| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
501 |
CVE-2020-14337 |
209 |
|
|
2020-07-31 |
2020-08-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A data exposure flaw was found in Tower, where sensitive data was revealed from the HTTP return error codes. This flaw allows an unauthenticated, remote attacker to retrieve pages from the default organization and verify existing usernames. The highest threat from this vulnerability is to data confidentiality. |
|
502 |
CVE-2020-14334 |
522 |
|
+Priv |
2020-07-31 |
2020-12-04 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These cache credentials could help attacker to gain complete control of the Satellite instance. |
|
503 |
CVE-2020-14316 |
269 |
|
+Priv |
2020-07-29 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A flaw was found in kubevirt 0.29 and earlier. Virtual Machine Instances (VMIs) can be used to gain access to the host's filesystem. Successful exploitation allows an attacker to assume the privileges of the VM process on the host system. In worst-case scenarios an attacker can read and modify any file on the system where the VMI is running. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
504 |
CVE-2020-14311 |
190 |
|
Overflow |
2020-07-31 |
2021-10-19 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesystem containing a symbolic link with an inode size of UINT32_MAX causes an arithmetic overflow leading to a zero-sized memory allocation with subsequent heap-based buffer overflow. |
|
505 |
CVE-2020-14310 |
190 |
|
Overflow |
2020-07-31 |
2021-10-19 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
|
There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a font name to be at max UINT32_MAX - 1 length in bytes but it doesn't verify it before proceed with buffer allocation to read the value from the font value. An attacker may leverage that by crafting a malicious font file which has a name with UINT32_MAX, leading to read_section_as_string() to an arithmetic overflow, zero-sized allocation and further heap-based buffer overflow. |
|
506 |
CVE-2020-14309 |
787 |
|
Overflow |
2020-07-30 |
2022-04-28 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data. |
|
507 |
CVE-2020-14308 |
190 |
|
Overflow |
2020-07-29 |
2022-04-18 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process. |
|
508 |
CVE-2020-14307 |
404 |
|
DoS |
2020-07-24 |
2021-11-04 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
A vulnerability was found in Wildfly's Enterprise Java Beans (EJB) versions shipped with Red Hat JBoss EAP 7, where SessionOpenInvocations are never removed from the remote InvocationTracker after a response is received in the EJB Client, as well as the server. This flaw allows an attacker to craft a denial of service attack to make the service unavailable. |
|
509 |
CVE-2020-14303 |
834 |
|
|
2020-07-06 |
2022-04-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash. |
|
510 |
CVE-2020-14300 |
273 |
|
Exec Code |
2020-07-13 |
2020-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The docker packages version docker-1.13.1-108.git4ef4b30.el7 as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 (https://access.redhat.com/errata/RHBA-2020:0053) included an incorrect version of runc that was missing multiple bug and security fixes. One of the fixes regressed in that update was the fix for CVE-2016-9962, that was previously corrected in the docker packages in Red Hat Enterprise Linux 7 Extras via RHSA-2017:0116 (https://access.redhat.com/errata/RHSA-2017:0116). The CVE-2020-14300 was assigned to this security regression and it is specific to the docker packages produced by Red Hat. The original issue - CVE-2016-9962 - could possibly allow a process inside container to compromise a process entering container namespace and execute arbitrary code outside of the container. This could lead to compromise of the container host or other containers running on the same container host. This issue only affects a single version of Docker, 1.13.1-108.git4ef4b30, shipped in Red Hat Enterprise Linux 7. Both earlier and later versions are not affected. |
|
511 |
CVE-2020-14298 |
273 |
|
|
2020-07-13 |
2020-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the container host and other containers running on the same host. This issue only affects docker version 1.13.1-108.git4ef4b30.el7, shipped in Red Hat Enterprise Linux 7 Extras. Both earlier and later versions are not affected. |
|
512 |
CVE-2020-14297 |
400 |
|
DoS |
2020-07-24 |
2020-07-29 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable. |
|
513 |
CVE-2020-14196 |
863 |
|
|
2020-07-01 |
2020-10-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In PowerDNS Recursor versions up to and including 4.3.1, 4.2.2 and 4.1.16, the ACL restricting access to the internal web server is not properly enforced. |
|
514 |
CVE-2020-14175 |
79 |
|
XSS |
2020-07-24 |
2022-03-30 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability in user macro parameters. The affected versions are before version 7.4.2, and from version 7.5.0 before 7.5.2. |
|
515 |
CVE-2020-14174 |
639 |
|
|
2020-07-13 |
2022-03-30 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to view titles of a private project via an Insecure Direct Object References (IDOR) vulnerability in the Administration Permission Helper. The affected versions are before version 7.13.6, from version 8.0.0 before 8.5.7, from version 8.6.0 before 8.9.2, and from version 8.10.0 before 8.10.1. |
|
516 |
CVE-2020-14173 |
79 |
|
XSS |
2020-07-03 |
2022-03-30 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
The file upload feature in Atlassian Jira Server and Data Center in affected versions allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability. The affected versions are before version 8.5.4, from version 8.6.0 before 8.6.2, and from version 8.7.0 before 8.7.1. |
|
517 |
CVE-2020-14172 |
502 |
|
Exec Code |
2020-07-03 |
2022-05-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
This issue exists to document that a security improvement in the way that Jira Server and Data Center use velocity templates has been implemented. The way in which velocity templates were used in Atlassian Jira Server and Data Center in affected versions allowed remote attackers to achieve remote code execution via insecure deserialization, if they were able to exploit a server side template injection vulnerability. The affected versions are before version 7.13.0, from version 8.0.0 before 8.5.0, and from version 8.6.0 before version 8.8.1. |
|
518 |
CVE-2020-14171 |
319 |
|
|
2020-07-09 |
2020-07-15 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Atlassian Bitbucket Server from version 4.9.0 before version 7.2.4 allows remote attackers to intercept unencrypted repository import requests via a Man-in-the-Middle (MITM) attack. |
|
519 |
CVE-2020-14170 |
918 |
|
|
2020-07-09 |
2020-07-15 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Webhooks in Atlassian Bitbucket Server from version 5.4.0 before version 7.3.1 allow remote attackers to access the content of internal network resources via a Server-Side Request Forgery (SSRF) vulnerability. |
|
520 |
CVE-2020-14169 |
79 |
|
XSS |
2020-07-01 |
2020-07-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The quick search component in Atlassian Jira Server and Data Center before 8.9.1 allows remote attackers to inject arbitrary HTML or JavaScript via a Cross-Site Scripting (XSS) vulnerability |
|
521 |
CVE-2020-14168 |
|
|
|
2020-07-01 |
2022-03-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The email client in Jira Server and Data Center before version 7.13.16, from 8.5.0 before 8.5.7, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to access outgoing emails between a Jira instance and the SMTP server via man-in-the-middle (MITM) vulnerability. |
|
522 |
CVE-2020-14167 |
|
|
DoS |
2020-07-01 |
2022-03-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The MessageBundleResource resource in Jira Server and Data Center before version 7.13.4, from 8.5.0 before 8.5.5, from 8.8.0 before 8.8.2, and from 8.9.0 before 8.9.1 allows remote attackers to impact the application's availability via an Denial of Service (DoS) vulnerability. |
|
523 |
CVE-2020-14166 |
79 |
|
XSS |
2020-07-01 |
2022-02-01 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
The /servicedesk/customer/portals resource in Jira Service Desk Server and Data Center before version 4.10.0 allows remote attackers with project administrator privileges to inject arbitrary HTML or JavaScript names via an Cross Site Scripting (XSS) vulnerability by uploading a html file. |
|
524 |
CVE-2020-14165 |
863 |
|
+Info |
2020-07-01 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The UniversalAvatarResource.getAvatars resource in Jira Server and Data Center before version 8.9.0 allows remote attackers to obtain information about custom project avatars names via an Improper authorization vulnerability. |
|
525 |
CVE-2020-14164 |
79 |
|
XSS |
2020-07-01 |
2020-07-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The WYSIWYG editor resource in Jira Server and Data Center before version 8.8.2 allows remote attackers to inject arbitrary HTML or JavaScript names via an Cross Site Scripting (XSS) vulnerability by pasting javascript code into the editor field. |
|
526 |
CVE-2020-14162 |
269 |
|
Exec Code |
2020-07-30 |
2021-07-21 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in Pi-Hole through 5.0. The local www-data user has sudo privileges to execute the pihole core script as root without a password, which could allow an attacker to obtain root access via shell metacharacters to this script's setdns command. |
|
527 |
CVE-2020-14158 |
287 |
|
Bypass |
2020-07-30 |
2020-08-05 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The ABUS Secvest FUMO50110 hybrid module does not have any security mechanism that ensures confidentiality or integrity of RF packets that are exchanged with an alarm panel. This makes it easier to conduct wAppLoxx authentication-bypass attacks. |
|
528 |
CVE-2020-14092 |
89 |
|
Sql |
2020-07-02 |
2020-07-08 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection. |
|
529 |
CVE-2020-14066 |
434 |
|
|
2020-07-15 |
2020-07-22 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files that are dangerous for clients to access. |
|
530 |
CVE-2020-14065 |
434 |
|
|
2020-07-15 |
2020-07-22 |
4.0 |
None |
Remote |
Low |
??? |
None |
None |
Partial |
|
IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space. |
|
531 |
CVE-2020-14064 |
668 |
|
|
2020-07-15 |
2020-07-22 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts. |
|
532 |
CVE-2020-14063 |
79 |
|
XSS |
2020-07-21 |
2020-07-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A stored Cross-Site Scripting (XSS) vulnerability in the TC Custom JavaScript plugin before 1.2.2 for WordPress allows unauthenticated remote attackers to inject arbitrary JavaScript via the tccj-content parameter. This is displayed in the page footer of every front-end page and executed in the browser of visitors. |
|
533 |
CVE-2020-14057 |
610 |
|
Exec Code |
2020-07-01 |
2020-07-08 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations. This allows attackers to read and write arbitrary local files, allowing an attacker to gain remote code execution in common deployments. |
|
534 |
CVE-2020-14056 |
918 |
|
|
2020-07-01 |
2020-07-08 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. This allows attackers to read arbitrary local files and interact with arbitrary third-party services. |
|
535 |
CVE-2020-14055 |
79 |
|
XSS |
2020-07-01 |
2020-07-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language setting due to insufficient output encoding. |
|
536 |
CVE-2020-14039 |
295 |
|
|
2020-07-17 |
2021-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete. |
|
537 |
CVE-2020-14001 |
862 |
|
Exec Code |
2020-07-17 |
2022-04-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The kramdown gem before 2.3.0 for Ruby processes the template option inside Kramdown documents by default, which allows unintended read access (such as template="/etc/passwd") or unintended embedded Ruby code execution (such as a string that begins with template="string://<%= `). NOTE: kramdown is used in Jekyll, GitLab Pages, GitHub Pages, and Thredded Forum. |
|
538 |
CVE-2020-14000 |
502 |
|
Exec Code |
2020-07-16 |
2020-07-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
MIT Lifelong Kindergarten Scratch scratch-vm before 0.2.0-prerelease.20200714185213 loads extension URLs from untrusted project.json files with certain _ characters, resulting in remote code execution because the URL's content is treated as a script and is executed as a worker. The responsible code is getExtensionIdForOpcode in serialization/sb3.js. The use of _ is incompatible with a protection mechanism in older versions, in which URLs were split and consequently deserialization attacks were prevented. NOTE: the scratch.mit.edu hosted service is not affected because of the lack of worker scripts. |
|
539 |
CVE-2020-13997 |
522 |
|
|
2020-07-28 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Shopware before 6.2.3, the database password is leaked to an unauthenticated user when a DriverException occurs and verbose error handling is enabled. |
|
540 |
CVE-2020-13994 |
94 |
|
Exec Code |
2020-07-09 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A privileged user can achieve code execution on the server via a ticket because of improper access control of uploaded resources. This might be exploitable in conjunction with CVE-2020-13992 by an unauthenticated attacker. |
|
541 |
CVE-2020-13993 |
89 |
|
Sql |
2020-07-09 |
2020-07-14 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A blind time-based SQL injection issue allows remote unauthenticated attackers to retrieve information from the database via a ticket. |
|
542 |
CVE-2020-13992 |
79 |
|
XSS |
2020-07-09 |
2020-07-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in Mods for HESK 3.1.0 through 2019.1.0. A Stored XSS issue allows remote unauthenticated attackers to abuse a helpdesk user's logged in session. A user with sufficient privileges to change their login-page image must open a crafted ticket. |
|
543 |
CVE-2020-13971 |
79 |
|
XSS |
2020-07-28 |
2020-07-31 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
In Shopware before 6.2.3, authenticated users are allowed to use the Mediabrowser fileupload feature to upload SVG images containing JavaScript. This leads to Persistent XSS. An uploaded image can be accessed without authentication. |
|
544 |
CVE-2020-13970 |
918 |
|
|
2020-07-28 |
2020-07-31 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Shopware before 6.2.3 is vulnerable to a Server-Side Request Forgery (SSRF) in its "Mediabrowser upload by URL" feature. This allows an authenticated user to send HTTP, HTTPS, FTP, and SFTP requests on behalf of the Shopware platform server. |
|
545 |
CVE-2020-13935 |
835 |
|
DoS |
2020-07-14 |
2022-05-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lead to a denial of service. |
|
546 |
CVE-2020-13934 |
476 |
|
DoS |
2020-07-14 |
2022-03-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial of service. |
|
547 |
CVE-2020-13932 |
79 |
|
XSS |
2020-07-20 |
2021-01-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In Apache ActiveMQ Artemis 2.5.0 to 2.13.0, a specially crafted MQTT packet which has an XSS payload as client-id or topic name can exploit this vulnerability. The XSS payload is being injected into the admin console's browser. The XSS payload is triggered in the diagram plugin; queue node and the info section. |
|
548 |
CVE-2020-13926 |
89 |
|
Sql |
2020-07-14 |
2020-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Kylin concatenates and executes a Hive SQL in Hive CLI or beeline when building a new segment; some part of the HQL is from system configurations, while the configuration can be overwritten by certain rest api, which makes SQL injection attack is possible. Users of all previous versions after 2.0 should upgrade to 3.1.0. |
|
549 |
CVE-2020-13925 |
78 |
|
Exec Code |
2020-07-14 |
2020-07-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Similar to CVE-2020-1956, Kylin has one more restful API which concatenates the API inputs into OS commands and then executes them on the server; while the reported API misses necessary input validation, which causes the hackers to have the possibility to execute OS command remotely. Users of all previous versions after 2.3 should upgrade to 3.1.0. |
|
550 |
CVE-2020-13923 |
20 |
|
|
2020-07-15 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
IDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 17.12.04 |
