| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
151 |
CVE-2020-12746 |
787 |
|
Exec Code Overflow Bypass |
2020-05-11 |
2020-05-12 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), and Q(10.0) (Exynos chipsets) software. Attackers can bypass the Secure Bootloader protection mechanism via a heap-based buffer overflow to execute arbitrary code. The Samsung ID is SVE-2020-16712 (May 2020). |
|
152 |
CVE-2020-12745 |
863 |
|
Bypass |
2020-05-11 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can bypass the locked-state protection mechanism and access clipboard content via USSD. The Samsung ID is SVE-2019-16556 (May 2020). |
|
153 |
CVE-2020-12743 |
552 |
|
File Inclusion |
2020-05-11 |
2020-05-15 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Gazie 7.32. A successful installation does not remove or block (or in any other way prevent use of) its own file /setup/install/setup.php, meaning that anyone can request it without authentication. This file allows arbitrary PHP file inclusion via a hidden_req POST parameter. |
|
154 |
CVE-2020-12742 |
20 |
|
|
2020-05-13 |
2020-05-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The iubenda-cookie-law-solution plugin before 2.3.5 for WordPress does not restrict URL sanitization to http protocols. |
|
155 |
CVE-2020-12740 |
125 |
|
|
2020-05-08 |
2022-04-08 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c. |
|
156 |
CVE-2020-12737 |
22 |
|
Dir. Trav. |
2020-05-08 |
2020-05-13 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authenticated users can perform a path traversal using double escaped characters, enabling read access to arbitrary files on the server. |
|
157 |
CVE-2020-12735 |
331 |
|
|
2020-05-08 |
2020-05-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover. |
|
158 |
CVE-2020-12720 |
89 |
|
Sql |
2020-05-08 |
2022-04-27 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control. |
|
159 |
CVE-2020-12719 |
611 |
|
|
2020-05-08 |
2020-05-14 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
XXE during an EventPublisher update can occur in Management Console in WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integrator 6.4.0 and earlier, IS as Key Manager 5.9.0 and earlier, Identity Server 5.9.0 and earlier, and Identity Server Analytics 5.6.0 and earlier. |
|
160 |
CVE-2020-12718 |
79 |
|
XSS Bypass |
2020-05-08 |
2020-05-14 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
In administration/comments.php in PHP-Fusion 9.03.50, an authenticated attacker can take advantage of a stored XSS vulnerability in the Preview Comment feature. The protection mechanism can be bypassed by using HTML event handlers such as ontoggle. |
|
161 |
CVE-2020-12717 |
20 |
|
|
2020-05-14 |
2021-07-21 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
None |
Partial |
|
The COVIDSafe (Australia) app 1.0 and 1.1 for iOS allows a remote attacker to crash the app, and consequently interfere with COVID-19 contact tracing, via a Bluetooth advertisement containing manufacturer data that is too short. This occurs because of an erroneous OpenTrace manuData.subdata call. The ABTraceTogether (Alberta), ProteGO (Poland), and TraceTogether (Singapore) apps were also affected. |
|
162 |
CVE-2020-12708 |
79 |
|
XSS |
2020-05-07 |
2020-05-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the cat_id parameter to downloads/downloads.php or article.php. NOTE: this might overlap CVE-2012-6043. |
|
163 |
CVE-2020-12707 |
79 |
|
XSS |
2020-05-07 |
2020-05-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4.5.0. This can be exploited because the only security measure used against XSS is the stripping of SCRIPT elements. A malicious actor can use HTML event handlers to run JavaScript instead of using SCRIPT elements. |
|
164 |
CVE-2020-12706 |
79 |
|
XSS |
2020-05-07 |
2020-05-12 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the go parameter to faq/faq_admin.php or shoutbox_panel/shoutbox_admin.php |
|
165 |
CVE-2020-12705 |
79 |
|
XSS |
2020-05-07 |
2020-05-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities exist in LeptonCMS before 4.6.0. |
|
166 |
CVE-2020-12704 |
79 |
|
XSS |
2020-05-07 |
2020-05-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
UliCMS before 2020.2 has PageController stored XSS. |
|
167 |
CVE-2020-12703 |
79 |
|
XSS |
2020-05-07 |
2020-05-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
UliCMS before 2020.2 has XSS during PackageController uninstall. |
|
168 |
CVE-2020-12700 |
200 |
|
+Info |
2020-05-13 |
2021-07-21 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
The direct_mail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query. |
|
169 |
CVE-2020-12699 |
601 |
|
|
2020-05-13 |
2020-05-14 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
The direct_mail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl. |
|
170 |
CVE-2020-12698 |
200 |
|
+Info |
2020-05-13 |
2021-07-21 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
The direct_mail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables. |
|
171 |
CVE-2020-12697 |
770 |
|
DoS |
2020-05-13 |
2020-05-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The direct_mail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries. |
|
172 |
CVE-2020-12696 |
79 |
|
XSS |
2020-05-07 |
2020-05-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The iframe plugin before 4.5 for WordPress does not sanitize a URL. |
|
173 |
CVE-2020-12693 |
|
|
Bypass |
2020-05-21 |
2022-04-04 |
5.1 |
None |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user. |
|
174 |
CVE-2020-12692 |
347 |
|
|
2020-05-07 |
2022-04-27 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
|
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times. |
|
175 |
CVE-2020-12691 |
863 |
|
|
2020-05-07 |
2022-04-26 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges. |
|
176 |
CVE-2020-12690 |
613 |
|
|
2020-05-07 |
2021-07-13 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access. |
|
177 |
CVE-2020-12689 |
269 |
|
|
2020-05-07 |
2020-09-02 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges. |
|
178 |
CVE-2020-12687 |
668 |
|
|
2020-05-07 |
2020-05-12 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in Serpico before 1.3.3. The /admin/attacments_backup endpoint can be requested by non-admin authenticated users. This means that an attacker with a user account can retrieve all of the attachments of all users (including administrators) from the database. |
|
179 |
CVE-2020-12685 |
79 |
|
XSS |
2020-05-15 |
2020-05-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
XSS in the admin help system admin/help.html and admin/quicklinks.html in Interchange 4.7.0 through 5.11.x allows remote attackers to steal credentials or data via browser JavaScript. |
|
180 |
CVE-2020-12683 |
79 |
|
XSS |
2020-05-07 |
2020-05-11 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Katyshop2 before 2.12 has multiple stored XSS issues. |
|
181 |
CVE-2020-12680 |
522 |
|
|
2020-05-08 |
2021-07-21 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
** DISPUTED ** Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials. The functions of the executable file Avira.PWM.NativeMessaging.exe are aimed at collecting credentials stored in Chrome, Firefox, Opera, and Edge. The executable does not verify the calling program and thus a request such as fetchChromePasswords or fetchCredentials will succeed. NOTE: some third parties have stated that this is "not a vulnerability." |
|
182 |
CVE-2020-12679 |
79 |
|
XSS |
2020-05-07 |
2020-05-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A reflected cross-site scripting (XSS) vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScript and HTML via the PATH_INFO to home.php. |
|
183 |
CVE-2020-12677 |
79 |
|
Exec Code XSS |
2020-05-14 |
2020-05-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in Progress MOVEit Automation Web Admin. A Web Admin application endpoint failed to adequately sanitize malicious input, which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS. This affects 2018 - 2018.0 prior to 2018.0.3, 2018 SP1 - 2018.2 prior to 2018.2.3, 2018 SP2 - 2018.3 prior to 2018.3.7, 2019 - 2019.0 prior to 2019.0.3, 2019.1 - 2019.1 prior to 2019.1.2, and 2019.2 - 2019.2 prior to 2019.2.2. |
|
184 |
CVE-2020-12675 |
434 |
|
Exec Code |
2020-05-29 |
2020-05-29 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for CVE-2020-12077. |
|
185 |
CVE-2020-12672 |
787 |
|
Overflow |
2020-05-06 |
2020-06-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c. |
|
186 |
CVE-2020-12669 |
863 |
|
Bypass |
2020-05-06 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
core/get_menudiv.php in Dolibarr before 11.0.4 allows remote authenticated attackers to bypass intended access restrictions via a non-alphanumeric menu parameter. |
|
187 |
CVE-2020-12667 |
400 |
|
|
2020-05-19 |
2020-05-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records. |
|
188 |
CVE-2020-12666 |
601 |
|
|
2020-05-05 |
2021-01-01 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL. |
|
189 |
CVE-2020-12663 |
835 |
|
|
2020-05-19 |
2021-02-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers. |
|
190 |
CVE-2020-12662 |
674 |
|
|
2020-05-19 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records. |
|
191 |
CVE-2020-12659 |
787 |
|
|
2020-05-05 |
2020-06-17 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation. |
|
192 |
CVE-2020-12657 |
416 |
|
|
2020-05-05 |
2020-06-13 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body. |
|
193 |
CVE-2020-12656 |
401 |
|
|
2020-05-05 |
2022-04-29 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
** DISPUTED ** gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not already available. It is a problem that on unloading a specific kernel module some memory is leaked, but loading kernel modules is a privileged operation. A user could also write a kernel module to consume any amount of memory they like and load that replicating the effect of this bug. |
|
194 |
CVE-2020-12655 |
400 |
|
|
2020-05-05 |
2020-11-02 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767. |
|
195 |
CVE-2020-12654 |
787 |
|
Overflow |
2020-05-05 |
2020-06-16 |
4.3 |
None |
Local Network |
High |
Not required |
Partial |
Partial |
Partial |
|
An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591. |
|
196 |
CVE-2020-12653 |
787 |
|
DoS Overflow +Priv |
2020-05-05 |
2022-04-26 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea. |
|
197 |
CVE-2020-12652 |
362 |
|
|
2020-05-05 |
2020-06-13 |
4.7 |
None |
Local |
Medium |
Not required |
None |
None |
Complete |
|
The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states "The security impact of this bug is not as bad as it could have been because these operations are all privileged and root already has enormous destructive power." |
|
198 |
CVE-2020-12651 |
190 |
|
Exec Code Overflow |
2020-05-15 |
2021-09-08 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
SecureCRT before 8.7.2 allows remote attackers to execute arbitrary code via an Integer Overflow and a Buffer Overflow because a banner can trigger a line number to CSI functions that exceeds INT_MAX. |
|
199 |
CVE-2020-12649 |
22 |
|
Dir. Trav. |
2020-05-05 |
2020-05-07 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Gurbalib through 2020-04-30 allows lib/cmds/player/help.c directory traversal for reading administrative paths. |
|
200 |
CVE-2020-12647 |
|
|
|
2020-05-21 |
2020-06-01 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unisys ALGOL Compiler 58.1 before 58.1a.15, 59.1 before 59.1a.9, and 60.0 before 60.0a.5 can emit invalid code sequences under rare circumstances related to syntax. The resulting code could, for example, trigger a system fault or adversely affect confidentiality, integrity, and availability. |
