CVE List - 2020 / April
Showing 2101 - 2186 of 2186 CVEs for April 2020 (Page 22 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-12461 | 2020-04-29 | PHP-Fusion 9.03.50 allows SQL Injection because maincore.php has an insufficient... |
| CVE-2020-12462 | 2020-04-29 | The ninja-forms plugin before 3.4.24.2 for WordPress allows CSRF with... |
| CVE-2020-12277 | 2020-04-29 | GitLab 10.8 through 12.9 has a vulnerability that allows someone... |
| CVE-2020-12276 | 2020-04-29 | GitLab 9.5.9 through 12.9 is vulnerable to stored XSS in... |
| CVE-2020-12275 | 2020-04-29 | GitLab 12.6 through 12.9 is vulnerable to a privilege escalation... |
| CVE-2020-11009 | 2020-04-29 | IDOR can reveal execution data and logs to unauthorized user in Rundeck |
| CVE-2020-11020 | 2020-04-29 | Authentication and extension bypass in Faye |
| CVE-2020-12464 | 2020-04-29 | usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has... |
| CVE-2020-11021 | 2020-04-29 | HTTP request which redirect to another hostname do not strip authorization header in Actions Http-Client |
| CVE-2020-12465 | 2020-04-29 | An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in... |
| CVE-2020-12473 | 2020-04-29 | MonoX through 5.1.40.5152 allows admins to execute arbitrary programs by... |
| CVE-2020-12472 | 2020-04-29 | MonoX through 5.1.40.5152 allows stored XSS via User Status, Blog... |
| CVE-2020-12471 | 2020-04-29 | MonoX through 5.1.40.5152 allows remote code execution via HTML5Upload.ashx or... |
| CVE-2020-12470 | 2020-04-29 | MonoX through 5.1.40.5152 allows administrators to execute arbitrary code by... |
| CVE-2020-12469 | 2020-04-29 | admin/blocks.php in Subrion CMS through 4.2.1 allows PHP Object Injection... |
| CVE-2020-12468 | 2020-04-29 | Subrion CMS 4.2.1 allows CSV injection via a phrase value... |
| CVE-2020-12467 | 2020-04-29 | Subrion CMS 4.2.1 allows session fixation via an alphanumeric value... |
| CVE-2019-16011 | 2020-04-29 | Cisco IOS XE SD-WAN Software Command Injection Vulnerability |
| CVE-2020-11024 | 2020-04-29 | Man-in-the-middle attack in Moonlight iOS/tvOS |
| CVE-2020-11942 | 2020-04-29 | An issue was discovered in Open-AudIT 3.2.2. There are Multiple... |
| CVE-2020-11943 | 2020-04-29 | An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary... |
| CVE-2016-11061 | 2020-04-29 | Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i,... |
| CVE-2020-12479 | 2020-04-29 | TeamPass 2.1.27.36 allows any authenticated TeamPass user to trigger a... |
| CVE-2020-12478 | 2020-04-29 | TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from... |
| CVE-2020-12477 | 2020-04-29 | The REST API functions in TeamPass 2.1.27.36 allow any user... |
| CVE-2019-5618 | 2020-04-29 | A-PDF WAV to MP3 Stack-based Buffer Overflow |
| CVE-2019-5619 | 2020-04-29 | AASync.com AASync Stack-based Buffer Overflow |
| CVE-2019-5620 | 2020-04-29 | ABB MicroSCADA Pro SYS600 Missing Authentication for Critical Function |
| CVE-2019-5621 | 2020-04-29 | ABBS Software Audio Media Player Stack-based Buffer Overflow |
| CVE-2019-5622 | 2020-04-29 | Accellion File Transfer Appliance Use of Hard-coded Credentials |
| CVE-2019-5623 | 2020-04-29 | Accellion File Transfer Appliance Improper Neutralization of Special Elements used in a Command ('Command Injection') |
| CVE-2020-11027 | 2020-04-30 | Password reset links invalidation issue in WordPress |
| CVE-2020-1752 | 2020-04-30 | A use-after-free vulnerability introduced in glibc upstream version 2.14 was... |
| CVE-2020-12283 | 2020-04-30 | Sourcegraph before 3.15.1 has a vulnerable authentication workflow because of... |
| CVE-2020-9387 | 2020-04-30 | In Mahara 19.04 before 19.04.5 and 19.10 before 19.10.3, account... |
| CVE-2020-6579 | 2020-04-30 | Cross-site scripting (XSS) vulnerability in mailhive/cloudbeez/cloudloader.php and mailhive/cloudbeez/cloudloader_core.php in the... |
| CVE-2019-19220 | 2020-04-30 | BMC Control-M/Agent 7.0.00.000 allows OS Command Injection (issue 2 of... |
| CVE-2019-19219 | 2020-04-30 | BMC Control-M/Agent 7.0.00.000 allows Arbitrary File Download. |
| CVE-2019-19218 | 2020-04-30 | BMC Control-M/Agent 7.0.00.000 has Insecure Password Storage. |
| CVE-2019-19217 | 2020-04-30 | BMC Control-M/Agent 7.0.00.000 allows OS Command Injection. |
| CVE-2019-19216 | 2020-04-30 | BMC Control-M/Agent 7.0.00.000 has an Insecure File Copy. |
| CVE-2019-19215 | 2020-04-30 | A buffer overflow vulnerability in BMC Control-M/Agent 7.0.00.000 when the... |
| CVE-2020-12101 | 2020-04-30 | The address-management feature in xt:Commerce 5.1 to 6.2.2 allows remote... |
| CVE-2020-6010 | 2020-04-30 | LearnPress Wordpress plugin version prior and including 3.2.6.7 is vulnerable... |
| CVE-2020-12050 | 2020-04-30 | SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4,... |
| CVE-2020-10691 | 2020-04-30 | An archive traversal flaw was found in all ansible-engine versions... |
| CVE-2020-11651 | 2020-04-30 | An issue was discovered in SaltStack Salt before 2019.2.4 and... |
| CVE-2020-11652 | 2020-04-30 | An issue was discovered in SaltStack Salt before 2019.2.4 and... |
| CVE-2020-7136 | 2020-04-30 | A security vulnerability in HPE Smart Update Manager (SUM) prior... |
| CVE-2019-12425 | 2020-04-30 | Apache OFBiz 17.12.01 is vulnerable to Host header injection by... |
| CVE-2019-0235 | 2020-04-30 | Apache OFBiz 17.12.01 is vulnerable to some CSRF attacks. |
| CVE-2020-5871 | 2020-04-30 | On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial... |
| CVE-2020-5872 | 2020-04-30 | On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS... |
| CVE-2020-5874 | 2020-04-30 | On BIG-IP APM 15.0.0-15.0.1.2, 14.1.0-14.1.2.3, and 14.0.0-14.0.1, in certain circumstances,... |
| CVE-2020-5873 | 2020-04-30 | On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.1-11.6.5 and BIG-IQ... |
| CVE-2020-5878 | 2020-04-30 | On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.3, Traffic Management Microkernel (TMM)... |
| CVE-2020-5875 | 2020-04-30 | On BIG-IP 15.0.0-15.0.1 and 14.1.0-14.1.2.3, under certain conditions, the Traffic... |
| CVE-2020-5876 | 2020-04-30 | On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a race... |
| CVE-2020-5877 | 2020-04-30 | On BIG-IP 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, malformed input... |
| CVE-2020-5884 | 2020-04-30 | On versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.4, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the default... |
| CVE-2020-5882 | 2020-04-30 | On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5, and 11.6.1-11.6.5.1, under certain... |
| CVE-2020-5881 | 2020-04-30 | On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when the BIG-IP Virtual... |
| CVE-2020-5885 | 2020-04-30 | On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems set... |
| CVE-2020-5887 | 2020-04-30 | On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE)... |
| CVE-2020-5879 | 2020-04-30 | On BIG-IP ASM 11.6.1-11.6.5.1, under certain configurations, the BIG-IP system... |
| CVE-2020-5883 | 2020-04-30 | On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, when a virtual... |
| CVE-2020-5886 | 2020-04-30 | On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems setup... |
| CVE-2020-5880 | 2020-04-30 | Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose... |
| CVE-2020-5891 | 2020-04-30 | On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, undisclosed HTTP/2 requests can... |
| CVE-2020-5889 | 2020-04-30 | On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, in BIG-IP APM portal... |
| CVE-2020-5893 | 2020-04-30 | In versions 7.1.5-7.1.8, when a user connects to a VPN... |
| CVE-2020-5892 | 2020-04-30 | In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP... |
| CVE-2020-5888 | 2020-04-30 | On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE)... |
| CVE-2020-5890 | 2020-04-30 | On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1 and BIG-IQ 5.2.0-7.1.0,... |
| CVE-2020-6867 | 2020-04-30 | ZTE's SDON controller is impacted by the resource management error... |
| CVE-2020-6865 | 2020-04-30 | ZTE SDN controller platform is impacted by an information leakage... |
| CVE-2020-6866 | 2020-04-30 | A ZTE product is impacted by a resource management error... |
| CVE-2020-1817 | 2020-04-30 | Huawei PCManager with versions earlier than 10.0.1.36 has a privilege... |
| CVE-2020-9098 | 2020-04-30 | Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an... |
| CVE-2020-11025 | 2020-04-30 | Authenticated cross-site scripting (XSS) in WordPress Customizer |
| CVE-2020-11030 | 2020-04-30 | Cross-site scripting (XSS) in Search block in WordPress |
| CVE-2020-11029 | 2020-04-30 | Cross-site scripting in stats method (object cache) in WordPress |
| CVE-2020-11028 | 2020-04-30 | Unauthenticated disclosure of certain private posts in WordPress |
| CVE-2020-11026 | 2020-04-30 | Specially crafted filenames in WordPress leading to XSS |
| CVE-2020-11037 | 2020-04-30 | Potential Observable Timing Discrepancy in Wagtail |
| CVE-2020-11016 | 2020-04-30 | Remote code execution in Message sending functionality in IntelMQ Manager |