CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
401 CVE-2020-35912 362 2020-12-31 2021-01-05
1.9
None Local Medium Not required None None Partial
An issue was discovered in the lock_api crate before 0.4.2 for Rust. A data race can occur because of MappedRwLockWriteGuard unsoundness.
402 CVE-2020-35911 362 2020-12-31 2021-01-05
1.9
None Local Medium Not required None None Partial
An issue was discovered in the lock_api crate before 0.4.2 for Rust. A data race can occur because of MappedRwLockReadGuard unsoundness.
403 CVE-2020-35905 362 2020-12-31 2021-01-06
1.9
None Local Medium Not required None None Partial
An issue was discovered in the futures-util crate before 0.3.7 for Rust. MutexGuard::map can cause a data race for certain closure situations (in safe code).
404 CVE-2020-35897 362 2020-12-31 2021-01-07
1.9
None Local Medium Not required None None Partial
An issue was discovered in the atom crate before 0.3.6 for Rust. An unsafe Send implementation allows a cross-thread data race.
405 CVE-2020-35886 362 2020-12-31 2021-01-07
1.9
None Local Medium Not required None None Partial
An issue was discovered in the arr crate through 2020-08-25 for Rust. An attacker can smuggle non-Sync/Send types across a thread boundary to cause a data race.
406 CVE-2020-35542 XSS 2021-04-27 2021-04-27
0.0
None ??? ??? ??? ??? ??? ???
Unisys Data Exchange Management Studio through 5.0.34 doesn't sanitize the input to a HTML document field. This could be used for an XSS attack.
407 CVE-2020-35451 362 2021-03-09 2021-03-12
1.9
None Local Medium Not required None Partial None
There is a race condition in OozieSharelibCLI in Apache Oozie before version 5.2.1 which allows a malicious attacker to replace the files in Oozie's sharelib during it's creation.
408 CVE-2020-28945 XSS 2021-05-03 2021-05-04
0.0
None ??? ??? ??? ??? ??? ???
OX App Suite 7.10.4 and earlier allows XSS via crafted content to reach an undocumented feature, such as ![](http://onerror=Function.constructor, in a Notes item.
409 CVE-2020-28944 DoS 2021-04-30 2021-05-01
0.0
None ??? ??? ??? ??? ??? ???
OX Guard 2.10.4 and earlier allows a Denial of Service via a WKS server that responds slowly or with a large amount of data.
410 CVE-2020-28943 2021-04-30 2021-05-01
0.0
None ??? ??? ??? ??? ??? ???
OX App Suite 7.10.4 and earlier allows SSRF via a snippet.
411 CVE-2020-27925 2020-12-08 2020-12-10
1.9
None Local Medium Not required None Partial None
An issue existed in the handling of incoming calls. The issue was addressed with additional state checks. This issue is fixed in iOS 14.2 and iPadOS 14.2. A user may answer two calls simultaneously without indication they have answered a second call.
412 CVE-2020-27416 2021-12-08 2021-12-08
0.0
None ??? ??? ??? ??? ??? ???
Mahavitaran android application 7.50 and prior are affected by account takeover due to improper OTP validation, allows remote attackers to control a users account.
413 CVE-2020-27413 522 2021-12-07 2021-12-08
1.9
None Local Medium Not required Partial None None
An issue was discovered in Mahavitaran android application 7.50 and below, allows local attackers to read cleartext username and password while the user is logged into the application.
414 CVE-2020-27170 203 +Info 2021-03-20 2021-04-08
1.9
None Local Medium Not required Partial None None
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This affects pointer types that do not define a ptr_limit.
415 CVE-2020-25738 427 Bypass 2020-11-27 2020-12-04
1.9
None Local Medium Not required Partial None None
CyberArk Endpoint Privilege Manager (EPM) 11.1.0.173 allows attackers to bypass a Credential Theft protection mechanism by injecting a DLL into a process that normally has credential access, such as a Chrome process that reads credentials from a SQLite database.
416 CVE-2020-25656 416 2020-12-02 2020-12-18
1.9
None Local Medium Not required Partial None None
A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality.
417 CVE-2020-25604 362 DoS 2020-09-23 2020-11-11
1.9
None Local Medium Not required None None Partial
An issue was discovered in Xen through 4.14.x. There is a race condition when migrating timers between x86 HVM vCPUs. When migrating timers of x86 HVM guests between its vCPUs, the locking model used allows for a second vCPU of the same guest (also operating on the timers) to release a lock that it didn't acquire. The most likely effect of the issue is a hang or crash of the hypervisor, i.e., a Denial of Service (DoS). All versions of Xen are affected. Only x86 systems are vulnerable. Arm systems are not vulnerable. Only x86 HVM guests can leverage the vulnerability. x86 PV and PVH cannot leverage the vulnerability. Only guests with more than one vCPU can exploit the vulnerability.
418 CVE-2020-25284 732 2020-09-13 2021-07-21
1.9
None Local Medium Not required None Partial None
The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.
419 CVE-2020-25203 2020-09-25 2020-10-06
1.9
None Local Medium Not required None Partial None
The Framer Preview application 12 for Android exposes com.framer.viewer.FramerViewActivity to other applications. By calling the intent with the action set to android.intent.action.VIEW, any other application is able to load any website/web content into the application's context, which is shown as a full-screen overlay to the user.
420 CVE-2020-25082 203 2021-08-10 2021-08-17
1.9
None Local Medium Not required Partial None None
An attacker with physical access to Nuvoton Trusted Platform Module (NPCT75x 7.2.x before 7.2.2.0) could extract an Elliptic Curve Cryptography (ECC) private key via a side-channel attack against ECDSA, because of an Observable Timing Discrepancy.
421 CVE-2020-24918 Exec Code Overflow 2021-04-30 2021-04-30
0.0
None ??? ??? ??? ??? ??? ???
A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated attacker to send a crafted RTSP request, with a long digest authentication header, to execute arbitrary code in parse_authentication_header() in libamprotocol-rtsp.so.1 in rtsp_svc (or cause a crash). This allows remote takeover of a Furbo Dog Camera, for example.
422 CVE-2020-24655 362 Bypass 2020-09-10 2020-09-16
1.9
None Local Medium Not required Partial None None
A race condition in the Twilio Authy 2-Factor Authentication application before 24.3.7 for Android allows a user to potentially approve/deny an access request prior to unlocking the application with a PIN on older Android devices (effectively bypassing the PIN requirement).
423 CVE-2020-24612 287 Bypass 2020-08-24 2020-09-01
1.9
None Local Medium Not required Partial None None
An issue was discovered in the selinux-policy (aka Reference Policy) package 3.14 through 2020-08-24 because the .config/Yubico directory is mishandled. Consequently, when SELinux is in enforced mode, pam-u2f is not allowed to read the user's U2F configuration file. If configured with the nouserok option (the default when configured by the authselect tool), and that file cannot be read, the second factor is disabled. An attacker with only the knowledge of the password can then log in, bypassing 2FA.
424 CVE-2020-24587 326 2021-05-11 2021-10-28
1.8
None Local Network High Not required Partial None None
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
425 CVE-2020-24491 312 2021-02-17 2021-07-21
1.9
None Local Medium Not required Partial None None
Debug message containing addresses of memory transactions in some Intel(R) 10th Generation Core Processors supporting SGX may allow a privileged user to potentially enable information disclosure via local access.
426 CVE-2020-24439 347 Bypass 2020-11-05 2021-09-16
1.2
None Local High Not required None Partial None
Acrobat Reader DC for macOS versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by a security feature bypass. While the practical security impact is minimal, a defense-in-depth fix has been implemented to further harden the Adobe Reader update process.
427 CVE-2020-22808 XSS 2021-04-29 2021-04-29
0.0
None ??? ??? ??? ??? ??? ???
An issue was found in yii2_fecshop 2.x. There is a reflected XSS vulnerability in the check cart page.
428 CVE-2020-22785 DoS 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
Etherpad < 1.8.3 is affected by a missing lock check which could cause a denial of service. Aggressively targeting random pad import endpoints with empty data would flatten all pads due to lack of rate limiting and missing ownership check.
429 CVE-2020-22784 Bypass 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
In Etherpad UeberDB < 0.4.4, due to MySQL omitting trailing spaces on char / varchar columns during comparisons, retrieving database records using UeberDB's MySQL connector could allow bypassing access controls enforced on key names.
430 CVE-2020-22783 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
Etherpad <1.8.3 stored passwords used by users insecurely in the database and in log files. This affects every database backend supported by Etherpad.
431 CVE-2020-22782 DoS 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
Etherpad < 1.8.3 is affected by a denial of service in the import functionality. Upload of binary file to the import endpoint would crash the instance.
432 CVE-2020-22781 DoS 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
In Etherpad < 1.8.3, a specially crafted URI would raise an unhandled exception in the cache mechanism and cause a denial of service (crash the instance).
433 CVE-2020-22002 2021-04-29 2021-04-29
0.0
None ??? ??? ??? ??? ??? ???
An Unauthenticated Server-Side Request Forgery (SSRF) vulnerability exists in Inim Electronics Smartliving SmartLAN/G/SI <=6.x within the GetImage functionality. The application parses user supplied data in the GET parameter 'host' to construct an image request to the service through onvif.cgi. Since no validation is carried out on the parameter, an attacker can specify an external domain and force the application to make an HTTP request to an arbitrary destination host.
434 CVE-2020-22001 Bypass 2021-04-27 2021-04-27
0.0
None ??? ??? ??? ??? ??? ???
HomeAutomation 3.3.2 suffers from an authentication bypass vulnerability when spoofing client IP address using the X-Forwarded-For header with the local (loopback) IP address value allowing remote control of the smart home solution.
435 CVE-2020-22000 Exec Code CSRF 2021-04-27 2021-04-27
0.0
None ??? ??? ??? ??? ??? ???
HomeAutomation 3.3.2 suffers from an authenticated OS command execution vulnerability using custom command v0.1 plugin. This can be exploited with a CSRF vulnerability to execute arbitrary shell commands as the web user via the 'set_command_on' and 'set_command_off' POST parameters in '/system/systemplugins/customcommand/customcommand.plugin.php' by using an unsanitized PHP exec() function.
436 CVE-2020-21998 2021-04-27 2021-04-27
0.0
None ??? ??? ??? ??? ??? ???
In HomeAutomation 3.3.2 input passed via the 'redirect' GET parameter in 'api.php' script is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.
437 CVE-2020-21997 Bypass 2021-04-29 2021-04-29
0.0
None ??? ??? ??? ??? ??? ???
Smartwares HOME easy <=1.0.9 is vulnerable to an unauthenticated database backup download and information disclosure vulnerability. An attacker could disclose sensitive and clear-text information resulting in authentication bypass, session hijacking and full system control.
438 CVE-2020-21993 Exec Code 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
In WEMS Limited Enterprise Manager 2.58, input passed to the GET parameter 'email' is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML code in a user's browser session in context of an affected site.
439 CVE-2020-21990 2021-04-29 2021-04-29
0.0
None ??? ??? ??? ??? ??? ???
Emmanuel MyDomoAtHome (MDAH) REST API REST API Domoticz ISS Gateway 0.2.40 is affected by an information disclosure vulnerability due to improper access control enforcement. An unauthenticated remote attacker can exploit this, via a specially crafted request to gain access to sensitive information.
440 CVE-2020-21989 CSRF 2021-04-27 2021-04-27
0.0
None ??? ??? ??? ??? ??? ???
HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF). The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
441 CVE-2020-21690 DoS 2021-08-10 2021-08-10
0.0
None ??? ??? ??? ??? ??? ???
A memory leak in the grow_array function in cmdutils.c og Ffmpeg 4.2 allows attackers to cause a denial of service (DOS) via a crafted ogg file.
442 CVE-2020-18900 125 Overflow 2021-08-19 2021-09-02
1.9
None Local Medium Not required None None Partial
** DISPUTED ** A heap-based buffer overflow in the libexe_io_handle_read_coff_optional_header function of libyal libexe before 20181128. NOTE: the vendor has disputed this as described in libyal/libexe issue 1 on GitHub.
443 CVE-2020-18084 Exec Code XSS 2021-04-30 2021-04-30
0.0
None ??? ??? ??? ??? ??? ???
Cross Site Scripting (XSS) in yzmCMS v5.2 allows remote attackers to execute arbitrary code by injecting commands into the "referer" field of a POST request to the component "/member/index/login.html" when logging in.
444 CVE-2020-18020 Exec Code Sql 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
SQL Injection in PHPSHE Mall System v1.7 allows remote attackers to execute arbitrary code by injecting SQL commands into the "user_phone" parameter of a crafted HTTP request to the "admin.php" component.
445 CVE-2020-18019 Sql +Info 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
SQL Injection in Xinhu OA System v1.8.3 allows remote attackers to obtain sensitive information by injecting arbitrary commands into the "typeid" variable of the "createfolderAjax" function in the "mode_worcAction.php" component.
446 CVE-2020-17999 Exec Code XSS 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
Cross Site Scripting (XSS) in MiniCMS v1.10 allows remote attackers to execute arbitrary code by injecting commands via a crafted HTTP request to the component "/mc-admin/post-edit.php".
447 CVE-2020-17517 2021-04-27 2021-04-27
0.0
None ??? ??? ??? ??? ??? ???
The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access by default. The current security vulnerability allows access to keys and buckets through a curl command or an unauthenticated HTTP request. This enables unauthorized access to buckets and keys thereby exposing data to anonymous clients or users. This affected Apache Ozone prior to the 1.1.0 release. Improper Authorization vulnerability in __COMPONENT__ of Apache Ozone allows an attacker to __IMPACT__. This issue affects Apache Ozone Apache Ozone version 1.0.0 and prior versions.
448 CVE-2020-17489 522 2020-08-11 2021-03-26
1.9
None Local Medium Not required Partial None None
An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging out of an account, the password box from the login dialog reappears with the password still visible. If the user had decided to have the password shown in cleartext at login time, it is then visible for a brief moment upon a logout. (If the password were never shown in cleartext, only the password length is revealed.)
449 CVE-2020-15250 732 Exec Code 2020-10-12 2021-11-18
1.9
None Local Medium Not required Partial None None
In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not allow other users to overwrite the contents of these directories or files. This is purely an information disclosure vulnerability. This vulnerability impacts you if the JUnit tests write sensitive information, like API keys or passwords, into the temporary folder, and the JUnit tests execute in an environment where the OS has other untrusted users. Because certain JDK file system APIs were only added in JDK 1.7, this this fix is dependent upon the version of the JDK you are using. For Java 1.7 and higher users: this vulnerability is fixed in 4.13.1. For Java 1.6 and lower users: no patch is available, you must use the workaround below. If you are unable to patch, or are stuck running on Java 1.6, specifying the `java.io.tmpdir` system environment variable to a directory that is exclusively owned by the executing user will fix this vulnerability. For more information, including an example of vulnerable code, see the referenced GitHub Security Advisory.
450 CVE-2020-15153 89 Sql 2021-04-30 2021-04-30
0.0
None ??? ??? ??? ??? ??? ???
Ampache before version 4.2.2 allows unauthenticated users to perform SQL injection. Refer to the referenced GitHub Security Advisory for details and a workaround. This is fixed in version 4.2.2 and the development branch.
Total number of vulnerabilities : 1738   Page : 1 2 3 4 5 6 7 8 9 (This Page)10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.