CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1101 CVE-2020-35871 362 2020-12-31 2021-01-04
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via an Auxdata API data race.
1102 CVE-2020-35859 770 Mem. Corr. +Info 2020-12-31 2021-01-06
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in the lucet-runtime-internals crate before 0.5.1 for Rust. It mishandles sigstack allocation. Guest programs may be able to obtain sensitive information, or guest programs can experience memory corruption.
1103 CVE-2020-35845 787 2021-01-26 2021-01-29
6.8
None Remote Medium Not required Partial Partial Partial
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x96cf.
1104 CVE-2020-35844 787 2021-01-26 2021-01-29
6.8
None Remote Medium Not required Partial Partial Partial
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0xbe9c4.
1105 CVE-2020-35789 77 2020-12-30 2020-12-30
6.5
None Remote Low ??? Partial Partial Partial
NETGEAR NMS300 devices before 1.6.0.27 are affected by command injection by an authenticated user.
1106 CVE-2020-35784 2020-12-30 2020-12-31
6.5
None Remote Low ??? Partial Partial Partial
Certain NETGEAR devices are affected by lack of access control at the function level. This affects JGS516PE before 2.6.0.48, JGS524PE before 2.6.0.48, JGS524Ev2 before 2.6.0.48, and GS116Ev2 before 2.6.0.48.
1107 CVE-2020-35778 352 CSRF 2020-12-30 2020-12-30
6.8
None Remote Medium Not required Partial Partial Partial
Certain NETGEAR devices are affected by CSRF. This affects GS716Tv3 before 6.3.1.36 and GS724Tv4 before 6.3.1.36.
1108 CVE-2020-35765 89 Sql 2021-02-05 2021-02-17
6.5
None Remote Low ??? Partial Partial Partial
doFilter in com.adventnet.appmanager.filter.UriCollector in Zoho ManageEngine Applications Manager through 14930 allows an authenticated SQL Injection via the resourceid parameter to showresource.do.
1109 CVE-2020-35754 74 Exec Code 2021-01-28 2021-02-03
6.5
None Remote Low ??? Partial Partial Partial
OpenSolution Quick.CMS < 6.7 and Quick.Cart < 6.7 allow an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Language tab.
1110 CVE-2020-35745 269 2021-01-07 2021-01-12
6.5
None Remote Low ??? Partial Partial Partial
PHPGURUKUL Hospital Management System V 4.0 does not properly restrict access to admin/dashboard.php, which allows attackers to access all data of users, doctors, patients, change admin password, get appointment history and access all session logs.
1111 CVE-2020-35743 89 Sql 2020-12-31 2021-01-07
6.5
None Remote Low ??? Partial Partial Partial
HGiga MailSherlock contains a SQL injection flaw. Attackers can inject and launch SQL commands in a URL parameter of specific cgi pages.
1112 CVE-2020-35742 89 Sql 2020-12-31 2021-01-07
6.5
None Remote Low ??? Partial Partial Partial
HGiga MailSherlock contains a vulnerability of SQL Injection. Attackers can inject and launch SQL commands in a URL parameter.
1113 CVE-2020-35734 74 Exec Code 2021-02-15 2021-02-26
6.5
None Remote Low ??? Partial Partial Partial
** UNSUPPORTED WHEN ASSIGNED ** Sruu.pl in Batflat 1.3.6 allows an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Users tab. To exploit this, one must login to the administration panel and edit an arbitrary user's data (username, displayed name, etc.). NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
1114 CVE-2020-35728 502 2020-12-27 2021-06-14
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl).
1115 CVE-2020-35714 77 Exec Code 2020-12-26 2020-12-28
6.5
None Remote Low ??? Partial Partial Partial
Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program.
1116 CVE-2020-35708 89 Sql 2020-12-25 2020-12-28
6.5
None Remote Low ??? Partial Partial Partial
phpList 3.5.9 allows SQL injection by admins who provide a crafted fourth line of a file to the "Config - Import Administrators" page.
1117 CVE-2020-35702 787 Overflow 2020-12-25 2020-12-30
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 release. In this situation, it should NOT be considered a Poppler vulnerability. However, several third-party Open Source projects directly rely on Poppler git clones made at arbitrary times, and therefore the CVE remains useful to users of those projects.
1118 CVE-2020-35701 89 Exec Code Sql 2021-01-11 2021-05-21
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in Cacti 1.2.x through 1.2.16. A SQL injection vulnerability in data_debug.php allows remote authenticated attackers to execute arbitrary SQL commands via the site_id parameter. This can lead to remote code execution.
1119 CVE-2020-35700 89 Exec Code Sql 2021-02-08 2021-02-09
6.5
None Remote Low ??? Partial Partial Partial
A second-order SQL injection issue in Widgets/TopDevicesController.php (aka the Top Devices dashboard widget) of LibreNMS before 21.1.0 allows remote authenticated attackers to execute arbitrary SQL commands via the sort_order parameter against the /ajax/form/widget-settings endpoint.
1120 CVE-2020-35682 863 Bypass 2021-03-13 2021-03-18
6.5
None Remote Low ??? Partial Partial Partial
Zoho ManageEngine ServiceDesk Plus before 11134 allows an Authentication Bypass (only during SAML login).
1121 CVE-2020-35666 89 Sql 2020-12-23 2020-12-23
6.5
None Remote Low ??? Partial Partial Partial
Steedos Platform through 1.21.24 allows NoSQL injection because the /api/collection/findone implementation in server/packages/steedos_base.js mishandles req.body validation, as demonstrated by MongoDB operator attacks such as an X-User-Id[$ne]=1 value.
1122 CVE-2020-35657 434 Exec Code 2020-12-23 2020-12-23
6.5
None Remote Low ??? Partial Partial Partial
Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of UploadTheme to upload a theme ZIP archive containing a .php file that is able to execute OS commands. NOTE: this is unrelated to the JAWS (aka Job Access With Speech) product.
1123 CVE-2020-35656 434 Exec Code 2020-12-23 2020-12-23
6.5
None Remote Low ??? Partial Partial Partial
Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of admin.php?reqGadget=Components&reqAction=InstallGadget&comp=FileBrowser and admin.php?reqGadget=FileBrowser&reqAction=Files to upload a .php file. NOTE: this is unrelated to the JAWS (aka Job Access With Speech) product.
1124 CVE-2020-35654 787 Overflow 2021-01-12 2021-03-22
6.8
None Remote Medium Not required Partial Partial Partial
In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode.
1125 CVE-2020-35626 352 CSRF 2020-12-21 2020-12-22
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the PushToWatch extension for MediaWiki through 1.35.1. The primary form did not implement an anti-CSRF token and therefore was completely vulnerable to CSRF attacks against onSkinAddFooterLinks in PushToWatch.php.
1126 CVE-2020-35625 732 2020-12-21 2020-12-23
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in the Widgets extension for MediaWiki through 1.35.1. Any user with the ability to edit pages within the Widgets namespace could call any static function within any class (defined within PHP or MediaWiki) via a crafted HTML comment, related to a Smarty template. For example, a person in the Widget Editors group could use \MediaWiki\Shell\Shell::command within a comment.
1127 CVE-2020-35615 352 CSRF 2020-12-28 2020-12-30
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Joomla! 2.5.0 through 3.9.22. A missing token check in the emailexport feature of com_privacy causes a CSRF vulnerability.
1128 CVE-2020-35547 863 2021-01-29 2021-02-04
6.4
None Remote Low Not required Partial Partial None
A library index page in NuPoint Messenger in Mitel MiCollab before 9.2 FP1 could allow an unauthenticated attacker to gain access (view and modify) to user data.
1129 CVE-2020-35524 119 Exec Code Overflow 2021-03-09 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
1130 CVE-2020-35523 190 Exec Code Overflow 2021-03-09 2021-05-21
6.8
None Remote Medium Not required Partial Partial Partial
An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
1131 CVE-2020-35519 125 +Info 2021-05-06 2021-06-18
6.8
None Local Low Not required Complete Partial Complete
An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
1132 CVE-2020-35492 121 Overflow 2021-03-18 2021-05-14
6.8
None Remote Medium Not required Partial Partial Partial
A flaw was found in cairo's image-compositor.c in all versions prior to 1.17.4. This flaw allows an attacker who can provide a crafted input file to cairo's image-compositor (for example, by convincing a user to open a file in an application using cairo, or if an application uses cairo on untrusted input) to cause a stack buffer overflow -> out-of-bounds WRITE. The highest impact from this vulnerability is to confidentiality, integrity, as well as system availability.
1133 CVE-2020-35491 502 2020-12-17 2021-06-14
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource.
1134 CVE-2020-35490 502 2020-12-17 2021-06-14
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource.
1135 CVE-2020-35452 787 Overflow 2021-06-10 2021-06-16
6.8
None Remote Medium Not required Partial Partial Partial
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow
1136 CVE-2020-35382 89 Sql 2020-12-14 2020-12-14
6.5
None Remote Low ??? Partial Partial Partial
SQL Injection in Classbooking before 2.4.1 via the username field of a CSV file when adding a new user.
1137 CVE-2020-35273 352 +Priv CSRF 2020-12-21 2020-12-22
6.0
None Remote Medium ??? Partial Partial Partial
EgavilanMedia User Registration & Login System with Admin Panel 1.0 is affected by Cross Site Request Forgery (CSRF) to remotely gain privileges in the User Profile panel. An attacker can update any user's account.
1138 CVE-2020-35270 89 Sql 2021-01-26 2021-02-01
6.4
None Remote Low Not required Partial Partial None
Student Result Management System In PHP With Source Code is affected by SQL injection. An attacker can able to access of Admin Panel and manage every account of Result.
1139 CVE-2020-35269 352 CSRF 2020-12-23 2021-03-02
6.8
None Remote Medium Not required Partial Partial Partial
Nagios Core application version 4.2.4 is vulnerable to Site-Wide Cross-Site Request Forgery (CSRF) in many functions, like adding – deleting for hosts or servers.
1140 CVE-2020-35239 352 Bypass CSRF 2021-01-26 2021-02-02
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability exists in CakePHP versions 4.0.x through 4.1.3. The CsrfProtectionMiddleware component allows method override parameters to bypass CSRF checks by changing the HTTP request method to an arbitrary string that is not in the list of request methods that CakePHP checks. Additionally, the route middleware does not verify that this overriden method (which can be an arbitrary string) is actually an HTTP method.
1141 CVE-2020-35235 Exec Code 2020-12-14 2020-12-15
6.5
None Remote Low ??? Partial Partial Partial
** UNSUPPORTED WHEN ASSIGNED ** vendor/elfinder/php/connector.minimal.php in the secure-file-manager plugin through 2.5 for WordPress loads elFinder code without proper access control. Thus, any authenticated user can run the elFinder upload command to achieve remote code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
1142 CVE-2020-35233 400 DoS 2021-03-10 2021-03-16
6.1
None Local Network Low Not required None None Complete
The TFTP server fails to handle multiple connections on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices, and allows external attackers to force device reboots by sending concurrent connections, aka a denial of service attack.
1143 CVE-2020-35230 190 DoS Overflow 2021-03-10 2021-03-17
6.7
None Local Network Low ??? Partial Partial Complete
Multiple integer overflow parameters were found in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices. Most of the integer parameters sent through the web server can be abused to cause a denial of service attack.
1144 CVE-2020-35227 120 Overflow 2021-03-10 2021-03-15
6.5
None Remote Low ??? Partial Partial Partial
A buffer overflow vulnerability in the access control section on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices (in the administration web panel) allows an attacker to inject IP addresses into the whitelist via the checkedList parameter to the delete command.
1145 CVE-2020-35224 120 Overflow 2021-03-10 2021-03-15
6.1
None Local Network Low Not required None None Complete
A buffer overflow vulnerability in the NSDP protocol authentication method on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allows remote unauthenticated attackers to force a device reboot.
1146 CVE-2020-35223 352 Bypass CSRF 2021-03-10 2021-03-15
6.8
None Remote Medium Not required Partial Partial Partial
The CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests.
1147 CVE-2020-35217 352 CSRF 2021-01-20 2021-02-02
6.8
None Remote Medium Not required Partial Partial Partial
Vert.x-Web framework v4.0 milestone 1-4 does not perform a correct CSRF verification. Instead of comparing the CSRF token in the request with the CSRF token in the cookie, it compares the CSRF token in the cookie against a CSRF token that is stored in the session. An attacker does not even need to provide a CSRF token in the request because the framework does not consider it. The cookies are automatically sent by the browser and the verification will always succeed, leading to a successful CSRF attack.
1148 CVE-2020-35151 89 Sql 2020-12-21 2020-12-22
6.5
None Remote Low ??? Partial Partial Partial
The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection.
1149 CVE-2020-35135 352 CSRF 2020-12-11 2021-03-31
6.8
None Remote Medium Not required Partial Partial Partial
The ultimate-category-excluder plugin before 1.2 for WordPress allows ultimate-category-excluder.php CSRF.
1150 CVE-2020-35129 79 XSS 2021-01-19 2021-01-27
6.0
None Remote Medium ??? Partial Partial Partial
Mautic before 3.2.4 is affected by stored XSS. An attacker with access to Social Monitoring, an application feature, could attack other users, including administrators. For example, an attacker could load an externally drafted JavaScript file that would allow them to eventually perform actions on the target user’s behalf, including changing the user’s password or email address or changing the attacker’s user role from a low-privileged user to an administrator account.
Total number of vulnerabilities : 22306   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 (This Page)24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.