CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In February 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
151 CVE-2020-8818 346 Bypass 2020-02-25 2020-03-05
5.5
None Remote Low ??? Partial Partial None
An issue was discovered in the CardGate Payments plugin through 2.0.30 for Magento 2. Lack of origin authentication in the IPN callback processing function in Controller/Payment/Callback.php allows an attacker to remotely replace critical plugin settings (merchant ID, secret key, etc.) and therefore bypass the payment process (e.g., spoof an order status by manually sending an IPN callback request with a valid signature but without real payment) and/or receive all of the subsequent payments.
152 CVE-2020-8815 20 DoS 2020-02-12 2020-02-19
5.0
None Remote Low Not required None None Partial
Improper connection handling in the base connection handler in IKTeam BearFTP before v0.3.1 allows a remote attacker to achieve denial of service via a Slowloris approach by sending a large volume of small packets.
153 CVE-2020-8813 78 Exec Code 2020-02-22 2022-05-24
9.3
None Remote Medium Not required Complete Complete Complete
graph_realtime.php in Cacti 1.2.8 allows remote attackers to execute arbitrary OS commands via shell metacharacters in a cookie, if a guest user has the graph real-time privilege.
154 CVE-2020-8812 79 XSS 2020-02-07 2020-02-10
3.5
None Remote Medium ??? None Partial None
** DISPUTED ** Bludit 3.10.0 allows Editor or Author roles to insert malicious JavaScript on the WYSIWYG editor. NOTE: the vendor's perspective is that this is "not a bug."
155 CVE-2020-8811 862 2020-02-07 2020-02-10
4.0
None Remote Low ??? None Partial None
ajax/profile-picture-upload.php in Bludit 3.10.0 allows authenticated users to change other users' profile pictures.
156 CVE-2020-8810 22 Exec Code Dir. Trav. 2020-02-25 2020-03-04
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Gurux GXDLMS Director through 8.5.1905.1301. When downloading OBIS codes, it does not verify that the downloaded files are actual OBIS codes and doesn't check for path traversal. This allows the attacker exploiting CVE-2020-8809 to send executable files and place them in an autorun directory, or to place DLLs inside the existing GXDLMS Director installation (run on next execution of GXDLMS Director). This can be used to achieve code execution even if the user doesn't have any add-ins installed.
157 CVE-2020-8809 494 Exec Code 2020-02-25 2020-02-27
6.8
None Remote Medium Not required Partial Partial Partial
Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. A man-in-the-middle attacker can prompt the user to download updates by modifying the contents of gurux.fi/obis/files.xml and gurux.fi/updates/updates.xml. Then, the attacker can modify the contents of downloaded files. In the case of add-ins (if the user is using those), this will lead to code execution. In case of OBIS codes (which the user is always using as they are needed to communicate with the energy meters), this can lead to code execution when combined with CVE-2020-8810.
158 CVE-2020-8808 269 +Priv 2020-02-07 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
The CorsairLLAccess64.sys and CorsairLLAccess32.sys drivers in CORSAIR iCUE before 3.25.60 allow local non-privileged users (including low-integrity level processes) to read and write to arbitrary physical memory locations, and consequently gain NT AUTHORITY\SYSTEM privileges, via a function call such as MmMapIoSpace.
159 CVE-2020-8804 89 Sql 2020-02-13 2020-02-25
4.0
None Remote Low ??? Partial None None
SuiteCRM through 7.11.10 allows SQL Injection via the SOAP API, the EmailUIAjax interface, or the MailMerge module.
160 CVE-2020-8803 22 Dir. Trav. 2020-02-13 2020-02-19
7.5
None Remote Low Not required Partial Partial Partial
SuiteCRM through 7.11.11 allows Directory Traversal to include arbitrary .php files within the webroot via add_to_prospect_list.
161 CVE-2020-8802 89 Sql 2020-02-13 2020-02-19
7.5
None Remote Low Not required Partial Partial Partial
SuiteCRM through 7.11.11 has Incorrect Access Control via action_saveHTMLField Bean Manipulation.
162 CVE-2020-8801 74 2020-02-13 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
SuiteCRM through 7.11.11 allows PHAR Deserialization.
163 CVE-2020-8800 74 2020-02-13 2020-02-19
6.5
None Remote Low ??? Partial Partial Partial
SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection.
164 CVE-2020-8796 Exec Code 2020-02-07 2020-03-16
7.5
None Remote Low Not required Partial Partial Partial
Biscom Secure File Transfer (SFT) before 5.1.1071 and 6.0.1xxx before 6.0.1005 allows Remote Code Execution on the server.
165 CVE-2020-8795 862 2020-02-17 2021-07-21
5.0
None Remote Low Not required Partial None None
In GitLab Enterprise Edition (EE) 12.5.0 through 12.7.5, sharing a group with a group could grant project access to unauthorized users.
166 CVE-2020-8794 125 Exec Code 2020-02-25 2021-05-04
10.0
None Remote Low Not required Complete Complete Complete
OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTPD, it is possible to attack a server because the server code launches the client code during bounce handling.
167 CVE-2020-8793 426 2020-02-25 2022-01-01
4.7
None Local Medium Not required Complete None None
OpenSMTPD before 6.6.4 allows local users to read arbitrary files (e.g., on some Linux distributions) because of a combination of an untrusted search path in makemap.c and race conditions in the offline functionality in smtpd.c.
168 CVE-2020-8788 79 XSS 2020-02-07 2020-02-11
4.3
None Remote Medium Not required None Partial None
Synaptive Medical ClearCanvas ImageServer 3.0 Alpha allows XSS (and HTML injection) via the Default.aspx UserName parameter. NOTE: the issues/227 reference does not imply that the affected product can be downloaded from GitHub. It was simply a convenient location for a public bug report.
169 CVE-2020-8772 862 2020-02-06 2020-02-11
7.5
None Remote Low Not required Partial Partial Partial
The InfiniteWP Client plugin before 1.9.4.5 for WordPress has a missing authorization check in iwp_mmb_set_request in init.php. Any attacker who knows the username of an administrator can log in.
170 CVE-2020-8771 287 Bypass 2020-02-06 2020-02-11
7.5
None Remote Low Not required Partial Partial Partial
The Time Capsule plugin before 1.21.16 for WordPress has an authentication bypass. Any request containing IWP_JSON_PREFIX causes the client to be logged in as the first account on the list of administrator accounts.
171 CVE-2020-8768 732 2020-02-17 2022-01-01
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Phoenix Contact Emalytics Controller ILC 2050 BI before 1.2.3 and BI-L before 1.2.3 devices. There is an insecure mechanism for read and write access to the configuration of the device. The mechanism can be discovered by examining a link on the website of the device.
172 CVE-2020-8658 352 CSRF 2020-02-06 2020-02-07
6.8
None Remote Medium Not required Partial Partial Partial
The BestWebSoft Htaccess plugin through 1.8.1 for WordPress allows wp-admin/admin.php?page=htaccess.php&action=htaccess_editor CSRF. The flag htccss_nonce_name passes the nonce to WordPress but the plugin does not validate it correctly, resulting in a wrong implementation of anti-CSRF protection. In this way, an attacker is able to direct the victim to a malicious web page that modifies the .htaccess file, and takes control of the website.
173 CVE-2020-8657 798 2020-02-06 2022-01-01
5.0
None Remote Low Not required Partial None None
An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include/api_functions.php for API version 2.4.2) by default for all installations, hence allowing an attacker to calculate/guess the admin access token.
174 CVE-2020-8656 89 Sql Bypass 2020-02-07 2022-01-01
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is prone to SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the username field to getApiKey in include/api_functions.php.
175 CVE-2020-8655 269 2020-02-07 2022-01-01
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via a crafted NSE script for nmap 7.
176 CVE-2020-8654 78 2020-02-07 2021-12-30
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered in EyesOfNetwork 5.3. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the /module/module_frame/index.php autodiscovery.php target field.
177 CVE-2020-8649 416 2020-02-06 2021-12-30
3.6
None Local Low Not required Partial None Partial
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c.
178 CVE-2020-8648 416 2020-02-06 2020-09-24
3.6
None Local Low Not required Partial None Partial
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
179 CVE-2020-8647 416 2020-02-06 2021-12-30
3.6
None Local Low Not required Partial None Partial
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c.
180 CVE-2020-8645 89 Sql 2020-02-07 2020-02-12
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Simplejobscript.com SJS through 1.66. There is an unauthenticated SQL injection via the job applications search function. The vulnerable parameter is job_id. The function is getJobApplicationsByJobId(). The file is _lib/class.JobApplication.php.
181 CVE-2020-8644 74 2020-02-05 2022-01-01
7.5
None Remote Low Not required Partial Partial Partial
PlaySMS before 1.4.3 does not sanitize inputs from a malicious string.
182 CVE-2020-8641 22 Dir. Trav. File Inclusion 2020-02-05 2020-02-07
6.5
None Remote Low ??? Partial Partial Partial
Lotus Core CMS 1.0.1 allows authenticated Local File Inclusion of .php files via directory traversal in the index.php page_slug parameter.
183 CVE-2020-8636 306 Exec Code 2020-02-06 2020-02-12
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in OpServices OpMon 9.3.2 that allows Remote Code Execution .
184 CVE-2020-8633 281 2020-02-18 2020-02-25
5.0
None Remote Low Not required Partial None None
An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7. When grantors revoked a shared calendar in Outlook, the calendar stayed mounted and accessible.
185 CVE-2020-8632 521 2020-02-05 2022-01-01
2.1
None Local Low Not required Partial None None
In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords.
186 CVE-2020-8631 330 2020-02-05 2021-12-22
2.1
None Local Low Not required Partial None None
cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function.
187 CVE-2020-8615 352 CSRF 2020-02-04 2022-01-01
2.6
None Remote High Not required None Partial None
A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions (such as blocking legitimate instructors).
188 CVE-2020-8614 20 Exec Code 2020-02-13 2020-02-18
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Askey AP4000W TDC_V1.01.003 devices. An attacker can perform Remote Code Execution (RCE) by sending a specially crafted network packer to the bd_svr service listening on TCP port 54188.
189 CVE-2020-8612 79 Exec Code XSS 2020-02-14 2020-02-20
6.0
None Remote Medium ??? Partial Partial Partial
In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, a REST API endpoint failed to adequately sanitize malicious input, which could allow an authenticated attacker to execute arbitrary code in a victim's browser, aka XSS.
190 CVE-2020-8611 89 Sql 2020-02-14 2020-02-19
6.5
None Remote Low ??? Partial Partial Partial
In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, multiple SQL Injection vulnerabilities have been found in the REST API that could allow an authenticated attacker to gain unauthorized access to MOVEit Transfer's database via the REST API. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or destroy database elements.
191 CVE-2020-8608 120 Overflow 2020-02-06 2021-02-14
6.8
None Remote Medium Not required Partial Partial Partial
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
192 CVE-2020-8601 427 2020-02-20 2020-02-25
4.6
None Local Low Not required Partial Partial Partial
Trend Micro Vulnerability Protection 2.0 is affected by a vulnerability that could allow an attack to use the product installer to load other DLL files located in the same directory.
193 CVE-2020-8597 120 Overflow 2020-02-03 2020-08-11
7.5
None Remote Low Not required Partial Partial Partial
eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions.
194 CVE-2020-8596 89 Exec Code Sql 2020-02-11 2020-02-25
6.0
None Remote Medium ??? Partial Partial Partial
participants-database.php in the Participants Database plugin 1.9.5.5 and previous versions for WordPress has a time-based SQL injection vulnerability via the ascdesc, list_filter_count, or sortBy parameters. It is possible to exfiltrate data and potentially execute code (if certain conditions are met).
195 CVE-2020-8595 287 Bypass 2020-02-12 2020-02-20
7.5
None Remote Low Not required Partial Partial Partial
Istio versions 1.2.10 (End of Life) and prior, 1.3 through 1.3.7, and 1.4 through 1.4.3 allows authentication bypass. The Authentication Policy exact-path matching logic can allow unauthorized access to HTTP paths even if they are configured to be only accessed after presenting a valid JWT token. For example, an attacker can add a ? or # character to a URI that would otherwise satisfy an exact-path match.
196 CVE-2020-8594 79 XSS 2020-02-14 2020-02-18
3.5
None Remote Medium ??? None Partial None
The Ninja Forms plugin 3.4.22 for WordPress has Multiple Stored XSS vulnerabilities via ninja_forms[recaptcha_site_key], ninja_forms[recaptcha_secret_key], ninja_forms[recaptcha_lang], or ninja_forms[date_format].
197 CVE-2020-8592 89 Sql 2020-02-03 2020-02-05
7.5
None Remote Low Not required Partial Partial Partial
eG Manager 7.1.2 allows SQL Injection via the user parameter to com.eg.LoginHelperServlet (aka the Forgot Password feature).
198 CVE-2020-8591 287 Bypass 2020-02-03 2020-02-06
7.5
None Remote Low Not required Partial Partial Partial
eG Manager 7.1.2 allows authentication bypass via a com.egurkha.EgLoginServlet?uname=admin&upass=&accessKey=eGm0n1t0r request.
199 CVE-2020-8549 79 XSS 2020-02-03 2022-04-08
4.3
None Remote Medium Not required None Partial None
Stored XSS in the Strong Testimonials plugin before 2.40.1 for WordPress can result in an attacker performing malicious actions such as stealing session tokens.
200 CVE-2020-8548 79 Exec Code XSS 2020-02-03 2020-02-06
4.3
None Remote Medium Not required None Partial None
massCode 1.0.0-alpha.6 allows XSS via crafted Markdown text, with resultant remote code execution (because nodeIntegration in webPreferences is true).
Total number of vulnerabilities : 1395   Page : 1 2 3 4 (This Page)5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.