CVE List - 2020 / June
Showing 1401 - 1500 of 1807 CVEs for June 2020 (Page 15 of 19)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-11989 | 2020-06-22 | Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass. |
| CVE-2020-14983 | 2020-06-22 | The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack. |
| CVE-2020-12053 | 2020-06-22 | In Unisys Stealth 3.4.x, 4.x and 5.x before 5.0.026, if certificate-based authorization is used without HTTPS, an endpoint could be authorized without a private key. |
| CVE-2020-14990 | 2020-06-22 | IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic... |
| CVE-2020-14946 | 2020-06-22 | downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and earlier allows users to download transaction files. When downloading the files, a user is... |
| CVE-2020-14945 | 2020-06-22 | A privilege escalation vulnerability exists within Global RADAR BSA Radar 1.6.7234.24750 and earlier that allows an authenticated, low-privileged user to escalate their privileges to administrator rights (i.e., the BankAdmin role)... |
| CVE-2020-14944 | 2020-06-22 | Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple functions. This can allow for manipulation and takeover of user accounts if successfully exploited. The following vulnerable... |
| CVE-2020-14943 | 2020-06-22 | The Firstname and Lastname parameters in Global RADAR BSA Radar 1.6.7234.24750 and earlier are vulnerable to stored cross-site scripting (XSS) via Update User Profile. |
| CVE-2019-20409 | 2020-06-23 | The way in which velocity templates were used in Atlassian Jira Server and Data Center prior to version 8.8.0 allowed remote attackers to gain remote code execution if they were... |
| CVE-2020-12782 | 2020-06-23 | Openfind MailGates - Command Injection |
| CVE-2020-5594 | 2020-06-23 | Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series CPU modules all versions contain a vulnerability that allows cleartext transmission of sensitive information between CPU modules and GX Works3... |
| CVE-2020-14940 | 2020-06-23 | An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4. It uses misconfigured XML parsers, leading to XXE while loading GP6 (.gpx) and GP7 (.gp) tablature files. |
| CVE-2020-14939 | 2020-06-23 | An issue was discovered in savestruct_internal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any... |
| CVE-2020-14938 | 2020-06-23 | An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated... |
| CVE-2020-14993 | 2020-06-23 | A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi. |
| CVE-2020-4028 | 2020-06-23 | Versions before 8.9.1, Various resources in Jira responded with a 404 instead of redirecting unauthenticated users to the login page, in some situations this may have allowed unauthorised attackers to... |
| CVE-2020-14965 | 2020-06-23 | On TP-Link TL-WR740N v4 and TL-WR740ND v4 devices, an attacker with access to the admin panel can inject HTML code and change the HTML context of the target pages and... |
| CVE-2020-14971 | 2020-06-23 | Pi-hole through 5.0 allows code injection in piholedhcp (the Static DHCP Leases section) by modifying Teleporter backup files and then restoring them. This occurs in settings.php. To exploit this, an... |
| CVE-2020-9438 | 2020-06-23 | Tinxy Door Lock with firmware before 3.2 allow attackers to unlock a door by replaying an Unlock request that occurred when the attacker was previously authorized. In other words, door-access... |
| CVE-2020-11068 | 2020-06-23 | Potential Buffer Overflow in LoRaMac-node |
| CVE-2020-4188 | 2020-06-23 | IBM Security Guardium 10.6 and 11.1 may use insufficiently random numbers or values in a security context that depends on unpredictable numbers. IBM X-Force ID: 174807. |
| CVE-2020-14978 | 2020-06-23 | An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorrect client version verification, an attacker can connect to a privileged XPC service, and execute privileged commands on... |
| CVE-2020-14977 | 2020-06-23 | An issue was discovered in F-Secure SAFE 17.7 on macOS. The XPC services use the PID to identify the connecting client, which allows an attacker to perform a PID reuse... |
| CVE-2020-14976 | 2020-06-23 | GNS3 ubridge through 0.9.18 on macOS, as used in GNS3 server before 2.1.17, allows a local attacker to read arbitrary files because it handles configuration-file errors by printing the configuration... |
| CVE-2020-14975 | 2020-06-23 | The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to delete, move, or copy arbitrary files via IOCTL code 0x222124. |
| CVE-2020-14974 | 2020-06-23 | The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to unlock a file and kill processes (even ones running as SYSTEM) that hold a handle, via IOCTL code 0x222124. |
| CVE-2020-14073 | 2020-06-23 | XSS exists in PRTG Network Monitor 20.1.56.1574 via crafted map properties. An attacker with Read/Write privileges can create a map, and then use the Map Designer Properties screen to insert... |
| CVE-2020-13157 | 2020-06-23 | modules\users\admin\edit.php in NukeViet 4.4 allows CSRF to change a user's password via an admin/index.php?nv=users&op=edit&userid= URI. The old password is not needed. |
| CVE-2020-13156 | 2020-06-23 | modules\users\admin\add_user.php in NukeViet 4.4 allows CSRF to add a user account via the admin/index.php?nv=users&op=user_add URI. |
| CVE-2020-13155 | 2020-06-23 | clearsystem.php in NukeViet 4.4 allows CSRF with resultant HTML injection via the deltype parameter to the admin/index.php?nv=webtools&op=clearsystem URI. |
| CVE-2020-5345 | 2020-06-23 | Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass vulnerability.... |
| CVE-2020-5367 | 2020-06-23 | Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an improper certificate validation... |
| CVE-2020-12021 | 2020-06-23 | In OSIsoft PI Web API 2019 Patch 1 (1.12.0.6346) and all previous versions, the affected product is vulnerable to a cross-site scripting attack, which may allow an attacker to remotely... |
| CVE-2020-12033 | 2020-06-23 | In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unauthenticated, adjacent attacker to execute remote COM objects... |
| CVE-2020-9480 | 2020-06-23 | In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication (spark.authenticate) via a shared secret. When enabled, however, a specially-crafted RPC to the... |
| CVE-2020-12861 | 2020-06-24 | A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080. |
| CVE-2020-10272 | 2020-06-24 | RVD#2554: MiR ROS computational graph presents no authentication mechanisms |
| CVE-2020-10274 | 2020-06-24 | RVD#2556: MiR REST API allows for data exfiltration by unauthorized attackers (e.g. indoor maps) |
| CVE-2020-10271 | 2020-06-24 | RVD#2555: MiR ROS computational graph is exposed to all network interfaces, including poorly secured wireless networks and open wired ones |
| CVE-2020-10276 | 2020-06-24 | RVD#2558: Default credentials on SICK PLC allows disabling safety features |
| CVE-2020-10270 | 2020-06-24 | RVD#2557: Hardcoded Credentials on MiRX00 Control Dashboard |
| CVE-2020-10277 | 2020-06-24 | RVD#2562: Booting from a live image leads to exfiltration of sensible information and privilege escalation |
| CVE-2020-10278 | 2020-06-24 | RVD#2561: Unprotected BIOS allows user to boot from live OS image. |
| CVE-2020-10273 | 2020-06-24 | RVD#2560: Unprotected intellectual property in Mobile Industrial Robots (MiR) controllers |
| CVE-2020-10275 | 2020-06-24 | RVD#2565: Weak token generation for the REST API. |
| CVE-2020-10269 | 2020-06-24 | RVD#2566: Hardcoded Credentials on MiRX00 wireless Access Point |
| CVE-2020-10280 | 2020-06-24 | RVD#2568: Apache server is vulnerable to a DoS |
| CVE-2020-10279 | 2020-06-24 | RVD#2569: Insecure operating system defaults in MiR robots |
| CVE-2020-15006 | 2020-06-24 | Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document to bl-kernel/ajax/logo-upload.php. |
| CVE-2020-15007 | 2020-06-24 | A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tech 1 (aka Doom engine) allows arbitrary code execution via an unsafe usage of fscanf, because it does not... |
| CVE-2020-15011 | 2020-06-24 | GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page. |
| CVE-2020-7667 | 2020-06-24 | Arbitrary File Write via Archive Extraction (Zip Slip) |
| CVE-2020-15014 | 2020-06-24 | pramodmahato BlogCMS through 2019-12-31 has admin/changepass.php CSRF. |
| CVE-2020-4071 | 2020-06-24 | Timing attack on django-basic-auth-ip-whitelist |
| CVE-2020-15018 | 2020-06-24 | playSMS through 1.4.3 is vulnerable to session fixation. |
| CVE-2020-12866 | 2020-06-24 | A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079. |
| CVE-2020-12865 | 2020-06-24 | A heap buffer overflow in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-084. |
| CVE-2020-12864 | 2020-06-24 | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR... |
| CVE-2020-12863 | 2020-06-24 | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR... |
| CVE-2020-12862 | 2020-06-24 | An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR... |
| CVE-2020-14007 | 2020-06-24 | Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a name of an alert definition. |
| CVE-2020-14006 | 2020-06-24 | Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a Responsible Team. |
| CVE-2020-14005 | 2020-06-24 | Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote attackers to execute arbitrary code via a defined event. |
| CVE-2020-4322 | 2020-06-24 | IBM Security Secret Server 10.7 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote... |
| CVE-2020-4323 | 2020-06-24 | IBM Security Secret Server 10.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading... |
| CVE-2020-4327 | 2020-06-24 | IBM Security Secret Server 10.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used... |
| CVE-2020-4341 | 2020-06-24 | IBM Security Secret Server 10.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used... |
| CVE-2020-4342 | 2020-06-24 | IBM Security Secret Server 10.7 could disclose sensitive information included in installation files to an unauthorized user. IBM X-Force ID: 178182. |
| CVE-2020-4413 | 2020-06-24 | IBM Security Secret Server 10.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this... |
| CVE-2020-14014 | 2020-06-24 | An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. The query parameter fid on the resource navigate.php does not perform sufficient data validation and/or encoding, making it vulnerable... |
| CVE-2020-14015 | 2020-06-24 | An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is emailed an activation code that allows them to reset their password. There is,... |
| CVE-2020-15015 | 2020-06-24 | The FileExplorer component in GleamTech FileUltimate 6.1.5.0 allows XSS via an SVG document. |
| CVE-2020-14016 | 2020-06-24 | An issue was discovered in Navigate CMS 2.9 r1433. The forgot-password feature allows users to reset their passwords by using either their username or the email address associated with their... |
| CVE-2020-14017 | 2020-06-24 | An issue was discovered in Navigate CMS 2.9 r1433. Sessions, as well as associated information such as CSRF tokens, are stored in cleartext files in the directory /private/sessions. An unauthenticated... |
| CVE-2020-14018 | 2020-06-24 | An issue was discovered in Navigate CMS 2.9 r1433. There is a stored XSS vulnerability that is executed on the page to view users, and on the page to edit... |
| CVE-2020-13700 | 2020-06-24 | An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads... |
| CVE-2020-13484 | 2020-06-24 | Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in the services/main/ajax.php?action=attachUrlPreview url parameter, if the destination URL hosts an HTML document containing '<meta name="og:image" content="' followed by an... |
| CVE-2020-13483 | 2020-06-24 | The Web Application Firewall in Bitrix24 through 20.0.0 allows XSS via the items[ITEMS][ID] parameter to the components/bitrix/mobileapp.list/ajax.php/ URI. |
| CVE-2020-13443 | 2020-06-24 | ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low... |
| CVE-2020-14095 | 2020-06-24 | In Xiaomi router R3600, ROM version<1.0.20, a connect service suffers from an injection vulnerability through the web interface, leading to a stack overflow or remote code execution. |
| CVE-2020-9494 | 2020-06-24 | Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a... |
| CVE-2020-6870 | 2020-06-24 | The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An attacker could exploit the vulnerability to log in to the FTP server to tamper with... |
| CVE-2020-14094 | 2020-06-24 | In Xiaomi router R3600, ROM version<1.0.20, the connection service can be injected through the web interface, resulting in stack overflow or remote code execution. |
| CVE-2020-3969 | 2020-06-24 | VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device.... |
| CVE-2020-3962 | 2020-06-24 | VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device. A... |
| CVE-2020-11959 | 2020-06-24 | An unsafe configuration of nginx lead to information leak in Xiaomi router R3600 ROM before 1.0.50. |
| CVE-2020-11960 | 2020-06-24 | Xiaomi router R3600 ROM before 1.0.50 is affected by a vulnerability when checking backup file in c_upload interface let attacker able to extract malicious file under any location in /tmp,... |
| CVE-2020-11961 | 2020-06-24 | Xiaomi router R3600 ROM before 1.0.50 is affected by a sensitive information leakage caused by an insecure interface get_config_result without authentication |
| CVE-2020-10561 | 2020-06-24 | An issue was discovered on Xiaomi Mi Jia ink-jet printer < 3.4.6_0138. Injecting parameters to ippserver through the web management background, resulting in command execution vulnerabilities. |
| CVE-2020-14473 | 2020-06-24 | Stack-based buffer overflow vulnerability in Vigor3900, Vigor2960, and Vigor300B with firmware before 1.5.1.1. |
| CVE-2020-14472 | 2020-06-24 | On Draytek Vigor3900, Vigor2960, and Vigor 300B devices before 1.5.1.1, there are some command-injection vulnerabilities in the mainfunction.cgi file. |
| CVE-2020-15025 | 2020-06-24 | ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in... |
| CVE-2020-13248 | 2020-06-24 | BooleBox Secure File Sharing Utility before 4.2.3.0 allows stored XSS via a crafted avatar field within My Account JSON data to Account.aspx. |
| CVE-2020-15026 | 2020-06-24 | Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php. |
| CVE-2020-13247 | 2020-06-24 | BooleBox Secure File Sharing Utility before 4.2.3.0 allows CSV injection via a crafted user name that is mishandled during export from the activity logs in the Audit Area. |
| CVE-2020-15038 | 2020-06-24 | The SeedProd coming-soon plugin before 5.1.1 for WordPress allows XSS. |
| CVE-2020-5962 | 2020-06-24 | NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Panel component, in which an attacker with local system access can corrupt a system file, which... |
| CVE-2020-15041 | 2020-06-24 | PHP-Fusion 9.03.60 allows XSS via the administration/site_links.php Add Site Link field. |
| CVE-2020-15005 | 2020-06-24 | In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their... |
| CVE-2020-15046 | 2020-06-24 | The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to exploit a cgi/config_user.cgi CSRF issue to add new admin users. The fixed... |