CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In April 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
251 CVE-2020-11619 502 2020-04-07 2021-02-22
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop).
252 CVE-2020-11612 770 2020-04-07 2022-04-26
5.0
None Remote Low Not required None None Partial
The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder.
253 CVE-2020-11611 601 2020-04-07 2020-04-09
5.8
None Remote Medium Not required Partial Partial None
An issue was discovered in xdLocalStorage through 2.0.5. The buildMessage() function in xdLocalStorage.js specifies the wildcard (*) as the targetOrigin when calling the postMessage() function on the iframe object. Therefore any domain that is currently loaded within the iframe can receive the messages that the client sends.
254 CVE-2020-11610 20 2020-04-07 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in xdLocalStorage through 2.0.5. The postData() function in xdLocalStoragePostMessageApi.js specifies the wildcard (*) as the targetOrigin when calling the postMessage() function on the parent object. Therefore any domain can load the application hosting the "magical iframe" and receive the messages that the "magical iframe" sends.
255 CVE-2020-11609 476 2020-04-07 2020-06-13
4.9
None Local Low Not required None None Complete
An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer dereference, aka CID-485b06aadb93.
256 CVE-2020-11608 476 2020-04-07 2020-06-13
4.9
None Local Low Not required None None Complete
An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.
257 CVE-2020-11607 200 +Info 2020-04-08 2020-04-10
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Notification exposure occurs in Lockdown mode because of the Edge Lighting application. The Samsung ID is SVE-2020-16680 (April 2020).
258 CVE-2020-11606 200 +Info 2020-04-08 2021-07-21
2.1
None Local Low Not required Partial None None
An issue was discovered on Samsung mobile devices with Q(10.0) software. Information about application preview (in the Secure Folder) leaks on a locked device. The Samsung ID is SVE-2019-16463 (April 2020).
259 CVE-2020-11605 200 +Info 2020-04-08 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. There is sensitive information exposure from dumpstate in NFC logs. The Samsung ID is SVE-2019-16359 (April 2020).
260 CVE-2020-11604 125 2020-04-08 2020-04-10
6.4
None Remote Low Not required Partial None Partial
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (incorporating TEEGRIS) software. There is an Out-of-bounds read in the MLDAP Trustlet. The Samsung ID is SVE-2019-16565 (April 2020).
261 CVE-2020-11603 843 Exec Code 2020-04-08 2020-04-09
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (incorporating TEEGRIS) software. Type confusion in the MLDAP Trustlet allows arbitrary code execution. The Samsung ID is SVE-2020-16599 (April 2020).
262 CVE-2020-11602 200 +Info 2020-04-08 2021-07-21
2.1
None Local Low Not required Partial None None
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Google Assistant leaks clipboard contents on a locked device. The Samsung ID is SVE-2019-16558 (April 2020).
263 CVE-2020-11601 862 2020-04-08 2021-07-21
2.1
None Local Low Not required Partial None None
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. There is unauthorized access to applications in the Secure Folder via floating icons. The Samsung ID is SVE-2019-16195 (April 2020).
264 CVE-2020-11600 787 Exec Code 2020-04-08 2020-04-09
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Samsung mobile devices with Q(10.0) software. There is arbitrary code execution in the Fingerprint Trustlet via a memory overwrite. The Samsung IDs are SVE-2019-16587, SVE-2019-16588, SVE-2019-16589 (April 2020).
265 CVE-2020-11599 200 +Info 2020-04-06 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered in CIPPlanner CIPAce 6.80 Build 2016031401. GetDistributedPOP3 allows attackers to obtain the username and password of the SMTP user.
266 CVE-2020-11598 287 Exec Code 2020-04-06 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. Upload.ashx allows remote attackers to execute arbitrary code by uploading and executing an ASHX file.
267 CVE-2020-11597 89 Sql 2020-04-06 2020-04-07
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request and inject SQL statements in the user context of the db owner.
268 CVE-2020-11596 22 Dir. Trav. +Info 2020-04-06 2020-04-07
5.0
None Remote Low Not required Partial None None
A Directory Traversal issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make HTTP GET requests to a certain URL and obtain information about what files and directories reside on the server.
269 CVE-2020-11595 200 +Info 2020-04-06 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and obtain the upload folder path that includes the hostname in a UNC path.
270 CVE-2020-11594 200 +Info 2020-04-06 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request that causes a stack error to be shown providing the full file path.
271 CVE-2020-11593 74 2020-04-06 2020-04-07
5.0
None Remote Low Not required None Partial None
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP POST request with injected HTML data that is later leveraged to send emails from a customer trusted email address.
272 CVE-2020-11592 200 +Info 2020-04-06 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and get the columns of a specific table within the CIP database.
273 CVE-2020-11591 200 +Info 2020-04-06 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and obtain the full application path along with the customer name.
274 CVE-2020-11590 200 +Info 2020-04-06 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP GET request to HealthPage.aspx and obtain the internal server name.
275 CVE-2020-11589 200 +Info 2020-04-06 2021-07-21
5.0
None Remote Low Not required Partial None None
An Insecure Direct Object Reference issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make a GET request to a certain URL and obtain information that should be provided to authenticated users only.
276 CVE-2020-11588 200 +Info 2020-04-06 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP GET request to two files that contain customer data and application paths.
277 CVE-2020-11587 200 +Info 2020-04-06 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request and get the content of ETL Processes running on the server.
278 CVE-2020-11586 611 2020-04-06 2020-04-07
7.5
None Remote Low Not required Partial Partial Partial
An XXE issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an API request that contains malicious XML DTD data.
279 CVE-2020-11585 200 +Info 2020-04-06 2021-07-21
4.0
None Remote Low ??? Partial None None
There is an information disclosure issue in DNN (formerly DotNetNuke) 9.5 within the built-in Activity-Feed/Messaging/Userid/ Message Center module. A registered user is able to enumerate any file in the Admin File Manager (other than ones contained in a secure folder) by sending themselves a message with the file attached, e.g., by using an arbitrary small integer value in the fileIds parameter.
280 CVE-2020-11582 668 Exec Code 2020-04-06 2021-09-16
3.3
None Local Network Low Not required Partial None None
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, launches a TCP server that accepts local connections on a random port. This can be reached by local HTTP clients, because up to 25 invalid lines are ignored, and because DNS rebinding can occur. (This server accepts, for example, a setcookie command that might be relevant to CVE-2020-11581 exploitation.)
281 CVE-2020-11581 78 Exec Code 2020-04-06 2021-09-16
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, allows a man-in-the-middle attacker to perform OS command injection attacks (against a client) via shell metacharacters to the doCustomRemediateInstructions method, because Runtime.getRuntime().exec() is used.
282 CVE-2020-11580 295 2020-04-06 2021-09-16
6.4
None Remote Low Not required Partial Partial None
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, accepts an arbitrary SSL certificate.
283 CVE-2020-11576 203 2020-04-08 2022-04-06
5.0
None Remote Low Not required Partial None None
Fixed in v1.5.1, Argo version v1.5.0 was vulnerable to a user-enumeration vulnerability which allowed attackers to determine the usernames of valid (non-SSO) accounts because /api/v1/session returned 401 for an existing username and 404 otherwise.
284 CVE-2020-11565 787 2020-04-06 2020-06-10
3.6
None Local Low Not required None Partial Partial
** DISPUTED ** An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue “is a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.”.
285 CVE-2020-11561 269 2020-04-07 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
In NCH Express Invoice 7.25, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as the "Add New Item" screen.
286 CVE-2020-11560 522 2020-04-07 2020-04-08
2.1
None Local Low Not required Partial None None
NCH Express Invoice 7.25 allows local users to discover the cleartext password by reading the configuration file.
287 CVE-2020-11558 416 2020-04-05 2020-04-06
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. audio_sample_entry_Read in isomedia/box_code_base.c does not properly decide when to make gf_isom_box_del calls. This leads to various use-after-free outcomes involving mdia_Read, gf_isom_delete_movie, and gf_isom_parse_movie_boxes.
288 CVE-2020-11557 522 2020-04-09 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It includes the username and password values in cleartext within each request's cookie value.
289 CVE-2020-11556 79 XSS 2020-04-09 2020-04-10
3.5
None Remote Medium ??? None Partial None
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There are multiple persistent (stored) and reflected XSS vulnerabilities.
290 CVE-2020-11555 522 +Info 2020-04-09 2020-04-10
5.0
None Remote Low Not required Partial None None
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive credential information from backup files.
291 CVE-2020-11554 200 +Info 2020-04-09 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive information via info.php4.
292 CVE-2020-11553 352 CSRF 2020-04-09 2020-04-10
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There is pervasive CSRF.
293 CVE-2020-11548 20 Exec Code 2020-04-05 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
The Search Meter plugin through 2.13.2 for WordPress allows user input introduced in the search bar to be any formula. The attacker could achieve remote code execution via CSV injection if a wp-admin/index.php?page=search-meter Export is performed.
294 CVE-2020-11547 200 +Info 2020-04-05 2020-04-07
5.0
None Remote Low Not required Partial None None
PRTG Network Monitor before 20.1.57.1745 allows remote unauthenticated attackers to obtain information about probes running or the server itself (CPU usage, memory, Windows version, and internal statistics) via an HTTP request, as demonstrated by type=probes to login.htm or index.htm.
295 CVE-2020-11545 89 Sql Bypass 2020-04-06 2020-04-06
7.5
None Remote Low Not required Partial Partial Partial
Project Worlds Official Car Rental System 1 is vulnerable to multiple SQL injection issues, as demonstrated by the email and parameters (account.php), uname and pass parameters (login.php), and id parameter (book_car.php) This allows an attacker to dump the MySQL database and to bypass the login authentication prompt.
296 CVE-2020-11544 434 2020-04-06 2020-04-06
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in Project Worlds Official Car Rental System 1. It allows the admin user to run commands on the server with their account because the upload section on the file-manager page contains an arbitrary file upload vulnerability via add_cars.php. There are no upload restrictions for executable files.
297 CVE-2020-11543 798 2020-04-08 2020-07-27
10.0
None Remote Low Not required Complete Complete Complete
OpsRamp Gateway before 7.0.0 has a backdoor account vadmin with the password 9vt@f3Vt that allows root SSH access to the server. This issue has been resolved in OpsRamp Gateway firmware version 7.0.0 where an administrator and a system user accounts are the only available user accounts for the gateway appliance.
298 CVE-2020-11542 287 Bypass 2020-04-04 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
3xLOGIC Infinias eIDC32 2.213 devices with Web 1.107 allow Authentication Bypass via CMD.HTM?CMD= because authentication depends on the client side's interpretation of the <KEY>MYKEY</KEY> substring.
299 CVE-2020-11539 345 2020-04-22 2021-07-21
4.8
None Local Network Low Not required Partial Partial None
An issue was discovered on Tata Sonata Smart SF Rush 1.12 devices. It has been identified that the smart band has no pairing (mode 0 Bluetooth LE security level) The data being transmitted over the air is not encrypted. Adding to this, the data being sent to the smart band doesn't have any authentication or signature verification. Thus, any attacker can control a parameter of the device.
300 CVE-2020-11537 89 Sql 2020-04-15 2020-04-22
7.5
None Remote Low Not required Partial Partial Partial
A SQL Injection issue was discovered in ONLYOFFICE Document Server 5.5.0. An attacker can execute arbitrary SQL queries via injection to DocID parameter of Websocket API.
Total number of vulnerabilities : 2187   Page : 1 2 3 4 5 6 (This Page)7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.