| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
51 |
CVE-2020-13361 |
787 |
|
|
2020-05-28 |
2020-11-11 |
3.3 |
None |
Local |
Medium |
Not required |
None |
Partial |
Partial |
|
In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write() operation. |
|
52 |
CVE-2020-13258 |
79 |
|
XSS |
2020-05-21 |
2020-05-21 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Contentful through 2020-05-21 for Python allows reflected XSS, as demonstrated by the api parameter to the-example-app.py. |
|
53 |
CVE-2020-13252 |
78 |
|
Exec Code |
2020-05-21 |
2020-05-21 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include/views/graphs/graphStatus/displayServiceStatus.php page. |
|
54 |
CVE-2020-13249 |
|
|
|
2020-05-20 |
2020-11-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadb_lib.c was originally based on code shipped for MySQL, this issue does not affect any MySQL components supported by Oracle. |
|
55 |
CVE-2020-13246 |
667 |
|
|
2020-05-20 |
2020-05-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Gitea through 1.11.5. An attacker can trigger a deadlock by initiating a transfer of a repository's ownership from one organization to another. |
|
56 |
CVE-2020-13245 |
295 |
|
|
2020-05-28 |
2020-05-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Certain NETGEAR devices are affected by Missing SSL Certificate Validation. This affects R7000 1.0.9.6_1.2.19 through 1.0.11.100_10.2.10, and possibly R6120, R7800, R6220, R8000, R6350, R9000, R6400, RAX120, R6400v2, RBR20, R6800, XR300, R6850, XR500, and R7000P. |
|
57 |
CVE-2020-13241 |
434 |
|
|
2020-05-20 |
2020-05-22 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Microweber 1.1.18 allows Unrestricted File Upload because admin/view:modules/load_module:users#edit-user=1 does not verify that the file extension (used with the Add Image option on the Edit User screen) corresponds to an image file. |
|
58 |
CVE-2020-13240 |
276 |
|
XSS Bypass |
2020-05-20 |
2021-07-21 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
|
The DMS/ECM module in Dolibarr 11.0.4 allows users with the 'Setup documents directories' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS. |
|
59 |
CVE-2020-13239 |
79 |
|
XSS |
2020-05-20 |
2020-05-20 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
The DMS/ECM module in Dolibarr 11.0.4 renders user-uploaded .html files in the browser when the attachment parameter is removed from the direct download link. This causes XSS. |
|
60 |
CVE-2020-13231 |
352 |
|
CSRF |
2020-05-20 |
2020-06-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In Cacti before 1.2.11, auth_profile.php?action=edit allows CSRF for an admin email change. |
|
61 |
CVE-2020-13230 |
281 |
|
|
2020-05-20 |
2022-05-24 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs). |
|
62 |
CVE-2020-13226 |
918 |
|
|
2020-05-20 |
2020-05-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
WSO2 API Manager 3.0.0 does not properly restrict outbound network access from a Publisher node, opening up the possibility of SSRF to this node's entire intranet. |
|
63 |
CVE-2020-13225 |
79 |
|
XSS |
2020-05-20 |
2020-05-20 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
phpIPAM 1.4 contains a stored cross site scripting (XSS) vulnerability within the Edit User Instructions field of the User Instructions widget. |
|
64 |
CVE-2020-13173 |
362 |
|
|
2020-05-28 |
2022-07-12 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Initialization of the pcoip_credential_provider in Teradici PCoIP Standard Agent for Windows and PCoIP Graphics Agent for Windows versions 19.11.1 and earlier creates an insecure named pipe, which allows an attacker to intercept sensitive information or possibly elevate privileges via pre-installing an application which acquires that named pipe. |
|
65 |
CVE-2020-13167 |
74 |
|
Exec Code |
2020-05-19 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php (with certain Referer headers) launches a command line with client-supplied parameters, and allows injection of shell metacharacters. |
|
66 |
CVE-2020-13166 |
798 |
|
Exec Code |
2020-05-19 |
2022-04-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The management tool in MyLittleAdmin 3.8 allows remote attackers to execute arbitrary code because machineKey is hardcoded (the same for all customers' installations) in web.config, and can be used to send serialized ASP code. |
|
67 |
CVE-2020-13164 |
400 |
|
|
2020-05-19 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a cycle in the directory graph on a filesystem. |
|
68 |
CVE-2020-13163 |
295 |
|
|
2020-05-19 |
2021-03-04 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
em-imap 0.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified. |
|
69 |
CVE-2020-13154 |
522 |
|
|
2020-05-18 |
2021-07-21 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Zoho ManageEngine Service Plus before 11.1 build 11112 allows low-privilege authenticated users to discover the File Protection password via a getFileProtectionSettings call to AjaxServlet. |
|
70 |
CVE-2020-13153 |
79 |
|
XSS |
2020-05-18 |
2020-05-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
app/View/Events/resolved_attributes.ctp in MISP before 2.4.126 has XSS in the resolved attributes view. |
|
71 |
CVE-2020-13152 |
401 |
|
DoS |
2020-05-20 |
2022-04-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A remote user can create a specially crafted M3U file, media playlist file that when loaded by the target user, will trigger a memory leak, whereby Amarok 2.8.0 continue to waste resources over time, eventually allows attackers to cause a denial of service. |
|
72 |
CVE-2020-13149 |
276 |
|
+Priv |
2020-05-18 |
2020-05-20 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Weak permissions on the "%PROGRAMDATA%\MSI\Dragon Center" folder in Dragon Center before 2.6.2003.2401, shipped with Micro-Star MSI Gaming laptops, allows local authenticated users to overwrite system files and gain escalated privileges. One attack method is to change the Recommended App binary within App.json. Another attack method is to use this part of %PROGRAMDATA% for mounting an RPC Control directory. |
|
73 |
CVE-2020-13146 |
74 |
|
|
2020-05-18 |
2021-07-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Studio in Open edX Ironwood 2.5 allows CSV injection because an added cohort in Course>Instructor>Cohorts may contain a formula that is exported via the "Course>Data Downloads>Reports>Download profile info" feature. |
|
74 |
CVE-2020-13145 |
79 |
|
XSS |
2020-05-18 |
2020-05-20 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Studio in Open edX Ironwood 2.5 allows users to upload SVG files via the "Content>File Uploads" screen. These files can contain JavaScript code and thus lead to Stored XSS. |
|
75 |
CVE-2020-13144 |
94 |
|
Exec Code |
2020-05-18 |
2022-04-26 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Studio in Open edX Ironwood 2.5, when CodeJail is not used, allows a user to go to the "Create New course>New section>New subsection>New unit>Add new component>Problem button>Advanced tab>Custom Python evaluated code" screen, edit the problem, and execute Python code. This leads to arbitrary code execution. |
|
76 |
CVE-2020-13143 |
125 |
|
|
2020-05-18 |
2021-01-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. |
|
77 |
CVE-2020-13136 |
200 |
|
+Info |
2020-05-18 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
D-Link DSP-W215 1.26b03 devices send an obfuscated hash that can be retrieved and understood by a network sniffer. |
|
78 |
CVE-2020-13135 |
200 |
|
+Info |
2020-05-18 |
2021-07-21 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
|
D-Link DSP-W215 1.26b03 devices allow information disclosure by intercepting messages on the local network, as demonstrated by a Squid Proxy. |
|
79 |
CVE-2020-13129 |
200 |
|
+Info |
2020-05-18 |
2021-08-12 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
An issue was discovered in the stashcat app through 3.9.1 for macOS, Windows, Android, iOS, and possibly other platforms. The GET method is used with client_key and device_id data in the query string, which allows attackers to obtain sensitive information by reading web-server logs. |
|
80 |
CVE-2020-13128 |
434 |
|
DoS |
2020-05-18 |
2020-05-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Manolo GWTUpload 1.0.3. server/UploadServlet.java (the servlet for handling file upload) accepts a delay parameter that causes a thread to sleep. It can be abused to cause all of a server's threads to sleep, leading to denial of service. |
|
81 |
CVE-2020-13126 |
434 |
|
Exec Code |
2020-05-17 |
2020-05-18 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue was discovered in the Elementor Pro plugin before 2.9.4 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13125. An attacker with the Subscriber role can upload arbitrary executable files to achieve remote code execution. NOTE: the free Elementor plugin is unaffected. |
|
82 |
CVE-2020-13125 |
732 |
|
|
2020-05-17 |
2021-07-21 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in the "Ultimate Addons for Elementor" plugin before 1.24.2 for WordPress, as exploited in the wild in May 2020 in conjunction with CVE-2020-13126. Unauthenticated attackers can create users with the Subscriber role even if registration is disabled. |
|
83 |
CVE-2020-13121 |
601 |
|
|
2020-05-16 |
2020-05-18 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Submitty through 20.04.01 has an open redirect via authentication/login?old= during an invalid login attempt. |
|
84 |
CVE-2020-13118 |
89 |
|
Sql |
2020-05-16 |
2020-05-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Mikrotik-Router-Monitoring-System through 2018-10-22. SQL Injection exists in check_community.php via the parameter community. |
|
85 |
CVE-2020-13114 |
770 |
|
|
2020-05-21 |
2022-04-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data. |
|
86 |
CVE-2020-13113 |
908 |
|
|
2020-05-21 |
2022-04-26 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions. |
|
87 |
CVE-2020-13112 |
125 |
|
|
2020-05-21 |
2020-07-27 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093. |
|
88 |
CVE-2020-13111 |
119 |
|
DoS Overflow |
2020-05-16 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
NaviServer 4.99.4 to 4.99.19 allows denial of service due to the nsd/driver.c ChunkedDecode function not properly validating the length of a chunk. A remote attacker can craft a chunked-transfer request that will result in a negative value being passed to memmove via the size parameter, causing the process to crash. |
|
89 |
CVE-2020-13110 |
427 |
|
Exec Code |
2020-05-16 |
2020-05-20 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The kerberos package before 1.0.0 for Node.js allows arbitrary code execution and privilege escalation via injection of malicious DLLs through use of the kerberos_sspi LoadLibrary() method, because of a DLL path search. |
|
90 |
CVE-2020-13109 |
787 |
|
Exec Code Overflow |
2020-05-16 |
2020-05-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Morita Shogi 64 through 2020-05-02 for Nintendo 64 devices allows remote attackers to execute arbitrary code via crafted packet data to the built-in modem because 0x800b3e94 (aka the IF subcommand to top-level command 7) has a stack-based buffer overflow. |
|
91 |
CVE-2020-13094 |
79 |
|
XSS |
2020-05-18 |
2020-05-19 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Dolibarr before 11.0.4 allows XSS. |
|
92 |
CVE-2020-13093 |
22 |
|
Dir. Trav. |
2020-05-15 |
2020-05-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
iSpyConnect.com Agent DVR before 2.7.1.0 allows directory traversal. |
|
93 |
CVE-2020-13092 |
502 |
|
Exec Code |
2020-05-15 |
2020-05-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** scikit-learn (aka sklearn) through 0.23.0 can unserialize and execute commands from an untrusted file that is passed to the joblib.load() function, if __reduce__ makes an os.system call. NOTE: third parties dispute this issue because the joblib.load() function is documented as unsafe and it is the user's responsibility to use the function in a secure manner. |
|
94 |
CVE-2020-13091 |
502 |
|
Exec Code |
2020-05-15 |
2020-05-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** pandas through 1.0.3 can unserialize and execute commands from an untrusted file that is passed to the read_pickle() function, if __reduce__ makes an os.system call. NOTE: third parties dispute this issue because the read_pickle() function is documented as unsafe and it is the user's responsibility to use the function in a secure manner. |
|
95 |
CVE-2020-12889 |
|
|
|
2020-05-15 |
2020-05-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
MISP MISP-maltego 1.4.4 incorrectly shares a MISP connection across users in a remote-transform use case. |
|
96 |
CVE-2020-12888 |
755 |
|
|
2020-05-15 |
2020-11-02 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
|
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. |
|
97 |
CVE-2020-12882 |
79 |
|
XSS |
2020-05-15 |
2020-05-19 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Submitty through 20.04.01 allows XSS via upload of an SVG document, as demonstrated by an attack by a Student against a Teaching Fellow. |
|
98 |
CVE-2020-12877 |
200 |
|
+Info |
2020-05-14 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Veritas APTARE versions prior to 10.4 allowed sensitive information to be accessible without authentication. |
|
99 |
CVE-2020-12876 |
200 |
|
+Info |
2020-05-14 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Veritas APTARE versions prior to 10.4 allowed remote users to access several unintended files on the server. This vulnerability only impacts Windows server deployments. |
|
100 |
CVE-2020-12875 |
863 |
|
|
2020-05-14 |
2020-05-15 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application. |
