CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In January 2020 (CVSS score >= 7)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-8492 400 DoS 2020-01-30 2021-09-16
7.1
None Remote Medium Not required None None Complete
Python 2.7 through 2.7.17, 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.
2 CVE-2020-8447 416 2020-01-30 2020-07-27
7.5
None Remote Low Not required Partial Partial Partial
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of syscheck formatted msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted).
3 CVE-2020-8445 20 2020-01-30 2020-07-27
10.0
None Remote Low Not required Complete Complete Complete
In OSSEC-HIDS 2.7 through 3.5.0, the OS_CleanMSG function in ossec-analysisd doesn't remove or encode terminal control characters or newlines from processed log messages. In many cases, those characters are later logged. Because newlines (\n) are permitted in messages processed by ossec-analysisd, it may be possible to inject nested events into the ossec log. Use of terminal control characters may allow obfuscating events or executing commands when viewed through vulnerable terminal emulators. This may be an unauthenticated remote attack for certain types and origins of logged data.
4 CVE-2020-8444 416 2020-01-30 2020-07-27
7.5
None Remote Low Not required Partial Partial Partial
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a use-after-free during processing of ossec-alert formatted msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted).
5 CVE-2020-8443 787 Overflow 2020-01-30 2022-04-26
7.5
None Remote Low Not required Partial Partial Partial
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to an off-by-one heap-based buffer overflow during the cleaning of crafted syslog msgs (received from authenticated remote agents and delivered to the analysisd processing queue by ossec-remoted).
6 CVE-2020-8440 434 Exec Code 2020-01-31 2020-02-05
7.5
None Remote Low Not required Partial Partial Partial
controllers/page_apply.php in Simplejobscript.com SJS through 1.66 is prone to unauthenticated Remote Code Execution by uploading a PHP script as a resume.
7 CVE-2020-8438 78 Exec Code 2020-01-29 2020-01-31
9.0
None Remote Low ??? Complete Complete Complete
Ruckus ZoneFlex R500 104.0.0.0.1347 devices allow an authenticated attacker to execute arbitrary OS commands via the hidden /forms/nslookupHandler form, as demonstrated by the nslookuptarget=|cat${IFS} substring.
8 CVE-2020-8432 415 Exec Code 2020-01-29 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
In Das U-Boot through 2020.01, a double free has been found in the cmd/gpt.c do_rename_gpt_parts() function. Double freeing may result in a write-what-where condition, allowing an attacker to execute arbitrary code. NOTE: this vulnerablity was introduced when attempting to fix a memory leak identified by static analysis.
9 CVE-2020-8088 843 Bypass 2020-01-27 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
panel_login.php in UseBB 1.0.12 allows type juggling for login bypass because != is used instead of !== for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.
10 CVE-2020-8087 Exec Code 2020-01-27 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must use a Parameter Pollution approach against goform/formSetDiagnosticToolsFmPing by providing the vlu_diagnostic_tools__ping_address parameter twice: once with a shell metacharacter and a command name, and once with a command argument.
11 CVE-2020-8001 798 2020-01-27 2020-01-30
10.0
None Remote Low Not required Complete Complete Complete
The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account.
12 CVE-2020-8000 798 2020-01-27 2020-01-31
10.0
None Remote Low Not required Complete Complete Complete
Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account.
13 CVE-2020-7999 798 2020-01-27 2020-01-30
7.5
None Remote Low Not required Partial Partial Partial
The Intellian Aptus application 1.0.2 for Android has hardcoded values for DOWNLOAD_API_KEY and FILE_DOWNLOAD_API_KEY.
14 CVE-2020-7998 434 2020-01-28 2020-02-04
9.0
None Remote Low ??? Complete Complete Complete
An arbitrary file upload vulnerability has been discovered in the Super File Explorer app 1.0.1 for iOS. The vulnerability is located in the developer path that is accessible and hidden next to the root path. By default, there is no password set for the FTP or Web UI service.
15 CVE-2020-7995 307 2020-01-26 2022-04-26
10.0
None Remote Low Not required Complete Complete Complete
The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts.
16 CVE-2020-7981 89 Sql 2020-01-25 2020-01-27
7.5
None Remote Low Not required Partial Partial Partial
sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when within_bounding_box is used in conjunction with untrusted sw_lat, sw_lng, ne_lat, or ne_lng data.
17 CVE-2020-7980 78 Exec Code 2020-01-25 2020-01-29
10.0
None Remote Low Not required Complete Complete Complete
Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.
18 CVE-2020-7956 295 2020-01-31 2020-02-04
7.5
None Remote Low Not required Partial Partial Partial
HashiCorp Nomad and Nomad Enterprise up to 0.10.2 incorrectly validated role/region associated with TLS certificates used for mTLS RPC, and were susceptible to privilege escalation. Fixed in 0.10.3.
19 CVE-2020-7941 269 2020-01-23 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
A privilege escalation issue in plone.app.contenttypes in Plone 4.3 through 5.2.1 allows users to PUT (overwrite) some content without needing write permission.
20 CVE-2020-7799 74 Exec Code 2020-01-28 2021-07-21
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered in FusionAuth before 1.11.0. An authenticated user, allowed to edit e-mail templates (Home -> Settings -> Email Templates) or themes (Home -> Settings -> Themes), can execute commands on the underlying operating system by abusing freemarker.template.utility.Execute in the Apache FreeMarker engine that processes custom templates.
21 CVE-2020-7594 78 Exec Code 2020-01-21 2020-01-29
9.0
None Remote Low ??? Complete Complete Complete
MultiTech Conduit MTCDT-LVW2-24XX 1.4.17-ocea-13592 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Debug Options page and entering shell metacharacters in the interface JSON field of the ping function.
22 CVE-2020-7247 78 Exec Code 2020-01-29 2022-04-29
10.0
None Remote Low Not required Complete Complete Complete
smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products, allows remote attackers to execute arbitrary commands as root via a crafted SMTP session, as demonstrated by shell metacharacters in a MAIL FROM field. This affects the "uncommented" default configuration. The issue exists because of an incorrect return value upon failure of input validation.
23 CVE-2020-7244 78 Exec Code 2020-01-20 2020-01-24
9.0
None Remote Low ??? Complete Complete Complete
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Poll Routes page and entering shell metacharacters in the Router IP Address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
24 CVE-2020-7243 78 Exec Code 2020-01-20 2020-01-24
9.0
None Remote Low ??? Complete Complete Complete
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Fetch URL page and entering shell metacharacters in the URL field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
25 CVE-2020-7242 78 Exec Code 2020-01-20 2020-01-24
9.0
None Remote Low ??? Complete Complete Complete
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to achieve remote code execution by navigating to the Diagnostics Trace Route page and entering shell metacharacters in the Target IP address field. (In some cases, authentication can be achieved with the comtech password for the comtech account.)
26 CVE-2020-7240 78 Exec Code 2020-01-20 2020-02-05
9.0
None Remote Low ??? Complete Complete Complete
** DISPUTED ** Meinberg Lantime M300 and M1000 devices allow attackers (with privileges to configure a device) to execute arbitrary OS commands by editing the /config/netconf.cmd script (aka Extended Network Configuration). Note: According to the description, the vulnerability requires a fully authenticated super-user account using a webUI function that allows super users to edit a script supposed to execute OS commands. The given weakness enumeration (CWE-78) is not applicable in this case as it refers to abusing functions/input fields not supposed to be accepting OS commands by using 'Special Elements.'
27 CVE-2020-7237 78 Exec Code 2020-01-20 2020-02-19
9.0
None Remote Low ??? Complete Complete Complete
Cacti 1.2.8 allows Remote Code Execution (by privileged users) via shell metacharacters in the Performance Boost Debug Log field of poller_automation.php. OS commands are executed when a new poller cycle begins. The attacker must be authenticated, and must have access to modify the Performance Settings of the product.
28 CVE-2020-7233 798 2020-01-19 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
KMS Controls BAC-A1616BC BACnet devices have a cleartext password of snowman in the BACKDOOR_NAME variable in the BC_Logon.swf file.
29 CVE-2020-7229 89 Sql 2020-01-21 2020-01-29
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Simplejobscript.com SJS before 1.65. There is unauthenticated SQL injection via the search engine. The parameter is landing_location. The function is countSearchedJobs(). The file is _lib/class.Job.php.
30 CVE-2020-7213 312 2020-01-21 2020-01-29
7.6
None Remote High Not required Complete Complete Complete
Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Users of out-of-date versions are presented with a pop-up window for a parallels_updates.xml file on the http://update.parallels.com web site.
31 CVE-2020-7109 2020-01-22 2020-01-24
7.5
None Remote Low Not required Partial Partial Partial
The Elementor Page Builder plugin before 2.8.4 for WordPress does not sanitize data during creation of a new template.
32 CVE-2020-7040 59 2020-01-21 2020-09-17
9.3
None Remote Medium Not required Complete Complete Complete
storeBackup.pl in storeBackup through 3.5 relies on the /tmp/storeBackup.lock pathname, which allows symlink attacks that possibly lead to privilege escalation. (Local users can also create a plain file named /tmp/storeBackup.lock to block use of storeBackup until an admin manually deletes that file.)
33 CVE-2020-6966 326 Exec Code +Info 2020-01-24 2020-03-17
10.0
None Remote Low Not required Complete Complete Complete
In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilize a weak encryption scheme for remote desktop control, which may allow an attacker to obtain remote code execution of devices on the network.
34 CVE-2020-6963 20 Exec Code 2020-01-24 2020-03-17
10.0
None Remote Low Not required Complete Complete Complete
In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Central Station (CSCS) Versions 1.X, the affected products utilized hard coded SMB credentials, which may allow an attacker to remotely execute arbitrary code.
35 CVE-2020-6962 20 Exec Code +Info 2020-01-24 2020-03-17
10.0
None Remote Low Not required Complete Complete Complete
In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station (CSCS) Versions 1.X CARESCAPE Central Station (CSCS) Versions 2.X, B450 Version 2.X, B650 Version 1.X, B650 Version 2.X, B850 Version 1.X, B850 Version 2.X, an input validation vulnerability exists in the web-based system configuration utility that could allow an attacker to obtain arbitrary remote code execution.
36 CVE-2020-6961 522 +Info 2020-01-24 2020-03-17
7.5
None Remote Low Not required Partial Partial Partial
In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinical Information Center (CIC) Versions 4.X and 5.X, CARESCAPE Telemetry Server Version 4.3, CARESCAPE Central Station (CSCS) Versions 1.X, a vulnerability exists in the affected products that could allow an attacker to obtain access to the SSH private key in configuration files.
37 CVE-2020-6960 89 Sql 2020-01-22 2020-02-07
7.5
None Remote Low Not required Partial Partial Partial
The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR PE prior to Version NVR 5.6 Build 595 T2-Patch, and MPNVRSWXX prior to Version NVR 5.6 Build 595 T2-Patch contain an SQL injection vulnerability that could give an attacker remote unauthenticated access to the web user interface with administrator-level privileges.
38 CVE-2020-6959 502 Exec Code 2020-01-22 2020-02-05
7.5
None Remote Low Not required Partial Partial Partial
The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 T2-Patch, HNMSWVMSLT prior to Version VMS560 Build 595 T2-Patch, MAXPRO NVR: MAXPRO NVR XE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR SE prior to Version NVR 5.6 Build 595 T2-Patch, MAXPRO NVR PE prior to Version NVR 5.6 Build 595 T2-Patch, and MPNVRSWXX prior to Version NVR 5.6 Build 595 T2-Patch are vulnerable to an unsafe deserialization of untrusted data. An attacker may be able to remotely modify deserialized data without authentication using a specially crafted web request, resulting in remote code execution.
39 CVE-2020-6948 20 Exec Code 2020-01-13 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
A remote code execution issue was discovered in HashBrown CMS through 1.3.3. Server/Entity/Deployer/GitDeployer.js has a Service.AppService.exec call that mishandles the URL, repository, username, and password.
40 CVE-2020-6840 416 2020-01-11 2020-01-13
7.5
None Remote Low Not required Partial Partial Partial
In mruby 2.1.0, there is a use-after-free in hash_slice in mrbgems/mruby-hash-ext/src/hash-ext.c.
41 CVE-2020-6839 787 Overflow 2020-01-11 2020-01-13
7.5
None Remote Low Not required Partial Partial Partial
In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_to_dbl in string.c.
42 CVE-2020-6838 416 2020-01-11 2020-01-13
7.5
None Remote Low Not required Partial Partial Partial
In mruby 2.1.0, there is a use-after-free in hash_values_at in mrbgems/mruby-hash-ext/src/hash-ext.c.
43 CVE-2020-6836 94 2020-01-11 2020-01-22
7.5
None Remote Low Not required Partial Partial Partial
grammar-parser.jison in the hot-formula-parser package before 3.0.1 for Node.js is vulnerable to arbitrary code injection. The package fails to sanitize values passed to the parse function and concatenates them in an eval call. If a value of the formula is taken from user-controlled input, it may allow attackers to run arbitrary commands on the server.
44 CVE-2020-6835 193 2020-01-10 2020-01-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Bftpd before 5.4. There is a heap-based off-by-one error during file-transfer error checking.
45 CVE-2020-6756 20 Exec Code 2020-01-09 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
languageOptions.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows unauthenticated attackers to remotely execute code via the lang parameter.
46 CVE-2020-5841 89 Sql 2020-01-07 2020-01-16
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in OpServices OpMon 9.3.1-1. Using password change parameters, an attacker could perform SQL injection without authentication.
47 CVE-2020-5519 20 2020-01-06 2020-01-15
7.5
None Remote Low Not required Partial Partial Partial
The WebAdmin Console in OpenLiteSpeed before v1.6.5 does not strictly check request URLs, as demonstrated by the "Server Configuration > External App" screen.
48 CVE-2020-5514 434 2020-01-06 2020-01-09
9.0
None Remote Low ??? Complete Complete Complete
Gila CMS 1.11.8 allows Unrestricted Upload of a File with a Dangerous Type via .phar or .phtml to the lzld/thumb?src= URI.
49 CVE-2020-5510 89 Sql 2020-01-08 2020-01-10
10.0
None Remote Low Not required Complete Complete Complete
PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profile.php file.
50 CVE-2020-5505 74 Exec Code 2020-01-14 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
Freelancy v1.0.0 allows remote command execution via the "file":"data:application/x-php;base64 substring (in conjunction with "type":"application/x-php"} to the /api/files/ URI.
Total number of vulnerabilities : 400   Page : 1 (This Page)2 3 4 5 6 7 8
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.