| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
201 |
CVE-2020-12642 |
611 |
|
|
2020-05-04 |
2020-05-07 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in service-api before 4.3.12 and 5.x before 5.1.1 for Report Portal. It allows XXE, with resultant secrets disclosure and SSRF, via JUnit XML launch import. |
|
202 |
CVE-2020-12641 |
78 |
|
Exec Code |
2020-05-04 |
2022-04-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via shell metacharacters in a configuration setting for im_convert_path or im_identify_path. |
|
203 |
CVE-2020-12640 |
22 |
|
Exec Code Dir. Trav. |
2020-05-04 |
2020-09-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php. |
|
204 |
CVE-2020-12639 |
79 |
|
XSS |
2020-05-04 |
2020-05-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
phpList before 3.5.3 allows XSS, with resultant privilege elevation, via lists/admin/template.php. |
|
205 |
CVE-2020-12637 |
295 |
|
|
2020-05-09 |
2020-05-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option. |
|
206 |
CVE-2020-12629 |
79 |
|
XSS |
2020-05-04 |
2020-05-06 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
include/class.sla.php in osTicket before 1.14.2 allows XSS via the SLA Name. |
|
207 |
CVE-2020-12627 |
287 |
|
Bypass |
2020-05-04 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' hardcoded secret key. |
|
208 |
CVE-2020-12626 |
352 |
|
CSRF |
2020-05-04 |
2020-07-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in Roundcube Webmail before 1.4.4. A CSRF attack can cause an authenticated user to be logged out because POST was not considered. |
|
209 |
CVE-2020-12625 |
79 |
|
XSS |
2020-05-04 |
2020-09-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting (XSS) vulnerability in rcube_washtml.php because JavaScript code can occur in the CDATA of an HTML message. |
|
210 |
CVE-2020-12624 |
200 |
|
+Info |
2020-05-03 |
2021-07-21 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The League application before 2020-05-02 on Android sends a bearer token in an HTTP Authorization header to an arbitrary web site that hosts an external image because an OkHttp object is reused, which allows remote attackers to hijack sessions. |
|
211 |
CVE-2020-12608 |
276 |
|
Exec Code |
2020-05-07 |
2020-05-15 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds MSP\SolarWinds.MSP.CacheService\config\. This can lead to code execution by changing the CacheService.xml SISServerURL parameter. |
|
212 |
CVE-2020-12493 |
|
|
|
2020-05-29 |
2021-11-04 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An open port used for debugging in SWARCOs CPU LS4000 Series with versions starting with G4... grants root access to the device without access control via network. A malicious user could use this vulnerability to get access to the device and disturb operations with connected devices. |
|
213 |
CVE-2020-12475 |
22 |
|
Dir. Trav. |
2020-05-04 |
2020-05-08 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tp_link.eap.web.portal.PortalController.getAdvertiseFile in /opt/tplink/EAPController/lib/eap-web-3.2.6.jar. |
|
214 |
CVE-2020-12474 |
20 |
|
|
2020-05-01 |
2021-07-21 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Telegram Desktop through 2.0.1, Telegram through 6.0.1 for Android, and Telegram through 6.0.1 for iOS allow an IDN Homograph attack via Punycode in a public URL or a group chat invitation URL. |
|
215 |
CVE-2020-12463 |
269 |
|
|
2020-05-05 |
2021-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An elevation of privilege vulnerability exists in Avira Software Updater before 2.0.6.27476 due to improperly handling file hard links. This allows local users to obtain take control of arbitrary files. |
|
216 |
CVE-2020-12448 |
22 |
|
Dir. Trav. |
2020-05-07 |
2020-05-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
GitLab EE 12.8 and later allows Exposure of Sensitive Information to an Unauthorized Actor via NuGet. |
|
217 |
CVE-2020-12439 |
404 |
|
|
2020-05-05 |
2020-05-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Grin before 3.1.0 allows attackers to adversely affect availability of data on a Mimblewimble blockchain. |
|
218 |
CVE-2020-12431 |
427 |
|
|
2020-05-21 |
2021-07-21 |
6.3 |
None |
Local |
Medium |
Not required |
None |
Complete |
Complete |
|
A Windows privilege change issue was discovered in Splashtop Software Updater before 1.5.6.16. Insecure permissions on the configuration file and named pipe allow for local privilege escalation to NT AUTHORITY/SYSTEM, by forcing a permission change to any Splashtop files and directories, with resultant DLL hijacking. This product is bundled with Splashtop Streamer (before 3.3.8.0) and Splashtop Business (before 3.3.8.0). |
|
219 |
CVE-2020-12427 |
352 |
|
CSRF |
2020-05-13 |
2021-09-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting disk space. |
|
220 |
CVE-2020-12397 |
346 |
|
|
2020-05-22 |
2020-06-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird < 68.8.0. |
|
221 |
CVE-2020-12396 |
787 |
|
Mem. Corr. |
2020-05-26 |
2022-04-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 76. |
|
222 |
CVE-2020-12395 |
787 |
|
Mem. Corr. |
2020-05-26 |
2022-04-26 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. |
|
223 |
CVE-2020-12394 |
|
|
|
2020-05-26 |
2022-04-26 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulnerability affects Firefox < 76. |
|
224 |
CVE-2020-12393 |
74 |
|
Exec Code |
2020-05-26 |
2021-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. |
|
225 |
CVE-2020-12392 |
22 |
|
Dir. Trav. |
2020-05-26 |
2022-04-26 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. |
|
226 |
CVE-2020-12391 |
20 |
|
|
2020-05-26 |
2020-05-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Documents formed using data: URLs in an OBJECT element failed to inherit the CSP of the creating context. This allowed the execution of scripts that should have been blocked, albeit with a unique opaque origin. This vulnerability affects Firefox < 76. |
|
227 |
CVE-2020-12390 |
502 |
|
|
2020-05-26 |
2020-05-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76. |
|
228 |
CVE-2020-12389 |
20 |
|
|
2020-05-26 |
2020-05-27 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76. |
|
229 |
CVE-2020-12388 |
20 |
|
|
2020-05-26 |
2020-05-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76. |
|
230 |
CVE-2020-12387 |
362 |
|
|
2020-05-26 |
2021-12-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A race condition when running shutdown code for Web Worker led to a use-after-free vulnerability. This resulted in a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. |
|
231 |
CVE-2020-12259 |
79 |
|
XSS |
2020-05-18 |
2020-05-18 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
rConfig 3.9.4 is vulnerable to reflected XSS. The configDevice.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the rid GET parameter of devicemgmnt.php. |
|
232 |
CVE-2020-12258 |
384 |
|
|
2020-05-18 |
2020-05-19 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
rConfig 3.9.4 is vulnerable to session fixation because session expiry and randomization are mishandled. The application can reuse a session via PHPSESSID. Also, an attacker can exploit this vulnerability in conjunction with CVE-2020-12256 or CVE-2020-12259. |
|
233 |
CVE-2020-12257 |
352 |
|
CSRF |
2020-05-18 |
2020-05-18 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
rConfig 3.9.4 is vulnerable to cross-site request forgery (CSRF) because it lacks implementation of CSRF protection such as a CSRF token. An attacker can leverage this vulnerability by creating a form (add a user, delete a user, or edit a user). |
|
234 |
CVE-2020-12256 |
79 |
|
XSS |
2020-05-18 |
2020-05-18 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
rConfig 3.9.4 is vulnerable to reflected XSS. The devicemgmnt.php file improperly validates user input. An attacker can exploit this by crafting arbitrary JavaScript in the deviceId GET parameter to devicemgmnt.php. |
|
235 |
CVE-2020-12255 |
434 |
|
Exec Code |
2020-05-18 |
2020-05-19 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
rConfig 3.9.4 is vulnerable to remote code execution due to improper validation in the file upload functionality. vendor.crud.php accepts a file upload by checking content-type without considering the file extension and header. Thus, an attacker can exploit this by uploading a .php file to vendor.php that contains arbitrary PHP code and changing the content-type to image/gif. |
|
236 |
CVE-2020-12244 |
347 |
|
Bypass |
2020-05-19 |
2022-04-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue has been found in PowerDNS Recursor 4.1.0 through 4.3.0 where records in the answer section of a NXDOMAIN response lacking an SOA were not properly validated in SyncRes::processAnswer, allowing an attacker to bypass DNSSEC validation. |
|
237 |
CVE-2020-12144 |
295 |
|
|
2020-05-05 |
2020-05-12 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated. This makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted portal. |
|
238 |
CVE-2020-12143 |
295 |
|
|
2020-05-05 |
2020-05-12 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
The certificate used to identify Orchestrator to EdgeConnect devices is not validated, which makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted Orchestrator. |
|
239 |
CVE-2020-12142 |
668 |
|
|
2020-05-05 |
2020-05-12 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative access and shell access to the EdgeConnect appliance. An admin user can access IPSec seed and nonce parameters using the CLI, REST APIs, and the Linux shell. |
|
240 |
CVE-2020-12117 |
306 |
|
|
2020-05-01 |
2022-04-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Moxa Service in Moxa NPort 5150A firmware version 1.5 and earlier allows attackers to obtain sensitive configuration values via a crafted packet to UDP port 4800. NOTE: Moxa Service is an unauthenticated service that runs upon a first-time installation but can be disabled without ill effect. |
|
241 |
CVE-2020-12116 |
200 |
|
+Info |
2020-05-07 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a crafted request. |
|
242 |
CVE-2020-12111 |
78 |
|
|
2020-05-04 |
2020-05-12 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Certain TP-Link devices allow Command Injection. This affects NC260 1.5.2 build 200304 and NC450 1.5.3 build 200304. |
|
243 |
CVE-2020-12110 |
798 |
|
|
2020-05-04 |
2020-05-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Certain TP-Link devices have a Hardcoded Encryption Key. This affects NC200 2.1.9 build 200225, N210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304. |
|
244 |
CVE-2020-12109 |
78 |
|
|
2020-05-04 |
2020-09-18 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0.9 build 200304, NC220 1.3.0 build 200304, NC230 1.3.0 build 200304, NC250 1.3.0 build 200304, NC260 1.5.2 build 200304, and NC450 1.5.3 build 200304. |
|
245 |
CVE-2020-12108 |
74 |
|
|
2020-05-06 |
2021-12-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
/options/mailman in GNU Mailman before 2.1.31 allows Arbitrary Content Injection. |
|
246 |
CVE-2020-12104 |
89 |
|
Exec Code Sql |
2020-05-05 |
2020-05-07 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
The Import feature in the wp-advanced-search plugin 3.3.6 for WordPress is vulnerable to authenticated SQL injection via an uploaded .sql file. An attacker can use this to execute SQL commands without any validation. |
|
247 |
CVE-2020-12068 |
269 |
|
|
2020-05-14 |
2021-07-21 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in CODESYS Development System before 3.5.16.0. CODESYS WebVisu and CODESYS Remote TargetVisu are susceptible to privilege escalation. |
|
248 |
CVE-2020-12046 |
347 |
|
|
2020-05-14 |
2020-05-18 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Opto 22 SoftPAC Project Version 9.6 and prior. SoftPAC’s firmware files’ signatures are not verified upon firmware update. This allows an attacker to replace legitimate firmware files with malicious files. |
|
249 |
CVE-2020-12042 |
347 |
|
+Priv |
2020-05-14 |
2020-05-18 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
Opto 22 SoftPAC Project Version 9.6 and prior. Paths specified within the zip files used to update the SoftPAC firmware are not sanitized. As a result, an attacker with user privileges can gain arbitrary file write access with system access. |
|
250 |
CVE-2020-12038 |
787 |
|
Mem. Corr. |
2020-05-19 |
2021-09-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer software: Version 32 and prior) is vulnerable. A memory corruption vulnerability exists in the algorithm that matches square brackets in the EDS subsystem. This may allow an attacker to craft specialized EDS files to crash the EDSParser COM object, leading to denial-of-service conditions. |
