CVE List - 2020 / July
Showing 1 - 100 of 1417 CVEs for July 2020 (Page 1 of 15)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-5902 | 2020-07-01 | In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the... |
| CVE-2019-20408 | 2020-07-01 | The /plugins/servlet/gadgets/makeRequest resource in Jira before version 8.7.0 allows remote... |
| CVE-2020-14164 | 2020-07-01 | The WYSIWYG editor resource in Jira Server and Data Center... |
| CVE-2020-14165 | 2020-07-01 | The UniversalAvatarResource.getAvatars resource in Jira Server and Data Center before... |
| CVE-2020-14166 | 2020-07-01 | The /servicedesk/customer/portals resource in Jira Service Desk Server and Data... |
| CVE-2020-14167 | 2020-07-01 | The MessageBundleResource resource in Jira Server and Data Center before... |
| CVE-2020-14168 | 2020-07-01 | The email client in Jira Server and Data Center before... |
| CVE-2020-14169 | 2020-07-01 | The quick search component in Atlassian Jira Server and Data... |
| CVE-2020-4022 | 2020-07-01 | The attachment download resource in Atlassian Jira Server and Data... |
| CVE-2020-4024 | 2020-07-01 | The attachment download resource in Atlassian Jira Server and Data... |
| CVE-2020-4025 | 2020-07-01 | The attachment download resource in Atlassian Jira Server and Data... |
| CVE-2020-4027 | 2020-07-01 | Affected versions of Atlassian Confluence Server and Data Center allowed... |
| CVE-2020-4029 | 2020-07-01 | The /rest/project-templates/1.0/createshared resource in Atlassian Jira Server and Data Center... |
| CVE-2020-15468 | 2020-07-01 | Persian VIP Download Script 1.0 allows SQL Injection via the... |
| CVE-2020-15470 | 2020-07-01 | ffjpeg through 2020-02-24 has a heap-based buffer overflow in jfif_decode... |
| CVE-2020-15476 | 2020-07-01 | In nDPI through 3.2, the Oracle protocol dissector has a... |
| CVE-2020-15475 | 2020-07-01 | In nDPI through 3.2, ndpi_reset_packet_line_info in lib/ndpi_main.c omits certain reinitialization,... |
| CVE-2020-15474 | 2020-07-01 | In nDPI through 3.2, there is a stack overflow in... |
| CVE-2020-15473 | 2020-07-01 | In nDPI through 3.2, the OpenVPN dissector is vulnerable to... |
| CVE-2020-15472 | 2020-07-01 | In nDPI through 3.2, the H.323 dissector is vulnerable to... |
| CVE-2020-15471 | 2020-07-01 | In nDPI through 3.2, the packet parsing code is vulnerable... |
| CVE-2020-15478 | 2020-07-01 | The Journal theme before 3.1.0 for OpenCart allows exposure of... |
| CVE-2020-6261 | 2020-07-01 | SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker... |
| CVE-2017-1659 | 2020-07-01 | "HCL iNotes is susceptible to a Cross-Site Scripting (XSS) Vulnerability.... |
| CVE-2017-1712 | 2020-07-01 | "A vulnerability in the TLS protocol implementation of the Domino... |
| CVE-2020-12603 | 2020-07-01 | Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive... |
| CVE-2020-7689 | 2020-07-01 | Insecure Encryption |
| CVE-2020-5900 | 2020-07-01 | In versions 3.0.0-3.4.0, 2.0.0-2.9.0, and 1.0.1, there is insufficient cross-site... |
| CVE-2020-5899 | 2020-07-01 | In NGINX Controller 3.0.0-3.4.0, recovery code required to change a... |
| CVE-2020-5901 | 2020-07-01 | In NGINX Controller 3.3.0-3.4.0, undisclosed API endpoints may allow for... |
| CVE-2020-13380 | 2020-07-01 | openSIS before 7.4 allows SQL Injection. |
| CVE-2020-13381 | 2020-07-01 | openSIS through 7.4 allows SQL Injection. |
| CVE-2020-8663 | 2020-07-01 | Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may exhaust file... |
| CVE-2020-13382 | 2020-07-01 | openSIS through 7.4 has Incorrect Access Control. |
| CVE-2020-13383 | 2020-07-01 | openSIS through 7.4 allows Directory Traversal. |
| CVE-2020-12604 | 2020-07-01 | Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier is susceptible to... |
| CVE-2019-4676 | 2020-07-01 | IBM Security Identity Manager Virtual Appliance 7.0.2 stores user credentials... |
| CVE-2019-4704 | 2020-07-01 | IBM Security Identity Manager Virtual Appliance 7.0.2 does not set... |
| CVE-2019-4705 | 2020-07-01 | IBM Security Identity Manager Virtual Appliance 7.0.2 discloses sensitive information... |
| CVE-2019-4706 | 2020-07-01 | IBM Security Identity Manager Virtual Appliance 7.0.2 writes information to... |
| CVE-2020-4355 | 2020-07-01 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect... |
| CVE-2020-4363 | 2020-07-01 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect... |
| CVE-2020-4376 | 2020-07-01 | IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop... |
| CVE-2020-4386 | 2020-07-01 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect... |
| CVE-2020-4387 | 2020-07-01 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect... |
| CVE-2020-4414 | 2020-07-01 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect... |
| CVE-2020-4420 | 2020-07-01 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect... |
| CVE-2020-5906 | 2020-07-01 | In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, the BIG-IP system does... |
| CVE-2020-12605 | 2020-07-01 | Envoy version 1.14.2, 1.13.2, 1.12.4 or earlier may consume excessive... |
| CVE-2020-5908 | 2020-07-01 | In versions bundled with BIG-IP APM 12.1.0-12.1.5 and 11.6.1-11.6.5.2, Edge... |
| CVE-2020-5904 | 2020-07-01 | In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a cross-site request... |
| CVE-2020-5905 | 2020-07-01 | In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network... |
| CVE-2020-5903 | 2020-07-01 | In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a Cross-Site Scripting... |
| CVE-2020-5907 | 2020-07-01 | In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, an... |
| CVE-2020-6089 | 2020-07-01 | An exploitable code execution vulnerability exists in the ANI file... |
| CVE-2020-12497 | 2020-07-01 | Phoenix Contact Automation Worx <= 1.87: stack-based overflow |
| CVE-2020-12498 | 2020-07-01 | Phoenix Contact Automation Worx <= 1.87: out-of-bounds read remote code execution |
| CVE-2020-2500 | 2020-07-01 | This improper access control vulnerability in Helpdesk allows attackers to... |
| CVE-2020-14056 | 2020-07-01 | Monsta FTP 2.10.1 or below is prone to a server-side... |
| CVE-2020-14055 | 2020-07-01 | Monsta FTP 2.10.1 or below is prone to a stored... |
| CVE-2020-14057 | 2020-07-01 | Monsta FTP 2.10.1 or below allows external control of paths... |
| CVE-2020-7688 | 2020-07-01 | Command Injection |
| CVE-2020-13619 | 2020-07-01 | php/exec/escapeshellarg in Locutus PHP through 2.0.11 allows an attacker to... |
| CVE-2020-14196 | 2020-07-01 | In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2... |
| CVE-2019-15310 | 2020-07-01 | An issue was discovered on various devices via the Linkplay... |
| CVE-2019-15311 | 2020-07-01 | An issue was discovered on Zolo Halo devices via the... |
| CVE-2019-15312 | 2020-07-01 | An issue was discovered on Zolo Halo devices via the... |
| CVE-2020-15490 | 2020-07-01 | An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple... |
| CVE-2020-15489 | 2020-07-01 | An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple... |
| CVE-2020-15500 | 2020-07-01 | An issue was discovered in server.js in TileServer GL through... |
| CVE-2020-5238 | 2020-07-01 | Denial of service in table parsing in cmark-gfm |
| CVE-2020-15503 | 2020-07-02 | LibRaw before 0.20-RC1 lacks a thumbnail size range check. This... |
| CVE-2020-8161 | 2020-07-02 | A directory traversal vulnerability exists in rack < 2.2.0 that... |
| CVE-2020-3297 | 2020-07-02 | Cisco Small Business Smart and Managed Switches Session Management Vulnerability |
| CVE-2020-3340 | 2020-07-02 | Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities |
| CVE-2020-3391 | 2020-07-02 | Cisco Digital Network Architecture Center Information Disclosure Vulnerability |
| CVE-2020-3402 | 2020-07-02 | Cisco Unified Customer Voice Portal Information Disclosure Vulnerability |
| CVE-2020-15502 | 2020-07-02 | The DuckDuckGo application through 5.58.0 for Android, and through 7.47.1.0... |
| CVE-2020-5911 | 2020-07-02 | In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer... |
| CVE-2020-5910 | 2020-07-02 | In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport... |
| CVE-2020-5909 | 2020-07-02 | In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the... |
| CVE-2020-9497 | 2020-07-02 | Apache Guacamole 1.1.0 and older do not properly validate datareceived... |
| CVE-2020-9498 | 2020-07-02 | Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing... |
| CVE-2020-7821 | 2020-07-02 | Tobesoft NEXACRO14/17 ExCommonApiV13 Arbitrary Code Execution Vulnerability |
| CVE-2020-7820 | 2020-07-02 | Tobesoft NEXACRO14/17 ExCommonApiV13 Arbitrary Code Execution Vulnerability |
| CVE-2020-3282 | 2020-07-02 | Cisco Unified Communications Products Cross-Site Scripting Vulnerability |
| CVE-2020-12119 | 2020-07-02 | Ledger Live before 2.7.0 does not handle Bitcoin's Replace-By-Fee (RBF).... |
| CVE-2020-2201 | 2020-07-02 | Jenkins Sonargraph Integration Plugin 3.0.0 and earlier does not escape... |
| CVE-2020-2202 | 2020-07-02 | A missing permission check in Jenkins Fortify on Demand Plugin... |
| CVE-2020-2203 | 2020-07-02 | A cross-site request forgery vulnerability in Jenkins Fortify on Demand... |
| CVE-2020-2204 | 2020-07-02 | A missing permission check in Jenkins Fortify on Demand Plugin... |
| CVE-2020-2205 | 2020-07-02 | Jenkins VncRecorder Plugin 1.25 and earlier does not escape a... |
| CVE-2020-2206 | 2020-07-02 | Jenkins VncRecorder Plugin 1.25 and earlier does not escape a... |
| CVE-2020-2207 | 2020-07-02 | Jenkins VncViewer Plugin 1.7 and earlier does not escape a... |
| CVE-2020-2208 | 2020-07-02 | Jenkins Slack Upload Plugin 1.7 and earlier stores a secret... |
| CVE-2020-2209 | 2020-07-02 | Jenkins TestComplete support Plugin 2.4.1 and earlier stores a password... |
| CVE-2020-2210 | 2020-07-02 | Jenkins Stash Branch Parameter Plugin 0.3.0 and earlier transmits configured... |
| CVE-2020-2211 | 2020-07-02 | Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin 1.3 and earlier does... |
| CVE-2020-2212 | 2020-07-02 | Jenkins GitHub Coverage Reporter Plugin 1.8 and earlier stores secrets... |
| CVE-2020-2213 | 2020-07-02 | Jenkins White Source Plugin 19.1.1 and earlier stores credentials unencrypted... |