagnostics Hub Standard Collector Elevation of Privilege Vulnerability'. |
| CVE-2020-0795 | 2020-03-12 | This vulnerability is caused when SharePoint Server does not properly sanitize a specially crafted request to an affected SharePoint server.An authenticated attacker could exploit this vulnerability by sending a specially... |
| CVE-2020-0796 | 2020-03-12 | A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'. |
| CVE-2020-0797 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0798 | 2020-03-12 | An elevation of privilege vulnerability exists in the Windows Installer when the Windows Installer fails to properly sanitize input leading to an insecure library loading behavior.A locally authenticated attacker could... |
| CVE-2020-0799 | 2020-03-12 | An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka 'Windows Kernel Elevation of Privilege Vulnerability'. |
| CVE-2020-0800 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows Work Folder Service improperly handles file operations, aka 'Windows Work Folder Service Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0801 | 2020-03-12 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0807, CVE-2020-0809, CVE-2020-0869. |
| CVE-2020-0802 | 2020-03-12 | An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0803 | 2020-03-12 | An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0804 | 2020-03-12 | An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE... |
| CVE-2020-0806 | 2020-03-12 | An elevation of privilege vulnerability exists in Windows Error Reporting (WER) when WER handles and executes files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. This CVE ID is unique... |
| CVE-2020-0807 | 2020-03-12 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0801, CVE-2020-0809, CVE-2020-0869. |
| CVE-2020-0808 | 2020-03-12 | An elevation of privilege vulnerability exists in the way the Provisioning Runtime validates certain file operations, aka 'Provisioning Runtime Elevation of Privilege Vulnerability'. |
| CVE-2020-0809 | 2020-03-12 | A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0801, CVE-2020-0807, CVE-2020-0869. |
| CVE-2020-0810 | 2020-03-12 | An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector or the Visual Studio Standard Collector allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would... |
| CVE-2020-0811 | 2020-03-12 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This... |
| CVE-2020-0812 | 2020-03-12 | A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based)L, aka 'Chakra Scripting Engine Memory Corruption Vulnerability'. This... |
| CVE-2020-0813 | 2020-03-12 | An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user’s computer or data.To exploit... |
| CVE-2020-0814 | 2020-03-12 | An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the... |
| CVE-2020-0815 | 2020-03-12 | An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege... |
| CVE-2020-0816 | 2020-03-12 | A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka 'Microsoft Edge Memory Corruption Vulnerability'. |
| CVE-2020-0819 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows Device Setup Manager improperly handles file operations, aka 'Windows Device Setup Manager Elevation of Privilege Vulnerability'. |
| CVE-2020-0820 | 2020-03-12 | An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. |
| CVE-2020-0822 | 2020-03-12 | An elevation of privilege vulnerability exists when the Windows Language Pack Installer improperly handles file operations, aka 'Windows Language Pack Installer Elevation of Privilege Vulnerability'. |
| CVE-2020-0823 | 2020-03-12 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0824 | 2020-03-12 | A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka 'Internet Explorer Memory Corruption Vulnerability'. |
| CVE-2020-0825 | 2020-03-12 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0826 | 2020-03-12 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0827 | 2020-03-12 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0828 | 2020-03-12 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0829 | 2020-03-12 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0830 | 2020-03-12 | A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique... |
| CVE-2020-0831 | 2020-03-12 | A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from... |
| CVE-2020-0832 | 2020-03-12 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is... |
| CVE-2020-0833 | 2020-03-12 | A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is... |
| CVE-2020-0834 | 2020-03-12 | An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call (ALPC).An attacker who successfully exploited this vulnerability could run arbitrary code in the security... |
| CVE-2020-0840 | 2020-03-12 | An elevation of privilege vulnerability exists when Windows improperly handles hard links, aka 'Windows Hard Link Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0841, CVE-2020-0849, CVE-2020-0896. |
| CVE-2020-0841 | 2020-03-12 | An elevation of privilege vulnerability exists when Windows improperly handles hard links, aka 'Windows Hard Link Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0840, CVE-2020-0849, CVE-2020-0896. |
| CVE-2020-0842 | 2020-03-12 | An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the... |
| CVE-2020-0843 | 2020-03-12 | An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the... |
| CVE-2020-0844 | 2020-03-12 | An elevation of privilege vulnerability exists when Connected User Experiences and Telemetry Service improperly handles file operations, aka 'Connected User Experiences and Telemetry Service Elevation of Privilege Vulnerability'. |
| CVE-2020-0845 | 2020-03-12 | An elevation of privilege vulnerability exists in the way that the Windows Network Connections Service handles objects in memory, aka 'Windows Network Connections Service Elevation of Privilege Vulnerability'. This CVE... |