CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2101 CVE-2020-13833 59 2020-06-04 2020-06-07
6.4
None Remote Low Not required None Partial Partial
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The system area allows arbitrary file overwrites via a symlink attack. The Samsung ID is SVE-2020-17183 (June 2020).
2102 CVE-2020-13826 74 Exec Code 2020-08-20 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
A CSV injection (aka Excel Macro Injection or Formula Injection) issue in i-doit 1.14.2 allows an attacker to execute arbitrary commands via a Title parameter that is mishandled in a CSV export.
2103 CVE-2020-13822 190 Overflow 2020-06-04 2020-07-02
6.8
None Remote Medium Not required Partial Partial Partial
The Elliptic package 6.5.2 for Node.js allows ECDSA signature malleability via variations in encoding, leading '\0' bytes, or integer overflows. This could conceivably have a security-relevant impact if an application relied on a single canonical signature.
2104 CVE-2020-13811 787 2020-06-04 2020-06-09
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Foxit Studio Photo before 3.6.6.922. It has an out-of-bounds write via a crafted TIFF file.
2105 CVE-2020-13804 798 2020-06-04 2020-06-04
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows information disclosure of a hardcoded username and password in the DocuSign plugin.
2106 CVE-2020-13786 352 CSRF 2020-06-03 2020-06-17
6.8
None Remote Medium Not required Partial Partial Partial
D-Link DIR-865L Ax 1.20B01 Beta devices allow CSRF.
2107 CVE-2020-13776 20 2020-06-03 2020-07-30
6.2
None Local High Not required Complete Complete Complete
systemd through v245 mishandles numerical usernames such as ones composed of decimal digits or 0x followed by hex digits, as demonstrated by use of root privileges when privileges of the 0x0 user account were intended. NOTE: this issue exists because of an incomplete fix for CVE-2017-1000082.
2108 CVE-2020-13771 427 Exec Code +Priv 2020-11-12 2020-11-24
6.9
None Local Medium Not required Complete Complete Complete
Various components in Ivanti Endpoint Manager through 2020.1.1 rely on Windows search order when loading a (nonexistent) library file, allowing (under certain conditions) one to gain code execution (and elevation of privileges to the level of privilege held by the vulnerable component such as NT AUTHORITY\SYSTEM) via DLL hijacking. This affects ldiscn32.exe, IpmiRedirectionService.exe, LDAPWhoAmI.exe, and ldprofile.exe.
2109 CVE-2020-13769 89 Sql 2020-11-16 2020-11-21
6.5
None Remote Low ??? Partial Partial Partial
LDMS/alert_log.aspx in Ivanti Endpoint Manager through 2020.1 allows SQL Injection via a /remotecontrolauth/api/device request.
2110 CVE-2020-13765 787 2020-06-04 2021-01-04
6.8
None Remote Medium Not required Partial Partial Partial
rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation.
2111 CVE-2020-13760 352 CSRF 2020-06-02 2020-10-19
6.8
None Remote Medium Not required Partial Partial Partial
In Joomla! before 3.9.19, missing token checks in com_postinstall lead to CSRF.
2112 CVE-2020-13702 200 +Info 2020-06-11 2021-03-12
6.4
None Remote Low Not required Partial Partial None
The Rolling Proximity Identifier used in the Apple/Google Exposure Notification API beta through 2020-05-29 enables attackers to circumvent Bluetooth Smart Privacy because there is a secondary temporary UID. An attacker with access to Beacon or IoT networks can seamlessly track individual device movement via a Bluetooth LE discovery mechanism.
2113 CVE-2020-13699 428 2020-07-29 2020-08-05
6.8
None Remote Medium Not required Partial Partial Partial
TeamViewer Desktop for Windows before 15.8.3 does not properly quote its custom URI handlers. A malicious website could launch TeamViewer with arbitrary parameters, as demonstrated by a teamviewer10: --play URL. An attacker could force a victim to send an NTLM authentication request and either relay the request or capture the hash for offline password cracking. This affects teamviewer10, teamviewer8, teamviewerapi, tvchat1, tvcontrol1, tvfiletransfer1, tvjoinv8, tvpresent1, tvsendfile1, tvsqcustomer1, tvsqsupport1, tvvideocall1, and tvvpn1. The issue is fixed in 8.0.258861, 9.0.258860, 10.0.258873, 11.0.258870, 12.0.258869, 13.2.36220, 14.2.56676, 14.7.48350, and 15.8.3.
2114 CVE-2020-13692 611 2020-06-04 2021-03-15
6.8
None Remote Medium Not required Partial Partial Partial
PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE.
2115 CVE-2020-13671 434 2020-11-20 2020-12-15
6.5
None Remote Low ??? Partial Partial Partial
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to 9.0.8, 8.9 versions prior to 8.9.9, 8.8 versions prior to 8.8.11, and 7 versions prior to 7.74.
2116 CVE-2020-13661 2020-11-05 2020-11-13
6.8
None Remote Medium Not required Partial Partial Partial
Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must interactively choose the Open On Browser option. Fixed in version 5.0.20204.
2117 CVE-2020-13658 352 CSRF 2020-09-30 2020-10-15
6.0
None Remote Medium ??? Partial Partial Partial
In Lansweeper 8.0.130.17, the web console is vulnerable to a CSRF attack that would allow a low-level Lansweeper user to elevate their privileges within the application.
2118 CVE-2020-13651 74 2020-06-15 2020-06-23
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 before p20200421, and 2019R2 before p20200430. It allows a user to provide data that will be used to generate the JNLP file used by a client to obtain the right Java application. By providing an attacker-controlled URL, the client will obtain a rogue JNLP file specifying the installation of malicious JAR archives and executed with full privileges on the client computer.
2119 CVE-2020-13646 20 DoS 2020-06-05 2020-06-15
6.1
None Local Low Not required Partial Partial Complete
In Cheetah free WiFi 5.1, the driver file (liebaonat.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020f8, 0x830020E0, 0x830020E4, or 0x8300210c.
2120 CVE-2020-13645 295 2020-05-28 2020-11-20
6.4
None Remote Low Not required Partial Partial None
In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server identity. This is in contrast to its intended documented behavior, to fail the certificate verification. Applications that fail to provide the server identity, including Balsa before 2.5.11 and 2.6.x before 2.6.1, accept a TLS certificate if the certificate is valid for any host.
2121 CVE-2020-13643 352 2020-05-28 2020-05-28
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The live editor feature did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The live_editor_panels_data $_POST variable allows for malicious JavaScript to be executed in the victim's browser.
2122 CVE-2020-13642 352 2020-05-28 2020-05-28
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the SiteOrigin Page Builder plugin before 2.10.16 for WordPress. The action_builder_content function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The panels_data $_POST variable allows for malicious JavaScript to be executed in the victim's browser.
2123 CVE-2020-13641 352 2020-05-28 2020-05-28
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the Real-Time Find and Replace plugin before 4.0.2 for WordPress. The far_options_page function did not do any nonce verification, allowing for requests to be forged on behalf of an administrator. The find and replace rules could be updated with malicious JavaScript, allowing for that be executed later in the victims browser.
2124 CVE-2020-13634 20 DoS 2020-05-29 2020-05-29
6.1
None Local Low Not required Partial Partial Complete
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xF1002558
2125 CVE-2020-13620 352 CSRF 2020-11-24 2020-12-03
6.8
None Remote Medium Not required Partial Partial Partial
Fastweb FASTGate GPON FGA2130FWB devices through 2020-05-26 allow CSRF via the router administration web panel, leading to an attacker's ability to perform administrative actions such as modifying the configuration.
2126 CVE-2020-13592 89 Sql CSRF 2021-04-09 2021-04-13
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable SQL injection vulnerability exists in "global_lists/choices" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be done either with administrator credentials or through cross-site request forgery.
2127 CVE-2020-13591 89 Sql CSRF 2021-04-09 2021-04-13
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable SQL injection vulnerability exists in the "access_rules/rules_form" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be done either with administrator credentials or through cross-site request forgery.
2128 CVE-2020-13587 89 Sql CSRF 2021-04-09 2021-04-13
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable SQL injection vulnerability exists in the "forms_fields_rules/rules" page of the Rukovoditel Project Management App 2.7.2. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability, this can be done either with administrator credentials or through cross-site request forgery.
2129 CVE-2020-13586 787 Overflow Mem. Corr. 2021-02-04 2021-02-10
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption vulnerability exists in the Excel Document SST Record 0x00fc functionality of SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014). A specially crafted malformed file can lead to a heap buffer overflow. An attacker can provide a malicious file to trigger this vulnerability.
2130 CVE-2020-13585 787 Exec Code 2021-02-10 2021-02-17
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write vulnerability exists in the PSD Header processing functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
2131 CVE-2020-13584 416 Exec Code 2020-12-03 2020-12-23
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code execution. The victim needs to visit a malicious web site to trigger this vulnerability.
2132 CVE-2020-13581 787 Overflow 2021-02-10 2021-02-17
6.8
None Remote Medium Not required Partial Partial Partial
In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a buffer that is smaller than the size used for the copy which will cause a heap-based buffer overflow. An attacker can entice the victim to open a document to trigger this vulnerability.
2133 CVE-2020-13580 787 Exec Code Overflow 2021-02-04 2021-02-09
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable heap-based buffer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser to explicitly trust a length from a particular record type and use it to write a 16-bit null relative to a buffer allocated on the stack. Due to a lack of bounds-checking on this value, this can allow an attacker to write to memory outside of the buffer and controllably corrupt memory. This can allow an attacker to earn code execution under the context of the application. An attacker can entice the victim to open a document to trigger this vulnerability.
2134 CVE-2020-13579 190 Exec Code Overflow Mem. Corr. 2021-02-04 2021-02-09
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable integer overflow vulnerability exists in the PlanMaker document parsing functionality of SoftMaker Office 2021’s PlanMaker application. A specially crafted document can cause the document parser perform arithmetic that may overflow which can result in an undersized heap allocation. Later when copying data from the file into this allocation, a heap-based buffer overflow will occur which can corrupt memory. These types of memory corruptions can allow for code execution under the context of the application. An attacker can entice the victim to open a document to trigger this vulnerability.
2135 CVE-2020-13572 787 Exec Code Overflow 2021-02-10 2021-02-16
6.8
None Remote Medium Not required Partial Partial Partial
A heap overflow vulnerability exists in the way the GIF parser decodes LZW compressed streams in Accusoft ImageGear 19.8. A specially crafted malformed file can trigger a heap overflow, which can result in arbitrary code execution. An attacker can provide a malicious file to trigger this vulnerability.
2136 CVE-2020-13571 787 Exec Code 2021-02-10 2021-02-16
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write vulnerability exists in the SGI RLE decompression functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
2137 CVE-2020-13570 416 Exec Code 2020-12-22 2020-12-23
6.8
None Remote Medium Not required Partial Partial Partial
A use-after-free vulnerability exists in the JavaScript engine of Foxit Software’s PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger the reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
2138 CVE-2020-13569 352 CSRF 2021-01-28 2021-02-04
6.8
None Remote Medium Not required Partial Partial Partial
A cross-site request forgery vulnerability exists in the GACL functionality of OpenEMR 5.0.2 and development version 6.0.0 (commit babec93f600ff1394f91ccd512bcad85832eb6ce). A specially crafted HTTP request can lead to the execution of arbitrary requests in the context of the victim. An attacker can send an HTTP request to trigger this vulnerability.
2139 CVE-2020-13568 89 Sql 2021-04-13 2021-04-14
6.5
None Remote Low ??? Partial Partial Partial
SQL injection vulnerability exists in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability in admin/edit_group.php, when the POST parameter action is “Submit”, the POST parameter parent_id leads to a SQL injection.
2140 CVE-2020-13566 89 Sql 2021-04-13 2021-04-14
6.5
None Remote Low ??? Partial Partial Partial
SQL injection vulnerabilities exist in phpGACL 3.3.7. A specially crafted HTTP request can lead to a SQL injection. An attacker can send an HTTP request to trigger this vulnerability In admin/edit_group.php, when the POST parameter action is “Delete”, the POST parameter delete_group leads to a SQL injection.
2141 CVE-2020-13561 787 Exec Code 2021-02-10 2021-02-16
6.8
None Remote Medium Not required Partial Partial Partial
An out-of-bounds write vulnerability exists in the TIFF parser of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
2142 CVE-2020-13560 416 Exec Code 2020-12-22 2020-12-23
6.8
None Remote Medium Not required Partial Partial Partial
A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
2143 CVE-2020-13558 416 Exec Code 2021-03-03 2021-06-04
6.8
None Remote Medium Not required Partial Partial Partial
A code execution vulnerability exists in the AudioSourceProviderGStreamer functionality of Webkit WebKitGTK 2.30.1. A specially crafted web page can lead to a use after free.
2144 CVE-2020-13557 416 Exec Code 2020-12-22 2020-12-23
6.8
None Remote Medium Not required Partial Partial Partial
A use after free vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
2145 CVE-2020-13548 416 Exec Code 2021-02-10 2021-02-13
6.8
None Remote Medium Not required Partial Partial Partial
In Foxit Reader 10.1.0.37527, a specially crafted PDF document can trigger reuse of previously free memory which can lead to arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
2146 CVE-2020-13547 843 Exec Code Mem. Corr. 2020-12-22 2020-12-23
6.8
None Remote Medium Not required Partial Partial Partial
A type confusion vulnerability exists in the JavaScript engine of Foxit Software’s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
2147 CVE-2020-13546 787 Overflow 2021-02-10 2021-02-16
6.8
None Remote Medium Not required Partial Partial Partial
In SoftMaker Software GmbH SoftMaker Office TextMaker 2021 (revision 1014), a specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based buffer overflow. An attacker can entice the victim to open a document to trigger this vulnerability.
2148 CVE-2020-13545 681 Mem. Corr. 2021-01-06 2021-01-11
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based memory corruption. An attacker can entice the victim to open a document to trigger this vulnerability.
2149 CVE-2020-13544 2021-01-06 2021-01-12
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop’s index being used to write outside the bounds of a heap buffer during the reading of file data. An attacker can entice the victim to open a document to trigger this vulnerability.
2150 CVE-2020-13543 416 Exec Code 2020-12-03 2020-12-23
6.8
None Remote Medium Not required Partial Partial Partial
A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.