CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In May 2020 (CVSS score >= 4)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-13693 2020-05-29 2021-12-13
7.5
None Remote Low Not required Partial Partial Partial
An unauthenticated privilege-escalation issue exists in the bbPress plugin before 2.6.5 for WordPress when New User Registration is enabled.
2 CVE-2020-13649 476 2020-05-28 2021-07-21
5.0
None Remote Low Not required None None Partial
parser/js/js-scanner.c in JerryScript 2.2.0 mishandles errors during certain out-of-memory conditions, as demonstrated by a scanner_reverse_info_list NULL pointer dereference and a scanner_scan_all assertion failure.
3 CVE-2020-13645 295 2020-05-28 2021-06-22
6.4
None Remote Low Not required Partial Partial None
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate verification. Applications that fail to provide the server identity, including Balsa before 2.5.11 and 2.6.x before 2.6.1, accept a TLS certificate if the certificate is valid for any host.
4 CVE-2020-13643 352 2020-05-28 2020-05-28
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The live editor feature did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The live_editor_panels_data $_POST variable allows for malicious JavaScript to be executed in the victim's browser.
5 CVE-2020-13642 352 2020-05-28 2020-05-28
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The action_builder_content function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The panels_data $_POST variable allows for malicious JavaScript to be executed in the victim's browser.
6 CVE-2020-13641 352 2020-05-28 2020-05-28
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress. The far_options_page function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The find and replace rules could be updated with malicious JavaScript, allowing for that be executed later in the victims browser.
7 CVE-2020-13634 20 DoS 2020-05-29 2020-05-29
6.1
None Local Low Not required Partial Partial Complete
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xF1002558
8 CVE-2020-13633 79 XSS 2020-05-27 2020-05-27
4.3
None Remote Medium Not required None Partial None
Fork before 5.8.3 allows XSS via navigation_title or title.
9 CVE-2020-13630 416 2020-05-27 2022-05-13
4.4
None Local Medium Not required Partial Partial Partial
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
10 CVE-2020-13628 79 XSS 2020-05-27 2020-05-28
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to host-monitoring/src/toolbar.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget.
11 CVE-2020-13627 79 XSS 2020-05-27 2020-05-28
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the widgetId parameter to service-monitoring/src/index.php. This vulnerability is fixed in versions 1.6.4, 18.10.3, 19.04.3, and 19.0.1 of the Centreon host-monitoring widget; 1.6.4, 18.10.5, 19.04.3, 19.10.2 of the Centreon service-monitoring widget; and 1.0.3, 18.10.1, 19.04.1, 19.10.1 of the Centreon tactical-overview widget.
12 CVE-2020-13623 400 DoS 2020-05-27 2020-05-27
5.0
None Remote Low Not required None None Partial
JerryScript 2.2.0 allows attackers to cause a denial of service (stack consumption) via a proxy operation.
13 CVE-2020-13622 617 DoS 2020-05-27 2020-05-27
5.0
None Remote Low Not required None None Partial
JerryScript 2.2.0 allows attackers to cause a denial of service (assertion failure) because a property key query for a Proxy object returns unintended data.
14 CVE-2020-13616 295 2020-05-26 2020-05-29
4.3
None Remote Medium Not required Partial None None
The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification.
15 CVE-2020-13615 295 2020-05-26 2020-05-28
4.3
None Remote Medium Not required Partial None None
lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification for X.509 certificates.
16 CVE-2020-13614 295 2020-05-26 2021-05-05
4.3
None Remote Medium Not required Partial None None
An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification.
17 CVE-2020-13486 601 2020-05-25 2020-05-26
5.8
None Remote Medium Not required Partial Partial None
The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection.
18 CVE-2020-13485 697 Bypass 2020-05-25 2020-05-26
6.4
None Remote Low Not required Partial Partial None
The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header.
19 CVE-2020-13482 295 2020-05-25 2021-02-24
5.8
None Remote Medium Not required Partial Partial None
EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified.
20 CVE-2020-13458 352 CSRF 2020-05-25 2020-05-27
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action.
21 CVE-2020-13442 434 Exec Code 2020-05-25 2020-05-27
7.5
None Remote Low Not required Partial Partial Partial
A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext5uploadeddata/.
22 CVE-2020-13440 787 2020-05-24 2020-05-27
4.3
None Remote Medium Not required None None Partial
ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c.
23 CVE-2020-13439 125 2020-05-24 2020-05-27
4.3
None Remote Medium Not required None None Partial
ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c.
24 CVE-2020-13438 125 2020-05-24 2020-05-27
4.3
None Remote Medium Not required None None Partial
ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c.
25 CVE-2020-13433 89 Sql 2020-05-24 2020-05-27
7.5
None Remote Low Not required Partial Partial Partial
Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php hidden parameter.
26 CVE-2020-13430 79 XSS 2020-05-24 2020-05-28
4.3
None Remote Medium Not required None Partial None
Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource.
27 CVE-2020-13425 862 DoS 2020-05-23 2020-05-26
6.8
None Local Network Low Not required None Partial Complete
TrackR devices through 2020-05-06 allow attackers to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted.
28 CVE-2020-13424 200 +Info 2020-05-23 2021-07-21
4.0
None Remote Low ??? Partial None None
The XCloner component before 3.5.4 for Joomla! allows Authenticated Local File Disclosure.
29 CVE-2020-13417 2020-05-22 2021-09-16
7.5
None Remote Low Not required Partial Partial Partial
An Elevation of Privilege issue was discovered in Aviatrix VPN Client before 2.10.7, because of an incomplete fix for CVE-2020-7224. This affects Linux, macOS, and Windows installations for certain OpenSSL parameters.
30 CVE-2020-13416 352 CSRF 2020-05-22 2020-05-26
4.3
None Remote Medium Not required None Partial None
An issue was discovered in Aviatrix Controller before 5.4.1066. A Controller Web Interface session token parameter is not required on an API call, which opens the application up to a Cross Site Request Forgery (CSRF) vulnerability for password resets.
31 CVE-2020-13415 347 2020-05-22 2020-05-26
5.0
None Remote Low Not required None Partial None
An issue was discovered in Aviatrix Controller through 5.1. An attacker with any signed SAML assertion from the Identity Provider can establish a connection (even if that SAML assertion has expired or is from a user who is not authorized to access Aviatrix), aka XML Signature Wrapping.
32 CVE-2020-13414 798 2020-05-22 2021-12-01
5.0
None Remote Low Not required Partial None None
An issue was discovered in Aviatrix Controller before 5.4.1204. It contains credentials unused by the software.
33 CVE-2020-13413 203 2020-05-22 2021-12-01
5.0
None Remote Low Not required Partial None None
An issue was discovered in Aviatrix Controller before 5.4.1204. There is a Observable Response Discrepancy from the API, which makes it easier to perform user enumeration via brute force.
34 CVE-2020-13412 352 CSRF 2020-05-22 2020-05-26
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Aviatrix Controller before 5.4.1204. An API call on the web interface lacked a session token check to control access, leading to CSRF.
35 CVE-2020-13398 787 2020-05-22 2020-11-09
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) write vulnerability has been detected in crypto_rsa_common in libfreerdp/crypto/crypto.c.
36 CVE-2020-13396 125 2020-05-22 2020-11-09
5.5
None Remote Low ??? Partial None Partial
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in ntlm_read_ChallengeMessage in winpr/libwinpr/sspi/NTLM/ntlm_message.c.
37 CVE-2020-13394 120 Exec Code Overflow 2020-05-22 2020-05-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetNetControlList list parameter for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.
38 CVE-2020-13393 120 Exec Code Overflow 2020-05-22 2020-05-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/saveParentControlInfo deviceId and time parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.
39 CVE-2020-13392 120 Exec Code Overflow 2020-05-22 2020-05-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/setcfm funcpara1 parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.
40 CVE-2020-13391 120 Exec Code Overflow 2020-05-22 2020-05-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetSpeedWan speed_dir parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.
41 CVE-2020-13390 120 Exec Code Overflow 2020-05-22 2020-05-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/addressNat entrys and mitInterface parameters for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.
42 CVE-2020-13389 120 Exec Code Overflow 2020-05-22 2020-05-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/openSchedWifi schedStartTime and schedEndTime parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks.
43 CVE-2020-13388 78 Exec Code 2020-05-22 2020-05-28
7.5
None Remote Low Not required Partial Partial Partial
An exploitable vulnerability exists in the configuration-loading functionality of the jw.util package before 2.3 for Python. When loading a configuration with FromString or FromStream with YAML, one can execute arbitrary Python code, resulting in OS command execution, because safe_load is not used.
44 CVE-2020-13386 732 2020-05-27 2020-06-01
4.4
None Local Medium Not required Partial Partial Partial
In SmartDraw 2020 27.0.0.0, the installer gives inherited write permissions to the Authenticated Users group on the SmartDraw 2020 installation folder. Additionally, when the product is installed, two scheduled tasks are created on the machine, SDMsgUpdate (Local) and SDMsgUpdate (TE). The scheduled tasks run in the context of the user who installed the product. Both scheduled tasks attempt to run the same binary, C:\SmartDraw 2020\Messages\SDNotify.exe. The folder Messages doesn't exist by default and (by extension) neither does SDNotify.exe. Due to the weak folder permissions, these can be created by any user. A malicious actor can therefore create a malicious SDNotify.exe binary, and have it automatically run, whenever the user who installed the product logs on to the machine. The malicious SDNotify.exe could, for example, create a new local administrator account on the machine.
45 CVE-2020-13384 434 Exec Code 2020-05-22 2020-05-26
6.5
None Remote Low ??? Partial Partial Partial
Monstra CMS 3.0.4 allows remote authenticated users to upload and execute arbitrary PHP code via admin/index.php?id=filesmanager because, for example, .php filenames are blocked but .php7 filenames are not, a related issue to CVE-2017-18048.
46 CVE-2020-13258 79 XSS 2020-05-21 2020-05-21
4.3
None Remote Medium Not required None Partial None
Contentful through 2020-05-21 for Python allows reflected XSS, as demonstrated by the api parameter to the-example-app.py.
47 CVE-2020-13252 78 Exec Code 2020-05-21 2020-05-21
9.0
None Remote Low ??? Complete Complete Complete
Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page.
48 CVE-2020-13249 2020-05-20 2020-11-11
6.8
None Remote Medium Not required Partial Partial Partial
libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadb_lib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle.
49 CVE-2020-13246 667 2020-05-20 2020-05-21
5.0
None Remote Low Not required None None Partial
An issue was discovered in Gitea through 1.11.5. An attacker can trigger a deadlock by initiating a transfer of a repository's ownership from one organization to another.
50 CVE-2020-13245 295 2020-05-28 2020-05-29
4.3
None Remote Medium Not required None Partial None
Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10, and possibly R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500, and R7000P.
Total number of vulnerabilities : 865   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.