| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
10501 |
CVE-2020-12772 |
311 |
|
|
2020-05-12 |
2020-05-18 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Ignite Realtime Spark 2.8.3 (and the ROAR plugin for it) on Windows. A chat message can include an IMG element with a SRC attribute referencing an external host's IP address. Upon access to this external host, the (NT)LM hashes of the user are sent with the HTTP request. This allows an attacker to collect these hashes, crack them, and potentially compromise the computer. (ROAR can be configured for automatic access. Also, access can occur if the user clicks.) |
|
10502 |
CVE-2020-12771 |
20 |
|
|
2020-05-09 |
2021-06-14 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails. |
|
10503 |
CVE-2020-12770 |
|
|
|
2020-05-09 |
2020-07-29 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040. |
|
10504 |
CVE-2020-12769 |
20 |
|
|
2020-05-09 |
2020-07-07 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8. |
|
10505 |
CVE-2020-12766 |
89 |
|
Sql |
2020-05-09 |
2020-05-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Gnuteca 3.8 allows action=main:search:simpleSearch SQL Injection via the exemplaryStatusId parameter. |
|
10506 |
CVE-2020-12765 |
22 |
|
Dir. Trav. |
2020-05-09 |
2020-05-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Solis Miolo 2.0 allows index.php?module=install&action=view&item= Directory Traversal. |
|
10507 |
CVE-2020-12764 |
22 |
|
Dir. Trav. |
2020-05-09 |
2020-05-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Gnuteca 3.8 allows file.php?folder=/&file= Directory Traversal. |
|
10508 |
CVE-2020-12763 |
787 |
|
DoS Exec Code Overflow |
2020-05-13 |
2020-05-15 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
TRENDnet ProView Wireless camera TV-IP512WN 1.0R 1.0.4 is vulnerable to an unauthenticated stack-based buffer overflow in handling RTSP packets. This may result in remote code execution or denial of service. The issue is in the binary rtspd (in /sbin) when parsing a long "Authorization: Basic" RTSP header. |
|
10509 |
CVE-2020-12762 |
787 |
|
Overflow |
2020-05-09 |
2021-05-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend. |
|
10510 |
CVE-2020-12761 |
190 |
|
Overflow |
2020-05-09 |
2020-05-14 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
modules/loaders/loader_ico.c in imlib2 1.6.0 has an integer overflow (with resultant invalid memory allocations and out-of-bounds reads) via an icon with many colors in its color map. |
|
10511 |
CVE-2020-12760 |
502 |
|
Exec Code |
2020-05-11 |
2020-05-13 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue was discovered in OpenNMS Horizon before 26.0.1, and Meridian before 2018.1.19 and 2019 before 2019.1.7. The ActiveMQ channel configuration allowed for arbitrary deserialization of Java objects (aka ActiveMQ Minion payload deserialization), leading to remote code execution for any authenticated channel user regardless of its assigned permissions. |
|
10512 |
CVE-2020-12759 |
79 |
|
XSS |
2020-08-21 |
2020-08-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Zulip Server before 2.1.5 allows reflected XSS via the Dropbox webhook. |
|
10513 |
CVE-2020-12758 |
404 |
|
|
2020-06-11 |
2020-06-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
HashiCorp Consul and Consul Enterprise could crash when configured with an abnormally-formed service-router entry. Introduced in 1.6.0, fixed in 1.6.6 and 1.7.4. |
|
10514 |
CVE-2020-12757 |
269 |
|
|
2020-06-10 |
2020-10-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
HashiCorp Vault and Vault Enterprise 1.4.0 and 1.4.1, when configured with the GCP Secrets Engine, may incorrectly generate GCP Credentials with the default time-to-live lease duration instead of the engine-configured setting. This may lead to generated GCP credentials being valid for longer than intended. Fixed in 1.4.2. |
|
10515 |
CVE-2020-12754 |
|
|
|
2020-05-11 |
2020-05-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A crafted application can obtain control of device input via the window system service. The LG ID is LVE-SMP-170011 (May 2020). |
|
10516 |
CVE-2020-12753 |
74 |
|
Exec Code |
2020-05-11 |
2020-06-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. Arbitrary code execution can occur via the bootloader because of an EL1/EL3 coldboot vulnerability involving raw_resources. The LG ID is LVE-SMP-200006 (May 2020). |
|
10517 |
CVE-2020-12752 |
522 |
|
|
2020-05-11 |
2020-05-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (with TEEGRIS) software. Attackers can determine user credentials via a brute-force attack against the Gatekeeper trustlet. The Samsung ID is SVE-2020-16908 (May 2020). |
|
10518 |
CVE-2020-12751 |
119 |
|
Exec Code Overflow |
2020-05-11 |
2020-05-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), and Q(10.0) software. The Quram image codec library allows attackers to overwrite memory and execute arbitrary code via crafted JPEG data that is mishandled during decoding. The Samsung ID is SVE-2020-16943 (May 2020). |
|
10519 |
CVE-2020-12750 |
|
|
Bypass |
2020-05-11 |
2020-05-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can bypass Factory Reset Protection (FRP) via SPEN. The Samsung ID is SVE-2020-17019 (May 2020). |
|
10520 |
CVE-2020-12749 |
120 |
|
Overflow |
2020-05-11 |
2020-05-13 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. The S.LSI Wi-Fi drivers have a buffer overflow. The Samsung ID is SVE-2020-16906 (May 2020). |
|
10521 |
CVE-2020-12748 |
|
|
Bypass |
2020-05-11 |
2020-05-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can bypass the locked-state protection mechanism and designate a different preferred SIM card. The Samsung ID is SVE-2020-16594 (May 2020). |
|
10522 |
CVE-2020-12747 |
787 |
|
Overflow |
2020-05-11 |
2020-05-13 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos980 9630 and Exynos990 9830 chipsets) software. The Bootloader has a heap-based buffer overflow because of the mishandling of specific commands. The Samsung IDs are SVE-2020-16981, SVE-2020-16991 (May 2020). |
|
10523 |
CVE-2020-12746 |
787 |
|
Exec Code Overflow Bypass |
2020-05-11 |
2020-05-12 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered on Samsung mobile devices with O(8.X), P(9.0), and Q(10.0) (Exynos chipsets) software. Attackers can bypass the Secure Bootloader protection mechanism via a heap-based buffer overflow to execute arbitrary code. The Samsung ID is SVE-2020-16712 (May 2020). |
|
10524 |
CVE-2020-12745 |
863 |
|
Bypass |
2020-05-11 |
2020-05-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can bypass the locked-state protection mechanism and access clipboard content via USSD. The Samsung ID is SVE-2019-16556 (May 2020). |
|
10525 |
CVE-2020-12743 |
552 |
|
File Inclusion |
2020-05-11 |
2020-05-15 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Gazie 7.32. A successful installation does not remove or block (or in any other way prevent use of) its own file /setup/install/setup.php, meaning that anyone can request it without authentication. This file allows arbitrary PHP file inclusion via a hidden_req POST parameter. |
|
10526 |
CVE-2020-12742 |
20 |
|
|
2020-05-13 |
2020-05-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The iubenda-cookie-law-solution plugin before 2.3.5 for WordPress does not restrict URL sanitization to http protocols. |
|
10527 |
CVE-2020-12740 |
125 |
|
|
2020-05-08 |
2020-06-25 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
tcprewrite in Tcpreplay through 4.3.2 has a heap-based buffer over-read during a get_c operation. The issue is being triggered in the function get_ipv6_next() at common/get.c. |
|
10528 |
CVE-2020-12739 |
20 |
|
|
2020-08-03 |
2020-08-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A denial-of-service vulnerability in the Fanuc i Series CNC (0i-MD and 0i Mate-MD) could allow an unauthenticated, remote attacker to cause an affected CNC to become inaccessible to other devices. |
|
10529 |
CVE-2020-12737 |
22 |
|
Dir. Trav. |
2020-05-08 |
2020-05-13 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in Maxum Rumpus before 8.2.12 on macOS. Authenticated users can perform a path traversal using double escaped characters, enabling read access to arbitrary files on the server. |
|
10530 |
CVE-2020-12736 |
269 |
|
Exec Code |
2020-07-07 |
2020-07-16 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Code42 environments with on-premises server versions 7.0.4 and earlier allow for possible remote code execution. When an administrator creates a local (non-SSO) user via a Code42-generated email, the administrator has the option to modify content for the email invitation. If the administrator entered template language code in the subject line, that code could be interpreted by the email generation services, potentially resulting in server-side code injection. |
|
10531 |
CVE-2020-12735 |
331 |
|
|
2020-05-08 |
2020-05-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
reset.php in DomainMOD 4.13.0 uses insufficient entropy for password reset requests, leading to account takeover. |
|
10532 |
CVE-2020-12725 |
918 |
|
|
2020-06-11 |
2020-06-22 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Havoc Research discovered an authenticated Server-Side Request Forgery (SSRF) via the "JSON" data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is potent and provides a lot of flexibility in terms of being able to craft HTTP requests e.g., by adding headers, selecting any HTTP verb, etc. |
|
10533 |
CVE-2020-12723 |
120 |
|
Overflow |
2020-06-05 |
2021-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. |
|
10534 |
CVE-2020-12720 |
863 |
|
|
2020-05-08 |
2020-07-27 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
vBulletin before 5.5.6pl1, 5.6.0 before 5.6.0pl1, and 5.6.1 before 5.6.1pl1 has incorrect access control. |
|
10535 |
CVE-2020-12719 |
611 |
|
|
2020-05-08 |
2020-05-14 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
XXE during an EventPublisher update can occur in Management Console in WSO2 API Manager 3.0.0 and earlier, API Manager Analytics 2.5.0 and earlier, API Microgateway 2.2.0, Enterprise Integrator 6.4.0 and earlier, IS as Key Manager 5.9.0 and earlier, Identity Server 5.9.0 and earlier, and Identity Server Analytics 5.6.0 and earlier. |
|
10536 |
CVE-2020-12715 |
434 |
|
|
2020-09-30 |
2020-10-02 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
RainbowFish PacsOne Server 6.8.4 has Incorrect Access Control. |
|
10537 |
CVE-2020-12714 |
326 |
|
|
2020-06-11 |
2020-06-22 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
An issue was discovered in CipherMail Community Gateway Virtual Appliances and Professional/Enterprise Gateway Virtual Appliances versions 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger Virtual Appliances 1.1.1 through 3.1.1-0. A Diffie-Hellman parameter of insufficient size could allow man-in-the-middle compromise of communications between CipherMail products and external SMTP clients. |
|
10538 |
CVE-2020-12713 |
269 |
|
|
2020-06-11 |
2020-06-22 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
An issue was discovered in CipherMail Community Gateway and Professional/Enterprise Gateway 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger 1.1.1 through 3.1.1-0. Attackers with administrative access to the web interface have multiple options to escalate their privileges to the Unix root account. |
|
10539 |
CVE-2020-12712 |
522 |
|
|
2020-06-11 |
2020-06-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A vulnerability based on insecure user/password encryption in the JOE (job editor) component of SOS JobScheduler 1.12 and 1.13 allows attackers to decrypt the user/password that is optionally stored with a user's profile. |
|
10540 |
CVE-2020-12708 |
79 |
|
XSS |
2020-05-07 |
2020-05-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting vulnerabilities in PHP-Fusion 9.03.50 allow remote attackers to inject arbitrary web script or HTML via the cat_id parameter to downloads/downloads.php or article.php. NOTE: this might overlap CVE-2012-6043. |
|
10541 |
CVE-2020-12707 |
79 |
|
XSS |
2020-05-07 |
2020-05-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An XSS vulnerability exists in modules/wysiwyg/save.php of LeptonCMS 4.5.0. This can be exploited because the only security measure used against XSS is the stripping of SCRIPT elements. A malicious actor can use HTML event handlers to run JavaScript instead of using SCRIPT elements. |
|
10542 |
CVE-2020-12705 |
79 |
|
XSS |
2020-05-07 |
2020-05-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities exist in LeptonCMS before 4.6.0. |
|
10543 |
CVE-2020-12704 |
79 |
|
XSS |
2020-05-07 |
2020-05-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
UliCMS before 2020.2 has PageController stored XSS. |
|
10544 |
CVE-2020-12703 |
79 |
|
XSS |
2020-05-07 |
2020-05-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
UliCMS before 2020.2 has XSS during PackageController uninstall. |
|
10545 |
CVE-2020-12700 |
200 |
|
+Info |
2020-05-13 |
2020-05-14 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
The direct_mail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query. |
|
10546 |
CVE-2020-12699 |
601 |
|
|
2020-05-13 |
2020-05-14 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
The direct_mail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl. |
|
10547 |
CVE-2020-12698 |
200 |
|
+Info |
2020-05-13 |
2020-05-14 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
The direct_mail extension through 5.2.3 for TYPO3 has Broken Access Control for newsletter subscriber tables. |
|
10548 |
CVE-2020-12697 |
770 |
|
DoS |
2020-05-13 |
2020-05-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The direct_mail extension through 5.2.3 for TYPO3 allows Denial of Service via log entries. |
|
10549 |
CVE-2020-12696 |
79 |
|
XSS |
2020-05-07 |
2020-05-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The iframe plugin before 4.5 for WordPress does not sanitize a URL. |
|
10550 |
CVE-2020-12695 |
276 |
|
|
2020-06-08 |
2021-04-23 |
7.8 |
None |
Remote |
Medium |
Not required |
Partial |
None |
Complete |
|
The Open Connectivity Foundation UPnP specification before 2020-04-17 does not forbid the acceptance of a subscription request with a delivery URL on a different network segment than the fully qualified event-subscription URL, aka the CallStranger issue. |
