The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2020-15416 | This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the httpd service, which listens on TCP port 80 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9703. | HIGH | Jul 30, 2020 | n/a |
CVE-2020-15415 | On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via shell metacharacters in a filename when the text/x-python-script content type is used, a different issue than CVE-2020-14472. | HIGH | Jul 2, 2020 | n/a |
CVE-2020-15412 | An issue was discovered in MISP 2.4.128. app/Controller/EventsController.php lacks an event ACL check before proceeding to allow a user to send an event contact form. | MEDIUM | Jun 30, 2020 | n/a |
CVE-2020-15411 | An issue was discovered in MISP 2.4.128. app/Controller/AttributesController.php has insufficient ACL checks in the attachment downloader. | HIGH | Jun 30, 2020 | n/a |
CVE-2020-15408 | An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. An authenticated attacker can access the admin page console via the end-user web interface because of a rewrite. | MEDIUM | Jul 29, 2020 | n/a |
CVE-2020-15401 | IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain privileges for file deletion by manipulating malicious flagged file locations with an NTFS junction and an Object Manager symbolic link. | LOW | Jun 30, 2020 | n/a |
CVE-2020-15400 | CakePHP before 4.0.6 mishandles CSRF token generation. This might be remotely exploitable in conjunction with XSS. | MEDIUM | Jun 30, 2020 | n/a |
CVE-2020-15397 | HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uucp account). This allows these users to execute code in the context of the user calling these binaries (often root). | HIGH | Jun 30, 2020 | n/a |
CVE-2020-15396 | In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root. | HIGH | Jun 30, 2020 | n/a |
CVE-2020-15395 | In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing). | MEDIUM | Jul 2, 2020 | n/a |
CVE-2020-15394 | The REST API in Zoho ManageEngine Applications Manager before build 14740 allows an unauthenticated SQL Injection via a crafted request, leading to Remote Code Execution. | HIGH | Sep 25, 2020 | n/a |
CVE-2020-15393 | In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770. | LOW | Jul 2, 2020 | n/a |
CVE-2020-15392 | A user enumeration vulnerability flaw was found in Venki Supravizio BPM 10.1.2. This issue occurs during password recovery, where a difference in error messages could allow an attacker to determine if a username is valid or not, enabling a brute-force attack with valid usernames. | MEDIUM | Jul 7, 2020 | n/a |
CVE-2020-15391 | The UI in DevSpace 4.13.0 allows web sites to execute actions on pods (on behalf of a victim) because of a lack of authentication for the WebSocket protocol. This leads to remote code execution. | HIGH | Jul 27, 2020 | n/a |
CVE-2020-15390 | pyActivity in Pega Platform 8.4.0.237 has a security misconfiguration that leads to an improper access control vulnerability via =GetWebInfo. | HIGH | Apr 12, 2021 | n/a |
CVE-2020-15389 | jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice. | MEDIUM | Jun 30, 2020 | n/a |
CVE-2020-15388 | A vulnerability in the Brocade Fabric OS before Brocade Fabric OS v9.0.1a, v8.2.3, v8.2.0_CBN4, and v7.4.2h could allow an authenticated CLI user to abuse the history command to write arbitrary content to files. | MEDIUM | Mar 18, 2022 | n/a |
CVE-2020-15387 | The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to man-in-the-middle attacks and/or insecure SSH communications. | MEDIUM | Jun 9, 2021 | n/a |
CVE-2020-15386 | Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2.2d may observe high CPU load during security scanning, which could lead to a slower response to CLI commands and other operations. | MEDIUM | Jun 9, 2021 | n/a |
CVE-2020-15385 | Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission. As a result, users without permission can see folders, and hidden files, and can create directories without permission. | MEDIUM | Jun 11, 2021 | n/a |
CVE-2020-15384 | Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. Successful exploitation of internal server information in the initial login response header. | MEDIUM | Jun 11, 2021 | n/a |
CVE-2020-15383 | Running security scans against the SAN switch can cause config and secnotify processes within the firmware before Brocade Fabric OS v9.0.0, v8.2.2d and v8.2.1e to consume all memory leading to denial of service impacts possibly including a switch panic. | MEDIUM | Jun 9, 2021 | n/a |
CVE-2020-15382 | Brocade SANnav before version 2.1.1 uses a hard-coded administrator account with the weak password ‘passw0rd’ if a password is not provided for PostgreSQL at install-time. | MEDIUM | Jun 9, 2021 | n/a |
CVE-2020-15381 | Brocade SANnav before version 2.1.1 contains an Improper Authentication vulnerability that allows cleartext transmission of authentication credentials of the jmx server. | MEDIUM | Jun 15, 2021 | n/a |
CVE-2020-15380 | Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level. | MEDIUM | Jun 11, 2021 | n/a |
CVE-2020-15379 | Brocade SANnav before v.2.1.0a could allow remote attackers cause a denial-of-service condition due to a lack of proper validation, of the length of user-supplied data as name for custom field name. | MEDIUM | Jun 9, 2021 | n/a |
CVE-2020-15378 | The OVA version of Brocade SANnav before version 2.1.1 installation with IPv6 networking exposes the docker container ports to the network, increasing the potential attack surface. | MEDIUM | Jun 11, 2021 | n/a |
CVE-2020-15377 | Webtools in Brocade SANnav before version 2.1.1 allows unauthenticated users to make requests to arbitrary hosts due to a misconfiguration; this is commonly referred to as Server-Side Request Forgery (SSRF). | HIGH | Jun 11, 2021 | n/a |
CVE-2020-15376 | Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric mode contain a weakness in the ldap implementation that could allow a remote ldap user to login in the Brocade Fibre Channel SAN switch with user privileges if it is not associated with any groups. | MEDIUM | Dec 11, 2020 | n/a |
CVE-2020-15375 | Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked. The vulnerability could allow a local authenticated user to run arbitrary commands and perform escalation of privileges. | MEDIUM | Dec 11, 2020 | n/a |
CVE-2020-15374 | Rest API in Brocade Fabric OS v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c is vulnerable to multiple instances of reflected input. | HIGH | Sep 25, 2020 | n/a |
CVE-2020-15373 | Multiple buffer overflow vulnerabilities in REST API in Brocade Fabric OS versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c could allow remote unauthenticated attackers to perform various attacks. | HIGH | Sep 25, 2020 | n/a |
CVE-2020-15372 | A vulnerability in the command-line interface in Brocade Fabric OS before Brocade Fabric OS v8.2.2a1, 8.2.2c, v7.4.2g, v8.2.0_CBN3, v8.2.1e, v8.1.2k, v9.0.0, could allow a local authenticated attacker to modify shell variables, which may lead to an escalation of privileges or bypassing the logging. | LOW | Sep 25, 2020 | n/a |
CVE-2020-15371 | Brocade Fabric OS versions before Brocade Fabric OS v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, contains code injection and privilege escalation vulnerability. | HIGH | Sep 25, 2020 | n/a |
CVE-2020-15370 | Brocade Fabric OS versions before Brocade Fabric OS v7.4.2g could allow an authenticated, remote attacker to view a user password in cleartext. The vulnerability is due to incorrectly logging the user password in log files. | MEDIUM | Sep 25, 2020 | n/a |
CVE-2020-15369 | Supportlink CLI in Brocade Fabric OS Versions v8.2.1 through v8.2.1d, and 8.2.2 versions before v8.2.2c does not obfuscate the password field, which could expose users’ credentials of the remote server. An authenticated user could obtain the exposed password credentials to gain access to the remote host. | MEDIUM | Sep 25, 2020 | n/a |
CVE-2020-15368 | AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3. | LOW | Jun 30, 2020 | n/a |
CVE-2020-15367 | Venki Supravizio BPM 10.1.2 does not limit the number of authentication attempts. An unauthenticated user may exploit this vulnerability to launch a brute-force authentication attack against the Login page. | MEDIUM | Jul 7, 2020 | n/a |
CVE-2020-15366 | An issue was discovered in ajv.validate() in Ajv (aka Another JSON Schema Validator) 6.12.2. A carefully crafted JSON schema could be provided that allows execution of other code by prototype pollution. (While untrusted schemas are recommended against, the worst case of an untrusted schema should be a denial of service, not execution of code.) | MEDIUM | Jul 15, 2020 | n/a |
CVE-2020-15365 | LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds. | MEDIUM | Jun 28, 2020 | n/a |
CVE-2020-15364 | The Nexos theme through 1.7 for WordPress allows top-map/?search_location= reflected XSS. | MEDIUM | Jun 28, 2020 | n/a |
CVE-2020-15363 | The Nexos theme through 1.7 for WordPress allows side-map/?search_order= SQL Injection. | MEDIUM | Jun 28, 2020 | n/a |
CVE-2020-15362 | wifiscanner.js in thingsSDK WiFi Scanner 1.0.1 allows Code Injection because it can be used with options to overwrite the default executable/binary path and its arguments. An attacker can abuse this functionality to execute arbitrary code. | HIGH | Jul 6, 2020 | n/a |
CVE-2020-15360 | com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification. | MEDIUM | Jun 27, 2020 | n/a |
CVE-2020-15358 | In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation. | HIGH | Jun 27, 2020 | SR0660 (VxWorks 7) |
CVE-2020-15357 | Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and all prior versions allows remote attackers to execute arbitrary commands via a shell metacharacter in the ping, traceroute, or route options. | HIGH | Dec 11, 2020 | n/a |
CVE-2020-15356 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 | n/a |
CVE-2020-15355 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 | n/a |
CVE-2020-15354 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 | n/a |
CVE-2020-15352 | An XML external entity (XXE) vulnerability in Pulse Connect Secure (PCS) before 9.1R9 and Pulse Policy Secure (PPS) before 9.1R9 allows remote authenticated admins to conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. | MEDIUM | Oct 27, 2020 | n/a |