CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In July 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
501 CVE-2020-14337 209 2020-07-31 2020-08-11
5.0
None Remote Low Not required Partial None None
A data exposure flaw was found in Tower, where sensitive data was revealed from the HTTP return error codes. This flaw allows an unauthenticated, remote attacker to retrieve pages from the default organization and verify existing usernames. The highest threat from this vulnerability is to data confidentiality.
502 CVE-2020-14334 522 +Priv 2020-07-31 2020-12-04
4.6
None Local Low Not required Partial Partial Partial
A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These cache credentials could help attacker to gain complete control of the Satellite instance.
503 CVE-2020-14316 269 +Priv 2020-07-29 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
A flaw was found in kubevirt 0.29 and earlier. Virtual Machine Instances (VMIs) can be used to gain access to the host's filesystem. Successful exploitation allows an attacker to assume the privileges of the VM process on the host system. In worst-case scenarios an attacker can read and modify any file on the system where the VMI is running. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
504 CVE-2020-14311 190 Overflow 2020-07-31 2021-10-19
3.6
None Local Low Not required None Partial Partial
There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow.
505 CVE-2020-14310 190 Overflow 2020-07-31 2021-10-19
3.6
None Local Low Not required None Partial Partial
There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow.
506 CVE-2020-14309 787 Overflow 2020-07-30 2022-04-28
4.6
None Local Low Not required Partial Partial Partial
There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.
507 CVE-2020-14308 190 Overflow 2020-07-29 2022-04-18
4.4
None Local Medium Not required Partial Partial Partial
In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process.
508 CVE-2020-14307 404 DoS 2020-07-24 2021-11-04
4.0
None Remote Low ??? None None Partial
A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable.
509 CVE-2020-14303 834 2020-07-06 2022-04-28
5.0
None Remote Low Not required None None Partial
A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash.
510 CVE-2020-14300 273 Exec Code 2020-07-13 2020-07-21
4.6
None Local Low Not required Partial Partial Partial
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in that update was the fix for CVE-2016-9962, that was previously corrected in the docker packages in Red Hat Enterprise Linux 7 Extras via RHSA-2017:0116 (https://access.redhat.com/errata/RHSA-2017:0116). The CVE-2020-14300 was assigned to this security regression and it is specific to the docker packages produced by Red Hat. The original issue - CVE-2016-9962 - could possibly allow a process inside container to compromise a process entering container namespace and execute arbitrary code outside of the container. This could lead to compromise of the container host or other containers running on the same container host. This issue only affects a single version of Docker, 1.13.1-108.git4ef4b30, shipped in Red Hat Enterprise Linux 7. Both earlier and later versions are not affected.
511 CVE-2020-14298 273 2020-07-13 2020-07-21
4.6
None Local Low Not required Partial Partial Partial
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the container host and other containers running on the same host. This issue only affects docker version 1.13.1-108.git4ef4b30.el7, shipped in Red Hat Enterprise Linux 7 Extras. Both earlier and later versions are not affected.
512 CVE-2020-14297 400 DoS 2020-07-24 2020-07-29
4.0
None Remote Low ??? None None Partial
A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable.
513 CVE-2020-14196 863 2020-07-01 2020-10-17
4.3
None Remote Medium Not required None Partial None
In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced.
514 CVE-2020-14175 79 XSS 2020-07-24 2022-03-30
3.5
None Remote Medium ??? None Partial None
Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in user macro parameters. The affected versions are before version 7.4.2, and from version 7.5.0 before 7.5.2.
515 CVE-2020-14174 639 2020-07-13 2022-03-30
4.0
None Remote Low ??? Partial None None
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view titles of a private project via an Insecure Direct Object References (IDOR) vulnerability in the Administration Permission Helper. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, from version 8.6.0 before 8.9.2, and from version 8.10.0 before 8.10.1.
516 CVE-2020-14173 79 XSS 2020-07-03 2022-03-30
3.5
None Remote Medium ??? None Partial None
The file upload feature in Atlassian Jira Server and Data Center in affected versions allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability. The affected versions are before version 8.5.4, from version 8.6.0 before 8.6.2, and from version 8.7.0 before 8.7.1.
517 CVE-2020-14172 502 Exec Code 2020-07-03 2022-05-03
7.5
None Remote Low Not required Partial Partial Partial
This issue exists to document that a security improvement in the way that Jira Server and Data Center use velocity templates has been implemented. The way in which velocity templates were used in Atlassian Jira Server and Data Center in affected versions allowed remote attackers to achieve remote code execution via insecure deserialization, if they were able to exploit a server side template injection vulnerability. The affected versions are before version 7.13.0, from version 8.0.0 before 8.5.0, and from version 8.6.0 before version 8.8.1.
518 CVE-2020-14171 319 2020-07-09 2020-07-15
5.8
None Remote Medium Not required Partial Partial None
Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote attackers to intercept unencrypted repository import requests via a Man-in-the-Middle (MITM) attack.
519 CVE-2020-14170 918 2020-07-09 2020-07-15
4.0
None Remote Low ??? Partial None None
Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability.
520 CVE-2020-14169 79 XSS 2020-07-01 2020-07-09
4.3
None Remote Medium Not required None Partial None
The quick search component in Atlassian Jira Server and Data Center before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability
521 CVE-2020-14168 2020-07-01 2022-03-30
4.3
None Remote Medium Not required Partial None None
The email client in Jira Server and Data Center before version 7.13.16, from 8.5.0 before 8.5.7, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to access outgoing emails between a Jira instance and the SMTP server via man-in-the-middle (MITM) vulnerability.
522 CVE-2020-14167 DoS 2020-07-01 2022-03-30
5.0
None Remote Low Not required None None Partial
The MessageBundleResource resource in Jira Server and Data Center before version 7.13.4, from 8.5.0 before 8.5.5, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to impact the application's availability via an Denial of Service (DoS) vulnerability.
523 CVE-2020-14166 79 XSS 2020-07-01 2022-02-01
3.5
None Remote Medium ??? None Partial None
The /servicedesk/customer/portals resource in Jira Service Desk Server and Data Center before version 4.10.0 allows remote attackers with project administrator privileges to inject arbitrary HTML or JavaScript names via an Cross Site Scripting (XSS) vulnerability by uploading a html file.
524 CVE-2020-14165 863 +Info 2020-07-01 2021-07-21
5.0
None Remote Low Not required Partial None None
The UniversalAvatarResource.getAvatars resource in Jira Server and Data Center before version 8.9.0 allows remote attackers to obtain information about custom project avatars names via an Improper authorization vulnerability.
525 CVE-2020-14164 79 XSS 2020-07-01 2020-07-13
4.3
None Remote Medium Not required None Partial None
The WYSIWYG editor resource in Jira Server and Data Center before version 8.8.2 allows remote attackers to inject arbitrary HTML or JavaScript names via an Cross Site Scripting (XSS) vulnerability by pasting javascript code into the editor field.
526 CVE-2020-14162 269 Exec Code 2020-07-30 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in Pi-Hole through 5.0. The local www-data user has sudo privileges to execute the pihole core script as root without a password, which could allow an attacker to obtain root access via shell metacharacters to this script's setdns command.
527 CVE-2020-14158 287 Bypass 2020-07-30 2020-08-05
6.4
None Remote Low Not required Partial Partial None
The ABUS Secvest FUMO50110 hybrid module does not have any security mechanism that ensures confidentiality or integrity of RF packets that are exchanged with an alarm panel. This makes it easier to conduct wAppLoxx authentication-bypass attacks.
528 CVE-2020-14092 89 Sql 2020-07-02 2020-07-08
7.5
None Remote Low Not required Partial Partial Partial
The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection.
529 CVE-2020-14066 434 2020-07-15 2020-07-22
6.5
None Remote Low ??? Partial Partial Partial
IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files that are dangerous for clients to access.
530 CVE-2020-14065 434 2020-07-15 2020-07-22
4.0
None Remote Low ??? None None Partial
IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space.
531 CVE-2020-14064 668 2020-07-15 2020-07-22
4.0
None Remote Low ??? None Partial None
IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts.
532 CVE-2020-14063 79 XSS 2020-07-21 2020-07-23
4.3
None Remote Medium Not required None Partial None
A stored Cross-Site Scripting (XSS) vulnerability in the TC Custom JavaScript plugin before 1.2.2 for WordPress allows unauthenticated remote attackers to inject arbitrary JavaScript via the tccj-content parameter. This is displayed in the page footer of every front-end page and executed in the browser of visitors.
533 CVE-2020-14057 610 Exec Code 2020-07-01 2020-07-08
7.5
None Remote Low Not required Partial Partial Partial
Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations. This allows attackers to read and write arbitrary local files, allowing an attacker to gain remote code execution in common deployments.
534 CVE-2020-14056 918 2020-07-01 2020-07-08
7.5
None Remote Low Not required Partial Partial Partial
Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. This allows attackers to read arbitrary local files and interact with arbitrary third-party services.
535 CVE-2020-14055 79 XSS 2020-07-01 2020-07-08
4.3
None Remote Medium Not required None Partial None
Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language setting due to insufficient output encoding.
536 CVE-2020-14039 295 2020-07-17 2021-06-14
5.0
None Remote Low Not required None Partial None
In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete.
537 CVE-2020-14001 862 Exec Code 2020-07-17 2022-04-28
7.5
None Remote Low Not required Partial Partial Partial
The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access (such as template="/etc/passwd") or unintended embedded Ruby code execution (such as a string that begins with template="string://<%= `). NOTE: kramdown is used in Jekyll, GitLab Pages, GitHub Pages, and Thredded Forum.
538 CVE-2020-14000 502 Exec Code 2020-07-16 2020-07-24
7.5
None Remote Low Not required Partial Partial Partial
MIT Lifelong Kindergarten Scratch scratch-vm before 0.2.0-prerelease.20200714185213 loads extension URLs from untrusted project.json files with certain _ characters, resulting in remote code execution because the URL's content is treated as a script and is executed as a worker. The responsible code is getExtensionIdForOpcode in serialization/sb3.js. The use of _ is incompatible with a protection mechanism in older versions, in which URLs were split and consequently deserialization attacks were prevented. NOTE: the scratch.mit.edu hosted service is not affected because of the lack of worker scripts.
539 CVE-2020-13997 522 2020-07-28 2021-07-21
5.0
None Remote Low Not required Partial None None
In Shopware before 6.2.3, the database password is leaked to an unauthenticated user when a DriverException occurs and verbose error handling is enabled.
540 CVE-2020-13994 94 Exec Code 2020-07-09 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A privileged user can achieve code execution on the server via a ticket because of improper access control of uploaded resources. This might be exploitable in conjunction with CVE-2020-13992 by an unauthenticated attacker.
541 CVE-2020-13993 89 Sql 2020-07-09 2020-07-14
5.0
None Remote Low Not required Partial None None
An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A blind time-based SQL injection issue allows remote unauthenticated attackers to retrieve information from the database via a ticket.
542 CVE-2020-13992 79 XSS 2020-07-09 2020-07-10
4.3
None Remote Medium Not required None Partial None
An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A Stored XSS issue allows remote unauthenticated attackers to abuse a helpdesk user's logged in session. A user with sufficient privileges to change their login-page image must open a crafted ticket.
543 CVE-2020-13971 79 XSS 2020-07-28 2020-07-31
3.5
None Remote Medium ??? None Partial None
In Shopware before 6.2.3, authenticated users are allowed to use the Mediabrowser fileupload feature to upload SVG images containing JavaScript. This leads to Persistent XSS. An uploaded image can be accessed without authentication.
544 CVE-2020-13970 918 2020-07-28 2020-07-31
6.5
None Remote Low ??? Partial Partial Partial
Shopware before 6.2.3 is vulnerable to a Server-Side Request Forgery (SSRF) in its "Mediabrowser upload by URL" feature. This allows an authenticated user to send HTTP, HTTPS, FTP, and SFTP requests on behalf of the Shopware platform server.
545 CVE-2020-13935 835 DoS 2020-07-14 2022-05-12
5.0
None Remote Low Not required None None Partial
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service.
546 CVE-2020-13934 476 DoS 2020-07-14 2022-03-01
5.0
None Remote Low Not required None None Partial
An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service.
547 CVE-2020-13932 79 XSS 2020-07-20 2021-01-28
4.3
None Remote Medium Not required None Partial None
In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console's browser. The XSS payload is triggered in the diagram plugin; queue node and the info section.
548 CVE-2020-13926 89 Sql 2020-07-14 2020-07-21
7.5
None Remote Low Not required Partial Partial Partial
Kylin concatenates and executes a Hive SQL in Hive CLI or beeline when building a new segment; some part of the HQL is from system configurations, while the configuration can be overwritten by certain rest api, which makes SQL injection attack is possible. Users of all previous versions after 2.0 should upgrade to 3.1.0.
549 CVE-2020-13925 78 Exec Code 2020-07-14 2020-07-21
10.0
None Remote Low Not required Complete Complete Complete
Similar to CVE-2020-1956, Kylin has one more restful API which concatenates the API inputs into OS commands and then executes them on the server; while the reported API misses necessary input validation, which causes the hackers to have the possibility to execute OS command remotely. Users of all previous versions after 2.3 should upgrade to 3.1.0.
550 CVE-2020-13923 20 2020-07-15 2021-07-21
5.0
None Remote Low Not required None Partial None
IDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 17.12.04
Total number of vulnerabilities : 1418   Page : 1 2 3 4 5 6 7 8 9 10 11 (This Page)12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.