CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
801 CVE-2020-9040 295 2020-06-08 2020-06-11
5.0
None Remote Low Not required None Partial None
Couchbase Server Java SDK before 2.7.1.1 allows a potential attacker to forge an SSL certificate and pose as the intended peer. An attacker can leverage this flaw by crafting a cryptographically valid certificate that will be accepted by Java SDK's Netty component due to missing hostname verification.
802 CVE-2020-8967 89 Sql 2020-06-01 2020-06-04
7.5
None Remote Low Not required Partial Partial Partial
There is an improper Neutralization of Special Elements used in an SQL Command (SQL Injection) vulnerability in php files of GESIO ERP. GESIO ERP all versions prior to 11.2 allows malicious users to retrieve all database information.
803 CVE-2020-8954 276 2020-06-08 2020-06-11
5.8
None Remote Medium Not required Partial Partial None
OpenSearch Web browser 1.0.4.9 allows Intent Scheme Hijacking.[a link that opens another app in the browser can be manipulated]
804 CVE-2020-8933 276 +Priv 2020-06-22 2020-07-20
6.9
None Local Medium Not required Complete Complete Complete
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using the membership to the "lxd" group, an attacker can attach host devices and filesystems. Within an lxc container, it is possible to attach the host OS filesystem and modify /etc/sudoers to then gain administrative privileges. All images created after 2020-May-07 (20200507) are fixed, and if you cannot update, we recommend you edit /etc/group/security.conf and remove the "lxd" user from the OS Login entry.
805 CVE-2020-8907 276 +Priv 2020-06-22 2020-07-20
6.9
None Local Medium Not required Complete Complete Complete
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "docker" group, an attacker with this role is able to run docker and mount the host OS. Within docker, it is possible to modify the host OS filesystem and modify /etc/groups to gain administrative privileges. All images created after 2020-May-07 (20200507) are fixed, and if you cannot update, we recommend you edit /etc/group/security.conf and remove the "docker" user from the OS Login entry.
806 CVE-2020-8903 276 2020-06-22 2020-07-20
6.9
None Local Medium Not required Complete Complete Complete
A vulnerability in Google Cloud Platform's guest-oslogin versions between 20190304 and 20200507 allows a user that is only granted the role "roles/compute.osLogin" to escalate privileges to root. Using their membership to the "adm" group, users with this role are able to read the DHCP XID from the systemd journal. Using the DHCP XID, it is then possible to set the IP address and hostname of the instance to any value, which is then stored in /etc/hosts. An attacker can then point metadata.google.internal to an arbitrary IP address and impersonate the GCE metadata server which make it is possible to instruct the OS Login PAM module to grant administrative privileges. All images created after 2020-May-07 (20200507) are fixed, and if you cannot update, we recommend you edit /etc/group/security.conf and remove the "adm" user from the OS Login entry.
807 CVE-2020-8675 269 2020-06-15 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
Insufficient control flow management in firmware build and signing tool for Intel(R) Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
808 CVE-2020-8674 125 2020-06-15 2021-03-18
5.0
None Remote Low Not required Partial None None
Out-of-bounds read in DHCPv6 subsystem in Intel(R) AMT and Intel(R)ISM versions before 11.8.77, 11.12.77, 11.22.77, 12.0.64 and 14.0.33 may allow an unauthenticated user to potentially enable information disclosure via network access.
809 CVE-2020-8619 404 DoS 2020-06-17 2020-10-20
4.0
None Remote Low ??? None None Partial
In ISC BIND9 versions BIND 9.11.14 -> 9.11.19, BIND 9.14.9 -> 9.14.12, BIND 9.16.0 -> 9.16.3, BIND Supported Preview Edition 9.11.14-S1 -> 9.11.19-S1: Unless a nameserver is providing authoritative service for one or more zones and at least one zone contains an empty non-terminal entry containing an asterisk ("*") character, this defect cannot be encountered. A would-be attacker who is allowed to change zone content could theoretically introduce such a record in order to exploit this condition to cause denial of service, though we consider the use of this vector unlikely because any such attack would require a significant privilege level and be easily traceable.
810 CVE-2020-8618 617 2020-06-17 2020-10-20
4.0
None Remote Low ??? None None Partial
An attacker who is permitted to send zone data to a server via zone transfer can exploit this to intentionally trigger the assertion failure with a specially constructed zone, denying service to clients.
811 CVE-2020-8573 798 DoS 2020-06-29 2020-07-17
4.0
None Remote Low ??? None None Partial
The NetApp HCI H610C, H615C and H610S Baseboard Management Controllers (BMC) are shipped with a documented default account and password that should be changed during the initial node setup. During upgrades to Element 11.8 and 12.0 or the Compute Firmware Bundle 12.2.92 the BMC account password on the H610C, H615C and H610S platforms is reset to the default documented value which could allow remote attackers to cause a Denial of Service (DoS).
812 CVE-2020-8555 918 +Info 2020-06-05 2021-05-04
3.5
None Remote Medium ??? Partial None None
The Kubernetes kube-controller-manager in versions v1.0-1.14, versions prior to v1.15.12, v1.16.9, v1.17.5, and version v1.18.0 are vulnerable to a Server Side Request Forgery (SSRF) that allows certain authorized users to leak up to 500 bytes of arbitrary information from unprotected endpoints within the master's host network (such as link-local or loopback services).
813 CVE-2020-8544 918 2020-06-16 2020-06-17
4.0
None Remote Low ??? Partial None None
OX App Suite through 7.10.3 allows SSRF.
814 CVE-2020-8543 400 2020-06-16 2021-07-21
5.0
None Remote Low Not required None None Partial
OX App Suite through 7.10.3 has Improper Input Validation.
815 CVE-2020-8542 79 XSS 2020-06-16 2020-08-22
3.5
None Remote Medium ??? None Partial None
OX App Suite through 7.10.3 allows XSS.
816 CVE-2020-8541 611 2020-06-16 2020-06-17
4.0
None Remote Low ??? Partial None None
OX App Suite through 7.10.3 allows XXE attacks.
817 CVE-2020-8337 428 Exec Code 2020-06-09 2020-06-19
7.2
None Local Low Not required Complete Complete Complete
An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an administrative user to execute arbitrary code.
818 CVE-2020-8336 2020-06-09 2020-06-22
4.6
None Local Low Not required Partial Partial Partial
Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash.
819 CVE-2020-8334 863 2020-06-09 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T495s, X395, T495, A485, A285, A475, A275 which may allow for unauthorized access.
820 CVE-2020-8323 Exec Code 2020-06-09 2020-06-22
4.6
None Local Low Not required Partial Partial Partial
A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution.
821 CVE-2020-8322 Exec Code 2020-06-09 2020-06-17
4.6
None Local Low Not required Partial Partial Partial
A potential vulnerability in the SMI callback function used in the Legacy USB driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution.
822 CVE-2020-8321 Exec Code 2020-06-09 2020-06-22
4.6
None Local Low Not required Partial Partial Partial
A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution.
823 CVE-2020-8320 269 2020-06-09 2020-06-17
4.6
None Local Low Not required Partial Partial Partial
An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege.
824 CVE-2020-8184 20 2020-06-19 2020-10-05
5.0
None Remote Low Not required None Partial None
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie prefix.
825 CVE-2020-8180 94 2020-06-08 2020-06-11
6.5
None Remote Low ??? Partial Partial Partial
A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed a code injection when a not correctly sanitized talk command was added by an administrator.
826 CVE-2020-8172 295 Bypass 2020-06-08 2021-07-20
5.8
None Remote Medium Not required Partial Partial None
TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.
827 CVE-2020-8167 352 CSRF 2020-06-19 2021-10-21
4.3
None Remote Medium Not required None Partial None
A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.
828 CVE-2020-8165 502 2020-06-19 2020-10-17
7.5
None Remote Low Not required Partial Partial Partial
A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore potentially resulting in an RCE.
829 CVE-2020-8164 502 +Info 2020-06-19 2020-09-30
5.0
None Remote Low Not required Partial None None
A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.
830 CVE-2020-8162 434 Bypass 2020-06-19 2020-09-25
5.0
None Remote Low Not required None Partial None
A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be modified by an end user bypassing upload limits.
831 CVE-2020-8103 59 2020-06-05 2020-06-11
3.6
None Local Low Not required None Partial Partial
A vulnerability in the improper handling of symbolic links in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issue affects Bitdefender Antivirus Free versions prior to 1.0.17.178.
832 CVE-2020-8102 20 2020-06-22 2020-06-26
6.8
None Remote Medium Not required Partial Partial Partial
Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Utility process. This issue affects Bitdefender Total Security 2020 versions prior to 24.0.20.116.
833 CVE-2020-8024 276 2020-06-29 2020-07-22
6.8
None Remote Medium Not required Partial Partial Partial
A Incorrect Default Permissions vulnerability in the packaging of hylafax+ of openSUSE Leap 15.2, openSUSE Leap 15.1, openSUSE Factory allows local attackers to escalate from user uucp to users calling hylafax binaries. This issue affects: openSUSE Leap 15.2 hylafax+ versions prior to 7.0.2-lp152.2.1. openSUSE Leap 15.1 hylafax+ version 5.6.1-lp151.3.7 and prior versions. openSUSE Factory hylafax+ versions prior to 7.0.2-2.1.
834 CVE-2020-8022 276 2020-06-29 2021-03-17
7.2
None Local Low Not required Complete Complete Complete
A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux Enterprise Server 12-SP3-BCL, SUSE Linux Enterprise Server 12-SP3-LTSS, SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 12-SP5, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP 12-SP2, SUSE Linux Enterprise Server for SAP 12-SP3, SUSE Linux Enterprise Server for SAP 15, SUSE OpenStack Cloud 7, SUSE OpenStack Cloud 8, SUSE OpenStack Cloud Crowbar 8 allows local attackers to escalate from group tomcat to root. This issue affects: SUSE Enterprise Storage 5 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP2-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-BCL tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP3-LTSS tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server 12-SP4 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 12-SP5 tomcat versions prior to 9.0.35-3.39.1. SUSE Linux Enterprise Server 15-LTSS tomcat versions prior to 9.0.35-3.57.3. SUSE Linux Enterprise Server for SAP 12-SP2 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 12-SP3 tomcat versions prior to 8.0.53-29.32.1. SUSE Linux Enterprise Server for SAP 15 tomcat versions prior to 9.0.35-3.57.3. SUSE OpenStack Cloud 7 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud 8 tomcat versions prior to 8.0.53-29.32.1. SUSE OpenStack Cloud Crowbar 8 tomcat versions prior to 8.0.53-29.32.1.
835 CVE-2020-8019 61 2020-06-29 2020-07-09
7.2
None Local Low Not required Complete Complete Complete
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module for Legacy Software 12, SUSE Linux Enterprise Point of Sale 11-SP3, SUSE Linux Enterprise Server 11-SP4-LTSS, SUSE Linux Enterprise Server for SAP 12-SP1; openSUSE Backports SLE-15-SP1, openSUSE Leap 15.1 allowed local attackers controlling the user news to escalate their privileges to root. This issue affects: SUSE Linux Enterprise Debuginfo 11-SP3 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Debuginfo 11-SP4 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Module for Legacy Software 12 syslog-ng versions prior to 3.6.4-12.8.1. SUSE Linux Enterprise Point of Sale 11-SP3 syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Server 11-SP4-LTSS syslog-ng versions prior to 2.0.9-27.34.40.5.1. SUSE Linux Enterprise Server for SAP 12-SP1 syslog-ng versions prior to 3.6.4-12.8.1. openSUSE Backports SLE-15-SP1 syslog-ng versions prior to 3.19.1-bp151.4.6.1. openSUSE Leap 15.1 syslog-ng versions prior to 3.19.1-lp151.3.6.1.
836 CVE-2020-8014 61 2020-06-29 2020-07-09
7.2
None Local Low Not required Complete Complete Complete
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of kopano-spamd of openSUSE Leap 15.1, openSUSE Tumbleweed allowed local attackers with the privileges of the kopano user to escalate to root. This issue affects: openSUSE Leap 15.1 kopano-spamd versions prior to 10.0.5-lp151.4.1. openSUSE Tumbleweed kopano-spamd versions prior to 10.0.5-1.1.
837 CVE-2020-7932 200 +Info 2020-06-17 2020-06-24
3.5
None Remote Medium ??? Partial None None
OMERO.web before 5.6.3 optionally allows sensitive data elements (e.g., a session key) to be passed as URL query parameters. If an attacker tricks a user into clicking a malicious link in OMERO.web, the information in the query parameters may be exposed in the Referer header seen by the target. Information in the URL path such as object IDs may also be exposed.
838 CVE-2020-7816 787 Exec Code Overflow 2020-06-30 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability in the JPEG image parsing module in DaView Indy, DaVa+, DaOffice softwares could allow an unauthenticated, remote attacker to cause an arbitrary code execution on an affected device.nThe vulnerability is due to a stack overflow read. An attacker could exploit this vulnerability by sending a crafted PDF file to an affected device.
839 CVE-2020-7679 915 2020-06-19 2021-12-21
7.5
None Remote Low Not required Partial Partial Partial
In all versions of package casperjs, the mergeObjects utility function is susceptible to Prototype Pollution.
840 CVE-2020-7676 79 XSS 2020-06-08 2020-10-09
3.5
None Remote Medium ??? None Partial None
angular.js prior to 1.8.0 allows cross site scripting. The regex-based input HTML replacement may turn sanitized code into unsanitized one. Wrapping "<option>" elements in "<select>" ones changes parsing behavior, leading to possibly unsanitizing code.
841 CVE-2020-7675 20 Exec Code 2020-06-10 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
cd-messenger through 2.7.26 is vulnerable to Arbitrary Code Execution. User input provided to the `color` argument executed by the `eval` function resulting in code execution.
842 CVE-2020-7674 20 Exec Code 2020-06-10 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
access-policy through 3.1.0 is vulnerable to Arbitrary Code Execution. User input provided to the `template` function is executed by the `eval` function resulting in code execution.
843 CVE-2020-7673 20 Exec Code 2020-06-10 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. User input provided to the argument `A` of `extend` function`(A,B,as,isAargs)` located within `lib/extend.js` is executed by the `eval` function, resulting in code execution.
844 CVE-2020-7672 20 Exec Code 2020-06-10 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
mosc through 1.0.0 is vulnerable to Arbitrary Code Execution. User input provided to `properties` argument is executed by the `eval` function, resulting in code execution.
845 CVE-2020-7671 444 2020-06-10 2020-06-16
5.0
None Remote Low Not required None Partial None
goliath through 1.0.6 allows request smuggling attacks where goliath is used as a backend and a frontend proxy also being vulnerable. It is possible to conduct HTTP request smuggling attacks by sending the Content-Length header twice. Furthermore, invalid Transfer Encoding headers were found to be parsed as valid which could be leveraged for TE:CL smuggling attacks.
846 CVE-2020-7670 444 2020-06-10 2020-11-17
5.0
None Remote Low Not required None Partial None
agoo prior to 2.14.0 allows request smuggling attacks where agoo is used as a backend and a frontend proxy also being vulnerable. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct HTTP request smuggling attacks where `agoo` is used as part of a chain of backend servers due to insufficient `Content-Length` and `Transfer Encoding` parsing.
847 CVE-2020-7668 22 Dir. Trav. 2020-06-23 2022-01-01
5.0
None Remote Low Not required None Partial None
In all versions of the package github.com/unknwon/cae/tz, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..". This allows an attacker to add or replace files system-wide.
848 CVE-2020-7667 22 Dir. Trav. 2020-06-24 2021-12-21
5.0
None Remote Low Not required None Partial None
In package github.com/sassoftware/go-rpmutils/cpio before version 0.1.0, the CPIO extraction functionality doesn't sanitize the paths of the archived files for leading and non-leading ".." which leads in file extraction outside of the current directory. Note: the fixing commit was applied to all affected versions which were re-released.
849 CVE-2020-7664 22 Dir. Trav. 2020-06-23 2021-12-21
5.0
None Remote Low Not required None Partial None
In all versions of the package github.com/unknwon/cae/zip, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or non-leading "..". This allows an attacker to add or replace files system-wide.
850 CVE-2020-7663 DoS 2020-06-02 2020-09-17
5.0
None Remote Low Not required None None Partial
websocket-extensions ruby module prior to 0.1.5 allows Denial of Service (DoS) via Regex Backtracking. The extension parser may take quadratic time when parsing a header containing an unclosed string parameter value whose content is a repeating two-byte sequence of a backslash and some other character. This could be abused by an attacker to conduct Regex Denial Of Service (ReDoS) on a single-threaded server by providing a malicious payload with the Sec-WebSocket-Extensions header.
Total number of vulnerabilities : 1786   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 (This Page)18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.