# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2020-35863 |
94 |
|
Exec Code |
2020-12-31 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in the hyper crate before 0.12.34 for Rust. HTTP request smuggling can occur. Remote code execution can occur in certain situations with an HTTP server on the loopback interface. |
2 |
CVE-2020-35858 |
400 |
|
DoS Exec Code |
2020-12-31 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in the prost crate before 0.6.1 for Rust. There is stack consumption via a crafted message, causing a denial of service (e.g., x86) or possibly remote code execution (e.g., ARM). |
3 |
CVE-2020-35851 |
78 |
|
Exec Code |
2020-12-31 |
2021-01-07 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
HGiga MailSherlock does not validate specific parameters properly. Attackers can use the vulnerability to launch Command inject attacks remotely and execute arbitrary commands of the system. |
4 |
CVE-2020-35715 |
78 |
|
Exec Code |
2020-12-26 |
2020-12-28 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote authenticated users to execute arbitrary commands via shell metacharacters in a filename to the upload_settings.cgi page. |
5 |
CVE-2020-35714 |
77 |
|
Exec Code |
2020-12-26 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authenticated users to execute arbitrary commands via goform/systemCommand?command= in conjunction with the goform/pingstart program. |
6 |
CVE-2020-35713 |
78 |
|
Exec Code |
2020-12-26 |
2020-12-28 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary commands or set a new password via shell metacharacters to the goform/setSysAdm page. |
7 |
CVE-2020-35665 |
78 |
|
Exec Code |
2020-12-23 |
2022-04-26 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via shell metacharacters in the Event parameter in include/makecvs.php during CSV creation. |
8 |
CVE-2020-35657 |
434 |
|
Exec Code |
2020-12-23 |
2020-12-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of UploadTheme to upload a theme ZIP archive containing a .php file that is able to execute OS commands. NOTE: this is unrelated to the JAWS (aka Job Access With Speech) product. |
9 |
CVE-2020-35656 |
434 |
|
Exec Code |
2020-12-23 |
2020-12-23 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary code via crafted use of admin.php?reqGadget=Components&reqAction=InstallGadget&comp=FileBrowser and admin.php?reqGadget=FileBrowser&reqAction=Files to upload a .php file. NOTE: this is unrelated to the JAWS (aka Job Access With Speech) product. |
10 |
CVE-2020-35627 |
434 |
|
Exec Code |
2020-12-28 |
2020-12-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vulnerability in the Custom GiftCard Template that can remotely execute arbitrary code. Once it contains the function "Custom Gift Card Template", the function of uploading a custom image is used, changing the name of the image extension to PHP and executing PHP code on the server. |
11 |
CVE-2020-35608 |
74 |
|
Exec Code |
2020-12-22 |
2020-12-23 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
A code execution vulnerability exists in the normal world’s signed code execution functionality of Microsoft Azure Sphere 20.07. A specially crafted AF_PACKET socket can cause a process to create an executable memory mapping with controllable content. An attacker can execute a shellcode that uses the PACKET_MMAP functionality to trigger this vulnerability. |
12 |
CVE-2020-35606 |
78 |
|
Exec Code |
2020-12-21 |
2022-04-26 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary commands with root privileges via vectors involving %0A and %0C. NOTE: this issue exists because of an incomplete fix for CVE-2019-12840. |
13 |
CVE-2020-35605 |
|
|
Exec Code |
2020-12-21 |
2020-12-27 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The Graphics Protocol feature in graphics.c in kitty before 0.19.3 allows remote attackers to execute arbitrary code because a filename containing special characters can be included in an error message. |
14 |
CVE-2020-35489 |
434 |
|
Exec Code |
2020-12-17 |
2020-12-22 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
The contact-form-7 (aka Contact Form 7) plugin before 5.3.2 for WordPress allows Unrestricted File Upload and remote code execution because a filename may contain special characters. |
15 |
CVE-2020-35476 |
77 |
|
Exec Code |
2020-12-16 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is then executed via the mygnuplot.sh shell script. (tsd/GraphHandler.java attempted to prevent command injections by blocking backticks but this is insufficient.) |
16 |
CVE-2020-35378 |
89 |
|
Exec Code Sql Bypass |
2020-12-14 |
2020-12-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
SQL Injection in the login page in Online Bus Ticket Reservation 1.0 allows attackers to execute arbitrary SQL commands and bypass authentication via the username and password fields. |
17 |
CVE-2020-35370 |
94 |
|
Exec Code |
2020-12-23 |
2021-07-21 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
A RCE vulnerability exists in Raysync below 3.3.3.8. An unauthenticated unauthorized attacker sending a specifically crafted request to override the specific file in server with malicious content can login as "admin", then to modify specific shell file to achieve remote code execution(RCE) on the hosting server. |
18 |
CVE-2020-35235 |
|
|
Exec Code |
2020-12-14 |
2020-12-15 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
** UNSUPPORTED WHEN ASSIGNED ** vendor/elfinder/php/connector.minimal.php in the secure-file-manager plugin through 2.5 for WordPress loads elFinder code without proper access control. Thus, any authenticated user can run the elFinder upload command to achieve remote code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
19 |
CVE-2020-35136 |
77 |
|
Exec Code |
2020-12-23 |
2021-07-21 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution. An attacker who has the access the admin dashboard can manipulate the backup function by inserting a payload into the filename for the zipfilename_template parameter to admin/tools/dolibarr_export.php. |
20 |
CVE-2020-29659 |
120 |
|
Exec Code Overflow |
2020-12-09 |
2020-12-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack. |
21 |
CVE-2020-29607 |
434 |
|
Exec Code +Priv Bypass |
2020-12-16 |
2022-02-07 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
A file upload restriction bypass vulnerability in Pluck CMS before 4.7.13 allows an admin privileged user to gain access in the host through the "manage files" functionality, which may result in remote code execution. |
22 |
CVE-2020-29552 |
78 |
|
Exec Code |
2020-12-23 |
2020-12-29 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in URVE Build 24.03.2020. By using the _internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0%3bpowershell+-c+" substring, it is possible to execute a Powershell command and redirect its output to a file under the web root. |
23 |
CVE-2020-29474 |
89 |
|
Exec Code Sql |
2020-12-24 |
2021-04-22 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
EGavilan Media EGM Address Book 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution. |
24 |
CVE-2020-29472 |
89 |
|
Exec Code Sql |
2020-12-24 |
2021-04-22 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
EGavilan Media Under Construction page with cPanel 1.0 contains a SQL injection vulnerability. An attacker can gain Admin Panel access using malicious SQL injection queries to perform remote arbitrary code execution. |
25 |
CVE-2020-29471 |
79 |
|
Exec Code XSS |
2020-12-29 |
2020-12-30 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Profile Image. An admin can upload a profile image as a malicious code using JavaScript. Whenever anyone will see the profile picture, the code will execute and XSS will trigger. |
26 |
CVE-2020-29396 |
|
|
Exec Code |
2020-12-22 |
2021-10-19 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
A sandboxing issue in Odoo Community 11.0 through 13.0 and Odoo Enterprise 11.0 through 13.0, when running with Python 3.6 or later, allows remote authenticated users to execute arbitrary code, leading to privilege escalation. |
27 |
CVE-2020-29394 |
787 |
|
Exec Code Overflow |
2020-11-30 |
2021-12-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument). |
28 |
CVE-2020-29390 |
78 |
|
Exec Code |
2020-11-30 |
2020-12-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi-bin/kerbynet StartSessionSubmit parameter that could allow an unauthenticated attacker to execute a system command by using shell metacharacters and the %0a character. |
29 |
CVE-2020-29385 |
835 |
|
DoS Exec Code |
2020-12-26 |
2021-03-22 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
GNOME gdk-pixbuf (aka GdkPixbuf) before 2.42.2 allows a denial of service (infinite loop) in lzw.c in the function write_indexes. if c->self_code equals 10, self->code_table[10].extends will assign the value 11 to c. The next execution in the loop will assign self->code_table[11].extends to c, which will give the value of 10. This will make the loop run infinitely. This bug can, for example, be triggered by calling this function with a GIF image with LZW compression that is crafted in a special way. |
30 |
CVE-2020-29311 |
77 |
|
Exec Code |
2020-12-10 |
2021-07-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command that is injected inside the config file and being triggered by another part of the software. |
31 |
CVE-2020-29279 |
|
|
Exec Code File Inclusion |
2020-12-02 |
2020-12-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
PHP remote file inclusion in the assign_resume_tpl method in Application/Common/Controller/BaseController.class.php in 74CMS before 6.0.48 allows remote code execution. |
32 |
CVE-2020-29227 |
|
|
Exec Code File Inclusion |
2020-12-14 |
2020-12-15 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in Car Rental Management System 1.0. An unauthenticated user can perform a file inclusion attack against the /index.php file with a partial filename in the "page" parameter, to cause local file inclusion resulting in code execution. |
33 |
CVE-2020-28971 |
287 |
|
Exec Code Bypass |
2020-12-01 |
2022-04-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to execute privileged commands on the device via a cookie, because of insufficient validation of URI paths. |
34 |
CVE-2020-28970 |
287 |
|
Exec Code Bypass |
2020-12-01 |
2022-04-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
An issue was discovered on Western Digital My Cloud OS 5 devices before 5.06.115. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to execute privileged commands on the device via a cookie. (In addition, an upload endpoint could then be used by an authenticated administrator to upload executable PHP scripts.) |
35 |
CVE-2020-28940 |
287 |
|
Exec Code Bypass |
2020-12-01 |
2022-04-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admin dashboard has an authentication bypass vulnerability that could allow an unauthenticated user to execute privileged commands on the device. |
36 |
CVE-2020-28939 |
434 |
|
Exec Code |
2020-12-03 |
2020-12-07 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious files, such as PHP web shells, which can lead to arbitrary code execution on the application server. |
37 |
CVE-2020-28926 |
120 |
|
Exec Code Overflow |
2020-11-30 |
2020-12-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove. |
38 |
CVE-2020-28922 |
269 |
|
Exec Code |
2020-11-27 |
2021-07-21 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in Devid Espenschied PC Analyser through 4.10. The PCADRVX64.SYS kernel driver exposes IOCTL functionality that allows low-privilege users to read and write arbitrary physical memory. This could lead to arbitrary Ring-0 code execution and escalation of privileges. |
39 |
CVE-2020-28921 |
269 |
|
Exec Code |
2020-11-27 |
2021-07-21 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
An issue was discovered in Devid Espenschied PC Analyser through 4.10. The PCADRVX64.SYS kernel driver exposes IOCTL functionality that allows low-privilege users to read and write to arbitrary Model Specific Registers (MSRs). This could lead to arbitrary Ring-0 code execution and escalation of privileges. |
40 |
CVE-2020-28656 |
354 |
|
Exec Code |
2020-11-16 |
2020-12-02 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
The update functionality of the Discover Media infotainment system in Volkswagen Polo 2019 vehicles allows physically proximate attackers to execute arbitrary code because some unsigned parts of a metainfo file are parsed, which can cause attacker-controlled files to be written to the infotainment system and executed as root. |
41 |
CVE-2020-28648 |
20 |
|
Exec Code |
2020-11-16 |
2021-05-26 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code. |
42 |
CVE-2020-28647 |
79 |
|
Exec Code XSS |
2020-11-17 |
2020-12-18 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
In Progress MOVEit Transfer before 2020.1, a malicious user could craft and store a payload within the application. If a victim within the MOVEit Transfer instance interacts with the stored payload, it could invoke and execute arbitrary code within the context of the victim's browser (XSS). |
43 |
CVE-2020-28581 |
78 |
|
Exec Code |
2020-11-18 |
2020-11-28 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges. |
44 |
CVE-2020-28580 |
78 |
|
Exec Code |
2020-11-18 |
2020-11-28 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
A command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges. |
45 |
CVE-2020-28579 |
787 |
|
Exec Code |
2020-11-18 |
2020-12-02 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges. |
46 |
CVE-2020-28578 |
787 |
|
Exec Code |
2020-11-18 |
2020-11-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges. |
47 |
CVE-2020-28575 |
787 |
|
Exec Code Overflow |
2020-12-01 |
2020-12-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute high-privileged code on the target in order to exploit this vulnerability. |
48 |
CVE-2020-28415 |
79 |
|
Exec Code XSS |
2020-11-12 |
2020-11-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
A reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28414). |
49 |
CVE-2020-28414 |
79 |
|
Exec Code XSS |
2020-11-12 |
2020-11-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
A reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28415). |
50 |
CVE-2020-28373 |
787 |
|
Exec Code Overflow |
2020-11-09 |
2020-11-23 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
upnpd on certain NETGEAR devices allows remote (LAN) attackers to execute arbitrary code via a stack-based buffer overflow. This affects R6400v2 V1.0.4.102_10.0.75, R6400 V1.0.1.62_1.0.41, R7000P V1.3.2.126_10.1.66, XR300 V1.0.3.50_10.3.36, R8000 V1.0.4.62, R8300 V1.0.2.136, R8500 V1.0.2.136, R7300DST V1.0.0.74, R7850 V1.0.5.64, R7900 V1.0.4.30, RAX20 V1.0.2.64, RAX80 V1.0.3.102, and R6250 V1.0.4.44. |