CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In March 2020 (CVSS score >= 5)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-11414 22 Dir. Trav. 2020-03-31 2020-04-02
5.0
None Remote Low Not required None Partial None
An issue was discovered in Progress Telerik UI for Silverlight before 2020.1.330. The RadUploadHandler class in RadUpload for Silverlight expects a web request that provides the file location of the uploading file along with a few other parameters. The uploading file location should be inside the directory where the upload handler class is defined. Before 2020.1.330, a crafted web request could result in uploads to arbitrary locations.
2 CVE-2020-11113 502 2020-03-31 2021-12-10
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).
3 CVE-2020-11112 502 2020-03-31 2021-12-10
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).
4 CVE-2020-11111 502 2020-03-31 2021-12-10
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).
5 CVE-2020-11105 763 2020-03-30 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::shared_ptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::shared_ptr variable goes out of scope and is freed, and a new std::shared_ptr is allocated at the same address. Serialization fidelity thereby becomes dependent upon memory layout. In short, serialized std::shared_ptr variables cannot always be expected to serialize back into their original values. This can have any number of consequences, depending on the context within which this manifests.
6 CVE-2020-11104 119 Overflow +Info 2020-03-30 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered in USC iLab cereal through 1.3.0. Serialization of an (initialized) C/C++ long double variable into a BinaryArchive or PortableBinaryArchive leaks several bytes of stack or heap memory, from which sensitive information (such as memory layout or private keys) can be gleaned if the archive is distributed outside of a trusted context.
7 CVE-2020-10993 611 2020-03-27 2020-03-31
6.4
None Remote Low Not required Partial None Partial
Osmand through 2.0.0 allow XXE because of binary/BinaryMapIndexReader.java.
8 CVE-2020-10992 611 2020-03-27 2020-03-31
7.5
None Remote Low Not required Partial Partial Partial
Azkaban through 3.84.0 allows XXE, related to validator/XmlValidatorManager.java and user/XmlUserManager.java.
9 CVE-2020-10991 611 2020-03-27 2020-03-31
7.5
None Remote Low Not required Partial Partial Partial
Mulesoft APIkit through 1.3.0 allows XXE because of validation/RestXmlSchemaValidator.java
10 CVE-2020-10990 611 2020-03-27 2020-03-31
7.5
None Remote Low Not required Partial Partial Partial
An XXE issue exists in Accenture Mercury before 1.12.28 because of the platformlambda/core/serializers/SimpleXmlParser.java component.
11 CVE-2020-10969 502 2020-03-26 2021-12-07
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.
12 CVE-2020-10968 502 2020-03-26 2021-12-07
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).
13 CVE-2020-10965 522 2020-03-25 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password resets via login/resetadminpassword of the default admin account. This vulnerability only exists when the default admin account is not disabled. It is fixed in 20.01.1 and 19.11.2.
14 CVE-2020-10964 434 Exec Code 2020-03-25 2020-03-27
7.5
None Remote Low Not required Partial Partial Partial
Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.
15 CVE-2020-10963 434 Exec Code 2020-03-25 2020-11-28
6.5
None Remote Low ??? Partial Partial Partial
FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload (and consequently Remote Code Execution) via admin/tips_image/image/file_upload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued.
16 CVE-2020-10956 918 2020-03-27 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
GitLab 8.10 and later through 12.9 is vulnerable to an SSRF in a project import note feature.
17 CVE-2020-10954 400 2020-03-27 2020-03-31
5.0
None Remote Low Not required None None Partial
GitLab through 12.9 is affected by a potential DoS in repository archive download.
18 CVE-2020-10953 22 Dir. Trav. 2020-03-27 2020-03-31
5.0
None Remote Low Not required Partial None None
In GitLab EE 11.7 through 12.9, the NPM feature is vulnerable to a path traversal issue.
19 CVE-2020-10952 863 2020-03-27 2021-07-21
5.8
None Remote Medium Not required Partial Partial None
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.
20 CVE-2020-10942 787 2020-03-24 2022-04-22
5.4
None Local Medium Not required None Partial Complete
In the Linux kernel before 5.5.8, get_raw_socket in drivers/vhost/net.c lacks validation of an sk_family field, which might allow attackers to trigger kernel stack corruption via crafted system calls.
21 CVE-2020-10938 787 Overflow 2020-03-24 2022-01-01
7.5
None Remote Low Not required Partial Partial Partial
GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.
22 CVE-2020-10934 434 2020-03-24 2020-04-07
6.5
None Remote Low ??? Partial Partial Partial
Acyba AcyMailing before 6.9.2 mishandles file uploads by admins.
23 CVE-2020-10931 120 DoS 2020-03-24 2020-03-27
5.0
None Remote Low Not required None None Partial
Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c.
24 CVE-2020-10888 287 Bypass 2020-03-25 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
This vulnerability allows remote attackers to bypass authentication on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SSH port forwarding requests during initial setup. The issue results from the lack of proper authentication prior to establishing SSH port forwarding rules. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the WAN interface. Was ZDI-CAN-9664.
25 CVE-2020-10887 Exec Code Bypass 2020-03-25 2021-10-26
7.5
None Remote Low Not required Partial Partial Partial
This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IPv6 connections. The issue results from the lack of proper filtering of IPv6 SSH connections. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-9663.
26 CVE-2020-10886 78 Exec Code 2020-03-25 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tmpServer service, which listens on TCP port 20002. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9662.
27 CVE-2020-10885 20 Exec Code 2020-03-25 2020-03-31
7.5
None Remote Low Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. The issue results from the lack of proper validation of DNS reponses prior to further processing. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the root user. Was ZDI-CAN-9661.
28 CVE-2020-10884 798 Exec Code 2020-03-25 2020-04-15
5.8
None Local Network Low Not required Partial Partial Partial
This vulnerability allows network-adjacent attackers execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP port 20002 by default. This issue results from the use of hard-coded encryption key. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-9652.
29 CVE-2020-10882 78 Exec Code 2020-03-25 2020-04-15
8.3
None Local Network Low Not required Complete Complete Complete
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP port 20002 by default. When parsing the slave_mac parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-9650.
30 CVE-2020-10881 787 Exec Code Overflow 2020-03-25 2020-03-31
10.0
None Remote Low Not required Complete Complete Complete
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted DNS message can trigger an overflow of a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-9660.
31 CVE-2020-10879 74 2020-03-23 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped.
32 CVE-2020-10875 22 Dir. Trav. 2020-03-23 2020-03-25
5.0
None Remote Low Not required Partial None None
Motorola FX9500 devices allow remote attackers to conduct absolute path traversal attacks, as demonstrated by PL/SQL Server Pages files such as /include/viewtagdb.psp.
33 CVE-2020-10874 200 +Info 2020-03-23 2021-07-21
5.0
None Remote Low Not required Partial None None
Motorola FX9500 devices allow remote attackers to read database files.
34 CVE-2020-10871 200 +Info 2020-03-23 2020-03-30
5.0
None Remote Low Not required Partial None None
** DISPUTED ** In OpenWrt LuCI git-20.x, remote unauthenticated attackers can retrieve the list of installed packages and services. NOTE: the vendor disputes the significance of this report because, for instances reachable by an unauthenticated actor, the same information is available in other (more complex) ways, and there is no plan to restrict the information further.
35 CVE-2020-10854 200 +Info 2020-03-24 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Kernel stack addresses are leaked to userspace. The Samsung ID is SVE-2019-16161 (January 2020).
36 CVE-2020-10853 200 +Info 2020-03-24 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with P(9.0) software. Gallery leaks cached data. The Samsung IDs are SVE-2019-16010, SVE-2019-16011, SVE-2019-16012 (January 2020).
37 CVE-2020-10850 120 Exec Code Overflow 2020-03-24 2020-03-26
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 (January 2020).
38 CVE-2020-10849 307 2020-03-24 2020-03-26
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos7885, Exynos8895, and Exynos9810 chipsets) software. The Gatekeeper trustlet allows a brute-force attack on the screen lock password. The Samsung ID is SVE-2019-14575 (January 2020).
39 CVE-2020-10848 119 Overflow 2020-03-24 2020-03-27
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos 9810 chipsets) software. Arbitrary memory mapping exists in TEE. The Samsung ID is SVE-2019-16665 (February 2020).
40 CVE-2020-10844 125 2020-03-24 2020-03-25
6.4
None Remote Low Not required Partial None Partial
An issue was discovered on Samsung mobile devices with O(8.x), P(9.x), and Q(10.0) software. There is an out-of-bounds read vulnerability in media.audio_policy. The Samsung ID is SVE-2019-16333 (February 2020).
41 CVE-2020-10837 119 Exec Code Overflow 2020-03-24 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. The Esecomm Trustlet allows a stack overflow and arbitrary code execution. The Samsung ID is SVE-2019-15984 (February 2020).
42 CVE-2020-10836 119 Overflow 2020-03-24 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The Widevine Trustlet allows read and write operations on arbitrary memory locations. The Samsung ID is SVE-2019-15873 (February 2020).
43 CVE-2020-10835 120 Overflow 2020-03-24 2020-03-26
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 (February 2020).
44 CVE-2020-10834 200 +Info 2020-03-24 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with P(9.0) software. Attackers can view notifications on the lock screen via Routines. The Samsung ID is SVE-2019-15074 (February 2020).
45 CVE-2020-10833 287 2020-03-24 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with Q(10.0) software. The DeX Lockscreen allows attackers to access the quick panel and notifications. The Samsung ID is SVE-2019-16532 (March 2020).
46 CVE-2020-10831 345 2020-03-24 2020-03-26
5.0
None Remote Low Not required None Partial None
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. Attackers can trigger an update to arbitrary touch-screen firmware. The Samsung ID is SVE-2019-16013 (March 2020).
47 CVE-2020-10828 787 Exec Code Overflow 2020-03-26 2020-06-23
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.
48 CVE-2020-10827 787 Exec Code Overflow 2020-03-26 2020-06-23
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in apmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.
49 CVE-2020-10826 77 2020-03-26 2022-04-22
10.0
None Remote Low Not required Complete Complete Complete
/cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve command injection via a remote HTTP request in DEBUG mode.
50 CVE-2020-10825 787 Exec Code Overflow 2020-03-26 2020-06-23
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in /cgi-bin/activate.cgi while base64 decoding ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 3 of 3).
Total number of vulnerabilities : 1034   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.