CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2020-15415 78 Exec Code 2020-06-30 2020-07-02
7.5
None Remote Low Not required Partial Partial Partial
On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi/cvmcfgupload allows remote command execution via shell metacharacters in a filename when the text/x-python-script content type is used, a different issue than CVE-2020-14472.
2 CVE-2020-15412 269 2020-06-30 2021-07-21
4.0
None Remote Low ??? None Partial None
An issue was discovered in MISP 2.4.128. app/Controller/EventsController.php lacks an event ACL check before proceeding to allow a user to send an event contact form.
3 CVE-2020-15411 269 2020-06-30 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in MISP 2.4.128. app/Controller/AttributesController.php has insufficient ACL checks in the attachment downloader.
4 CVE-2020-15401 59 +Priv 2020-06-30 2020-07-07
2.1
None Local Low Not required None Partial None
IOBit Malware Fighter Pro 8.0.2.547 allows local users to gain privileges for file deletion by manipulating malicious flagged file locations with an NTFS junction and an Object Manager symbolic link.
5 CVE-2020-15400 352 XSS CSRF 2020-06-30 2021-07-21
4.3
None Remote Medium Not required None Partial None
CakePHP before 4.0.6 mishandles CSRF token generation. This might be remotely exploitable in conjunction with XSS.
6 CVE-2020-15397 269 Exec Code 2020-06-30 2020-09-18
7.2
None Local Low Not required Complete Complete Complete
HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uucp account). This allows these users to execute code in the context of the user calling these binaries (often root).
7 CVE-2020-15396 269 2020-06-30 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.
8 CVE-2020-15395 125 2020-06-30 2020-11-17
6.8
None Remote Medium Not required Partial Partial Partial
In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing).
9 CVE-2020-15393 772 2020-06-29 2021-07-21
2.1
None Local Low Not required None None Partial
In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.
10 CVE-2020-15389 416 2020-06-29 2021-07-20
5.8
None Remote Medium Not required Partial None Partial
jp2/opj_decompress.c in OpenJPEG through 2.3.1 has a use-after-free that can be triggered if there is a mix of valid and invalid files in a directory operated on by the decompressor. Triggering a double-free may also be possible. This is related to calling opj_image_destroy twice.
11 CVE-2020-15368 2020-06-29 2020-07-09
2.1
None Local Low Not required None Partial None
AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3.
12 CVE-2020-15365 787 2020-06-28 2020-07-06
4.3
None Remote Medium Not required None None Partial
LibRaw before 0.20-Beta3 has an out-of-bounds write in parse_exif() in metadata\exif_gps.cpp via an unrecognized AtomName and a zero value of tiff_nifds.
13 CVE-2020-15364 79 XSS 2020-06-28 2020-07-22
4.3
None Remote Medium Not required None Partial None
The Nexos theme through 1.7 for WordPress allows top-map/?search_location= reflected XSS.
14 CVE-2020-15363 89 Sql 2020-06-28 2020-07-22
5.0
None Remote Low Not required Partial None None
The Nexos theme through 1.7 for WordPress allows side-map/?search_order= SQL Injection.
15 CVE-2020-15362 74 Exec Code 2020-06-29 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
wifiscanner.js in thingsSDK WiFi Scanner 1.0.1 allows Code Injection because it can be used with options to overwrite the default executable/binary path and its arguments. An attacker can abuse this functionality to execute arbitrary code.
16 CVE-2020-15360 269 2020-06-27 2020-07-01
4.6
None Local Low Not required Partial Partial Partial
com.docker.vmnetd in Docker Desktop 2.3.0.3 allows privilege escalation because of a lack of client verification.
17 CVE-2020-15358 787 Overflow 2020-06-27 2021-09-22
2.1
None Local Low Not required None None Partial
In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation.
18 CVE-2020-15351 276 2020-06-26 2020-07-06
7.2
None Local Low Not required Complete Complete Complete
IDrive before 6.7.3.19 on Windows installs by default to %PROGRAMFILES(X86)%\IDriveWindows with weak folder permissions granting any user modify permission (i.e., NT AUTHORITY\Authenticated Users:(OI)(CI)(M)) to the contents of the directory and its sub-folders. In addition, the program installs a service called IDriveService that runs as LocalSystem. Thus, any standard user can escalate privileges to NT AUTHORITY\SYSTEM by substituting the service's binary with a malicious one.
19 CVE-2020-15348 74 2020-06-26 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/delete_cpes_by_ids?cpe_ids= for eval injection of Python code.
20 CVE-2020-15336 306 2020-06-26 2020-08-25
5.0
None Remote Low Not required None Partial None
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /cnr requests.
21 CVE-2020-15335 306 2020-06-26 2020-08-25
5.0
None Remote Low Not required None Partial None
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has no authentication for /registerCpe requests.
22 CVE-2020-15324 798 2020-06-29 2020-07-06
7.5
None Remote Low Not required Partial Partial Partial
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a world-readable axess/opt/axXMPPHandler/config/xmpp_config.py file that stores hardcoded credentials.
23 CVE-2020-15323 798 2020-06-29 2020-07-06
7.5
None Remote Low Not required Partial Partial Partial
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the cloud1234 password for the a1@chopin account default credentials.
24 CVE-2020-15322 798 2020-06-29 2020-07-06
7.5
None Remote Low Not required Partial Partial Partial
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the wbboEZ4BN3ssxAfM hardcoded password for the debian-sys-maint account.
25 CVE-2020-15321 798 2020-06-29 2020-07-06
7.5
None Remote Low Not required Partial Partial Partial
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axzyxel password for the livedbuser account.
26 CVE-2020-15320 798 2020-06-29 2020-07-02
7.5
None Remote Low Not required Partial Partial Partial
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the axiros password for the root account.
27 CVE-2020-15319 798 2020-06-29 2020-07-02
4.3
None Remote Medium Not required Partial None None
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/mysql chroot directory tree.
28 CVE-2020-15318 798 2020-06-29 2020-07-06
4.3
None Remote Medium Not required Partial None None
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/mysql chroot directory tree.
29 CVE-2020-15317 798 2020-06-29 2020-07-06
4.3
None Remote Medium Not required Partial None None
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account within the /opt/axess chroot directory tree.
30 CVE-2020-15316 798 2020-06-29 2020-07-06
4.3
None Remote Medium Not required Partial None None
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account within the /opt/axess chroot directory tree.
31 CVE-2020-15315 798 2020-06-29 2020-07-06
4.3
None Remote Medium Not required Partial None None
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account within the /opt/axess chroot directory tree.
32 CVE-2020-15314 798 2020-06-29 2020-07-02
4.3
None Remote Medium Not required Partial None None
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded RSA SSH key for the root account.
33 CVE-2020-15313 798 2020-06-29 2020-07-02
4.3
None Remote Medium Not required Partial None None
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded ECDSA SSH key for the root account.
34 CVE-2020-15312 798 2020-06-29 2020-07-02
4.3
None Remote Medium Not required Partial None None
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a hardcoded DSA SSH key for the root account.
35 CVE-2020-15308 89 Sql 2020-06-26 2020-07-06
6.5
None Remote Low ??? Partial Partial Partial
Support Incident Tracker (aka SiT! or SiTracker) 3.67 p2 allows post-authentication SQL injection via the site_edit.php typeid or site parameter, the search_incidents_advanced.php search_title parameter, or the report_qbe.php criteriafield parameter.
36 CVE-2020-15307 79 XSS 2020-06-30 2020-07-07
4.3
None Remote Medium Not required None Partial None
Nozomi Guardian before 19.0.4 allows attackers to achieve stored XSS (in the web front end) by leveraging the ability to create a custom field with a crafted field name.
37 CVE-2020-15306 787 Overflow 2020-06-26 2021-07-11
2.1
None Local Low Not required None None Partial
An issue was discovered in OpenEXR before v2.5.2. Invalid chunkCount attributes could cause a heap buffer overflow in getChunkOffsetTableSize() in IlmImf/ImfMisc.cpp.
38 CVE-2020-15305 416 2020-06-26 2021-07-11
2.1
None Local Low Not required None None Partial
An issue was discovered in OpenEXR before 2.5.2. Invalid input could cause a use-after-free in DeepScanLineInputFile::DeepScanLineInputFile() in IlmImf/ImfDeepScanLineInputFile.cpp.
39 CVE-2020-15304 476 2020-06-26 2021-07-11
2.1
None Local Low Not required None None Partial
An issue was discovered in OpenEXR before 2.5.2. An invalid tiled input file could cause invalid memory access in TiledInputFile::TiledInputFile() in IlmImf/ImfTiledInputFile.cpp, as demonstrated by a NULL pointer dereference.
40 CVE-2020-15302 311 DoS 2020-06-25 2021-07-21
5.0
None Remote Low Not required None None Partial
In Argent RecoveryManager before 0xdc350d09f71c48c5D22fBE2741e4d6A03970E192, the executeRecovery function does not require any signatures in the zero-guardian case, which allows attackers to cause a denial of service (locking) or a takeover.
41 CVE-2020-15087 285 Bypass 2020-06-30 2021-04-08
6.5
None Remote Low ??? Partial Partial Partial
In Presto before version 337, authenticated users can bypass authorization checks by directly accessing internal APIs. This impacts Presto server installations with secure internal communication configured. This does not affect installations that have not configured secure internal communication, as these installations are inherently insecure. This only affects Presto server installations. This does NOT affect clients such as the CLI or JDBC driver. This vulnerability has been fixed in version 337. Additionally, this issue can be mitigated by blocking network access to internal APIs on the coordinator and workers.
42 CVE-2020-15085 312 2020-06-30 2020-07-28
2.1
None Local Low Not required Partial None None
In Saleor Storefront before version 2.10.3, request data used to authenticate customers was inadvertently cached in the browser's local storage mechanism, including credentials. A malicious user with direct access to the browser could extract the email and password. In versions prior to 2.10.0 persisted the cache even after the user logged out. This is fixed in version 2.10.3. A workaround is to manually clear application data (browser's local storage) after logging into Saleor Storefront.
43 CVE-2020-15084 285 Bypass 2020-06-30 2020-07-08
4.3
None Remote Medium Not required None Partial None
In express-jwt (NPM package) up and including version 5.3.3, the algorithms entry to be specified in the configuration is not being enforced. When algorithms is not specified in the configuration, with the combination of jwks-rsa, it may lead to authorization bypass. You are affected by this vulnerability if all of the following conditions apply: - You are using express-jwt - You do not have **algorithms** configured in your express-jwt configuration. - You are using libraries such as jwks-rsa as the **secret**. You can fix this by specifying **algorithms** in the express-jwt configuration. See linked GHSA for example. This is also fixed in version 6.0.0.
44 CVE-2020-15069 120 Exec Code Overflow 2020-06-29 2020-07-16
7.5
None Remote Low Not required Partial Partial Partial
Sophos XG Firewall 17.x through v17.5 MR12 allows a Buffer Overflow and remote code execution via the HTTP/S Bookmarks feature for clientless access. Hotfix HF062020.1 was published for all firewalls running v17.x.
45 CVE-2020-15049 444 2020-06-30 2021-03-12
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in http/ContentLengthInterpreter.cc in Squid before 4.12 and 5.x before 5.0.3. A Request Smuggling and Poisoning attack can succeed against the HTTP cache. The client sends an HTTP request with a Content-Length header containing "+\ "-" or an uncommon shell whitespace character prefix to the length field-value.
46 CVE-2020-15047 295 2020-06-25 2020-07-02
4.3
None Remote Medium Not required Partial None None
MSA/SMTP.cpp in Trojita before 0.8 ignores certificate-verification errors, which allows man-in-the-middle attackers to spoof SMTP servers.
47 CVE-2020-15046 352 CSRF 2020-06-24 2020-07-13
9.3
None Remote Medium Not required Complete Complete Complete
The web interface on Supermicro X10DRH-iT motherboards with BIOS 2.0a and IPMI firmware 03.40 allows remote attackers to exploit a cgi/config_user.cgi CSRF issue to add new admin users. The fixed versions are BIOS 3.2 and firmware 03.88.
48 CVE-2020-15043 352 CSRF 2020-06-29 2020-07-06
4.3
None Remote Medium Not required None Partial None
iBall WRB303N devices allow CSRF attacks, as demonstrated by enabling remote management, enabling DHCP, or modifying the subnet range for IP addresses.
49 CVE-2020-15041 79 XSS 2020-06-24 2020-06-30
3.5
None Remote Medium ??? None Partial None
PHP-Fusion 9.03.60 allows XSS via the administration/site_links.php Add Site Link field.
50 CVE-2020-15038 79 XSS 2020-06-24 2020-07-29
3.5
None Remote Medium ??? None Partial None
The SeedProd coming-soon plugin before 5.1.1 for WordPress allows XSS.
Total number of vulnerabilities : 1786   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.