VulDB
the community-driven vulnerability database
Home
Overview
Live Recent
Live Updates
Live Archive
Entries
Recent
Updates
Commits
Archive
Stats
Submit
Products
Vendor
Product
Type
Risks
Threat
Exploits
CVSSv3
CVSSv2
Risks
References
References
Tools
Videos
Exports
Search
Search
Advanced Search
User
API
Support
FAQ
Documentation
Changelog
Roadmap
Contact
Login
Login
Signup
Upgrade
Risk
2020
Overview of the different risk assignments of different sources of the documented vulnerabilities.
ID
Title
VulDB
CVSS
Secunia
XForce
Nessus
172256
Apple watchOS HomeKit unknown vulnerability [CVE-2020-9978]
low
2.6
-
-
-
172255
Apple tvOS HomeKit unknown vulnerability [CVE-2020-9978]
low
2.6
-
-
-
172254
Apple iOS/iPadOS HomeKit unknown vulnerability [CVE-2020-9978]
low
2.6
-
-
-
172253
Apple tvOS Kernel use after free [CVE-2020-9975]
medium
6.8
-
-
-
172252
Apple watchOS Kernel use after free [CVE-2020-9975]
medium
6.8
-
-
-
172251
Apple iOS/iPadOS Kernel use after free [CVE-2020-9975]
medium
6.8
-
-
-
172248
Apple watchOS Kernel memory corruption [CVE-2020-9967]
high
8.5
-
-
-
172247
Apple tvOS Kernel memory corruption [CVE-2020-9967]
high
8.5
-
-
-
172246
Apple iOS/iPadOS Kernel memory corruption [CVE-2020-9967]
high
8.5
-
-
-
172245
Apple tvOS FontParser buffer overflow [CVE-2020-9962]
medium
7.5
-
-
-
172244
Apple watchOS FontParser buffer overflow [CVE-2020-9962]
medium
7.5
-
-
-
172243
Apple iOS/iPadOS FontParser buffer overflow [CVE-2020-9962]
medium
7.5
-
-
-
172242
Apple watchOS CoreAudio out-of-bounds read [CVE-2020-9960]
medium
7.5
-
-
-
172241
Apple tvOS CoreAudio out-of-bounds read [CVE-2020-9960]
medium
7.5
-
-
-
172240
Apple iOS/iPadOS CoreAudio out-of-bounds read [CVE-2020-9960]
medium
7.5
-
-
-
172239
Apple watchOS FontParser out-of-bounds read [CVE-2020-9956]
medium
7.5
-
-
-
172238
Apple tvOS FontParser out-of-bounds read [CVE-2020-9956]
medium
7.5
-
-
-
172237
Apple iOS/iPadOS FontParser out-of-bounds read [CVE-2020-9956]
medium
7.5
-
-
-
172194
Apple tvOS FontParser memory corruption [CVE-2020-27931]
medium
7.5
-
-
-
172193
Apple watchOS FontParser memory corruption [CVE-2020-27931]
medium
7.5
-
-
-
172192
Apple iOS/iPadOS FontParser memory corruption [CVE-2020-27931]
medium
7.5
-
-
-
172191
Apple tvOS ImageIO out-of-bounds read [CVE-2020-27924]
medium
7.5
-
-
-
172190
Apple watchOS ImageIO out-of-bounds read [CVE-2020-27924]
medium
7.5
-
-
-
172189
Apple iOS/iPadOS ImageIO out-of-bounds read [CVE-2020-27924]
medium
7.5
-
-
-
172188
Apple tvOS ImageIO out-of-bounds write [CVE-2020-27923]
medium
7.5
-
-
-
172187
Apple watchOS ImageIO out-of-bounds write [CVE-2020-27923]
medium
7.5
-
-
-
172186
Apple iOS/iPadOS ImageIO out-of-bounds write [CVE-2020-27923]
medium
7.5
-
-
-
172185
Apple tvOS CoreText state issue [CVE-2020-27922]
medium
7.5
-
-
-
172184
Apple watchOS CoreText state issue [CVE-2020-27922]
medium
7.5
-
-
-
172183
Apple iOS/iPadOS CoreText state issue [CVE-2020-27922]
medium
7.5
-
-
-
172182
Apple tvOS libxml2 use after free [CVE-2020-27920]
medium
7.5
-
-
-
172181
Apple watchOS libxml2 use after free [CVE-2020-27920]
medium
7.5
-
-
-
172180
Apple iOS/iPadOS libxml2 use after free [CVE-2020-27920]
medium
7.5
-
-
-
172179
Apple tvOS CoreAudio out-of-bounds read [CVE-2020-27908]
medium
7.5
-
-
-
172178
Apple watchOS CoreAudio out-of-bounds read [CVE-2020-27908]
medium
7.5
-
-
-
172177
Apple iOS/iPadOS CoreAudio out-of-bounds read [CVE-2020-27908]
medium
7.5
-
-
-
168800
Apple iOS/iPadOS WebKit Remote Code Execution [CVE-2021-1870]
medium
7.5
-
-
-
168799
Apple iOS/iPadOS WebKit Remote Code Execution [CVE-2021-1871]
medium
7.5
-
-
-
168798
Apple iOS/iPadOS Kernel race condition [CVE-2021-1782]
low
4.3
-
-
-
167160
concread Crate unknown vulnerability [CVE-2020-35928]
low
4.9
-
-
-
167159
thex Crate Thread unknown vulnerability [CVE-2020-35927]
medium
4.9
-
-
-
167158
nanorand Crate entropy [CVE-2020-35926]
low
2.3
-
-
-
167157
magnetic Crate Thread MPMCProducer memory corruption
medium
5.2
-
-
-
167156
try-mutex Crate Thread unknown vulnerability [CVE-2020-35924]
low
4.9
-
-
-
167155
ordered-float crate unknown vulnerability [CVE-2020-35923]
low
4.9
-
-
-
167154
mio Crate SocketAddr memory corruption
medium
5.2
-
-
-
167153
miow Crate SocketAddr memory corruption
medium
5.2
-
-
-
167152
socket2 Crate SocketAddr memory corruption
medium
5.2
-
-
-
167151
net2 Crate SocketAddr memory corruption
medium
5.2
-
-
-
167150
branca Crate Token Decoding denial of service [CVE-2020-35918]
low
2.3
-
-
-
167149
pyo3 Crate use after free [CVE-2020-35917]
medium
4.9
-
-
-
167148
Image Crate unknown vulnerability [CVE-2020-35916]
low
4.9
-
-
-
167147
futures-intrusive Crate Thread GenericMutexGuard unknown vulnerability
low
4.9
-
-
-
167146
lock_api Crate RwLockWriteGuard unknown vulnerability
low
4.9
-
-
-
167145
lock_api Crate RwLockReadGuard unknown vulnerability
low
4.9
-
-
-
167144
lock_api Crate MappedRwLockWriteGuard unknown vulnerability
low
4.9
-
-
-
167143
lock_api Crate MappedRwLockReadGuard unknown vulnerability
low
4.9
-
-
-
167142
lock_api Crate unknown vulnerability [CVE-2020-35910]
low
4.9
-
-
-
167141
multihash Crate from_slice denial of service
low
2.3
-
-
-
167140
futures-util Crate FuturesUnordered unknown vulnerability
low
4.9
-
-
-
167139
futures-task Crate noop_waker_ref null pointer dereference
low
2.3
-
-
-
167138
futures-task Crate waker use after free
medium
4.9
-
-
-
167137
futures-util Crate map race condition
low
4.9
-
-
-
167136
crossbeam-channel Crate memory corruption [CVE-2020-35904]
medium
5.2
-
-
-
167135
dync Crate VecCopy unknown vulnerability
low
4.9
-
-
-
167134
actix-codec Crate Framed use after free [CVE-2020-35902]
medium
4.9
-
-
-
167133
actix-http Crate BodyStream use after free
medium
4.9
-
-
-
167132
array-queue Crate pop_back use after free
medium
4.9
-
-
-
167131
actix-service Crate Cell unknown vulnerability [CVE-2020-35899]
low
4.9
-
-
-
167130
actix-utils Crate Cell unknown vulnerability [CVE-2020-35898]
low
4.9
-
-
-
167129
atom Crate Send unknown vulnerability [CVE-2020-35897]
low
4.9
-
-
-
167128
ws Crate buffer overflow [CVE-2020-35896]
medium
6.5
-
-
-
167127
stack Crate ArrayVec out-of-bounds write
medium
5.2
-
-
-
167126
obstack Crate unknown vulnerability [CVE-2020-35894]
medium
5.2
-
-
-
167125
simple-slab Crate remove uninitialized pointer
low
4.9
-
-
-
167124
simple-slab Crate index out-of-bounds read
low
2.3
-
-
-
167123
ordnung Crate Vec double free
medium
4.9
-
-
-
167122
ordnung Crate Vec out-of-bounds read
low
2.3
-
-
-
167121
crayon Crate HandleLike toctou
medium
4.9
-
-
-
167120
arr Crate new_from_template uninitialized pointer
medium
4.9
-
-
-
167119
arr Crate IndexMut buffer overflow
medium
5.2
-
-
-
167118
arr Crate Thread unknown vulnerability [CVE-2020-35886]
medium
4.9
-
-
-
167117
alpm-rs Crate StrcCtx allocation of resources
low
2.3
-
-
-
167116
tiny_http Crate Transfer-Encoding request smuggling [CVE-2020-35884]
medium
4.9
-
-
-
167115
mozwire Crate path traversal [CVE-2020-35883]
low
2.3
-
-
-
167114
rocket Crate clone unknown vulnerability
low
4.9
-
-
-
167113
traitobject Crate memory corruption [CVE-2020-35881]
medium
5.2
-
-
-
167112
bigint Crate unknown vulnerability [CVE-2020-35880]
medium
4.9
-
-
-
167111
rulinalg Crate raw_slice_mut unknown vulnerability
medium
4.9
-
-
-
167110
ozone Crate uninitialized pointer [CVE-2020-35878]
low
2.3
-
-
-
167109
ozone Crate out-of-bounds read [CVE-2020-35877]
low
2.3
-
-
-
167108
rio crate use after free [CVE-2020-35876]
medium
4.9
-
-
-
167107
tokio-rustls Crate memory allocation [CVE-2020-35875]
low
2.3
-
-
-
167106
internment Crate drop use after free
medium
4.9
-
-
-
167105
rusqlite Crate sessions.rs use after free
medium
4.9
-
-
-
167104
rusqlite Crate memory corruption [CVE-2020-35872]
medium
6.5
-
-
-
167103
rusqlite Crate Auxdata API memory corruption [CVE-2020-35871]
medium
6.5
-
-
-
167102
rusqlite Crate Auxdata API use after free [CVE-2020-35870]
medium
4.9
-
-
-
167101
rusqlite Crate log format string
medium
5.2
-
-
-
167100
rusqlite Crate UnlockNotification memory corruption
medium
6.5
-
-
-
167099
rusqlite Crate create_module memory corruption
medium
6.5
-
-
-
167098
rusqlite Crate memory corruption [CVE-2020-35866]
medium
6.5
-
-
-
167097
os_str_bytes Crate unknown vulnerability
low
4.9
-
-
-
167096
flatbuffers Crate read_scalar unknown vulnerability
low
-
-
-
167095
hyper Crate HTTP Server request smuggling [CVE-2020-35863]
medium
6.0
-
-
-
167094
bitvec Crate BitVec to BitBox Conversion use after free [CVE-2020-35862]
medium
4.9
-
-
-
167093
bumpalo Crate memory corruption [CVE-2020-35861]
low
2.7
-
-
-
167092
cbox Crate API null pointer dereference [CVE-2020-35860]
low
2.3
-
-
-
167091
lucet-runtime-internals Crate memory corruption [CVE-2020-35859]
medium
5.2
-
-
-
167090
prost Crate Messages stack-based overflow [CVE-2020-35858]
medium
6.5
-
-
-
167089
trust-dns-server Crate resource consumption [CVE-2020-35857]
low
2.7
-
-
-
167088
Hgiga MailSherlock command injection [CVE-2020-35851]
medium
5.1
-
-
-
167087
Hgiga MailSherlock URL Parameter sql injection [CVE-2020-35743]
medium
5.1
-
-
-
167086
Hgiga MailSherlock URL Parameter sql injection [CVE-2020-35742]
medium
5.1
-
-
-
167085
Hgiga MailSherlock Login Page cross site scripting [CVE-2020-35741]
low
2.6
-
-
-
167084
Hgiga MailSherlock URL Parameter cross site scripting [CVE-2020-35740]
low
2.6
-
-
-
167083
Hgiga MailSherlock Source Code information disclosure [CVE-2020-25850]
low
2.6
-
-
-
167082
Hgiga MailSherlock Password Generator hard-coded password [CVE-2020-25848]
medium
7.5
-
-
-
167081
Panorama NHI ServiSignAdapter Security Control Components Digest Generation NHIServiSignAdapter information disclosure
low
5.0
-
-
-
167080
Panorama NHI ServiSignAdapter Security Control Components NHIServiSignAdapter information disclosure
low
5.0
-
-
-
167079
Panorama NHI ServiSignAdapter Security Control Components NHIServiSignAdapter stack-based overflow
medium
5.1
-
-
-
167078
Panorama NHI ServiSignAdapter Security Control Components heap-based overflow
medium
5.1
-
-
-
167077
Panorama NHI ServiSignAdapter Security Control Components NHIServiSignAdapter information disclosure
low
5.0
-
-
-
167076
failure Crate type confusion [CVE-2019-25010]
medium
4.9
-
-
-
167075
http crate API Drain unknown vulnerability
low
4.9
-
-
-
167074
http crate reserve integer overflow
low
2.3
-
-
-
167073
streebog Crate Hash denial of service [CVE-2019-25007]
low
2.3
-
-
-
167072
streebog Crate Hash unknown vulnerability [CVE-2019-25006]
low
4.9
-
-
-
167071
chacha20 Crate inadequate encryption [CVE-2019-25005]
low
1.4
-
-
-
167070
flatbuffers Crate comparison [CVE-2019-25004]
medium
5.2
-
-
-
167069
libsecp256k1 Crate check_overflow timing discrepancy
low
1.4
-
-
-
167068
sodiumoxide Crate eq comparison
medium
4.9
-
-
-
167067
serde_cbor Crate CBOR Deserializer deserialization [CVE-2019-25001]
low
2.3
-
-
-
167066
libpulse-binding Crate Iterator use after free
medium
4.9
-
-
-
167065
Umbraco CMS Installation path traversal [CVE-2020-5811]
medium
5.2
-
-
-
167064
Umbraco CMS SVG File cross site scripting [CVE-2020-5810]
low
4.0
-
-
-
167063
Umbraco CMS TinyMCE Rich-Text Editor cross site scripting [CVE-2020-5809]
low
4.0
-
-
-
167062
MantisBT bug_revision_view_page.php information disclosure
low
2.3
-
-
-
167061
Newgen eGov Correspondence Management System resource injection
medium
4.9
-
-
-
167060
FlatPress Blog cross site scripting [CVE-2020-35241]
low
4.0
-
-
-
167059
FluxBB Blog cross site scripting [CVE-2020-35240]
low
4.0
-
-
-
167058
Amaze File Manager App FTP Intent unknown vulnerability [CVE-2020-35173]
low
4.9
-
-
-
167057
Invision Community cross site scripting [CVE-2020-29477]
low
4.0
-
-
-
167056
WonderCMS Setting Menu cross site scripting [CVE-2020-29469]
low
4.0
-
-
-
167055
WonderCMS Page Description cross site scripting [CVE-2020-29233]
low
4.0
-
-
-
167054
EGavilanMedia User Registration and Login System with Admin Panel Admin Profile Page cross site scripting
low
4.0
-
-
-
167053
EGavilanMedia User Registration and Login System with Admin Panel Manage User Tab cross site scripting
low
4.0
-
-
-
167052
EGavilanMedia User Registration and Login System with Admin Panel User Login Page sql injection
medium
5.2
-
-
-
167051
Bolt Twig Context protection mechanism [CVE-2020-28925]
low
4.9
-
-
-
167050
Plone xml external entity reference [CVE-2020-28736]
medium
5.2
-
-
-
167049
Plone Traceback server-side request forgery [CVE-2020-28735]
medium
5.2
-
-
-
167048
Plone xml external entity reference [CVE-2020-28734]
low
4.9
-
-
-
167047
MantisBT API SOAP mc_project_get_users sql injection
medium
4.6
-
-
-
167046
Sentrifugo HTTP Header cross site scripting [CVE-2020-28365]
low
4.0
-
-
-
167045
Tenda AC1200 Password API denial of service [CVE-2020-28095]
low
5.2
-
-
-
167044
dotCMS REST Endpoint containers sql injection
medium
6.5
-
-
-
167043
Docker Engine Builder check.go ioutil.TempDir unknown vulnerability
low
4.9
-
-
-
167042
Vega Expression cross site scripting [CVE-2020-26296]
low
4.0
-
-
-
167041
URI.js javascript URL block server-side request forgery
medium
6.5
-
-
-
167040
parse-server LDAP Authentication credentials storage [CVE-2020-26288]
low
4.0
-
-
-
167039
Nokogiri Gem Schema server-side request forgery
medium
5.8
-
-
-
167038
DrayTek Vigor2960 mainfunction.cgi toLogin2FA os command injection
medium
6.5
-
-
-
167037
User-Friendly SVN Timeline module LastHundredRequest os command injection
medium
6.5
-
-
-
167036
XWiki Platform Property Displayer escape output [CVE-2020-13654]
low
4.9
-
-
-
167035
gssproxy gp_workers.c gp_worker_main unknown vulnerability
low
4.9
-
-
-
167034
QEMU iscsi.c iscsi_aio_ioctl_cb heap-based overflow
low
2.7
-
-
-
167033
Webswing JsLink Remote Privilege Escalation [CVE-2020-11103]
medium
6.0
-
-
-
167032
Nukeviet HTTP Request click.php sql injection
medium
5.2
-
-
-
167031
NukeViet nvloginhash Cookie is_user.php deserialization
medium
4.9
-
-
-
167030
QEMU ATI VGA ati_cursor_define out-of-bounds read
low
2.3
-
-
-
167029
MatrixSSL DTLS Server memory corruption [CVE-2019-16747]
medium
7.5
-
-
-
167028
Ptarmigan API Token Validation unknown vulnerability [CVE-2019-16281]
low
4.9
-
-
-
167027
LINBIT csync2 gnutls_handshake return value
medium
4.9
-
-
-
167026
MorphToken Constructor access control [CVE-2019-15080]
medium
5.2
-
-
-
167025
EAI access control [CVE-2019-15079]
medium
5.2
-
-
-
167024
AirdropX Born access control [CVE-2019-15078]
medium
5.2
-
-
-
167023
Dropbear information disclosure [CVE-2019-12953]
low
2.3
-
-
-
167022
D-Link DAP-1650 improper authentication [CVE-2019-12768]
medium
7.5
-
-
-
167021
OpenEMR manage_site_files.php cross-site request forgery
low
4.0
-
-
-
167020
Green Packet WiMax DV-360 lighttpd command injection [CVE-2018-14067]
medium
7.5
-
-
-
167019
CMS fileController.php input validation
medium
4.9
-
-
-
167018
Exponent CMS purchaseOrderController.php input validation
medium
4.9
-
-
-
167017
Exponent CMS find_help.php input validation
medium
4.9
-
-
-
167016
Exponent CMS usersController.php input validation
medium
4.9
-
-
-
167015
Exponent CMS storeController.php input validation
medium
4.9
-
-
-
167014
Rocket.Chat SAML Login unknown vulnerability [CVE-2020-29594]
low
4.9
-
-
-
167013
Huawei Smart Phone Message denial of service [CVE-2020-9223]
low
3.5
-
-
-
167012
Huawei iManager NetEco 6000 information disclosure [CVE-2020-9208]
low
2.3
-
-
-
167011
Huawei CloudEngine File improper authentication [CVE-2020-9207]
medium
5.8
-
-
-
167010
Huawei Mate 30 Packet permission [CVE-2020-9125]
medium
5.2
-
-
-
167009
Huawei CloudEngine Messages memory leak [CVE-2020-9124]
low
4.3
-
-
-
167008
Huawei CloudEngine Message denial of service [CVE-2020-9094]
low
2.3
-
-
-
167007
Huawei Taurus-AL00A Message use after free [CVE-2020-9093]
medium
4.9
-
-
-
167006
Rockwell Automation FactoryTalk Diagnostics Viewer Service Port 5241 RsvcHost.exe wcscpy_s memory corruption
medium
7.5
-
-
-
167005
Rockwell Automation FactoryTalk Linx Service Port 7153 messaging.dll HandleBrowseLoadIconStreamRequest memory corruption
medium
5.2
-
-
-
167004
Rockwell Automation FactoryTalk Linx Service Port 4241 RSLinxNG.exe memory corruption
medium
5.2
-
-
-
167003
Rockwell Automation FactoryTalk Linx Service Port 4241 RnaDaSvr.dll HandleRequest denial of service
low
2.3
-
-
-
167002
cockpit-project Cockpit server-side request forgery [CVE-2020-35850] [Disputed]
medium
5.2
-
-
-
167001
Agentejo Cockpit Auth.php newpassword sql injection
medium
6.5
-
-
-
167000
Agentejo Cockpit Auth.php resetpassword sql injection
medium
6.5
-
-
-
166999
Agentejo Cockpit Auth.php check sql injection
medium
6.5
-
-
-
166998
Netgear WNR2050 cross site scripting [CVE-2020-35842]
low
2.7
-
-
-
166997
Netgear WNR2050 cross site scripting [CVE-2020-35841]
low
2.7
-
-
-
166996
Netgear WNR2050 cross site scripting [CVE-2020-35840]
low
2.7
-
-
-
166995
Netgear D7800/R7500v2/R7800/R8900/R9000/XR500/XR700/RAX120 cross site scripting
low
3.3
-
-
-
166994
Netgear D7800/R7500v2/R7800/R8900/R9000/RAX120/XR500/XR700 cross site scripting
low
3.3
-
-
-
166993
Netgear D7800/R7500v2/R7800/R8900/R9000/RAX120/XR500/XR700 cross site scripting
low
3.3
-
-
-
166992
Netgear D7800/R7500v2/R7800/R8900/R9000/XR500/XR700/RAX120 cross site scripting
low
3.3
-
-
-
166991
Netgear D7800/R7500v2/R7800/R8900/R9000/RAX120/XR500/XR700 cross site scripting
low
3.3
-
-
-
166990
Netgear D7800/R7500v2/R7800/R8900/R9000/RAX120/XR500/XR700 cross site scripting
low
3.3
-
-
-
166989
Netgear XR700 cross site scripting [CVE-2020-35833]
low
3.3
-
-
-
166988
Netgear XR700 cross site scripting [CVE-2020-35832]
low
3.3
-
-
-
166987
Netgear XR700 cross site scripting [CVE-2020-35831]
low
3.3
-
-
-
166986
Netgear XR700 cross site scripting [CVE-2020-35830]
low
3.3
-
-
-
166985
Netgear XR700 cross site scripting [CVE-2020-35829]
low
3.3
-
-
-
166984
Netgear R7500v2 cross site scripting [CVE-2020-35828]
low
3.3
-
-
-
166983
Netgear RAX120 cross site scripting [CVE-2020-35827]
low
3.3
-
-
-
166982
Netgear XR700 cross site scripting [CVE-2020-35826]
low
3.3
-
-
-
166981
Netgear XR700 cross site scripting [CVE-2020-35825]
low
3.3
-
-
-
166980
Netgear XR700 cross site scripting [CVE-2020-35824]
low
3.3
-
-
-
166979
Netgear XR700 cross site scripting [CVE-2020-35823]
low
3.3
-
-
-
166978
Netgear D7800/R7500v2/R7800/R8900/R9000/RAX120/XR500/XR700 cross site scripting
low
3.3
-
-
-
166977
Netgear XR700 cross site scripting [CVE-2020-35821]
low
3.3
-
-
-
166976
Netgear XR700 cross site scripting [CVE-2020-35820]
low
3.3
-
-
-
166975
Netgear XR700 cross site scripting [CVE-2020-35819]
low
3.3
-
-
-
166974
Netgear XR700 cross site scripting [CVE-2020-35818]
low
3.3
-
-
-
166973
Netgear XR700 cross site scripting [CVE-2020-35817]
low
2.2
-
-
-
166972
Netgear XR700 cross site scripting [CVE-2020-35816]
low
3.3
-
-
-
166971
Netgear XR700 cross site scripting [CVE-2020-35815]
low
3.3
-
-
-
166970
Netgear XR700 cross site scripting [CVE-2020-35814]
low
3.3
-
-
-
166969
Netgear RAX120 cross site scripting [CVE-2020-35813]
low
3.3
-
-
-
166968
Netgear XR700 cross site scripting [CVE-2020-35812]
low
3.3
-
-
-
166967
Netgear XR700 cross site scripting [CVE-2020-35811]
low
3.3
-
-
-
166966
Netgear XR700 cross site scripting [CVE-2020-35810]
low
3.3
-
-
-
166965
Netgear XR700 cross site scripting [CVE-2020-35809]
low
3.3
-
-
-
166964
Netgear D6100/DM200/R7800/R8900/R9000/WN3000RPv/WNR2000v5 cross site scripting
low
3.3
-
-
-
166963
Netgear WN3000RPv2 cross site scripting [CVE-2020-35807]
low
3.3
-
-
-
166962
Netgear WN3000RPv2 cross site scripting [CVE-2020-35806]
low
3.3
-
-
-
166961
Netgear XR700 cross site scripting [CVE-2020-35805]
low
3.3
-
-
-
166960
Netgear D7800/R7800/R8900/R9000/XR700 information disclosure
low
2.1
-
-
-
166959
Netgear AC2600 information disclosure [CVE-2020-35803]
low
1.4
-
-
-
166958
Netgear CBR40 information disclosure [CVE-2020-35802]
low
5.0
-
-
-
166957
Netgear JGS516PE/JGS524Ev2/JGS524PE/GS116Ev2 config [CVE-2020-35801]
medium
5.8
-
-
-
166956
Netgear AC2100 config [CVE-2020-35800]
high
10.0
-
-
-
166955
Netgear XR500 buffer overflow [CVE-2020-35799]
medium
8.3
-
-
-
166954
Netgear and XR300 command injection [CVE-2020-35798]
medium
7.2
-
-
-
166953
Netgear NMS300 command injection [CVE-2020-35797]
high
10.0
-
-
-
166952
Netgear XR300 buffer overflow [CVE-2020-35796]
medium
8.3
-
-
-
166951
Netgear XR700 buffer overflow [CVE-2020-35795]
high
10.0
-
-
-
166950
Netgear RBS40V/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 command injection
medium
7.2
-
-
-
166949
Netgear D7800/R7500v2/R7800/R8900/R9000 command injection [CVE-2020-35793]
medium
6.5
-
-
-
166948
Netgear R7500v2/R8900/R9000/R7800 command injection [CVE-2020-35792]
medium
7.2
-
-
-
166947
Netgear R7800/R8900/R9000 command injection [CVE-2020-35791]
medium
5.9
-
-
-
166946
Netgear D7800/R7800/R8900/R9000 command injection [CVE-2020-35790]
medium
4.7
-
-
-
166945
Netgear NMS300 command injection [CVE-2020-35789]
medium
9.0
-
-
-
166944
Netgear WAC104 buffer overflow [CVE-2020-35788]
medium
6.2
-
-
-
166943
Netgear XR500 buffer overflow [CVE-2020-35787]
medium
7.7
-
-
-
166942
Netgear R7800 buffer overflow [CVE-2020-35786]
medium
4.7
-
-
-
166941
Netgear DGN2200v1 HTTPd improper authentication [CVE-2020-35785]
medium
4.3
-
-
-
166940
Netgear JGS516PE/JGS524PE/JGS524Ev2/GS116Ev2 access control [CVE-2020-35784]
low
4.3
-
-
-
166939
Netgear JGS516PE/GS116Ev2/JGS524Ev2/JGS524PE access control [CVE-2020-35783]
medium
3.3
-
-
-
166938
Netgear JGS516PE/JGS524Ev2/JGS524PE/GS116Ev2 access control [CVE-2020-35782]
medium
5.8
-
-
-
166937
Netgear NMS300 denial of service [CVE-2020-35781]
medium
6.8
-
-
-
166936
Netgear NMS300 denial of service [CVE-2020-35780]
medium
6.8
-
-
-
166935
Netgear NMS300 denial of service [CVE-2020-35779]
low
5.4
-
-
-
166934
Netgear GS716Tv3/GS724Tv4 cross-site request forgery [CVE-2020-35778]
low
5.0
-
-
-
166933
Netgear DGN2200v1 command injection [CVE-2020-35777]
medium
7.2
-
-
-
166932
TwitterServer Histogram Endpoint HistogramQueryHandler.scala cross site scripting
low
4.0
-
-
-
166931
site-offline Plugin wp_verify_nonce cross-site request forgery
low
4.0
-
-
-
166930
Vidyo 02-09-D URI clickjacking [CVE-2020-35735]
low
4.0
-
-
-
166929
Nop Solution Ltd nopCommerce Schedule Task Name cross site scripting
low
4.0
-
-
-
166928
OpenCart Profile Picture cross site scripting [CVE-2020-29471]
low
3.3
-
-
-
166927
OpenCart Mail cross site scripting [CVE-2020-29470]
low
4.0
-
-
-
166926
libnested Prototype code injection [CVE-2020-28283]
medium
6.5
-
-
-
166925
getobject Prototype code injection [CVE-2020-28282]
medium
6.5
-
-
-
166924
set-object-value Prototype code injection [CVE-2020-28281]
medium
6.5
-
-
-
166923
predefine Prototype code injection [CVE-2020-28280]
medium
6.5
-
-
-
166922
flattenizer Prototype code injection [CVE-2020-28279]
medium
6.5
-
-
-
166921
shvl Prototype code injection [CVE-2020-28278]
medium
6.5
-
-
-
166920
dset Prototype code injection [CVE-2020-28277]
medium
6.5
-
-
-
166919
deep-set Prototype code injection [CVE-2020-28276]
medium
6.5
-
-
-
166918
cache-base Prototype code injection [CVE-2020-28275]
medium
6.5
-
-
-
166917
1E Client Inventory module Tachyon.Performance.Metrics.exe Remote Privilege Escalation
medium
6.5
-
-
-
166916
1E Client Tachyon.Performance.Metrics.exe uncontrolled search path
medium
6.5
-
-
-
166915
1E Client access control
medium
6.5
-
-
-
166914
Huawei Jackman-AL00D denial of service [CVE-2020-1848]
low
1.7
-
-
-
166913
1E Client MSI Installer Remote Privilege Escalation [CVE-2020-16268]
medium
6.5
-
-
-
166912
Amino Communications AK45x/AK5xx/AK65x/Aria6xx/Aria7/AK7Xx/Kami7B SSH Service hard-coded key
medium
7.5
-
-
-
166911
Amino Communications AK45x/AK5xx/AK65x/Aria6xx/Aria7/AK7Xx/Kami7B CWMP Registration command injection
medium
7.6
-
-
-
166910
Amino Communications AK45x/AK5xx/AK65x/Aria6xx/Aria7/AK7Xx/Kami7B EntoneWebEngine command injection
medium
9.0
-
-
-
166909
Amino Communications AK45x/AK5xx/AK65x/Aria6xx/Aria7/AK7Xx/Kami7B EntoneWebEngine hard-coded credentials
medium
7.5
-
-
-
166908
Amino Communications AK45x/AK5xx/AK65x/Aria6xx/Aria7/AK7Xx/Kami7B VNC Server hard-coded password
low
4.3
-
-
-
166907
SolarWinds Orion Platform API authentication bypass [CVE-2020-10148]
medium
7.5
-
-
-
166906
Apache Accumulo Policy Enforcement canPerformSystemActions insufficient permissions or privileges
medium
6.5
-
-
-
166905
Webmin CGI Program miniserv.pl unknown vulnerability
medium
4.9
-
-
-
166904
QNAP QTS/QuTS Hero Application command injection [CVE-2020-25847]
medium
5.2
-
-
-
166903
OpenDKIM libopendkim testkeys symlink
medium
4.3
-
-
-
166902
RoundCube Webmail Email Message rcube_string_replacer.php linkref_addindex cross site scripting
low
4.0
-
-
-
166901
Ultimate WooCommerce Gift Cards Custom GiftCard Template unrestricted upload
medium
6.0
-
-
-
166900
Joomla! ACL input validation [CVE-2020-35616]
medium
4.9
-
-
-
166899
Joomla! Email Export cross-site request forgery [CVE-2020-35615]
low
4.0
-
-
-
166898
Joomla! Backend Login Page information disclosure [CVE-2020-35614]
low
2.7
-
-
-
166897
Joomla! Blacklist sql injection [CVE-2020-35613]
medium
6.5
-
-
-
166896
Joomla! mod_random_image path traversal
medium
5.2
-
-
-
166895
Joomla! Configuration Page information disclosure [CVE-2020-35611]
low
4.0
-
-
-
166894
Joomla! com_finder access control [CVE-2020-35610]
medium
5.2
-
-
-
166893
GDM Session Shutdown race condition [CVE-2020-27837]
low
4.3
-
-
-
166892
G-Data symlink [CVE-2020-27172]
medium
5.2
-
-
-
166891
Arista EOS EVPN VxLAN access control [CVE-2020-26569]
medium
5.8
-
-
-
166890
Dex SAML Connector signature verification [CVE-2020-26290]
medium
7.5
-
-
-
166889
date-and-time incorrect regex [CVE-2020-26289]
medium
5.0
-
-
-
166888
HedgeDoc Mermaid Diagram cross site scripting [CVE-2020-26287]
low
4.0
-
-
-
166887
HedgeDoc uploadimage unrestricted upload
medium
7.5
-
-
-
166886
No Magic TeamworkCloud Installation environment permission
medium
7.1
-
-
-
166885
Arista EOS 7800R3/EOS 7500R3/EOS 7280R3 ARP Packet denial of service
medium
6.1
-
-
-
166884
Arista EOS/EOS X VLAN access control [CVE-2020-15898]
medium
5.8
-
-
-
166883
HCL Domino Server Public API denial of service [CVE-2020-14273]
low
3.3
-
-
-
166882
NCH Express Invoice Quotes List Module cross site scripting [CVE-2020-13476]
low
4.0
-
-
-
166881
NCH Express Account URL access control [CVE-2020-13474]
medium
5.2
-
-
-
166880
NCH Express Account Configuration File missing encryption [CVE-2020-13473]
low
1.7
-
-
-
166879
David Howden Tag readAtomData array index
low
4.9
-
-
-
166878
David Howden Tag readTextWithDescrFrame array index
low
4.9
-
-
-
166877
David Howden Tag readAPICFrame array index
low
4.9
-
-
-
166876
David Howden Tag readPICFrame array index
low
4.9
-
-
-
166875
Panasonic Security System WV-S2231L Admin Control Panel set_factory denial of service
low
1.5
-
-
-
166874
Panasonic Security System WV-S2231L hard-coded password [CVE-2020-29193]
low
3.3
-
-
-
166873
Zammad REST API Call access control [CVE-2020-29160]
medium
4.1
-
-
-
166872
Zammad privileges management [CVE-2020-29159]
medium
5.2
-
-
-
166871
Zammad Ticket Detail View access control [CVE-2020-29158]
medium
5.2
-
-
-
166870
Foscam FHD X1 Local Privilege Escalation [CVE-2020-28096]
medium
6.6
-
-
-
166869
Tenda AC1200 Download unknown vulnerability [CVE-2020-28094]
medium
4.9
-
-
-
166868
Tenda AC1200 hard-coded password [CVE-2020-28093]
medium
5.8
-
-
-
166867
Zammad Tags Element cross site scripting [CVE-2020-26035]
low
4.0
-
-
-
166866
Zammad Create User information disclosure [CVE-2020-26034]
low
2.7
-
-
-
166865
Zammad REST API cross-site request forgery [CVE-2020-26033]
low
4.0
-
-
-
166864
Zammad Massenversand server-side request forgery [CVE-2020-26032]
medium
5.2
-
-
-
166863
Zammad Global Search permission [CVE-2020-26031]
medium
5.2
-
-
-
166862
Zammad SSO Endpoint improper authentication [CVE-2020-26030]
medium
5.2
-
-
-
166861
Zammad X-On-Behalf-Of Header improper authorization [CVE-2020-26029]
medium
5.2
-
-
-
166860
Zammad Ticket permission [CVE-2020-26028]
medium
5.2
-
-
-
166859
Wavpack pack_utils.c WavpackPackSamples out-of-bounds write
medium
5.2
-
-
-
166858
Dan McDougall GateOne pathname traversal [CVE-2020-35736]
low
2.7
-
-
-
166857
Automattic WooCommerce Plugin Order Status fetch_order_status information disclosure
low
3.5
-
-
-
166856
ZyXEL VPN On-premise Password Change chg_exp_pwd command injection
medium
5.2
-
-
-
166855
cxuucms admin.php cross site scripting
low
4.0
-
-
-
166854
cxuucms layui-input Class cross site scripting [CVE-2020-29249]
low
4.0
-
-
-
166853
XXL-JOB Add User UserController.java cross site scripting
low
4.0
-
-
-
166852
Backblaze bztransmit Helper privileges management [CVE-2020-8290]
medium
5.2
-
-
-
166851
Backblaze bztransmit Helper certificate validation [CVE-2020-8289]
medium
7.5
-
-
-
166850
Spamsniper Mail From stack-based overflow [CVE-2020-7845]
medium
7.5
-
-
-
166849
KLog Server authenticate.php os command injection
medium
5.2
-
-
-
166848
FasterXML jackson-databind Serialization Gadget unknown vulnerability
low
4.9
-
-
-
166847
Autobahn-Python Header injection [CVE-2020-35678]
medium
4.9
-
-
-
166846
GNU Binutils libbfd.c bfd_getl_signed_32 heap-based overflow
medium
5.2
-
-
-
166845
Beijing Huorong Internet Security injection [CVE-2020-35364]
medium
6.5
-
-
-
166844
Flamingo addUser sql injection
medium
6.5
-
-
-
166843
Flamingo addGroup sql injection
medium
6.5
-
-
-
166842
Flamingo updateUserInfoInDb sql injection
medium
6.5
-
-
-
166841
Flamingo updateUserTeamInfoInDbAndMemory sql injection
medium
6.5
-
-
-
166840
struct2json strcpy buffer overflow
medium
5.2
-
-
-
166839
OAID Tengine Serializer Module buffer overflow [CVE-2020-28759] [Disputed]
medium
5.2
-
-
-
166838
DEXT5Upload dext5handler.jsp pathname traversal
medium
4.0
-
-
-
166837
Flamingo File Transfer Request pathname traversal [CVE-2020-35284]
medium
6.5
-
-
-
166836
Linksys RE6500 langSwitch denial of service
low
3.5
-
-
-
166835
Linksys RE6500 upload_settings.cgi os command injection
medium
6.5
-
-
-
166834
Linksys RE6500 systemCommand command injection
medium
6.5
-
-
-
166833
RE6500 New Password setSysAdm os command injection
medium
6.5
-
-
-
166832
Esri ArcGIS Server server-side request forgery [CVE-2020-35712]
medium
5.2
-
-
-
166831
arc-swap Crate Constant Test Helper Map unknown vulnerability
low
4.9
-
-
-
166830
Parallels Remote Application Server Login Form socket.io information disclosure
low
3.5
-
-
-
166829
BloofoxCMS Content-Type pathname traversal [CVE-2020-35709]
medium
6.5
-
-
-
166828
TP-Link WRD4300 Web Interface information disclosure [CVE-2020-35575]
low
3.5
-
-
-
166827
Gobby D-Bus set_language null pointer dereference
low
2.3
-
-
-
166826
Subrion CMS POST Request cross site scripting [CVE-2020-35437]
low
4.0
-
-
-
166825
Rainrocka Xinhu information disclosure [CVE-2020-35388]
low
3.5
-
-
-
166824
Xpdf Type 1C Font getOp stack-based overflow
medium
5.2
-
-
-
166823
Pure-FTPd Connection resource consumption [CVE-2020-35359]
low
5.0
-
-
-
166822
TechKshetra Info Solutions Savsoft Quiz Custom Fields Page field_title cross site scripting
low
4.0
-
-
-
166821
cxuucms cross-site request forgery [CVE-2020-35347]
low
4.0
-
-
-
166820
cxuucms cross site scripting [CVE-2020-35346]
low
4.0
-
-
-
166819
GNOME gdk-pixbuf LZW Compression lzw.c write_indexes infinite loop
low
2.3
-
-
-
166818
LiteSpeed Cache Plugin cross site scripting [CVE-2020-29172]
low
4.0
-
-
-
166817
TechKshetra Info Solutions Savsoft Quiz cross site scripting
low
4.0
-
-
-
166816
PHPGurukul User Registration & Login cross-site request forgery
low
4.0
-
-
-
166815
Stratodesk NoTouch Center submitCreateTCUser.do access control
medium
5.2
-
-
-
166814
Xiph.Org libvorbis OGG File codebook.c array index
medium
4.9
-
-
-
166813
PHPList Import Administrators Page sql injection [CVE-2020-35708]
medium
6.5
-
-
-
166812
Daybyday New Client Screen cross site scripting [CVE-2020-35707]
low
4.0
-
-
-
166811
Daybyday New Project Screen cross site scripting [CVE-2020-35706]
low
4.0
-
-
-
166810
Daybyday New User Screen cross site scripting [CVE-2020-35705]
low
4.0
-
-
-
166809
Daybyday New Lead Screen cross site scripting [CVE-2020-35704]
low
4.0
-
-
-
166808
Huawei TE Mobile information disclosure [CVE-2020-9202]
low
2.3
-
-
-
166807
Huawei NIP6800/Secospace USG6600/Secospace USG9500 DHCP Message out-of-bounds read
low
4.9
-
-
-
166806
Huawei iManager NetEco 6000 csv injection [CVE-2020-9200]
medium
4.9
-
-
-
166805
Huawei CloudEngine 7800 access control [CVE-2020-9137]
medium
4.3
-
-
-
166804
Huawei CloudEngine 1800V Messages resource consumption [CVE-2020-9120]
low
3.5
-
-
-
166803
Huawei Smart Phone access control [CVE-2020-9119]
medium
4.3
-
-
-
166802
Poppler PDF Document DCTStream.cc getChars heap-based overflow
medium
5.2
-
-
-
166801
Samsung Galaxy Note 4 Bluetooth Low Energy information disclosure
low
2.1
-
-
-
166800
OpenSMTPD lka_filter.c null pointer dereference
low
3.5
-
-
-
166799
OpenSMTPD Message table.c memory leak
low
2.3
-
-
-
166798
Pi-hole DNS Query Log cross site scripting [CVE-2020-35659]
low
4.0
-
-
-
166797
EGavilan Media EGM Address Book Admin Panel sql injection [CVE-2020-29474]
medium
6.5
-
-
-
166796
EGavilan Media Under Construction Page Admin Panel sql injection
medium
6.5
-
-
-
166795
WonderCMS Admin Panel cross site scripting [CVE-2020-29247]
low
4.0
-
-
-
166794
TerraMaster TOS access control [CVE-2020-29189]
medium
6.5
-
-
-
166793
MariaDB Named Pipe Connection channel accessible [CVE-2020-28912]
medium
6.0
-
-
-
166792
TerraMaster TOS Update cleartext transmission [CVE-2020-28190]
low
2.6
-
-
-
166791
TerraMaster TOS makecvs.php os command injection
medium
7.5
-
-
-
166790
TerraMaster TOS pathname traversal [CVE-2020-28187]
medium
6.5
-
-
-
166789
TerraMaster TOS Forgot Password injection [CVE-2020-28186]
medium
7.5
-
-
-
166788
TerraMaster TOS initialise.php information disclosure
low
5.0
-
-
-
166787
TerraMaster TOS index.php cross site scripting
low
4.0
-
-
-
166786
td-agent-builder Plugin permission [CVE-2020-28169]
medium
6.5
-
-
-
166785
F5 BIG-IP APM redirect [CVE-2020-27729]
medium
7.5
-
-
-
166784
F5 BIG-IP ASM/Advanced WAF AVRD denial of service [CVE-2020-27728]
low
2.3
-
-
-
166783
F5 BIG-IP iAppsLX REST Installer information disclosure [CVE-2020-27727]
low
4.0
-
-
-
166782
F5 BIG-IP APM Resource Information Page cross site scripting
low
4.0
-
-
-
166781
F5 BIG-IP DNS/BIG-IP GTM zxfrd memory leak [CVE-2020-27725]
low
2.3
-
-
-
166780
F5 BIG-IP APM TMM resource consumption [CVE-2020-27724]
low
4.0
-
-
-
166779
F5 BIG-IP APM Traffic Management Microkernel denial of service
low
2.3
-
-
-
166778
F5 BIG-IP APM VDI Plugin resource consumption [CVE-2020-27722]
low
3.5
-
-
-
166777
F5 BIG-IP DNS/BIG-IP LTM GSLB DNS Response denial of service
low
2.3
-
-
-
166776
F5 BIG-IP LTM Traffic Management Microkernel CGNAT denial of service
low
2.3
-
-
-
166775
F5 BIG-IP Configuration utility cross site scripting [CVE-2020-27719]
low
4.0
-
-
-
166774
F5 BIG-IP ASM/Advanced WAF JSON Payload resource consumption
low
2.3
-
-
-
166773
F5 BIG-IP DNS TMM denial of service [CVE-2020-27717]
low
2.3
-
-
-
166772
F5 BIG-IP Traffic Management Microkernel denial of service [CVE-2020-27716]
low
2.3
-
-
-
166771
F5 BIG-IP Management Interface resource consumption [CVE-2020-27715]
low
4.0
-
-
-
166770
F5 BIG-IP Protocol Inspection Profile denial of service [CVE-2020-27714]
low
2.3
-
-
-
166769
BrowserUp Proxy HTTP Content injection [CVE-2020-26282]
medium
7.5
-
-
-
166768
ARM Compiler Protection Feature stack-based overflow [CVE-2020-24658]
medium
4.0
-
-
-
166767
Hyperledger Indy Node signature verification [CVE-2020-11093]
low
5.0
-
-
-
166766
NEC iSM Client certificate validation [CVE-2020-5684]
medium
5.1
-
-
-
166765
Epson EpsonNet SetupManager DLL untrusted search path [CVE-2020-5681]
medium
4.9
-
-
-
166764
IBM DB2/DB2 Connect Server Management Service denial of service
low
1.7
-
-
-
166763
BigProf Online Invoicing System pageEditGroup.php cross site scripting
low
4.0
-
-
-
166762
BigProf Online Invoicing System Self-Registration membership_signup.php cross site scripting
low
4.0
-
-
-
166761
http Package HTTP Request injection [CVE-2020-35669]
medium
4.9
-
-
-
166760
RedisGraph null pointer dereference [CVE-2020-35668]
low
2.3
-
-
-
166759
Steedos findone sql injection
medium
7.5
-
-
-
166758
TerraMaster TOS CSV makecvs.php os command injection
high
10.0
-
-
-
166757
Advanced Comment System index.php pathname traversal
medium
5.0
-
-
-
166756
Raysync code injection [CVE-2020-35370]
medium
7.5
-
-
-
166755
Nagios Core cross-site request forgery [CVE-2020-35269]
low
5.0
-
-
-
166754
User Registration & Login System with Admin Panel cross site scripting
low
5.0
-
-
-
166753
SourceCodester Online Health Care System sql injection [CVE-2020-28074]
medium
7.5
-
-
-
166752
SourceCodester Library Management System sql injection [CVE-2020-28073]
medium
7.5
-
-
-
166751
SourceCodester Alumni Management System gallery.php cross site scripting
low
3.3
-
-
-
166750
SourceCodester Alumni Management System view_event.php sql injection
medium
7.5
-
-
-
166749
projectworlds Online Matrimonial Project unrestricted upload
medium
6.5
-
-
-
166748
QNAP QES information exposure [CVE-2020-2505]
low
3.3
-
-
-
166747
QNAP QES File Station path traversal [CVE-2020-2504]
medium
5.0
-
-
-
166746
QNAP QES File Station cross site scripting [CVE-2020-2503]
low
4.0
-
-
-
166745
QNAP QES hard-coded password [CVE-2020-2499]
low
3.3
-
-
-
166744
CRK Business Platform erro.aspx cross site scripting
low
5.0
-
-
-
166743
CRK Business Platform sql injection [CVE-2020-13968]
medium
7.5
-
-
-
166742
Programi Bilanc inadequate encryption [CVE-2020-11719]
low
5.0
-
-
-
166741
Bitcoin SV Transaction resource consumption [CVE-2018-1000893]
low
5.0
-
-
-
166740
Bitcoin SV sendheaders Message resource consumption [CVE-2018-1000892]
low
5.0
-
-
-
166739
Bitcoin SV Checksum resource consumption [CVE-2018-1000891]
low
5.0
-
-
-
166738
Uncanny Owl Tin Canny Reporting TinCan_Content_List_Table.php cross site scripting
low
4.0
-
-
-
166737
Opera Web Browser Address Bar cross site scripting [CVE-2020-6159]
low
5.0
-
-
-
166736
Uncanny Groups POST Parameter user-code-redemption.php ulgm_code_redeem cross site scripting
low
4.0
-
-
-
166735
Mersive Solstice Pod Firmware information disclosure [CVE-2020-35587] [Disputed]
low
4.3
-
-
-
166734
Mersive Solstice Pod Open Control API excessive authentication
low
2.6
-
-
-
166733
Mersive Solstice Pod Open Control API info excessive authentication
low
2.6
-
-
-
166732
Mersive Solstice Pod Web Services cleartext transmission [CVE-2020-35584]
low
2.6
-
-
-
166731
Dolibarr Admin Dashboard dolibarr_export.php command injection
medium
5.8
-
-
-
166730
Eveo URVE os command injection [CVE-2020-29552]
medium
5.2
-
-
-
166729
Eveo URVE Shutdown shutdown.php unknown vulnerability
medium
4.9
-
-
-
166728
Eveo URVE sql_db.backup cleartext storage
low
2.7
-
-
-
166727
Moxa NPort IAW5000A-IO Web Server session fixiation [CVE-2020-25198]
medium
7.5
-
-
-
166726
Moxa NPort IAW5000A-IO Telnet/SSH excessive authentication [CVE-2020-25196]
low
2.6
-
-
-
166725
Moxa NPort IAW5000A-IO Web Server privileges management [CVE-2020-25194]
medium
6.5
-
-
-
166724
Moxa NPort IAW5000A-IO Web Server information disclosure [CVE-2020-25192]
low
5.0
-
-
-
166723
Moxa NPort IAW5000A-IO Web Server missing encryption [CVE-2020-25190]
low
2.6
-
-
-
166722
Moxa NPort IAW5000A-IO Web Service weak password [CVE-2020-25153]
low
2.6
-
-
-
166721
Programi Bilanc Installation hard-coded password [CVE-2020-11720]
medium
5.8
-
-
-
166720
Programi Bilanc software-update Package missing encryption [CVE-2020-11718]
low
2.6
-
-
-
166719
TitanHQ SpamTitan Backup cleartext storage [CVE-2020-35658]
low
2.3
-
-
-
166718
Jaws Theme os command injection [CVE-2020-35657]
medium
6.5
-
-
-
166717
Jaws unrestricted upload [CVE-2020-35656]
medium
6.5
-
-
-
166716
Microsoft Azure Sphere ioctl Call memory corruption [CVE-2020-35609]
medium
5.2
-
-
-
166715
Microsoft Azure Sphere AF_PACKET Socket memory corruption [CVE-2020-35608]
medium
5.2
-
-
-
166714
ZyXEL USG SSH Server/Web Interface hard-coded password [CVE-2020-29583]
medium
7.5
-
-
-
166713
Odoo Community/Enterprise Python sandbox [CVE-2020-29396]
medium
6.5
-
-
-
166712
Malwarebytes Free Symbolic Links symlink [CVE-2020-28641]
medium
6.5
-
-
-
166711
Treck IPv6 DHCPv6 Client out-of-bounds read [CVE-2020-27338]
low
5.0
-
-
-
166710
Treck IPv6 out-of-bounds write [CVE-2020-27337]
medium
7.5
-
-
-
166709
Treck IPv6 out-of-bounds read [CVE-2020-27336]
low
5.0
-
-
-
166708
Nanosystems SupRemo File Manager Supremo.exe untrusted search path
medium
9.0
-
-
-
166707
Treck HTTP Server heap-based overflow [CVE-2020-25066]
medium
7.5
-
-
-
166706
ABB Symphony Plus Operations/Symphony Plus Historian authentication bypass
high
10.0
-
-
-
166705
ABB Symphony Plus Operations/Symphony Plus Historian credentials storage
low
1.0
-
-
-
166704
ABB Symphony Plus Operations/Symphony Plus Historian Message denial of service
medium
7.8
-
-
-
166703
ABB Symphony Plus Operations/Symphony Plus Historian privileges management
medium
9.0
-
-
-
166702
ABB Symphony Plus Operations/Symphony Plus Historian unusual condition
medium
9.0
-
-
-
166701
ABB Symphony Plus Operations/Symphony Plus Historian insufficient privileges
medium
9.0
-
-
-
166700
ABB Symphony Plus Operations/Symphony Plus Historian History Server improper authentication
high
10.0
-
-
-
166699
ABB Symphony Plus Operations/Symphony Plus Historian improper authorization
medium
9.0
-
-
-
166698
ABB Symphony Plus Operations/Symphony Plus Historian sql injection
high
10.0
-
-
-
166697
D-Link DSL-2888A Web User Interface execute_cmd.cgi os command injection
medium
7.7
-
-
-
166696
D-Link DSL-2888A improper authentication [CVE-2020-24580]
medium
4.3
-
-
-
166695
D-Link DSL-2888A improper authentication [CVE-2020-24579]
medium
7.5
-
-
-
166694
D-Link DSL-2888A FTP Service information disclosure [CVE-2020-24578]
low
5.0
-
-
-
166693
Oracle Cloud Services Infrastructure Identity/Access Management Remote Privilege Escalation
medium
5.8
-
-
-
166692
HCL Domino Server XPages information disclosure [CVE-2020-14270]
low
2.9
-
-
-
166691
HCL Client Application Access stack-based overflow [CVE-2020-14231]
medium
5.2
-
-
-
166690
Foxit PDF Reader Browser Plugin use after free [CVE-2020-13570]
medium
7.5
-
-
-
166689
Foxit PDF Reader Browser Plugin use after free [CVE-2020-13560]
medium
7.5
-
-
-
166688
Foxit PDF Reader Browser Plugin use after free [CVE-2020-13557]
medium
7.5
-
-
-
166687
Foxit PDF Reader Browser Plugin memory corruption [CVE-2020-13547]
medium
7.5
-
-
-
166686
Odoo Community/Enterprise access control [CVE-2019-11786]
medium
6.5
-
-
-
166685
Odoo Community/Enterprise Mail Module access control [CVE-2019-11785]
medium
6.5
-
-
-
166684
Odoo Community/Enterprise Mail Module access control [CVE-2019-11784]
medium
6.5
-
-
-
166683
Odoo Community/Enterprise Mail Channel access control [CVE-2019-11783]
medium
6.5
-
-
-
166682
Odoo Community/Enterprise Contact Management access control [CVE-2019-11782]
medium
6.5
-
-
-
166681
Odoo Community/Enterprise Portal input validation [CVE-2019-11781]
medium
7.5
-
-
-
166680
Odoo Community/Enterprise access control [CVE-2018-15645]
medium
6.5
-
-
-
166679
Odoo Community/Enterprise Calendar Event cross site scripting
low
4.0
-
-
-
166678
Odoo Community/Enterprise Mail Module cross site scripting [CVE-2018-15638]
low
4.0
-
-
-
166677
Odoo Community/Enterprise Attachment Management cross site scripting
low
5.0
-
-
-
166676
Odoo Community/Enterprise Document Module cross site scripting
low
5.0
-
-
-
166675
Odoo Community/Enterprise Database input validation [CVE-2018-15632]
medium
7.5
-
-
-
166674
multi-ini injection [CVE-2020-28460]
low
5.1
-
-
-
166673
multi-ini injection [CVE-2020-28448]
low
5.1
-
-
-
166672
Programi Bilanc hard-coded credentials [CVE-2020-8995]
medium
7.5
-
-
-
166671
PushToWatch extension PushToWatch.php onSkinAddFooterLinks cross-site request forgery
low
4.0
-
-
-
166670
Widgets Extension Smarty Template command unknown vulnerability
medium
4.9
-
-
-
166669
SecurePoll Extension Vote information disclosure [CVE-2020-35624]
low
1.4
-
-
-
166668
CasAuth Extension unknown vulnerability [CVE-2020-35623]
medium
4.9
-
-
-
166667
GlobalUsage Extension SpecialGlobalUsage.php makeForeignLink cross site scripting
low
4.0
-
-
-
166666
Online Marriage Registration System POST Parameter search.php sql injection
medium
4.6
-
-
-
166665
MiniWeb HTTP Server POST Request denial of service [CVE-2020-29596]
low
5.0
-
-
-
166664
Hugo Pandoc Document exec os command injection
medium
5.1
-
-
-
166663
async-h1 POST Request request smuggling [CVE-2020-26281]
medium
7.5
-
-
-
166662
DBdeployer Tarball link following [CVE-2020-26277]
medium
5.1
-
-
-
166661
Programi sql injection [CVE-2020-11717]
medium
6.5
-
-
-
166660
Philips Hue Service Port 80 denial of service [CVE-2018-7580]
low
3.3
-
-
-
166659
Webmin Package Updates Module unknown vulnerability [CVE-2020-35606]
medium
7.4
-
-
-
166658
Kitty Graphics Protocol graphics.c injection
low
3.5
-
-
-
166657
Kronos webTA SAML xml external entity reference [CVE-2020-35604]
medium
4.9
-
-
-
166656
SeaCMS admin_members_group.php sql injection
medium
6.5
-
-
-
166655
yunyecms sql injection [CVE-2020-21377]
medium
6.5
-
-
-
166654
ZTE E8810/E8820/E8822 MQTT Service information disclosure [CVE-2020-6882]
low
3.5
-
-
-
166653
ZTE E8810/E8820/E8822 MQTT denial of service [CVE-2020-6881]
low
3.5
-
-
-
166652
Tenable Tenable.sc Automatic Distribution Configuration unknown vulnerability
low
4.9
-
-
-
166651
IBM Loopback Javascript injection [CVE-2020-4988]
medium
7.5
-
-
-
166650
IBM MQ Connection denial of service [CVE-2020-4870]
low
2.6
-
-
-
166649
IBM Security Secret Server information disclosure [CVE-2020-4843]
low
4.0
-
-
-
166648
IBM Security Secret Server information exposure [CVE-2020-4842]
low
3.3
-
-
-
166647
IBM Security Secret Server missing encryption [CVE-2020-4841]
low
2.6
-
-
-
166646
IBM Security Secret Server redirect [CVE-2020-4840]
low
5.0
-
-
-
166645
IBM Automation Workstream Services improper authorization [CVE-2020-4794]
medium
6.5
-
-
-
166644
IBM FileNet Content Manager/Content Navigator Web UI cross site scripting
low
4.0
-
-
-
166643
IBM Financial Transaction Manager user session [CVE-2020-4555]
medium
6.5
-
-
-
166642
VMware ESXi/Workstation/Fusion/Cloud Foundation GuestInfo denial of service
low
2.3
-
-
-
166641
ovirt-engine information disclosure [CVE-2020-35497]
low
2.3
-
-
-
166640
EgavilanMedia ECM Address Book Admin Login Panel sql injection
medium
5.2
-
-
-
166639
Coastercms cross site scripting [CVE-2020-35275]
low
4.0
-
-
-
166638
DotCMS Add Template with Admin Panel cross site scripting [CVE-2020-35274]
low
4.0
-
-
-
166637
EgavilanMedia User Registration & Login System with Admin Panel cross-site request forgery
low
4.0
-
-
-
166636
crewjam saml signature verification [CVE-2020-27846]
low
2.3
-
-
-
166635
Emerson Rosemount X-STREAM Gas Analyzer improper authentication
medium
5.8
-
-
-
166634
Wireshark QUIC Dissector denial of service [CVE-2020-26422]
low
5.1
-
-
-
166633
Jupyter Server redirect [CVE-2020-26275]
medium
7.5
-
-
-
166632
tlslite-ng inadequate encryption [CVE-2020-26263]
low
2.6
-
-
-
166631
Nifty-PM CPE injection [CVE-2020-26049]
medium
6.0
-
-
-
166630
Pengutronix RAUC Update Client Signature Verification install.c toctou
medium
7.4
-
-
-
166629
Apache Airflow improper authorization [CVE-2020-17526]
medium
5.2
-
-
-
166628
HCL iNotes Message Content information disclosure [CVE-2020-14225]
low
5.0
-
-
-
166627
SolarWinds Web Help Desk Formula csv injection [CVE-2019-16959]
medium
4.9
-
-
-
166626
limit-login-attempts-reloaded Plugin X-Forwarded-For Header LimitLoginAttempts.php origin validation
low
4.0
-
-
-
166625
limit-login-attempts-reloaded Plugin cross site scripting [CVE-2020-35589]
low
4.0
-
-
-
166624
Atlassian Crucible File Upload denial of service [CVE-2020-29447]
low
3.5
-
-
-
166623
HP Support Assistant denial of service [CVE-2019-18920]
low
3.2
-
-
-
166622
HP Support Assistant Local Privilege Escalation [CVE-2019-18919]
medium
6.8
-
-
-
166621
tindy2013 subconverter API Endpoint denial of service [CVE-2020-35579]
low
2.3
-
-
-
166620
PostSRSd Timestamp Tag srs2.c denial of service
low
3.5
-
-
-
166619
HPE iLO Amplifier Pack Server Remote Privilege Escalation [CVE-2020-7203]
medium
6.0
-
-
-
166618
HPE StoreEver MSL2024/StoreEver 1-8 G2 cross-site request forgery
low
4.0
-
-
-
166617
HPE Systems Insight Manager Remote Privilege Escalation [CVE-2020-7200]
medium
6.0
-
-
-
166616
Marvell QConvergeConsole GUI path traversal [CVE-2020-5803]
medium
8.5
-
-
-
166615
HCL Verse Message Content cross site scripting [CVE-2020-4080]
low
5.0
-
-
-
166614
Ceph insufficiently protected credentials [CVE-2020-27781]
medium
6.5
-
-
-
166613
ThingsBoard Host Header injection [CVE-2020-27687]
medium
7.5
-
-
-
166612
OpenSlides cross site scripting [CVE-2020-26280]
low
4.0
-
-
-
166611
WeiPHP wp_where sql injection
medium
6.5
-
-
-
166610
WeiPHP POST access control [CVE-2020-20299]
medium
5.2
-
-
-
166609
zzzphp zzz_template.php injection
medium
6.0
-
-
-
166608
zzcms User Login Page login.php cross site scripting
low
4.0
-
-
-
166607
uftpd FTP Server common.c compose_abspath pathname traversal
medium
7.5
-
-
-
166606
uftpd FTP Server common.c handle_PORT buffer overflow
medium
7.5
-
-
-
166605
Apache Pulsar Manager Verification permission [CVE-2020-17520]
medium
5.8
-
-
-
166604
HCL iNotes Message Content or cross site scripting
low
5.0
-
-
-
166603
HCL Notes MIME Message buffer overflow [CVE-2020-14224]
medium
7.5
-
-
-
166602
Kepware LinkMaster access control [CVE-2020-13535]
medium
9.0
-
-
-
166601
NZXT Cam IO Request Packet access control [CVE-2020-13519]
medium
5.2
-
-
-
166600
NZXT Cam IO Request Packet access control [CVE-2020-13515]
medium
5.2
-
-
-
166599
NZXT Cam IO Request Packet access control [CVE-2020-13514]
medium
5.2
-
-
-
166598
NZXT Cam IO Request Packet access control [CVE-2020-13513]
medium
5.2
-
-
-
166597
NZXT Cam IO Request Packet access control [CVE-2020-13512]
medium
5.2
-
-
-
166596
DolphinScheduler mysql connectorj Remote Privilege Escalation
medium
6.0
-
-
-
166595
Open Zaak origin validation [CVE-2020-26251]
medium
5.1
-
-
-
166594
IBM Planning Analytics cross-site request forgery [CVE-2020-4764]
low
5.0
-
-
-
166593
SpiceWorks Host Header injection [CVE-2020-25901]
medium
4.9
-
-
-
166592
Xinuos OpenServer cross site scripting [CVE-2020-25495]
low
4.0
-
-
-
166591
Xinuos OpenServer printbook os command injection
medium
5.2
-
-
-
166590
LG Mobile Device Dual Screen improper authentication [CVE-2020-35555]
medium
4.6
-
-
-
166589
LG Mobile Device WebView SSL unknown vulnerability [CVE-2020-35554]
low
4.9
-
-
-
166588
Samsung Mobile Device denial of service [CVE-2020-35553]
low
2.3
-
-
-
166587
Samsung Mobile Device GPS Daemon information disclosure [CVE-2020-35552]
low
1.7
-
-
-
166586
Samsung Mobile Device RPMB access control [CVE-2020-35551]
medium
5.8
-
-
-
166585
Samsung Mobile Device Factory Reset Protection access control
medium
7.7
-
-
-
166584
Samsung Mobile Device Dialer Local Privilege Escalation [CVE-2020-35549]
low
4.3
-
-
-
166583
Samsung Mobile Device Finder denial of service [CVE-2020-35548]
low
2.3
-
-
-
166582
MediaWiki information disclosure [CVE-2020-35480]
low
5.0
-
-
-
166581
MediaWiki BlockLogFormatter.php translateBlockExpiry cross site scripting
low
5.0
-
-
-
166580
MediaWiki Raw HTML BlockLogFormatter.php makePageLink cross site scripting
low
5.0
-
-
-
166579
MediaWiki Log Entry unknown vulnerability [CVE-2020-35477]
low
5.5
-
-
-
166578
MediaWiki Raw HTML Special:UserRights cross site scripting
low
5.0
-
-
-
166577
MediaWiki Messages text cross site scripting
low
4.0
-
-
-
166576
Mitel MiVoice 6930/MiVoice 6940 Bluetooth Handset improper authentication
medium
3.7
-
-
-
166575
Mitel MiVoice 6873i/MiVoice 6930/MiVoice 6940 Bluetooth Handset Local Privilege Escalation
low
3.7
-
-
-
166574
Mitel MiCollab redirect [CVE-2020-27340]
medium
5.2
-
-
-
166573
Mitel BusinessCTI Enterprise Client Chat Window information disclosure
low
2.7
-
-
-
166572
Tangro Business Workflow Attachment information disclosure [CVE-2020-26178]
low
5.0
-
-
-
166571
Tangro Business Workflow profile access control
medium
5.5
-
-
-
166570
Tangro Business Workflow API Endpoint attachments access control
medium
4.0
-
-
-
166569
Tangro Business Workflow profile access control
medium
6.5
-
-
-
166568
Tangro Business Workflow Restrictions unrestricted upload [CVE-2020-26174]
medium
6.5
-
-
-
166567
Tangro Business Workflow PDF improper authentication [CVE-2020-26173]
medium
5.0
-
-
-
166566
Tangro Business Workflow JWT Token authentication replay [CVE-2020-26172]
medium
7.5
-
-
-
166565
Tangro Business Workflow Attachment upload access control
medium
6.5
-
-
-
166564
Mitel MiCollab NuPoint Messenger access control [CVE-2020-25612]
low
2.7
-
-
-
166563
Mitel MiCollab AWV Portal cross site scripting [CVE-2020-25611]
low
4.0
-
-
-
166562
Mitel MiCollab AWV access control [CVE-2020-25610]
medium
5.2
-
-
-
166561
Mitel MiCollab NuPoint Messenger Portal cross site scripting
low
4.0
-
-
-
166560
Mitel MiCollab SAS Portal sql injection [CVE-2020-25608]
medium
6.5
-
-
-
166559
Mitel MiCollab AWV cross site scripting [CVE-2020-25606]
low
4.0
-
-
-
166558
Mitel MiContact Center Business Ignite Portal information disclosure
low
1.7
-
-
-
166557
SolarWinds Web Help Desk User Account cross site scripting [CVE-2019-16957]
low
5.0
-
-
-
166556
SolarWinds Web Help Desk SVG Document cross site scripting [CVE-2019-16955]
low
4.0
-
-
-
166555
Smilegate Stove Client input validation [CVE-2020-7838]
medium
7.5
-
-
-
166554
Bouncy Castle Legion of the Bouncy Castle Utility Method OpenBSDBCrypt.checkPassword comparison
medium
4.9
-
-
-
166553
Trend Micro InterScan Web Security Virtual Appliance command injection
medium
5.8
-
-
-
166552
Trend Micro InterScan Web Security Virtual Appliance improper authentication
medium
5.8
-
-
-
166551
Trend Micro InterScan Web Security Virtual Appliance Admin Interface unknown vulnerability
low
4.9
-
-
-
166550
Trend Micro InterScan Web Security Virtual Appliance improper authorization
medium
5.2
-
-
-
166549
Trend Micro InterScan Web Security Virtual Appliance cross site scripting
low
4.0
-
-
-
166548
Trend Micro InterScan Web Security Virtual Appliance cross-site request forgery
low
4.0
-
-
-
166547
IBM Security Key Lifecycle Manager information exposure [CVE-2020-4846]
low
3.3
-
-
-
166546
IBM Security Key Lifecycle Manager Web UI cross site scripting
low
4.0
-
-
-
166545
Spotweb sql injection [CVE-2020-35545]
medium
4.6
-
-
-
166544
FasterXML jackson-databind deserialization [CVE-2020-35491]
medium
6.0
-
-
-
166543
FasterXML jackson-databind deserialization [CVE-2020-35490]
medium
6.0
-
-
-
166542
Rocklobster Contact Form 7 unrestricted upload [CVE-2020-35489]
medium
6.0
-
-
-
166541
Linux-PAM Empty Password improper authentication [CVE-2020-27780]
medium
7.7
-
-
-
166540
Trend Micro InterScan Web Security Virtual Appliance Web Interface cross site scripting
low
4.0
-
-
-
166539
Fleet SAML Response authentication spoofing [CVE-2020-26276]
medium
7.5
-
-
-
166538
jsonpickle decode deserialization
medium
6.0
-
-
-
166537
Flexmonster Pivot Table & Charts To Remote CSV cross site scripting
low
4.0
-
-
-
166536
Flexmonster Pivot Table & Charts XMLA cross site scripting [CVE-2020-20141]
low
4.0
-
-
-
166535
Flexmonster Pivot Table & Charts Remote Report cross site scripting
low
4.0
-
-
-
166534
Flexmonster Pivot Table & Charts Remote JSON cross site scripting
low
4.0
-
-
-
166533
CMS Made Simple Showtime2 Slideshow Module cross site scripting
low
4.0
-
-
-
166532
BitDefender Hypervisor Introspection Compiler Optimization IntPeParseUnwindData null pointer dereference
medium
6.8
-
-
-
166531
BitDefender Hypervisor Introspection IntLixFileGetPath memory corruption
low
2.7
-
-
-
166530
BitDefender HVI IntLixTaskDumpTree out-of-bounds read
low
2.3
-
-
-
166529
HCL Notes Parameter stack-based overflow [CVE-2020-14232]
medium
5.2
-
-
-
166528
Apache TomEE ActiveMQ Broker improper authentication [CVE-2020-13931]
medium
7.5
-
-
-
166527
Lantronix XPort EDGE Telnet CLI information disclosure [CVE-2020-13528]
low
2.6
-
-
-
166526
Lantronix XPort EDGE Web Manager improper authentication [CVE-2020-13527]
medium
5.8
-
-
-
166525
NZXT Cam IO Request Packet information disclosure [CVE-2020-13518]
low
2.3
-
-
-
166524
NZXT Cam IO Request Packet information disclosure [CVE-2020-13517]
low
2.3
-
-
-
166523
NZXT Cam IO Request Packet information disclosure [CVE-2020-13516]
low
2.3
-
-
-
166522
NZXT Cam IO Request Packet information disclosure [CVE-2020-13511]
low
2.3
-
-
-
166521
NZXT Cam IO Request Packet information disclosure [CVE-2020-13510]
low
2.3
-
-
-
166520
NZXT Cam IO Request Packet information disclosure [CVE-2020-13509]
low
2.3
-
-
-
166519
Phoenix Contact mGuard LAN Port missing initialization of resource
low
5.1
-
-
-
166518
WAGO PFC 100 os command injection [CVE-2020-12522]
high
10.0
-
-
-
166517
Phoenix Contact PLCnext LLDP Packet denial of service [CVE-2020-12521]
low
3.3
-
-
-
166516
Phoenix Contact PLCnext privileges management [CVE-2020-12519]
medium
6.8
-
-
-
166515
Phoenix Contact PLCnext information disclosure [CVE-2020-12518]
low
1.7
-
-
-
166514
Phoenix Contact PLCnext cross site scripting [CVE-2020-12517]
low
4.0
-
-
-
166513
Hashicorp Vault Enterprise Sentinel EGP Policy Feature unknown vulnerability
low
4.9
-
-
-
166512
Memcached Docker Image hard-coded password [CVE-2020-35197]
medium
9.3
-
-
-
166511
Rabbitmq Docker Image hard-coded password [CVE-2020-35196]
medium
9.3
-
-
-
166510
Haproxy Docker Image hard-coded password [CVE-2020-35195]
medium
9.3
-
-
-
166509
Influxdb Docker Image hard-coded password [CVE-2020-35194]
medium
9.3
-
-
-
166508
Vault Docker Image hard-coded password [CVE-2020-35192]
medium
9.3
-
-
-
166507
Drupal Docker Image hard-coded password [CVE-2020-35191]
medium
9.3
-
-
-
166506
Plone Docker Image hard-coded password [CVE-2020-35190]
medium
9.3
-
-
-
166505
Kong Docker Image hard-coded password [CVE-2020-35189]
medium
9.3
-
-
-
166504
Chronograf Docker Image hard-coded password [CVE-2020-35188]
medium
9.3
-
-
-
166503
Telegraf Docker Image hard-coded password [CVE-2020-35187]
medium
9.3
-
-
-
166502
Adminer Docker Image hard-coded password [CVE-2020-35186]
medium
9.3
-
-
-
166501
Ghost Docker Image hard-coded password [CVE-2020-35185]
medium
9.3
-
-
-
166500
Composer Docker Image hard-coded password [CVE-2020-35184]
medium
9.3
-
-
-
166499
Hashicorp Vault/Vault Enterprise LDAP Auth Method information disclosure
low
2.3
-
-
-
166498
Synacor Zimbra Collaboration Suite SAML Consumer Store Extension xml external entity reference
low
4.9
-
-
-
166497
SSH Component denial of service [CVE-2020-29652]
low
3.5
-
-
-
166496
Sonatype Nexus Repository Manager xml external entity reference
low
4.7
-
-
-
166495
Magic Home Pro Application improper authentication [CVE-2020-27199]
medium
5.8
-
-
-
166494
Oracle Application Server Websocket access control [CVE-2020-25096]
medium
6.5
-
-
-
166493
LogRhythm Platform Manager Websocket cross-site request forgery
low
4.0
-
-
-
166492
LogRhythm Platform Manager Websocket command injection [CVE-2020-25094]
medium
9.0
-
-
-
166491
Kyland KPS2204 webadminget.cgi information disclosure
low
3.5
-
-
-
166490
Kyland KPS2204 Instruction unrestricted upload [CVE-2020-25010]
medium
6.0
-
-
-
166489
Infraware ML Report MLReportDeamon.exe sub_41EAF0 stack-based overflow
medium
5.1
-
-
-
166488
connection-tester Package index.js injection
medium
7.5
-
-
-
166487
Dell BSAFE Micro Edition Suite buffer overflow [CVE-2020-5360]
medium
7.5
-
-
-
166486
Dell BSAFE Micro Edition Suite return value [CVE-2020-5359]
medium
7.5
-
-
-
166485
IBM Financial Transaction Manager Login Dialog information disclosure
low
5.0
-
-
-
166484
IBM Financial Transaction Manager information exposure [CVE-2020-4907]
low
5.0
-
-
-
166483
IBM Financial Transaction Manager information disclosure [CVE-2020-4906]
low
1.7
-
-
-
166482
IBM Financial Transaction Manager cleartext transmission [CVE-2020-4905]
low
2.6
-
-
-
166481
IBM Financial Transaction Manager cross-site request forgery
low
5.0
-
-
-
166480
IBM Sterling File Gateway Web UI cross site scripting [CVE-2020-4658]
low
5.0
-
-
-
166479
IBM Sterling B2B Integrator Web UI cross site scripting [CVE-2020-4657]
low
5.0
-
-
-
166478
Vmware macOS Sensor for VMware Carbon Black Cloud Installation Remote Privilege Escalation
medium
6.5
-
-
-
166477
Irfan Skiljan IrfanView PCX File out-of-bounds write [CVE-2020-35133]
medium
7.5
-
-
-
166476
Pluck CMS unrestricted upload [CVE-2020-29607]
medium
6.0
-
-
-
166475
Epson EPS TSE Server 8 Administrative Interface cross-site request forgery
low
5.0
-
-
-
166474
Epson EPS TSE Server 8 users.php cross site scripting
low
4.0
-
-
-
166473
Epson EPS TSE Server 8 information disclosure [CVE-2020-28929]
low
5.0
-
-
-
166472
systeminformation command injection [CVE-2020-26274]
medium
6.5
-
-
-
166471
Dell EMC iDRAC9 Web Application cross site scripting [CVE-2020-26198]
low
5.0
-
-
-
166470
SolarWinds N-central AdvancedScripts HTTP Endpoint cross-site request forgery
low
4.0
-
-
-
166469
SolarWinds N-central Network Interface improper authentication
medium
5.8
-
-
-
166468
SolarWinds N-Central Administrative Console hard-coded credentials
medium
5.8
-
-
-
166467
HCL BigFix Inventory TLS-RSA Cipher Suite risky encryption [CVE-2020-14254]
low
2.6
-
-
-
166466
HCL BigFix Inventory missing secure attribute [CVE-2020-14248]
low
2.6
-
-
-
166465
AdRem NetCrunch Credential Manager credentials storage [CVE-2019-14483]
low
1.4
-
-
-
166464
AdRem NetCrunch Web Client hard-coded key [CVE-2019-14482]
medium
7.5
-
-
-
166463
AdRem NetCrunch Web Client cross-site request forgery [CVE-2019-14481]
low
4.0
-
-
-
166462
AdRem NetCrunch user session [CVE-2019-14480]
medium
7.5
-
-
-
166461
AdRem NetCrunch Remote Privilege Escalation [CVE-2019-14479]
medium
6.5
-
-
-
166460
AdRem NetCrunch Web Client cross site scripting [CVE-2019-14478]
low
4.0
-
-
-
166459
AdRem NetCrunch Credentials Database credentials storage [CVE-2019-14477]
low
1.7
-
-
-
166458
AdRem NetCrunch SMB Request server-side request forgery [CVE-2019-14476]
medium
5.2
-
-
-
166457
p11-kit Byte Array heap-based overflow [CVE-2020-29363]
medium
6.5
-
-
-
166456
p11-kit RPC heap-based overflow [CVE-2020-29362]
medium
6.5
-
-
-
166455
p11-kit LIST Command integer overflow [CVE-2020-29361]
medium
4.9
-
-
-
166454
SolarWinds N-central SSH access control [CVE-2020-25619]
medium
6.5
-
-
-
166453
SolarWinds N-Central sudo Configuration access control [CVE-2020-25618]
medium
7.7
-
-
-
166452
SolarWinds N-Central Administration Console path traversal [CVE-2020-25617]
medium
7.7
-
-
-
166451
GROWI pathname traversal [CVE-2020-5683]
medium
6.5
-
-
-
166450
GROWI denial of service [CVE-2020-5682]
low
3.5
-
-
-
166449
OpenTSDB gnuplot File tmp command injection
medium
6.5
-
-
-
166448
datatables.net Package code injection [CVE-2020-28458]
medium
5.8
-
-
-
166447
osquery command injection [CVE-2020-26273]
medium
6.5
-
-
-
166446
XStream os command injection [CVE-2020-26259]
medium
4.0
-
-
-
166445
XStream server-side request forgery [CVE-2020-26258]
medium
6.5
-
-
-
166444
Software AG Terracotta Server OSS Docker Image hard-coded password
medium
10.0
-
-
-
166443
Appbase Streams Docker Image hard-coded password [CVE-2020-35468]
medium
10.0
-
-
-
166442
Docker Docs Docker Image hard-coded password [CVE-2020-35467]
medium
10.0
-
-
-
166441
Blackfire Docker Image hard-coded password [CVE-2020-35466]
medium
10.0
-
-
-
166440
FullArmor HAPI File Share Mount Docker Image hard-coded password
medium
10.0
-
-
-
166439
Weave Cloud Agent Docker Image hard-coded password [CVE-2020-35464]
medium
10.0
-
-
-
166438
Instana Dynamic APM Docker Image hard-coded password [CVE-2020-35463]
medium
10.0
-
-
-
166437
CoScale Agent Docker Image weak password [CVE-2020-35462]
high
10.0
-
-
-
166436
PHPJabbers Appointment Scheduler Admin Login Page index.php cross site scripting
low
4.0
-
-
-
166435
jsonparser GET Call denial of service [CVE-2020-35381]
low
2.3
-
-
-
166434
GJSON JSON File denial of service [CVE-2020-35380]
low
2.3
-
-
-
166433
Sonarqube Docker Image hard-coded password [CVE-2020-35193]
high
10.0
-
-
-
166432
Keysight Database Connector Plugin access control [CVE-2020-35122]
medium
5.2
-
-
-
166431
Keysight Database Connector Plugin Save Macro Parameter cross site scripting
low
4.0
-
-
-
166430
Icinga certificate validation [CVE-2020-29663]
medium
5.8
-
-
-
166429
SourceCodester Alumni Management System gallery.php unrestricted upload
medium
6.0
-
-
-
166428
D-Link DSR-250 Unified Services Router Web Interface command injection
medium
6.5
-
-
-
166427
D-Link DSR-250 Configuration File injection [CVE-2020-25758]
medium
6.0
-
-
-
166426
D-Link DSR-150/DSR-250/DSR-500/DSR-1000AC LUA CGI access control
medium
7.7
-
-
-
166425
Host Engineering H0-ECOM100/H2-ECOM100/H4-ECOM100 Configuration Web Server denial of service
low
2.3
-
-
-
166424
PEGA Platform cross site scripting [CVE-2020-23957]
low
4.0
-
-
-
166423
Keycloak authentication replay [CVE-2020-14302]
medium
5.8
-
-
-
166422
Keycloak server-side request forgery [CVE-2020-10770]
medium
6.5
-
-
-
166421
SolarWinds Database Performance Analyzer cross site scripting
low
4.0
-
-
-
166420
Google Asylo ecall_restore buffer overflow
medium
4.3
-
-
-
166419
Google Asylo enc_untrusted_recvfrom buffer overflow
medium
3.5
-
-
-
166418
Google Asylo enc_untrusted_read buffer overflow
medium
3.5
-
-
-
166417
Google Asylo enc_untrusted_inet_pton buffer overflow
medium
3.5
-
-
-
166416
Google Asylo enc_untrusted_recvmsg buffer overflow
medium
3.5
-
-
-
166415
Google Asylo enc_untrusted_inet_ntop out-of-bounds read
low
2.4
-
-
-
166414
Google Asylo FromkLinuxSockAddr memory corruption
medium
3.5
-
-
-
166413
Google Asylo enc_untrusted_create_wait_queue buffer overflow
medium
4.3
-
-
-
166412
Google Asylo sgx_params out-of-bounds read
low
1.0
-
-
-
166411
Google Asylo Ecall_restore memory corruption
low
2.4
-
-
-
166410
IBM Tivoli Netcool Impact Remote Privilege Escalation [CVE-2020-4849]
medium
6.0
-
-
-
166409
IBM Connect:Direct for UNIX CLI improper authentication [CVE-2020-4747]
medium
7.5
-
-
-
166408
EGavilan Barcodes Generator index.php cross site scripting
low
4.0
-
-
-
166407
EGavilan Media Expense Management System Add Expense cross site scripting
low
4.0
-
-
-
166406
Xen null pointer dereference [CVE-2020-29571]
low
2.3
-
-
-
166405
Xen denial of service [CVE-2020-29570]
low
5.2
-
-
-
166404
Linux Kernel Kernel Thread denial of service [CVE-2020-29569]
low
2.7
-
-
-
166403
Xen denial of service [CVE-2020-29568]
low
2.3
-
-
-
166402
Xen denial of service [CVE-2020-29567]
low
4.4
-
-
-
166401
Xen denial of service [CVE-2020-29566]
low
5.2
-
-
-
166400
Xen XAPI xenstore denial of service [CVE-2020-29487]
low
2.3
-
-
-
166399
Xen xenstore denial of service [CVE-2020-29486]
low
2.3
-
-
-
166398
Xen Ocaml xenstored Implementation denial of service [CVE-2020-29485]
low
5.2
-
-
-
166397
Xen Xenstore denial of service [CVE-2020-29484]
low
2.3
-
-
-
166396
Xen Shared Memory denial of service [CVE-2020-29483]
low
2.6
-
-
-
166395
Xen xenstore Path $DOMID denial of service
low
2.7
-
-
-
166394
Xen Xenstore Node access control [CVE-2020-29481]
medium
5.2
-
-
-
166393
Xen xenstore permission [CVE-2020-29480]
medium
5.2
-
-
-
166392
Xen Ocaml xenstored Implementation access control [CVE-2020-29479]
medium
5.2
-
-
-
166391
s-cart Package Admin Dashboard AdminOrderController.phpindex cross site scripting
low
4.0
-
-
-
166390
s-cart Package Admin Panel cross site scripting [CVE-2020-28456]
low
4.0
-
-
-
166389
Foxit Reader/PhantomPDF PDF File denial of service [CVE-2020-28203]
low
5.0
-
-
-
166388
Linux Kernel RTAS authorization [CVE-2020-27777]
medium
8.3
-
-
-
166387
TIBCO PartnerExpress REST API unknown vulnerability [CVE-2020-27147]
medium
6.4
-
-
-
166386
Google Android nl80211.c nl80211_policy out-of-bounds read
low
1.4
-
-
-
166385
Google Android l2tp Subsystem use after free [CVE-2020-27067]
medium
4.0
-
-
-
166384
Google Android xfrm6_tunnel.c xfrm6_tunnel_free_spi use after free
medium
4.0
-
-
-
166383
Google Android GpuService.cpp getGpuStatsAppInfo information disclosure
low
1.7
-
-
-
166382
Google Android Package Metadata information disclosure [CVE-2020-27056]
low
1.7
-
-
-
166381
Google Android WiFi Configuration WifiConfigController.java showWarningMessagesIfAppropriate information disclosure
low
5.0
-
-
-
166380
Google Android BluetoothManagerService BluetoothManagerService.java onFactoryReset permission
medium
4.3
-
-
-
166379
Google Android WiFi Name ClientModeImpl.java broadcastWifiCredentialChanged information disclosure
low
1.4
-
-
-
166378
Google Android Lock Task Mode ActivityRecord.java getLockTaskLaunchMode permission
medium
4.3
-
-
-
166377
Google Android nfa_rw_api.cc NFA_RwI93WriteMultipleBlocks out-of-bounds write
medium
4.3
-
-
-
166376
Google Android rw_i93.cc rw_i93_send_cmd_write_multi_blocks out-of-bounds write
medium
4.3
-
-
-
166375
Google Android rw_t3t.cc rw_t3t_send_raw_frame out-of-bounds write
medium
4.3
-
-
-
166374
Google Android rw_main.cc RW_SendRawFrame out-of-bounds write
medium
4.3
-
-
-
166373
Google Android ce_t4t.cc ce_t4t_update_binary out-of-bounds read
low
1.7
-
-
-
166372
Google Android nfc_ncif.cc nfc_ncif_proc_ee_action out-of-bounds read
low
1.4
-
-
-
166371
Google Android ce_main.cc CE_SendRawFrame out-of-bounds write
medium
4.3
-
-
-
166370
Google Android Parcel.cpp restartWrite memory corruption
medium
4.3
-
-
-
166369
Google Android nfc_main.cc nfc_enabled out-of-bounds read
low
1.4
-
-
-
166368
Google Android ConnectivityService.java showProvisioningNotification information disclosure
low
1.7
-
-
-
166367
Google Android NFC Server phNxpNciHal.cc phNxpNciHal_core_initialized out-of-bounds read
low
1.7
-
-
-
166366
Google Android ServiceRecord.java postNotification information disclosure
low
1.7
-
-
-
166365
Google Android C2SoftVorbisDec.cpp process memory leak
low
5.0
-
-
-
166364
Google Android NFC Server phNxpNciHal.cc phNxpNciHal_core_initialized out-of-bounds read
low
1.4
-
-
-
166363
Google Android NFC Server phNxpNciHal_ext.cc phNxpNciHal_send_ext_cmd out-of-bounds write
medium
4.0
-
-
-
166362
Google Android C2AllocatorIon.cpp priorLinearAllocation use after free
low
1.7
-
-
-
166361
Google Android SimSelectNotification.java createSimSelectNotification information disclosure
low
1.7
-
-
-
166360
Google Android nfc_ncif.cc nfc_ncif_proc_get_routing out-of-bounds read
low
1.4
-
-
-
166359
Google Android PhoneInterfaceManager.java getRadioAccessFamily information disclosure
low
1.7
-
-
-
166358
Google Android nfc_ncif.cc nfc_data_event out-of-bounds read
low
1.7
-
-
-
166357
Google Android HandleApiCalls.java onCreate permission
medium
4.3
-
-
-
166356
Google Android TextView.java TextView denial of service
low
5.0
-
-
-
166355
Google Android hci_layer.cc filter_incoming_event out-of-bounds read
low
1.7
-
-
-
166354
Google Android nfc_ncif.cc nfc_ncif_proc_get_routing out-of-bounds read
low
1.7
-
-
-
166353
Google Android Fingerprint information disclosure [CVE-2020-27026]
low
1.7
-
-
-
166352
Google Android EapFailureNotifier.java information disclosure
low
1.7
-
-
-
166351
Google Android Bluetooth smp_br_main.cc smp_br_state_machine_event out-of-bounds read
low
5.0
-
-
-
166350
Google Android BluetoothMediaBrowserService.java setErrorPlaybackState information disclosure
low
1.4
-
-
-
166349
Google Android avrc_pars_tg.cc avrc_ctrl_pars_vendor_cmd out-of-bounds read
low
1.4
-
-
-
166348
X.org X11 XkbSetDeviceInfo heap-based overflow
medium
5.2
-
-
-
166347
Google Android InputMethodManager.java startInputUncheckedLocked information disclosure
low
2.1
-
-
-
166346
Google Android bitreader.c FLAC__bitreader_read_rice_signed_block out-of-bounds read
low
5.0
-
-
-
166345
Google Android codebook.c decode_packed_entry_number out-of-bounds read
low
5.0
-
-
-
166344
Google Android BiometricServiceBase canUseBiometric information disclosure
low
1.7
-
-
-
166343
Google Android cpdf_renderstatus.cpp LoadSMask use after free
low
1.7
-
-
-
166342
Google Android JBig2_SddProc.cpp decode_Huffman integer overflow
low
1.7
-
-
-
166341
Google Android ih264d_sei.c ih264d_parse_ave out-of-bounds read
low
5.0
-
-
-
166340
Google Android cpdf_sampledfunc.cpp v_Call information disclosure
low
1.7
-
-
-
166339
Google Android Bitstream bitstream.cpp BitstreamFillCache out-of-bounds read
low
5.0
-
-
-
166338
Google Android MatroskaExtractor.cpp readBlock resource consumption
low
5.0
-
-
-
166337
Google Android floor1.c floor1_info_unpack information disclosure
low
5.0
-
-
-
166336
Google Android eas_mdls.c Parse_data out-of-bounds write
medium
7.5
-
-
-
166335
Google Android ihevc_inter_pred_filters_ssse3_intr.c ihevc_inter_pred_chroma_copy_ssse3 information disclosure
low
5.0
-
-
-
166334
Google Android stream_decoder.c read_metadata_vorbiscomment_ denial of service
low
5.0
-
-
-
166333
Google Android ContactsProvider2.java openAssetFileListener permission
medium
4.3
-
-
-
166332
Google Android UsbBackend.java areFunctionsSupported permission
medium
4.3
-
-
-
166331
Google Android ComposerClient.h destroyResources memory corruption
medium
4.0
-
-
-
166330
Google Android DrmManagerService.cpp ~DrmManagerService memory corruption
medium
4.0
-
-
-
166329
Google Android IncidentService.cpp command information disclosure
low
1.7
-
-
-
166328
Google Android AndroidManifest.xml permission
medium
4.3
-
-
-
166327
Google Android DocumentsProvider.java callUnchecked permission
medium
4.3
-
-
-
166326
Google Android DocumentsProvider.java callUnchecked permission
medium
4.3
-
-
-
166325
Google Android restoration.c extend_frame_lowbd out-of-bounds write
medium
4.3
-
-
-
166324
Google Android Network Configuration ClientModeImpl.java sendLinkConfigurationChangedBroadcast information disclosure
low
1.7
-
-
-
166323
Google Android Assistant.java onNotificationRemoved log file
low
1.7
-
-
-
166322
Google Android WindowManagerService.java createInputConsumer permission
medium
4.3
-
-
-
166321
Google Android HalCamera.cpp requestNewFrame use after free
medium
4.3
-
-
-
166320
Google Android BluetoothOppNotification.java updateIncomingFileConfirmNotification unrestricted upload
low
4.3
-
-
-
166319
Google Android CallLogProvider.java queryInternal information disclosure
low
1.7
-
-
-
166318
Google Android nci_hrcv.cc nci_proc_ee_management_rsp information disclosure
low
1.7
-
-
-
166317
Google Android SPDIFEncoder.cpp writeBurstBufferBytes information disclosure
low
1.7
-
-
-
166316
js-data Package deepFill code injection
medium
5.2
-
-
-
166315
Envoy UDP Datagram denial of service [CVE-2020-35471]
low
4.0
-
-
-
166314
Envoy Network Filter unknown vulnerability [CVE-2020-35470]
low
4.9
-
-
-
166313
Apple macOS Server Profile Manager cross site scripting [CVE-2020-9995]
low
5.0
-
-
-
166312
Apple macOS Wi-Fi denial of service [CVE-2020-27898]
low
2.3
-
-
-
166311
Apple macOS WebRTC use after free [CVE-2020-15969]
medium
7.5
-
-
-
166310
Apple macOS System Preferences sandbox [CVE-2020-10009]
low
4.3
-
-
-
166309
Apple macOS Ruby path traversal [CVE-2020-27896]
medium
6.0
-
-
-
166308
Apple macOS Quick Look cross site scripting [CVE-2020-10012]
low
5.0
-
-
-
166307
Apple macOS Power Management state issue [CVE-2020-10007]
low
1.7
-
-
-
166306
Apple macOS NSRemoteView sandbox [CVE-2020-27901]
low
4.3
-
-
-
166305
Apple macOS Model IO state issue [CVE-2020-10004]
medium
7.5
-
-
-
166304
Apple macOS Model IO out-of-bounds read [CVE-2020-13524]
medium
7.5
-
-
-
166303
Apple macOS Logging path traversal [CVE-2020-10010]
low
4.3
-
-
-
166302
Apple macOS libxpc path traversal [CVE-2020-10014]
low
4.3
-
-
-
166301
Apple macOS libxml2 use after free [CVE-2020-27926]
low
4.3
-
-
-
166300
Apple macOS libxml2 use after free [CVE-2020-27920]
medium
7.5
-
-
-
166299
Apple macOS libxml2 integer overflow [CVE-2020-27911]
medium
7.5
-
-
-
166298
Apple macOS Kernel Local Privilege Escalation [CVE-2020-29620]
low
4.3
-
-
-
166297
Apple macOS Kernel memory corruption [CVE-2020-27949]
low
4.3
-
-
-
166296
Apple macOS Kernel race condition [CVE-2020-27921]
medium
6.8
-
-
-
166295
Apple macOS Kernel use after free [CVE-2020-9975]
medium
6.8
-
-
-
166294
Apple macOS Kernel memory corruption [CVE-2020-9967]
high
8.5
-
-
-
166293
Apple macOS Kernel memory corruption [CVE-2020-10016]
medium
6.8
-
-
-
166292
Apple macOS Kernel state issue [CVE-2020-9974]
low
1.7
-
-
-
166291
Apple macOS Intel Graphics Driver memory corruption [CVE-2020-27907]
medium
6.8
-
-
-
166290
Apple macOS Intel Graphics Driver out-of-bounds write [CVE-2020-27897]
medium
6.8
-
-
-
166289
Apple macOS Intel Graphics Driver out-of-bounds write [CVE-2020-10015]
medium
6.8
-
-
-
166288
Apple macOS ImageIO out-of-bounds write [CVE-2020-27923]
medium
7.5
-
-
-
166287
Apple macOS ImageIO out-of-bounds write [CVE-2020-27912]
medium
7.5
-
-
-
166286
Apple macOS ImageIO out-of-bounds read [CVE-2020-29619]
medium
7.5
-
-
-
166285
Apple macOS ImageIO out-of-bounds read [CVE-2020-29617]
medium
7.5
-
-
-
166284
Apple macOS ImageIO out-of-bounds write [CVE-2020-29611]
medium
7.5
-
-
-
166283
Apple macOS ImageIO out-of-bounds read [CVE-2020-29618]
medium
7.5
-
-
-
166282
Apple macOS ImageIO out-of-bounds read [CVE-2020-27924]
medium
7.5
-
-
-
166281
Apple macOS ImageIO memory corruption [CVE-2020-29616]
medium
7.5
-
-
-
166280
Apple macOS Image Processing out-of-bounds write [CVE-2020-27919]
medium
7.5
-
-
-
166279
Apple macOS HomeKit unknown vulnerability [CVE-2020-9978]
low
2.6
-
-
-
166278
Apple macOS Graphics Drivers out-of-bounds write [CVE-2020-29612]
medium
6.8
-
-
-
166277
Apple macOS Graphics Drivers memory corruption [CVE-2020-27947]
medium
6.8
-
-
-
166276
Apple macOS Foundation state issue [CVE-2020-10002]
low
1.7
-
-
-
166275
Apple macOS FontParser memory corruption [CVE-2020-27944]
medium
7.5
-
-
-
166274
Apple macOS FontParser memory corruption [CVE-2020-27943]
medium
7.5
-
-
-
166273
Apple macOS FontParser memory corruption [CVE-2020-27931]
medium
7.5
-
-
-
166272
Apple macOS FontParser out-of-bounds read [CVE-2020-9956]
medium
7.5
-
-
-
166271
Apple macOS FontParser out-of-bounds write [CVE-2020-27952]
medium
7.5
-
-
-
166270
Apple macOS FontParser buffer overflow [CVE-2020-9962]
medium
7.5
-
-
-
166269
Apple macOS FontParser information disclosure [CVE-2020-27946]
low
5.0
-
-
-
166268
Apple macOS CoreText state issue [CVE-2020-27922]
medium
7.5
-
-
-
166267
Apple macOS CoreAudio out-of-bounds write [CVE-2020-10017]
medium
7.5
-
-
-
166266
Apple macOS CoreAudio out-of-bounds read [CVE-2020-27908]
medium
7.5
-
-
-
166265
Apple macOS CoreAudio out-of-bounds read [CVE-2020-9960]
medium
7.5
-
-
-
166264
Apple macOS CoreAudio out-of-bounds write [CVE-2020-27948]
medium
7.5
-
-
-
166263
Apple macOS Bluetooth integer overflow [CVE-2020-27906]
medium
7.5
-
-
-
166262
Apple macOS Audio out-of-bounds write [CVE-2020-27916]
medium
7.5
-
-
-
166261
Apple macOS Audio out-of-bounds read [CVE-2020-9944]
low
1.7
-
-
-
166260
Apple macOS Audio out-of-bounds read [CVE-2020-9943]
low
1.7
-
-
-
166259
Apple macOS Audio out-of-bounds read [CVE-2020-27910]
medium
7.5
-
-
-
166258
Apple macOS AppleMobileFileIntegrity Local Privilege Escalation
low
4.3
-
-
-
166257
Apple macOS AppleGraphicsControl behavioral workflow [CVE-2020-27941]
medium
6.8
-
-
-
166256
Apple macOS App Store privileges management [CVE-2020-27903]
low
4.3
-
-
-
166255
Apple macOS AMD memory corruption [CVE-2020-27915]
medium
6.8
-
-
-
166254
Apple macOS AMD memory corruption [CVE-2020-27914]
medium
6.8
-
-
-
166253
Apple Safari WebRTC use after free [CVE-2020-15969]
medium
7.5
-
-
-
166252
Apple tvOS WebRTC use after free [CVE-2020-15969]
medium
7.5
-
-
-
166251
Apple tvOS ImageIO out-of-bounds write [CVE-2020-29611]
medium
7.5
-
-
-
166250
Apple tvOS ImageIO out-of-bounds read [CVE-2020-29618]
medium
7.5
-
-
-
166249
Apple tvOS ImageIO out-of-bounds read [CVE-2020-29619]
medium
7.5
-
-
-
166248
Apple tvOS ImageIO out-of-bounds read [CVE-2020-29617]
medium
7.5
-
-
-
166247
Apple tvOS FontParser memory corruption [CVE-2020-27944]
medium
7.5
-
-
-
166246
Apple tvOS FontParser memory corruption [CVE-2020-27943]
medium
7.5
-
-
-
166245
Apple tvOS FontParser information disclosure [CVE-2020-27946]
low
5.0
-
-
-
166244
Apple tvOS CoreAudio out-of-bounds write [CVE-2020-27948]
medium
7.5
-
-
-
166243
Apple watchOS WebRTC use after free [CVE-2020-15969]
medium
7.5
-
-
-
166242
Apple watchOS Security unknown vulnerability [CVE-2020-27951]
low
4.9
-
-
-
166241
Apple watchOS ImageIO out-of-bounds write [CVE-2020-29611]
medium
7.5
-
-
-
166240
Apple watchOS ImageIO out-of-bounds read [CVE-2020-29618]
medium
7.5
-
-
-
166239
Apple watchOS ImageIO out-of-bounds read [CVE-2020-29619]
medium
7.5
-
-
-
166238
Apple watchOS ImageIO out-of-bounds read [CVE-2020-29617]
medium
7.5
-
-
-
166237
Apple watchOS FontParser memory corruption [CVE-2020-27944]
medium
7.5
-
-
-
166236
Apple watchOS FontParser memory corruption [CVE-2020-27943]
medium
7.5
-
-
-
166235
Apple watchOS FontParser information disclosure [CVE-2020-27946]
low
5.0
-
-
-
166234
Apple watchOS CoreAudio out-of-bounds write [CVE-2020-27948]
medium
7.5
-
-
-
166233
Apple iOS/iPadOS WebRTC use after free [CVE-2020-15969]
medium
7.5
-
-
-
166232
Apple iOS/iPadOS Security unknown vulnerability [CVE-2020-27951]
low
4.9
-
-
-
166231
Apple iOS/iPadOS ImageIO out-of-bounds write [CVE-2020-29611]
medium
7.5
-
-
-
166230
Apple iOS/iPadOS ImageIO out-of-bounds read [CVE-2020-29618]
medium
7.5
-
-
-
166229
Apple iOS/iPadOS ImageIO out-of-bounds read [CVE-2020-29619]
medium
7.5
-
-
-
166228
Apple iOS/iPadOS ImageIO out-of-bounds read [CVE-2020-29617]
medium
7.5
-
-
-
166227
Apple iOS/iPadOS FontParser memory corruption [CVE-2020-27944]
medium
7.5
-
-
-
166226
Apple iOS/iPadOS FontParser memory corruption [CVE-2020-27943]
medium
7.5
-
-
-
166225
Apple iOS/iPadOS FontParser information disclosure [CVE-2020-27946]
medium
7.5
-
-
-
166224
Apple iOS/iPadOS CoreAudio out-of-bounds read [CVE-2020-27948]
medium
7.5
-
-
-
166223
Apple iOS/iPadOS App Store state issue [CVE-2020-29613]
low
4.9
-
-
-
166222
curl Certificate Revocation certificate validation [CVE-2020-8286]
medium
7.5
-
-
-
166221
haxx.se cURL FTP Wildcard stack-based overflow [CVE-2020-8285]
medium
5.0
-
-
-
166220
curl FTP PASV information disclosure [CVE-2020-8284]
low
2.6
-
-
-
166219
Citrix Virtual Apps/Virtual Desktops/XenApp/XenDesktop Universal Print Server privileges management
medium
7.7
-
-
-
166218
Ubiquiti EdgePower 24V-54V cross-site request forgery [CVE-2020-8282]
low
4.0
-
-
-
166217
Citrix Gateway Plug-in Services privileges management [CVE-2020-8258]
medium
5.2
-
-
-
166216
Citrix Gateway Plug-in access control [CVE-2020-8257]
medium
5.2
-
-
-
166215
libcURL Connection use after free [CVE-2020-8231]
medium
4.9
-
-
-
166214
curl File Name injection [CVE-2020-8177]
low
4.3
-
-
-
166213
curl DNS Server information disclosure [CVE-2020-8169]
low
2.6
-
-
-
166212
Jon Iles Packwood MPXJ ZIP Stream InputStreamHelper.java pathname traversal
medium
5.2
-
-
-
166211
Gnome GLib g_option_group_add_entries integer overflow [Disputed]
medium
4.9
-
-
-
166210
Google Go Encoding XML Package encoding error [CVE-2020-29511]
medium
7.5
-
-
-
166209
Google Go Encoding XML Package encoding error [CVE-2020-29510]
medium
7.5
-
-
-
166208
Google Go Encoding XML Package encoding error [CVE-2020-29509]
medium
7.5
-
-
-
166207
SabaiApp Directories Pro Plugin CSV File cross site scripting
low
5.0
-
-
-
166206
SabaiApp Directories Pro Plugin cross site scripting [CVE-2020-29303]
low
4.0
-
-
-
166205
OpenAsset Digital Asset Management ProjectsCSV access control
medium
5.8
-
-
-
166204
Unicenter Asset Management sql injection [CVE-2020-28860]
medium
4.6
-
-
-
166203
OpenAsset Digital Asset Management Scripting cross site scripting
low
5.0
-
-
-
166202
OpenAsset Digital Asset Management cross-site request forgery
low
5.0
-
-
-
166201
OpenAsset Digital Asset Management cross site scripting [CVE-2020-28857]
low
5.0
-
-
-
166200
Siemens SICAM A8000 CP-8022 Web Server protection mechanism [CVE-2020-28396]
low
2.6
-
-
-
ID
Title
VulDB
CVSS
Secunia
XForce
Nessus
166199
Siemens LOGO! 8 BM Website/Access Tool insufficiently protected credentials
low
2.6
-
-
-
166198
Siemens LOGO! 8 BM/LOGO! Soft Comfort UDF hard-coded key [CVE-2020-25234]
low
2.3
-
-
-
166197
Siemens LOGO! 8 BM Firmware hard-coded key [CVE-2020-25233]
low
2.3
-
-
-
166196
Siemens LOGO! 8 BM tcp risky encryption
low
1.4
-
-
-
166195
Siemens LOGO! 8 BM/LOGO! Soft Comfort hard-coded key [CVE-2020-25231]
low
2.3
-
-
-
166194
Siemens LOGO! 8 BM Service Port 10005 risky encryption [CVE-2020-25230]
low
2.6
-
-
-
166193
Siemens LOGO! 8 BM authentication replay [CVE-2020-25229]
medium
5.8
-
-
-
166192
Siemens LOGO! 8 BM Service Port 10005 missing authentication
medium
8.3
-
-
-
166191
NewPK newpost.php sql injection
medium
6.5
-
-
-
166190
Dan McDougall GateOne SSH Connection os command injection [CVE-2020-20184]
medium
6.5
-
-
-
166189
ZyXEL P1302-T10 v3 Admin Page resource injection [CVE-2020-20183]
medium
4.9
-
-
-
166188
QuantConnect Lean Json.NET library deserialization [CVE-2020-20136]
medium
4.9
-
-
-
166187
Gallagher Command Centre Enterprise Data Interface sql injection
medium
5.8
-
-
-
166186
Gallagher Command Centre Server type confusion [CVE-2020-16103]
medium
6.5
-
-
-
166185
Gallagher Command Centre Server improper authentication [CVE-2020-16102]
medium
6.5
-
-
-
166184
Siemens SIMATIC ET 200SP/SIMATIC S7-1500 Web Server denial of service
low
3.5
-
-
-
166183
Eclipse Che CodeReady Workspace services cross-site request forgery
low
4.0
-
-
-
166182
Google Android restoration.c extend_frame_highbd heap-based overflow
medium
5.0
-
-
-
166181
Google Android LockSettingsService.java addEscrowToken denial of service
low
1.7
-
-
-
166180
Google Android TelephonyRegistry.java listen information disclosure
low
1.7
-
-
-
166179
Google Android Network Traffic Vpn.java onUserStopped information disclosure
low
1.7
-
-
-
166178
Google Android eventpoll.c do_epoll_ctl use after free
medium
4.3
-
-
-
166177
Google Android Kernel hid-multitouch.c out-of-bounds write
medium
4.3
-
-
-
166176
Google Android res_cache.cpp resolv_cache_lookup information disclosure
low
1.0
-
-
-
166175
Google Android Bluetooth Server sdp_server.cc sdp_server_handle_client_req information disclosure
low
3.5
-
-
-
166174
Google Android Certificate CertInstaller.java createNameCredentialDialog information disclosure
low
5.0
-
-
-
166173
Google Android WiFi Configuration WifiConfigManager.java sendConfiguredNetworkChangedBroadcast information disclosure
low
1.7
-
-
-
166172
Google Android SPDIFEncoder.cpp writeBurstBufferBytes integer overflow
medium
7.5
-
-
-
166171
Google Android out-of-bounds write [CVE-2020-0457]
medium
5.2
-
-
-
166170
Google Android out-of-bounds write [CVE-2020-0456]
medium
5.2
-
-
-
166169
Google Android out-of-bounds read [CVE-2020-0455]
low
2.3
-
-
-
166168
Google Android auditfilter.c audit_free_lsm_field privileges management
low
4.3
-
-
-
166167
Google Android DisplayManagerService.java createVirtualDisplay permission
medium
4.3
-
-
-
166166
Google Android WindowManagerService.java addWindow clickjacking
low
4.3
-
-
-
166165
Google Android Broadcom Nexus Firmware hard-coded password [CVE-2020-0019]
medium
6.8
-
-
-
166164
Google Android Broadcom Nexus Firmware hard-coded password [CVE-2020-0016]
medium
6.8
-
-
-
166163
Siemens XHQ Web Interface cross-site request forgery [CVE-2019-19289]
low
5.0
-
-
-
166162
Siemens XHQ Web Interface cross site scripting [CVE-2019-19288]
low
4.0
-
-
-
166161
Siemens XHQ path traversal [CVE-2019-19287]
medium
7.5
-
-
-
166160
Siemens XHQ sql injection [CVE-2019-19286]
medium
6.5
-
-
-
166159
Siemens XHQ Web Interface cross site scriting [CVE-2019-19285]
low
4.0
-
-
-
166158
Siemens XHQ cross site scripting [CVE-2019-19284]
low
4.0
-
-
-
166157
Siemens XHQ Web Server information disclosure [CVE-2019-19283]
low
2.3
-
-
-
166156
Classbooking CSV File sql injection [CVE-2020-35382]
medium
5.8
-
-
-
166155
Online Bus Ticket Reservation Login Page sql injection [CVE-2020-35378]
medium
7.5
-
-
-
166154
Mobile Viewpoint Wireless Multiplex Terminal Playout Server hard-coded credentials
medium
5.8
-
-
-
166153
Project Worlds Car Rental Management System index.php file inclusion
medium
5.4
-
-
-
166152
OpenAsset Asset Management HTTP Request access control [CVE-2020-28856]
medium
5.2
-
-
-
166151
GE Healthcare Signa credentials management [CVE-2020-25179]
low
5.0
-
-
-
166150
GE Healthcare Signa cleartext transmission [CVE-2020-25175]
low
2.6
-
-
-
166149
BitDefender Antivirus Plus SafePay origin validation [CVE-2020-15733]
low
5.0
-
-
-
166148
HCL Notes Client MIME Message stack-based overflow [CVE-2020-14268]
medium
7.5
-
-
-
166147
HCL Domino Server MIME Message stack-based overflow [CVE-2020-14244]
high
10.0
-
-
-
166146
Apache Airflow Charts/Query server-side request forgery [CVE-2020-17513]
medium
5.2
-
-
-
166145
Apache Airflow CLI log file [CVE-2020-17511]
low
2.7
-
-
-
166144
Mitsubishi Electric MELSEC iQ-F FX5U(C) ARP Packet unknown vulnerability
medium
5.8
-
-
-
166143
FileZen pathname traversal [CVE-2020-5639]
medium
6.5
-
-
-
166142
NEC Aterm SA3500G improper validation of integrity check value
medium
6.5
-
-
-
166141
NEC Aterm SA3500G URL Remote Privilege Escalation [CVE-2020-5636]
medium
6.5
-
-
-
166140
NEC Aterm SA3500G URL unknown vulnerability [CVE-2020-5635]
low
4.9
-
-
-
166139
amazee.io Lagoon GitLab Webhook access control [CVE-2020-35236]
medium
5.2
-
-
-
166138
secure-file-manager Plugin elFinder connector.minimal.php access control
medium
6.5
-
-
-
166137
easy-wp-smtp Plugin log file [CVE-2020-35234]
low
2.6
-
-
-
166136
Macally WIFISD2-2A82 Guest User Password shadow credentials storage
low
2.7
-
-
-
166135
SolarWinds Orion Network Management Sunburst/Solorigate backdoor
medium
4.9
-
-
-
166134
Medtronic Smart Model 25000 Patient Reader Update System toctou
medium
10.0
-
-
-
166133
Medtronic Smart Model 25000 Patient Reader Debug Command heap-based overflow
medium
8.3
-
-
-
166132
Medtronic Smart Model 25000 Patient Reader App Authentication improper authentication
medium
5.8
-
-
-
166131
LastPass Password Manager improper authentication [CVE-2020-35208] [Disputed]
low
3.7
-
-
-
166130
LastPass Password Manager improper authentication [CVE-2020-35207] [Disputed]
low
3.7
-
-
-
166129
Ignite Realtime Openfire db-access.jsp cross site scripting
low
4.0
-
-
-
166128
Ignite Realtime Openfire create-bookmark.jsp cross site scripting
low
4.0
-
-
-
166127
Ignite Realtime Openfire spark-form.jsp cross site scripting
low
4.0
-
-
-
166126
Ignite Realtime Openfire create-bookmark.jsp cross site scripting
low
4.0
-
-
-
166125
F5 BIG-IP iControl REST cross site scripting [CVE-2020-5950]
low
4.0
-
-
-
166124
F5 BIG-IP FTP denial of service [CVE-2020-5949]
low
5.0
-
-
-
166123
F5 BIG-IP iControl REST cross site scripting [CVE-2020-5948]
low
4.0
-
-
-
166122
AWStats awstats.pl pathname traversal
medium
5.2
-
-
-
166121
Frappe Framework API input validation [CVE-2020-35175]
medium
4.9
-
-
-
166120
mquery Operation utils.js injection
low
4.9
-
-
-
166119
Western Digital Dashboard DLL uncontrolled search path [CVE-2020-29654]
medium
6.5
-
-
-
166118
Western Digital My Cloud OS improper authentication [CVE-2020-29563]
medium
5.8
-
-
-
166117
SmartyStreets liveAddressPlugin.js Parameter this.showInvalidCountry cross site scripting
low
4.0
-
-
-
166116
Linux Kernel ring_buffer.c use after free
low
4.3
-
-
-
166115
F5 BIG-IP NGINX Controller Agent pathname traversal [CVE-2020-27730]
medium
6.5
-
-
-
166114
F5 BIG-IP AFM Traffic Management Microkernel denial of service
low
1.4
-
-
-
166113
Wireshark USB HID Protocol Dissector denial of service [CVE-2020-26421]
low
2.6
-
-
-
166112
Wireshark RTPS Protocol Dissector memory leak [CVE-2020-26420]
low
2.6
-
-
-
166111
Wireshark Dissection Engine memory leak [CVE-2020-26419]
low
2.6
-
-
-
166110
Wireshark Kafka Protocol Dissector denial of service [CVE-2020-26418]
low
2.6
-
-
-
166109
Contiki IPv6 Header memory corruption [CVE-2020-25112]
medium
5.1
-
-
-
166108
Contiki IPv6 Header Length memory corruption [CVE-2020-25111]
medium
5.1
-
-
-
166107
Nut OS Ethernut memory corruption [CVE-2020-25110]
medium
5.1
-
-
-
166106
Nut OS Ethernut memory corruption [CVE-2020-25109]
medium
5.1
-
-
-
166105
Nut OS Ethernut memory corruption [CVE-2020-25108]
medium
5.1
-
-
-
166104
Nut OS Ethernut memory corruption [CVE-2020-25107]
low
5.1
-
-
-
166103
FNET mDNS Query out-of-bounds read [CVE-2020-24383]
low
5.1
-
-
-
166102
picoTCP/picoTCP-NG TCP pico_tcp.c out-of-bounds read
low
5.1
-
-
-
166101
picoTCP/picoTCP-NG DNS Packet pico_mdns.c pico_mdns_handle_data_as_answers_generic out-of-bounds read
low
2.6
-
-
-
166100
picoTCP/picoTCP-NG Domain Name Decompression pico_dns_common.c pico_dns_decompress_name out-of-bounds read
low
2.6
-
-
-
166099
picoTCP Domain Name Decompression pico_dns_common.c pico_dns_decompress_name out-of-bounds write
medium
5.1
-
-
-
166098
picoTCP/picoTCP-NG TCP Options pico_tcp.c tcp_parse_options denial of service
low
5.0
-
-
-
166097
Contiki/Contiki-NG Domain Name ip64-dns64.c buffer overflow
medium
5.1
-
-
-
166096
uIP DNS Response resolv.c out-of-bounds read
low
5.1
-
-
-
166095
PHPSHE sql injection [CVE-2020-19165]
medium
6.5
-
-
-
166094
FNET DNS Client Interface fnet_dns.c _fnet_dns_poll initialization
low
4.0
-
-
-
166093
FNET IPv6 Fragmentation fnet_ip6.c _fnet_ip6_reassembly uninitialized pointer
low
5.0
-
-
-
166092
FNET IPv6 Extension Header fnet_ip6.c _fnet_ip6_ext_header_handler_options out-of-bounds read
medium
7.5
-
-
-
166091
FNET LLMNR Request fnet_llmnr.c _fnet_llmnr_poll information disclosure
low
2.3
-
-
-
166090
Valid picoTCP IPv6 Destination Options pico_ipv6.c pico_ipv6_process_destopt out-of-bounds read
low
5.0
-
-
-
166089
picoTCP Header Field pico_ipv6.c pico_ipv6_check_headers_sequence integer overflow
low
5.0
-
-
-
166088
picoTCP ICMPv6 Echo Request Packet pico_icmp6.c pico_icmp6_send_echoreply_not_frag memory corruption
medium
5.0
-
-
-
166087
picoTCP Header Length pico_ipv6.c pico_ipv6_process_hopbyhop integer overflow
low
5.0
-
-
-
166086
picoTCP IPv6 Header pico_ipv6.c pico_ipv6_extension_headers out-of-bounds read
low
5.0
-
-
-
166085
uIP DNS Response resolv.c parse_name null pointer dereference
low
5.0
-
-
-
166084
uIP DNS Reply resolv.c newdata dns rebinding
medium
7.5
-
-
-
166083
uIP IP Header Length uip.c uip_reass denial of service
low
2.3
-
-
-
166082
uIP TCP Flag uip.c uip_process buffer overflow
medium
5.2
-
-
-
166081
Brocade Fabric OS Virtual Fabric Mode access control [CVE-2020-15376]
medium
6.5
-
-
-
166080
Brocade Fabric OS Command Line Interface input validation [CVE-2020-15375]
medium
4.3
-
-
-
166079
Contiki TCPIP Stack uip.c uip_process integer overflow
medium
7.5
-
-
-
166078
Contiki TCPIP Stack uip.c upper_layer_chksum out-of-bounds read
medium
7.5
-
-
-
166077
Contiki TCPIP Stacl rpl-ext-header.c rpl_remove_header infinite loop
low
5.0
-
-
-
166076
Contiki TCPIP Stack rpl-ext-header.c rpl_remove_header memory corruption
medium
7.5
-
-
-
166075
Contiki TCPIP Stack uip6.c ext_hdr_options_process infinite loop
low
2.3
-
-
-
166074
i18n Language Tag TextLocalizer.cs denial of service
low
5.0
-
-
-
166073
Sophos Cyberoam OS WebAdmin sql injection [CVE-2020-29574]
medium
7.5
-
-
-
166072
corenlp-js-interface command injection [CVE-2020-28440]
medium
7.5
-
-
-
166071
corenlp-js-prefab index.js injection
medium
7.5
-
-
-
166070
Canonical Go Ethereum Consensus calculation [CVE-2020-26265]
medium
4.0
-
-
-
166069
Go Ethereum GetProofsV2 Request resource consumption [CVE-2020-26264]
low
5.0
-
-
-
166068
ua-parser-js incorrect regex [CVE-2020-7793]
low
2.3
-
-
-
166067
IBM Resilient SOAR Formula injection [CVE-2020-4633]
medium
7.5
-
-
-
166066
registry Docker Image improper authentication [CVE-2020-29591]
high
10.0
-
-
-
166065
teamspeak Docker Image improper authentication [CVE-2020-29590]
high
10.0
-
-
-
166064
kapacitor Docker Image improper authentication [CVE-2020-29589]
high
10.0
-
-
-
166063
TikiWiki Web-based Management Interface cross-site request forgery
low
5.0
-
-
-
166062
OpenCart CMS CART Option cross-site request forgery [CVE-2020-28838]
low
4.0
-
-
-
166061
Frappe Two-factor Authentication information disclosure [CVE-2020-27508]
low
2.6
-
-
-
166060
Apache Airflow trigger cross site scripting
low
4.0
-
-
-
166059
Askey AP5100W Ping/Traceroute/Route os command injection [CVE-2020-15357]
medium
6.5
-
-
-
166058
Askey AP5100W WPS PIN password recovery [CVE-2020-15023]
low
2.6
-
-
-
166057
Silver Peak Unity ECOSTM Configuration Backup os command injection
medium
8.3
-
-
-
166056
Silver Peak Unity ECOSTM nslookup API os command injection [CVE-2020-12148]
medium
5.8
-
-
-
166055
mout Package code injection [CVE-2020-7792]
medium
5.0
-
-
-
166054
spatie browsershot URL path traversal [CVE-2020-7790]
low
5.0
-
-
-
166053
ini Package INI Parser injection [CVE-2020-7788]
medium
7.5
-
-
-
166052
Cisco Jabber Custom Protocol privileges management [CVE-2020-27127]
medium
7.5
-
-
-
166051
Cisco Jabber Message Content Validator information disclosure
low
5.0
-
-
-
166050
Cisco Jabber Custom Protocol command injection [CVE-2020-27133]
medium
7.5
-
-
-
166049
Cisco Jabber XMPP Message injection [CVE-2020-27134]
medium
7.5
-
-
-
166048
Cisco Jabber XMPP Message Remote Privilege Escalation [CVE-2020-26085]
medium
6.5
-
-
-
166047
node-notifier command injection [CVE-2020-7789]
medium
5.1
-
-
-
166046
Netflix Spinnaker SpEL Expression deserialization [CVE-2020-9301]
low
4.9
-
-
-
166045
Schneider Electric EcoStruxure Control Expert/Unity Pro write-what-where condition
low
4.9
-
-
-
166044
Schneider Electric Modicon M340/Modicon Quantum/Modicon Premium Web Server unusual condition
low
2.3
-
-
-
166043
Schneider Electric Modicon M340 Modbus unusual condition [CVE-2020-7543]
low
1.5
-
-
-
166042
Schneider Electric Modicon M340 Modbus unusual condition [CVE-2020-7542]
low
1.5
-
-
-
166041
Schneider Electric Modicon M340/Modicon Quantum/Modicon Premium Web Server direct request
low
3.5
-
-
-
166040
Schneider Electric Modicon M340/Modicon Quantum/Modicon Premium Web Server missing authentication
medium
5.8
-
-
-
166039
Schneider Electric Modicon M340/Modicon Quantum/Modicon Premium HTTP unusual condition
low
2.7
-
-
-
166038
Schneider Electric Modicon M580 Modbus unusual condition [CVE-2020-7537]
low
1.5
-
-
-
166037
Schneider Electric Modicon M340 SNMP unusual condition [CVE-2020-7536]
low
2.3
-
-
-
166036
Schneider Electric Modicon M340 Web Server path traversal [CVE-2020-7535]
low
2.7
-
-
-
166035
ultimate-category-excluder Plugin ultimate-category-excluder.php cross-site request forgery
low
4.0
-
-
-
166034
phpLDAPadmin function.php get_request cross site scripting
low
4.0
-
-
-
166033
Ignite Realtime Openfire Bookmark create-bookmark.jsp cross site scripting
low
4.0
-
-
-
166032
Typesetter CMS Admin/Configuration cross site scripting [CVE-2020-35126] [Disputed]
low
3.3
-
-
-
166031
Schneider Electric Modicon M258 memory corruption [CVE-2020-28220]
medium
5.2
-
-
-
166030
Schneider Electric EcoStruxure Geo SCADA Expert Virtual ViewX insufficiently protected credentials
low
4.0
-
-
-
166029
Schneider Electric Easergy T300 improper restriction of rendered ui layers
medium
4.9
-
-
-
166028
Schneider Electric Easergy T300 missing encryption [CVE-2020-28217]
low
2.6
-
-
-
166027
Schneider Electric Easergy T300 missing encryption [CVE-2020-28216]
low
2.6
-
-
-
166026
Schneider Electric Easergy T300 authorization [CVE-2020-28215]
medium
4.9
-
-
-
166025
Schneider Electric Modicon M221 hash without salt [CVE-2020-28214]
low
1.4
-
-
-
166024
Jasper jpc Encoder out-of-bounds write [CVE-2020-27828]
medium
5.2
-
-
-
166023
Linux Kernel MIDI use after free [CVE-2020-27786]
medium
4.3
-
-
-
166022
GitLab Community Edition/Enterprise Edition Project information disclosure
low
5.0
-
-
-
166021
GitLab Enterprise Edition Advanced Search information disclosure
low
0.8
-
-
-
166020
GitLab Community Edition/Enterprise Edition REST API information disclosure
low
4.0
-
-
-
166019
GitLab Community Edition/Enterprise Edition GraphQL information disclosure
low
5.0
-
-
-
166018
GitLab Enterprise Edition Group Member information disclosure
low
2.1
-
-
-
166017
GitLab Community Edition/Enterprise Edition Project Search denial of service
low
4.0
-
-
-
166016
GitLab Community Edition/Enterprise Edition Markdown resource consumption
low
4.0
-
-
-
166015
GitLab Community Edition/Enterprise Edition Profile information disclosure
low
5.0
-
-
-
166014
Micro Focus Filr information disclosure [CVE-2020-25838]
low
2.3
-
-
-
166013
Aruba Networks 9000 Gateway GRUB2 Remote Privilege Escalation
medium
8.5
-
-
-
166012
Aruba Networks 9000 Gateway Service Port 8211 injection [CVE-2020-24634]
medium
6.0
-
-
-
166011
Aruba Networks 9000 Gateway Service Port 8211 buffer overflow
medium
7.5
-
-
-
166010
Adobe Lightroom Classic uncontrolled search path [CVE-2020-24447]
medium
3.5
-
-
-
166009
Adobe Prelude uncontrolled search path [CVE-2020-24440]
medium
3.5
-
-
-
166008
Apache Struts OGNL Evaluation Remote Privilege Escalation [CVE-2020-17530]
medium
6.0
-
-
-
166007
EIP Stack Group OpENer Ethernet out-of-bounds write [CVE-2020-13556]
medium
6.5
-
-
-
166006
EIP Stack Group OpENer Ethernet resource consumption [CVE-2020-13530]
low
5.0
-
-
-
166005
Pixar OpenUSD USD File out-of-bounds read [CVE-2020-13520]
medium
7.5
-
-
-
166004
GitLab Community Edition/Enterprise Edition Feature Flag improper authorization
medium
5.2
-
-
-
166003
Gerrit FilteredRepository Wrapper improper authorization [CVE-2020-8920]
low
2.7
-
-
-
166002
Gerrit REST API improper authorization [CVE-2020-8919]
low
2.7
-
-
-
166001
Google Guava Temp Directory com.google.common.io.Files.createTempDir temp file
medium
6.5
-
-
-
166000
IBM AIX/VIOS ksu Command privileges management [CVE-2020-4829]
medium
6.8
-
-
-
165999
Ubilling Config File command injection [CVE-2020-29311]
medium
9.0
-
-
-
165998
TensorFlow Computation Graph out-of-bounds read [CVE-2020-26271]
low
4.3
-
-
-
165997
TensorFlow LSTM/GRU denial of service [CVE-2020-26270]
low
1.7
-
-
-
165996
TensorFlow out-of-bounds read [CVE-2020-26269]
low
2.3
-
-
-
165995
TensorFlow Python Interpreter tf.raw_ops.ImmutableConst denial of service
low
1.7
-
-
-
165994
TensorFlow API tf.raw_ops.DataFormatVecPermute out-of-bounds read
low
3.2
-
-
-
165993
TensorFlow Model uninitialized resource [CVE-2020-26266]
low
4.3
-
-
-
165992
Askey AP5100W Telnet/SSH weak password [CVE-2020-26201]
medium
5.8
-
-
-
165991
FastAdmin Template injection [CVE-2020-25967]
medium
4.9
-
-
-
165990
iCMS install.php os command injection
medium
5.2
-
-
-
165989
iCMS install.php os command injection
medium
5.2
-
-
-
165988
Notable Markdown Text cross site scripting [CVE-2020-16608]
low
4.0
-
-
-
165987
ProcessMaker reportTables_Ajax sql injection
medium
6.5
-
-
-
165986
IBM Sterling B2B Integrator Standard Edition Dashboard UI information disclosure
low
4.0
-
-
-
165985
Sympa SOAP API authenticateAndRun access control
medium
6.5
-
-
-
165984
Lan ATMService M3 ATM Monitoring System Session session expiration
low
2.6
-
-
-
165983
Lan ATMService M3 ATM Monitoring System Log File log file [CVE-2020-29666]
low
3.5
-
-
-
165982
GitLab Community Edition/Enterprise Edition Project Import cross site scripting
low
4.0
-
-
-
165981
Adobe Experience Manager/AEM Forms add-on Form cross site scripting
low
4.0
-
-
-
165980
Adobe Experience Manager/AEM Forms add-on server-side request forgery
medium
5.8
-
-
-
165979
Symantec Messaging Gateway Web UI information disclosure [CVE-2020-12595]
low
4.0
-
-
-
165978
Symantec Messaging Gateway CLI access control [CVE-2020-12594]
medium
9.0
-
-
-
165977
Adobe Acrobat Reader information disclosure [CVE-2020-29075]
low
5.0
-
-
-
165976
python-apt arfile.cc release of resource
low
1.4
-
-
-
165975
APT deb Package extracttar.cc integer overflow
medium
4.3
-
-
-
165974
Music Music Station cross site scripting [CVE-2020-2494]
low
4.0
-
-
-
165973
QNAP Multimedia Console cross site scripting [CVE-2020-2493]
low
4.0
-
-
-
165972
QNAP QTS Photo Station cross site scripting [CVE-2020-2491]
low
4.0
-
-
-
165971
WAGO PLC 750-88x/PLC 750-352 resource consumption [CVE-2020-12516]
low
5.0
-
-
-
165970
McAfee Database Security Server Sensor SHA1 Certificate certificate validation
medium
4.3
-
-
-
165969
Online Examination System feedback.php cross site scripting
low
4.0
-
-
-
165968
Online Examination System index.php cross site scripting
low
4.0
-
-
-
165967
Online Examination System feedback.php cross site scripting
low
4.0
-
-
-
165966
pass Git Repository improper authentication [CVE-2020-28086]
low
4.6
-
-
-
165965
synapse Synapse Event send_join denial of service
low
4.0
-
-
-
165964
TOTOLINK A3002RU os command injection [CVE-2020-25499]
medium
6.5
-
-
-
165963
Artifex MuPDF newband_writer use after free
medium
4.9
-
-
-
165962
GNU Binutils _bfd_elf_get_symbol_version_string null pointer dereference
low
2.3
-
-
-
165961
GNU Binutils debug_get_real_type null pointer dereference
low
2.3
-
-
-
165960
GNU Binutils scan_unit_for_symbols denial of service
low
2.3
-
-
-
165959
GNU Binutils bfd_hash_lookup use after free
low
4.9
-
-
-
165958
GNU Binutils process_symbol_table denial of service
low
2.3
-
-
-
165957
GNU Binutils File Descriptor process_symbol_table double free
low
4.9
-
-
-
165956
Academy Software Foundation OpenEXR EXR File ImfTiledOutputFile.cpp writeTileData heap-based overflow
low
2.7
-
-
-
165955
Academy Software Foundation OpenEXR EXR File makePreview.cpp generatePreview null pointer dereference
low
2.3
-
-
-
165954
Academy Software Foundation OpenEXR EXR File ImfMultiPartInputFile.cpp chunkOffsetReconstruction heap-based overflow
low
2.7
-
-
-
165953
Macrium Reflect openssl.cnf access control
medium
9.0
-
-
-
165952
react-adal JWT Token authentication spoofing [CVE-2020-7787]
medium
7.5
-
-
-
165951
PHPOffice PhpSpreadsheet Excel File cross site scripting [CVE-2020-7776]
low
4.0
-
-
-
165950
Linux Kernel tty Subsystem tty_jobctrl.c use after free
medium
4.9
-
-
-
165949
Linux Kernel Locking tty_io.c use after free
medium
4.9
-
-
-
165948
Flexense DupScout Enterprise Web Server settings buffer overflow
medium
6.5
-
-
-
165947
SAP Business Warehouse/BW4HANA os command injection [CVE-2020-26838]
medium
8.3
-
-
-
165946
SAP Solution Manager User Experience Monitoring path traversal
medium
6.5
-
-
-
165945
SAP Solution Manager Trace Analysis redirect [CVE-2020-26836]
low
2.6
-
-
-
165944
SAP NetWeaver AS ABAP cross site scripting [CVE-2020-26835]
low
5.0
-
-
-
165943
Valid HANA Database SAML improper authentication [CVE-2020-26834]
medium
4.6
-
-
-
165942
SAP AS ABAP/S4 HANA Landscape Transformation authorization [CVE-2020-26832]
medium
5.8
-
-
-
165941
SAP BusinessObjects BI Platform Crystal Report server-side request forgery
medium
6.5
-
-
-
165940
SAP Solution Manager User Experience Monitoring access control
medium
6.5
-
-
-
165939
SAP NetWeaver AS JAVA improper authentication [CVE-2020-26829]
medium
7.5
-
-
-
165938
SAP Disclosure Management Spreadsheet unrestricted upload [CVE-2020-26828]
medium
6.5
-
-
-
165937
SAP NetWeaver AS JAVA Process Integration Monitoring unrestricted upload
medium
6.5
-
-
-
165936
SAP AS JAVA Key Storage Service missing encryption [CVE-2020-26816]
low
1.2
-
-
-
165935
JupyterHub jupyterhub-systemdspawner API Token exposure of resource
medium
5.2
-
-
-
165934
BookStack Image URL or injection
medium
6.5
-
-
-
165933
WECON LeviStudioU Project File heap-based overflow [CVE-2020-25199]
medium
5.2
-
-
-
165932
imcat Picture unrestricted upload [CVE-2020-23520]
medium
6.0
-
-
-
165931
Palo Alto Cortex XDR Agent uncontrolled search path [CVE-2020-2049]
medium
6.8
-
-
-
165930
Palo Alto Cortex XDR Agent Exception exceptional condition [CVE-2020-2020]
low
1.7
-
-
-
165929
Apache NuttX Fragmentation out-of-bounds write [CVE-2020-17529]
medium
7.5
-
-
-
165928
Apache NuttX TCP Packet out-of-bounds write [CVE-2020-17528]
medium
6.5
-
-
-
165927
McAfee VirusScan Enterprise Windows Defender Application Control permission assignment
low
4.0
-
-
-
165926
JerryScript main-utils.c main_print_unhandled_exception out-of-bounds read
low
2.3
-
-
-
165925
python-py incorrect regex [CVE-2020-29651]
low
2.3
-
-
-
165924
Apple iTunes Text File memory corruption [CVE-2020-9999]
medium
7.5
-
-
-
165923
Apple macOS Text File memory corruption [CVE-2020-9999]
medium
7.5
-
-
-
165922
Apple iOS/iPadOS use after free [CVE-2020-9996]
medium
4.3
-
-
-
165921
Apple macOS use after free [CVE-2020-9996]
medium
4.3
-
-
-
165920
Apple iOS/iPadOS Address Bar clickjacking [CVE-2020-9993]
low
5.0
-
-
-
165919
Apple Safari Address Bar clickjacking [CVE-2020-9993]
low
5.0
-
-
-
165918
Apple watchOS Address Bar clickjacking [CVE-2020-9993]
low
5.0
-
-
-
165917
Apple tvOS denial of service [CVE-2020-9991]
low
3.5
-
-
-
165916
Apple iCloud denial of service [CVE-2020-9991]
low
3.5
-
-
-
165915
Apple iOS/iPadOS denial of service [CVE-2020-9991]
low
3.5
-
-
-
165914
Apple watchOS denial of service [CVE-2020-9991]
low
3.5
-
-
-
165913
Apple macOS denial of service [CVE-2020-9991]
low
3.5
-
-
-
165912
Apple iOS/iPadOS Message information disclosure [CVE-2020-9989]
low
1.7
-
-
-
165911
Apple watchOS Message information disclosure [CVE-2020-9989]
low
1.7
-
-
-
165910
Apple macOS Message information disclosure [CVE-2020-9989]
low
1.7
-
-
-
165909
Apple iOS/iPadOS Message information disclosure [CVE-2020-9988]
low
1.7
-
-
-
165908
Apple macOS Message information disclosure [CVE-2020-9988]
low
1.7
-
-
-
165907
Apple Safari Address Bar clickjacking [CVE-2020-9987]
low
5.0
-
-
-
165906
Apple macOS use after free [CVE-2020-9981]
medium
7.5
-
-
-
165905
Apple tvOS use after free [CVE-2020-9981]
medium
7.5
-
-
-
165904
Apple iTunes use after free [CVE-2020-9981]
medium
7.5
-
-
-
165903
Apple iOS/iPadOS use after free [CVE-2020-9981]
medium
7.5
-
-
-
165902
Apple watchOS use after free [CVE-2020-9981]
medium
7.5
-
-
-
165901
Apple iOS/iPadOS Entitlement Verification information disclosure
low
1.7
-
-
-
165900
Apple macOS Entitlement Verification information disclosure [CVE-2020-9977]
low
1.7
-
-
-
165899
Apple macOS Kernel information disclosure [CVE-2020-9974]
low
1.7
-
-
-
165898
Apple iOS/iPadOS USD File buffer overflow [CVE-2020-9972]
medium
7.5
-
-
-
165897
Apple tvOS User Information sandbox [CVE-2020-9969]
low
1.7
-
-
-
165896
Apple iOS/iPadOS User Information sandbox [CVE-2020-9969]
low
1.7
-
-
-
165895
Apple watchOS User Information sandbox [CVE-2020-9969]
low
1.7
-
-
-
165894
Apple macOS User Information sandbox [CVE-2020-9969]
low
1.7
-
-
-
165893
Apple iOS/iPadOS out-of-bounds read [CVE-2020-9966]
medium
6.8
-
-
-
165892
Apple tvOS out-of-bounds read [CVE-2020-9966]
medium
6.8
-
-
-
165891
Apple watchOS out-of-bounds read [CVE-2020-9966]
medium
6.8
-
-
-
165890
Apple macOS out-of-bounds read [CVE-2020-9966]
medium
6.8
-
-
-
165889
Apple tvOS out-of-bounds read [CVE-2020-9965]
medium
6.8
-
-
-
165888
Apple iOS/iPadOS out-of-bounds read [CVE-2020-9965]
medium
6.8
-
-
-
165887
Apple watchOS out-of-bounds read [CVE-2020-9965]
medium
6.8
-
-
-
165886
Apple macOS out-of-bounds read [CVE-2020-9965]
medium
6.8
-
-
-
165885
Apple iOS/iPadOS Icon Cache information disclosure [CVE-2020-9963]
low
1.7
-
-
-
165884
Apple macOS Icon Cache information disclosure [CVE-2020-9963]
low
1.7
-
-
-
165883
Apple iOS/iPadOS Audio File buffer overflow [CVE-2020-9954]
medium
7.5
-
-
-
165882
Apple macOS Audio File buffer overflow [CVE-2020-9954]
medium
7.5
-
-
-
165881
Apple tvOS Audio File buffer overflow [CVE-2020-9954]
medium
7.5
-
-
-
165880
Apple watchOS Audio File buffer overflow [CVE-2020-9954]
medium
7.5
-
-
-
165879
Apple iOS/iPadOS use after free [CVE-2020-9950]
medium
7.5
-
-
-
165878
Apple Safari use after free [CVE-2020-9950]
medium
7.5
-
-
-
165877
Apple tvOS use after free [CVE-2020-9950]
medium
7.5
-
-
-
165876
Apple watchOS use after free [CVE-2020-9950]
medium
7.5
-
-
-
165875
Apple tvOS use after free [CVE-2020-9949]
medium
6.8
-
-
-
165874
Apple iOS/iPadOS use after free [CVE-2020-9949]
medium
6.8
-
-
-
165873
Apple watchOS use after free [CVE-2020-9949]
medium
6.8
-
-
-
165872
Apple macOS use after free [CVE-2020-9949]
medium
6.8
-
-
-
165871
Apple Safari Web Contents use after free [CVE-2020-9947]
medium
7.5
-
-
-
165870
Apple tvOS Web Contents use after free [CVE-2020-9947]
medium
7.5
-
-
-
165869
Apple iTunes Web Contents use after free [CVE-2020-9947]
medium
7.5
-
-
-
165868
Apple iOS/iPadOS Web Contents use after free [CVE-2020-9947]
medium
7.5
-
-
-
165867
Apple watchOS Web Contents use after free [CVE-2020-9947]
medium
7.5
-
-
-
165866
Apple Safari Address Bar clickjacking [CVE-2020-9945]
low
5.0
-
-
-
165865
Apple macOS Address Bar clickjacking [CVE-2020-9945]
low
5.0
-
-
-
165864
Apple iOS/iPadOS out-of-bounds read [CVE-2020-9944]
low
2.1
-
-
-
165863
Apple tvOS out-of-bounds read [CVE-2020-9944]
low
2.1
-
-
-
165862
Apple watchOS out-of-bounds read [CVE-2020-9944]
low
2.1
-
-
-
165861
Apple macOS out-of-bounds read [CVE-2020-9944]
low
2.1
-
-
-
165860
Apple tvOS out-of-bounds read [CVE-2020-9943]
low
2.1
-
-
-
165859
Apple iOS/iPadOS out-of-bounds read [CVE-2020-9943]
low
2.1
-
-
-
165858
Apple watchOS out-of-bounds read [CVE-2020-9943]
low
2.1
-
-
-
165857
Apple macOS out-of-bounds read [CVE-2020-9943]
low
2.1
-
-
-
165856
Apple Safari Address Bar clickjacking [CVE-2020-9942]
low
5.0
-
-
-
165855
Apple macOS Address Bar clickjacking [CVE-2020-9942]
low
5.0
-
-
-
165854
Apple macOS Email state issue [CVE-2020-9922]
medium
7.5
-
-
-
165853
Apple tvOS information disclosure [CVE-2020-9849]
low
3.5
-
-
-
165852
Apple iOS/iPadOS information disclosure [CVE-2020-9849]
low
3.5
-
-
-
165851
Apple watchOS information disclosure [CVE-2020-9849]
low
3.5
-
-
-
165850
Apple macOS information disclosure [CVE-2020-9849]
low
3.5
-
-
-
165849
irssi Docker Image improper authentication [CVE-2020-29602]
high
10.0
-
-
-
165848
Notary Docker Image improper authentication [CVE-2020-29601]
high
10.0
-
-
-
165847
spiped Docker Image access control [CVE-2020-29581]
high
10.0
-
-
-
165846
Storm Docker Image improper authentication [CVE-2020-29580]
high
10.0
-
-
-
165845
Express Gateway Docker Image improper authentication [CVE-2020-29579]
high
10.0
-
-
-
165844
piwik Docker Image improper authentication [CVE-2020-29578]
high
10.0
-
-
-
165843
znc Docker Image improper authentication [CVE-2020-29577]
high
10.0
-
-
-
165842
Eggdrop Docker image improper authentication [CVE-2020-29576]
high
10.0
-
-
-
165841
Elixir Docker Image improper authentication [CVE-2020-29575]
high
10.0
-
-
-
165840
Hashicorp Consul improper authentication [CVE-2020-29564]
high
10.0
-
-
-
165839
Systran Pure Neural Server API denial of service [CVE-2020-29540]
low
2.3
-
-
-
165838
Systran Pure Neural Server cross site scripting [CVE-2020-29539]
low
4.0
-
-
-
165837
Plum IK-401 Configuration File information disclosure [CVE-2020-28946]
low
3.3
-
-
-
165836
deepref code injection [CVE-2020-28274]
medium
6.5
-
-
-
165835
Apple macOS Kernel initialization [CVE-2020-27950]
low
1.7
-
-
-
165834
Apple macOS FontParser out-of-bounds write [CVE-2020-27927]
medium
7.5
-
-
-
165833
Apple macOS WebKit use after free [CVE-2020-27918]
medium
7.5
-
-
-
165832
Apple macOS libxml2 use after free [CVE-2020-27917]
medium
7.5
-
-
-
165831
Apple macOS Audio out-of-bounds write [CVE-2020-27916]
medium
7.5
-
-
-
165830
Apple macOS ImageIO out-of-bounds write [CVE-2020-27912]
medium
7.5
-
-
-
165829
Apple macOS libxml2 integer overflow [CVE-2020-27911]
medium
7.5
-
-
-
165828
Apple macOS Audio out-of-bounds read [CVE-2020-27910]
medium
7.5
-
-
-
165827
Apple macOS integer overflow [CVE-2020-27906]
medium
6.0
-
-
-
165826
Apple macOS State Management memory corruption [CVE-2020-27904]
medium
5.2
-
-
-
165825
Apple macOS privileges management [CVE-2020-27903]
low
4.9
-
-
-
165824
Apple macOS Snapshot permission [CVE-2020-27900]
medium
5.2
-
-
-
165823
Apple macOS Managed Frame Protection denial of service [CVE-2020-27898]
low
2.3
-
-
-
165822
Apple macOS path traversal [CVE-2020-27896]
medium
6.5
-
-
-
165821
Apple iTunes information disclosure [CVE-2020-27895]
low
2.3
-
-
-
165820
Apple macOS Metadata unknown vulnerability [CVE-2020-27894]
low
4.9
-
-
-
165819
QEMU Memory Management API out-of-bounds write [CVE-2020-27821]
medium
5.2
-
-
-
165818
ImageMagick txt.c integer overflow
low
2.3
-
-
-
165817
ImageMagick quantum-private.h ScaleAnyToQuantum integer overflow
low
2.3
-
-
-
165816
ImageMagick geometry.c ParseMetaGeometry divide by zero
low
3.5
-
-
-
165815
ImageMagick image.c SetImageExtent memory leak
low
2.3
-
-
-
165814
ImageMagick quantize.c IntensityCompare integer overflow
medium
6.0
-
-
-
165813
ImageMagick miff.c AcquireMagickMemory memory leak
low
2.3
-
-
-
165812
ImageMagick quantum-private.h heap-based overflow
medium
5.2
-
-
-
165811
ImageMagick quantum-export.c integer overflow
low
5.0
-
-
-
165810
ImageMagick colorspace-private.h divide by zero
low
5.0
-
-
-
165809
AnyDesk XPC Interface access control [CVE-2020-27614]
medium
4.3
-
-
-
165808
aptdaemon policykit authorization [CVE-2020-27349]
low
4.0
-
-
-
165807
Mozilla Firefox memory corruption [CVE-2020-26969]
medium
7.5
-
-
-
165806
Mozilla Firefox/Thunderbird memory corruption [CVE-2020-26968]
medium
7.5
-
-
-
165805
Mozilla Firefox Screenshot injection [CVE-2020-26967]
medium
4.9
-
-
-
165804
Mozilla Firefox/Thunderbird mDNS information disclosure [CVE-2020-26966]
low
3.3
-
-
-
165803
Mozilla Firefox/Thunderbird Keyboard Layout unknown vulnerability
low
4.9
-
-
-
165802
Mozilla Firefox Remote Debugging via USB Remote Privilege Escalation
medium
6.0
-
-
-
165801
Mozilla Firefox API denial of service [CVE-2020-26963]
low
5.0
-
-
-
165800
Mozilla Firefox Login Autofill clickjacking [CVE-2020-26962]
low
5.0
-
-
-
165799
Mozilla Firefox/Thunderbird IPv6 Address dns rebinding [CVE-2020-26961]
medium
5.1
-
-
-
165798
Mozilla Firefox/Thunderbird Compact use after free
medium
7.5
-
-
-
165797
Mozilla Firefox/Thunderbird Reference use after free [CVE-2020-26959]
medium
7.5
-
-
-
165796
Mozilla Firefox/Thunderbird MIME Type protection mechanism [CVE-2020-26958]
medium
7.5
-
-
-
165795
Mozilla Firefox OneCRL improper validation of integrity check value
medium
7.5
-
-
-
165794
Mozilla Firefox/Thunderbird SVG Event cross site scripting [CVE-2020-26956]
low
5.0
-
-
-
165793
Mozilla Firefox File Download information disclosure [CVE-2020-26955]
low
2.6
-
-
-
165792
Mozilla Firefox Fullscreen improper restriction of rendered ui layers
medium
7.5
-
-
-
165791
Mozilla Firefox/Thunderbird Fullscreen improper restriction of rendered ui layers
medium
7.5
-
-
-
165790
Mozilla Firefox JIT Compiler memory corruption [CVE-2020-26952]
medium
7.5
-
-
-
165789
Mozilla Firefox/Thunderbird Event Parser cross site scripting
low
5.0
-
-
-
165788
Mozilla Firefox/Thunderbird use after free [CVE-2020-26950]
medium
7.5
-
-
-
165787
fast-csv incorrect regex [CVE-2020-26256]
low
4.0
-
-
-
165786
Kirby CMS/Panel phar File unrestricted upload [CVE-2020-26255]
medium
5.8
-
-
-
165785
omniauth-apple Gem authentication spoofing [CVE-2020-26254]
medium
7.5
-
-
-
165784
Red Discord Bot Dashboard Name code injection [CVE-2020-26249]
medium
6.5
-
-
-
165783
Opencast Hostname Verification origin validation [CVE-2020-26234]
medium
5.1
-
-
-
165782
Git Credential Manager Core Working Directory git.exe name resolution
low
5.1
-
-
-
165781
SourceCodester Student Management System Subject cross site scripting
low
4.0
-
-
-
165780
Online Bus Booking System Login Page sql injection [CVE-2020-25889]
medium
5.8
-
-
-
165779
ImageMagick pixel.c InterpolatePixelInfo integer overflow
medium
4.9
-
-
-
165778
ImageMagick transform.c CropImage integer overflow
medium
4.9
-
-
-
165777
ImageMagick PNG Coder png.c WriteOnePNGImage out-of-bounds read
low
2.3
-
-
-
165776
ImageMagick tiff.c TIFFGetProfiles out-of-bounds read
low
2.3
-
-
-
165775
ImageMagick histogram.c HistogramCompare integer overflow
medium
4.9
-
-
-
165774
ImageMagick PALM Image palm.c AcquireQuantumMemory out-of-bounds read
low
2.3
-
-
-
165773
ImageMagick PNG Coder png.c WriteOnePNGImage out-of-bounds write
medium
7.5
-
-
-
165772
ImageMagick channel.c ConformPixelInfo heap-based overflow
medium
5.0
-
-
-
165771
Moodle cross site scripting [CVE-2020-25627]
low
4.0
-
-
-
165770
OpenSSL x509 Certificate GENERAL_NAME_cmp null pointer dereference
low
2.3
-
-
-
165769
Apache Tapestry deserialization [CVE-2020-17531]
medium
5.4
-
-
-
165768
Aptdaemon DBus Interface information disclosure [CVE-2020-16128]
low
2.3
-
-
-
165767
DiveBook Plugin divelog.php sql injection
medium
7.5
-
-
-
165766
DiveBook Plugin cross site scripting [CVE-2020-14206]
low
5.0
-
-
-
165765
DiveBook Plugin Log Dive Form access control [CVE-2020-14205]
medium
5.2
-
-
-
165764
Apple macOS CoreAudio out-of-bounds write [CVE-2020-10017]
medium
7.5
-
-
-
165763
Apple macOS Kernel memory corruption [CVE-2020-10016]
medium
6.8
-
-
-
165762
Apple macOS Path Validation sandbox [CVE-2020-10014]
medium
5.2
-
-
-
165761
Apple iOS/iPadOS state issue [CVE-2020-10013]
medium
6.8
-
-
-
165760
Apple tvOS state issue [CVE-2020-10013]
medium
6.8
-
-
-
165759
Apple macOS Document cross site scripting [CVE-2020-10012]
low
4.0
-
-
-
165758
Apple macOS Model I/O out-of-bounds read [CVE-2020-10011]
medium
7.5
-
-
-
165757
Apple macOS Logging path traversal [CVE-2020-10010]
low
4.3
-
-
-
165756
Apple macOS Crash Reporter symlink [CVE-2020-10003]
medium
4.6
-
-
-
165755
Apple macOS Foundation behavioral workflow [CVE-2020-10002]
low
1.7
-
-
-
165754
Apple macOS sandbox [CVE-2020-10009]
medium
5.2
-
-
-
165753
Apple macOS state issue [CVE-2020-10007]
low
1.7
-
-
-
165752
Apple macOS access control [CVE-2020-10006]
medium
5.2
-
-
-
165751
Apple macOS Model I/O behavioral workflow [CVE-2020-10004]
medium
7.5
-
-
-
165750
Microsoft Windows SMB information disclosure [CVE-2020-17140]
medium
8.5
-
-
-
165749
Microsoft Windows NTFS Remote Privilege Escalation [CVE-2020-17096]
medium
7.1
-
-
-
165748
Microsoft Windows Digital Media Receiver privileges management
low
1.7
-
-
-
165747
Microsoft Windows Lock Screen improper authentication [CVE-2020-17099]
medium
7.2
-
-
-
165746
Microsoft Windows Hyper-V Remote Privilege Escalation [CVE-2020-17095]
medium
7.1
-
-
-
165745
Microsoft Windows Error Reporting information disclosure [CVE-2020-17094]
low
4.6
-
-
-
165744
Microsoft Windows Backup Engine privileges management [CVE-2020-16962]
medium
6.8
-
-
-
165743
Microsoft Windows Backup Engine privileges management [CVE-2020-16963]
medium
6.8
-
-
-
165742
Microsoft Windows Backup Engine privileges management [CVE-2020-16964]
medium
6.8
-
-
-
165741
Microsoft Windows Backup Engine privileges management [CVE-2020-16961]
medium
6.8
-
-
-
165740
Microsoft Windows Backup Engine privileges management [CVE-2020-16959]
medium
6.8
-
-
-
165739
Microsoft Windows Backup Engine privileges management [CVE-2020-16958]
medium
6.8
-
-
-
165738
Microsoft Windows Backup Engine privileges management [CVE-2020-16960]
medium
6.8
-
-
-
165737
Microsoft Visual Studio TS-Lint Extension code injection [CVE-2020-17150]
medium
7.5
-
-
-
165736
Microsoft Visual Studio code injection [CVE-2020-17156]
medium
7.5
-
-
-
165735
Microsoft Visual Studio Java Extension Pack code injection [CVE-2020-17159]
medium
7.5
-
-
-
165734
Microsoft Visual Studio Remote SSH Extension code injection [CVE-2020-17148]
medium
7.2
-
-
-
165733
Microsoft Windows Cloud Files Mini Filter Driver privileges management
medium
6.8
-
-
-
165732
Microsoft Windows Cloud Files Mini Filter Driver privileges management
medium
6.0
-
-
-
165731
Microsoft Windows Overlay Filter protection mechanism [CVE-2020-17139]
medium
6.8
-
-
-
165730
Microsoft Windows Network Connections Service privileges management
medium
6.8
-
-
-
165729
Microsoft Windows Error Reporting information disclosure [CVE-2020-17138]
low
1.7
-
-
-
165728
Microsoft Windows Kerberos protection mechanism [CVE-2020-16996]
medium
6.8
-
-
-
165727
Microsoft Windows Cloud Files Mini Filter Driver privileges management
medium
6.8
-
-
-
165726
Microsoft SharePoint privileges management [CVE-2020-17089]
medium
7.1
-
-
-
165725
Microsoft SharePoint unknown vulnerability [CVE-2020-17118]
medium
9.4
-
-
-
165724
Microsoft SharePoint Remote Privilege Escalation [CVE-2020-17121]
medium
9.0
-
-
-
165723
Microsoft SharePoint information disclosure [CVE-2020-17120]
low
2.1
-
-
-
165722
Microsoft SharePoint input validation [CVE-2020-17115]
medium
9.0
-
-
-
165721
Microsoft Office/Office Web Apps/SharePoint Server Remote Code Execution
medium
7.5
-
-
-
165720
Microsoft Excel information disclosure [CVE-2020-17126]
low
5.0
-
-
-
165719
Microsoft Excel Remote Code Execution [CVE-2020-17127]
medium
7.5
-
-
-
165718
Microsoft Excel Remote Code Execution [CVE-2020-17125]
medium
7.5
-
-
-
165717
Microsoft Outlook information disclosure [CVE-2020-17119]
low
5.0
-
-
-
165716
Microsoft Excel Remote Code Execution [CVE-2020-17123]
medium
7.5
-
-
-
165715
Microsoft PowerPoint Remote Code Execution [CVE-2020-17124]
medium
7.5
-
-
-
165714
Microsoft Excel Remote Code Execution [CVE-2020-17129]
medium
7.5
-
-
-
165713
Microsoft Excel Remote Code Execution [CVE-2020-17128]
medium
7.5
-
-
-
165712
Microsoft Excel protection mechanism [CVE-2020-17130]
medium
7.5
-
-
-
165711
Microsoft Windows GDI+ information disclosure [CVE-2020-17098]
low
4.6
-
-
-
165710
Microsoft Windows DirectX Graphics privileges management [CVE-2020-17137]
medium
6.8
-
-
-
165709
Microsoft Microsoft Exchange Server code injection [CVE-2020-17142]
high
8.3
-
-
-
165708
Microsoft Microsoft Exchange Server code injection [CVE-2020-17132]
high
8.3
-
-
-
165707
Microsoft Microsoft Exchange Server Remote Privilege Escalation
medium
6.8
-
-
-
165706
Microsoft Microsoft Exchange Server code injection [CVE-2020-17141]
medium
8.3
-
-
-
165705
Microsoft Microsoft Exchange Server code injection [CVE-2020-17144]
medium
8.3
-
-
-
165704
Microsoft Microsoft Exchange Server information disclosure [CVE-2020-17143]
medium
9.0
-
-
-
165703
Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption
medium
7.5
-
-
-
165702
Microsoft Microsoft Edge input validation [CVE-2020-17153]
low
5.0
-
-
-
165701
Microsoft Dynamics 365 for Finance and Operations code injection
medium
9.0
-
-
-
165700
Microsoft Dynamics 365 for Finance and Operations code injection
medium
9.0
-
-
-
165699
Microsoft Microsoft Dynamics NAV 2015 information disclosure
medium
6.8
-
-
-
165698
Microsoft Microsoft Dynamics 365 cross site scripting [CVE-2020-17147]
low
4.0
-
-
-
165697
Microsoft Azure Sphere protection mechanism [CVE-2020-17160]
medium
7.1
-
-
-
165696
Microsoft Azure SDK for Java protection mechanism [CVE-2020-16971]
medium
7.1
-
-
-
165695
Microsoft C SDK for Azure IoT protection mechanism [CVE-2020-17002]
medium
7.1
-
-
-
165694
Microsoft Azure DevOps Server input validation [CVE-2020-17135]
medium
5.5
-
-
-
165693
Microsoft Azure DevOps Server/Team Foundation Server input validation
low
5.5
-
-
-
165692
QNAP QTS/QuTS cross site scripting [CVE-2020-2498]
low
4.0
-
-
-
165691
QNAP QTS/QuTS cross site scripting [CVE-2020-2497]
low
4.0
-
-
-
165690
QNAP QTS/QuTS cross site scripting [CVE-2020-2496]
low
4.0
-
-
-
165689
QNAP QTS/QuTS cross site scripting [CVE-2020-2495]
low
4.0
-
-
-
165688
QNAP QTS/QuTS command injection [CVE-2019-7198]
medium
5.2
-
-
-
165687
Wildfly OpenTracing API memory leak [CVE-2020-27822]
low
3.5
-
-
-
165686
pngcheck check_chunk_name out-of-bounds read
low
2.3
-
-
-
165685
Kirby CMS/Panel Admin Panel cms origin validation
low
2.6
-
-
-
165684
OpenLDAP RDN null pointer dereference [CVE-2020-25692]
low
4.3
-
-
-
165683
Ceph-ansible iscsi-gateway.conf cleartext storage
low
2.7
-
-
-
165682
Moodle Book Chapter Title cross site scripting [CVE-2020-25631]
low
4.0
-
-
-
165681
Moodle ZIP File resource consumption [CVE-2020-25630]
low
5.0
-
-
-
165680
Moodle Log in as access control [CVE-2020-25629]
medium
6.5
-
-
-
165679
Moodle Tag Manager cross site scripting [CVE-2020-25628]
low
4.0
-
-
-
165678
ASUS RT-AC88U Download Master Title injection [CVE-2020-29655]
low
5.0
-
-
-
165677
ASUS RT-AC88U Download Master direct request [CVE-2020-29656]
low
5.0
-
-
-
165676
Kubernetes kube-controller-manager Ceph RBD log file [CVE-2020-8566]
low
1.0
-
-
-
165675
Kubernetes Token log file [CVE-2020-8565]
low
1.0
-
-
-
165674
Kubernetes Config File log file [CVE-2020-8564]
low
1.0
-
-
-
165673
Kubernetes VSphere Credential log file [CVE-2020-8563]
low
2.7
-
-
-
165672
AWStats awstats.pl pathname traversal
low
2.7
-
-
-
165671
ImageMagick PDF File pdf.c os command injection
medium
7.5
-
-
-
165670
IncomCMS script.php unrestricted upload
medium
5.4
-
-
-
165669
Acdsee Photo Studio Studio Professional 2021 IDE_ACDStd.apl memory corruption
medium
5.2
-
-
-
165668
Nlnet Labs Unbound/NSD PID File link following [CVE-2020-28935]
medium
3.2
-
-
-
165667
Apache Groovy Extension temp file [CVE-2020-17521]
low
2.7
-
-
-
165666
Apache APISIX Admin API improper authentication [CVE-2020-13945]
medium
5.2
-
-
-
165665
Huawei Honor 20 Pro Configuration Parameter buffer overflow [CVE-2020-9247]
medium
5.2
-
-
-
165664
Eat Spray Love mobile App improper authentication [CVE-2020-5800]
medium
5.8
-
-
-
165663
Eat Spray Love mobile App backdoor [CVE-2020-5799]
medium
5.2
-
-
-
165662
inSync Client Installer improper validation of integrity check value
medium
7.7
-
-
-
165661
Kata Containers unknown vulnerability [CVE-2020-27151]
medium
7.7
-
-
-
165660
Intland codeBeamer ALM ReqIF XML Data xml external entity reference
medium
6.0
-
-
-
165659
Inspur NF5266M5 Baseboard Management Controller signature verification
low
3.3
-
-
-
165658
Microsoft Teams Message cross site scripting [CVE-2020-10146]
medium
5.0
-
-
-
165657
SeedDMS class.DropFolderChooser.php cross site scripting
low
4.0
-
-
-
165656
Google Chrome V8 uninitialized pointer [CVE-2020-16042]
medium
7.5
-
-
-
165655
Google Chrome Networking out-of-bounds read [CVE-2020-16041]
medium
7.5
-
-
-
165654
Google Chrome V8 Remote Code Execution [CVE-2020-16040]
medium
7.5
-
-
-
165653
Google Chrome Extension use after free [CVE-2020-16039]
medium
7.5
-
-
-
165652
Google Chrome Media use after free [CVE-2020-16038]
medium
7.5
-
-
-
165651
Google Chrome Clipboard use after free [CVE-2020-16037]
medium
7.5
-
-
-
165650
Apple iCloud WebKit use after free [CVE-2020-9951]
medium
7.5
-
-
-
165649
Apple iCloud WebKit use after free [CVE-2020-9947]
medium
7.5
-
-
-
165648
Apple iCloud WebKit use after free [CVE-2020-27918]
medium
7.5
-
-
-
165647
Apple iCloud WebKit out-of-bounds write [CVE-2020-9983]
medium
7.5
-
-
-
165646
Apple iCloud WebKit use after free [CVE-2020-27918]
low
5.0
-
-
-
165645
Apple iCloud WebKit use after free [CVE-2020-9951]
medium
7.5
-
-
-
165644
Apple iCloud SQLite denial of service [CVE-2020-13631]
low
2.3
-
-
-
165643
Apple iCloud SQLite information disclosure [CVE-2020-9849]
low
3.5
-
-
-
165642
Apple iCloud SQLite memory corruption [CVE-2020-13630]
medium
6.0
-
-
-
165641
Apple iCloud SQLite denial of service [CVE-2020-13435]
low
3.5
-
-
-
165640
Apple iCloud SQLite denial of service [CVE-2020-13434]
low
3.5
-
-
-
165639
Apple iCloud libxml2 use after free [CVE-2020-9981]
medium
7.5
-
-
-
165638
Apple iCloud libxml2 integer overflow [CVE-2020-27911]
medium
7.5
-
-
-
165637
Apple iCloud libxml2 use after free [CVE-2020-27917]
medium
7.5
-
-
-
165636
Apple iCloud ImageIO out-of-bounds write [CVE-2020-9876]
medium
7.5
-
-
-
165635
Apple iCloud ImageIO out-of-bounds write [CVE-2020-27912]
medium
7.5
-
-
-
165634
Apple iCloud ImageIO out-of-bounds read [CVE-2020-9961]
medium
7.5
-
-
-
165633
Apple iCloud Foundation state issue [CVE-2020-10002]
low
1.7
-
-
-
165632
GNU C Library ldbl2mpn.c sprintf stack-based overflow
medium
5.2
-
-
-
165631
MISP genericField.ctp cross site scripting
low
4.0
-
-
-
165630
National Instruments CompactRIO Driver permission assignment
medium
5.0
-
-
-
165629
Kaspersky Anti-Ransomware Tool uncontrolled search path [CVE-2020-28950]
medium
6.5
-
-
-
165628
ImageMagick statistic.c integer overflow
low
4.9
-
-
-
165627
ImageMagick quantum.h integer overflow
low
4.9
-
-
-
165626
ImageMagick statistic.c integer overflow
low
4.9
-
-
-
165625
ImageMagick gem-private.h divide by zero
low
2.3
-
-
-
165624
ImageMagick bmp.c integer overflow
low
4.9
-
-
-
165623
Moddable SDK xsSyntaxical.c:3419 xObjectBindingFromExpression denial of service
low
3.5
-
-
-
165622
Moddable SDK xsDebug.c heap-based overflow
medium
6.5
-
-
-
165621
Moddable SDK xsCommon.c fxUTF8Decode denial of service
low
3.5
-
-
-
165620
Moddable SDK xsSyntaxical.c fxCheckArrowFunction heap-based overflow
medium
6.5
-
-
-
165619
Moddable SDK xsProxy.c fxProxyGetter denial of service
low
3.5
-
-
-
165618
Arachnys Cabot Address Column cross site scripting [CVE-2020-25449]
low
4.0
-
-
-
165617
ImageMagick pdf.c RestoreMSCWarning integer overflow
medium
4.9
-
-
-
165616
ImageMagick SubstituteString integer overflow
medium
5.2
-
-
-
165615
ImageMagick quantum.h integer overflow
low
4.9
-
-
-
165614
ImageMagick statistic.c integer overflow
low
4.9
-
-
-
165613
ImageMagick segment.c divide by zero
low
2.3
-
-
-
165612
openSIS Community Edition SideForStudent.php cross site scripting
low
4.0
-
-
-
165611
openSIS Community Edition ResetUserInfo.php access control
medium
5.8
-
-
-
165610
Mitsubishi Electric GT2107-WTBD out-of-bounds read [CVE-2020-5675]
low
3.5
-
-
-
165609
OpenStack Horizon redirect [CVE-2020-29565]
low
4.9
-
-
-
165608
GNU C Library UCS4 Text denial of service [CVE-2020-29562]
low
2.3
-
-
-
165607
SonicBOOM riscv-boom authorization [CVE-2020-29561]
medium
4.9
-
-
-
165606
QEMU RX Descriptor e1000e_core.c infinite loop
low
2.3
-
-
-
165605
snapcraft uncontrolled search path [CVE-2020-27348]
low
3.5
-
-
-
165604
Linux Kernel Reference execve unknown vulnerability
low
4.9
-
-
-
165603
Hashicorp go-slug pathname traversal [CVE-2020-29529]
medium
5.2
-
-
-
165602
productcomments sql injection [CVE-2020-26248]
low
2.1
-
-
-
165601
AnyView Monitoring Software denial of service [CVE-2020-23741]
low
1.7
-
-
-
165600
DriverGenius Driver Wizard access control [CVE-2020-23740]
medium
4.3
-
-
-
165599
Advanced SystemCare denial of service [CVE-2020-23738]
low
4.6
-
-
-
165598
DaDa Accelerator denial of service [CVE-2020-23736]
low
4.6
-
-
-
165597
Apache Tomcat Request Header information disclosure [CVE-2020-17527]
low
2.6
-
-
-
165596
PulseAudio Snap Policy Module race condition [CVE-2020-16123]
low
1.0
-
-
-
165595
stringstream Module out-of-bounds read [CVE-2018-21270]
low
2.3
-
-
-
165594
Allen-Bradley MicroLogix 1100 denial of service [CVE-2020-6111]
low
2.3
-
-
-
165593
Check Point Endpoint Security Client Installation uncontrolled search path
medium
6.5
-
-
-
165592
Valve Game Networking Sockets Plain-Text Message SNP_ReceiveUnreliableSegment heap-based overflow
medium
6.5
-
-
-
165591
OpenClinic test_new.php unrestricted upload
medium
4.9
-
-
-
165590
OpenClinic Check.php cross site scripting [CVE-2020-28938]
low
4.0
-
-
-
165589
OpenClinic direct request [CVE-2020-28937]
low
3.3
-
-
-
165588
Play Framework Java API unknown vulnerability [CVE-2020-28923]
low
4.9
-
-
-
165587
Netscout AirMagnet Enterprise Sensor access control [CVE-2020-28251]
medium
7.7
-
-
-
165586
Almico Speedfan access control [CVE-2020-28175]
medium
4.3
-
-
-
165585
python-lxml Clean Module cross site scripting [CVE-2020-27783]
low
4.0
-
-
-
165584
Poppler pdftohtml uninitialized pointer [CVE-2020-27778]
low
3.5
-
-
-
165583
ImageMagick statistic.c ApplyEvaluateOperator integer overflow
low
2.3
-
-
-
165582
ImageMagick resize.c divide by zero
low
2.3
-
-
-
165581
ImageMagick hdr.c integer overflow
low
2.3
-
-
-
165580
ImageMagick palm.c WritePALMImage integer overflow
low
4.9
-
-
-
165579
ImageMagick enhance.c GammaImage divide by zero
low
3.5
-
-
-
165578
ImageMagick quantize.c IntensityCompare integer overflow
low
2.3
-
-
-
165577
Infinispan REST API access control [CVE-2020-25711]
medium
5.2
-
-
-
165576
CImg load_pnm heap-based overflow
medium
5.2
-
-
-
165575
FasterXML Jackson Databind xml external entity reference [CVE-2020-25649]
medium
4.9
-
-
-
165574
Saibo Game Accelerator access control [CVE-2020-23735]
medium
4.3
-
-
-
165573
Antiy Zhijia Terminal Defense System denial of service [CVE-2020-23727]
low
4.6
-
-
-
165572
Wise Care 365 denial of service [CVE-2020-23726]
low
4.6
-
-
-
165571
CVS Plugin XML Parser xml external entity reference [CVE-2020-2324]
medium
4.9
-
-
-
165570
Chaos Monkey Plugin authorization [CVE-2020-2323]
medium
5.2
-
-
-
165569
Chaos Monkey Plugin Read memory leak
low
2.3
-
-
-
165568
Shelve Project Plugin cross-site request forgery [CVE-2020-2321]
low
4.0
-
-
-
165567
Plugin Installation Manager Tool Plugin Download code download
low
4.6
-
-
-
165566
Linux Kernel futex use after free [CVE-2020-14381]
low
4.3
-
-
-
165565
Linux Kernel perf Subsystem use after free [CVE-2020-14351]
medium
4.3
-
-
-
165564
libvirt File Descriptor control release of resource
medium
5.2
-
-
-
165563
Samba privileges assignment [CVE-2020-14318]
low
2.7
-
-
-
165562
WebKit WebKitGTK Web Page use after free [CVE-2020-13584]
medium
7.5
-
-
-
165561
WebKit WebKitGTK Websocket use after free [CVE-2020-13543]
medium
7.5
-
-
-
165560
LogicalDoc permission [CVE-2020-13542]
medium
6.8
-
-
-
165559
Pixar OpenUSD USD File Ha USD File Handler use after free
medium
7.5
-
-
-
165558
ProcessMaker reportTables_Ajax sql injection
medium
6.5
-
-
-
165557
Pixar OpenUSD USD File out-of-bounds read [CVE-2020-13524]
low
5.0
-
-
-
165556
EC-CUBE denial of service [CVE-2020-5680]
low
3.5
-
-
-
165555
EC-CUBE UI Layer clickjacking [CVE-2020-5679]
low
4.0
-
-
-
165554
GROWI cross site scripting [CVE-2020-5678]
low
4.0
-
-
-
165553
GROWI cross site scripting [CVE-2020-5677]
low
4.0
-
-
-
165552
GROWI information disclosure [CVE-2020-5676]
low
3.5
-
-
-
165551
Desknet NEO cross site scripting [CVE-2020-5638]
low
4.0
-
-
-
165550
Xerox DocuShare XML xml entity expansion [CVE-2020-27177]
medium
5.8
-
-
-
165549
Mozilla Thunderbird SMTP Server Response Code stack-based overflow
medium
6.5
-
-
-
165548
Pimcore improper authorization [CVE-2020-26246]
medium
6.5
-
-
-
165547
Gym Management System manage_user.php sql injection
medium
7.5
-
-
-
165546
Car Rental Management System view_car.php sql injection
medium
7.5
-
-
-
165545
Point of Sales in PHP-PDO edit_category.php sql injection
medium
6.5
-
-
-
165544
Multi Restaurant Table Reservation System view-chair-list.php sql injection
medium
7.5
-
-
-
165543
Online Doctor Appointment Booking System getuser.php sql injection
medium
6.5
-
-
-
165542
BloodX sql injection [CVE-2020-29282]
medium
7.5
-
-
-
165541
Victor CMS search.php sql injection
medium
7.5
-
-
-
165540
74CMS BaseController.class.php assign_resume_tpl file inclusion
medium
6.0
-
-
-
165539
Bitrix Framework excessive authentication [CVE-2020-28206]
low
2.6
-
-
-
165538
Python oic cryptographic issues [CVE-2020-26244]
low
3.8
-
-
-
165537
Crux Linux Docker Image credentials management [CVE-2020-29389]
medium
5.8
-
-
-
165536
Lepton CMS Admin Page cross site scripting [CVE-2020-29240]
low
4.0
-
-
-
165535
Online Birth Certificate System Project User Registration cross site scripting
low
4.0
-
-
-
165534
set-in Prototype code injection [CVE-2020-28273]
medium
6.5
-
-
-
165533
keyget Prototype code injection [CVE-2020-28272]
medium
6.5
-
-
-
165532
hibernate-core JPA Criteria API sql injection [CVE-2020-25638]
medium
6.5
-
-
-
165531
AppImage appimaged MP3 File code download [CVE-2020-25266]
low
4.9
-
-
-
165530
AppImage libappimage Desktop File path traversal [CVE-2020-25265]
medium
4.1
-
-
-
165529
Red Hat CloudForms HTTP Request cross-site request forgery [CVE-2020-14369]
low
4.0
-
-
-
165528
Apache HttpClient URI Object unknown vulnerability [CVE-2020-13956]
low
4.9
-
-
-
165527
Pixar OpenUSD Encoding out-of-bounds read [CVE-2020-13498]
low
4.0
-
-
-
165526
Pixar OpenUSD Encoding out-of-bounds read [CVE-2020-13497]
low
5.0
-
-
-
165525
Pixar OpenUSD Encoding out-of-bounds read [CVE-2020-13496]
low
5.0
-
-
-
165524
Pixar OpenUSD USD File out-of-bounds read [CVE-2020-13494]
low
5.0
-
-
-
165523
Pixar OpenUSD USD File heap-based overflow [CVE-2020-13493]
medium
7.5
-
-
-
165522
Phoenix Contact BTP 2043W/BTP 2070W/BTP 2102W resource consumption
low
5.0
-
-
-
165521
libxls XLS File xls_addCell out-of-bounds write
medium
7.5
-
-
-
165520
cpp-ethereum libevm Smart Contract Code out-of-bounds write [CVE-2017-14451]
medium
7.5
-
-
-
165519
FreeBSD ICMPv6 use after free [CVE-2020-7469]
medium
7.5
-
-
-
165518
FreeBSD rtsold memory corruption [CVE-2020-25577]
medium
7.5
-
-
-
165517
Textpattern CMS prefs Subsystem cross-site request forgery [CVE-2020-29458]
low
5.0
-
-
-
165516
Papermerge create folder cross site scripting
low
5.0
-
-
-
165515
HPE Edgeline Infrastructure Manager improper authentication [CVE-2020-7199]
medium
6.0
-
-
-
165514
Valve Game Networking Sockets libsodium Decrypt stack-based overflow
medium
6.5
-
-
-
165513
CAPI YAML Parser resource consumption [CVE-2020-5423]
low
5.0
-
-
-
165512
HCL Notes DXL buffer overflow [CVE-2020-4102]
medium
5.2
-
-
-
165511
Umbraco LogViewerController.cs access control
medium
5.2
-
-
-
165510
elasticsearch-operator-container Namespace Validator redirect
medium
6.0
-
-
-
165509
Gorilla Websocket Frame integer overflow [CVE-2020-27813]
low
2.3
-
-
-
165508
QEMU USB EHCI Emulation assertion [CVE-2020-25723]
low
2.3
-
-
-
165507
Linux Kernel Performance Monitoring Subsystem resource consumption
low
1.7
-
-
-
165506
Samba DNS Server denial of service [CVE-2020-14383]
low
2.3
-
-
-
165505
Linux Kernel Voice over IP H.323 Connection Tracking out-of-bounds write
medium
7.5
-
-
-
165504
HCL Domino DXL buffer overflow [CVE-2020-14260]
medium
5.2
-
-
-
165503
Software-properties ppa.py certificate validation
medium
5.1
-
-
-
165502
Trend Micro Apex One/OfficeScan XG information disclosure [CVE-2020-28583]
low
2.9
-
-
-
165501
Trend Micro Apex One/OfficeScan XG information disclosure [CVE-2020-28582]
low
2.9
-
-
-
165500
Trend Micro Apex One/OfficeScan XG information disclosure [CVE-2020-28577]
low
2.9
-
-
-
165499
Trend Micro Apex One/OfficeScan XG information disclosure [CVE-2020-28576]
low
2.9
-
-
-
165498
Trend Micro ServerProtect for Linux heap-based overflow [CVE-2020-28575]
medium
4.6
-
-
-
165497
Trend Micro Apex One/OfficeScan XG information disclosure [CVE-2020-28573]
low
2.9
-
-
-
165496
oauthenticator Whitelist improper authorization [CVE-2020-26250]
low
2.1
-
-
-
165495
Kia Head Unit micomd command injection [CVE-2020-8539]
medium
5.2
-
-
-
165494
Schneider Electric Smartlink/PowerTag/Wiser Series Gateway random values
low
3.3
-
-
-
165493
Schneider Electric EcoStruxure/SmartStruxure access control [CVE-2020-7547]
medium
5.2
-
-
-
165492
Schneider Electric EcoStruxure/SmartStruxure Web Page Generation cross site scripting
low
4.0
-
-
-
165491
Schneider Electric EcoStruxure/SmartStruxure access control [CVE-2020-7545]
medium
5.2
-
-
-
165490
Schneider Electric Modicon Quantum/ModiconPremium Legacy Communication Module credentials management
medium
5.8
-
-
-
165489
ZXELINK ZXV10 W908 sql injection [CVE-2020-6880]
medium
7.5
-
-
-
165488
HCL Domino ID Vault Service excessive authentication [CVE-2020-4128]
low
4.3
-
-
-
165487
ThinkAdmin cross site scripting [CVE-2020-29315]
low
4.0
-
-
-
165486
ATX miniCMTS200a Broadband Gateway/Pico CMTS pathname traversal
medium
5.8
-
-
-
165485
Western Digital My Cloud OS improper authentication [CVE-2020-28971]
medium
5.8
-
-
-
165484
Western Digital My Cloud OS Cookie improper authentication [CVE-2020-28970]
medium
5.8
-
-
-
165483
Western Digital My Cloud OS NAS Admin Dashboard improper authentication
medium
4.6
-
-
-
165482
Edimax IC-3116W/IC-3140W GET Request ipcam_cgi doGetSysteminfo stack-based overflow
medium
7.5
-
-
-
165481
WECON PLC Editor heap-based overflow [CVE-2020-25181]
medium
5.2
-
-
-
165480
WECON PLC Editor stack-based overflow [CVE-2020-25177]
medium
5.2
-
-
-
165479
Apache Cordova Camera Plugin access control [CVE-2020-11990]
medium
5.2
-
-
-
165478
SolarWinds Web Help Desk cross site scripting [CVE-2019-16958]
low
4.0
-
-
-
165477
Huawei Nova 4/SydneyM-AL00 out-of-bounds write [CVE-2020-9117]
medium
5.2
-
-
-
165476
Huawei FusionCompute Administrator access control [CVE-2020-9114]
medium
5.2
-
-
-
165475
McAfee Total Protection Microsoft Windows Client access control
medium
4.3
-
-
-
165474
containerd containerd-shim API resource transfer [CVE-2020-15257]
medium
4.3
-
-
-
165473
Huawei FusionCompute command injection [CVE-2020-9116]
medium
6.5
-
-
-
165472
Huawei ManageOne Plugin command injection [CVE-2020-9115]
medium
5.2
-
-
-
165471
Lenovo PCManager config [CVE-2020-8351]
medium
4.3
-
-
-
165470
SAP Adaptive Server Enterprise ASE Cockpit log file [CVE-2020-6317]
low
1.7
-
-
-
165469
HCL Domino LDAP Service excessive authentication [CVE-2020-4129]
low
4.3
-
-
-
165468
HCL Domino Login cross-site request forgery [CVE-2020-4127]
low
5.0
-
-
-
165467
HCL iNotes HTTP Session cleartext transmission [CVE-2020-4126]
low
2.6
-
-
-
165466
Upload Widget in OutSystems Platform unrestricted upload [CVE-2020-29441]
medium
7.5
-
-
-
165465
Tesla Model X Pairing certificate validation [CVE-2020-29440]
medium
5.8
-
-
-
165464
Tesla Model X Authentication improper authentication [CVE-2020-29439]
medium
5.8
-
-
-
165463
Tesla Model X Signature Verification signature verification [CVE-2020-29438]
low
2.3
-
-
-
165462
EventON Plugin Search Field addons cross site scripting
low
4.0
-
-
-
165461
dlt-daemon Diagnostic Log dlt_common.c dlt_filter_load buffer overflow
medium
5.2
-
-
-
165460
Quick Heal Total Security File Vault excessive authentication
low
3.4
-
-
-
165459
Quick Heal Total Security Quarantine inadequate encryption [CVE-2020-27586]
low
2.3
-
-
-
165458
Quick Heal Total Security excessive authentication [CVE-2020-27585]
low
4.0
-
-
-
165457
PbootCMS Password cross-site request forgery [CVE-2020-17901]
low
5.0
-
-
-
165456
Mitsubishi Electric MELSEC iQ-R denial of service [CVE-2020-16850]
medium
7.8
-
-
-
165455
Canon MF237w IPv4/ICMPv4 information disclosure [CVE-2020-16849]
low
3.3
-
-
-
165454
Automation Template classes injection
medium
6.0
-
-
-
165453
Audacity audacity-$USER temp file
medium
4.0
-
-
-
165452
Estil Hill Lock Password Manager Safe App backdoor [CVE-2020-29392]
medium
4.6
-
-
-
165451
ZeroShell kerbynet os command injection
medium
5.8
-
-
-
165450
NetArt News Lister News Headline cross site scripting [CVE-2020-29364]
low
4.0
-
-
-
165449
minidlna UPnP HTTP Request buffer overflow [CVE-2020-28926]
medium
6.5
-
-
-
165448
UCMS File Upload unrestricted upload [CVE-2020-25537]
medium
4.9
-
-
-
165447
IBM Business Automation Workflow log file [CVE-2020-4900]
low
2.1
-
-
-
165446
IBM Cloud Pak for Security session fixiation [CVE-2020-4696]
medium
6.5
-
-
-
165445
IBM Cloud Pak for Security csv injection [CVE-2020-4627]
medium
6.5
-
-
-
165444
IBM Cloud Pak for Security HTTP Request information disclosure
low
4.0
-
-
-
165443
IBM Cloud Pak for Security cookie without 'httponly' flag [CVE-2020-4625]
low
2.6
-
-
-
165442
IBM Cloud Pak for Security inadequate encryption [CVE-2020-4624]
low
2.6
-
-
-
165441
PNGOUT PNG File integer overflow [CVE-2020-29384]
medium
7.5
-
-
-
165440
Canto Plugin tree.php server-side request forgery
medium
5.8
-
-
-
165439
Canto Plugin get.php server-side request forgery
medium
5.8
-
-
-
165438
Canto Plugin detail.php server-side request forgery
medium
5.8
-
-
-
165437
Fujitsu Eternus Storage DX200 S4 csp improper restriction of rendered ui layers
medium
7.2
-
-
-
165436
Synology SafeAccess request.cgi sql injection
medium
7.5
-
-
-
165435
Synology SafeAccess cross site scripting [CVE-2020-27659]
low
4.0
-
-
-
165434
QEMU Host Controller Driver hcd-ohci.c stack-based overflow
medium
5.2
-
-
-
165433
Fuji Electric V-Server Lite out-of-bounds write [CVE-2020-25171]
medium
10.0
-
-
-
165432
V-SOL V1600D4L/V1600D-MINI RSA Private Key hard-coded key [CVE-2020-29383]
low
1.8
-
-
-
165431
V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 RSA Private Key hard-coded key
low
1.8
-
-
-
165430
V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 CLI command injection
medium
6.5
-
-
-
165429
V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 Telnet cleartext transmission
low
2.6
-
-
-
165428
V-SOL V1600D4L/V1600D-MINI Firmware Update sh improper authentication
medium
5.8
-
-
-
165427
V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 CLI hard-coded credentials
medium
5.8
-
-
-
165426
V-SOL V1600D hard-coded credentials [CVE-2020-29377]
medium
7.5
-
-
-
165425
V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 Telnet Service hard-coded credentials
medium
5.8
-
-
-
165424
V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 hard-coded password
low
2.3
-
-
-
165423
Linux Kernel gup gup.c get_user_pages race condition
low
4.9
-
-
-
165422
Linux Kernel Filesystem io_uring.c path traversal
medium
5.2
-
-
-
165421
Linux Kernel madvise.c do_madvise race condition
low
4.9
-
-
-
165420
Linux Kernel storage.c romfs_dev_read uninitialized pointer
low
2.3
-
-
-
165419
Linux Kernel Slowpath slub.c kmem_cache_alloc_bulk race condition
low
4.9
-
-
-
165418
Linux Kernel mmap.c expand_upwards race condition
low
4.9
-
-
-
165417
Linux Kernel THP Mapcount Check huge_memory.c __split_huge_pmd race condition
low
4.9
-
-
-
165416
Linux Kernel Fair Scheduler show_numa_stats use after free
medium
4.9
-
-
-
165415
Eclipse Jetty gzip injection [CVE-2020-27218]
medium
4.9
-
-
-
165414
Blosc C-Blosc2 Compressed Data blosc2.c heap-based overflow
medium
5.2
-
-
-
165413
systeminformation Prototype si.inetChecksite os command injection
medium
7.5
-
-
-
165412
com.softwaremill.akka-http-session Header cross-site request forgery
low
4.0
-
-
-
165411
Sagemcom F@ST3486 NET DOCSIS Configuration File backupsettings.conf access control
medium
5.0
-
-
-
165410
Devid Espenschied PC Analyser Physical Memory PCADRVX64.SYS privileges management
medium
6.6
-
-
-
165409
Devid Espenschied PC Analyser IOCTL Handler Function PCADRVX64.SYS memory corruption
medium
7.7
-
-
-
165408
Slurm proc race condition
low
1.4
-
-
-
165407
Slurm PMIx MPI plugin buffer overflow [CVE-2020-27745]
medium
5.2
-
-
-
165406
LibVNCServer Exception divide by zero [CVE-2020-25708]
low
2.3
-
-
-
165405
ZyXEL UTM/VPN HTTP Packet fbwifi_continue.cgi buffer overflow
medium
7.5
-
-
-
165404
Red Hat Enterprise Linux Unbound resource consumption [CVE-2020-10772]
low
2.3
-
-
-
165403
B&R Industrial Automation APROL AprolSqlServer improper authentication
medium
5.8
-
-
-
165402
B&R Industrial Automation APROL AprolSqlServer pathname traversal
medium
5.2
-
-
-
165401
B&R Industrial Automation APROL EnMon sql injection [CVE-2019-19876]
medium
6.5
-
-
-
165400
B&R Industrial Automation APROL AprolCluster Script injection
medium
4.9
-
-
-
165399
B&R Industrial Automation APROL Web Interface injection [CVE-2019-19874]
medium
4.9
-
-
-
165398
B&R Industrial Automation APROL AprolSqlServer DBMS improper authentication
medium
3.3
-
-
-
165397
B&R Industrial Automation APROL AprolLoader injection [CVE-2019-19872]
medium
4.9
-
-
-
165396
B&R Industrial Automation APROL IosHttp Service/JSON interface unknown vulnerability
low
4.9
-
-
-
165395
Crafter CMS Crafter Studio cross site scripting [CVE-2017-15686]
low
4.0
-
-
-
165394
Crafter CMS Crafter Studio xml external entity reference [CVE-2017-15685]
low
2.9
-
-
-
165393
Crafter CMS Crafter Studio pathname traversal [CVE-2017-15684]
medium
3.3
-
-
-
165392
Crafter CMS Crafter Studio information disclosure [CVE-2017-15683]
low
2.9
-
-
-
165391
Crafter CMS Crafter Studio injection [CVE-2017-15682]
medium
5.4
-
-
-
165390
Crafter CMS Crafter Studio pathname traversal [CVE-2017-15681]
medium
7.5
-
-
-
165389
Crafter CMS Crafter Studio resource injection [CVE-2017-15680]
medium
5.8
-
-
-
165388
CyberArk Endpoint Privilege Manager Credential Theft Protection protection mechanism
medium
4.9
-
-
-
165387
Ericsson BSCS iX R18 Billing & Rating cross site scripting [CVE-2020-29145]
low
4.0
-
-
-
165386
Ericsson BSCS iX R18 Billing & Rating Alert Dashboard Comment cross site scripting
low
4.0
-
-
-
165385
cPanel WHM Transfer Tool Interface cross site scripting [CVE-2020-29137]
low
4.0
-
-
-
165384
cPanel 2FA improper authentication [CVE-2020-29136]
medium
4.6
-
-
-
165383
cPanel URL Parameter injection [CVE-2020-29135]
medium
4.9
-
-
-
165382
Coremail XT Signature upload.jsp cross site scripting
low
4.0
-
-
-
165381
libslirp Packet Length slirp.c buffer overflow
medium
5.2
-
-
-
165380
libslirp Packet Length ncsi.c buffer overflow
medium
5.2
-
-
-
165379
BigBlueButton Email Address edit improper authentication
medium
5.8
-
-
-
165378
BigBlueButton excessive authentication [CVE-2020-29042]
low
5.0
-
-
-
165377
GLPI getDropdownValue.php resource injection
low
2.3
-
-
-
165376
GLPI comments.php resource injection
medium
4.9
-
-
-
165375
Zetetic SQLCipher sqlite3.c sqlite3Strlen30 use after free
low
3.5
-
-
-
165374
Cloudera Data Engineering cross-site request forgery [CVE-2020-26936]
low
4.0
-
-
-
165373
Intelbras TIP200/TIP200LITE/TIP300 cgiServer.exx pathname traversal
medium
5.2
-
-
-
165372
Intelbras TIP200/TIP200LITE/TIP300 cgiServer.exx cross site scripting
low
4.0
-
-
-
165371
djvalidator incorrect regex [CVE-2020-7779]
low
2.3
-
-
-
165370
systeminformation os command injection [CVE-2020-7778]
medium
7.5
-
-
-
165369
petl XML Document xml injection [CVE-2020-29128]
low
4.9
-
-
-
165368
FactoryTalk Linx Address Space Layout Randomization heap-based overflow
medium
7.5
-
-
-
165367
FactoryTalk Linx Check Routine denial of service [CVE-2020-27253]
low
5.0
-
-
-
165366
Rockwell Automation FactoryTalk Linx Port Range heap-based overflow
medium
7.5
-
-
-
165365
spice-vdagentd Client Connection race condition [CVE-2020-25653]
low
4.9
-
-
-
165364
spice-vdagentd Unix Domain Socket spice-vdagent-sock allocation of resources
low
1.7
-
-
-
165363
spice-vdagent File Transfer race condition [CVE-2020-25651]
low
4.9
-
-
-
165362
x11vnc shmget Call scan.c access control
medium
5.2
-
-
-
165361
osCommerce Newsletter cross site scripting [CVE-2020-29070]
low
4.0
-
-
-
165360
Nanopb Message memory corruption [CVE-2020-26243]
low
5.0
-
-
-
165359
GLPI caldav.php authorization
medium
4.0
-
-
-
165358
spice-vdagentd File Transfer spice-vdagent-sock allocation of resources
low
4.6
-
-
-
165357
Atlassian Fisheye/Crucible MessageBundleResource denial of service
low
3.5
-
-
-
165356
Atlassian Fisheye/Crucible EyeQL incorrect regex [CVE-2020-14190]
low
3.5
-
-
-
165355
LiquidFiles cross site scripting [CVE-2020-29072]
low
4.0
-
-
-
165354
LiquidFiles Attachment permission [CVE-2020-29071]
medium
5.2
-
-
-
165353
Go Ethereum Block denial of service [CVE-2020-26242]
low
4.0
-
-
-
165352
Go Ethereum Consensus calculation [CVE-2020-26241]
medium
4.0
-
-
-
165351
Go Ethereum ethash Mining DAG Generation calculation [CVE-2020-26240]
low
2.6
-
-
-
165350
CRIXP OpenCRX Password Change password recovery [CVE-2020-7378]
medium
7.5
-
-
-
165349
Vmware SD-WAN Orchestrator sql injection [CVE-2020-4003]
medium
5.2
-
-
-
165348
Vmware SD-WAN Orchestrator System Parameter permission assignment
low
5.2
-
-
-
165347
Vmware SD-WAN Orchestrator hard-coded password [CVE-2020-4001]
low
3.3
-
-
-
165346
Vmware SD-WAN Orchestrator pathname traversal [CVE-2020-4000]
medium
5.2
-
-
-
165345
Vmware SD-WAN Orchestrator API access control [CVE-2020-3985]
medium
6.5
-
-
-
165344
Vmware SD-WAN Orchestrator sql injection [CVE-2020-3984]
medium
6.5
-
-
-
165343
Modern Honey Network Geolocations utils.py _get_flag_ip_localdb denial of service
low
2.3
-
-
-
165342
CDATA FD8000 inadequate encryption [CVE-2020-29063]
low
1.7
-
-
-
165341
CDATA FD8000 improper authentication [CVE-2020-29062]
medium
7.5
-
-
-
165340
CDATA FD8000 hard-coded password [CVE-2020-29061]
medium
5.8
-
-
-
165339
CDATA FD8000 Debug Account hard-coded password [CVE-2020-29060]
medium
5.2
-
-
-
165338
CDATA FD8000 hard-coded password [CVE-2020-29059]
medium
5.4
-
-
-
165337
CDATA FD8000 missing encryption [CVE-2020-29058]
low
2.3
-
-
-
165336
CDATA FD8000 Telnet Service denial of service [CVE-2020-29057]
low
5.0
-
-
-
165335
CDATA FD8000 TFTP Config sandbox [CVE-2020-29056]
medium
7.7
-
-
-
165334
CDATA FD8000 Management Interface cleartext transmission [CVE-2020-29055]
low
2.6
-
-
-
165333
CDATA FD8000 missing encryption [CVE-2020-29054]
low
4.0
-
-
-
165332
Hrsale projects_calendar cross site scripting
low
4.0
-
-
-
165331
Xen stack-based overflow [CVE-2020-29040]
medium
5.2
-
-
-
165330
MISP ACL GalaxyElementsController.php access control
medium
5.2
-
-
-
165329
Karenderia Multiple Restaurant System sql injection [CVE-2020-28994]
medium
7.5
-
-
-
165328
musl libc Buffer Size buffer overflow [CVE-2020-28928]
medium
6.5
-
-
-
165327
SeedDMS out.AddDocument.php redirect
medium
4.9
-
-
-
165326
cron-utils Template injection [CVE-2020-26238]
medium
7.5
-
-
-
165325
Highlight.js code injection [CVE-2020-26237]
low
4.0
-
-
-
165324
Time Crate Environment Variable try_now_local null pointer dereference
low
2.3
-
-
-
165323
Jupyter Server redirect [CVE-2020-26232]
medium
7.5
-
-
-
165322
Pacemaker ACL access control [CVE-2020-25654]
medium
4.3
-
-
-
165321
Wildfly Resource Adapter log file [CVE-2020-25640]
low
1.7
-
-
-
165320
SimplePHPscripts News Script PHP Pro News Edit sql injection
medium
6.5
-
-
-
165319
SimplePHPscripts News Script PHP Pro cross site scripting [CVE-2020-25474]
low
4.0
-
-
-
165318
SimplePHPscripts News Script PHP Pro Session Cookie cookie without 'httponly' flag
low
2.6
-
-
-
165317
SimplePHPscripts News Script PHP Pro User cross-site request forgery
low
4.0
-
-
-
165316
RTA 499ES EtherNet-IP Adaptor Source Code stack-based overflow
medium
6.5
-
-
-
165315
MicroStrategy PDF Generator server-side request forgery [CVE-2020-24815]
medium
4.0
-
-
-
165314
Apache Unomi Endpoint context.json injection
medium
4.9
-
-
-
165313
FASTGate FGA2130FWB Admin Web Panel cross-site request forgery
low
4.0
-
-
-
165312
Heketi log file [CVE-2020-10763]
low
1.7
-
-
-
165311
gluster-block CLI cmd_history.log log file
low
1.7
-
-
-
165310
TOTOLINK A850R-V1/F1-V2 Management Interface backdoor [CVE-2015-9551]
medium
6.5
-
-
-
165309
TOTOLINK A850R-V1/F1-V2 Web Management Interface access control
medium
7.5
-
-
-
165308
MongoDB Message Decompressor denial of service [CVE-2019-20925]
low
5.0
-
-
-
165307
Seiko Epson Product untrusted search path [CVE-2020-5674]
medium
6.5
-
-
-
165306
Netgear GS108Ev3 cross-site request forgery [CVE-2020-5641]
low
4.0
-
-
-
165305
PollNY Extension Answer Option cross site scripting [CVE-2020-29003]
low
4.0
-
-
-
165304
CologneBlue Skin qbfind Message CologneBlueTemplate.php cross site scripting
low
4.0
-
-
-
165303
Gitea repo_form.go encoding error
medium
6.0
-
-
-
165302
Hashicorp Nomad/Nomad Enterprise Docker File Sandbox sandbox
medium
5.2
-
-
-
165301
Matrix Synap JSON denial of service [CVE-2020-26890]
low
3.5
-
-
-
165300
Ortus TestBox Query String HTMLRunner.cfm command injection
medium
6.0
-
-
-
165299
Ortus TestBox Query String index.cfm pathname traversal
medium
5.2
-
-
-
165298
MongoDB Ops Manager API Key information disclosure [CVE-2020-7927]
low
2.1
-
-
-
165297
VMware Workspace One Access command injection [CVE-2020-4006]
medium
5.2
-
-
-
165296
SPIP configurer_preferences.php unknown vulnerability [CVE-2020-28984]
low
4.9
-
-
-
165295
Magicpin User Registration cross site scripting [CVE-2020-28927]
low
5.0
-
-
-
165294
Mutt/NeoMutt IMAP Server Response cleartext transmission [CVE-2020-28896]
low
2.6
-
-
-
165293
WinSCP FTP Server denial of service [CVE-2020-28864]
low
2.6
-
-
-
165292
private-ip IP Range Filter server-side request forgery [CVE-2020-28360]
medium
6.5
-
-
-
165291
Scratch Regular Expression cross site scripting [CVE-2020-26239]
low
4.0
-
-
-
165290
October CMS Twig Sandbox authorization [CVE-2020-26231]
medium
5.8
-
-
-
165289
TYPO3 RSS Widget xml external entity reference [CVE-2020-26229]
medium
6.5
-
-
-
165288
TYPO3 Session Identifier cleartext storage [CVE-2020-26228]
low
2.6
-
-
-
165287
TYPO3 Fluid cross site scripting [CVE-2020-26227]
low
5.0
-
-
-
165286
PostgreSQL psql Interactive Terminal privileges management [CVE-2020-25696]
medium
9.0
-
-
-
165285
rhacm Internal API hard-coded key [CVE-2020-25688]
low
2.6
-
-
-
165284
Cephx improper authentication [CVE-2020-25660]
medium
5.8
-
-
-
165283
Playground Sessions UserProfiles.sol credentials storage
low
4.0
-
-
-
165282
Linux Kernel 8250_core.c serial8250_isa_init_ports null pointer dereference
low
1.7
-
-
-
165281
Linux Kernel Error Field block_dev.c use after free
low
1.7
-
-
-
165280
October CMS Upload File evil.svg cross site scripting
low
4.0
-
-
-
165279
October CMS New User authorization [CVE-2020-15248]
low
5.8
-
-
-
165278
October CMS Twig Sandbox authorization [CVE-2020-15247]
medium
5.8
-
-
-
165277
October CMS authorization [CVE-2020-15246]
low
5.0
-
-
-
165276
Jingyun Antivirus Driver ZySandbox.sys denial of service
low
4.6
-
-
-
165275
Jingyun Antivirus Driver ZySandbox.sys denial of service
low
4.6
-
-
-
165274
Jingyun Antivirus Driver ZySandbox.sys denial of service
low
4.6
-
-
-
165273
Jingyun Antivirus Driver ZySandbox.sys denial of service
low
4.6
-
-
-
165272
Jingyun Antivirus Driver hookbody.sys denial of service
low
4.6
-
-
-
165271
MongoDB Query buffer overflow [CVE-2020-7928]
medium
5.2
-
-
-
165270
SalesForce Tableau Server SAML unknown vulnerability [CVE-2020-6939]
medium
5.4
-
-
-
165269
IBM Spectrum Protect Plus hard-coded credentials [CVE-2020-4854]
medium
7.5
-
-
-
165268
IBM Spectrum Protect Plus channel accessible [CVE-2020-4783]
low
2.6
-
-
-
165267
IBM Spectrum Protect Operations Center WebSocket Event improper authentication
medium
5.0
-
-
-
165266
Intel BlueZ information disclosure [CVE-2020-12352]
low
3.3
-
-
-
165265
Intel BlueZ input validation [CVE-2020-12351]
medium
5.4
-
-
-
165264
Intel PROSet/Wireless WiFi out-of-bounds write [CVE-2020-0569]
low
1.7
-
-
-
165263
Tianocore EDK II denial of service [CVE-2019-14587]
low
2.9
-
-
-
165262
Tianocore EDK II use after free [CVE-2019-14586]
low
2.3
-
-
-
165261
Tianocore EDK II DxeImageVerificationHandler Local Privilege Escalation
low
4.3
-
-
-
165260
Tianocore EDK II Integer Truncation integer overflow [CVE-2019-14563]
low
4.3
-
-
-
165259
MongoDB recursion [CVE-2018-20803]
low
2.3
-
-
-
165258
MongoDB Server Selection Subsystem exceptional condition [CVE-2020-7926]
low
4.0
-
-
-
165257
MongoDB Role Name Parser denial of service [CVE-2020-7925]
low
5.0
-
-
-
165256
jsen Schema File Function.apply Remote Privilege Escalation
low
5.8
-
-
-
165255
CA Unified Infrastructure Management Robot Controller privileges management
low
4.3
-
-
-
165254
Hashicorp Consul/Consul Enterprise ACL permission [CVE-2020-28053]
low
2.7
-
-
-
165253
Security Onion sudo so-setup access control
medium
6.8
-
-
-
165252
OTRS improper authentication [CVE-2020-1778]
medium
5.2
-
-
-
165251
MongoDB use after free [CVE-2019-2393]
low
4.0
-
-
-
165250
MongoDB Mod Operator integer overflow [CVE-2019-2392]
low
4.0
-
-
-
165249
MongoDB IndexBoundsBuilder denial of service [CVE-2019-20924]
low
4.0
-
-
-
165248
MongoDB Javascript routine [CVE-2019-20923]
low
4.0
-
-
-
165247
Tianocore EDK II DxeImageVerificationHandler denial of service
low
1.7
-
-
-
165246
Tianocore EDK II resource consumption [CVE-2019-14559]
low
5.0
-
-
-
165245
Tianocore EDK II information disclosure [CVE-2019-14553]
low
4.0
-
-
-
165244
MongoDB denial of service [CVE-2018-20805]
low
4.0
-
-
-
165243
MongoDB applyOps Invocation denial of service [CVE-2018-20804]
low
4.0
-
-
-
165242
MongoDB QueryPlanner denial of service [CVE-2018-20802]
low
4.0
-
-
-
165241
Barco wePresent WiPG-1600W Firmware Update improper validation of integrity check value
high
8.5
-
-
-
165240
Barco wePresent WiPG-1600W SSH hard-coded credentials [CVE-2020-28334]
high
10.0
-
-
-
165239
Barco wePresent WiPG-1600W Web UI return.cgi access control
medium
6.5
-
-
-
165238
Barco wePresent WiPG-1600W authentication bypass [CVE-2020-28333]
medium
7.5
-
-
-
165237
Barco wePresent WiPG-1600W cleartext storage [CVE-2020-28330]
low
4.0
-
-
-
165236
Barco wePresent Service Port 4001 hard-coded credentials [CVE-2020-28329]
medium
7.5
-
-
-
165235
Libsvm Model SVM svm.cpp svm_predict_values denial of service
low
2.3
-
-
-
165234
Paradox IP150 stack-based overflow [CVE-2020-25189]
medium
7.5
-
-
-
165233
HCL Notes Email Message denial of service [CVE-2020-14258]
low
5.0
-
-
-
165232
HCL Domino denial of service [CVE-2020-14234]
low
2.3
-
-
-
165231
HCL Domino Email Message denial of service [CVE-2020-14230]
low
5.0
-
-
-
165230
TP-LINK Archer C9 symlink [CVE-2020-5797]
medium
4.6
-
-
-
165229
Xpdf SplashOutputDev.cc endType3Char use after free
medium
4.3
-
-
-
165228
Paradox IP150 buffer overflow [CVE-2020-25185]
medium
6.5
-
-
-
165227
Netis Korea D'live AP Time Setting command injection [CVE-2020-7842]
medium
6.2
-
-
-
165226
IBM Sterling B2B Integrator Standard Edition inadequate encryption
low
2.6
-
-
-
165225
IBM DB2 Accessories Suite/DB2/DB2 Connect Server untrusted search path
medium
6.8
-
-
-
165224
VMware ESXi System Call privileges management [CVE-2020-4005]
medium
6.5
-
-
-
165223
VMware ESXi/Workstation/Fusion XHCI USB Controller use after free
medium
6.5
-
-
-
165222
Linux Kernel fbcon vt.c KD_FONT_OP_COPY out-of-bounds read
low
4.3
-
-
-
165221
TP-LINK WDR7400 devDiscoverHandle Server copy_msg_element buffer overflow
medium
5.2
-
-
-
165220
Netskope Admin Portal csv injection [CVE-2020-28845]
medium
5.4
-
-
-
165219
ScratchVerifier improper authentication [CVE-2020-26236]
medium
5.8
-
-
-
165218
NetIQ Identity Manager injection [CVE-2020-25839]
medium
4.9
-
-
-
165217
PDFResurrect Header Validation pdf_get_version heap-based overflow
medium
5.2
-
-
-
165216
libvips im_vips2dz.c im_vips2dz uninitialized pointer
medium
6.0
-
-
-
165215
libsixel fromgif.c gif_out_code array index
medium
4.9
-
-
-
165214
ImageMagick xpm.c ReadXPMImage buffer overflow
medium
7.5
-
-
-
165213
Drupal File unrestricted upload [CVE-2020-13671]
medium
4.9
-
-
-
165212
Mitsubishi Electric MELSEC iQ-R resource consumption [CVE-2020-5668]
low
4.3
-
-
-
165211
IBM Power9 L1 Cache information disclosure [CVE-2020-4788]
low
1.7
-
-
-
165210
Schneider Electric EcoStruxure Building Operation WebReports Access Control access control
medium
6.5
-
-
-
165209
Schneider Electric EcoStruxure Building Operation WebReports XML External Entity xml external entity reference
medium
6.0
-
-
-
165208
Schneider Electric EcoStruxure Building Operation WebReports Web Page Generation cross site scripting
low
4.0
-
-
-
165207
Schneider Electric EcoStruxure Building Operation WebReports Web Page Generation cross site scripting
low
4.0
-
-
-
165206
Schneider Electric EcoStruxure Building Operation WebReports unrestricted upload
medium
6.0
-
-
-
165205
Schneider Electric Modicon M221 information disclosure [CVE-2020-7568]
low
2.3
-
-
-
165204
Schneider Electric Modicon M221 missing encryption [CVE-2020-7567]
low
2.3
-
-
-
165203
Schneider Electric Modicon M221 random values [CVE-2020-7566]
low
2.3
-
-
-
165202
Schneider Electric Modicon M221 inadequate encryption [CVE-2020-7565]
low
1.8
-
-
-
165201
Schneider Electric Easergy T300 access control [CVE-2020-7561]
medium
6.5
-
-
-
165200
Schneider Electric EcoStruxure Control Expert PLC Simulator buffer overflow
medium
5.2
-
-
-
ID
Title
VulDB
CVSS
Secunia
XForce
Nessus
165199
Schneider Electric IGSS Definition Configuration Group File Def.exe out-of-bounds write
medium
6.5
-
-
-
165198
Schneider Electric IGSS Definition Configuration Group File Def.exe out-of-bounds read
low
3.5
-
-
-
165197
Schneider Electric IGSS Definition Configuration Group File Def.exe out-of-bounds write
medium
6.5
-
-
-
165196
Schneider Electric IGSS Definition Configuration Group File Def.exe out-of-bounds write
medium
6.5
-
-
-
165195
Schneider Electric IGSS Definition Configuration Group File Def.exe memory corruption
medium
6.5
-
-
-
165194
Schneider Electric IGSS Definition Configuration Group File Def.exe out-of-bounds write
medium
6.5
-
-
-
165193
Schneider Electric IGSS Definition Configuration Def.exe memory corruption
medium
6.5
-
-
-
165192
Schneider Electric IGSS Definition Configuration Def.exe memory corruption
medium
6.5
-
-
-
165191
Schneider Electric IGSS Definition Def.exe memory corruption
medium
6.5
-
-
-
165190
Schneider Electric EcoStruxure Operator Terminal Expert privileges management
medium
5.2
-
-
-
165189
Schneider Electric EcoStruxure Control Expert PLC Simulator unusual condition
low
2.3
-
-
-
165188
BigBlueButton Control Character ApiController.groovy escape output
low
4.9
-
-
-
165187
BigBlueButton Poll permission assignment [CVE-2020-28953]
low
2.3
-
-
-
165186
Sokrates SOWA SowaSQL OPAC sowacgi.php cross site scripting
low
4.0
-
-
-
165185
Schneider Electric EcoStruxure Control Expert PLC Simulator code download
low
2.3
-
-
-
165184
Schneider Electric EcoStruxure Control Expert PLC Simulator excessive authentication
low
5.0
-
-
-
165183
Schneider Electric EcoStruxure Control Expert PLC Simulator authorization
medium
5.8
-
-
-
165182
Schneider Electric EcoStruxure Building Operation WebStation Web Page Generation cross site scripting
low
4.0
-
-
-
165181
Schneider Electric EcoStruxure Building Operation Enterprise Server Installer unquoted search path
medium
9.0
-
-
-
165180
Pritunl Electron Client access control [CVE-2020-25989]
medium
7.7
-
-
-
165179
OpenWrt libuci file.c uci_parse_package use after free
medium
4.9
-
-
-
165178
Archive_Tar Filename injection [CVE-2020-28949]
medium
4.9
-
-
-
165177
Archive_Tar PHAR deserialization [CVE-2020-28948]
medium
4.9
-
-
-
165176
Linux Kernel Speakup Driver spk_ttyio.c denial of service
low
1.7
-
-
-
165175
Rclone entropy [CVE-2020-28924]
low
1.4
-
-
-
165174
ZTE ZXHN Z500/ZXHN F670L Rule Configuration input validation
low
4.9
-
-
-
165173
MISP Template Element cross site scripting [CVE-2020-28947]
low
4.0
-
-
-
165172
PrimeKey EJBCA EJBCA Enrollment improper authorization [CVE-2020-28942]
medium
4.0
-
-
-
165171
Moodle Participants Table Download insertion of sensitive information into sent data
low
2.7
-
-
-
165170
Moodle cross site scripting [CVE-2020-25702]
low
4.0
-
-
-
165169
Moodle Upload Course Tool access control [CVE-2020-25701]
medium
5.2
-
-
-
165168
Moodle Database Module Web Service sql injection [CVE-2020-25700]
medium
6.5
-
-
-
165167
Moodle Capability Check access control [CVE-2020-25699]
medium
5.2
-
-
-
165166
Moodle User Enrollment access control [CVE-2020-25698]
medium
5.2
-
-
-
165165
YzmCMS Editor cross site scripting [CVE-2020-22394]
low
4.0
-
-
-
165164
TwinCAT XAR TcSysUI.exe default permission
medium
6.8
-
-
-
165163
Endress+Hauser Ecograph T information disclosure [CVE-2020-12496]
low
5.0
-
-
-
165162
Endress+Hauser Ecograph T Web-based User Interface Private privileges management
medium
7.5
-
-
-
165161
Johnson Controls American Dynamics Victor Web Client HTTP API improper authorization
medium
5.8
-
-
-
165160
IBM Jazz Reporting Service Web UI cross site scripting [CVE-2020-4718]
low
4.0
-
-
-
165159
IBM DB2/DB2 Connect Server buffer overflow [CVE-2020-4701]
medium
6.8
-
-
-
165158
JamoDat TSMManager Collector authorization [CVE-2020-28054]
medium
6.0
-
-
-
165157
com.oppo.ovoicemanager permission [CVE-2020-11831]
medium
5.2
-
-
-
165156
com.oppo.qualityprotect unknown vulnerability [CVE-2020-11830]
medium
4.9
-
-
-
165155
com.coloros.codebook Backup/Restore SDK privileges management
medium
4.9
-
-
-
165154
Nextcloud Social Server Certificate certificate validation [CVE-2020-8279]
medium
7.5
-
-
-
165153
Nextcloud Social App access control [CVE-2020-8278]
medium
5.2
-
-
-
165152
Node.js DNS Request resource consumption [CVE-2020-8277]
low
2.3
-
-
-
165151
F5 BIG-IP/BIG-IP Virtual Edition TCP Sequence Number random values
low
5.1
-
-
-
165150
PulseAudio Bluez module-bluez5-device.c double free
medium
4.3
-
-
-
165149
InfluxDB JWT Token handler.go improper authentication
medium
5.8
-
-
-
165148
Cisco DNA Spaces Connector Web-based Management Interface os command injection
medium
7.5
-
-
-
165147
Cisco IoT Field Network Director REST API missing authentication
medium
7.5
-
-
-
165146
Cisco Expressway Software TURN Server access control [CVE-2020-3482]
medium
7.5
-
-
-
165145
Cisco Webex Meetings/WebEx Meetings Server Connection input validation
medium
6.5
-
-
-
165144
Cisco Integrated Management Controller API Subsystem memory corruption
high
10.0
-
-
-
165143
Cisco Webex Meetings/WebEx Meetings Server Meeting Room Lobby information disclosure
low
4.0
-
-
-
165142
Cisco Webex Meetings/WebEx Meetings Server Authentication Token dynamically-managed code resources
medium
5.1
-
-
-
165141
Trend Micro InterScan Web Security Virtual Appliance HTTP Message ModifyVLANItem os command injection
medium
6.5
-
-
-
165140
Trend Micro InterScan Web Security Virtual Appliance HTTP Message AddVLANItem os command injection
medium
6.5
-
-
-
165139
Trend Micro InterScan Web Security Virtual Appliance HTTP Message out-of-bounds write
medium
6.0
-
-
-
165138
Trend Micro InterScan Web Security Virtual Appliance HTTP Message out-of-bounds write
medium
6.8
-
-
-
165137
Trend Micro Worry-Free Business Security Management Console path traversal
medium
7.5
-
-
-
165136
Trend Micro Apex One Product Installer access control [CVE-2020-28572]
medium
5.2
-
-
-
165135
Trend Micro Security 2020 Installation symlink [CVE-2020-27697]
medium
4.3
-
-
-
165134
Trend Micro Security 2020 Installation untrusted search path
medium
6.8
-
-
-
165133
Trend Micro Security 2020 Installation untrusted search path
low
4.3
-
-
-
165132
semantic-release URL escape output [CVE-2020-26226]
medium
7.5
-
-
-
165131
Jupyter Notebook Link redirect [CVE-2020-26215]
low
4.6
-
-
-
165130
grocy Add Recipe Module cross site scripting [CVE-2020-25454]
low
4.0
-
-
-
165129
Beijing Liangjing Zhicheng ljcmsshop user.php cross site scripting
low
4.0
-
-
-
165128
SuiteCRM Accounts/Contacts/Opportunities/Leads csv injection
medium
4.9
-
-
-
165127
SuiteCRM Documents Module redirect [CVE-2020-15300]
medium
4.9
-
-
-
165126
SuiteCRM Documents Preview cross site scripting [CVE-2020-14208]
low
4.0
-
-
-
165125
Western Digital iNAND authentication replay [CVE-2020-13799]
medium
5.8
-
-
-
165124
GitLab Enterprise Edition Schedule denial of service [CVE-2020-13360]
low
4.0
-
-
-
165123
GitLab Community Edition/Enterprise Edition Project Maintainer state issue
low
5.8
-
-
-
165122
GitLab Community Edition/Enterprise Edition Multipart Protection information disclosure
low
5.0
-
-
-
165121
GitLab Community Edition/Enterprise Edition LFS Upload EE path traversal
medium
4.6
-
-
-
165120
Symantec Endpoint Detection & Response information disclosure
low
2.3
-
-
-
165119
Libapreq2 Multipart Parser denial of service [CVE-2019-12412]
low
4.0
-
-
-
165118
Valve Game Networking Sockets Negative Offset SNP_ReceiveUnreliableSegment memory corruption
medium
6.5
-
-
-
165117
IBM MQ Appliance Segmented Message denial of service [CVE-2020-4592]
low
2.1
-
-
-
165116
Cisco IoT Field Network Director API missing authentication [CVE-2020-3392]
medium
7.5
-
-
-
165115
Cisco Secure Web Appliance Log Subscription Subsystem os command injection
medium
4.3
-
-
-
165114
Werkzeug URL redirect [CVE-2020-28724]
low
4.9
-
-
-
165113
Google Go argument injection [CVE-2020-28367]
medium
7.5
-
-
-
165112
Google Go code injection [CVE-2020-28366]
medium
7.5
-
-
-
165111
Google Go certificate validation [CVE-2020-28362]
medium
5.0
-
-
-
165110
cxuucms search.php sql injection
medium
6.5
-
-
-
165109
TP-LINK TL-WPA4220 POST Request syslog denial of service
low
3.5
-
-
-
165108
Cisco Webex Meeting API cross site scriting [CVE-2020-27126]
low
5.0
-
-
-
165107
Trusted Computing Group Trusted Platform Module Library Family initialization
medium
4.9
-
-
-
165106
RSA Archer URL cross site scripting [CVE-2020-26884]
low
5.0
-
-
-
165105
Planet Technology Corp NVR-915/NVR-1615 Telnet Server hard-coded credentials
high
10.0
-
-
-
165104
Cisco IoT Field Network Director Web UI cross site scripting
low
5.0
-
-
-
165103
Cisco IoT Field Network Director JSON access control [CVE-2020-26080]
medium
6.5
-
-
-
165102
Cisco IoT Field Network Director credentials storage [CVE-2020-26079]
low
4.0
-
-
-
165101
Cisco IoT Field Network Director API file inclusion [CVE-2020-26078]
medium
6.5
-
-
-
165100
Cisco IoT Field Network Director access control [CVE-2020-26077]
medium
6.5
-
-
-
165099
Cisco IoT Field Network Director access control [CVE-2020-26076]
medium
5.0
-
-
-
165098
Cisco IoT Field Network Director REST API sql injection [CVE-2020-26075]
medium
6.5
-
-
-
165097
Cisco IoT Field Network Director SOAP API access control [CVE-2020-26072]
medium
5.8
-
-
-
165096
Cisco TelePresence Collaboration Endpoint/RoomOS xAPI service authorization
medium
5.8
-
-
-
165095
lemocms Uploads.php unrestricted upload
medium
4.9
-
-
-
165094
TP-LINK TL-WPA4220 httpd powerline os command injection
medium
6.5
-
-
-
165093
Schneider Electric Modicon M340 Web Server buffer overflow [CVE-2020-7564]
medium
5.2
-
-
-
165092
Schneider Electric Modicon M340 Web Server out-of-bounds write
medium
5.2
-
-
-
165091
Schneider Electric Modicon M340 Web Server out-of-bounds read
low
2.7
-
-
-
165090
Kamailio Whitespace remove_hf protection mechanism
medium
4.9
-
-
-
165089
PHPGurukul User Registration & Login/User Management System Admin Panel cross site scripting
low
4.0
-
-
-
165088
view_statistics Extension missing encryption [CVE-2020-28917]
low
2.3
-
-
-
165087
Linux Kernel fbcon buffer overflow [CVE-2020-28915]
low
1.7
-
-
-
165086
Kata Containers permission [CVE-2020-28914]
medium
5.2
-
-
-
165085
SourceCodester Water Billing System process.php sql injection
medium
6.5
-
-
-
165084
SourceCodester Online Clothing Store Image Upload Products.php unrestricted upload
medium
6.0
-
-
-
165083
SourceCodester Online Clothing Store offer.php cross site scripting
low
4.0
-
-
-
165082
SourceCodester Online Clothing Store login.php sql injection
medium
6.5
-
-
-
165081
SourceCodester Tourism Management System create-package.php unrestricted upload
medium
6.0
-
-
-
165080
SourceCodester Simple Grocery Store Sales and Inventory System login.php sql injection
medium
7.5
-
-
-
165079
SourceCodester Library Management System Image Upload unrestricted upload
medium
6.0
-
-
-
165078
SourceCodester Gym Management System cross site scripting [CVE-2020-28129]
low
4.0
-
-
-
165077
PESCMS Team Parameter cross site scripting [CVE-2020-28092]
low
4.0
-
-
-
165076
Kaa IoT Platform Dashboard cross site scripting [CVE-2020-26701]
low
4.0
-
-
-
165075
Aviatrix Controller API unrestricted upload [CVE-2020-26553]
medium
4.9
-
-
-
165074
Aviatrix Controller API Endpoint improper authentication [CVE-2020-26552]
medium
5.8
-
-
-
165073
Aviatrix Controller credentials storage [CVE-2020-26551]
low
1.4
-
-
-
165072
Aviatrix Controller Encrypted File insufficiently protected credentials
low
1.8
-
-
-
165071
Aviatrix Controller .htaccess protection mechanism [CVE-2020-26549]
medium
4.9
-
-
-
165070
Aviatrix Controller sudo access control [CVE-2020-26548]
medium
9.0
-
-
-
165069
GitLab Community Edition/Enterprise Edition Package Upload path traversal
medium
6.5
-
-
-
165068
TYPO3 Fluid cross site scripting [CVE-2020-26216]
low
5.0
-
-
-
165067
Genexis Platinum 4410 UPNP/Freeciv Service X_GetAccess information disclosure
low
2.3
-
-
-
165066
Kyocera ECOSYS M2640IDW Machine Address Book cross site scripting
low
4.0
-
-
-
165065
Taskcafe Project Management Tool Access Token information disclosure
medium
6.0
-
-
-
165064
GitLab Community Edition/Enterprise Edition Scheduled Pipeline API permission
medium
4.0
-
-
-
165063
GitLab Community Edition/Enterprise Edition Administration Page cross-site request forgery
low
4.0
-
-
-
165062
GitLab Enterprise Edition Advanced Search incorrect regex [CVE-2020-13349]
medium
4.0
-
-
-
165061
GitLab Enterprise Edition Branch access control [CVE-2020-13348]
medium
6.5
-
-
-
165060
BASETech GE-131 BT-1837836 Video Stream information disclosure
low
5.0
-
-
-
165059
BASETech GE-131 BT-1837836 Video Stream information disclosure
low
1.7
-
-
-
165058
BASETech GE-131 BT-1837836 Remote Code Execution [CVE-2020-27556]
medium
5.1
-
-
-
165057
BASETech GE-131 BT-1837836 Telnet Server hard-coded credentials
high
10.0
-
-
-
165056
BASETech GE-131 BT-1837836 missing encryption [CVE-2020-27554]
low
2.6
-
-
-
165055
BASETech GE-131 BT-1837836 pathname traversal [CVE-2020-27553]
medium
5.0
-
-
-
165054
LimeSurvey cross site scripting [CVE-2020-25798]
low
4.0
-
-
-
165053
fastadmin-tp6 Ajax.php sql injection
medium
6.5
-
-
-
165052
Tobesoft XPlatform hta File input validation
medium
4.9
-
-
-
165051
y18n code injection [CVE-2020-7774]
medium
5.2
-
-
-
165050
Artworks Gallery in PHP, CSS, JavaScript, and MySQL Artwork unrestricted upload
medium
6.0
-
-
-
165049
Artworks Gallery in PHP, CSS, JavaScript, and MySQL unrestricted upload
medium
6.0
-
-
-
165048
Progress MOVEit Transfer cross site scripting [CVE-2020-28647]
low
4.0
-
-
-
165047
ResourceXpress Qubi3 Debug Interface information disclosure [CVE-2020-25746]
low
2.1
-
-
-
165046
BinaryNights ForkLift injection [CVE-2020-27192]
medium
4.3
-
-
-
165045
Cisco Security Manager Serialized Java Object deserialization
medium
7.6
-
-
-
165044
Cisco Security Manager pathname traversal [CVE-2020-27130]
medium
7.5
-
-
-
165043
Cisco Security Manager input validation [CVE-2020-27125]
low
5.1
-
-
-
165042
GitLab Enterprise Edition Private Project information disclosure
low
5.0
-
-
-
165041
Micro Focus Arcsight Logger cross site scripting [CVE-2020-25834]
low
4.0
-
-
-
165040
Micro Focus IDOL cross site scripting [CVE-2020-25833]
low
4.0
-
-
-
165039
Micro Focus Filr Scripting cross site scripting [CVE-2020-25832]
low
4.0
-
-
-
165038
Linux Kernel ICMP Packet random values [CVE-2020-25705]
low
4.0
-
-
-
165037
BinaryNights ForkLift Helper Tool access control [CVE-2020-15349]
medium
4.3
-
-
-
165036
KeyCloak unnecessary privileges [CVE-2020-14389]
medium
6.5
-
-
-
165035
GitLab Community Edition/Enterprise Edition Kubernetes Agent API access control
low
1.0
-
-
-
165034
GitLab Community Edition/Enterprise Edition Container Registry resource consumption
low
4.0
-
-
-
165033
Gitaly Import information disclosure [CVE-2020-13353]
low
0.8
-
-
-
165032
GitLab Community Edition/Enterprise Edition Project EE information disclosure
low
2.6
-
-
-
165031
Micro Focus Arcsight Logger cross site scripting [CVE-2020-11860]
low
4.0
-
-
-
165030
Micro Focus Arcsight Logger code injection [CVE-2020-11851]
medium
6.0
-
-
-
165029
Keycloak cross site scripting [CVE-2020-10776]
low
4.0
-
-
-
165028
HorizontCMS Theme
unrestricted upload
medium
6.5
-
-
-
165027
GARMIN Forerunner 235 ConnectIQ TVM buffer overflow [CVE-2020-27486]
medium
5.2
-
-
-
165026
GARMIN Forerunner 235 ConnectIQ TVM use after free [CVE-2020-27485]
medium
4.9
-
-
-
165025
GARMIN Forerunner 235 ConnectIQ TVM write integer overflow
medium
4.9
-
-
-
165024
GARMIN Forerunner 235 ConnectIQ TVM array index [CVE-2020-27483]
medium
6.0
-
-
-
165023
Airleader Master Tomcat Manager hard-coded credentials [CVE-2020-26510]
medium
7.5
-
-
-
165022
Airleader Master/Easy hard-coded credentials [CVE-2020-26509]
medium
3.3
-
-
-
165021
Canon Oce ColorWave 3500 WebTools information disclosure [CVE-2020-26508]
low
2.3
-
-
-
165020
PrestaShop Product Comments Link cross site scripting [CVE-2020-26225]
low
4.0
-
-
-
165019
PrestaShop Shopping Cart access control [CVE-2020-26224]
medium
5.0
-
-
-
165018
Xstream Security Framework os command injection [CVE-2020-26217]
medium
4.6
-
-
-
165017
IBM Sterling File Gateway Authorization Token missing secure attribute
low
2.6
-
-
-
165016
IBM Sterling B2B Integrator Standard Edition Web UI cross site scripting
low
4.0
-
-
-
165015
IBM Sterling B2B Integrator Standard Edition Privileges access control
medium
4.6
-
-
-
165014
IBM Sterling B2B Integrator Standard Edition Dashboard UI information disclosure
low
4.0
-
-
-
165013
IBM Business Automation Workflow Web UI cross site scripting
low
4.0
-
-
-
165012
IBM Sterling B2B Integrator Standard Edition log file [CVE-2020-4671]
low
4.0
-
-
-
165011
IBM Sterling File Gateway Authorization Token missing secure attribute
low
2.6
-
-
-
165010
IBM Sterling B2B Integrator Standard Edition sql injection [CVE-2020-4655]
medium
6.5
-
-
-
165009
IBM Sterling File Gateway sql injection [CVE-2020-4647]
medium
6.5
-
-
-
165008
IBM Sterling B2B Integrator Standard Edition log file [CVE-2020-4566]
low
4.0
-
-
-
165007
IBM Sterling File Gateway information exposure [CVE-2020-4476]
low
5.0
-
-
-
165006
IBM Sterling B2B Integrator Standard Edition information exposure
low
4.0
-
-
-
165005
CloudAvid PParam setAddress memory leak
low
2.3
-
-
-
165004
Gila CMS unrestricted upload [CVE-2020-28692]
medium
6.0
-
-
-
165003
Nagios XI Account Information cross site scripting [CVE-2020-27991]
low
4.0
-
-
-
165002
Nagios XI Deployment Tool cross site scripting [CVE-2020-27990]
low
4.0
-
-
-
165001
Nagios XI Dashboard Tools cross site scripting [CVE-2020-27989]
low
4.0
-
-
-
165000
Nagios XI Manage Users Page cross site scripting [CVE-2020-27988]
low
4.0
-
-
-
164999
AVideo information disclosure [CVE-2020-23490]
low
2.1
-
-
-
164998
Avideo import.json.php access control
medium
6.5
-
-
-
164997
JetBrains TeamCity Dependency unknown vulnerability [CVE-2020-27629]
low
4.9
-
-
-
164996
JetBrains TeamCity Audit Record unknown vulnerability [CVE-2020-27628]
low
4.9
-
-
-
164995
JetBrains TeamCity URL injection [CVE-2020-27627]
medium
4.9
-
-
-
164994
JetBrains YouTrack server-side request forgery [CVE-2020-27626]
medium
5.2
-
-
-
164993
JetBrains YouTrack Notification information disclosure [CVE-2020-27625]
low
2.3
-
-
-
164992
JetBrains YouTrack server-side request forgery [CVE-2020-27624]
medium
5.2
-
-
-
164991
JetBrains IdeaVim information disclosure [CVE-2020-27623]
low
2.3
-
-
-
164990
JetBrains IntelliJ IDEA Web Server information disclosure [CVE-2020-27622]
low
2.3
-
-
-
164989
Chronoforeum Post cross site scripting [CVE-2020-27459]
low
4.0
-
-
-
164988
Anuko Time Tracker Password Reset denial of service [CVE-2020-27423]
low
2.3
-
-
-
164987
Anuko Time Tracker password recovery [CVE-2020-27422]
medium
5.1
-
-
-
164986
LionWiki index.php file inclusion
medium
5.4
-
-
-
164985
JetBrains Ktor request smuggling [CVE-2020-26129]
medium
4.9
-
-
-
164984
PHPGurukul User Registration & Login/User Management System sql injection
medium
7.5
-
-
-
164983
JetBrains YouTrack Workflow Rule behavioral workflow [CVE-2020-25210]
medium
4.9
-
-
-
164982
JetBrains YouTrack REST API access control [CVE-2020-25209]
medium
4.0
-
-
-
164981
JetBrains ToolBox Browser Protocol Remote Privilege Escalation
medium
6.0
-
-
-
164980
JetBrains ToolBox Browser Protocol denial of service [CVE-2020-25013]
low
2.3
-
-
-
164979
JetBrains YouTrack Backup information disclosure [CVE-2020-24366]
low
2.3
-
-
-
164978
Ivanti Endpoint Manager frm_splitfrm.aspx cross site scripting
low
4.0
-
-
-
164977
Ivanti Endpoint Manager ldprov.cgi information disclosure
low
2.7
-
-
-
164976
Ivanti Endpoint Manager alert_log.aspx sql injection
medium
6.5
-
-
-
164975
Amazon AWS Encryption SDK AES-GCM cryptographic issues [CVE-2020-8897]
low
2.3
-
-
-
164974
markdown-it-highlightjs cross site scripting [CVE-2020-7773]
low
4.0
-
-
-
164973
Firebase util DeepCopy.ts deepExtend code injection
medium
5.1
-
-
-
164972
Citrix SD-WAN Center os command injection [CVE-2020-8273]
medium
7.7
-
-
-
164971
Citrix SD-WAN Center improper authentication [CVE-2020-8272]
medium
5.8
-
-
-
164970
Citrix SD-WAN Center path traversal [CVE-2020-8271]
high
10.0
-
-
-
164969
Citrix Virtual Apps/XenDesktop os command injection [CVE-2020-8270]
medium
9.0
-
-
-
164968
Citrix Virtual Apps/XenDesktop access control [CVE-2020-8269]
medium
9.0
-
-
-
164967
Nextcloud Server insufficiently protected credentials [CVE-2020-8259]
medium
5.8
-
-
-
164966
Nextcloud Server insufficiently protected credentials [CVE-2020-8152]
medium
4.9
-
-
-
164965
Mitsubishi Electric MELSEC iQ-R resource consumption [CVE-2020-5666]
low
3.5
-
-
-
164964
XooNIps deserialization [CVE-2020-5664]
medium
6.0
-
-
-
164963
XooNIps cross site scripting [CVE-2020-5663]
low
4.0
-
-
-
164962
XooNIps cross site scripting [CVE-2020-5662]
low
4.0
-
-
-
164961
XooNIps sql injection [CVE-2020-5659]
medium
6.5
-
-
-
164960
Volkswagen Polo Discover Media Infotainment System insufficient verification of data authenticity
medium
6.2
-
-
-
164959
WPBakery XSS Protection Mechanism kses_remove_filters protection mechanism
medium
6.5
-
-
-
164958
orbisius-child-theme-creator orbisius_ctc_theme_editor_manage_file cross-site request forgery
low
5.0
-
-
-
164957
Nagios XI Auto-Discovery input validation [CVE-2020-28648]
medium
6.5
-
-
-
164956
InfiniteWP Admin Panel Password resetPasswordSendMail password recovery
medium
7.5
-
-
-
164955
controlled-merge Prototype code injection [CVE-2020-28268]
medium
6.5
-
-
-
164954
PostgreSQL permission [CVE-2020-25695]
medium
6.5
-
-
-
164953
PostgreSQL Client Application downgrade [CVE-2020-25694]
low
2.6
-
-
-
164952
QNAP QTS os command injection [CVE-2020-2492]
medium
5.8
-
-
-
164951
QNAP QTS command injection [CVE-2020-2490]
medium
8.3
-
-
-
164950
Daimler Mercedes HERMES Debug Interface information disclosure
low
1.2
-
-
-
164949
Daimler Mercedes HERMES improper authentication [CVE-2019-19562]
low
3.7
-
-
-
164948
Daimler Mercedes HERMES Debug Interface information disclosure
low
1.2
-
-
-
164947
Daimler Mercedes HERMES Debug Interface improper authentication
low
3.7
-
-
-
164946
Daimler Mercedes HERMES Debug Interface information disclosure
low
1.2
-
-
-
164945
Daimler Mercedes HERMES Debug Interface improper authentication
medium
4.6
-
-
-
164944
Reddoxx MailDepot cross site scripting [CVE-2020-26554]
low
4.0
-
-
-
164943
doc-path denial of service [CVE-2020-7772]
low
5.0
-
-
-
164942
One Identity Password Manager insertion of sensitive information into sent data
low
1.4
-
-
-
164941
Opera Touch Address Bar clickjacking [CVE-2020-6157]
low
5.0
-
-
-
164940
Nagios XI permission [CVE-2020-5796]
medium
4.3
-
-
-
164939
Tomb ask_password information disclosure
low
2.3
-
-
-
164938
Eclipse Hono AMQP Protocol Adapter resource consumption [CVE-2020-27217]
low
2.3
-
-
-
164937
Radar COVID Notification information disclosure [CVE-2020-26230]
low
2.6
-
-
-
164936
Spree APIv2 authorization [CVE-2020-26223]
medium
6.5
-
-
-
164935
PassMark BurnInTest/OSForensics/PerformanceTest IOCTL DirectIo32.sys memory corruption
medium
4.6
-
-
-
164934
rConfig userprocess.php improper authentication [CVE-2020-13638]
medium
5.8
-
-
-
164933
Intel Open WebRTC Toolkit control flow [CVE-2020-12338]
medium
7.5
-
-
-
164932
Intel PROSet/Wireless WiFi control flow [CVE-2020-12313]
medium
5.8
-
-
-
164931
Intel CPU PMC access control [CVE-2020-0599]
medium
4.3
-
-
-
164930
Huawei Mate 30 buffer overflow [CVE-2020-9129]
medium
4.3
-
-
-
164929
Huawei Secospace USG9500 injection.Affected command injection
medium
5.2
-
-
-
164928
NetApp Element Software inadequate encryption [CVE-2020-8583]
low
2.6
-
-
-
164927
NetApp Element Software information disclosure [CVE-2020-8582]
low
2.3
-
-
-
164926
Pixar OpenUSD USD File heap-based overflow [CVE-2020-6156]
medium
5.2
-
-
-
164925
Pixar OpenUSD USD File heap-based overflow [CVE-2020-6155]
medium
6.5
-
-
-
164924
Pixar OpenUSD Decompression heap-based overflow [CVE-2020-6150]
medium
5.2
-
-
-
164923
Pixar OpenUSD USD File heap-based overflow [CVE-2020-6149]
medium
5.2
-
-
-
164922
Pixar OpenUSD Decompression heap-based overflow [CVE-2020-6148]
medium
5.2
-
-
-
164921
Pixar OpenUSD Decompression heap-based overflow [CVE-2020-6147]
medium
5.2
-
-
-
164920
Valve Game Networking Sockets Statistics Message Received_Data denial of service
low
2.7
-
-
-
164919
IBM InfoSphere Information Server History information disclosure
low
4.0
-
-
-
164918
SAP Fiori Launchpad News Tile Application cross site scripting
low
5.0
-
-
-
164917
Dependabot $({curl injection
medium
6.5
-
-
-
164916
CMSuno injection [CVE-2020-25557]
medium
6.5
-
-
-
164915
CMSuno central.php injection
medium
4.9
-
-
-
164914
BD Alaris 8015 PC Unit/Alaris Systems Manager improper authentication
medium
7.5
-
-
-
164913
Nexcom NIO 50 cleartext transmission [CVE-2020-25155]
low
2.6
-
-
-
164912
Nexcom NIO 50 input validation [CVE-2020-25151]
low
5.0
-
-
-
164911
fastadmin-tp6 Ajax.php sql injection
medium
6.5
-
-
-
164910
Huawei Secospace USG6600 Protocol denial of service [CVE-2020-1847]
low
3.5
-
-
-
164909
Avaya WebLM Admin Interface xml external entity reference [CVE-2020-7032]
medium
5.8
-
-
-
164908
Apache OpenOffice Document cross site scripting [CVE-2020-13958]
low
5.0
-
-
-
164907
Intel Data Center Manager Console information disclosure [CVE-2020-8669]
low
3.5
-
-
-
164906
Avaya Equinox Conferencing Unified Portal Client cross site scripting
low
4.0
-
-
-
164905
TranzWare Payment Gateway Scripting cross site scripting [CVE-2020-28415]
low
5.0
-
-
-
164904
TranzWare Payment Gateway cross site scripting [CVE-2020-28414]
low
5.0
-
-
-
164903
FlexDotnetCMS HTTP GET Request unrestricted upload [CVE-2020-27386]
medium
6.0
-
-
-
164902
FlexDotnetCMS pathname traversal [CVE-2020-27385]
medium
6.5
-
-
-
164901
Color Dialog Plugin cross site scripting [CVE-2020-27193]
low
4.0
-
-
-
164900
Sentrifugo POST Request 2 sql injection
medium
4.7
-
-
-
164899
Sentrifugo Announcement unrestricted upload [CVE-2020-26804]
medium
4.9
-
-
-
164898
Sentrifugo unrestricted upload [CVE-2020-26803]
medium
4.9
-
-
-
164897
Couchbase Erlang Communication os command injection [CVE-2020-24719]
medium
6.0
-
-
-
164896
Intel NUC Firmware Update Tool permission [CVE-2020-24525]
medium
4.3
-
-
-
164895
Intel DSA permission [CVE-2020-24460]
low
1.7
-
-
-
164894
Intel Board ID Tool permission [CVE-2020-24456]
medium
4.3
-
-
-
164893
Intel Quartus Prime Standard Edition XML Subsystem xml external entity reference
low
4.3
-
-
-
164892
Untangle Firewall NG unknown vulnerability [CVE-2020-17494]
low
2.7
-
-
-
164891
ARM v8-M TrustZone initialization [CVE-2020-16273]
low
4.0
-
-
-
164890
Siemens SIMATIC S7-300 CPU/SINUMERIK 840D sl Service Port 102 resource consumption
low
3.5
-
-
-
164889
ResourceXpress Meeting Monitor sql injection [CVE-2020-13877]
medium
6.5
-
-
-
164888
Ivanti Endpoint Manager File Extension EditLaunchPadDialog.aspx unrestricted upload
medium
6.0
-
-
-
164887
AMD VBIOS Flash Tool SDK Driver routine [CVE-2020-12927]
medium
6.8
-
-
-
164886
AMD Trusted Platform Module toctou [CVE-2020-12926]
medium
6.2
-
-
-
164885
AMD Extension to Linux hwmon Service Linux-based Running Average Power Limit Interface routine
low
1.2
-
-
-
164884
Intel Data Center Manager Console denial of service [CVE-2020-12353]
low
4.0
-
-
-
164883
Intel XTU access control [CVE-2020-12350]
medium
4.3
-
-
-
164882
Intel Data Center Manager Console information disclosure [CVE-2020-12349]
low
4.0
-
-
-
164881
Intel Data Center Manager Console input validation [CVE-2020-12347]
medium
6.5
-
-
-
164880
Intel Battery Life Diagnostic Tool Installer permission [CVE-2020-12346]
medium
4.3
-
-
-
164879
Intel Data Center Manager Console Installer permission [CVE-2020-12345]
medium
4.3
-
-
-
164878
Intel NUC Firmware buffer overflow [CVE-2020-12337]
medium
4.3
-
-
-
164877
Intel NUC Firmware initialization [CVE-2020-12336]
low
4.3
-
-
-
164876
Intel Processor Identification Utility Installer permission [CVE-2020-12335]
medium
4.3
-
-
-
164875
Intel Advisor Tools Installer permission [CVE-2020-12334]
medium
4.3
-
-
-
164874
Intel QAT insufficiently protected credentials [CVE-2020-12333]
medium
4.3
-
-
-
164873
Intel HID Event Filter Driver Installer permission [CVE-2020-12332]
medium
4.3
-
-
-
164872
Intel Unite Cloud Service Client access control [CVE-2020-12331]
medium
4.3
-
-
-
164871
Intel Falcon 8+ UAS AscTec Thermal Viewer permission [CVE-2020-12330]
medium
4.3
-
-
-
164870
Intel VTune Profiler uncontrolled search path [CVE-2020-12329]
medium
4.3
-
-
-
164869
Intel Thunderbolt DCH Driver protection mechanism [CVE-2020-12328]
medium
4.3
-
-
-
164868
Intel Thunderbolt DCH Driver information disclosure [CVE-2020-12327]
low
1.7
-
-
-
164867
Intel Thunderbolt DCH Driver information disclosure [CVE-2020-12326]
low
1.7
-
-
-
164866
Intel Thunderbolt DCH Driver buffer overflow [CVE-2020-12325]
medium
4.3
-
-
-
164865
Intel Thunderbolt DCH Driver protection mechanism [CVE-2020-12324]
medium
4.3
-
-
-
164864
Intel ADAS IE input validation [CVE-2020-12323]
medium
4.3
-
-
-
164863
Microsoft SCS Add-on uncontrolled search path [CVE-2020-12320]
medium
4.3
-
-
-
164862
Intel EMA Credentials information disclosure [CVE-2020-12316]
low
1.7
-
-
-
164861
Intel EMA path traversal [CVE-2020-12315]
medium
7.5
-
-
-
164860
Intel CSI2 Host Controller Driver information disclosure [CVE-2020-0573]
low
1.7
-
-
-
164859
Intel S2600ST/S2600WF Firmware input validation [CVE-2020-0572]
medium
4.3
-
-
-
164858
Intel 50GbE IP Core Exception denial of service [CVE-2020-8767]
low
1.7
-
-
-
164857
Intel SGX DCAP denial of service [CVE-2020-8766]
low
3.3
-
-
-
164856
Intel CPU BIOS access control [CVE-2020-8764]
medium
4.3
-
-
-
164855
Intel CSME algorithmic complexity [CVE-2020-8761]
low
1.2
-
-
-
164854
Intel AMT Subsystem integer overflow [CVE-2020-8760]
medium
4.3
-
-
-
164853
Intel AMT Subsystem out-of-bounds read [CVE-2020-8757]
low
4.3
-
-
-
164852
Intel CSME Subsystem input validation [CVE-2020-8756]
medium
4.3
-
-
-
164851
Intel CSME/SPS Subsystem race condition [CVE-2020-8755]
low
3.7
-
-
-
164850
Intel AMT/ISM Subsystem information disclosure [CVE-2020-8754]
low
5.0
-
-
-
164849
Intel AMT/ISM DHCP Subsystem out-of-bounds read [CVE-2020-8753]
medium
7.5
-
-
-
164848
Intel AMT/ISM IPv6 subsystem out-of-bounds write [CVE-2020-8752]
medium
7.5
-
-
-
164847
Intel CSME/TXE Control Flow Management information disclosure
low
2.1
-
-
-
164846
Intel TXE Kernel Mode Driver use after free [CVE-2020-8750]
medium
4.3
-
-
-
164845
Intel AMT Subsystem out-of-bounds read [CVE-2020-8749]
medium
5.8
-
-
-
164844
Intel AMT Subsystem out-of-bounds read [CVE-2020-8747]
medium
7.5
-
-
-
164843
Intel AMT Subsystem integer overflow [CVE-2020-8746]
low
3.3
-
-
-
164842
Intel CSME/TXE Control Flow Management control flow [CVE-2020-8745]
low
4.6
-
-
-
164841
Intel CSME/TXE/SPS Initialization access control [CVE-2020-8744]
medium
4.3
-
-
-
164840
Intel CPU BIOS Platform Sample Code out-of-bounds write [CVE-2020-8740]
medium
4.3
-
-
-
164839
Intel CPU BIOS Platform Sample Code access control [CVE-2020-8739]
medium
4.3
-
-
-
164838
Intel CPU BIOS Platform Sample Code access control [CVE-2020-8738]
medium
4.3
-
-
-
164837
Intel Stratix 10 FPGA memory corruption [CVE-2020-8737]
medium
4.6
-
-
-
164836
Intel CSME/TXE/SPS/SoC Boot Guard insecure default initialization of resource
low
4.6
-
-
-
164835
Intel CPU Isolation information disclosure [CVE-2020-8698]
low
1.7
-
-
-
164834
Intel CPU information disclosure [CVE-2020-8696]
low
1.7
-
-
-
164833
Intel CPU RAPL Interface information disclosure [CVE-2020-8695]
low
1.7
-
-
-
164832
Linux CPU Linux kernel Driver information disclosure [CVE-2020-8694]
low
1.7
-
-
-
164831
Intel Ethernet 700 Series Controller Firmware memory corruption
medium
4.3
-
-
-
164830
Intel Ethernet 700 Series Controller or denial of service
low
1.7
-
-
-
164829
Intel Ethernet 700 Series Controller control flow [CVE-2020-8691]
low
1.7
-
-
-
164828
Intel Ethernet 700 Series Controller or protection mechanism
medium
4.3
-
-
-
164827
Intel Visual Compute Accelerator denial of service [CVE-2020-8677]
low
1.7
-
-
-
164826
Intel Visual Compute Accelerator access control [CVE-2020-8676]
medium
4.3
-
-
-
164825
SugarCRM Installation authorization [CVE-2020-7472]
medium
7.5
-
-
-
164824
deephas Prototype code injection [CVE-2020-28271]
medium
6.5
-
-
-
164823
object-hierarchy-access code injection [CVE-2020-28270]
medium
6.5
-
-
-
164822
field Prototype code injection [CVE-2020-28269]
medium
6.5
-
-
-
164821
lettre library Sendmail mod.rs injection
medium
4.9
-
-
-
164820
BAB eibPort lighttpd resource consumption [CVE-2020-24573]
low
3.5
-
-
-
164819
Ivanti Endpoint Manager DLL ldiscn32.exe uncontrolled search path
medium
6.8
-
-
-
164818
Ivanti Endpoint Manager Named Pipe access control [CVE-2020-13770]
medium
6.8
-
-
-
164817
Intel AMT information disclosure [CVE-2020-12356]
low
1.7
-
-
-
164816
Intel TXE RPMB Protocol Message Subsystem improper authentication
low
3.7
-
-
-
164815
Intel AMT SDK Installer permission [CVE-2020-12354]
medium
4.3
-
-
-
164814
Intel Wireless Bluetooth denial of service [CVE-2020-12322]
low
2.9
-
-
-
164813
Intel Wireless Bluetooth buffer overflow [CVE-2020-12321]
medium
5.8
-
-
-
164812
Intel PROSet/Wireless WiFi Control Flow Management denial of service
low
2.9
-
-
-
164811
Intel PROSet/Wireless WiFi protection mechanism [CVE-2020-12318]
medium
4.3
-
-
-
164810
Intel PROSet/Wireless Software memory corruption [CVE-2020-12317]
medium
3.3
-
-
-
164809
Intel PROSet/Wireless WiFi denial of service [CVE-2020-12314]
low
2.9
-
-
-
164808
Intel Stratix 10 FPGA buffer overflow [CVE-2020-12312]
medium
4.6
-
-
-
164807
Intel Client SSD/Data Center SSD Control Flow Management information disclosure
low
1.9
-
-
-
164806
Intel Client SSD/Data Center SSD Control Flow Management information disclosure
low
1.9
-
-
-
164805
Intel Client SSD/Data Center SSD information disclosure [CVE-2020-12309]
low
2.1
-
-
-
164804
Intel Computing Improvement Program Access Control information disclosure
low
4.0
-
-
-
164803
Intel High Definition Audio Driver permission [CVE-2020-12307]
medium
4.3
-
-
-
164802
Intel RealSense D400 Series Dynamic Calibration Tool permission
medium
4.3
-
-
-
164801
Intel DAL SDK Access Control access control [CVE-2020-12304]
medium
4.3
-
-
-
164800
Intel CSME/TXE DAL Subsystem use after free [CVE-2020-12303]
medium
4.3
-
-
-
164799
Intel CSME Driver/TXE access control [CVE-2020-12297]
medium
4.3
-
-
-
164798
Intel CPU BIOS buffer overflow [CVE-2020-0593]
medium
4.3
-
-
-
164797
Intel CPU BIOS out-of-bounds write [CVE-2020-0592]
medium
4.3
-
-
-
164796
Intel CPU BIOS buffer overflow [CVE-2020-0591]
medium
4.3
-
-
-
164795
Intel CPU BIOS input validation [CVE-2020-0590]
medium
4.3
-
-
-
164794
Intel CPU BIOS access control [CVE-2020-0588]
medium
4.3
-
-
-
164793
Intel CPU BIOS access control [CVE-2020-0587]
medium
4.3
-
-
-
164792
Intel DC P4800X/DC P4801X/Optane 900P/Optane 905P denial of service
low
1.7
-
-
-
164791
Intel Unite Client information disclosure [CVE-2020-0575]
low
1.7
-
-
-
164790
Apache Batik GET Request server-side request forgery [CVE-2019-17566]
medium
5.2
-
-
-
164789
Intel Media SDK permission [CVE-2019-11121]
medium
4.3
-
-
-
164788
Google Chrome Site Isolation use after free [CVE-2020-16017]
medium
7.5
-
-
-
164787
Google Chrome v8 Remote Code Execution [CVE-2020-16013]
medium
7.5
-
-
-
164786
Huawei FusionCompute Encryption Algorithm information disclosure
low
1.4
-
-
-
164785
Good Layers LMS Plugin POST Parameter wp_ajax_nopriv sql injection
medium
7.5
-
-
-
164784
Cacti Template Import templates_import.php cross site scripting
low
5.0
-
-
-
164783
Python-RSA information disclosure [CVE-2020-25658]
low
1.8
-
-
-
164782
Apache CXF services cross site scripting
low
4.0
-
-
-
164781
json8 Prototype code injection [CVE-2020-7770]
medium
7.5
-
-
-
164780
nodemailer Email Address command injection [CVE-2020-7769]
medium
7.5
-
-
-
164779
McAfee Endpoint Security Firewall ePO Extension cross site scripting
low
3.3
-
-
-
164778
McAfee Endpoint Security Firewall ePO Extension cross-site request forgery
low
4.0
-
-
-
164777
McAfee Endpoint Security unquoted search path [CVE-2020-7331]
low
1.7
-
-
-
164776
Qualcomm Snapdragon Auto SIP sigcomp Message memory corruption
medium
5.2
-
-
-
164775
Qualcomm Snapdragon Compute/Snapdragon Mobile memory corruption
medium
5.2
-
-
-
164774
Qualcomm Snapdragon DSP Process improper authorization [CVE-2020-11209]
medium
5.2
-
-
-
164773
Qualcomm Snapdragon DSP Services memory corruption [CVE-2020-11208]
medium
5.2
-
-
-
164772
Qualcomm Snapdragon Auto LibFastCV buffer overflow [CVE-2020-11207]
medium
5.2
-
-
-
164771
Qualcomm Snapdragon Auto Fastrpc buffer overflow [CVE-2020-11206]
medium
5.2
-
-
-
164770
Qualcomm Snapdragon Auto integer overflow [CVE-2020-11205]
medium
4.9
-
-
-
164769
Qualcomm Snapdragon Auto Library buffer overflow [CVE-2020-11202]
medium
5.2
-
-
-
164768
Qualcomm Snapdragon Auto Library memory corruption [CVE-2020-11201]
medium
5.2
-
-
-
164767
Qualcomm Snapdragon Auto ASF Clip integer overflow [CVE-2020-11196]
medium
4.9
-
-
-
164766
Qualcomm Snapdragon Auto MKV Clip buffer overflow [CVE-2020-11193]
medium
5.2
-
-
-
164765
Qualcomm Snapdragon Auto MP4 Clip buffer overflow [CVE-2020-11184]
medium
5.2
-
-
-
164764
Qualcomm Snapdragon Auto Bluetooth Transport Driver use after free
medium
4.9
-
-
-
164763
Qualcomm Snapdragon Auto Data Buffer buffer overflow [CVE-2020-11168]
medium
5.2
-
-
-
164762
Qualcomm Snapdragon Auto GUID Attribute buffer overflow [CVE-2020-11132]
medium
5.2
-
-
-
164761
Qualcomm Snapdragon Auto WMA Message integer overflow [CVE-2020-11131]
medium
4.9
-
-
-
164760
Qualcomm Snapdragon Auto WiFi HAL buffer overflow [CVE-2020-11130]
medium
5.2
-
-
-
164759
Qualcomm Snapdragon Auto Extensible Boot Loader integer overflow
medium
4.9
-
-
-
164758
Qualcomm Snapdragon Auto Gatekeeper Trustzone information disclosure
low
3.5
-
-
-
164757
Qualcomm Snapdragon Auto WiFi HAL buffer overflow [CVE-2020-11121]
medium
5.2
-
-
-
164756
Cisco IOS XR Ingress Packet Processor denial of service [CVE-2020-26070]
medium
7.8
-
-
-
164755
NVIDIA GeForce NOW OpenSSL Dependency uncontrolled search path
low
4.3
-
-
-
164754
touchbase.ai cross site scripting [CVE-2020-26221]
low
5.0
-
-
-
164753
toucbase.ai EXIF Data information disclosure [CVE-2020-26220]
low
4.0
-
-
-
164752
touchbase.ai redirect [CVE-2020-26219]
low
5.1
-
-
-
164751
touchbase.ai cross site scripting [CVE-2020-26218]
low
4.0
-
-
-
164750
Palo Alto PAN-OS GlobalProtect Gateway improper authorization
medium
7.5
-
-
-
164749
Palo Alto PAN-OS Log File log file [CVE-2020-2048]
low
1.7
-
-
-
164748
Palo Alto PAN-OS Panorama Software information disclosure [CVE-2020-2022]
low
2.6
-
-
-
164747
Palo Alto PAN-OS Management Web Interface os command injection
medium
8.3
-
-
-
164746
Palo Alto PAN-OS Signature-Based Threat Detection Engine unusual condition
low
5.0
-
-
-
164745
Lenovo Notebook VariableServiceSmm Driver toctou [CVE-2020-8354]
medium
5.9
-
-
-
164744
Lenovo Desktop/Workstation EHBC config [CVE-2020-8353]
low
4.3
-
-
-
164743
Lenovo Desktop Configuration Change Detection BIOS Setting security check for standard
low
2.1
-
-
-
164742
Vmware Pivotal Scheduler missing encryption [CVE-2020-5426]
low
2.6
-
-
-
164741
Audi A7 MMI Multiplayer format string [CVE-2020-27524]
medium
5.2
-
-
-
164740
Solstice-Pod WebRTC Server denial of service [CVE-2020-27523]
low
4.3
-
-
-
164739
MoinMoin SVG File hard-coded credentials [CVE-2020-15275]
low
4.0
-
-
-
164738
IBM Cognos Controller privileges management [CVE-2020-4685]
medium
6.8
-
-
-
164737
grpc/grpc-js Prototype loadPackageDefinition code injection
medium
7.5
-
-
-
164736
express-validators URL incorrect regex [CVE-2020-7767]
medium
7.5
-
-
-
164735
Adobe Reader Mobile information disclosure [CVE-2020-24441]
low
2.3
-
-
-
164734
Adobe Connect cross site scripting [CVE-2020-24443]
low
4.0
-
-
-
164733
Adobe Connect cross site scripting [CVE-2020-24442]
low
4.0
-
-
-
164732
McAfee MVision Endpoint DNS Request server-side request forgery
medium
5.8
-
-
-
164731
McAfee MVision Endpoint HTTP Request server-side request forgery
medium
5.8
-
-
-
164730
AccountsService .pam_environment infinite loop
low
1.7
-
-
-
164729
AccountsService D-Bus Message privileges management [CVE-2020-16126]
medium
4.3
-
-
-
164728
Microsoft Edge memory corruption [CVE-2020-17052]
low
5.1
-
-
-
164727
Microsoft Edge memory corruption [CVE-2020-17058]
medium
7.6
-
-
-
164726
Microsoft Windows WalletService privileges management [CVE-2020-17037]
medium
6.8
-
-
-
164725
Microsoft Windows WalletService information disclosure [CVE-2020-16999]
low
4.6
-
-
-
164724
Microsoft Windows Update Orchestrator Service privileges management
medium
6.8
-
-
-
164723
Microsoft Windows Update Stack privileges management [CVE-2020-17077]
medium
6.8
-
-
-
164722
Microsoft Windows Update Medic Service privileges management
medium
6.8
-
-
-
164721
Microsoft Windows USO Core Worker privileges management [CVE-2020-17075]
medium
6.8
-
-
-
164720
Microsoft Windows Delivery Optimization information disclosure
low
4.6
-
-
-
164719
Microsoft Windows Update Orchestrator Service privileges management
medium
6.8
-
-
-
164718
Microsoft Windows Update Orchestrator Service privileges management
medium
6.8
-
-
-
164717
Microsoft Windows NDIS information disclosure [CVE-2020-17069]
low
4.6
-
-
-
164716
Microsoft Windows Kernel privileges management [CVE-2020-17087]
medium
6.8
-
-
-
164715
Microsoft Windows Kernel privileges management [CVE-2020-17035]
medium
6.8
-
-
-
164714
Microsoft Windows Defender for Endpoint Security information disclosure
low
5.4
-
-
-
164713
Microsoft Visual Studio unknown vulnerability [CVE-2020-17100]
low
4.6
-
-
-
164712
Microsoft Visual Studio Code JSHint Extension input validation
medium
10.0
-
-
-
164711
Microsoft HEVC Video Extensions Remote Code Execution [CVE-2020-17109]
medium
10.0
-
-
-
164710
Microsoft HEVC Video Extensions Remote Code Execution [CVE-2020-17108]
medium
10.0
-
-
-
164709
Microsoft Windows Camera Codec information disclosure [CVE-2020-17113]
low
4.6
-
-
-
164708
Microsoft HEVC Video Extensions Remote Code Execution [CVE-2020-17110]
medium
10.0
-
-
-
164707
Microsoft HEVC Video Extensions Remote Code Execution [CVE-2020-17107]
medium
10.0
-
-
-
164706
Microsoft Raw Image Extension Remote Code Execution [CVE-2020-17078]
medium
10.0
-
-
-
164705
Microsoft Raw Image Extension Local Privilege Escalation [CVE-2020-17079]
medium
7.2
-
-
-
164704
Microsoft Raw Image Extension information disclosure [CVE-2020-17081]
low
4.9
-
-
-
164703
Microsoft Raw Image Extension Remote Code Execution [CVE-2020-17086]
medium
10.0
-
-
-
164702
Microsoft Raw Image Extension Remote Code Execution [CVE-2020-17082]
medium
10.0
-
-
-
164701
Microsoft WebP Image Extension information disclosure [CVE-2020-17102]
low
4.9
-
-
-
164700
Microsoft AV1 Video Extension Remote Code Execution [CVE-2020-17105]
medium
10.0
-
-
-
164699
Microsoft HEIF Image Extension Remote Code Execution [CVE-2020-17101]
medium
10.0
-
-
-
164698
Microsoft HEVC Video Extensions Remote Code Execution [CVE-2020-17106]
medium
10.0
-
-
-
164697
Microsoft Windows Bind Filter Driver privileges management [CVE-2020-17012]
medium
6.8
-
-
-
164696
Microsoft Windows Port Class Library privileges management [CVE-2020-17011]
medium
6.8
-
-
-
164695
Microsoft Windows Win32k information disclosure [CVE-2020-17013]
low
4.6
-
-
-
164694
Microsoft Windows Client Side Rendering Print Provider privileges management
medium
6.8
-
-
-
164693
Microsoft Windows privileges management [CVE-2020-17025]
medium
9.0
-
-
-
164692
Microsoft Windows Print Spooler privileges management [CVE-2020-17014]
medium
6.8
-
-
-
164691
Microsoft Windows Error Reporting privileges management [CVE-2020-17007]
medium
6.0
-
-
-
164690
Microsoft Windows Win32 privileges management [CVE-2020-17010]
medium
6.8
-
-
-
164689
Microsoft Windows privileges management [CVE-2020-17055]
medium
9.0
-
-
-
164688
Microsoft Windows Network File System information disclosure
low
4.6
-
-
-
164687
Microsoft Windows Win32k privileges management [CVE-2020-17057]
medium
6.0
-
-
-
164686
Microsoft Windows Print Spooler privileges management [CVE-2020-17001]
medium
6.8
-
-
-
164685
Microsoft Windows Remote Desktop Protocol Server information disclosure
medium
6.8
-
-
-
164684
Microsoft Windows unknown vulnerability [CVE-2020-1599]
low
4.9
-
-
-
164683
Microsoft Windows Remote Desktop Protocol Client information disclosure
medium
6.8
-
-
-
164682
Microsoft Windows Function Discovery SSDP Provider information disclosure
low
4.6
-
-
-
164681
Microsoft Windows Network File System denial of service [CVE-2020-17047]
medium
7.8
-
-
-
164680
Microsoft Windows Hyper-V improper authentication [CVE-2020-17040]
medium
6.4
-
-
-
164679
Microsoft Windows Network File System Remote Code Execution [CVE-2020-17051]
high
10.0
-
-
-
164678
Microsoft Windows Kerberos privileges management [CVE-2020-17049]
medium
6.8
-
-
-
164677
Microsoft Windows privileges management [CVE-2020-17034]
medium
9.0
-
-
-
164676
Microsoft Windows Print Configuration privileges management [CVE-2020-17041]
medium
6.8
-
-
-
164675
Microsoft Windows Print Spooler Remote Code Execution [CVE-2020-17042]
medium
10.0
-
-
-
164674
Microsoft Windows privileges management [CVE-2020-17043]
medium
9.0
-
-
-
164673
Microsoft Windows Error Reporting denial of service [CVE-2020-17046]
low
4.6
-
-
-
164672
Microsoft Windows KernelStream information disclosure [CVE-2020-17045]
low
4.6
-
-
-
164671
Microsoft Windows privileges management [CVE-2020-17044]
medium
9.0
-
-
-
164670
Microsoft Windows privileges management [CVE-2020-17028]
medium
9.0
-
-
-
164669
Microsoft Windows MSCTF Server information disclosure [CVE-2020-17030]
low
4.6
-
-
-
164668
Microsoft Windows privileges management [CVE-2020-17027]
medium
9.0
-
-
-
164667
Microsoft Windows privileges management [CVE-2020-17031]
medium
9.0
-
-
-
164666
Microsoft Windows privileges management [CVE-2020-17026]
medium
9.0
-
-
-
164665
Microsoft Windows privileges management [CVE-2020-17033]
medium
9.0
-
-
-
164664
Microsoft Windows privileges management [CVE-2020-17032]
medium
9.0
-
-
-
164663
Microsoft Teams Local Privilege Escalation [CVE-2020-17091]
medium
7.2
-
-
-
164662
Microsoft Edge/ChakraCore memory corruption [CVE-2020-17054]
low
5.1
-
-
-
164661
Microsoft Internet Explorer memory corruption [CVE-2020-17052]
low
5.1
-
-
-
164660
Microsoft Internet Explorer memory corruption [CVE-2020-17053]
low
5.1
-
-
-
164659
Microsoft Edge/ChakraCore memory corruption [CVE-2020-17048]
low
5.1
-
-
-
164658
Microsoft SharePoint Server input validation [CVE-2020-17060]
low
5.5
-
-
-
164657
Microsoft SharePoint Server Remote Privilege Escalation [CVE-2020-17061]
medium
9.0
-
-
-
164656
Microsoft SharePoint Server information disclosure [CVE-2020-17017]
low
4.9
-
-
-
164655
Microsoft SharePoint Server input validation [CVE-2020-17015]
low
5.0
-
-
-
164654
Microsoft SharePoint Server information disclosure [CVE-2020-16979]
low
4.9
-
-
-
164653
Microsoft SharePoint Server input validation [CVE-2020-17016]
medium
9.0
-
-
-
164652
Microsoft Office improper authentication [CVE-2020-17020]
low
2.1
-
-
-
164651
Microsoft Office/365 Apps for Enterprise input validation [CVE-2020-17063]
medium
7.1
-
-
-
164650
Microsoft Office Access Connectivity Engine Remote Code Execution
medium
7.5
-
-
-
164649
Microsoft Excel Remote Code Execution [CVE-2020-17067]
medium
7.5
-
-
-
164648
Microsoft Excel memory corruption [CVE-2020-17019]
medium
7.5
-
-
-
164647
Microsoft Excel memory corruption [CVE-2020-17066]
medium
7.5
-
-
-
164646
Microsoft Excel memory corruption [CVE-2020-17064]
medium
7.5
-
-
-
164645
Microsoft Excel memory corruption [CVE-2020-17065]
medium
7.5
-
-
-
164644
Microsoft Windows GDI+ Local Privilege Escalation [CVE-2020-17068]
medium
6.8
-
-
-
164643
Microsoft Windows Graphics privileges management [CVE-2020-17038]
medium
6.8
-
-
-
164642
Microsoft Windows Graphics information disclosure [CVE-2020-17004]
low
4.6
-
-
-
164641
Microsoft Windows Canonical Display Driver information disclosure
low
4.6
-
-
-
164640
Microsoft Windows DirectX privileges management [CVE-2020-16998]
medium
6.0
-
-
-
164639
Microsoft Exchange Server buffer overflow [CVE-2020-17084]
medium
7.1
-
-
-
164638
Microsoft Exchange Server denial of service [CVE-2020-17085]
low
6.4
-
-
-
164637
Microsoft Exchange Server cross site scripting [CVE-2020-17083]
low
4.6
-
-
-
164636
Microsoft Dynamics CRM cross site scripting [CVE-2020-17006]
low
5.5
-
-
-
164635
Microsoft Dynamics 365 cross site scripting [CVE-2020-17021]
low
5.5
-
-
-
164634
Microsoft Dynamics 365 cross site scripting [CVE-2020-17018]
low
5.5
-
-
-
164633
Microsoft Dynamics 365 cross site scripting [CVE-2020-17005]
low
5.5
-
-
-
164632
Microsoft Internet Explorer memory corruption [CVE-2020-17058]
medium
7.6
-
-
-
164631
Microsoft Windows Common Log File System Driver privileges management
medium
6.8
-
-
-
164630
Microsoft Azure Sphere Local Privilege Escalation [CVE-2020-16991]
medium
6.1
-
-
-
164629
Microsoft Azure Sphere information disclosure [CVE-2020-16990]
low
4.9
-
-
-
164628
Microsoft Azure Sphere privileges management [CVE-2020-16989]
low
5.3
-
-
-
164627
Microsoft Azure Sphere privileges management [CVE-2020-16992]
medium
5.9
-
-
-
164626
Microsoft Azure Sphere double free [CVE-2020-16970]
medium
6.2
-
-
-
164625
Microsoft Azure Sphere Local Privilege Escalation [CVE-2020-16994]
medium
6.1
-
-
-
164624
Microsoft Azure Sphere privileges management [CVE-2020-16993]
low
5.3
-
-
-
164623
Microsoft Azure Sphere privileges management [CVE-2020-16988]
medium
5.9
-
-
-
164622
Microsoft Azure Sphere Local Privilege Escalation [CVE-2020-16983]
low
5.6
-
-
-
164621
Microsoft Azure Sphere Local Privilege Escalation [CVE-2020-16982]
low
5.9
-
-
-
164620
Microsoft Azure Sphere privileges management [CVE-2020-16981]
low
5.9
-
-
-
164619
Microsoft Azure Sphere Local Privilege Escalation [CVE-2020-16984]
medium
6.1
-
-
-
164618
Microsoft Azure Sphere Local Privilege Escalation [CVE-2020-16987]
medium
6.1
-
-
-
164617
Microsoft Azure Sphere denial of service [CVE-2020-16986]
low
4.9
-
-
-
164616
Microsoft Azure Sphere information disclosure [CVE-2020-16985]
low
4.9
-
-
-
164615
Microsoft Azure DevOps Server unknown vulnerability [CVE-2020-1325]
low
5.5
-
-
-
164614
Dundas BI Event cross site scripting [CVE-2020-28409]
low
4.0
-
-
-
164613
Dundas BI Dashboard cross site scripting [CVE-2020-28408]
low
4.0
-
-
-
164612
Xen Energy Monitoring Interface information disclosure [CVE-2020-28368]
low
3.3
-
-
-
164611
SAP Fiori Launchpad News Tile Application server-side request forgery
medium
7.5
-
-
-
164610
SAP Process Integration PGP Module Business-to-Business Add On information disclosure
low
3.3
-
-
-
164609
SAP Commerce Cloud Accelerator Payment Mock server-side request forgery
medium
7.5
-
-
-
164608
News ILIAS Magpie RSS injection [CVE-2020-25268]
medium
6.0
-
-
-
164607
ILIAS question-pool file-upload Preview cross site scripting
low
4.0
-
-
-
164606
BlueStacks File Permission access control [CVE-2020-24367]
medium
4.3
-
-
-
164605
Canto Plugin download.php server-side request forgery [CVE-2020-24063]
medium
5.2
-
-
-
164604
Ilex Sign&Go Workstation Security Suite 000-sngWSService1.log symlink
medium
4.3
-
-
-
164603
Subrion CMS Plugin cross-site request forgery [CVE-2019-7357]
low
5.0
-
-
-
164602
json-ptr Prototype set code injection
medium
7.5
-
-
-
164601
SAP ERP/S-4 HANA authorization [CVE-2020-6316]
medium
4.0
-
-
-
164600
Dell Inspiron 15 7579 2-in-1 BIOS SMM Communication buffer overflow
medium
5.9
-
-
-
164599
IBM Content Navigator Web UI cross site scripting [CVE-2020-4760]
low
4.0
-
-
-
164598
IBM Content Navigator Web UI cross site scripting [CVE-2020-4704]
low
4.0
-
-
-
164597
IBM Tivoli Key Lifecycle Manager insufficiently protected credentials
medium
4.6
-
-
-
164596
strikeentco set code injection [CVE-2020-28267]
medium
6.5
-
-
-
164595
TCL V8-R851T02-LF1/V8-T658T01-LF1 tcl Local Privilege Escalation
low
4.3
-
-
-
164594
TCL V8-R851T02-LF1/V8-T658T01-LF1 Web Server information disclosure
low
3.3
-
-
-
164593
TIBCO iProcess Workspace cross-site request forgery [CVE-2020-27146]
low
5.0
-
-
-
164592
SAP Solution Manager Upgrade Legacy Ports Service authorization
medium
7.5
-
-
-
164591
SAP Solution Manager Upgrade Diagnostics Agent Connection Service authorization
medium
7.5
-
-
-
164590
SAP Solution Manager Outside Discovery Configuration Service authorization
medium
7.5
-
-
-
164589
SAP Solution Manager SVG Converter Service authorization [CVE-2020-26821]
medium
7.5
-
-
-
164588
SAP NetWeaver AS JAVA Administrator Console access control [CVE-2020-26820]
medium
5.8
-
-
-
164587
SAP NetWeaver AS ABAP Log File access control [CVE-2020-26819]
medium
6.5
-
-
-
164586
SAP NetWeaver AS ABAP information disclosure [CVE-2020-26818]
low
4.0
-
-
-
164585
SAP 3D Visual Enterprise Viewer HPGL File denial of service [CVE-2020-26817]
low
5.0
-
-
-
164584
SAP Commerce Cloud Commerce Module denial of service [CVE-2020-26810]
low
5.0
-
-
-
164583
SAP Commerce Cloud Secure Media Folder medias improper authentication
medium
7.5
-
-
-
164582
SAP AS ABAP/S4 HANA code injection [CVE-2020-26808]
medium
8.3
-
-
-
164581
SAP ERP Client for E-Bilanz Filesystem Permission permission
medium
4.3
-
-
-
164580
MoinMoin HTTP Request cache.py pathname traversal
medium
6.5
-
-
-
164579
Apache Airflow Experimental API improper authentication [CVE-2020-13927]
medium
5.8
-
-
-
164578
Vivo Frame Touch Module denial of service [CVE-2020-12485]
low
1.7
-
-
-
164577
A10 ACOS/aGalaxy Graphical User Interface Remote Code Execution
medium
7.5
-
-
-
164576
Google Android ConnectivityService.java callCallbackForRequest permission assignment
low
1.7
-
-
-
164575
Google Android BeamTransferManager.java updateNotification default permission
medium
4.3
-
-
-
164574
Google Android exif-entry.c exif_entry_get_value integer overflow
high
10.0
-
-
-
164573
Google Android sbrdecoder.cpp sbrDecoder_AssignQmfChannels2SbrChannels out-of-bounds write
medium
10.0
-
-
-
164572
Google Android rw_i93.cc rw_i93_sm_format initialization
low
2.1
-
-
-
164571
Google Android btm_sec.cc btm_sec_disconnected use after free
medium
10.0
-
-
-
164570
Google Android TelecomServiceImpl.java getPhoneAccountsForPackage information disclosure
low
1.7
-
-
-
164569
Google Android out-of-bounds write [CVE-2020-0447]
medium
5.2
-
-
-
164568
Google Android out-of-bounds write [CVE-2020-0446]
high
10.0
-
-
-
164567
Google Android out-of-bounds write [CVE-2020-0445]
high
10.0
-
-
-
164566
Google Android LocaleList.java LocaleList unusual condition
low
1.7
-
-
-
164565
Google Android UI Notification.java toBundle denial of service
low
5.0
-
-
-
164564
Google Android Notification Notification.java toBundle resource consumption
low
5.0
-
-
-
164563
Google Android PackageManagerService.java generatePackageInfo permission
medium
4.3
-
-
-
164562
Google Android ibinder.cpp AIBinder_Class uninitialized pointer
low
4.3
-
-
-
164561
Google Android CellBroadcastReceiver's denial of service [CVE-2020-0437]
low
1.7
-
-
-
164560
Google Android res_send.cpp send_vc out-of-bounds read
low
1.7
-
-
-
164559
Google Android Utils.java getPermissionInfosForGroup permission
medium
4.3
-
-
-
164558
Google Android FileMap.cpp out-of-bounds write
medium
4.3
-
-
-
164557
gdm3 gnome-initial-setup unusual condition [CVE-2020-16125]
low
4.3
-
-
-
164556
IBM FileNet Content Manager csv injection [CVE-2020-4759]
medium
5.8
-
-
-
164555
IBM Maximo Spatial Asset Management cross-site request forgery
low
5.0
-
-
-
164554
IBM Maximo Spatial Asset Management Local Cache information disclosure
low
1.7
-
-
-
164553
Netgear R6250 upnpd buffer overflow [CVE-2020-28373]
medium
5.2
-
-
-
164552
ReadyTalk Avian FileOutputStream.java FileOutputStream.write integer overflow
medium
4.9
-
-
-
164551
Locust Web UI cross site scripting [CVE-2020-28364]
low
4.0
-
-
-
164550
CapaSystems CapaInstaller Privileges access control [CVE-2020-27977]
medium
5.2
-
-
-
164549
Trend Micro Interscan Messaging Security Virtual Appliance Library unknown vulnerability
low
4.9
-
-
-
164548
Trend Micro Interscan Messaging Security Virtual Appliance Password Storage unknown vulnerability
low
1.4
-
-
-
164547
Trend Micro Interscan Messaging Security Virtual Appliance information disclosure
low
2.3
-
-
-
164546
Trend Micro Interscan Messaging Security Virtual Appliance server-side request forgery
medium
6.5
-
-
-
164545
Trend Micro Interscan Messaging Security Virtual Appliance XML External Entity xml external entity reference
low
3.3
-
-
-
164544
Trend Micro Interscan Messaging Security Virtual Appliance cross-site request forgery
low
4.0
-
-
-
164543
Simple LDAP Plugin Microsoft Active Directory Authentication improper authentication
medium
5.8
-
-
-
164542
Hazelcast IMDG Enterprise/Jet Enterprise LdapLoginModule members improper authentication
medium
5.8
-
-
-
164541
Microweber User Change session expiration [CVE-2020-23140]
low
2.3
-
-
-
164540
Microweber user session [CVE-2020-23139]
low
4.3
-
-
-
164539
Microweber Admin Account Page unrestricted upload [CVE-2020-23138]
medium
4.9
-
-
-
164538
Microweber session expiration [CVE-2020-23136]
medium
5.2
-
-
-
164537
Red Hat KeyCloak URL Transformation path traversal [CVE-2020-14366]
medium
7.5
-
-
-
164536
Atlassian gajira-comment GitHub Action Remote Privilege Escalation
medium
6.0
-
-
-
164535
Atlassian gajira-create GitHub Action preprocessArgs Remote Privilege Escalation
medium
6.0
-
-
-
164534
Netflix Dispatch Access Control access control [CVE-2020-9300]
medium
6.5
-
-
-
164533
Netflix Dispatch Incident Priority cross site scripting [CVE-2020-9299]
low
4.0
-
-
-
164532
Brave Browser Desktop's Privacy-Preserving Analytics System cleartext storage
low
1.7
-
-
-
164531
json8-merge-patch Package Constructor code injection [CVE-2020-8268]
medium
5.2
-
-
-
164530
Nextcloud Server Encrypted File downgrade [CVE-2020-8150]
low
1.4
-
-
-
164529
Nextcloud Server Passphrase signature verification [CVE-2020-8133]
medium
5.2
-
-
-
164528
Red Hat Advanced Cluster Management for Kubernetes ManagedClusterView API permission
medium
5.2
-
-
-
164527
PEGA Platform Request Header cross site scripting [CVE-2020-24353]
low
4.0
-
-
-
164526
BitDefender Endpoint Security Tools Update Server/BEST Relay server-side request forgery
medium
4.3
-
-
-
164525
Mitel ShoreTel Home Meeting Page index.php cross site scripting
low
5.0
-
-
-
164524
ChirpStack Network Server Frequency Attribute collect.go CollectAndCallOnceCollect denial of service [Disputed]
low
2.3
-
-
-
164523
Magento File Upload unrestricted upload [CVE-2020-24407]
medium
5.8
-
-
-
164522
Magento Installation information disclosure [CVE-2020-24406]
low
5.0
-
-
-
164521
Magento Inventory Module improper authorization [CVE-2020-24405]
medium
5.2
-
-
-
164520
Magento Integrations improper authorization [CVE-2020-24404]
medium
5.5
-
-
-
164519
Magento Inventory Source permission [CVE-2020-24403]
medium
6.5
-
-
-
164518
Magento Integrations improper authorization [CVE-2020-24402]
medium
6.5
-
-
-
164517
Magento Authorization authorization [CVE-2020-24401]
medium
6.5
-
-
-
164516
Magento sql injection [CVE-2020-24400]
medium
5.2
-
-
-
164515
find-my-way Package Route denial of service [CVE-2020-7764]
low
2.6
-
-
-
164514
TP-LINK Archer A7 AC1750 os command injection [CVE-2020-28347]
medium
6.5
-
-
-
164513
Server Status HTTP Status/SMTP Status cross site scripting
low
4.0
-
-
-
164512
Countdown Timer Macro cross site scripting
low
4.0
-
-
-
164511
Linking New Windows Macro cross site scripting
low
4.0
-
-
-
164510
Refined Toolkit UI-Image/UI-Button cross site scripting
low
4.0
-
-
-
164509
PlantUML Database Information Macro cross site scripting
low
4.0
-
-
-
164508
LG Mobile Devices Wi-Fi Subsystem denial of service [CVE-2020-28345]
low
2.3
-
-
-
164507
LG Mobile Devices System Service denial of service [CVE-2020-28344]
low
2.3
-
-
-
164506
Samsung Mobile Devices NPU Driver memory corruption [CVE-2020-28343]
medium
5.2
-
-
-
164505
Samsung Mobile Devices S Secure Application improper authentication
medium
4.6
-
-
-
164504
Samsung Mobile Devices S3K250AF Secure Element CC EAL 5+ Chip buffer overflow
medium
5.2
-
-
-
164503
Samsung Mobile Devices Factory Reset Protection unknown vulnerability
low
4.9
-
-
-
164502
usc-e-shop Plugin usces_unserialize injection
medium
6.5
-
-
-
164501
PackageKit Repository privileges management [CVE-2020-16122]
medium
5.2
-
-
-
164500
PackageKit information exposure [CVE-2020-16121]
low
2.3
-
-
-
164499
NetApp SANtricity OS Controller Software Transmission cleartext transmission
low
2.6
-
-
-
164498
Nessus Network Monitor path traversal [CVE-2020-5794]
medium
4.3
-
-
-
164497
Cisco WebEx Network Recording Player/Webex Player Email Attachment memory corruption
medium
7.5
-
-
-
164496
Cisco WebEx Network Recording Player/Webex Player Email Attachment memory corruption
medium
7.5
-
-
-
164495
Cisco SD-WAN CLI privileges management [CVE-2020-3600]
medium
6.8
-
-
-
164494
Cisco SD-WAN privileges management [CVE-2020-3595]
medium
6.8
-
-
-
164493
Cisco SD-WAN privileges management [CVE-2020-3594]
medium
6.8
-
-
-
164492
Cisco SD-WAN privileges management [CVE-2020-3593]
medium
6.8
-
-
-
164491
Cisco SD-WAN vManage Web-based Management Interface improper authorization
medium
6.5
-
-
-
164490
Cisco SD-WAN vManage Web-based Management Interface cross site scripting
low
4.0
-
-
-
164489
Cisco SD-WAN vManage Web-based Management Interface cross site scripting
low
4.0
-
-
-
164488
Cisco Webex Meetings Desktop App Virtualization Channel Messaging path traversal
medium
4.3
-
-
-
164487
Cisco SD-WAN vManage Web-based Management Interface cross site scripting
low
4.0
-
-
-
164486
Cisco SD-WAN vManage Web-based Management Interface cross site scripting
low
5.0
-
-
-
164485
Cisco IP Phone TCP Ingress denial of service [CVE-2020-3574]
medium
7.8
-
-
-
164484
Cisco WebEx Network Recording Player/Webex Player Email Attachment memory corruption
medium
7.5
-
-
-
164483
Cisco AnyConnect Secure Mobility Client Interprocess Communication input validation
medium
4.6
-
-
-
164482
Cisco Identity Services Engine Web-based Management Interface cross site scripting
low
5.0
-
-
-
164481
Cisco SD-WAN Packet Filter input validation [CVE-2020-3444]
medium
7.5
-
-
-
164480
Cisco Integrated Management Controller Web UI os command injection
medium
6.5
-
-
-
164479
Cisco IOS Preboot eXecution Environment Boot Loader access control
high
10.0
-
-
-
164478
SuiteCRM File Name php logger_file_name access control
medium
6.5
-
-
-
164477
Asterisk PBX SIP Invite res_pjsip_session denial of service
low
3.5
-
-
-
164476
Axios Package Redirect server-side request forgery [CVE-2020-28168]
medium
5.2
-
-
-
164475
Cisco SD-WAN vManage CLI argument injection [CVE-2020-27129]
medium
4.3
-
-
-
164474
Cisco SD-WAN vManage Application Data Endpoint path traversal
medium
6.5
-
-
-
164473
Cisco AnyConnect Secure Mobility Client Interprocess Communication routine
medium
4.3
-
-
-
164472
Cisco Identity Services Engine Active Directory Account privileges assignment
medium
6.5
-
-
-
164471
Cisco Unified Communications Manager IM & Presence Service XCP Authentication Service denial of service
low
4.0
-
-
-
164470
Alerta improper authentication [CVE-2020-26214]
medium
7.5
-
-
-
164469
teler Error denial of service [CVE-2020-26213]
low
2.3
-
-
-
164468
Cisco TelePresence Collaboration Endpoint Video Endpoint API exposure of resource
medium
6.5
-
-
-
164467
Cisco Edge Fog Fabric REST API exposure of resource [CVE-2020-26084]
medium
6.5
-
-
-
164466
Cisco Identity Services Engine Web-based Management Interface cross site scripting
low
4.0
-
-
-
164465
B. Braun OnlineSuite DLL uncontrolled search path [CVE-2020-25174]
medium
4.3
-
-
-
164464
B. Braun OnlineSuite path traversal [CVE-2020-25172]
medium
5.8
-
-
-
164463
B. Braun OnlineSuite Excel Export injection [CVE-2020-25170]
medium
5.2
-
-
-
164462
ad-ldap-connector Admin Panel cross-site request forgery [CVE-2020-15259]
low
5.0
-
-
-
164461
Raptor RDF Syntax Library raptor_xml_writer.c raptor_xml_writer_start_element_common buffer overflow
medium
5.2
-
-
-
164460
NetApp SANtricity OS Controller Software denial of service [CVE-2020-8580]
low
2.9
-
-
-
164459
HPE OneView/Synergy Composer access control [CVE-2020-7198]
medium
6.5
-
-
-
164458
TP-LINK Archer A7 USB Driver symlink [CVE-2020-5795]
medium
4.3
-
-
-
164457
IBM UrbanCode Deploy information disclosure [CVE-2020-4484]
low
4.0
-
-
-
164456
IBM UrbanCode Deploy information exposure [CVE-2020-4483]
low
4.0
-
-
-
164455
IBM UrbanCode Deploy REST Call access control [CVE-2020-4482]
medium
6.5
-
-
-
164454
Synopsys hub-rest-api-python SSL Certificate certificate validation
medium
5.8
-
-
-
164453
Play Framework PlayJava denial of service [CVE-2020-27196]
low
2.3
-
-
-
164452
Play Framework JSON Document recursion [CVE-2020-26883]
low
2.3
-
-
-
164451
Play Framework JSON form-data resource consumption
low
2.3
-
-
-
164450
Cellinx NVT Web Server SetFileContent.cgi improper authentication
medium
7.5
-
-
-
164449
Joplin Note cross site scripting [CVE-2020-28249]
low
4.0
-
-
-
164448
Asterisk PBX INVITE infinite loop [CVE-2020-28242]
low
5.0
-
-
-
164447
MIT Kerberos 5 ASN.1 asn1_encode.c recursion
low
2.3
-
-
-
164446
NATS nats-server access control [CVE-2020-26892]
medium
5.2
-
-
-
164445
NATS nats-server JWT Library null pointer dereference [CVE-2020-26521]
low
2.3
-
-
-
164444
SaltStack Salt salt-netapi improper authentication [CVE-2020-25592]
medium
5.8
-
-
-
164443
SaltStack Salt TLS Module certificate validation [CVE-2020-17490]
medium
4.3
-
-
-
164442
SaltStack Salt Salt API os command injection [CVE-2020-16846]
medium
5.2
-
-
-
164441
Kuka SVisual Components License Manager Service denial of service
low
3.3
-
-
-
164440
Kuka Visual Components License Manager Service information disclosure
low
3.3
-
-
-
164439
Studyplus App API Key hard-coded credentials [CVE-2020-5667]
medium
7.5
-
-
-
164438
Mitsubishi Electric GT1455-QTBDE TCPIP resource consumption [CVE-2020-5649]
low
5.0
-
-
-
164437
Mitsubishi Electric GT1455-QTBDE TCPIP argument injection
medium
5.8
-
-
-
164436
Mitsubishi Electric GT1455-QTBDE TCPIP access control [CVE-2020-5647]
medium
7.5
-
-
-
164435
Mitsubishi Electric GT1455-QTBDE TCPIP null pointer dereference
low
5.0
-
-
-
164434
Mitsubishi Electric GT1455-QTBDE TCPIP session fixiation [CVE-2020-5645]
medium
5.0
-
-
-
164433
Mitsubishi Electric GT1455-QTBDE TCPIP buffer overflow [CVE-2020-5644]
medium
7.5
-
-
-
164432
Cybozu Garoon Bulletin Board input validation [CVE-2020-5643]
medium
6.5
-
-
-
164431
libmaxminddb maxminddb.c dump_entry_data_list heap-based overflow
medium
5.2
-
-
-
164430
tmux input.c input_csi_dispatch_sgr_colon stack-based overflow
medium
4.3
-
-
-
164429
libvirt Socket permission assignment [CVE-2020-15708]
medium
4.3
-
-
-
164428
Apple watchOS WebKit use after free [CVE-2020-27918]
medium
7.5
-
-
-
164427
Apple watchOS Logging path traversal [CVE-2020-10010]
low
4.3
-
-
-
164426
Apple watchOS libxml2 integer overflow [CVE-2020-27911]
medium
7.5
-
-
-
164425
Apple watchOS libxml2 use after free [CVE-2020-27917]
medium
7.5
-
-
-
164424
Apple watchOS Kernel type confusion [CVE-2020-27932]
medium
6.8
-
-
-
164423
Apple watchOS Kernel memory corruption [CVE-2020-10016]
medium
6.8
-
-
-
164422
Apple watchOS Kernel state issue [CVE-2020-9974]
low
1.7
-
-
-
164421
Apple watchOS Kernel initialization [CVE-2020-27950]
low
1.7
-
-
-
164420
Apple watchOS IOAcceleratorFamily memory corruption [CVE-2020-27905]
medium
6.8
-
-
-
164419
Apple watchOS ImageIO out-of-bounds write [CVE-2020-27912]
medium
7.5
-
-
-
164418
Apple watchOS Foundation state issue [CVE-2020-10002]
low
1.7
-
-
-
164417
Apple watchOS FontParser out-of-bounds write [CVE-2020-27927]
medium
7.5
-
-
-
164416
Apple watchOS FontParser memory corruption [CVE-2020-27930]
medium
7.5
-
-
-
164415
Apple watchOS Crash Reporter symlink [CVE-2020-10003]
medium
4.6
-
-
-
164414
Apple watchOS CoreAudio out-of-bounds read [CVE-2020-27909]
medium
7.5
-
-
-
164413
Apple watchOS CoreAudio out-of-bounds write [CVE-2020-10017]
medium
7.5
-
-
-
164412
Apple watchOS Audio out-of-bounds write [CVE-2020-27916]
medium
7.5
-
-
-
164411
Apple watchOS Audio out-of-bounds read [CVE-2020-27910]
medium
7.5
-
-
-
164410
Apple macOS Kernel initialization [CVE-2020-27950]
low
1.7
-
-
-
164409
Apple macOS Kernel type confusion [CVE-2020-27932]
medium
6.8
-
-
-
164408
Apple macOS FontParser memory corruption [CVE-2020-27930]
medium
7.5
-
-
-
164407
Apple tvOS WebKit use after free [CVE-2020-27918]
medium
7.5
-
-
-
164406
Apple tvOS Logging path traversal [CVE-2020-10010]
low
4.3
-
-
-
164405
Apple tvOS libxml2 integer overflow [CVE-2020-27911]
medium
7.5
-
-
-
164404
Apple tvOS libxml2 use after free [CVE-2020-27917]
medium
7.5
-
-
-
164403
Apple tvOS Kernel memory corruption [CVE-2020-10016]
medium
6.8
-
-
-
164402
Apple tvOS Kernel information disclosure [CVE-2020-9974]
low
1.7
-
-
-
164401
Apple tvOS IOAcceleratorFamily memory corruption [CVE-2020-27905]
medium
6.8
-
-
-
164400
Apple tvOS ImageIO out-of-bounds write [CVE-2020-27912]
medium
7.5
-
-
-
164399
Apple tvOS Foundation behavioral workflow [CVE-2020-10002]
low
1.7
-
-
-
164398
Apple tvOS FontParser out-of-bounds write [CVE-2020-27927]
medium
7.5
-
-
-
164397
Apple tvOS Crash Reporter symlink [CVE-2020-10003]
low
4.3
-
-
-
164396
Apple tvOS CoreAudio out-of-bounds read [CVE-2020-27909]
medium
7.5
-
-
-
164395
Apple tvOS CoreAudio out-of-bounds write [CVE-2020-10017]
medium
7.5
-
-
-
164394
Apple tvOS Audio out-of-bounds write [CVE-2020-27916]
medium
7.5
-
-
-
164393
Apple tvOS Audio out-of-bounds read [CVE-2020-27910]
medium
7.5
-
-
-
164392
Apple iOS/iPadOS WebKit use after free [CVE-2020-27918]
medium
7.5
-
-
-
164391
Apple iOS/iPadOS Model I/O out-of-bounds read [CVE-2020-10011]
medium
7.5
-
-
-
164390
Apple iOS/iPadOS Model I/O out-of-bounds read [CVE-2020-13524]
medium
7.5
-
-
-
164389
Apple iOS/iPadOS Model I/O behavioral workflow [CVE-2020-10004]
medium
7.5
-
-
-
164388
Apple iOS/iPadOS Logging path traversal [CVE-2020-10010]
low
4.3
-
-
-
164387
Apple iOS/iPadOS libxml2 use after free [CVE-2020-27926]
medium
7.5
-
-
-
164386
Apple iOS/iPadOS libxml2 integer overflow [CVE-2020-27911]
medium
7.5
-
-
-
164385
Apple iOS/iPadOS libxml2 use after free [CVE-2020-27917]
medium
7.5
-
-
-
164384
Apple iOS/iPadOS Keyboard improper authentication [CVE-2020-27902]
low
2.1
-
-
-
164383
Apple iOS/iPadOS Kernel type confusion [CVE-2020-27932]
medium
6.8
-
-
-
164382
Apple iOS/iPadOS Kernel memory corruption [CVE-2020-10016]
medium
6.8
-
-
-
164381
Apple iOS/iPadOS Kernel information disclosure [CVE-2020-9974]
low
1.7
-
-
-
164380
Apple iOS/iPadOS Kernel information disclosure [CVE-2020-27950]
low
1.7
-
-
-
164379
Apple iOS/iPadOS IOAcceleratorFamily memory corruption [CVE-2020-27905]
medium
6.8
-
-
-
164378
Apple iOS/iPadOS ImageIO out-of-bounds write [CVE-2020-27912]
medium
7.5
-
-
-
164377
Apple iOS/iPadOS Foundation behavioral workflow [CVE-2020-10002]
low
1.7
-
-
-
164376
Apple iOS/iPadOS FontParser out-of-bounds write [CVE-2020-27927]
medium
7.5
-
-
-
164375
Apple iOS/iPadOS FontParser memory corruption [CVE-2020-27930]
medium
7.5
-
-
-
164374
Apple iOS/iPadOS Crash Reporter symlink [CVE-2020-10003]
low
4.3
-
-
-
164373
Apple iOS/iPadOS CoreAudio out-of-bounds read [CVE-2020-27909]
medium
7.5
-
-
-
164372
Apple iOS/iPadOS CoreAudio out-of-bounds write [CVE-2020-10017]
medium
7.5
-
-
-
164371
Apple iOS/iPadOS CallKit state issue [CVE-2020-27925]
low
5.0
-
-
-
164370
Apple iOS/iPadOS Audio out-of-bounds write [CVE-2020-27916]
medium
7.5
-
-
-
164369
Apple iOS/iPadOS Audio out-of-bounds read [CVE-2020-27910]
medium
7.5
-
-
-
164368
Apple iOS FaceTime out-of-bounds read [CVE-2020-27929]
medium
7.5
-
-
-
164367
UniFi Protect controller API improper authentication [CVE-2020-8267]
medium
5.8
-
-
-
164366
HPE Proliant Gen10 Server Intel Innovation Engine access control
medium
7.2
-
-
-
164365
ZTE ZXA10 eODN information disclosure [CVE-2020-6877]
low
4.0
-
-
-
164364
Check Point Endpoint Security Log File link following [CVE-2020-6015]
medium
4.1
-
-
-
164363
F5 BIG-IP Advanced WAF/BIG-IP FPS Traffic Management Microkernel denial of service
low
2.3
-
-
-
164362
F5 BIG-IP TMUI Page cross site scripting [CVE-2020-5945]
low
5.0
-
-
-
164361
F5 BIG-IQ DNS Overview Page information exposure [CVE-2020-5944]
low
2.7
-
-
-
164360
F5 BIG-IP REST Interface access control [CVE-2020-5943]
medium
6.5
-
-
-
164359
F5 BIG-IP PEM Traffic Management Microkernel denial of service
low
5.2
-
-
-
164358
F5 BIG-IP Traffic Management Microkernel lookup denial of service
low
5.2
-
-
-
164357
F5 BIG-IP Configuration utility Traffic Management User Interface cross site scripting
low
4.0
-
-
-
164356
F5 BIG-IP Virtual Edition Traffic Management Microkernel O denial of service
low
2.3
-
-
-
164355
Tenable Nessus/Nessus Agent access control [CVE-2020-5793]
medium
6.5
-
-
-
164354
Marmind Todo injection [CVE-2020-26507]
medium
6.5
-
-
-
164353
Marmind cross site scripting [CVE-2020-26505]
low
4.0
-
-
-
164352
Micro Focus Self Service Password Reset information disclosure
low
2.3
-
-
-
164351
Red Hat Linux Bluetooth Stack stack-based overflow [CVE-2020-25662]
medium
3.3
-
-
-
164350
Red Hat Linux L2CAP Packet type confusion [CVE-2020-25661]
low
5.0
-
-
-
164349
Apache Shiro Spring improper authentication [CVE-2020-17510]
medium
5.8
-
-
-
164348
HCL Digital Experience cross site scripting [CVE-2020-14222]
low
4.0
-
-
-
164347
Telerik Fiddler Local Privilege Escalation [CVE-2020-13661]
low
4.1
-
-
-
164346
Moxa MXView permission [CVE-2020-13537]
medium
4.3
-
-
-
164345
Moxa MXView permission [CVE-2020-13536]
medium
5.2
-
-
-
164344
Silver Peak Unity Orchestrator REST API sqlExecution path traversal
medium
6.5
-
-
-
164343
Silver Peak Unity Orchestrator REST API debugFiles path traversal
medium
6.5
-
-
-
164342
Silver Peak Unity Orchestrator HTTP Host Header improper authentication
medium
4.6
-
-
-
164341
IBM QRadar SIEM Multi Tenant Configuration information disclosure
low
1.7
-
-
-
164340
phantom-html-to-pdf information disclosure [CVE-2020-7763]
low
5.0
-
-
-
164339
jsreport-chrome-pdf information disclosure [CVE-2020-7762]
low
4.0
-
-
-
164338
AudimexEE sql injection [CVE-2020-28115]
medium
6.5
-
-
-
164337
AudimexEE Configuration Parameter cross site scripting [CVE-2020-28047]
low
4.0
-
-
-
164336
Git LFS command injection [CVE-2020-27955]
medium
6.0
-
-
-
164335
RVTools Configuration File RVToolsPasswordEncryption.exe insufficiently protected credentials
low
2.3
-
-
-
164334
Hindotech HK1 Box S905X3 Serial Port su Local Privilege Escalation
medium
6.8
-
-
-
164333
Marmind Web Application Web GUI authorization [CVE-2020-26506]
medium
4.9
-
-
-
164332
InterMind iMind Server Chat cross site scripting [CVE-2020-25399]
low
4.0
-
-
-
164331
InterMind iMind Server CSV Export injection [CVE-2020-25398]
medium
4.9
-
-
-
164330
FruityWifi Metacharacter page_config_adv.php os command injection
medium
6.5
-
-
-
164329
Immuta cross site scripting [CVE-2020-15952]
low
5.0
-
-
-
164328
Immuta Project Name redirect [CVE-2020-15951]
low
4.9
-
-
-
164327
Immuta user session [CVE-2020-15950]
low
4.3
-
-
-
164326
Immuta User Account permission [CVE-2020-15949]
medium
5.2
-
-
-
164325
absolunet kafe Email Validator denial of service [CVE-2020-7761]
low
5.0
-
-
-
164324
HorizontCMS FileManager
unrestricted upload
medium
6.0
-
-
-
164323
Aruba AirWave command injection [CVE-2020-7129]
medium
6.0
-
-
-
164322
Aruba AirWave command injection [CVE-2020-7128]
medium
6.8
-
-
-
164321
SDDM X Server race condition [CVE-2020-28049]
medium
6.5
-
-
-
164320
Relish VH510 Web Management Portal denial of service [CVE-2020-27692]
low
3.5
-
-
-
164319
Relish VH510 URLBlocking Setting cross site scripting [CVE-2020-27691]
low
4.0
-
-
-
164318
Relish VH510 Web Management Portal formDOMAINBLK buffer overflow
low
2.7
-
-
-
164317
Relish VH510 Web Management Interface backdoor [CVE-2020-27689]
high
10.0
-
-
-
164316
DatabaseSchemaViewer dbschema File deserialization [CVE-2020-26207]
low
6.5
-
-
-
164315
Hashicorp Consul Enterprise Namespace denial of service [CVE-2020-25201]
low
2.3
-
-
-
164314
Subrion CMS cross site scripting [CVE-2019-7356]
low
4.0
-
-
-
164313
tcpdump ppp Decapsulator allocation of resources [CVE-2020-8037]
low
2.3
-
-
-
164312
tcpdump SOME/IP Dissector tok2strbuf out-of-bounds read
medium
4.9
-
-
-
164311
Fuel CMS Page Preview access control [CVE-2020-26167]
medium
5.2
-
-
-
164310
VMware Lab Manager Slaves Plugin credentials storage [CVE-2020-2319]
low
2.3
-
-
-
164309
Mail Commander Plugin for Jenkins-ci Plugin credentials storage
low
2.7
-
-
-
164308
FindBugs Plugin Tooltip cross site scripting [CVE-2020-2317]
low
4.0
-
-
-
164307
Static Analysis Utilities Plugin Tooltip Configure cross site scripting
low
4.0
-
-
-
164306
Visualworks Store Plugin XML Parser xml external entity reference
medium
4.9
-
-
-
164305
AppSpider Plugin Configuration File credentials storage [CVE-2020-2314]
low
2.3
-
-
-
164304
Azure Key Vault Plugin Credentials Read authorization
low
2.7
-
-
-
164303
Jenkins SQLPlus Script Runner Plugin Command Line Argument insufficiently protected credentials
low
2.7
-
-
-
164302
Jenkins AWS Global Configuration Plugin authorization [CVE-2020-2311]
medium
5.2
-
-
-
164301
Ansible Plugin authorization [CVE-2020-2310]
low
2.7
-
-
-
164300
Kubernetes Plugin authorization [CVE-2020-2309]
medium
5.2
-
-
-
164299
Kubernetes Plugin Template Name authorization [CVE-2020-2308]
low
2.7
-
-
-
164298
Kubernetes Plugin Environment Variable information disclosure
low
2.7
-
-
-
164297
Mercurial Plugin Installation authorization [CVE-2020-2306]
low
2.7
-
-
-
164296
Mercurial Plugin XML Parser xml external entity reference [CVE-2020-2305]
medium
4.9
-
-
-
164295
Subversion Plugin XML Parser xml external entity reference [CVE-2020-2304]
medium
4.9
-
-
-
164294
Active Directory Plugin cross-site request forgery [CVE-2020-2303]
low
4.0
-
-
-
164293
Active Directory Plugin Domain Health Check Diagnostic Page authorization
medium
5.2
-
-
-
164292
Active Directory Plugin Windows ADSI Mode improper authentication
medium
5.8
-
-
-
164291
Active Directory Plugin Windows ADSI Mode improper authentication
medium
5.8
-
-
-
164290
Active Directory Plugin improper authentication [CVE-2020-2299]
medium
5.8
-
-
-
164289
phpMyAdmin Export Section injection [CVE-2020-22278]
medium
4.9
-
-
-
164288
Import and Export Users and Customers Plugin Customer Profile injection
medium
4.9
-
-
-
164287
WeForms Plugin injection [CVE-2020-22276]
medium
4.9
-
-
-
164286
Easy Registration Forms Plugin injection [CVE-2020-22275]
medium
6.5
-
-
-
164285
JomSocial Customer Profile injection [CVE-2020-22274]
medium
4.9
-
-
-
164284
Neoflex Video Subscription System cross-site request forgery
low
4.0
-
-
-
164283
Linux Kernel KVM Hypervisor stack-based overflow [CVE-2020-27152]
medium
6.8
-
-
-
164282
HCL Notes Client cross site scripting [CVE-2020-14240]
medium
4.3
-
-
-
164281
HCL Notes Client Email Composer buffer overflow [CVE-2020-4097]
medium
4.3
-
-
-
164280
QEMU ati-vga Emulator process ati_2d_blt out-of-bounds read
low
3.5
-
-
-
164279
QEMU Networking Helper eth_get_gso_type assertion
low
2.3
-
-
-
164278
Adobe Acrobat Reader use after free [CVE-2020-24438]
medium
5.0
-
-
-
164277
Adobe Acrobat Reader use after free [CVE-2020-24437]
medium
7.5
-
-
-
164276
Adobe Acrobat Reader use after free [CVE-2020-24430]
medium
7.5
-
-
-
164275
Adobe Acrobat Reader race condition [CVE-2020-24428]
medium
4.3
-
-
-
164274
Adobe Acrobat Reader out-of-bounds read [CVE-2020-24434]
medium
5.0
-
-
-
164273
Adobe Acrobat Reader out-of-bounds read [CVE-2020-24426]
medium
5.0
-
-
-
164272
Adobe Acrobat Reader out-of-bounds write [CVE-2020-24436]
medium
7.5
-
-
-
164271
Adobe Acrobat Reader security check for standard [CVE-2020-24431]
medium
7.5
-
-
-
164270
Adobe Acrobat Reader input validation [CVE-2020-24427]
medium
5.0
-
-
-
164269
Adobe Acrobat Reader signature verification [CVE-2020-24429]
medium
7.5
-
-
-
164268
Adobe Acrobat Reader signature verification [CVE-2020-24439]
medium
7.5
-
-
-
164267
Adobe Acrobat Reader input validation [CVE-2020-24432]
medium
7.5
-
-
-
164266
Adobe Acrobat Reader access control [CVE-2020-24433]
medium
4.3
-
-
-
164265
Adobe Acrobat Reader heap-based overflow [CVE-2020-24435]
medium
7.5
-
-
-
164264
BookStack Link cross site scripting [CVE-2020-26211]
low
4.0
-
-
-
164263
BookStack Link cross site scripting [CVE-2020-26210]
low
5.0
-
-
-
164262
Facebook WhatsApp/WhatsApp Business Video Call use after free
low
5.0
-
-
-
164261
Facebook WhatsApp/WhatsApp Business Siri improper authorization
medium
4.6
-
-
-
164260
IBM App Connect Enterprise Certified Container improper restriction of rendered ui layers
medium
6.5
-
-
-
164259
IBM Planning Analytics Local TM1Web User Session user session
low
4.0
-
-
-
164258
IBM Maximo Anywhere config [CVE-2019-4349]
low
4.3
-
-
-
164257
Sony KD-65AF8 USB3 Device denial of service [CVE-2020-28207]
low
4.9
-
-
-
164256
Google Chrome Networking clickjacking [CVE-2020-6557]
low
5.0
-
-
-
164255
Google Chrome UI buffer overflow [CVE-2020-16011]
medium
7.5
-
-
-
164254
Google Chrome UI buffer overflow [CVE-2020-16010]
medium
7.5
-
-
-
164253
Google Chrome v8 heap-based overflow [CVE-2020-16009]
medium
7.5
-
-
-
164252
Google Chrome WebRTC buffer overflow [CVE-2020-16008]
medium
7.5
-
-
-
164251
Google Chrome Installer access control [CVE-2020-16007]
medium
4.3
-
-
-
164250
Google Chrome v8 heap-based overflow [CVE-2020-16006]
medium
7.5
-
-
-
164249
Google Chrome ANGLE heap-based overflow [CVE-2020-16005]
medium
7.5
-
-
-
164248
Google Chrome User Interface use after free [CVE-2020-16004]
medium
7.5
-
-
-
164247
Google Chrome Renderer Process use after free [CVE-2020-15998]
medium
7.5
-
-
-
164246
Google Chrome Mojo use after free [CVE-2020-15997]
medium
7.5
-
-
-
164245
Google Chrome Passwords use after free [CVE-2020-15996]
medium
7.5
-
-
-
164244
Google Chrome v8 out-of-bounds write [CVE-2020-15995]
medium
7.5
-
-
-
164243
Google Chrome v8 use after free [CVE-2020-15994]
medium
7.5
-
-
-
164242
Google Chrome Printing use after free [CVE-2020-15993]
medium
7.5
-
-
-
164241
Google Chrome Same Origin Policy unknown vulnerability [CVE-2020-15992]
medium
7.5
-
-
-
164240
Google Chrome Password Manager use after free [CVE-2020-15991]
medium
7.5
-
-
-
164239
Google Chrome Autofill use after free [CVE-2020-15990]
medium
7.5
-
-
-
164238
Google Chrome PDFium uninitialized pointer [CVE-2020-15989]
low
5.0
-
-
-
164237
Google Chrome Download access control [CVE-2020-15988]
medium
7.5
-
-
-
164236
Google Chrome WebRTC Stream use after free [CVE-2020-15987]
medium
7.5
-
-
-
164235
Google Chrome Media integer overflow [CVE-2020-15986]
medium
7.5
-
-
-
164234
Google Chrome clickjacking [CVE-2020-15985]
medium
7.5
-
-
-
164233
Google Chrome Omnibox clickjacking [CVE-2020-15984]
medium
7.5
-
-
-
164232
Google Chrome webUI improper restriction of rendered ui layers
low
4.3
-
-
-
164231
Google Chrome information disclosure [CVE-2020-15982]
low
5.0
-
-
-
164230
Google Chrome out-of-bounds read [CVE-2020-15981]
low
5.0
-
-
-
164229
Google Chrome Intents Local Privilege Escalation [CVE-2020-15980]
low
4.3
-
-
-
164228
Google Chrome v8 heap-based overflow [CVE-2020-15979]
medium
7.5
-
-
-
164227
Google Chrome Navigation input validation [CVE-2020-15978]
medium
7.5
-
-
-
164226
Google Chrome Dialog Validation information disclosure [CVE-2020-15977]
low
5.0
-
-
-
164225
Google Chrome HTML use after free [CVE-2020-15976]
medium
7.5
-
-
-
164224
Google Chrome SwiftShader integer overflow [CVE-2020-15975]
medium
7.5
-
-
-
164223
Google Blink integer overflow [CVE-2020-15974]
medium
7.5
-
-
-
164222
Google Chrome Same Origin Policy unknown vulnerability [CVE-2020-15973]
low
5.0
-
-
-
164221
Google Chrome Audio use after free [CVE-2020-15972]
medium
7.5
-
-
-
164220
Google Chrome Renderer Process use after free [CVE-2020-15971]
medium
7.5
-
-
-
164219
Google Chrome NFC use after free [CVE-2020-15970]
medium
7.5
-
-
-
164218
Google Chrome WebRTC use after free [CVE-2020-15969]
medium
7.5
-
-
-
164217
Google Chrome Blink use after free [CVE-2020-15968]
medium
7.5
-
-
-
164216
Google Chrome Payments use after free [CVE-2020-15967]
medium
7.5
-
-
-
164215
Swift JSON stack-based overflow [CVE-2020-9861]
medium
5.2
-
-
-
164214
Module Olea Gift On Order getfile.php pathname traversal
medium
5.0
-
-
-
164213
Nextcloud Server WebAuthn improper authentication [CVE-2020-8236]
medium
5.2
-
-
-
164212
Nextcloud Server API Call credentials storage [CVE-2020-8183]
low
2.3
-
-
-
164211
Nextcloud Server Encryption random values [CVE-2020-8173]
low
1.4
-
-
-
164210
browserless-chrome File Path path traversal [CVE-2020-7758]
medium
5.0
-
-
-
164209
droppy Configuration File path traversal [CVE-2020-7757]
medium
4.0
-
-
-
164208
Check Point Software Endpoint Security Client Anti-Bot/Threat Emulation uncontrolled search path
low
4.0
-
-
-
164207
Mitsubishi Electric MELSEC iQ-R Network Interface resource consumption
medium
6.4
-
-
-
164206
Mitsubishi Electric MELSEC iQ-R Network Interface argument injection
medium
5.8
-
-
-
164205
Mitsubishi Electric MELSEC iQ-R Network Interface access control
medium
6.4
-
-
-
164204
Mitsubishi Electric MELSEC iQ-R Network Interface null pointer dereference
low
4.3
-
-
-
164203
Mitsubishi Electric MELSEC iQ-R Network Interface IP session fixiation
medium
7.5
-
-
-
164202
Mitsubishi Electric MELSEC iQ-R Network Interface buffer overflow
medium
5.0
-
-
-
164201
Mitsubishi Electric MELSEC iQ-R/MELSEC iQ-Q/MELSEC iQ-L 02 resource consumption
low
4.3
-
-
-
164200
ProlinOS access control [CVE-2020-28046]
medium
6.8
-
-
-
ID
Title
VulDB
CVSS
Secunia
XForce
Nessus
164199
ProlinOS Signature insufficient verification of data authenticity
low
2.1
-
-
-
164198
ProlinOS Management Mode permission [CVE-2020-28044]
medium
4.3
-
-
-
164197
MISP REST Client server-side request forgery [CVE-2020-28043]
medium
5.2
-
-
-
164196
ServiceStack JWT Signature Verification signature verification
low
2.3
-
-
-
164195
Netgear Nighthawk R7000 NAT protection mechanism [CVE-2020-28041]
low
5.1
-
-
-
164194
WordPress Background Image cross-site request forgery [CVE-2020-28040]
low
5.0
-
-
-
164193
WordPress File meta.php is_protected_meta path traversal
medium
4.1
-
-
-
164192
WordPress Post Slug cross site scripting [CVE-2020-28038]
low
5.0
-
-
-
164191
WordPress Installation functions.php is_blog_installed access control
medium
6.5
-
-
-
164190
WordPress XML-RPC class-wp-xmlrpc-server.php access control
medium
6.5
-
-
-
164189
WordPress XML-RPC access control [CVE-2020-28035]
medium
5.2
-
-
-
164188
WordPress Global Variable cross site scripting [CVE-2020-28034]
low
5.0
-
-
-
164187
WordPress Embed unknown vulnerability [CVE-2020-28033]
low
4.9
-
-
-
164186
WordPress FilteredIterator.php deserialization
medium
4.9
-
-
-
164185
eramba HTTP Host Header injection [CVE-2020-28031]
medium
4.9
-
-
-
164184
Wireshark GQUIC Dissector packet-gquic.c denial of service
low
5.0
-
-
-
164183
SonarQube Project Endpoint submit improper authentication
medium
7.5
-
-
-
164182
Dr.Fone DriverInstall.exe access control
medium
4.3
-
-
-
164181
IceWarp cross site scripting [CVE-2020-27982]
low
4.0
-
-
-
164180
Electronic Arts Origin Client access control [CVE-2020-27708]
medium
9.0
-
-
-
164179
REDCap Messenger cross site scripting [CVE-2020-27359]
low
4.0
-
-
-
164178
REDCap CSV information disclosure [CVE-2020-27358]
low
2.7
-
-
-
164177
Bouncy Castle BC/BC-FJA RSA Private Key information exposure
low
2.3
-
-
-
164176
WildFly Connection resource consumption [CVE-2020-25689]
low
4.0
-
-
-
164175
osTicket server-side request forgery [CVE-2020-24881]
medium
5.8
-
-
-
164174
NeDi pwsec.php cross site scripting
low
4.0
-
-
-
164173
NeDi rt-popup.php cross site scripting
low
4.0
-
-
-
164172
Moxa VPort 461 command injection [CVE-2020-23639]
medium
6.5
-
-
-
164171
Electronic Arts Origin Client Javascript cross site scripting
low
5.0
-
-
-
164170
Oracle WebLogic Server Remote Code Execution [CVE-2020-14750]
high
10.0
-
-
-
164169
Foxit Reader Javascript API app.opencPDFWebPage access control
medium
7.5
-
-
-
164168
go-ipfs Routing Table unknown vulnerability [CVE-2020-10937]
low
4.9
-
-
-
164167
Shun Hu JUUKO K-808 authentication replay [CVE-2018-19025]
medium
5.8
-
-
-
164166
Shun Hu JUUKO K-800 authentication replay [CVE-2018-17932]
medium
5.8
-
-
-
164165
QNAP Photo Station Scripting photo_station cross site scripting
low
5.0
-
-
-
164164
QNAP Photo Station Scripting photo_station cross site scripting
low
4.0
-
-
-
164163
QNAP Photo Station cross site scripting [CVE-2018-19954]
low
5.0
-
-
-
164162
QNAP Music Station SQL Injection sql injection [CVE-2018-19952]
medium
4.0
-
-
-
164161
QNAP Music Station Scripting cross site scripting [CVE-2018-19951]
low
5.0
-
-
-
164160
QNAP Music Station Command command injection [CVE-2018-19950]
medium
7.5
-
-
-
164159
Qualcomm Snapdragon Auto PDU state issue [CVE-2020-3704]
low
2.3
-
-
-
164158
Qualcomm Snapdragon Auto Bluetooth buffer overflow [CVE-2020-3703]
medium
5.2
-
-
-
164157
Qualcomm Snapdragon Auto Permission use after free [CVE-2020-3696]
medium
4.9
-
-
-
164156
Qualcomm Snapdragon Auto qseecom buffer overflow [CVE-2020-3694]
medium
5.2
-
-
-
164155
Qualcomm Snapdragon Auto qseecom buffer overflow [CVE-2020-3693]
medium
5.2
-
-
-
164154
Qualcomm Snapdragon Auto IMEI buffer overflow [CVE-2020-3692]
medium
5.2
-
-
-
164153
Qualcomm Snapdragon Auto SMUU Configuration unknown vulnerability
low
4.9
-
-
-
164152
Qualcomm Snapdragon Auto QSEE permission [CVE-2020-3684]
medium
5.2
-
-
-
164151
Qualcomm Snapdragon Consumer IOT API buffer overflow [CVE-2020-3678]
medium
5.2
-
-
-
164150
Qualcomm Snapdragon Auto SIP Message buffer overflow [CVE-2020-3673]
medium
5.2
-
-
-
164149
Qualcomm Snapdragon Auto NAS Transport out-of-bounds read [CVE-2020-3670]
low
2.3
-
-
-
164148
Qualcomm Snapdragon Auto Device Control array index [CVE-2020-3657]
medium
6.5
-
-
-
164147
Qualcomm Snapdragon Auto SIP Message buffer overflow [CVE-2020-3654]
medium
5.2
-
-
-
164146
Qualcomm Snapdragon Auto access control [CVE-2020-3638]
medium
5.2
-
-
-
164145
Qualcomm Snapdragon Auto array index [CVE-2020-11174]
medium
4.9
-
-
-
164144
Qualcomm Snapdragon Auto fastRPC Driver race condition [CVE-2020-11173]
low
4.0
-
-
-
164143
Qualcomm Snapdragon Wired Infrastructure and Networking fscanf stack-based overflow
medium
5.2
-
-
-
164142
Qualcomm Snapdragon Auto L2CAP Packet integer overflow [CVE-2020-11169]
low
4.9
-
-
-
164141
Qualcomm Snapdragon Auto Perfdump access control [CVE-2020-11164]
medium
5.2
-
-
-
164140
Qualcomm Snapdragon Auto MHI Driver buffer overflow [CVE-2020-11162]
medium
5.2
-
-
-
164139
Qualcomm Snapdragon Auto Control Message denial of service [CVE-2020-11157]
low
2.3
-
-
-
164138
Qualcomm Snapdragon Auto Bluetooth buffer overflow [CVE-2020-11156]
medium
5.2
-
-
-
164137
Qualcomm Snapdragon Auto Bluetooth buffer overflow [CVE-2020-11155]
medium
5.2
-
-
-
164136
Qualcomm Snapdragon Auto Bluetooth buffer overflow [CVE-2020-11154]
medium
5.2
-
-
-
164135
Qualcomm Snapdragon Auto GATT Data out-of-bounds read [CVE-2020-11153]
medium
6.5
-
-
-
164134
Qualcomm Snapdragon Auto Bluetooth estack buffer overflow [CVE-2020-11141]
medium
5.2
-
-
-
164133
Qualcomm Snapdragon Auto MHI Command out-of-bounds read [CVE-2020-11125]
low
2.3
-
-
-
164132
Qualcomm Snapdragon Compute Bluetooth buffer overflow [CVE-2020-11114]
medium
4.3
-
-
-
164131
MailGates/MailAudit command injection [CVE-2020-25849]
medium
9.0
-
-
-
164130
vBulletin subWidgets Data widget_tabbedcontainer_tab_panel command injection
medium
6.0
-
-
-
164129
NVIDIA CUDA Toolkit NVJPEG Library out-of-bounds write [CVE-2020-5991]
medium
5.2
-
-
-
164128
VMware Tanzu SSO Operator Dashboard improper authentication [CVE-2020-5425]
medium
5.2
-
-
-
164127
IBM i2 iBase unrestricted upload [CVE-2020-4588]
medium
6.8
-
-
-
164126
IBM i2 iBase information exposure [CVE-2020-4584]
low
4.0
-
-
-
164125
apt Error Message path traversal [CVE-2020-15703]
medium
8.3
-
-
-
164124
baserCMS Edit Template unrestricted upload [CVE-2020-15277]
low
5.8
-
-
-
164123
baserCMS Blog Comment cross site scripting [CVE-2020-15276]
low
4.0
-
-
-
164122
baserCMS Edit Feed Settings cross site scripting [CVE-2020-15273]
low
4.0
-
-
-
164121
Microsoft Windows Kernel Cryptography Driver cng.sys CfgAdtpFormatPropertyBlock buffer overflow
medium
7.7
-
-
-
164120
codemirror Regular Expression incorrect regex [CVE-2020-7760]
medium
5.0
-
-
-
164119
Pimcore sql injection [CVE-2020-7759]
medium
5.8
-
-
-
164118
F5 BIG-IP IPSec Tunnel inadequate encryption [CVE-2020-5938]
low
2.6
-
-
-
164117
F5 BIG-IP AFM Traffic Management Microkernel denial of service
low
2.3
-
-
-
164116
Big BIG-IP LTM Traffic Management Microkernel resource consumption
low
5.0
-
-
-
164115
F5 BIG-IP MQTT Traffic denial of service [CVE-2020-5935]
low
2.3
-
-
-
164114
F5 BIG-IP APM SLO URL denial of service [CVE-2020-5934]
low
2.3
-
-
-
164113
F5 BIG-IP HTTP Compression resource consumption [CVE-2020-5933]
low
2.3
-
-
-
164112
F5 BIG-IP ASM Configuration Utility cross site scripting [CVE-2020-5932]
low
4.0
-
-
-
164111
F5 BIG-IP OneConnect Profile resource consumption [CVE-2020-5931]
low
2.3
-
-
-
164110
IBM Resilient SOAR authentication spoofing [CVE-2020-4864]
medium
4.9
-
-
-
164109
IBM i2 Analyst Notebook memory corruption [CVE-2020-4724]
medium
7.5
-
-
-
164108
IBM i2 Analyst Notebook memory corruption [CVE-2020-4723]
medium
7.5
-
-
-
164107
IBM i2 Analyst Notebook memory corruption [CVE-2020-4722]
medium
7.5
-
-
-
164106
IBM i2 Analyst Notebook Memory memory corruption [CVE-2020-4721]
medium
7.5
-
-
-
164105
FastReport GetProcAddress inadequate encryption
low
4.9
-
-
-
164104
SmartStoreNET unknown vulnerability [CVE-2020-27996]
low
4.9
-
-
-
164103
Zoho ManageEngine Applications Manager MyPage.do sql injection
medium
5.2
-
-
-
164102
Hrsale pathname traversal [CVE-2020-27993]
low
2.7
-
-
-
164101
EyesOfNetwork AutoDiscovery Module autodiscovery.php os command injection
medium
5.2
-
-
-
164100
EyesOfNetwork eonweb Web Interface functions.php username_available sql injection
medium
5.8
-
-
-
164099
WSO2 API Manager cross site scripting [CVE-2020-27885]
low
4.0
-
-
-
164098
Click Studios Passwordstate PIN Generator information disclosure
low
2.1
-
-
-
164097
Western Digital My Cloud NAS access control [CVE-2020-27744]
medium
6.5
-
-
-
164096
Trend Micro Antivirus information exposure [CVE-2020-27015]
low
1.7
-
-
-
164095
Trend Micro Antivirus Web Threat Protection race condition [CVE-2020-27014]
low
2.3
-
-
-
164094
Sal machine_list cross site scripting
low
4.0
-
-
-
164093
Commvault CommCell pathname traversal [CVE-2020-25780]
medium
5.2
-
-
-
164092
Ansible Community Private Key openssl_privatekey_info log file
low
4.0
-
-
-
164091
WSO2 Enterprise Integrator BPMN Explorer Task cross site scripting
low
4.0
-
-
-
164090
Broadleaf Scripting HTTP POST cross site scripting [CVE-2020-21266]
low
4.0
-
-
-
164089
Samba Winbind service null pointer dereference [CVE-2020-14323]
low
1.7
-
-
-
164088
IBM Security Directory Server Authorization Token missing secure attribute
low
2.6
-
-
-
164087
IBM Security Directory Server information exposure [CVE-2019-4547]
low
5.0
-
-
-
164086
Rapid7 Metasploit APK File command injection [CVE-2020-7384]
medium
7.5
-
-
-
164085
chart.js Options Parameter code injection [CVE-2020-7746]
medium
5.0
-
-
-
164084
Synology Router Manager Set-Cookie Header cookie without 'httponly' flag
low
2.6
-
-
-
164083
Synology Router Manager DDNS channel accessible [CVE-2020-27657]
low
2.6
-
-
-
164082
Synology DiskStation Manager DDNS channel accessible [CVE-2020-27656]
low
2.6
-
-
-
164081
Synology Router Manager QuickConnect access control [CVE-2020-27655]
medium
7.5
-
-
-
164080
Synology Router Manager lbd tcp access control
medium
6.5
-
-
-
164079
Synology Router Manager QuickConnect channel accessible [CVE-2020-27653]
low
5.1
-
-
-
164078
Synology DiskStation Manager QuickConnect channel accessible
low
5.1
-
-
-
164077
Synology Router Manager missing secure attribute [CVE-2020-27651]
low
2.6
-
-
-
164076
Synology DiskStation Manager missing secure attribute [CVE-2020-27650]
low
2.6
-
-
-
164075
Synology Router Manager OpenVPN Client certificate validation
medium
7.5
-
-
-
164074
Synology DiskStation Manager OpenVPN Client channel accessible
low
5.1
-
-
-
164073
SonarQube values missing encryption [Disputed]
low
4.0
-
-
-
164072
Firefly III Auto-Complete cross site scripting [CVE-2020-27981]
low
2.1
-
-
-
164071
Genexis Platinum-4410 cross site scripting [CVE-2020-27980]
low
4.0
-
-
-
164070
Citadel WebCit Object Reference msg_confirm_move authorization
medium
4.0
-
-
-
164069
Citadel WebCit Parameter cross site scripting [CVE-2020-27741]
low
4.0
-
-
-
164068
Citadel WebCit information disclosure [CVE-2020-27740]
low
4.3
-
-
-
164067
Citadel WebCit user session [CVE-2020-27739]
medium
6.8
-
-
-
164066
Dual DHCP DNS Server DualServer.exe access control
medium
4.3
-
-
-
164065
Home DNS Server HomeDNSServer.exe access control
medium
4.3
-
-
-
164064
Open DHCP Server OpenDHCPServer.exe access control
medium
5.2
-
-
-
164063
Open TFTP Server Multithreaded OpenTFTPServerMT.exe access control
medium
5.2
-
-
-
164062
Sectona Spectra SOAP API Endpoint improper authentication [CVE-2020-25966]
medium
3.3
-
-
-
164061
CyberArk Privileged Session Manager Error Popup Message information disclosure
low
2.3
-
-
-
164060
God Kings App Push Notification improper authorization [CVE-2020-25204]
medium
4.3
-
-
-
164059
QSC Q-SYS Core Manager TFTP Service passwd pathname traversal
medium
6.5
-
-
-
164058
Gophish Cookie session expiration [CVE-2020-24713]
medium
5.2
-
-
-
164057
Gophish Account Settings Page cross site scripting [CVE-2020-24712]
low
4.0
-
-
-
164056
Gophish Account Settings Page denial of service [CVE-2020-24711]
low
2.3
-
-
-
164055
Gophish server-side request forgery [CVE-2020-24710]
medium
5.2
-
-
-
164054
Gophish Landing Page/Email Template cross site scripting [CVE-2020-24709]
low
4.0
-
-
-
164053
Gophish Send Profile Form cross site scripting [CVE-2020-24708]
low
4.0
-
-
-
164052
Gophish CSV csv injection [CVE-2020-24707]
low
4.9
-
-
-
164051
Winston Configuration unknown vulnerability [CVE-2020-16263]
medium
7.5
-
-
-
164050
Winston access control [CVE-2020-16262]
medium
6.8
-
-
-
164049
Winston U-Boot Interrupt access control [CVE-2020-16261]
medium
6.8
-
-
-
164048
Winston improper authorization [CVE-2020-16260]
medium
6.5
-
-
-
164047
Winston permission assignment [CVE-2020-16259]
medium
4.9
-
-
-
164046
Winston Monit Service hard-coded credentials [CVE-2020-16258]
medium
5.8
-
-
-
164045
Winston API cross-site request forgery [CVE-2020-16256]
low
4.0
-
-
-
164044
NVIDIA DGX AMI BMC Firmware weak prng [CVE-2020-11616]
low
2.3
-
-
-
164043
NVIDIA DGX Cipher Key hard-coded key [CVE-2020-11615]
low
2.3
-
-
-
164042
NVIDIA DGX-1/DGX-2 AMI BMC Firmware information disclosure [CVE-2020-11489]
low
5.0
-
-
-
164041
NVIDIA DGX-1/DGX-2 Firmware Signature code download [CVE-2020-11488]
low
4.9
-
-
-
164040
NVIDIA DGX-1/DGX-2/DGX A100 AMI BMC Firmware hard-coded key [CVE-2020-11487]
low
2.3
-
-
-
164039
NVIDIA DGX-1 AMI BMC Firmware unrestricted upload [CVE-2020-11486]
medium
6.0
-
-
-
164038
NVIDIA DGX-1 cross-site request forgery [CVE-2020-11485]
low
4.0
-
-
-
164037
NVIDIA DGX-1 AMI BMC Firmware IPMI information disclosure
low
1.9
-
-
-
164036
NVIDIA DGX-1/DGX-2 AMI BMC Firmware hard-coded credentials [CVE-2020-11483]
medium
5.8
-
-
-
164035
QNAP QTS cross site scripting [CVE-2018-19953]
low
4.0
-
-
-
164034
QNAP QTS command injection [CVE-2018-19949]
medium
6.5
-
-
-
164033
QNAP QTS cross site scripting [CVE-2018-19943]
low
4.0
-
-
-
164032
IBM WebSphere Application Server path traversal [CVE-2020-4782]
medium
6.0
-
-
-
164031
Microsoft Sterling Connect Direct buffer overflow [CVE-2020-4767]
medium
4.0
-
-
-
164030
Shibboleth Identify Provider Login Flow denial of service [CVE-2020-27978]
low
4.3
-
-
-
164029
osCommerce Phoenix CE POST Parameter mail.php os command injection
medium
6.5
-
-
-
164028
osCommerce Phoenix CE define_language.php cross-site request forgery
low
4.0
-
-
-
164027
NeoPost Mail Accounting Software Pro FUS_SCM_BlockStart.php cross site scripting
low
4.0
-
-
-
164026
Grafana Query cross site scripting [CVE-2020-24303]
low
4.0
-
-
-
164025
Snap7 Server COTP Protocol denial of service [CVE-2020-22552]
low
2.3
-
-
-
164024
Winston API command injection [CVE-2020-16257]
medium
5.2
-
-
-
164023
Red Discord Bot Mod Module access control [CVE-2020-15278]
medium
6.5
-
-
-
164022
Pulse Connect Secure User Web Interface cross site scripting
low
4.0
-
-
-
164021
Pulse Connect Secure/Pulse Policy Secure User Web Interface cross site scripting
low
4.0
-
-
-
164020
Pulse Connect Secure/Pulse Policy Secure Cookie buffer overflow
medium
5.2
-
-
-
164019
Pulse Connect Secure Admin Web Interface unrestricted upload
medium
6.5
-
-
-
164018
Pulse Connect Secure Admin Web Interface input validation [CVE-2020-8255]
medium
6.5
-
-
-
164017
Pulse Secure Desktop Client Dynamic Certificate Trust path traversal
medium
7.5
-
-
-
164016
Pulse Secure Desktop Client access control [CVE-2020-8250]
medium
4.3
-
-
-
164015
Pulse Secure Desktop Client buffer overflow [CVE-2020-8249]
medium
4.3
-
-
-
164014
Pulse Secure Desktop Client access control [CVE-2020-8248]
medium
4.3
-
-
-
164013
Pulse Secure Desktop Client channel accessible [CVE-2020-8241]
medium
5.1
-
-
-
164012
Pulse Secure Desktop Client Embedded Browser unknown vulnerability
low
4.9
-
-
-
164011
Pulse Secure Desktop Client Registry Privileges access control
medium
5.2
-
-
-
164010
Mozilla Firefox EC Scalar Point Multiplication key management
low
1.4
-
-
-
164009
SonicWALL Global VPN Client Library uncontrolled search path
medium
6.0
-
-
-
164008
SonicWALL Global VPN Client untrusted search path [CVE-2020-5144]
medium
6.8
-
-
-
164007
Apple Music Application information disclosure [CVE-2020-9982]
low
1.7
-
-
-
164006
Apple tvOS Assets resource transfer [CVE-2020-9979]
medium
4.1
-
-
-
164005
Apple tvOS Web Contents memory corruption [CVE-2020-9932]
medium
7.5
-
-
-
164004
Apple iOS/iPadOS Web Contents memory corruption [CVE-2020-9932]
medium
7.5
-
-
-
164003
Apple Safari Web Contents memory corruption [CVE-2020-9932]
medium
7.5
-
-
-
164002
Apple Safari Javascript input validation [CVE-2020-9860]
medium
7.5
-
-
-
164001
Apple macOS Application access control [CVE-2020-9786]
medium
4.3
-
-
-
164000
Apple macOS Path Validation path traversal [CVE-2020-9782]
low
4.9
-
-
-
163999
Apple macOS Siri Suggestion access control [CVE-2020-9774]
low
2.7
-
-
-
163998
dat.gui RGB/RGBA incorrect regex [CVE-2020-7755]
low
5.0
-
-
-
163997
Apple macOS Image out-of-bounds read [CVE-2020-3880]
low
6.5
-
-
-
163996
Apple tvOS Image out-of-bounds read [CVE-2020-3880]
low
6.5
-
-
-
163995
Apple iOS/iPadOS Image out-of-bounds read [CVE-2020-3880]
low
6.5
-
-
-
163994
Apple watchOS Image out-of-bounds read [CVE-2020-3880]
low
6.5
-
-
-
163993
Apple macOS Application memory corruption [CVE-2020-3863]
medium
6.8
-
-
-
163992
MediaWiki RandomGameUnit Extension hard-coded credentials [CVE-2020-27957]
medium
3.3
-
-
-
163991
SourceCodester Car Rental Management System File Upload unrestricted upload
medium
6.0
-
-
-
163990
Texas Instruments CC2538 Zigbee Protocol zclParseInDiscCmdsRspCmd stack-based overflow
low
2.7
-
-
-
163989
Texas Instruments CC2538 Zigbee Protocol zclHandleExternal stack-based overflow
low
2.7
-
-
-
163988
Texas Instruments CC2538 Zigbee Protocol zclParseInWriteCmd stack-based overflow
low
2.7
-
-
-
163987
Ubiquiti UniFi Meshing Access Point UAP-AC-M Credential Cache state issue
low
4.0
-
-
-
163986
Wire AVS/Secure Messenger sdp.c sdp_media_set_lattr denial of service
low
5.0
-
-
-
163985
Western Digital My Cloud NAS AvailableApps.php privileges management
medium
6.0
-
-
-
163984
Western Digital My Cloud NAS DsdkProxy.php input validation
medium
6.0
-
-
-
163983
Western Digital My Cloud cgi_api.php access control
medium
6.5
-
-
-
163982
Western Digital My Cloud reg_device.php input validation
medium
6.0
-
-
-
163981
Greenmart Theme Search cross site scripting [CVE-2020-16140]
low
4.0
-
-
-
163980
Blueman D-Bus Interface argument injection [CVE-2020-15238]
medium
4.6
-
-
-
163979
Western Digital My Cloud buffer overflow [CVE-2020-12830]
medium
6.5
-
-
-
163978
Apple iOS/iPadOS SSH signature verification [CVE-2019-8901]
low
2.6
-
-
-
163977
Apple iTunes Storage Access API information disclosure [CVE-2019-8898]
low
5.0
-
-
-
163976
Apple Safari Storage Access API information disclosure [CVE-2019-8898]
low
5.0
-
-
-
163975
Apple tvOS Storage Access API information disclosure [CVE-2019-8898]
low
5.0
-
-
-
163974
Apple iOS/iPadOS Storage Access API information disclosure [CVE-2019-8898]
low
5.0
-
-
-
163973
Apple macOS State Management state issue [CVE-2019-8858]
low
2.6
-
-
-
163972
Apple iOS/iPadOS Live Photo information disclosure [CVE-2019-8857]
low
2.3
-
-
-
163971
Apple macOS API state issue [CVE-2019-8856]
low
4.3
-
-
-
163970
Apple watchOS API state issue [CVE-2019-8856]
low
4.3
-
-
-
163969
Apple iOS/iPadOS API state issue [CVE-2019-8856]
low
4.3
-
-
-
163968
Apple macOS Restrictions sandbox [CVE-2019-8855]
medium
4.3
-
-
-
163967
Apple tvOS MAC Address information disclosure [CVE-2019-8854]
low
1.8
-
-
-
163966
Apple watchOS MAC Address information disclosure [CVE-2019-8854]
low
1.8
-
-
-
163965
Apple macOS MAC Address information disclosure [CVE-2019-8854]
low
1.8
-
-
-
163964
Apple macOS Application memory corruption [CVE-2019-8852]
medium
6.8
-
-
-
163963
Apple macOS State Management improper authentication [CVE-2019-8851]
medium
4.6
-
-
-
163962
Apple watchOS Audio File out-of-bounds read [CVE-2019-8850]
low
5.0
-
-
-
163961
Apple tvOS Audio File out-of-bounds read [CVE-2019-8850]
low
5.0
-
-
-
163960
Apple iOS/iPadOS Audio File out-of-bounds read [CVE-2019-8850]
low
5.0
-
-
-
163959
Apple macOS Audio File out-of-bounds read [CVE-2019-8850]
low
5.0
-
-
-
163958
Apple iTunes Application access control [CVE-2019-8848]
medium
4.3
-
-
-
163957
Apple iOS/iPadOS Application access control [CVE-2019-8848]
medium
4.3
-
-
-
163956
Apple macOS Application access control [CVE-2019-8848]
medium
4.3
-
-
-
163955
Apple iCloud Application access control [CVE-2019-8848]
medium
4.3
-
-
-
163954
Apple watchOS Application access control [CVE-2019-8848]
medium
4.3
-
-
-
163953
Apple tvOS Application access control [CVE-2019-8848]
medium
4.3
-
-
-
163952
Apple macOS Application memory corruption [CVE-2019-8847]
medium
6.8
-
-
-
163951
Apple iTunes Web Contents use after free [CVE-2019-8846]
medium
7.5
-
-
-
163950
Apple Safari Web Contents use after free [CVE-2019-8846]
medium
7.5
-
-
-
163949
Apple iOS/iPadOS Web Contents use after free [CVE-2019-8846]
medium
7.5
-
-
-
163948
Apple iCloud Web Contents use after free [CVE-2019-8846]
medium
7.5
-
-
-
163947
Apple tvOS Web Contents use after free [CVE-2019-8846]
medium
7.5
-
-
-
163946
Apple iTunes Web Contents memory corruption [CVE-2019-8844]
medium
7.5
-
-
-
163945
Apple Safari Web Contents memory corruption [CVE-2019-8844]
medium
7.5
-
-
-
163944
Apple iOS/iPadOS Web Contents memory corruption [CVE-2019-8844]
medium
7.5
-
-
-
163943
Apple iCloud Web Contents memory corruption [CVE-2019-8844]
medium
7.5
-
-
-
163942
Apple watchOS Web Contents memory corruption [CVE-2019-8844]
medium
7.5
-
-
-
163941
Apple tvOS Web Contents memory corruption [CVE-2019-8844]
medium
7.5
-
-
-
163940
Apple macOS Print Job buffer overflow [CVE-2019-8842]
medium
7.5
-
-
-
163939
Apple iOS/iPadOS access control [CVE-2019-8841]
medium
6.8
-
-
-
163938
Apple Xcode out-of-bounds read [CVE-2019-8840]
low
5.1
-
-
-
163937
Apple macOS Privileges denial of service [CVE-2019-8839]
low
2.1
-
-
-
163936
Apple tvOS Application memory corruption [CVE-2019-8838]
medium
6.8
-
-
-
163935
Apple macOS Application memory corruption [CVE-2019-8838]
medium
6.8
-
-
-
163934
Apple watchOS Application memory corruption [CVE-2019-8838]
medium
6.8
-
-
-
163933
Apple iOS/iPadOS Application memory corruption [CVE-2019-8838]
medium
6.8
-
-
-
163932
Apple macOS access control [CVE-2019-8837]
medium
4.3
-
-
-
163931
Apple tvOS Application memory corruption [CVE-2019-8836]
medium
6.8
-
-
-
163930
Apple iOS/iPadOS Application memory corruption [CVE-2019-8836]
medium
6.8
-
-
-
163929
Apple watchOS Application memory corruption [CVE-2019-8836]
medium
6.8
-
-
-
163928
Apple iTunes Web Contents memory corruption [CVE-2019-8835]
medium
7.5
-
-
-
163927
Apple Safari Web Contents memory corruption [CVE-2019-8835]
medium
7.5
-
-
-
163926
Apple iOS/iPadOS Web Contents memory corruption [CVE-2019-8835]
medium
7.5
-
-
-
163925
Apple iCloud Web Contents memory corruption [CVE-2019-8835]
medium
7.5
-
-
-
163924
Apple tvOS Web Contents memory corruption [CVE-2019-8835]
medium
7.5
-
-
-
163923
Apple iTunes HSTS Preload access control [CVE-2019-8834]
medium
5.1
-
-
-
163922
Apple iOS/iPadOS HSTS Preload access control [CVE-2019-8834]
medium
5.1
-
-
-
163921
Apple macOS HSTS Preload access control [CVE-2019-8834]
medium
5.1
-
-
-
163920
Apple iCloud HSTS Preload access control [CVE-2019-8834]
medium
5.1
-
-
-
163919
Apple watchOS HSTS Preload access control [CVE-2019-8834]
medium
5.1
-
-
-
163918
Apple tvOS HSTS Preload access control [CVE-2019-8834]
medium
5.1
-
-
-
163917
Apple tvOS Application memory corruption [CVE-2019-8833]
medium
6.8
-
-
-
163916
Apple macOS Application memory corruption [CVE-2019-8833]
medium
6.8
-
-
-
163915
Apple watchOS Application memory corruption [CVE-2019-8833]
medium
6.8
-
-
-
163914
Apple iOS/iPadOS Application memory corruption [CVE-2019-8833]
medium
6.8
-
-
-
163913
Apple tvOS Application memory corruption [CVE-2019-8832]
medium
6.8
-
-
-
163912
Apple macOS Application memory corruption [CVE-2019-8832]
medium
6.8
-
-
-
163911
Apple watchOS Application memory corruption [CVE-2019-8832]
medium
6.8
-
-
-
163910
Apple iOS/iPadOS Application memory corruption [CVE-2019-8832]
medium
6.8
-
-
-
163909
Apple watchOS memory corruption [CVE-2019-8831]
medium
6.8
-
-
-
163908
Apple tvOS memory corruption [CVE-2019-8831]
medium
6.8
-
-
-
163907
Apple iOS/iPadOS memory corruption [CVE-2019-8831]
medium
6.8
-
-
-
163906
Apple macOS memory corruption [CVE-2019-8831]
medium
6.8
-
-
-
163905
Apple iOS/iPadOS FaceTime out-of-bounds read [CVE-2019-8830]
medium
7.5
-
-
-
163904
Apple macOS FaceTime out-of-bounds read [CVE-2019-8830]
medium
7.5
-
-
-
163903
Apple watchOS FaceTime out-of-bounds read [CVE-2019-8830]
medium
7.5
-
-
-
163902
Apple tvOS FaceTime out-of-bounds read [CVE-2019-8830]
medium
7.5
-
-
-
163901
Apple tvOS Application memory corruption [CVE-2019-8829]
medium
6.8
-
-
-
163900
Apple iOS/iPadOS Application memory corruption [CVE-2019-8829]
medium
6.8
-
-
-
163899
Apple watchOS Application memory corruption [CVE-2019-8829]
medium
6.8
-
-
-
163898
Apple macOS Application memory corruption [CVE-2019-8829]
medium
6.8
-
-
-
163897
Apple tvOS Application memory corruption [CVE-2019-8828]
medium
6.8
-
-
-
163896
Apple watchOS Application memory corruption [CVE-2019-8828]
medium
6.8
-
-
-
163895
Apple macOS Application memory corruption [CVE-2019-8828]
medium
6.8
-
-
-
163894
Apple iOS/iPadOS Application memory corruption [CVE-2019-8828]
medium
6.8
-
-
-
163893
Apple iOS/iPadOS WebKit information disclosure [CVE-2019-8827]
low
1.5
-
-
-
163892
Apple tvOS WebKit information disclosure [CVE-2019-8827]
low
1.5
-
-
-
163891
Apple iTunes WebKit information disclosure [CVE-2019-8827]
low
1.5
-
-
-
163890
Apple Safari WebKit information disclosure [CVE-2019-8827]
low
1.5
-
-
-
163889
Apple macOS State Management memory corruption [CVE-2019-8826]
medium
7.5
-
-
-
163888
Apple iTunes State Management memory corruption [CVE-2019-8825]
medium
6.5
-
-
-
163887
Apple iCloud State Management memory corruption [CVE-2019-8825]
medium
6.5
-
-
-
163886
Apple iOS State Management memory corruption [CVE-2019-8825]
medium
6.5
-
-
-
163885
Apple macOS State Management memory corruption [CVE-2019-8825]
medium
6.5
-
-
-
163884
Apple macOS State Management memory corruption [CVE-2019-8824]
medium
6.8
-
-
-
163883
Apple tvOS information disclosure [CVE-2019-8809]
low
1.7
-
-
-
163882
Apple watchOS information disclosure [CVE-2019-8809]
low
1.7
-
-
-
163881
Apple iOS/iPadOS information disclosure [CVE-2019-8809]
low
1.7
-
-
-
163880
Apple macOS information disclosure [CVE-2019-8809]
low
1.7
-
-
-
163879
Apple tvOS random values [CVE-2019-8799]
low
2.1
-
-
-
163878
Apple watchOS random values [CVE-2019-8799]
low
2.1
-
-
-
163877
Apple macOS random values [CVE-2019-8799]
low
2.1
-
-
-
163876
Apple iOS/iPadOS random values [CVE-2019-8799]
low
2.1
-
-
-
163875
Apple watchOS Airdrop access control [CVE-2019-8796]
medium
4.6
-
-
-
163874
Apple iOS/iPadOS Airdrop access control [CVE-2019-8796]
medium
4.6
-
-
-
163873
Apple macOS Airdrop access control [CVE-2019-8796]
medium
4.6
-
-
-
163872
Apple Swift File Descriptor information disclosure [CVE-2019-8790]
low
2.3
-
-
-
163871
Apple tvOS Kernel Memory information disclosure [CVE-2019-8780]
low
1.7
-
-
-
163870
Apple iOS/iPadOS Kernel Memory information disclosure [CVE-2019-8780]
low
1.7
-
-
-
163869
Apple macOS Address Book information disclosure [CVE-2019-8777]
low
2.1
-
-
-
163868
Appl macOS Application memory corruption [CVE-2019-8776]
medium
6.8
-
-
-
163867
Apple macOS iBooks File resource consumption [CVE-2019-8774]
low
5.0
-
-
-
163866
Apple iOS/iPadOS iBooks File resource consumption [CVE-2019-8774]
low
5.0
-
-
-
163865
Apple iTunes Web Contents memory corruption [CVE-2019-8773]
medium
7.5
-
-
-
163864
Apple watchOS Web Contents memory corruption [CVE-2019-8773]
medium
7.5
-
-
-
163863
Apple tvOS Web Contents memory corruption [CVE-2019-8773]
medium
7.5
-
-
-
163862
Apple iCloud Web Contents memory corruption [CVE-2019-8773]
medium
7.5
-
-
-
163861
Apple iOS/iPadOS Web Contents memory corruption [CVE-2019-8773]
medium
7.5
-
-
-
163860
Apple Safari Web Contents memory corruption [CVE-2019-8773]
medium
7.5
-
-
-
163859
Apple iOS iFrame Sandbox sandbox [CVE-2019-8771]
medium
7.5
-
-
-
163858
Apple Safari iFrame Sandbox sandbox [CVE-2019-8771]
medium
7.5
-
-
-
163857
Apple iTunes Web Contents cross site scripting [CVE-2019-8762]
low
5.0
-
-
-
163856
Apple watchOS Web Contents cross site scripting [CVE-2019-8762]
low
5.0
-
-
-
163855
Apple tvOS Web Contents cross site scripting [CVE-2019-8762]
low
5.0
-
-
-
163854
Apple iCloud Web Contents cross site scripting [CVE-2019-8762]
low
5.0
-
-
-
163853
Apple iOS/iPadOS Web Contents cross site scripting [CVE-2019-8762]
low
5.0
-
-
-
163852
Apple Safari Web Contents cross site scripting [CVE-2019-8762]
low
5.0
-
-
-
163846
Apple macOS iFrame unknown vulnerability [CVE-2019-8754]
low
5.0
-
-
-
163845
Apple tvOS Web Contents cross site scripting [CVE-2019-8753]
low
5.0
-
-
-
163844
Apple iOS Web Contents cross site scripting [CVE-2019-8753]
low
5.0
-
-
-
163843
Apple watchOS Web Contents cross site scripting [CVE-2019-8753]
low
5.0
-
-
-
163842
Apple macOS Web Contents cross site scripting [CVE-2019-8753]
low
5.0
-
-
-
163841
Apple iTunes Web Contents memory corruption [CVE-2019-8752]
medium
7.5
-
-
-
163840
Apple watchOS Web Contents memory corruption [CVE-2019-8752]
medium
7.5
-
-
-
163839
Apple tvOS Web Contents memory corruption [CVE-2019-8752]
medium
7.5
-
-
-
163838
Apple iCloud Web Contents memory corruption [CVE-2019-8752]
medium
7.5
-
-
-
163837
Apple iOS/iPadOS Web Contents memory corruption [CVE-2019-8752]
medium
7.5
-
-
-
163836
Apple Safari Web Contents memory corruption [CVE-2019-8752]
medium
7.5
-
-
-
163835
Apple iTunes Web Contents memory corruption [CVE-2019-8751]
medium
7.5
-
-
-
163834
Apple watchOS Web Contents memory corruption [CVE-2019-8751]
medium
7.5
-
-
-
163833
Apple tvOS Web Contents memory corruption [CVE-2019-8751]
medium
7.5
-
-
-
163832
Apple iCloud Web Contents memory corruption [CVE-2019-8751]
medium
7.5
-
-
-
163831
Apple iOS/iPadOS Web Contents memory corruption [CVE-2019-8751]
medium
7.5
-
-
-
163830
Apple Safari Web Contents memory corruption [CVE-2019-8751]
medium
7.5
-
-
-
163825
Apple iTunes Application out-of-bounds read [CVE-2019-8746]
low
3.5
-
-
-
163824
Apple watchOS Application out-of-bounds read [CVE-2019-8746]
low
3.5
-
-
-
163823
Apple tvOS Application out-of-bounds read [CVE-2019-8746]
low
3.5
-
-
-
163822
Apple iCloud Application out-of-bounds read [CVE-2019-8746]
low
3.5
-
-
-
163821
Apple iOS Application out-of-bounds read [CVE-2019-8746]
low
3.5
-
-
-
163820
Apple macOS Application out-of-bounds read [CVE-2019-8746]
low
3.5
-
-
-
163817
Apple tvOS Application memory corruption [CVE-2019-8740]
medium
4.3
-
-
-
163816
Apple watchOS Application memory corruption [CVE-2019-8740]
medium
4.3
-
-
-
163815
Apple iOS/iPadOS Application memory corruption [CVE-2019-8740]
medium
4.3
-
-
-
163814
Apple iTunes Web Contents memory corruption [CVE-2019-8734]
medium
7.5
-
-
-
163813
Apple watchOS Web Contents memory corruption [CVE-2019-8734]
medium
7.5
-
-
-
163812
Apple tvOS Web Contents memory corruption [CVE-2019-8734]
medium
7.5
-
-
-
163811
Apple Safari Web Contents memory corruption [CVE-2019-8734]
medium
7.5
-
-
-
163810
Apple iCloud Web Contents memory corruption [CVE-2019-8734]
medium
7.5
-
-
-
163809
Apple iOS Web Contents memory corruption [CVE-2019-8734]
medium
7.5
-
-
-
163808
Apple iOS Call information disclosure [CVE-2019-8732]
low
1.7
-
-
-
163807
Apple iTunes Web Contents memory corruption [CVE-2019-8728]
medium
7.5
-
-
-
163806
Apple tvOS Web Contents memory corruption [CVE-2019-8728]
medium
7.5
-
-
-
163805
Apple watchOS Web Contents memory corruption [CVE-2019-8728]
medium
7.5
-
-
-
163804
Apple Safari Web Contents memory corruption [CVE-2019-8728]
medium
7.5
-
-
-
163803
Apple iCloud Web Contents memory corruption [CVE-2019-8728]
medium
7.5
-
-
-
163802
Apple iOS Web Contents memory corruption [CVE-2019-8728]
medium
7.5
-
-
-
163801
Apple tvOS Application memory corruption [CVE-2019-8718]
medium
6.8
-
-
-
163800
Apple iOS Application memory corruption [CVE-2019-8718]
medium
6.8
-
-
-
163799
Apple watchOS Application memory corruption [CVE-2019-8718]
medium
6.8
-
-
-
163797
Apple tvOS Application memory corruption [CVE-2019-8712]
medium
6.8
-
-
-
163796
Apple iOS Application memory corruption [CVE-2019-8712]
medium
6.8
-
-
-
163795
Apple watchOS Application memory corruption [CVE-2019-8712]
medium
6.8
-
-
-
163794
Apple iOS Application memory corruption [CVE-2019-8709]
medium
6.8
-
-
-
163793
Apple watchOS Application memory corruption [CVE-2019-8709]
medium
6.8
-
-
-
163792
Apple tvOS Application memory corruption [CVE-2019-8709]
medium
6.8
-
-
-
163791
Apple macOS Application memory corruption [CVE-2019-8709]
medium
6.8
-
-
-
163786
Apple macOS buffer overflow [CVE-2019-8696]
medium
4.6
-
-
-
163785
Sierra macOS buffer overflow [CVE-2019-8675]
medium
5.2
-
-
-
163784
Apple watchOS Image denial of service [CVE-2019-8668]
low
5.0
-
-
-
163783
Apple tvOS Image denial of service [CVE-2019-8668]
low
5.0
-
-
-
163782
Apple iOS Image denial of service [CVE-2019-8668]
low
5.0
-
-
-
163781
Apple watchOS Message denial of service [CVE-2019-8664]
low
2.3
-
-
-
163780
Apple iOS Message denial of service [CVE-2019-8664]
low
2.3
-
-
-
163779
Apple macOS MIME inadequate encryption [CVE-2019-8645]
low
2.6
-
-
-
163778
Apple macOS SMIME Certificate certificate validation
medium
5.8
-
-
-
163777
Apple macOS sandbox [CVE-2019-8640]
medium
7.5
-
-
-
163776
Apple Safari Web Contents memory corruption [CVE-2019-8639]
medium
7.5
-
-
-
163775
Apple iTunes Web Contents memory corruption [CVE-2019-8639]
medium
7.5
-
-
-
163774
Apple iOS Web Contents memory corruption [CVE-2019-8639]
medium
7.5
-
-
-
163773
Apple iCloud Web Contents memory corruption [CVE-2019-8639]
medium
7.5
-
-
-
163772
Apple watchOS Web Contents memory corruption [CVE-2019-8639]
medium
7.5
-
-
-
163771
Apple Safari Web Contents memory corruption [CVE-2019-8638]
medium
7.5
-
-
-
163770
Apple iTunes Web Contents memory corruption [CVE-2019-8638]
medium
7.5
-
-
-
163769
Apple iOS Web Contents memory corruption [CVE-2019-8638]
medium
7.5
-
-
-
163768
Apple iCloud Web Contents memory corruption [CVE-2019-8638]
medium
7.5
-
-
-
163767
Apple watchOS Web Contents memory corruption [CVE-2019-8638]
medium
7.5
-
-
-
163766
Apple watchOS memory corruption [CVE-2019-8633]
low
1.7
-
-
-
163765
Apple tvOS memory corruption [CVE-2019-8633]
low
1.7
-
-
-
163764
Apple iOS memory corruption [CVE-2019-8633]
low
1.7
-
-
-
163763
Apple macOS memory corruption [CVE-2019-8633]
low
1.7
-
-
-
163762
Apple tvOS iMessage Conversation access control [CVE-2019-8631]
medium
6.4
-
-
-
163761
Apple iOS iMessage Conversation access control [CVE-2019-8631]
medium
6.4
-
-
-
163760
Apple macOS iMessage Conversation access control [CVE-2019-8631]
medium
6.4
-
-
-
163759
Apple iOS sandbox [CVE-2019-8618]
medium
7.5
-
-
-
163758
Apple macOS sandbox [CVE-2019-8618]
medium
7.5
-
-
-
163757
Apple watchOS sandbox [CVE-2019-8618]
medium
7.5
-
-
-
163750
Apple iOS Font File out-of-bounds read [CVE-2019-8582]
low
5.0
-
-
-
163749
Apple macOS Font File out-of-bounds read [CVE-2019-8582]
low
5.0
-
-
-
163748
Apple iTunes Font File out-of-bounds read [CVE-2019-8582]
low
5.0
-
-
-
163747
Apple tvOS Font File out-of-bounds read [CVE-2019-8582]
low
5.0
-
-
-
163746
Apple iCloud Font File out-of-bounds read [CVE-2019-8582]
low
5.0
-
-
-
163745
Apple macOS input validation [CVE-2019-8579]
medium
4.3
-
-
-
163744
Apple watchOS denial of service [CVE-2019-8573]
medium
6.3
-
-
-
163743
Apple iOS denial of service [CVE-2019-8573]
medium
6.3
-
-
-
163742
Apple macOS denial of service [CVE-2019-8573]
medium
6.3
-
-
-
163741
Apple tvOS User Information information disclosure [CVE-2019-8570]
low
5.0
-
-
-
163740
Apple Safari User Information information disclosure [CVE-2019-8570]
low
5.0
-
-
-
163739
Apple iTunes User Information information disclosure [CVE-2019-8570]
low
5.0
-
-
-
163738
Apple iCloud User Information information disclosure [CVE-2019-8570]
low
5.0
-
-
-
163737
Apple iOS User Information information disclosure [CVE-2019-8570]
low
5.0
-
-
-
163736
Apple macOS Driver unknown vulnerability [CVE-2019-8564]
low
4.9
-
-
-
163733
Apple macOS initialization [CVE-2019-8539]
medium
6.8
-
-
-
163732
Apple macOS VCF File denial of service [CVE-2019-8538]
low
5.0
-
-
-
163731
Apple watchOS VCF File denial of service [CVE-2019-8538]
low
5.0
-
-
-
163730
Apple macOS Application memory corruption [CVE-2019-8534]
medium
6.8
-
-
-
163729
Apple iOS Application permission [CVE-2019-8532]
medium
4.3
-
-
-
163728
Apple watchOS Application permission [CVE-2019-8532]
medium
4.3
-
-
-
163727
Apple iOS Server Certificate certificate validation [CVE-2019-8531]
medium
5.8
-
-
-
163726
Apple watchOS Server Certificate certificate validation [CVE-2019-8531]
medium
5.8
-
-
-
163725
Apple macOS Server Certificate certificate validation [CVE-2019-8531]
medium
5.8
-
-
-
163724
Apple macOS Application use after free [CVE-2019-8528]
medium
6.4
-
-
-
163723
Apple watchOS Application use after free [CVE-2019-8528]
medium
6.4
-
-
-
163722
Apple iOS Application use after free [CVE-2019-8528]
medium
6.4
-
-
-
163718
Apple macOS Validation symlink [CVE-2019-6238]
medium
4.3
-
-
-
163717
Apple tvOS memory allocation [CVE-2018-4474]
low
2.3
-
-
-
163716
Apple iTunes memory allocation [CVE-2018-4474]
low
2.3
-
-
-
163715
Apple Safari memory allocation [CVE-2018-4474]
low
2.3
-
-
-
163714
Apple watchOS memory allocation [CVE-2018-4474]
low
2.3
-
-
-
163713
Apple iCloud memory allocation [CVE-2018-4474]
low
2.3
-
-
-
163712
Apple iOS memory allocation [CVE-2018-4474]
low
2.3
-
-
-
163711
Apple macOS Application access control [CVE-2018-4468]
medium
4.3
-
-
-
163710
Apple macOS memory corruption [CVE-2018-4451]
medium
5.2
-
-
-
163709
Apple tvOS Memory Initialization memory corruption [CVE-2018-4448]
low
1.7
-
-
-
163708
Apple watchOS Memory Initialization memory corruption [CVE-2018-4448]
low
1.7
-
-
-
163707
Apple iOS Memory Initialization memory corruption [CVE-2018-4448]
low
1.7
-
-
-
163706
Apple macOS Memory Initialization memory corruption [CVE-2018-4448]
low
1.7
-
-
-
163705
Apple iTunes User Information information disclosure [CVE-2018-4444]
low
5.0
-
-
-
163704
Apple tvOS User Information information disclosure [CVE-2018-4444]
low
5.0
-
-
-
163703
Apple iOS User Information information disclosure [CVE-2018-4444]
low
5.0
-
-
-
163702
Apple Safarai User Information information disclosure [CVE-2018-4444]
low
5.0
-
-
-
163701
Apple tvOS Configuration access control [CVE-2018-4433]
medium
4.3
-
-
-
163700
Apple iOS Configuration access control [CVE-2018-4433]
medium
4.3
-
-
-
163699
Apple watchOS Configuration access control [CVE-2018-4433]
medium
4.3
-
-
-
163698
Apple macOS Configuration access control [CVE-2018-4433]
medium
4.3
-
-
-
163697
Apple iOS Lockscreen access control [CVE-2018-4428]
low
2.1
-
-
-
163692
Apple tvOS Message resource consumption [CVE-2018-4381]
low
3.5
-
-
-
163691
Apple iOS Message resource consumption [CVE-2018-4381]
low
3.5
-
-
-
163690
Apple iOS Entitlement information disclosure [CVE-2018-4339]
low
1.7
-
-
-
163689
Apple macOS DiskArbitration permission [CVE-2018-4296]
medium
5.2
-
-
-
163688
NetApp Clustered Data ONTAP Intercluster LIF denial of service
low
5.0
-
-
-
163687
npm-user-validate Email Validator incorrect regex [CVE-2020-7754]
medium
5.0
-
-
-
163686
Check Point ZoneAlarm Anti-Ransomware untrusted search path [CVE-2020-6023]
medium
4.3
-
-
-
163685
Check Point ZoneAlarm Anti-Ransomware permission [CVE-2020-6022]
medium
3.2
-
-
-
163684
Victor CMS category.php sql injection
medium
5.0
-
-
-
163683
IObit Malware Fighter Privileges uncontrolled search path [CVE-2020-23864]
medium
6.8
-
-
-
163682
Micro Focus Operation Bridge Manager/Operation Bridge Privileges access control
medium
6.8
-
-
-
163681
Micro Focus Operation bridge Manager improper authentication
high
10.0
-
-
-
163680
1Password command-line tool/SCIM Bridge prng seed [CVE-2020-10256]
low
2.6
-
-
-
163679
Pulse Secure Desktop Save information disclosure [CVE-2020-8956]
low
2.3
-
-
-
163678
trim Package Regular Expression incorrect regex
low
2.3
-
-
-
163677
konzept-ix publiXone RemoteFunctions Endpoint access control
medium
6.5
-
-
-
163676
konzept-ix publiXone appletError.jsp cross site scripting
low
4.0
-
-
-
163675
konzept-ix publiXone Configuration File CipherUtils.java hard-coded key
low
2.3
-
-
-
163674
konzept-ix publiXone file access [CVE-2020-27180]
low
2.7
-
-
-
163673
konzept-ix publiXone User Account password recovery [CVE-2020-27179]
low
4.9
-
-
-
163672
Pulse Connect Secure/Pulse Policy Secure XML External Entity server-side request forgery
medium
6.5
-
-
-
163671
pam_tacplus libtac RAND_pseudo_bytes random values
low
2.3
-
-
-
163670
Ruckus vRioT API validate_token.py improper authorization
medium
5.8
-
-
-
163669
Ruckus API Endpoint createUser command injection
medium
6.5
-
-
-
163668
Facebook Hermes Javascript Interpreter out-of-bounds read [CVE-2020-1915]
low
2.7
-
-
-
163667
OpenRC checkpath symlink [CVE-2018-21269]
medium
4.3
-
-
-
163666
Motion-Project Motion HTTP Request webu.c denial of service
low
4.3
-
-
-
163665
Octopus Deploy HTTP Host Header redirect [CVE-2020-26161]
low
4.9
-
-
-
163664
FireEye eMPS sort_by sql injection
medium
6.5
-
-
-
163663
Wiki.js Search Result cross site scripting [CVE-2020-15274]
low
4.0
-
-
-
163662
git-tag-annotation-action Environment Variable os command injection
medium
6.5
-
-
-
163661
lookatme terminal/file_loader terminal.py os command injection
medium
5.2
-
-
-
163660
opentmpfiles symlink [CVE-2017-18925]
medium
4.3
-
-
-
163659
systeminformation Curl os command injection [CVE-2020-7752]
medium
5.2
-
-
-
163658
HPE StoreServ Management Console improper authentication [CVE-2020-7197]
medium
7.5
-
-
-
163657
HPE BlueData EPIC Software Platform Kerberos Password information disclosure
low
3.5
-
-
-
163656
Aruba AirWave Software Remote Code Execution [CVE-2020-7127]
medium
6.8
-
-
-
163655
Aruba AirWave server-side request forgery [CVE-2020-7126]
medium
6.5
-
-
-
163654
Aruba AirWave Privileges insufficient privileges [CVE-2020-7125]
medium
6.0
-
-
-
163653
Aruba AirWave access control [CVE-2020-7124]
medium
6.5
-
-
-
163652
ZTE eVDC Verification cross site scripting [CVE-2020-6876]
low
4.0
-
-
-
163651
KDE Partition Manager fstab kpmcore_externalcommand access control
medium
6.8
-
-
-
163650
AntSword View Site cross site scripting [CVE-2020-25470]
low
4.0
-
-
-
163649
Aruba AirWave command injection [CVE-2020-24632]
medium
6.0
-
-
-
163648
Aruba AirWave command injection [CVE-2020-24631]
medium
6.0
-
-
-
163647
AntSword System Command cross site scripting [CVE-2020-18766]
medium
6.0
-
-
-
163646
Arista EOS IS-IS Router Remote Privilege Escalation [CVE-2020-15897]
medium
6.0
-
-
-
163645
Arista CloudVision eXchange Server ControllerOob Agent denial of service
low
3.5
-
-
-
163644
pathval Package resource consumption [CVE-2020-7751]
low
2.3
-
-
-
163643
illumos pam_framework.c parse_user_name buffer overflow
medium
4.9
-
-
-
163642
YOURLS Admin Panel PHP Plugin cross site scripting [CVE-2020-27388]
low
2.3
-
-
-
163641
Google Chrome Printing use after free [CVE-2020-16003]
medium
7.5
-
-
-
163640
Google Chrome Freetype heap-based overflow [CVE-2020-15999]
medium
7.5
-
-
-
163639
Google Chrome PDFium use after free [CVE-2020-16002]
medium
7.5
-
-
-
163638
Google Chrome Media use after free [CVE-2020-16001]
medium
7.5
-
-
-
163637
Google Chrome Blink out-of-bounds write [CVE-2020-16000]
medium
7.5
-
-
-
163636
NVIDIA GeForce Experience ShadowPlay access control [CVE-2020-5990]
medium
4.3
-
-
-
163635
NVIDIA GeForce Experience nvcontainer.exe access control
medium
4.3
-
-
-
163634
NVIDIA GeForce Experience Web Helper NodeJS Web Server uncontrolled search path
medium
4.3
-
-
-
163633
UCMS fopen access control
medium
4.9
-
-
-
163632
FruityWifi sudo access control [CVE-2020-24848]
high
6.8
-
-
-
163631
FruityWifi page_config_adv.php cross-site request forgery
low
5.0
-
-
-
163630
VMware Horizon Client Local Privilege information disclosure
low
1.7
-
-
-
163629
VMware Horizon Server Scripting cross site scripting [CVE-2020-3997]
low
2.3
-
-
-
163628
CRMEB downloadimage Interface server-side request forgery [CVE-2020-25466]
medium
6.0
-
-
-
163627
Eclipse Jetty temp file [CVE-2020-27216]
low
4.3
-
-
-
163626
CryptoPro CSP Process Creation denial of service [CVE-2020-9361]
low
1.7
-
-
-
163625
CryptoPro CSP Process Creation access control [CVE-2020-9331]
low
4.3
-
-
-
163624
FRITZ!Box Protection Mechanism dns rebinding [CVE-2020-26887]
medium
4.9
-
-
-
163623
Belkin LINKSYS WRT160NL mini_httpd create_dir buffer overflow
low
4.9
-
-
-
163622
VeriFone MX900 File Manager command injection [CVE-2019-14719]
medium
4.9
-
-
-
163621
VeriFone MX900 Permission svc_netcontrol access control
medium
4.9
-
-
-
163620
VeriFone Verix OS System Call buffer overflow [CVE-2019-14717]
medium
4.9
-
-
-
163619
VeriFone VerixV Shell access control [CVE-2019-14716]
low
3.7
-
-
-
163618
VeriFone Pinpad Payment Terminal SBI Bootloader memory corruption
medium
6.2
-
-
-
163617
VeriFone MX900 Installation insufficient verification of data authenticity
medium
4.9
-
-
-
163616
VeriFone VerixV S1G File unknown vulnerability [CVE-2019-14712]
medium
4.9
-
-
-
163615
VeriFone MX900 race condition [CVE-2019-14711]
medium
4.9
-
-
-
163614
Comtrend AR-5387un cross site scripting [CVE-2018-8062]
low
3.5
-
-
-
163613
Apple watchOS information disclosure [CVE-2020-9997]
low
2.3
-
-
-
163612
Apple macOS information disclosure [CVE-2020-9997]
low
2.3
-
-
-
163611
Apple watchOS path traversal [CVE-2020-9994]
low
4.9
-
-
-
163610
Apple tvOS path traversal [CVE-2020-9994]
low
4.9
-
-
-
163609
Apple macOS path traversal [CVE-2020-9994]
low
4.9
-
-
-
163608
Apple iOS/iPadOS path traversal [CVE-2020-9994]
low
4.9
-
-
-
163607
Apple macOS Application race condition [CVE-2020-9990]
medium
7.4
-
-
-
163606
Apple macOS Home Folder access control [CVE-2020-9986]
low
2.3
-
-
-
163605
Apple watchOS USD File buffer overflow [CVE-2020-9985]
medium
7.5
-
-
-
163604
Apple macOS USD File buffer overflow [CVE-2020-9985]
medium
7.5
-
-
-
163603
Apple iOS/iPadOS USD File buffer overflow [CVE-2020-9985]
medium
7.5
-
-
-
163602
Apple iCloud Image out-of-bounds read [CVE-2020-9984]
medium
7.5
-
-
-
163601
Apple iTunes Image out-of-bounds read [CVE-2020-9984]
medium
7.5
-
-
-
163600
Apple watchOS Image out-of-bounds read [CVE-2020-9984]
medium
7.5
-
-
-
163599
Apple tvOS Image out-of-bounds read [CVE-2020-9984]
medium
7.5
-
-
-
163598
Apple macOS Image out-of-bounds read [CVE-2020-9984]
medium
7.5
-
-
-
163597
Apple iOS/iPadOS Image out-of-bounds read [CVE-2020-9984]
medium
7.5
-
-
-
163596
Apple watchOS Font File out-of-bounds write [CVE-2020-9980]
medium
7.5
-
-
-
163595
Apple tvOS Font File out-of-bounds write [CVE-2020-9980]
medium
7.5
-
-
-
163594
Apple macOS Font File out-of-bounds write [CVE-2020-9980]
medium
7.5
-
-
-
163593
Apple iOS/iPadOS Font File out-of-bounds write [CVE-2020-9980]
medium
7.5
-
-
-
163592
Apple tvOS USD File buffer overflow [CVE-2020-9940]
medium
7.5
-
-
-
163591
Apple macOS USD File buffer overflow [CVE-2020-9940]
medium
7.5
-
-
-
163590
Apple iOS/iPadOS USD File buffer overflow [CVE-2020-9940]
medium
7.5
-
-
-
163589
Apple macOS Extension access control [CVE-2020-9939]
low
4.3
-
-
-
163588
Apple macOS State Management privileges assignment [CVE-2020-9935]
medium
5.2
-
-
-
163587
Apple macOS Kernel Memory memory corruption [CVE-2020-9929]
low
4.3
-
-
-
163586
Apple macOS Application memory corruption [CVE-2020-9928]
medium
7.4
-
-
-
163585
Apple macOS Application memory corruption [CVE-2020-9927]
medium
7.4
-
-
-
163584
Apple macOS State Management denial of service [CVE-2020-9924]
low
3.5
-
-
-
163583
Apple macOS Application memory corruption [CVE-2020-9921]
low
4.9
-
-
-
163582
Apple watchOS Mail Server denial of service [CVE-2020-9920]
low
6.4
-
-
-
163581
Apple macOS Mail Server denial of service [CVE-2020-9920]
low
6.4
-
-
-
163580
Apple iOS/iPadOS Mail Server denial of service [CVE-2020-9920]
low
6.4
-
-
-
163579
Apple macOS Kernel Memory out-of-bounds read [CVE-2020-9908]
low
4.3
-
-
-
163578
Apple watchOS Kernel Memory memory corruption [CVE-2020-9906]
medium
6.0
-
-
-
163577
Apple macOS Kernel Memory memory corruption [CVE-2020-9906]
medium
6.0
-
-
-
163576
Apple iOS/iPadOS Kernel Memory memory corruption [CVE-2020-9906]
medium
6.0
-
-
-
163575
Apple tvOS buffer overflow [CVE-2020-9905]
low
3.5
-
-
-
163574
Apple macOS buffer overflow [CVE-2020-9905]
low
3.5
-
-
-
163573
Apple iOS/iPadOS buffer overflow [CVE-2020-9905]
low
3.5
-
-
-
163572
Apple watchOS Application memory corruption [CVE-2020-9904]
medium
7.4
-
-
-
163571
Apple tvOS Application memory corruption [CVE-2020-9904]
medium
7.4
-
-
-
163570
Apple macOS Application memory corruption [CVE-2020-9904]
medium
7.4
-
-
-
163569
Apple iOS/iPadOS Application memory corruption [CVE-2020-9904]
medium
7.4
-
-
-
163568
Apple watchOS Kernel Memory out-of-bounds read [CVE-2020-9902]
low
2.3
-
-
-
163567
Apple tvOS Kernel Memory out-of-bounds read [CVE-2020-9902]
low
2.3
-
-
-
163566
Apple macOS Kernel Memory out-of-bounds read [CVE-2020-9902]
low
2.3
-
-
-
163565
Apple iOS/iPadOS Kernel Memory out-of-bounds read [CVE-2020-9902]
low
2.3
-
-
-
163564
Apple tvOS Path Validation symlink [CVE-2020-9901]
low
4.3
-
-
-
163563
Apple macOS Path Validation symlink [CVE-2020-9901]
low
4.3
-
-
-
163562
Apple iOS/iPadOS Path Validation symlink [CVE-2020-9901]
low
4.3
-
-
-
163561
Apple watchOS Path Validation symlink [CVE-2020-9900]
low
4.3
-
-
-
163560
Apple tvOS Path Validation symlink [CVE-2020-9900]
low
4.3
-
-
-
163559
Apple macOS Path Validation symlink [CVE-2020-9900]
low
4.3
-
-
-
163558
Apple iOS/iPadOS Path Validation symlink [CVE-2020-9900]
low
4.3
-
-
-
163557
Apple macOS Application memory corruption [CVE-2020-9899]
medium
7.4
-
-
-
163556
Apple macOS Restrictions sandbox [CVE-2020-9898]
medium
4.9
-
-
-
163555
Apple iOS/iPadOS Restrictions sandbox [CVE-2020-9898]
medium
4.9
-
-
-
163554
Apple watchOS Application memory corruption [CVE-2020-9892]
medium
7.4
-
-
-
163553
Apple tvOS Application memory corruption [CVE-2020-9892]
medium
7.4
-
-
-
163552
Apple macOS Application memory corruption [CVE-2020-9892]
medium
7.4
-
-
-
163551
Apple iOS/iPadOS Application memory corruption [CVE-2020-9892]
medium
7.4
-
-
-
163550
Apple macOS JPEG Image memory corruption [CVE-2020-9887]
medium
7.5
-
-
-
163549
Apple iCloud Image buffer overflow [CVE-2020-9883]
medium
7.5
-
-
-
163548
Apple iTunes Image buffer overflow [CVE-2020-9883]
medium
7.5
-
-
-
163547
Apple watchOS Image buffer overflow [CVE-2020-9883]
medium
7.5
-
-
-
163546
Apple tvOS Image buffer overflow [CVE-2020-9883]
medium
7.5
-
-
-
163545
Apple macOS Image buffer overflow [CVE-2020-9883]
medium
7.5
-
-
-
163544
Apple iOS/iPadOS Image buffer overflow [CVE-2020-9883]
medium
7.5
-
-
-
163543
Apple watchOS USD File buffer overflow [CVE-2020-9882]
low
4.9
-
-
-
163542
Apple macOS USD File buffer overflow [CVE-2020-9882]
low
4.9
-
-
-
163541
Apple iOS/iPadOS USD File buffer overflow [CVE-2020-9882]
low
4.9
-
-
-
163540
Apple watchOS USD File buffer overflow [CVE-2020-9881]
low
4.9
-
-
-
163539
Apple macOS USD File buffer overflow [CVE-2020-9881]
low
4.9
-
-
-
163538
Apple iOS/iPadOS USD File buffer overflow [CVE-2020-9881]
low
4.9
-
-
-
163537
Apple watchOS USD File buffer overflow [CVE-2020-9880]
low
4.9
-
-
-
163536
Apple tvOS USD File buffer overflow [CVE-2020-9880]
low
4.9
-
-
-
163535
Apple macOS USD File buffer overflow [CVE-2020-9880]
low
4.9
-
-
-
163534
Apple iOS/iPadOS USD File buffer overflow [CVE-2020-9880]
low
4.9
-
-
-
163533
Apple macOS Application memory corruption [CVE-2020-9869]
low
3.5
-
-
-
163532
Apple watchOS Certificate Validation certificate validation [CVE-2020-9868]
low
2.3
-
-
-
163531
Apple tvOS Certificate Validation certificate validation [CVE-2020-9868]
low
2.3
-
-
-
163530
Apple macOS Certificate Validation certificate validation [CVE-2020-9868]
low
2.3
-
-
-
163529
Apple iOS/iPadOS Certificate Validation certificate validation
low
2.3
-
-
-
163528
Apple watchOS uninitialized pointer [CVE-2020-9863]
medium
7.4
-
-
-
163527
Apple tvOS uninitialized pointer [CVE-2020-9863]
medium
7.4
-
-
-
163526
Apple macOS uninitialized pointer [CVE-2020-9863]
medium
7.4
-
-
-
163525
Apple iOS/iPadOS uninitialized pointer [CVE-2020-9863]
medium
7.4
-
-
-
163524
Apple tvOS Application unknown vulnerability [CVE-2020-9854]
low
4.9
-
-
-
163523
Apple macOS Application unknown vulnerability [CVE-2020-9854]
low
4.9
-
-
-
163522
Apple iOS/iPadOS Application unknown vulnerability [CVE-2020-9854]
low
4.9
-
-
-
163521
Apple macOS Kernel Memory memory corruption [CVE-2020-9853]
low
2.3
-
-
-
163520
Apple macOS Restrictions improper authentication [CVE-2020-9810]
low
4.6
-
-
-
163519
Apple macOS Application race condition [CVE-2020-9796]
medium
7.4
-
-
-
163518
Apple watchOS Restrictions denial of service [CVE-2020-9787]
low
2.3
-
-
-
163517
Apple tvOS Restrictions denial of service [CVE-2020-9787]
low
2.3
-
-
-
163516
Apple macOS Restrictions denial of service [CVE-2020-9787]
low
2.3
-
-
-
163515
Apple iOS/iPadOS Restrictions denial of service [CVE-2020-9787]
low
2.3
-
-
-
163514
Apple macOS Kernel Memory out-of-bounds read [CVE-2020-9779]
low
4.3
-
-
-
163513
Vmware Velero Volume information disclosure [CVE-2020-3996]
low
2.3
-
-
-
163512
Apple watchOS User Information sandbox [CVE-2020-3918]
low
1.7
-
-
-
163511
Apple tvOS User Information sandbox [CVE-2020-3918]
low
1.7
-
-
-
163510
Apple macOS User Information sandbox [CVE-2020-3918]
low
1.7
-
-
-
163509
Apple iOS/iPadOS User Information sandbox [CVE-2020-3918]
low
1.7
-
-
-
163508
Apple macOS Application unknown vulnerability [CVE-2020-3915]
low
4.9
-
-
-
163507
Apple macOS Application memory corruption [CVE-2020-3898]
low
4.9
-
-
-
163506
Linux Kernel events_base.c use after free
low
4.9
-
-
-
163505
Xen TLB Entry memory corruption [CVE-2020-27674]
medium
7.4
-
-
-
163504
Linux Kernel dom0 Event denial of service [CVE-2020-27673]
medium
5.2
-
-
-
163503
Xen Superpage use after free [CVE-2020-27672]
low
4.9
-
-
-
163502
Xen IOMMU TLB Flush denial of service [CVE-2020-27671]
low
2.3
-
-
-
163501
Xen AMD IOMMU Page-Table Entry denial of service [CVE-2020-27670]
low
2.3
-
-
-
163500
Strapi WYSIWYG Editor Preview cross site scripting [CVE-2020-27666]
low
2.3
-
-
-
163499
Strapi content-type-builder Route hasPermissions permission
medium
4.9
-
-
-
163498
Strapi index.js unknown vulnerability [CVE-2020-27664]
low
4.9
-
-
-
163497
LeviStudioU Parameter xml external entity reference [CVE-2020-25186]
medium
4.9
-
-
-
163496
Eyoucms login.php cross-site request forgery
low
3.3
-
-
-
163495
Tiki Admin Password tiki-login.php improper authentication
medium
5.8
-
-
-
163494
parse-server Session Token operation after expiration [CVE-2020-15270]
low
4.0
-
-
-
163493
GitLab Runner Runner Configuration unknown vulnerability [CVE-2020-13327]
low
4.9
-
-
-
163492
Micro Focus Manager Remote Privilege Escalation [CVE-2020-11853]
medium
6.0
-
-
-
163491
fabric8-maven-plugin wildfly-swarm/Thorntail Custom Configuration deserialization
medium
4.3
-
-
-
163490
Mozilla Network Security Services Certificate Sequence denial of service
low
3.5
-
-
-
163489
Mozilla Network Security Services buffer overflow [CVE-2019-17006]
low
4.9
-
-
-
163488
Microchip CryptoAuthentication Library CryptoAuthLib buffer overflow
low
4.9
-
-
-
163487
Microchip CryptoAuthentication Library CryptoAuthLib buffer overflow
low
4.9
-
-
-
163486
Atmel Advanced Software Framework integer overflow [CVE-2019-16127]
medium
4.9
-
-
-
163485
Mozilla Network Security Services Signature denial of service
low
4.0
-
-
-
163484
Elasticsearch Field Level Security permission [CVE-2020-7020]
medium
4.9
-
-
-
163483
Biscom Secure File Transfer insufficiently protected credentials
low
2.3
-
-
-
163482
ImageMagick layer.c OptimizeLayerFrames divide by zero
low
2.3
-
-
-
163481
DedeCMS cross site scripting [CVE-2020-27533]
low
2.3
-
-
-
163480
Hashicorp Nomad/Nomad Enterprise sandbox [CVE-2020-27195]
medium
4.9
-
-
-
163479
Octopus Deploy Websocket Endpoint unknown vulnerability [CVE-2020-27155]
low
4.9
-
-
-
163478
AtomXCMS dump.php path traversal
low
2.3
-
-
-
163477
AtomXCMS dump.php access control
medium
4.9
-
-
-
163476
fs.com S3900 24T4S access control [CVE-2020-24033]
medium
6.0
-
-
-
163475
Adobe Animate FLA File out-of-bounds read [CVE-2020-9750]
medium
7.5
-
-
-
163474
Adobe Animate FLA File out-of-bounds read [CVE-2020-9749]
low
5.0
-
-
-
163473
Adobe Animate FLA File stack-based overflow [CVE-2020-9748]
medium
7.5
-
-
-
163472
Adobe Animate FLA File double free [CVE-2020-9747]
medium
7.5
-
-
-
163471
Cisco ASA Web-based Management Interface cross site scripting
low
5.0
-
-
-
163470
Cisco ASA/Firepower Threat Defense TLS Connection information exposure
low
5.0
-
-
-
163469
Cisco ASA/Firepower Threat Defense Web Services Interface cross site scripting
low
5.0
-
-
-
163468
Cisco ASA/Firepower Threat Defense Web Services Interface cross site scripting
low
5.0
-
-
-
163467
Cisco ASA/Firepower Threat Defense Web Services Interface cross site scripting
low
5.0
-
-
-
163466
Cisco ASA/Firepower Threat Defense Web Services Interface cross site scripting
low
5.0
-
-
-
163465
Cisco ASA/Firepower Threat Defense Web Services Interface authorization
low
5.0
-
-
-
163464
Cisco Firepower Threat Defense denial of service [CVE-2020-3577]
medium
6.1
-
-
-
163463
Cisco ASA/Firepower Threat Defense TLS Connection resource consumption
medium
7.8
-
-
-
163462
Cisco Firepower Threat Defense ICMPv6 Packet resource consumption
medium
7.8
-
-
-
163461
Cisco Firepower Threat Defense TCP Interception access control
medium
5.0
-
-
-
163460
Cisco ASA/Firepower Threat Defense FTP Inspection Engine access control
low
5.0
-
-
-
163459
Cisco Firepower Threat Defense TCP Packet denial of service [CVE-2020-3563]
medium
7.8
-
-
-
163458
Cisco Firepower Threat Defense TLS inspection memory corruption
medium
7.8
-
-
-
163457
Cisco ASA/Firepower Threat Defense Clientless SSL VPN crlf injection
medium
5.0
-
-
-
163456
Cisco FirePOWER Management Center Web-based Management Interface redirect
medium
7.5
-
-
-
163455
Cisco FirePOWER Management Center API Daemon certificate validation
low
5.0
-
-
-
163454
Cisco ASA/Firepower Threat Defense SIP Inspection denial of service
medium
5.4
-
-
-
163453
Cisco ASA/Firepower Threat Defense TCP Packet resource consumption
medium
7.8
-
-
-
163452
Cisco FirePOWER Management Center Web-based Management Interface cross site scripting
low
3.3
-
-
-
163451
Cisco FirePOWER Management Center sfmgr Daemon path traversal
medium
6.5
-
-
-
163450
Cisco FirePOWER Management Center sftunnel inadequate encryption
low
2.6
-
-
-
163449
Cisco Firepower Threat Defense SNMP resource consumption [CVE-2020-3533]
high
7.8
-
-
-
163448
Cisco ASA/Firepower Threat Defense SSL VPN Negotiation resource consumption
high
7.8
-
-
-
163447
Cisco ASA/Firepower Threat Defense OSPFv2 Packet denial of service
high
7.8
-
-
-
163446
Cisco FirePOWER Management Center Web-based Management Interface cross site scripting
low
3.3
-
-
-
163445
Cisco Firepower Threat Defense Multi-Instance sandbox [CVE-2020-3514]
medium
6.5
-
-
-
163444
Cisco FirePOWER Management Center Licensing Service resource management
medium
7.8
-
-
-
163443
Cisco FXOS CLI os command injection [CVE-2020-3459]
medium
6.5
-
-
-
163442
Cisco ASA/Firepower Threat Defense Secure Boot protection mechanism
medium
6.5
-
-
-
163441
Cisco FXOS CLI os command injection [CVE-2020-3457]
medium
6.5
-
-
-
163440
Cisco FXOS Firepower Chassis Manager cross-site request forgery
low
5.0
-
-
-
163439
Cisco FXOS Secure Boot protection mechanism [CVE-2020-3455]
medium
6.5
-
-
-
163438
Cisco ASA/Firepower Threat Defense Web Services Interface unrestricted upload
low
5.0
-
-
-
163437
Cisco FirePOWER Management Center Common Access Card Authentication improper authentication
low
5.1
-
-
-
163436
Cisco ASA/Firepower Threat Defense IP Fragment Reassembly resource consumption
low
5.0
-
-
-
163435
Cisco Firepower Threat Defense CLI backdoor [CVE-2020-3352]
medium
4.3
-
-
-
163434
Cisco ASA/Firepower Threat Defense SSL Inspection denial of service
low
5.0
-
-
-
163433
Cisco ASA/Firepower Threat Defense HTTP Request resource consumption
low
5.0
-
-
-
163432
Cisco Integrated Services Router Snort Detection Engine protection mechanism
medium
5.0
-
-
-
163431
BigBlueButton Greenlight Merge Account admins.js cross site scripting
low
2.3
-
-
-
163430
fastd receive.c denial of service
low
4.9
-
-
-
163429
FileImporter Extension unknown vulnerability [CVE-2020-27621]
low
4.9
-
-
-
163428
Cosmos Skin rawElement cross site scripting
low
4.0
-
-
-
163427
Python HTTP multibytecodec_support.py eval unknown vulnerability
low
4.9
-
-
-
163426
Loginizer SQL Injection lz_valid_ip sql injection
low
4.9
-
-
-
163425
cm-download-manager cross site scripting [CVE-2020-27344]
low
6.4
-
-
-
163424
Adobe Dreamweaver uncontrolled search path [CVE-2020-24425]
high
6.8
-
-
-
163423
Adobe Premiere Pro uncontrolled search path [CVE-2020-24424]
medium
7.5
-
-
-
163422
Adobe Media Encoder uncontrolled search path [CVE-2020-24423]
medium
4.6
-
-
-
163421
Adobe Creative Cloud Desktop Application uncontrolled search path
medium
7.5
-
-
-
163420
Adobe InDesign indd File memory corruption [CVE-2020-24421]
medium
7.5
-
-
-
163419
Adobe Photoshop uncontrolled search path [CVE-2020-24420]
medium
7.5
-
-
-
163418
Adobe After Effects uncontrolled search path [CVE-2020-24419]
medium
7.5
-
-
-
163417
Adobe After Effects aepx File out-of-bounds read
low
4.3
-
-
-
163416
WSO2 API Manager publisher cross site scripting [CVE-2020-17454]
low
4.0
-
-
-
163415
Ghisler Total Commander Access Restriction TOTALCMD64.EXE access control
medium
6.5
-
-
-
163414
Arista EOS DHCP Packet denial of service [CVE-2020-17355]
low
3.5
-
-
-
163413
TensorFlow Large Value tf.image.crop_and_resize memory corruption
low
4.3
-
-
-
163412
TensorFlow Dimensions tf.quantization.quantize_and_dequantize out-of-bounds read
low
2.6
-
-
-
163411
magento-lts Gem Product Attribute injection [CVE-2020-15244]
medium
6.5
-
-
-
163410
omniauth-auth0 Gem JWT Token Signature Validation jwt_validator.verify improper authentication
medium
7.5
-
-
-
163409
Apache Hadoop Web Endpoint Authentication improper authentication
medium
6.5
-
-
-
163408
scratch-svg-renderer SVG _transformMeasurements cross site scripting
medium
5.0
-
-
-
163407
Fortinet FortiOS Command Line Interface information disclosure
low
2.7
-
-
-
163406
Simple Download Monitor URL sql injection [CVE-2020-5651]
medium
6.0
-
-
-
163405
Simple Download Monitor Scripting cross site scripting [CVE-2020-5650]
medium
6.0
-
-
-
163404
BigBlueButton FreeSWITCH hard-coded key [CVE-2020-27613]
low
4.1
-
-
-
163403
BigBlueButton Username information disclosure [CVE-2020-27612]
low
5.0
-
-
-
163402
BigBlueButton STUN/TURN risky encryption [CVE-2020-27611]
medium
6.0
-
-
-
163401
BigBlueButton Firewall Configuration access control [CVE-2020-27610]
medium
6.5
-
-
-
163400
BigBlueButton Interface information disclosure [CVE-2020-27609]
low
2.6
-
-
-
163399
BigBlueButton Content-Type Header cross site scripting [CVE-2020-27608]
low
2.3
-
-
-
163398
BigBlueButton Mute information disclosure [CVE-2020-27607]
low
2.6
-
-
-
163397
BigBlueButton Session Cookie missing secure attribute [CVE-2020-27606]
low
2.6
-
-
-
163396
BigBlueButton Ghostscript sandbox [CVE-2020-27605]
medium
7.5
-
-
-
163395
BigBlueButton LibreOffice Sandbox bigbluebutton.properties sandbox
medium
3.5
-
-
-
163394
BigBlueButton LibreOffice Document unknown vulnerability [CVE-2020-27603]
low
4.9
-
-
-
163393
BigBlueButton Office Document server-side request forgery [CVE-2020-25820]
medium
6.0
-
-
-
163392
Acronis True Image ACL permission assignment
high
9.0
-
-
-
163391
Acronis True Image OpenSSL openssl.cnf access control
high
9.0
-
-
-
163390
Acronis Cyber Backup/Cyber Protect OpenSSL openssl.cnf access control
high
9.0
-
-
-
163389
Mozilla Firefox External Protocol memory corruption [CVE-2020-15684]
medium
7.5
-
-
-
163388
Mozilla Firefox External Protocol improper restriction of rendered ui layers
medium
7.5
-
-
-
163387
Mozilla Firefox WASM Thread denial of service [CVE-2020-15681]
low
5.0
-
-
-
163386
Mozilla Firefox Image Tag information disclosure [CVE-2020-15680]
low
5.0
-
-
-
163385
Mozilla Firefox Crossbeam Rust Crate from_iter memory corruption
medium
7.5
-
-
-
163384
Mozilla Firefox usersctp use after free [CVE-2020-15969]
medium
7.5
-
-
-
163383
Mozilla Firefox/Firefox ESR memory corruption [CVE-2020-15683]
medium
7.5
-
-
-
163382
Mozilla Firefox ESR usersctp use after free [CVE-2020-15969]
medium
7.5
-
-
-
163381
Oracle VM VirtualBox denial of service [CVE-2020-14892]
medium
4.6
-
-
-
163380
Oracle VM VirtualBox information disclosure [CVE-2020-14889]
medium
4.3
-
-
-
163379
Oracle VM VirtualBox information disclosure [CVE-2020-14886]
medium
4.3
-
-
-
163378
Oracle VM VirtualBox information disclosure [CVE-2020-14885]
medium
4.3
-
-
-
163377
Oracle VM VirtualBox information disclosure [CVE-2020-14884]
medium
4.3
-
-
-
163376
Oracle VM VirtualBox information disclosure [CVE-2020-14881]
medium
4.3
-
-
-
163375
Oracle VM VirtualBox Local Privilege Escalation [CVE-2020-14872]
medium
6.5
-
-
-
163374
Oracle Utilities Framework Common information disclosure [CVE-2020-9488]
low
2.6
-
-
-
163373
Oracle Utilities Framework System Wide unknown vulnerability
medium
5.5
-
-
-
163372
Oracle Utilities Framework General information disclosure [CVE-2020-1945]
medium
5.5
-
-
-
163371
Oracle Utilities Framework General xml external entity reference
high
10.0
-
-
-
163370
Oracle Utilities Framework Common deserialization [CVE-2019-10173]
high
10.0
-
-
-
163369
Oracle Solaris Kernel unknown vulnerability [CVE-2020-14759]
low
1.0
-
-
-
163368
Oracle Solaris Utility unknown vulnerability [CVE-2020-14818]
low
2.1
-
-
-
163367
Oracle Solaris Filesystem denial of service [CVE-2020-14754]
medium
4.6
-
-
-
163366
Oracle Solaris Kernel unknown vulnerability [CVE-2020-14758]
medium
5.2
-
-
-
163365
Oracle Fujitsu M12-1/Fujitsu M12-2/Fujitsu M12-2S XCP Firmware information disclosure
medium
3.8
-
-
-
163364
Oracle Fujitsu M10-1 XCP Firmware denial of service [CVE-2019-11477]
medium
7.8
-
-
-
163363
Oracle ZFS Storage Appliance Kit Operating System Image buffer overflow
high
10.0
-
-
-
163362
Oracle Solaris Pluggable authentication module parse_user_name stack-based overflow
high
10.0
-
-
-
163361
Oracle Agile Product Lifecycle Management for Process Supplier Portal cross site scripting
medium
6.4
-
-
-
163360
Oracle Transportation Management Install deserialization [CVE-2020-9484]
medium
6.0
-
-
-
163359
Oracle Agile PLM Security xml external entity reference [CVE-2020-10683]
high
10.0
-
-
-
163358
Oracle Agile PLM Folders/Files / Attachments input validation
high
10.0
-
-
-
163357
Oracle Siebel UI Framework UIF Open UI cross site scripting [CVE-2020-11022]
medium
6.4
-
-
-
163356
Oracle Siebel Apps - Marketing Mktg/Campaign Mgmt denial of service
medium
7.8
-
-
-
163355
Oracle Siebel Apps - Marketing Mktg/Email Mktg Stand-Alone access control
high
10.0
-
-
-
163354
Oracle Retail Customer Management and Segmentation Foundation Segment information disclosure
low
2.1
-
-
-
163353
Oracle Retail Customer Management and Segmentation Foundation Promotions information disclosure
low
2.1
-
-
-
163352
Oracle Retail Predictive Application Server RPAS Fusion Client information disclosure
low
2.6
-
-
-
163351
Oracle Retail Order Broker Store Connect information disclosure
low
2.6
-
-
-
163350
Oracle Retail Integration Bus RIB Kernal information disclosure
low
2.6
-
-
-
163349
Oracle Retail Bulk Data Integration BDI Job Scheduler information disclosure
low
2.6
-
-
-
163348
Oracle Retail Assortment Planning Application Core information disclosure
low
2.6
-
-
-
163347
Oracle Retail Advanced Inventory Planning AIP Dashboard information disclosure
low
2.6
-
-
-
163346
Oracle Retail Order Broker Store Connect information disclosure
medium
4.6
-
-
-
163345
Oracle Retail Returns Management Security cross site scripting
medium
6.4
-
-
-
163344
Oracle Retail Point-of-Service Mobile POS cross site scripting
medium
6.4
-
-
-
163343
Oracle Retail Customer Management and Segmentation Foundation Segments cross site scripting
medium
6.4
-
-
-
163342
Oracle Retail Central Office Security cross site scripting [CVE-2020-11022]
medium
6.4
-
-
-
163341
Oracle Retail Back Office Security cross site scripting [CVE-2020-11022]
medium
6.4
-
-
-
163340
Oracle Retail Xstore Point of Service Xenvironment information disclosure
medium
7.8
-
-
-
163339
Oracle Retail Service Backbone RSB kernel information disclosure
medium
7.8
-
-
-
163338
Oracle Retail Predictive Application Server RPAS Server information disclosure
medium
7.8
-
-
-
163337
Oracle Retail Integration Bus RIB Kernal information disclosure
medium
7.8
-
-
-
163336
Oracle Retail Assortment Planning Application Core information disclosure
medium
7.8
-
-
-
163335
Oracle Retail Order Broker Order Broker Foundation injection
medium
10.0
-
-
-
163334
Oracle Retail Returns Management Security information disclosure
medium
9.4
-
-
-
163333
Oracle Retail Point-of-Service Security information disclosure
medium
9.4
-
-
-
163332
Oracle Retail Integration Bus RIB Kernal information disclosure
medium
9.4
-
-
-
163331
Oracle Retail Central Office Security information disclosure
medium
9.4
-
-
-
163330
Oracle Retail Back Office Security information disclosure [CVE-2020-1945]
medium
9.4
-
-
-
163329
Oracle Retail Service Backbone RSB kernel deserialization [CVE-2020-9546]
high
10.0
-
-
-
163328
Oracle Retail Price Management Security xml external entity reference
high
10.0
-
-
-
163327
Oracle Retail Order Broker System Administration xml external entity reference
high
10.0
-
-
-
163326
Oracle Policy Automation for Mobile Devices information disclosure
low
2.6
-
-
-
163325
Oracle Policy Automation Connector for Siebel information disclosure
low
2.6
-
-
-
163324
Oracle Policy Automation information disclosure [CVE-2020-9488]
low
2.6
-
-
-
163323
Oracle Policy Automation for Mobile Devices cross site scripting
medium
6.4
-
-
-
163322
Oracle Policy Automation Connector for Siebel cross site scripting
medium
6.4
-
-
-
163321
Oracle Policy Automation cross site scripting [CVE-2020-11022]
medium
6.4
-
-
-
163320
Oracle PeopleSoft Enterprise PeopleTools Query information disclosure
low
3.3
-
-
-
163319
Oracle PeopleSoft Enterprise PeopleTools Updates Environment Mgmt information disclosure
low
2.6
-
-
-
163318
Oracle PeopleSoft Enterprise PeopleTools Tools Admin API information disclosure
low
2.6
-
-
-
163317
Oracle PeopleSoft Enterprise PeopleTools Query information disclosure
medium
5.0
-
-
-
163316
Oracle PeopleSoft Enterprise PeopleTools Elastic Search information disclosure
medium
4.6
-
-
-
163315
Oracle PeopleSoft Enterprise PeopleTools Portal/Charting cross site scripting
medium
6.4
-
-
-
163314
Oracle PeopleSoft Enterprise PeopleTools PIA Grids unknown vulnerability
medium
6.4
-
-
-
163313
Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology cross site scripting
medium
6.4
-
-
-
163312
Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology unknown vulnerability
medium
6.4
-
-
-
163311
Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology unknown vulnerability
medium
6.4
-
-
-
163310
Oracle PeopleSoft Enterprise PeopleTools Integration Broker unknown vulnerability
medium
6.4
-
-
-
163309
Oracle PeopleSoft Enterprise HCM Global Payroll Core Security Remote Privilege Escalation
medium
6.5
-
-
-
163308
Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology information disclosure
medium
7.8
-
-
-
163307
Oracle PeopleSoft Enterprise SCM eSupplier Connection unknown vulnerability
medium
8.5
-
-
-
163306
Oracle PeopleSoft Enterprise PeopleTools Weblogic out-of-bounds read
high
10.0
-
-
-
163305
Oracle MySQL Server LDAP Auth denial of service [CVE-2020-14771]
low
1.7
-
-
-
163304
Oracle MySQL Server InnoDB denial of service [CVE-2020-14791]
low
1.7
-
-
-
163303
Oracle MySQL Server Roles unknown vulnerability [CVE-2020-14860]
low
3.3
-
-
-
163302
Oracle MySQL Server Privileges information disclosure [CVE-2020-14838]
medium
4.0
-
-
-
163301
Oracle MySQL Server Logging denial of service [CVE-2020-14873]
medium
4.6
-
-
-
163300
Oracle MySQL Server DDL denial of service [CVE-2020-14867]
medium
4.6
-
-
-
163299
Oracle MySQL Cluster NDBCluster Plugin unknown vulnerability
medium
5.5
-
-
-
163298
Oracle MySQL Server X Plugin denial of service [CVE-2020-14870]
medium
6.1
-
-
-
163297
Oracle MySQL Server Stored Procedure denial of service [CVE-2020-14672]
medium
6.1
-
-
-
163296
Oracle MySQL Server LDAP Auth denial of service [CVE-2020-14869]
medium
6.1
-
-
-
163295
Oracle MySQL Server Encryption denial of service [CVE-2020-14799]
medium
6.1
-
-
-
163294
Oracle MySQL Server PS denial of service [CVE-2020-14844]
medium
6.1
-
-
-
163293
Oracle MySQL Server PS denial of service [CVE-2020-14790]
medium
6.1
-
-
-
163292
Oracle MySQL Server PS denial of service [CVE-2020-14786]
medium
6.1
-
-
-
163291
Oracle MySQL Server Optimizer denial of service [CVE-2020-14893]
medium
6.1
-
-
-
163290
Oracle MySQL Server Optimizer denial of service [CVE-2020-14891]
medium
6.1
-
-
-
163289
Oracle MySQL Server Optimizer denial of service [CVE-2020-14888]
medium
6.1
-
-
-
163288
Oracle MySQL Server Optimizer denial of service [CVE-2020-14868]
medium
6.1
-
-
-
163287
Oracle MySQL Server Optimizer denial of service [CVE-2020-14866]
medium
6.1
-
-
-
163286
Oracle MySQL Server Optimizer denial of service [CVE-2020-14861]
medium
6.1
-
-
-
163285
Oracle MySQL Server Optimizer denial of service [CVE-2020-14845]
medium
6.1
-
-
-
163284
Oracle MySQL Server Optimizer denial of service [CVE-2020-14839]
medium
6.1
-
-
-
163283
Oracle MySQL Server Optimizer denial of service [CVE-2020-14837]
medium
6.1
-
-
-
163282
Oracle MySQL Server Optimizer denial of service [CVE-2020-14809]
medium
6.1
-
-
-
163281
Oracle MySQL Server Optimizer denial of service [CVE-2020-14794]
medium
6.1
-
-
-
163280
Oracle MySQL Server Optimizer denial of service [CVE-2020-14793]
medium
6.1
-
-
-
163279
Oracle MySQL Server Optimizer denial of service [CVE-2020-14785]
medium
6.1
-
-
-
163278
Oracle MySQL Server Optimizer denial of service [CVE-2020-14777]
medium
6.1
-
-
-
163277
Oracle MySQL Server Optimizer denial of service [CVE-2020-14773]
medium
6.1
-
-
-
163276
Oracle MySQL Server Locking denial of service [CVE-2020-14812]
medium
6.1
-
-
-
163275
Oracle MySQL Server FTS denial of service [CVE-2020-14804]
medium
6.1
-
-
-
163274
Oracle MySQL Server FTS denial of service [CVE-2020-14789]
medium
6.1
-
-
-
163273
Oracle MySQL Server DML denial of service [CVE-2020-14814]
medium
6.1
-
-
-
163272
Oracle MySQL Server Charsets denial of service [CVE-2020-14852]
medium
6.1
-
-
-
163271
Oracle MySQL Server InnoDB denial of service [CVE-2020-14848]
medium
6.1
-
-
-
163270
Oracle MySQL Server InnoDB denial of service [CVE-2020-14829]
medium
6.1
-
-
-
163269
Oracle MySQL Server InnoDB denial of service [CVE-2020-14821]
medium
6.1
-
-
-
163268
Oracle MySQL Server InnoDB denial of service [CVE-2020-14776]
medium
6.1
-
-
-
163267
Oracle MySQL Workbench denial of service [CVE-2020-1730]
medium
5.0
-
-
-
163266
Oracle MySQL Server Optimizer unknown vulnerability [CVE-2020-14760]
medium
6.8
-
-
-
163265
Oracle MySQL Server LDAP Auth information disclosure [CVE-2020-14827]
medium
6.8
-
-
-
163264
Oracle MySQL Server Encryption denial of service [CVE-2020-14800]
medium
6.8
-
-
-
163263
Oracle MySQL Server Optimizer denial of service [CVE-2020-14846]
medium
6.8
-
-
-
163262
Oracle MySQL Server Optimizer denial of service [CVE-2020-14836]
medium
6.8
-
-
-
163261
Oracle MySQL Server Optimizer denial of service [CVE-2020-14830]
medium
6.8
-
-
-
163260
Oracle MySQL Server Optimizer denial of service [CVE-2020-14769]
medium
6.8
-
-
-
163259
Oracle MySQL Server FTS denial of service [CVE-2020-14765]
medium
6.8
-
-
-
163258
Oracle MySQL Server InnoDB denial of service [CVE-2020-14775]
medium
6.8
-
-
-
163257
Oracle MySQL Server DML Remote Privilege Escalation [CVE-2020-14828]
medium
8.3
-
-
-
163256
Oracle MySQL Workbench Workbench: Encryption denial of service
medium
7.8
-
-
-
163255
Oracle MySQL Enterprise Monitor Monitoring: General denial of service
medium
7.8
-
-
-
163254
Oracle MySQL Server LDAP Auth unknown vulnerability [CVE-2020-14878]
medium
7.7
-
-
-
163253
Oracle MySQL Cluster JS module memory corruption [CVE-2020-8174]
high
10.0
-
-
-
163252
Oracle Java SE Libraries unknown vulnerability [CVE-2020-14798]
low
2.6
-
-
-
163251
Oracle Java SE Libraries information disclosure [CVE-2020-14796]
low
2.6
-
-
-
163250
Oracle Java SE Serialization denial of service [CVE-2020-14779]
low
2.6
-
-
-
163249
Oracle Java SE Libraries unknown vulnerability [CVE-2020-14797]
low
2.6
-
-
-
163248
Oracle Java SE Libraries unknown vulnerability [CVE-2020-14782]
low
2.6
-
-
-
163247
Oracle Java SE JNDI information disclosure [CVE-2020-14781]
low
2.6
-
-
-
163246
Oracle Java SE Hotspot unknown vulnerability [CVE-2020-14792]
medium
4.0
-
-
-
163245
Oracle Java SE Libraries information disclosure [CVE-2020-14803]
medium
5.0
-
-
-
163244
Oracle Insurance Rules Palette Architecture information disclosure
low
2.6
-
-
-
163243
Oracle Insurance Policy Administration J2EE Architecture information disclosure
low
2.6
-
-
-
163242
Oracle Insurance Insbridge Rating and Underwriting Framework Administrator IBFA information disclosure
low
2.6
-
-
-
163241
Oracle Insurance Insbridge Rating and Underwriting Framework Administrator IBFA cross site scripting
medium
6.4
-
-
-
163240
Oracle Insurance Policy Administration J2EE Admin Console code download
medium
7.6
-
-
-
163239
Oracle Insurance Policy Administration J2EE Architecture deserialization
high
10.0
-
-
-
163238
Oracle Hyperion BI+ IQR-Foundation service information disclosure
low
1.7
-
-
-
163237
Oracle Hyperion Planning Application Development Framework unknown vulnerability
medium
4.6
-
-
-
163236
Oracle Hyperion Lifecycle Management Shared Services unknown vulnerability
medium
4.6
-
-
-
163235
Oracle Hyperion Lifecycle Management Shared Services unknown vulnerability
medium
4.6
-
-
-
163234
Oracle Hyperion BI+ IQR-Foundation service information disclosure
medium
4.6
-
-
-
163233
Oracle Hyperion Analytic Provider Services Smart View Provider unknown vulnerability
medium
4.0
-
-
-
163232
Oracle Hyperion Essbase Security/Provisioning information disclosure
medium
3.8
-
-
-
163231
Oracle Hyperion Infrastructure Technology UI/Visualization unknown vulnerability
medium
7.7
-
-
-
163230
Oracle Hyperion Essbase Security/Provisioning buffer overflow
high
10.0
-
-
-
163229
Oracle Hospitality Suite8 WebConnect unknown vulnerability [CVE-2020-14810]
medium
6.4
-
-
-
163228
Oracle Hospitality OPERA 5 Property Services Logging unknown vulnerability
medium
7.7
-
-
-
163227
Oracle Hospitality OPERA 5 Property Services Logging Remote Privilege Escalation
medium
8.3
-
-
-
163226
Oracle Hospitality Guest Access Base deserialization [CVE-2020-9484]
medium
6.0
-
-
-
163225
Oracle Hospitality Suite8 WebConnect unknown vulnerability [CVE-2020-14807]
medium
8.5
-
-
-
163224
Oracle Hospitality Guest Access Base operation after expiration
high
9.7
-
-
-
163223
Oracle Healthcare Foundation Admin Console cross site scripting
medium
6.4
-
-
-
163222
Oracle Healthcare Data Repository Database Module Remote Code Execution
high
10.0
-
-
-
163221
Oracle Health Sciences Empirica Signal User Interface xml external entity reference
high
10.0
-
-
-
163220
Oracle Healthcare Foundation Self Service Analytics input validation
high
10.0
-
-
-
163219
Oracle GraalVM Enterprise Edition Java information disclosure
medium
5.0
-
-
-
163218
Oracle WebLogic Server information disclosure [CVE-2020-9488]
low
2.6
-
-
-
163217
Oracle Outside In Technology Installation unknown vulnerability
medium
4.6
-
-
-
163216
Oracle Business Process Management Suite Document Service denial of service
medium
4.9
-
-
-
163215
Oracle WebLogic Server Console cross site scripting [CVE-2020-11022]
medium
6.4
-
-
-
163214
Oracle WebCenter Portal Blogs/Wikis cross site scripting [CVE-2020-9281]
medium
6.4
-
-
-
163213
Oracle JDeveloper ADF Faces cross site scripting [CVE-2020-11022]
medium
6.4
-
-
-
163212
Oracle Business Process Management Suite Runtime Engine unknown vulnerability
medium
6.4
-
-
-
163211
Oracle Business Process Management Suite Runtime Engine cross site scripting
medium
6.4
-
-
-
163210
Oracle BI Publisher BI Publisher Security cross site scripting
medium
6.4
-
-
-
163209
Oracle Business Process Management Suite Runtime Engine information disclosure
medium
5.5
-
-
-
163208
Oracle Outside In Technology Installation use after free [CVE-2020-15389]
medium
6.1
-
-
-
163207
Oracle WebLogic Server Web Services unknown vulnerability [CVE-2020-14757]
medium
7.1
-
-
-
163206
Oracle Managed File Transfer MFT Runtime Server deserialization
medium
6.0
-
-
-
163205
Oracle Business Intelligence Enterprise Edition Analytics Web Administration unknown vulnerability
medium
7.5
-
-
-
163204
Oracle Business Intelligence Enterprise Edition Analytics Actions Remote Code Execution
medium
7.5
-
-
-
163203
Oracle BI Publisher BI Publisher Security unknown vulnerability
medium
8.5
-
-
-
163202
Oracle WebLogic Server Console Remote Privilege Escalation [CVE-2020-14883]
medium
8.3
-
-
-
163201
Oracle HTTP Server null pointer dereference [CVE-2019-10097]
medium
8.3
-
-
-
163200
Oracle WebLogic Server information disclosure [CVE-2020-14820]
medium
7.8
-
-
-
163199
Oracle HTTP Server SSL Module denial of service [CVE-2020-1967]
medium
7.8
-
-
-
163198
Oracle Business Intelligence Enterprise Edition Installation information disclosure
medium
7.8
-
-
-
163197
Oracle Management Pack for GoldenGate Monitor denial of service
medium
6.8
-
-
-
163196
Oracle Data Integrator Jave APIs data processing [CVE-2016-2510]
medium
7.6
-
-
-
163195
Oracle Business Intelligence Enterprise Edition Analytics Actions unknown vulnerability
medium
8.5
-
-
-
163194
Oracle BI Publisher Mobile Service unknown vulnerability [CVE-2020-14784]
medium
8.5
-
-
-
163193
Oracle BI Publisher BI Publisher Security unknown vulnerability
medium
8.5
-
-
-
163192
Oracle BI Publisher E-Business Suite - XDO unknown vulnerability
medium
7.5
-
-
-
163191
Oracle BI Publisher E-Business Suite - XDO unknown vulnerability
medium
7.5
-
-
-
163190
Oracle WebLogic Server Remote Code Execution [CVE-2020-14859]
high
10.0
-
-
-
163189
Oracle WebLogic Server Remote Code Execution [CVE-2020-14825]
high
10.0
-
-
-
163188
Oracle WebLogic Server Remote Code Execution [CVE-2020-14841]
high
10.0
-
-
-
163187
Oracle WebLogic Server Console Remote Code Execution [CVE-2020-14882]
high
10.0
-
-
-
163186
Oracle WebLogic Server Centralized Thirdparty Jars deserialization
high
10.0
-
-
-
163185
Oracle WebCenter Portal Security Framework deserialization [CVE-2019-10173]
high
10.0
-
-
-
163184
Oracle WebCenter Portal Security Framework Remote Code Execution
high
10.0
-
-
-
163183
Oracle WebCenter Portal Portlet Services xml external entity reference
high
10.0
-
-
-
163182
Oracle HTTP Server Web Listener buffer overflow [CVE-2019-5482]
high
10.0
-
-
-
163181
Oracle GoldenGate Application Adapters Security Service out-of-bounds read
high
10.0
-
-
-
163180
Oracle GoldenGate Application Adapters Build Request deserialization
high
10.0
-
-
-
163179
Oracle GoldenGate Application Adapters deserialization [CVE-2018-8088]
high
10.0
-
-
-
163178
Oracle Enterprise Repository Security Subsystem - 12c Remote Code Execution
high
10.0
-
-
-
163177
Oracle Endeca Information Discovery Studio Endeca Server deserialization
high
10.0
-
-
-
163176
Oracle Endeca Information Discovery Integrator Integrator ETL xml external entity reference
high
10.0
-
-
-
163175
Oracle Data Integrator Install/config/upgrade input validation
high
10.0
-
-
-
163174
Oracle Access Manager Web Server Plugin out-of-bounds read [CVE-2018-11058]
high
10.0
-
-
-
163173
Oracle Identity Manager Connector General/Misc deserialization
high
10.0
-
-
-
163172
Oracle Hospitality RES 3700 CAL information disclosure [CVE-2020-14783]
medium
5.0
-
-
-
163171
Oracle Hospitality Reporting and Analytics Installation information disclosure
medium
4.6
-
-
-
163170
Oracle Hospitality Simphony Simphony Apps cross site scripting
medium
6.4
-
-
-
163169
Oracle Hospitality Materials Control Mobile Authorization cross site scripting
medium
6.4
-
-
-
ID
Title
VulDB
CVSS
Secunia
XForce
Nessus
163168
Oracle FLEXCUBE Private Banking information disclosure [CVE-2020-9488]
low
2.6
-
-
-
163167
Oracle FLEXCUBE Core Banking information disclosure [CVE-2020-9488]
low
2.6
-
-
-
163166
Oracle Financial Services Retail Customer Analytics User Interface information disclosure
low
2.6
-
-
-
163165
Oracle Financial Services Price Creation and Discovery User Interface information disclosure
low
2.6
-
-
-
163164
Oracle Financial Services Market Risk Measurement and Management Infrastructure information disclosure
low
2.6
-
-
-
163163
Oracle Financial Services Institutional Performance Analytics User Interface information disclosure
low
2.6
-
-
-
163162
Oracle Financial Services Analytical Applications Infrastructure information disclosure
low
2.6
-
-
-
163161
Oracle FLEXCUBE Core Banking information disclosure [CVE-2019-10247]
medium
5.0
-
-
-
163160
Oracle FLEXCUBE Private Banking denial of service [CVE-2020-1951]
medium
4.9
-
-
-
163159
Oracle Insurance Data Foundation Infrastructure cross site scripting
medium
6.4
-
-
-
163158
Oracle Insurance Allocation Manager for Enterprise Profitability User Interface cross site scripting
medium
6.4
-
-
-
163157
Oracle Insurance Accounting Analyzer IFRS17 cross site scripting
medium
6.4
-
-
-
163156
Oracle FLEXCUBE Private Banking cross site scripting [CVE-2020-1941]
medium
6.4
-
-
-
163155
Oracle Financial Services Regulatory Reporting for US Federal Reserve User Interface cross site scripting
medium
6.4
-
-
-
163154
Oracle Financial Services Regulatory Reporting for European Banking Authority User Interface cross site scripting
medium
6.4
-
-
-
163153
Oracle Financial Services Profitability Management User Interface cross site scripting
medium
6.4
-
-
-
163152
Oracle Financial Services Price Creation and Discovery User Interface cross site scripting
medium
6.4
-
-
-
163151
Oracle Financial Services Market Risk Measurement and Management Infrastructure cross site scripting
medium
6.4
-
-
-
163150
Oracle Financial Services Loan Loss Forecasting and Provisioning User Interface cross site scripting
medium
6.4
-
-
-
163149
Oracle Financial Services Liquidity Risk Measurement and Management User Interface cross site scripting
medium
6.4
-
-
-
163148
Oracle Financial Services Liquidity Risk Management User Interface cross site scripting
medium
6.4
-
-
-
163147
Oracle Financial Services Institutional Performance Analytics User Interface cross site scripting
medium
6.4
-
-
-
163146
Oracle Financial Services Hedge Management and IFRS Valuations User Interface cross site scripting
medium
6.4
-
-
-
163145
Oracle Financial Services Funds Transfer Pricing User Interface cross site scripting
medium
6.4
-
-
-
163144
Oracle Financial Services Data Integration Hub User Interface cross site scripting
medium
6.4
-
-
-
163143
Oracle Financial Services Data Governance for US Regulatory Reporting User Interface cross site scripting
medium
6.4
-
-
-
163142
Oracle Financial Services Data Foundation Infrastructure cross site scripting
medium
6.4
-
-
-
163141
Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach User Interface cross site scripting
medium
6.4
-
-
-
163140
Oracle Financial Services Basel Regulatory Capital Basic User Interface cross site scripting
medium
6.4
-
-
-
163139
Oracle Financial Services Balance Sheet Planning User Interface cross site scripting
medium
6.4
-
-
-
163138
Oracle Financial Services Asset Liability Management User Interface cross site scripting
medium
6.4
-
-
-
163137
Oracle Financial Services Analytical Applications Reconciliation Framework User Interface cross site scripting
medium
6.4
-
-
-
163136
Oracle Financial Services Analytical Applications Infrastructure cross site scripting
medium
6.4
-
-
-
163135
Oracle Banking Digital Experience Framework cross site scripting
medium
6.4
-
-
-
163134
Oracle FLEXCUBE Universal Banking Infrastructure information disclosure
medium
6.8
-
-
-
163133
Oracle FLEXCUBE Direct Banking Pre Login information disclosure
medium
7.8
-
-
-
163132
Oracle FLEXCUBE Direct Banking Pre Login information disclosure
medium
7.8
-
-
-
163131
Oracle Banking Payments information disclosure [CVE-2020-14896]
medium
6.8
-
-
-
163130
Oracle Banking Corporate Lending information disclosure [CVE-2020-14894]
medium
6.8
-
-
-
163129
Oracle FLEXCUBE Private Banking code download [CVE-2020-5398]
medium
7.6
-
-
-
163128
Oracle Financial Services Regulatory Reporting with AgileREPORTER code download
medium
7.6
-
-
-
163127
Oracle Banking Digital Experience Framework deserialization [CVE-2020-14195]
medium
7.6
-
-
-
163126
Oracle Financial Services Analytical Applications Infrastructure denial of service
medium
7.8
-
-
-
163125
Oracle FLEXCUBE Private Banking deserialization [CVE-2020-11973]
high
10.0
-
-
-
163124
Oracle Financial Services Retail Customer Analytics User Interface deserialization
high
10.0
-
-
-
163123
Oracle Financial Services Regulatory Reporting with AgileREPORTER deserialization
high
10.0
-
-
-
163122
Oracle Financial Services Price Creation and Discovery User Interface deserialization
high
10.0
-
-
-
163121
Oracle Financial Services Institutional Performance Analytics User Interface deserialization
high
10.0
-
-
-
163120
Oracle Financial Services Analytical Applications Infrastructure deserialization
high
10.0
-
-
-
163119
Oracle Financial Services Analytical Applications Infrastructure xml external entity reference
high
10.0
-
-
-
163118
Oracle Banking Platform Collections deserialization [CVE-2019-10173]
high
10.0
-
-
-
163117
Oracle Banking Platform Collections xml external entity reference
high
10.0
-
-
-
163116
Oracle Banking Platform Collections cross site scripting [CVE-2019-17495]
high
10.0
-
-
-
163115
Oracle Enterprise Manager for Peoplesoft PSEM Plugin information disclosure
low
2.6
-
-
-
163114
Oracle Enterprise Manager Base Platform Connector Framework information disclosure
medium
4.6
-
-
-
163113
Oracle Enterprise Manager Ops Center Reports in Ops Center cross site scripting
medium
6.4
-
-
-
163112
Oracle Enterprise Manager Base Platform Event Management unknown vulnerability
medium
5.5
-
-
-
163111
Oracle Application Performance Management (APM) Comp Management/Life Cycle Management information disclosure
medium
7.8
-
-
-
163110
Oracle Application Testing Suite Load Testing for Web Apps code download
medium
7.6
-
-
-
163109
Oracle Enterprise Manager for Storage Management Privilege Management denial of service
medium
7.8
-
-
-
163108
Oracle Enterprise Manager Base Platform Connector Framework code download
medium
7.6
-
-
-
163107
Oracle Application Testing Suite Load Testing for Web Apps operation after expiration
high
9.7
-
-
-
163106
Oracle Application Testing Suite Load Testing for Web Apps out-of-bounds read
high
10.0
-
-
-
163105
Oracle Enterprise Manager Ops Center Agent Provisioning xml external entity reference
high
10.0
-
-
-
163104
Oracle Installed Base APIs unknown vulnerability [CVE-2020-14822]
medium
5.0
-
-
-
163103
Oracle Applications Framework Popup windows unknown vulnerability
medium
5.0
-
-
-
163102
Oracle Application Object Library Diagnostics unknown vulnerability
medium
5.0
-
-
-
163101
Oracle Applications Manager SQL Extensions information disclosure
medium
5.0
-
-
-
163100
Oracle Applications Manager AMP EBS Integration information disclosure
medium
5.0
-
-
-
163099
Oracle CRM Technical Foundation Preferences unknown vulnerability
medium
7.7
-
-
-
163098
Oracle Applications Manager Oracle Diagnostics Interfaces unknown vulnerability
medium
6.4
-
-
-
163097
Oracle CRM Technical Foundation Preferences denial of service
medium
7.8
-
-
-
163096
Oracle Trade Management User Interface unknown vulnerability
medium
8.5
-
-
-
163095
Oracle Trade Management User Interface unknown vulnerability
medium
8.5
-
-
-
163094
Oracle Trade Management User Interface unknown vulnerability
medium
8.5
-
-
-
163093
Oracle Trade Management User Interface unknown vulnerability
medium
8.5
-
-
-
163092
Oracle Trade Management User Interface unknown vulnerability
medium
8.5
-
-
-
163091
Oracle Trade Management User Interface unknown vulnerability
medium
8.5
-
-
-
163090
Oracle One-to-One Fulfillment Print Server unknown vulnerability
medium
8.5
-
-
-
163089
Oracle One-to-One Fulfillment Print Server unknown vulnerability
medium
8.5
-
-
-
163088
Oracle Marketing Marketing Administration unknown vulnerability
medium
8.5
-
-
-
163087
Oracle Marketing Marketing Administration unknown vulnerability
medium
8.5
-
-
-
163086
Oracle Marketing Marketing Administration unknown vulnerability
medium
8.5
-
-
-
163085
Oracle Marketing Marketing Administration unknown vulnerability
medium
8.5
-
-
-
163084
Oracle Marketing Marketing Administration unknown vulnerability
medium
8.5
-
-
-
163083
Oracle CRM Technical Foundation Flex Fields unknown vulnerability
medium
8.5
-
-
-
163082
Oracle Universal Work Queue Internal Operations Remote Privilege Escalation
medium
9.0
-
-
-
163081
Oracle Trade Management User Interface unknown vulnerability
medium
9.4
-
-
-
163080
Oracle Marketing Marketing Administration unknown vulnerability
medium
9.4
-
-
-
163079
Oracle E-Business Suite Secure Enterprise Search Search Integration Engine unknown vulnerability
medium
9.4
-
-
-
163078
Oracle Universal Work Queue Work Provider Administration Remote Code Execution
high
10.0
-
-
-
163077
Oracle Primavera Unifier information disclosure [CVE-2020-9488]
low
2.6
-
-
-
163076
Oracle Primavera Unifier Platform denial of service [CVE-2020-9489]
medium
4.9
-
-
-
163075
Oracle Primavera Unifier input validation [CVE-2018-17196]
medium
6.6
-
-
-
163074
Oracle Primavera Unifier Platform input validation [CVE-2019-17558]
medium
7.1
-
-
-
163073
Oracle Instantis EnterpriseTrack denial of service [CVE-2020-13935]
medium
7.8
-
-
-
163072
Oracle Primavera Unifier Platform xml external entity reference
medium
10.0
-
-
-
163071
Oracle Primavera Unifier Platform xml external entity reference
medium
9.4
-
-
-
163070
Oracle Primavera Gateway Admin cross site scripting [CVE-2019-17495]
high
10.0
-
-
-
163069
Oracle Instantis EnterpriseTrack buffer overflow [CVE-2020-11984]
high
10.0
-
-
-
163068
Oracle Communications Services Gatekeeper Media Control UI information disclosure
low
2.6
-
-
-
163067
Oracle Communications Application Session Controller WS/WEB information disclosure
low
2.6
-
-
-
163066
Oracle Communications Session Route Manager information disclosure
medium
4.6
-
-
-
163065
Oracle Communications Session Report Manager information disclosure
medium
4.6
-
-
-
163064
Oracle Communications Element Manager information disclosure
medium
4.6
-
-
-
163063
Oracle Communications Diameter Signaling Router IDIH information disclosure
medium
4.6
-
-
-
163062
Oracle Communications Diameter Signaling Router denial of service
medium
5.0
-
-
-
163061
Oracle Communications Diameter Signaling Router User Interface unknown vulnerability
medium
5.5
-
-
-
163060
Oracle Communications Diameter Signaling Router IDIH information disclosure
medium
4.6
-
-
-
163059
Oracle Enterprise Session Border Controller cross site scripting
medium
6.4
-
-
-
163058
Oracle Communications WebRTC Session Controller ME cross site scripting
medium
6.4
-
-
-
163057
Oracle Communications Diameter Signaling Router User Interface unknown vulnerability
medium
6.4
-
-
-
163056
Oracle Communications Diameter Signaling Router Platform cross site scripting
medium
6.4
-
-
-
163055
Oracle Communications Diameter Signaling Router IDIH cross site scripting
medium
6.4
-
-
-
163054
Oracle Communications Diameter Signaling Router IDIH cross site scripting
medium
6.4
-
-
-
163053
Oracle Communications Application Session Controller cross site scripting
medium
6.4
-
-
-
163052
Oracle Communications Session Route Manager information disclosure
medium
6.8
-
-
-
163051
Oracle Communications Session Report Manager information disclosure
medium
6.8
-
-
-
163050
Oracle Communications Element Manager information disclosure
medium
6.8
-
-
-
163049
Oracle Communications Session Border Controller Platform integer overflow
medium
6.5
-
-
-
163048
Oracle Communications Diameter Signaling Router IDIH information disclosure
medium
5.6
-
-
-
163047
Oracle Communications Session Route Manager deserialization [CVE-2020-9484]
medium
6.0
-
-
-
163046
Oracle Communications Session Report Manager deserialization
medium
6.0
-
-
-
163045
Oracle Communications Element Manager deserialization [CVE-2020-9484]
medium
6.0
-
-
-
163044
Oracle Communications Diameter Signaling Router deserialization
medium
6.0
-
-
-
163043
Oracle Communications Diameter Signaling Router IDIH deserialization
medium
7.5
-
-
-
163042
Oracle Communications Session Route Manager denial of service
medium
7.8
-
-
-
163041
Oracle Communications Session Route Manager denial of service
medium
7.8
-
-
-
163040
Oracle Communications Session Report Manager denial of service
medium
7.8
-
-
-
163039
Oracle Communications Session Border Controller System denial of service
medium
7.8
-
-
-
163038
Oracle Communications Element Manager denial of service [CVE-2019-12402]
medium
7.8
-
-
-
163037
Oracle Communications Diameter Signaling Router IDIH denial of service
medium
7.8
-
-
-
163036
Oracle Communications Diameter Signaling Router IDIH code download
medium
7.6
-
-
-
163035
Oracle Communications Session Route Manager deserialization [CVE-2020-14195]
medium
7.6
-
-
-
163034
Oracle Communications Session Report Manager deserialization
medium
7.6
-
-
-
163033
Oracle Communications Evolved Communications Application Server Universal Data Record deserialization
medium
7.6
-
-
-
163032
Oracle Communications Element Manager deserialization [CVE-2020-14195]
medium
7.6
-
-
-
163031
Oracle Communications Diameter Signaling Router IDIH deserialization
medium
7.6
-
-
-
163030
Oracle Communications Session Route Manager operation after expiration
high
9.7
-
-
-
163029
Oracle Communications Session Report Manager operation after expiration
high
9.7
-
-
-
163028
Oracle Communications Element Manager operation after expiration
high
9.7
-
-
-
163027
Oracle Communications Application Session Controller WS/WEB operation after expiration
high
9.7
-
-
-
163026
Oracle Communications Session Route Manager xml external entity reference
high
10.0
-
-
-
163025
Oracle Communications Session Route Manager buffer overflow [CVE-2020-11984]
high
10.0
-
-
-
163024
Oracle Communications Session Report Manager buffer overflow
high
10.0
-
-
-
163023
Oracle Communications Element Manager buffer overflow [CVE-2020-11984]
high
10.0
-
-
-
163022
Oracle Communications EAGLE Software Network Stack memory corruption
high
10.0
-
-
-
163021
Oracle Communications Diameter Signaling Router Platform Remote Code Execution
high
10.0
-
-
-
163020
Oracle Communications Diameter Signaling Router IDIH xml external entity reference
high
10.0
-
-
-
163019
Oracle Communications Diameter Signaling Router IDIH Remote Code Execution
high
10.0
-
-
-
163018
Oracle Communications Diameter Signaling Router IDIH deserialization
high
10.0
-
-
-
163017
Oracle Communications Application Session Controller WS/WEB xml external entity reference
high
10.0
-
-
-
163016
Oracle Communications Unified Inventory Management information disclosure
low
2.6
-
-
-
163015
Oracle Communications Offline Mediation Controller information disclosure
low
2.6
-
-
-
163014
Oracle Communications Billing and Revenue Management Billing Operation Center information disclosure
low
2.6
-
-
-
163013
Oracle Communications Messaging Server denial of service [CVE-2020-9489]
medium
4.9
-
-
-
163012
Oracle Communications Billing and Revenue Management Billing Operation Center cross site scripting
medium
6.4
-
-
-
163011
Oracle Communications Billing and Revenue Management integer overflow
medium
9.0
-
-
-
163010
Oracle Communications Unified Inventory Management deserialization
high
10.0
-
-
-
163009
Oracle Communications Unified Inventory Management xml external entity reference
high
10.0
-
-
-
163008
Oracle Communications BRM Elastic Charging Engine Diameter Gateway/SDK deserialization
high
10.0
-
-
-
163007
Oracle TimesTen In-Memory Database Apache ZooKeeper information disclosure
medium
5.4
-
-
-
163006
Oracle TimesTen In-Memory Database Dave Gamble/cJSON denial of service
medium
7.8
-
-
-
163005
Oracle TimesTen In-Memory Database Apache Log4j deserialization
high
10.0
-
-
-
163004
Oracle TimesTen In-Memory Database EM TimesTen plugin out-of-bounds read
high
10.0
-
-
-
163003
Oracle REST Data Services General information disclosure [CVE-2020-14745]
medium
4.0
-
-
-
163002
Oracle REST Data Services jQuery cross site scripting [CVE-2020-11023]
medium
6.4
-
-
-
163001
Oracle REST Data Services General information disclosure [CVE-2020-14744]
medium
6.8
-
-
-
163000
Oracle REST Data Services Apache Commons FileUpload access control
medium
9.0
-
-
-
162999
Oracle REST Data Services Eclipse Jetty request smuggling [CVE-2017-7658]
high
10.0
-
-
-
162998
Oracle Big Data Graph Spatial/Graph deserialization [CVE-2019-0192]
high
10.0
-
-
-
162997
Oracle Database Server Core RDBMS unknown vulnerability [CVE-2020-14742]
low
3.3
-
-
-
162996
Oracle Database Server SQL Developer Install information disclosure
low
1.7
-
-
-
162995
Oracle Database Server Java VM unknown vulnerability [CVE-2020-14743]
low
2.1
-
-
-
162994
Oracle Database Server Database Vault unknown vulnerability [CVE-2020-14736]
low
4.7
-
-
-
162993
Oracle Database Server RDBMS Security information disclosure
medium
6.1
-
-
-
162992
Oracle Database Server Database Filesystem denial of service
medium
6.1
-
-
-
162991
Oracle Database Server Oracle Application Express Quick Poll unknown vulnerability
medium
5.5
-
-
-
162990
Oracle Database Server Oracle Application Express Packaged Apps unknown vulnerability
medium
5.5
-
-
-
162989
Oracle Database Server Oracle Application Express Group Calendar unknown vulnerability
medium
5.5
-
-
-
162988
Oracle Database Server Oracle Application Express Data Reporter unknown vulnerability
medium
5.5
-
-
-
162987
Oracle Database Server Oracle Application Express cross site scripting
medium
5.5
-
-
-
162986
Oracle Database Server Oracle Application Express unknown vulnerability
medium
5.5
-
-
-
162985
Oracle Database Server ORDS cross site scripting [CVE-2020-11023]
medium
6.4
-
-
-
162984
Oracle Database Server Application Express cross site scripting
medium
6.4
-
-
-
162983
Oracle Database Server Workload Manager denial of service [CVE-2020-13935]
medium
7.8
-
-
-
162982
Oracle Database Server Oracle Text Remote Code Execution [CVE-2020-14734]
medium
7.6
-
-
-
162981
Oracle Database Server Scheduler Local Privilege Escalation [CVE-2020-14735]
medium
6.8
-
-
-
162980
Oracle Database Server bzip2 out-of-bounds write [CVE-2019-12900]
medium
9.0
-
-
-
162979
Lightning Network Daemon HTLC improper validation of integrity check value
medium
6.0
-
-
-
162978
Lightning Network Daemon HTLC Transaction improper validation of integrity check value
low
4.9
-
-
-
162977
TIBCO Foresight Archive and Retrieval System Transaction Insight Reporting sql injection
medium
6.0
-
-
-
162976
Yandex Browser Address Bar clickjacking [CVE-2020-7371]
medium
7.5
-
-
-
162975
Danyil Vasilenko Bolt Browser Address Bar clickjacking [CVE-2020-7370]
medium
7.5
-
-
-
162974
Yandex Browser Address Bar clickjacking [CVE-2020-7369]
medium
7.5
-
-
-
162973
Ucweb UC Browser Address Bar clickjacking [CVE-2020-7364]
medium
6.8
-
-
-
162972
Ucweb UC Browser Address Bar clickjacking [CVE-2020-7363]
medium
6.8
-
-
-
162971
Nagios XI Apache User neutralization [CVE-2020-5792]
medium
5.4
-
-
-
162970
Apache Operating System os command injection [CVE-2020-5791]
medium
5.4
-
-
-
162969
Nagios XI cross-site request forgery [CVE-2020-5790]
low
4.3
-
-
-
162968
VMware ESXi/Workstation/Fusion VMCI Host Driver resource consumption
low
3.5
-
-
-
162967
VMware vCenter Server Appliance Appliance Management Interface certificate validation
low
2.3
-
-
-
162966
VMware NSX-T NSX Manager unknown vulnerability [CVE-2020-3993]
low
4.9
-
-
-
162965
VMware ESXi OpenSLP use after free [CVE-2020-3992]
medium
5.8
-
-
-
162964
VMware ESXi/Workstation/Fusion VMX Process out-of-bounds write
medium
8.3
-
-
-
162963
VMware ESXi/Workstation/Fusion VMX Process out-of-bounds read
low
4.9
-
-
-
162962
Mozilla Network Security Services CCS Message denial of service
low
3.5
-
-
-
162961
R-SeeNet Webpage sql injection [CVE-2020-25157]
medium
6.0
-
-
-
162960
InterMind iMind Self-Diagnostic Archive information disclosure
low
4.3
-
-
-
162959
Adobe Marketo Sales Insight Plugin cross site scripting [CVE-2020-24416]
low
5.0
-
-
-
162958
Adobe Illustrator SVG File memory corruption [CVE-2020-24415]
medium
7.5
-
-
-
162957
Adobe Illustrator SVG File memory corruption [CVE-2020-24414]
medium
7.5
-
-
-
162956
Adobe Illustrator SVG File memory corruption [CVE-2020-24413]
medium
7.5
-
-
-
162955
Adobe Illustrator SVG File memory corruption [CVE-2020-24412]
medium
7.5
-
-
-
162954
Adobe Illustrator PDF File out-of-bounds write [CVE-2020-24411]
medium
7.5
-
-
-
162953
Adobe Illustrator PDF File out-of-bounds read [CVE-2020-24410]
medium
7.5
-
-
-
162952
Adobe Illustrator PDF File out-of-bounds read [CVE-2020-24409]
medium
7.5
-
-
-
162951
Netwrix Account Lockout Examiner improper authentication [CVE-2020-15931]
low
3.5
-
-
-
162950
Spree Storefront API v2 Endpoint session expiration [CVE-2020-15269]
low
5.1
-
-
-
162949
Boxstarter Installer WptsExtensions.dll DllMain untrusted search path
high
9.0
-
-
-
162948
DomainMod Password Storage hash without salt [CVE-2019-9080]
low
2.3
-
-
-
162947
SAP NetWeaver Design Time Repository cross site scripting [CVE-2020-6370]
low
3.3
-
-
-
162946
SAP Solution Manager/Focused Run hard-coded password [CVE-2020-6369]
medium
7.5
-
-
-
162945
SAP NetWeaver Composite Application Framework cross site scripting
low
5.0
-
-
-
162944
SAP NetWeaver Compare Systems information disclosure [CVE-2020-6366]
low
3.3
-
-
-
162943
SAP Banking Services Report access control [CVE-2020-6362]
medium
4.9
-
-
-
162942
SAP 3D Visual Enterprise Viewer VE Viewer information disclosure
low
4.3
-
-
-
162941
SAP BusinessObjects Business Intelligence Platform Web Services server-side request forgery
medium
6.8
-
-
-
162940
IBM Spectrum Scale/Elastic Storage System denial of service [CVE-2020-4756]
medium
4.6
-
-
-
162939
IBM Spectrum Scale Web UI cross site scripting [CVE-2020-4755]
low
4.0
-
-
-
162938
IBM Spectrum Scale missing secure attribute [CVE-2020-4749]
low
2.6
-
-
-
162937
IBM Spectrum Scale Web UI cross site scripting [CVE-2020-4748]
medium
6.4
-
-
-
162936
IBM Sterling B2B Integrator Standard Edition Web UI cross site scripting
low
4.0
-
-
-
162935
IBM Spectrum Scale mmfsd denial of service [CVE-2020-4491]
low
1.7
-
-
-
162934
GE Reason S20 Ethernet Switch cross site scripting [CVE-2020-16246]
low
3.8
-
-
-
162933
IBM Sterling B2B Integrator Standard Edition Back-End Database sql injection
medium
6.5
-
-
-
162932
osm-static-maps cross site scripting [CVE-2020-7749]
low
5.5
-
-
-
162931
@tsed deepExtend resource consumption
low
5.1
-
-
-
162929
OneThird CMS file inclusion [CVE-2020-5640]
medium
6.8
-
-
-
162928
Huawei Mate 30 use after free [CVE-2020-9263]
medium
5.1
-
-
-
162927
Huawei Mate 20 Bluetooth Module buffer overflow [CVE-2020-9113]
medium
5.4
-
-
-
162926
Huawei Taurus-AN00B information disclosure [CVE-2020-9112]
low
2.3
-
-
-
162925
Huawei E6878-370/E6878-870 Event denial of service [CVE-2020-9111]
low
2.3
-
-
-
162924
Huawei Mate 20 cross site scripting [CVE-2020-9092]
low
3.5
-
-
-
162923
HPE Intelligent Management Center iccselectrules injection
medium
6.0
-
-
-
162922
HPE Intelligent Management Center perfaddormoddevicemonitor injection
medium
6.0
-
-
-
162921
HPE Intelligent Management Center ictexpertcsvdownload injection
medium
6.0
-
-
-
162920
HPE Intelligent Management Center devicethresholdconfig injection
medium
6.0
-
-
-
162919
HPE Intelligent Management Center devsoftsel injection
medium
6.0
-
-
-
162918
HPE Intelligent Management Center deviceselect injection
medium
6.0
-
-
-
162917
HPE Intelligent Management Center faultflasheventselectfact injection
medium
6.0
-
-
-
162916
HPE Intelligent Management Center userselectpagingcontent injection
medium
6.0
-
-
-
162915
HPE Intelligent Management Center reportpage injection
medium
6.0
-
-
-
162914
HPE Intelligent Management Center powershellconfigcontent injection
medium
6.0
-
-
-
162913
HPE Intelligent Management Center tvxlanlegend injection
medium
6.0
-
-
-
162912
HPE Intelligent Management Center viewbatchtaskresultdetailfact injection
medium
6.0
-
-
-
162911
HPE Intelligent Management Center forwardredirect injection
medium
6.0
-
-
-
162910
HPE Intelligent Management Center sshconfig injection
medium
6.0
-
-
-
162909
HPE Intelligent Management Center smsrulesdownload injection
medium
6.0
-
-
-
162908
HPE Intelligent Management Center ictexpertdownload injection
medium
6.0
-
-
-
162907
HPE Intelligent Management Center thirdpartyperfselecttask injection
medium
6.0
-
-
-
162906
HPE Intelligent Management Center mediaforaction injection
medium
6.0
-
-
-
162905
HPE Intelligent Management Center wmiconfigcontent injection
medium
6.0
-
-
-
162904
HPE Intelligent Management Center viewtaskresultdetailfact injection
medium
6.0
-
-
-
162903
HPE Intelligent Management Center iccselectdymicparam injection
medium
6.0
-
-
-
162902
HPE Intelligent Management Center soapconfigcontent injection
medium
6.0
-
-
-
162901
HPE Intelligent Management Center actionselectcontent injection
medium
6.0
-
-
-
162900
HPE Intelligent Management Center templateselect injection
medium
6.0
-
-
-
162899
HPE Intelligent Management Center guidatadetail injection
medium
6.0
-
-
-
162898
HPE Intelligent Management Center injection [CVE-2020-7170]
medium
6.0
-
-
-
162897
HPE Intelligent Management Center ictexpertcsvdownload injection
medium
6.0
-
-
-
162896
HPE Intelligent Management Center selectusergroup injection
medium
6.0
-
-
-
162895
HPE Intelligent Management Center quicktemplateselect injection
medium
6.0
-
-
-
162894
HPE Intelligent Management Center operatorgrouptreeselectcontent injection
medium
6.0
-
-
-
162893
HPE Intelligent Management Center iccselectcommand injection
medium
6.0
-
-
-
162892
HPE Intelligent Management Center operationselect injection
medium
6.0
-
-
-
162891
HPE Intelligent Management Center navigationto injection
medium
6.0
-
-
-
162890
HPE Intelligent Management Center operatorgroupselectcontent injection
medium
6.0
-
-
-
162889
HPE Intelligent Management Center reporttaskselect injection
medium
6.0
-
-
-
162888
HPE Intelligent Management Center iccselectdeviceseries injection
medium
6.0
-
-
-
162887
HPE Intelligent Management Center customtemplateselect injection
medium
6.0
-
-
-
162886
HPE Intelligent Management Center perfselecttask injection
medium
6.0
-
-
-
162885
HPE Intelligent Management Center selviewnavcontent injection
medium
6.0
-
-
-
162884
HPE Intelligent Management Center faultinfo_content injection
medium
6.0
-
-
-
162883
HPE Intelligent Management Center injection [CVE-2020-7155]
medium
6.0
-
-
-
162882
HPE Intelligent Management Center ifviewselectpage injection
medium
6.0
-
-
-
162881
HPE Intelligent Management Center iccselectdevtype injection
medium
6.0
-
-
-
162880
HPE Intelligent Management Center faultparasset injection
medium
6.0
-
-
-
162879
HPE Intelligent Management Center faulttrapgroupselect injection
medium
6.0
-
-
-
162878
HPE Intelligent Management Center faultstatchoosefaulttype injection
medium
6.0
-
-
-
162877
HPE Intelligent Management Center ictexpertcsvdownload injection
medium
6.0
-
-
-
162876
HPE Intelligent Management Center deployselectsoftware injection
medium
6.0
-
-
-
162875
HPE Intelligent Management Center injection [CVE-2020-7147]
medium
6.0
-
-
-
162874
HPE Intelligent Management Center devgroupselect injection
medium
6.0
-
-
-
162873
HPE Intelligent Management Center chooseperfview injection [CVE-2020-7145]
medium
6.0
-
-
-
162872
HPE Intelligent Management Center comparefilesresult injection
medium
6.0
-
-
-
162871
HPE Intelligent Management Center faultdevparasset injection
medium
6.0
-
-
-
162870
HPE Intelligent Management Center eventinfo_content injection
medium
6.0
-
-
-
162869
HPE Intelligent Management Center adddevicetoview injection
medium
6.0
-
-
-
162868
Allen-Bradley Flex IO 1794-AENT-B denial of service [CVE-2020-6085]
low
2.3
-
-
-
162867
Allen-Bradley Flex IO 1794-AENT-B ENIP Request Path Logical Segment denial of service
low
2.3
-
-
-
162866
Matrix Synapse Session m.login.recaptcha cross site scripting
low
3.5
-
-
-
162865
HPE Intelligent Management Center addvsiinterfaceinfo injection
medium
6.0
-
-
-
162864
HPE Intelligent Management Center injection [CVE-2020-24651]
medium
6.0
-
-
-
162863
HPE Intelligent Management Center injection [CVE-2020-24650]
medium
6.0
-
-
-
162862
HPE Intelligent Management Center input validation [CVE-2020-24649]
medium
6.0
-
-
-
162861
HPE Intelligent Management Center accessmgrservlet deserialization
medium
6.0
-
-
-
162860
HPE Intelligent Management Center accessmgrservlet input validation
medium
6.0
-
-
-
162859
HPE Intelligent Management Center tftpserver buffer overflow
medium
6.0
-
-
-
162858
HPE Intelligent Management Center operatoronlinelist_content access control
medium
6.0
-
-
-
162857
HPE Intelligent Management Center improper authentication [CVE-2020-24629]
medium
6.0
-
-
-
162856
yubihsm-shell Process _send_secure_msg denial of service
low
2.3
-
-
-
162855
yubihsm-shell Operations yh_create_session out-of-bounds write
low
2.3
-
-
-
162854
Freebox Server UPnP MediaServer dns rebinding [CVE-2020-24375]
medium
4.9
-
-
-
162853
GoPro gpmf-parser GPMF_ScaledData divide by zero
low
2.3
-
-
-
162852
GoPro gpmf-parser GPMF_Decompress divide by zero
low
2.3
-
-
-
162851
GoPro gpmf-parser GPMF_ScaledData out-of-bounds read
medium
4.9
-
-
-
162850
GoPro gpmf-parser GPMF_ExpandComplexTYPE out-of-bounds write
low
4.9
-
-
-
162849
JetBrains YouTrack URL Filter server-side request forgery [CVE-2020-15822]
medium
4.9
-
-
-
162848
Orchid Platform Attribute cross site scripting [CVE-2020-15263]
low
5.0
-
-
-
162847
webpack-subresource-integrity Chunk improper validation of integrity check value
low
2.6
-
-
-
162846
Veyon Service unquoted search path [CVE-2020-15261]
high
6.8
-
-
-
162845
object-path includeInheritedProps Mode set code injection
medium
5.1
-
-
-
162844
Sylius Verification mail@example.com authentication spoofing
low
4.0
-
-
-
162843
Apache Kylin Restful API improper authentication [CVE-2020-13937]
low
2.9
-
-
-
162842
Sprecher SPRECON-E Configuration File command injection [CVE-2020-11496]
low
4.1
-
-
-
162841
Infinispan REST API/HotRod API authorization [CVE-2020-10746]
low
4.1
-
-
-
162840
Blinger.io Built-In Communication Channel cross site scripting
low
3.5
-
-
-
162839
tcpreplay tcpprep get_l2len heap-based overflow
low
2.3
-
-
-
162838
tcpreplay tcpprep MemcmpInterceptorCommon heap-based overflow
low
3.5
-
-
-
162837
Tink Java missing encryption [CVE-2020-8929]
medium
6.4
-
-
-
162836
SolarWinds N-central Cookie information disclosure [CVE-2020-15910]
low
2.6
-
-
-
162835
SolarWinds N-central session fixiation [CVE-2020-15909]
medium
4.9
-
-
-
162834
rConfig GET Request ajaxAddTemplate.php os command injection
medium
4.9
-
-
-
162833
MintegralAdSDK backdoor [CVE-2020-7745]
medium
7.5
-
-
-
162832
Linux Kernel KDGKBSENT/KDSKBSENT vt_do_kdgkb_ioctl race condition
high
9.0
-
-
-
162831
Sage EasyPay Transformation cross site scripting [CVE-2020-13893]
low
3.5
-
-
-
162830
OX Software OX App Suite/OX Documents API server-side request forgery
low
4.0
-
-
-
162829
OX Software OX App Suite/OX Documents Backend information disclosure
low
1.7
-
-
-
162828
OX Software OX App Suite/OX Documents Backend cross site scriting
low
1.7
-
-
-
162827
TAXII libtaxii XML Parser server-side request forgery [CVE-2020-27197]
medium
4.9
-
-
-
162826
Linux Kernel 64-bit Value verifier.c scalar32_min_max_or memory corruption
low
4.9
-
-
-
162825
Overwolf access control [CVE-2020-25214]
medium
4.9
-
-
-
162824
Microsoft Visual Studio Code JSON Remote Code Execution [CVE-2020-17023]
medium
7.5
-
-
-
162823
Microsoft Windows Codecs Library memory corruption [CVE-2020-17022]
medium
7.2
-
-
-
162822
Juniper Junos Virtual Chassis resource consumption [CVE-2020-1689]
medium
6.1
-
-
-
162821
ClearPass Junos Web API key management [CVE-2020-1688]
low
1.7
-
-
-
162820
Juniper Junos VXLAN resource consumption [CVE-2020-1687]
medium
6.1
-
-
-
162819
Juniper Junos vmcore double free [CVE-2020-1686]
medium
7.8
-
-
-
162818
Juniper Junos Firewall Filter information exposure [CVE-2020-1685]
low
3.3
-
-
-
162817
Juniper Junos HTTP Traffic resource consumption [CVE-2020-1684]
medium
7.8
-
-
-
162816
Juniper Junos vmcore memory leak [CVE-2020-1683]
medium
7.8
-
-
-
162815
Juniper Junos srxpfe denial of service [CVE-2020-1682]
low
4.6
-
-
-
162814
Juniper Junos NDP exceptional condition [CVE-2020-1681]
medium
6.1
-
-
-
162812
Juniper Junos NAT64 format string [CVE-2020-1680]
low
5.0
-
-
-
162811
Juniper Junos Packet Forwarding Engine denial of service [CVE-2020-1679]
medium
7.8
-
-
-
162810
Juniper Junos BGP Packet memory leak [CVE-2020-1678]
medium
6.1
-
-
-
162809
Juniper Mist Cloud UI SAML Response improper authentication [CVE-2020-1677]
medium
6.4
-
-
-
162808
Juniper Mist Cloud UI SAML Response improper authentication [CVE-2020-1676]
medium
6.4
-
-
-
162807
Juniper Mist Cloud UI SAML improper authentication [CVE-2020-1675]
medium
7.5
-
-
-
162806
Juniper Junos MACsec Packet protection mechanism [CVE-2020-1674]
low
4.8
-
-
-
162805
Juniper Junos J-Web cross site scripting [CVE-2020-1673]
low
5.0
-
-
-
162804
Juniper Junos jdhcpd denial of service [CVE-2020-1672]
medium
7.8
-
-
-
162803
Juniper Junos JDHCPD out-of-bounds read [CVE-2020-1671]
medium
7.8
-
-
-
162802
Juniper Junos Routing Engine resource consumption [CVE-2020-1670]
medium
6.1
-
-
-
162801
Juniper Junos Device Manager Container passwd credentials storage
low
4.0
-
-
-
162800
Juniper Junos Routing Engine resource consumption [CVE-2020-1668]
medium
7.8
-
-
-
162799
Juniper Junos Multiservices PIC Management Daemon race condition
medium
7.5
-
-
-
162798
Juniper Junos System Console access control [CVE-2020-1666]
low
4.6
-
-
-
162797
Juniper Junos Packet Forwarding Engine denial of service [CVE-2020-1665]
low
5.0
-
-
-
162796
Juniper Junos Daemon stack-based overflow [CVE-2020-1664]
medium
6.8
-
-
-
162795
Juniper Junos RPD denial of service [CVE-2020-1662]
medium
7.8
-
-
-
162794
Juniper Junos jdhcp denial of service [CVE-2020-1661]
low
5.0
-
-
-
162793
Juniper Junos Multiservices PIC Management Daemon denial of service
medium
7.5
-
-
-
162792
Juniper Junos key-management-daemon denial of service [CVE-2020-1657]
medium
7.8
-
-
-
162791
Juniper Junos DHCPv6 Relay-Agent Service null pointer dereference
medium
10.0
-
-
-
162790
EZCast Pro II Administration Panel information disclosure [CVE-2019-12305]
low
3.3
-
-
-
162789
IBM Resilient OnPrem command injection [CVE-2020-4636]
medium
5.8
-
-
-
162788
IBM Security Guardium Big Data Intelligence inadequate encryption
low
2.6
-
-
-
162787
Apereo CAS Secret Key improper authentication [CVE-2020-27178]
low
2.3
-
-
-
162786
Dell EMC NetWorker improper authorization [CVE-2020-26183]
medium
6.5
-
-
-
162785
Dell EMC NetWorker privileges assignment [CVE-2020-26182]
low
6.5
-
-
-
162784
Wire URL shell.openExternal input validation
medium
7.5
-
-
-
162783
Anuko Time Tracker CSV Export injection [CVE-2020-15255]
medium
6.5
-
-
-
162782
crossbeam-channel from_iter memory corruption
low
5.1
-
-
-
162781
XWiki Application Server Servlet code injection [CVE-2020-15252]
medium
4.6
-
-
-
162780
containerd insufficiently protected credentials [CVE-2020-15157]
low
2.6
-
-
-
162779
VMware Horizon Client Installation access control [CVE-2020-3991]
low
4.9
-
-
-
162778
Aptean Product Configurator Main Login Page sql injection [CVE-2020-26944]
medium
6.5
-
-
-
162777
ClamXAV Helper Tool injection [CVE-2020-26893]
medium
4.9
-
-
-
162776
libass ass_outline_construct integer overflow
medium
4.9
-
-
-
162775
Testimonial Rotator Plugin post.php cross site scripting
low
3.5
-
-
-
162774
Magento File Upload cross site scripting [CVE-2020-24408]
low
4.3
-
-
-
162773
OLIMPOKS Error Message cross site scripting [CVE-2020-16270]
low
3.5
-
-
-
162772
Gogs git Hook os command injection [CVE-2020-15867]
medium
6.0
-
-
-
162771
Red Hat JBoss EAP Legacy SecurityRealm improper authentication
low
4.9
-
-
-
162770
Gitea git Hook os command injection [CVE-2020-14144]
medium
6.0
-
-
-
162769
Bender COMTRAXX CP915 improper authorization [CVE-2019-19885]
medium
4.0
-
-
-
162768
BASSMIDI Plugin out-of-bounds write [CVE-2019-19513]
low
4.9
-
-
-
162767
BASS Audio Library MP3 File BASS_StreamCreateFile infinite loop
low
2.3
-
-
-
162766
BASS Audio Library WAV File BASS_StreamCreateFile out-of-bounds read
low
4.9
-
-
-
162765
BASS Audio Library OGG File BASS_StreamCreateFile use after free
low
4.9
-
-
-
162764
Mark Text cross site scripting [CVE-2020-27176]
low
3.5
-
-
-
162763
Amazon AWS Firecracker Serial Console memory leak [CVE-2020-27174]
low
2.3
-
-
-
162762
OpenStack blazar-dashboard access control [CVE-2020-26943]
medium
4.9
-
-
-
162761
Sage DPW Kurskatalog cross site scripting [CVE-2020-26584]
low
3.5
-
-
-
162760
Sage DPW Expenses Claiming cross site scripting [CVE-2020-26583]
low
2.3
-
-
-
162759
PowerDNS Recursor Cached Record denial of service [CVE-2020-25829]
low
3.5
-
-
-
162758
QEMU ATI VGA Device ati_2d.c ati_2d_blt denial of service
low
2.3
-
-
-
162757
vm-superio Serial Console FIFO memory allocation [CVE-2020-27173]
low
3.5
-
-
-
162756
phpRedisAdmin login.php cross site scripting
low
3.5
-
-
-
162755
Siemens SIPORT MP Single Sign-On authentication spoofing [CVE-2020-7591]
medium
4.9
-
-
-
162754
OTRS Chat Conversation information disclosure [CVE-2020-1777]
low
5.0
-
-
-
162753
Siemens Desigo Insight Web Application information exposure [CVE-2020-15794]
low
3.5
-
-
-
162752
Siemens Desigo Insight X-Frame-Options clickjacking [CVE-2020-15793]
medium
4.3
-
-
-
162751
Siemens Desigo Insight Web Service sql injection [CVE-2020-15792]
medium
4.0
-
-
-
162750
Atlassian JIRA Server Issue Key ActionsAndOperations permission
medium
4.3
-
-
-
162749
Eclipse Vert.x Backslash path traversal [CVE-2019-17640]
medium
4.9
-
-
-
162748
F2fs-Tools F2fs.Fsck f2fs Filesystem fsck_chk_orphan_node heap-based overflow
medium
4.9
-
-
-
162747
F2fs-Tools F2fs.Fsck f2fs Filesystem dev_read information disclosure
low
2.3
-
-
-
162746
F2fs-Tools F2fs.Fsck Filesystem init_node_manager information disclosure
low
2.3
-
-
-
162745
F2fs-Tools F2fs.Fsck f2fs Filesystem unknown vulnerability [CVE-2020-6105]
medium
4.9
-
-
-
162744
F2fs-Tools F2fs.Fsck f2fs Filesystem get_dnode_of_data information disclosure
low
2.3
-
-
-
162743
Qualcomm QCMAP SetGatewayUrl os command injection
medium
4.3
-
-
-
162742
Qualcomm QCMAP Mobile Hotspot QCMAP_Web_CLIENT Tokenizer denial of service
low
2.3
-
-
-
162741
libarchive Archive File archive_string.c archive_string_append_from_wcs out-of-bounds write
low
2.1
-
-
-
162740
B&R GateManager 4260/GateManager 9250 log file [CVE-2020-11646]
low
4.0
-
-
-
162739
B&R GateManager 4260/GateManager 9250 denial of service [CVE-2020-11645]
low
4.0
-
-
-
162738
B&R GateManager 4260/GateManager 9250 Audit Log neutralization for logs
low
4.0
-
-
-
162737
B&R GateManager 4260/GateManager 9250 information disclosure
low
4.0
-
-
-
162736
B&R SiteManager file access [CVE-2020-11642]
medium
4.0
-
-
-
162735
B&R SiteManager file inclusion [CVE-2020-11641]
medium
4.0
-
-
-
162734
B&R Automation Runtime TFTP Service memory leak [CVE-2020-11637]
low
5.0
-
-
-
162733
com.mintegral.msdk:alphab Android SDK information disclosure
low
5.0
-
-
-
162732
IBM Security Access Manager/Security Verify Access improper authentication
medium
7.5
-
-
-
162731
IBM Security Access Manager/Security Verify Access response splitting
medium
7.5
-
-
-
162730
McAfee MVision Endpoint Core Trust Component security check for standard
medium
6.5
-
-
-
162729
McAfee Active Response Core Trust Component security check for standard
medium
6.5
-
-
-
162728
McAfee Application and Change Control MSI Configuration access control
medium
6.5
-
-
-
162727
Veritas APTARE Login improper authentication [CVE-2020-27157]
low
5.1
-
-
-
162726
Veritas APTARE Authorization improper authorization [CVE-2020-27156]
medium
6.8
-
-
-
162725
SAP 3D Visual Enterprise Viewer RH File denial of service [CVE-2020-6376]
low
4.0
-
-
-
162724
SAP 3D Visual Enterprise Viewer CGM File denial of service [CVE-2020-6375]
low
5.0
-
-
-
162723
SAP 3D Visual Enterprise Viewer JT File denial of service [CVE-2020-6374]
low
5.0
-
-
-
162722
SAP 3D Visual Enterprise Viewer PDF File denial of service [CVE-2020-6373]
low
5.0
-
-
-
162721
SAP 3D Visual Enterprise Viewer PDF File denial of service [CVE-2020-6372]
low
5.0
-
-
-
162720
SAP NetWeaver Application Server ABAP information disclosure
low
4.0
-
-
-
162719
SAP Business Planning and Consolidation cross site scripting
low
4.0
-
-
-
162718
SAP NetWeaver AS JAVA Start Page redirect [CVE-2020-6365]
medium
6.8
-
-
-
162717
SAP Solution Manager/Focused Run CA Introscope Enterprise Manager code injection
medium
4.9
-
-
-
162716
SAP Commerce Cloud session expiration [CVE-2020-6363]
low
5.0
-
-
-
162715
SAP Netweaver Enterprise Portal Fiori Framework Page cross site scripting
low
3.5
-
-
-
162714
SAP NetWeaver Application Server Java cross site scripting [CVE-2020-6319]
low
4.3
-
-
-
162713
SAP Commerce Cloud Web CMS Components cross site scripting [CVE-2020-6272]
low
3.5
-
-
-
162712
Live Chat - Live Support cross-site request forgery [CVE-2020-5642]
low
4.3
-
-
-
162711
BlueZ MGMT Event att.c disconnect_cb double free
medium
6.0
-
-
-
162710
ThinkPad ThinkPad Stack Wireless Router improper authentication
medium
5.8
-
-
-
162709
Lenovo Cloud Networking Operating System REST API input validation
medium
7.6
-
-
-
162708
Lenovo HardwareScan Plugin Vantage Hardware Scan uncontrolled search path
medium
6.8
-
-
-
162707
Lenovo Diagnostics DLL untrusted search path [CVE-2020-8338]
medium
6.8
-
-
-
162706
Lenovo/IBM System X Server BIOS Mode USB Driver toctou [CVE-2020-8332]
low
3.5
-
-
-
162705
Rapid7 Nexpose sql injection [CVE-2020-7383]
medium
6.5
-
-
-
162704
McAfee ePolicy Orchistrator cross site scripting [CVE-2020-7318]
low
4.3
-
-
-
162703
McAfee ePolicy Orchistrator cross site scripting [CVE-2020-7317]
low
4.3
-
-
-
162702
Duo Network Gateway Log log file [CVE-2020-3483]
low
4.0
-
-
-
162701
Duo Authentication for Windows Logon/RDP improper authentication
medium
4.1
-
-
-
162700
Grocy Create Shopping List Module cross site scripting [CVE-2020-15253]
low
4.0
-
-
-
162699
Singularity unsquashfs path traversal
medium
7.5
-
-
-
162698
Open Enclave Syscall information disclosure [CVE-2020-15224]
low
3.5
-
-
-
162697
Adobe Flash Player HTTP Response null pointer dereference [CVE-2020-9746]
medium
6.8
-
-
-
162696
BlackBerry UEM UEM Core Service denial of service [CVE-2020-6933]
low
2.3
-
-
-
162695
IBM Security Access Manager Appliance session expiration [CVE-2020-4395]
low
2.6
-
-
-
162694
Trend Micro Antivirus Webserver API access control [CVE-2020-27013]
medium
6.0
-
-
-
162693
Telegram Desktop Export Telegram Data wizard improper authentication
low
1.2
-
-
-
162692
Trend Micro Antivirus Kernel Extension information disclosure
low
2.3
-
-
-
162691
Trend Micro Antivirus Web Threat Protection access control [CVE-2020-25777]
medium
4.9
-
-
-
162690
United Planet Intrexx Professional cross site scripting [CVE-2020-24188]
low
3.5
-
-
-
162689
Google Android Kernel binder.c binder_release_work use after free
medium
6.6
-
-
-
162688
Google Android Pendingintent NotificationImportExportListener.java constructImportFailureNotification information disclosure
low
1.5
-
-
-
162687
Google Android Error Handling String8.cpp appendFormatV privileges management
medium
4.1
-
-
-
162686
Google Android Permission Check GpuService.cpp setUpdatableDriverPath memory corruption
medium
4.1
-
-
-
162685
Google Android Permission Check PackageInstallerSession.java generateInfo information disclosure
low
1.5
-
-
-
162684
Google Android Settings Screen permission [CVE-2020-0416]
medium
4.3
-
-
-
162683
Google Android SystemUI information disclosure [CVE-2020-0415]
low
1.5
-
-
-
162682
Google Android Audio Buffer Threads.cpp threadLoop information disclosure
low
4.3
-
-
-
162681
Google Android Bluetooth Server gatt_cl.cc gatt_process_read_by_type_rsp information disclosure
low
4.3
-
-
-
162680
Google Android ActivityManagerService.java setProcessMemoryTrimLevel information disclosure
low
1.5
-
-
-
162679
Google Android AACExtractor.cpp ~AACExtractor out-of-bounds write
low
4.3
-
-
-
162678
Google Android Pendingintent SapServer.java setNotification information disclosure
low
1.5
-
-
-
162677
Google Android String16.cpp remove integer overflow
medium
4.1
-
-
-
162676
Google Android Pendingintent NotificationMgr.java showDataRoamingNotification information disclosure
low
1.5
-
-
-
162675
Google Android PendingIntent Error NotificationMgr.java updateMwi information disclosure
low
1.5
-
-
-
162674
Google Android Permission Check PasspointManager.java onWnmFrameReceived information disclosure
low
1.5
-
-
-
162673
Google Android Bluetooth Server gatt_cl.cc gatt_process_read_by_type_rsp out-of-bounds read
low
5.0
-
-
-
162672
Google Android out-of-bounds read [CVE-2020-0376]
low
4.9
-
-
-
162671
Google Android out-of-bounds read [CVE-2020-0371]
low
4.9
-
-
-
162670
Google Android out-of-bounds write [CVE-2020-0367]
low
4.9
-
-
-
162669
Google Android out-of-bounds read [CVE-2020-0339]
low
4.9
-
-
-
162668
Google Android out-of-bounds write [CVE-2020-0283]
low
4.9
-
-
-
162667
Google Android Permission Check UiccAccessRule.java getCarrierPrivilegeStatus information disclosure
low
1.5
-
-
-
162666
Allen-Bradley Flex IO 1794-AENT-B ENIP Request Path Data Segment denial of service
medium
6.3
-
-
-
162665
Allen-Bradley Flex IO 1794-AENT-B ENIP Request Path Data Segment denial of service
low
5.2
-
-
-
162664
Allen-Bradley Flex IO 1794-AENT-B ENIP Request Path Port Segment denial of service
low
2.3
-
-
-
162663
LAquis SCADA Project File out-of-bounds read [CVE-2020-25188]
low
4.9
-
-
-
162662
IProom MMC+ Server Login Page redirect [CVE-2020-24551]
medium
7.5
-
-
-
162661
Google Android SurfaceFlinger SurfaceFlinger.cpp createLayer privileges management
medium
4.3
-
-
-
162660
Siemens DCA Vantage Analyzer Onboard Database hard-coded password
low
4.1
-
-
-
162659
McAfee Total Protection Task Scheduling privileges management
medium
4.1
-
-
-
162658
Trend Micro Antivirus Internationalized Domain Name access control
medium
6.8
-
-
-
162657
Linux Kernel Geneve Endpoint cleartext transmission [CVE-2020-25645]
low
2.6
-
-
-
162656
Foxit Reader Annotation Object use after free [CVE-2020-17417]
medium
6.8
-
-
-
162655
Foxit Reader JPEG2000 Image out-of-bounds write [CVE-2020-17416]
medium
6.8
-
-
-
162654
Foxit PhantomPDF Update Service permission assignment [CVE-2020-17415]
medium
8.5
-
-
-
162653
Foxit Reader Update Service permission [CVE-2020-17414]
medium
8.5
-
-
-
162652
Foxit PhantomPDF U3D Object stack-based overflow [CVE-2020-17413]
medium
6.8
-
-
-
162651
Foxit PhantomPDF U3D Object information disclosure [CVE-2020-17412]
low
4.3
-
-
-
162650
Foxit PhantomPDF U3D Object information disclosure [CVE-2020-17411]
low
4.3
-
-
-
162649
Foxit PhantomPDF GIF File access control [CVE-2020-17410]
medium
6.8
-
-
-
162648
Netgear R6120/R6080/R6260/R6220/R6020/JNR3210/WNR2020 mini_httpd Service improper authentication
low
2.9
-
-
-
162647
Microhard Bullet-LTE Authentication Header stack-based overflow
medium
6.8
-
-
-
162646
Microhard Bullet-LTE tools.sh improper authentication
medium
8.5
-
-
-
162645
Siemens DCA Vantage Analyzer Kiosk Mode access control [CVE-2020-15797]
medium
4.4
-
-
-
162644
Channelmgnt Plug-In ACL access control [CVE-2020-15251]
medium
6.5
-
-
-
162643
Apache Solr API improper authorization [CVE-2020-13957]
medium
6.8
-
-
-
162642
AMD ATIKMDAG.SYS API out-of-bounds read [CVE-2020-12933]
low
4.9
-
-
-
162641
AMD Ryzen Master AMD Driver access control [CVE-2020-12928]
high
8.5
-
-
-
162640
AMD ATIKMDAG.SYS API out-of-bounds read
low
5.2
-
-
-
162639
Apache Fineract information disclosure [CVE-2018-20243]
low
4.3
-
-
-
162638
Microsoft Windows Kernel memory corruption [CVE-2020-16890]
medium
9.0
-
-
-
162637
Microsoft Windows Remote Desktop Protocol information disclosure
low
5.0
-
-
-
162636
Microsoft Windows Remote Desktop Protocol denial of service [CVE-2020-16927]
low
5.0
-
-
-
162635
Microsoft Windows Remote Desktop Service denial of service [CVE-2020-16863]
low
5.0
-
-
-
162634
Microsoft Windows Media Foundation memory corruption [CVE-2020-16915]
medium
7.5
-
-
-
162633
Microsoft Windows Unified Extensible Firmware Interface access control
medium
6.5
-
-
-
162632
Microsoft Windows Hyper-V memory corruption [CVE-2020-1047]
medium
6.5
-
-
-
162631
Microsoft Windows Win32k memory corruption [CVE-2020-16913]
medium
9.0
-
-
-
162630
Microsoft Windows Kernel Image memory corruption [CVE-2020-16892]
low
4.3
-
-
-
162629
Microsoft Windows KernelStream information disclosure [CVE-2020-16889]
low
4.0
-
-
-
162628
Microsoft Windows Installer access control [CVE-2020-16902]
low
4.3
-
-
-
162627
Microsoft Windows Hyper-V access control [CVE-2020-16891]
medium
4.3
-
-
-
162626
Microsoft Windows Hyper-V denial of service [CVE-2020-1243]
low
4.6
-
-
-
162625
Microsoft Windows NAT memory corruption [CVE-2020-16894]
medium
7.5
-
-
-
162624
Microsoft Windows Error Reporting access control [CVE-2020-16905]
low
6.5
-
-
-
162623
Microsoft Windows COM Server access control [CVE-2020-16916]
medium
6.5
-
-
-
162622
Microsoft Visual Studio Code Python Extension access control
low
5.1
-
-
-
162621
Microsoft PowerShellGet WDAC access control [CVE-2020-16886]
low
5.8
-
-
-
162620
Microsoft Windows Camera Codec Pack memory corruption [CVE-2020-16968]
medium
7.5
-
-
-
162619
Microsoft Windows Camera Codec Pack memory corruption [CVE-2020-16967]
medium
7.5
-
-
-
162618
Microsoft Windows COM Server access control [CVE-2020-16935]
medium
6.5
-
-
-
162617
Microsoft Windows Backup Service access control [CVE-2020-16976]
medium
6.5
-
-
-
162616
Microsoft Windows Jet Database Engine memory corruption [CVE-2020-16924]
medium
7.5
-
-
-
162615
Microsoft Windows Storage VSP Driver access control [CVE-2020-16885]
medium
6.5
-
-
-
162614
Microsoft Windows Network Connections Service memory corruption
low
4.3
-
-
-
162613
Microsoft Windows Hyper-V memory corruption [CVE-2020-1080]
medium
4.3
-
-
-
162612
Microsoft Windows iSCSI Target Service access control [CVE-2020-16980]
medium
6.5
-
-
-
162611
Microsoft Windows Storage Services access control [CVE-2020-0764]
medium
6.5
-
-
-
162610
Microsoft Windows File Signature Validation signature verification
medium
7.5
-
-
-
162609
Microsoft Windows Backup Service access control [CVE-2020-16974]
medium
6.5
-
-
-
162608
Microsoft Windows Backup Service access control [CVE-2020-16973]
medium
6.5
-
-
-
162607
Microsoft Windows Backup Service access control [CVE-2020-16975]
medium
6.5
-
-
-
162606
Microsoft Windows Application Compatibility Client Library access control
medium
6.5
-
-
-
162605
Microsoft Windows Reparse Point access control [CVE-2020-16877]
low
5.5
-
-
-
162604
Microsoft Windows Backup Service improper authentication [CVE-2020-16972]
medium
6.5
-
-
-
162603
Microsoft Windows Application Compatibility Client Library access control
medium
6.5
-
-
-
162602
Microsoft Windows Text Services Framework information disclosure
low
4.0
-
-
-
162601
Microsoft Windows Enterprise App Management Service information disclosure
low
4.0
-
-
-
162600
Microsoft Windows Error Reporting Manager access control [CVE-2020-16895]
medium
6.5
-
-
-
162599
Microsoft Windows NetBIOS over TCP information disclosure [CVE-2020-16897]
low
4.0
-
-
-
162598
Microsoft Windows TCPIP Stack Remote Code Execution [CVE-2020-16898]
medium
7.5
-
-
-
162597
Microsoft Windows Backup Service access control [CVE-2020-16936]
medium
6.5
-
-
-
162596
Microsoft Windows Win32k memory corruption [CVE-2020-16907]
medium
9.0
-
-
-
162595
Microsoft Windows User Profile Service access control [CVE-2020-16940]
medium
6.5
-
-
-
162594
Microsoft Windows Backup Service access control [CVE-2020-16912]
medium
6.5
-
-
-
162593
Microsoft Windows Error Reporting access control [CVE-2020-16909]
medium
6.5
-
-
-
162592
Microsoft Windows Setup access control [CVE-2020-16908]
low
4.3
-
-
-
162591
Microsoft Windows TCPIP Stack denial of service [CVE-2020-16899]
medium
7.8
-
-
-
162590
Microsoft Windows Kernel information disclosure [CVE-2020-16901]
low
4.0
-
-
-
162589
Microsoft Windows Event System memory corruption [CVE-2020-16900]
low
4.6
-
-
-
162588
Microsoft SharePoint Server Application Package origin validation
medium
7.5
-
-
-
162587
Microsoft SharePoint Server information disclosure [CVE-2020-16950]
low
1.7
-
-
-
162586
Microsoft SharePoint Server information disclosure [CVE-2020-16941]
low
1.4
-
-
-
162585
Microsoft SharePoint Server cross site scripting [CVE-2020-16946]
low
4.0
-
-
-
162584
Microsoft SharePoint Server cross site scripting [CVE-2020-16945]
low
4.0
-
-
-
162583
Microsoft SharePoint Server cross site scripting [CVE-2020-16944]
low
4.0
-
-
-
162582
Microsoft SharePoint Server Application Package access control
medium
7.5
-
-
-
162581
Microsoft SharePoint Server information disclosure [CVE-2020-16942]
low
0.8
-
-
-
162580
Microsoft SharePoint Server information disclosure [CVE-2020-16953]
low
4.0
-
-
-
162579
Microsoft SharePoint Server information disclosure [CVE-2020-16948]
low
4.0
-
-
-
162578
Microsoft 3D Viewer memory corruption [CVE-2020-17003]
medium
7.5
-
-
-
162577
Microsoft Office memory corruption [CVE-2020-16954]
medium
7.5
-
-
-
162576
Microsoft Excel memory corruption [CVE-2020-16931]
medium
7.5
-
-
-
162575
Microsoft Outlook memory corruption [CVE-2020-16947]
medium
7.5
-
-
-
162574
Microsoft Outlook denial of service [CVE-2020-16949]
low
2.1
-
-
-
162573
Microsoft 3D Viewer/365 Apps for Enterprise memory corruption
medium
7.5
-
-
-
162572
Microsoft Office Access Connectivity Engine memory corruption
medium
7.5
-
-
-
162571
Microsoft Office AppVLP access control [CVE-2020-16928]
medium
7.5
-
-
-
162570
Microsoft Office AppVLP access control [CVE-2020-16955]
medium
7.5
-
-
-
162569
Microsoft Office Excel memory corruption [CVE-2020-16930]
medium
7.5
-
-
-
162568
Microsoft Excel memory corruption [CVE-2020-16932]
medium
7.5
-
-
-
162567
Microsoft Office AppVLP improper authorization [CVE-2020-16934]
medium
7.5
-
-
-
162566
Microsoft Office memory corruption [CVE-2020-16929]
medium
7.5
-
-
-
162565
Microsoft Word LNK File 7pk security [CVE-2020-16933]
medium
7.5
-
-
-
162564
Microsoft Windows Kernel information disclosure [CVE-2020-16938]
low
4.6
-
-
-
162563
Microsoft Windows Graphics memory corruption [CVE-2020-1167]
medium
7.2
-
-
-
162562
Microsoft Windows Graphics memory corruption [CVE-2020-16923]
medium
7.2
-
-
-
162561
Microsoft Windows GDI+ information disclosure [CVE-2020-16914]
low
4.6
-
-
-
162560
Microsoft Windows GDI+ memory corruption [CVE-2020-16911]
medium
10.0
-
-
-
162559
Microsoft Exchange Server information disclosure [CVE-2020-16969]
medium
7.5
-
-
-
162558
Microsoft Dynamics 365 Commerce improper authorization [CVE-2020-16943]
medium
6.1
-
-
-
162557
Microsoft Microsoft Dynamics 365 cross site scripting [CVE-2020-16956]
low
5.5
-
-
-
162556
Microsoft Microsoft Dynamics 365 cross site scripting [CVE-2020-16978]
low
5.5
-
-
-
162555
Microsoft Windows Group Policy privileges assignment [CVE-2020-16939]
medium
6.8
-
-
-
162554
Microsoft Azure Functions privileges management [CVE-2020-16904]
low
5.0
-
-
-
162553
Microsoft Network Watcher Agent Virtual Machine Extension for Linux privileges management
medium
6.8
-
-
-
162552
Microsoft Microsoft .NET Framework information disclosure [CVE-2020-16937]
low
3.8
-
-
-
162551
OpenRobotics ros_comm Communications Package XML RPC Library integer overflow
medium
7.5
-
-
-
162550
mathjs deepExtend dynamically-determined object attributes
low
4.9
-
-
-
162549
Webmin Command Shell Endpoint input validation [CVE-2020-8821]
low
2.3
-
-
-
162548
Webmin Cluster Shell Commands Endpoint cross site scripting [CVE-2020-8820]
low
3.5
-
-
-
162547
HelpDeskZ Auto-Login sql injection [CVE-2020-26546]
medium
7.5
-
-
-
162546
Octopus Deploy Task Log debug log file [CVE-2020-25825]
low
2.3
-
-
-
162545
JUnit4 Test Rule information disclosure [CVE-2020-15250]
low
1.5
-
-
-
162544
Sonatype Nexus Repository Manager pathname traversal [CVE-2020-15012]
low
2.3
-
-
-
162543
Webmin Read User Email Module/Mailboxes Endpoint cross site scripting
low
5.0
-
-
-
162542
JFrog Artifactory improper authentication [CVE-2019-17444]
medium
6.8
-
-
-
162541
Huawei Taurus-AN00B Module buffer overflow [CVE-2020-9240]
medium
4.9
-
-
-
162540
Huawei Taurus-AN00B Module buffer overflow [CVE-2020-9238]
medium
4.9
-
-
-
162539
Huawei WS5800-10 Message denial of service [CVE-2020-9230]
low
2.3
-
-
-
162538
Huawei P30 Pro buffer overflow [CVE-2020-9123]
medium
4.9
-
-
-
162537
Huawei WS7200-10 input validation [CVE-2020-9122]
medium
4.9
-
-
-
162536
Huawei Taurus-AN00B information disclosure [CVE-2020-9110]
low
2.3
-
-
-
162535
Huawei Mate 20 information disclosure [CVE-2020-9109]
low
2.3
-
-
-
162534
Huawei P30 Pro Message out-of-bounds write [CVE-2020-9108]
low
2.9
-
-
-
162533
Huawei P30 Pro Message out-of-bounds read [CVE-2020-9107]
low
2.9
-
-
-
162532
Huawei P30 Pro path traversal [CVE-2020-9106]
low
2.3
-
-
-
162531
Huawei Taurus-AN00B out-of-bounds write [CVE-2020-9091]
low
4.9
-
-
-
162530
Huawei FusionAccess improper authorization [CVE-2020-9090]
medium
4.9
-
-
-
162529
Huawei Taurus-AL00A XFRM Module out-of-bounds read [CVE-2020-9087]
low
1.5
-
-
-
162528
Samsung Update Inter-Process Communication deserialization [CVE-2020-7811]
medium
4.9
-
-
-
162527
IBM Curam Social Program Management readLine denial of service
low
4.0
-
-
-
162526
IBM Curam Social Program Management OOTB Build Script information disclosure
low
2.6
-
-
-
162525
IBM Curam Social Program Management risky encryption [CVE-2020-4778]
low
2.6
-
-
-
162524
IBM Curam Social Program Management path traversal [CVE-2020-4776]
low
4.3
-
-
-
162523
IBM Curam Social Program Management cross site scripting [CVE-2020-4775]
low
3.5
-
-
-
162522
IBM Curam Social Program Management information disclosure [CVE-2020-4774]
low
3.5
-
-
-
162521
IBM Curam Social Program Management cross-site request forgery
low
4.3
-
-
-
162520
IBM Curam Social Program Management xml external entity reference
medium
6.5
-
-
-
162519
IBM InfoSphere Information Server Web UI cross site scriting
low
3.5
-
-
-
162518
IBM InfoSphere Information Server cross site scriting [CVE-2020-4740]
low
3.5
-
-
-
162517
IBM Security Access Manager/Security Verify Access information exposure
low
3.5
-
-
-
162516
IBM Security Guardium File Content injection [CVE-2020-4689]
low
5.8
-
-
-
162515
IBM Security Guardium Web UI cross site scripting [CVE-2020-4681]
low
4.0
-
-
-
162514
IBM Security Guardium Web UI cross site scripting [CVE-2020-4680]
low
4.0
-
-
-
162513
IBM Security Guardium Web UI cross site scriting [CVE-2020-4679]
low
3.3
-
-
-
162512
IBM Security Guardium Admin Access information disclosure [CVE-2020-4678]
low
3.5
-
-
-
162511
IBM Security Access Manager/Security Verify Access information exposure
low
3.5
-
-
-
162510
IBM Security Access Manager/Security Verify Access Access Manager information exposure
low
3.5
-
-
-
162509
IBM Cognos Analytics Servlet information exposure [CVE-2020-4388]
low
3.5
-
-
-
162508
IBM Cognos Analytics Excel File injection [CVE-2020-4302]
medium
6.0
-
-
-
162507
ARC Informatique PcVue information disclosure [CVE-2020-26869]
low
2.3
-
-
-
162506
ARC Informatique PcVue Web Client denial of service [CVE-2020-26868]
low
5.0
-
-
-
162505
ARC Informatique PcVue Interface deserialization [CVE-2020-26867]
medium
6.0
-
-
-
162504
Apache Tomcat HTTP2 Client information disclosure [CVE-2020-13943]
low
3.5
-
-
-
162503
GitLab Permission Check permission [CVE-2020-13341]
medium
4.9
-
-
-
162502
SonicWALL SonicOS Login Page information exposure [CVE-2020-5143]
low
4.3
-
-
-
162501
SonicWALL SonicOS SSL VPN Web Interface cross site scripting
low
4.3
-
-
-
162500
SonicWALL SonicOS Virtual Assist Ticket ID protection mechanism
low
2.6
-
-
-
162499
SonicWALL SonicOS SSL VPN Service out-of-bounds read [CVE-2020-5140]
low
4.3
-
-
-
162498
SonicWALL SonicOS release of reference [CVE-2020-5139]
low
4.3
-
-
-
162497
SonicWALL SonicOS SSL VPN Service heap-based overflow [CVE-2020-5138]
low
4.3
-
-
-
162496
SonicWALL SonicOS SSL VPN Service buffer overflow [CVE-2020-5137]
medium
6.8
-
-
-
162495
SonicWALL SonicOS SSL-VPN Portal buffer overflow [CVE-2020-5136]
low
2.3
-
-
-
162494
SonicWALL SonicOS buffer overflow [CVE-2020-5135]
medium
3.5
-
-
-
162493
SonicWALL SonicOS out-of-bounds read [CVE-2020-5134]
low
2.3
-
-
-
162492
SonicWALL SonicOS buffer overflow [CVE-2020-5133]
medium
4.3
-
-
-
162491
Atlassian JIRA Server Issue Filter Export File cross site scripting
low
3.5
-
-
-
162490
Huawei Taurus-AN00B input validation [CVE-2020-9105]
low
4.9
-
-
-
162489
Emby Server Image server-side request forgery
medium
6.0
-
-
-
162488
Monero GUI monero-wallet-gui lib authorization
low
4.1
-
-
-
162487
MyBatis Object Stream deserialization [CVE-2020-26945]
medium
4.9
-
-
-
162486
phpMyAdmin SearchController sql injection [CVE-2020-26935]
medium
6.5
-
-
-
162485
phpMyAdmin Transformation Feature cross site scripting [CVE-2020-26934]
low
3.5
-
-
-
162484
Sympa Package permission [CVE-2020-26932]
medium
4.9
-
-
-
162483
Apache Calcite Hostname Verification information disclosure [CVE-2020-13955]
low
2.3
-
-
-
162482
Pepperl Fuchs RocketLinx Comtrol TFTP Service information disclosure
medium
5.0
-
-
-
162481
Pepperl Fuchs RocketLinx Comtrol Administration Interface command injection
medium
7.5
-
-
-
162480
Pepperl Fuchs RocketLinx Comtrol Administration Interface cross-site request forgery
medium
5.0
-
-
-
162479
Pepperl Fuchs RocketLinx Comtrol Administration Interface backdoor
medium
7.5
-
-
-
162478
Pepperl Fuchs RocketLinx Comtrol Administration Interface improper authentication
medium
7.5
-
-
-
162477
Netgear WC7500/WC7600/WC7600v2/WC9500 information disclosure
low
2.3
-
-
-
162476
Netgear EX7700 config [CVE-2020-26930]
low
4.9
-
-
-
162475
Netgear R6220/R6230 injection [CVE-2020-26929]
medium
4.9
-
-
-
162474
Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 improper authentication
medium
5.4
-
-
-
162473
Netgear WNR2020 improper authentication [CVE-2020-26927]
medium
5.4
-
-
-
162472
Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 improper authentication
low
4.9
-
-
-
162471
Netgear GS808E denial of service [CVE-2020-26925]
low
2.3
-
-
-
162470
Netgear WAC720/WAC730 information disclosure [CVE-2020-26924]
low
2.3
-
-
-
162469
Netgear WC7500/WC7600/WC7600v2/WC9500 cross site scripting [CVE-2020-26923]
low
3.5
-
-
-
162468
Netgear WC7500/WC7600/WC7600v2/WC9500 command injection [CVE-2020-26922]
medium
4.9
-
-
-
162467
Netgear GS110EMX/GS810EMX/XS512EM/XS724EM improper authentication
medium
5.4
-
-
-
162466
Netgear SRK60/SRR60/SRS60 command injection [CVE-2020-26920]
medium
5.4
-
-
-
162465
Netgear JGS516PE Access Control access control [CVE-2020-26919]
medium
4.9
-
-
-
162464
Netgear R8500 cross site scripting [CVE-2020-26918]
low
3.5
-
-
-
162463
Netgear R8500 cross site scripting [CVE-2020-26917]
low
3.5
-
-
-
162462
Netgear WNR2020 config [CVE-2020-26916]
low
4.9
-
-
-
162461
Netgear XR700 cross site scripting [CVE-2020-26915]
low
3.5
-
-
-
162460
Netgear WNR2020 command injection [CVE-2020-26914]
medium
4.9
-
-
-
162459
Netgear XR500 buffer overflow [CVE-2020-26913]
medium
4.9
-
-
-
162458
Netgear WNR2020 cross-site request forgery [CVE-2020-26912]
low
3.5
-
-
-
162457
Netgear WNR2020 access control [CVE-2020-26911]
medium
4.9
-
-
-
162456
Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 command injection
medium
4.9
-
-
-
162455
Netgear D7800/R7500v2 command injection [CVE-2020-26909]
medium
5.4
-
-
-
162454
Netgear WNR2020 improper authentication [CVE-2020-26908]
medium
5.4
-
-
-
162453
Netgear RBK852/RBR850/RBS850 os command injection [CVE-2020-26907]
medium
5.4
-
-
-
162452
Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
low
2.3
-
-
-
162451
Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
low
2.3
-
-
-
162450
Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
low
2.3
-
-
-
162449
Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
low
2.3
-
-
-
162448
Netgear RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 command injection
medium
5.4
-
-
-
162447
Netgear RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
low
2.3
-
-
-
162446
Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
low
2.3
-
-
-
162445
Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
low
2.3
-
-
-
162444
Netgear RAX40 config [CVE-2020-26898]
low
4.9
-
-
-
162443
Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
low
2.3
-
-
-
162442
Garfield Petshop act_user.php cross-site request forgery
low
3.5
-
-
-
162441
Xerox WorkCentre EC7836/WorkCentre EC7856 Description Page cross site scripting
low
3.5
-
-
-
162440
ConnectWise Automate permission [CVE-2020-15838]
medium
4.9
-
-
-
162439
OnePlus App Locker Google Assistant improper authorization [CVE-2020-13626]
medium
4.1
-
-
-
162438
Victor Web Client denial of service [CVE-2020-9048]
medium
5.8
-
-
-
162437
Dell EMC OpenManage Integration for Microsoft System Center Log log file
low
2.3
-
-
-
162436
IBM Informix Spatial out-of-bounds write [CVE-2020-4799]
medium
4.9
-
-
-
162435
IBM QRadar SIEM Java Deserialization deserialization [CVE-2020-4280]
medium
4.9
-
-
-
162434
Faulkner Wildlife Issues in the New Millennium cmd.exe privileges management
medium
6.0
-
-
-
162433
forma.lms cross-site request forgery [CVE-2020-26802]
low
3.5
-
-
-
162432
HAPI FHIR Testpage Overlay cross site scripting [CVE-2020-24301]
low
3.5
-
-
-
162431
Facebook Hermes Javascript SaveGeneratorLong control flow
low
4.9
-
-
-
162430
Mozilla Thunderbird Microsoft Exchange Autodiscovery cleartext transmission
low
2.3
-
-
-
162429
Smartstore WebApi Authentication improper authentication [CVE-2020-15243]
medium
6.8
-
-
-
162428
Next.js redirect [CVE-2020-15242]
low
4.9
-
-
-
162427
Fluid Engine cross site scriting [CVE-2020-15241]
low
3.5
-
-
-
162426
GitLab Key Storage information disclosure [CVE-2020-13344]
low
2.3
-
-
-
162425
GitLab CI Job Log cross site scripting [CVE-2020-13340]
low
3.5
-
-
-
162424
GitLab SVG File Preview cross site scripting [CVE-2020-13339]
low
3.5
-
-
-
162423
Mozilla Firefox ECDSA Signature Generation information disclosure
low
1.4
-
-
-
162422
Mozilla Firefox Coordinate information disclosure [CVE-2020-12400]
low
4.9
-
-
-
162421
Zoho ManageEngine Applications Manager AAMRequestProcessor Servlet improper authorization
medium
6.8
-
-
-
162420
IBM QRadar SIEM Active Directory Authentication improper authentication
medium
4.9
-
-
-
162419
Nahimic APO Software Component Driver privileges management [CVE-2019-19115]
medium
7.4
-
-
-
162418
D-Link CGI Script upgradeStatusReboot.cgi denial of service
low
2.9
-
-
-
162417
SourceCodester Online Bus Booking System Admin Login Screen admin.php sql injection
medium
7.5
-
-
-
162416
SourceCodester Booking System book_now.php cross site scripting
low
3.5
-
-
-
162415
PHPGurukul hospital-management-system-in-php patient-search.php cross site scripting
low
3.5
-
-
-
162414
PHPGurukul hostel-management-system cross site scripting [CVE-2020-25270]
low
3.5
-
-
-
162413
PyroCMS anomaly.module.blocks cross-site request forgery
low
3.5
-
-
-
162412
PyroCMS cross-site request forgery [CVE-2020-25262]
low
3.5
-
-
-
162411
Nerrvana Plugin XML Parser xml external entity reference [CVE-2020-2298]
medium
4.9
-
-
-
162410
SMS Notification Plugin Global Configuration cleartext storage
low
2.3
-
-
-
162409
Shared Objects Plugin Shared Object cross-site request forgery
low
3.5
-
-
-
162408
Maven Cascade Release Plugin cross-site request forgery [CVE-2020-2295]
low
3.5
-
-
-
162407
Maven Cascade Release Plugin Permission Check authorization [CVE-2020-2294]
medium
4.9
-
-
-
162406
Persona Plugin Permission path traversal [CVE-2020-2293]
low
2.3
-
-
-
162405
Release Plugin Badge Tooltip cross site scripting [CVE-2020-2292]
low
3.5
-
-
-
162404
couchdb-statistics Plugin Global Configuration cleartext storage
low
2.3
-
-
-
162403
Active Choices Plugin Sandbox cross site scripting [CVE-2020-2290]
low
3.5
-
-
-
162402
Active Choices Plugin cross site scripting [CVE-2020-2289]
low
3.5
-
-
-
162401
Audit Trail Plugin Regular Expression incorrect regex [CVE-2020-2288]
medium
4.9
-
-
-
162400
Audit Trail Plugin Stapler Web Framework unknown vulnerability
medium
4.9
-
-
-
162399
Role-based Authorization Strategy Plugin Permission Cache permission
medium
4.9
-
-
-
162398
Cisco StarOS CLI input validation [CVE-2020-3602]
medium
6.6
-
-
-
162397
Cisco StarOS CLI input validation [CVE-2020-3601]
medium
6.6
-
-
-
162396
Cisco Vision Dynamic Signage Director Web-based Management Interface improper authentication
medium
6.8
-
-
-
162395
Cisco Nexus Data Broker Configuration Backup pathname traversal
medium
6.8
-
-
-
162394
Cisco Expressway Series Session Initiation Protocol denial of service
low
4.3
-
-
-
162393
Cisco Identity Services Engine Web-based Management Interface cross site scripting
low
3.5
-
-
-
162392
Cisco Email Security Appliance Antispam Protection Mechanism input validation
medium
6.8
-
-
-
162391
Cisco Industrial Network Director Management REST API denial of service
low
3.5
-
-
-
162390
Cisco Video Surveillance 8000 Series IP Camera Cisco Discovery Protocol memory corruption
medium
5.4
-
-
-
162389
Cisco Video Surveillance 8000 Series IP Camera Cisco Discovery Protocol certain memory leak
low
2.9
-
-
-
162388
Cisco SD-WAN vManage Web-based Management Interface cross site scripting
low
3.5
-
-
-
162387
Cisco Webex Teams Client DLL Loader uncontrolled search path
low
4.9
-
-
-
162386
Cisco Identity Services Engine Web-based Management Interface Administrator authorization
medium
4.9
-
-
-
162385
Cisco FirePOWER Management Center Web-based Management Interface cross site scripting
low
3.5
-
-
-
162384
McAfee File/Removable Media Protection unquoted search path [CVE-2020-7316]
low
4.1
-
-
-
162383
Sympa Configuration File privileges management [CVE-2020-26880]
medium
4.1
-
-
-
162382
wp-courses Plugin JSON REST API wp-json authorization
medium
4.9
-
-
-
162381
Cure53 DOMPurify cross site scripting [CVE-2020-26870]
low
2.3
-
-
-
162380
Dynamic OOO Widget code injection [CVE-2020-26596]
low
4.9
-
-
-
162379
KDE Connect Packet denial of service [CVE-2020-26164]
low
2.3
-
-
-
162378
Soplanning Key improper authentication [CVE-2020-25867]
low
2.9
-
-
-
162377
Contao Tag injection [CVE-2020-25768]
low
4.9
-
-
-
162376
Peplink Balance Web Admin connector.php information disclosure
low
2.9
-
-
-
162375
ImpressCMS admin.php cross site scripting
low
3.5
-
-
-
162374
Smarter Coffee Maker Firmware Update improper authorization [CVE-2020-15501]
medium
7.9
-
-
-
162373
GLPI API Search sql injection [CVE-2020-15226]
medium
4.0
-
-
-
162372
GLPI Public FAQ information disclosure [CVE-2020-15217]
low
2.3
-
-
-
162371
GLPI install.php cross site scripting
low
3.5
-
-
-
162370
GLPI sql injection [CVE-2020-15176]
medium
4.0
-
-
-
162369
GLPI Image pluginimage.send.php information disclosure
low
2.3
-
-
-
162368
GitLab Confirmation Email resource consumption [CVE-2020-13342]
low
4.9
-
-
-
162367
Zabbix Server Remote Privilege Escalation [CVE-2020-11800]
medium
6.0
-
-
-
162366
MikroTik RouterOS SMB Server integer underflow [CVE-2019-16160]
low
4.3
-
-
-
162365
MonoCMS Blog File denial of service [CVE-2020-25985]
low
3.8
-
-
-
162364
Symphony CMS event.publish_article.php cross site scripting
low
3.5
-
-
-
162363
GAEN Metadata Block information disclosure [CVE-2020-24722] [Disputed]
low
2.3
-
-
-
162362
Spice Remote Display System QUIC Image Decoder buffer overflow
medium
4.9
-
-
-
162361
GitLab Runner injection [CVE-2020-13347]
medium
4.9
-
-
-
162360
GitLab API information disclosure [CVE-2020-13346]
low
2.3
-
-
-
162359
GitLab Group Membership denial of service [CVE-2020-13335]
low
3.8
-
-
-
162358
GitLab GraphQL Query improper authorization [CVE-2020-13334]
medium
4.9
-
-
-
162357
GitLab Project privileges management [CVE-2020-13332]
medium
4.9
-
-
-
162356
simpl-schema unknown vulnerability [CVE-2020-7742]
low
4.9
-
-
-
162355
Atlassian JIRA Server/Data Center SEN information disclosure
low
2.3
-
-
-
162354
node-pdf-generator server-side request forgery [CVE-2020-7740]
medium
4.9
-
-
-
162353
Samsung Mobile Devices TimaService privileges management [CVE-2020-26607]
medium
4.9
-
-
-
162352
Samsung Mobile Devices Secure Folder information disclosure [CVE-2020-26606]
medium
4.9
-
-
-
162351
Samsung Mobile Devices Log information disclosure [CVE-2020-26605]
low
2.3
-
-
-
162350
Samsung Mobile Devices Pendingintent privileges management [CVE-2020-26604]
medium
4.9
-
-
-
162349
Samsung Mobile Devices Sticker Center pathname traversal [CVE-2020-26603]
low
2.3
-
-
-
162348
Samsung Mobile Devices Pendingintent exposure of resource [CVE-2020-26602]
medium
4.9
-
-
-
162347
Samsung Mobile Device Pendingintent privileges management [CVE-2020-26601]
medium
4.9
-
-
-
162346
Samsung Mobile Device Auto Hotspot information disclosure [CVE-2020-26600]
low
2.3
-
-
-
162345
Samsung Mobile Device Dynamic Lockscreen improper authentication
low
3.6
-
-
-
162344
LG Mobile Devices Network Management denial of service [CVE-2020-26598]
low
2.3
-
-
-
162343
LG Mobile Devices Wi-Fi Subsystem denial of service [CVE-2020-26597]
low
2.3
-
-
-
162342
socket.io-file input validation [CVE-2020-24807]
medium
4.9
-
-
-
162341
Facebook WhatsApp/WhatsApp Business/WhatsApp for Portal RTP Extension Header out-of-bounds write
low
4.9
-
-
-
162340
Facebook WhatsApp/WhatsApp Business E-AC-3 Audio Stream heap-based overflow
medium
4.9
-
-
-
162339
Facebook WhatsApp Media ContentProvider URI information disclosure
low
2.6
-
-
-
162338
Facebook WhatsApp/WhatsApp Business Attachment pathname traversal
medium
7.5
-
-
-
162337
Facebook WhatsApp/WhatsApp Business Unzip denial of service [CVE-2020-1903]
low
5.0
-
-
-
162336
Facebook WhatsApp/WhatsApp Business Google service cleartext transmission
low
2.6
-
-
-
162335
Facebook WhatsApp Message denial of service [CVE-2020-1901]
low
4.3
-
-
-
162334
Zoho ManageEngine Applications Manager RCA module sql injection
medium
6.5
-
-
-
162333
Zoho ManageEngine Applications Manager SAP Module sql injection
medium
6.5
-
-
-
162332
xmpp-http-upload path traversal [CVE-2020-15239]
low
2.3
-
-
-
162331
Electron Context Isolation sandbox [CVE-2020-15215]
medium
4.9
-
-
-
162330
Electron will-navigate sandbox
medium
4.9
-
-
-
162329
GitLab cross site scripting [CVE-2020-13345]
low
3.5
-
-
-
162328
GitLab Custom Project Template information disclosure [CVE-2020-13343]
low
2.3
-
-
-
162327
GitLab API denial of service [CVE-2020-13333]
low
2.3
-
-
-
162326
HCL AppScan Enterprise Rule Update escape output [CVE-2019-4326]
low
2.3
-
-
-
162325
HCL AppScan Enterprise REST API User Detail cryptographic issues
low
2.3
-
-
-
162324
Sierra Wireless ALEOS RPC Server unknown vulnerability [CVE-2020-8782]
low
4.9
-
-
-
162323
Sierra Wireless ALEOS improper authorization [CVE-2020-8781]
medium
4.9
-
-
-
162322
hellojs Package cross site scripting [CVE-2020-7741]
low
3.5
-
-
-
162321
phantomjs-seo URL server-side request forgery [CVE-2020-7739]
medium
4.9
-
-
-
162320
MPD PPP Authentication out-of-bounds read [CVE-2020-7466]
low
2.3
-
-
-
162319
MPD L2TP memory corruption [CVE-2020-7465]
medium
4.9
-
-
-
162318
IBM MQ Appliance Log File information disclosure [CVE-2020-4528]
low
2.3
-
-
-
162317
D-Link DAP-1360U Ping privileges management [CVE-2020-26582]
medium
4.9
-
-
-
162316
Wireshark Facebook Zero Protocol Dissector packet-fbzero.c by infinite loop
low
2.3
-
-
-
162315
Leostream Connection Broker HTTP Header webquery.pl browser_client cross site scripting
low
3.5
-
-
-
162314
Wireshark BLIP Protocol Dissector packet-blip.c null pointer dereference
low
2.3
-
-
-
162313
Wireshark MIME Multipart Dissector packet-multipart.c denial of service
low
2.3
-
-
-
162312
Wireshark TCP Dissector packet-tcp.c denial of service
low
2.3
-
-
-
162311
Crafter CMS Crafter Studio os command injection [CVE-2020-25803]
low
4.9
-
-
-
162310
Crafter CMS Groovy Script os command injection [CVE-2020-25802]
low
4.9
-
-
-
162309
QEMU pci.c ide_cancel_dma_sync null pointer dereference
low
2.3
-
-
-
162308
QEMU pci.c pci_change_irq_level null pointer dereference
low
2.3
-
-
-
162307
WildFly OpenSSL HTTP Session memory leak [CVE-2020-25644]
low
2.3
-
-
-
162306
Linux Kernel HDLC_PPP Module memory corruption [CVE-2020-25643]
medium
4.9
-
-
-
162305
Linux Kernel biovecs infinite loop [CVE-2020-25641]
low
4.4
-
-
-
162304
QEMU libvirt API access control [CVE-2020-25637]
low
2.3
-
-
-
162303
IBM Security Access Manager Appliance Web UI cross site scriting
low
3.5
-
-
-
162302
MonoCMS Blog log.xml inadequate encryption
low
2.3
-
-
-
162301
MonoCMS Blog cross-site request forgery [CVE-2020-25986]
low
3.5
-
-
-
162300
Ruby WEBrick request smuggling [CVE-2020-25613]
medium
4.9
-
-
-
162299
projectworlds Car Rental Management System Admin Login message_admin.php cross site scripting
low
4.3
-
-
-
162298
GNU C Library search.texi return value
medium
4.9
-
-
-
162297
Elecom WRC-1167GST2 os command injection [CVE-2020-5634]
medium
7.4
-
-
-
162296
InfoCage SiteShell Access Restriction unknown vulnerability [CVE-2020-5632]
low
4.9
-
-
-
162295
CMONOS.JP cross site scriting [CVE-2020-5631]
low
3.5
-
-
-
162294
OpenSC TCOS Smart Card Software Driver tcos_decipher buffer overflow
medium
4.9
-
-
-
162293
OpenSC gemsafe GPK Smart Card Software Driver sc_pkcs15emu_gemsafeGPK_init stack-based overflow
medium
4.9
-
-
-
162292
OpenSC Oberthur Smart Card Software Driver sc_oberthur_read_file buffer overflow
medium
4.9
-
-
-
162291
Shrine derivation_endpoint Plugin Utils.secure_compare information exposure
low
4.9
-
-
-
162290
Intel CPU BIOS Firmware information disclosure [CVE-2020-8671]
low
2.3
-
-
-
162289
Nextcloud Deck Attachment authorization [CVE-2020-8235]
medium
4.9
-
-
-
162288
Nextcloud Preferred Providers App Password excessive authentication
low
4.9
-
-
-
162287
Nextcloud Server permission [CVE-2020-8223]
medium
4.9
-
-
-
162286
Nextcloud Deck Board Sharing access control [CVE-2020-8182]
medium
4.9
-
-
-
162285
ZTE ZXONE 19700 SNPE Access Control access control [CVE-2020-6875]
medium
4.9
-
-
-
162284
IBM Maximo Asset Management HTTP Command improper authentication
low
2.3
-
-
-
162283
ClickStudios Passwordstate Password Reset Portal ResetPassword improper authentication
low
2.3
-
-
-
162282
CuppaCMS unrestricted upload [CVE-2020-26048]
low
4.9
-
-
-
162281
Ansible aws_ssm Connection Plugin information disclosure [CVE-2020-25635]
low
2.3
-
-
-
162280
Symmetric DS mx4j improper authentication [CVE-2020-24231]
medium
4.9
-
-
-
162279
Wiki.js Storage Module pathname traversal [CVE-2020-15236]
low
2.3
-
-
-
162278
RACTF Key information disclosure [CVE-2020-15235]
low
2.9
-
-
-
162277
Intel Driver & Support Assistant permission [CVE-2020-12302]
low
3.5
-
-
-
162276
Intel CPU BIOS Firmware information disclosure [CVE-2020-0571]
low
2.7
-
-
-
162275
Intel CPU BIOS Firmware denial of service [CVE-2019-14558]
low
2.7
-
-
-
162274
Intel CPU BIOS Firmware buffer overflow [CVE-2019-14557]
medium
4.9
-
-
-
162273
Intel CPU BIOS Firmware denial of service [CVE-2019-14556]
low
1.5
-
-
-
162272
json-pointer input validation [CVE-2020-7709]
low
4.9
-
-
-
162271
qdPM File Upload cross site scripting [CVE-2020-26166]
low
3.5
-
-
-
162270
Ansible Base aws_ssm Connection Plugin access control [CVE-2020-25636]
low
4.9
-
-
-
162268
oauth2-server OAuth 2.0 code injection [CVE-2017-18924] [Disputed]
medium
4.9
-
-
-
162267
Google Osconfig Agent race condition
medium
4.1
-
-
-
162266
tribe29 Checkmk permission
medium
6.6
-
-
-
162265
REDDOXX MailDepot Mailbox permission [CVE-2019-19200]
medium
4.9
-
-
-
162264
Platinum Mobile MobileHandler.ashx access control
medium
4.1
-
-
-
162263
SevOne Network Management System Device Manager Page injection
medium
6.0
-
-
-
162262
SevOne Network Management System Alert Summary sql injection
medium
6.0
-
-
-
162261
SevOne Network Management System Traceroute traceroute.php command injection
medium
8.5
-
-
-
162260
NVIDIA Virtual GPU Manager vGPU Plugin denial of service [CVE-2020-5989]
low
1.5
-
-
-
162259
NVIDIA Virtual GPU Manager vGPU Plugin double free [CVE-2020-5988]
medium
4.1
-
-
-
162258
NVIDIA Virtual GPU Manager vGPU Plugin privileges management
medium
4.1
-
-
-
162257
NVIDIA Virtual GPU Manager vGPU Plugin memory corruption [CVE-2020-5986]
medium
4.1
-
-
-
162256
NVIDIA Virtual GPU Manager vGPU Plugin memory corruption [CVE-2020-5985]
medium
4.1
-
-
-
162255
NVIDIA Virtual GPU Manager vGPU Plugin use after free [CVE-2020-5984]
medium
4.1
-
-
-
162254
NVIDIA Virtual GPU Manager vGPU Plugin/Host Driver Kernel Module privileges management
medium
4.1
-
-
-
162253
NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys denial of service
low
1.5
-
-
-
162252
NVIDIA Windows GPU Display Driver DirectX11 User Mode Driver x.dll memory corruption
medium
4.1
-
-
-
162251
NVIDIA Windows GPU Display Driver DLL code injection [CVE-2020-5980]
medium
4.1
-
-
-
162250
NVIDIA Windows GPU Display Driver Control Panel privileges management
medium
4.1
-
-
-
162249
Cloud Foundry BOSH System Metrics Server UAA Password information disclosure
low
1.5
-
-
-
162248
Linux Kernel Secure Boot Forbidden Signature Database blacklist.c privileges management
medium
6.3
-
-
-
162247
Damstra Smart Asset Version origin validation
medium
4.1
-
-
-
162246
Damstra Smart Asset Login Page Username information disclosure
low
1.5
-
-
-
162245
Damstra Smart Asset DNS Server sql injection
medium
6.0
-
-
-
162244
Trend Micro Antivirus symlink [CVE-2020-25776]
medium
4.1
-
-
-
162243
HPE KVM IP Console Switch G2 4x1Ex32 code injection [CVE-2020-24628]
medium
6.0
-
-
-
162242
HPE KVM IP Console Switch G2 4x1Ex32 Stored cross site scriting
low
3.5
-
-
-
162241
MB Connect Line mymbCONNECT24/mbCONNECT24 lancompenent Blind sql injection
medium
6.0
-
-
-
162240
Zoho ManageEngine Desktop Central InternetSendRequestEx integer overflow
medium
4.1
-
-
-
162239
Zoho ManageEngine Desktop Central TLS Certificate Validation InternetSendRequestByBitrate improper authentication
medium
4.4
-
-
-
162238
ORY Fosite Authorization Endpoint redirect [CVE-2020-15234]
low
5.4
-
-
-
162237
ORY Fosite Redirect redirect [CVE-2020-15233]
low
5.4
-
-
-
162236
ProVide SDL xml external entity reference [CVE-2020-15232]
medium
6.8
-
-
-
162235
mapfish-print JSONP cross site scripting [CVE-2020-15231]
low
4.3
-
-
-
162234
Vapor Web Framework path traversal [CVE-2020-15230]
medium
6.0
-
-
-
162233
GitLab Editing Stored cross site scriting
low
3.5
-
-
-
162232
GitLab Group Name Stored cross site scriting
low
2.8
-
-
-
162231
fusionauth-saml Signature improper authentication [CVE-2020-12676]
medium
6.0
-
-
-
162230
PHP HTTP Cookie input validation [CVE-2020-7070]
low
4.3
-
-
-
162229
PHP AES-CCM openssl_encrypt input validation
low
2.6
-
-
-
162228
Erlang OTP path traversal [CVE-2020-25623]
medium
4.1
-
-
-
162227
cloudflared Configuration File privileges management [CVE-2020-24356]
low
3.5
-
-
-
162226
GetSimpleCMS log.php path traversal
medium
4.1
-
-
-
162225
Bludit upload-profile-picture path traversal
medium
4.1
-
-
-
162224
Pluxml Configuration File class.plx.admin.php code injection
medium
4.1
-
-
-
162223
Pluxml Theme Editor parametres_edittpl.php code injection
medium
6.0
-
-
-
162222
BitDefender Engine ceva_emu.cvd Module uninitialized pointer
low
2.6
-
-
-
162221
shiba load code injection
medium
6.0
-
-
-
162220
safetydance set Prototype privileges management
medium
6.8
-
-
-
162219
bmoor set Prototype privileges management
medium
6.8
-
-
-
162218
Foxit Reader/PhantomPDF Protection Mechanism code injection [CVE-2020-26540]
medium
4.1
-
-
-
162217
Foxit Reader/PhantomPDF use after free [CVE-2020-26539]
medium
4.1
-
-
-
162216
Foxit Reader/PhantomPDF taskkill.exe privileges management
medium
4.1
-
-
-
162215
Foxit Reader/PhantomPDF Shading memory corruption [CVE-2020-26537]
medium
6.8
-
-
-
162214
Foxit Reader/PhantomPDF null pointer dereference [CVE-2020-26536]
low
4.3
-
-
-
162213
Foxit Reader/PhantomPDF v8 TslAlloc denial of service
low
4.3
-
-
-
162212
Foxit Reader/PhantomPDF AcroForm ClearItems use after free
medium
6.8
-
-
-
162211
CodeLathe FileCloud Username information disclosure [CVE-2020-26524]
low
1.5
-
-
-
162210
Froala Editor Content Paste cross site scriting [CVE-2020-26523]
low
3.5
-
-
-
162209
Artifex MuPDF pixmap.c memory corruption
medium
4.1
-
-
-
162208
Artica Pandora FMS chart_generator.php sql injection
medium
6.8
-
-
-
162207
wpo365-login Plugin JWT Token missing encryption [CVE-2020-26511]
low
1.0
-
-
-
162206
Live Helper Chat Reflected cross site scriting [CVE-2020-26135]
low
3.5
-
-
-
162205
Live Helper Chat BBcode Stored cross site scriting
low
3.5
-
-
-
162204
OpenMediaVault rpc.php json_encode_safe code injection
medium
4.1
-
-
-
162203
QEMU fdc.c fdctrl_write_data null pointer dereference
low
1.5
-
-
-
162202
PowerDNS Authenticate GSS-TSIG Signature double free [CVE-2020-24698]
medium
4.4
-
-
-
162201
PowerDNS Authoritative GSS-TSIG Signature denial of service [CVE-2020-24697]
low
1.9
-
-
-
162200
PowerDNS Authoritative GSS-TSIG Signature denial of service [CVE-2020-24696]
low
4.3
-
-
-
162199
PowerDNS Authoritative Server Record uninitialized resource [CVE-2020-17482]
low
1.5
-
-
-
162198
MSI AmbientLink MsIo64 Driver memory corruption [CVE-2020-17382]
medium
4.1
-
-
-
162197
SECUDOS Qiata FTA Comment Persistent cross site scriting
low
3.5
-
-
-
162196
SECUDOS DOMOS Web Interface conf_datetime command injection
medium
8.5
-
-
-
162195
SysAid ForgotPassword.jsp Reflected cross site scriting
low
3.5
-
-
-
162194
WAVLINK WN530H4 ExportAllSettings.sh information disclosure
low
1.5
-
-
-
162193
WAVLINK WN530H4 improper authentication [CVE-2020-12126]
medium
4.4
-
-
-
162192
WAVLINK WN530H4 makeRequest.cgi memory corruption
high
9.3
-
-
-
162191
WAVLINK WN530H4 live_api.cgi command injection
high
9.3
-
-
-
162190
WAVLINK WN530H4 cross-site request forgery [CVE-2020-12123]
low
4.3
-
-
-
162189
REDDOXX MailDepot Session improper authentication [CVE-2019-19199]
medium
4.1
-
-
-
162188
Apache NiFi UI/API inadequate encryption [CVE-2020-9491]
low
4.1
-
-
-
162187
Apache NiFi Download Token denial of service [CVE-2020-9487]
low
1.9
-
-
-
162186
Apache NiFi Stateless Execution Engine cleartext storage [CVE-2020-9486]
low
1.5
-
-
-
162185
Teltonika TRB2 path traversal [CVE-2020-5789]
low
4.0
-
-
-
162184
Teltonika TRB2 delete path traversal
medium
5.5
-
-
-
162183
Teltonika TRB2 remove path traversal
medium
5.5
-
-
-
162182
Teltonika TRB2 cross-site request forgery [CVE-2020-5786]
medium
6.8
-
-
-
162181
Teltonika TRB2 Reflected cross site scripting [CVE-2020-5785]
low
4.3
-
-
-
162180
Teltonika TRB2 server-side request forgery [CVE-2020-5784]
medium
6.5
-
-
-
162179
Dell XPS 13 9370 BIOS Exception exceptional condition [CVE-2020-5387]
low
4.1
-
-
-
162178
IBM WebSphere Application Server information disclosure [CVE-2020-4576]
low
4.3
-
-
-
162177
Pritunl Error Message session Username information disclosure
low
1.5
-
-
-
162176
Envoy URL Local Privilege Escalation [CVE-2020-25018]
low
4.1
-
-
-
162175
Envoy Header setCopy privileges management
medium
4.1
-
-
-
162174
Unisys Stealth Password missing encryption [CVE-2020-24620]
low
1.0
-
-
-
162173
Istio Policy privileges management [CVE-2020-16844]
medium
4.6
-
-
-
162172
Mozilla Firefox/Firefox ESR/Thunderbird ComputeClippedCompositionBounds use after free
medium
6.8
-
-
-
162171
Mozilla Firefox/Firefox ESR/Thunderbird redirect [CVE-2020-15677]
medium
6.8
-
-
-
162170
Mozilla Firefox/Firefox ESR/Thunderbird DOM-Based cross site scriting
low
4.3
-
-
-
162169
Mozilla Firefox Surface memory corruption [CVE-2020-15675]
medium
4.1
-
-
-
162168
Mozilla Firefox memory corruption [CVE-2020-15674]
medium
6.8
-
-
-
162167
Mozilla Firefox/Firefox ESR/Thunderbird memory corruption [CVE-2020-15673]
medium
6.8
-
-
-
162166
Mozilla Firefox Password information disclosure [CVE-2020-15671]
low
1.5
-
-
-
ID
Title
VulDB
CVSS
Secunia
XForce
Nessus
162165
Mozilla Firefox/Firefox ESR/Thunderbird memory corruption [CVE-2020-15670]
medium
6.8
-
-
-
162164
Mozilla Firefox ESR/Thunderbird Abort Signal use after free [CVE-2020-15669]
medium
6.8
-
-
-
162163
Mozilla Firefox Certificate Import locking [CVE-2020-15668]
low
4.1
-
-
-
162162
Mozilla Firefox MAR Update File heap-based overflow [CVE-2020-15667]
medium
6.8
-
-
-
162161
Mozilla Firefox Media Error information disclosure [CVE-2020-15666]
low
2.9
-
-
-
162160
Mozilla Firefox Address Bar authentication spoofing [CVE-2020-15665]
medium
6.8
-
-
-
162159
Mozilla Firefox/Firefox ESR/Thunderbird Extension eval privileges management
medium
6.8
-
-
-
162158
Mozilla Firefox/Firefox ESR/Thunderbird Maintenance Service updater.exe code injection
medium
6.0
-
-
-
162157
Zoho ManageEngine Application Manager AlarmEscalation sql injection
medium
6.8
-
-
-
162156
@actions core exportVariable input validation
low
2.1
-
-
-
162154
HCL Digital Experience Reflected cross site scriting [CVE-2020-14223]
low
3.5
-
-
-
162153
Apache NiFi Notification Service Manager xml external entity reference
medium
4.1
-
-
-
162152
Apache ant File Permission privileges management [CVE-2020-11979]
medium
4.1
-
-
-
162151
Rittal CMC PU III Web Management Interface backdoor [CVE-2019-19393]
low
3.5
-
-
-
162150
WebsiteBaker save.php sql injection
medium
6.0
-
-
-
162149
GetSimple CMS Settings Page Persistent cross site scriting
low
3.5
-
-
-
162148
CMS Made Simple Content Manager Persistent cross site scriting
low
3.5
-
-
-
162147
BitDefender Engine ace.xmd Parser out-of-bounds write [CVE-2020-8109]
low
2.6
-
-
-
162146
Atlassian Atlaskit Editor cross site scriting [CVE-2019-20903]
low
3.5
-
-
-
162145
Atlassian JIRA Crowd Upgrade privileges management [CVE-2019-20902]
medium
4.1
-
-
-
162144
Pulse Connect Secure Admin Web Interface xml external entity reference
medium
4.1
-
-
-
162143
Pulse Connect Secure Admin Web Interface code injection [CVE-2020-8243]
medium
4.1
-
-
-
162142
Pulse Connect Secure/Pulse Policy Secure Web Interface cross site scripting
low
3.5
-
-
-
162141
Eaton 9000x DLL vci11un6.DLL untrusted search path
medium
4.4
-
-
-
162140
BigBlueButton Greenlight privileges management [CVE-2020-26163]
medium
4.1
-
-
-
162139
jwt-go Access Restriction privileges management [CVE-2020-26160]
medium
6.8
-
-
-
162138
Oniguruma Regex regcomp.c concat_opt_exact_str memory corruption
medium
4.1
-
-
-
162137
Leanote Desktop Node Integration cross site scriting [CVE-2020-26158]
low
3.5
-
-
-
162136
Leanote Desktop Node Integration cross site scriting [CVE-2020-26157]
low
3.5
-
-
-
162135
libproxy url.cpp memory corruption
medium
4.1
-
-
-
162134
Logaritmo Aware CallManager info.php phpinfo information disclosure
low
3.5
-
-
-
162133
nats.js/nats.ws Credentials information disclosure [CVE-2020-26149]
low
1.5
-
-
-
162132
md4c md4c.c md_push_block_bytes uninitialized resource
low
1.5
-
-
-
162131
urllib3 putrequest crlf injection
medium
4.1
-
-
-
162130
Cybereason Endpoint Protection PowerShell privileges management
medium
4.1
-
-
-
162129
Hoosk CMS index.php cross site scriting
low
3.5
-
-
-
162128
Hoosk CMS index.php sql injection
medium
6.0
-
-
-
162127
Hoosk CMS index.php code injection
medium
4.1
-
-
-
162126
MantisBT bug_actiongroup_page.php cross site scripting
low
4.1
-
-
-
162125
Hashicorp Vault Enterprise Access Control privileges management
medium
4.1
-
-
-
162124
MantisBT file_download.php information disclosure
low
1.5
-
-
-
162123
Django REST Framework API Viewer input validation [CVE-2020-25626]
low
3.5
-
-
-
162122
MantisBT Project privileges management [CVE-2020-25288]
medium
4.1
-
-
-
162121
GAEN Trace privileges management [CVE-2020-24721]
medium
4.1
-
-
-
162120
MB Connect Line mymbCONNECT24/mbCONNECT24 com_mb24proxy cross-site request forgery
low
4.3
-
-
-
162119
MB Connect Line mymbCONNECT24/mbCONNECT24 knximport sql injection
medium
6.0
-
-
-
162118
CMS Made Simple moduleinterface.php cross site scriting
low
3.5
-
-
-
162117
HFish cross site scriting [CVE-2020-22481]
low
3.5
-
-
-
162116
Pluck CMS File Upload command injection [CVE-2020-21564]
medium
6.0
-
-
-
162115
Halo CMS Backup File path traversal [CVE-2020-21527]
medium
4.1
-
-
-
162114
Halo CMS startsWith path traversal
medium
4.1
-
-
-
162113
Halo CMS startsWith path traversal
medium
4.1
-
-
-
162112
Halo CMS wordpress) xml external entity reference
medium
4.1
-
-
-
162111
Halo CMS server-side request forgery [CVE-2020-21523]
medium
4.1
-
-
-
162110
Halo CMS ZIP path traversal [CVE-2020-21522]
medium
4.1
-
-
-
162109
FrontAccounting inst_lang.php path traversal
medium
4.1
-
-
-
162108
MetInfo sql injection [CVE-2020-20800]
medium
6.0
-
-
-
162107
Nacos Access Control privileges management [CVE-2020-19676]
medium
4.1
-
-
-
162106
Niushop B2B2C Multi-Business Basic Background Upload getimagesize privileges management
medium
4.1
-
-
-
162105
Niushop B2B2C Multi-Business Basic improper authentication [CVE-2020-19670]
medium
4.1
-
-
-
162104
Re:Desk Yii Framework actionEmailTemplates sql injection
medium
6.8
-
-
-
162103
Zoho Application Control Plus Element Configuration IP Address information disclosure
low
3.5
-
-
-
162102
Zoho Application Control Plus Mail Gateway Configuration server-side request forgery
low
3.5
-
-
-
162101
Re:Desk File Upload privileges management [CVE-2020-15488]
medium
4.1
-
-
-
162100
Re:Desk Password Reset Ticket.php getBaseCriteria sql injection
medium
6.8
-
-
-
162099
dpdk move_desc integer overflow
low
1.5
-
-
-
162098
dpdk Guest Virtual Machine Memory out-of-bounds read [CVE-2020-14377]
low
1.5
-
-
-
162097
dpdk vm Guest Memory buffer overflow [CVE-2020-14376]
medium
4.1
-
-
-
162096
dpdk Virtio Ring Descriptor toctou [CVE-2020-14375]
medium
4.1
-
-
-
162095
dpdk Virtual Machine copy_data buffer overflow
medium
4.1
-
-
-
162094
Ozeki NG SMS Gateway .NET Framework deserialization [CVE-2020-14030]
medium
4.1
-
-
-
162093
Apache Tapestry URL resource transfer [CVE-2020-13953]
low
1.5
-
-
-
162092
Apache Superset Database Connection information disclosure [CVE-2020-13952]
low
1.5
-
-
-
162091
Apache OpenMeetings NetTest Web Service denial of service [CVE-2020-13951]
low
1.5
-
-
-
162090
Harbor information disclosure [CVE-2020-13794]
low
1.5
-
-
-
162089
Lansweeper Web Console cross-site request forgery [CVE-2020-13658]
low
4.3
-
-
-
162088
GitLab Error Tracking Stored cross site scriting
low
2.8
-
-
-
162087
GitLab Wiki Page Stored cross site scriting
low
3.5
-
-
-
162086
GitLab Bitbucket Project Stored cross site scriting
low
3.5
-
-
-
162085
GitLab Blob View Stored cross site scriting
low
3.5
-
-
-
162084
GitLab PyPi File API Stored cross site scriting
low
2.8
-
-
-
162083
GitLab Project Import privileges management [CVE-2020-13326]
medium
6.0
-
-
-
162082
GitLab Issue Page denial of service [CVE-2020-13325]
low
3.5
-
-
-
162081
GitLab API information disclosure [CVE-2020-13324]
low
3.5
-
-
-
162080
GitLab Private Merge Request information disclosure [CVE-2020-13323]
low
3.5
-
-
-
162079
GitLab Permission privileges management [CVE-2020-13322]
medium
5.4
-
-
-
162078
GitLab cross site scriting [CVE-2020-13321]
low
3.5
-
-
-
162077
GitLab Project Security Dashboard information disclosure [CVE-2020-13320]
low
3.5
-
-
-
162076
GitLab Permission Check privileges management [CVE-2020-13319]
medium
6.0
-
-
-
162075
GitLab Access Control privileges management [CVE-2020-13296]
medium
6.0
-
-
-
162074
RainbowFish PacsOne Server Signup Page sql injection [CVE-2020-12870]
medium
6.0
-
-
-
162073
RainbowFish PacsOne Server cross site scriting [CVE-2020-12869]
low
3.5
-
-
-
162072
RainbowFish PacsOne Server Access Control privileges management
medium
4.1
-
-
-
162071
WAGO 750-890 improper authentication [CVE-2020-12506]
high
9.3
-
-
-
162070
WAGO 750-831/750-852/750-880/750-881/750-882/750-885 improper authentication
medium
6.8
-
-
-
162069
handlebars Regular Expression incorrect regex [CVE-2019-20922]
low
1.5
-
-
-
162068
bootstrap-select OPTION Element cross site scriting [CVE-2019-20921]
low
3.5
-
-
-
162067
handlebars Lookup Helper cross site scriting [CVE-2019-20920]
low
3.5
-
-
-
162066
Atheros AR9132/AR9283/AR9285 WPA2 improper authentication [CVE-2019-18991]
medium
5.4
-
-
-
162065
Realtek RTL8812AR/RTL8196D/RTL8192ER/RTL8881AN WPA2 improper authentication
medium
5.4
-
-
-
162064
MediaTek MT7620N WPA2 improper authentication [CVE-2019-18989]
medium
5.4
-
-
-
162063
ANIXIS Password Reset Client GINA CP Module privileges management
medium
6.8
-
-
-
162062
Zoho ManageEngine ADSelfService Plus GINA CP Module privileges management
medium
6.8
-
-
-
162061
Apache Hadoop Kerberos Authentication privileges management [CVE-2018-11765]
medium
4.1
-
-
-
162060
SonicWALL SSL VPN DNS information disclosure [CVE-2020-5132]
medium
4.6
-
-
-
162059
IBM WebSphere Application Server Error Message information disclosure
low
1.0
-
-
-
162058
BitDefender Engine input validation [CVE-2020-15731]
medium
4.1
-
-
-
162057
August Connect Wi-Fi Bridge App Network Authentication hard-coded key
low
1.8
-
-
-
162056
goxmldsig Signature Validation signature verification [CVE-2020-15216]
medium
5.1
-
-
-
162055
IBM Security Secret Server privileges management [CVE-2020-4607]
medium
4.1
-
-
-
162054
Trend Micro Security 2020 privileges management [CVE-2020-25775]
medium
4.1
-
-
-
162053
Trend Micro Apex One ServerMigrationTool memory corruption [CVE-2020-25774]
low
1.5
-
-
-
162052
Trend Micro Apex One ServerMigrationTool privileges management
medium
4.1
-
-
-
162051
Trend Micro Apex One memory corruption [CVE-2020-25772]
low
1.5
-
-
-
162050
Trend Micro Apex One memory corruption [CVE-2020-25771]
low
1.5
-
-
-
162049
Trend Micro Apex One memory corruption [CVE-2020-25770]
low
1.5
-
-
-
162048
Trend Micro Apex One memory corruption [CVE-2020-24565]
low
1.5
-
-
-
162047
Trend Micro Apex One memory corruption [CVE-2020-24564]
low
1.5
-
-
-
162046
Trend Micro Apex One Security Agent Unload code injection [CVE-2020-24563]
medium
4.1
-
-
-
162045
Trend Micro OfficeScan code injection [CVE-2020-24562]
medium
4.1
-
-
-
162044
FileImporter Extension Page Creation privileges management [CVE-2020-26121]
medium
4.1
-
-
-
162043
MobileFrontend Extension parseHTML DOM-Based cross site scriting
low
3.5
-
-
-
162042
MediaWiki Actor ID exceptional condition [CVE-2020-25869]
low
4.1
-
-
-
162041
MediaWiki Message Content mw.message.parse cross site scriting
low
3.5
-
-
-
162040
OATHAuth Extension improper authentication [CVE-2020-25827]
low
2.6
-
-
-
162039
MediaWiki getFiltersDesc cross site scriting
low
3.5
-
-
-
162038
MediaWiki jQuery mw.message.parse cross site scriting
low
3.5
-
-
-
162037
MediaWiki Special:UserRights Page User information disclosure
low
1.5
-
-
-
162036
MediaWiki Special:Contributions Page cross site scriting [CVE-2020-25812]
low
3.5
-
-
-
162035
TigerVNC TLS Certificate CSecurityTLS.cxx improper authentication
medium
4.1
-
-
-
162034
Python http.client privileges management [CVE-2020-26116]
medium
4.1
-
-
-
162033
projectworlds Visitor Management System Stored cross site scriting
low
4.3
-
-
-
162032
projectworlds Visitor Management System sql injection [CVE-2020-25760]
medium
6.0
-
-
-
162031
SourceCodester Seat Reservation System sql injection [CVE-2020-25762]
medium
6.8
-
-
-
162030
SourceCodester Seat Reservation System unrestricted upload [CVE-2020-25763]
medium
6.8
-
-
-
162029
Observium Professional/Enterprise/Community unrestricted upload
medium
6.5
-
-
-
162028
Observium Professional/Enterprise/Community cross site scripting
low
4.3
-
-
-
162027
Observium Professional/Enterprise/Community authenticate.inc.php sql injection
medium
6.0
-
-
-
162026
Observium Professional/Enterprise/Community syslog_rules cross site scriting
low
3.5
-
-
-
162025
Observium Professional/Enterprise/Community unrestricted upload
medium
6.5
-
-
-
162024
Observium Professional/Enterprise/Community path traversal [CVE-2020-25144]
medium
6.5
-
-
-
162023
Observium Professional/Enterprise/Community sql injection [CVE-2020-25143]
medium
6.0
-
-
-
162022
Observium Professional/Enterprise/Community addsrv cross-site request forgery
low
4.3
-
-
-
162021
Observium Professional/Enterprise/Community view cross site scripting
low
4.3
-
-
-
162020
GE Reason S20 Ethernet Switch cross site scripting [CVE-2020-16242]
low
4.3
-
-
-
162019
TensorFlow out-of-bounds write [CVE-2020-15214]
medium
6.8
-
-
-
162018
TensorFlow memory corruption [CVE-2020-15213]
low
2.6
-
-
-
162017
TensorFlow out-of-bounds write [CVE-2020-15212]
medium
6.8
-
-
-
162016
TensorFlow out-of-bounds write [CVE-2020-15211]
medium
6.8
-
-
-
162015
TensorFlow TFLite Model input validation [CVE-2020-15210]
medium
6.8
-
-
-
162014
TensorFlow TFLite Model null pointer dereference [CVE-2020-15209]
low
2.6
-
-
-
162013
TensorFlow out-of-bounds write [CVE-2020-15208]
medium
6.8
-
-
-
162012
TensorFlow ResolveAxis memory corruption
medium
6.8
-
-
-
162011
TensorFlow input validation [CVE-2020-15206]
low
2.6
-
-
-
162010
TensorFlow tf.raw_ops.StringNGrams memory corruption
medium
6.8
-
-
-
162009
TensorFlow ctx->session_state null pointer dereference
low
4.3
-
-
-
162008
TensorFlow tf.strings.as_string input validation
low
4.3
-
-
-
162007
TensorFlow Shard API Remote Code Execution [CVE-2020-15202]
medium
6.8
-
-
-
162006
TensorFlow RaggedCountSparseOutput input validation
medium
6.8
-
-
-
162005
TensorFlow RaggedCountSparseOutput heap-based overflow
medium
6.8
-
-
-
162004
TensorFlow RaggedCountSparseOutput input validation
low
2.6
-
-
-
162003
TensorFlow SparseCountSparseOutput memory corruption
medium
6.8
-
-
-
162002
TensorFlow SparseCountSparseOutput assertion
low
2.1
-
-
-
162001
TensorFlow RaggedCountSparseOutput memory corruption
medium
6.0
-
-
-
162000
TensorFlow SparseFillEmptyRowsGrad heap-based overflow
medium
6.0
-
-
-
161999
TensorFlow SparseFillEmptyRowsGrad assertion
low
4.3
-
-
-
161998
TensorFlow dlpack.to_dlpack uninitialized resource
medium
6.0
-
-
-
161997
TensorFlow dlpack.to_dlpack input validation
low
3.5
-
-
-
161996
TensorFlow dlpack.to_dlpack null pointer dereference
low
4.3
-
-
-
161995
TensorFlow tf.raw_ops.Switch input validation
low
4.3
-
-
-
161994
IBM InfoSphere Information Server clickjacking [CVE-2020-4727]
medium
6.8
-
-
-
161993
IBM Business Automation Workflow Error Message information disclosure
low
4.3
-
-
-
161992
Observium Professional/Enterprise/Community contacts.inc.php cross site scripting
low
4.3
-
-
-
161991
Observium Professional/Enterprise/Community syslog_rules cross site scripting
low
4.3
-
-
-
161990
Observium Professional/Enterprise/Community alert_test_id cross site scriting
low
3.5
-
-
-
161989
Observium Professional/Enterprise/Community alert_check cross site scriting
low
3.5
-
-
-
161988
jdownloads categories.php order sql injection
medium
6.8
-
-
-
161987
ng-packagr command injection [CVE-2020-7735]
low
4.3
-
-
-
161986
F5 BIG-IP/BIG-IQ denial of service [CVE-2020-5930]
low
1.9
-
-
-
161985
F5 BIG-IP cleartext storage [CVE-2020-5929]
low
1.0
-
-
-
161984
Observium Professional/Enterprise/Community unrestricted upload
medium
6.5
-
-
-
161983
Observium Professional/Enterprise/Community cross site scripting
low
4.3
-
-
-
161982
Observium Professional/Enterprise/Community inc.php path traversal
medium
6.5
-
-
-
161981
Observium Professional/Enterprise/Community inc.php unrestricted upload
medium
6.5
-
-
-
161980
Observium Professional/Enterprise/Community authenticate.inc.php sql injection
medium
6.8
-
-
-
161979
Observium Professional/Enterprise/Community cross site scripting
low
4.3
-
-
-
161978
Observium Professional/Enterprise/Community actions.php sql injection
medium
6.0
-
-
-
161977
jdownloads jdownloadshelper.php updateLog sql injection
medium
6.8
-
-
-
161976
jdownloads jdownloadshelper.php getUserLimits sql injection
medium
6.8
-
-
-
161975
Brocade Fabric OS REST API Reflected cross site scriting
low
3.5
-
-
-
161974
Brocade Fabric OS REST API memory corruption [CVE-2020-15373]
medium
6.8
-
-
-
161973
Brocade Fabric OS Command-Line Interface privileges management
medium
4.1
-
-
-
161972
Brocade Fabric OS code injection [CVE-2020-15371]
medium
4.1
-
-
-
161971
Brocade Fabric OS Log File Password information disclosure
low
3.5
-
-
-
161970
Brocade Fabric OS Supportlink CLI Credentials information disclosure
low
1.5
-
-
-
161969
U.S. Air Force Sensor Data Management System extract75 integer coercion
medium
4.1
-
-
-
161968
Brocade SANnav LDAP injection privileges management [CVE-2019-16212]
medium
6.0
-
-
-
161967
Brocade SANnav Password Storage cleartext storage [CVE-2019-16211]
low
1.5
-
-
-
161966
Brocade Fabric OS HTTP Management Interface Header Injection privileges management
medium
6.0
-
-
-
161965
Brocade Fabric OS Management Interface denial of service [CVE-2018-6448]
low
3.5
-
-
-
161964
Brocade Fabric OS HTTP Management Interface Reflected cross site scriting
low
3.5
-
-
-
161963
Apple macOS Sandbox privileges management [CVE-2020-9968]
medium
4.1
-
-
-
161962
Apple macOS Model IO memory corruption [CVE-2020-9973]
medium
6.8
-
-
-
161961
Apple macOS Mail privileges management [CVE-2020-9941]
medium
6.0
-
-
-
161960
Apple macOS ImageIO memory corruption [CVE-2020-9961]
medium
6.8
-
-
-
161959
Apple iCloud WebKit Universal cross site scriting
medium
4.3
-
-
-
161958
cPanel Cron Editor Interface cross site scripting [CVE-2020-26115]
low
4.3
-
-
-
161957
cPanel Cron Jobs interface cross site scripting [CVE-2020-26114]
low
4.3
-
-
-
161956
cPanel WHM Manage API Tokens Interface cross site scripting [CVE-2020-26113]
low
4.3
-
-
-
161955
cPanel Email Quota Cache privileges management [CVE-2020-26112]
medium
7.5
-
-
-
161954
cPanel WHM Edit DNS Zone Interface cross site scripting [CVE-2020-26111]
low
4.3
-
-
-
161953
cPanel DNS Zone Manager DNSSEC Interface cross site scripting
low
4.3
-
-
-
161952
cPanel Protection Mechanism privileges management [CVE-2020-26109]
medium
7.5
-
-
-
161951
cPanel File Extension code injection [CVE-2020-26108]
medium
6.0
-
-
-
161950
cPanel PowerDNS API Key inadequate encryption
low
2.6
-
-
-
161949
cPanel Permission log file [CVE-2020-26106]
medium
6.8
-
-
-
161948
cPanel chkservd Test Credential insufficiently protected credentials
medium
5.0
-
-
-
161947
cPanel SRS Secret insecure storage of sensitive information [CVE-2020-26104]
medium
5.0
-
-
-
161946
cPanel mailman weak password [CVE-2020-26103]
medium
6.8
-
-
-
161945
cPanel Auth Policy API privileges management [CVE-2020-26102]
medium
4.1
-
-
-
161944
cPanel RNDC insufficiently protected credentials [CVE-2020-26101]
medium
5.0
-
-
-
161943
cPanel csh Jail privileges management
medium
7.5
-
-
-
161942
cPanel Protect SMTP Greylist privileges management [CVE-2020-26099]
medium
4.1
-
-
-
161941
cPanel Exim Filter code injection [CVE-2020-26098]
medium
6.0
-
-
-
161940
Rubetek RV-3406/RV-3409/RV-3411 Telnet Service hard-coded password
high
9.3
-
-
-
161939
Rubetek RV-3406/RV-3409/RV-3411 RTSP Server cleartext storage
low
2.6
-
-
-
161938
Rubetek RV-3406/RV-3409/RV-3411 Telnet Service improper authentication
medium
6.8
-
-
-
161937
Hak5 WiFi Pineapple Mark VII ui path traversal
medium
4.4
-
-
-
161936
QEMU TD List hcd-ohci.c infinite loop
low
1.9
-
-
-
161935
Sophos SG UTM WebAdmin code injection [CVE-2020-25223]
medium
6.0
-
-
-
161934
Framer Preview App privileges management [CVE-2020-25203]
medium
4.1
-
-
-
161933
QEMU exec.c flatview_read_continue out-of-bounds write
medium
4.4
-
-
-
161932
QEMU hcd-xhci.c usb_packet_map use after free
medium
4.4
-
-
-
161931
Mitel MiContact Center Business Ignite Portal input validation
low
4.3
-
-
-
161930
HTML Form Entry Module Velocity Template Language File code injection
medium
4.1
-
-
-
161929
Pexip Infinity SIP input validation [CVE-2020-24615]
low
5.0
-
-
-
161928
Mitel MiCloud Management Portal information disclosure [CVE-2020-24595]
low
1.5
-
-
-
161927
Mitel MiCloud Management Portal cross site scripting [CVE-2020-24594]
low
4.3
-
-
-
161926
Mitel MiCloud Management Portal sql injection [CVE-2020-24593]
medium
6.0
-
-
-
161925
Mitel MiCloud Management Portal escape output [CVE-2020-24592]
low
5.0
-
-
-
161924
Multi User Plugin cross-site request forgery [CVE-2020-23837]
low
3.5
-
-
-
161923
Zoho ManageEngine Applications Manager header.jsp cross site scripting
low
4.3
-
-
-
161922
Zoho ManageEngine Applications Manager REST API sql injection
medium
6.8
-
-
-
161921
Pexip Infinity H.323 denial of service [CVE-2020-13387]
low
1.5
-
-
-
161920
Pexip Infinity RTP input validation [CVE-2020-12824]
low
5.0
-
-
-
161919
Pexip Reverse Proxy/TURN Server UDP Access Control input validation
medium
6.8
-
-
-
161918
Pexip Infinity System Backup Restore input validation [CVE-2019-7178]
medium
6.5
-
-
-
161917
Pexip Infinity code injection [CVE-2019-7177]
medium
4.1
-
-
-
161916
Pagure Blame View blame.html cross site scripting
low
4.3
-
-
-
161915
Pexip Infinity XML Parser denial of service [CVE-2018-10585]
low
1.5
-
-
-
161914
Pexip Infinity TLS Handshake resource consumption [CVE-2018-10432]
low
5.0
-
-
-
161913
Lenovo Enterprise Network Disk DOM-Based cross site scripting
low
3.5
-
-
-
161912
Lenovo Enterprise Network Disk URL cross site scripting [CVE-2020-8347]
low
3.5
-
-
-
161911
Lenovo Desktop/ThinkStation SMI Callback code injection [CVE-2020-8333]
medium
5.9
-
-
-
161910
Cisco Wireless LAN Controller resource consumption [CVE-2020-3560]
low
4.3
-
-
-
161909
Cisco Aironet Access Point resource consumption [CVE-2020-3559]
low
2.6
-
-
-
161908
Cisco Aironet Access Point null pointer dereference [CVE-2020-3552]
low
2.9
-
-
-
161907
Cisco Catalyst 9200 Polaris Kernel input validation [CVE-2020-3527]
low
4.3
-
-
-
161906
Cisco IOS XE COPS Engine input validation [CVE-2020-3526]
low
4.3
-
-
-
161905
Cisco IOS XE ROM Monitor access control [CVE-2020-3524]
medium
6.2
-
-
-
161904
Cisco IOS XE Web Server Authentication input validation [CVE-2020-3516]
low
3.5
-
-
-
161903
Cisco IOS XE Aggregation Services routine [CVE-2020-3513]
medium
6.6
-
-
-
161902
Cisco IOS/IOS XE Link Layer Discovery Protocol 7pk error [CVE-2020-3512]
low
2.9
-
-
-
161901
Cisco IOS/IOS XE ISDN Subsystem input validation [CVE-2020-3511]
low
2.9
-
-
-
161900
Cisco IOS XE Umbrella Connector 7pk error [CVE-2020-3510]
low
4.3
-
-
-
161899
Cisco IOS XE DHCP Message 7pk error [CVE-2020-3509]
low
4.3
-
-
-
161898
Cisco IOS XE Aggregation Services resource consumption [CVE-2020-3508]
low
2.9
-
-
-
161897
Cisco IOS XE File System Permission access control [CVE-2020-3503]
medium
4.1
-
-
-
161896
Cisco IOS XE Control/Provisioning input validation [CVE-2020-3497]
low
2.9
-
-
-
161895
Cisco IOS XE Control/Provisioning input validation [CVE-2020-3494]
low
2.9
-
-
-
161894
Cisco IOS XE Control/Provisioning input validation [CVE-2020-3493]
low
2.9
-
-
-
161893
Cisco IOS XE/AireOS Control/Provisioning input validation [CVE-2020-3492]
low
4.3
-
-
-
161892
Cisco IOS XE Control/Provisioning input validation [CVE-2020-3489]
low
2.9
-
-
-
161891
Cisco IOS XE Control/Provisioning input validation [CVE-2020-3488]
low
2.9
-
-
-
161890
Cisco IOS XE Control/Provisioning input validation [CVE-2020-3487]
low
2.9
-
-
-
161889
Cisco IOS XE Control/Provisioning input validation [CVE-2020-3486]
low
2.9
-
-
-
161888
Cisco IOS XE Zone-Based Firewall unusual condition [CVE-2020-3480]
low
4.3
-
-
-
161887
Cisco IOS/IOS XE Border Gateway Protocol input validation [CVE-2020-3479]
low
2.6
-
-
-
161886
Cisco IOS/IOS XE CLI Parser input validation [CVE-2020-3477]
low
1.5
-
-
-
161885
Cisco IOS XE CLI file access [CVE-2020-3476]
medium
4.1
-
-
-
161884
Cisco IOS XE Web Management Framework input validation [CVE-2020-3475]
medium
6.0
-
-
-
161883
Cisco IOS XE Web Management Framework input validation [CVE-2020-3474]
medium
6.0
-
-
-
161882
Cisco IOS XE input validation [CVE-2020-3465]
low
2.9
-
-
-
161881
Cisco IOS XE WPA2/WPA3 input validation [CVE-2020-3429]
low
2.9
-
-
-
161880
Cisco IOS XE WLAN Local Profiling input validation [CVE-2020-3428]
low
2.9
-
-
-
161879
Cisco IOS LPWA Subsystem access control [CVE-2020-3426]
medium
6.8
-
-
-
161878
Cisco IOS XE Web Management Framework input validation [CVE-2020-3425]
medium
6.0
-
-
-
161877
Cisco IOS XE Lua Interpreter memory corruption [CVE-2020-3423]
medium
6.6
-
-
-
161876
Cisco IOS XE IP SLA Responder state issue [CVE-2020-3422]
low
4.3
-
-
-
161875
Cisco IOS XE Zone-Based Firewall unusual condition [CVE-2020-3421]
low
4.3
-
-
-
161874
Cisco IOS XE ICMPv6 Traffic access control [CVE-2020-3418]
medium
5.4
-
-
-
161873
Cisco IOS XE ROM Monitor os command injection [CVE-2020-3417]
medium
6.6
-
-
-
161872
Cisco IOS XE RSP3 routine [CVE-2020-3416]
medium
6.6
-
-
-
161871
Cisco IOS XE IPv4/IPv6 data processing [CVE-2020-3414]
low
4.3
-
-
-
161870
Cisco IOS/IOS XE PROFINET input validation [CVE-2020-3409]
low
2.9
-
-
-
161869
Cisco IOS/IOS XE Split DNS incorrect regex [CVE-2020-3408]
low
4.3
-
-
-
161868
Cisco IOS XE Access Control List null pointer dereference [CVE-2020-3407]
low
4.3
-
-
-
161867
Cisco IOS XE Telnet/SSH authorization [CVE-2020-3404]
medium
6.6
-
-
-
161866
Cisco IOS XE CLI os command injection [CVE-2020-3403]
medium
6.6
-
-
-
161865
Cisco IOS XE Web UI authorization [CVE-2020-3400]
medium
6.0
-
-
-
161864
Cisco IOS XE Control/Provisioning denial of service [CVE-2020-3399]
low
4.3
-
-
-
161863
Cisco IOS XE USB 3.0 SSD access control [CVE-2020-3396]
medium
4.1
-
-
-
161862
Cisco IOS XE Role-Based Access Control privileges management
medium
6.6
-
-
-
161861
Cisco IOS XE SNMP Trap input validation [CVE-2020-3390]
low
2.9
-
-
-
161860
Cisco IOS XE mDNS input validation [CVE-2020-3359]
medium
7.1
-
-
-
161859
Cisco IOS XE Web Management input validation [CVE-2020-3141]
medium
8.5
-
-
-
161858
jdownloads send.php sql injection
medium
6.0
-
-
-
161857
Hotspot Shield VPN Directory Permission privileges management
medium
4.1
-
-
-
161856
Joplin Desktop Emded Tag cross site scripting [CVE-2020-15930]
low
4.3
-
-
-
161855
Nakivo Backup / Replication Transporter Access Control privileges management
medium
6.0
-
-
-
161854
Nakivo Backup / Replication Director Director Web Interface privileges management
medium
6.6
-
-
-
161853
ActFax Folder Permission TSClientB.exe privileges management
medium
4.1
-
-
-
161852
ORY Fosite Storage Error exceptional condition [CVE-2020-15223]
medium
4.0
-
-
-
161851
ORY Fosite improper authentication [CVE-2020-15222]
medium
6.8
-
-
-
161850
PrestaShop Attachments cross site scripting [CVE-2020-15162]
low
4.3
-
-
-
161849
PrestaShop Contact Form cross site scripting [CVE-2020-15161]
low
4.3
-
-
-
161848
PrestaShop Catalog Product Edition Page Blind sql injection
medium
6.0
-
-
-
161847
JerryScript opcodes.c privileges management
medium
7.5
-
-
-
161846
iSmartgate Pro clickjacking [CVE-2020-13119]
medium
4.1
-
-
-
161845
iSmartgate Pro File Upload privileges management [CVE-2020-12843]
medium
4.1
-
-
-
161844
iSmartgate Pro checkUserExpirationDate.php code injection
medium
7.5
-
-
-
161843
iSmartgate Pro index.php cross-site request forgery
low
4.3
-
-
-
161842
iSmartgate Pro index.php cross-site request forgery
low
4.3
-
-
-
161841
iSmartgate Pro checkExpirationDate.php code injection
medium
7.5
-
-
-
161840
iSmartgate Pro mailAdmin.php code injection
medium
7.5
-
-
-
161839
iSmartgate Pro File Upload unrestricted upload [CVE-2020-12837]
medium
7.5
-
-
-
161838
Fortinet FortiTester cross site scriting [CVE-2020-12815]
low
3.5
-
-
-
161837
Fortinet FortiManager/FortiAnalyzer cross site scripting [CVE-2020-12811]
low
4.3
-
-
-
161836
iSmartgate Pro index.php cross-site request forgery
low
4.3
-
-
-
161835
iSmartgate Pro index.php cross-site request forgery
low
4.3
-
-
-
161834
AVEVA eDNA Enterprise Data Historian SOAP FavoritesService.asmx sql injection
medium
6.8
-
-
-
161833
Check Point Security Management CA Web Management input validation
medium
4.1
-
-
-
161832
Linux Kernel NFC Socket rawsock.c privileges management
medium
4.1
-
-
-
161831
Gemtek WRTM-127ACN/WRTM-127x9 Monitor Diagnostic Network Page privileges management
medium
6.6
-
-
-
161830
Untis WebUntis cross site scriting [CVE-2020-22453]
low
3.5
-
-
-
161829
Telmat AccessLog Administration Panel code injection [CVE-2020-16148]
high
9.3
-
-
-
161828
Telmat AccessLog Login Page code injection [CVE-2020-16147]
high
9.3
-
-
-
161827
Liferay Portal URL Encoding privileges management [CVE-2020-15840]
medium
4.1
-
-
-
161826
AVEVA eDNA Enterprise Data Historian SOAP ednareporting.asmx sql injection
medium
6.8
-
-
-
161825
AVEVA eDNA Enterprise Data Historian Web Service Alias.asmx sql injection
medium
6.8
-
-
-
161824
AVEVA eDNA Enterprise Data Historian Web Service Alias.asmx sql injection
medium
6.8
-
-
-
161823
AVEVA eDNA Enterprise Data Historian SOAP ednareporting.asmx sql injection
medium
6.8
-
-
-
161822
AVEVA eDNA Enterprise Data Historian SOAP ednareporting.asmx sql injection
medium
6.8
-
-
-
161821
AVEVA eDNA Enterprise Data Historian SOAP ednareporting.asmx sql injection
medium
6.8
-
-
-
161820
AVEVA eDNA Enterprise Data Historian Web Service DNAPoints.asmx sql injection
medium
6.8
-
-
-
161819
Fortinet FortiGate Log privileges management [CVE-2020-12818]
low
1.9
-
-
-
161818
Fortinet FortiAnalyzer injection [CVE-2020-12817]
low
3.5
-
-
-
161817
Fortinet FortiNAC Stored cross site scriting [CVE-2020-12816]
low
3.5
-
-
-
161816
iSmartgate Pro opendoor.php cross-site request forgery
low
4.3
-
-
-
161815
Trend Micro Security 2019 SSL Certificate Validator certificate validation
medium
5.1
-
-
-
161814
Trend Micro Security 2019 SSL Certificate Validator certificate validation
medium
5.1
-
-
-
161813
Xen Timer Migration race condition [CVE-2020-25604]
medium
4.7
-
-
-
161812
Xen Event Channel smp_*mb memory corruption
medium
4.1
-
-
-
161811
Xen Error denial of service [CVE-2020-25602]
medium
4.4
-
-
-
161810
Xen FIFO Event Channel evtchn_destroy denial of service
low
1.5
-
-
-
161809
Xen Event Channel denial of service [CVE-2020-25600]
medium
4.4
-
-
-
161808
Xen evtchn_reset memory corruption
medium
4.1
-
-
-
161807
Xen RCU denial of service [CVE-2020-25598]
medium
4.4
-
-
-
161806
Xen denial of service [CVE-2020-25597]
medium
4.4
-
-
-
161805
Xen SYSENTER null termination
low
4.4
-
-
-
161804
Xen PCI Passthrough backdoor [CVE-2020-25595]
medium
6.0
-
-
-
161803
IgniteNet HeliOS GLinq cross-site request forgery [CVE-2020-5783]
low
4.3
-
-
-
161802
IgniteNet HeliOS GLinq denial of service [CVE-2020-5782]
low
1.5
-
-
-
161801
IgniteNet HeliOS GLinq Luci Configuration luci authenticator.htmlauth denial of service
low
1.5
-
-
-
161800
IBM Security Secret Server SSL Certificate Validator improper authentication
low
2.6
-
-
-
161799
IBM Security Secret Server privileges management [CVE-2020-4324]
medium
6.0
-
-
-
161798
gon Gem XSS Protection Mechanism json_dumper.rb cross site scripting
low
4.3
-
-
-
161797
YGOPro ygocore integer overflow [CVE-2020-24213]
medium
4.1
-
-
-
161796
Liquibase Runner Plugin Permission Check authorization [CVE-2020-2285]
medium
4.1
-
-
-
161795
Liquibase Runner Plugin XML Parser xml external entity reference
medium
4.1
-
-
-
161794
Liquibase Runner Plugin Changeset Content Stored cross site scripting
low
3.5
-
-
-
161793
Implied Labels Plugin Permission Check authorization [CVE-2020-2282]
medium
6.0
-
-
-
161792
Lockable Resources Plugin cross-site request forgery [CVE-2020-2281]
low
4.3
-
-
-
161791
Warnings Plugin cross-site request forgery [CVE-2020-2280]
low
4.3
-
-
-
161790
Script Security Plugin Sandbox protection mechanism [CVE-2020-2279]
medium
6.0
-
-
-
161789
GE Digital APM Classic Hash hash without salt [CVE-2020-16244]
low
1.0
-
-
-
161788
GE Digital APM Classic JSON authorization [CVE-2020-16240]
low
1.5
-
-
-
161787
GLPI risky encryption [CVE-2020-11031]
low
1.0
-
-
-
161786
Aruba CX Switch Cisco Discovery Protocol denial of service [CVE-2020-7122]
low
1.5
-
-
-
161785
Aruba CX Switch Link Layer Discovery Protocol denial of service
low
1.5
-
-
-
161784
HPE Pay Per Use Utility Computing Service Meter doPost code injection
medium
4.4
-
-
-
161783
HPE Pay Per Use Utility Computing Service Meter doGet path traversal
low
1.9
-
-
-
161782
HPE Pay Per Use Utility Computing Service Meter execute path traversal
medium
4.4
-
-
-
161781
podman Varlink API/REST API information disclosure [CVE-2020-14370]
low
1.5
-
-
-
161780
ansible-engine dnf Module signature verification [CVE-2020-14365]
medium
4.1
-
-
-
161779
Wildfly Elytron Form Authentication session fixiation [CVE-2020-10714]
medium
4.1
-
-
-
161778
Undertow HTTP input validation [CVE-2020-10687]
medium
6.0
-
-
-
161777
PingID integration CefSharp.BrowserSubprocess.exe privileges management
medium
4.1
-
-
-
161776
Cisco IOS XR DVMRP resource consumption [CVE-2020-3569]
low
4.3
-
-
-
161775
Cisco TelePresence Collaboration Endpoint Video Endpoint API path traversal
medium
6.0
-
-
-
161773
Cisco Unified Communications Manager Web-based Management Interface cross-site request forgery
low
4.3
-
-
-
161772
Cisco Email Security Appliance Content Filter input validation
medium
6.8
-
-
-
161771
Cisco Unity Connection Web Management Interface path traversal
medium
4.6
-
-
-
161770
Cisco Hosted Collaboration Mediation Fulfillment Web-based Interface cross-site request forgery
low
4.3
-
-
-
161769
Cisco Web Security Appliance API Framework Header Injection response splitting
medium
6.8
-
-
-
161768
Cisco WebEx UCF File input validation [CVE-2020-3116]
low
4.3
-
-
-
161767
peg-markdown markdown_lib.c process_raw_blocks null pointer dereference
low
5.0
-
-
-
161766
Cisco Email Security Appliance Advanced Malware Protection input validation
low
4.3
-
-
-
161765
Cisco Email Security Appliance Email Message Filter input validation
low
4.3
-
-
-
161764
Cisco Unified Contact Center Express Administration Web Interface unrestricted upload
medium
6.0
-
-
-
161763
Cisco UCS C-Series Rack Servers Signature Validation signature verification
medium
6.6
-
-
-
161762
Cisco FirePOWER Management Center Web-based Management Interface improper authentication
medium
6.8
-
-
-
161761
Cisco Emergency Responder Web-based Management Interface cross site scripting
low
3.5
-
-
-
161760
Cisco IOS XR Border Gateway Protocol resource management [CVE-2019-16023]
low
4.3
-
-
-
161759
Cisco IOS XR Border Gateway Protocol resource management [CVE-2019-16021]
low
4.3
-
-
-
161758
Cisco IOS XR Border Gateway Protocol resource management [CVE-2019-16019]
low
4.3
-
-
-
161757
Cisco OAMP OpsConsole Server access control [CVE-2019-16017]
medium
6.0
-
-
-
161756
Cisco IOS/IOS XE Web UI cross-site request forgery [CVE-2019-16009]
low
4.3
-
-
-
161755
Cisco AnyConnect Secure Mobility Client insufficient verification of data authenticity
low
4.1
-
-
-
161754
Cisco Vision Dynamic Signage Director REST API Endpoint missing authentication
medium
6.8
-
-
-
161753
Cisco Umbrella Roaming Client Installer insufficient verification of data authenticity
medium
4.1
-
-
-
161752
Cisco Small Business Switches Web UI config [CVE-2019-15993]
low
4.3
-
-
-
161751
Cisco ASA/Firepower Threat Defense Lua Interpreter memory corruption
medium
8.5
-
-
-
161750
Cisco Managed Services Accelerator Web Interface redirect [CVE-2019-15974]
medium
6.8
-
-
-
161749
Cisco Web Security Appliance Web-based Management Interface cross site scripting
low
4.3
-
-
-
161748
Cisco Unified Communications Manager Web-based Management Interface information disclosure
low
3.5
-
-
-
161747
Cisco Small Business SPA500 Testing Script input validation [CVE-2019-15959]
low
4.1
-
-
-
161746
Cisco Small Business RV Series Router Web-based Management Interface input validation
medium
6.0
-
-
-
161745
Cisco TelePresence Collaboration Endpoint/RoomOS input validation
low
4.3
-
-
-
161744
Cisco WebEx Network Recording Player/Webex Player ARF File memory corruption
medium
6.8
-
-
-
161743
Cisco WebEx Network Recording Player/Webex Player ARF File memory corruption
medium
6.8
-
-
-
161742
Cisco WebEx Network Recording Player/Webex Player ARF File memory corruption
medium
6.8
-
-
-
161741
Telestream Tektronix Medius/Sentry Server Login Page index.php sql injection
medium
6.8
-
-
-
161740
IBM Data Risk Manager hard-coded credentials [CVE-2020-4622]
medium
5.0
-
-
-
161739
IBM Data Risk Manager authorization [CVE-2020-4621]
medium
6.5
-
-
-
161738
IBM Data Risk Manager Extension unrestricted upload [CVE-2020-4620]
medium
9.0
-
-
-
161737
IBM Data Risk Manager Credential Storage cleartext storage [CVE-2020-4619]
low
3.5
-
-
-
161736
IBM Data Risk Manager input validation [CVE-2020-4618]
low
4.0
-
-
-
161735
IBM Data Risk Manager cross-site request forgery [CVE-2020-4617]
low
4.3
-
-
-
161734
IBM Data Risk Manager information disclosure [CVE-2020-4616]
low
5.0
-
-
-
161733
IBM Data Risk Manager Web UI cross site scripting [CVE-2020-4615]
low
3.5
-
-
-
161732
IBM Data Risk Manager risky encryption [CVE-2020-4614]
low
4.3
-
-
-
161731
IBM Data Risk Manager risky encryption [CVE-2020-4613]
low
4.3
-
-
-
161730
IBM Data Risk Manager information disclosure [CVE-2020-4612]
low
4.0
-
-
-
161729
IBM Data Risk Manager permission assignment [CVE-2020-4611]
medium
6.5
-
-
-
161728
VMware Horizon DaaS Two-factor Authentication missing authentication
medium
6.0
-
-
-
161727
SourceCodester Simple Library Management System New Book privileges management
medium
4.1
-
-
-
161726
SourceCodester Simple Library Management System Login Panel admin.php improper authentication
medium
4.4
-
-
-
161725
PHPGurukul Zoo Management System animal-detail.php sql injection
medium
6.8
-
-
-
161724
Shotcut TLS mainwindow.cpp VerifyNone) risky encryption
low
2.6
-
-
-
161723
Arista CloudVision Portal Configlet Management improper authentication
low
4.0
-
-
-
161722
Verint Workforce Optimization API information disclosure [CVE-2020-23446]
low
4.3
-
-
-
161721
Liferay Portal/Liferay DXP Multipart Form unrestricted upload
low
3.5
-
-
-
161720
Ozeki NG SMS Gateway TXT File Module denial of service [CVE-2020-14031]
low
4.9
-
-
-
161719
Ozeki NG SMS Gateway Autoreply path traversal [CVE-2020-14028]
medium
8.5
-
-
-
161718
Ozeki NG SMS Gateway Database Connection argument injection [CVE-2020-14027]
medium
6.0
-
-
-
161717
Ozeki NG SMS Gateway CSV Export csv injection [CVE-2020-14026]
medium
6.8
-
-
-
161716
Ozeki NG SMS Gateway cross-site request forgery [CVE-2020-14025]
low
4.3
-
-
-
161715
Ozeki NG SMS Gateway Stored cross site scripting [CVE-2020-14024]
low
4.3
-
-
-
161714
Ozeki NG SMS Gateway SMS WCF/RSS to SMS server-side request forgery
medium
6.5
-
-
-
161713
Ozeki NG SMS Gateway Bulk Import unrestricted upload [CVE-2020-14022]
medium
6.0
-
-
-
161712
Micro Focus Operation Bridge Reporter hard-coded credentials
medium
6.8
-
-
-
161711
Micro Focus Operation Bridge Reporter authorization [CVE-2020-11856]
medium
6.8
-
-
-
161710
Micro Focus Operation Bridge Reporter privileges management [CVE-2020-11855]
medium
4.1
-
-
-
161709
cabot Package Endpoint Column cross site scriting [CVE-2020-7734]
low
3.5
-
-
-
161708
Google Chrome Offscreen Canvas use after free [CVE-2020-6576]
medium
6.8
-
-
-
161707
Google Chrome Omnibox Domain input validation
medium
6.8
-
-
-
161706
Google Chrome WebRTC information disclosure [CVE-2020-6570]
low
4.3
-
-
-
161705
Google Chrome WebUSB integer overflow [CVE-2020-6569]
medium
6.8
-
-
-
161704
Google Chrome Policy Enforcement privileges management [CVE-2020-6568]
medium
6.8
-
-
-
161703
Google Chrome Command Line privileges management [CVE-2020-6567]
medium
6.8
-
-
-
161702
Google Chrome Media origin validation [CVE-2020-6566]
low
4.3
-
-
-
161701
Google Chrome Omnibox authentication spoofing [CVE-2020-6565]
medium
6.8
-
-
-
161700
Google Chrome Permission Dialog permissions [CVE-2020-6564]
medium
6.8
-
-
-
161699
Google Chrome Intent information disclosure [CVE-2020-6563]
low
4.3
-
-
-
161698
Google Chrome Blink permission assignment [CVE-2020-6562]
low
4.3
-
-
-
161697
Google Chrome Content Security Policy origin validation [CVE-2020-6561]
low
4.3
-
-
-
161696
Google Chrome Autofill origin validation [CVE-2020-6560]
low
4.3
-
-
-
161695
Google Chrome Presentation API use after free [CVE-2020-6559]
medium
6.8
-
-
-
161694
Google Chrome iOSWeb privileges management [CVE-2020-6558]
medium
6.8
-
-
-
161693
Google Chrome Swiftshader out-of-bounds write [CVE-2020-6556]
medium
6.8
-
-
-
161692
Google Chrome WebUSB use after free [CVE-2020-6541]
medium
6.8
-
-
-
161691
Google Chrome Skia out-of-bounds write [CVE-2020-6540]
medium
6.8
-
-
-
161690
Google Chrome CSS use after free [CVE-2020-6539]
medium
6.8
-
-
-
161689
Google Chrome WebView origin validation [CVE-2020-6538]
low
4.3
-
-
-
161688
Google Chrome v8 type confusion [CVE-2020-6537]
medium
6.8
-
-
-
161687
Google Chrome SCTP use after free [CVE-2020-6532]
medium
6.8
-
-
-
161686
IBM Aspera Web Application Web UI cross site scriting [CVE-2020-4731]
low
4.3
-
-
-
161685
IBM WebSphere Application Server XML Data xml external entity reference
medium
6.8
-
-
-
161684
IBM WebSphere Application Server Liberty oAuth/openidConnectServer denial of service
low
2.1
-
-
-
161683
IBM DataPower Gateway HTTP2 Request denial of service [CVE-2020-4581]
low
4.3
-
-
-
161682
IBM DataPower Gateway denial of service [CVE-2020-4580]
low
4.3
-
-
-
161681
IBM DataPower Gateway HTTP2 Request denial of service [CVE-2020-4579]
low
4.3
-
-
-
161680
IBM Business Automation Content Analyzer on Cloud Authorization Token missing encryption
low
2.6
-
-
-
161679
Google Chrome Policy Enforcement information disclosure [CVE-2020-15966]
low
2.6
-
-
-
161678
Google Chrome v8 type confusion [CVE-2020-15965]
medium
6.8
-
-
-
161677
Google Chrome Media out-of-bounds write [CVE-2020-15964]
medium
6.8
-
-
-
161676
Google Chrome Policy Enforcement sandbox [CVE-2020-15963]
medium
5.1
-
-
-
161675
Google Chrome Serial Policy Validator memory corruption [CVE-2020-15962]
medium
6.8
-
-
-
161674
Google Chrome Extension Policy Validator sandbox [CVE-2020-15961]
medium
5.1
-
-
-
161673
Google Chrome Storage out-of-bounds write [CVE-2020-15960]
medium
6.8
-
-
-
161672
Advantech WebAccess Node permission assignment [CVE-2020-16202]
medium
6.9
-
-
-
161671
AVEVA Enterprise Data Management Web sql injection [CVE-2020-13501]
medium
6.8
-
-
-
161670
AVEVA Enterprise Data Management Web sql injection [CVE-2020-13500]
medium
6.8
-
-
-
161669
AVEVA Enterprise Data Management Web sql injection [CVE-2020-13499]
medium
6.8
-
-
-
161668
Fatek PLC WinProladder stack-based overflow [CVE-2020-16234]
medium
6.9
-
-
-
161667
Drupal AJAX API cross site scriting [CVE-2020-13666]
low
3.5
-
-
-
161666
Drupal File Module privileges management [CVE-2020-13670]
medium
4.1
-
-
-
161665
FreeBSD ftpd privileges management [CVE-2020-7468]
medium
8.5
-
-
-
161664
Drupal Experimental Workspaces privileges management [CVE-2020-13667]
medium
4.1
-
-
-
161663
Drupal CKEditor Reflected cross site scriting
low
3.5
-
-
-
161662
Drupal Reflected cross site scriting [CVE-2020-13668]
low
3.5
-
-
-
161661
FreeBSD bhyve SVM Guest privileges management [CVE-2020-7467]
high
9.3
-
-
-
161660
FreeBSD bhyve privileges management [CVE-2020-24718]
medium
4.1
-
-
-
161659
FreeBSD ure Device Driver injection [CVE-2020-7464]
medium
6.8
-
-
-
161658
Acronis Cyber Backup server-side request forgery [CVE-2020-16171]
medium
6.8
-
-
-
161657
ModSecurity resource consumption [CVE-2020-15598] [Disputed]
low
4.3
-
-
-
161656
Atlassian Jira Service Desk Server/Data Center Project Request Type information disclosure
low
3.5
-
-
-
161655
Atlassian JIRA Server/Data Center QueryComponent!Default.jspa information disclosure
low
4.3
-
-
-
161654
Atlassian JIRA Server/Data Center incorrect regex [CVE-2020-14177]
low
3.5
-
-
-
161653
sized-chunks crate InlineArray array index
medium
5.0
-
-
-
161652
sized-chunks crate insert_from double free
medium
6.8
-
-
-
161651
sized-chunks crate memory leak [CVE-2020-25794]
medium
6.8
-
-
-
161650
sized-chunks crate array index [CVE-2020-25793]
medium
6.8
-
-
-
161649
sized-chunks crate pair array index
medium
6.8
-
-
-
161648
si