CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In March 2020 (CVSS score >= 6)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-11113 502 2020-03-31 2021-12-10
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa).
2 CVE-2020-11112 502 2020-03-31 2021-12-10
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy).
3 CVE-2020-11111 502 2020-03-31 2021-12-10
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms).
4 CVE-2020-11105 763 2020-03-30 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::shared_ptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::shared_ptr variable goes out of scope and is freed, and a new std::shared_ptr is allocated at the same address. Serialization fidelity thereby becomes dependent upon memory layout. In short, serialized std::shared_ptr variables cannot always be expected to serialize back into their original values. This can have any number of consequences, depending on the context within which this manifests.
5 CVE-2020-10993 611 2020-03-27 2020-03-31
6.4
None Remote Low Not required Partial None Partial
Osmand through 2.0.0 allow XXE because of binary/BinaryMapIndexReader.java.
6 CVE-2020-10992 611 2020-03-27 2020-03-31
7.5
None Remote Low Not required Partial Partial Partial
Azkaban through 3.84.0 allows XXE, related to validator/XmlValidatorManager.java and user/XmlUserManager.java.
7 CVE-2020-10991 611 2020-03-27 2020-03-31
7.5
None Remote Low Not required Partial Partial Partial
Mulesoft APIkit through 1.3.0 allows XXE because of validation/RestXmlSchemaValidator.java
8 CVE-2020-10990 611 2020-03-27 2020-03-31
7.5
None Remote Low Not required Partial Partial Partial
An XXE issue exists in Accenture Mercury before 1.12.28 because of the platformlambda/core/serializers/SimpleXmlParser.java component.
9 CVE-2020-10969 502 2020-03-26 2021-12-07
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane.
10 CVE-2020-10968 502 2020-03-26 2021-12-07
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy).
11 CVE-2020-10965 522 2020-03-25 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password resets via login/resetadminpassword of the default admin account. This vulnerability only exists when the default admin account is not disabled. It is fixed in 20.01.1 and 19.11.2.
12 CVE-2020-10964 434 Exec Code 2020-03-25 2020-03-27
7.5
None Remote Low Not required Partial Partial Partial
Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.
13 CVE-2020-10963 434 Exec Code 2020-03-25 2020-11-28
6.5
None Remote Low ??? Partial Partial Partial
FrozenNode Laravel-Administrator through 5.0.12 allows unrestricted file upload (and consequently Remote Code Execution) via admin/tips_image/image/file_upload image upload with PHP content within a GIF image that has the .php extension. NOTE: this product is discontinued.
14 CVE-2020-10956 918 2020-03-27 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
GitLab 8.10 and later through 12.9 is vulnerable to an SSRF in a project import note feature.
15 CVE-2020-10938 787 Overflow 2020-03-24 2022-01-01
7.5
None Remote Low Not required Partial Partial Partial
GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.
16 CVE-2020-10934 434 2020-03-24 2020-04-07
6.5
None Remote Low ??? Partial Partial Partial
Acyba AcyMailing before 6.9.2 mishandles file uploads by admins.
17 CVE-2020-10888 287 Bypass 2020-03-25 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
This vulnerability allows remote attackers to bypass authentication on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SSH port forwarding requests during initial setup. The issue results from the lack of proper authentication prior to establishing SSH port forwarding rules. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the WAN interface. Was ZDI-CAN-9664.
18 CVE-2020-10887 Exec Code Bypass 2020-03-25 2021-10-26
7.5
None Remote Low Not required Partial Partial Partial
This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IPv6 connections. The issue results from the lack of proper filtering of IPv6 SSH connections. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-9663.
19 CVE-2020-10886 78 Exec Code 2020-03-25 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tmpServer service, which listens on TCP port 20002. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9662.
20 CVE-2020-10885 20 Exec Code 2020-03-25 2020-03-31
7.5
None Remote Low Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. The issue results from the lack of proper validation of DNS reponses prior to further processing. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the root user. Was ZDI-CAN-9661.
21 CVE-2020-10882 78 Exec Code 2020-03-25 2020-04-15
8.3
None Local Network Low Not required Complete Complete Complete
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP port 20002 by default. When parsing the slave_mac parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-9650.
22 CVE-2020-10881 787 Exec Code Overflow 2020-03-25 2020-03-31
10.0
None Remote Low Not required Complete Complete Complete
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted DNS message can trigger an overflow of a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-9660.
23 CVE-2020-10879 74 2020-03-23 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped.
24 CVE-2020-10850 120 Exec Code Overflow 2020-03-24 2020-03-26
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 (January 2020).
25 CVE-2020-10848 119 Overflow 2020-03-24 2020-03-27
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos 9810 chipsets) software. Arbitrary memory mapping exists in TEE. The Samsung ID is SVE-2019-16665 (February 2020).
26 CVE-2020-10844 125 2020-03-24 2020-03-25
6.4
None Remote Low Not required Partial None Partial
An issue was discovered on Samsung mobile devices with O(8.x), P(9.x), and Q(10.0) software. There is an out-of-bounds read vulnerability in media.audio_policy. The Samsung ID is SVE-2019-16333 (February 2020).
27 CVE-2020-10837 119 Exec Code Overflow 2020-03-24 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. The Esecomm Trustlet allows a stack overflow and arbitrary code execution. The Samsung ID is SVE-2019-15984 (February 2020).
28 CVE-2020-10836 119 Overflow 2020-03-24 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The Widevine Trustlet allows read and write operations on arbitrary memory locations. The Samsung ID is SVE-2019-15873 (February 2020).
29 CVE-2020-10835 120 Overflow 2020-03-24 2020-03-26
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 (February 2020).
30 CVE-2020-10828 787 Exec Code Overflow 2020-03-26 2020-06-23
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.
31 CVE-2020-10827 787 Exec Code Overflow 2020-03-26 2020-06-23
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in apmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.
32 CVE-2020-10826 77 2020-03-26 2022-04-22
10.0
None Remote Low Not required Complete Complete Complete
/cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve command injection via a remote HTTP request in DEBUG mode.
33 CVE-2020-10825 787 Exec Code Overflow 2020-03-26 2020-06-23
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in /cgi-bin/activate.cgi while base64 decoding ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 3 of 3).
34 CVE-2020-10824 787 Exec Code Overflow 2020-03-26 2020-06-23
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in /cgi-bin/activate.cgi through ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 2 of 3).
35 CVE-2020-10823 787 Exec Code Overflow 2020-03-26 2020-06-23
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in /cgi-bin/activate.cgi through var parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 1 of 3).
36 CVE-2020-10818 78 Exec Code 2020-03-22 2020-03-25
6.5
None Remote Low ??? Partial Partial Partial
Artica Proxy 4.26 allows remote command execution for an authenticated user via shell metacharacters in the "Modify the hostname" field.
37 CVE-2020-10817 89 Sql 2020-03-27 2020-04-01
6.5
None Remote Low ??? Partial Partial Partial
The custom-searchable-data-entry-system (aka Custom Searchable Data Entry System) plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued.
38 CVE-2020-10808 78 2020-03-22 2020-04-06
9.0
None Remote Low ??? Complete Complete Complete
Vesta Control Panel (VestaCP) through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demonstrated by an FTP session that renames .bash_logout to a .bash_logout' substring followed by shell metacharacters.
39 CVE-2020-10806 434 Exec Code 2020-03-22 2020-03-25
7.5
None Remote Low Not required Partial Partial Partial
eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php execution.
40 CVE-2020-10804 89 Sql 2020-03-22 2020-11-02
6.0
None Remote Medium ??? Partial Partial Partial
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability was found in retrieval of the current username (in libraries/classes/Server/Privileges.php and libraries/classes/UserPassword.php). A malicious user with access to the server could create a crafted username, and then trick the victim into performing specific actions with that user account (such as editing its privileges).
41 CVE-2020-10802 89 Sql 2020-03-22 2020-11-02
6.0
None Remote Medium ??? Partial Partial Partial
In phpMyAdmin 4.x before 4.9.5 and 5.x before 5.0.2, a SQL injection vulnerability has been discovered where certain parameters are not properly escaped when generating certain queries for search actions in libraries/classes/Controllers/Table/TableSearchController.php. An attacker can generate a crafted database or table name. The attack can be performed if a user attempts certain search operations on the malicious database or table.
42 CVE-2020-10800 639 Exec Code 2020-03-21 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
lix through 15.8.7 allows man-in-the-middle attackers to execute arbitrary code by modifying the HTTP client-server data stream so that the Location header is associated with attacker-controlled executable content in the postDownload field.
43 CVE-2020-10799 611 2020-03-20 2020-03-24
7.5
None Remote Low Not required Partial Partial Partial
The svglib package through 0.9.3 for Python allows XXE attacks via an svg2rlg call.
44 CVE-2020-10793 269 +Priv 2020-03-23 2021-02-10
6.5
None Remote Low ??? Partial Partial Partial
CodeIgniter through 4.0.0 allows remote attackers to gain privileges via a modified Email ID to the "Select Role of the User" page. NOTE: A contributor to the CodeIgniter framework argues that the issue should not be attributed to CodeIgniter. Furthermore, the blog post reference shows an unknown website built with the CodeIgniter framework but that CodeIgniter is not responsible for introducing this issue because the framework has never provided a login screen, nor any kind of login or user management facilities beyond a Session library. Also, another reporter indicates the issue is with a custom module/plugin to CodeIgniter, not CodeIgniter itself.
45 CVE-2020-10789 78 Exec Code 2020-03-25 2020-03-27
10.0
None Remote Low Not required Complete Complete Complete
openITCOCKPIT before 3.7.3 has a web-based terminal that allows attackers to execute arbitrary OS commands via shell metacharacters that are mishandled on an su command line in app/Lib/SudoMessageInterface.php.
46 CVE-2020-10788 327 2020-03-25 2021-07-21
6.4
None Remote Low Not required Partial Partial None
openITCOCKPIT before 3.7.3 uses the 1fea123e07f730f76e661bced33a94152378611e API key rather than generating a random API Key for WebSocket connections.
47 CVE-2020-10696 22 Dir. Trav. 2020-03-31 2020-04-01
9.3
None Remote Medium Not required Complete Complete Complete
A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.
48 CVE-2020-10682 434 Exec Code 2020-03-20 2020-03-24
6.8
None Remote Medium Not required Partial Partial Partial
The Filemanager in CMS Made Simple 2.2.13 allows remote code execution via a .php.jpegd JPEG file, as demonstrated by m1_files[] to admin/moduleinterface.php. The file should be sent as application/octet-stream and contain PHP code (it need not be a valid JPEG file).
49 CVE-2020-10678 269 2020-03-19 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
In Octopus Deploy before 2020.1.5, for customers running on-premises Active Directory linked to their Octopus server, an authenticated user can leverage a bug to escalate privileges.
50 CVE-2020-10674 78 Exec Code 2020-03-18 2020-03-20
7.5
None Remote Low Not required Partial Partial Partial
PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open.
Total number of vulnerabilities : 713   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.