The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2020-13931 | If Apache TomEE 8.0.0-M1 - 8.0.3, 7.1.0 - 7.1.3, 7.0.0-M1 - 7.0.8, 1.0.0 - 1.7.5 is configured to use the embedded ActiveMQ broker, and the broker config is misconfigured, a JMX port is opened on TCP port 1099, which does not include authentication. CVE-2020-11969 previously addressed the creation of the JMX management interface, however the incomplete fix did not cover this edge case. | MEDIUM | Dec 18, 2020 | n/a |
CVE-2020-13929 | Authentication bypass vulnerability in Apache Zeppelin allows an attacker to bypass Zeppelin authentication mechanism to act as another user. This issue affects Apache Zeppelin Apache Zeppelin version 0.9.0 and prior versions. | MEDIUM | Sep 2, 2021 | n/a |
CVE-2020-13928 | Apache Atlas before 2.1.0 contain a XSS vulnerability. While saving search or rendering elements values are not sanitized correctly and because of that it triggers the XSS vulnerability. | MEDIUM | Sep 16, 2020 | n/a |
CVE-2020-13927 | The previous default setting for Airflow\'s Experimental API was to allow all API requests without authentication, but this poses security risks to users who miss this fact. From Airflow 1.10.11 the default has been changed to deny all requests by default and is documented at https://airflow.apache.org/docs/1.10.11/security.html#api-authentication. Note this change fixes it for new installs but existing users need to change their config to default `[api]auth_backend = airflow.api.auth.backend.deny_all` as mentioned in the Updating Guide: https://github.com/apache/airflow/blob/1.10.11/UPDATING.md#experimental-api-will-deny-all-request-by-default | HIGH | Nov 10, 2020 | n/a |
CVE-2020-13926 | Kylin concatenates and executes a Hive SQL in Hive CLI or beeline when building a new segment; some part of the HQL is from system configurations, while the configuration can be overwritten by certain rest api, which makes SQL injection attack is possible. Users of all previous versions after 2.0 should upgrade to 3.1.0. | HIGH | Jul 15, 2020 | n/a |
CVE-2020-13925 | Similar to CVE-2020-1956, Kylin has one more restful API which concatenates the API inputs into OS commands and then executes them on the server; while the reported API misses necessary input validation, which causes the hackers to have the possibility to execute OS command remotely. Users of all previous versions after 2.3 should upgrade to 3.1.0. | HIGH | Jul 15, 2020 | n/a |
CVE-2020-13924 | In Apache Ambari versions 2.6.2.2 and earlier, malicious users can construct file names for directory traversal and traverse to other directories to download files. | MEDIUM | Mar 17, 2021 | n/a |
CVE-2020-13923 | IDOR vulnerability in the order processing feature from ecommerce component of Apache OFBiz before 17.12.04 | MEDIUM | Jul 16, 2020 | n/a |
CVE-2020-13922 | Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary user under any tenant to override another users password through the API interface. | MEDIUM | Jan 14, 2021 | n/a |
CVE-2020-13921 | **Resolved** Only when using H2/MySQL/TiDB as Apache SkyWalking storage, there is a SQL injection vulnerability in the wildcard query cases. | HIGH | Aug 7, 2020 | n/a |
CVE-2020-13920 | Apache ActiveMQ uses LocateRegistry.createRegistry() to create the JMX RMI registry and binds the server to the jmxrmi entry. It is possible to connect to the registry without authentication and call the rebind method to rebind jmxrmi to something else. If an attacker creates another server to proxy the original, and bound that, he effectively becomes a man in the middle and is able to intercept the credentials when an user connects. Upgrade to Apache ActiveMQ 5.15.12. | MEDIUM | Sep 11, 2020 | n/a |
CVE-2020-13919 | emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to achieve command injection via a crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. | HIGH | Jul 28, 2020 | n/a |
CVE-2020-13918 | Incorrect access control in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to leak system information (that can be used for a jailbreak) via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. | MEDIUM | Jul 28, 2020 | n/a |
CVE-2020-13917 | rkscli in Ruckus Wireless Unleashed through 200.7.10.92 allows a remote attacker to achieve command injection and jailbreak the CLI via a crafted CLI command. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. | HIGH | Jul 28, 2020 | n/a |
CVE-2020-13916 | A stack buffer overflow in webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. | HIGH | Jul 28, 2020 | n/a |
CVE-2020-13915 | Insecure permissions in emfd/libemf in Ruckus Wireless Unleashed through 200.7.10.102.92 allow a remote attacker to overwrite admin credentials via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. | MEDIUM | Jul 28, 2020 | n/a |
CVE-2020-13914 | webs in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to cause a denial of service (Segmentation fault) to the webserver via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. | MEDIUM | Jul 29, 2020 | n/a |
CVE-2020-13913 | An XSS issue in emfd in Ruckus Wireless Unleashed through 200.7.10.102.92 allows a remote attacker to execute JavaScript code via an unauthenticated crafted HTTP request. This affects C110, E510, H320, H510, M510, R320, R310, R500, R510 R600, R610, R710, R720, R750, T300, T301n, T301s, T310c, T310d, T310n, T310s, T610, T710, and T710s devices. | MEDIUM | Jul 29, 2020 | n/a |
CVE-2020-13912 | SolarWinds Advanced Monitoring Agent before 10.8.9 allows local users to gain privileges via a Trojan horse .exe file, because everyone can write to a certain .exe file. | MEDIUM | Jun 7, 2020 | n/a |
CVE-2020-13911 | Your Online Shop 1.8.0 allows authenticated users to trigger XSS via a Change Name or Change Surname operation. | LOW | Jun 12, 2020 | n/a |
CVE-2020-13910 | Pengutronix Barebox through v2020.05.0 has an out-of-bounds read in nfs_read_reply in net/nfs.c because a field of an incoming network packet is directly used as a length field without any bounds check. | MEDIUM | Jun 7, 2020 | n/a |
CVE-2020-13909 | The Ignition component before 2.0.5 for Laravel mishandles globals, _get, _post, _cookie, and _env. NOTE: in the 1.x series, versions 1.16.15 and later are unaffected as a consequence of the CVE-2021-43996 fix. | HIGH | Jun 7, 2020 | n/a |
CVE-2020-13906 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038eb7. | MEDIUM | Jun 10, 2020 | n/a |
CVE-2020-13905 | IrfanView 4.54 allows a user-mode write access violation starting at FORMATS!GetPlugInInfo+0x0000000000038ed4. | MEDIUM | Jun 10, 2020 | n/a |
CVE-2020-13904 | FFmpeg 2.8 and 4.2.3 has a use-after-free via a crafted EXTINF duration in an m3u8 file because parse_playlist in libavformat/hls.c frees a pointer, and later that pointer is accessed in av_probe_input_format3 in libavformat/format.c. | MEDIUM | Jun 7, 2020 | n/a |
CVE-2020-13903 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-12254. Reason: This candidate is a reservation duplicate of CVE-2020-12254. Notes: All CVE users should reference CVE-2020-12254 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage | -- | Nov 7, 2023 | n/a |
CVE-2020-13902 | ImageMagick 7.0.9-27 through 7.0.10-17 has a heap-based buffer over-read in BlobToStringInfo in MagickCore/string.c during TIFF image decoding. | MEDIUM | Jun 7, 2020 | n/a |
CVE-2020-13901 | An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_merge in sdp.c has a stack-based buffer overflow. | HIGH | Jun 11, 2020 | n/a |
CVE-2020-13900 | An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_preparse in sdp.c has a NULL pointer dereference. | MEDIUM | Jun 11, 2020 | n/a |
CVE-2020-13899 | An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_process_incoming_request in janus.c discloses information from uninitialized stack memory. | MEDIUM | Jun 11, 2020 | n/a |
CVE-2020-13898 | An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_sdp_process in sdp.c has a NULL pointer dereference. | MEDIUM | Jun 11, 2020 | n/a |
CVE-2020-13897 | HESK before 3.1.10 allows reflected XSS. | MEDIUM | Jun 7, 2020 | n/a |
CVE-2020-13896 | The web interface of Maipu MP1800X-50 7.5.3.14(R) devices allows remote attackers to obtain sensitive information via the form/formDeviceVerGet URI, such as system id, hardware model, hardware version, bootloader version, software version, software image file, compilation time, and system uptime. This is similar to CVE-2019-1653. | MEDIUM | Jun 29, 2020 | n/a |
CVE-2020-13895 | Crypt::Perl::ECDSA in the Crypt::Perl (aka p5-Crypt-Perl) module before 0.32 for Perl fails to verify correct ECDSA signatures when r and s are small and when s = 1. This happens when using the curve secp256r1 (prime256v1). This could conceivably have a security-relevant impact if an attacker wishes to use public r and s values when guessing whether signature verification will fail. | MEDIUM | Jun 7, 2020 | n/a |
CVE-2020-13894 | handler/upload_handler.jsp in DEXT5 Editor through 3.5.1402961 allows an attacker to download arbitrary files via the savefilepath field. | MEDIUM | Jun 7, 2020 | n/a |
CVE-2020-13893 | Multiple stored cross-site scripting (XSS) vulnerabilities in Sage EasyPay 10.7.5.10 allow authenticated attackers to inject arbitrary web script or HTML via multiple parameters through Unicode Transformations (Best-fit Mapping), as demonstrated by the full-width variants of the less-than sign (%EF%BC%9C) and greater-than sign (%EF%BC%9E). | LOW | Oct 19, 2020 | n/a |
CVE-2020-13892 | The SportsPress plugin before 2.7.2 for WordPress allows XSS. | LOW | Jun 11, 2020 | n/a |
CVE-2020-13891 | An issue was discovered in Mattermost Mobile Apps before 1.31.2 on iOS. Unintended third-party servers could sometimes obtain authorization tokens, aka MMSA-2020-0022. | MEDIUM | Jun 26, 2020 | n/a |
CVE-2020-13890 | The Neon theme 2.0 before 2020-06-03 for Bootstrap allows XSS via an Add Task Input operation in a dashboard. | LOW | Jun 7, 2020 | n/a |
CVE-2020-13889 | showAlert() in the administration panel in Bludit 3.12.0 allows XSS. | LOW | Jun 7, 2020 | n/a |
CVE-2020-13888 | Kordil EDMS through 2.2.60rc3 allows stored XSS in users_edit.php, users_management_edit.php, and user_management.php. | LOW | Jun 26, 2020 | n/a |
CVE-2020-13887 | documents_add.php in Kordil EDMS through 2.2.60rc3 allows Remote Command Execution because .php files can be uploaded to the documents folder. | MEDIUM | Jun 22, 2020 | n/a |
CVE-2020-13886 | Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 devices allow cgi-bin/cgiServer.exx?page=../ Directory Traversal. | MEDIUM | Nov 27, 2020 | n/a |
CVE-2020-13885 | Citrix Workspace App before 1912 on Windows has Insecure Permissions which allows local users to gain privileges during the uninstallation of the application. | HIGH | Jun 8, 2020 | n/a |
CVE-2020-13884 | Citrix Workspace App before 1912 on Windows has Insecure Permissions and an Unquoted Path vulnerability which allows local users to gain privileges during the uninstallation of the application. | HIGH | Jun 8, 2020 | n/a |
CVE-2020-13883 | In WSO2 API Manager 3.0.0 and earlier, WSO2 API Microgateway 2.2.0, and WSO2 IS as Key Manager 5.9.0 and earlier, Management Console allows XXE during addition or update of a Lifecycle. | MEDIUM | Jun 7, 2020 | n/a |
CVE-2020-13882 | CISOfy Lynis before 3.0.0 has Incorrect Access Control because of a TOCTOU race condition. The routine to check the log and report file permissions was not working as intended and could be bypassed locally. Because of the race, an unprivileged attacker can set up a log and report file, and control that up to the point where the specific routine is doing its check. After that, the file can be removed, recreated, and used for additional attacks. | LOW | Jun 18, 2020 | n/a |
CVE-2020-13881 | In support.c in pam_tacplus 1.3.8 through 1.5.1, the TACACS+ shared secret gets logged via syslog if the DEBUG loglevel and journald are used. | MEDIUM | Jun 8, 2020 | n/a |
CVE-2020-13880 | IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+1cbf heap-based out-of-bounds write. | -- | Jan 5, 2024 | n/a |
CVE-2020-13879 | IrfanView B3D PlugIns before version 4.56 has a B3d.dll!+214f heap-based out-of-bounds write. | -- | Jan 5, 2024 | n/a |