Vulnerabilities (CVE)

Filtered by CWE-74
Total 2148 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-16087 2 Microsoft, Vng 2 Windows, Zalo Desktop 2024-11-21 9.3 HIGH 8.6 HIGH
An issue was discovered in Zalo.exe in VNG Zalo Desktop 19.8.1.0. An attacker can run arbitrary commands on a remote Windows machine running the Zalo client by sending the user of the device a crafted file.
CVE-2020-15953 2 Libetpan Project, Libmailcore 2 Libetpan, Mailcore2 2024-11-21 5.8 MEDIUM 7.4 HIGH
LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS buffering issue that affects IMAP, SMTP, and POP3. When a server sends a "begin TLS" response, the client reads additional data (e.g., from a meddler-in-the-middle attacker) and evaluates it in a TLS context, aka "response injection."
CVE-2020-15951 1 Immuta 1 Immuta 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
Immuta v2.8.2 accepts user-supplied project names without properly sanitizing the input, allowing attackers to inject arbitrary HTML content that is rendered as part of the application. An attacker could leverage this to redirect application users to a phishing website in an attempt to steal credentials.
CVE-2020-15816 1 Westerndigital 1 Wd Discovery 2024-11-21 6.5 MEDIUM 8.8 HIGH
In Western Digital WD Discovery before 4.0.251.0, a malicious application running with standard user permissions could potentially execute code in the application's process through library injection by using DYLD environment variables.
CVE-2020-15693 1 Nim-lang 1 Nim 2024-11-21 6.4 MEDIUM 6.5 MEDIUM
In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF injection in the target URL. An injection is possible if the attacker controls any part of the URL provided in a call (such as httpClient.get or httpClient.post), the User-Agent header value, or custom HTTP header names or values.
CVE-2020-15690 1 Nim-lang 1 Nim 2024-11-21 7.5 HIGH 9.8 CRITICAL
In Nim before 1.2.6, the standard library asyncftpclient lacks a check for whether a message contains a newline character.
CVE-2020-15515 1 Turn\! Project 1 Turn\! 2024-11-21 6.5 MEDIUM 8.8 HIGH
The turn extension through 0.3.2 for TYPO3 allows Remote Code Execution.
CVE-2020-15489 1 Wavlink 2 Wl-wn530hg4, Wl-wn530hg4 Firmware 2024-11-21 10.0 HIGH 9.8 CRITICAL
An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple shell metacharacter injection vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges.
CVE-2020-15477 1 Raspberrytorte 1 Raspberrytortoise 2024-11-21 10.0 HIGH 9.8 CRITICAL
The WebControl in RaspberryTortoise through 2012-10-28 is vulnerable to remote code execution via shell metacharacters in a URI. The file nodejs/raspberryTortoise.js has no validation on the parameter incomingString before passing it to the child_process.exec function.
CVE-2020-15362 1 Thingssdk 1 Wifiscanner 2024-11-21 7.5 HIGH 9.8 CRITICAL
wifiscanner.js in thingsSDK WiFi Scanner 1.0.1 allows Code Injection because it can be used with options to overwrite the default executable/binary path and its arguments. An attacker can abuse this functionality to execute arbitrary code.
CVE-2020-15348 1 Zyxel 1 Cloud Cnm Secumanager 2024-11-21 10.0 HIGH 9.8 CRITICAL
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 allows use of live/CPEManager/AXCampaignManager/delete_cpes_by_ids?cpe_ids= for eval injection of Python code.
CVE-2020-15252 1 Xwiki 1 Xwiki 2024-11-21 9.0 HIGH 8.5 HIGH
In XWiki before version 12.5 and 11.10.6, any user with SCRIPT right (EDIT right before XWiki 7.4) can gain access to the application server Servlet context which contains tools allowing to instantiate arbitrary Java objects and invoke methods that may lead to arbitrary code execution. This is patched in XWiki 12.5 and XWiki 11.10.6.
CVE-2020-15186 1 Helm 1 Helm 2024-11-21 4.0 MEDIUM 3.4 LOW
In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin author could use characters in a plugin name that would result in unexpected behavior, such as duplicating the name of another plugin or spoofing the output to `helm --help`. This issue has been patched in Helm 3.3.2. A possible workaround is to not install untrusted Helm plugins. Examine the `name` field in the `plugin.yaml` file for a plugin, looking for characters outside of the [a-zA-Z0-9._-] range.
CVE-2020-15184 1 Helm 1 Helm 2024-11-21 4.0 MEDIUM 3.7 LOW
In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the `alias` field on a `Chart.yaml` is not properly sanitized. This could lead to the injection of unwanted information into a chart. This issue has been patched in Helm 3.3.2 and 2.16.11. A possible workaround is to manually review the `dependencies` field of any untrusted chart, verifying that the `alias` field is either not used, or (if used) does not contain newlines or path characters.
CVE-2020-15171 1 Xwiki 1 Xwiki 2024-11-21 6.0 MEDIUM 6.6 MEDIUM
In XWiki before versions 11.10.5 or 12.2.1, any user with SCRIPT right (EDIT right before XWiki 7.4) can gain access to the application server Servlet context which contains tools allowing to instantiate arbitrary Java objects and invoke methods that may lead to arbitrary code execution. The only workaround is to give SCRIPT right only to trusted users.
CVE-2020-15164 1 Scratch-wiki 1 Scratch Login 2024-11-21 6.4 MEDIUM 10.0 CRITICAL
in Scratch Login (MediaWiki extension) before version 1.1, any account can be logged into by using the same username with leading, trailing, or repeated underscore(s), since those are treated as whitespace and trimmed by MediaWiki. This affects all users on any wiki using this extension. Since version 1.1, comments by users whose usernames would be trimmed on MediaWiki are ignored when searching for the verification code.
CVE-2020-15147 1 Cogboard 1 Red Discord Bot 2024-11-21 6.0 MEDIUM 8.5 HIGH
Red Discord Bot before versions 3.3.12 and 3.4 has a Remote Code Execution vulnerability in the Streams module. This exploit allows Discord users with specifically crafted "going live" messages to inject code into the Streams module's going live message. By abusing this exploit, it's possible to perform destructive actions and/or access sensitive information. As a workaround, unloading the Trivia module with `unload streams` can render this exploit not accessible. It is highly recommended updating to 3.3.12 or 3.4 to completely patch this issue.
CVE-2020-15140 1 Cogboard 1 Red Discord Bot 2024-11-21 5.5 MEDIUM 8.2 HIGH
In Red Discord Bot before version 3.3.11, a RCE exploit has been discovered in the Trivia module: this exploit allows Discord users with specifically crafted usernames to inject code into the Trivia module's leaderboard command. By abusing this exploit, it's possible to perform destructive actions and/or access sensitive information. This critical exploit has been fixed on version 3.3.11.
CVE-2020-15111 1 Gofiber 1 Fiber 2024-11-21 5.8 MEDIUM 4.2 MEDIUM
In Fiber before version 1.12.6, the filename that is given in c.Attachment() (https://docs.gofiber.io/ctx#attachment) is not escaped, and therefore vulnerable for a CRLF injection attack. I.e. an attacker could upload a custom filename and then give the link to the victim. With this filename, the attacker can change the name of the downloaded file, redirect to another site, change the authorization header, etc. A possible workaround is to serialize the input before passing it to ctx.Attachment().
CVE-2020-15070 1 Zulip 1 Zulip Server 2024-11-21 6.5 MEDIUM 8.8 HIGH
Zulip Server 2.x before 2.1.7 allows eval injection if a privileged attacker were able to write directly to the postgres database, and chose to write a crafted custom profile field value.