2020 CVE Vulnerabilities
21,060 CVEs published in 2020.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2020-37235 | MEDIUM | 5.1 | 0.2% | May 16, 2026 | WordPress Theme Wibar 1.1.8 contains a stored cross-site scripting vulnerability in the Brand component that allows auth... |
| CVE-2020-37234 | MEDIUM | 6.9 | 0.1% | May 16, 2026 | Internet Download Manager 6.38.12 contains a buffer overflow vulnerability in the Scheduler component that allows local ... |
| CVE-2020-37233 | MEDIUM | 5.1 | 0.2% | May 16, 2026 | WordPress Plugin Buddypress 6.2.0 contains a persistent cross-site scripting vulnerability that allows authenticated att... |
| CVE-2020-37232 | HIGH | 8.5 | 0.1% | May 16, 2026 | Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService... |
| CVE-2020-37231 | HIGH | 8.5 | 0.1% | May 16, 2026 | Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local a... |
| CVE-2020-37230 | HIGH | 8.5 | 0.1% | May 16, 2026 | Syncplify.me Server! 5.0.37 contains an unquoted service path vulnerability in the SMWebRestServicev5 service that allow... |
| CVE-2020-37229 | HIGH | 8.5 | 0.1% | May 16, 2026 | OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service that allows loc... |
| CVE-2020-37228 | CRITICAL | 9.3 | 0.4% | May 16, 2026 | iDS6 DSSPro Digital Signage System 6.2 contains a CAPTCHA security bypass vulnerability that allows attackers to bypass ... |
| CVE-2020-37227 | HIGH | 8.7 | 0.5% | May 16, 2026 | HS Brand Logo Slider 2.1 contains an unrestricted file upload vulnerability that allows authenticated users to bypass cl... |
| CVE-2020-37226 | HIGH | 7.1 | 0.3% | May 13, 2026 | Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipu... |
| CVE-2020-37225 | MEDIUM | 5.1 | 0.2% | May 13, 2026 | Powie's WHOIS Domain Check 0.9.31 contains a persistent cross-site scripting vulnerability that allows authenticated att... |
| CVE-2020-37224 | HIGH | 7.1 | 0.3% | May 13, 2026 | Joomla J2 JOBS 1.3.0 contains an authenticated SQL injection vulnerability that allows authenticated attackers to manipu... |
| CVE-2020-37223 | HIGH | 8.5 | 0.1% | May 13, 2026 | IObit Uninstaller 9.5.0.15 contains an unquoted service path vulnerability in the IObitUnSvr service that allows local a... |
| CVE-2020-37222 | MEDIUM | 5.1 | 0.3% | May 13, 2026 | Kuicms Php EE 2.0 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inje... |
| CVE-2020-37221 | HIGH | 8.6 | 0.2% | May 13, 2026 | Atomic Alarm Clock 6.3 contains a stack overflow vulnerability that allows local attackers to execute arbitrary code by ... |
| CVE-2020-37220 | HIGH | 8.7 | 0.4% | May 13, 2026 | Huawei HG630 V2 router contains an authentication bypass vulnerability that allows unauthenticated attackers to obtain a... |
| CVE-2020-37219 | HIGH | 8.7 | 0.7% | May 13, 2026 | Joomla com_fabrik 3.9.11 contains a directory traversal vulnerability that allows unauthenticated attackers to list arbi... |
| CVE-2020-37218 | HIGH | 8.8 | 0.3% | May 13, 2026 | Joomla com_hdwplayer 4.2 contains an SQL injection vulnerability in the search.php file that allows unauthenticated atta... |
| CVE-2020-37217 | MEDIUM | 5.1 | 0.1% | May 13, 2026 | Easy2Pilot 7 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized user accounts... |
| CVE-2020-37174 | MEDIUM | 4.8 | 0.3% | May 13, 2026 | WOOF Products Filter for WooCommerce 1.2.3 contains a persistent cross-site scripting vulnerability that allows authenti... |
| CVE-2020-37169 | MEDIUM | 6.8 | 0.2% | May 13, 2026 | WordPress Plugin ultimate-member 2.1.3 contains a local file inclusion vulnerability that allows authenticated attackers... |
| CVE-2020-37168 | CRITICAL | 9.3 | 0.2% | May 13, 2026 | Ecommerce Systempay 1.0 contains a weak cryptographic implementation vulnerability that allows attackers to brute force ... |
| CVE-2020-37216 | HIGH | 8.7 | 0.9% | Apr 3, 2026 | Hirschmann HiOS devices versions prior to 08.1.00 and 07.1.01 contain a denial of service vulnerability in the EtherNet... |
| CVE-2020-37167 | HIGH | 8.6 | 0.2% | Feb 12, 2026 | ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode inte... |
| CVE-2020-37215 | MEDIUM | 4.6 | 0.2% | Feb 11, 2026 | MSN Password Recovery version 1.30 contains a denial of service vulnerability that allows attackers to crash the applica... |
Check if your code is affected by 2020 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now