CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
201 CVE-2020-14075 78 2020-06-15 2020-06-17
9.0
None Remote Low ??? Complete Complete Complete
TRENDnet TEW-827DRU devices through 2.06B04 contain multiple command injections in apply.cgi via the action pppoe_connect, ru_pppoe_connect, or dhcp_connect with the key wan_ifname (or wan0_dns), allowing an authenticated user to run arbitrary commands on the device.
202 CVE-2020-14074 787 Exec Code Overflow 2020-06-15 2020-06-16
6.5
None Remote Low ??? Partial Partial Partial
TRENDnet TEW-827DRU devices through 2.06B04 contain a stack-based buffer overflow in the ssi binary. The overflow allows an authenticated user to execute arbitrary code by POSTing to apply.cgi via the action kick_ban_wifi_mac_allow with a sufficiently long qcawifi.wifi0_vap0.maclist key.
203 CVE-2020-14073 79 +Priv XSS 2020-06-23 2020-12-02
3.5
None Remote Medium ??? None Partial None
XSS exists in PRTG Network Monitor 20.1.56.1574 via crafted map properties. An attacker with Read/Write privileges can create a map, and then use the Map Designer Properties screen to insert JavaScript code. This can be exploited against any user with View Maps or Edit Maps access.
204 CVE-2020-14072 Exec Code 2020-06-29 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in MK-AUTH 19.01. It allows command execution as root via shell metacharacters to /auth admin scripts.
205 CVE-2020-14071 79 Exec Code XSS 2020-06-29 2020-07-02
4.3
None Remote Medium Not required None Partial None
An issue was discovered in MK-AUTH 19.01. XSS vulnerabilities in admin and client scripts allow an attacker to execute arbitrary JavaScript code.
206 CVE-2020-14070 798 Bypass 2020-06-29 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in MK-AUTH 19.01. There is authentication bypass in the web login functionality because guessable credentials to admin/executar_login.php result in admin access.
207 CVE-2020-14069 89 Sql 2020-06-29 2020-07-02
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in MK-AUTH 19.01. There are SQL injection issues in mkt/ PHP scripts, as demonstrated by arp.php, dhcp.php, hotspot.php, ip.php, pgaviso.php, pgcorte.php, pppoe.php, queues.php, and wifi.php.
208 CVE-2020-14068 287 +Priv Sql Bypass 2020-06-29 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in MK-AUTH 19.01. The web login functionality allows an attacker to bypass authentication and gain client privileges via SQL injection in central/executar_login.php.
209 CVE-2020-14067 434 2020-06-15 2020-06-17
7.5
None Remote Low Not required Partial Partial Partial
The install_from_hash functionality in Navigate CMS 2.9 does not consider the .phtml extension when examining files within a ZIP archive that may contain PHP code, in check_upload in lib/packages/extensions/extension.class.php and lib/packages/themes/theme.class.php.
210 CVE-2020-14062 502 2020-06-14 2021-11-17
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2).
211 CVE-2020-14061 502 2020-06-14 2021-11-17
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms).
212 CVE-2020-14060 502 2020-06-14 2021-11-17
6.8
None Remote Medium Not required Partial Partial Partial
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill).
213 CVE-2020-14059 662 DoS 2020-06-30 2021-03-30
4.0
None Remote Low ??? None None Partial
An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop ABA problem during access to the memory page/slot management list.
214 CVE-2020-14058 476 DoS 2020-06-30 2021-07-21
5.0
None Remote Low Not required None None Partial
An issue was discovered in Squid before 4.12 and 5.x before 5.0.3. Due to use of a potentially dangerous function, Squid and the default certificate validation helper are vulnerable to a Denial of Service when opening a TLS connection to an attacker-controlled server for HTTPS. This occurs because unrecognized error values are mapped to NULL, but later code expects that each error value is mapped to a valid error string.
215 CVE-2020-14054 89 Sql Bypass 2020-06-15 2020-06-23
7.5
None Remote Low Not required Partial Partial Partial
SOKKIA GNR5 Vanguard WEB version 1.2 (build: 91f2b2c3a04d203d79862f87e2440cb7cefc3cd3) and hardware version 212 allows remote attackers to bypass admin authentication via a SQL injection attack that uses the User Name or Password field on the login page.
216 CVE-2020-14049 428 2020-06-22 2021-07-21
5.0
None Remote Low Not required Partial None None
Viber for Windows up to 13.2.0.39 does not properly quote its custom URI handler. A malicious website could launch Viber with arbitrary parameters, forcing a victim to send an NTLM authentication request, and either relay the request or capture the hash for offline password cracking. NOTE: this issue exists because of an incomplete fix for CVE-2019-12569.
217 CVE-2020-14048 306 2020-06-12 2020-06-17
5.0
None Remote Low Not required None Partial None
Zoho ManageEngine ServiceDesk Plus before 11.1 build 11115 allows remote unauthenticated attackers to change the installation status of deployed agents.
218 CVE-2020-14040 835 2020-06-17 2020-11-18
5.0
None Remote Low Not required None None Partial
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.
219 CVE-2020-14034 120 Overflow 2020-06-15 2020-06-18
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_get_codec_from_pt in utils.c has a Buffer Overflow via long value in an SDP Offer packet.
220 CVE-2020-14033 120 Overflow 2020-06-15 2020-06-18
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_streaming_rtsp_parse_sdp in plugins/janus_streaming.c has a Buffer Overflow via a crafted RTSP server.
221 CVE-2020-14019 276 2020-06-19 2020-08-07
4.6
None Local Low Not required Partial Partial Partial
Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved.
222 CVE-2020-14018 79 XSS 2020-06-24 2020-06-29
4.3
None Remote Medium Not required None Partial None
An issue was discovered in Navigate CMS 2.9 r1433. There is a stored XSS vulnerability that is executed on the page to view users, and on the page to edit users. This is present in both the User field and the E-Mail field. On the Edit user page, the XSS is only triggered via the E-Mail field; however, on the View user page the XSS is triggered via either the User field or the E-Mail field.
223 CVE-2020-14017 312 CSRF 2020-06-24 2020-06-29
5.0
None Remote Low Not required Partial None None
An issue was discovered in Navigate CMS 2.9 r1433. Sessions, as well as associated information such as CSRF tokens, are stored in cleartext files in the directory /private/sessions. An unauthenticated user could use a brute-force approach to attempt to identify existing sessions, or view the contents of this file to discover details about a session.
224 CVE-2020-14016 640 2020-06-24 2020-06-29
5.0
None Remote Low Not required Partial None None
An issue was discovered in Navigate CMS 2.9 r1433. The forgot-password feature allows users to reset their passwords by using either their username or the email address associated with their account. However, the feature returns a not_found message when the provided username or email address does not match a user in the system. This can be used to enumerate users.
225 CVE-2020-14015 640 2020-06-24 2020-06-29
5.0
None Remote Low Not required None Partial None
An issue was discovered in Navigate CMS 2.9 r1433. When performing a password reset, a user is emailed an activation code that allows them to reset their password. There is, however, a flaw when no activation code is supplied. The system will allow an unauthorized user to continue setting a password, even though no activation code was supplied, setting the password for the most recently created user in the system (the user with the highest user id).
226 CVE-2020-14014 79 XSS 2020-06-24 2021-08-06
3.5
None Remote Medium ??? None Partial None
An issue was discovered in Navigate CMS 2.8 and 2.9 r1433. The query parameter fid on the resource navigate.php does not perform sufficient data validation and/or encoding, making it vulnerable to reflected XSS.
227 CVE-2020-14012 79 XSS 2020-06-10 2020-07-01
3.5
None Remote Medium ??? None Partial None
scp/categories.php in osTicket 1.14.2 allows XSS via a Knowledgebase Category Name or Category Description. The attacker must be an Agent.
228 CVE-2020-14011 863 Exec Code 2020-06-15 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is configured for the admin account, unless "Built-in admin" is manually unchecked. This allows command execution via the Add New Package and Scheduled Deployments features.
229 CVE-2020-14010 79 XSS 2020-06-10 2020-06-14
4.3
None Remote Medium Not required None Partial None
The Laborator Xenon theme 1.3 for WordPress allows Reflected XSS via the data/typeahead-generate.php q (aka name) parameter.
230 CVE-2020-14007 79 XSS 2020-06-24 2020-07-07
3.5
None Remote Medium ??? None Partial None
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a name of an alert definition.
231 CVE-2020-14006 79 XSS 2020-06-24 2020-07-07
3.5
None Remote Medium ??? None Partial None
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows XSS via a Responsible Team.
232 CVE-2020-14005 Exec Code 2020-06-24 2021-01-14
9.0
None Remote Low ??? Complete Complete Complete
Solarwinds Orion (with Web Console WPM 2019.4.1, and Orion Platform HF4 or NPM HF2 2019.4) allows remote attackers to execute arbitrary code via a defined event.
233 CVE-2020-14004 59 2020-06-12 2020-11-03
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of the icinga2 systemd service) executes chmod 2750 /run/icinga2/cmd. /run/icinga2 is under control of an unprivileged user by default. If /run/icinga2/cmd is a symlink, then it will by followed and arbitrary files can be changed to mode 2750 by the unprivileged icinga2 user.
234 CVE-2020-14002 200 +Info 2020-06-29 2021-07-21
4.3
None Remote Medium Not required Partial None None
PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client).
235 CVE-2020-13999 190 DoS Overflow 2020-06-15 2020-07-02
4.3
None Remote Medium Not required None None Partial
ScaleViewPortExtEx in libemf.cpp in libEMF (aka ECMA-234 Metafile Library) 1.0.12 allows an integer overflow and denial of service via a crafted EMF file.
236 CVE-2020-13998 200 +Info 2020-06-11 2021-07-21
4.3
None Remote Medium Not required Partial None None
** UNSUPPORTED WHEN ASSIGNED ** Citrix XenApp 6.5, when 2FA is enabled, allows a remote unauthenticated attacker to ascertain whether a user exists on the server, because the 2FA error page only occurs after a valid username is entered. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
237 CVE-2020-13996 89 Sql 2020-06-09 2020-06-15
6.5
None Remote Low ??? Partial Partial Partial
The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager.
238 CVE-2020-13980 79 XSS 2020-06-09 2020-06-11
3.5
None Remote Medium ??? None Partial None
** DISPUTED ** OpenCart 3.0.3.3 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section because of a lack of entity encoding. NOTE: this issue exists because of an incomplete fix for CVE-2020-10596. The vendor states "this is not a massive issue as you are still required to be logged into the admin."
239 CVE-2020-13978 78 Exec Code 2020-06-09 2020-06-12
6.5
None Remote Low ??? Partial Partial Partial
** DISPUTED ** Monstra CMS 3.0.4 allows an attacker, who already has administrative access to modify .chunk.php files on the Edit Chunk screen, to execute arbitrary OS commands via the Theme Module by visiting the admin/index.php?id=themes&action=edit_chunk URI. NOTE: there is no indication that the Edit Chunk feature was intended to prevent an administrator from using PHP's exec feature.
240 CVE-2020-13977 74 2020-06-09 2021-07-21
4.0
None Remote Low ??? None Partial None
Nagios 4.4.5 allows an attacker, who already has administrative access to change the "URL for JSON CGIs" configuration setting, to modify the Alert Histogram and Trends code via crafted versions of the archivejson.cgi, objectjson.cgi, and statusjson.cgi files. NOTE: this vulnerability has been mistakenly associated with CVE-2020-1408.
241 CVE-2020-13976 352 Exec Code CSRF 2020-06-09 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** An issue was discovered in DD-WRT through 16214. The Diagnostic page allows remote attackers to execute arbitrary commands via shell metacharacters in the host field of the ping command. Exploitation through CSRF might be possible. NOTE: software maintainers consider the report invalid because it refers to an old software version, requires administrative privileges, and does not provide access beyond that already available to administrative users.
242 CVE-2020-13974 190 Overflow 2020-06-09 2021-01-04
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called several times in a row, aka CID-b86dab054059. NOTE: Members in the community argue that the integer overflow does not lead to a security issue in this case.
243 CVE-2020-13973 79 XSS 2020-06-09 2020-06-12
4.3
None Remote Medium Not required None Partial None
OWASP json-sanitizer before 1.2.1 allows XSS. An attacker who controls a substring of the input JSON, and controls another substring adjacent to a SCRIPT element in which the output is embedded as JavaScript, may be able to confuse the HTML parser as to where the SCRIPT element ends, and cause non-script content to be interpreted as JavaScript.
244 CVE-2020-13965 79 XSS 2020-06-09 2020-07-23
4.3
None Remote Medium Not required None Partial None
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. There is XSS via a malicious XML attachment because text/xml is among the allowed types for a preview.
245 CVE-2020-13964 79 XSS 2020-06-09 2020-06-19
4.3
None Remote Medium Not required None Partial None
An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmail_output_html.php allows XSS via the username template object.
246 CVE-2020-13962 DoS 2020-06-09 2021-08-11
5.0
None Remote Low Not required None None Partial
Qt 5.12.2 through 5.14.2, as used in unofficial builds of Mumble 1.3.0 and other products, mishandles OpenSSL's error queue, which can cause a denial of service to QSslSocket users. Because errors leak in unrelated TLS sessions, an unrelated session may be disconnected when any handshake fails. (Mumble 1.3.1 is not affected, regardless of the Qt version.)
247 CVE-2020-13961 20 Bypass 2020-06-19 2020-06-24
4.0
None Remote Low ??? None Partial None
Strapi before 3.0.2 could allow a remote authenticated attacker to bypass security restrictions because templates are stored in a global variable without any sanitation. By sending a specially crafted request, an attacker could exploit this vulnerability to update the email template for both password reset and account confirmation emails.
248 CVE-2020-13960 2020-06-08 2021-04-23
5.0
None Remote Low Not required None Partial None
D-Link DSL 2730-U IN_1.10 and IN_1.11 and DIR-600M 3.04 devices have the domain.name string in the DNS resolver search path by default, which allows remote attackers to provide valid DNS responses (and also offer Internet services such as HTTP) for names that otherwise would have had an NXDOMAIN error, by registering a subdomain of the domain.name domain name.
249 CVE-2020-13912 269 +Priv 2020-06-07 2021-07-21
6.0
None Remote Medium ??? Partial Partial Partial
SolarWinds Advanced Monitoring Agent before 10.8.9 allows local users to gain privileges via a Trojan horse .exe file, because everyone can write to a certain .exe file.
250 CVE-2020-13911 79 XSS 2020-06-09 2020-06-12
3.5
None Remote Medium ??? None Partial None
Your Online Shop 1.8.0 allows authenticated users to trigger XSS via a Change Name or Change Surname operation.
Total number of vulnerabilities : 1786   Page : 1 2 3 4 5 (This Page)6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.