CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In April 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1501 CVE-2019-20684 787 Overflow 2020-04-16 2020-04-21
5.8
None Local Network Low Not required Partial Partial Partial
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.75, D6000 before 1.0.0.75, D6200 before 1.1.00.32, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.32.
1502 CVE-2019-20683 787 Overflow 2020-04-16 2020-04-21
5.8
None Local Network Low Not required Partial Partial Partial
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.32, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.32.
1503 CVE-2019-20682 787 Overflow 2020-04-16 2020-04-22
5.8
None Local Network Low Not required Partial Partial Partial
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.32, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.32.
1504 CVE-2019-20681 287 Bypass 2020-04-15 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.34, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6050 before 1.0.1.18, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, and R6900v2 before 1.2.0.36.
1505 CVE-2019-20680 74 2020-04-15 2021-07-21
5.2
None Local Network Low ??? Partial Partial Partial
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects D7000v2 before 1.0.0.53, R6220 before 1.1.0.80, R6260 before 1.1.0.64, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7800 before 1.0.2.60, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.46, R8000P before 1.4.1.30, R8300 before 1.0.2.128, R8500 before 1.0.2.128, R8900 before 1.0.4.12, R9000 before 1.0.4.12, and XR500 before 2.3.2.32.
1506 CVE-2019-20679 20 2020-04-15 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
NETGEAR MR1100 devices before 12.06.08.00 are affected by lack of access control at the function level.
1507 CVE-2019-20678 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1508 CVE-2019-20677 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1509 CVE-2019-20676 862 2020-04-15 2020-04-23
3.6
None Local Low Not required Partial Partial None
Certain NETGEAR devices are affected by lack of access control at the function level. This affects FS728TLP before 1.0.1.26, GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS108Ev3 before 2.06.08, GS108PEv3 before 2.06.08, GS110EMX before 1.0.1.4, GS116Ev2 before 2.6.0.35, GS408EPP before 1.0.0.15, GS724TPv2 before 1.1.1.29, GS808E before 1.7.0.7, GS810EMX before 1.7.1.1, GS908E before 1.7.0.3, GSS108E before 1.6.0.4, GSS108EPP before 1.0.0.15, GSS116E before 1.6.0.9, JGS516PE before 2.6.0.35, JGS524Ev2 before 2.6.0.35, JGS524PE before 2.6.0.35, XS512EM before 1.0.1.1, XS708Ev2 before 1.6.0.23, XS716E before 1.6.0.23, and XS724EM before 1.0.1.1.
1510 CVE-2019-20675 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1511 CVE-2019-20674 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1512 CVE-2019-20673 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1513 CVE-2019-20672 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1514 CVE-2019-20671 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1515 CVE-2019-20670 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1516 CVE-2019-20669 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1517 CVE-2019-20668 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1518 CVE-2019-20667 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1519 CVE-2019-20666 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1520 CVE-2019-20665 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1521 CVE-2019-20664 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1522 CVE-2019-20663 79 XSS 2020-04-15 2020-04-20
2.3
None Local Network Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1523 CVE-2019-20662 79 XSS 2020-04-15 2020-04-20
2.3
None Local Network Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1524 CVE-2019-20661 79 XSS 2020-04-15 2020-04-20
2.3
None Local Network Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1525 CVE-2019-20660 79 XSS 2020-04-15 2020-04-20
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR20 before 2.3.5.26, RBS20 before 2.3.5.26, RBK20 before 2.3.5.26, RBR40 before 2.3.5.30, RBS40 before 2.3.5.30, RBK40 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1526 CVE-2019-20659 77 2020-04-15 2020-08-24
6.5
None Remote Low ??? Partial Partial Partial
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6400v2 before 1.0.4.84, R6700 before 1.0.2.8, R6700v3 before 1.0.4.84, R6900 before 1.0.2.8, and R7900 before 1.0.3.10.
1527 CVE-2019-20658 200 +Info 2020-04-15 2021-07-21
3.3
None Local Network Low Not required Partial None None
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects FS728TLP before 1.0.1.26, GS105Ev2 before 1.6.0.4, GS105PE before 1.6.0.4, GS108Ev3 before 2.06.08, GS108PEv3 before 2.06.08, GS110EMX before 1.0.1.4, GS116Ev2 before 2.6.0.35, GS408EPP before 1.0.0.15, GS808E before 1.7.0.7, GS810EMX before 1.7.1.1, GS908E before 1.7.0.3, GSS108E before 1.6.0.4, GSS108EPP before 1.0.0.15, GSS116E before 1.6.0.9, JGS516PE before 2.6.0.35, JGS524Ev2 before 2.6.0.35, JGS524PE before 2.6.0.35, XS512EM before 1.0.1.1, XS708Ev2 before 1.6.0.23, XS716E before 1.6.0.23, and XS724EM before 1.0.1.1.
1528 CVE-2019-20657 120 Overflow 2020-04-15 2020-04-22
6.5
None Remote Low ??? Partial Partial Partial
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6080 before 1.0.0.42, R6050 before 1.0.1.24, JR6150 before 1.0.1.24, R6120 before 1.0.0.48, R6220 before 1.1.0.86, R6230 before 1.1.0.86, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, and WNR2020 before 1.1.0.62.
1529 CVE-2019-20656 798 2020-04-15 2020-04-22
3.3
None Local Network Low Not required Partial None None
Certain NETGEAR devices are affected by a hardcoded password. This affects D6200 before 1.1.00.36, D7000 before 1.0.1.74, PR2000 before 1.0.0.30, R6020 before 1.0.0.42, R6080 before 1.0.0.42, R6050 before 1.0.1.24, JR6150 before 1.0.1.24, R6120 before 1.0.0.48, R6220 before 1.1.0.86, R6230 before 1.1.0.86, R6260 before 1.1.0.64, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, and WNR2020 before 1.1.0.62.
1530 CVE-2019-20655 77 2020-04-15 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR500 before 2.3.2.56 and XR700 before 1.0.1.20.
1531 CVE-2019-20654 20 2020-04-15 2021-07-21
5.0
None Remote Low Not required None Partial None
Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects WAC505 before 8.0.6.4 and WAC510 before 8.0.6.4.
1532 CVE-2019-20653 20 DoS 2020-04-15 2021-07-21
3.3
None Local Network Low Not required None None Partial
Certain NETGEAR devices are affected by denial of service. This affects WAC505 before 8.0.6.4 and WAC510 before 8.0.6.4.
1533 CVE-2019-20652 200 +Info 2020-04-15 2021-07-21
2.1
None Local Low Not required Partial None None
NETGEAR WAC505 devices before 8.2.1.16 are affected by disclosure of sensitive information.
1534 CVE-2019-20651 77 2020-04-15 2020-08-24
4.6
None Local Low Not required Partial Partial Partial
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects WAC505 before 8.2.1.16 and WAC510 before 8.2.1.16.
1535 CVE-2019-20650 20 DoS 2020-04-15 2021-07-21
5.0
None Remote Low Not required None None Partial
Certain NETGEAR devices are affected by denial of service. This affects R8900 before 1.0.5.2, R9000 before 1.0.5.2, XR500 before 2.3.2.56, and XR700 before 1.0.1.20.
1536 CVE-2019-20649 200 +Info 2020-04-15 2021-07-21
5.0
None Remote Low Not required Partial None None
NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of sensitive information.
1537 CVE-2019-20648 20 2020-04-15 2021-07-21
2.7
None Local Network Low ??? None Partial None
NETGEAR RN42400 devices before 6.10.2 are affected by incorrect configuration of security settings.
1538 CVE-2019-20647 DoS 2020-04-15 2020-04-17
2.7
None Local Network Low ??? None None Partial
NETGEAR RAX40 devices before 1.0.3.64 are affected by denial of service.
1539 CVE-2019-20646 200 +Info 2020-04-15 2020-08-24
5.0
None Remote Low Not required Partial None None
NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of administrative credentials.
1540 CVE-2019-20645 79 XSS 2020-04-15 2020-04-17
3.5
None Remote Medium ??? None Partial None
NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS.
1541 CVE-2019-20644 79 XSS 2020-04-15 2020-04-17
3.5
None Remote Medium ??? None Partial None
NETGEAR RAX40 devices before 1.0.3.62 are affected by stored XSS.
1542 CVE-2019-20643 200 +Info 2020-04-15 2021-07-21
5.0
None Remote Low Not required Partial None None
NETGEAR RAX40 devices before 1.0.3.64 are affected by disclosure of sensitive information.
1543 CVE-2019-20642 Bypass 2020-04-15 2020-08-24
5.2
None Local Network Low ??? Partial Partial Partial
NETGEAR RAX40 devices before 1.0.3.64 are affected by authentication bypass.
1544 CVE-2019-20641 2020-04-15 2020-08-24
5.8
None Local Network Low Not required Partial Partial Partial
NETGEAR RAX40 devices before 1.0.3.64 are affected by lack of access control at the function level.
1545 CVE-2019-20640 787 Overflow 2020-04-15 2020-04-22
5.8
None Local Network Low Not required Partial Partial Partial
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6200 before 1.1.00.32, D7000 before 1.0.1.68, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, WNR2020 before 1.1.0.62, and XR500 before 2.3.2.32.
1546 CVE-2019-20639 79 XSS 2020-04-15 2020-04-17
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, and RBK50 before 2.3.5.30.
1547 CVE-2019-20638 200 +Info 2020-04-15 2020-08-24
4.0
None Remote Low ??? Partial None None
NETGEAR MR1100 devices before 12.06.08.00 are affected by disclosure of administrative credentials.
1548 CVE-2019-20637 212 2020-04-08 2022-04-22
5.0
None Remote Low Not required Partial None None
An issue was discovered in Varnish Cache before 6.0.5 LTS, 6.1.x and 6.2.x before 6.2.2, and 6.3.x before 6.3.1. It does not clear a pointer between the handling of one client request and the next request within the same connection. This sometimes causes information to be disclosed from the connection workspace, such as data structures associated with previous requests within this connection or VCL-related temporary headers.
1549 CVE-2019-20636 787 2020-04-08 2020-06-10
7.2
None Local Low Not required Complete Complete Complete
In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7.
1550 CVE-2019-20635 470 Exec Code 2020-04-02 2020-08-24
4.3
None Remote Medium Not required None Partial None
codeBeamer before 9.5.0-RC3 does not properly restrict the ability to execute custom Java code and access the Java class loader via computed fields.
Total number of vulnerabilities : 2187   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 (This Page)32 33 34 35 36 37 38 39 40 41 42 43 44
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.