The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2020-9484 | When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; and c) the PersistenceManager is configured with sessionAttributeValueClassNameFilter=null (the default unless a SecurityManager is used) or a sufficiently lax filter to allow the attacker provided object to be deserialized; and d) the attacker knows the relative file path from the storage location used by FileStore to the file the attacker has control over; then, using a specifically crafted request, the attacker will be able to trigger remote code execution via deserialization of the file under their control. Note that all of conditions a) to d) must be true for the attack to succeed. | MEDIUM | May 24, 2020 |
CVE-2020-6473 | Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | MEDIUM | May 21, 2020 |
CVE-2020-6488 | Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | MEDIUM | May 21, 2020 |
CVE-2020-6467 | Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | MEDIUM | May 21, 2020 |
CVE-2020-6478 | Inappropriate implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to spoof security UI via a crafted HTML page. | MEDIUM | May 21, 2020 |
CVE-2019-20802 | An issue was discovered in the Readdle Documents app before 6.9.7 for iOS. The application\'s file-transfer web server improperly displays directory names, leading to Stored XSS, which may be used to steal a user\'s data. This requires user interaction because there is no known direct way for an attacker to create a crafted directory name on a victim\'s device. However, a crafted directory name can occur if a victim extracts a ZIP archive that was provided by an attacker. | MEDIUM | May 19, 2020 |
CVE-2020-13230 | In Cacti before 1.2.11, disabling a user account does not immediately invalidate any permissions granted to that account (e.g., permission to view logs). | MEDIUM | May 20, 2020 |
CVE-2020-13240 | The DMS/ECM module in Dolibarr 11.0.4 allows users with the \'Setup documents directories\' permission to rename uploaded files to have insecure file extensions. This bypasses the .noexe protection mechanism against XSS. | MEDIUM | May 21, 2020 |
CVE-2020-6485 | Insufficient data validation in media router in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to bypass navigation restrictions via a crafted HTML page. | MEDIUM | May 21, 2020 |
CVE-2020-6468 | Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | MEDIUM | May 21, 2020 |
CVE-2020-10725 | A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that host. This is caused by a missing validity check of the descriptor address in the function `virtio_dev_rx_batch_packed()`. | MEDIUM | May 23, 2020 |
CVE-2020-6465 | Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | MEDIUM | May 21, 2020 |
CVE-2020-0963 | An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka \'Windows GDI Information Disclosure Vulnerability\'. This CVE ID is unique from CVE-2020-1141, CVE-2020-1145, CVE-2020-1179. | MEDIUM | May 22, 2020 |
CVE-2020-1164 | An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka \'Windows Runtime Elevation of Privilege Vulnerability\'. This CVE ID is unique from CVE-2020-1077, CVE-2020-1086, CVE-2020-1090, CVE-2020-1125, CVE-2020-1139, CVE-2020-1149, CVE-2020-1151, CVE-2020-1155, CVE-2020-1156, CVE-2020-1157, CVE-2020-1158. | MEDIUM | May 22, 2020 |
CVE-2020-10135 | Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adjacent attacker could impersonate a Bluetooth BR/EDR master or slave to pair with a previously paired remote device to successfully complete the authentication procedure without knowing the link key. | MEDIUM | May 21, 2020 |
CVE-2020-1185 | An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka \'Windows State Repository Service Elevation of Privilege Vulnerability\'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1144, CVE-2020-1184, CVE-2020-1186, CVE-2020-1187, CVE-2020-1188, CVE-2020-1189, CVE-2020-1190, CVE-2020-1191. | MEDIUM | May 22, 2020 |
CVE-2020-1139 | An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka \'Windows Runtime Elevation of Privilege Vulnerability\'. This CVE ID is unique from CVE-2020-1077, CVE-2020-1086, CVE-2020-1090, CVE-2020-1125, CVE-2020-1149, CVE-2020-1151, CVE-2020-1155, CVE-2020-1156, CVE-2020-1157, CVE-2020-1158, CVE-2020-1164. | MEDIUM | May 22, 2020 |
CVE-2020-1056 | An elevation of privilege vulnerability exists when Microsoft Edge does not properly enforce cross-domain policies, which could allow an attacker to access information from one domain and inject it into another domain.In a web-based attack scenario, an attacker could host a website that is used to attempt to exploit the vulnerability, aka \'Microsoft Edge Elevation of Privilege Vulnerability\'. | MEDIUM | May 22, 2020 |
CVE-2020-1161 | A denial of service vulnerability exists when ASP.NET Core improperly handles web requests, aka \'ASP.NET Core Denial of Service Vulnerability\'. | MEDIUM | May 22, 2020 |
CVE-2020-1189 | An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka \'Windows State Repository Service Elevation of Privilege Vulnerability\'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1144, CVE-2020-1184, CVE-2020-1185, CVE-2020-1186, CVE-2020-1187, CVE-2020-1188, CVE-2020-1190, CVE-2020-1191. | MEDIUM | May 22, 2020 |
CVE-2020-1103 | An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF).When users are simultaneously logged in to Microsoft SharePoint Server and visit a malicious web page, the attacker can, through standard browser functionality, induce the browser to invoke search queries as the logged in user, aka \'Microsoft SharePoint Information Disclosure Vulnerability\'. | MEDIUM | May 22, 2020 |
CVE-2020-13143 | gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal \'\\0\' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. | MEDIUM | May 21, 2020 |
CVE-2020-11077 | In Puma (RubyGem) before 4.3.5 and 3.12.6, a client could smuggle a request through a proxy, causing the proxy to send a response back to another unknown client. If the proxy uses persistent connections and the client adds another request in via HTTP pipelining, the proxy may mistake it as the first request\'s body. Puma, however, would see it as two requests, and when processing the second request, send back a response that the proxy does not expect. If the proxy has reused the persistent connection to Puma to send another request for a different client, the second response from the first client will be sent to the second client. This is a similar but different vulnerability from CVE-2020-11076. The problem has been fixed in Puma 3.12.6 and Puma 4.3.5. | MEDIUM | May 22, 2020 |
CVE-2020-8034 | Gollem before 3.0.13, as used in Horde Groupware Webmail Edition 5.2.22 and other products, is affected by a reflected Cross-Site Scripting (XSS) vulnerability via the HTTP GET dir parameter in the browser functionality, affecting breadcrumb output. An attacker can obtain access to a victim\'s webmail account by making them visit a malicious URL. | MEDIUM | May 19, 2020 |
CVE-2020-10134 | Pairing in Bluetooth® Core v5.2 and earlier may permit an unauthenticated attacker to acquire credentials with two pairing devices via adjacent access when the unauthenticated user initiates different pairing methods in each peer device and an end-user erroneously completes both pairing procedures with the MITM using the confirmation number of one peer as the passkey of the other. An adjacent, unauthenticated attacker could be able to initiate any Bluetooth operation on either attacked device exposed by the enabled Bluetooth profiles. This exposure may be limited when the user must authorize certain access explicitly, but so long as a user assumes that it is the intended remote device requesting permissions, device-local protections may be weakened. | MEDIUM | May 21, 2020 |
CVE-2020-8021 | a Improper Access Control vulnerability in of Open Build Service allows remote attackers to read files of an OBS package where the sourceaccess/access is disabled This issue affects: Open Build Service versions prior to 2.10.5. | MEDIUM | May 21, 2020 |
CVE-2019-20797 | An issue was discovered in e6y prboom-plus 2.5.1.5. There is a buffer overflow in client and server code responsible for handling received UDP packets, as demonstrated by I_SendPacket or I_SendPacketTo in i_network.c. | MEDIUM | May 19, 2020 |
CVE-2020-6092 | An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects. A specially crafted PDF file can trigger an integer overflow that can lead to arbitrary code execution. In order to trigger this vulnerability, victim must open a malicious file. | MEDIUM | May 19, 2020 |
CVE-2020-1156 | An elevation of privilege vulnerability exists when the Windows Runtime improperly handles objects in memory, aka \'Windows Runtime Elevation of Privilege Vulnerability\'. This CVE ID is unique from CVE-2020-1077, CVE-2020-1086, CVE-2020-1090, CVE-2020-1125, CVE-2020-1139, CVE-2020-1149, CVE-2020-1151, CVE-2020-1155, CVE-2020-1157, CVE-2020-1158, CVE-2020-1164. | MEDIUM | May 22, 2020 |
CVE-2020-5579 | SQL injection vulnerability in the Paid Memberships versions prior to 2.3.3 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors. | MEDIUM | May 20, 2020 |
CVE-2020-5365 | Dell EMC Isilon versions 8.2.2 and earlier contain a remotesupport vulnerability. The pre-configured support account, remotesupport, is bundled in the Dell EMC Isilon OneFS installation. This account is used for diagnostics and other support functions. Although the default password is different for every cluster, it is predictable. | MEDIUM | May 21, 2020 |
CVE-2020-13435 | SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. | MEDIUM | May 24, 2020 |
CVE-2020-6457 | Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | MEDIUM | May 21, 2020 |
CVE-2020-6482 | Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. | MEDIUM | May 21, 2020 |
CVE-2020-1078 | An elevation of privilege vulnerability exists in Windows Installer because of the way Windows Installer handles certain filesystem operations.To exploit the vulnerability, an attacker would require unprivileged execution on the victim system, aka \'Windows Installer Elevation of Privilege Vulnerability\'. | MEDIUM | May 22, 2020 |
CVE-2019-19456 | A Reflected XSS was found in the server selection box inside the login page at: enginemanager/loginfailed.html in Wowza Streaming Engine <= 4.x.x. This issue was resolved in Wowza Streaming Engine 4.8.0. | MEDIUM | May 19, 2020 |
CVE-2020-1195 | An elevation of privilege vulnerability exists in Microsoft Edge (Chromium-based) when the Feedback extension improperly validates input, aka \'Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability\'. | MEDIUM | May 22, 2020 |
CVE-2020-1059 | A spoofing vulnerability exists when Microsoft Edge does not properly parse HTTP content, aka \'Microsoft Edge Spoofing Vulnerability\'. | MEDIUM | May 22, 2020 |
CVE-2020-9410 | The report generator component of TIBCO Software Inc.\'s TIBCO JasperReports Library, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO JasperReports Server, TIBCO JasperReports Server for AWS Marketplace, and TIBCO JasperReports Server for ActiveMatrix BPM contains a vulnerability that theoretically allows an attacker to exploit HTML injection to gain full control of a web interface containing the output of the report generator component with the privileges of any user that views the affected report(s). The attacker can theoretically exploit this vulnerability when other users view a maliciously generated report, where those reports use Fusion Charts and a data source with contents controlled by the attacker. Affected releases are TIBCO Software Inc.\'s TIBCO JasperReports Library: versions 7.1.1 and below, versions 7.2.0 and 7.2.1, version 7.3.0, version 7.5.0, TIBCO JasperReports Library for ActiveMatrix BPM: versions 7.1.1 and below, TIBCO JasperReports Server: versions 7.1.1 and below, version 7.2.0, version 7.5.0, TIBCO JasperReports Server for AWS Marketplace: versions 7.5.0 and below, and TIBCO JasperReports Server for ActiveMatrix BPM: versions 7.1.1 and below. | MEDIUM | May 21, 2020 |
CVE-2017-18868 | Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built. | MEDIUM | May 22, 2020 |
CVE-2020-11807 | Because of Unrestricted Upload of a File with a Dangerous Type, Sourcefabric Newscoop 4.4.7 allows an authenticated user to execute arbitrary PHP code (and sometimes terminal commands) on a server by making an avatar update and then visiting the avatar file under the /images/ path. | MEDIUM | May 20, 2020 |
CVE-2020-13425 | TrackR devices through 2020-05-06 allow attackers to trigger the Beep (aka alarm) feature, which will eventually cause a denial of service when battery capacity is exhausted. | MEDIUM | May 24, 2020 |
CVE-2020-13416 | An issue was discovered in Aviatrix Controller before 5.4.1066. A Controller Web Interface session token parameter is not required on an API call, which opens the application up to a Cross Site Request Forgery (CSRF) vulnerability for password resets. | MEDIUM | May 23, 2020 |
CVE-2020-13152 | A remote user can create a specially crafted M3U file, media playlist file that when loaded by the target user, will trigger a memory leak, whereby Amarok 2.8.0 continue to waste resources over time, eventually allows attackers to cause a denial of service. | MEDIUM | May 20, 2020 |
CVE-2020-1124 | An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka \'Windows State Repository Service Elevation of Privilege Vulnerability\'. This CVE ID is unique from CVE-2020-1131, CVE-2020-1134, CVE-2020-1144, CVE-2020-1184, CVE-2020-1185, CVE-2020-1186, CVE-2020-1187, CVE-2020-1188, CVE-2020-1189, CVE-2020-1190, CVE-2020-1191. | MEDIUM | May 22, 2020 |
CVE-2020-1024 | A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka \'Microsoft SharePoint Remote Code Execution Vulnerability\'. This CVE ID is unique from CVE-2020-1023, CVE-2020-1102. | MEDIUM | May 22, 2020 |
CVE-2020-10722 | A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption. | MEDIUM | May 23, 2020 |
CVE-2020-4411 | The Spectrum Scale 4.2.0.0 through 4.2.3.21 and 5.0.0.0 through 5.0.4.3 file system component is affected by a denial of service vulnerability in its kernel module that could allow an attacker to cause a denial of service condition on the affected system. To exploit this vulnerability, a local attacker could invoke a subset of ioctls on the Spectrum Scale device with non-valid arguments. This could allow the attacker to crash the kernel. IBM X-Force ID: 179986. | MEDIUM | May 19, 2020 |
CVE-2020-12397 | By encoding Unicode whitespace characters within the From email header, an attacker can spoof the sender email address that Thunderbird displays. This vulnerability affects Thunderbird < 68.8.0. | MEDIUM | May 22, 2020 |
CVE-2020-1191 | An elevation of privilege vulnerability exists when the Windows State Repository Service improperly handles objects in memory, aka \'Windows State Repository Service Elevation of Privilege Vulnerability\'. This CVE ID is unique from CVE-2020-1124, CVE-2020-1131, CVE-2020-1134, CVE-2020-1144, CVE-2020-1184, CVE-2020-1185, CVE-2020-1186, CVE-2020-1187, CVE-2020-1188, CVE-2020-1189, CVE-2020-1190. | MEDIUM | May 22, 2020 |