CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In August 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
451 CVE-2020-14367 59 DoS 2020-08-24 2020-09-09
3.6
None Local Low Not required None Partial Partial
A flaw was found in chrony versions before 3.5.1 when creating the PID file under the /var/run/chrony folder. The file is created during chronyd startup while still running as the root user, and when it's opened for writing, chronyd does not check for an existing symbolic link with the same file name. This flaw allows an attacker with privileged access to create a symlink with the default PID file name pointing to any destination file in the system, resulting in data loss and a denial of service due to the path traversal.
452 CVE-2020-14364 125 DoS Exec Code 2020-08-31 2020-11-11
4.4
None Local Medium Not required Partial Partial Partial
An out-of-bounds read/write access flaw was found in the USB emulator of the QEMU in versions before 5.2.0. This issue occurs while processing USB packets from a guest when USBDevice 'setup_len' exceeds its 'data_buf[4096]' in the do_token_in, do_token_out routines. This flaw allows a guest user to crash the QEMU process, resulting in a denial of service, or the potential execution of arbitrary code with the privileges of the QEMU process on the host.
453 CVE-2020-14356 476 2020-08-19 2020-11-02
7.2
None Local Low Not required Complete Complete Complete
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.
454 CVE-2020-14352 22 Dir. Trav. 2020-08-30 2020-11-09
8.5
None Remote Medium ??? Complete Complete Complete
A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the destination directory on the targeted system via path traversal. This flaw could potentially result in system compromise via the overwriting of critical system files. The highest threat from this flaw is to users that make use of untrusted third-party repositories.
455 CVE-2020-14350 426 2020-08-24 2020-09-18
4.4
None Local Medium Not required Partial Partial Partial
It was found that some PostgreSQL extensions did not use search_path safely in their installation script. An attacker with sufficient privileges could use this flaw to trick an administrator into executing a specially crafted script, during the installation or update of such extension. This affects PostgreSQL versions before 12.4, before 11.9, before 10.14, before 9.6.19, and before 9.5.23.
456 CVE-2020-14349 89 Exec Code Sql 2020-08-24 2020-09-18
4.6
None Remote High ??? Partial Partial Partial
It was found that PostgreSQL versions before 12.4, before 11.9 and before 10.14 did not properly sanitize the search_path during logical replication. An authenticated attacker could use this flaw in an attack similar to CVE-2018-1058, in order to execute arbitrary SQL command in the context of the user used for replication.
457 CVE-2020-14347 665 Bypass 2020-08-05 2020-12-07
2.1
None Local Low Not required Partial None None
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could result in possible ASLR bypass. Xorg-server before version 1.20.9 is vulnerable.
458 CVE-2020-14344 190 Overflow 2020-08-05 2020-12-04
4.6
None Local Low Not required Partial Partial Partial
An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setuid programs call XIM client functions while running with elevated privileges. No such programs are shipped with Red Hat Enterprise Linux.
459 CVE-2020-14333 79 XSS 2020-08-18 2020-12-08
4.3
None Remote Medium Not required None Partial None
A flaw was found in Ovirt Engine's web interface in ovirt 4.4 and earlier, where it did not filter user-controllable parameters completely, resulting in a reflected cross-site scripting attack. This flaw allows an attacker to leverage a phishing attack, steal an unsuspecting user's cookies or other confidential information, or impersonate them within the application's context.
460 CVE-2020-14325 863 2020-08-11 2021-07-21
6.4
None Remote Low Not required Partial Partial None
Red Hat CloudForms before 5.11.7.0 was vulnerable to the User Impersonation authorization flaw which allows malicious attacker to create existent and non-existent role-based access control user, with groups and roles. With a selected group of EvmGroup-super_administrator, an attacker can perform any API request as a super administrator.
461 CVE-2020-14324 78 Exec Code 2020-08-11 2020-08-13
6.5
None Remote Low ??? Partial Partial Partial
A high severity vulnerability was found in all active versions of Red Hat CloudForms before 5.11.7.0. The out of band OS command injection vulnerability can be exploited by authenticated attacker while setuping conversion host through Infrastructure Migration Solution. This flaw allows attacker to execute arbitrary commands on CloudForms server.
462 CVE-2020-14319 352 Bypass CSRF 2020-08-03 2020-08-12
4.0
None Remote High Not required None Partial Partial
It was found that the AMQ Online console is vulnerable to a Cross-Site Request Forgery (CSRF) which is exploitable in cases where preflight checks are not instigated or bypassed. For example authorised users using an older browser with Adobe Flash are vulnerable when targeted by an attacker. This flaw affects all versions of AMQ-Online prior to 1.5.2 and Enmasse versions 0.31.0-rc1 up until but not including 0.32.2.
463 CVE-2020-14313 200 +Info 2020-08-11 2021-07-21
4.0
None Remote Low ??? Partial None None
An information disclosure vulnerability was found in Red Hat Quay in versions before 3.3.1. This flaw allows an attacker who can create a build trigger in a repository, to disclose the names of robot accounts and the existence of private repositories within any namespace.
464 CVE-2020-14296 918 2020-08-11 2020-08-12
5.5
None Remote Low ??? Partial Partial None
Red Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan and attack systems from the internal network which are not normally accessible.
465 CVE-2020-14215 863 2020-08-21 2021-07-21
5.0
None Remote Low Not required None Partial None
Zulip Server before 2.1.5 has Incorrect Access Control because 0198_preregistrationuser_invited_as adds the administrator role to invitations.
466 CVE-2020-14201 269 2020-08-21 2021-07-21
4.0
None Remote Low ??? None Partial None
Dolibarr CRM before 11.0.5 allows privilege escalation. This could allow remote authenticated attackers to upload arbitrary files via societe/document.php in which "disabled" is changed to "enabled" in the HTML source code.
467 CVE-2020-14194 20 2020-08-21 2021-07-21
5.8
None Remote Medium Not required Partial Partial None
Zulip Server before 2.1.5 allows reverse tabnapping via a topic header link.
468 CVE-2020-14044 918 Exec Code 2020-08-24 2021-03-30
6.5
None Remote Low ??? Partial Partial Partial
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Server-Side Request Forgery (SSRF) vulnerability was found in Codiad v1.7.8 and later. A user with admin privileges could use the plugin install feature to make the server request any URL via components/market/class.market.php. This could potentially result in remote code execution. NOTE: the vendor states "Codiad is no longer under active maintenance by core contributors."
469 CVE-2020-14043 352 Exec Code CSRF 2020-08-24 2021-03-30
6.8
None Remote Medium Not required Partial Partial Partial
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Side Request Forgery (CSRF) vulnerability was found in Codiad v1.7.8 and later. The request to download a plugin from the marketplace is only available to admin users and it isn't CSRF protected in components/market/controller.php. This might cause admins to make a vulnerable request without them knowing and result in remote code execution. NOTE: the vendor states "Codiad is no longer under active maintenance by core contributors."
470 CVE-2020-14042 79 XSS 2020-08-25 2021-03-30
4.3
None Remote Medium Not required None Partial None
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Site Scripting (XSS) vulnerability was found in Codiad v1.7.8 and later. The vulnerability occurs because of improper sanitization of the folder's name $path variable in components/filemanager/class.filemanager.php. NOTE: the vendor states "Codiad is no longer under active maintenance by core contributors."
471 CVE-2020-13941 20 2020-08-17 2021-03-25
6.5
None Remote Low ??? Partial Partial Partial
Reported in SOLR-14515 (private) and fixed in SOLR-14561 (public), released in Solr version 8.6.0. The Replication handler (https://lucene.apache.org/solr/guide/8_6/index-replication.html#http-api-commands-for-the-replicationhandler) allows commands backup, restore and deleteBackup. Each of these take a location parameter, which was not validated, i.e you could read/write to any location the solr user can access.
472 CVE-2020-13933 Bypass 2020-08-17 2022-03-31
5.0
None Remote Low Not required Partial None None
Apache Shiro before 1.6.0, when using Apache Shiro, a specially crafted HTTP request may cause an authentication bypass.
473 CVE-2020-13921 89 Sql 2020-08-05 2020-08-07
7.5
None Remote Low Not required Partial Partial Partial
**Resolved** Only when using H2/MySQL/TiDB as Apache SkyWalking storage, there is a SQL injection vulnerability in the wildcard query cases.
474 CVE-2020-13863 74 2020-08-26 2020-09-01
5.5
None Remote Low ??? Partial None Partial
The SAS portal of Mitel MiCollab before 9.1.3 could allow an attacker to access user data by performing a header injection in HTTP responses, due to the improper handling of input parameters. A successful exploit could allow an attacker to access user information.
475 CVE-2020-13828 79 XSS 2020-08-31 2020-09-08
3.5
None Remote Medium ??? None Partial None
Dolibarr 11.0.4 is affected by multiple stored Cross-Site Scripting (XSS) vulnerabilities that could allow remote authenticated attackers to inject arbitrary web script or HTML via ticket/card.php?action=create with the subject, message, or address parameter; adherents/card.php with the societe or address parameter; product/card.php with the label or customcode parameter; or societe/card.php with the alias or barcode parameter.
476 CVE-2020-13826 74 Exec Code 2020-08-20 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
A CSV injection (aka Excel Macro Injection or Formula Injection) issue in i-doit 1.14.2 allows an attacker to execute arbitrary commands via a Title parameter that is mishandled in a CSV export.
477 CVE-2020-13825 79 XSS 2020-08-20 2020-08-24
4.3
None Remote Medium Not required None Partial None
A cross-site scripting (XSS) vulnerability in i-doit 1.14.2 allows remote attackers to inject arbitrary web script or HTML via the viewMode, tvMode, tvType, objID, catgID, objTypeID, or editMode parameter.
478 CVE-2020-13821 79 XSS 2020-08-26 2020-12-23
3.5
None Remote Medium ??? None Partial None
An issue was discovered in HiveMQ Broker Control Center 4.3.2. A crafted clientid parameter in an MQTT packet (sent to the Broker) is reflected in the client section of the management console. The attacker's JavaScript is loaded in a browser, which can lead to theft of the session and cookie of the administrator's account of the Broker.
479 CVE-2020-13820 79 XSS 2020-08-03 2020-08-04
4.3
None Remote Medium Not required None Partial None
Extreme Management Center 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request.
480 CVE-2020-13819 79 XSS 2020-08-05 2020-08-06
4.3
None Remote Medium Not required None Partial None
Extreme EAC Appliance 8.4.1.24 allows unauthenticated reflected XSS via a parameter in a GET request.
481 CVE-2020-13793 798 2020-08-06 2020-08-11
7.5
None Remote Low Not required Partial Partial Partial
Unsafe storage of AD credentials in Ivanti DSM netinst 5.1 due to a static, hard-coded encryption key.
482 CVE-2020-13767 306 2020-08-26 2021-07-21
4.3
None Remote Medium Not required Partial None None
The Mitel MiCollab application before 9.1.332 for iOS could allow an unauthorized user to access restricted files and folders due to insufficient access control. An exploit requires a rooted iOS device, and (if successful) could allow an attacker to gain access to sensitive information,
483 CVE-2020-13655 79 XSS 2020-08-31 2020-09-03
4.3
None Remote Medium Not required None Partial None
An issue was discovered in Collabtive 3.0 and later. managefile.php is vulnerable to XSS: when the action parameter is set to movefile and the id parameter corresponds to a project the current user has access to, the file and target parameters are reflected.
484 CVE-2020-13617 307 2020-08-26 2020-09-01
5.0
None Remote Low Not required Partial None None
The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory handling during failed login attempts.
485 CVE-2020-13595 617 2020-08-31 2020-09-08
3.3
None Local Network Low Not required None None Partial
The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.0 through 4.2 (for ESP32 devices) returns the wrong number of completed BLE packets and triggers a reachable assertion on the host stack when receiving a packet with an MIC failure. An attacker within radio range can silently trigger the assertion (which disables the target's BLE stack) by sending a crafted sequence of BLE packets.
486 CVE-2020-13594 20 DoS 2020-08-31 2020-09-08
3.3
None Local Network Low Not required None None Partial
The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.2 and earlier (for ESP32 devices) does not properly restrict the channel map field of the connection request packet on reception, allowing attackers in radio range to cause a denial of service (crash) via a crafted packet.
487 CVE-2020-13593 863 DoS 2020-08-31 2021-07-21
5.8
None Local Network Low Not required Partial Partial Partial
The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation in Texas Instruments SimpleLink SIMPLELINK-CC2640R2-SDK through 2.2.3 allows the Diffie-Hellman check during the Secure Connection pairing to be skipped if the Link Layer encryption setup is performed earlier. An attacker in radio range can achieve arbitrary read/write access to protected GATT service data, cause a denial of service, or possibly control a device's function by establishing an encrypted session with an unauthenticated Long Term Key (LTK).
488 CVE-2020-13523 862 2020-08-04 2022-06-07
2.1
None Local Low Not required Partial None None
An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can cause the disclosure of sensitive information. An attacker can send a malicious IRP to trigger this vulnerability.
489 CVE-2020-13522 2020-08-04 2022-06-07
3.6
None Local Low Not required None Partial Partial
An exploitable arbitrary file delete vulnerability exists in SoftPerfect RAM Disk 4.1 spvve.sys driver. A specially crafted I/O request packet (IRP) can allow an unprivileged user to delete any file on the filesystem. An attacker can send a malicious IRP to trigger this vulnerability.
490 CVE-2020-13472 668 2020-08-31 2020-09-03
2.1
None Local Low Not required None Partial None
The flash memory readout protection in Gigadevice GD32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the DMA module.
491 CVE-2020-13471 Exec Code 2020-08-31 2020-09-09
7.2
None Local Low Not required Complete Complete Complete
Apex Microelectronics APM32F103 devices allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration.
492 CVE-2020-13470 668 2020-08-31 2020-09-03
2.1
None Local Low Not required None Partial None
Gigadevice GD32F103 and GD32F130 devices allow physical attackers to extract data via the probing of easily accessible bonding wires and de-obfuscation of the observed data.
493 CVE-2020-13469 668 2020-08-31 2020-09-04
2.1
None Local Low Not required None Partial None
The flash memory readout protection in Gigadevice GD32VF103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU.
494 CVE-2020-13468 276 2020-08-31 2020-09-03
4.6
None Local Low Not required Partial Partial Partial
Gigadevice GD32F130 devices allow physical attackers to escalate their debug interface permissions via fault injection into inter-IC bonding wires (which have insufficient physical protection).
495 CVE-2020-13467 755 2020-08-31 2020-09-09
2.1
None Local Low Not required None Partial None
The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling.
496 CVE-2020-13466 Exec Code 2020-08-31 2020-09-09
7.2
None Local Low Not required Complete Complete Complete
STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration.
497 CVE-2020-13465 20 Exec Code 2020-08-31 2020-09-03
4.6
None Local Low Not required Partial Partial Partial
The security protection in Gigadevice GD32F103 devices allows physical attackers to redirect the control flow and execute arbitrary code via the debug interface.
498 CVE-2020-13464 200 +Info 2020-08-31 2021-07-21
1.9
None Local Medium Not required None Partial None
The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU or DMA module.
499 CVE-2020-13463 755 2020-08-31 2020-09-10
2.1
None Local Low Not required Partial None None
The flash memory readout protection in Apex Microelectronics APM32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling.
500 CVE-2020-13410 755 2020-08-26 2020-09-04
5.0
None Remote Low Not required None None Partial
An issue was discovered in MoscaJS Aedes 0.42.0. lib/write.js does not properly consider exceptions during the writing of an invalid packet to a stream.
Total number of vulnerabilities : 1155   Page : 1 2 3 4 5 6 7 8 9 10 (This Page)11 12 13 14 15 16 17 18 19 20 21 22 23 24
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.