CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In May 2020 (CVSS score >= 4)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2020-12825 674 2020-05-12 2020-09-08
5.8
None Remote Medium Not required None Partial Partial
libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption.
102 CVE-2020-12823 120 DoS Overflow 2020-05-12 2020-07-21
7.5
None Remote Low Not required Partial Partial Partial
OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c.
103 CVE-2020-12801 312 2020-05-18 2021-11-04
5.0
None Remote Low Not required Partial None None
If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If the recovery is successful, and if the file format of the recovered document was not LibreOffice's default ODF file format, then affected versions of LibreOffice default that subsequent saves of the document are unencrypted. This may lead to a user accidentally saving a MSOffice file format document unencrypted while believing it to be encrypted. This issue affects: LibreOffice 6-3 series versions prior to 6.3.6; 6-4 series versions prior to 6.4.3.
104 CVE-2020-12798 269 2020-05-15 2020-05-21
4.6
None Local Low Not required Partial Partial Partial
Cellebrite UFED 5.0 to 7.5.0.845 implements local operating system policies that can be circumvented to obtain a command prompt via the Windows file dialog that is reachable via the Certificate-Based Authentication option of the Wireless Network Connection screen.
105 CVE-2020-12790 74 2020-05-11 2020-05-14
5.0
None Remote Low Not required Partial None None
In the SEOmatic plugin before 3.2.49 for Craft CMS, helpers/DynamicMeta.php does not properly sanitize the URL. This leads to Server-Side Template Injection and credentials disclosure via a crafted Twig template after a semicolon.
106 CVE-2020-12785 862 2020-05-11 2021-07-21
5.5
None Remote Low ??? Partial Partial None
cPanel before 86.0.14 allows attackers to obtain access to the current working directory via the account backup feature (SEC-540).
107 CVE-2020-12784 20 2020-05-11 2021-07-21
5.0
None Remote Low Not required None None Partial
cPanel before 86.0.14 allows remote attackers to trigger a bandwidth suspension via mail log strings (SEC-505).
108 CVE-2020-12783 125 Bypass 2020-05-11 2021-05-04
5.0
None Remote Low Not required Partial None None
Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c.
109 CVE-2020-12772 311 2020-05-12 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Ignite Realtime Spark 2.8.3 (and the ROAR plugin for it) on Windows. A chat message can include an IMG element with a SRC attribute referencing an external host's IP address. Upon access to this external host, the (NT)LM hashes of the user are sent with the HTTP request. This allows an attacker to collect these hashes, crack them, and potentially compromise the computer. (ROAR can be configured for automatic access. Also, access can occur if the user clicks.)
110 CVE-2020-12771 667 2020-05-09 2022-04-26
4.9
None Local Low Not required None None Complete
An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.
111 CVE-2020-12770 2020-05-09 2020-07-29
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
112 CVE-2020-12769 662 2020-05-09 2022-05-03
4.9
None Local Low Not required None None Complete
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.
113 CVE-2020-12766 89 Sql 2020-05-09 2020-05-12
7.5
None Remote Low Not required Partial Partial Partial
Gnuteca 3.8 allows action=main:search:simpleSearch SQL Injection via the exemplaryStatusId parameter.
114 CVE-2020-12765 22 Dir. Trav. 2020-05-09 2020-05-12
5.0
None Remote Low Not required Partial None None
Solis Miolo 2.0 allows index.php?module=install&action=view&item= Directory Traversal.
115 CVE-2020-12764 22 Dir. Trav. 2020-05-09 2020-05-12
5.0
None Remote Low Not required Partial None None
Gnuteca 3.8 allows file.php?folder=/&file= Directory Traversal.
116 CVE-2020-12763 787 DoS Exec Code Overflow 2020-05-13 2020-05-15
7.5
None Remote Low Not required Partial Partial Partial
TRENDnet ProView Wireless camera TV-IP512WN 1.0R 1.0.4 is vulnerable to an unauthenticated stack-based buffer overflow in handling RTSP packets. This may result in remote code execution or denial of service. The issue is in the binary rtspd (in /sbin) when parsing a long "Authorization: Basic" RTSP header.
117 CVE-2020-12762 787 Overflow 2020-05-09 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
118 CVE-2020-12761 190 Overflow 2020-05-09 2021-07-21
6.4
None Remote Low Not required Partial None Partial
modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map.
119 CVE-2020-12760 502 Exec Code 2020-05-11 2020-05-13
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in OpenNMS Horizon before 26.0.1, and Meridian before 2018.1.19 and 2019 before 2019.1.7. The ActiveMQ channel configuration allowed for arbitrary deserialization of Java objects (aka ActiveMQ Minion payload deserialization), leading to remote code execution for any authenticated channel user regardless of its assigned permissions.
120 CVE-2020-12754 2020-05-11 2020-05-12
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A crafted application can obtain control of device input via the window system service. The LG ID is LVE-SMP-170011 (May 2020).
121 CVE-2020-12753 787 Exec Code 2020-05-11 2022-04-26
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. Arbitrary code execution can occur via the bootloader because of an EL1/EL3 coldboot vulnerability involving raw_resources. The LG ID is LVE-SMP-200006 (May 2020).
122 CVE-2020-12752 522 2020-05-11 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. Attackers can determine user credentials via a brute-force attack against the Gatekeeper trustlet. The Samsung ID is SVE-2020-16908 (May 2020).
123 CVE-2020-12751 119 Exec Code Overflow 2020-05-11 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), and Q(10.0) software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung ID is SVE-2020-16943 (May 2020).
124 CVE-2020-12750 Bypass 2020-05-11 2020-05-13
5.0
None Remote Low Not required None Partial None
An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can bypass Factory Reset Protection (FRP) via SPEN. The Samsung ID is SVE-2020-17019 (May 2020).
125 CVE-2020-12749 120 Overflow 2020-05-11 2020-05-13
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. The S.LSI Wi-Fi drivers have a buffer overflow. The Samsung ID is SVE-2020-16906 (May 2020).
126 CVE-2020-12748 Bypass 2020-05-11 2020-05-13
5.0
None Remote Low Not required None Partial None
An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can bypass the locked-state protection mechanism and designate a different preferred SIM card. The Samsung ID is SVE-2020-16594 (May 2020).
127 CVE-2020-12747 787 Overflow 2020-05-11 2020-05-13
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos980 9630 and Exynos990 9830 chipsets) software. The Bootloader has a heap-based buffer overflow because of the mishandling of specific commands. The Samsung IDs are SVE-2020-16981, SVE-2020-16991 (May 2020).
128 CVE-2020-12746 787 Exec Code Overflow Bypass 2020-05-11 2020-05-12
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), and Q(10.0) (Exynos chipsets) software. Attackers can bypass the Secure Bootloader protection mechanism via a heap-based buffer overflow to execute arbitrary code. The Samsung ID is SVE-2020-16712 (May 2020).
129 CVE-2020-12745 863 Bypass 2020-05-11 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can bypass the locked-state protection mechanism and access clipboard content via USSD. The Samsung ID is SVE-2019-16556 (May 2020).
130 CVE-2020-12743 552 File Inclusion 2020-05-11 2020-05-15
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Gazie 7.32. A successful installation does not remove or block (or in any other way prevent use of) its own file /setup/install/setup.php, meaning that anyone can request it without authentication. This file allows arbitrary PHP file inclusion via a hidden_req POST parameter.
131 CVE-2020-12742 20 2020-05-13 2020-05-18
4.3
None Remote Medium Not required None Partial None
The iubenda-cookie-law-solution plugin before 2.3.5 for WordPress does not restrict URL sanitization to http protocols.
132 CVE-2020-12740 125 2020-05-08 2022-04-08
6.4
None Remote Low Not required Partial None Partial
tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c.
133 CVE-2020-12737 22 Dir. Trav. 2020-05-08 2020-05-13
4.0
None Remote Low ??? Partial None None
An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authenticated users can perform a path traversal using double escaped characters, enabling read access to arbitrary files on the server.
134 CVE-2020-12735 331 2020-05-08 2020-05-12
7.5
None Remote Low Not required Partial Partial Partial
reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover.
135 CVE-2020-12720 89 Sql 2020-05-08 2022-04-27
7.5
None Remote Low Not required Partial Partial Partial
vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control.
136 CVE-2020-12719 611 2020-05-08 2020-05-14
6.5
None Remote Low ??? Partial Partial Partial
XXE during an EventPublisher update can occur in Management Console in WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integrator 6.4.0 and earlier, IS as Key Manager 5.9.0 and earlier, Identity Server 5.9.0 and earlier, and Identity Server Analytics 5.6.0 and earlier.
137 CVE-2020-12708 79 XSS 2020-05-07 2020-05-12
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the cat_id parameter to downloads/downloads.php or article.php. NOTE: this might overlap CVE-2012-6043.
138 CVE-2020-12707 79 XSS 2020-05-07 2020-05-08
4.3
None Remote Medium Not required None Partial None
An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4.5.0. This can be exploited because the only security measure used against XSS is the stripping of SCRIPT elements. A malicious actor can use HTML event handlers to run JavaScript instead of using SCRIPT elements.
139 CVE-2020-12705 79 XSS 2020-05-07 2020-05-08
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities exist in LeptonCMS before 4.6.0.
140 CVE-2020-12704 79 XSS 2020-05-07 2020-05-08
4.3
None Remote Medium Not required None Partial None
UliCMS before 2020.2 has PageController stored XSS.
141 CVE-2020-12703 79 XSS 2020-05-07 2020-05-08
4.3
None Remote Medium Not required None Partial None
UliCMS before 2020.2 has XSS during PackageController uninstall.
142 CVE-2020-12700 200 +Info 2020-05-13 2021-07-21
4.0
None Remote Low ??? Partial None None
The direct_mail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query.
143 CVE-2020-12699 601 2020-05-13 2020-05-14
5.8
None Remote Medium Not required Partial Partial None
The direct_mail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl.
144 CVE-2020-12698 200 +Info 2020-05-13 2021-07-21
4.0
None Remote Low ??? Partial None None
The direct_mail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables.
145 CVE-2020-12697 770 DoS 2020-05-13 2020-05-14
5.0
None Remote Low Not required None None Partial
The direct_mail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries.
146 CVE-2020-12696 79 XSS 2020-05-07 2020-05-11
4.3
None Remote Medium Not required None Partial None
The iframe plugin before 4.5 for WordPress does not sanitize a URL.
147 CVE-2020-12693 Bypass 2020-05-21 2022-04-04
5.1
None Remote High Not required Partial Partial Partial
Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user.
148 CVE-2020-12692 347 2020-05-07 2022-04-27
5.5
None Remote Low ??? Partial Partial None
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.
149 CVE-2020-12691 863 2020-05-07 2022-04-26
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
150 CVE-2020-12690 613 2020-05-07 2021-07-13
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access.
Total number of vulnerabilities : 866   Page : 1 2 3 (This Page)4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.