CVE List - 2020 / May
Showing 201 - 300 of 1017 CVEs for May 2020 (Page 3 of 11)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-11431 | 2020-05-07 | The documentation component in i-net Clear Reports 16.0 to 19.2,... |
| CVE-2020-5745 | 2020-05-07 | Cross-site request forgery in TCExam 14.2.2 allows a remote attacker... |
| CVE-2020-5748 | 2020-05-07 | Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated... |
| CVE-2020-5751 | 2020-05-07 | Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated... |
| CVE-2020-5749 | 2020-05-07 | Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated... |
| CVE-2020-5750 | 2020-05-07 | Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated... |
| CVE-2020-12448 | 2020-05-07 | GitLab EE 12.8 and later allows Exposure of Sensitive Information... |
| CVE-2020-12608 | 2020-05-07 | An issue was discovered in SolarWinds MSP PME (Patch Management... |
| CVE-2020-7646 | 2020-05-07 | curlrequest through 1.0.1 allows reading any file by populating the... |
| CVE-2020-12679 | 2020-05-07 | A reflected cross-site scripting (XSS) vulnerability in the Mitel ShoreTel... |
| CVE-2020-7805 | 2020-05-07 | An issue was discovered on KT Slim egg IML500 (R7283,... |
| CVE-2020-10974 | 2020-05-07 | An issue was discovered affecting a backup feature where a... |
| CVE-2020-7803 | 2020-05-07 | Zoneplayer ActiveX File Download Vulnerability |
| CVE-2020-10973 | 2020-05-07 | An issue was discovered in Wavlink WN530HG4, Wavlink WN531G3, Wavlink... |
| CVE-2020-10972 | 2020-05-07 | An issue was discovered where a page is exposed that... |
| CVE-2020-10971 | 2020-05-07 | An issue was discovered on Wavlink Jetstream devices where a... |
| CVE-2019-19164 | 2020-05-07 | Dext5 Upload ActiveX Arbitrary File Execution Vulnerability |
| CVE-2020-12708 | 2020-05-07 | Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers... |
| CVE-2020-12707 | 2020-05-07 | An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4.5.0. This... |
| CVE-2020-12706 | 2020-05-07 | Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers... |
| CVE-2020-12705 | 2020-05-07 | Multiple cross-site scripting (XSS) vulnerabilities exist in LeptonCMS before 4.6.0. |
| CVE-2020-12704 | 2020-05-07 | UliCMS before 2020.2 has PageController stored XSS. |
| CVE-2020-12703 | 2020-05-07 | UliCMS before 2020.2 has XSS during PackageController uninstall. |
| CVE-2020-12116 | 2020-05-07 | Zoho ManageEngine OpManager Stable build before 124196 and Released build... |
| CVE-2020-4427 | 2020-05-07 | IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and... |
| CVE-2020-4428 | 2020-05-07 | IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could... |
| CVE-2020-4429 | 2020-05-07 | IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and... |
| CVE-2020-4430 | 2020-05-07 | IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could... |
| CVE-2020-11050 | 2020-05-07 | Improper Validation of Certificate with Host Mismatch in Java-WebSocket |
| CVE-2020-9474 | 2020-05-07 | The S. Siedle & Soehne SG 150-0 Smart Gateway before... |
| CVE-2020-11052 | 2020-05-07 | Improper Restriction of Excessive Authentication Attempts in Sorcery |
| CVE-2020-9475 | 2020-05-07 | The S. Siedle & Soehne SG 150-0 Smart Gateway before... |
| CVE-2020-11053 | 2020-05-07 | Open Redirect in OAuth2 Proxy |
| CVE-2020-10794 | 2020-05-07 | Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to unauthenticated path traversal that... |
| CVE-2020-10795 | 2020-05-07 | Gira TKS-IP-Gateway 4.0.7.7 is vulnerable to authenticated remote code execution... |
| CVE-2020-11054 | 2020-05-07 | Incorrect Provision of Specified Functionality in qutebrowser |
| CVE-2020-10176 | 2020-05-07 | ASSA ABLOY Yale WIPC-301W 2.x.2.29 through 2.x.2.43_p1 devices allow Eval... |
| CVE-2020-11055 | 2020-05-07 | Cross-site Scripting in BookStack |
| CVE-2020-11056 | 2020-05-07 | Potential Code Injection in Sprout Forms |
| CVE-2015-7946 | 2020-05-07 | MTP service exposed during emergency dialer |
| CVE-2020-10916 | 2020-05-07 | This vulnerability allows network-adjacent attackers to escalate privileges on affected... |
| CVE-2014-1423 | 2020-05-07 | Online Accounts Signon daemon gives out all oauth tokens to any app |
| CVE-2020-12718 | 2020-05-07 | In administration/comments.php in PHP-Fusion 9.03.50, an authenticated attacker can take... |
| CVE-2020-12719 | 2020-05-07 | XXE during an EventPublisher update can occur in Management Console... |
| CVE-2020-12720 | 2020-05-07 | vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1... |
| CVE-2012-0952 | 2020-05-08 | Heap overflow in control device ioctl |
| CVE-2012-0953 | 2020-05-08 | Kernel heap contents leak race in ioctl handler |
| CVE-2020-12735 | 2020-05-08 | reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset... |
| CVE-2020-12022 | 2020-05-08 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An... |
| CVE-2020-12010 | 2020-05-08 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple... |
| CVE-2020-12006 | 2020-05-08 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple... |
| CVE-2020-7264 | 2020-05-08 | Privilege Escalation vulnerability through symbolic links in ENS for Windows |
| CVE-2020-12014 | 2020-05-08 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input... |
| CVE-2020-12026 | 2020-05-08 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple... |
| CVE-2020-10638 | 2020-05-08 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple... |
| CVE-2020-7265 | 2020-05-08 | Privilege Escalation vulnerability through symbolic links in ENSM |
| CVE-2020-12002 | 2020-05-08 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple... |
| CVE-2020-12018 | 2020-05-08 | Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An... |
| CVE-2020-7266 | 2020-05-08 | Privilege Escalation vulnerability through symbolic links in VSE for Windows |
| CVE-2020-12680 | 2020-05-08 | Avira Free Antivirus through 15.0.2005.1866 allows local users to discover... |
| CVE-2020-5741 | 2020-05-08 | Deserialization of Untrusted Data in Plex Media Server on Windows... |
| CVE-2020-7267 | 2020-05-08 | Privilege Escalation vulnerability through symbolic links in VSEL |
| CVE-2020-7286 | 2020-05-08 | Privilege Escalation vulnerability in EDR for Windows |
| CVE-2020-7285 | 2020-05-08 | Privilege Escalation vulnerability in MVISION Endpoint |
| CVE-2020-7289 | 2020-05-08 | Privilege Escalation vulnerability in MAR for Windows |
| CVE-2020-7288 | 2020-05-08 | Privilege Escalation vulnerability in EDR for Mac |
| CVE-2020-7287 | 2020-05-08 | Privilege Escalation vulnerability in EDR for Linux |
| CVE-2020-7291 | 2020-05-08 | Privilege Escalation vulnerability MAR for Mac |
| CVE-2020-7290 | 2020-05-08 | Privilege Escalation vulnerability in MAR for Linux |
| CVE-2020-11541 | 2020-05-08 | In TechSmith SnagIt 11.2.1 through 20.0.3, an XML External Entity... |
| CVE-2019-10169 | 2020-05-08 | A flaw was found in Keycloak’s user-managed access interface, where... |
| CVE-2019-10170 | 2020-05-08 | A flaw was found in the Keycloak admin console, where... |
| CVE-2020-10690 | 2020-05-08 | There is a use-after-free in kernel versions before 5.5 due... |
| CVE-2019-14898 | 2020-05-08 | The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10... |
| CVE-2020-12737 | 2020-05-08 | An issue was discovered in Maxum Rumpus before 8.2.12 on... |
| CVE-2020-12740 | 2020-05-08 | tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read... |
| CVE-2018-20225 | 2020-05-08 | An issue was discovered in pip (all versions) because it... |
| CVE-2020-11006 | 2020-05-08 | Potential remote code execution in Shopizer |
| CVE-2020-11530 | 2020-05-08 | A blind SQL injection vulnerability is present in Chop Slider... |
| CVE-2020-6616 | 2020-05-08 | Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy... |
| CVE-2020-11531 | 2020-05-08 | The DataEngine Xnode Server application in Zoho ManageEngine DataSecurity Plus... |
| CVE-2020-11532 | 2020-05-08 | Zoho ManageEngine DataSecurity Plus prior to 6.0.1 uses default admin... |
| CVE-2020-12762 | 2020-05-09 | json-c through 0.14 has an integer overflow and out-of-bounds write... |
| CVE-2020-12755 | 2020-05-09 | fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a... |
| CVE-2020-12637 | 2020-05-09 | Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because... |
| CVE-2020-12761 | 2020-05-09 | modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant... |
| CVE-2019-20794 | 2020-05-09 | An issue was discovered in the Linux kernel 4.18 through... |
| CVE-2020-12766 | 2020-05-09 | Gnuteca 3.8 allows action=main:search:simpleSearch SQL Injection via the exemplaryStatusId parameter. |
| CVE-2020-12765 | 2020-05-09 | Solis Miolo 2.0 allows index.php?module=install&action=view&item= Directory Traversal. |
| CVE-2020-12764 | 2020-05-09 | Gnuteca 3.8 allows file.php?folder=/&file= Directory Traversal. |
| CVE-2019-20795 | 2020-05-09 | iproute2 before 5.1.0 has a use-after-free in get_netnsid_from_name in ip/ipnetns.c.... |
| CVE-2020-12771 | 2020-05-09 | An issue was discovered in the Linux kernel through 5.6.11.... |
| CVE-2020-12770 | 2020-05-09 | An issue was discovered in the Linux kernel through 5.6.11.... |
| CVE-2020-12769 | 2020-05-09 | An issue was discovered in the Linux kernel before 5.4.17.... |
| CVE-2020-12768 | 2020-05-09 | An issue was discovered in the Linux kernel before 5.6.... |
| CVE-2020-12767 | 2020-05-09 | exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error. |
| CVE-2020-9315 | 2020-05-10 | ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web... |
| CVE-2020-9314 | 2020-05-10 | ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web... |
| CVE-2020-10685 | 2020-05-11 | A flaw was found in Ansible Engine affecting Ansible Engine... |
| CVE-2020-5538 | 2020-05-11 | Improper Access Control in PALLET CONTROL Ver. 6.3 and earlier... |