CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In May 2020 (CVSS score >= 3)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
151 CVE-2020-12708 79 XSS 2020-05-07 2020-05-12
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the cat_id parameter to downloads/downloads.php or article.php. NOTE: this might overlap CVE-2012-6043.
152 CVE-2020-12707 79 XSS 2020-05-07 2020-05-08
4.3
None Remote Medium Not required None Partial None
An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4.5.0. This can be exploited because the only security measure used against XSS is the stripping of SCRIPT elements. A malicious actor can use HTML event handlers to run JavaScript instead of using SCRIPT elements.
153 CVE-2020-12706 79 XSS 2020-05-07 2020-05-12
3.5
None Remote Medium ??? None Partial None
Multiple Cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the go parameter to faq/faq_admin.php or shoutbox_panel/shoutbox_admin.php
154 CVE-2020-12705 79 XSS 2020-05-07 2020-05-08
4.3
None Remote Medium Not required None Partial None
Multiple cross-site scripting (XSS) vulnerabilities exist in LeptonCMS before 4.6.0.
155 CVE-2020-12704 79 XSS 2020-05-07 2020-05-08
4.3
None Remote Medium Not required None Partial None
UliCMS before 2020.2 has PageController stored XSS.
156 CVE-2020-12703 79 XSS 2020-05-07 2020-05-08
4.3
None Remote Medium Not required None Partial None
UliCMS before 2020.2 has XSS during PackageController uninstall.
157 CVE-2020-12700 200 +Info 2020-05-13 2021-07-21
4.0
None Remote Low ??? Partial None None
The direct_mail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query.
158 CVE-2020-12699 601 2020-05-13 2020-05-14
5.8
None Remote Medium Not required Partial Partial None
The direct_mail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl.
159 CVE-2020-12698 200 +Info 2020-05-13 2021-07-21
4.0
None Remote Low ??? Partial None None
The direct_mail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables.
160 CVE-2020-12697 770 DoS 2020-05-13 2020-05-14
5.0
None Remote Low Not required None None Partial
The direct_mail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries.
161 CVE-2020-12696 79 XSS 2020-05-07 2020-05-11
4.3
None Remote Medium Not required None Partial None
The iframe plugin before 4.5 for WordPress does not sanitize a URL.
162 CVE-2020-12693 Bypass 2020-05-21 2022-04-04
5.1
None Remote High Not required Partial Partial Partial
Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows a user to launch a process as an arbitrary user.
163 CVE-2020-12692 347 2020-05-07 2022-04-27
5.5
None Remote Low ??? Partial Partial None
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The EC2 API doesn't have a signature TTL check for AWS Signature V4. An attacker can sniff the Authorization header, and then use it to reissue an OpenStack token an unlimited number of times.
164 CVE-2020-12691 863 2020-05-07 2022-04-26
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any authenticated user can create an EC2 credential for themselves for a project that they have a specified role on, and then perform an update to the credential user and project, allowing them to masquerade as another user. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
165 CVE-2020-12690 613 2020-05-07 2021-07-13
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. The list of roles provided for an OAuth1 access token is silently ignored. Thus, when an access token is used to request a keystone token, the keystone token contains every role assignment the creator had for the project. This results in the provided keystone token having more role assignments than the creator intended, possibly giving unintended escalated access.
166 CVE-2020-12689 269 2020-05-07 2020-09-02
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in OpenStack Keystone before 15.0.1, and 16.0.0. Any user authenticated within a limited scope (trust/oauth/application credential) can create an EC2 credential with an escalated permission, such as obtaining admin while the user is on a limited viewer role. This potentially allows a malicious user to act as the admin on a project another user has the admin role on, which can effectively grant that user global admin privileges.
167 CVE-2020-12687 668 2020-05-07 2020-05-12
4.0
None Remote Low ??? Partial None None
An issue was discovered in Serpico before 1.3.3. The /admin/attacments_backup endpoint can be requested by non-admin authenticated users. This means that an attacker with a user account can retrieve all of the attachments of all users (including administrators) from the database.
168 CVE-2020-12685 79 XSS 2020-05-15 2020-05-18
4.3
None Remote Medium Not required None Partial None
XSS in the admin help system admin/help.html and admin/quicklinks.html in Interchange 4.7.0 through 5.11.x allows remote attackers to steal credentials or data via browser JavaScript.
169 CVE-2020-12683 79 XSS 2020-05-07 2020-05-11
3.5
None Remote Medium ??? None Partial None
Katyshop2 before 2.12 has multiple stored XSS issues.
170 CVE-2020-12679 79 XSS 2020-05-07 2020-05-12
4.3
None Remote Medium Not required None Partial None
A reflected cross-site scripting (XSS) vulnerability in the Mitel ShoreTel Conference Web Application 19.50.1000.0 before MiVoice Connect 18.7 SP2 allows remote attackers to inject arbitrary JavaScript and HTML via the PATH_INFO to home.php.
171 CVE-2020-12677 79 Exec Code XSS 2020-05-14 2020-05-19
4.3
None Remote Medium Not required None Partial None
An issue was discovered in Progress MOVEit Automation Web Admin. A Web Admin application endpoint failed to adequately sanitize malicious input, which could allow an unauthenticated attacker to execute arbitrary code in a victim's browser, aka XSS. This affects 2018 - 2018.0 prior to 2018.0.3, 2018 SP1 - 2018.2 prior to 2018.2.3, 2018 SP2 - 2018.3 prior to 2018.3.7, 2019 - 2019.0 prior to 2019.0.3, 2019.1 - 2019.1 prior to 2019.1.2, and 2019.2 - 2019.2 prior to 2019.2.2.
172 CVE-2020-12675 434 Exec Code 2020-05-29 2020-05-29
6.5
None Remote Low ??? Partial Partial Partial
The mappress-google-maps-for-wordpress plugin before 2.54.6 for WordPress does not correctly implement capability checks for AJAX functions related to creation/retrieval/deletion of PHP template files, leading to Remote Code Execution. NOTE: this issue exists because of an incomplete fix for CVE-2020-12077.
173 CVE-2020-12672 787 Overflow 2020-05-06 2020-06-10
5.0
None Remote Low Not required None None Partial
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
174 CVE-2020-12669 863 Bypass 2020-05-06 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
core/get_menudiv.php in Dolibarr before 11.0.4 allows remote authenticated attackers to bypass intended access restrictions via a non-alphanumeric menu parameter.
175 CVE-2020-12667 400 2020-05-19 2020-05-28
5.0
None Remote Low Not required None None Partial
Knot Resolver before 5.1.1 allows traffic amplification via a crafted DNS answer from an attacker-controlled server, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
176 CVE-2020-12666 601 2020-05-05 2021-01-01
5.8
None Remote Medium Not required Partial Partial None
macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL.
177 CVE-2020-12663 835 2020-05-19 2021-02-17
5.0
None Remote Low Not required None None Partial
Unbound before 1.10.1 has an infinite loop via malformed DNS answers received from upstream servers.
178 CVE-2020-12662 674 2020-05-19 2021-07-21
5.0
None Remote Low Not required None None Partial
Unbound before 1.10.1 has Insufficient Control of Network Message Volume, aka an "NXNSAttack" issue. This is triggered by random subdomains in the NSDNAME in NS records.
179 CVE-2020-12659 787 2020-05-05 2020-06-17
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.
180 CVE-2020-12657 416 2020-05-05 2020-06-13
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body.
181 CVE-2020-12654 787 Overflow 2020-05-05 2020-06-16
4.3
None Local Network High Not required Partial Partial Partial
An issue was found in Linux kernel before 5.5.4. mwifiex_ret_wmm_get_status() in drivers/net/wireless/marvell/mwifiex/wmm.c allows a remote AP to trigger a heap-based buffer overflow because of an incorrect memcpy, aka CID-3a9b153c5591.
182 CVE-2020-12653 787 DoS Overflow +Priv 2020-05-05 2022-04-26
4.6
None Local Low Not required Partial Partial Partial
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea.
183 CVE-2020-12652 362 2020-05-05 2020-06-13
4.7
None Local Medium Not required None None Complete
The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, i.e., a "double fetch" vulnerability, aka CID-28d76df18f0a. NOTE: the vendor states "The security impact of this bug is not as bad as it could have been because these operations are all privileged and root already has enormous destructive power."
184 CVE-2020-12651 190 Exec Code Overflow 2020-05-15 2021-09-08
10.0
None Remote Low Not required Complete Complete Complete
SecureCRT before 8.7.2 allows remote attackers to execute arbitrary code via an Integer Overflow and a Buffer Overflow because a banner can trigger a line number to CSI functions that exceeds INT_MAX.
185 CVE-2020-12649 22 Dir. Trav. 2020-05-05 2020-05-07
5.0
None Remote Low Not required Partial None None
Gurbalib through 2020-04-30 allows lib/cmds/player/help.c directory traversal for reading administrative paths.
186 CVE-2020-12647 2020-05-21 2020-06-01
7.2
None Local Low Not required Complete Complete Complete
Unisys ALGOL Compiler 58.1 before 58.1a.15, 59.1 before 59.1a.9, and 60.0 before 60.0a.5 can emit invalid code sequences under rare circumstances related to syntax. The resulting code could, for example, trigger a system fault or adversely affect confidentiality, integrity, and availability.
187 CVE-2020-12642 611 2020-05-04 2020-05-07
5.0
None Remote Low Not required Partial None None
An issue was discovered in service-api before 4.3.12 and 5.x before 5.1.1 for Report Portal. It allows XXE, with resultant secrets disclosure and SSRF, via JUnit XML launch import.
188 CVE-2020-12641 78 Exec Code 2020-05-04 2022-04-29
7.5
None Remote Low Not required Partial Partial Partial
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path.
189 CVE-2020-12640 22 Exec Code Dir. Trav. 2020-05-04 2020-09-24
7.5
None Remote Low Not required Partial Partial Partial
Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php.
190 CVE-2020-12639 79 XSS 2020-05-04 2020-05-07
4.3
None Remote Medium Not required None Partial None
phpList before 3.5.3 allows XSS, with resultant privilege elevation, via lists/admin/template.php.
191 CVE-2020-12637 295 2020-05-09 2020-05-13
7.5
None Remote Low Not required Partial Partial Partial
Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option.
192 CVE-2020-12629 79 XSS 2020-05-04 2020-05-06
3.5
None Remote Medium ??? None Partial None
include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name.
193 CVE-2020-12627 287 Bypass 2020-05-04 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' hardcoded secret key.
194 CVE-2020-12626 352 CSRF 2020-05-04 2020-07-27
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Roundcube Webmail before 1.4.4. A CSRF attack can cause an authenticated user to be logged out because POST was not considered.
195 CVE-2020-12625 79 XSS 2020-05-04 2020-09-24
4.3
None Remote Medium Not required None Partial None
An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting (XSS) vulnerability in rcube_washtml.php because JavaScript code can occur in the CDATA of an HTML message.
196 CVE-2020-12624 200 +Info 2020-05-03 2021-07-21
4.3
None Remote Medium Not required Partial None None
The League application before 2020-05-02 on Android sends a bearer token in an HTTP Authorization header to an arbitrary web site that hosts an external image because an OkHttp object is reused, which allows remote attackers to hijack sessions.
197 CVE-2020-12608 276 Exec Code 2020-05-07 2020-05-15
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config\. This can lead to code execution by changing the CacheService.xml SISServerURL parameter.
198 CVE-2020-12493 2020-05-29 2021-11-04
10.0
None Remote Low Not required Complete Complete Complete
An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device without access control via network. A malicious user could use this vulnerability to get access to the device and disturb operations with connected devices.
199 CVE-2020-12474 20 2020-05-01 2021-07-21
4.3
None Remote Medium Not required Partial None None
Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph attack via Punycode in a public URL or a group chat invitation URL.
200 CVE-2020-12463 269 2020-05-05 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
An elevation of privilege vulnerability exists in Avira Software Updater before 2.0.6.27476 due to improperly handling file hard links. This allows local users to obtain take control of arbitrary files.
Total number of vulnerabilities : 941   Page : 1 2 3 4 (This Page)5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.