The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2020-13495 | An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles file offsets in binary USD files. A specially crafted malformed file can trigger an arbitrary out-of-bounds memory access that could lead to the disclosure of sensitive information. This vulnerability could be used to bypass mitigations and aid additional exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided file. | MEDIUM | Apr 18, 2022 |
CVE-2020-13494 | A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 parsing of compressed string tokens in binary USD files. A specially crafted malformed file can trigger a heap overflow which can result in out of bounds memory access which could lead to information disclosure. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, victim needs to access an attacker-provided malformed file. | MEDIUM | Dec 3, 2020 |
CVE-2020-13493 | A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. A specially crafted USDC file format path jumps decompression heap overflow in a way path jumps are processed. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file. | MEDIUM | Dec 3, 2020 |
CVE-2020-13487 | The bbPress plugin through 2.6.4 for WordPress has stored XSS in the Forum creation section, resulting in JavaScript execution at wp-admin/edit.php?post_type=forum (aka the Forum listing page) for all users. An administrator can exploit this at the wp-admin/post.php?action=edit URI. | LOW | May 28, 2020 |
CVE-2020-13486 | The Knock Knock plugin before 1.2.8 for Craft CMS allows malicious redirection. | MEDIUM | May 26, 2020 |
CVE-2020-13485 | The Knock Knock plugin before 1.2.8 for Craft CMS allows IP Whitelist bypass via an X-Forwarded-For HTTP header. | MEDIUM | May 26, 2020 |
CVE-2020-13484 | Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in the services/main/ajax.php?action=attachUrlPreview url parameter, if the destination URL hosts an HTML document containing \'<meta name=og:image content=\' followed by an intranet URL. | HIGH | Jun 24, 2020 |
CVE-2020-13483 | The Web Application Firewall in Bitrix24 through 20.0.0 allows XSS via the items[ITEMS][ID] parameter to the components/bitrix/mobileapp.list/ajax.php/ URI. | MEDIUM | Jun 24, 2020 |
CVE-2020-13482 | EM-HTTP-Request 1.1.5 uses the library eventmachine in an insecure way that allows an attacker to perform a man-in-the-middle attack against users of the library. The hostname in a TLS server certificate is not verified. | MEDIUM | May 27, 2020 |
CVE-2020-13480 | Verint Workforce Optimization (WFO) 15.2 allows HTML injection via the send email feature. | LOW | Jun 22, 2020 |
CVE-2020-13476 | NCH Express Invoice 8.06 to 8.24 is vulnerable to Reflected XSS in the Quotes List module. | LOW | Dec 30, 2020 |
CVE-2020-13474 | In NCH Express Accounts 8.24 and earlier, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as Add/Edit users. | MEDIUM | Dec 30, 2020 |
CVE-2020-13473 | NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file. | LOW | Dec 30, 2020 |
CVE-2020-13472 | The flash memory readout protection in Gigadevice GD32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the DMA module. | LOW | Sep 3, 2020 |
CVE-2020-13471 | Apex Microelectronics APM32F103 devices allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration. | HIGH | Aug 31, 2020 |
CVE-2020-13470 | Gigadevice GD32F103 and GD32F130 devices allow physical attackers to extract data via the probing of easily accessible bonding wires and de-obfuscation of the observed data. | LOW | Sep 3, 2020 |
CVE-2020-13469 | The flash memory readout protection in Gigadevice GD32VF103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU. | LOW | Sep 4, 2020 |
CVE-2020-13468 | Gigadevice GD32F130 devices allow physical attackers to escalate their debug interface permissions via fault injection into inter-IC bonding wires (which have insufficient physical protection). | MEDIUM | Sep 3, 2020 |
CVE-2020-13467 | The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling. | LOW | Aug 31, 2020 |
CVE-2020-13466 | STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration. | HIGH | Aug 31, 2020 |
CVE-2020-13465 | The security protection in Gigadevice GD32F103 devices allows physical attackers to redirect the control flow and execute arbitrary code via the debug interface. | MEDIUM | Sep 3, 2020 |
CVE-2020-13464 | The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU or DMA module. | LOW | Aug 31, 2020 |
CVE-2020-13463 | The flash memory readout protection in Apex Microelectronics APM32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling. | LOW | Aug 31, 2020 |
CVE-2020-13462 | Insecure Direct Object Reference (IDOR) exists in Tufin SecureChange, affecting all versions prior to R20-2 GA. Fixed in version R20-2 GA. | MEDIUM | Feb 12, 2021 |
CVE-2020-13461 | Username enumeration in present in Tufin SecureTrack. It\'s affecting all versions of SecureTrack. The vendor has decided not to fix this vulnerability. Vendor\'s response: This attack requires access to the internal network. If an attacker is part of the internal network, they do not require access to TOS to know the usernames. | LOW | Feb 12, 2021 |
CVE-2020-13460 | Multiple Cross-Site Request Forgery (CSRF) vulnerabilities were present in Tufin SecureTrack, affecting all versions prior to R20-2 GA. | MEDIUM | Feb 11, 2021 |
CVE-2020-13459 | An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There is stored XSS in the Bulk Resize action. | LOW | May 27, 2020 |
CVE-2020-13458 | An issue was discovered in the Image Resizer plugin before 2.0.9 for Craft CMS. There are CSRF issues with the log-clear controller action. | MEDIUM | May 27, 2020 |
CVE-2020-13452 | In Gotenberg through 6.2.1, insecure permissions for tini (writable by user gotenberg) potentially allow an attacker to overwrite the file, which can lead to denial of service or code execution. | HIGH | Jan 8, 2021 |
CVE-2020-13451 | An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg through 6.2.1 allows an attacker to overwrite LibreOffice configuration files and execute arbitrary code via macros. | HIGH | Jan 8, 2021 |
CVE-2020-13450 | A directory traversal vulnerability in file upload function of Gotenberg through 6.2.1 allows an attacker to upload and overwrite any writable files outside the intended folder. This can lead to DoS, a change to program behavior, or code execution. | HIGH | Jan 8, 2021 |
CVE-2020-13449 | A directory traversal vulnerability in the Markdown engine of Gotenberg through 6.2.1 allows an attacker to read any container files. | MEDIUM | Jan 8, 2021 |
CVE-2020-13448 | QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8 allows an authenticated remote attacker to execute code on the server via command injection in the servicestart parameter. | HIGH | Jun 2, 2020 |
CVE-2020-13445 | In Liferay Portal before 7.3.2 and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 6, the template API does not restrict user access to sensitive objects, which allows remote authenticated users to execute arbitrary code via crafted FreeMarker and Velocity templates. | MEDIUM | Jun 10, 2020 |
CVE-2020-13444 | Liferay Portal 7.x before 7.3.2, and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 5 does not sanitize the information returned by the DDMDataProvider API, which allows remote authenticated users to obtain the password to REST Data Providers. | MEDIUM | Jun 10, 2020 |
CVE-2020-13443 | ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low privileges (member) is able to upload this. It is possible to bypass the MIME type check and file-extension check while uploading new files. Short aliases are not used for an attachment; instead, direct access is allowed to the uploaded files. It is possible to upload PHP only if one has member access, or registration/forum is enabled and one can create a member with the default group id of 5. To exploit this, one must to be able to send and compose messages (at least). | MEDIUM | Jun 24, 2020 |
CVE-2020-13442 | A Remote code execution vulnerability exists in DEXT5Upload in DEXT5 through 2.7.1402870. An attacker can upload a PHP file via dext5handler.jsp handler because the uploaded file is stored under dext5uploadeddata/. | HIGH | May 27, 2020 |
CVE-2020-13440 | ffjpeg through 2020-02-24 has an invalid write in bmp_load in bmp.c. | MEDIUM | May 24, 2020 |
CVE-2020-13439 | ffjpeg through 2020-02-24 has a heap-based buffer over-read in jfif_decode in jfif.c. | MEDIUM | May 24, 2020 |
CVE-2020-13438 | ffjpeg through 2020-02-24 has an invalid read in jfif_encode in jfif.c. | MEDIUM | May 24, 2020 |
CVE-2020-13435 | SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. | MEDIUM | May 24, 2020 |
CVE-2020-13434 | SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. | MEDIUM | May 24, 2020 |
CVE-2020-13433 | Jason2605 AdminPanel 4.0 allows SQL Injection via the editPlayer.php hidden parameter. | HIGH | May 24, 2020 |
CVE-2020-13432 | rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual files or folders are used, allows remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers. | MEDIUM | Jun 8, 2020 |
CVE-2020-13431 | I2P before 0.9.46 allows local users to gain privileges via a Trojan horse I2PSvc.exe file because of weak permissions on a certain %PROGRAMFILES% subdirectory. | HIGH | Jun 16, 2020 |
CVE-2020-13430 | Grafana before 7.0.0 allows tag value XSS via the OpenTSDB datasource. | MEDIUM | May 24, 2020 |
CVE-2020-13429 | legend.ts in the piechart-panel (aka Pie Chart Panel) plugin before 1.5.0 for Grafana allows XSS via the Values Header (aka legend header) option. | LOW | May 24, 2020 |
CVE-2020-13428 | A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file. | MEDIUM | Jun 8, 2020 |
CVE-2020-13427 | Victor CMS 1.0 has Persistent XSS in admin/users.php?source=add_user via the user_name, user_firstname, or user_lastname parameter. | MEDIUM | Jun 25, 2020 |
CVE-2020-13426 | The Multi-Scheduler plugin 1.0.0 for WordPress has a Cross-Site Request Forgery (CSRF) vulnerability in the forms it presents, allowing the possibility of deleting records (users) when an ID is known. | MEDIUM | Jun 26, 2020 |