CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
701 CVE-2020-13463 755 2020-08-31 2020-09-10
2.1
None Local Low Not required Partial None None
The flash memory readout protection in Apex Microelectronics APM32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling.
702 CVE-2020-13462 2021-02-09 2021-03-08
2.7
None Local Network Low ??? Partial None None
Insecure Direct Object Reference (IDOR) exists in Tufin SecureChange, affecting all versions prior to R20-2 GA. Fixed in version R20-2 GA.
703 CVE-2020-13435 476 2020-05-24 2021-06-14
2.1
None Local Low Not required None None Partial
SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
704 CVE-2020-13434 190 Overflow 2020-05-24 2021-06-14
2.1
None Local Low Not required None None Partial
SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
705 CVE-2020-13409 79 +Priv XSS 2021-02-09 2021-03-08
2.3
None Local Network Medium ??? None Partial None
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users). Both stored, and reflected payloads are triggerable by admin, so malicious non-authenticated user could get admin level access. Even malicious low-privileged user can inject XSS, which can be executed by admin, potentially elevating privileges and obtaining admin access. (issue 3 of 3)
706 CVE-2020-13408 79 +Priv XSS 2021-02-09 2021-03-08
2.3
None Local Network Medium ??? None Partial None
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users). Both stored, and reflected payloads are triggerable by admin, so malicious non-authenticated user could get admin level access. Even malicious low-privileged user can inject XSS, which can be executed by admin, potentially elevating privileges and obtaining admin access. (issue 2 of 3)
707 CVE-2020-13407 79 +Priv XSS 2021-02-09 2021-03-08
2.3
None Local Network Medium ??? None Partial None
Tufin SecureTrack < R20-2 GA contains reflected + stored XSS (as in, the value is reflected back to the user, but is also stored within the DB and can be later triggered again by the same victim, or also later by different users). Both stored, and reflected payloads are triggerable by admin, so malicious non-authenticated user could get admin level access. Even malicious low-privileged user can inject XSS, which can be executed by admin, potentially elevating privileges and obtaining admin access. (issue 1 of 3)
708 CVE-2020-13397 125 2020-05-22 2020-11-09
2.1
None Local Low Not required Partial None None
An issue was discovered in FreeRDP before 2.1.1. An out-of-bounds (OOB) read vulnerability has been detected in security_fips_decrypt in libfreerdp/core/security.c due to an uninitialized value.
709 CVE-2020-13362 125 2020-05-28 2020-11-11
2.1
None Local Low Not required None None Partial
In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user.
710 CVE-2020-13358 863 2020-11-17 2020-11-28
2.1
None Local Low Not required Partial None None
A vulnerability in the internal Kubernetes agent api in GitLab CE/EE version 13.3 and above allows unauthorized access to private projects. Affected versions are: >=13.4, <13.4.5,>=13.3, <13.3.9,>=13.5, <13.5.2.
711 CVE-2020-13353 613 2020-11-17 2020-11-28
2.1
None Local Low Not required Partial None None
When importing repos via URL, one time use git credentials were persisted beyond the expected time window in Gitaly 1.79.0 or above. Affected versions are: >=1.79.0, <13.3.9,>=13.4, <13.4.5,>=13.5, <13.5.2.
712 CVE-2020-13344 200 +Info 2020-10-08 2020-10-16
2.1
None Local Low Not required Partial None None
An issue has been discovered in GitLab affecting all versions prior to 13.2.10, 13.3.7 and 13.4.2. Sessions keys are stored in plain-text in Redis which allows attacker with Redis access to authenticate as any user that has a session stored in Redis
713 CVE-2020-13253 125 2020-05-27 2020-12-14
2.1
None Local Low Not required None None Partial
sd_wp_addr in hw/sd/sd.c in QEMU 4.2.0 uses an unvalidated address, which leads to an out-of-bounds read during sdhci_write() operations. A guest OS user can crash the QEMU process.
714 CVE-2020-13186 352 CSRF 2021-02-11 2021-02-22
2.6
None Remote High Not required None Partial None
An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link.
715 CVE-2020-13179 200 +Info 2020-08-11 2020-08-13
2.1
None Local Low Not required Partial None None
Broker Protocol messages in Teradici PCoIP Standard Agent for Windows and Graphics Agent for Windows prior to 20.04.1 are not cleaned up in server memory, which may allow an attacker to read confidential information from a memory dump via forcing a crashing during the single sign-on procedure.
716 CVE-2020-13132 327 DoS 2020-07-09 2020-07-16
2.1
None Local Low Not required None None Partial
An issue was discovered in Yubico libykpiv before 2.1.0. An attacker can trigger an incorrect free() in the ykpiv_util_generate_key() function in lib/util.c through incorrect error handling code. This could be used to cause a denial of service attack.
717 CVE-2020-12912 203 2020-11-12 2020-12-03
2.1
None Local Low Not required Partial None None
A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to use the Linux-based Running Average Power Limit (RAPL) interface to show various side channel attacks. In line with industry partners, AMD has updated the RAPL interface to require privileged access.
718 CVE-2020-12880 200 +Info 2020-07-27 2020-07-30
2.1
None Local Low Not required Partial None None
An issue was discovered in Pulse Policy Secure (PPS) and Pulse Connect Secure (PCS) Virtual Appliance before 9.1R8. By manipulating a certain kernel boot parameter, it can be tricked into dropping into a root shell in a pre-install phase where the entire source code of the appliance is available and can be retrieved. (The source code is otherwise inaccessible because the appliance has its hard disks encrypted, and no root shell is available during normal operation.)
719 CVE-2020-12872 326 2020-05-15 2020-09-14
2.1
None Local Low Not required Partial None None
yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP virtual machine with a version less than 21.0.
720 CVE-2020-12867 476 DoS 2020-06-01 2020-11-02
2.1
None Local Low Not required None None Partial
A NULL pointer dereference in sanei_epson_net_read in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, aka GHSL-2020-075.
721 CVE-2020-12866 476 DoS 2020-06-24 2020-11-02
2.7
None Local Network Low ??? None None Partial
A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079.
722 CVE-2020-12829 190 DoS Overflow 2020-08-31 2020-12-14
2.1
None Local Low Not required None None Partial
In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the COPY_AREA macro while handling MMIO write operations through the sm501_2d_engine_write() callback. A local attacker could abuse this flaw to crash the QEMU process in sm501_2d_operation() in hw/display/sm501.c on the host, resulting in a denial of service.
723 CVE-2020-12768 772 2020-05-09 2020-07-15
2.1
None Local Low Not required None None Partial
** DISPUTED ** An issue was discovered in the Linux kernel before 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak, aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it's a one-time leak at the boot, the size is negligible, and it can't be triggered at will.
724 CVE-2020-12767 369 2020-05-09 2020-07-27
2.1
None Local Low Not required None None Partial
exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-by-zero error.
725 CVE-2020-12755 200 +Info 2020-05-09 2020-05-13
2.1
None Local Low Not required Partial None None
fishProtocol::establishConnection in fish/fish.cpp in KDE kio-extras through 20.04.0 makes a cacheAuthentication call even if the user had not set the keepPassword option. This may lead to unintended KWallet storage of a password.
726 CVE-2020-12702 326 2021-02-24 2021-03-03
2.1
None Local Low Not required Partial None None
Weak encryption in the Quick Pairing mode in the eWeLink mobile application (Android application V4.9.2 and earlier, iOS application V4.9.1 and earlier) allows physically proximate attackers to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the Wi-Fi spectrum during the pairing process.
727 CVE-2020-12680 522 2020-05-08 2020-05-18
2.1
None Local Low Not required Partial None None
** DISPUTED ** Avira Free Antivirus through 15.0.2005.1866 allows local users to discover user credentials. The functions of the executable file Avira.PWM.NativeMessaging.exe are aimed at collecting credentials stored in Chrome, Firefox, Opera, and Edge. The executable does not verify the calling program and thus a request such as fetchChromePasswords or fetchCredentials will succeed. NOTE: some third parties have stated that this is "not a vulnerability."
728 CVE-2020-12656 772 2020-05-05 2020-09-15
2.1
None Local Low Not required None None Partial
** DISPUTED ** gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: This was disputed with the assertion that the issue does not grant any access not already available. It is a problem that on unloading a specific kernel module some memory is leaked, but loading kernel modules is a privileged operation. A user could also write a kernel module to consume any amount of memory they like and load that replicating the effect of this bug.
729 CVE-2020-12655 400 2020-05-05 2020-11-02
2.1
None Local Low Not required None None Partial
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.
730 CVE-2020-12475 22 Dir. Trav. 2020-05-04 2020-05-08
2.1
None Local Low Not required Partial None None
TP-Link Omada Controller Software 3.2.6 allows Directory Traversal for reading arbitrary files via com.tp_link.eap.web.portal.PortalController.getAdvertiseFile in /opt/tplink/EAPController/lib/eap-web-3.2.6.jar.
731 CVE-2020-12459 200 +Info 2020-04-29 2020-05-18
2.1
None Local Low Not required Partial None None
In certain Red Hat packages for Grafana 6.x through 6.3.6, the configuration files /etc/grafana/grafana.ini and /etc/grafana/ldap.toml (which contain a secret_key and a bind_password) are world readable.
732 CVE-2020-12458 312 2020-04-29 2020-05-18
2.1
None Local Low Not required Partial None None
An information-disclosure flaw was found in Grafana through 6.7.3. The database directory /var/lib/grafana and database file /var/lib/grafana/grafana.db are world readable. This can result in exposure of sensitive information (e.g., cleartext or encrypted datasource passwords).
733 CVE-2020-12407 200 +Info 2020-07-09 2020-07-13
2.6
None Remote High Not required Partial None None
Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content. This vulnerability affects Firefox < 77.
734 CVE-2020-12405 416 2020-07-09 2020-07-22
2.6
None Remote High Not required None None Partial
When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
735 CVE-2020-12394 20 2020-05-26 2020-06-12
2.1
None Local Low Not required None Partial None
A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulnerability affects Firefox < 76.
736 CVE-2020-12392 200 +Info 2020-05-26 2020-06-12
2.1
None Local Low Not required Partial None None
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and pasted the command into a terminal, it could have resulted in the disclosure of local files. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0.
737 CVE-2020-12386 787 DoS 2021-02-17 2021-02-23
2.1
None Local Low Not required None None Partial
Out-of-bounds write in some Intel(R) Graphics Drivers before version 15.36.39.5143 may allow an authenticated user to potentially enable denial of service via local access.
738 CVE-2020-12376 798 2021-02-17 2021-02-22
2.1
None Local Low Not required Partial None None
Use of hard-coded key in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow authenticated user to potentially enable information disclosure via local access.
739 CVE-2020-12372 252 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Unchecked return value in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.
740 CVE-2020-12371 369 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Divide by zero in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.
741 CVE-2020-12370 476 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Untrusted pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access.
742 CVE-2020-12365 476 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Untrusted pointer dereference in some Intel(R) Graphics Drivers before versions 15.33.51.5146, 15.45.32.5145, 15.36.39.5144 and 15.40.46.5143 may allow an authenticated user to potentially denial of service via local access.
743 CVE-2020-12364 476 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
744 CVE-2020-12363 20 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
745 CVE-2020-12361 416 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Use after free in some Intel(R) Graphics Drivers before version 15.33.51.5146 may allow an authenticated user to potentially enable denial of service via local access.
746 CVE-2020-12356 125 2020-11-12 2020-11-18
2.1
None Local Low Not required Partial None None
Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local access.
747 CVE-2020-12328 200 +Info 2020-11-12 2020-11-24
2.1
None Local Low Not required Partial None None
Protection mechanism failure in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow a privileged user to potentially enable information disclosure via local access.
748 CVE-2020-12327 1188 2020-11-12 2020-11-24
2.1
None Local Low Not required Partial None None
Insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow a privileged user to potentially enable information disclosure via local access.
749 CVE-2020-12326 665 2020-11-12 2020-11-24
2.1
None Local Low Not required Partial None None
Improper initialization in some Intel(R) Thunderbolt(TM) DCH drivers for Windows* before version 72 may allow an authenticated user to potentially enable information disclosure via local access.
750 CVE-2020-12316 522 2020-11-12 2020-11-20
2.1
None Local Low Not required Partial None None
Insufficiently protected credentials in the Intel(R) EMA before version 1.3.3 may allow an authorized user to potentially enable information disclosure via local access.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.