CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
351 CVE-2020-13758 79 XSS 2020-06-01 2020-06-02
4.3
None Remote Medium Not required None Partial None
modules/security/classes/general.post_filter.php/post_filter.php in the Web Application Firewall in Bitrix24 through 20.0.950 allows XSS by placing %00 before the payload.
352 CVE-2020-13757 327 2020-06-01 2020-09-02
5.0
None Remote Low Not required Partial None None
Python-RSA before 4.1 ignores leading '\0' bytes during decryption of ciphertext. This could conceivably have a security-relevant impact, e.g., by helping an attacker to infer that an application uses Python-RSA, or if the length of accepted ciphertext affects application behavior (such as by causing excessive memory allocation).
353 CVE-2020-13756 20 Exec Code 2020-06-03 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
Sabberworm PHP CSS Parser before 8.3.1 calls eval on uncontrolled data, possibly leading to remote code execution if the function allSelectors() or getSelectorsBySpecificity() is called with input from an attacker.
354 CVE-2020-13754 119 Overflow 2020-06-02 2020-12-14
4.6
None Local Low Not required Partial Partial Partial
hw/pci/msix.c in QEMU 4.2.0 allows guest OS users to trigger an out-of-bounds access via a crafted address in an msi-x mmio operation.
355 CVE-2020-13702 200 +Info 2020-06-11 2021-03-12
6.4
None Remote Low Not required Partial Partial None
The Rolling Proximity Identifier used in the Apple/Google Exposure Notification API beta through 2020-05-29 enables attackers to circumvent Bluetooth Smart Privacy because there is a secondary temporary UID. An attacker with access to Beacon or IoT networks can seamlessly track individual device movement via a Bluetooth LE discovery mechanism.
356 CVE-2020-13700 200 +Info 2020-06-24 2021-07-21
5.0
None Remote Low Not required Partial None None
An issue was discovered in the acf-to-rest-api plugin through 3.1.0 for WordPress. It allows an insecure direct object reference via permalinks manipulation, as demonstrated by a wp-json/acf/v3/options/ request that reads sensitive information in the wp_options table, such as the login and pass values.
357 CVE-2020-13696 732 2020-06-08 2021-07-21
3.6
None Local Low Not required Partial Partial None
An issue was discovered in LinuxTV xawtv before 3.107. The function dev_open() in v4l-conf.c does not perform sufficient checks to prevent an unprivileged caller of the program from opening unintended filesystem paths. This allows a local attacker with access to the v4l-conf setuid-root program to test for the existence of arbitrary files and to trigger an open on arbitrary files with mode O_RDWR. To achieve this, relative path components need to be added to the device path, as demonstrated by a v4l-conf -c /dev/../root/.bash_history command.
358 CVE-2020-13695 269 +Info 2020-06-01 2021-07-21
9.0
None Remote Low ??? Complete Complete Complete
In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user has sudo privileges to execute grep as root without a password, which allows an attacker to obtain sensitive information via a grep of a /root/*.db or /etc/shadow file.
359 CVE-2020-13694 78 Exec Code 2020-06-01 2020-06-02
9.0
None Remote Low ??? Complete Complete Complete
In QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8, the local www-data user can execute sudo mysql without a password, which means that the www-data user can execute arbitrary OS commands via the mysql -e option.
360 CVE-2020-13692 611 2020-06-04 2021-03-15
6.8
None Remote Medium Not required Partial Partial Partial
PostgreSQL JDBC Driver (aka PgJDBC) before 42.2.13 allows XXE.
361 CVE-2020-13659 476 2020-06-02 2020-11-11
1.9
None Local Medium Not required None None Partial
address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer.
362 CVE-2020-13657 269 2020-06-29 2021-07-21
2.1
None Local Low Not required None Partial None
An elevation of privilege vulnerability exists in Avast Free Antivirus and AVG AntiVirus Free before 20.4 due to improperly handling hard links. The vulnerability allows local users to take control of arbitrary files.
363 CVE-2020-13656 125 Exec Code 2020-06-12 2020-06-22
7.5
None Remote Low Not required Partial Partial Partial
In Morgan Stanley Hobbes through 2020-05-21, the array implementation lacks bounds checking, allowing exploitation of an out-of-bounds (OOB) read/write vulnerability that leads to both local and remote code (via RPC) execution.
364 CVE-2020-13652 79 XSS 2020-06-15 2020-06-19
4.3
None Remote Medium Not required None Partial None
An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 before p20200528, 2019R2 before p20200430, and 2020R1 before p20200507. A cross-site scripting (XSS) vulnerability exists in the login menu.
365 CVE-2020-13651 74 2020-06-15 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in DigDash 2018R2 before p20200528, 2019R1 before p20200421, and 2019R2 before p20200430. It allows a user to provide data that will be used to generate the JNLP file used by a client to obtain the right Java application. By providing an attacker-controlled URL, the client will obtain a rogue JNLP file specifying the installation of malicious JAR archives and executed with full privileges on the client computer.
366 CVE-2020-13650 918 2020-06-15 2020-06-24
5.0
None Remote Low Not required Partial None None
An issue was discovered in DigDash 2018R2 before p20200210 and 2019R1 before p20200210. The login page is vulnerable to Server-Side Request Forgery (SSRF) that allows use of the application as a proxy. Sent to an external server, a forged request discloses application credentials. For a request to an internal component, the request is blind, but through the error message it's possible to determine whether the request targeted a open service.
367 CVE-2020-13646 20 DoS 2020-06-05 2020-06-15
6.1
None Local Low Not required Partial Partial Complete
In Cheetah free WiFi 5.1, the driver file (liebaonat.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x830020f8, 0x830020E0, 0x830020E4, or 0x8300210c.
368 CVE-2020-13640 89 Exec Code Sql 2020-06-18 2020-07-06
7.5
None Remote Low Not required Partial Partial Partial
A SQL injection issue in the gVectors wpDiscuz plugin 5.3.5 and earlier for WordPress allows remote attackers to execute arbitrary SQL commands via the order parameter of a wpdLoadMoreComments request. (No 7.x versions are affected.)
369 CVE-2020-13637 312 2020-06-17 2021-07-20
5.0
None Remote Low Not required Partial None None
An issue was discovered in the stashcat app through 3.9.2 for macOS, Windows, Android, iOS, and possibly other platforms. It stores the client_key, the device_id, and the public key for end-to-end encryption in cleartext, enabling an attacker (by copying or having access to the local storage database file) to login to the system from any other computer, and get unlimited access to all data in the users's context.
370 CVE-2020-13625 116 2020-06-08 2020-09-17
5.0
None Remote Low Not required None Partial None
PHPMailer before 6.1.6 contains an output escaping bug when the name of a file attachment contains a double quote character. This can result in the file type being misinterpreted by the receiver or any mail relay processing the message.
371 CVE-2020-13597 200 +Info 2020-06-03 2020-06-08
2.1
None Remote High ??? Partial None None
Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to information disclosure if IPv6 is enabled but unused. A compromised pod with sufficient privilege is able to reconfigure the node’s IPv6 interface due to the node accepting route advertisement by default, allowing the attacker to redirect full or partial network traffic from the node to the compromised pod.
372 CVE-2020-13596 79 XSS 2020-06-03 2021-01-20
4.3
None Remote Medium Not required None Partial None
An issue was discovered in Django 2.2 before 2.2.13 and 3.0 before 3.0.7. Query parameters generated by the Django admin ForeignKeyRawIdWidget were not properly URL encoded, leading to a possibility of an XSS attack.
373 CVE-2020-13484 918 2020-06-24 2020-07-02
7.5
None Remote Low Not required Partial Partial Partial
Bitrix24 through 20.0.975 allows SSRF via an intranet IP address in the services/main/ajax.php?action=attachUrlPreview url parameter, if the destination URL hosts an HTML document containing '<meta name="og:image" content="' followed by an intranet URL.
374 CVE-2020-13483 79 XSS 2020-06-24 2020-06-29
4.3
None Remote Medium Not required None Partial None
The Web Application Firewall in Bitrix24 through 20.0.0 allows XSS via the items[ITEMS][ID] parameter to the components/bitrix/mobileapp.list/ajax.php/ URI.
375 CVE-2020-13480 74 2020-06-22 2021-07-21
3.5
None Remote Medium ??? None Partial None
Verint Workforce Optimization (WFO) 15.2 allows HTML injection via the "send email" feature.
376 CVE-2020-13448 78 Exec Code 2020-06-01 2021-12-13
9.0
None Remote Low ??? Complete Complete Complete
QuickBox Community Edition through 2.5.5 and Pro Edition through 2.1.8 allows an authenticated remote attacker to execute code on the server via command injection in the servicestart parameter.
377 CVE-2020-13445 74 Exec Code 2020-06-10 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
In Liferay Portal before 7.3.2 and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 6, the template API does not restrict user access to sensitive objects, which allows remote authenticated users to execute arbitrary code via crafted FreeMarker and Velocity templates.
378 CVE-2020-13444 +Info 2020-06-10 2020-07-16
4.0
None Remote Low ??? Partial None None
Liferay Portal 7.x before 7.3.2, and Liferay DXP 7.0 before fix pack 92, 7.1 before fix pack 18, and 7.2 before fix pack 5 does not sanitize the information returned by the DDMDataProvider API, which allows remote authenticated users to obtain the password to REST Data Providers.
379 CVE-2020-13443 434 Exec Code Bypass 2020-06-24 2020-07-02
6.5
None Remote Low ??? Partial Partial Partial
ExpressionEngine before 5.3.2 allows remote attackers to upload and execute arbitrary code in a .php%20 file via Compose Msg, Add attachment, and Save As Draft actions. A user with low privileges (member) is able to upload this. It is possible to bypass the MIME type check and file-extension check while uploading new files. Short aliases are not used for an attachment; instead, direct access is allowed to the uploaded files. It is possible to upload PHP only if one has member access, or registration/forum is enabled and one can create a member with the default group id of 5. To exploit this, one must to be able to send and compose messages (at least).
380 CVE-2020-13432 120 2020-06-08 2021-04-06
5.0
None Remote Low Not required None None Partial
rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual files or folders are used, allows remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers.
381 CVE-2020-13431 276 +Priv 2020-06-16 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
I2P before 0.9.46 allows local users to gain privileges via a Trojan horse I2PSvc.exe file because of weak permissions on a certain %PROGRAMFILES% subdirectory.
382 CVE-2020-13428 787 DoS Exec Code Overflow 2020-06-08 2020-06-19
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow in the hxxx_AnnexB_to_xVC function in modules/packetizer/hxxx_nal.c in VideoLAN VLC media player before 3.0.11 for macOS/iOS allows remote attackers to cause a denial of service (application crash) or execute arbitrary code via a crafted H.264 Annex-B video (.avi for example) file.
383 CVE-2020-13427 79 XSS 2020-06-22 2020-06-25
4.3
None Remote Medium Not required None Partial None
Victor CMS 1.0 has Persistent XSS in admin/users.php?source=add_user via the user_name, user_firstname, or user_lastname parameter.
384 CVE-2020-13426 352 CSRF 2020-06-22 2020-06-26
4.3
None Remote Medium Not required None Partial None
The Multi-Scheduler plugin 1.0.0 for WordPress has a Cross-Site Request Forgery (CSRF) vulnerability in the forms it presents, allowing the possibility of deleting records (users) when an ID is known.
385 CVE-2020-13423 79 XSS 2020-06-29 2020-07-02
3.5
None Remote Medium ??? None Partial None
Form Builder 2.1.0 for Magento has multiple XSS issues that can be exploited against Magento 2 admin accounts via the Current_url or email field, or the User-Agent HTTP header.
386 CVE-2020-13401 20 DoS +Info 2020-06-02 2020-08-27
6.0
None Remote Medium ??? Partial Partial Partial
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service.
387 CVE-2020-13379 918 2020-06-03 2021-01-29
6.4
None Remote Low Not required Partial None Partial
The avatar feature in Grafana 3.0.1 through 7.0.1 has an SSRF Incorrect Access Control issue. This vulnerability allows any unauthenticated user/client to make Grafana send HTTP requests to any URL and return its result to the user/client. This can be used to gain information about the network that Grafana is running on. Furthermore, passing invalid URL objects could be used for DOS'ing Grafana via SegFault.
388 CVE-2020-13279 74 Exec Code 2020-06-22 2021-07-21
6.8
None Remote Medium Not required Partial Partial Partial
Client side code execution in gitlab-vscode-extension v2.2.0 allows attacker to execute code on user system
389 CVE-2020-13277 863 2020-06-19 2020-06-29
4.0
None Remote Low ??? Partial None None
An authorization issue in the mirroring logic allowed read access to private repositories in GitLab CE/EE 10.6 and later through 13.0.5
390 CVE-2020-13276 863 2020-06-19 2021-07-21
4.0
None Remote Low ??? None Partial None
User is allowed to set an email as a notification email even without verifying the new email in all previous GitLab CE/EE versions through 13.0.1
391 CVE-2020-13275 863 2020-06-19 2021-07-21
5.5
None Remote Low ??? Partial Partial None
A user with an unverified email address could request an access to domain restricted groups in GitLab EE 12.2 and later through 13.0.1
392 CVE-2020-13274 400 DoS 2020-06-19 2021-07-21
5.0
None Remote Low Not required None None Partial
A security issue allowed achieving Denial of Service attacks through memory exhaustion by uploading malicious artifacts in all previous GitLab versions through 13.0.1
393 CVE-2020-13273 400 DoS 2020-06-19 2021-07-21
7.8
None Remote Low Not required None None Complete
A Denial of Service vulnerability allowed exhausting the system resources in GitLab CE/EE 12.0 and later through 13.0.1
394 CVE-2020-13272 863 2020-06-19 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
OAuth flow missing verification checks CE/EE 12.3 and later through 13.0.1 allows unverified user to use OAuth authorization code flow
395 CVE-2020-13271 79 Exec Code XSS 2020-06-10 2020-06-16
4.3
None Remote Medium Not required None Partial None
A Stored Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code in the blobs API in all previous GitLab CE/EE versions through 13.0.1
396 CVE-2020-13270 276 2020-06-10 2020-06-17
6.5
None Remote Low ??? Partial Partial Partial
Missing permission check on fork relation creation in GitLab CE/EE 11.3 and later through 13.0.1 allows guest users to create a fork relation on restricted public projects via API
397 CVE-2020-13269 79 Exec Code XSS 2020-06-10 2020-06-16
4.3
None Remote Medium Not required None Partial None
A Reflected Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code on the Static Site Editor in GitLab CE/EE 12.10 and later through 13.0.1
398 CVE-2020-13268 20 2020-06-10 2021-07-21
5.0
None Remote Low Not required Partial None None
A specially crafted request could be used to confirm the existence of files hosted on object storage services, without disclosing their contents. This vulnerability affects GitLab CE/EE 12.10 and later through 13.0.1
399 CVE-2020-13267 79 XSS 2020-06-10 2020-06-16
4.3
None Remote Medium Not required None Partial None
A Stored Cross-Site Scripting vulnerability allowed the execution on Javascript payloads on the Metrics Dashboard in GitLab CE/EE 12.8 and later through 13.0.1
400 CVE-2020-13266 862 2020-06-09 2020-06-15
4.0
None Remote Low ??? None Partial None
Insecure authorization in Project Deploy Keys in GitLab CE/EE 12.8 and later through 13.0.1 allows users to update permissions of other users' deploy keys under certain conditions
Total number of vulnerabilities : 1786   Page : 1 2 3 4 5 6 7 8 (This Page)9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.