CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1151 CVE-2020-35128 79 XSS 2021-01-19 2021-02-24
6.0
None Remote Medium ??? Partial Partial Partial
Mautic before 3.2.4 is affected by stored XSS. An attacker with permission to manage companies, an application feature, could attack other users, including administrators. For example, by loading an externally crafted JavaScript file, an attacker could eventually perform actions as the target user. These actions include changing the user passwords, altering user or email addresses, or adding a new administrator to the system.
1152 CVE-2020-35125 79 XSS 2021-02-09 2021-02-16
6.8
None Remote Medium Not required Partial Partial Partial
A cross-site scripting (XSS) vulnerability in the forms component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript via mautic[return] (a different attack method than CVE-2020-35124, but also related to the Referer concept).
1153 CVE-2020-35124 79 XSS 2021-01-28 2021-02-05
6.8
None Remote Medium Not required Partial Partial Partial
A cross-site scripting (XSS) vulnerability in the assets component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript through the Referer header of asset downloads.
1154 CVE-2020-35121 94 2020-12-15 2020-12-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the Keysight Database Connector plugin before 1.5.0 for Confluence. A malicious user could insert arbitrary JavaScript into saved macro parameters that would execute when a user viewed a page with that instance of the macro.
1155 CVE-2020-35114 787 Mem. Corr. 2021-01-07 2021-01-12
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers reported memory safety bugs present in Firefox 83. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 84.
1156 CVE-2020-35113 787 Mem. Corr. 2021-01-07 2021-01-12
6.8
None Remote Medium Not required Partial Partial Partial
Mozilla developers reported memory safety bugs present in Firefox 83 and Firefox ESR 78.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
1157 CVE-2020-35112 2021-01-07 2021-01-12
6.8
None Remote Medium Not required Partial Partial Partial
If a user downloaded a file lacking an extension on Windows, and then "Open"-ed it from the downloads panel, if there was an executable file in the downloads directory with the same name but with an executable extension (such as .bat or .exe) that executable would have been launched instead. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefox ESR < 78.6.
1158 CVE-2020-29663 295 2020-12-15 2020-12-18
6.4
None Remote Low Not required Partial Partial None
Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked certificates due for renewal will automatically be renewed, ignoring the CRL. This issue is fixed in Icinga 2 v2.11.8 and v2.12.3.
1159 CVE-2020-29657 125 2020-12-09 2020-12-10
6.4
None Remote Low Not required Partial None Partial
In JerryScript 2.3.0, there is an out-of-bounds read in main_print_unhandled_exception in the main-utils.c file.
1160 CVE-2020-29654 427 2020-12-12 2020-12-14
6.9
None Local Medium Not required Complete Complete Complete
Western Digital Dashboard before 3.2.2.9 allows DLL Hijacking that leads to compromise of the SYSTEM account.
1161 CVE-2020-29633 287 Bypass 2021-04-02 2021-04-08
6.5
None Remote Low ??? Partial Partial Partial
An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. An attacker in a privileged network position may be able to bypass authentication policy.
1162 CVE-2020-29625 Exec Code 2021-04-02 2021-04-08
6.8
None Remote Medium Not required Partial Partial Partial
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.
1163 CVE-2020-29624 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-07
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted font file may lead to arbitrary code execution.
1164 CVE-2020-29620 269 2021-04-02 2021-04-08
6.8
None Remote Medium Not required Partial Partial Partial
This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to elevate privileges.
1165 CVE-2020-29619 125 2021-04-02 2021-04-07
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to heap corruption.
1166 CVE-2020-29618 125 Exec Code 2021-04-02 2021-04-07
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to arbitrary code execution.
1167 CVE-2020-29617 125 2021-04-02 2021-04-08
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to heap corruption.
1168 CVE-2020-29616 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-07
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. Processing a maliciously crafted image may lead to arbitrary code execution.
1169 CVE-2020-29614 2021-04-02 2021-04-08
6.8
None Remote Medium Not required Partial Partial Partial
This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted file may lead to heap corruption.
1170 CVE-2020-29611 787 Exec Code 2021-04-02 2021-04-08
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in tvOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, iCloud for Windows 12.0, watchOS 7.2. Processing a maliciously crafted image may lead to arbitrary code execution.
1171 CVE-2020-29607 434 Exec Code +Priv Bypass 2020-12-16 2021-05-28
6.5
None Remote Low ??? Partial Partial Partial
A file upload restriction bypass vulnerability in Pluck CMS before 4.7.13 allows an admin privileged user to gain access in the host through the "manage files" functionality, which may result in remote code execution.
1172 CVE-2020-29599 91 2020-12-07 2021-03-29
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate option, which allows setting a password for password-protected PDF files. The user-controlled password was not properly escaped/sanitized and it was therefore possible to inject additional shell commands via coders/pdf.c.
1173 CVE-2020-29511 2020-12-14 2021-01-30
6.8
None Remote Medium Not required Partial Partial Partial
The encoding/xml package in Go (all versions) does not correctly preserve the semantics of element namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.
1174 CVE-2020-29510 2020-12-14 2021-01-30
6.8
None Remote Medium Not required Partial Partial Partial
The encoding/xml package in Go versions 1.15 and earlier does not correctly preserve the semantics of directives during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.
1175 CVE-2020-29509 2020-12-14 2021-01-30
6.8
None Remote Medium Not required Partial Partial Partial
The encoding/xml package in Go (all versions) does not correctly preserve the semantics of attribute namespace prefixes during tokenization round-trips, which allows an attacker to craft inputs that behave in conflicting ways during different stages of processing in affected downstream applications.
1176 CVE-2020-29492 276 2021-01-04 2021-01-08
6.4
None Remote Low Not required Partial Partial None
Dell Wyse ThinOS 8.6 and prior versions contain an insecure default configuration vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to access the writable file and manipulate the configuration of any target specific station.
1177 CVE-2020-29458 352 CSRF 2020-12-02 2020-12-02
6.8
None Remote Medium Not required Partial Partial Partial
Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem.
1178 CVE-2020-29441 434 DoS 2020-11-30 2020-12-04
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0. An unauthenticated attacker can upload arbitrary files. In some cases, this attack may consume the available database space (Denial of Service), corrupt legitimate data if files are being processed asynchronously, or deny access to legitimate uploaded files.
1179 CVE-2020-29396 269 Exec Code 2020-12-22 2020-12-30
6.5
None Remote Low ??? Partial Partial Partial
A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation.
1180 CVE-2020-29394 787 Exec Code Overflow 2020-11-30 2021-03-18
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument).
1181 CVE-2020-29374 362 2020-11-28 2021-04-08
6.9
None Local Medium Not required Complete Complete Complete
An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-17839856fd58.
1182 CVE-2020-29369 362 2020-11-28 2021-02-24
6.9
None Local Medium Not required Complete Complete Complete
An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.
1183 CVE-2020-29368 787 2020-11-28 2021-01-08
6.9
None Local Medium Not required Complete Complete Complete
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
1184 CVE-2020-29254 352 CSRF File Inclusion 2020-12-11 2020-12-14
6.8
None Remote Medium Not required Partial Partial Partial
TikiWiki 21.2 allows templates to be edited without CSRF protection. This could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. The vulnerability is due to insufficient CSRF protections for the web-based management interface of the affected system. An attacker could exploit this vulnerability by persuading a user of the interface to follow a maliciously crafted link. A successful exploit could allow the attacker to perform arbitrary actions on an affected system with the privileges of the user. These action include allowing attackers to submit their own code through an authenticated user resulting in local file Inclusion. If an authenticated user who is able to edit TikiWiki templates visits an malicious website, template code can be edited.
1185 CVE-2020-29163 89 Sql 2021-02-03 2021-02-04
6.5
None Remote Low ??? Partial Partial Partial
PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by SQL injection.
1186 CVE-2020-29143 89 Exec Code Sql 2021-02-15 2021-02-22
6.5
None Remote Low ??? Partial Partial Partial
A SQL injection vulnerability in interface/reports/non_reported.php in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the form_code parameter.
1187 CVE-2020-29142 89 Exec Code Sql 2021-02-15 2021-02-18
6.5
None Remote Low ??? Partial Partial Partial
A SQL injection vulnerability in interface/usergroup/usergroup_admin.php in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the schedule_facility parameter when restrict_user_facility=on is in global settings.
1188 CVE-2020-29140 89 Exec Code Sql 2021-02-15 2021-02-22
6.5
None Remote Low ??? Partial Partial Partial
A SQL injection vulnerability in interface/reports/immunization_report.php in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the form_code parameter.
1189 CVE-2020-29139 89 Exec Code Sql 2021-02-15 2021-02-22
6.5
None Remote Low ??? Partial Partial Partial
A SQL injection vulnerability in interface/main/finder/patient_select.php from library/patient.inc in OpenEMR before 5.0.2.5 allows a remote authenticated attacker to execute arbitrary SQL commands via the searchFields parameter.
1190 CVE-2020-29128 91 2020-11-26 2020-12-03
6.8
None Remote Medium Not required Partial Partial Partial
petl before 1.68, in some configurations, allows resolution of entities in an XML document.
1191 CVE-2020-29074 862 2020-11-25 2021-03-25
6.5
None Remote Low ??? Partial Partial Partial
scan.c in x11vnc 0.9.16 uses IPC_CREAT|0777 in shmget calls, which allows access by actors other than the current user.
1192 CVE-2020-29032 434 Exec Code 2021-03-05 2021-03-12
6.5
None Remote Low ??? Partial Partial Partial
Upload of Code Without Integrity Check vulnerability in firmware archive of Secomea GateManager allows authenticated attacker to execute malicious code on server. This issue affects: Secomea GateManager all versions prior to 9.4.621054022
1193 CVE-2020-29030 352 Exec Code CSRF 2021-03-05 2021-03-12
6.8
None Remote Medium Not required Partial Partial Partial
Cross-Site Request Forgery (CSRF) vulnerability in web GUI of Secomea GateManager allows an attacker to execute malicious code. This issue affects: Secomea GateManager All versions prior to 9.4.
1194 CVE-2020-29020 863 2021-03-05 2021-03-12
6.5
None Remote Low ??? Partial Partial Partial
Improper Access Control vulnerability in web service of Secomea SiteManager allows remote attacker to access the web UI from the internet using the configured credentials. This issue affects: Secomea SiteManager All versions prior to 9.4.620527004 on Hardware.
1195 CVE-2020-29018 134 2021-01-14 2021-01-20
6.5
None Remote Low ??? Partial Partial Partial
A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote attacker to read the content of memory and retrieve sensitive data via the redir parameter.
1196 CVE-2020-29004 352 CSRF 2021-01-29 2021-02-03
6.8
None Remote Medium Not required Partial Partial Partial
The API in the Push extension for MediaWiki through 1.35 did not require an edit token in ApiPushBase.php and therefore facilitated a CSRF attack.
1197 CVE-2020-29001 312 2021-01-26 2021-02-03
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered on Geeni GNC-CW028 Camera 2.7.2, Geeni GNC-CW025 Doorbell 2.9.5, Merkury MI-CW024 Doorbell 2.9.6, and Merkury MI-CW017 Camera 2.9.6 devices. A vulnerability exists in the RESTful Services API that allows a remote attacker to take full control of the camera with a high-privileged account. The vulnerability exists because a static username and password are compiled into the ppsapp RESTful application.
1198 CVE-2020-28999 798 2021-01-26 2021-02-03
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in Apexis Streaming Video Web Application on Geeni GNC-CW013 doorbell 1.8.1 devices. A remote attacker can take full control of the camera with a high-privileged account. The vulnerability exists because a static username and password are compiled into a shared library (libhipcam.so) used to provide the streaming camera service.
1199 CVE-2020-28974 125 2020-11-20 2021-01-27
6.1
None Local Low Not required Partial Partial Complete
A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height.
1200 CVE-2020-28950 427 2020-12-04 2020-12-08
6.9
None Local Medium Not required Complete Complete Complete
The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART 4.0 Patch C was vulnerable to a DLL hijacking attack that allowed an attacker to elevate privileges during installation process.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.