| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
51 |
CVE-2020-24609 |
79 |
|
XSS |
2020-08-25 |
2020-11-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
TechKshetra Info Solutions Pvt. Ltd Savsoft Quiz 5.5 and earlier has XSS which can result in an attacker injecting the XSS payload in the User Registration section and each time the admin visits the manage user section from the admin panel, the XSS triggers and the attacker can steal the cookie via crafted payload. |
|
52 |
CVE-2020-24606 |
20 |
|
DoS |
2020-08-24 |
2021-07-21 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF. |
|
53 |
CVE-2020-24599 |
79 |
|
XSS |
2020-08-26 |
2020-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in Joomla! before 3.9.21. Lack of escaping in mod_latestactions allows XSS attacks. |
|
54 |
CVE-2020-24598 |
601 |
|
|
2020-08-26 |
2020-08-28 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in Joomla! before 3.9.21. Lack of input validation in the vote feature of com_content leads to an open redirect. |
|
55 |
CVE-2020-24591 |
611 |
|
|
2020-08-21 |
2022-04-19 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
None |
Partial |
|
The Management Console in certain WSO2 products allows XXE attacks during EventReceiver updates. This affects API Manager through 3.0.0, API Manager Analytics 2.2.0 and 2.5.0, API Microgateway 2.2.0, Enterprise Integrator 6.2.0 and 6.3.0, and Identity Server Analytics through 5.6.0. |
|
56 |
CVE-2020-24590 |
776 |
|
|
2020-08-21 |
2020-08-27 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML Entity Expansion attacks. |
|
57 |
CVE-2020-24589 |
776 |
|
|
2020-08-21 |
2021-07-21 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML External Entity injection (XXE) attacks. |
|
58 |
CVE-2020-24585 |
|
|
|
2020-08-21 |
2020-08-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An issue was discovered in the DTLS handshake implementation in wolfSSL before 4.5.0. Clear DTLS application_data messages in epoch 0 do not produce an out-of-order error. Instead, these messages are returned to the application. |
|
59 |
CVE-2020-24574 |
798 |
|
Exec Code |
2020-08-21 |
2022-04-29 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The client (aka GalaxyClientService.exe) in GOG GALAXY through 2.0.41 (as of 12:58 AM Eastern, 9/26/21) allows local privilege escalation from any authenticated user to SYSTEM by instructing the Windows service to execute arbitrary commands. This occurs because the attacker can inject a DLL into GalaxyClient.exe, defeating the TCP-based "trusted client" protection mechanism. |
|
60 |
CVE-2020-24572 |
78 |
|
Exec Code |
2020-08-24 |
2020-09-01 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
An issue was discovered in includes/webconsole.php in RaspAP 2.5. With authenticated access, an attacker can use a misconfigured (and virtually unrestricted) web console to attack the underlying OS (Raspberry Pi) running this software, and execute commands on the system (including ones for uploading of files and execution of code). |
|
61 |
CVE-2020-24571 |
22 |
|
Dir. Trav. |
2020-08-21 |
2020-08-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal. |
|
62 |
CVE-2020-24567 |
269 |
|
|
2020-08-21 |
2021-07-21 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
** DISPUTED ** voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged users can write to the installation directory, which may be considered a site-specific configuration error. |
|
63 |
CVE-2020-24548 |
918 |
|
|
2020-08-26 |
2020-09-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Ericom Access Server 9.2.0 (for AccessNow and Ericom Blaze) allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about closed ports. |
|
64 |
CVE-2020-24394 |
732 |
|
|
2020-08-19 |
2021-06-14 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered. |
|
65 |
CVE-2020-24390 |
79 |
|
XSS |
2020-08-27 |
2020-09-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
eonweb in EyesOfNetwork before 5.3-7 does not properly escape the username on the /module/admin_logs page, which might allow pre-authentication stored XSS during login/logout logs recording. |
|
66 |
CVE-2020-24381 |
200 |
|
+Info |
2020-08-19 |
2022-04-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
GUnet Open eClass Platform (aka openeclass) before 3.11 might allow remote attackers to read students' submitted assessments because it does not ensure that the web server blocks directory listings, and the data directory is inside the web root by default. |
|
67 |
CVE-2020-24372 |
125 |
|
|
2020-08-17 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in lj_err.c. |
|
68 |
CVE-2020-24371 |
763 |
|
|
2020-08-17 |
2020-09-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage. |
|
69 |
CVE-2020-24370 |
191 |
|
Overflow |
2020-08-17 |
2020-09-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31). |
|
70 |
CVE-2020-24369 |
476 |
|
|
2020-08-17 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference. |
|
71 |
CVE-2020-24368 |
22 |
|
Dir. Trav. |
2020-08-19 |
2020-10-16 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Icinga Icinga Web2 2.0.0 through 2.6.4, 2.7.4 and 2.8.2 has a Directory Traversal vulnerability which allows an attacker to access arbitrary files that are readable by the process running Icinga Web 2. This issue is fixed in Icinga Web 2 in v2.6.4, v2.7.4 and v2.8.2. |
|
72 |
CVE-2020-24364 |
74 |
|
Exec Code |
2020-08-24 |
2020-08-31 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
MineTime through 1.8.5 allows arbitrary command execution via the notes field in a meeting. Could lead to RCE via meeting invite. |
|
73 |
CVE-2020-24363 |
306 |
|
|
2020-08-31 |
2020-09-08 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password. |
|
74 |
CVE-2020-24361 |
273 |
|
Exec Code |
2020-08-16 |
2020-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknown_trap_exec. |
|
75 |
CVE-2020-24359 |
20 |
|
|
2020-08-20 |
2020-08-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
HashiCorp vault-ssh-helper up to and including version 0.1.6 incorrectly accepted Vault-issued SSH OTPs for the subnet in which a host's network interface was located, rather than the specific IP address assigned to that interface. Fixed in 0.2.0. |
|
76 |
CVE-2020-24354 |
94 |
|
|
2020-08-31 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Zyxel VMG5313-B30B router on firmware 5.13(ABCJ.6)b3_1127, and possibly older versions of firmware are affected by shell injection. |
|
77 |
CVE-2020-24349 |
20 |
|
|
2020-08-13 |
2022-04-15 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface. |
|
78 |
CVE-2020-24348 |
125 |
|
|
2020-08-13 |
2022-04-15 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c. |
|
79 |
CVE-2020-24347 |
125 |
|
|
2020-08-13 |
2022-04-15 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c. |
|
80 |
CVE-2020-24346 |
416 |
|
|
2020-08-13 |
2022-04-15 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
njs through 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c. |
|
81 |
CVE-2020-24345 |
787 |
|
|
2020-08-13 |
2020-08-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** JerryScript through 2.3.0 allows stack consumption via function a(){new new Proxy(a,{})}JSON.parse("[]",a). NOTE: the vendor states that the problem is the lack of the --stack-limit option. |
|
82 |
CVE-2020-24344 |
125 |
|
|
2020-08-13 |
2020-08-19 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Partial |
|
JerryScript through 2.3.0 has a (function({a=arguments}){const arguments}) buffer over-read. |
|
83 |
CVE-2020-24343 |
416 |
|
|
2020-08-13 |
2020-08-19 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Artifex MuJS through 1.0.7 has a use-after-free in jsrun.c because of unconditional marking in jsgc.c. |
|
84 |
CVE-2020-24342 |
119 |
|
Overflow |
2020-08-13 |
2021-01-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Lua through 5.4.0 allows a stack redzone cross in luaO_pushvfstring because a protection mechanism wrongly calls luaD_callnoyield twice in a row. |
|
85 |
CVE-2020-24332 |
59 |
|
|
2020-08-13 |
2020-11-05 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the creation of the system.data file is prone to symlink attacks. The tss user can be used to create or corrupt existing files, which could possibly lead to a DoS attack. |
|
86 |
CVE-2020-24331 |
269 |
|
|
2020-08-13 |
2022-04-28 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges, the tss user still has read and write access to the /etc/tcsd.conf file (which contains various settings related to this daemon). |
|
87 |
CVE-2020-24330 |
269 |
|
|
2020-08-13 |
2022-04-28 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in TrouSerS through 0.3.14. If the tcsd daemon is started with root privileges instead of by the tss user, it fails to drop the root gid privilege when no longer needed. |
|
88 |
CVE-2020-24316 |
79 |
|
XSS |
2020-08-26 |
2020-10-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
WP Plugin Rednumber Admin Menu v1.1 and lower does not sanitize the value of the "role" GET parameter before echoing it back out to the user. This results in a reflected XSS vulnerability that attackers can exploit with a specially crafted URL. |
|
89 |
CVE-2020-24315 |
89 |
|
Sql |
2020-08-26 |
2020-09-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Vinoj Cardoza WordPress Poll Plugin v36 and lower executes SQL statement passed in via the pollid POST parameter due to a lack of user input escaping. This allows users who craft specific SQL statements to dump the entire targets database. |
|
90 |
CVE-2020-24314 |
79 |
|
XSS |
2020-08-26 |
2020-09-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Fahad Mahmood RSS Feed Widget Plugin v2.7.9 and lower does not sanitize the value of the "t" GET parameter before echoing it back out inside an input tag. This results in a reflected XSS vulnerability that attackers can exploit with a specially crafted URL. |
|
91 |
CVE-2020-24313 |
79 |
|
XSS |
2020-08-26 |
2020-09-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Etoile Web Design Ultimate Appointment Booking & Scheduling WordPress Plugin v1.1.9 and lower does not sanitize the value of the "Appointment_ID" GET parameter before echoing it back out inside an input tag. This results in a reflected XSS vulnerability that attackers can exploit with a specially crafted URL. |
|
92 |
CVE-2020-24312 |
200 |
|
+Info |
2020-08-26 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to the fm_backups directory with a .htaccess file. This results in the ability for unauthenticated users to browse and download any site backups, which sometimes include full database backups, that the plugin has taken. |
|
93 |
CVE-2020-24242 |
|
|
|
2020-08-25 |
2020-09-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_text in asm/preproc.c by accessing READ memory. |
|
94 |
CVE-2020-24241 |
416 |
|
|
2020-08-25 |
2020-09-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c. |
|
95 |
CVE-2020-24240 |
416 |
|
|
2020-08-25 |
2020-09-02 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input, and the observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug report was intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison. |
|
96 |
CVE-2020-24223 |
79 |
|
XSS |
2020-08-30 |
2020-12-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Mara CMS 7.5 allows cross-site scripting (XSS) in contact.php via the theme or pagetheme parameters. |
|
97 |
CVE-2020-24220 |
78 |
|
Exec Code |
2020-08-17 |
2020-08-24 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
ShopXO v1.8.1 has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands and gain control of the server. |
|
98 |
CVE-2020-24208 |
89 |
|
Sql Bypass |
2020-08-17 |
2020-08-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A SQL injection vulnerability in SourceCodester Online Shopping Alphaware 1.0 allows remote unauthenticated attackers to bypass the authentication process via email and password parameters. |
|
99 |
CVE-2020-24203 |
434 |
|
Exec Code |
2020-08-27 |
2021-05-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Projects World Travel Management System v1.0 allows remote unauthenticated attackers to gain remote code execution. |
|
100 |
CVE-2020-24202 |
434 |
|
Exec Code |
2020-08-27 |
2020-08-31 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
File Upload component in Projects World House Rental v1.0 suffers from an arbitrary file upload vulnerability with regular users, which allows remote attackers to conduct code execution. |
