CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In February 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
401 CVE-2020-5401 444 2020-02-27 2020-03-03
5.0
None Remote Low Not required None None Partial
Cloud Foundry Routing Release, versions prior to 0.197.0, contains GoRouter, which allows malicious clients to send invalid headers, causing caching layers to reject subsequent legitimate clients trying to access the app.
402 CVE-2020-5400 532 2020-02-27 2021-08-17
4.0
None Remote Low ??? Partial None None
Cloud Foundry Cloud Controller (CAPI), versions prior to 1.91.0, logs properties of background jobs when they are run, which may include sensitive information such as credentials if provided to the job. A malicious user with access to those logs may gain unauthorized access to resources protected by such credentials.
403 CVE-2020-5399 319 2020-02-12 2020-02-27
5.8
None Remote Medium Not required Partial Partial None
Cloud Foundry CredHub, versions prior to 2.5.10, connects to a MySQL database without TLS even when configured to use TLS. A malicious user with access to the network between CredHub and its MySQL database may eavesdrop on database connections and thereby gain unauthorized access to CredHub and other components.
404 CVE-2020-5326 306 Bypass 2020-02-21 2020-03-03
2.1
None Local Low Not required None Partial None
Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerability in the pre-boot Intel Rapid Storage Response Technology (iRST) Manager menu. An attacker with physical access to the system could perform unauthorized changes to the BIOS Setup configuration settings without requiring the BIOS Admin password by selecting the Optimized Defaults option in the pre-boot iRST Manager.
405 CVE-2020-5324 59 2020-02-21 2021-09-14
2.6
None Local High Not required None Partial Partial
Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The vulnerability is limited to the Dell Firmware Update Utility during the time window while being executed by an administrator. During this time window, a locally authenticated low-privileged malicious user could exploit this vulnerability by tricking an administrator into overwriting arbitrary files via a symlink attack. The vulnerability does not affect the actual binary payload that the update utility delivers.
406 CVE-2020-5319 129 DoS 2020-02-06 2020-02-12
7.8
None Remote Low Not required None None Complete
Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prior to 5.0.2.0.5.009 contain a Denial of Service vulnerability on NAS Server SSH implementation that is used to provide SFTP service on a NAS server. A remote unauthenticated attacker may potentially exploit this vulnerability and cause a Denial of Service (Storage Processor Panic) by sending an out of order SSH protocol sequence.
407 CVE-2020-5318 863 2020-02-06 2020-02-11
5.0
None Remote Low Not required Partial None None
Dell EMC Isilon OneFS versions 8.1.2, 8.1.0.4, 8.1.0.3, and 8.0.0.7 contain a vulnerability in some configurations. An attacker may exploit this vulnerability to gain access to restricted files. The non-RAN HTTP and WebDAV file-serving components have a vulnerability wherein when either are enabled, and Basic Authentication is enabled for either or both components, files are accessible without authentication.
408 CVE-2020-5317 79 Exec Code XSS 2020-02-06 2020-02-12
3.5
None Remote Medium ??? None Partial None
Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerability. A remote authenticated malicious user could exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When victim users access the data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application.
409 CVE-2020-5247 113 XSS Http R.Spl. 2020-02-28 2022-05-26
5.0
None Remote Low Not required None Partial None
In Puma (RubyGem) before 4.3.2 and before 3.12.3, if an application using Puma allows untrusted input in a response header, an attacker can use newline characters (i.e. `CR`, `LF` or`/r`, `/n`) to end the header and inject malicious content, such as additional headers or an entirely new response body. This vulnerability is known as HTTP Response Splitting. While not an attack in itself, response splitting is a vector for several other attacks, such as cross-site scripting (XSS). This is related to CVE-2019-16254, which fixed this vulnerability for the WEBrick Ruby web server. This has been fixed in versions 4.3.2 and 3.12.3 by checking all headers for line endings and rejecting headers with those characters.
410 CVE-2020-5245 74 Exec Code 2020-02-24 2022-05-12
9.0
None Remote Low ??? Complete Complete Complete
Dropwizard-Validation before 1.3.19, and 2.0.2 may allow arbitrary code execution on the host system, with the privileges of the Dropwizard service account, by injecting arbitrary Java Expression Language expressions when using the self-validating feature. The issue has been fixed in dropwizard-validation 1.3.19 and 2.0.2.
411 CVE-2020-5244 200 +Info 2020-02-24 2020-02-25
5.0
None Remote Low Not required Partial None None
In BuddyPress before 5.1.2, requests to a certain REST API endpoint can result in private user data getting exposed. Authentication is not needed. This has been patched in version 5.1.2.
412 CVE-2020-5243 400 DoS 2020-02-21 2020-02-25
5.0
None Remote Low Not required None None Partial
uap-core before 0.7.3 is vulnerable to a denial of service attack when processing crafted User-Agent strings. Some regexes are vulnerable to regular expression denial of service (REDoS) due to overlapping capture groups. This allows remote attackers to overload a server by setting the User-Agent header in an HTTP(S) request to maliciously crafted long strings. This has been patched in uap-core 0.7.3.
413 CVE-2020-5242 863 Exec Code 2020-02-20 2020-02-26
9.3
None Remote Medium Not required Complete Complete Complete
openHAB before 2.5.2 allow a remote attacker to use REST calls to install the EXEC binding or EXEC transformation service and execute arbitrary commands on the system with the privileges of the user running openHAB. Starting with version 2.5.2 all commands need to be whitelisted in a local file which cannot be changed via REST calls.
414 CVE-2020-5241 79 XSS 2020-02-13 2020-02-18
3.5
None Remote Medium ??? None Partial None
matestack-ui-core (RubyGem) before 0.7.4 is vulnerable to XSS/Script injection. This vulnerability is patched in version 0.7.4.
415 CVE-2020-5239 2020-02-13 2020-02-18
6.5
None Remote Low ??? Partial Partial Partial
In Mailu before version 1.7, an authenticated user can exploit a vulnerability in Mailu fetchmail script and gain full access to a Mailu instance. Mailu servers that have open registration or untrusted users are most impacted. The master and 1.7 branches are patched on our git repository. All Docker images published on docker.io/mailu for tags 1.5, 1.6, 1.7 and master are patched. For detailed instructions about patching and securing the server afterwards, see https://github.com/Mailu/Mailu/issues/1354
416 CVE-2020-5237 22 Exec Code Dir. Trav. 2020-02-05 2021-12-30
6.5
None Remote Low ??? Partial Partial Partial
Multiple relative path traversal vulnerabilities in the oneup/uploader-bundle before 1.9.3 and 2.1.5 allow remote attackers to upload, copy, and modify files on the filesystem (potentially leading to arbitrary code execution) via the (1) filename parameter to BlueimpController.php; the (2) dzchunkindex, (3) dzuuid, or (4) filename parameter to DropzoneController.php; the (5) qqpartindex, (6) qqfilename, or (7) qquuid parameter to FineUploaderController.php; the (8) x-file-id or (9) x-file-name parameter to MooUploadController.php; or the (10) name or (11) chunk parameter to PluploadController.php. This is fixed in versions 1.9.3 and 2.1.5.
417 CVE-2020-5236 400 2020-02-04 2020-02-06
6.8
None Remote Low ??? None None Complete
Waitress version 1.4.2 allows a DOS attack When waitress receives a header that contains invalid characters. When a header like "Bad-header: xxxxxxxxxxxxxxx\x10" is received, it will cause the regular expression engine to catastrophically backtrack causing the process to use 100% CPU time and blocking any other interactions. This allows an attacker to send a single request with an invalid header and take the service offline. This issue was introduced in version 1.4.2 when the regular expression was updated to attempt to match the behaviour required by errata associated with RFC7230. The regular expression that is used to validate incoming headers has been updated in version 1.4.3, it is recommended that people upgrade to the new version of Waitress as soon as possible.
418 CVE-2020-5235 125 Mem. Corr. 2020-02-04 2020-02-06
7.5
None Remote Low Not required Partial Partial Partial
There is a potentially exploitable out of memory condition In Nanopb before 0.4.1, 0.3.9.5, and 0.2.9.4. When nanopb is compiled with PB_ENABLE_MALLOC, the message to be decoded contains a repeated string, bytes or message field and realloc() runs out of memory when expanding the array nanopb can end up calling `free()` on a pointer value that comes from uninitialized memory. Depending on platform this can result in a crash or further memory corruption, which may be exploitable in some cases. This problem is fixed in nanopb-0.4.1, nanopb-0.3.9.5, nanopb-0.2.9.4.
419 CVE-2020-5208 120 Exec Code Overflow 2020-02-05 2021-12-30
6.5
None Remote Low ??? Partial Partial Partial
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote code execution on the ipmitool side. This is especially dangerous if ipmitool is run as a privileged user. This problem is fixed in version 1.8.19.
420 CVE-2020-5188 434 2020-02-24 2021-07-21
4.0
None Remote Low ??? None Partial None
DNN (formerly DotNetNuke) through 9.4.4 has Insecure Permissions.
421 CVE-2020-5187 22 Dir. Trav. 2020-02-24 2020-02-24
6.5
None Remote Low ??? Partial Partial Partial
DNN (formerly DotNetNuke) through 9.4.4 allows Path Traversal (issue 2 of 2).
422 CVE-2020-5186 79 XSS 2020-02-24 2020-02-24
3.5
None Remote Medium ??? None Partial None
DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2).
423 CVE-2020-5182 522 2020-02-03 2021-07-21
4.3
None Remote Medium Not required Partial None None
The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. In some configurations, the link to the business website can be entered by any user. If it doesn't contain rel="noopener" (or similar attributes such as noreferrer), the tabnabbing may occur. To reproduce the bug, create a business with a website link that contains JavaScript to exploit the window.opener property (for example, by setting window.opener.location).
424 CVE-2020-4230 269 Exec Code 2020-02-19 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 and 11.5 is vulnerable to an escalation of privilege when an authenticated local attacker with special permissions executes specially crafted Db2 commands. IBM X-Force ID: 175212.
425 CVE-2020-4224 200 +Info 2020-02-03 2021-07-21
2.1
None Local Low Not required Partial None None
IBM StoredIQ 7.6.0.17 through 7.6.0.20 could disclose sensitive information to a local user due to data in certain directories not being encrypted when it contained symbolic links. IBM X-Force ID: 175133.
426 CVE-2020-4222 78 Exec Code 2020-02-24 2022-01-01
10.0
None Remote Low Not required Complete Complete Complete
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175091.
427 CVE-2020-4213 78 Exec Code 2020-02-24 2022-01-01
10.0
None Remote Low Not required Complete Complete Complete
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175024.
428 CVE-2020-4212 20 Exec Code 2020-02-24 2022-01-01
10.0
None Remote Low Not required Complete Complete Complete
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175023.
429 CVE-2020-4211 78 Exec Code 2020-02-24 2022-01-01
10.0
None Remote Low Not required Complete Complete Complete
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175022.
430 CVE-2020-4210 78 Exec Code 2020-02-24 2022-01-01
10.0
None Remote Low Not required Complete Complete Complete
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175020.
431 CVE-2020-4204 120 Exec Code Overflow 2020-02-19 2020-02-23
7.2
None Local Low Not required Complete Complete Complete
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 174960.
432 CVE-2020-4200 DoS 2020-02-19 2020-02-24
4.0
None Remote Low ??? None None Partial
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5, 11.1, and 11.5 could allow an authenticated attacker to send specially crafted commands to cause a denial of service. IBM X-Force ID: 174914.
433 CVE-2020-4163 269 2020-02-04 2021-07-21
6.0
None Remote Medium ??? Partial Partial Partial
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, under specialized conditions, could allow an authenticated user to create a maliciously crafted file name which would be misinterpreted as jsp content and executed. IBM X-Force ID: 174397.
434 CVE-2020-4161 74 DoS 2020-02-19 2021-07-21
4.0
None Remote Low ??? None None Partial
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.5 could allow an authenticated attacker to cause a denial of service due to incorrect handling of certain commands. IBM X-Force ID: 174341.
435 CVE-2020-4135 DoS 2020-02-19 2022-01-01
5.0
None Remote Low Not required None None Partial
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated user to send specially crafted packets to cause a denial of service from excessive memory usage.
436 CVE-2020-3945 200 +Info 2020-02-19 2021-07-21
5.0
None Remote Low Not required Partial None None
vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may obtain sensitive information
437 CVE-2020-3944 287 Bypass 2020-02-19 2020-02-26
5.0
None Remote Low Not required Partial None None
vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration leading to authentication bypass. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to bypass Adapter authentication.
438 CVE-2020-3943 20 Exec Code 2020-02-19 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) uses a JMX RMI service which is not securely configured. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to execute arbitrary code in vRealize Operations.
439 CVE-2020-3939 79 XSS +Info 2020-02-04 2021-12-21
4.3
None Remote Medium Not required None Partial None
SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Cross-Site Scripting(XSS), personal information may be leaked to attackers via the vulnerability.
440 CVE-2020-3938 918 2020-02-04 2022-05-24
5.0
None Remote Low Not required Partial None None
SysJust Syuan-Gu-Da-Shih, versions before 20191223, contain vulnerability of Request Forgery, allowing attackers to launch inquiries into network architecture or system files of the server via forged inquests.
441 CVE-2020-3937 89 Sql 2020-02-04 2022-05-25
5.0
None Remote Low Not required Partial None None
SQL Injection in SysJust Syuan-Gu-Da-Shih, versions before 20191223, allowing attackers to perform unwanted SQL queries and access arbitrary file in the database.
442 CVE-2020-3935 312 2020-02-11 2021-12-22
5.0
None Remote Low Not required Partial None None
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers.
443 CVE-2020-3934 89 Sql 2020-02-11 2022-01-01
7.5
None Remote Low Not required Partial Partial Partial
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, contains a vulnerability of Pre-auth SQL Injection, allowing attackers to inject a specific SQL command.
444 CVE-2020-3933 2020-02-11 2022-01-01
5.0
None Remote Low Not required Partial None None
TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, allows attackers to enumerate and exam user account in the system.
445 CVE-2020-3927 552 2020-02-03 2022-05-25
8.5
None Remote Low Not required None Complete Partial
An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter.
446 CVE-2020-3926 552 2020-02-03 2022-05-24
7.8
None Remote Low Not required Complete None None
An arbitrary-file-access vulnerability exists in ServiSign security plugin, as long as the attackers learn the specific API function, they may access arbitrary files on target system via crafted API parameter.
447 CVE-2020-3925 Exec Code 2020-02-03 2020-02-12
9.3
None Remote Medium Not required Complete Complete Complete
A Remote Code Execution(RCE) vulnerability exists in some designated applications in ServiSign security plugin, as long as the interface is captured, attackers are able to launch RCE and executes arbitrary command on target system via malicious crafted scripts.
448 CVE-2020-3924 74 2020-02-27 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify patch files. Attackers can inject a specific command into a patch file and gain access to the system.
449 CVE-2020-3923 863 2020-02-27 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET, contain misconfigured authentication mechanism. Attackers can crack the default password and gain access to the system.
450 CVE-2020-3878 125 Exec Code 2020-02-27 2022-06-05
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 and iPadOS 13.5, macOS Catalina 10.15.5, tvOS 13.4.5, watchOS 6.2.5, iTunes 12.10.7 for Windows, iCloud for Windows 11.2, iCloud for Windows 7.19. Processing a maliciously crafted image may lead to arbitrary code execution.
Total number of vulnerabilities : 1395   Page : 1 2 3 4 5 6 7 8 9 (This Page)10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.