CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In January 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2009-1120 Exec Code 2020-01-15 2020-01-24
10.0
None Remote Low Not required Complete Complete Complete
EMC RepliStor Server Service before ESA-09-003 has a DoASOCommand Remote Code Execution Vulnerability. The flaw exists within the DoRcvRpcCall RPC function -exposed via the rep_srv.exe process- where the vulnerability is caused by an error when the rep_srv.exe handles a specially crafted packet sent by an unauthenticated attacker.
2 CVE-2012-4284 1 Exec Code 2020-01-10 2020-01-22
10.0
None Remote Low Not required Complete Complete Complete
A Privilege Escalation vulnerability exists in Viscosity 1.4.1 on Mac OS X due to a path name validation issue in the setuid-set ViscosityHelper binary, which could let a remote malicious user execute arbitrary code
3 CVE-2012-5878 78 Exec Code 2020-01-03 2020-01-15
10.0
None Remote Low Not required Complete Complete Complete
Bulb Security Smartphone Pentest Framework (SPF) 0.1.2 through 0.1.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the hostingPath parameter to (1) SEAttack.pl or (2) CSAttack.pl in frameworkgui/ or the (3) appURLPath parameter to frameworkgui/attachMobileModem.pl.
4 CVE-2013-1592 120 1 Exec Code Overflow 2020-01-23 2020-01-31
10.0
None Remote Low Not required Complete Complete Complete
A Buffer Overflow vulnerability exists in the Message Server service _MsJ2EE_AddStatistics() function when sending specially crafted SAP Message Server packets to remote TCP ports 36NN and/or 39NN in SAP NetWeaver 2004s, 7.01 SR1, 7.02 SP06, and 7.30 SP04, which could let a remote malicious user execute arbitrary code.
5 CVE-2013-1599 78 1 Exec Code 2020-01-28 2021-04-27
10.0
None Remote Low Not required Complete Complete Complete
A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L 1.02, DCS-6410 1.00, DCS-7410 1.00, DCS-7510 1.00, and WCS-1100 1.02, which could let a remote malicious user execute arbitrary commands through the camera’s web interface.
6 CVE-2013-2060 78 Exec Code 2020-01-28 2020-01-30
10.0
None Remote Low Not required Complete Complete Complete
The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart.
7 CVE-2013-2568 78 Exec Code 2020-01-29 2020-02-01
10.0
None Remote Low Not required Complete Complete Complete
A Command Injection vulnerability exists in Zavio IP Cameras through 1.6.3 via the ap parameter to /cgi-bin/mft/wireless_mft.cgi, which could let a remote malicious user execute arbitrary code.
8 CVE-2013-2573 78 Exec Code 2020-01-29 2020-01-31
10.0
None Remote Low Not required Complete Complete Complete
A Command Injection vulnerability exists in the ap parameter to the /cgi-bin/mft/wireless_mft.cgi file in TP-Link IP Cameras TL-SC 3130, TL-SC 3130G, 3171G. and 4171G 1.6.18P12s, which could let a malicious user execute arbitrary code.
9 CVE-2013-2612 78 Exec Code 2020-01-27 2020-01-30
10.0
None Remote Low Not required Complete Complete Complete
Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI.
10 CVE-2013-3316 287 1 Bypass 2020-01-29 2020-02-01
10.0
None Remote Low Not required Complete Complete Complete
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass due to the server skipping checks for URLs containing a ".jpg".
11 CVE-2013-3317 287 1 Bypass 2020-01-29 2020-02-01
10.0
None Remote Low Not required Complete Complete Complete
Netgear WNR1000v3 with firmware before 1.0.2.60 contains an Authentication Bypass via the NtgrBak key.
12 CVE-2013-5122 287 2020-01-07 2020-01-09
10.0
None Remote Low Not required Complete Complete Complete
Cisco Linksys Routers EA2700, EA3500, E4200, EA4500: A bug can cause an unsafe TCP port to open which leads to unauthenticated access
13 CVE-2014-1598 787 Overflow 2020-01-08 2020-01-10
10.0
None Remote Low Not required Complete Complete Complete
centurystar 7.12 ActiveX Control has a Stack Buffer Overflow
14 CVE-2014-2650 78 2020-01-09 2020-01-17
10.0
None Remote Low Not required Complete Complete Complete
Unify OpenStage / OpenScape Desk Phone IP before V3 R3.11.0 SIP has an OS command injection vulnerability in the web based management interface
15 CVE-2014-2651 287 Bypass 2020-01-09 2020-01-21
10.0
None Remote Low Not required Complete Complete Complete
Unify OpenStage/OpenScape Desk Phone IP SIP before V3 R3.11.0 has an authentication bypass in the default mode of the Workpoint Interface
16 CVE-2014-5007 22 Dir. Trav. 2020-01-17 2020-01-29
10.0
None Remote Low Not required Complete Complete Complete
Directory traversal vulnerability in the agentLogUploader servlet in ZOHO ManageEngine Desktop Central (DC) and Desktop Central Managed Service Providers (MSP) edition before 9 build 90055 allows remote attackers to write to and execute arbitrary files as SYSTEM via a .. (dot dot) in the filename parameter.
17 CVE-2014-8516 434 Exec Code 2020-01-03 2020-01-15
10.0
None Remote Low Not required Complete Complete Complete
Unrestricted file upload vulnerability in Visual Mining NetCharts Server allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via unspecified vectors.
18 CVE-2014-8741 22 Dir. Trav. 2020-01-27 2020-01-29
10.0
None Remote Low Not required Complete Complete Complete
Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to write to arbitrary files via unspecified vectors.
19 CVE-2015-5952 22 Dir. Trav. 2020-01-15 2020-01-22
10.0
None Remote Low Not required Complete Complete Complete
Directory traversal vulnerability in Thomson Reuters for FATCA before 5.2 allows remote attackers to execute arbitrary files via the item parameter.
20 CVE-2015-7874 120 Exec Code Overflow 2020-01-15 2020-01-23
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the chat server in KiTTY Portable 0.65.0.2p and earlier allows remote attackers to execute arbitrary code via a long nickname.
21 CVE-2016-11017 78 Exec Code 2020-01-06 2020-01-14
10.0
None Remote Low Not required Complete Complete Complete
The application login page in AKIPS Network Monitor 15.37 through 16.5 allows a remote unauthenticated attacker to execute arbitrary OS commands via shell metacharacters in the username parameter (a failed login attempt returns the command-injection output to a limited login failure field). This is fixed in 16.6.
22 CVE-2019-9493 798 2020-01-15 2020-01-24
10.0
None Remote Low Not required Complete Complete Complete
The MyCar Controls of AutoMobility Distribution Inc., mobile application contains hard-coded admin credentials. A remote unauthenticated attacker may be able to send commands to and retrieve data from a target MyCar unit. This may allow the attacker to learn the location of a target, or gain unauthorized physical access to a vehicle. This issue affects AutoMobility MyCar versions prior to 3.4.24 on iOS and versions prior to 4.1.2 on Android. This issue has additionally been fixed in Carlink, Link, Visions MyCar, and MyCar Kia.
23 CVE-2019-10532 125 2020-01-21 2020-01-23
10.0
None Remote Low Not required Complete Complete Complete
Null-pointer dereference issue can occur while calculating string length when source string length is zero in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, Nicobar, QCS605, QM215, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR1130, SXR2130
24 CVE-2019-10581 416 2020-01-21 2020-01-23
10.0
None Remote Low Not required Complete Complete Complete
NULL is assigned to local instance of audio device pointer after free instead of global static pointer and can lead to use after free issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, MDM9206, MDM9207C, MDM9607, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8998, Nicobar, QCS605, Rennell, SA6155P, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDX24, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
25 CVE-2019-10611 129 Overflow 2020-01-21 2020-01-23
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow can occur while processing clip due to lack of check of object size before parsing in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, Nicobar, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR1130, SXR2130
26 CVE-2019-10780 78 2020-01-22 2020-01-30
10.0
None Remote Low Not required Complete Complete Complete
BibTeX-ruby before 5.1.0 allows shell command injection due to unsanitized user input being passed directly to the built-in Ruby Kernel.open method through BibTeX.open.
27 CVE-2019-14004 119 Overflow 2020-01-21 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow occurs while processing invalid MKV clip, which has invalid EBML size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
28 CVE-2019-14005 120 Overflow 2020-01-21 2020-01-23
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow occur while playing the clip which is nonstandard due to lack of check of size duration in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130
29 CVE-2019-14006 119 Overflow 2020-01-21 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow occur while playing the clip which is nonstandard due to lack of offset length check in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR2130
30 CVE-2019-14013 120 2020-01-21 2020-01-23
10.0
None Remote Low Not required Complete Complete Complete
While parsing invalid super index table, elements within super index table may exceed total chunk size and invalid data is read into the table in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, Nicobar, QCM2150, QCS405, QCS605, QM215, Rennell, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
31 CVE-2019-14014 120 Overflow 2020-01-21 2020-01-23
10.0
None Remote Low Not required Complete Complete Complete
Possible buffer overflow when byte array receives incorrect input from reading source as array is not null terminated in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Nicobar, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR2130
32 CVE-2019-14016 190 Overflow 2020-01-21 2020-01-23
10.0
None Remote Low Not required Complete Complete Complete
Integer overflow occurs while playing the clip which is nonstandard in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, Nicobar, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM632, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR1130, SXR2130
33 CVE-2019-14017 120 Overflow 2020-01-21 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
Heap buffer overflow can occur while parsing invalid MKV clip which is not standard and have invalid vorbis codec data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8064, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCS605, QM215, Rennell, SA6155P, SDA660, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
34 CVE-2019-15975 798 Bypass 2020-01-06 2020-02-06
10.0
None Remote Low Not required Complete Complete Complete
Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
35 CVE-2019-15976 798 Bypass 2020-01-06 2020-02-06
10.0
None Remote Low Not required Complete Complete Complete
Multiple vulnerabilities in the authentication mechanisms of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory.
36 CVE-2019-16273 Exec Code 2020-01-06 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
DTEN D5 and D7 before 1.3.4 devices allow unauthenticated root shell access through Android Debug Bridge (adb), leading to arbitrary code execution and system administration. Also, this provides a covert ability to capture screen data from the Zoom Client on Windows by executing commands on the Android OS.
37 CVE-2019-17095 78 Exec Code 2020-01-27 2020-02-01
10.0
None Remote Low Not required Complete Complete Complete
A command injection vulnerability has been discovered in the bootstrap stage of Bitdefender BOX 2, versions 2.1.47.42 and 2.1.53.45. The API method `/api/download_image` unsafely handles the production firmware URL supplied by remote servers, leading to arbitrary execution of system commands. In order to exploit the condition, an unauthenticated attacker should impersonate a infrastructure server to trigger this vulnerability.
38 CVE-2019-17146 306 Exec Code 2020-01-07 2021-10-29
10.0
None Remote Low Not required Complete Complete Complete
This vulnerability allows remote attackers to execute arbitrary code on affected installations of D-Link DCS-960L v1.07.102. Authentication is not required to exploit this vulnerability. The specific flaw exists within the HNAP service, which listens on TCP port 80 by default. When parsing the SOAPAction request header, the process does not properly validate the length of user-supplied data prior to copying it to a stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the admin user. Was ZDI-CAN-8458.
39 CVE-2019-19495 20 2020-01-08 2020-01-22
10.0
None Remote Low Not required Complete Complete Complete
The web interface on the Technicolor TC7230 STEB 01.25 is vulnerable to DNS rebinding, which allows a remote attacker to configure the cable modem via JavaScript in a victim's browser. The attacker can then configure the cable modem to port forward the modem's internal TELNET server, allowing external access to a root shell.
40 CVE-2019-19838 78 Exec Code 2020-01-23 2020-01-23
10.0
None Remote Low Not required Complete Complete Complete
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=get-platform-depends to admin/_cmdstat.jsp via the uploadFile attribute.
41 CVE-2019-19839 78 Exec Code 2020-01-23 2020-01-23
10.0
None Remote Low Not required Complete Complete Complete
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=import-category to admin/_cmdstat.jsp via the uploadFile attribute.
42 CVE-2019-19841 78 Exec Code 2020-01-22 2020-01-28
10.0
None Remote Low Not required Complete Complete Complete
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=packet-capture to admin/_cmdstat.jsp via the mac attribute.
43 CVE-2019-19842 78 Exec Code 2020-01-22 2020-01-27
10.0
None Remote Low Not required Complete Complete Complete
emfd in Ruckus Wireless Unleashed through 200.7.10.102.64 allows remote attackers to execute OS commands via a POST request with the attribute xcmd=spectra-analysis to admin/_cmdstat.jsp via the mac attribute.
44 CVE-2019-19897 78 Exec Code 2020-01-23 2020-01-31
10.0
None Remote Low Not required Complete Complete Complete
In IXP EasyInstall 6.2.13723, there is Remote Code Execution via the Agent Service. An unauthenticated attacker can communicate with the Agent Service over TCP port 20051, and execute code in the NT AUTHORITY\SYSTEM context of the target system by using the Execute Command Line function.
45 CVE-2019-20215 78 Exec Code 2020-01-29 2020-02-07
10.0
None Remote Low Not required Complete Complete Complete
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because HTTP_ST is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters.
46 CVE-2019-20216 78 Exec Code 2020-01-29 2020-01-31
10.0
None Remote Low Not required Complete Complete Complete
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because REMOTE_PORT is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters.
47 CVE-2019-20217 78 Exec Code 2020-01-29 2020-01-31
10.0
None Remote Low Not required Complete Complete Complete
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because SERVER_ID is mishandled. The value of the urn: service/device is checked with the strstr function, which allows an attacker to concatenate arbitrary commands separated by shell metacharacters.
48 CVE-2020-0609 20 Exec Code 2020-01-14 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0610.
49 CVE-2020-0610 20 Exec Code 2020-01-14 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
A remote code execution vulnerability exists in Windows Remote Desktop Gateway (RD Gateway) when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Windows Remote Desktop Gateway (RD Gateway) Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0609.
50 CVE-2020-0646 91 Exec Code 2020-01-14 2022-07-12
10.0
None Remote Low Not required Complete Complete Complete
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'.
Total number of vulnerabilities : 1656   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.