CVE-2020-5xxx

There are 877 CVE in this subgroup.
Last updated: 
← Back to 2020
ID Summary Flags Max Score
CVE-2020-5000 IBM Financial Transaction Manager 3.2.0 through 3.2.8 is vulnerable to cross-site scripting. This vu...
S
CVE-2020-5001 IBM Financial Transaction Manager path traversal
CVE-2020-5002 IBM Financial Transaction Manager security bypass
CVE-2020-5003 IBM Financial Transaction Manager 3.2.4 is vulnerable to an XML External Entity Injection (XXE) atta...
CVE-2020-5004 IBM Jazz Foundation products are vulnerable to cross-site scripting. This vulnerability allows users...
CVE-2020-5008 IBM DataPower Gateway 10.0.0.0 through 10.0.1.0 and 2018.4.1.0 through 2018.4.1.14 stores sensitive ...
S
CVE-2020-5013 IBM QRadar SIEM 7.3 and 7.4 may vulnerable to a XML External Entity Injection (XXE) attack when proc...
CVE-2020-5014 IBM DataPower Gateway V10 and V2018 could allow a local attacker with administrative privileges to e...
S
CVE-2020-5015 IBM Elastic Storage System 6.0.0 through 6.0.1.2 and IBM Elastic Storage Server 5.3.0 through 5.3.6....
CVE-2020-5016 IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to traverse di...
S
CVE-2020-5017 IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow a local user to obtain access to informati...
S
CVE-2020-5018 IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may include sensitive information in its URLs increa...
S
CVE-2020-5019 IBM Spectrum Protect Plus 10.1.0 through 10.1.6 is vulnerable to HTTP header injection, caused by im...
S
CVE-2020-5020 IBM Spectrum Protect Plus 10.1.0 through 10.1.6 could allow a remote attacker to hijack the clicking...
S
CVE-2020-5021 IBM Spectrum Protect Plus 10.1.0 through 10.1.6 does not invalidate session after a password reset w...
S
CVE-2020-5022 IBM Spectrum Protect Plus 10.1.0 through 10.1.6 may allow unauthenticated and unauthorized access to...
S
CVE-2020-5023 IBM Spectrum Protect Plus 10.1.0 through 10.1.7 could allow a remote user to inject arbitrary data i...
CVE-2020-5024 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 co...
CVE-2020-5025 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 db...
CVE-2020-5026 IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7 could ...
CVE-2020-5030 IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulner...
S
CVE-2020-5031 IBM Jazz Foundation and IBM Engineering products are vulnerable to cross-site scripting. This vulner...
CVE-2020-5032 IBM QRadar SIEM 7.3 and 7.4 in some configurations may be vulnerable to a temporary denial of servic...
CVE-2020-5036 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5037 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5038 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5039 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5040 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5041 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5042 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5043 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5044 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5045 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5046 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5047 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5048 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5049 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5050 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5051 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5052 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5053 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5054 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5055 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5056 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5057 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5058 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5059 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5060 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5061 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5062 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5063 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5064 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5065 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5066 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5067 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5068 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5069 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5070 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5071 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5072 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5073 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5074 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5075 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5076 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5077 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5078 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5079 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5080 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5081 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5082 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5083 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5084 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5085 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5086 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5087 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5088 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5089 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5090 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5091 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5092 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5093 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5094 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5095 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5096 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5097 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5098 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5099 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5100 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5101 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5102 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5103 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5104 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5105 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5106 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5107 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5108 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5109 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5110 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5111 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5112 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5113 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5114 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5115 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5116 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5117 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5118 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5119 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5120 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5121 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5122 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5123 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5124 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5125 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5126 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5127 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5128 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5129 A vulnerability in the SonicWall SMA1000 HTTP Extraweb server allows an unauthenticated remote attac...
CVE-2020-5130 SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS...
CVE-2020-5131 SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows a...
CVE-2020-5132 SonicWall SSL-VPN products and SonicWall firewall SSL-VPN feature misconfiguration leads to possible...
CVE-2020-5133 A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service due t...
CVE-2020-5134 A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file refer...
CVE-2020-5135 A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS)...
KEV
CVE-2020-5136 A buffer overflow vulnerability in SonicOS allows an authenticated attacker to cause Denial of Servi...
CVE-2020-5137 A buffer overflow vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial ...
CVE-2020-5138 A Heap Overflow vulnerability in the SonicOS allows a remote unauthenticated attacker to cause Denia...
CVE-2020-5139 A vulnerability in SonicOS SSLVPN service allows a remote unauthenticated attacker to cause Denial o...
CVE-2020-5140 A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS)...
CVE-2020-5141 A vulnerability in SonicOS allows a remote unauthenticated attacker to brute force Virtual Assist ti...
CVE-2020-5142 A stored cross-site scripting (XSS) vulnerability exists in the SonicOS SSLVPN web interface. A remo...
CVE-2020-5143 SonicOS SSLVPN login page allows a remote unauthenticated attacker to perform firewall management ad...
CVE-2020-5144 SonicWall Global VPN client version 4.10.4.0314 and earlier allows unprivileged windows user to elev...
CVE-2020-5145 SonicWall Global VPN client version 4.10.4.0314 and earlier have an insecure library loading (DLL hi...
CVE-2020-5146 A vulnerability in SonicWall SMA100 appliance allow an authenticated management-user to perform OS c...
CVE-2020-5147 SonicWall NetExtender Windows client vulnerable to unquoted service path vulnerability, this allows ...
E
CVE-2020-5148 SonicWall SSO-agent default configuration uses NetAPI to probe the associated IP's in the network, t...
CVE-2020-5179 Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to execute arbitrar...
E
CVE-2020-5180 Viscosity 1.8.2 on Windows and macOS allows an unprivileged user to set a subset of OpenVPN paramete...
CVE-2020-5182 The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. In some config...
CVE-2020-5183 FTPGetter Professional 5.97.0.223 is vulnerable to a memory corruption bug when a user sends a speci...
E
CVE-2020-5186 DNN (formerly DotNetNuke) through 9.4.4 allows XSS (issue 1 of 2)....
E
CVE-2020-5187 DNN (formerly DotNetNuke) through 9.4.4 allows Path Traversal (issue 2 of 2)....
E
CVE-2020-5188 DNN (formerly DotNetNuke) through 9.4.4 has Insecure Permissions....
E
CVE-2020-5191 PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple Persistent XSS vulnerabiliti...
E
CVE-2020-5192 PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple SQL injection vulnerabilitie...
E
CVE-2020-5193 PHPGurukul Hospital Management System in PHP v4.0 suffers from multiple reflected XSS vulnerabilitie...
E
CVE-2020-5194 The zip API endpoint in Cerberus FTP Server 8 allows an authenticated attacker without zip permissio...
E
CVE-2020-5195 Reflected XSS through an IMG element in Cerberus FTP Server prior to versions 11.0.1 and 10.0.17 all...
CVE-2020-5196 Cerberus FTP Server Enterprise Edition prior to versions 11.0.3 and 10.0.18 allows an authenticated ...
E
CVE-2020-5197 An issue was discovered in GitLab Community Edition (CE) and Enterprise Edition (EE) 5.1 through 12....
CVE-2020-5200 Minerbabe through V4.16 ships with SSH host keys baked into the installation image, which allows man...
CVE-2020-5202 apt-cacher-ng through 3.3 allows local users to obtain sensitive information by hijacking the hardco...
E S
CVE-2020-5203 In Fat-Free Framework 3.7.1, attackers can achieve arbitrary code execution if developers choose to ...
S
CVE-2020-5204 Buffer overflow vulnerability in uftpd
S
CVE-2020-5205 Session fixation attack in Pow (Hex package)
S
CVE-2020-5206 Authentication Bypass For Endpoints With Anonymous Access in OpenCast
S
CVE-2020-5207 Request smuggling is possible in Ktor when both chunked TE and content length specified
S
CVE-2020-5208 remote code execution vulnerability in ipmitool
S
CVE-2020-5209 NetHack command line parsing of options starting with -de and -i is subject to a buffer overflow
S
CVE-2020-5210 NetHack command line -w option parsing is subject to a buffer overflow
S
CVE-2020-5211 NetHack AUTOCOMPLETE configuration file option is subject to a buffer overflow
CVE-2020-5212 NetHack MENUCOLOR configuration file option is subject to a buffer overflow
CVE-2020-5213 NetHack SYMBOL configuration file option is subject to a buffer overflow
CVE-2020-5214 NetHack error recovery after syntax error in configuration file is subject to a buffer overflow
CVE-2020-5215 Segmentation faultin TensorFlow when converting a Python string to tf.float16
E S
CVE-2020-5216 Limited header injection when using dynamic overrides with user input in RubyGems secure_headers
E S
CVE-2020-5217 Directive injection when using dynamic overrides with user input in RubyGems secure_headers
E S
CVE-2020-5218 Ability in Sylius to switch channels via GET parameter enabled in production environments
S
CVE-2020-5219 Remote Code Execution in Angular Expressions
S
CVE-2020-5220 Ability to expose data in Sylius by using an unintended serialisation group
CVE-2020-5221 Directory Traversal (Chroot Escape) vulnerability in uftpd
E S
CVE-2020-5222 Hard-Coded Key Used For Remember-me Token in OpenCast
S
CVE-2020-5223 Persistent XSS vulnerability in filename of attached file in PrivateBin
E S
CVE-2020-5224 Session key exposure through session list in Django User Sessions
S
CVE-2020-5225 Log injection in SimpleSAMLphp
CVE-2020-5226 Cross-site scripting in SimpleSAMLphp
CVE-2020-5227 Feedgen Vulnerable to XML Denial of Service Attacks
E S
CVE-2020-5228 Opencast allows unauthorized public access via OAI-PMH
S
CVE-2020-5229 Opencast stores passwords using outdated MD5 hash algorithm
S
CVE-2020-5230 Opencast uses unsafe identifiers
S
CVE-2020-5231 Opencast users with ROLE_COURSE_ADMIN can create new users
E S
CVE-2020-5232 Ethereum Name Service - Malicious takeover of previously owned ENS names
S
CVE-2020-5233 Open Redirect in OAuth2 Proxy
E S
CVE-2020-5234 Untrusted data can lead to DoS attack in MessagePack for C# and Unity
S
CVE-2020-5235 Out-of-memory condition in Nanopb is potentially exploitable
S
CVE-2020-5236 Catastrophic backtracking in regex allows Denial of Service in Waitress
S
CVE-2020-5237 Relative Path Traversal in oneup/uploader-bundle
E S
CVE-2020-5238 Denial of service in table parsing in cmark-gfm
S
CVE-2020-5239 Unspecified vulnerability in the fetchmail script in Mailu
M
CVE-2020-5240 2FA bypass through deleting devices in wagtail-2fa
S
CVE-2020-5241 XSS/Script injection vulnerability in matestack
E
CVE-2020-5242 openHAB exec add-ons allow remote arbitrary command execution
S
CVE-2020-5243 Denial of Service in uap-core when processing crafted User-Agent strings
E S
CVE-2020-5244 Private data exposure via REST API in BuddyPress
S
CVE-2020-5245 Remote Code Execution (RCE) vulnerability in dropwizard-validation
E S
CVE-2020-5246 LDAP injection vulnerability in Traccar GPS Tracking System
S
CVE-2020-5247 HTTP Response Splitting in Puma
M
CVE-2020-5248 Public GLPIKEY can be used to decrypt any data in GLPI
S
CVE-2020-5249 HTTP Response Splitting (Early Hints) in Puma
S
CVE-2020-5250 Possible information disclosure in PrestaShop
S
CVE-2020-5251 Information disclosure in parse-server
S
CVE-2020-5252 Malicious package may avoid detection in python auditing
M
CVE-2020-5253 Privilege escalation in NetHack
S
CVE-2020-5254 NetHack hilite_status parsing privilege escalation
CVE-2020-5255 Prevent cache poisoning via a Response Content-Type header
S
CVE-2020-5256 Remote Code Execution Through Image Uploads in BookStack
CVE-2020-5257 Sort order SQL injection in Administrate
S
CVE-2020-5258 Prototype pollution in dojo
E S
CVE-2020-5259 Prototype Pollution in Dojox
E S
CVE-2020-5260 malicious URLs may cause Git to present stored credentials to the wrong server
S
CVE-2020-5261 Missing Token Replay Detection
S
CVE-2020-5262 GitHub personal access token leaking into temporary EasyBuild (debug) logs
E S
CVE-2020-5263 Information disclosure through error object
S
CVE-2020-5264 Reflected XSS in security compromised page of PrestaShop
S
CVE-2020-5265 Reflected XSS on AdminAttributesGroups page of PrestaShop
S
CVE-2020-5266 Stored XSS on back office edit page
S
CVE-2020-5267 Possible XSS vulnerability in ActionView
E S
CVE-2020-5268 Subject Confirmation Method not validated in Saml2 Authentication Services for ASP.NET
S
CVE-2020-5269 Reflected XSS on AdminFeatures page of PrestaShop
S
CVE-2020-5270 Open redirection when using back parameter of PrestaShop
S
CVE-2020-5271 Reflected XSS with dashboard calendar of PrestaShop
S
CVE-2020-5272 Reflected XSS on Search page of PrestaShop
S
CVE-2020-5273 Stored XSS with custom URLs in PrestaShop module ps_linklist
S
CVE-2020-5274 Exceptions displayed in non-debug configurations in Symfony
S
CVE-2020-5275 Firewall configured with unanimous strategy was not actually unanimous in symfony/security-http
S
CVE-2020-5276 Reflected XSS on AdminCarts page of PrestaShop
S
CVE-2020-5277 Reflected XSS with url_name parameter of PrestaShop module ps_facetedsearch
S
CVE-2020-5278 Reflected XSS on Exception page of PrestaShop
S
CVE-2020-5279 Improper Access Control for certain legacy controller in PrestaShop
S
CVE-2020-5280 Local file inclusion vulnerability in http4s
S
CVE-2020-5281 LDAP connector injection in Perun
S
CVE-2020-5282 arbitrary shell execution in Nick Chan Bot
S
CVE-2020-5283 XSS vulnerability in CVS show_subdir_lastmod support
E S
CVE-2020-5284 Directory Traversal in Next.js versions below 9.3.2
CVE-2020-5285 Reflected XSS with back parameter in PrestaShop
S
CVE-2020-5286 Reflected XSS related in import page in PrestaShop
S
CVE-2020-5287 Improper access control on customers search in PrestaShop
S
CVE-2020-5288 Improper access control on product attributes page in PrestaShop
S
CVE-2020-5289 Read permissions not enforced for client provided filter expressions in Elide http client
S
CVE-2020-5290 session fixation in rCTF
E
CVE-2020-5291 Privilege escalation in setuid mode via user namespaces in Bubblewrap
S
CVE-2020-5292 Time-based blind injection in Leantime
S
CVE-2020-5293 Improper access control on product page with combinations, attachments and specific prices in PrestaShop
S
CVE-2020-5294 Reflected XSS with social networks fields
S
CVE-2020-5295 Local File read vulnerability in OctoberCMS
E S
CVE-2020-5296 Arbitrary File Deletion vulnerability in OctoberCMS
E S
CVE-2020-5297 Upload whitelisted files to any directory in OctoberCMS
E S
CVE-2020-5298 Reflected XSS when importing CSV in OctoberCMS
E S
CVE-2020-5299 Potential CSV Injection vector in OctoberCMS
S
CVE-2020-5300 Disallow replay of `private_key_jwt` by blacklisting JTIs in Hydra
S
CVE-2020-5301 Information disclosure of source code in SimpleSAMLphp
S
CVE-2020-5302 unprivileged user can access priviledged action in MH-WikiBot
CVE-2020-5303 Denial of service in Tendermint
S
CVE-2020-5304 The dashboard in WhiteSource Application Vulnerability Management (AVM) before version 20.4.1 allows...
CVE-2020-5305 Codoforum 4.8.3 allows XSS in the admin dashboard via a name field of a new user, i.e., on the Manag...
E
CVE-2020-5306 Codoforum 4.8.3 allows XSS via a post using parameters display name, title name, or content....
E
CVE-2020-5307 PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to SQL injection, as demonstrated by ...
E
CVE-2020-5308 PHPGurukul Dairy Farm Shop Management System 1.0 is vulnerable to XSS, as demonstrated by the catego...
E
CVE-2020-5310 libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to real...
S
CVE-2020-5311 libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow....
S
CVE-2020-5312 libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow....
S
CVE-2020-5313 libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow....
S
CVE-2020-5315 Dell EMC Repository Manager (DRM) version 3.2 contains a plain-text password storage vulnerability. ...
CVE-2020-5316 Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3 and Dell Su...
S
CVE-2020-5317 Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerability. A remote authenticated maliciou...
CVE-2020-5318 Dell EMC Isilon OneFS versions 8.1.2, 8.1.0.4, 8.1.0.3, and 8.0.0.7 contain a vulnerability in some ...
CVE-2020-5319 Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prior to 5.0.2.0.5.009 contain a D...
CVE-2020-5320 Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M)...
CVE-2020-5321 Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M)...
CVE-2020-5322 Dell EMC OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a command injection...
CVE-2020-5323 Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M)...
CVE-2020-5324 Dell Client Consumer and Commercial Platforms contain an Arbitrary File Overwrite Vulnerability. The...
CVE-2020-5326 Affected Dell Client platforms contain a BIOS Setup configuration authentication bypass vulnerabilit...
CVE-2020-5327 Dell Security Management Server versions prior to 10.2.10 contain a Java RMI Deserialization of Untr...
S
CVE-2020-5328 Dell EMC Isilon OneFS versions prior to 8.2.0 contain an unauthorized access vulnerability due to a ...
CVE-2020-5329 Dell EMC Avamar Server contains an open redirect vulnerability. A remote unauthenticated attacker ma...
S
CVE-2020-5330 Dell EMC Networking X-Series firmware versions 3.0.1.2 and older, Dell EMC Networking PC5500 firmwar...
E
CVE-2020-5331 RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information exposure vulnerability. Users...
CVE-2020-5332 RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain a command injection vulnerability. AN authen...
CVE-2020-5333 RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an authorization bypass vulnerability in the...
CVE-2020-5334 RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contains a Document Object Model (DOM) based cross-s...
CVE-2020-5335 RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a cross-site request forgery vulnerability. ...
CVE-2020-5336 RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL injection vulnerability. An unauthenti...
CVE-2020-5337 RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL redirection vulnerability. A remote un...
CVE-2020-5339 RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerabi...
S
CVE-2020-5340 RSA Authentication Manager versions prior to 8.4 P10 contain a stored cross-site scripting vulnerabi...
S
CVE-2020-5341 Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1,...
S
CVE-2020-5342 Dell Digital Delivery versions prior to 3.5.2015 contain an incorrect default permissions vulnerabil...
S
CVE-2020-5343 Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, m...
S
CVE-2020-5344 Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a st...
CVE-2020-5345 Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual ...
CVE-2020-5346 RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerabi...
S
CVE-2020-5347 Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of service vulnerability. SmartCon...
CVE-2020-5348 Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a UAF vulnerability in EFI_BOOT_...
CVE-2020-5349 Dell EMC Networking S4100 and S5200 Series Switches manufactured prior to February 2020 contain a ha...
CVE-2020-5350 Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 contain a command inj...
CVE-2020-5351 Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with lim...
CVE-2020-5352 Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. A ...
CVE-2020-5353 The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default...
S
CVE-2020-5355 The Dell Isilon OneFS versions 8.2.2 and earlier SSHD process improperly allows Transmission Control...
CVE-2020-5356 Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell PowerProtect X400 versions pri...
CVE-2020-5357 Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain...
CVE-2020-5358 Dell Encryption versions prior to 10.7 and Dell Endpoint Security Suite versions prior to 2.7 contai...
CVE-2020-5359 Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to an Unchecked Return Value V...
S
CVE-2020-5360 Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnera...
S
CVE-2020-5361 Select Dell Client Commercial and Consumer platforms support a BIOS password reset capability that i...
CVE-2020-5362 Dell Client Consumer and Commercial platforms include an improper authorization vulnerability in the...
CVE-2020-5363 Select Dell Client Consumer and Commercial platforms include an issue that allows the BIOS Admin pas...
CVE-2020-5364 Dell EMC Isilon OneFS versions 8.2.2 and earlier contain an SNMPv2 vulnerability. The SNMPv2 service...
CVE-2020-5365 Dell EMC Isilon versions 8.2.2 and earlier contain a remotesupport vulnerability. The pre-configured...
CVE-2020-5366 Dell EMC iDRAC9 versions prior to 4.20.20.20 contain a Path Traversal Vulnerability. A remote authen...
CVE-2020-5367 Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual ...
CVE-2020-5368 Dell EMC VxRail versions 4.7.410 and 4.7.411 contain an improper authentication vulnerability. A rem...
CVE-2020-5369 Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain...
CVE-2020-5370 Dell EMC OpenManage Enterprise (OME) versions prior to 3.4 contain an arbitrary file overwrite vulne...
S
CVE-2020-5371 Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale version 9.0.0 contain a fil...
CVE-2020-5372 Dell EMC PowerStore versions prior to 1.0.1.0.5.002 contain a vulnerability that exposes test interf...
CVE-2020-5373 Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions pr...
CVE-2020-5374 Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions pr...
CVE-2020-5376 Dell Inspiron 7347 BIOS versions prior to A13 contain a UEFI BIOS Boot Services overwrite vulnerabil...
CVE-2020-5377 Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path travers...
E
CVE-2020-5378 Dell G7 17 7790 BIOS versions prior to 1.13.2 contain a UEFI BIOS Boot Services overwrite vulnerabil...
CVE-2020-5379 Dell Inspiron 7352 BIOS versions prior to A12 contain a UEFI BIOS Boot Services overwrite vulnerabil...
CVE-2020-5383 Dell EMC Isilon OneFS version 8.2.2 and Dell EMC PowerScale OneFS version 9.0.0 contains a buffer ov...
CVE-2020-5384 Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Windows contains an Authenticati...
CVE-2020-5385 Dell Encryption versions prior to 10.8 and Dell Endpoint Security Suite versions prior to 2.8 contai...
CVE-2020-5386 Dell EMC ECS, versions prior to 3.5, contains an Exposure of Resource vulnerability. A remote unauth...
CVE-2020-5387 Dell XPS 13 9370 BIOS versions prior to 1.13.1 contains an Improper Exception Handling vulnerability...
CVE-2020-5388 Dell Inspiron 15 7579 2-in-1 BIOS versions prior to 1.31.0 contain an Improper SMM communication buf...
CVE-2020-5389 Dell EMC OpenManage Integration for Microsoft System Center (OMIMSSC) for SCCM and SCVMM versions pr...
CVE-2020-5390 PySAML2 before 5.0.0 does not check that the signature in a SAML document is enveloped and thus sign...
S
CVE-2020-5391 Cross-site request forgery (CSRF) vulnerabilities exist in the Auth0 plugin before 4.0.0 for WordPre...
CVE-2020-5392 A stored cross-site scripting (XSS) vulnerability exists in the Auth0 plugin before 4.0.0 for WordPr...
CVE-2020-5393 In Appspace On-Prem through 7.1.3, an adversary can steal a session token via XSS....
E
CVE-2020-5395 FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in sfd.c....
E S
CVE-2020-5396 JMX Insecure Default Configuration in GemFire
CVE-2020-5397 CSRF Attack via CORS Preflight Requests with Spring MVC or Spring WebFlux
E S
CVE-2020-5398 RFD Attack via "Content-Disposition" Header Sourced from Request Input by Spring MVC or Spring WebFlux Application
S
CVE-2020-5399 CredHub does not properly enable TLS for MySQL database connections
CVE-2020-5400 Cloud Controller logs environment variables from app manifests
CVE-2020-5401 Cloud Foundry GoRouter is vulnerable to cache poisoning
CVE-2020-5402 UAA fails to check the state parameter when authenticating with external IDPs
CVE-2020-5403 DoS Via Malformed URL with Reactor Netty HTTP Server
CVE-2020-5404 Authentication Leak On Redirect With Reactor Netty HttpClient
CVE-2020-5405 Directory Traversal with spring-cloud-config-server
CVE-2020-5406 PCF Autoscaling logs its database credentials
CVE-2020-5407 Signature Wrapping Vulnerability with spring-security-saml2-service-provider
CVE-2020-5408 Dictionary attack with Spring Security queryable text encryptor
CVE-2020-5409 Concourse Open Redirect in the /sky/login endpoint
CVE-2020-5410 Directory Traversal with spring-cloud-config-server
KEV
CVE-2020-5411 Jackson Configuration Allows Code Execution with Unknown "Serialization Gadgets"
CVE-2020-5412 Hystrix Dashboard Proxy In spring-cloud-netflix-hystrix-dashboard
CVE-2020-5413 Kryo Configuration Allows Code Execution with Unknown "Serialization Gadgets"
S
CVE-2020-5414 App Autoscaler logs credentials
CVE-2020-5415 Concourse's GitLab auth allows impersonation
S
CVE-2020-5416 CF clusters with NGINX in front of them may be vulnerable to DoS
CVE-2020-5417 Cloud Controller may allow developers to claim sensitive routes
CVE-2020-5418 Cloud Controller allows users with no roles to list droplets
CVE-2020-5419 RabbitMQ arbitrary code execution using local binary planting
CVE-2020-5420 Gorouter is vulnerable to DoS attack via invalid HTTP responses
CVE-2020-5421 RFD Protection Bypass via jsessionid
S
CVE-2020-5422 UAA password may appear in BOSH System Metrics Server process arguments
CVE-2020-5423 Cloud Controller is vulnerable to denial of service via YAML parsing
CVE-2020-5424 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2020-5425 User Impersonation possible in Tanzu SSO
CVE-2020-5426 Scheduler for TAS can transmit privileged UAA token in plaintext
CVE-2020-5427 Possibility of SQL Injection in Spring Cloud Data Flow Task Execution Sorting Query
CVE-2020-5428 Possibility of SQL Injection in Spring Cloud Task Execution Sorting Query
CVE-2020-5429 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5430 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5431 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5432 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5433 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5434 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5435 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5436 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5437 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5438 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5439 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5440 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5441 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5442 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5443 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5444 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5445 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5446 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5447 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5448 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5449 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5450 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5451 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5452 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5453 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5454 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5455 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5456 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5457 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5458 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5459 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5460 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5461 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5462 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5463 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5464 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5465 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5466 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5467 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5468 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5469 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5470 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5471 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5472 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5473 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5474 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5475 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5476 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5477 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5478 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5479 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5480 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5481 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5482 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5483 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5484 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5485 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5486 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5487 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5488 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5489 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5490 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5491 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5492 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5493 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5494 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5495 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2020-5496 FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines() function in splinesa...
E
CVE-2020-5497 The OpenID Connect reference implementation for MITREid Connect through 1.3.3 allows XSS due to user...
E
CVE-2020-5498 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2020-5499 Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in whic...
E
CVE-2020-5501 phpBB 3.2.8 allows a CSRF attack that can modify a group avatar....
CVE-2020-5502 phpBB 3.2.8 allows a CSRF attack that can approve pending group memberships....
CVE-2020-5504 In phpMyAdmin 4 before 4.9.4 and 5 before 5.0.1, SQL injection exists in the user accounts page. A m...
E S
CVE-2020-5505 Freelancy v1.0.0 allows remote command execution via the "file":"data:application/x-php;base64 subst...
E
CVE-2020-5509 PHPGurukul Car Rental Project v1.0 allows Remote Code Execution via an executable file in an upload ...
E
CVE-2020-5510 PHPGurukul Hostel Management System v2.0 allows SQL injection via the id parameter in the full-profi...
E
CVE-2020-5511 PHPGurukul Small CRM v2.0 was found vulnerable to authentication bypass via SQL injection when loggi...
E
CVE-2020-5512 Gila CMS 1.11.8 allows /admin/media?path=../ Path Traversal....
E
CVE-2020-5513 Gila CMS 1.11.8 allows /cm/delete?t=../ Directory Traversal....
E
CVE-2020-5514 Gila CMS 1.11.8 allows Unrestricted Upload of a File with a Dangerous Type via .phar or .phtml to th...
E
CVE-2020-5515 Gila CMS 1.11.8 allows /admin/sql?query= SQL Injection....
E
CVE-2020-5517 CSRF in the /login URI in BlueOnyx 5209R allows an attacker to access the dashboard and perform scra...
E S
CVE-2020-5519 The WebAdmin Console in OpenLiteSpeed before v1.6.5 does not strictly check request URLs, as demonst...
CVE-2020-5520 The netprint App for iOS 3.2.3 and earlier does not verify X.509 certificates from servers, which al...
CVE-2020-5521 The kantan netprint App for iOS 2.0.2 and earlier does not verify X.509 certificates from servers, w...
CVE-2020-5522 The kantan netprint App for Android 2.0.3 and earlier does not verify X.509 certificates from server...
CVE-2020-5523 Android App 'MyPallete' and some of the Android banking applications based on 'MyPallete' do not ver...
CVE-2020-5524 Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earl...
CVE-2020-5525 Aterm series (Aterm WF1200C firmware Ver1.2.1 and earlier, Aterm WG1200CR firmware Ver1.2.1 and earl...
CVE-2020-5526 The AWMS Mobile App for Android 2.0.0 to 2.0.5 and for iOS 2.0.0 to 2.0.8 does not verify X.509 cert...
CVE-2020-5527 When MELSOFT transmission port (UDP/IP) of Mitsubishi Electric MELSEC iQ-R series (all versions), ME...
CVE-2020-5528 Cross-site scripting vulnerability in Movable Type series (Movable Type 7 r.4603 and earlier (Movabl...
CVE-2020-5529 HtmlUnit prior to 2.37.0 contains code execution vulnerabilities. HtmlUnit initializes Rhino engine ...
CVE-2020-5530 Cross-site request forgery (CSRF) vulnerability in Easy Property Listings versions prior to 3.4 allo...
CVE-2020-5531 Mitsubishi Electric MELSEC C Controller Module and MELIPC Series MI5000 MELSEC-Q Series C Controller...
CVE-2020-5532 ilbo App (ilbo App for Android prior to version 1.1.8 and ilbo App for iOS prior to version 1.2.01) ...
CVE-2020-5533 Cross-site scripting vulnerability in Aterm WG2600HS firmware Ver1.3.2 and earlier allows remote att...
CVE-2020-5534 Aterm WG2600HS firmware Ver1.3.2 and earlier allows an authenticated attacker on the same network se...
CVE-2020-5535 OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment ...
CVE-2020-5536 OpenBlocks IoT VX2 prior to Ver.4.0.0 (Ver.3 Series) allows an attacker on the same network segment ...
CVE-2020-5537 Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors....
CVE-2020-5538 Improper Access Control in PALLET CONTROL Ver. 6.3 and earlier allows authenticated attackers to exe...
CVE-2020-5539 GRANDIT Ver.1.6, Ver.2.0, Ver.2.1, Ver.2.2, Ver.2.3, and Ver.3.0 do not properly manage sessions, wh...
CVE-2020-5540 Cross-site scripting vulnerability in CyberMail Ver.6.x and Ver.7.x allows remote attackers to injec...
CVE-2020-5541 Open redirect vulnerability in CyberMail Ver.6.x and Ver.7.x allows remote attackers to redirect use...
CVE-2020-5542 Buffer error vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU...
S
CVE-2020-5543 TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware v...
S
CVE-2020-5544 Null Pointer Dereference vulnerability in TCP function included in the firmware of Mitsubishi Electr...
S
CVE-2020-5545 TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware v...
S
CVE-2020-5546 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability in ...
S
CVE-2020-5547 Resource Management Errors vulnerability in TCP function included in the firmware of Mitsubishi Elec...
S
CVE-2020-5548 Yamaha LTE VoIP Router(NVR700W firmware Rev.15.00.15 and earlier), Yamaha Gigabit VoIP Router(NVR510...
M
CVE-2020-5549 Cross-site request forgery (CSRF) vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier and Enterp...
CVE-2020-5550 Session fixation vulnerability in EasyBlocks IPv6 Ver. 2.0.1 and earlier, and Enterprise Ver. 2.0.1 ...
CVE-2020-5551 Toyota 2017 Model Year DCU (Display Control Unit) allows an unauthenticated attacker within Bluetoot...
E
CVE-2020-5552 Cross-site scripting vulnerability in mailform version 1.04 allows remote attackers to inject arbitr...
CVE-2020-5553 mailform version 1.04 allows remote attackers to execute arbitrary PHP code via unspecified vectors....
CVE-2020-5554 Directory traversal vulnerability in Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote att...
CVE-2020-5555 Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote attackers to read and write data of the ...
CVE-2020-5556 Shihonkanri Plus GOOUT Ver1.5.8 and Ver2.2.10 allows remote attackers to execute arbitrary OS comman...
CVE-2020-5557 Cross-site scripting vulnerability in CuteNews 2.0.1 allows remote attackers to inject arbitrary web...
CVE-2020-5558 CuteNews 2.0.1 allows remote authenticated attackers to execute arbitrary PHP code via unspecified v...
CVE-2020-5559 Cross-site scripting vulnerability in WL-Enq 1.11 and 1.12 allows remote attackers to inject arbitra...
CVE-2020-5560 WL-Enq 1.11 and 1.12 allows remote attackers to execute arbitrary OS commands with the administrativ...
CVE-2020-5561 Keijiban Tsumiki v1.15 allows remote attackers to execute arbitrary OS commands via unspecified vect...
CVE-2020-5562 Server-side request forgery (SSRF) vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 allows a remote att...
CVE-2020-5563 Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to ob...
CVE-2020-5564 Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to injec...
CVE-2020-5565 Improper input validation vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows a remote authenticat...
CVE-2020-5566 Improper authorization vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated at...
CVE-2020-5567 Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to ob...
CVE-2020-5568 Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 5.0.0 allows remote attackers to inject...
CVE-2020-5569 An unquoted search path vulnerability exists in HDD Password tool (for Windows) version 1.20.6620 an...
CVE-2020-5570 Cross-site scripting vulnerability in Sales Force Assistant version 11.2.48 and earlier allows remot...
S
CVE-2020-5571 SHARP AQUOS series (AQUOS SH-M02 build number 01.00.05 and earlier, AQUOS SH-RM02 build number 01.00...
CVE-2020-5572 Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential informatio...
CVE-2020-5573 Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential inform...
CVE-2020-5574 HTML attribute value injection vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) a...
CVE-2020-5575 Cross-site scripting vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier...
CVE-2020-5576 Cross-site request forgery (CSRF) vulnerability in Movable Type series (Movable Type 7 r.4606 (7.2.1...
CVE-2020-5577 Movable Type series (Movable Type 7 r.4606 (7.2.1) and earlier (Movable Type 7), Movable Type Advanc...
CVE-2020-5579 SQL injection vulnerability in the Paid Memberships versions prior to 2.3.3 allows attacker with adm...
CVE-2020-5580 Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to v...
CVE-2020-5581 Path traversal vulnerability in Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers t...
CVE-2020-5582 Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to a...
CVE-2020-5583 Cybozu Garoon 4.0.0 to 5.0.1 allows remote authenticated attackers to bypass access restriction to o...
CVE-2020-5584 Cybozu Garoon 4.0.0 to 5.0.1 allow remote attackers to obtain unintended information via unspecified...
CVE-2020-5585 Cross-site scripting vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrato...
CVE-2020-5586 Cross-site scripting vulnerability in Cybozu Garoon 4.10.3 to 5.0.1 allows attacker with administrat...
CVE-2020-5587 Cybozu Garoon 4.0.0 to 5.0.1 allow remote authenticated attackers to obtain unintended information v...
CVE-2020-5588 Path traversal vulnerability in Cybozu Garoon 5.0.0 to 5.0.1 allows attacker with administrator righ...
CVE-2020-5589 SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700,...
CVE-2020-5590 Directory traversal vulnerability in EC-CUBE 3.0.0 to 3.0.18 and 4.0.0 to 4.0.3 allows remote authen...
CVE-2020-5591 XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to 1.7.18, and versions before 1...
M
CVE-2020-5592 Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to in...
CVE-2020-5593 Zenphoto versions prior to 1.5.7 allows an attacker to conduct PHP code injection attacks by leading...
CVE-2020-5594 Mitsubishi Electric MELSEC iQ-R, iQ-F, Q, L, and FX series CPU modules all versions contain a vulner...
CVE-2020-5595 TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version ...
CVE-2020-5596 TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version ...
CVE-2020-5597 TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version ...
CVE-2020-5598 TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version ...
CVE-2020-5599 TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version ...
CVE-2020-5600 TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series (CoreOS with version ...
CVE-2020-5601 Chrome Extension for e-Tax Reception System Ver1.0.0.0 allows remote attackers to execute an arbitra...
CVE-2020-5602 Mitsubishi Electoric FA Engineering Software (CPU Module Logging Configuration Tool Ver. 1.94Y and e...
M
CVE-2020-5603 Uncontrolled resource consumption vulnerability in Mitsubishi Electoric FA Engineering Software (CPU...
M
CVE-2020-5604 Android App 'Mercari' (Japan version) prior to version 3.52.0 allows arbitrary method execution of a...
CVE-2020-5605 Directory traversal vulnerability in WHR-G54S firmware 1.43 and earlier allows an attacker to access...
CVE-2020-5606 Cross-site scripting vulnerability in WHR-G54S firmware 1.43 and earlier allows remote attackers to ...
CVE-2020-5607 Open redirect vulnerability in SHIRASAGI v1.13.1 and earlier allows remote attackers to redirect use...
S
CVE-2020-5608 CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3.08.10 to R3.09.50, CENTUM VP (include...
CVE-2020-5609 Directory traversal vulnerability in CAMS for HIS CENTUM CS 3000 (includes CENTUM CS 3000 Small) R3....
CVE-2020-5610 Global TechStream (GTS) for TOYOTA dealers version 15.10.032 and earlier allows an attacker to cause...
CVE-2020-5611 Cross-site request forgery (CSRF) vulnerability in Social Sharing Plugin versions prior to 1.2.10 al...
CVE-2020-5612 Cross-site scripting vulnerability in KonaWiki 2.2.0 and earlier allows remote attackers to execute ...
CVE-2020-5613 Cross-site scripting vulnerability in KonaWiki 3.1.0 and earlier allows remote attackers to execute ...
CVE-2020-5614 Directory traversal vulnerability in KonaWiki 3.1.0 and earlier allows remote attackers to read arbi...
CVE-2020-5615 Cross-site request forgery (CSRF) vulnerability in [Calendar01] free edition ver1.0.0 and [Calendar0...
CVE-2020-5616 [Calendar01], [Calendar02], [PKOBO-News01], [PKOBO-vote01], [Telop01], [Gallery01], [CalendarForm01]...
CVE-2020-5617 Privilege escalation vulnerability in SKYSEA Client View Ver.12.200.12n to 15.210.05f allows an atta...
CVE-2020-5619 Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers t...
CVE-2020-5620 Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers t...
CVE-2020-5621 Cross-site request forgery (CSRF) vulnerability in NETGEAR switching hubs (GS716Tv2 Firmware version...
S
CVE-2020-5622 Shadankun Server Security Type (excluding normal blocking method types) Ver.1.5.3 and earlier allows...
CVE-2020-5623 NITORI App for Android versions 6.0.4 and earlier and NITORI App for iOS versions 6.0.2 and earlier ...
CVE-2020-5624 SQL injection vulnerability in the XooNIps 3.48 and earlier allows remote attackers to execute arbit...
CVE-2020-5625 Cross-site scripting vulnerability in XooNIps 3.48 and earlier allows remote attackers to inject an ...
CVE-2020-5626 Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attac...
CVE-2020-5627 Yodobashi App for Android versions 1.8.7 and earlier allows remote attackers to lead a user to acces...
CVE-2020-5628 UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access a...
CVE-2020-5629 UNIQLO App for Android versions 7.3.3 and earlier allows remote attackers to lead a user to access a...
CVE-2020-5631 Stored cross-site scripting vulnerability in CMONOS.JP ver2.0.20191009 and earlier allows remote att...
CVE-2020-5632 InfoCage SiteShell series (Host type SiteShell for IIS V1.4, V1.5, and V1.6, Host type SiteShell for...
CVE-2020-5633 Multiple NEC products (Express5800/T110j, Express5800/T110j-S, Express5800/T110j (2nd-Gen), Express5...
CVE-2020-5634 ELECOM LAN routers (WRC-2533GST2 firmware versions prior to v1.14, WRC-1900GST2 firmware versions pr...
CVE-2020-5635 Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to se...
CVE-2020-5636 Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privil...
CVE-2020-5637 Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior ...
CVE-2020-5638 Cross-site scripting vulnerability in desknet's NEO (desknet's NEO Small License V5.5 R1.5 and earli...
CVE-2020-5639 Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers ...
CVE-2020-5640 Local file inclusion vulnerability in OneThird CMS v1.96c and earlier allows a remote unauthenticate...
S
CVE-2020-5641 Cross-site request forgery (CSRF) vulnerability in GS108Ev3 firmware version 2.06.10 and earlier all...
CVE-2020-5642 Cross-site request forgery (CSRF) vulnerability in Live Chat - Live support version 3.1.0 and earlie...
CVE-2020-5643 Improper input validation vulnerability in Cybozu Garoon 5.0.0 to 5.0.2 allows a remote authenticate...
CVE-2020-5644 Buffer overflow vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000 ...
CVE-2020-5645 Session fixation vulnerability in TCP/IP function included in the firmware of GT14 Model of GOT 1000...
CVE-2020-5646 NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of GT14 Model of...
CVE-2020-5647 Improper access control vulnerability in TCP/IP function included in the firmware of GT14 Model of G...
CVE-2020-5648 Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in ...
CVE-2020-5649 Resource management error vulnerability in TCP/IP function included in the firmware of GT14 Model of...
CVE-2020-5650 Cross-site scripting vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attack...
CVE-2020-5651 SQL injection vulnerability in Simple Download Monitor 3.8.8 and earlier allows remote attackers to ...
CVE-2020-5652 Uncontrolled resource consumption vulnerability in Ethernet Port on MELSEC iQ-R, Q and L series CPU ...
CVE-2020-5653 Buffer overflow vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ7...
CVE-2020-5654 Session fixation vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series (RJ...
CVE-2020-5655 NULL pointer dereferences vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R s...
CVE-2020-5656 Improper access control vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R ser...
CVE-2020-5657 Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability in ...
CVE-2020-5658 Resource Management Errors vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R ...
CVE-2020-5659 SQL injection vulnerability in the XooNIps 3.49 and earlier allows remote authenticated attackers to...
CVE-2020-5662 Reflected cross-site scripting vulnerability in XooNIps 3.49 and earlier allows remote authenticated...
CVE-2020-5663 Stored cross-site scripting vulnerability in XooNIps 3.49 and earlier allows remote authenticated at...
CVE-2020-5664 Deserialization of untrusted data vulnerability in XooNIps 3.49 and earlier allows remote attackers ...
CVE-2020-5665 Improper check or handling of exceptional conditions in MELSEC iQ-F series FX5U(C) CPU unit firmware...
CVE-2020-5666 Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series CPU Modules (R00/01/02CPU Firm...
M
CVE-2020-5667 Studyplus App for Android v6.3.7 and earlier and Studyplus App for iOS v8.29.0 and earlier use a har...
CVE-2020-5668 Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU firmware...
CVE-2020-5669 Cross-site scripting vulnerability in Movable Type Movable Type Premium 1.37 and earlier and Movable...
CVE-2020-5674 Untrusted search path vulnerability in the installers of multiple SEIKO EPSON products allows an att...
CVE-2020-5675 Out-of-bounds read vulnerability in GT21 model of GOT2000 series (GT2107-WTBD V01.39.000 and earlier...
CVE-2020-5676 GROWI v4.1.3 and earlier allow remote attackers to obtain information which is not allowed to access...
CVE-2020-5677 Reflected cross-site scripting vulnerability in GROWI v4.0.0 and earlier allows remote attackers to ...
CVE-2020-5678 Stored cross-site scripting vulnerability in GROWI v3.8.1 and earlier allows remote attackers to inj...
CVE-2020-5679 Improper restriction of rendered UI layers or frames in EC-CUBE versions from 3.0.0 to 3.0.18 leads ...
CVE-2020-5680 Improper input validation vulnerability in EC-CUBE versions from 3.0.5 to 3.0.18 allows a remote att...
CVE-2020-5681 Untrusted search path vulnerability in self-extracting files created by EpsonNet SetupManager versio...
CVE-2020-5682 Improper input validation in GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v...
CVE-2020-5683 Directory traversal vulnerability in GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions pr...
CVE-2020-5684 iSM client versions from V5.1 prior to V12.1 running on NEC Storage Manager or NEC Storage Manager E...
CVE-2020-5685 UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute ar...
CVE-2020-5686 Incorrect implementation of authentication algorithm issue in UNIVERGE SV9500 series from V1 to V7an...
CVE-2020-5720 MikroTik WinBox before 3.21 is vulnerable to a path traversal vulnerability that allows creation of ...
E
CVE-2020-5721 MikroTik WinBox 3.22 and below stores the user's cleartext password in the settings.cfg.viw configur...
E
CVE-2020-5722 The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL ...
KEV E
CVE-2020-5723 The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. This...
E
CVE-2020-5724 The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP serve...
E
CVE-2020-5725 The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP serve...
E
CVE-2020-5726 The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server...
E
CVE-2020-5727 Authentication bypass using an alternate path or channel in SimpliSafe SS3 firmware 1.4 allows a loc...
E
CVE-2020-5728 OpenMRS 2.9 and prior copies "Referrer" header values into an html element named "redirectUrl" withi...
E
CVE-2020-5729 In OpenMRS 2.9 and prior, the UI Framework Error Page reflects arbitrary, user-supplied input back t...
E
CVE-2020-5730 In OpenMRS 2.9 and prior, the sessionLocation parameter for the login page is vulnerable to cross-si...
E
CVE-2020-5731 In OpenMRS 2.9 and prior, the app parameter for the ActiveVisit's page is vulnerable to cross-site s...
E
CVE-2020-5732 In OpenMRS 2.9 and prior, he import functionality of the Data Exchange Module does not properly redi...
E
CVE-2020-5733 In OpenMRS 2.9 and prior, the export functionality of the Data Exchange Module does not properly red...
E
CVE-2020-5734 Classic buffer overflow in SolarWinds Dameware allows a remote, unauthenticated attacker to cause a ...
E
CVE-2020-5735 Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenti...
KEV E
CVE-2020-5736 Amcrest cameras and NVR are vulnerable to a null pointer dereference over port 37777. An authenticat...
CVE-2020-5737 Stored XSS in Tenable.Sc before 5.14.0 could allow an authenticated remote attacker to craft a reque...
S
CVE-2020-5738 Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote comman...
E
CVE-2020-5739 Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote comman...
E
CVE-2020-5740 Improper Input Validation in Plex Media Server on Windows allows a local, unauthenticated attacker t...
E
CVE-2020-5741 Deserialization of Untrusted Data in Plex Media Server on Windows allows a remote, authenticated att...
KEV E
CVE-2020-5742 Improper Access Control in Plex Media Server prior to June 15, 2020 allows any origin to execute cro...
E
CVE-2020-5743 Improper Control of Resource Identifiers in TCExam 14.2.2 allows a remote, authenticated attacker to...
E S
CVE-2020-5744 Relative Path Traversal in TCExam 14.2.2 allows a remote, authenticated attacker to read the content...
E S
CVE-2020-5745 Cross-site request forgery in TCExam 14.2.2 allows a remote attacker to perform sensitive applicatio...
E S
CVE-2020-5746 Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct...
E S
CVE-2020-5747 Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct...
E S
CVE-2020-5748 Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to condu...
E S
CVE-2020-5749 Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct...
E S
CVE-2020-5750 Insufficient output sanitization in TCExam 14.2.2 allows a remote, unauthenticated attacker to condu...
E S
CVE-2020-5751 Insufficient output sanitization in TCExam 14.2.2 allows a remote, authenticated attacker to conduct...
E S
CVE-2020-5752 Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacke...
E
CVE-2020-5753 Signal Private Messenger Android v4.59.0 and up and iOS v3.8.1.5 and up allows a remote non-contact ...
CVE-2020-5754 Webroot endpoint agents prior to version v9.0.28.48 allows remote attackers to trigger a type confus...
E
CVE-2020-5755 Webroot endpoint agents prior to version v9.0.28.48 did not protect the "%PROGRAMDATA%\WrData\PKG" d...
E
CVE-2020-5756 Grandstream GWN7000 firmware version 1.0.9.4 and below allows authenticated remote users to modify t...
E
CVE-2020-5757 Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injectio...
CVE-2020-5758 Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injectio...
CVE-2020-5759 Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injectio...
CVE-2020-5760 Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to an OS command injectio...
E
CVE-2020-5761 Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to CPU exhaustion due to ...
E
CVE-2020-5762 Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to a denial of service at...
E
CVE-2020-5763 Grandstream HT800 series firmware version 1.0.17.5 and below contain a backdoor in the SSH service. ...
E
CVE-2020-5764 MX Player Android App versions prior to v1.24.5, are vulnerable to a directory traversal vulnerabili...
E
CVE-2020-5765 Nessus 8.10.0 and earlier were found to contain a Stored XSS vulnerability due to improper validatio...
CVE-2020-5766 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in SRS Simple H...
E
CVE-2020-5767 Cross-site request forgery in Icegram Email Subscribers & Newsletters Plugin for WordPress v4.4.8 al...
E
CVE-2020-5768 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') in Icegram Emai...
E
CVE-2020-5769 Insufficient output sanitization in Teltonika firmware TRB2_R_00.02.02 allows a remote, authenticate...
E
CVE-2020-5770 Cross-site request forgery in Teltonika firmware TRB2_R_00.02.04.01 allows a remote attacker to perf...
E
CVE-2020-5771 Improper Input Validation in Teltonika firmware TRB2_R_00.02.04.01 allows a remote, authenticated at...
E
CVE-2020-5772 Improper Input Validation in Teltonika firmware TRB2_R_00.02.04.01 allows a remote, authenticated at...
E
CVE-2020-5773 Improper Access Control in Teltonika firmware TRB2_R_00.02.04.01 allows a low privileged user to per...
E
CVE-2020-5774 Nessus versions 8.11.0 and earlier were found to maintain sessions longer than the permitted period ...
S
CVE-2020-5775 Server-Side Request Forgery in Canvas LMS 2020-07-29 allows a remote, unauthenticated attacker to ca...
E S
CVE-2020-5776 Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. RCE (via php...
CVE-2020-5777 MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing defa...
CVE-2020-5778 A flaw exists in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) due to improper validation of us...
CVE-2020-5779 A flaw in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) relates to invalid parameter handling w...
CVE-2020-5780 Missing Authentication for Critical Function in Icegram Email Subscribers & Newsletters Plugin for W...
E
CVE-2020-5781 In IgniteNet HeliOS GLinq v2.2.1 r2961, the langSelection parameter is stored in the luci configurat...
E
CVE-2020-5782 In IgniteNet HeliOS GLinq v2.2.1 r2961, if a user logs in and sets the ‘wan_type’ parameter, the wan...
E
CVE-2020-5783 In IgniteNet HeliOS GLinq v2.2.1 r2961, the login functionality does not contain any CSRF protection...
E
CVE-2020-5784 Server-Side Request Forgery in Teltonika firmware TRB2_R_00.02.04.3 allows a low privileged user to ...
E
CVE-2020-5785 Insufficient output sanitization in Teltonika firmware TRB2_R_00.02.04.3 allows an unauthenticated a...
E
CVE-2020-5786 Cross-site request forgery in Teltonika firmware TRB2_R_00.02.04.3 allows a remote attacker to perfo...
E
CVE-2020-5787 Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attac...
E
CVE-2020-5788 Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attac...
E
CVE-2020-5789 Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote, authenticated attac...
E
CVE-2020-5790 Cross-site request forgery in Nagios XI 5.7.3 allows a remote attacker to perform sensitive applicat...
E
CVE-2020-5791 Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a remote...
E
CVE-2020-5792 Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote, auth...
E
CVE-2020-5793 A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows & Nessus Agent 8.0.0 and 8.1.0 f...
CVE-2020-5794 A vulnerability in Nessus Network Monitor versions 5.11.0, 5.11.1, and 5.12.0 for Windows could allo...
CVE-2020-5795 UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows an authenticated ad...
E
CVE-2020-5796 Improper preservation of permissions in Nagios XI 5.7.4 allows a local, low-privileged, authenticate...
E
CVE-2020-5797 UNIX Symbolic Link (Symlink) Following in TP-Link Archer C9(US)_V1_180125 firmware allows an unauthe...
E
CVE-2020-5798 inSync Client installer for macOS versions v6.8.0 and prior could allow an attacker to gain privileg...
E
CVE-2020-5799 The Eat Spray Love mobile app for both iOS and Android contains a backdoor account that, when modifi...
E
CVE-2020-5800 The Eat Spray Love mobile app for both iOS and Android contains logic that allows users to bypass au...
E
CVE-2020-5801 An attacker can craft and send an OpenNamespace message to port 4241 with valid session-id that trig...
CVE-2020-5802 An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll ...
CVE-2020-5803 Relative Path Traversal in Marvell QConvergeConsole GUI 5.5.0.74 allows a remote, authenticated atta...
E
CVE-2020-5804 Marvell QConvergeConsole GUI <= 5.5.0.74 is affected by a path traversal vulnerability. The deleteEv...
E
CVE-2020-5805 In Marvell QConvergeConsole GUI <= 5.5.0.74, credentials are stored in cleartext in tomcat-users.xml...
E
CVE-2020-5806 An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerMa...
CVE-2020-5807 An unauthenticated remote attacker can send data to RsvcHost.exe listening on TCP port 5241 to add e...
CVE-2020-5808 In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the ...
CVE-2020-5809 A stored XSS vulnerability exists in Umbraco CMS <= 8.9.1 or current. An authenticated user can inje...
E
CVE-2020-5810 A stored XSS vulnerability exists in Umbraco CMS <= 8.9.1 or current. An authenticated user authoriz...
E
CVE-2020-5811 An authenticated path traversal vulnerability exists during package installation in Umbraco CMS <= 8...
E
CVE-2020-5812 Nessus AMI versions 8.12.0 and earlier were found to either not validate, or incorrectly validate, a...
CVE-2020-5820 Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)...
CVE-2020-5821 Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)...
CVE-2020-5822 Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)...
CVE-2020-5823 Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)...
CVE-2020-5824 Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)...
CVE-2020-5825 Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)...
CVE-2020-5826 Symantec Endpoint Protection (SEP) and Symantec Endpoint Protection Small Business Edition (SEP SBE)...
CVE-2020-5827 Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of ...
CVE-2020-5828 Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of ...
CVE-2020-5829 Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of ...
CVE-2020-5830 Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of ...
CVE-2020-5831 Symantec Endpoint Protection Manager (SEPM), prior to 14.2 RU2 MP1, may be susceptible to an out of ...
CVE-2020-5832 Symantec Data Center Security Manager Component, prior to 6.8.2 (aka 6.8 MP2), may be susceptible to...
CVE-2020-5833 Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to an out of bounds vulnerab...
CVE-2020-5834 Symantec Endpoint Protection Manager, prior to 14.3, may be susceptible to a directory traversal att...
CVE-2020-5835 Symantec Endpoint Protection Manager, prior to 14.3, has a race condition in client remote deploymen...
CVE-2020-5836 Symantec Endpoint Protection, prior to 14.3, can potentially reset the ACLs on a file as a limited u...
CVE-2020-5837 Symantec Endpoint Protection, prior to 14.3, may not respect file permissions when writing to log fi...
CVE-2020-5838 Symantec IT Analytics, prior to 2.9.1, may be susceptible to a cross-site scripting (XSS) exploit, w...
CVE-2020-5839 Symantec Endpoint Detection And Response, prior to 4.4, may be susceptible to an information disclos...
CVE-2020-5840 An issue was discovered in HashBrown CMS before 1.3.2. Server/Entity/Resource/Connection.js allows a...
S
CVE-2020-5841 An issue was discovered in OpServices OpMon 9.3.1-1. Using password change parameters, an attacker c...
CVE-2020-5842 Codoforum 4.8.3 allows XSS in the user registration page: via the username field to the index.php?u=...
E
CVE-2020-5843 Codoforum 4.8.3 allows XSS in the admin dashboard via a category to the Manage Users screen....
E
CVE-2020-5844 index.php?sec=godmode/extensions&sec2=extensions/files_repo in Pandora FMS v7.0 NG allows authentica...
E
CVE-2020-5846 An insecure file upload and code execution issue was discovered in Ahsay Cloud Backup Suite 8.3.0.30...
E
CVE-2020-5847 Unraid through 6.8.0 allows Remote Code Execution....
KEV E
CVE-2020-5849 Unraid 6.8.0 allows authentication bypass....
KEV E
CVE-2020-5851 On impacted versions and platforms the Trusted Platform Module (TPM) system integrity check cannot d...
CVE-2020-5852 Undisclosed traffic patterns received may cause a disruption of service to the Traffic Management Mi...
CVE-2020-5853 In BIG-IP APM portal access on versions 15.0.0-15.1.0, 14.0.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1...
CVE-2020-5854 On BIG-IP 15.0.0-15.0.1.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6....
CVE-2020-5855 When the Windows Logon Integration feature is configured for all versions of BIG-IP Edge Client for ...
CVE-2020-5856 On BIG-IP 15.0.0-15.0.1.1 and 14.1.0-14.1.2.2, while processing specifically crafted traffic using t...
CVE-2020-5857 On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.2, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.5.2-11.6.5.1, undis...
CVE-2020-5858 On BIG-IP 15.0.0-15.0.1.2, 14.1.0-14.1.2.2, 13.1.0-13.1.3.2, 12.1.0-12.1.5, and 11.5.2-11.6.5.1 and ...
CVE-2020-5859 On BIG-IP 15.1.0.1, specially formatted HTTP/3 messages may cause TMM to produce a core file....
CVE-2020-5860 On BIG-IP 15.0.0-15.1.0.2, 14.1.0-14.1.2.3, 13.1.0-13.1.3.2, 12.1.0-12.1.5.1, and 11.5.2-11.6.5.1 an...
CVE-2020-5861 On BIG-IP 12.1.0-12.1.5, the TMM process may produce a core file in some cases when Ram Cache incorr...
CVE-2020-5862 On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.2, under certain conditions, TMM may c...
CVE-2020-5863 In NGINX Controller versions prior to 3.2.0, an unauthenticated attacker with network access to the ...
CVE-2020-5864 In versions of NGINX Controller prior to 3.2.0, communication between NGINX Controller and NGINX Plu...
CVE-2020-5865 In versions prior to 3.3.0, the NGINX Controller is configured to communicate with its Postgres data...
CVE-2020-5866 In versions of NGINX Controller prior to 3.3.0, the helper.sh script, which is used optionally in NG...
CVE-2020-5867 In versions prior to 3.3.0, the NGINX Controller Agent installer script 'install.sh' uses HTTP inste...
CVE-2020-5868 In BIG-IQ 6.0.0-7.0.0, a remote access vulnerability has been discovered that may allow a remote use...
CVE-2020-5869 In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization is not secure by TLS and may allow on-...
CVE-2020-5870 In BIG-IQ 5.2.0-7.0.0, high availability (HA) synchronization mechanisms do not use any form of auth...
CVE-2020-5871 On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to B...
CVE-2020-5872 On BIG-IP 14.1.0-14.1.2.3, 14.0.0-14.0.1, 13.1.0-13.1.3.1, and 12.1.0-12.1.4.1, when processing TLS ...
CVE-2020-5873 On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.1, 12.1.0-12.1.5, and 11.6.1-11.6.5 and BIG-...
CVE-2020-5874 On BIG-IP APM 15.0.0-15.0.1.2, 14.1.0-14.1.2.3, and 14.0.0-14.0.1, in certain circumstances, an atta...
CVE-2020-5875 On BIG-IP 15.0.0-15.0.1 and 14.1.0-14.1.2.3, under certain conditions, the Traffic Management Microk...
CVE-2020-5876 On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, a...
CVE-2020-5877 On BIG-IP 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, m...
CVE-2020-5878 On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.1, and 14.1.0-14.1.2.3, Traffic Management Microkernel (T...
CVE-2020-5879 On BIG-IP ASM 11.6.1-11.6.5.1, under certain configurations, the BIG-IP system sends data plane traf...
CVE-2020-5880 Om BIG-IP 15.0.0-15.0.1.3 and 14.1.0-14.1.2.3, the restjavad process may expose a way for attackers ...
CVE-2020-5881 On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when the BIG-IP Virtual Edition (...
CVE-2020-5882 On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5, and 11.6.1-11.6.5.1, und...
CVE-2020-5883 On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, when a virtual server ...
CVE-2020-5884 On versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.4, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1,...
CVE-2020-5885 On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems s...
CVE-2020-5886 On versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1, BIG-IP systems s...
CVE-2020-5887 On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may e...
CVE-2020-5888 On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may e...
CVE-2020-5889 On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, in BIG-IP APM portal access, a sp...
CVE-2020-5890 On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, and 12.1.0-12.1.5.1 and BIG-IQ 5.2.0-7.1....
CVE-2020-5891 On BIG-IP 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, undisclosed HTTP/2 requests can lea...
CVE-2020-5892 In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass...
CVE-2020-5893 In versions 7.1.5-7.1.8, when a user connects to a VPN using BIG-IP Edge Client over an unsecure net...
CVE-2020-5894 On versions 3.0.0-3.3.0, the NGINX Controller webserver does not invalidate the server-side session ...
M
CVE-2020-5895 On NGINX Controller versions 3.1.0-3.3.0, AVRD uses world-readable and world-writable permissions on...
CVE-2020-5896 On versions 7.1.5-7.1.9, the BIG-IP Edge Client's Windows Installer Service's temporary folder has w...
CVE-2020-5897 In versions 7.1.5-7.1.9, there is use-after-free memory vulnerability in the BIG-IP Edge Client Wind...
CVE-2020-5898 In versions 7.1.5-7.1.9, BIG-IP Edge Client Windows Stonewall driver does not sanitize the pointer r...
CVE-2020-5899 In NGINX Controller 3.0.0-3.4.0, recovery code required to change a user's password is transmitted a...
CVE-2020-5900 In versions 3.0.0-3.4.0, 2.0.0-2.9.0, and 1.0.1, there is insufficient cross-site request forgery (C...
CVE-2020-5901 In NGINX Controller 3.3.0-3.4.0, undisclosed API endpoints may allow for a reflected Cross Site Scri...
CVE-2020-5902 In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11...
KEV E
CVE-2020-5903 In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a Cross-Site ...
CVE-2020-5904 In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, a cross-site ...
CVE-2020-5905 In version 11.6.1-11.6.5.2 of the BIG-IP system Configuration utility Network > WCCP page, the syste...
CVE-2020-5906 In versions 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, the BIG-IP system does not proper...
CVE-2020-5907 In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11...
CVE-2020-5908 In versions bundled with BIG-IP APM 12.1.0-12.1.5 and 11.6.1-11.6.5.2, Edge Client for Linux exposes...
CVE-2020-5909 In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, when users run the command displayed in NGINX Contr...
CVE-2020-5910 In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the Neural Autonomic Transport System (NATS) messag...
CVE-2020-5911 In versions 3.0.0-3.5.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller installer starts the download ...
CVE-2020-5912 In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5...
CVE-2020-5913 In versions 15.0.0-15.1.0.1, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.2,...
CVE-2020-5914 In BIG-IP ASM versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12...
CVE-2020-5915 In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5...
CVE-2020-5916 In BIG-IP versions 15.1.0-15.1.0.4 and 15.0.0-15.0.1.3 the Certificate Administrator user role and h...
CVE-2020-5917 In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5...
CVE-2020-5918 In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5...
CVE-2020-5919 In versions 15.1.0-15.1.0.4, rendering of certain session variables by BIG-IP APM UI-based agents in...
CVE-2020-5920 In versions 15.0.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1,...
CVE-2020-5921 in BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5...
CVE-2020-5922 In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11...
CVE-2020-5923 In BIG-IP versions 15.0.0-15.1.0.4, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11...
CVE-2020-5924 In BIG-IP APM versions 12.1.0-12.1.5.1 and 11.6.1-11.6.5.2, RADIUS authentication leaks memory when ...
M
CVE-2020-5925 In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.3, 12.1.0-12.1.5...
CVE-2020-5926 In BIG-IP versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, and 14.1.0-14.1.2.6, a BIG-IP virtual server wi...
CVE-2020-5927 In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, and 14.1.0-14.1.2.6, BIG-IP ASM Configuration utility ...
CVE-2020-5928 In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and...
CVE-2020-5929 In versions 13.0.0-13.0.0 HF2, 12.1.0-12.1.2 HF1, and 11.6.1-11.6.2, BIG-IP platforms with Cavium Ni...
CVE-2020-5930 In BIG-IP 15.0.0-15.1.0.4, 14.1.0-14.1.2.7, 13.1.0-13.1.3.3, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2 an...
CVE-2020-5931 On BIG-IP 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, V...
CVE-2020-5932 On BIG-IP ASM 15.1.0-15.1.0.5, a cross-site scripting (XSS) vulnerability exists in the BIG-IP ASM C...
CVE-2020-5933 On versions 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1,...
CVE-2020-5934 On BIG-IP APM 15.1.0-15.1.0.5, 14.1.0-14.1.2.3, and 13.1.0-13.1.3.3, when multiple HTTP requests fro...
CVE-2020-5935 On BIG-IP (LTM, AAM, AFM, Analytics, APM, ASM, DNS, FPS, GTM, Link Controller, PEM) versions 15.1.0-...
CVE-2020-5936 On BIG-IP LTM 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, and 12.1.0-12.1.5.1, the Traffic Ma...
CVE-2020-5937 On BIG-IP AFM 15.1.0-15.1.0.5, the Traffic Management Microkernel (TMM) may produce a core file whil...
CVE-2020-5938 On BIG-IP 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, when negotiating IPSec tunnels with...
CVE-2020-5939 In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and 13.1.0-13.1.3.4,...
CVE-2020-5940 In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.3, a stored cross-site scripting (XS...
CVE-2020-5941 On BIG-IP versions 16.0.0-16.0.0.1 and 15.1.0-15.1.0.5, using the RESOLV::lookup command within an i...
CVE-2020-5942 In BIG-IP PEM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12...
CVE-2020-5943 In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is created or listed through...
CVE-2020-5944 In BIG-IQ 7.1.0, accessing the DoS Summary events and DNS Overview pages in the BIG-IQ system interf...
CVE-2020-5945 In BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, undisclosed TMUI page cont...
CVE-2020-5946 In BIG-IP Advanced WAF and FPS versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, under...
CVE-2020-5947 In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers may be able t...
CVE-2020-5948 On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5...
CVE-2020-5949 On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual serv...
CVE-2020-5950 On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allow for a reflected XSS attack, ...
CVE-2020-5953 A vulnerability exists in System Management Interrupt (SWSMI) handler of InsydeH2O UEFI Firmware cod...
CVE-2020-5955 An issue was discovered in Int15MicrocodeSmm in Insyde InsydeH2O before 2021-10-14 on Intel client c...
CVE-2020-5956 An issue was discovered in SdLegacySmm in Insyde InsydeH2O with kernel 5.1 before 05.15.11, 5.2 befo...
CVE-2020-5957 NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Pane...
CVE-2020-5958 NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Pane...
CVE-2020-5959 NVIDIA Virtual GPU Manager, all versions, contains a vulnerability in the vGPU plugin in which an in...
CVE-2020-5960 NVIDIA Virtual GPU Manager contains a vulnerability in the kernel module (nvidia.ko), where a null p...
CVE-2020-5961 NVIDIA vGPU graphics driver for guest OS contains a vulnerability in which an incorrect resource cle...
CVE-2020-5962 NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Pane...
CVE-2020-5963 NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Commu...
CVE-2020-5964 NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the service host compon...
CVE-2020-5965 NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX 11 user mod...
CVE-2020-5966 NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (...
CVE-2020-5967 NVIDIA Linux GPU Display Driver, all versions, contains a vulnerability in the UVM driver, in which ...
CVE-2020-5968 NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software does n...
CVE-2020-5969 NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it validates a shar...
CVE-2020-5970 NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size ...
CVE-2020-5971 NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which the software reads ...
CVE-2020-5972 NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which local pointer varia...
CVE-2020-5973 NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which th...
CVE-2020-5974 NVIDIA JetPack SDK, version 4.2 and 4.3, contains a vulnerability in its installation scripts in whi...
M
CVE-2020-5975 NVIDIA GeForce NOW, versions prior to 2.0.23 on Windows and macOS, contains a vulnerability in the d...
CVE-2020-5976 NVIDIA GeForce NOW, versions prior to 2.0.23 (Windows, macOS) and versions prior to 5.31 (Android, S...
CVE-2020-5977 NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in NVIDIA Web H...
S
CVE-2020-5978 NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in its services...
S
CVE-2020-5979 NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the NVIDIA Control Pane...
CVE-2020-5980 NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in multiple components in ...
CVE-2020-5981 NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the DirectX11 user mode...
CVE-2020-5982 NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the kernel mode layer (...
CVE-2020-5983 NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel mo...
CVE-2020-5984 NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-...
CVE-2020-5985 NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data lengt...
CVE-2020-5986 NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size ...
CVE-2020-5987 NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied param...
CVE-2020-5988 NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory ca...
CVE-2020-5989 NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference ...
CVE-2020-5990 NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPl...
S
CVE-2020-5991 NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in...
CVE-2020-5992 NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vul...
S
CVE-2020-5993 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5994 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5995 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5996 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5997 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5998 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
CVE-2020-5999 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a...
R
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.