CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2020 (CVSS score >= 5)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-26163 2020-09-30 2020-10-15
6.8
None Remote Medium Not required Partial Partial Partial
BigBlueButton Greenlight before 2.5.6 allows HTTP header (Host and Origin) attacks, which can result in Account Takeover if a victim follows a spoofed password-reset link.
2 CVE-2020-26160 862 Bypass 2020-09-30 2021-07-21
5.0
None Remote Low Not required Partial None None
jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrictions in situations with []string{} for m["aud"] (which is allowed by the specification). Because the type assertion fails, "" is the value of aud. This is a security problem if the JWT token is presented to a service that lacks its own audience check.
3 CVE-2020-26158 79 Exec Code XSS 2020-09-30 2020-10-05
6.8
None Remote Medium Not required Partial Partial Partial
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled when the batch feature is triggered. This leads to remote code execution because of Node integration.
4 CVE-2020-26157 79 Exec Code XSS 2020-09-30 2020-10-05
6.8
None Remote Medium Not required Partial Partial Partial
Leanote Desktop through 2.6.2 allows XSS because a note's title is mishandled during syncing. This leads to remote code execution because of Node integration.
5 CVE-2020-26154 120 Overflow 2020-09-30 2020-11-29
6.8
None Remote Medium Not required Partial Partial Partial
url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header.
6 CVE-2020-26150 200 +Info 2020-09-30 2021-07-21
5.0
None Remote Low Not required Partial None None
info.php in Logaritmo Aware CallManager 2012 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function.
7 CVE-2020-26149 522 2020-09-30 2020-10-09
5.0
None Remote Low Not required Partial None None
NATS nats.js before 2.0.0-209, nats.ws before 1.0.0-111, and nats.deno before 1.0.0-9 allow credential disclosure from a client to a server.
8 CVE-2020-26148 908 DoS 2020-09-30 2020-10-09
5.0
None Remote Low Not required None None Partial
md_push_block_bytes in md4c.c in md4c 0.4.5 allows attackers to trigger use of uninitialized memory, and cause a denial of service (e.g., assertion failure) via a malformed Markdown document.
9 CVE-2020-26137 74 2020-09-30 2021-12-07
6.4
None Remote Low Not required Partial Partial None
urllib3 before 1.25.9 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of putrequest(). NOTE: this is similar to CVE-2020-26116.
10 CVE-2020-26121 863 2020-09-27 2022-01-06
5.0
None Remote Low Not required None Partial None
An issue was discovered in the FileImporter extension for MediaWiki before 1.34.4. An attacker can import a file even when the target page is protected against "page creation" and the attacker should not be able to create it. This occurs because of a mishandled distinction between an upload restriction and a create restriction. An attacker cannot leverage this to overwrite anything, but can leverage this to force a wiki to have a page with a disallowed title.
11 CVE-2020-26117 295 2020-09-27 2020-11-06
5.8
None Remote Medium Not required Partial Partial None
In rfb/CSecurityTLS.cxx and rfb/CSecurityTLS.java in TigerVNC before 1.11.0, viewers mishandle TLS certificate exceptions. They store the certificates as authorities, meaning that the owner of a certificate could impersonate any server after a client had added an exception.
12 CVE-2020-26116 116 2020-09-27 2021-12-07
6.4
None Remote Low Not required Partial Partial None
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request.
13 CVE-2020-26112 2020-09-25 2020-09-29
5.0
None Remote Low Not required None Partial None
The email quota cache in cPanel before 90.0.10 allows overwriting of files.
14 CVE-2020-26109 Bypass 2020-09-25 2020-09-29
5.0
None Remote Low Not required None Partial None
cPanel before 88.0.13 allows bypass of a protection mechanism that attempted to restrict package modification (SEC-557).
15 CVE-2020-26108 Exec Code 2020-09-25 2020-09-29
7.5
None Remote Low Not required Partial Partial Partial
cPanel before 88.0.13 mishandles file-extension dispatching, leading to code execution (SEC-488).
16 CVE-2020-26107 326 2020-09-25 2021-07-21
5.0
None Remote Low Not required Partial None None
cPanel before 88.0.3, upon an upgrade, establishes predictable PowerDNS API keys (SEC-561).
17 CVE-2020-26106 532 2020-09-25 2021-07-21
5.0
None Remote Low Not required Partial None None
cPanel before 88.0.3 has weak permissions (world readable) for the proxy subdomains log file (SEC-558).
18 CVE-2020-26105 522 2020-09-25 2021-07-21
5.0
None Remote Low Not required Partial None None
In cPanel before 88.0.3, insecure chkservd test credentials are used on a templated VM (SEC-554).
19 CVE-2020-26104 922 2020-09-25 2020-09-29
5.0
None Remote Low Not required Partial None None
In cPanel before 88.0.3, an insecure SRS secret is used on a templated VM (SEC-552).
20 CVE-2020-26103 521 2020-09-25 2020-09-29
5.0
None Remote Low Not required Partial None None
In cPanel before 88.0.3, an insecure site password is used for Mailman on a templated VM (SEC-551).
21 CVE-2020-26102 863 2020-09-25 2021-07-21
5.0
None Remote Low Not required Partial None None
In cPanel before 88.0.3, an insecure auth policy API key is used by Dovecot on a templated VM (SEC-550).
22 CVE-2020-26101 522 2020-09-25 2021-07-21
5.0
None Remote Low Not required Partial None None
In cPanel before 88.0.3, insecure RNDC credentials are used for BIND on a templated VM (SEC-549).
23 CVE-2020-26100 2020-09-25 2020-09-29
7.5
None Remote Low Not required Partial Partial Partial
chsh in cPanel before 88.0.3 allows a Jailshell escape (SEC-497).
24 CVE-2020-26099 Bypass 2020-09-25 2020-09-29
5.0
None Remote Low Not required None Partial None
cPanel before 88.0.3 allows attackers to bypass the SMTP greylisting protection mechanism (SEC-491).
25 CVE-2020-26098 Exec Code 2020-09-25 2020-09-29
7.5
None Remote Low Not required Partial Partial Partial
cPanel before 88.0.3 mishandles the Exim filter path, leading to remote code execution (SEC-485).
26 CVE-2020-26042 89 Sql 2020-09-30 2020-10-02
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Hoosk CMS v1.8.0. There is a SQL injection vulnerability in install/index.php
27 CVE-2020-26041 Exec Code 2020-09-30 2020-10-02
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Hoosk CmS v1.8.0. There is an Remote Code Execution vulnerability in install/index.php
28 CVE-2020-25869 863 +Info 2020-09-27 2022-01-06
5.0
None Remote Low Not required Partial None None
An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki.
29 CVE-2020-25827 307 2020-09-27 2022-01-01
5.0
None Remote Low Not required None Partial None
An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. For Wikis using OATHAuth on a farm/cluster (such as via CentralAuth), rate limiting of OATH tokens is only done on a single site level. Thus, multiple requests can be made across many wikis/sites concurrently.
30 CVE-2020-25826 269 +Priv 2020-09-23 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
PingID Integration for Windows Login before 2.4.2 allows local users to gain privileges by modifying CefSharp.BrowserSubprocess.exe.
31 CVE-2020-25821 476 2020-09-23 2020-09-30
5.0
None Remote Low Not required None None Partial
** UNSUPPORTED WHEN ASSIGNED ** peg-markdown 0.4.14 has a NULL pointer dereference in process_raw_blocks in markdown_lib.c. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
32 CVE-2020-25813 2020-09-27 2022-01-01
5.0
None Remote Low Not required Partial None None
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users.
33 CVE-2020-25796 129 2020-09-19 2021-01-12
5.0
None Remote Low Not required None None Partial
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the InlineArray implementation, an unaligned reference may be generated for a type that has a large alignment requirement.
34 CVE-2020-25795 401 2020-09-19 2021-01-12
5.0
None Remote Low Not required None None Partial
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, insert_from can have a memory-safety issue upon a panic.
35 CVE-2020-25794 401 2020-09-19 2021-01-12
5.0
None Remote Low Not required None None Partial
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, clone can have a memory-safety issue upon a panic.
36 CVE-2020-25793 129 2020-09-19 2021-01-12
5.0
None Remote Low Not required None None Partial
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with From<InlineArray<A, T>>.
37 CVE-2020-25792 129 2020-09-19 2021-01-12
5.0
None Remote Low Not required None None Partial
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with pair().
38 CVE-2020-25791 129 2020-09-19 2021-01-12
5.0
None Remote Low Not required None None Partial
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit().
39 CVE-2020-25790 434 Exec Code 2020-09-19 2020-10-20
6.5
None Remote Low ??? Partial Partial Partial
** DISPUTED ** Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins are considered trustworthy"; however, the behavior "contradicts our security policy" and is being fixed for 5.2.
40 CVE-2020-25788 829 2020-09-19 2020-09-29
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. imgproxy in plugins/af_proxy_http/init.php mishandles $_REQUEST["url"] in an error message.
41 CVE-2020-25787 20 2020-09-19 2021-03-15
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. It does not validate all URLs before requesting them.
42 CVE-2020-25775 362 2020-09-29 2020-10-07
6.3
None Local Medium Not required None Complete Complete
The Trend Micro Security 2020 (v16) consumer family of products is vulnerable to a security race condition arbitrary file deletion vulnerability that could allow an unprivileged user to manipulate the product's secure erase feature to delete files with a higher set of privileges.
43 CVE-2020-25773 415 Exec Code 2020-09-29 2020-10-02
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability in the Trend Micro Apex One ServerMigrationTool component could allow an attacker to execute arbitrary code on affected products. User interaction is required to exploit this vulnerability in that the target must import a corrupted configuration file.
44 CVE-2020-25766 2020-09-18 2020-09-27
5.0
None Remote Low Not required None Partial None
An issue was discovered in MISP before 2.4.132. It can perform an unwanted action because of a POST operation on a form that is not linked to the login page.
45 CVE-2020-25763 434 Exec Code 2020-09-30 2020-10-08
7.5
None Remote Low Not required Partial Partial Partial
Seat Reservation System version 1.0 suffers from an Unauthenticated File Upload Vulnerability allowing Remote Attackers to gain Remote Code Execution (RCE) on the Hosting Webserver via uploading PHP files.
46 CVE-2020-25762 89 Sql Bypass 2020-09-30 2020-10-08
6.4
None Remote Low Not required Partial Partial None
An issue was discovered in SourceCodester Seat Reservation System 1.0. The file admin_class.php does not perform input validation on the username and password parameters. An attacker can send malicious input in the post request to /admin/ajax.php?action=login and bypass authentication, extract sensitive information etc.
47 CVE-2020-25760 89 Sql 2020-09-30 2022-01-01
6.5
None Remote Low ??? Partial Partial Partial
Projectworlds Visitor Management System in PHP 1.0 allows SQL Injection. The file front.php does not perform input validation on the 'rid' parameter. An attacker can append SQL queries to the input to extract sensitive information from the database.
48 CVE-2020-25756 120 Overflow 2020-09-18 2020-09-29
7.5
None Remote Low Not required Partial Partial Partial
** DISPUTED ** A buffer overflow vulnerability exists in the mg_get_http_header function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can exploit this bug. NOTE: a committer has stated "this will not happen in practice."
49 CVE-2020-25751 89 Sql 2020-09-18 2020-09-24
6.5
None Remote Low ??? Partial Partial Partial
The paGO Commerce plugin 2.5.9.0 for Joomla! allows SQL Injection via the administrator/index.php?option=com_pago&view=comments filter_published parameter.
50 CVE-2020-25750 611 2020-09-18 2020-09-29
5.0
None Remote Low Not required Partial None None
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in DotPlant2 before 2020-09-14. In class Pay2PayPayment in payment/Pay2PayPayment.php, there is an XXE vulnerability in the checkResult function. The user input ($_POST['xml']) is used for simplexml_load_string without sanitization. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Total number of vulnerabilities : 858   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.