CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2020 (CVSS score >= 6)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-15415 78 Exec Code 2020-06-30 2020-07-02
7.5
None Remote Low Not required Partial Partial Partial
On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via shell metacharacters in a filename when the text/x-python-script content type is used, a different issue than CVE-2020-14472.
2 CVE-2020-15411 269 2020-06-30 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in MISP 2.4.128. app/Controller/AttributesController.php has insufficient ACL checks in the attachment downloader.
3 CVE-2020-15397 732 Exec Code 2020-06-30 2022-07-12
7.2
None Local Low Not required Complete Complete Complete
HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uucp account). This allows these users to execute code in the context of the user calling these binaries (often root).
4 CVE-2020-15396 362 2020-06-30 2022-04-28
7.2
None Local Low Not required Complete Complete Complete
In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.
5 CVE-2020-15395 125 2020-06-30 2020-11-17
6.8
None Remote Medium Not required Partial Partial Partial
In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing).
6 CVE-2020-15362 74 Exec Code 2020-06-29 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
wifiscanner.js in thingsSDK WiFi Scanner 1.0.1 allows Code Injection because it can be used with options to overwrite the default executable/binary path and its arguments. An attacker can abuse this functionality to execute arbitrary code.
7 CVE-2020-15351 276 2020-06-26 2020-07-06
7.2
None Local Low Not required Complete Complete Complete
IDrive before 6.7.3.19 on Windows installs by default to %PROGRAMFILES(X86)%\IDriveWindows with weak folder permissions granting any user modify permission (i.e., NT AUTHORITY\Authenticated Users:(OI)(CI)(M)) to the contents of the directory and its sub-folders. In addition, the program installs a service called IDriveService that runs as LocalSystem. Thus, any standard user can escalate privileges to NT AUTHORITY\SYSTEM by substituting the service's binary with a malicious one.
8 CVE-2020-15348 74 2020-06-26 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/delete_cpes_by_ids?cpe_ids= for eval injection of Python code.
9 CVE-2020-15324 798 2020-06-29 2020-07-06
7.5
None Remote Low Not required Partial Partial Partial
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials.
10 CVE-2020-15323 798 2020-06-29 2020-07-06
7.5
None Remote Low Not required Partial Partial Partial
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials.
11 CVE-2020-15322 798 2020-06-29 2020-07-06
7.5
None Remote Low Not required Partial Partial Partial
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account.
12 CVE-2020-15321 798 2020-06-29 2020-07-06
7.5
None Remote Low Not required Partial Partial Partial
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account.
13 CVE-2020-15320 798 2020-06-29 2020-07-02
7.5
None Remote Low Not required Partial Partial Partial
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account.
14 CVE-2020-15308 89 Sql 2020-06-26 2020-07-06
6.5
None Remote Low ??? Partial Partial Partial
Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-authentication SQL injection via the site_edit.php typeid or site parameter, the search_incidents_advanced.php search_title parameter, or the report_qbe.php criteriafield parameter.
15 CVE-2020-15087 285 Bypass 2020-06-30 2021-04-08
6.5
None Remote Low ??? Partial Partial Partial
In Presto before version 337, authenticated users can bypass authorization checks by directly accessing internal APIs. This impacts Presto server installations with secure internal communication configured. This does not affect installations that have not configured secure internal communication, as these installations are inherently insecure. This only affects Presto server installations. This does NOT affect clients such as the CLI or JDBC driver. This vulnerability has been fixed in version 337. Additionally, this issue can be mitigated by blocking network access to internal APIs on the coordinator and workers.
16 CVE-2020-15069 120 Exec Code Overflow 2020-06-29 2020-07-16
7.5
None Remote Low Not required Partial Partial Partial
Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless access. Hotfix HF062020.1 was published for all firewalls running v17.x.
17 CVE-2020-15049 444 2020-06-30 2021-03-12
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace character prefix to the length field-value.
18 CVE-2020-15046 352 CSRF 2020-06-24 2020-07-13
9.3
None Remote Medium Not required Complete Complete Complete
The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to exploit a cgi/config_user.cgi CSRF issue to add new admin users. The fixed versions are BIOS 3.2 and firmware 03.88.
19 CVE-2020-15018 384 2020-06-24 2020-07-08
6.4
None Remote Low Not required Partial Partial None
playSMS through 1.4.3 is vulnerable to session fixation.
20 CVE-2020-15014 352 CSRF 2020-06-24 2020-06-29
6.8
None Remote Medium Not required Partial Partial Partial
pramodmahato BlogCMS through 2019-12-31 has admin/changepass.php CSRF.
21 CVE-2020-15007 120 Exec Code Overflow 2020-06-24 2020-07-08
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tech 1 (aka Doom engine) allows arbitrary code execution via an unsafe usage of fscanf, because it does not limit the number of characters to be read in a format argument.
22 CVE-2020-14993 787 Exec Code Overflow 2020-06-23 2020-06-29
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi.
23 CVE-2020-14983 120 Overflow 2020-06-22 2020-07-08
7.5
None Remote Low Not required Partial Partial Partial
The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack.
24 CVE-2020-14978 862 Exec Code 2020-06-23 2021-07-21
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorrect client version verification, an attacker can connect to a privileged XPC service, and execute privileged commands on the system. NOTE: the attacker needs to execute code on an already compromised machine.
25 CVE-2020-14977 20 Exec Code 2020-06-23 2021-07-21
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in F-Secure SAFE 17.7 on macOS. The XPC services use the PID to identify the connecting client, which allows an attacker to perform a PID reuse attack and connect to a privileged XPC service, and execute privileged commands on the system. NOTE: the attacker needs to execute code on an already compromised machine.
26 CVE-2020-14975 269 2020-06-23 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to delete, move, or copy arbitrary files via IOCTL code 0x222124.
27 CVE-2020-14974 269 2020-06-23 2021-07-21
6.6
None Local Low Not required None Complete Complete
The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to unlock a file and kill processes (even ones running as SYSTEM) that hold a handle, via IOCTL code 0x222124.
28 CVE-2020-14972 89 Exec Code Sql Bypass 2020-06-22 2020-06-26
7.5
None Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in Sourcecodester Pisay Online E-Learning System 1.0 allow remote unauthenticated attackers to bypass authentication and achieve Remote Code Execution (RCE) via the user_email, user_pass, and id parameters on the admin login-portal and the edit-lessons webpages.
29 CVE-2020-14968 119 Overflow Mem. Corr. 2020-06-22 2020-07-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. Its RSASSA-PSS (RSA-PSS) implementation does not detect signature manipulation/modification by prepending '\0' bytes to a signature (it accepts these modified signatures as valid). An attacker can abuse this behavior in an application by creating multiple valid signatures where only one signature should exist. Also, an attacker might prepend these bytes with the goal of triggering memory corruption issues.
30 CVE-2020-14967 119 Overflow Mem. Corr. 2020-06-22 2020-07-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the jsrsasign package before 8.0.18 for Node.js. Its RSA PKCS1 v1.5 decryption implementation does not detect ciphertext modification by prepending '\0' bytes to ciphertexts (it decrypts modified ciphertexts without error). An attacker might prepend these bytes with the goal of triggering memory corruption issues.
31 CVE-2020-14960 89 Sql 2020-06-22 2020-06-26
6.5
None Remote Low ??? Partial Partial Partial
A SQL injection vulnerability in PHP-Fusion 9.03.50 affects the endpoint administration/comments.php via the ctype parameter,
32 CVE-2020-14957 20 DoS 2020-06-30 2020-07-07
6.1
None Local Low Not required Partial Partial Complete
In Windows cleaning assistant 3.2, the driver file (AtpKrnl.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x223CCD.
33 CVE-2020-14956 20 DoS 2020-06-30 2020-07-07
6.1
None Local Low Not required Partial Partial Complete
In Windows cleaning assistant 3.2, the driver file (AtpKrnl.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x223CCA.
34 CVE-2020-14950 20 Exec Code 2020-06-21 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a modified /system?action=ServiceAdmin request (start, stop, or restart) to the setting menu of Sotfware Store.
35 CVE-2020-14947 78 Exec Code 2020-06-30 2020-07-13
6.5
None Remote Low ??? Partial Partial Partial
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid.
36 CVE-2020-14945 2020-06-22 2022-05-03
6.5
None Remote Low ??? Partial Partial Partial
A privilege escalation vulnerability exists within Global RADAR BSA Radar 1.6.7234.24750 and earlier that allows an authenticated, low-privileged user to escalate their privileges to administrator rights (i.e., the BankAdmin role) via modified SaveUser data.
37 CVE-2020-14944 862 2020-06-22 2022-05-03
7.5
None Remote Low Not required Partial Partial Partial
Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple functions. This can allow for manipulation and takeover of user accounts if successfully exploited. The following vulnerable functions are exposed: ChangePassword, SaveUserProfile, and GetUser.
38 CVE-2020-14942 502 2020-06-21 2020-06-26
7.5
None Remote Low Not required Partial Partial Partial
Tendenci 12.0.10 allows unrestricted deserialization in apps\helpdesk\views\staff.py.
39 CVE-2020-14939 20 Exec Code 2020-06-23 2020-07-01
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in savestruct_internal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading.
40 CVE-2020-14938 787 Overflow 2020-06-23 2020-07-01
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated buffer without size verification, leading to a heap-based buffer overflow.
41 CVE-2020-14933 502 2020-06-20 2021-11-30
6.5
None Remote Low ??? Partial Partial Partial
** DISPUTED ** compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates from an HTTP POST request. NOTE: the vendor disputes this because these two conditions for PHP object injection are not satisfied: existence of a PHP magic method (such as __wakeup or __destruct), and any attack-relevant classes must be declared before unserialize is called (or must be autoloaded). .
42 CVE-2020-14932 502 2020-06-20 2020-06-26
7.5
None Remote Low Not required Partial Partial Partial
compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.
43 CVE-2020-14931 787 Exec Code Overflow 2020-06-19 2020-06-26
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in DMitry (Deepmagic Information Gathering Tool) 1.3a might allow remote WHOIS servers to execute arbitrary code via a long line in a response that is mishandled by nic_format_buff.
44 CVE-2020-14482 787 Exec Code Overflow 2020-06-30 2020-07-10
6.8
None Remote Medium Not required Partial Partial Partial
Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Opening a specially crafted project file may overflow the heap, which may allow remote code execution, disclosure/modification of information, or cause the application to crash.
45 CVE-2020-14473 787 Overflow 2020-06-24 2020-06-30
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow vulnerability in Vigor3900, Vigor2960, and Vigor300B with firmware before 1.5.1.1.
46 CVE-2020-14472 77 2020-06-24 2021-12-21
7.5
None Remote Low Not required Partial Partial Partial
On Draytek Vigor3900, Vigor2960, and Vigor 300B devices before 1.5.1.1, there are some command-injection vulnerabilities in the mainfunction.cgi file.
47 CVE-2020-14456 346 2020-06-19 2020-06-25
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Mattermost Desktop App before 4.4.0. The Same Origin Policy is mishandled during access-control decisions for web APIs, aka MMSA-2020-0006.
48 CVE-2020-14443 89 Exec Code Sql 2020-06-18 2020-06-24
6.5
None Remote Low ??? Partial Partial Partial
A SQL injection vulnerability in accountancy/customer/card.php in Dolibarr 11.0.3 allows remote authenticated users to execute arbitrary SQL commands via the id parameter.
49 CVE-2020-14434 74 2020-06-18 2021-07-21
7.7
None Local Network Low ??? Complete Complete Complete
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, RBS850 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, and RBS840 before 3.2.15.25.
50 CVE-2020-14432 352 CSRF 2020-06-18 2020-06-22
6.8
None Remote Medium Not required Partial Partial Partial
Certain NETGEAR devices are affected by CSRF. This affects RBK752 before 3.2.15.25, RBK753 before 3.2.15.25, RBK753S before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK842 before 3.2.15.25, RBR840 before 3.2.15.25, RBS840 before 3.2.15.25, RBK852 before 3.2.15.25, RBK853 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25.
Total number of vulnerabilities : 674   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.