CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2020-15026 22 Dir. Trav. 2020-06-24 2020-06-30
4.0
None Remote Low ??? Partial None None
Bludit 3.12.0 allows admins to use a /plugin-backup-download?file=../ directory traversal approach for arbitrary file download via backup/plugin.php.
52 CVE-2020-15025 401 DoS 2020-06-24 2021-01-20
4.0
None Remote Low ??? None None Partial
ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file.
53 CVE-2020-15018 384 2020-06-24 2020-07-08
6.4
None Remote Low Not required Partial Partial None
playSMS through 1.4.3 is vulnerable to session fixation.
54 CVE-2020-15017 79 XSS 2020-06-26 2020-07-01
4.3
None Remote Medium Not required None Partial None
NeDi 1.9C is vulnerable to reflected cross-site scripting. The Devices-Config.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the sta GET parameter.
55 CVE-2020-15016 79 XSS 2020-06-26 2020-07-01
4.3
None Remote Medium Not required None Partial None
NeDi 1.9C is vulnerable to reflected cross-site scripting. The Other-Converter.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the txt GET parameter.
56 CVE-2020-15015 79 XSS 2020-06-24 2020-06-29
4.3
None Remote Medium Not required None Partial None
The FileExplorer component in GleamTech FileUltimate 6.1.5.0 allows XSS via an SVG document.
57 CVE-2020-15014 352 CSRF 2020-06-24 2020-06-29
6.8
None Remote Medium Not required Partial Partial Partial
pramodmahato BlogCMS through 2019-12-31 has admin/changepass.php CSRF.
58 CVE-2020-15011 74 2020-06-24 2021-11-30
2.6
None Remote High Not required None Partial None
GNU Mailman before 2.1.33 allows arbitrary content injection via the Cgi/private.py private archive login page.
59 CVE-2020-15007 120 Exec Code Overflow 2020-06-24 2020-07-08
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow in the M_LoadDefaults function in m_misc.c in id Tech 1 (aka Doom engine) allows arbitrary code execution via an unsafe usage of fscanf, because it does not limit the number of characters to be read in a format argument.
60 CVE-2020-15006 79 XSS 2020-06-24 2020-07-02
3.5
None Remote Medium ??? None Partial None
Bludit 3.12.0 allows stored XSS via JavaScript code in an SVG document to bl-kernel/ajax/logo-upload.php.
61 CVE-2020-15005 200 +Info 2020-06-24 2021-07-21
2.6
None Remote High Not required Partial None None
In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching server using the img_auth.php image authorization security feature may have had their files cached publicly, so any unauthorized user could view them. This occurs because Cache-Control and Vary headers were mishandled.
62 CVE-2020-14993 787 Exec Code Overflow 2020-06-23 2020-06-29
7.5
None Remote Low Not required Partial Partial Partial
A stack-based buffer overflow on DrayTek Vigor2960, Vigor3900, and Vigor300B devices before 1.5.1.1 allows remote attackers to execute arbitrary code via the formuserphonenumber parameter in an authusersms action to mainfunction.cgi.
63 CVE-2020-14990 269 +Priv 2020-06-22 2021-07-21
3.6
None Local Low Not required None Partial Partial
IOBit Advanced SystemCare Free 13.5.0.263 allows local users to gain privileges for file deletion by manipulating the Clean & Optimize feature with an NTFS junction and an Object Manager symbolic link.
64 CVE-2020-14983 120 Overflow 2020-06-22 2020-07-08
7.5
None Remote Low Not required Partial Partial Partial
The server in Chocolate Doom 3.0.0 and Crispy Doom 5.8.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack.
65 CVE-2020-14981 295 2020-06-22 2020-07-06
4.3
None Remote Medium Not required Partial None None
The ThreatTrack VIPRE Password Vault app through 1.100.1090 for iOS has Missing SSL Certificate Validation.
66 CVE-2020-14980 295 2020-06-22 2020-07-06
4.3
None Remote Medium Not required Partial None None
The Sophos Secure Email application through 3.9.4 for Android has Missing SSL Certificate Validation.
67 CVE-2020-14978 862 Exec Code 2020-06-23 2021-07-21
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in F-Secure SAFE 17.7 on macOS. Due to incorrect client version verification, an attacker can connect to a privileged XPC service, and execute privileged commands on the system. NOTE: the attacker needs to execute code on an already compromised machine.
68 CVE-2020-14977 20 Exec Code 2020-06-23 2021-07-21
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in F-Secure SAFE 17.7 on macOS. The XPC services use the PID to identify the connecting client, which allows an attacker to perform a PID reuse attack and connect to a privileged XPC service, and execute privileged commands on the system. NOTE: the attacker needs to execute code on an already compromised machine.
69 CVE-2020-14976 200 +Info 2020-06-23 2021-07-21
4.9
None Local Low Not required Complete None None
GNS3 ubridge through 0.9.18 on macOS, as used in GNS3 server before 2.1.17, allows a local attacker to read arbitrary files because it handles configuration-file errors by printing the configuration file while executing in a setuid root context.
70 CVE-2020-14975 269 2020-06-23 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to delete, move, or copy arbitrary files via IOCTL code 0x222124.
71 CVE-2020-14974 269 2020-06-23 2021-07-21
6.6
None Local Low Not required None Complete Complete
The driver in IOBit Unlocker 1.1.2 allows a low-privileged user to unlock a file and kill processes (even ones running as SYSTEM) that hold a handle, via IOCTL code 0x222124.
72 CVE-2020-14973 79 XSS 2020-06-22 2020-06-25
4.3
None Remote Medium Not required None Partial None
The loginForm within the general/login.php webpage in webTareas 2.0p8 suffers from a Reflected Cross Site Scripting (XSS) vulnerability via the query string.
73 CVE-2020-14972 89 Exec Code Sql Bypass 2020-06-22 2020-06-26
7.5
None Remote Low Not required Partial Partial Partial
Multiple SQL injection vulnerabilities in Sourcecodester Pisay Online E-Learning System 1.0 allow remote unauthenticated attackers to bypass authentication and achieve Remote Code Execution (RCE) via the user_email, user_pass, and id parameters on the admin login-portal and the edit-lessons webpages.
74 CVE-2020-14971 94 2020-06-23 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
Pi-hole through 5.0 allows code injection in piholedhcp (the Static DHCP Leases section) by modifying Teleporter backup files and then restoring them. This occurs in settings.php. To exploit this, an attacker would request a backup of limited files via teleporter.php. These are placed into a .tar.gz archive. The attacker then modifies the host parameter in dnsmasq.d files, and then compresses and uploads these files again.
75 CVE-2020-14969 200 +Info 2020-06-22 2021-07-21
5.0
None Remote Low Not required Partial None None
app/Model/Attribute.php in MISP 2.4.127 lacks an ACL lookup on attribute correlations. This occurs when querying the attribute restsearch API, revealing metadata about a correlating but unreachable attribute.
76 CVE-2020-14968 119 Overflow Mem. Corr. 2020-06-22 2020-07-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the jsrsasign package before 8.0.17 for Node.js. Its RSASSA-PSS (RSA-PSS) implementation does not detect signature manipulation/modification by prepending '\0' bytes to a signature (it accepts these modified signatures as valid). An attacker can abuse this behavior in an application by creating multiple valid signatures where only one signature should exist. Also, an attacker might prepend these bytes with the goal of triggering memory corruption issues.
77 CVE-2020-14967 119 Overflow Mem. Corr. 2020-06-22 2020-07-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the jsrsasign package before 8.0.18 for Node.js. Its RSA PKCS1 v1.5 decryption implementation does not detect ciphertext modification by prepending '\0' bytes to ciphertexts (it decrypts modified ciphertexts without error). An attacker might prepend these bytes with the goal of triggering memory corruption issues.
78 CVE-2020-14966 347 Overflow 2020-06-22 2020-07-24
5.0
None Remote Low Not required None Partial None
An issue was discovered in the jsrsasign package through 8.0.18 for Node.js. It allows a malleability in ECDSA signatures by not checking overflows in the length of a sequence and '0' characters appended or prepended to an integer. The modified signatures are verified as valid. This could have a security-relevant impact if an application relied on a single canonical signature.
79 CVE-2020-14965 74 CSRF 2020-06-23 2021-07-21
3.5
None Remote Medium ??? None Partial None
On TP-Link TL-WR740N v4 and TL-WR740ND v4 devices, an attacker with access to the admin panel can inject HTML code and change the HTML context of the target pages and stations in the access-control settings via targets_lists_name or hosts_lists_name. The vulnerability can also be exploited through a CSRF, requiring no authentication as an administrator.
80 CVE-2020-14962 79 XSS 2020-06-22 2020-06-25
3.5
None Remote Medium ??? None Partial None
Multiple XSS vulnerabilities in the Final Tiles Gallery plugin before 3.4.19 for WordPress allow remote attackers to inject arbitrary web script or HTML via the Title (aka imageTitle) or Caption (aka description) field of an image to wp-admin/admin-ajax.php.
81 CVE-2020-14961 2020-06-22 2021-11-01
5.0
None Remote Low Not required None Partial None
Concrete5 before 8.5.3 does not constrain the sort direction to a valid asc or desc value.
82 CVE-2020-14960 89 Sql 2020-06-22 2020-06-26
6.5
None Remote Low ??? Partial Partial Partial
A SQL injection vulnerability in PHP-Fusion 9.03.50 affects the endpoint administration/comments.php via the ctype parameter,
83 CVE-2020-14959 79 XSS 2020-06-22 2020-06-25
3.5
None Remote Medium ??? None Partial None
Multiple XSS vulnerabilities in the Easy Testimonials plugin before 3.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the wp-admin/post.php Client Name, Position, Web Address, Other, Location Reviewed, Product Reviewed, Item Reviewed, or Rating parameter.
84 CVE-2020-14958 281 2020-06-21 2020-06-26
4.0
None Remote Low ??? None Partial None
In Gogs 0.11.91, MakeEmailPrimary in models/user_mail.go lacks a "not the owner of the email" check.
85 CVE-2020-14957 20 DoS 2020-06-30 2020-07-07
6.1
None Local Low Not required Partial Partial Complete
In Windows cleaning assistant 3.2, the driver file (AtpKrnl.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x223CCD.
86 CVE-2020-14956 20 DoS 2020-06-30 2020-07-07
6.1
None Local Low Not required Partial Partial Complete
In Windows cleaning assistant 3.2, the driver file (AtpKrnl.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x223CCA.
87 CVE-2020-14955 400 DoS 2020-06-26 2021-07-21
4.9
None Local Low Not required None None Complete
In Jiangmin Antivirus 16.0.13.129, the driver file (KVFG.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x220440.
88 CVE-2020-14954 74 2020-06-21 2020-07-28
4.3
None Remote Medium Not required None Partial None
Mutt before 1.14.4 and NeoMutt before 2020-06-19 have a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a man-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection."
89 CVE-2020-14950 20 Exec Code 2020-06-21 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a modified /system?action=ServiceAdmin request (start, stop, or restart) to the setting menu of Sotfware Store.
90 CVE-2020-14947 78 Exec Code 2020-06-30 2020-07-13
6.5
None Remote Low ??? Partial Partial Partial
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require/commandLine/CommandLine.php because mib_file in plugins/main_sections/ms_config/ms_snmp_config.php is mishandled in get_mib_oid.
91 CVE-2020-14946 22 Dir. Trav. 2020-06-22 2020-07-14
4.0
None Remote Low ??? Partial None None
downloadFile.ashx in the Administrator section of the Surveillance module in Global RADAR BSA Radar 1.6.7234.24750 and earlier allows users to download transaction files. When downloading the files, a user is able to view local files on the web server by manipulating the FileName and FilePath parameters in the URL, or while using a proxy. This vulnerability could be used to view local sensitive files or configuration files.
92 CVE-2020-14945 269 2020-06-22 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
A privilege escalation vulnerability exists within Global RADAR BSA Radar 1.6.7234.24750 and earlier that allows an authenticated, low-privileged user to escalate their privileges to administrator rights (i.e., the BankAdmin role) via modified SaveUser data.
93 CVE-2020-14944 863 2020-06-22 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
Global RADAR BSA Radar 1.6.7234.24750 and earlier lacks valid authorization controls in multiple functions. This can allow for manipulation and takeover of user accounts if successfully exploited. The following vulnerable functions are exposed: ChangePassword, SaveUserProfile, and GetUser.
94 CVE-2020-14943 79 XSS 2020-06-22 2020-06-30
3.5
None Remote Medium ??? None Partial None
The Firstname and Lastname parameters in Global RADAR BSA Radar 1.6.7234.24750 and earlier are vulnerable to stored cross-site scripting (XSS) via Update User Profile.
95 CVE-2020-14942 502 2020-06-21 2020-06-26
7.5
None Remote Low Not required Partial Partial Partial
Tendenci 12.0.10 allows unrestricted deserialization in apps\helpdesk\views\staff.py.
96 CVE-2020-14940 611 2020-06-23 2020-07-07
5.0
None Remote Low Not required Partial None None
An issue was discovered in io/gpx/GPXDocumentReader.java in TuxGuitar 1.5.4. It uses misconfigured XML parsers, leading to XXE while loading GP6 (.gpx) and GP7 (.gp) tablature files.
97 CVE-2020-14939 20 Exec Code 2020-06-23 2020-07-01
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in savestruct_internal.c in FreedroidRPG 1.0rc2. Saved game files are composed of Lua scripts that recover a game's state. A file can be modified to put any Lua code inside, leading to arbitrary code execution while loading.
98 CVE-2020-14938 787 Overflow 2020-06-23 2020-07-01
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in map.c in FreedroidRPG 1.0rc2. It assumes lengths of data sets read from saved game files. It copies data from a file into a fixed-size heap-allocated buffer without size verification, leading to a heap-based buffer overflow.
99 CVE-2020-14933 502 2020-06-20 2021-11-30
6.5
None Remote Low ??? Partial Partial Partial
** DISPUTED ** compose.php in SquirrelMail 1.4.22 calls unserialize for the $attachments value, which originates from an HTTP POST request. NOTE: the vendor disputes this because these two conditions for PHP object injection are not satisfied: existence of a PHP magic method (such as __wakeup or __destruct), and any attack-relevant classes must be declared before unserialize is called (or must be autoloaded). .
100 CVE-2020-14932 502 2020-06-20 2020-06-26
7.5
None Remote Low Not required Partial Partial Partial
compose.php in SquirrelMail 1.4.22 calls unserialize for the $mailtodata value, which originates from an HTTP GET request. This is related to mailto.php.
Total number of vulnerabilities : 1786   Page : 1 2 (This Page)3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.