CVE List - 2020 / May
Showing 501 - 600 of 1017 CVEs for May 2020 (Page 6 of 11)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-0092 | 2020-05-14 | In setHideSensitive of NotificationStackScrollLayout.java, there is a possible disclosure of sensitive notification content due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2020-0096 | 2020-05-14 | In startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2020-0097 | 2020-05-14 | In various methods of PackageManagerService.java, there is a possible permission bypass due to a missing condition for system apps. This could lead to local escalation of privilege with User privileges... |
| CVE-2020-0109 | 2020-05-14 | In simulatePackageSuspendBroadcast of NotificationManagerService.java, there is a missing permission check. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User... |
| CVE-2020-0103 | 2020-05-14 | In a2dp_aac_decoder_cleanup of a2dp_aac_decoder.cc, there is a possible invalid free due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is... |
| CVE-2020-0110 | 2020-05-14 | In psi_write of psi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution... |
| CVE-2020-0094 | 2020-05-14 | In setImageHeight and setImageWidth of ExifUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no... |
| CVE-2020-0106 | 2020-05-14 | In getCellLocation of PhoneInterfaceManager.java, there is a possible permission bypass due to a missing SDK version check. This could lead to local information disclosure with no additional execution privileges needed.... |
| CVE-2020-0093 | 2020-05-14 | In exif_data_save_data_entry of exif-data.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2020-0091 | 2020-05-14 | In mnld, an incorrect configuration in driver_cfg of mnld for meta factory mode.Product: AndroidVersions: Android SoCAndroid ID: A-149808700 |
| CVE-2020-0090 | 2020-05-14 | An improper authorization in the receiver component of Email.Product: AndroidVersions: Android SoCAndroid ID: A-149813048 |
| CVE-2020-0065 | 2020-05-14 | An improper authorization in the receiver component of the Android Suite Daemon.Product: AndroidVersions: Android SoCAndroid ID: A-149813448 |
| CVE-2020-0064 | 2020-05-14 | An improper authorization while processing the provisioning data.Product: AndroidVersions: Android SoCAndroid ID: A-149866855 |
| CVE-2020-0100 | 2020-05-14 | In onTransact of IHDCP.cpp, there is a possible out of bounds read due to incorrect error handling. This could lead to local information disclosure of data from a privileged process... |
| CVE-2020-0220 | 2020-05-14 | In crus_afe_callback of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2020-0221 | 2020-05-14 | Airbrush FW's scratch memory allocator is susceptible to numeric overflow. When the overflow occurs, the next allocation could potentially return a pointer within the previous allocation's memory, which could lead... |
| CVE-2020-12042 | 2020-05-14 | Opto 22 SoftPAC Project Version 9.6 and prior. Paths specified within the zip files used to update the SoftPAC firmware are not sanitized. As a result, an attacker with user... |
| CVE-2020-12068 | 2020-05-14 | An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation. |
| CVE-2020-12046 | 2020-05-14 | Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC’s firmware files’ signatures are not verified upon firmware update. This allows an attacker to replace legitimate firmware files with malicious files. |
| CVE-2020-10612 | 2020-05-14 | Opto 22 SoftPAC Project Version 9.6 and prior. SoftPACAgent communicates with SoftPACMonitor over network Port 22000. However, this port is open without any restrictions. This allows an attacker with network... |
| CVE-2020-10616 | 2020-05-14 | Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC does not specify the path of multiple imported .dll files. Therefore, an attacker can replace them and execute code whenever the... |
| CVE-2020-10620 | 2020-05-14 | Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC communication does not include any credentials. This allows an attacker with network access to directly communicate with SoftPAC, including, for example,... |
| CVE-2020-11931 | 2020-05-15 | Ubuntu modifications to pulseaudio to provide snap security enforcement could be unloaded |
| CVE-2020-12882 | 2020-05-15 | Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow. |
| CVE-2020-8100 | 2020-05-15 | Incomplete validation in detection code in Bitdefender Engines (VA-8589) |
| CVE-2020-3810 | 2020-05-15 | Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files. |
| CVE-2020-10744 | 2020-05-15 | An incomplete fix was found for the fix of the flaw CVE-2020-1733 ansible: insecure temporary directory when running become_user from become directive. The provided fix is insufficient to prevent the... |
| CVE-2020-1808 | 2020-05-15 | Honor 20;HONOR 20 PRO;Honor Magic2;HUAWEI Mate 20 X;HUAWEI P30;HUAWEI P30 Pro;Honor View 20 smartphones with versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.187(C00E60R4P11); versions earlier than 10.0.0.176(C00E60R2P11);9.1.0.135(C00E133R2P1); versions earlier than... |
| CVE-2020-9073 | 2020-05-15 | Huawei P20 smartphones with versions earlier than 10.0.0.156(C00E156R1P4) have an improper authentication vulnerability. The vulnerability is due to that when an user wants to do certain operation, the software insufficiently... |
| CVE-2020-7809 | 2020-05-15 | Estsoft ALSong DOM-Based XSS Vulnerability |
| CVE-2018-10756 | 2020-05-15 | Use-after-free in libtransmission/variant.c in Transmission before 3.00 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted torrent file. |
| CVE-2020-11521 | 2020-05-15 | libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. |
| CVE-2020-11522 | 2020-05-15 | libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read. |
| CVE-2020-11523 | 2020-05-15 | libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow. |
| CVE-2020-11524 | 2020-05-15 | libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. |
| CVE-2020-12834 | 2020-05-15 | eQ-3 Homematic Central Control Unit (CCU)2 through 2.51.6 and CCU3 through 3.51.6 allow Remote Code Execution in the JSON API Method ReGa.runScript, by unauthenticated attackers with access to the web... |
| CVE-2020-11525 | 2020-05-15 | libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read. |
| CVE-2020-11526 | 2020-05-15 | libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read. |
| CVE-2020-12685 | 2020-05-15 | XSS in the admin help system admin/help.html and admin/quicklinks.html in Interchange 4.7.0 through 5.11.x allows remote attackers to steal credentials or data via browser JavaScript. |
| CVE-2020-12888 | 2020-05-15 | The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. |
| CVE-2019-20389 | 2020-05-15 | An XSS issue was identified on the Subrion CMS 4.2.1 /panel/configuration/general settings page. A remote attacker can inject arbitrary JavaScript code in the v[language_switch] parameter (within multipart/form-data), which is reflected... |
| CVE-2019-20390 | 2020-05-15 | A Cross-Site Request Forgery (CSRF) vulnerability was discovered in Subrion CMS 4.2.1 that allows a remote attacker to remove files on the server without a victim's knowledge, by enticing an... |
| CVE-2019-18666 | 2020-05-15 | An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without authorization via an undocumented HTTP request. Although this is the primary vulnerability,... |
| CVE-2019-19721 | 2020-05-15 | An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service (memory corruption) via a crafted... |
| CVE-2020-12651 | 2020-05-15 | SecureCRT before 8.7.2 allows remote attackers to execute arbitrary code via an Integer Overflow and a Buffer Overflow because a banner can trigger a line number to CSI functions that... |
| CVE-2020-12798 | 2020-05-15 | Cellebrite UFED 5.0 to 7.5.0.845 implements local operating system policies that can be circumvented to obtain a command prompt via the Windows file dialog that is reachable via the Certificate-Based... |
| CVE-2020-12889 | 2020-05-15 | MISP MISP-maltego 1.4.4 incorrectly shares a MISP connection across users in a remote-transform use case. |
| CVE-2020-12872 | 2020-05-15 | yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP virtual machine with a version less... |
| CVE-2020-13092 | 2020-05-15 | scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load() function, if __reduce__ makes an os.system call. NOTE: third parties... |
| CVE-2020-13091 | 2020-05-15 | pandas through 1.0.3 can unserialize and execute commands from an untrusted file that is passed to the read_pickle() function, if __reduce__ makes an os.system call. NOTE: third parties dispute this... |
| CVE-2020-8149 | 2020-05-15 | Lack of output sanitization allowed an attack to execute arbitrary shell commands via the logkitty npm package before version 0.7.1. |
| CVE-2020-13093 | 2020-05-15 | iSpyConnect.com Agent DVR before 2.7.1.0 allows directory traversal. |
| CVE-2020-1758 | 2020-05-15 | A flaw was found in Keycloak in versions before 10.0.0, where it does not perform the TLS hostname verification while sending emails using the SMTP server. This flaw allows an... |
| CVE-2020-13109 | 2020-05-16 | Morita Shogi 64 through 2020-05-02 for Nintendo 64 devices allows remote attackers to execute arbitrary code via crafted packet data to the built-in modem because 0x800b3e94 (aka the IF subcommand... |
| CVE-2020-13110 | 2020-05-16 | The kerberos package before 1.0.0 for Node.js allows arbitrary code execution and privilege escalation via injection of malicious DLLs through use of the kerberos_sspi LoadLibrary() method, because of a DLL... |
| CVE-2020-13111 | 2020-05-16 | NaviServer 4.99.4 to 4.99.19 allows denial of service due to the nsd/driver.c ChunkedDecode function not properly validating the length of a chunk. A remote attacker can craft a chunked-transfer request... |
| CVE-2020-13118 | 2020-05-16 | An issue was discovered in Mikrotik-Router-Monitoring-System through 2018-10-22. SQL Injection exists in check_community.php via the parameter community. |
| CVE-2020-13121 | 2020-05-16 | Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt. |
| CVE-2020-13126 | 2020-05-17 | An issue was discovered in the Elementor Pro plugin before 2.9.4 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13125. An attacker with the Subscriber... |
| CVE-2020-13125 | 2020-05-17 | An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13126. Unauthenticated attackers can... |
| CVE-2020-4345 | 2020-05-17 | IBM i 7.2, 7.3, and 7.4 users running complex SQL statements under a specific set of circumstances may allow a local user to obtain sensitive information that they should not... |
| CVE-2020-13128 | 2020-05-17 | An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to... |
| CVE-2019-20802 | 2020-05-17 | An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server improperly displays directory names, leading to Stored XSS, which may be used... |
| CVE-2019-20801 | 2020-05-17 | An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks... |
| CVE-2019-20800 | 2020-05-17 | In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler_cgi_add_env_pair in handler_cgi.c by sending many request headers, as demonstrated by a GET request with many "Host: 127.0.0.1"... |
| CVE-2019-20799 | 2020-05-17 | In Cherokee through 1.2.104, multiple memory corruption errors may be used by a remote attacker to destabilize the work of a server. |
| CVE-2019-20798 | 2020-05-17 | An XSS issue was discovered in handler_server_info.c in Cherokee through 1.2.104. The requested URL is improperly displayed on the About page in the default configuration of the web server and... |
| CVE-2019-20797 | 2020-05-17 | An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacketTo... |
| CVE-2020-12856 | 2020-05-18 | OpenTrace, as used in COVIDSafe through v1.0.17, TraceTogether, ABTraceTogether, and other applications on iOS and Android, allows remote attackers to conduct long-term re-identification attacks and possibly have unspecified other impact,... |
| CVE-2020-12857 | 2020-05-18 | Caching of GATT characteristic values (TempID) in COVIDSafe v1.0.15 and v1.0.16 allows a remote attacker to long-term re-identify an Android device running COVIDSafe. |
| CVE-2020-12858 | 2020-05-18 | Non-reinitialisation of random data in the advertising payload in COVIDSafe v1.0.15 and v1.0.16 allows a remote attacker to re-identify Android devices running COVIDSafe by scanning for their advertising beacons. |
| CVE-2020-12859 | 2020-05-18 | Unnecessary fields in the OpenTrace/BlueTrace protocol in COVIDSafe through v1.0.17 allow a remote attacker to identify a device model by observing cleartext payload data. This allows re-identification of devices, especially... |
| CVE-2020-12860 | 2020-05-18 | COVIDSafe through v1.0.17 allows a remote attacker to access phone name and model information because a BLE device can have four roles and COVIDSafe uses all of them. This allows... |
| CVE-2020-13129 | 2020-05-18 | An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and possibly other platforms. The GET method is used with client_key and device_id data in... |
| CVE-2020-12259 | 2020-05-18 | rConfig 3.9.4 is vulnerable to reflected XSS. The configDevice.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the rid GET parameter of... |
| CVE-2020-12258 | 2020-05-18 | rConfig 3.9.4 is vulnerable to session fixation because session expiry and randomization are mishandled. The application can reuse a session via PHPSESSID. Also, an attacker can exploit this vulnerability in... |
| CVE-2020-9524 | 2020-05-18 | Cross Site scripting vulnerability on Micro Focus Enterprise Server and Enterprise developer, affecting all versions prior to version 5.0 Patch Update 8. The vulnerability could allow an attacker to trigger... |
| CVE-2020-12257 | 2020-05-18 | rConfig 3.9.4 is vulnerable to cross-site request forgery (CSRF) because it lacks implementation of CSRF protection such as a CSRF token. An attacker can leverage this vulnerability by creating a... |
| CVE-2020-10957 | 2020-05-18 | In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp. |
| CVE-2020-10958 | 2020-05-18 | In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after... |
| CVE-2020-10967 | 2020-05-18 | In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart. |
| CVE-2020-12256 | 2020-05-18 | rConfig 3.9.4 is vulnerable to reflected XSS. The devicemgmnt.php file improperly validates user input. An attacker can exploit this by crafting arbitrary JavaScript in the deviceId GET parameter to devicemgmnt.php. |
| CVE-2020-12255 | 2020-05-18 | rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. vendor.crud.php accepts a file upload by checking content-type without considering the file extension... |
| CVE-2020-12801 | 2020-05-18 | Crash-recovered MSOffice encrypted documents defaulted to not to using encryption on next save |
| CVE-2020-8035 | 2020-05-18 | The image view functionality in Horde Groupware Webmail Edition before 5.2.22 is affected by a stored Cross-Site Scripting (XSS) vulnerability via an SVG image upload containing a JavaScript payload. An... |
| CVE-2020-11551 | 2020-05-18 | An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The administrative... |
| CVE-2020-11550 | 2020-05-18 | An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The administrative... |
| CVE-2020-11549 | 2020-05-18 | An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The root... |
| CVE-2019-7247 | 2020-05-18 | An issue was discovered in AODDriver2.sys in AMD OverDrive. The vulnerable driver exposes a wrmsr instruction via IOCTL 0x81112ee0 and does not properly filter the Model Specific Register (MSR). Allowing... |
| CVE-2019-7246 | 2020-05-18 | An issue was discovered in atillk64.sys in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility 5.11.9.0. The vulnerable driver exposes a wrmsr instruction and does not properly filter the Model Specific... |
| CVE-2020-13136 | 2020-05-18 | D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer. |
| CVE-2020-13135 | 2020-05-18 | D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the local network, as demonstrated by a Squid Proxy. |
| CVE-2020-8034 | 2020-05-18 | Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.22 and other products, is affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in... |
| CVE-2020-6074 | 2020-05-18 | An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155. A specially crafted PDF document can cause a use-after-free which can lead to remote code execution.... |
| CVE-2020-6092 | 2020-05-18 | An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects. A specially crafted PDF file can trigger an integer overflow that can lead to arbitrary... |
| CVE-2020-6093 | 2020-05-18 | An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML error handling. A specially crafted PDF document can cause uninitialized memory access resulting in information disclosure.... |
| CVE-2019-19454 | 2020-05-18 | An arbitrary file download was found in the "Download Log" functionality of Wowza Streaming Engine <= 4.x.x. This issue was resolved in Wowza Streaming Engine 4.8.0. |
| CVE-2019-19456 | 2020-05-18 | A Reflected XSS was found in the server selection box inside the login page at: enginemanager/loginfailed.html in Wowza Streaming Engine <= 4.x.x. This issue was resolved in Wowza Streaming Engine... |
| CVE-2020-13143 | 2020-05-18 | gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read,... |
| CVE-2020-13144 | 2020-05-18 | Studio in Open edX Ironwood 2.5, when CodeJail is not used, allows a user to go to the "Create New course>New section>New subsection>New unit>Add new component>Problem button>Advanced tab>Custom Python evaluated... |