CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 3 and 3.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
601 CVE-2020-28141 79 XSS 2021-04-19 2021-04-23
3.5
None Remote Medium ??? None Partial None
The messaging subsystem in the Online Discussion Forum 1.0 is vulnerable to XSS in the message body. An authenticated user can send messages to arbitrary users on the system that include javascript that will execute when viewing the messages page.
602 CVE-2020-28124 79 XSS 2021-04-14 2021-04-19
3.5
None Remote Medium ??? None Partial None
Cross Site Scripting (XSS) in LavaLite 5.8.0 via the Address field.
603 CVE-2020-28071 79 XSS 2020-12-23 2020-12-23
3.5
None Remote Medium ??? None Partial None
SourceCodester Alumni Management System 1.0 is affected by cross-site Scripting (XSS) in /admin/gallery.php. After the admin authentication an attacker can upload an image in the gallery using a XSS payload in the description textarea called 'about' and reach a stored XSS.
604 CVE-2020-28049 362 2020-11-04 2021-01-28
3.3
None Local Medium Not required Partial Partial None
An issue was discovered in SDDM before 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display contents and, for example, intercept keystrokes or access the clipboard. This is caused by a race condition during Xauthority file creation.
605 CVE-2020-28047 79 XSS 2020-11-05 2020-11-10
3.5
None Remote Medium ??? None Partial None
AudimexEE before 14.1.1 is vulnerable to Reflected XSS (Cross-Site-Scripting). If the recommended security configuration parameter "unique_error_numbers" is not set, remote attackers can inject arbitrary web script or HTML via 'action, cargo, panel' parameters that can lead to data leakage.
606 CVE-2020-28005 120 DoS Overflow 2020-11-18 2020-12-01
3.5
None Remote Medium ??? None None Partial
httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the /admin/syslog endpoint. Fixed version: TL-WPA4220(EU)_V4_201023
607 CVE-2020-28001 79 XSS 2021-02-03 2021-02-25
3.5
None Remote Medium ??? None Partial None
SolarWinds Serv-U before 15.2.2 allows Authenticated Stored XSS.
608 CVE-2020-27991 79 XSS 2020-11-16 2020-11-17
3.5
None Remote Medium ??? None Partial None
Nagios XI before 5.7.5 is vulnerable to XSS in Account Information (Email field).
609 CVE-2020-27990 79 XSS 2020-11-16 2020-11-17
3.5
None Remote Medium ??? None Partial None
Nagios XI before 5.7.5 is vulnerable to XSS in the Deployment tool (add agent).
610 CVE-2020-27989 79 XSS 2020-11-16 2020-11-17
3.5
None Remote Medium ??? None Partial None
Nagios XI before 5.7.5 is vulnerable to XSS in Dashboard Tools (Edit Dashboard).
611 CVE-2020-27988 79 XSS 2020-11-16 2020-11-17
3.5
None Remote Medium ??? None Partial None
Nagios XI before 5.7.5 is vulnerable to XSS in Manage Users (Username field).
612 CVE-2020-27980 79 XSS 2020-10-28 2020-11-04
3.5
None Remote Medium ??? None Partial None
Genexis Platinum-4410 P4410-V2-1.28 devices allow stored XSS in the WLAN SSID parameter. This could allow an attacker to perform malicious actions in which the XSS popup will affect all privileged users.
613 CVE-2020-27957 79 XSS 2020-10-28 2020-11-04
3.5
None Remote Medium ??? None Partial None
The RandomGameUnit extension for MediaWiki through 1.35 was not properly escaping various title-related data. When certain varieties of games were created within MediaWiki, their names or titles could be manipulated to generate stored XSS within the RandomGameUnit extension.
614 CVE-2020-27873 863 2021-02-04 2021-02-08
3.3
None Local Network Low Not required Partial None None
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR R7450 1.2.0.62_1.0.1 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SOAP API endpoint, which listens on TCP port 80 by default. The issue results from the lack of proper access control. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-11559.
615 CVE-2020-27863 288 2021-02-12 2021-04-23
3.3
None Local Network Low Not required Partial None None
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DVA-2800 and DSL-2888A routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the dhttpd service, which listens on TCP port 8008 by default. The issue results from incorrect string matching logic when accessing protected pages. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-10912.
616 CVE-2020-27852 79 XSS 2021-01-20 2021-01-22
3.5
None Remote Medium ??? None Partial None
A stored Cross-Site Scripting (XSS) vulnerability in the survey feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via a textarea field. This code is interpreted by users in a privileged role (Administrator, Editor, etc.).
617 CVE-2020-27851 79 XSS 2021-01-20 2021-01-22
3.5
None Remote Medium ??? None Partial None
Multiple stored HTML injection vulnerabilities in the "poll" and "quiz" features in an additional paid add-on of Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary HTML code via poll or quiz answers. This code is interpreted by users in a privileged role (Administrator, Editor, etc.).
618 CVE-2020-27850 79 XSS 2021-01-20 2021-01-22
3.5
None Remote Medium ??? None Partial None
A stored Cross-Site Scripting (XSS) vulnerability in forms import feature in Rocketgenius Gravity Forms before 2.4.21 allows remote attackers to inject arbitrary web script or HTML via the import of a GF form. This code is interpreted by users in a privileged role (Administrator, Editor, etc.).
619 CVE-2020-27839 522 XSS 2021-05-26 2021-06-03
3.5
None Remote Medium ??? None Partial None
A flaw was found in ceph-dashboard. The JSON Web Token (JWT) used for user authentication is stored by the frontend application in the browser’s localStorage which is potentially vulnerable to attackers via XSS attacks. The highest threat from this vulnerability is to data confidentiality and integrity.
620 CVE-2020-27781 522 2020-12-18 2021-06-03
3.6
None Local Low Not required Partial Partial None
User credentials can be manipulated and stolen by Native CephFS consumers of OpenStack Manila, resulting in potential privilege escalation. An Open Stack Manila user can request access to a share to an arbitrary cephx user, including existing users. The access key is retrieved via the interface drivers. Then, all users of the requesting OpenStack project can view the access key. This enables the attacker to target any resource that the user has access to. This can be done to even "admin" users, compromising the ceph administrator. This flaw affects Ceph versions prior to 14.2.16, 15.x prior to 15.2.8, and 16.x prior to 16.2.0.
621 CVE-2020-27725 772 2020-12-24 2020-12-28
3.5
None Remote Medium ??? None None Partial
In version 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 of BIG-IP DNS, GTM, and Link Controller, zxfrd leaks memory when listing DNS zones. Zones can be listed via TMSH, iControl or SNMP; only users with access to those services can trigger this vulnerability.
622 CVE-2020-27722 400 2020-12-24 2020-12-28
3.5
None Remote Medium ??? None None Partial
In BIG-IP APM versions 15.0.0-15.0.1.3, 14.1.0-14.1.3, and 13.1.0-13.1.3.4, under certain conditions, the VDI plugin does not observe plugin flow-control protocol causing excessive resource consumption.
623 CVE-2020-27666 79 XSS 2020-10-22 2020-10-27
3.5
None Remote Medium ??? None Partial None
Strapi before 3.2.5 has stored XSS in the wysiwyg editor's preview feature.
624 CVE-2020-27659 79 XSS 2020-11-30 2020-12-22
3.5
None Remote Medium ??? None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) profile parameter.
625 CVE-2020-27576 79 XSS 2021-03-08 2021-03-11
3.5
None Remote Medium ??? None Partial None
Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XSS). Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability.
626 CVE-2020-27533 79 XSS 2020-10-22 2020-11-02
3.5
None Remote Medium ??? None Partial None
A Cross Site Scripting (XSS) issue was discovered in the search feature of DedeCMS v.5.8 that allows malicious users to inject code into web pages, and other users will be affected when viewing web pages.
627 CVE-2020-27403 2020-11-10 2020-12-08
3.3
None Local Network Low Not required Partial None None
A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01-LF1 V373 and below by TCL Technology Group Corporation allows an attacker on the adjacent network to arbitrarily browse and download sensitive files over an insecure web server running on port 7989 that lists all files & directories. An unprivileged remote attacker on the adjacent network, can download most system files, leading to serious critical information disclosure. Also, some TV models and/or FW versions may expose the webserver with the entire filesystem accessible on another port. For example, nmap scan for all ports run directly from the TV model U43P6046 (Android 8.0) showed port 7983 not mentioned in the original CVE description, but containing the same directory listing of the entire filesystem. This webserver is bound (at least) to localhost interface and accessible freely to all unprivileged installed apps on the Android such as a regular web browser. Any app can therefore read any files of any other apps including Android system settings including sensitive data such as saved passwords, private keys etc.
628 CVE-2020-27388 79 XSS 2020-10-23 2020-10-28
3.5
None Remote Medium ??? None Partial None
Multiple Stored Cross Site Scripting (XSS) vulnerabilities exist in the YOURLS Admin Panel, Versions 1.5 - 1.7.10. An authenticated user must modify a PHP plugin with a malicious payload and upload it, resulting in multiple stored XSS issues.
629 CVE-2020-27377 79 XSS 2021-06-01 2021-06-09
3.5
None Remote Medium ??? None Partial None
A cross-site scripting (XSS) vulnerability was discovered in the Administrator panel on the 'Setting News' module on CMS Made Simple 2.2.14 which allows an attacker to execute arbitrary web scripts.
630 CVE-2020-27359 79 XSS 2020-11-02 2020-11-04
3.5
None Remote Medium ??? None Partial None
A cross-site scripting (XSS) issue in REDCap 8.11.6 through 9.x before 10 allows attackers to inject arbitrary JavaScript or HTML in the Messenger feature. It was found that the filename of the image or file attached in a message could be used to perform this XSS attack. A user could craft a message and send it to anyone on the platform including admins. The XSS payload would execute on the other account without interaction from the user on several pages.
631 CVE-2020-27298 78 2021-01-26 2021-02-02
3.3
None Local Network Low Not required None None Partial
Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), ViewForum (Release 6.3V1L10). The software constructs all or part of an OS command using externally influenced input from an upstream component but does not neutralize or incorrectly neutralizes special elements that could modify the intended OS command when sent to a downstream component.
632 CVE-2020-27278 798 2021-03-15 2021-03-22
3.6
None Local Low Not required Partial Partial None
In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, hard-coded credentials in the ventilator allow attackers with physical access to obtain admin privileges for the device’s configuration interface.
633 CVE-2020-27268 269 Bypass 2021-01-19 2021-01-22
3.3
None Local Network Low Not required Partial None None
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically proximate attackers to bypass checks for default PINs via Bluetooth Low Energy.
634 CVE-2020-27266 269 Bypass 2021-01-19 2021-01-22
3.3
None Local Network Low Not required Partial None None
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a client-side control vulnerability in the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows physically proximate attackers to bypass user authentication checks via Bluetooth Low Energy.
635 CVE-2020-27264 330 2021-01-19 2021-01-22
3.3
None Local Network Low Not required Partial None None
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications use deterministic keys, which allows unauthenticated, physically proximate attackers to brute-force the keys via Bluetooth Low Energy.
636 CVE-2020-27262 79 XSS 2021-01-08 2021-01-14
3.5
None Remote Medium ??? None Partial None
Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7.15 A stored cross-site scripting (XSS) vulnerability exists in the affected products that allow an attacker to inject arbitrary web script or HTML via the filename parameter to multiple update endpoints of the administrative web interface.
637 CVE-2020-27258 522 2021-01-19 2021-01-22
3.3
None Local Network Low Not required Partial None None
In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, an information disclosure vulnerability in the communication protocol of the insulin pump and its AnyDana-i and AnyDana-A mobile applications allows unauthenticated attackers to extract the pump’s keypad lock PIN via Bluetooth Low Energy.
638 CVE-2020-27211 74 Bypass 2021-05-21 2021-06-08
3.3
None Local Medium Not required Partial Partial None
Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against physical side channels. The flash read-out protection (APPROTECT) can be bypassed by injecting a fault during the boot phase.
639 CVE-2020-27171 193 +Info 2021-03-20 2021-04-08
3.6
None Local Low Not required Partial None Partial
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-10d2bb2e6b1d.
640 CVE-2020-27013 Exec Code 2020-10-14 2020-10-26
3.6
None Local Low Not required Partial Partial None
Trend Micro Antivirus for Mac 2020 (Consumer) contains a vulnerability in the product that occurs when a webserver is started that implements an API with several properties that can be read and written to allowing the attacker to gather and modify sensitive product and user data. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
641 CVE-2020-27010 79 XSS 2020-12-17 2020-12-21
3.5
None Remote Medium ??? None Partial None
A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product in a manner separate from the similar CVE-2020-8462.
642 CVE-2020-27002 125 2021-02-09 2021-05-19
3.6
None Local Low Not required Partial Partial None
A vulnerability has been identified in JT2Go (All versions < V13.1.0.2), Teamcenter Visualization (All versions < V13.1.0.2). Affected applications lack proper validation of user-supplied data when parsing of PAR files. This could result in a memory access past the end of an allocated buffer. An attacker could leverage this vulnerability to access data in the context of the current process. (ZDI-CAN-12043)
643 CVE-2020-26941 276 2021-01-26 2021-02-02
3.6
None Local Low Not required None Partial Partial
A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The possibility of exploiting this vulnerability is limited and can only take place during the installation phase of ESET products. Furthermore, exploitation can only succeed when Self-Defense is disabled. Affected products are: ESET NOD32 Antivirus, ESET Internet Security, ESET Smart Security, ESET Smart Security Premium versions 13.2 and lower; ESET Endpoint Antivirus, ESET Endpoint Security, ESET NOD32 Antivirus Business Edition, ESET Smart Security Business Edition versions 7.3 and lower; ESET File Security for Microsoft Windows Server, ESET Mail Security for Microsoft Exchange Server, ESET Mail Security for IBM Domino, ESET Security for Kerio, ESET Security for Microsoft SharePoint Server versions 7.2 and lower.
644 CVE-2020-26933 665 2020-11-18 2020-12-07
3.6
None Local Low Not required Partial Partial None
Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses USE_DA_USED. Improper initialization of this shut-down may result in susceptibility to a dictionary attack.
645 CVE-2020-26931 200 +Info 2020-10-09 2020-10-16
3.3
None Local Network Low Not required Partial None None
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24.
646 CVE-2020-26924 200 +Info 2020-10-09 2020-10-19
3.3
None Local Network Low Not required Partial None None
Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WAC720 before 3.9.1.13 and WAC730 before 3.9.1.13.
647 CVE-2020-26923 79 XSS 2020-10-09 2020-10-15
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24.
648 CVE-2020-26918 79 XSS 2020-10-09 2020-10-19
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects EX7000 before 1.0.1.78, R6250 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R6700v3 before 1.0.2.66, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R8300 before 1.0.2.128, and R8500 before 1.0.2.128.
649 CVE-2020-26917 79 XSS 2020-10-09 2020-10-16
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects EX7000 before 1.0.1.78, R6250 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.66, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7900 before 1.0.3.8, R8300 before 1.0.2.128, and R8500 before 1.0.2.128.
650 CVE-2020-26915 79 XSS 2020-10-09 2020-10-16
3.5
None Remote Medium ??? None Partial None
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0.0.78, RBK50 before 2.3.5.30, RBR50 before 2.3.5.30, RBS50 before 2.3.5.30, XR500 before 2.3.2.56, and XR700 before 1.0.1.10.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.