CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2651 CVE-2020-9363 20 Bypass 2020-02-24 2020-04-03
6.8
None Remote Medium Not required Partial Partial Partial
The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Server, and Secure Web Gateway. NOTE: the vendor feels that this does not apply to endpoint-protection products because the virus would be detected upon extraction.
2652 CVE-2020-9362 20 Bypass 2020-02-24 2020-03-04
6.8
None Remote Medium Not required Partial Partial Partial
The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet Security, Total Security for Mac, AntiVirus Pro, AntiVirus for Server, and Total Security for Android.
2653 CVE-2020-9359 20 Exec Code 2020-03-24 2020-07-27
6.8
None Remote Medium Not required Partial Partial Partial
KDE Okular before 1.10.0 allows code execution via an action link in a PDF document.
2654 CVE-2020-9354 776 2020-02-23 2020-02-24
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) saveFile provided by the console functionality on the /tools/developerConsoleOperations.jsp (or /isomorphic/IDACall) URL allows an unauthenticated attacker to overwrite files via vectors involving an XML comment and /.. path traversal.
2655 CVE-2020-9346 352 CSRF 2020-03-16 2020-03-20
6.8
None Remote Medium Not required Partial Partial Partial
Zoho ManageEngine Password Manager Pro 10.4 and prior has no protection against Cross-site Request Forgery (CSRF) attacks, as demonstrated by changing a user's role.
2656 CVE-2020-9341 352 CSRF 2020-02-22 2020-02-24
6.8
None Remote Medium Not required Partial Partial Partial
CandidATS 2.1.0 is vulnerable to CSRF that allows for an administrator account to be added via the index.php?m=settings&a=addUser URI.
2657 CVE-2020-9340 89 Sql 2020-02-22 2020-02-25
6.5
None Remote Low ??? Partial Partial Partial
fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter.
2658 CVE-2020-9318 89 Sql 2020-02-20 2020-02-25
6.5
None Remote Low ??? Partial Partial Partial
Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative user to perform a SQL injection attack by configuring the SNMP alert settings in the UI. This is fixed in 9.2.15.
2659 CVE-2020-9309 434 Exec Code 2020-07-15 2020-07-24
6.8
None Remote Medium Not required Partial Partial Partial
Silverstripe CMS through 4.5 can be susceptible to script execution from malicious upload contents under allowed file extensions (for example HTML code in a TXT file). When these files are stored as protected or draft files, the MIME detection can cause browsers to execute the file contents. Uploads stored as protected or draft files are allowed by default for authorised users only, but can also be enabled through custom logic as well as modules such as silverstripe/userforms. Sites using the previously optional silverstripe/mimevalidator module can configure MIME whitelists rather than extension whitelists, and hence prevent this issue. Sites on the Common Web Platform (CWP) use this module by default, and are not affected.
2660 CVE-2020-9308 20 2020-02-20 2020-06-07
6.8
None Remote Medium Not required Partial Partial Partial
archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unspecified other impact.
2661 CVE-2020-9307 835 DoS 2021-02-11 2021-02-23
6.1
None Local Network Low Not required None None Complete
Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a denial of service. An unauthenticated, adjacent attacker can cause an infinite loop on one of the HSR ring ports of the device. This effectively breaks the redundancy of the HSR ring. If the attacker can perform the same attack on a second device, the ring is broken into two parts (thus disrupting communication between devices in the different parts).
2662 CVE-2020-9301 502 2020-12-11 2020-12-14
6.5
None Remote Low ??? Partial Partial Partial
Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all versions prior to version 1.23.4, 1.22.4 or 1.21.5. The vulnerability exists within the handling of SpEL expressions that allows an attacker to read and write arbitrary files within the orca container via authenticated HTTP POST requests.
2663 CVE-2020-9290 427 Exec Code 2020-03-15 2020-03-17
6.9
None Local Medium Not required Complete Complete Complete
An Unsafe Search Path vulnerability in FortiClient for Windows online installer 6.2.3 and below may allow a local attacker with control over the directory in which FortiClientOnlineInstaller.exe and FortiClientVPNOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious Filter Library DLL files in that directory.
2664 CVE-2020-9287 427 Exec Code 2020-03-15 2020-03-17
6.9
None Local Medium Not required Complete Complete Complete
An Unsafe Search Path vulnerability in FortiClient EMS online installer 6.2.1 and below may allow a local attacker with control over the directory in which FortiClientEMSOnlineInstaller.exe resides to execute arbitrary code on the system via uploading malicious Filter Library DLL files in that directory.
2665 CVE-2020-9286 863 2020-04-07 2020-04-09
6.8
None Remote Low ??? None None Complete
An improper authorization vulnerability in FortiADC may allow a remote authenticated user with low privileges to perform certain actions such as rebooting the system.
2666 CVE-2020-9278 20 2020-04-20 2020-04-28
6.4
None Remote Low Not required None Partial Partial
An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The device can be reset to its default configuration by accessing an unauthenticated URL.
2667 CVE-2020-9270 352 CSRF 2020-02-18 2020-02-19
6.8
None Remote Medium Not required Partial Partial Partial
ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php.
2668 CVE-2020-9265 89 Sql 2020-02-18 2020-02-27
6.4
None Remote Low Not required Partial None Partial
phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User functionality, as demonstrated by pmc_username.
2669 CVE-2020-9263 416 Exec Code 2020-10-19 2020-10-22
6.8
None Remote Medium Not required Partial Partial Partial
HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.1.0.160(C00E160R2P11) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with common privilege, successful exploit could cause code execution.
2670 CVE-2020-9262 416 Exec Code 2020-07-06 2020-07-09
6.8
None Remote Medium Not required Partial Partial Partial
HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a use after free vulnerability. There is a condition exists that the system would reference memory after it has been freed, the attacker should trick the user into running a crafted application with high privilege, successful exploit could cause code execution.
2671 CVE-2020-9261 843 Exec Code 2020-07-06 2020-07-09
6.8
None Remote Medium Not required Partial Partial Partial
HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a type confusion vulnerability. The system does not properly check and transform the type of certain variable, the attacker tricks the user into installing then running a crafted application, successful exploit could cause code execution.
2672 CVE-2020-9257 120 Exec Code Overflow 2020-07-17 2020-07-22
6.8
None Remote Medium Not required Partial Partial Partial
HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a buffer overflow vulnerability. The software access data past the end, or before the beginning, of the intended buffer when handling certain operations of certificate, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.
2673 CVE-2020-9254 74 Exec Code 2020-07-17 2020-07-22
6.8
None Remote Medium Not required Partial Partial Partial
HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earlier than 10.1.0.126(C10E11R5P1), and versions earlier than 10.1.0.160(C00E160R2P8) have a logic check error vulnerability. A logic error occurs when the software checking the size of certain parameter, the attacker should trick the user into installing a malicious application, successful exploit may cause code execution.
2674 CVE-2020-9247 120 Exec Code Overflow 2020-12-07 2020-12-08
6.8
None Remote Medium Not required Partial Partial Partial
There is a buffer overflow vulnerability in several Huawei products. The system does not sufficiently validate certain configuration parameter which is passed from user that would cause buffer overflow. The attacker should trick the user into installing and running a malicious application with a high privilege, successful exploit may cause code execution. Affected product include Huawei HONOR 20 PRO, Mate 20, Mate 20 Pro, Mate 20 X, P30, P30 Pro, Hima-L29C, Laya-AL00EP, Princeton-AL10B, Tony-AL00B, Yale-L61A, Yale-TL00B and YaleP-AL10B.
2675 CVE-2020-9242 78 2020-08-17 2020-08-21
6.5
None Remote Low ??? Partial Partial Partial
FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently validate certain parameters post from user, successful exploit could allow an authenticated attacker to launch a command injection attack.
2676 CVE-2020-9241 863 2020-08-17 2020-08-19
6.8
None Remote Medium Not required Partial Partial Partial
Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have an improper authorization vulnerability. The device does not restrict certain data received from WAN port. Successful exploit could allow an attacker at WAN side to manage certain service of the device.
2677 CVE-2020-9233 287 2020-08-17 2020-08-21
6.4
None Remote Low Not required None Partial Partial
FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the vulnerability to delete some files and cause some services abnormal.
2678 CVE-2020-9207 287 Bypass 2020-12-29 2020-12-31
6.8
None Remote Medium Not required Partial Partial Partial
There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious files to bypass current verification mechanism. This can compromise normal service.
2679 CVE-2020-9145 787 2021-01-13 2021-01-19
6.4
None Remote Low Not required Partial None Partial
There is an Out-of-bounds Write vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability may cause out-of-bounds access to the physical memory.
2680 CVE-2020-9142 787 Overflow 2021-01-13 2021-01-19
6.4
None Remote Low Not required None Partial Partial
There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly processes the update file.
2681 CVE-2020-9141 345 2021-01-13 2021-01-19
6.4
None Remote Low Not required Partial Partial None
There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploitation of this vulnerability can cause information disclosure and malfunctions due to insufficient verification of data authenticity.
2682 CVE-2020-9139 20 DoS 2021-01-13 2021-01-19
6.4
None Remote Low Not required Partial None Partial
There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of this vulnerability can cause memory access errors and denial of service.
2683 CVE-2020-9123 787 Exec Code Overflow 2020-10-12 2020-10-26
6.8
None Remote Medium Not required Partial Partial Partial
HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C01E160R2P8) have a buffer overflow vulnerability. An attacker induces users to install malicious applications and sends specially constructed packets to affected devices after obtaining the root permission. Successful exploit may cause code execution.
2684 CVE-2020-9116 77 2020-12-01 2020-12-02
6.5
None Remote Low ??? Partial Partial Partial
Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticated, remote attacker can craft specific request to exploit this vulnerability. Due to insufficient verification, this could be exploited to cause the attackers to obtain higher privilege.
2685 CVE-2020-9066 287 Bypass 2020-03-26 2020-03-30
6.8
None Remote Medium Not required Partial Partial Partial
Huawei smartphones OxfordP-AN10B with versions earlier than 10.0.1.169(C00E166R4P1) have an improper authentication vulnerability. The Application doesn't perform proper authentication when user performs certain operations. An attacker can trick user into installing a malicious plug-in to exploit this vulnerability. Successful exploit could allow the attacker to bypass the authentication to perform unauthorized operations.
2686 CVE-2020-9044 611 2020-03-10 2020-03-11
6.4
None Remote Low Not required Partial None Partial
XXE vulnerability exists in the Metasys family of product Web Services which has the potential to facilitate DoS attacks or harvesting of ASCII server files. This affects Johnson Controls' Metasys Application and Data Server (ADS, ADS-Lite) versions 10.1 and prior; Metasys Extended Application and Data Server (ADX) versions 10.1 and prior; Metasys Open Data Server (ODS) versions 10.1 and prior; Metasys Open Application Server (OAS) version 10.1; Metasys Network Automation Engine (NAE55 only) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys Network Integration Engine (NIE55/NIE59) versions 9.0.1, 9.0.2, 9.0.3, 9.0.5, 9.0.6; Metasys NAE85 and NIE85 versions 10.1 and prior; Metasys LonWorks Control Server (LCS) versions 10.1 and prior; Metasys System Configuration Tool (SCT) versions 13.2 and prior; Metasys Smoke Control Network Automation Engine (NAE55, UL 864 UUKL/ORD-C100-13 UUKLC 10th Edition Listed) version 8.1.
2687 CVE-2020-9042 352 CSRF 2020-06-08 2020-06-11
6.8
None Remote Medium Not required Partial Partial Partial
In Couchbase Server 6.0, credentials cached by a browser can be used to perform a CSRF attack if an administrator has used their browser to check the results of a REST API request.
2688 CVE-2020-9033 22 Dir. Trav. 2020-02-17 2020-02-19
6.4
None Remote Low Not required Partial Partial None
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to authlog.php.
2689 CVE-2020-9032 22 Dir. Trav. 2020-02-17 2020-02-19
6.4
None Remote Low Not required Partial Partial None
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to kernlog.php.
2690 CVE-2020-9031 22 Dir. Trav. 2020-02-17 2020-02-19
6.4
None Remote Low Not required Partial Partial None
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to daemonlog.php.
2691 CVE-2020-9030 22 Dir. Trav. 2020-02-17 2020-02-19
6.4
None Remote Low Not required Partial Partial None
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to the syslog.php.
2692 CVE-2020-9029 22 Dir. Trav. 2020-02-17 2020-02-19
6.4
None Remote Low Not required Partial Partial None
Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices allow Directory Traversal via the FileName parameter to messagelog.php.
2693 CVE-2020-9017 74 2020-02-25 2020-02-26
6.0
None Remote Medium ??? Partial Partial Partial
LiteCart through 2.2.1 allows CSV injection via a customer's profile.
2694 CVE-2020-9005 20 DoS Exec Code 2020-02-17 2020-02-26
6.8
None Remote Medium Not required Partial Partial Partial
meshsystem.dll in Valve Dota 2 through 2020-02-17 allows remote attackers to achieve code execution or denial of service by creating a gaming server with a crafted map, and inviting a victim to this server. A GetValue call is mishandled.
2695 CVE-2020-8990 384 2020-02-20 2020-02-24
6.4
None Remote Low Not required Partial Partial None
Western Digital My Cloud Home before 3.6.0 and ibi before 3.6.0 allow Session Fixation.
2696 CVE-2020-8985 352 XSS CSRF 2020-03-24 2020-03-27
6.8
None Remote Medium Not required Partial Partial Partial
ZendTo prior to 5.22-2 Beta allowed reflected XSS and CSRF via the unlock.tpl unlock user functionality.
2697 CVE-2020-8933 276 +Priv 2020-06-22 2020-07-20
6.9
None Local Medium Not required Complete Complete Complete
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within an lxc container, it is possible to attach the host OS filesystem and modify /etc/sudoers to then gain administrative privileges. All images created after 2020-May-07 (20200507) are fixed, and if you cannot update, we recommend you edit /etc/group/security.conf and remove the "lxd" user from the OS Login entry.
2698 CVE-2020-8927 120 Overflow 2020-09-15 2020-12-02
6.4
None Remote Low Not required None Partial Partial
A buffer overflow exists in the Brotli library versions prior to 1.0.8 where an attacker controlling the input length of a "one-shot" decompression request to a script can trigger a crash, which happens when copying over chunks of data larger than 2 GiB. It is recommended to update your Brotli library to 1.0.8 or later. If one cannot update, we recommend to use the "streaming" API as opposed to the "one-shot" API, and impose chunk size limits.
2699 CVE-2020-8913 22 Exec Code Dir. Trav. 2020-08-12 2020-08-31
6.8
None Remote Medium Not required Partial Partial Partial
A local, arbitrary code execution vulnerability exists in the SplitCompat.install endpoint in Android's Play Core Library versions prior to 1.7.2. A malicious attacker could create an apk which targets a specific application, and if a victim were to install this apk, the attacker could perform a directory traversal, execute code as the targeted application and access the targeted application's data on the Android device. We recommend all users update Play Core to version 1.7.2 or later.
2700 CVE-2020-8907 276 +Priv 2020-06-22 2020-07-20
6.9
None Local Medium Not required Complete Complete Complete
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and mount the host OS. Within docker, it is possible to modify the host OS filesystem and modify /etc/groups to gain administrative privileges. All images created after 2020-May-07 (20200507) are fixed, and if you cannot update, we recommend you edit /etc/group/security.conf and remove the "docker" user from the OS Login entry.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.