CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2701 CVE-2020-8857 416 Exec Code 2020-02-14 2020-02-18
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of form Annotation objects within AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9862.
2702 CVE-2020-8856 416 Exec Code 2020-02-14 2020-02-18
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25608. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of watermarks. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9640.
2703 CVE-2020-8855 416 Exec Code 2020-02-14 2020-02-18
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.2947. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the fxhtml2pdf.exe module. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9560.
2704 CVE-2020-8854 787 Exec Code 2020-02-14 2020-02-18
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of JPEG files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9606.
2705 CVE-2020-8853 787 Exec Code 2020-02-14 2020-02-18
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the conversion of HTML files to PDF. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9591.
2706 CVE-2020-8851 787 Exec Code 2020-02-14 2020-02-18
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9406.
2707 CVE-2020-8850 787 Exec Code 2020-02-14 2020-02-18
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPEG2000 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9415.
2708 CVE-2020-8849 787 Exec Code 2020-02-14 2020-02-18
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPEG2000 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9413.
2709 CVE-2020-8848 787 Exec Code 2020-02-14 2020-02-18
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPG2000 images. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9407.
2710 CVE-2020-8847 787 Exec Code 2020-02-14 2020-02-18
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.7.0.29455. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of JPEG2000 files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9414.
2711 CVE-2020-8846 416 Exec Code 2020-02-14 2020-02-18
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of text field objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9400.
2712 CVE-2020-8845 416 Exec Code 2020-02-14 2020-02-18
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote atackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of watermarks in AcroForms. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9358.
2713 CVE-2020-8844 190 Exec Code Overflow 2020-02-14 2020-02-18
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 9.6.0.25114. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of JPEG files within CovertToPDF. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before writing to memory. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-9102.
2714 CVE-2020-8841 89 Sql 2020-02-10 2020-02-12
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in TestLink 1.9.19. The relation_type parameter of the lib/requirements/reqSearch.php endpoint is vulnerable to authenticated SQL Injection.
2715 CVE-2020-8830 352 CSRF 2020-05-05 2020-05-08
6.8
None Remote Medium Not required Partial Partial Partial
CSRF in login.asp on Ruckus devices allows an attacker to access the panel, and use SSRF to perform scraping or other analysis via the SUBCA-1 field on the Wireless Admin screen.
2716 CVE-2020-8829 352 CSRF 2020-05-05 2020-05-07
6.8
None Remote Medium Not required Partial Partial Partial
CSRF on Intelbras CIP 92200 devices allows an attacker to access the panel and perform scraping or other analysis.
2717 CVE-2020-8828 269 2020-04-08 2020-04-10
6.5
None Remote Low ??? Partial Partial Partial
As of v1.5.0, the default admin password is set to the argocd-server pod name. For insiders with access to the cluster or logs, this issue could be abused for privilege escalation, as Argo has privileged roles. A malicious insider is the most realistic threat, but pod names are not meant to be kept secret and could wind up just about anywhere.
2718 CVE-2020-8816 Exec Code 2020-05-29 2020-08-04
6.5
None Remote Low ??? Partial Partial Partial
Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease.
2719 CVE-2020-8810 22 Exec Code Dir. Trav. 2020-02-25 2020-03-04
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Gurux GXDLMS Director through 8.5.1905.1301. When downloading OBIS codes, it does not verify that the downloaded files are actual OBIS codes and doesn't check for path traversal. This allows the attacker exploiting CVE-2020-8809 to send executable files and place them in an autorun directory, or to place DLLs inside the existing GXDLMS Director installation (run on next execution of GXDLMS Director). This can be used to achieve code execution even if the user doesn't have any add-ins installed.
2720 CVE-2020-8809 494 Exec Code 2020-02-25 2020-02-27
6.8
None Remote Medium Not required Partial Partial Partial
Gurux GXDLMS Director prior to 8.5.1905.1301 downloads updates to add-ins and OBIS code over an unencrypted HTTP connection. A man-in-the-middle attacker can prompt the user to download updates by modifying the contents of gurux.fi/obis/files.xml and gurux.fi/updates/updates.xml. Then, the attacker can modify the contents of downloaded files. In the case of add-ins (if the user is using those), this will lead to code execution. In case of OBIS codes (which the user is always using as they are needed to communicate with the energy meters), this can lead to code execution when combined with CVE-2020-8810.
2721 CVE-2020-8801 74 2020-02-13 2020-02-18
6.5
None Remote Low ??? Partial Partial Partial
SuiteCRM through 7.11.11 allows PHAR Deserialization.
2722 CVE-2020-8800 74 2020-02-13 2020-02-19
6.5
None Remote Low ??? Partial Partial Partial
SuiteCRM through 7.11.11 allows EmailsControllerActionGetFromFields PHP Object Injection.
2723 CVE-2020-8797 74 2020-04-23 2020-04-30
6.9
None Local Medium Not required Complete Complete Complete
Juplink RX4-1500 v1.0.3 allows remote attackers to gain root access to the Linux subsystem via an unsanitized exec call (aka Command Line Injection), if the undocumented telnetd service is enabled and the attacker can authenticate as admin from the local network.
2724 CVE-2020-8775 79 XSS 2020-04-29 2020-04-30
6.0
None Remote Medium ??? Partial Partial Partial
Pega Platform before version 8.2.6 is affected by a Stored Cross-Site Scripting (XSS) vulnerability in the comment tags.
2725 CVE-2020-8774 79 XSS 2020-04-29 2020-04-30
6.8
None Remote Medium Not required Partial Partial Partial
Pega Platform before version 8.2.6 is affected by a Reflected Cross-Site Scripting vulnerability in the "ActionStringID" function.
2726 CVE-2020-8773 79 XSS 2020-04-29 2020-04-30
6.0
None Remote Medium ??? Partial Partial Partial
The Richtext Editor in Pega Platform before 8.2.6 is affected by a Stored Cross-Site Scripting (XSS) vulnerability.
2727 CVE-2020-8747 125 DoS 2020-11-12 2020-11-18
6.4
None Remote Low Not required Partial None Partial
Out-of-bounds read in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow an unauthenticated user to potentially enable information disclosure and/or denial of service via network access.
2728 CVE-2020-8658 352 CSRF 2020-02-06 2020-02-07
6.8
None Remote Medium Not required Partial Partial Partial
The BestWebSoft Htaccess plugin through 1.8.1 for WordPress allows wp-admin/admin.php?page=htaccess.php&action=htaccess_editor CSRF. The flag htccss_nonce_name passes the nonce to WordPress but the plugin does not validate it correctly, resulting in a wrong implementation of anti-CSRF protection. In this way, an attacker is able to direct the victim to a malicious web page that modifies the .htaccess file, and takes control of the website.
2729 CVE-2020-8641 22 Dir. Trav. File Inclusion 2020-02-05 2020-02-07
6.5
None Remote Low ??? Partial Partial Partial
Lotus Core CMS 1.0.1 allows authenticated Local File Inclusion of .php files via directory traversal in the index.php page_slug parameter.
2730 CVE-2020-8639 434 Exec Code 2020-04-03 2021-02-22
6.5
None Remote Low ??? Partial Partial Partial
An unrestricted file upload vulnerability in keywordsImport.php in TestLink 1.9.20 allows remote attackers to execute arbitrary code by uploading a file with an executable extension. This allows an authenticated attacker to upload a malicious file (containing PHP code to execute operating system commands) to a publicly accessible directory of the application.
2731 CVE-2020-8625 120 Exec Code 2021-02-17 2021-03-19
6.8
None Remote Medium Not required Partial Partial Partial
BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not exposed, but a server can be rendered vulnerable by explicitly setting valid values for the tkey-gssapi-keytab or tkey-gssapi-credentialconfiguration options. Although the default configuration is not vulnerable, GSS-TSIG is frequently used in networks where BIND is integrated with Samba, as well as in mixed-server environments that combine BIND servers with Active Directory domain controllers. The most likely outcome of a successful exploitation of the vulnerability is a crash of the named process. However, remote code execution, while unproven, is theoretically possible. Affects: BIND 9.5.0 -> 9.11.27, 9.12.0 -> 9.16.11, and versions BIND 9.11.3-S1 -> 9.11.27-S1 and 9.16.8-S1 -> 9.16.11-S1 of BIND Supported Preview Edition. Also release versions 9.17.0 -> 9.17.1 of the BIND 9.17 development branch
2732 CVE-2020-8612 79 Exec Code XSS 2020-02-14 2020-02-20
6.0
None Remote Medium ??? Partial Partial Partial
In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, a REST API endpoint failed to adequately sanitize malicious input, which could allow an authenticated attacker to execute arbitrary code in a victim's browser, aka XSS.
2733 CVE-2020-8611 89 Sql 2020-02-14 2020-02-19
6.5
None Remote Low ??? Partial Partial Partial
In Progress MOVEit Transfer 2019.1 before 2019.1.4 and 2019.2 before 2019.2.1, multiple SQL Injection vulnerabilities have been found in the REST API that could allow an authenticated attacker to gain unauthorized access to MOVEit Transfer's database via the REST API. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database in addition to executing SQL statements that alter or destroy database elements.
2734 CVE-2020-8608 120 Overflow 2020-02-06 2021-02-14
6.8
None Remote Medium Not required Partial Partial Partial
In libslirp 4.1.0, as used in QEMU 4.2.0, tcp_subr.c misuses snprintf return values, leading to a buffer overflow in later code.
2735 CVE-2020-8605 78 Exec Code 2020-05-27 2020-07-14
6.5
None Remote Low ??? Partial Partial Partial
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 may allow remote attackers to execute arbitrary code on affected installations. Authentication is required to exploit this vulnerability.
2736 CVE-2020-8602 732 Exec Code Bypass 2020-08-27 2020-09-04
6.5
None Remote Low ??? Partial Partial Partial
A vulnerability in the management consoles of Trend Micro Deep Security 10.0-12.0 and Trend Micro Vulnerability Protection 2.0 SP2 may allow an authenticated attacker with full control privileges to bypass file integrity checks, leading to remote code execution.
2737 CVE-2020-8596 89 Exec Code Sql 2020-02-11 2020-02-25
6.0
None Remote Medium ??? Partial Partial Partial
participants-database.php in the Participants Database plugin 1.9.5.5 and previous versions for WordPress has a time-based SQL injection vulnerability via the ascdesc, list_filter_count, or sortBy parameters. It is possible to exfiltrate data and potentially execute code (if certain conditions are met).
2738 CVE-2020-8570 22 Dir. Trav. 2021-01-21 2021-02-04
6.4
None Remote Low Not required None Partial Partial
Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a maliciously crafted archive. This can potentially overwrite any files on the system of the process executing the client code.
2739 CVE-2020-8559 601 2020-07-22 2020-08-10
6.0
None Remote Medium ??? Partial Partial Partial
The Kubernetes kube-apiserver in versions v1.6-v1.15, and versions prior to v1.16.13, v1.17.9 and v1.18.6 are vulnerable to an unvalidated redirect on proxied upgrade requests that could allow an attacker to escalate privileges from a node compromise to a full cluster compromise.
2740 CVE-2020-8554 863 2021-01-21 2021-03-30
6.0
None Remote Medium ??? Partial Partial Partial
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
2741 CVE-2020-8511 434 Exec Code 2020-03-23 2020-03-25
6.5
None Remote Low ??? Partial Partial Partial
In Artica Pandora FMS through 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the File Repository component, a different issue than CVE-2020-7935 and CVE-2020-8500.
2742 CVE-2020-8500 434 Exec Code 2020-03-02 2020-03-09
6.5
None Remote Low ??? Partial Partial Partial
** DISPUTED ** In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. NOTE: The vendor reports that this is intended functionality.
2743 CVE-2020-8495 863 +Priv 2020-01-30 2020-02-06
6.0
None Remote Medium ??? Partial Partial Partial
In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H491delegate servlet allows an attacker with Timekeeper or Supervisor privileges to gain unauthorized administrative privileges within the application via the delegate, delegateRole, and delegatorUserId parameters.
2744 CVE-2020-8494 269 +Priv 2020-01-30 2020-02-06
6.5
None Remote Low ??? Partial Partial Partial
In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H402editUser servlet allows an attacker with Timekeeper, Master Timekeeper, or HR Admin privileges to gain unauthorized administrative privileges within the application via the emp_id, userid, pw1, pw2, supervisor, and timekeeper parameters.
2745 CVE-2020-8477 79 Exec Code XSS 2020-04-22 2020-04-30
6.8
None Remote Medium Not required Partial Partial Partial
The installations for ABB System 800xA Information Manager versions 5.1, 6.0 to 6.0.3.2 and 6.1 wrongly contain an auxiliary component. An attacker is able to use this for an XSS-like attack to an authenticated local user, which might lead to execution of arbitrary code.
2746 CVE-2020-8473 732 2020-04-29 2020-05-14
6.8
None Local Low Not required Partial Complete Complete
Insufficient folder permissions used by system functions in ABB System 800xA Base (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications.
2747 CVE-2020-8472 732 2020-04-29 2020-05-14
6.8
None Local Low Not required Partial Complete Complete
Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploited the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications.
2748 CVE-2020-8469 427 2020-03-12 2020-06-23
6.9
None Local Medium Not required Complete Complete Complete
Trend Micro Password Manager for Windows version 5.0 is affected by a DLL hijacking vulnerability would could potentially allow an attacker privleged escalation.
2749 CVE-2020-8468 494 2020-03-18 2020-03-19
6.5
None Remote Low ??? Partial Partial Partial
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.
2750 CVE-2020-8467 Exec Code 2020-03-18 2020-03-20
6.5
None Remote Low ??? Partial Partial Partial
A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). An attempted attack requires user authentication.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.