The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2020-8655 | An issue was discovered in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via a crafted NSE script for nmap 7. | HIGH | Feb 12, 2020 | n/a |
CVE-2020-8654 | An issue was discovered in EyesOfNetwork 5.3. An authenticated web user with sufficient privileges could abuse the AutoDiscovery module to run arbitrary OS commands via the /module/module_frame/index.php autodiscovery.php target field. | HIGH | Feb 11, 2020 | n/a |
CVE-2020-8649 | There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vgacon_invert_region function in drivers/video/console/vgacon.c. | LOW | Feb 6, 2020 | 10.18.44.16 (Wind River Linux LTS 18) |
CVE-2020-8648 | There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c. | LOW | Feb 6, 2020 | 10.18.44.15 (Wind River Linux LTS 18) |
CVE-2020-8647 | There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the vc_do_resize function in drivers/tty/vt/vt.c. | LOW | Feb 6, 2020 | 10.18.44.16 (Wind River Linux LTS 18) |
CVE-2020-8645 | An issue was discovered in Simplejobscript.com SJS through 1.66. There is an unauthenticated SQL injection via the job applications search function. The vulnerable parameter is job_id. The function is getJobApplicationsByJobId(). The file is _lib/class.JobApplication.php. | HIGH | Feb 12, 2020 | n/a |
CVE-2020-8644 | PlaySMS before 1.4.3 does not sanitize inputs from a malicious string. | HIGH | Feb 7, 2020 | n/a |
CVE-2020-8641 | Lotus Core CMS 1.0.1 allows authenticated Local File Inclusion of .php files via directory traversal in the index.php page_slug parameter. | MEDIUM | Feb 7, 2020 | n/a |
CVE-2020-8639 | An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. This allows an authenticated attacker to upload a malicious file (containing PHP code to execute operating system commands) to a publicly accessible directory of the application. | MEDIUM | Apr 6, 2020 | n/a |
CVE-2020-8638 | A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in planUrgency.php via the urgency parameter. | HIGH | Apr 6, 2020 | n/a |
CVE-2020-8637 | A SQL injection vulnerability in TestLink 1.9.20 allows attackers to execute arbitrary SQL commands in dragdroptreenodes.php via the node_id parameter. | HIGH | Apr 6, 2020 | n/a |
CVE-2020-8636 | An issue was discovered in OpServices OpMon 9.3.2 that allows Remote Code Execution . | HIGH | Feb 12, 2020 | n/a |
CVE-2020-8635 | Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on installation directories and configuration files. This allows local users to arbitrarily create FTP users with full privileges, and escalate privileges within the operating system by modifying system files. | HIGH | Mar 9, 2020 | n/a |
CVE-2020-8634 | Wing FTP Server v6.2.3 for Linux, macOS, and Solaris sets insecure permissions on files modified within the HTTP file management interface, resulting in files being saved with world-readable and world-writable permissions. If a sensitive system file were edited this way, a low-privilege user may escalate privileges to root. | HIGH | Mar 9, 2020 | n/a |
CVE-2020-8633 | An issue was discovered in Zimbra Collaboration Suite (ZCS) before 8.8.15 Patch 7. When grantors revoked a shared calendar in Outlook, the calendar stayed mounted and accessible. | MEDIUM | Feb 25, 2020 | n/a |
CVE-2020-8632 | In cloud-init through 19.4, rand_user_password in cloudinit/config/cc_set_passwords.py has a small default pwlen value, which makes it easier for attackers to guess passwords. | LOW | Feb 7, 2020 | n/a |
CVE-2020-8631 | cloud-init through 19.4 relies on Mersenne Twister for a random password, which makes it easier for attackers to predict passwords, because rand_str in cloudinit/util.py calls the random.choice function. | LOW | Feb 7, 2020 | n/a |
CVE-2020-8630 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019 | -- | Nov 7, 2023 | n/a |
CVE-2020-8629 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019 | -- | Nov 7, 2023 | n/a |
CVE-2020-8628 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019 | -- | Nov 7, 2023 | n/a |
CVE-2020-8627 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019 | -- | Nov 7, 2023 | n/a |
CVE-2020-8626 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019 | -- | Nov 7, 2023 | n/a |
CVE-2020-8625 | BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND\'s default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. Affects: BIND 9.5.0 -> 9.11.27, 9.12.0 -> 9.16.11, and versions BIND 9.11.3-S1 -> 9.11.27-S1 and 9.16.8-S1 -> 9.16.11-S1 of BIND Supported Preview Edition. Also release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch | MEDIUM | Feb 20, 2021 | 10.18.44.22 (Wind River Linux LTS 18) |
CVE-2020-8624 | In BIND 9.9.12 -> 9.9.13, 9.10.7 -> 9.10.8, 9.11.3 -> 9.11.21, 9.12.1 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.12-S1 -> 9.9.13-S1, 9.11.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker who has been granted privileges to change a specific subset of the zone\'s content could abuse these unintended additional privileges to update other contents of the zone. | MEDIUM | Aug 22, 2020 | 10.18.44.19 (Wind River Linux LTS 18) |
CVE-2020-8623 | In BIND 9.10.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.10.5-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker that can reach a vulnerable system with a specially crafted query packet can trigger a crash. To be vulnerable, the system must: * be running BIND that was built with --enable-native-pkcs11 * be signing one or more zones with an RSA key * be able to receive queries from a possible attacker | MEDIUM | Aug 22, 2020 | 10.18.44.19 (Wind River Linux LTS 18) |
CVE-2020-8622 | In BIND 9.0.0 -> 9.11.21, 9.12.0 -> 9.16.5, 9.17.0 -> 9.17.3, also affects 9.9.3-S1 -> 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that request, triggering an assertion failure, causing the server to exit. Alternately, an off-path attacker would have to correctly guess when a TSIG-signed request was sent, along with other characteristics of the packet and message, and spoof a truncated response to trigger an assertion failure, causing the server to exit. | MEDIUM | Aug 22, 2020 | 10.18.44.19 (Wind River Linux LTS 18) |
CVE-2020-8621 | In BIND 9.14.0 -> 9.16.5, 9.17.0 -> 9.17.3, If a server is configured with both QNAME minimization and \'forward first\' then an attacker who can send queries to it may be able to trigger the condition that will cause the server to crash. Servers that \'forward only\' are not affected. | MEDIUM | Aug 22, 2020 | n/a |
CVE-2020-8620 | In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing the server to exit. | MEDIUM | Aug 22, 2020 | n/a |
CVE-2020-8619 | In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk (*) character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable. | MEDIUM | Jun 18, 2020 | n/a |
CVE-2020-8618 | An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients. | MEDIUM | Jun 18, 2020 | n/a |
CVE-2020-8617 | Using a specially-crafted message, an attacker may potentially cause a BIND server to reach an inconsistent state if the attacker knows (or successfully guesses) the name of a TSIG key used by the server. Since BIND, by default, configures a local session key even on servers whose configuration does not otherwise make use of it, almost all current BIND servers are vulnerable. In releases of BIND dating from March 2018 and after, an assertion check in tsig.c detects this inconsistent state and deliberately exits. Prior to the introduction of the check the server would continue operating in an inconsistent state, with potentially harmful results. | MEDIUM | May 22, 2020 | 10.18.44.18 (Wind River Linux LTS 18) |
CVE-2020-8616 | A malicious actor who intentionally exploits this lack of effective limitation on the number of fetches performed when processing referrals can, through the use of specially crafted referrals, cause a recursing server to issue a very large number of fetches in an attempt to process the referral. This has at least two potential effects: The performance of the recursing server can potentially be degraded by the additional work required to perform these fetches, and The attacker can exploit this behavior to use the recursing server as a reflector in a reflection attack with a high amplification factor. | MEDIUM | May 22, 2020 | 10.18.44.18 (Wind River Linux LTS 18) |
CVE-2020-8615 | A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in an attacker approving themselves as an instructor and performing other malicious actions (such as blocking legitimate instructors). | LOW | Feb 6, 2020 | n/a |
CVE-2020-8614 | An issue was discovered on Askey AP4000W TDC_V1.01.003 devices. An attacker can perform Remote Code Execution (RCE) by sending a specially crafted network packer to the bd_svr service listening on TCP port 54188. | HIGH | Feb 13, 2020 | n/a |
CVE-2020-8612 | In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, a REST API endpoint failed to adequately sanitize malicious input, which could allow an authenticated attacker to execute arbitrary code in a victim\'s browser, aka XSS. | MEDIUM | Feb 14, 2020 | n/a |
CVE-2020-8611 | In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, multiple SQL Injection vulnerabilities have been found in the REST API that could allow an authenticated attacker to gain unauthorized access to MOVEit Transfer\'s database via the REST API. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or destroy database elements. | MEDIUM | Feb 14, 2020 | n/a |
CVE-2020-8608 | In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code. | HIGH | Feb 11, 2020 | n/a |
CVE-2020-8607 | An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator permissions to abuse the driver to modify a kernel address that may cause a system crash or potentially lead to code execution in kernel mode. An attacker must already have obtained administrator access on the target machine (either legitimately or via a separate unrelated attack) to exploit this vulnerability. | HIGH | Aug 5, 2020 | n/a |
CVE-2020-8606 | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to bypass authentication on affected installations of Trend Micro InterScan Web Security Virtual Appliance. | HIGH | May 28, 2020 | n/a |
CVE-2020-8605 | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations. Authentication is required to exploit this vulnerability. | MEDIUM | May 28, 2020 | n/a |
CVE-2020-8604 | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to disclose sensitive informatoin on affected installations. | MEDIUM | May 28, 2020 | n/a |
CVE-2020-8603 | A cross-site scripting vulnerability (XSS) in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow a remote attacker to tamper with the web interface of affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. | MEDIUM | May 28, 2020 | n/a |
CVE-2020-8602 | A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution. | MEDIUM | Aug 28, 2020 | n/a |
CVE-2020-8601 | Trend Micro Vulnerability Protection 2.0 is affected by a vulnerability that could allow an attack to use the product installer to load other DLL files located in the same directory. | MEDIUM | Feb 25, 2020 | n/a |
CVE-2020-8600 | Trend Micro Worry-Free Business Security (9.0, 9.5, 10.0) is affected by a directory traversal vulnerability that could allow an attacker to manipulate a key file to bypass authentication. | HIGH | Mar 18, 2020 | n/a |
CVE-2020-8599 | Trend Micro Apex One (2019) and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to exploit this vulnerability. | HIGH | Mar 19, 2020 | n/a |
CVE-2020-8598 | Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) server contains a vulnerable service DLL file that could allow a remote attacker to execute arbitrary code on affected installations with SYSTEM level privileges. Authentication is not required to exploit this vulnerability. | HIGH | Mar 19, 2020 | n/a |
CVE-2020-8597 | eap.c in pppd in ppp 2.4.2 through 2.4.8 has an rhostname buffer overflow in the eap_request and eap_response functions. | HIGH | Feb 9, 2020 | 10.18.44.14 (Wind River Linux LTS 18) |
CVE-2020-8596 | participants-database.php in the Participants Database plugin 1.9.5.5 and previous versions for WordPress has a time-based SQL injection vulnerability via the ascdesc, list_filter_count, or sortBy parameters. It is possible to exfiltrate data and potentially execute code (if certain conditions are met). | MEDIUM | Feb 11, 2020 | n/a |
CVE-2020-8595 | Istio versions 1.2.10 (End of Life) and prior, 1.3 through 1.3.7, and 1.4 through 1.4.3 allows authentication bypass. The Authentication Policy exact-path matching logic can allow unauthorized access to HTTP paths even if they are configured to be only accessed after presenting a valid JWT token. For example, an attacker can add a ? or # character to a URI that would otherwise satisfy an exact-path match. | HIGH | Feb 14, 2020 | n/a |