CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In March 2020 (CVSS score >= 7)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-11105 763 2020-03-30 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in USC iLab cereal through 1.3.0. It employs caching of std::shared_ptr values, using the raw pointer address as a unique identifier. This becomes problematic if an std::shared_ptr variable goes out of scope and is freed, and a new std::shared_ptr is allocated at the same address. Serialization fidelity thereby becomes dependent upon memory layout. In short, serialized std::shared_ptr variables cannot always be expected to serialize back into their original values. This can have any number of consequences, depending on the context within which this manifests.
2 CVE-2020-10992 611 2020-03-27 2020-03-31
7.5
None Remote Low Not required Partial Partial Partial
Azkaban through 3.84.0 allows XXE, related to validator/XmlValidatorManager.java and user/XmlUserManager.java.
3 CVE-2020-10991 611 2020-03-27 2020-03-31
7.5
None Remote Low Not required Partial Partial Partial
Mulesoft APIkit through 1.3.0 allows XXE because of validation/RestXmlSchemaValidator.java
4 CVE-2020-10990 611 2020-03-27 2020-03-31
7.5
None Remote Low Not required Partial Partial Partial
An XXE issue exists in Accenture Mercury before 1.12.28 because of the platformlambda/core/serializers/SimpleXmlParser.java component.
5 CVE-2020-10964 434 Exec Code 2020-03-25 2020-03-27
7.5
None Remote Low Not required Partial Partial Partial
Serendipity before 2.3.4 on Windows allows remote attackers to execute arbitrary code because the filename of a renamed file may end with a dot. This file may then be renamed to have a .php filename.
6 CVE-2020-10956 918 2020-03-27 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
GitLab 8.10 and later through 12.9 is vulnerable to an SSRF in a project import note feature.
7 CVE-2020-10938 787 Overflow 2020-03-24 2022-01-01
7.5
None Remote Low Not required Partial Partial Partial
GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c.
8 CVE-2020-10888 287 Bypass 2020-03-25 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
This vulnerability allows remote attackers to bypass authentication on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SSH port forwarding requests during initial setup. The issue results from the lack of proper authentication prior to establishing SSH port forwarding rules. An attacker can leverage this vulnerability to escalate privileges to resources normally protected from the WAN interface. Was ZDI-CAN-9664.
9 CVE-2020-10887 Exec Code Bypass 2020-03-25 2021-10-26
7.5
None Remote Low Not required Partial Partial Partial
This vulnerability allows a firewall bypass on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of IPv6 connections. The issue results from the lack of proper filtering of IPv6 SSH connections. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of root. Was ZDI-CAN-9663.
10 CVE-2020-10886 78 Exec Code 2020-03-25 2020-04-01
7.5
None Remote Low Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tmpServer service, which listens on TCP port 20002. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9662.
11 CVE-2020-10885 20 Exec Code 2020-03-25 2020-03-31
7.5
None Remote Low Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. The issue results from the lack of proper validation of DNS reponses prior to further processing. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the root user. Was ZDI-CAN-9661.
12 CVE-2020-10882 78 Exec Code 2020-03-25 2020-04-15
8.3
None Local Network Low Not required Complete Complete Complete
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the tdpServer service, which listens on UDP port 20002 by default. When parsing the slave_mac parameter, the process does not properly validate a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-9650.
13 CVE-2020-10881 787 Exec Code Overflow 2020-03-25 2020-03-31
10.0
None Remote Low Not required Complete Complete Complete
This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted DNS message can trigger an overflow of a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the root user. Was ZDI-CAN-9660.
14 CVE-2020-10879 74 2020-03-23 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
rConfig before 3.9.5 allows command injection by sending a crafted GET request to lib/crud/search.crud.php since the nodeId parameter is passed directly to the exec function without being escaped.
15 CVE-2020-10850 120 Exec Code Overflow 2020-03-24 2020-03-26
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 (January 2020).
16 CVE-2020-10848 119 Overflow 2020-03-24 2020-03-27
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos 9810 chipsets) software. Arbitrary memory mapping exists in TEE. The Samsung ID is SVE-2019-16665 (February 2020).
17 CVE-2020-10837 119 Exec Code Overflow 2020-03-24 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. The Esecomm Trustlet allows a stack overflow and arbitrary code execution. The Samsung ID is SVE-2019-15984 (February 2020).
18 CVE-2020-10836 119 Overflow 2020-03-24 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The Widevine Trustlet allows read and write operations on arbitrary memory locations. The Samsung ID is SVE-2019-15873 (February 2020).
19 CVE-2020-10835 120 Overflow 2020-03-24 2020-03-26
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 (February 2020).
20 CVE-2020-10828 787 Exec Code Overflow 2020-03-26 2020-06-23
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in cvmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.
21 CVE-2020-10827 787 Exec Code Overflow 2020-03-26 2020-06-23
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in apmd on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request.
22 CVE-2020-10826 77 2020-03-26 2022-04-22
10.0
None Remote Low Not required Complete Complete Complete
/cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve command injection via a remote HTTP request in DEBUG mode.
23 CVE-2020-10825 787 Exec Code Overflow 2020-03-26 2020-06-23
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in /cgi-bin/activate.cgi while base64 decoding ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 3 of 3).
24 CVE-2020-10824 787 Exec Code Overflow 2020-03-26 2020-06-23
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in /cgi-bin/activate.cgi through ticket parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 2 of 3).
25 CVE-2020-10823 787 Exec Code Overflow 2020-03-26 2020-06-23
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow in /cgi-bin/activate.cgi through var parameter on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows remote attackers to achieve code execution via a remote HTTP request (issue 1 of 3).
26 CVE-2020-10808 78 2020-03-22 2020-04-06
9.0
None Remote Low ??? Complete Complete Complete
Vesta Control Panel (VestaCP) through 0.9.8-26 allows Command Injection via the schedule/backup Backup Listing Endpoint. The attacker must be able to create a crafted filename on the server, as demonstrated by an FTP session that renames .bash_logout to a .bash_logout' substring followed by shell metacharacters.
27 CVE-2020-10806 434 Exec Code 2020-03-22 2020-03-25
7.5
None Remote Low Not required Partial Partial Partial
eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php execution.
28 CVE-2020-10799 611 2020-03-20 2020-03-24
7.5
None Remote Low Not required Partial Partial Partial
The svglib package through 0.9.3 for Python allows XXE attacks via an svg2rlg call.
29 CVE-2020-10789 78 Exec Code 2020-03-25 2020-03-27
10.0
None Remote Low Not required Complete Complete Complete
openITCOCKPIT before 3.7.3 has a web-based terminal that allows attackers to execute arbitrary OS commands via shell metacharacters that are mishandled on an su command line in app/Lib/SudoMessageInterface.php.
30 CVE-2020-10696 22 Dir. Trav. 2020-03-31 2020-04-01
9.3
None Remote Medium Not required Complete Complete Complete
A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.
31 CVE-2020-10674 78 Exec Code 2020-03-18 2020-03-20
7.5
None Remote Low Not required Partial Partial Partial
PerlSpeak through 2.01 allows attackers to execute arbitrary OS commands, as demonstrated by use of system and 2-argument open.
32 CVE-2020-10665 59 2020-03-18 2022-04-22
7.2
None Local Low Not required Complete Complete Complete
Docker Desktop allows local privilege escalation to NT AUTHORITY\SYSTEM because it mishandles the collection of diagnostics with Administrator privileges, leading to arbitrary DACL permissions overwrites and arbitrary file writes. This affects Docker Desktop Enterprise before 2.1.0.9, Docker Desktop for Windows Stable before 2.2.0.4, and Docker Desktop for Windows Edge before 2.2.2.0.
33 CVE-2020-10649 269 Exec Code 2020-03-25 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windows 10 notebooks and PCs could lead to unsigned code execution with no additional restrictions when a user puts an application at a particular path with a particular file name.
34 CVE-2020-10595 120 Exec Code Overflow 2020-03-31 2020-04-04
7.5
None Remote Low Not required Partial Partial Partial
pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to a prompt with an answer of a carefully chosen length. The effect may range from heap corruption to stack corruption depending on the structure of the underlying Kerberos library, with unknown effects but possibly including code execution. This code path is not used for normal authentication, but only when the Kerberos library does supplemental prompting, such as with PKINIT or when using the non-standard no_prompt PAM configuration option.
35 CVE-2020-10592 DoS 2020-03-23 2022-01-01
7.8
None Remote Low Not required None None Complete
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (CPU consumption), aka TROVE-2020-002.
36 CVE-2020-10589 269 Exec Code 2020-03-15 2020-03-17
7.2
None Local Low Not required Complete Complete Complete
v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/config.json is owned by a low-privileged user but contains commands that are executed as root, after v2rayL.service is restarted via Sudo.
37 CVE-2020-10588 269 2020-03-15 2020-03-17
7.2
None Local Low Not required Complete Complete Complete
v2rayL 2.1.3 allows local users to achieve root access because /etc/v2rayL/add.sh and /etc/v2rayL/remove.sh are owned by a low-privileged user but execute as root via Sudo.
38 CVE-2020-10587 20 2020-03-14 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
antiX and MX Linux allow local users to achieve root access via "persist-config --command /bin/sh" because of the Sudo configuration.
39 CVE-2020-10574 706 2020-03-14 2020-03-18
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "query_logger" Admin API request, because of a typo in the JSON validation.
40 CVE-2020-10571 754 2020-03-14 2020-03-19
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data.
41 CVE-2020-10567 20 Exec Code 2020-03-14 2020-03-20
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Responsive Filemanager through 9.14.0. In the ajax_calls.php file in the save_img action in the name parameter, there is no validation of what kind of extension is sent. This makes it possible to execute PHP code if a legitimate JPEG image contains this code in the EXIF data, and the .php extension is used in the name parameter. (A potential fast patch is to disable the save_img action in the config file.)
42 CVE-2020-10565 269 Exec Code 2020-03-14 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command (read_* or write_*) by a guest through a grub2.cfg file. This allows an untrusted guest to perform arbitrary read or write operations in the context of the grub-bhyve process, resulting in code execution as root on the host OS.
43 CVE-2020-10564 22 Exec Code Dir. Trav. 2020-03-13 2020-03-19
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the File Upload plugin before 4.13.0 for WordPress. A directory traversal can lead to remote code execution by uploading a crafted txt file into the lib directory, because of a wfu_include_lib call.
44 CVE-2020-10563 89 Sql 2020-03-13 2020-03-18
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in DEVOME GRR before 3.4.1c. frmcontactlist.php mishandles a SQL query.
45 CVE-2020-10558 DoS 2020-03-20 2022-05-13
7.1
None Remote Medium Not required None None Complete
The driving interface of Tesla Model 3 vehicles in any release before 2020.4.10 allows Denial of Service to occur due to improper process separation, which allows attackers to disable the speedometer, web browser, climate controls, turn signal visual and sounds, navigation, autopilot notifications, along with other miscellaneous functions from the main screen.
46 CVE-2020-10541 20 Exec Code 2020-03-13 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
Zoho ManageEngine OpManager before 12.4.179 allows remote code execution via a specially crafted Mail Server Settings v1 API request. This was fixed in 12.5.108.
47 CVE-2020-10534 269 +Priv 2020-03-12 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
In the GlobalBlocking extension before 2020-03-10 for MediaWiki through 1.34.0, an issue related to IP range evaluation resulted in blocked users re-gaining escalated privileges. This is related to the case in which an IP address is contained in two ranges, one of which is locally disabled.
48 CVE-2020-10380 89 Sql 2020-03-17 2020-03-19
7.5
None Remote Low Not required Partial Partial Partial
RMySQL through 0.10.19 allows SQL Injection.
49 CVE-2020-10374 20 Exec Code 2020-03-30 2020-06-25
7.5
None Remote Low Not required Partial Partial Partial
A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot function in the Contact Support form.
50 CVE-2020-10364 400 2020-03-23 2021-07-21
7.8
None Remote Low Not required None None Complete
The SSH daemon on MikroTik routers through v6.44.3 could allow remote attackers to generate CPU activity, trigger refusal of new authorized connections, and cause a reboot via connect and write system calls, because of uncontrolled resource management.
Total number of vulnerabilities : 482   Page : 1 (This Page)2 3 4 5 6 7 8 9 10
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.