The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2020-14096 | Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen when the speaker verifying a malicious firmware during OTA process. | HIGH | Sep 11, 2020 | n/a |
CVE-2020-14095 | In Xiaomi router R3600, ROM version<1.0.20, a connect service suffers from an injection vulnerability through the web interface, leading to a stack overflow or remote code execution. | HIGH | Jun 24, 2020 | n/a |
CVE-2020-14094 | In Xiaomi router R3600, ROM version<1.0.20, the connection service can be injected through the web interface, resulting in stack overflow or remote code execution. | HIGH | Jun 24, 2020 | n/a |
CVE-2020-14093 | Mutt before 1.14.3 allows an IMAP fcc/postpone man-in-the-middle attack via a PREAUTH response. | MEDIUM | Jun 20, 2020 | n/a |
CVE-2020-14092 | The CodePeople Payment Form for PayPal Pro plugin before 1.1.65 for WordPress allows SQL Injection. | HIGH | Jul 2, 2020 | n/a |
CVE-2020-14081 | TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action send_log_email with the key auth_acname (or auth_passwd), allowing an authenticated user to run arbitrary commands on the device. | HIGH | Jun 17, 2020 | n/a |
CVE-2020-14080 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an unauthenticated user to execute arbitrary code by POSTing to apply_sec.cgi via the action ping_test with a sufficiently long ping_ipaddr key. | HIGH | Jun 17, 2020 | n/a |
CVE-2020-14079 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action auto_up_fw (or auto_up_lp) with a sufficiently long update_file_name key. | MEDIUM | Jun 17, 2020 | n/a |
CVE-2020-14078 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action wifi_captive_portal_login with a sufficiently long REMOTE_ADDR key. | MEDIUM | Jun 17, 2020 | n/a |
CVE-2020-14077 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action set_sta_enrollee_pin_wifi1 (or set_sta_enrollee_pin_wifi0) with a sufficiently long wps_sta_enrollee_pin key. | MEDIUM | Jun 17, 2020 | n/a |
CVE-2020-14076 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action st_dev_connect, st_dev_disconnect, or st_dev_rconnect with a sufficiently long wan_type key. | MEDIUM | Jun 17, 2020 | n/a |
CVE-2020-14075 | TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action pppoe_connect, ru_pppoe_connect, or dhcp_connect with the key wan_ifname (or wan0_dns), allowing an authenticated user to run arbitrary commands on the device. | HIGH | Jun 17, 2020 | n/a |
CVE-2020-14074 | TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action kick_ban_wifi_mac_allow with a sufficiently long qcawifi.wifi0_vap0.maclist key. | MEDIUM | Jun 16, 2020 | n/a |
CVE-2020-14073 | XSS exists in PRTG Network Monitor 20.1.56.1574 via crafted map properties. An attacker with Read/Write privileges can create a map, and then use the Map Designer Properties screen to insert JavaScript code. This can be exploited against any user with View Maps or Edit Maps access. | LOW | Jun 26, 2020 | n/a |
CVE-2020-14072 | An issue was discovered in MK-AUTH 19.01. It allows command execution as root via shell metacharacters to /auth admin scripts. | HIGH | Jul 2, 2020 | n/a |
CVE-2020-14071 | An issue was discovered in MK-AUTH 19.01. XSS vulnerabilities in admin and client scripts allow an attacker to execute arbitrary JavaScript code. | MEDIUM | Jul 2, 2020 | n/a |
CVE-2020-14070 | An issue was discovered in MK-AUTH 19.01. There is authentication bypass in the web login functionality because guessable credentials to admin/executar_login.php result in admin access. | HIGH | Jul 2, 2020 | n/a |
CVE-2020-14069 | An issue was discovered in MK-AUTH 19.01. There are SQL injection issues in mkt/ PHP scripts, as demonstrated by arp.php, dhcp.php, hotspot.php, ip.php, pgaviso.php, pgcorte.php, pppoe.php, queues.php, and wifi.php. | MEDIUM | Jul 2, 2020 | n/a |
CVE-2020-14068 | An issue was discovered in MK-AUTH 19.01. The web login functionality allows an attacker to bypass authentication and gain client privileges via SQL injection in central/executar_login.php. | HIGH | Jul 2, 2020 | n/a |
CVE-2020-14067 | The install_from_hash functionality in Navigate CMS 2.9 does not consider the .phtml extension when examining files within a ZIP archive that may contain PHP code, in check_upload in lib/packages/extensions/extension.class.php and lib/packages/themes/theme.class.php. | HIGH | Jun 17, 2020 | n/a |
CVE-2020-14066 | IceWarp Email Server 12.3.0.1 allows remote attackers to upload JavaScript files that are dangerous for clients to access. | MEDIUM | Jul 15, 2020 | n/a |
CVE-2020-14065 | IceWarp Email Server 12.3.0.1 allows remote attackers to upload files and consume disk space. | MEDIUM | Jul 15, 2020 | n/a |
CVE-2020-14064 | IceWarp Email Server 12.3.0.1 has Incorrect Access Control for user accounts. | MEDIUM | Jul 15, 2020 | n/a |
CVE-2020-14063 | A stored Cross-Site Scripting (XSS) vulnerability in the TC Custom JavaScript plugin before 1.2.2 for WordPress allows unauthenticated remote attackers to inject arbitrary JavaScript via the tccj-content parameter. This is displayed in the page footer of every front-end page and executed in the browser of visitors. | MEDIUM | Jul 23, 2020 | n/a |
CVE-2020-14062 | FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2). | MEDIUM | Jun 14, 2020 | n/a |
CVE-2020-14061 | FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms). | MEDIUM | Jun 14, 2020 | n/a |
CVE-2020-14060 | FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill). | MEDIUM | Jun 14, 2020 | n/a |
CVE-2020-14059 | An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list. | MEDIUM | Jun 30, 2020 | n/a |
CVE-2020-14058 | An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This occurs because unrecognized error values are mapped to NULL, but later code expects that each error value is mapped to a valid error string. | MEDIUM | Jun 30, 2020 | n/a |
CVE-2020-14057 | Monsta FTP 2.10.1 or below allows external control of paths used in filesystem operations. This allows attackers to read and write arbitrary local files, allowing an attacker to gain remote code execution in common deployments. | HIGH | Jul 1, 2020 | n/a |
CVE-2020-14056 | Monsta FTP 2.10.1 or below is prone to a server-side request forgery vulnerability due to insufficient restriction of the web fetch functionality. This allows attackers to read arbitrary local files and interact with arbitrary third-party services. | HIGH | Jul 1, 2020 | n/a |
CVE-2020-14055 | Monsta FTP 2.10.1 or below is prone to a stored cross-site scripting vulnerability in the language setting due to insufficient output encoding. | MEDIUM | Jul 1, 2020 | n/a |
CVE-2020-14054 | SOKKIA GNR5 Vanguard WEB version 1.2 (build: 91f2b2c3a04d203d79862f87e2440cb7cefc3cd3) and hardware version 212 allows remote attackers to bypass admin authentication via a SQL injection attack that uses the User Name or Password field on the login page. | HIGH | Jun 15, 2020 | n/a |
CVE-2020-14049 | Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this issue exists because of an incomplete fix for CVE-2019-12569. | MEDIUM | Jun 22, 2020 | n/a |
CVE-2020-14048 | Zoho ManageEngine ServiceDesk Plus before 11.1 build 11115 allows remote unauthenticated attackers to change the installation status of deployed agents. | MEDIUM | Jun 12, 2020 | n/a |
CVE-2020-14044 | ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Server-Side Request Forgery (SSRF) vulnerability was found in Codiad v1.7.8 and later. A user with admin privileges could use the plugin install feature to make the server request any URL via components/market/class.market.php. This could potentially result in remote code execution. NOTE: the vendor states Codiad is no longer under active maintenance by core contributors. | MEDIUM | Aug 24, 2020 | n/a |
CVE-2020-14043 | ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Side Request Forgery (CSRF) vulnerability was found in Codiad v1.7.8 and later. The request to download a plugin from the marketplace is only available to admin users and it isn\'t CSRF protected in components/market/controller.php. This might cause admins to make a vulnerable request without them knowing and result in remote code execution. NOTE: the vendor states Codiad is no longer under active maintenance by core contributors. | MEDIUM | Aug 24, 2020 | n/a |
CVE-2020-14042 | ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** A Cross Site Scripting (XSS) vulnerability was found in Codiad v1.7.8 and later. The vulnerability occurs because of improper sanitization of the folder\'s name $path variable in components/filemanager/class.filemanager.php. NOTE: the vendor states Codiad is no longer under active maintenance by core contributors. | MEDIUM | Aug 28, 2020 | n/a |
CVE-2020-14040 | The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String. | MEDIUM | Jun 17, 2020 | n/a |
CVE-2020-14039 | In Go before 1.13.13 and 1.14.x before 1.14.5, Certificate.Verify may lack a check on the VerifyOptions.KeyUsages EKU requirements (if VerifyOptions.Roots equals nil and the installation is on Windows). Thus, X.509 certificate verification is incomplete. | MEDIUM | Jul 17, 2020 | n/a |
CVE-2020-14034 | An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_get_codec_from_pt in utils.c has a Buffer Overflow via long value in an SDP Offer packet. | HIGH | Jun 18, 2020 | n/a |
CVE-2020-14033 | An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_streaming_rtsp_parse_sdp in plugins/janus_streaming.c has a Buffer Overflow via a crafted RTSP server. | HIGH | Jun 18, 2020 | n/a |
CVE-2020-14032 | ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM. | HIGH | Jul 23, 2021 | n/a |
CVE-2020-14031 | An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The outbox functionality of the TXT File module can be used to delete all/most files in a folder. Because the product usually runs as NT AUTHORITY\\SYSTEM, the only files that will not be deleted are those currently being run by the system and/or files that have special security attributes (e.g., Windows Defender files). | HIGH | Sep 26, 2020 | n/a |
CVE-2020-14030 | An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. It stores SMS messages in .NET serialized format on the filesystem. By generating (and writing to the disk) malicious .NET serialized files, an attacker can trick the product into deserializing them, resulting in arbitrary code execution. | MEDIUM | Oct 9, 2020 | n/a |
CVE-2020-14029 | An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The RSS To SMS module processes XML files in an unsafe manner. This opens the application to an XML External Entity attack that can be used to perform SSRF or read arbitrary local files. | MEDIUM | Sep 18, 2020 | n/a |
CVE-2020-14028 | An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. By leveraging a path traversal vulnerability in the Autoreply module\'s Script Name, an attacker may write to or overwrite arbitrary files, with arbitrary content, usually with NT AUTHORITY\\SYSTEM privileges. | HIGH | Sep 26, 2020 | n/a |
CVE-2020-14027 | An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The database connection strings accept custom unsafe arguments, such as ENABLE_LOCAL_INFILE, that can be leveraged by attackers to enable MySQL Load Data Local (rogue MySQL server) attacks. | LOW | Sep 26, 2020 | n/a |
CVE-2020-14026 | CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the Export Of Contacts feature in Ozeki NG SMS Gateway through 4.17.6 via a value that is mishandled in a CSV export. | HIGH | Sep 26, 2020 | n/a |
CVE-2020-14025 | Ozeki NG SMS Gateway through 4.17.6 has multiple CSRF vulnerabilities. For example, an administrator, by following a link, can be tricked into making unwanted changes such as installing new modules or changing a password. | MEDIUM | Sep 26, 2020 | n/a |