| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
251 |
CVE-2020-12038 |
787 |
|
Mem. Corr. |
2020-05-19 |
2021-09-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer software: Version 32 and prior) is vulnerable. A memory corruption vulnerability exists in the algorithm that matches square brackets in the EDS subsystem. This may allow an attacker to craft specialized EDS files to crash the EDSParser COM object, leading to denial-of-service conditions. |
|
252 |
CVE-2020-12034 |
89 |
|
Sql |
2020-05-20 |
2020-05-22 |
4.8 |
None |
Local Network |
Low |
Not required |
None |
Partial |
Partial |
|
Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer software: Version 32 and prior) is vulnerable.The EDS subsystem does not provide adequate input sanitation, which may allow an attacker to craft specialized EDS files to inject SQL queries and manipulate the database storing the EDS files. This can lead to denial-of-service conditions. |
|
253 |
CVE-2020-12026 |
22 |
|
Dir. Trav. |
2020-05-08 |
2021-09-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control. |
|
254 |
CVE-2020-12022 |
129 |
|
|
2020-05-08 |
2020-05-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An improper validation vulnerability exists that could allow an attacker to inject specially crafted input into memory where it can be executed. |
|
255 |
CVE-2020-12018 |
125 |
|
|
2020-05-08 |
2020-05-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data. |
|
256 |
CVE-2020-12014 |
89 |
|
Sql |
2020-05-08 |
2020-05-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands. |
|
257 |
CVE-2020-12010 |
22 |
|
Dir. Trav. |
2020-05-08 |
2021-09-23 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow an authenticated user to use a specially crafted file to delete files outside the application’s control. |
|
258 |
CVE-2020-12006 |
22 |
|
Dir. Trav. |
2020-05-08 |
2021-09-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application’s control. |
|
259 |
CVE-2020-12002 |
787 |
|
Exec Code Overflow |
2020-05-08 |
2021-09-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. |
|
260 |
CVE-2020-11973 |
502 |
|
|
2020-05-14 |
2021-07-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0. |
|
261 |
CVE-2020-11972 |
502 |
|
|
2020-05-14 |
2021-03-15 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade to 3.2.0. |
|
262 |
CVE-2020-11971 |
|
|
|
2020-05-14 |
2022-05-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0. |
|
263 |
CVE-2020-11950 |
78 |
|
Exec Code |
2020-05-28 |
2020-06-02 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to upload and execute a script (with resultant execution of OS commands). For example, this affects IT9388-HT devices. |
|
264 |
CVE-2020-11949 |
200 |
|
+Info |
2020-05-28 |
2021-07-21 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
testserver.cgi of the web service on VIVOTEK Network Cameras before XXXXX-VVTK-2.2002.xx.01x (and before XXXXX-VVTK-0XXXX_Beta2) allows an authenticated user to obtain arbitrary files from a camera's local filesystem. For example, this affects IT9388-HT devices. |
|
265 |
CVE-2020-11932 |
532 |
|
|
2020-05-13 |
2020-08-03 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
It was discovered that the Subiquity installer for Ubuntu Server logged the LUKS full disk encryption password if one was entered. |
|
266 |
CVE-2020-11931 |
668 |
|
Bypass |
2020-05-15 |
2020-05-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
An Ubuntu-specific modification to Pulseaudio to provide security mediation for Snap-packaged applications was found to have a bypass of intended access restriction for snaps which plugs any of pulseaudio, audio-playback or audio-record via unloading the pulseaudio snap policy module. This issue affects: pulseaudio 1:8.0 versions prior to 1:8.0-0ubuntu3.12; 1:11.1 versions prior to 1:11.1-1ubuntu7.7; 1:13.0 versions prior to 1:13.0-1ubuntu1.2; 1:13.99.1 versions prior to 1:13.99.1-1ubuntu3.2; |
|
267 |
CVE-2020-11866 |
416 |
|
|
2020-05-11 |
2020-06-18 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows a use-after-free. |
|
268 |
CVE-2020-11865 |
119 |
|
Overflow |
2020-05-11 |
2020-06-18 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access. |
|
269 |
CVE-2020-11864 |
|
|
DoS |
2020-05-11 |
2020-06-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 2 of 2). |
|
270 |
CVE-2020-11863 |
|
|
DoS |
2020-05-11 |
2020-06-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows denial of service (issue 1 of 2). |
|
271 |
CVE-2020-11845 |
79 |
|
XSS |
2020-05-19 |
2020-05-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross Site Scripting vulnerability in Micro Focus Service Manager product. Affecting versions 9.50, 9.51, 9.52, 9.60, 9.61, 9.62, 9.63. The vulnerability could be exploited to allow remote attackers to inject arbitrary web script or HTML. |
|
272 |
CVE-2020-11844 |
863 |
|
|
2020-05-29 |
2021-05-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Incorrect Authorization vulnerability in Micro Focus Container Deployment Foundation component affects products: - Hybrid Cloud Management. Versions 2018.05 to 2019.11. - ArcSight Investigate. versions 2.4.0, 3.0.0 and 3.1.0. - ArcSight Transformation Hub. versions 3.0.0, 3.1.0, 3.2.0. - ArcSight Interset. version 6.0.0. - ArcSight ESM (when ArcSight Fusion 1.0 is installed). version 7.2.1. - Service Management Automation (SMA). versions 2018.05 to 2020.02 - Operation Bridge Suite (Containerized). Versions 2018.05 to 2020.02. - Network Operation Management. versions 2017.11 to 2019.11. - Data Center Automation Containerized. versions 2018.05 to 2019.11 - Identity Intelligence. versions 1.1.0 and 1.1.1. The vulnerability could be exploited to provide unauthorized access to the Container Deployment Foundation. |
|
273 |
CVE-2020-11842 |
200 |
|
+Info |
2020-05-04 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Information disclosure vulnerability in Micro Focus Verastream Host Integrator (VHI) product, affecting versions earlier than 7.8 Update 1 (7.8.49 or 7.8.0.49). The vulnerability allows an unauthenticated attackers to view information they may not have been authorized to view. |
|
274 |
CVE-2020-11807 |
434 |
|
Exec Code |
2020-05-19 |
2020-05-20 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code (and sometimes terminal commands) on a server by making an avatar update and then visiting the avatar file under the /images/ path. |
|
275 |
CVE-2020-11766 |
74 |
|
|
2020-05-19 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
sendfax.php in iFAX AvantFAX before 3.3.6 and HylaFAX Enterprise Web Interface before 0.2.5 allows authenticated Command Injection. |
|
276 |
CVE-2020-11737 |
79 |
|
XSS |
2020-05-05 |
2020-05-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A cross-site scripting (XSS) vulnerability in Web Client in Zimbra 9.0 allows a remote attacker to craft links in an E-Mail message or calendar invite to execute arbitrary JavaScript. The attack requires an A element containing an href attribute with a "www" substring (including the quotes) followed immediately by a DOM event listener such as onmouseover. This is fixed in 9.0.0 Patch 2. |
|
277 |
CVE-2020-11727 |
79 |
|
XSS |
2020-05-06 |
2020-05-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A cross-site scripting (XSS) vulnerability in the AlgolPlus Advanced Order Export For WooCommerce plugin 3.1.3 for WordPress allows remote attackers to inject arbitrary web script or HTML via the view/settings-form.php woe_post_type parameter. |
|
278 |
CVE-2020-11716 |
276 |
|
|
2020-05-20 |
2020-05-22 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Panasonic P110, Eluga Z1 Pro, Eluga X1, and Eluga X1 Pro devices through 2020-04-10 have Insecure Permissions. NOTE: the vendor states that all affected products are at "End-of-software-support." |
|
279 |
CVE-2020-11715 |
|
|
|
2020-05-19 |
2020-05-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Panasonic P99 devices through 2020-04-10 have Incorrect Access Control. NOTE: the vendor states that all affected products are at "End-of-software-support." |
|
280 |
CVE-2020-11671 |
269 |
|
|
2020-05-04 |
2021-07-21 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Lack of authorization controls in REST API functions in TeamPass through 2.1.27.36 allows any TeamPass user with a valid API token to become a TeamPass administrator and read/modify all passwords via authenticated api/index.php REST API calls. NOTE: the API is not available by default. |
|
281 |
CVE-2020-11551 |
287 |
|
|
2020-05-18 |
2021-07-21 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote write of arbitrary Wi-Fi configuration data such as authentication details (e.g., the Web-admin password), network settings, DNS settings, system administration interface configuration, etc. |
|
282 |
CVE-2020-11550 |
200 |
|
+Info |
2020-05-18 |
2021-07-21 |
3.3 |
None |
Local Network |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The administrative SOAP interface allows an unauthenticated remote leak of sensitive/arbitrary Wi-Fi information, such as SSIDs and Pre-Shared-Keys (PSK). |
|
283 |
CVE-2020-11549 |
798 |
|
Exec Code |
2020-05-18 |
2020-05-20 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered on NETGEAR Orbi Tri-Band Business WiFi Add-on Satellite (SRS60) AC3000 V2.5.1.106, Outdoor Satellite (RBS50Y) V2.5.1.106, and Pro Tri-Band Business WiFi Router (SRR60) AC3000 V2.5.1.106. The root account has the same password as the Web-admin component. Thus, by exploiting CVE-2020-11551, it is possible to achieve remote code execution with root privileges on the embedded Linux system. |
|
284 |
CVE-2020-11541 |
611 |
|
|
2020-05-08 |
2020-05-14 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
In TechSmith SnagIt 11.2.1 through 20.0.3, an XML External Entity (XXE) injection issue exists that would allow a local attacker to exfiltrate data under the local Administrator account. |
|
285 |
CVE-2020-11532 |
287 |
|
Bypass |
2020-05-08 |
2021-07-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Zoho ManageEngine DataSecurity Plus prior to 6.0.1 uses default admin credentials to communicate with a DataEngine Xnode server. This allows an attacker to bypass authentication for this server and execute all operations in the context of admin user. |
|
286 |
CVE-2020-11531 |
22 |
|
Exec Code Dir. Trav. |
2020-05-08 |
2020-05-18 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
The DataEngine Xnode Server application in Zoho ManageEngine DataSecurity Plus prior to 6.0.1 does not validate the database schema name when handling a DR-SCHEMA-SYNC request. This allows an authenticated attacker to execute code in the context of the product by writing a JSP file to the webroot directory via directory traversal. |
|
287 |
CVE-2020-11530 |
89 |
|
Sql |
2020-05-08 |
2020-05-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in the id GET parameter supplied to get_script/index.php, and allows an attacker to execute arbitrary SQL queries in the context of the WP database user. |
|
288 |
CVE-2020-11526 |
125 |
|
|
2020-05-15 |
2022-04-26 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
|
libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read. |
|
289 |
CVE-2020-11525 |
125 |
|
|
2020-05-15 |
2020-08-30 |
3.5 |
None |
Remote |
Medium |
??? |
None |
None |
Partial |
|
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read. |
|
290 |
CVE-2020-11524 |
787 |
|
|
2020-05-15 |
2020-07-27 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. |
|
291 |
CVE-2020-11523 |
190 |
|
Overflow |
2020-05-15 |
2020-08-30 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow. |
|
292 |
CVE-2020-11522 |
125 |
|
|
2020-05-15 |
2020-08-30 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read. |
|
293 |
CVE-2020-11521 |
125 |
|
|
2020-05-15 |
2022-04-26 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. |
|
294 |
CVE-2020-11462 |
776 |
|
|
2020-05-04 |
2020-05-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in OpenVPN Access Server before 2.7.0 and 2.8.x before 2.8.3. With the full featured RPC2 interface enabled, it is possible to achieve a temporary DoS state of the management interface when sending an XML Entity Expansion (XEE) payload to the XMLRPC based RPC2 interface. The duration of the DoS state depends on available memory and CPU speed. The default restricted mode of the RPC2 interface is NOT vulnerable. |
|
295 |
CVE-2020-11443 |
732 |
|
|
2020-05-04 |
2021-07-21 |
8.5 |
None |
Remote |
Low |
??? |
None |
Complete |
Complete |
|
The Zoom IT installer for Windows (ZoomInstallerFull.msi) prior to version 4.6.10 deletes files located in %APPDATA%\Zoom before installing an updated version of the client. Standard users are able to write to this directory, and can write links to other directories on the machine. As the installer runs with SYSTEM privileges and follows these links, a user can cause the installer to delete files that otherwise cannot be deleted by the user. |
|
296 |
CVE-2020-11431 |
22 |
|
Dir. Trav. |
2020-05-07 |
2020-05-12 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
The documentation component in i-net Clear Reports 16.0 to 19.2, HelpDesk 8.0 to 8.3, and PDFC 4.3 to 6.2 allows a remote unauthenticated attacker to read arbitrary system files and directories on the target server via Directory Traversal. |
|
297 |
CVE-2020-11108 |
434 |
|
Exec Code |
2020-05-11 |
2020-05-27 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. This can be abused for Remote Code Execution by writing to a PHP file in the web directory. (Also, it can be used in conjunction with the sudo rule for the www-data user to escalate privileges to root.) The code error is in gravity_DownloadBlocklistFromUrl in gravity.sh. |
|
298 |
CVE-2020-11089 |
125 |
|
|
2020-05-29 |
2020-07-27 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, serial_process_irp_write). This has been fixed in 2.1.0. |
|
299 |
CVE-2020-11088 |
125 |
|
|
2020-05-29 |
2020-07-27 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
None |
Partial |
|
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0. |
|
300 |
CVE-2020-11087 |
125 |
|
|
2020-05-29 |
2020-07-27 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
None |
Partial |
|
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0. |
