CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In April 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2020-12135 190 Overflow 2020-04-24 2020-08-12
4.3
None Remote Medium Not required None None Partial
bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input.
52 CVE-2020-12134 772 2020-04-24 2020-05-06
7.5
None Remote Low Not required Partial Partial Partial
Nanometrics Centaur through 4.3.23 and TitanSMA through 4.2.20 mishandle access control for the syslog log.
53 CVE-2020-12133 502 Exec Code 2020-04-27 2020-10-23
10.0
None Remote Low Not required Complete Complete Complete
The Apros Evolution, ConsciusMap, and Furukawa provisioning systems through 2.8.1 allow remote code execution because of javax.faces.ViewState Java deserialization.
54 CVE-2020-12132 79 XSS 2020-04-24 2020-05-04
4.3
None Remote Medium Not required None Partial None
Fifthplay S.A.M.I before 2019.3_HP2 allows unauthenticated stored XSS via a POST request.
55 CVE-2020-12131 79 XSS 2020-04-24 2020-04-28
4.3
None Remote Medium Not required None Partial None
The AirDisk Pro app 5.5.3 for iOS allows XSS via the devicename parameter (shown next to the UI logo).
56 CVE-2020-12130 79 XSS 2020-04-24 2020-04-28
4.3
None Remote Medium Not required None Partial None
The AirDisk Pro app 5.5.3 for iOS allows XSS via the deleteFile parameter of the Delete function.
57 CVE-2020-12129 79 XSS 2020-04-24 2020-04-28
4.3
None Remote Medium Not required None Partial None
The AirDisk Pro app 5.5.3 for iOS allows XSS via the createFolder parameter of the Create Folder function.
58 CVE-2020-12128 22 Dir. Trav. 2020-04-24 2020-04-30
5.0
None Remote Low Not required Partial None None
DONG JOO CHO File Transfer iFamily 2.1 allows directory traversal related to the ./etc/ path.
59 CVE-2020-12120 200 +Info 2020-04-27 2021-07-21
5.0
None Remote Low Not required Partial None None
The Correos Express addon for PrestaShop 1.6 through 1.7 allows remote attackers to obtain sensitive information, such as a service's owner password that can be used to modify orders via SOAP. Attackers can also retrieve information about orders or buyers.
60 CVE-2020-12118 276 +Info 2020-04-23 2020-05-01
6.4
None Remote Low Not required Partial Partial None
The keygen protocol implementation in Binance tss-lib before 1.2.0 allows attackers to generate crafted h1 and h2 parameters in order to compromise a signing round or obtain sensitive information from other parties.
61 CVE-2020-12113 79 XSS 2020-04-23 2020-09-30
4.3
None Remote Medium Not required None Partial None
BigBlueButton before 2.2.4 allows XSS via closed captions because dangerouslySetInnerHTML in React is used.
62 CVE-2020-12112 200 +Info File Inclusion 2020-04-23 2020-04-27
5.0
None Remote Low Not required Partial None None
BigBlueButton before 2.2.5 allows remote attackers to obtain sensitive files via Local File Inclusion.
63 CVE-2020-12105 755 2020-04-23 2022-05-03
4.3
None Remote Medium Not required Partial None None
OpenConnect through 8.08 mishandles negative return values from X509_check_ function calls, which might assist attackers in performing man-in-the-middle attacks.
64 CVE-2020-12103 22 Dir. Trav. 2020-04-28 2020-05-18
4.0
None Remote Low ??? None Partial None
In Tiny File Manager 2.4.1 there is a vulnerability in the ajax file backup copy functionality which allows authenticated users to create backup copies of files (with .bak extension) outside the scope in the same directory in which they are stored.
65 CVE-2020-12102 22 Dir. Trav. 2020-04-28 2020-05-18
6.8
None Remote Low ??? Complete None None
In Tiny File Manager 2.4.1, there is a Path Traversal vulnerability in the ajax recursive directory listing functionality. This allows authenticated users to enumerate directories and files on the filesystem (outside of the application scope).
66 CVE-2020-12101 276 2020-04-30 2020-05-06
4.0
None Remote Low ??? None Partial None
The address-management feature in xt:Commerce 5.1 to 6.2.2 allows remote authenticated users to zero out other user's stored addresses by manipulating an id field in the POST request for altering an address.
67 CVE-2020-12079 20 Exec Code 2020-04-23 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
Beaker before 0.8.9 allows a sandbox escape, enabling system access and code execution. This occurs because Electron context isolation is not used, and therefore an attacker can conduct a prototype-pollution attack against the Electron internal messaging API.
68 CVE-2020-12078 74 2020-04-28 2021-07-21
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered in Open-AudIT 3.3.1. There is shell metacharacter injection via attributes to an open-audit/configuration/ URI. An attacker can exploit this by adding an excluded IP address to the global discovery settings (internally called exclude_ip). This exclude_ip value is passed to the exec function in the discoveries_helper.php file (inside the all_ip_list function) without being filtered, which means that the attacker can provide a payload instead of a valid IP address.
69 CVE-2020-12077 434 Exec Code 2020-04-23 2020-04-28
6.5
None Remote Low ??? Partial Partial Partial
The mappress-google-maps-for-wordpress plugin before 2.53.9 for WordPress does not correctly implement AJAX functions with nonces (or capability checks), leading to remote code execution.
70 CVE-2020-12076 352 XSS CSRF 2020-04-23 2020-04-29
6.8
None Remote Medium Not required Partial Partial Partial
The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks CSRF nonce checks for AJAX actions. One consequence of this is stored XSS.
71 CVE-2020-12075 276 2020-04-23 2020-04-29
6.5
None Remote Low ??? Partial Partial Partial
The data-tables-generator-by-supsystic plugin before 1.9.92 for WordPress lacks capability checks for AJAX actions.
72 CVE-2020-12074 74 2020-04-23 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
The users-customers-import-export-for-wp-woocommerce plugin before 1.3.9 for WordPress allows subscribers to import administrative accounts via CSV.
73 CVE-2020-12073 2020-04-23 2020-04-28
6.5
None Remote Low ??? Partial Partial Partial
The responsive-add-ons plugin before 2.2.7 for WordPress has incorrect access control for wp-admin/admin-ajax.php?action= requests.
74 CVE-2020-12071 79 XSS 2020-04-23 2020-04-27
3.5
None Remote Medium ??? None Partial None
Anchor 0.12.7 allows admins to cause XSS via crafted post content.
75 CVE-2020-12070 200 +Info 2020-04-24 2020-05-01
5.0
None Remote Low Not required Partial None None
The Advanced Woo Search plugin version through 1.99 for Wordpress suffers from a sensitive information disclosure vulnerability in every ajax search request via the sql field to includes/class-aws-search.php.
76 CVE-2020-12066 20 2020-04-22 2022-04-29
7.8
None Remote Low Not required None None Complete
CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server.
77 CVE-2020-12063 2020-04-24 2022-05-03
5.0
None Remote Low Not required None Partial None
** DISPUTED ** A certain Postfix 2.10.1-7 package could allow an attacker to send an email from an arbitrary-looking sender via a homoglyph attack, as demonstrated by the similarity of \xce\xbf to the 'o' character. This is potentially relevant when the /etc/postfix/sender_login feature is used, because a spoofed outbound message that uses a configured sender address is blocked with a "Sender address rejected: not logged in" error message, but a spoofed outbound message that uses a homoglyph of a configured sender address is not blocked. NOTE: some third parties argue that any missed blocking of spoofed outbound messages - except for exact matches to a sender address in the /etc/postfix/sender_login file - is outside the design goals of Postfix and thus cannot be considered a Postfix vulnerability.
78 CVE-2020-12059 476 2020-04-22 2020-09-24
5.0
None Remote Low Not required None None Partial
An issue was discovered in Ceph through 13.2.9. A POST request with an invalid tagging XML can crash the RGW process by triggering a NULL pointer exception.
79 CVE-2020-12054 79 XSS 2020-04-23 2020-04-30
4.3
None Remote Medium Not required None Partial None
The Catch Breadcrumb plugin before 1.5.4 for WordPress allows Reflected XSS via the s parameter (a search query). Also affected are 16 themes (if the plugin is enabled) by the same author: Alchemist and Alchemist PRO, Izabel and Izabel PRO, Chique and Chique PRO, Clean Enterprise and Clean Enterprise PRO, Bold Photography PRO, Intuitive PRO, Devotepress PRO, Clean Blocks PRO, Foodoholic PRO, Catch Mag PRO, Catch Wedding PRO, and Higher Education PRO.
80 CVE-2020-12052 79 XSS 2020-04-27 2020-05-11
4.3
None Remote Medium Not required None Partial None
Grafana version < 6.7.3 is vulnerable for annotation popup XSS.
81 CVE-2020-12051 200 +Info 2020-04-21 2021-07-21
5.0
None Remote Low Not required Partial None None
The CentralAuth extension through REL1_34 for MediaWiki allows remote attackers to obtain sensitive hidden account information via an api.php?action=query&meta=globaluserinfo&guiuser= request. In other words, the information can be retrieved via the action API even though access would be denied when simply visiting wiki/Special:CentralAuth in a web browser.
82 CVE-2020-12050 362 2020-04-30 2020-05-27
6.9
None Local Medium Not required Complete Complete Complete
SQLiteODBC 0.9996, as packaged for certain Linux distributions as 0.9996-4, has a race condition leading to root privilege escalation because any user can replace a /tmp/sqliteodbc$$ file with new contents that cause loading of an arbitrary library.
83 CVE-2020-11968 532 2020-04-21 2020-11-30
5.0
None Remote Low Not required Partial None None
** DISPUTED ** In the web-panel in IQrouter through 3.3.1, remote attackers can read system logs because of Incorrect Access Control. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has a required step for setting a secure password on the system), makes this CVE invalid. This vulnerability is “true for any unconfigured release of OpenWRT, and true of many other new Linux distros prior to being configured for the first time”.
84 CVE-2020-11967 269 2020-04-21 2020-11-30
9.0
None Remote Low Not required Partial Partial Complete
** DISPUTED ** In IQrouter through 3.3.1, remote attackers can control the device (restart network, reboot, upgrade, reset) because of Incorrect Access Control. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has a required step for setting a secure password on the system), makes this CVE invalid. This vulnerability is “true for any unconfigured release of OpenWRT, and true of many other new Linux distros prior to being configured for the first time”.
85 CVE-2020-11966 521 2020-04-21 2020-11-30
7.5
None Remote Low Not required Partial Partial Partial
** DISPUTED ** In IQrouter through 3.3.1, the Lua function reset_password in the web-panel allows remote attackers to change the root password arbitrarily. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has a required step for setting a secure password on the system), makes this CVE invalid. This vulnerability is “true for any unconfigured release of OpenWRT, and true of many other new Linux distros prior to being configured for the first time”.
86 CVE-2020-11965 287 2020-04-21 2022-04-29
7.5
None Remote Low Not required Partial Partial Partial
** DISPUTED ** In IQrouter through 3.3.1, there is a root user without a password, which allows attackers to gain full remote access via SSH. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has a required step for setting a secure password on the system), makes this CVE invalid. This vulnerability is “true for any unconfigured release of OpenWRT, and true of many other new Linux distros prior to being configured for the first time”.
87 CVE-2020-11964 287 2020-04-21 2022-04-29
5.0
None Remote Low Not required None Partial None
** DISPUTED ** In IQrouter through 3.3.1, the Lua function diag_set_password in the web-panel allows remote attackers to change the root password arbitrarily. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has a required step for setting a secure password on the system), makes this CVE invalid. This vulnerability is “true for any unconfigured release of OpenWRT, and true of many other new Linux distros prior to being configured for the first time”.
88 CVE-2020-11963 78 Exec Code 2020-04-21 2020-11-30
7.5
None Remote Low Not required Partial Partial Partial
** DISPUTED ** IQrouter through 3.3.1, when unconfigured, has multiple remote code execution vulnerabilities in the web-panel because of Bash Shell Metacharacter Injection. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration (which has a required step for setting a secure password on the system), makes this CVE invalid. This vulnerability is “true for any unconfigured release of OpenWRT, and true of many other new Linux distros prior to being configured for the first time”.
89 CVE-2020-11958 787 Overflow 2020-04-21 2020-07-27
6.8
None Remote Medium Not required Partial Partial Partial
re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/scanner.cc via a long lexeme.
90 CVE-2020-11946 200 +Info 2020-04-20 2021-06-22
5.0
None Remote Low Not required Partial None None
Zoho ManageEngine OpManager before 125120 allows an unauthenticated user to retrieve an API key via a servlet call.
91 CVE-2020-11945 190 Exec Code Overflow 2020-04-23 2021-03-17
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a short integer). Remote code execution may occur if the pooled token credentials are freed (instead of replayed as valid credentials).
92 CVE-2020-11944 79 XSS 2020-04-20 2020-05-05
4.3
None Remote Medium Not required None Partial None
Abe (aka bitcoin-abe) through 0.7.2, and 0.8pre, allows XSS in __call__ in abe.py because the PATH_INFO environment variable is mishandled during a PageNotFound exception.
93 CVE-2020-11943 434 2020-04-29 2020-05-05
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in Open-AudIT 3.2.2. There is Arbitrary file upload.
94 CVE-2020-11942 89 Sql 2020-04-29 2020-05-05
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Open-AudIT 3.2.2. There are Multiple SQL Injections.
95 CVE-2020-11941 78 2020-04-27 2020-05-05
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in Open-AudIT 3.2.2. There is OS Command injection in Discovery.
96 CVE-2020-11940 125 2020-04-23 2020-05-06
5.0
None Remote Low Not required None None Partial
In nDPI through 3.2 Stable, an out-of-bounds read in concat_hash_string in ssh.c can be exploited by a network-positioned attacker that can send malformed SSH protocol messages on a network segment monitored by nDPI's library.
97 CVE-2020-11939 190 Exec Code Overflow 2020-04-23 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concat_hash_string in ssh.c. Due to the granular nature of the overflow primitive and the ability to control both the contents and layout of the nDPI library's heap memory through remote input, this vulnerability may be abused to achieve full Remote Code Execution against any network inspection stack that is linked against nDPI and uses it to perform network traffic analysis.
98 CVE-2020-11938 200 +Info 2020-04-22 2021-07-21
4.0
None Remote Low ??? Partial None None
In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2.
99 CVE-2020-11930 79 XSS 2020-04-20 2020-05-19
4.3
None Remote Medium Not required None Partial None
The GTranslate plugin before 2.8.52 for WordPress has Reflected XSS via a crafted link. This requires use of the hreflang tags feature within a sub-domain or sub-directory paid option.
100 CVE-2020-11928 74 Exec Code 2020-04-20 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
In the media-library-assistant plugin before 2.82 for WordPress, Remote Code Execution can occur via the tax_query, meta_query, or date_query parameter in mla_gallery via an admin.
Total number of vulnerabilities : 2187   Page : 1 2 (This Page)3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.