CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2751 CVE-2020-8554 863 2021-01-21 2021-03-30
6.0
None Remote Medium ??? Partial Partial Partial
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacker who is able to patch the status (which is considered a privileged operation and should not typically be granted to users) of a LoadBalancer service can set the status.loadBalancer.ingress.ip to similar effect.
2752 CVE-2020-8511 434 Exec Code 2020-03-23 2020-03-25
6.5
None Remote Low ??? Partial Partial Partial
In Artica Pandora FMS through 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the File Repository component, a different issue than CVE-2020-7935 and CVE-2020-8500.
2753 CVE-2020-8500 434 Exec Code 2020-03-02 2020-03-09
6.5
None Remote Low ??? Partial Partial Partial
** DISPUTED ** In Artica Pandora FMS 7.42, Web Admin users can execute arbitrary code by uploading a .php file via the Updater or Extension component. NOTE: The vendor reports that this is intended functionality.
2754 CVE-2020-8495 863 +Priv 2020-01-30 2020-02-06
6.0
None Remote Medium ??? Partial Partial Partial
In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H491delegate servlet allows an attacker with Timekeeper or Supervisor privileges to gain unauthorized administrative privileges within the application via the delegate, delegateRole, and delegatorUserId parameters.
2755 CVE-2020-8494 269 +Priv 2020-01-30 2020-02-06
6.5
None Remote Low ??? Partial Partial Partial
In Kronos Web Time and Attendance (webTA) 3.8.x and later 3.x versions before 4.0, the com.threeis.webta.H402editUser servlet allows an attacker with Timekeeper, Master Timekeeper, or HR Admin privileges to gain unauthorized administrative privileges within the application via the emp_id, userid, pw1, pw2, supervisor, and timekeeper parameters.
2756 CVE-2020-8477 79 Exec Code XSS 2020-04-22 2020-04-30
6.8
None Remote Medium Not required Partial Partial Partial
The installations for ABB System 800xA Information Manager versions 5.1, 6.0 to 6.0.3.2 and 6.1 wrongly contain an auxiliary component. An attacker is able to use this for an XSS-like attack to an authenticated local user, which might lead to execution of arbitrary code.
2757 CVE-2020-8473 732 2020-04-29 2020-05-14
6.8
None Local Low Not required Partial Complete Complete
Insufficient folder permissions used by system functions in ABB System 800xA Base (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploit the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications.
2758 CVE-2020-8472 732 2020-04-29 2020-05-14
6.8
None Local Low Not required Partial Complete Complete
Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploited the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications.
2759 CVE-2020-8469 427 2020-03-12 2020-06-23
6.9
None Local Medium Not required Complete Complete Complete
Trend Micro Password Manager for Windows version 5.0 is affected by a DLL hijacking vulnerability would could potentially allow an attacker privleged escalation.
2760 CVE-2020-8468 494 2020-03-18 2020-03-19
6.5
None Remote Low ??? Partial Partial Partial
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. An attempted attack requires user authentication.
2761 CVE-2020-8467 Exec Code 2020-03-18 2020-03-20
6.5
None Remote Low ??? Partial Partial Partial
A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). An attempted attack requires user authentication.
2762 CVE-2020-8461 352 Bypass CSRF 2020-12-17 2020-12-21
6.8
None Remote Medium Not required Partial Partial Partial
A CSRF protection bypass vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to get a victim's browser to send a specifically encoded request without requiring a valid CSRF token.
2763 CVE-2020-8442 787 Overflow 2020-01-30 2020-07-27
6.5
None Remote Low ??? Partial Partial Partial
In OSSEC-HIDS 2.7 through 3.5.0, the server component responsible for log analysis (ossec-analysisd) is vulnerable to a heap-based buffer overflow in the rootcheck decoder component via an authenticated client.
2764 CVE-2020-8424 352 CSRF 2020-01-28 2020-12-15
6.8
None Remote Medium Not required Partial Partial Partial
Cups Easy (Purchase & Inventory) 1.0 is vulnerable to CSRF that leads to admin account takeover via passwordmychange.php.
2765 CVE-2020-8420 352 CSRF 2020-01-28 2020-02-07
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Joomla! before 3.9.15. A missing CSRF token check in the LESS compiler of com_templates causes a CSRF vulnerability.
2766 CVE-2020-8419 352 CSRF 2020-01-28 2020-02-06
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Joomla! before 3.9.15. Missing token checks in the batch actions of various components cause CSRF vulnerabilities.
2767 CVE-2020-8417 352 CSRF 2020-01-28 2020-02-06
6.8
None Remote Medium Not required Partial Partial Partial
The Code Snippets plugin before 2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu.
2768 CVE-2020-8349 94 Exec Code 2020-10-14 2020-10-29
6.8
None Remote Medium Not required Partial Partial Partial
An internal security review has identified an unauthenticated remote code execution vulnerability in Cloud Networking Operating System (CNOS)’ optional REST API management interface. This interface is disabled by default and not vulnerable unless enabled. When enabled, it is only vulnerable where attached to a VRF and as allowed by defined ACLs. Lenovo strongly recommends upgrading to a non-vulnerable CNOS release. Where not possible, Lenovo recommends disabling the REST API management interface or restricting access to the management VRF and further limiting access to authorized management stations via ACL.
2769 CVE-2020-8342 367 2020-09-15 2020-09-21
6.9
None Local Medium Not required Complete Complete Complete
A race condition vulnerability was reported in Lenovo System Update prior to version 5.07.0106 that could allow escalation of privilege.
2770 CVE-2020-8332 367 Exec Code 2020-10-14 2020-10-29
6.9
None Local Medium Not required Complete Complete Complete
A potential vulnerability in the SMI callback function used in the legacy BIOS mode USB drivers in some legacy Lenovo and IBM System x servers may allow arbitrary code execution. Servers operating in UEFI mode are not affected.
2771 CVE-2020-8326 428 Exec Code 2020-07-24 2020-07-29
6.9
None Local Medium Not required Complete Complete Complete
An unquoted service path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.
2772 CVE-2020-8317 426 Exec Code 2020-07-24 2020-07-29
6.9
None Local Medium Not required Complete Complete Complete
A DLL search path vulnerability was reported in Lenovo Drivers Management prior to version 2.7.1128.1046 that could allow an authenticated user to execute code with elevated privileges.
2773 CVE-2020-8287 444 2021-01-06 2021-02-19
6.4
None Remote Low Not required Partial Partial None
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 allow two copies of a header field in an HTTP request (for example, two Transfer-Encoding header fields). In this case, Node.js identifies the first header field and ignores the second. This can lead to HTTP Request Smuggling.
2774 CVE-2020-8282 352 Exec Code CSRF 2020-12-14 2020-12-16
6.8
None Remote Medium Not required Partial Partial Partial
A security issue was found in EdgePower 24V/54V firmware v1.7.0 and earlier where, due to missing CSRF protections, an attacker would have been able to perform unauthorized remote code execution.
2775 CVE-2020-8265 416 DoS 2021-01-06 2021-02-19
6.8
None Remote Medium Not required Partial Partial Partial
Node.js versions before 10.23.1, 12.20.1, 14.15.4, 15.5.1 are vulnerable to a use-after-free bug in its TLS implementation. When writing to a TLS enabled socket, node::StreamBase::Write calls node::TLSWrap::DoWrite with a freshly allocated WriteWrap object as first argument. If the DoWrite method does not return an error, this object is passed back to the caller as part of a StreamWriteResult structure. This may be exploited to corrupt memory leading to a Denial of Service or potentially other exploits.
2776 CVE-2020-8260 434 Exec Code 2020-10-28 2020-12-18
6.5
None Remote Low ??? Partial Partial Partial
A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction.
2777 CVE-2020-8254 22 Exec Code Dir. Trav. 2020-10-28 2020-11-03
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 has Remote Code Execution (RCE) if users can be convinced to connect to a malicious server. This vulnerability only affects Windows PDC.To improve the security of connections between Pulse clients and Pulse Connect Secure, see below recommendation(s):Disable Dynamic certificate trust for PDC.
2778 CVE-2020-8247 269 2020-09-18 2020-10-07
6.5
None Remote Low ??? Partial Partial Partial
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix ADC and NetScaler Gateway 11.1 before 11.1-65.12, Citrix SD-WAN WANOP 11.2 before 11.2.1a, Citrix SD-WAN WANOP 11.1 before 11.1.2a, Citrix SD-WAN WANOP 11.0 before 11.0.3f, Citrix SD-WAN WANOP 10.2 before 10.2.7b are vulnerable to escalation of privileges on the management interface.
2779 CVE-2020-8244 125 2020-08-30 2021-04-21
6.4
None Remote Low Not required Partial None Partial
A buffer over-read vulnerability exists in bl <4.0.3, <3.0.1, <2.2.1, and <1.2.3 which could allow an attacker to supply user input (even typed) that if it ends up in consume() argument and can become negative, the BufferList state can be corrupted, tricking it into exposing uninitialized memory via regular .slice() calls.
2780 CVE-2020-8243 94 Exec Code 2020-09-30 2020-10-07
6.5
None Remote Low ??? Partial Partial Partial
A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution.
2781 CVE-2020-8240 2020-10-28 2020-11-03
6.9
None Local Medium Not required Complete Complete Complete
A vulnerability in the Pulse Secure Desktop Client < 9.1R9 allows a restricted user on an endpoint machine can use system-level privileges if the Embedded Browser is configured with Credential Provider. This vulnerability only affects Windows PDC if the Embedded Browser is configured with the Credential Provider.
2782 CVE-2020-8218 94 Exec Code 2020-07-30 2020-09-01
6.5
None Remote Low ??? Partial Partial Partial
A code injection vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to crafted a URI to perform an arbitrary code execution via the admin web interface.
2783 CVE-2020-8215 120 DoS Exec Code Overflow 2020-07-20 2020-07-23
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow is present in canvas version <= 1.6.9, which could lead to a Denial of Service or execution of arbitrary code when it processes a user-provided image.
2784 CVE-2020-8207 287 Exec Code 2020-07-24 2020-07-29
6.0
None Remote Medium ??? Partial Partial Partial
Improper access control in Citrix Workspace app for Windows 1912 CU1 and 2006.1 causes privilege escalation and code execution when the automatic updater service is running.
2785 CVE-2020-8206 287 Bypass 2020-07-30 2020-08-20
6.8
None Remote Medium Not required Partial Partial Partial
An improper authentication vulnerability exists in Pulse Connect Secure <9.1RB that allows an attacker with a users primary credentials to bypass the Google TOTP.
2786 CVE-2020-8197 269 Exec Code 2020-07-10 2020-07-13
6.5
None Remote Low ??? Partial Partial Partial
Privilege escalation vulnerability on Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows a low privileged user with management access to execute arbitrary commands.
2787 CVE-2020-8190 281 2020-07-10 2020-07-13
6.0
None Remote Medium ??? Partial Partial Partial
Incorrect file permissions in Citrix ADC and Citrix Gateway before versions 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 allows privilege escalation.
2788 CVE-2020-8188 78 2020-07-02 2020-07-09
6.5
None Remote Low ??? Partial Partial Partial
We have recently released new version of UniFi Protect firmware v1.13.3 and v1.14.10 for Unifi Cloud Key Gen2 Plus and UniFi Dream Machine Pro/UNVR respectively that fixes vulnerabilities found on Protect firmware v1.13.2, v1.14.9 and prior according to the description below:View only users can run certain custom commands which allows them to assign themselves unauthorized roles and escalate their privileges.
2789 CVE-2020-8182 281 2020-10-05 2020-10-14
6.0
None Remote Medium ??? Partial Partial Partial
Improper access control in Nextcloud Deck 0.8.0 allowed an attacker to reshare boards shared with them with more permissions than they had themselves.
2790 CVE-2020-8180 94 2020-06-08 2020-06-11
6.5
None Remote Low ??? Partial Partial Partial
A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed a code injection when a not correctly sanitized talk command was added by an administrator.
2791 CVE-2020-8168 352 CSRF 2020-05-26 2020-05-28
6.8
None Remote Medium Not required Partial Partial Partial
We have recently released new version of AirMax AirOS firmware v6.3.0 for TI, XW and XM boards that fixes vulnerabilities found on AirMax AirOS v6.2.0 and prior TI, XW and XM boards, according to the description below:Attackers can abuse multiple end-points not protected against cross-site request forgery (CSRF), as a result authenticated users can be persuaded to visit malicious web pages, which allows attackers to perform arbitrary actions, such as downgrade the device's firmware to older versions, modify configuration, upload arbitrary firmware, exfiltrate files and tokens.Mitigation:Update to the latest AirMax AirOS firmware version available at the AirMax download page.
2792 CVE-2020-8163 94 2020-07-02 2020-07-27
6.5
None Remote Low ??? Partial Partial Partial
The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE.
2793 CVE-2020-8156 295 2020-05-12 2020-10-19
6.8
None Remote Medium Not required Partial Partial Partial
A missing verification of the TLS host in Nextcloud Mail 1.1.3 allowed a man in the middle attack.
2794 CVE-2020-8154 639 2020-05-12 2020-10-19
6.8
None Remote Low ??? None None Complete
An Insecure direct object reference vulnerability in Nextcloud Server 18.0.2 allowed an attacker to remote wipe devices of other users when sending a malicious request directly to the endpoint.
2795 CVE-2020-8146 269 2020-04-01 2020-04-03
6.9
None Local Medium Not required Complete Complete Complete
In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. The issue was fixed by adjusting the .tsExport folder when the controller is running on Windows and adjusting the SafeDllSearchMode in the windows registry when installing UniFi-Video controller. Affected Products: UniFi Video Controller v3.10.2 (for Windows 7/8/10 x64) and prior. Fixed in UniFi Video Controller v3.10.3 and newer.
2796 CVE-2020-8141 94 2020-03-15 2020-03-17
6.5
None Remote Low ??? Partial Partial Partial
The dot package v1.1.2 uses Function() to compile templates. This can be exploited by the attacker if they can control the given template or if they can control the value set on Object.prototype.
2797 CVE-2020-8130 78 2020-02-24 2020-06-30
6.9
None Local Medium Not required Complete Complete Complete
There is an OS command injection vulnerability in Ruby Rake < 12.3.3 in Rake::FileList when supplying a filename that begins with the pipe character `|`.
2798 CVE-2020-8112 787 Overflow 2020-01-28 2021-04-02
6.8
None Remote Medium Not required Partial Partial Partial
opj_t1_clbl_decode_processor in openjp2/t1.c in OpenJPEG 2.3.1 through 2020-01-28 has a heap-based buffer overflow in the qmfbid==1 case, a different issue than CVE-2020-6851.
2799 CVE-2020-8102 20 2020-06-22 2020-06-26
6.8
None Remote Medium Not required Partial Partial Partial
Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior to 24.0.20.116.
2800 CVE-2020-8086 863 2020-01-28 2020-02-04
6.8
None Remote Medium Not required Partial Partial Partial
The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. This grants remote entities admin-only functionality if their username matches the username of a local admin.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.