CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In April 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2020-11895 125 2020-04-19 2020-04-23
6.4
None Remote Low Not required Partial None Partial
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c.
102 CVE-2020-11894 125 2020-04-19 2020-04-23
6.4
None Remote Low Not required Partial None Partial
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c.
103 CVE-2020-11891 863 2020-04-21 2021-07-21
5.0
None Remote Low Not required None Partial None
An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized editing of usergroups.
104 CVE-2020-11890 20 2020-04-21 2020-04-29
5.0
None Remote Low Not required None Partial None
An issue was discovered in Joomla! before 3.9.17. Improper input validations in the usergroup table class could lead to a broken ACL configuration.
105 CVE-2020-11889 863 2020-04-21 2021-07-21
5.0
None Remote Low Not required None Partial None
An issue was discovered in Joomla! before 3.9.17. Incorrect ACL checks in the access level section of com_users allow the unauthorized deletion of usergroups.
106 CVE-2020-11888 79 XSS 2020-04-20 2020-05-25
4.3
None Remote Medium Not required None Partial None
python-markdown2 through 2.3.8 allows XSS because element names are mishandled unless a \w+ match succeeds. For example, an attack might use elementname@ or elementname- with an onclick attribute.
107 CVE-2020-11887 79 XSS 2020-04-17 2020-04-22
4.3
None Remote Medium Not required None Partial None
svg2png 4.1.1 allows XSS with resultant SSRF via JavaScript inside an SVG document.
108 CVE-2020-11886 89 Sql 2020-04-17 2020-05-05
5.5
None Remote Low ??? Partial Partial None
OpenNMS Horizon and Meridian allows HQL Injection in element/nodeList.htm (aka the NodeListController) via snmpParm or snmpParmValue to addCriteriaForSnmpParm. This affects Horizon before 25.2.1, Meridian 2019 before 2019.1.4, Meridian 2018 before 2018.1.16, and Meridian 2017 before 2017.1.21.
109 CVE-2020-11885 611 2020-04-17 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
WSO2 Enterprise Integrator through 6.6.0 has an XXE vulnerability where a user (with admin console access) can use the XML validator to make unintended network invocations such as SSRF via an uploaded file.
110 CVE-2020-11884 362 Exec Code 2020-04-29 2021-01-04
6.9
None Local Medium Not required Complete Complete Complete
In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A crash could also occur.
111 CVE-2020-11883 200 +Info 2020-04-17 2021-07-21
5.0
None Remote Low Not required Partial None None
In Divante vue-storefront-api through 1.11.1 and storefront-api through 1.0-rc.1, as used in VueStorefront PWA, unexpected HTTP requests lead to an exception that discloses the error stack trace, with absolute file paths and Node.js module names.
112 CVE-2020-11880 2020-04-17 2020-04-29
6.4
None Remote Low Not required Partial Partial None
An issue was discovered in KDE KMail before 19.12.3. By using the proprietary (non-RFC6068) "mailto?attach=..." parameter, a website (or other source of mailto links) can make KMail attach local files to a composed email message without showing a warning to the user, as demonstrated by an attach=.bash_history value.
113 CVE-2020-11879 2020-04-17 2020-09-04
4.3
None Remote Medium Not required Partial None None
An issue was discovered in GNOME Evolution before 3.35.91. By using the proprietary (non-RFC6068) "mailto?attach=..." parameter, a website (or other source of mailto links) can make Evolution attach local files or directories to a composed email message without showing a warning to the user, as demonstrated by an attach=. value.
114 CVE-2020-11878 798 2020-04-17 2020-04-29
7.5
None Remote Low Not required Partial Partial Partial
The Jitsi Meet (aka docker-jitsi-meet) stack on Docker before stable-4384-1 uses default passwords (such as passw0rd) for system accounts.
115 CVE-2020-11877 330 2020-04-17 2022-05-03
5.0
None Remote Low Not required Partial None None
** DISPUTED ** airhost.exe in Zoom Client for Meetings 4.6.11 uses 3423423432325249 as the Initialization Vector (IV) for AES-256 CBC encryption. NOTE: the vendor states that this IV is used only within unreachable code.
116 CVE-2020-11876 327 2020-04-17 2022-05-03
5.0
None Remote Low Not required Partial None None
** DISPUTED ** airhost.exe in Zoom Client for Meetings 4.6.11 uses the SHA-256 hash of 0123425234234fsdfsdr3242 for initialization of an OpenSSL EVP AES-256 CBC context. NOTE: the vendor states that this initialization only occurs within unreachable code.
117 CVE-2020-11875 755 +Priv 2020-04-17 2020-04-24
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10.0 (MTK chipsets) software. The MTK kernel does not properly implement exception handling, allowing an attacker to gain privileges. The LG ID is LVE-SMP-200001 (February 2020).
118 CVE-2020-11874 Bypass 2020-04-17 2020-04-24
5.0
None Remote Low Not required None Partial None
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9, and 10 software. Attackers can bypass Factory Reset Protection (FRP). The LG ID is LVE-SMP-200004 (March 2020).
119 CVE-2020-11873 787 Overflow +Priv 2020-04-17 2020-04-22
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A stack-based buffer overflow in the logging tool could allow an attacker to gain privileges. The LG ID is LVE-SMP-200005 (April 2020).
120 CVE-2020-11872 915 2020-04-17 2021-07-21
5.0
None Remote Low Not required None Partial None
The Cloud Functions subsystem in OpenTrace 1.0 might allow fabrication attacks by making billions of TempID requests before an AES-256-GCM key rotation occurs.
121 CVE-2020-11869 190 DoS Overflow 2020-04-27 2020-05-28
2.1
None Local Low Not required None None Partial
An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service.
122 CVE-2020-11868 346 2020-04-17 2022-04-26
5.0
None Remote Low Not required None None Partial
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
123 CVE-2020-11828 200 Bypass +Info 2020-04-21 2021-07-21
5.0
None Remote Low Not required Partial None None
In ColorOS (oppo mobile phone operating system, based on AOSP frameworks/native code position/services/surfaceflinger surfaceflinger.CPP), RGB is defined on the stack but uninitialized, so when the screenShot function to RGB value assignment, will not initialize the value is returned to the attackers, leading to values on the stack information leakage, the vulnerability can be used to bypass attackers ALSR.
124 CVE-2020-11826 311 2020-04-16 2021-07-21
5.0
None Remote Low Not required Partial None None
Users can lock their notes with a password in Memono version 3.8. Thus, users needs to know a password to read notes. However, these notes are stored in a database without encryption and an attacker can read the password-protected notes without having the password. Notes are stored in the ZENTITY table in the memono.sqlite database.
125 CVE-2020-11825 352 CSRF 2020-04-16 2020-04-20
6.8
None Remote Medium Not required Partial Partial Partial
In Dolibarr 10.0.6, forms are protected with a CSRF token against CSRF attacks. The problem is any CSRF token in any user's session can be used in another user's session. CSRF tokens should not be valid in this situation.
126 CVE-2020-11823 79 XSS 2020-04-16 2020-04-20
3.5
None Remote Medium ??? None Partial None
In Dolibarr 10.0.6, if USER_LOGIN_FAILED is active, there is a stored XSS vulnerability on the admin tools --> audit page. This may lead to stealing of the admin account.
127 CVE-2020-11822 79 XSS 2020-04-27 2020-05-04
4.3
None Remote Medium Not required None Partial None
In Rukovoditel 2.5.2, there is a stored XSS vulnerability on the application structure --> user access groups page. Thus, an attacker can inject malicious script to steal all users' valuable data.
128 CVE-2020-11821 312 2020-04-27 2021-07-21
5.0
None Remote Low Not required Partial None None
In Rukovoditel 2.5.2, users' passwords and usernames are stored in a cookie with URL encoding, base64 encoding, and hashing. Thus, an attacker can easily apply brute force on them.
129 CVE-2020-11820 89 Sql 2020-04-16 2020-04-20
7.5
None Remote Low Not required Partial Partial Partial
Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the entities_id parameter.
130 CVE-2020-11819 20 Exec Code 2020-04-16 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
In Rukovoditel 2.5.2, an attacker may inject an arbitrary .php file location instead of a language file and thus achieve command execution.
131 CVE-2020-11818 352 Bypass CSRF 2020-04-16 2020-04-22
6.8
None Remote Medium Not required Partial Partial Partial
In Rukovoditel 2.5.2 has a form_session_token value to prevent CSRF attacks. This protection mechanism can be bypassed with another user's valid token. Thus, an attacker can change the Admin password by using a CSRF attack and escalate his/her privileges.
132 CVE-2020-11817 434 Exec Code 2020-04-27 2020-05-05
6.8
None Remote Medium Not required Partial Partial Partial
In Rukovoditel V2.5.2, attackers can upload an arbitrary file to the server just changing the the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs with the Maintenance Mode setting.
133 CVE-2020-11816 89 Sql 2020-04-16 2020-04-22
7.5
None Remote Low Not required Partial Partial Partial
Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the reports_id (POST) parameter.
134 CVE-2020-11815 434 Exec Code 2020-04-16 2020-04-23
6.8
None Remote Medium Not required Partial Partial Partial
In Rukovoditel 2.5.2, attackers can upload arbitrary file to the server by just changing the content-type value. As a result of that, an attacker can execute a command on the server. This specific attack only occurs without the Maintenance Mode setting.
135 CVE-2020-11814 74 2020-04-16 2020-04-22
5.8
None Remote Medium Not required Partial Partial None
A Host Header Injection vulnerability in qdPM 9.1 may allow an attacker to spoof a particular header and redirect users to malicious websites.
136 CVE-2020-11813 79 XSS 2020-04-16 2020-04-23
3.5
None Remote Medium ??? None Partial None
In Rukovoditel 2.5.2, there is a stored XSS vulnerability on the configuration page via the copyright text input. Thus, an attacker can inject a malicious script to steal all users' valuable data. This copyright text is on every page so this attack vector can be very dangerous.
137 CVE-2020-11812 89 Sql 2020-04-16 2020-04-23
7.5
None Remote Low Not required Partial Partial Partial
Rukovoditel 2.5.2 is affected by a SQL injection vulnerability because of improper handling of the filters[0][value] or filters[1][value] parameter.
138 CVE-2020-11811 434 Exec Code 2020-04-16 2020-04-22
10.0
None Remote Low Not required Complete Complete Complete
In qdPM 9.1, an attacker can upload a malicious .php file to the server by exploiting the Add Profile Photo capability with a crafted content-type value. After that, the attacker can execute an arbitrary command on the server using this malicious file.
139 CVE-2020-11810 362 2020-04-27 2022-05-12
4.3
None Remote Medium Not required None None Partial
An issue was discovered in OpenVPN 2.4.x before 2.4.9. An attacker can inject a data channel v2 (P_DATA_V2) packet using a victim's peer-id. Normally such packets are dropped, but if this packet arrives before the data channel crypto parameters have been initialized, the victim's connection will be dropped. This requires careful timing due to the small time window (usually within a few seconds) between the victim client connection starting and the server PUSH_REPLY response back to the client. This attack will only work if Negotiable Cipher Parameters (NCP) is in use.
140 CVE-2020-11806 295 2020-04-23 2020-05-01
4.3
None Remote Medium Not required Partial None None
In MailStore Outlook Add-in (and Email Archive Outlook Add-in) through 12.1.2, the login process does not validate the validity of the certificate presented by the server.
141 CVE-2020-11799 269 2020-04-15 2020-04-22
7.5
None Remote Low Not required Partial Partial Partial
Z-Cron 5.6 Build 04 allows an unprivileged attacker to elevate privileges by modifying a privileged user's task. This can also affect all users who are signed in on the system if a shell is placed in a location that other unprivileged users have access to.
142 CVE-2020-11796 287 2020-04-22 2020-04-29
7.5
None Remote Low Not required Partial Partial Partial
In JetBrains Space through 2020-04-22, the password authentication implementation was insecure.
143 CVE-2020-11795 613 2020-04-22 2020-04-29
5.0
None Remote Low Not required None Partial None
In JetBrains Space through 2020-04-22, the session timeout period was configured improperly.
144 CVE-2020-11793 416 DoS Exec Code Mem. Corr. 2020-04-17 2020-06-13
6.8
None Remote Medium Not required Partial Partial Partial
A use-after-free issue exists in WebKitGTK before 2.28.1 and WPE WebKit before 2.28.1 via crafted web content that allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash).
145 CVE-2020-11792 295 2020-04-15 2020-04-21
5.0
None Remote Low Not required Partial None None
NETGEAR R8900, R9000, RAX120, and XR700 devices before 2020-01-20 are affected by Transport Layer Security (TLS) certificate private key disclosure.
146 CVE-2020-11791 79 XSS 2020-04-15 2020-04-20
4.3
None Remote Medium Not required None Partial None
NETGEAR JGS516PE devices before 2.6.0.43 are affected by reflected XSS.
147 CVE-2020-11790 20 Exec Code 2020-04-15 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
NETGEAR R7800 devices before 1.0.2.68 are affected by remote code execution by unauthenticated attackers.
148 CVE-2020-11789 74 2020-04-15 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects R6400v2 before 1.0.4.84, R6700 before 1.0.2.8, R6700v3 before 1.0.4.84, R6900 before 1.0.2.8, and R7900 before 1.0.3.10.
149 CVE-2020-11788 287 Bypass 2020-04-15 2021-07-21
5.8
None Local Network Low Not required Partial Partial Partial
Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.34, D7000 before 1.0.1.68, PR2000 before 1.0.0.28, R6050 before 1.0.1.18, JR6150 before 1.0.1.18, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.64, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, and R6900v2 before 1.2.0.36.
150 CVE-2020-11787 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, RBK50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
Total number of vulnerabilities : 2187   Page : 1 2 3 (This Page)4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.