| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
851 |
CVE-2020-0221 |
119 |
|
Overflow |
2020-05-14 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Airbrush FW's scratch memory allocator is susceptible to numeric overflow. When the overflow occurs, the next allocation could potentially return a pointer within the previous allocation's memory, which could lead to improper memory access.Product: AndroidVersions: Android kernelAndroid ID: A-135772851 |
|
852 |
CVE-2020-0220 |
787 |
|
|
2020-05-14 |
2020-05-15 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In crus_afe_callback of msm-cirrus-playback.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-139739561 |
|
853 |
CVE-2020-0110 |
787 |
|
|
2020-05-14 |
2021-12-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In psi_write of psi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-148159562References: Upstream kernel |
|
854 |
CVE-2020-0109 |
269 |
|
|
2020-05-14 |
2021-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In simulatePackageSuspendBroadcast of NotificationManagerService.java, there is a missing permission check. This could lead to local escalation of privilege by creating fake system notifications with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-148059175 |
|
855 |
CVE-2020-0105 |
269 |
|
|
2020-05-14 |
2021-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In onKeyguardVisibilityChanged of key_store_service.cpp, there is a missing permission check. This could lead to local escalation of privilege, allowing apps to use keyguard-bound keys when the screen is locked, with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-144285084 |
|
856 |
CVE-2020-0103 |
119 |
|
Exec Code Overflow Mem. Corr. |
2020-05-14 |
2021-07-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
In a2dp_aac_decoder_cleanup of a2dp_aac_decoder.cc, there is a possible invalid free due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-9Android ID: A-148107188 |
|
857 |
CVE-2020-0102 |
787 |
|
|
2020-05-14 |
2020-05-15 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In GattServer::SendResponse of gatt_server.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-143231677 |
|
858 |
CVE-2020-0098 |
269 |
|
Bypass |
2020-05-14 |
2021-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In navigateUpToLocked of ActivityStack.java, there is a possible permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-10 Android-8.0 Android-8.1 Android-9Android ID: A-144285917 |
|
859 |
CVE-2020-0097 |
269 |
|
Bypass |
2020-05-14 |
2021-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In various methods of PackageManagerService.java, there is a possible permission bypass due to a missing condition for system apps. This could lead to local escalation of privilege with User privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-145981139 |
|
860 |
CVE-2020-0096 |
269 |
|
|
2020-05-14 |
2021-07-21 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
In startActivities of ActivityStartController.java, there is a possible escalation of privilege due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1 Android-9Android ID: A-145669109 |
|
861 |
CVE-2020-0094 |
787 |
|
|
2020-05-14 |
2020-05-18 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In setImageHeight and setImageWidth of ExifUtils.cpp, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-9 Android-10Android ID: A-148223871 |
|
862 |
CVE-2020-0024 |
276 |
|
Bypass |
2020-05-14 |
2020-05-18 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In onCreate of SettingsBaseActivity.java, there is a possible unauthorized setting modification due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-8.0Android ID: A-137015265 |
|
863 |
CVE-2019-20807 |
78 |
|
Exec Code |
2020-05-28 |
2022-02-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua). |
|
864 |
CVE-2019-20804 |
352 |
|
XSS CSRF |
2020-05-21 |
2020-06-23 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Gila CMS before 1.11.6 allows CSRF with resultant XSS via the admin/themes URI, leading to compromise of the admin account. |
|
865 |
CVE-2019-20803 |
79 |
|
XSS |
2020-05-21 |
2020-06-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Gila CMS before 1.11.6 has reflected XSS via the admin/content/postcategory id parameter, which is mishandled for g_preview_theme. |
|
866 |
CVE-2019-20802 |
79 |
|
XSS |
2020-05-18 |
2020-05-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server improperly displays directory names, leading to Stored XSS, which may be used to steal a user's data. This requires user interaction because there is no known direct way for an attacker to create a crafted directory name on a victim's device. However, a crafted directory name can occur if a victim extracts a ZIP archive that was provided by an attacker. |
|
867 |
CVE-2019-20801 |
862 |
|
Exec Code |
2020-05-18 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application's file-transfer web server allows for cross-origin requests from any domain, and the WebSocket server lacks authorization control. Any web site can execute JavaScript code (that accesses a user's data) via cross-origin requests. |
|
868 |
CVE-2019-20800 |
787 |
|
|
2020-05-18 |
2020-12-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In Cherokee through 1.2.104, remote attackers can trigger an out-of-bounds write in cherokee_handler_cgi_add_env_pair in handler_cgi.c by sending many request headers, as demonstrated by a GET request with many "Host: 127.0.0.1" headers. |
|
869 |
CVE-2019-20799 |
787 |
|
Mem. Corr. |
2020-05-18 |
2022-04-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Cherokee through 1.2.104, multiple memory corruption errors may be used by a remote attacker to destabilize the work of a server. |
|
870 |
CVE-2019-20798 |
79 |
|
Exec Code XSS |
2020-05-18 |
2020-12-23 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
An XSS issue was discovered in handler_server_info.c in Cherokee through 1.2.104. The requested URL is improperly displayed on the About page in the default configuration of the web server and its administrator panel. The XSS in the administrator panel can be used to reconfigure the server and execute arbitrary commands. |
|
871 |
CVE-2019-20797 |
787 |
|
Overflow |
2020-05-18 |
2020-06-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacketTo in i_network.c. |
|
872 |
CVE-2019-20794 |
400 |
|
|
2020-05-09 |
2021-07-21 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion. |
|
873 |
CVE-2019-20768 |
79 |
|
XSS |
2020-05-05 |
2020-05-12 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
ServiceNow IT Service Management Kingston through Patch 14-1, London through Patch 7, and Madrid before patch 4 allow stored XSS via crafted sysparm_item_guid and sys_id parameters in an Incident Request to service_catalog.do. |
|
874 |
CVE-2019-20390 |
352 |
|
CSRF |
2020-05-15 |
2020-05-18 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
A Cross-Site Request Forgery (CSRF) vulnerability was discovered in Subrion CMS 4.2.1 that allows a remote attacker to remove files on the server without a victim's knowledge, by enticing an authenticated user to visit an attacker's web page. The application fails to validate the CSRF token for a GET request. An attacker can craft a panel/uploads/read.json?cmd=rm URL (removing this token) and send it to the victim. |
|
875 |
CVE-2019-20389 |
79 |
|
XSS |
2020-05-15 |
2020-05-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An XSS issue was identified on the Subrion CMS 4.2.1 /panel/configuration/general settings page. A remote attacker can inject arbitrary JavaScript code in the v[language_switch] parameter (within multipart/form-data), which is reflected back within a user's browser without proper output encoding. |
|
876 |
CVE-2019-19721 |
193 |
|
DoS Mem. Corr. |
2020-05-15 |
2021-07-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An off-by-one error in the DecodeBlock function in codec/sdl_image.c in VideoLAN VLC media player before 3.0.9 allows remote attackers to cause a denial of service (memory corruption) via a crafted image file. NOTE: this may be related to the SDL_Image product. |
|
877 |
CVE-2019-19517 |
352 |
|
Bypass CSRF |
2020-05-05 |
2020-05-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Intelbras RF1200 1.1.3 devices allow CSRF to bypass the login.html form, as demonstrated by launching a scrapy process. |
|
878 |
CVE-2019-19515 |
79 |
|
XSS |
2020-05-05 |
2020-05-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in wireless settings. |
|
879 |
CVE-2019-19514 |
79 |
|
XSS |
2020-05-05 |
2020-05-07 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Ayision Ays-WR01 v28K.RPT.20161224 devices allow stored XSS in basic repeater settings via an SSID. |
|
880 |
CVE-2019-19456 |
79 |
|
XSS |
2020-05-18 |
2020-09-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A Reflected XSS was found in the server selection box inside the login page at: enginemanager/loginfailed.html in Wowza Streaming Engine <= 4.x.x. This issue was resolved in Wowza Streaming Engine 4.8.0. |
|
881 |
CVE-2019-19454 |
|
|
|
2020-05-18 |
2020-09-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An arbitrary file download was found in the "Download Log" functionality of Wowza Streaming Engine <= 4.x.x. This issue was resolved in Wowza Streaming Engine 4.8.0. |
|
882 |
CVE-2019-19169 |
|
|
Exec Code |
2020-05-06 |
2020-05-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution. |
|
883 |
CVE-2019-19168 |
|
|
Exec Code |
2020-05-06 |
2020-05-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Dext5.ocx ActiveX 5.0.0.116 and eariler versions contain a vulnerability, which could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. This can be leveraged for code execution. |
|
884 |
CVE-2019-19167 |
|
|
Exec Code |
2020-05-06 |
2020-05-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Tobesoft Nexacro v2019.9.25.1 and earlier version have an arbitrary code execution vulnerability by using method supported by Nexacro14 ActiveX Control. It allows attacker to cause remote code execution. |
|
885 |
CVE-2019-19166 |
|
|
Exec Code |
2020-05-06 |
2020-05-07 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Tobesoft XPlatform v9.1, 9.2.0, 9.2.1 and 9.2.2 have a vulnerability that can load unauthorized DLL files. It allows attacker to cause remote code execution. |
|
886 |
CVE-2019-19164 |
|
|
Exec Code |
2020-05-07 |
2021-10-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
dext5.ocx ActiveX Control in Dext5 Upload 5.0.0.112 and earlier versions contains a vulnerability that could allow remote files to be executed by setting the arguments to the activex method. A remote attacker could induce a user to access a crafted web page, causing damage such as malicious code infection. |
|
887 |
CVE-2019-19162 |
416 |
|
Exec Code |
2020-05-11 |
2020-05-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A use-after-free vulnerability in the TOBESOFT XPLATFORM versions 9.1 to 9.2.2 may lead to code execution on a system running it. |
|
888 |
CVE-2019-18872 |
521 |
|
|
2020-05-07 |
2020-05-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Weak password requirements in Blaauw Remote Kiln Control through v3.00r4 allow a user to set short or guessable passwords (e.g., 1 or 1234). |
|
889 |
CVE-2019-18871 |
22 |
|
Exec Code Dir. Trav. |
2020-05-07 |
2020-05-12 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A path traversal in debug.php accessed via default.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to upload arbitrary files, leading to arbitrary remote code execution. |
|
890 |
CVE-2019-18870 |
22 |
|
Dir. Trav. |
2020-05-07 |
2020-05-12 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
A path traversal via the iniFile parameter in excel.php in Blaauw Remote Kiln Control through v3.00r4 allows an authenticated attacker to download arbitrary files from the host machine. |
|
891 |
CVE-2019-18869 |
|
|
Exec Code |
2020-05-07 |
2020-05-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Leftover Debug Code in Blaauw Remote Kiln Control through v3.00r4 allows a user to execute arbitrary php code via /default.php?idx=17. |
|
892 |
CVE-2019-18868 |
522 |
|
|
2020-05-07 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to access MySQL credentials in cleartext in /engine/db.inc, /lang/nl.bak, or /lang/en.bak. |
|
893 |
CVE-2019-18867 |
200 |
|
+Info |
2020-05-07 |
2020-05-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Browsable directories in Blaauw Remote Kiln Control through v3.00r4 allow an attacker to enumerate sensitive filenames and locations, including source code. This affects /ajax/, /common/, /engine/, /flash/, /images/, /Images/, /jscripts/, /lang/, /layout/, /programs/, and /sms/. |
|
894 |
CVE-2019-18866 |
89 |
|
Sql |
2020-05-07 |
2020-05-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Unauthenticated SQL injection via the username in the login mechanism in Blaauw Remote Kiln Control through v3.00r4 allows a user to extract arbitrary data from the rkc database. |
|
895 |
CVE-2019-18865 |
200 |
|
+Info |
2020-05-07 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Information disclosure via error message discrepancies in authentication functions in Blaauw Remote Kiln Control through v3.00r4 allows an unauthenticated attacker to enumerate valid usernames. |
|
896 |
CVE-2019-18864 |
200 |
|
+Info |
2020-05-07 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
/server-info and /server-status in Blaauw Remote Kiln Control through v3.00r4 allow an unauthenticated attacker to gain sensitive information about the host machine. |
|
897 |
CVE-2019-18666 |
862 |
|
|
2020-05-15 |
2021-07-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered on D-Link DAP-1360 revision F devices. Remote attackers can start a telnet service without authorization via an undocumented HTTP request. Although this is the primary vulnerability, the impact depends on the firmware version. Versions 609EU through 613EUbeta were tested. Versions through 6.12b01 have weak root credentials, allowing an attacker to gain remote root access. After 6.12b01, the root credentials were changed but the telnet service can still be started without authorization. |
|
898 |
CVE-2019-17572 |
22 |
|
Dir. Trav. |
2020-05-14 |
2020-05-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In Apache RocketMQ 4.2.0 to 4.6.0, when the automatic topic creation in the broker is turned on by default, an evil topic like “../../../../topic2020” is sent from rocketmq-client to the broker, a topic folder will be created in the parent directory in brokers, which leads to a directory traversal vulnerability. Users of the affected versions should apply one of the following: Upgrade to Apache RocketMQ 4.6.1 or later. |
|
899 |
CVE-2019-17562 |
20 |
|
Overflow |
2020-05-14 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A buffer overflow vulnerability has been found in the baremetal component of Apache CloudStack. This applies to all versions prior to 4.13.1. The vulnerability is due to the lack of validation of the mac parameter in baremetal virtual router. If you insert an arbitrary shell command into the mac parameter, v-router will process the command. For example: Normal: http://{GW}:10086/baremetal/provisiondone/{mac}, Abnormal: http://{GW}:10086/baremetal/provisiondone/#';whoami;#. Mitigation of this issue is an upgrade to Apache CloudStack 4.13.1.0 or beyond. |
|
900 |
CVE-2019-17557 |
79 |
|
Exec Code XSS |
2020-05-04 |
2020-05-07 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
It was found that the Apache Syncope EndUser UI login page prio to 2.0.15 and 2.1.6 reflects the successMessage parameters. By this mean, a user accessing the Enduser UI could execute javascript code from URL query string. |
