CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
901 CVE-2020-29552 78 Exec Code 2020-12-23 2020-12-29
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in URVE Build 24.03.2020. By using the _internal/pc/vpro.php?mac=0&ip=0&operation=0&usr=0&pass=0%3bpowershell+-c+" substring, it is possible to execute a Powershell command and redirect its output to a file under the web root.
902 CVE-2020-29495 78 Exec Code 2021-01-14 2021-01-21
10.0
None Remote Low Not required Complete Complete Complete
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS with high privileges. This vulnerability is considered critical as it can be leveraged to completely compromise the vulnerable application as well as the underlying operating system. Dell recommends customers to upgrade at the earliest opportunity.
903 CVE-2020-29390 78 Exec Code 2020-11-30 2020-12-03
10.0
None Remote Low Not required Complete Complete Complete
Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi-bin/kerbynet StartSessionSubmit parameter that could allow an unauthenticated attacker to execute a system command by using shell metacharacters and the %0a character.
904 CVE-2020-29389 306 2020-12-02 2020-12-22
10.0
None Remote Low Not required Complete Complete Complete
The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user. System using the Crux Linux Docker container deployed by affected versions of the Docker image may allow an attacker to achieve root access with a blank password.
905 CVE-2020-29381 77 2020-11-29 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. Command injection can occur in "upload tftp syslog" and "upload tftp configuration" in the CLI via a crafted filename.
906 CVE-2020-29378 269 2020-11-29 2021-07-21
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1.01.48, V1600G1 V2.0.7 and V1.9.7, and V1600G2 V1.1.4 OLT devices. It is possible to elevate the privilege of a CLI user (to full administrative access) by using the password !j@l#y$z%x6x7q8c9z) for the enable command.
907 CVE-2020-29367 787 Overflow 2020-11-27 2020-12-03
9.3
None Remote Medium Not required Complete Complete Complete
blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
908 CVE-2020-29311 77 Exec Code 2020-12-10 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command that is injected inside the config file and being triggered by another part of the software.
909 CVE-2020-29299 77 2020-12-27 2021-01-05
9.0
None Remote Low ??? Complete Complete Complete
Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before SD-OS V10.03 week32, USG before ZLD V4.39 week38, USG FLEX before ZLD V4.55 week38, ATP before ZLD V4.55 week38, and NSG before 1.33 patch 4.
910 CVE-2020-29127 287 2020-11-30 2020-12-03
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. After logging into the portal as a root user (using any web browser), the portal can be accessed with root privileges when the URI cgi-bin/csp?cspid={XXXXXXXXXX}&csppage=cgi_PgOverview&csplang=en is visited from a different web browser.
911 CVE-2020-29056 77 2020-11-24 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P, 97028P, 97042P, 97084P, 97168P, FD1002S, FD1104, FD1104B, FD1104S, FD1104SN, FD1108S, FD1204S-R2, FD1204SN, FD1204SN-R2, FD1208S-R2, FD1216S-R1, FD1608GS, FD1608SN, FD1616GS, FD1616SN, and FD8000 devices. One can escape from a shell and acquire root privileges by leveraging the TFTP download configuration.
912 CVE-2020-29017 78 Exec Code 2021-01-14 2021-01-20
9.0
None Remote Low ??? Complete Complete Complete
An OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3.0.0 may allow a remote authenticated attacker to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page.
913 CVE-2020-29000 +Priv 2021-01-26 2021-02-03
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the RTSP service that allows a remote attacker to take full control of the device with a high-privileged account. By sending a crafted message, an attacker is able to remotely deliver a telnet session. Any attacker that has the ability to control DNS can exploit this vulnerability to remotely login to the device and gain access to the camera system.
914 CVE-2020-28998 798 2021-01-26 2021-02-03
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the Telnet service that allows a remote attacker to take full control of the device with a high-privileged account. The vulnerability exists because a system account has a default and static password.
915 CVE-2020-28967 120 Overflow 2021-10-22 2021-10-28
9.0
None Remote Low ??? Complete Complete Complete
FlashGet v1.9.6 was discovered to contain a buffer overflow in the 'current path directory' function. This vulnerability allows attackers to elevate local process privileges via overwriting the registers.
916 CVE-2020-28960 89 Sql 2021-10-22 2021-10-28
10.0
None Remote Low Not required Complete Complete Complete
Chichen Tech CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the file product_list.php via the id and cid parameters.
917 CVE-2020-28951 416 2020-11-19 2020-12-02
10.0
None Remote Low Not required Complete Complete Complete
libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uci_parse_package in file.c and uci_strdup in util.c.
918 CVE-2020-28910 276 2021-05-24 2021-05-28
10.0
None Remote Low Not required Complete Complete Complete
Creation of a Temporary Directory with Insecure Permissions in Nagios XI 5.7.5 and earlier allows for Privilege Escalation via creation of symlinks, which are mishandled in getprofile.sh.
919 CVE-2020-28909 732 2021-05-24 2021-06-03
9.0
None Remote Low ??? Complete Complete Complete
Incorrect File Permissions in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root via modification of scripts. Low-privileges users are able to modify files that can be executed by sudo.
920 CVE-2020-28907 295 Exec Code 2021-05-24 2021-06-03
10.0
None Remote Low Not required Complete Complete Complete
Incorrect SSL certificate validation in Nagios Fusion 4.1.8 and earlier allows for Escalation of Privileges or Code Execution as root via vectors related to download of an untrusted update package in upgrade_to_latest.sh.
921 CVE-2020-28906 276 2021-05-24 2021-05-28
9.0
None Remote Low ??? Complete Complete Complete
Incorrect File Permissions in Nagios XI 5.7.5 and earlier and Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to root. Low-privileged users are able to modify files that are included (aka sourced) by scripts executed by root.
922 CVE-2020-28902 77 2021-05-24 2021-05-28
10.0
None Remote Low Not required Complete Complete Complete
Command Injection in Nagios Fusion 4.1.8 and earlier allows Privilege Escalation from apache to root in cmd_subsys.php.
923 CVE-2020-28901 77 Exec Code 2021-05-24 2021-05-28
10.0
None Remote Low Not required Complete Complete Complete
Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation or Code Execution as root via vectors related to corrupt component installation in cmd_subsys.php.
924 CVE-2020-28900 345 Exec Code 2021-05-24 2021-05-28
10.0
None Remote Low Not required Complete Complete Complete
Insufficient Verification of Data Authenticity in Nagios Fusion 4.1.8 and earlier and Nagios XI 5.7.5 and earlier allows for Escalation of Privileges or Code Execution as root via vectors related to an untrusted update package to upgrade_to_latest.sh.
925 CVE-2020-28845 1236 2020-11-20 2020-12-02
9.3
None Remote Medium Not required Complete Complete Complete
A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated user to inject malicious payload in admin's portal thus leads to compromise admin's system.
926 CVE-2020-28693 434 2020-11-16 2020-11-30
9.0
None Remote Low ??? Complete Complete Complete
An unrestricted file upload issue in HorizontCMS 1.0.0-beta allows an authenticated remote attacker to upload PHP code through a zip file by uploading a theme, and executing the PHP file via an HTTP GET request to /themes/<php_file_name>
927 CVE-2020-28688 434 2020-11-17 2020-12-02
9.0
None Remote Low ??? Complete Complete Complete
The add artwork functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files.
928 CVE-2020-28687 434 2020-11-17 2020-12-02
9.0
None Remote Low ??? Complete Complete Complete
The edit profile functionality in ARTWORKS GALLERY IN PHP, CSS, JAVASCRIPT, AND MYSQL 1.0 allows remote attackers to upload arbitrary files.
929 CVE-2020-28672 Exec Code 2021-01-07 2021-01-12
9.0
None Remote Low ??? Complete Complete Complete
MonoCMS Blog 1.0 is affected by incorrect access control that can lead to remote arbitrary code execution. At monofiles/category.php:27, user input can be saved to category/[foldername]/index.php causing RCE.
930 CVE-2020-28648 20 Exec Code 2020-11-16 2021-05-26
9.0
None Remote Low ??? Complete Complete Complete
Improper input validation in the Auto-Discovery component of Nagios XI before 5.7.5 allows an authenticated attacker to execute remote code.
931 CVE-2020-28581 78 Exec Code 2020-11-18 2020-11-28
9.0
None Remote Low ??? Complete Complete Complete
A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.
932 CVE-2020-28580 78 Exec Code 2020-11-18 2020-11-28
9.0
None Remote Low ??? Complete Complete Complete
A command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.
933 CVE-2020-28464 77 2021-01-04 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
This affects the package djv before 2.1.4. By controlling the schema file, an attacker can run arbitrary JavaScript code on the victim machine.
934 CVE-2020-28347 77 Exec Code 2020-11-08 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. NOTE: this issue exists because of an incomplete fix for CVE-2020-10882 in which shell quotes are mishandled.
935 CVE-2020-28334 798 2020-11-24 2020-12-03
10.0
None Remote Low Not required Complete Complete Complete
Barco wePresent WiPG-1600W devices use Hard-coded Credentials (issue 2 of 2). Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W device has a hardcoded root password hash included in the firmware image. Exploiting CVE-2020-28329, CVE-2020-28330 and CVE-2020-28331 could potentially be used in a simple and automated exploit chain to go from unauthenticated remote attacker to root shell.
936 CVE-2020-28328 434 Exec Code 2020-11-06 2021-11-17
9.0
None Remote Low ??? Complete Complete Complete
SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, logger_file_name can refer to an attacker-controlled .php file under the web root.
937 CVE-2020-28251 269 2020-12-03 2021-07-21
9.3
None Remote Medium Not required Complete Complete Complete
NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a sensor escalated privileges vulnerability that can be exploited to provide someone with administrative access to a sensor, with credentials to invoke a command to provide root access to the operating system. The attacker must complete a straightforward password-cracking exercise.
938 CVE-2020-28250 2020-11-06 2020-11-19
10.0
None Remote Low Not required Complete Complete Complete
Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side.
939 CVE-2020-28221 20 Exec Code 2021-01-26 2021-02-12
9.3
None Remote Medium Not required Complete Complete Complete
A CWE-20: Improper Input Validation vulnerability exists in EcoStruxureâ„¢ Operator Terminal Expert and Pro-face BLUE (version details in the notification) that could cause arbitrary code execution when the Ethernet Download feature is enable on the HMI.
940 CVE-2020-28188 78 Exec Code 2020-12-24 2021-02-02
10.0
None Remote Low Not required Complete Complete Complete
Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inject OS commands via /include/makecvs.php in Event parameter.
941 CVE-2020-28187 22 Dir. Trav. 2020-12-24 2020-12-28
10.0
None Remote Low Not required Complete Complete Complete
Multiple directory traversal vulnerabilities in TerraMaster TOS <= 4.2.06 allow remote authenticated attackers to read, edit or delete any file within the filesystem via the (1) filename parameter to /tos/index.php?editor/fileGet, Event parameter to /include/ajax/logtable.php, or opt parameter to /include/core/index.php.
942 CVE-2020-28183 89 Sql 2020-11-17 2020-12-01
10.0
None Remote Low Not required Complete Complete Complete
SQL injection vulnerability in SourceCodester Water Billing System 1.0 via the username and password parameters to process.php.
943 CVE-2020-28130 434 Exec Code 2020-11-17 2020-11-23
10.0
None Remote Low Not required Complete Complete Complete
An Arbitrary File Upload in the Upload Image component in SourceCodester Online Library Management System 1.0 allows the user to conduct remote code execution via admin/borrower/index.php?view=add because .php files can be uploaded to admin/borrower/photos (under the web root).
944 CVE-2020-28026 88 Exec Code 2021-05-06 2021-05-10
9.3
None Remote Medium Not required Complete Complete Complete
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification (DSN). Certain uses of ORCPT= can place a newline into a spool header file, and indirectly allow unauthenticated remote attackers to execute arbitrary commands as root.
945 CVE-2020-28021 Exec Code 2021-05-06 2021-05-10
9.0
None Remote Low ??? Complete Complete Complete
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters. An authenticated remote SMTP client can insert newline characters into a spool file (which indirectly leads to remote code execution as root) via AUTH= in a MAIL FROM command.
946 CVE-2020-27976 78 2020-10-28 2020-10-29
10.0
None Remote Low Not required Complete Complete Complete
osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php, a from POST parameter can be passed to the application. This affects the PHP mail function, and the sendmail -f option.
947 CVE-2020-27955 427 Exec Code 2020-11-05 2021-09-16
10.0
None Remote Low Not required Complete Complete Complete
Git LFS 2.12.0 allows Remote Code Execution.
948 CVE-2020-27947 119 Exec Code Overflow Mem. Corr. 2021-04-02 2021-04-08
9.3
None Remote Medium Not required Complete Complete Complete
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. An application may be able to execute arbitrary code with kernel privileges.
949 CVE-2020-27941 Exec Code 2021-04-02 2021-04-13
9.3
None Remote Medium Not required Complete Complete Complete
A validation issue was addressed with improved logic. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. An application may be able to execute arbitrary code with kernel privileges.
950 CVE-2020-27932 843 Exec Code 2020-12-08 2021-02-11
9.3
None Remote Medium Not required Complete Complete Complete
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplemental Update, macOS Catalina 10.15.7 Update. A malicious application may be able to execute arbitrary code with kernel privileges.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.