Tools 2020

167160concread Crate unknown vulnerability [CVE-2020-35928]
167159thex Crate Thread unknown vulnerability [CVE-2020-35927]
167158nanorand Crate entropy [CVE-2020-35926]
167157magnetic Crate Thread MPMCProducer memory corruption
167156try-mutex Crate Thread unknown vulnerability [CVE-2020-35924]
167155ordered-float crate unknown vulnerability [CVE-2020-35923]
167154mio Crate SocketAddr memory corruption
167153miow Crate SocketAddr memory corruption
167152socket2 Crate SocketAddr memory corruption
167151net2 Crate SocketAddr memory corruption
167150branca Crate Token Decoding denial of service [CVE-2020-35918]
167149pyo3 Crate use after free [CVE-2020-35917]
167148Image Crate unknown vulnerability [CVE-2020-35916]
167147futures-intrusive Crate Thread GenericMutexGuard unknown vulnerability
167146lock_api Crate RwLockWriteGuard unknown vulnerability
167145lock_api Crate RwLockReadGuard unknown vulnerability
167144lock_api Crate MappedRwLockWriteGuard unknown vulnerability
167143lock_api Crate MappedRwLockReadGuard unknown vulnerability
167142lock_api Crate unknown vulnerability [CVE-2020-35910]
167141multihash Crate from_slice denial of service
167140futures-util Crate FuturesUnordered unknown vulnerability
167139futures-task Crate noop_waker_ref null pointer dereference
167138futures-task Crate waker use after free
167137futures-util Crate map race condition
167136crossbeam-channel Crate memory corruption [CVE-2020-35904]
167135dync Crate VecCopy unknown vulnerability
167134actix-codec Crate Framed use after free [CVE-2020-35902]
167133actix-http Crate BodyStream use after free
167132array-queue Crate pop_back use after free
167131actix-service Crate Cell unknown vulnerability [CVE-2020-35899]
167130actix-utils Crate Cell unknown vulnerability [CVE-2020-35898]
167129atom Crate Send unknown vulnerability [CVE-2020-35897]
167128ws Crate buffer overflow [CVE-2020-35896]
167127stack Crate ArrayVec out-of-bounds write
167126obstack Crate unknown vulnerability [CVE-2020-35894]
167125simple-slab Crate remove uninitialized pointer
167124simple-slab Crate index out-of-bounds read
167123ordnung Crate Vec double free
167122ordnung Crate Vec out-of-bounds read
167121crayon Crate HandleLike toctou
167120arr Crate new_from_template uninitialized pointer
167119arr Crate IndexMut buffer overflow
167118arr Crate Thread unknown vulnerability [CVE-2020-35886]
167117alpm-rs Crate StrcCtx allocation of resources
167116tiny_http Crate Transfer-Encoding request smuggling [CVE-2020-35884]
167115mozwire Crate path traversal [CVE-2020-35883]
167114rocket Crate clone unknown vulnerability
167113traitobject Crate memory corruption [CVE-2020-35881]
167112bigint Crate unknown vulnerability [CVE-2020-35880]
167111rulinalg Crate raw_slice_mut unknown vulnerability
167110ozone Crate uninitialized pointer [CVE-2020-35878]
167109ozone Crate out-of-bounds read [CVE-2020-35877]
167108rio crate use after free [CVE-2020-35876]
167107tokio-rustls Crate memory allocation [CVE-2020-35875]
167106internment Crate drop use after free
167105rusqlite Crate use after free
167104rusqlite Crate memory corruption [CVE-2020-35872]
167103rusqlite Crate Auxdata API memory corruption [CVE-2020-35871]
167102rusqlite Crate Auxdata API use after free [CVE-2020-35870]
167101rusqlite Crate log format string
167100rusqlite Crate UnlockNotification memory corruption
167099rusqlite Crate create_module memory corruption
167098rusqlite Crate memory corruption [CVE-2020-35866]
167097os_str_bytes Crate unknown vulnerability
167096flatbuffers Crate read_scalar unknown vulnerability
167095hyper Crate HTTP Server request smuggling [CVE-2020-35863]
167094bitvec Crate BitVec to BitBox Conversion use after free [CVE-2020-35862]
167093bumpalo Crate memory corruption [CVE-2020-35861]
167092cbox Crate API null pointer dereference [CVE-2020-35860]
167091lucet-runtime-internals Crate memory corruption [CVE-2020-35859]
167090prost Crate Messages stack-based overflow [CVE-2020-35858]
167089trust-dns-server Crate resource consumption [CVE-2020-35857]
167088Hgiga MailSherlock command injection [CVE-2020-35851]
167087Hgiga MailSherlock URL Parameter sql injection [CVE-2020-35743]
167086Hgiga MailSherlock URL Parameter sql injection [CVE-2020-35742]
167085Hgiga MailSherlock Login Page cross site scripting [CVE-2020-35741]
167084Hgiga MailSherlock URL Parameter cross site scripting [CVE-2020-35740]
167083Hgiga MailSherlock Source Code information disclosure [CVE-2020-25850]
167082Hgiga MailSherlock Password Generator hard-coded password [CVE-2020-25848]
167081Panorama NHI ServiSignAdapter Security Control Components Digest Generation NHIServiSignAdapter information disclosure
167080Panorama NHI ServiSignAdapter Security Control Components NHIServiSignAdapter information disclosure
167079Panorama NHI ServiSignAdapter Security Control Components NHIServiSignAdapter stack-based overflow
167078Panorama NHI ServiSignAdapter Security Control Components heap-based overflow
167077Panorama NHI ServiSignAdapter Security Control Components NHIServiSignAdapter information disclosure
167076failure Crate type confusion [CVE-2019-25010]
167075http crate API Drain unknown vulnerability
167074http crate reserve integer overflow
167073streebog Crate Hash denial of service [CVE-2019-25007]
167072streebog Crate Hash unknown vulnerability [CVE-2019-25006]
167071chacha20 Crate inadequate encryption [CVE-2019-25005]
167070flatbuffers Crate comparison [CVE-2019-25004]
167069libsecp256k1 Crate check_overflow timing discrepancy
167068sodiumoxide Crate eq comparison
167067serde_cbor Crate CBOR Deserializer deserialization [CVE-2019-25001]
167066libpulse-binding Crate Iterator use after free
167065Umbraco CMS Installation path traversal [CVE-2020-5811]
167064Umbraco CMS SVG File cross site scripting [CVE-2020-5810]
167063Umbraco CMS TinyMCE Rich-Text Editor cross site scripting [CVE-2020-5809]
167062MantisBT bug_revision_view_page.php information disclosure
167061Newgen eGov Correspondence Management System resource injection
167060FlatPress Blog cross site scripting [CVE-2020-35241]
167059FluxBB Blog cross site scripting [CVE-2020-35240]
167058Amaze File Manager App FTP Intent unknown vulnerability [CVE-2020-35173]
167057Invision Community cross site scripting [CVE-2020-29477]
167056WonderCMS Setting Menu cross site scripting [CVE-2020-29469]
167055WonderCMS Page Description cross site scripting [CVE-2020-29233]
167054EGavilanMedia User Registration and Login System with Admin Panel Admin Profile Page cross site scripting
167053EGavilanMedia User Registration and Login System with Admin Panel Manage User Tab cross site scripting
167052EGavilanMedia User Registration and Login System with Admin Panel User Login Page sql injection
167051Bolt Twig Context protection mechanism [CVE-2020-28925]
167050Plone xml external entity reference [CVE-2020-28736]
167049Plone Traceback server-side request forgery [CVE-2020-28735]
167048Plone xml external entity reference [CVE-2020-28734]
167047MantisBT API SOAP mc_project_get_users sql injection
167046Sentrifugo HTTP Header cross site scripting [CVE-2020-28365]
167045Tenda AC1200 Password API denial of service [CVE-2020-28095]
167044dotCMS REST Endpoint containers sql injection
167043Docker Engine Builder check.go ioutil.TempDir unknown vulnerability
167042Vega Expression cross site scripting [CVE-2020-26296]
167041URI.js javascript URL block server-side request forgery
167040parse-server LDAP Authentication credentials storage [CVE-2020-26288]
167039Nokogiri Gem Schema server-side request forgery
167038DrayTek Vigor2960 mainfunction.cgi toLogin2FA os command injection
167037User-Friendly SVN Timeline module LastHundredRequest os command injection
167036XWiki Platform Property Displayer escape output [CVE-2020-13654]
167035gssproxy gp_workers.c gp_worker_main unknown vulnerability
167034QEMU iscsi.c iscsi_aio_ioctl_cb heap-based overflow
167033Webswing JsLink Remote Privilege Escalation [CVE-2020-11103]
167032Nukeviet HTTP Request click.php sql injection
167031NukeViet nvloginhash Cookie is_user.php deserialization
167030QEMU ATI VGA ati_cursor_define out-of-bounds read
167029MatrixSSL DTLS Server memory corruption [CVE-2019-16747]
167028Ptarmigan API Token Validation unknown vulnerability [CVE-2019-16281]
167027LINBIT csync2 gnutls_handshake return value
167026MorphToken Constructor access control [CVE-2019-15080]
167025EAI access control [CVE-2019-15079]
167024AirdropX Born access control [CVE-2019-15078]
167023Dropbear information disclosure [CVE-2019-12953]
167022D-Link DAP-1650 improper authentication [CVE-2019-12768]
167021OpenEMR manage_site_files.php cross-site request forgery
167020Green Packet WiMax DV-360 lighttpd command injection [CVE-2018-14067]
167019CMS fileController.php input validation
167018Exponent CMS purchaseOrderController.php input validation
167017Exponent CMS find_help.php input validation
167016Exponent CMS usersController.php input validation
167015Exponent CMS storeController.php input validation
167014Rocket.Chat SAML Login unknown vulnerability [CVE-2020-29594]
167013Huawei Smart Phone Message denial of service [CVE-2020-9223]
167012Huawei iManager NetEco 6000 information disclosure [CVE-2020-9208]
167011Huawei CloudEngine File improper authentication [CVE-2020-9207]
167010Huawei Mate 30 Packet permission [CVE-2020-9125]
167009Huawei CloudEngine Messages memory leak [CVE-2020-9124]
167008Huawei CloudEngine Message denial of service [CVE-2020-9094]
167007Huawei Taurus-AL00A Message use after free [CVE-2020-9093]
167006Rockwell Automation FactoryTalk Diagnostics Viewer Service Port 5241 RsvcHost.exe wcscpy_s memory corruption
167005Rockwell Automation FactoryTalk Linx Service Port 7153 messaging.dll HandleBrowseLoadIconStreamRequest memory corruption
167004Rockwell Automation FactoryTalk Linx Service Port 4241 RSLinxNG.exe memory corruption
167003Rockwell Automation FactoryTalk Linx Service Port 4241 RnaDaSvr.dll HandleRequest denial of service
167002cockpit-project Cockpit server-side request forgery [CVE-2020-35850] [Disputed]
167001Agentejo Cockpit Auth.php newpassword sql injection
167000Agentejo Cockpit Auth.php resetpassword sql injection
166999Agentejo Cockpit Auth.php check sql injection
166998Netgear WNR2050 cross site scripting [CVE-2020-35842]
166997Netgear WNR2050 cross site scripting [CVE-2020-35841]
166996Netgear WNR2050 cross site scripting [CVE-2020-35840]
166995Netgear D7800/R7500v2/R7800/R8900/R9000/XR500/XR700/RAX120 cross site scripting
166994Netgear D7800/R7500v2/R7800/R8900/R9000/RAX120/XR500/XR700 cross site scripting
166993Netgear D7800/R7500v2/R7800/R8900/R9000/RAX120/XR500/XR700 cross site scripting
166992Netgear D7800/R7500v2/R7800/R8900/R9000/XR500/XR700/RAX120 cross site scripting
166991Netgear D7800/R7500v2/R7800/R8900/R9000/RAX120/XR500/XR700 cross site scripting
166990Netgear D7800/R7500v2/R7800/R8900/R9000/RAX120/XR500/XR700 cross site scripting
166989Netgear XR700 cross site scripting [CVE-2020-35833]
166988Netgear XR700 cross site scripting [CVE-2020-35832]
166987Netgear XR700 cross site scripting [CVE-2020-35831]
166986Netgear XR700 cross site scripting [CVE-2020-35830]
166985Netgear XR700 cross site scripting [CVE-2020-35829]
166984Netgear R7500v2 cross site scripting [CVE-2020-35828]
166983Netgear RAX120 cross site scripting [CVE-2020-35827]
166982Netgear XR700 cross site scripting [CVE-2020-35826]
166981Netgear XR700 cross site scripting [CVE-2020-35825]
166980Netgear XR700 cross site scripting [CVE-2020-35824]
166979Netgear XR700 cross site scripting [CVE-2020-35823]
166978Netgear D7800/R7500v2/R7800/R8900/R9000/RAX120/XR500/XR700 cross site scripting
166977Netgear XR700 cross site scripting [CVE-2020-35821]
166976Netgear XR700 cross site scripting [CVE-2020-35820]
166975Netgear XR700 cross site scripting [CVE-2020-35819]
166974Netgear XR700 cross site scripting [CVE-2020-35818]
166973Netgear XR700 cross site scripting [CVE-2020-35817]
166972Netgear XR700 cross site scripting [CVE-2020-35816]
166971Netgear XR700 cross site scripting [CVE-2020-35815]
166970Netgear XR700 cross site scripting [CVE-2020-35814]
166969Netgear RAX120 cross site scripting [CVE-2020-35813]
166968Netgear XR700 cross site scripting [CVE-2020-35812]
166967Netgear XR700 cross site scripting [CVE-2020-35811]
166966Netgear XR700 cross site scripting [CVE-2020-35810]
166965Netgear XR700 cross site scripting [CVE-2020-35809]
166964Netgear D6100/DM200/R7800/R8900/R9000/WN3000RPv/WNR2000v5 cross site scripting
166963Netgear WN3000RPv2 cross site scripting [CVE-2020-35807]
166962Netgear WN3000RPv2 cross site scripting [CVE-2020-35806]
166961Netgear XR700 cross site scripting [CVE-2020-35805]
166960Netgear D7800/R7800/R8900/R9000/XR700 information disclosure
166959Netgear AC2600 information disclosure [CVE-2020-35803]
166958Netgear CBR40 information disclosure [CVE-2020-35802]
166957Netgear JGS516PE/JGS524Ev2/JGS524PE/GS116Ev2 config [CVE-2020-35801]
166956Netgear AC2100 config [CVE-2020-35800]
166955Netgear XR500 buffer overflow [CVE-2020-35799]
166954Netgear and XR300 command injection [CVE-2020-35798]
166953Netgear NMS300 command injection [CVE-2020-35797]
166952Netgear XR300 buffer overflow [CVE-2020-35796]
166951Netgear XR700 buffer overflow [CVE-2020-35795]
166950Netgear RBS40V/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 command injection
166949Netgear D7800/R7500v2/R7800/R8900/R9000 command injection [CVE-2020-35793]
166948Netgear R7500v2/R8900/R9000/R7800 command injection [CVE-2020-35792]
166947Netgear R7800/R8900/R9000 command injection [CVE-2020-35791]
166946Netgear D7800/R7800/R8900/R9000 command injection [CVE-2020-35790]
166945Netgear NMS300 command injection [CVE-2020-35789]
166944Netgear WAC104 buffer overflow [CVE-2020-35788]
166943Netgear XR500 buffer overflow [CVE-2020-35787]
166942Netgear R7800 buffer overflow [CVE-2020-35786]
166941Netgear DGN2200v1 HTTPd improper authentication [CVE-2020-35785]
166940Netgear JGS516PE/JGS524PE/JGS524Ev2/GS116Ev2 access control [CVE-2020-35784]
166939Netgear JGS516PE/GS116Ev2/JGS524Ev2/JGS524PE access control [CVE-2020-35783]
166938Netgear JGS516PE/JGS524Ev2/JGS524PE/GS116Ev2 access control [CVE-2020-35782]
166937Netgear NMS300 denial of service [CVE-2020-35781]
166936Netgear NMS300 denial of service [CVE-2020-35780]
166935Netgear NMS300 denial of service [CVE-2020-35779]
166934Netgear GS716Tv3/GS724Tv4 cross-site request forgery [CVE-2020-35778]
166933Netgear DGN2200v1 command injection [CVE-2020-35777]
166932TwitterServer Histogram Endpoint HistogramQueryHandler.scala cross site scripting
166931site-offline Plugin wp_verify_nonce cross-site request forgery
166930Vidyo 02-09-D URI clickjacking [CVE-2020-35735]
166929Nop Solution Ltd nopCommerce Schedule Task Name cross site scripting
166928OpenCart Profile Picture cross site scripting [CVE-2020-29471]
166927OpenCart Mail cross site scripting [CVE-2020-29470]
166926libnested Prototype code injection [CVE-2020-28283]
166925getobject Prototype code injection [CVE-2020-28282]
166924set-object-value Prototype code injection [CVE-2020-28281]
166923predefine Prototype code injection [CVE-2020-28280]
166922flattenizer Prototype code injection [CVE-2020-28279]
166921shvl Prototype code injection [CVE-2020-28278]
166920dset Prototype code injection [CVE-2020-28277]
166919deep-set Prototype code injection [CVE-2020-28276]
166918cache-base Prototype code injection [CVE-2020-28275]
1669171E Client Inventory module Tachyon.Performance.Metrics.exe Remote Privilege Escalation
1669161E Client Tachyon.Performance.Metrics.exe uncontrolled search path
1669151E Client access control
166914Huawei Jackman-AL00D denial of service [CVE-2020-1848]
1669131E Client MSI Installer Remote Privilege Escalation [CVE-2020-16268]
166912Amino Communications AK45x/AK5xx/AK65x/Aria6xx/Aria7/AK7Xx/Kami7B SSH Service hard-coded key
166911Amino Communications AK45x/AK5xx/AK65x/Aria6xx/Aria7/AK7Xx/Kami7B CWMP Registration command injection
166910Amino Communications AK45x/AK5xx/AK65x/Aria6xx/Aria7/AK7Xx/Kami7B EntoneWebEngine command injection
166909Amino Communications AK45x/AK5xx/AK65x/Aria6xx/Aria7/AK7Xx/Kami7B EntoneWebEngine hard-coded credentials
166908Amino Communications AK45x/AK5xx/AK65x/Aria6xx/Aria7/AK7Xx/Kami7B VNC Server hard-coded password
166907SolarWinds Orion Platform API authentication bypass [CVE-2020-10148]
166906Apache Accumulo Policy Enforcement canPerformSystemActions insufficient permissions or privileges
166905Webmin CGI Program unknown vulnerability
166904QNAP QTS/QuTS Hero Application command injection [CVE-2020-25847]
166903OpenDKIM libopendkim testkeys symlink
166902RoundCube Webmail Email Message rcube_string_replacer.php linkref_addindex cross site scripting
166901Ultimate WooCommerce Gift Cards Custom GiftCard Template unrestricted upload
166900Joomla! ACL input validation [CVE-2020-35616]
166899Joomla! Email Export cross-site request forgery [CVE-2020-35615]
166898Joomla! Backend Login Page information disclosure [CVE-2020-35614]
166897Joomla! Blacklist sql injection [CVE-2020-35613]
166896Joomla! mod_random_image path traversal
166895Joomla! Configuration Page information disclosure [CVE-2020-35611]
166894Joomla! com_finder access control [CVE-2020-35610]
166893GDM Session Shutdown race condition [CVE-2020-27837]
166892G-Data symlink [CVE-2020-27172]
166891Arista EOS EVPN VxLAN access control [CVE-2020-26569]
166890Dex SAML Connector signature verification [CVE-2020-26290]
166889date-and-time incorrect regex [CVE-2020-26289]
166888HedgeDoc Mermaid Diagram cross site scripting [CVE-2020-26287]
166887HedgeDoc uploadimage unrestricted upload
166886No Magic TeamworkCloud Installation environment permission
166885Arista EOS 7800R3/EOS 7500R3/EOS 7280R3 ARP Packet denial of service
166884Arista EOS/EOS X VLAN access control [CVE-2020-15898]
166883HCL Domino Server Public API denial of service [CVE-2020-14273]
166882NCH Express Invoice Quotes List Module cross site scripting [CVE-2020-13476]
166881NCH Express Account URL access control [CVE-2020-13474]
166880NCH Express Account Configuration File missing encryption [CVE-2020-13473]
166879David Howden Tag readAtomData array index
166878David Howden Tag readTextWithDescrFrame array index
166877David Howden Tag readAPICFrame array index
166876David Howden Tag readPICFrame array index
166875Panasonic Security System WV-S2231L Admin Control Panel set_factory denial of service
166874Panasonic Security System WV-S2231L hard-coded password [CVE-2020-29193]
166873Zammad REST API Call access control [CVE-2020-29160]
166872Zammad privileges management [CVE-2020-29159]
166871Zammad Ticket Detail View access control [CVE-2020-29158]
166870Foscam FHD X1 Local Privilege Escalation [CVE-2020-28096]
166869Tenda AC1200 Download unknown vulnerability [CVE-2020-28094]
166868Tenda AC1200 hard-coded password [CVE-2020-28093]
166867Zammad Tags Element cross site scripting [CVE-2020-26035]
166866Zammad Create User information disclosure [CVE-2020-26034]
166865Zammad REST API cross-site request forgery [CVE-2020-26033]
166864Zammad Massenversand server-side request forgery [CVE-2020-26032]
166863Zammad Global Search permission [CVE-2020-26031]
166862Zammad SSO Endpoint improper authentication [CVE-2020-26030]
166861Zammad X-On-Behalf-Of Header improper authorization [CVE-2020-26029]
166860Zammad Ticket permission [CVE-2020-26028]
166859Wavpack pack_utils.c WavpackPackSamples out-of-bounds write
166858Dan McDougall GateOne pathname traversal [CVE-2020-35736]
166857Automattic WooCommerce Plugin Order Status fetch_order_status information disclosure
166856ZyXEL VPN On-premise Password Change chg_exp_pwd command injection
166855cxuucms admin.php cross site scripting
166854cxuucms layui-input Class cross site scripting [CVE-2020-29249]
166853XXL-JOB Add User cross site scripting
166852Backblaze bztransmit Helper privileges management [CVE-2020-8290]
166851Backblaze bztransmit Helper certificate validation [CVE-2020-8289]
166850Spamsniper Mail From stack-based overflow [CVE-2020-7845]
166849KLog Server authenticate.php os command injection
166848FasterXML jackson-databind Serialization Gadget unknown vulnerability
166847Autobahn-Python Header injection [CVE-2020-35678]
166846GNU Binutils libbfd.c bfd_getl_signed_32 heap-based overflow
166845Beijing Huorong Internet Security injection [CVE-2020-35364]
166844Flamingo addUser sql injection
166843Flamingo addGroup sql injection
166842Flamingo updateUserInfoInDb sql injection
166841Flamingo updateUserTeamInfoInDbAndMemory sql injection
166840struct2json strcpy buffer overflow
166839OAID Tengine Serializer Module buffer overflow [CVE-2020-28759] [Disputed]
166838DEXT5Upload dext5handler.jsp pathname traversal
166837Flamingo File Transfer Request pathname traversal [CVE-2020-35284]
166836Linksys RE6500 langSwitch denial of service
166835Linksys RE6500 upload_settings.cgi os command injection
166834Linksys RE6500 systemCommand command injection
166833RE6500 New Password setSysAdm os command injection
166832Esri ArcGIS Server server-side request forgery [CVE-2020-35712]
166831arc-swap Crate Constant Test Helper Map unknown vulnerability
166830Parallels Remote Application Server Login Form information disclosure
166829BloofoxCMS Content-Type pathname traversal [CVE-2020-35709]
166828TP-Link WRD4300 Web Interface information disclosure [CVE-2020-35575]
166827Gobby D-Bus set_language null pointer dereference
166826Subrion CMS POST Request cross site scripting [CVE-2020-35437]
166825Rainrocka Xinhu information disclosure [CVE-2020-35388]
166824Xpdf Type 1C Font getOp stack-based overflow
166823Pure-FTPd Connection resource consumption [CVE-2020-35359]
166822TechKshetra Info Solutions Savsoft Quiz Custom Fields Page field_title cross site scripting
166821cxuucms cross-site request forgery [CVE-2020-35347]
166820cxuucms cross site scripting [CVE-2020-35346]
166819GNOME gdk-pixbuf LZW Compression lzw.c write_indexes infinite loop
166818LiteSpeed Cache Plugin cross site scripting [CVE-2020-29172]
166817TechKshetra Info Solutions Savsoft Quiz cross site scripting
166816PHPGurukul User Registration & Login cross-site request forgery
166815Stratodesk NoTouch Center access control
166814Xiph.Org libvorbis OGG File codebook.c array index
166813PHPList Import Administrators Page sql injection [CVE-2020-35708]
166812Daybyday New Client Screen cross site scripting [CVE-2020-35707]
166811Daybyday New Project Screen cross site scripting [CVE-2020-35706]
166810Daybyday New User Screen cross site scripting [CVE-2020-35705]
166809Daybyday New Lead Screen cross site scripting [CVE-2020-35704]
166808Huawei TE Mobile information disclosure [CVE-2020-9202]
166807Huawei NIP6800/Secospace USG6600/Secospace USG9500 DHCP Message out-of-bounds read
166806Huawei iManager NetEco 6000 csv injection [CVE-2020-9200]
166805Huawei CloudEngine 7800 access control [CVE-2020-9137]
166804Huawei CloudEngine 1800V Messages resource consumption [CVE-2020-9120]
166803Huawei Smart Phone access control [CVE-2020-9119]
166802Poppler PDF Document getChars heap-based overflow
166801Samsung Galaxy Note 4 Bluetooth Low Energy information disclosure
166800OpenSMTPD lka_filter.c null pointer dereference
166799OpenSMTPD Message table.c memory leak
166798Pi-hole DNS Query Log cross site scripting [CVE-2020-35659]
166797EGavilan Media EGM Address Book Admin Panel sql injection [CVE-2020-29474]
166796EGavilan Media Under Construction Page Admin Panel sql injection
166795WonderCMS Admin Panel cross site scripting [CVE-2020-29247]
166794TerraMaster TOS access control [CVE-2020-29189]
166793MariaDB Named Pipe Connection channel accessible [CVE-2020-28912]
166792TerraMaster TOS Update cleartext transmission [CVE-2020-28190]
166791TerraMaster TOS makecvs.php os command injection
166790TerraMaster TOS pathname traversal [CVE-2020-28187]
166789TerraMaster TOS Forgot Password injection [CVE-2020-28186]
166788TerraMaster TOS initialise.php information disclosure
166787TerraMaster TOS index.php cross site scripting
166786td-agent-builder Plugin permission [CVE-2020-28169]
166785F5 BIG-IP APM redirect [CVE-2020-27729]
166784F5 BIG-IP ASM/Advanced WAF AVRD denial of service [CVE-2020-27728]
166783F5 BIG-IP iAppsLX REST Installer information disclosure [CVE-2020-27727]
166782F5 BIG-IP APM Resource Information Page cross site scripting
166781F5 BIG-IP DNS/BIG-IP GTM zxfrd memory leak [CVE-2020-27725]
166780F5 BIG-IP APM TMM resource consumption [CVE-2020-27724]
166779F5 BIG-IP APM Traffic Management Microkernel denial of service
166778F5 BIG-IP APM VDI Plugin resource consumption [CVE-2020-27722]
166777F5 BIG-IP DNS/BIG-IP LTM GSLB DNS Response denial of service
166776F5 BIG-IP LTM Traffic Management Microkernel CGNAT denial of service
166775F5 BIG-IP Configuration utility cross site scripting [CVE-2020-27719]
166774F5 BIG-IP ASM/Advanced WAF JSON Payload resource consumption
166773F5 BIG-IP DNS TMM denial of service [CVE-2020-27717]
166772F5 BIG-IP Traffic Management Microkernel denial of service [CVE-2020-27716]
166771F5 BIG-IP Management Interface resource consumption [CVE-2020-27715]
166770F5 BIG-IP Protocol Inspection Profile denial of service [CVE-2020-27714]
166769BrowserUp Proxy HTTP Content injection [CVE-2020-26282]
166768ARM Compiler Protection Feature stack-based overflow [CVE-2020-24658]
166767Hyperledger Indy Node signature verification [CVE-2020-11093]
166766NEC iSM Client certificate validation [CVE-2020-5684]
166765Epson EpsonNet SetupManager DLL untrusted search path [CVE-2020-5681]
166764IBM DB2/DB2 Connect Server Management Service denial of service
166763BigProf Online Invoicing System pageEditGroup.php cross site scripting
166762BigProf Online Invoicing System Self-Registration membership_signup.php cross site scripting
166761http Package HTTP Request injection [CVE-2020-35669]
166760RedisGraph null pointer dereference [CVE-2020-35668]
166759Steedos findone sql injection
166758TerraMaster TOS CSV makecvs.php os command injection
166757Advanced Comment System index.php pathname traversal
166756Raysync code injection [CVE-2020-35370]
166755Nagios Core cross-site request forgery [CVE-2020-35269]
166754User Registration & Login System with Admin Panel cross site scripting
166753SourceCodester Online Health Care System sql injection [CVE-2020-28074]
166752SourceCodester Library Management System sql injection [CVE-2020-28073]
166751SourceCodester Alumni Management System gallery.php cross site scripting
166750SourceCodester Alumni Management System view_event.php sql injection
166749projectworlds Online Matrimonial Project unrestricted upload
166748QNAP QES information exposure [CVE-2020-2505]
166747QNAP QES File Station path traversal [CVE-2020-2504]
166746QNAP QES File Station cross site scripting [CVE-2020-2503]
166745QNAP QES hard-coded password [CVE-2020-2499]
166744CRK Business Platform erro.aspx cross site scripting
166743CRK Business Platform sql injection [CVE-2020-13968]
166742Programi Bilanc inadequate encryption [CVE-2020-11719]
166741Bitcoin SV Transaction resource consumption [CVE-2018-1000893]
166740Bitcoin SV sendheaders Message resource consumption [CVE-2018-1000892]
166739Bitcoin SV Checksum resource consumption [CVE-2018-1000891]
166738Uncanny Owl Tin Canny Reporting TinCan_Content_List_Table.php cross site scripting
166737Opera Web Browser Address Bar cross site scripting [CVE-2020-6159]
166736Uncanny Groups POST Parameter user-code-redemption.php ulgm_code_redeem cross site scripting
166735Mersive Solstice Pod Firmware information disclosure [CVE-2020-35587] [Disputed]
166734Mersive Solstice Pod Open Control API excessive authentication
166733Mersive Solstice Pod Open Control API info excessive authentication
166732Mersive Solstice Pod Web Services cleartext transmission [CVE-2020-35584]
166731Dolibarr Admin Dashboard dolibarr_export.php command injection
166730Eveo URVE os command injection [CVE-2020-29552]
166729Eveo URVE Shutdown shutdown.php unknown vulnerability
166728Eveo URVE sql_db.backup cleartext storage
166727Moxa NPort IAW5000A-IO Web Server session fixiation [CVE-2020-25198]
166726Moxa NPort IAW5000A-IO Telnet/SSH excessive authentication [CVE-2020-25196]
166725Moxa NPort IAW5000A-IO Web Server privileges management [CVE-2020-25194]
166724Moxa NPort IAW5000A-IO Web Server information disclosure [CVE-2020-25192]
166723Moxa NPort IAW5000A-IO Web Server missing encryption [CVE-2020-25190]
166722Moxa NPort IAW5000A-IO Web Service weak password [CVE-2020-25153]
166721Programi Bilanc Installation hard-coded password [CVE-2020-11720]
166720Programi Bilanc software-update Package missing encryption [CVE-2020-11718]
166719TitanHQ SpamTitan Backup cleartext storage [CVE-2020-35658]
166718Jaws Theme os command injection [CVE-2020-35657]
166717Jaws unrestricted upload [CVE-2020-35656]
166716Microsoft Azure Sphere ioctl Call memory corruption [CVE-2020-35609]
166715Microsoft Azure Sphere AF_PACKET Socket memory corruption [CVE-2020-35608]
166714ZyXEL USG SSH Server/Web Interface hard-coded password [CVE-2020-29583]
166713Odoo Community/Enterprise Python sandbox [CVE-2020-29396]
166712Malwarebytes Free Symbolic Links symlink [CVE-2020-28641]
166711Treck IPv6 DHCPv6 Client out-of-bounds read [CVE-2020-27338]
166710Treck IPv6 out-of-bounds write [CVE-2020-27337]
166709Treck IPv6 out-of-bounds read [CVE-2020-27336]
166708Nanosystems SupRemo File Manager Supremo.exe untrusted search path
166707Treck HTTP Server heap-based overflow [CVE-2020-25066]
166706ABB Symphony Plus Operations/Symphony Plus Historian authentication bypass
166705ABB Symphony Plus Operations/Symphony Plus Historian credentials storage
166704ABB Symphony Plus Operations/Symphony Plus Historian Message denial of service
166703ABB Symphony Plus Operations/Symphony Plus Historian privileges management
166702ABB Symphony Plus Operations/Symphony Plus Historian unusual condition
166701ABB Symphony Plus Operations/Symphony Plus Historian insufficient privileges
166700ABB Symphony Plus Operations/Symphony Plus Historian History Server improper authentication
166699ABB Symphony Plus Operations/Symphony Plus Historian improper authorization
166698ABB Symphony Plus Operations/Symphony Plus Historian sql injection
166697D-Link DSL-2888A Web User Interface execute_cmd.cgi os command injection
166696D-Link DSL-2888A improper authentication [CVE-2020-24580]
166695D-Link DSL-2888A improper authentication [CVE-2020-24579]
166694D-Link DSL-2888A FTP Service information disclosure [CVE-2020-24578]
166693Oracle Cloud Services Infrastructure Identity/Access Management Remote Privilege Escalation
166692HCL Domino Server XPages information disclosure [CVE-2020-14270]
166691HCL Client Application Access stack-based overflow [CVE-2020-14231]
166690Foxit PDF Reader Browser Plugin use after free [CVE-2020-13570]
166689Foxit PDF Reader Browser Plugin use after free [CVE-2020-13560]
166688Foxit PDF Reader Browser Plugin use after free [CVE-2020-13557]
166687Foxit PDF Reader Browser Plugin memory corruption [CVE-2020-13547]
166686Odoo Community/Enterprise access control [CVE-2019-11786]
166685Odoo Community/Enterprise Mail Module access control [CVE-2019-11785]
166684Odoo Community/Enterprise Mail Module access control [CVE-2019-11784]
166683Odoo Community/Enterprise Mail Channel access control [CVE-2019-11783]
166682Odoo Community/Enterprise Contact Management access control [CVE-2019-11782]
166681Odoo Community/Enterprise Portal input validation [CVE-2019-11781]
166680Odoo Community/Enterprise access control [CVE-2018-15645]
166679Odoo Community/Enterprise Calendar Event cross site scripting
166678Odoo Community/Enterprise Mail Module cross site scripting [CVE-2018-15638]
166677Odoo Community/Enterprise Attachment Management cross site scripting
166676Odoo Community/Enterprise Document Module cross site scripting
166675Odoo Community/Enterprise Database input validation [CVE-2018-15632]
166674multi-ini injection [CVE-2020-28460]
166673multi-ini injection [CVE-2020-28448]
166672Programi Bilanc hard-coded credentials [CVE-2020-8995]
166671PushToWatch extension PushToWatch.php onSkinAddFooterLinks cross-site request forgery
166670Widgets Extension Smarty Template command unknown vulnerability
166669SecurePoll Extension Vote information disclosure [CVE-2020-35624]
166668CasAuth Extension unknown vulnerability [CVE-2020-35623]
166667GlobalUsage Extension SpecialGlobalUsage.php makeForeignLink cross site scripting
166666Online Marriage Registration System POST Parameter search.php sql injection
166665MiniWeb HTTP Server POST Request denial of service [CVE-2020-29596]
166664Hugo Pandoc Document exec os command injection
166663async-h1 POST Request request smuggling [CVE-2020-26281]
166662DBdeployer Tarball link following [CVE-2020-26277]
166661Programi sql injection [CVE-2020-11717]
166660Philips Hue Service Port 80 denial of service [CVE-2018-7580]
166659Webmin Package Updates Module unknown vulnerability [CVE-2020-35606]
166658Kitty Graphics Protocol graphics.c injection
166657Kronos webTA SAML xml external entity reference [CVE-2020-35604]
166656SeaCMS admin_members_group.php sql injection
166655yunyecms sql injection [CVE-2020-21377]
166654ZTE E8810/E8820/E8822 MQTT Service information disclosure [CVE-2020-6882]
166653ZTE E8810/E8820/E8822 MQTT denial of service [CVE-2020-6881]
166652Tenable Automatic Distribution Configuration unknown vulnerability
166651IBM Loopback Javascript injection [CVE-2020-4988]
166650IBM MQ Connection denial of service [CVE-2020-4870]
166649IBM Security Secret Server information disclosure [CVE-2020-4843]
166648IBM Security Secret Server information exposure [CVE-2020-4842]
166647IBM Security Secret Server missing encryption [CVE-2020-4841]
166646IBM Security Secret Server redirect [CVE-2020-4840]
166645IBM Automation Workstream Services improper authorization [CVE-2020-4794]
166644IBM FileNet Content Manager/Content Navigator Web UI cross site scripting
166643IBM Financial Transaction Manager user session [CVE-2020-4555]
166642VMware ESXi/Workstation/Fusion/Cloud Foundation GuestInfo denial of service
166641ovirt-engine information disclosure [CVE-2020-35497]
166640EgavilanMedia ECM Address Book Admin Login Panel sql injection
166639Coastercms cross site scripting [CVE-2020-35275]
166638DotCMS Add Template with Admin Panel cross site scripting [CVE-2020-35274]
166637EgavilanMedia User Registration & Login System with Admin Panel cross-site request forgery
166636crewjam saml signature verification [CVE-2020-27846]
166635Emerson Rosemount X-STREAM Gas Analyzer improper authentication
166634Wireshark QUIC Dissector denial of service [CVE-2020-26422]
166633Jupyter Server redirect [CVE-2020-26275]
166632tlslite-ng inadequate encryption [CVE-2020-26263]
166631Nifty-PM CPE injection [CVE-2020-26049]
166630Pengutronix RAUC Update Client Signature Verification install.c toctou
166629Apache Airflow improper authorization [CVE-2020-17526]
166628HCL iNotes Message Content information disclosure [CVE-2020-14225]
166627SolarWinds Web Help Desk Formula csv injection [CVE-2019-16959]
166626limit-login-attempts-reloaded Plugin X-Forwarded-For Header LimitLoginAttempts.php origin validation
166625limit-login-attempts-reloaded Plugin cross site scripting [CVE-2020-35589]
166624Atlassian Crucible File Upload denial of service [CVE-2020-29447]
166623HP Support Assistant denial of service [CVE-2019-18920]
166622HP Support Assistant Local Privilege Escalation [CVE-2019-18919]
166621tindy2013 subconverter API Endpoint denial of service [CVE-2020-35579]
166620PostSRSd Timestamp Tag srs2.c denial of service
166619HPE iLO Amplifier Pack Server Remote Privilege Escalation [CVE-2020-7203]
166618HPE StoreEver MSL2024/StoreEver 1-8 G2 cross-site request forgery
166617HPE Systems Insight Manager Remote Privilege Escalation [CVE-2020-7200]
166616Marvell QConvergeConsole GUI path traversal [CVE-2020-5803]
166615HCL Verse Message Content cross site scripting [CVE-2020-4080]
166614Ceph insufficiently protected credentials [CVE-2020-27781]
166613ThingsBoard Host Header injection [CVE-2020-27687]
166612OpenSlides cross site scripting [CVE-2020-26280]
166611WeiPHP wp_where sql injection
166610WeiPHP POST access control [CVE-2020-20299]
166609zzzphp zzz_template.php injection
166608zzcms User Login Page login.php cross site scripting
166607uftpd FTP Server common.c compose_abspath pathname traversal
166606uftpd FTP Server common.c handle_PORT buffer overflow
166605Apache Pulsar Manager Verification permission [CVE-2020-17520]
166604HCL iNotes Message Content or cross site scripting
166603HCL Notes MIME Message buffer overflow [CVE-2020-14224]
166602Kepware LinkMaster access control [CVE-2020-13535]
166601NZXT Cam IO Request Packet access control [CVE-2020-13519]
166600NZXT Cam IO Request Packet access control [CVE-2020-13515]
166599NZXT Cam IO Request Packet access control [CVE-2020-13514]
166598NZXT Cam IO Request Packet access control [CVE-2020-13513]
166597NZXT Cam IO Request Packet access control [CVE-2020-13512]
166596DolphinScheduler mysql connectorj Remote Privilege Escalation
166595Open Zaak origin validation [CVE-2020-26251]
166594IBM Planning Analytics cross-site request forgery [CVE-2020-4764]
166593SpiceWorks Host Header injection [CVE-2020-25901]
166592Xinuos OpenServer cross site scripting [CVE-2020-25495]
166591Xinuos OpenServer printbook os command injection
166590LG Mobile Device Dual Screen improper authentication [CVE-2020-35555]
166589LG Mobile Device WebView SSL unknown vulnerability [CVE-2020-35554]
166588Samsung Mobile Device denial of service [CVE-2020-35553]
166587Samsung Mobile Device GPS Daemon information disclosure [CVE-2020-35552]
166586Samsung Mobile Device RPMB access control [CVE-2020-35551]
166585Samsung Mobile Device Factory Reset Protection access control
166584Samsung Mobile Device Dialer Local Privilege Escalation [CVE-2020-35549]
166583Samsung Mobile Device Finder denial of service [CVE-2020-35548]
166582MediaWiki information disclosure [CVE-2020-35480]
166581MediaWiki BlockLogFormatter.php translateBlockExpiry cross site scripting
166580MediaWiki Raw HTML BlockLogFormatter.php makePageLink cross site scripting
166579MediaWiki Log Entry unknown vulnerability [CVE-2020-35477]
166578MediaWiki Raw HTML Special:UserRights cross site scripting
166577MediaWiki Messages text cross site scripting
166576Mitel MiVoice 6930/MiVoice 6940 Bluetooth Handset improper authentication
166575Mitel MiVoice 6873i/MiVoice 6930/MiVoice 6940 Bluetooth Handset Local Privilege Escalation
166574Mitel MiCollab redirect [CVE-2020-27340]
166573Mitel BusinessCTI Enterprise Client Chat Window information disclosure
166572Tangro Business Workflow Attachment information disclosure [CVE-2020-26178]
166571Tangro Business Workflow profile access control
166570Tangro Business Workflow API Endpoint attachments access control
166569Tangro Business Workflow profile access control
166568Tangro Business Workflow Restrictions unrestricted upload [CVE-2020-26174]
166567Tangro Business Workflow PDF improper authentication [CVE-2020-26173]
166566Tangro Business Workflow JWT Token authentication replay [CVE-2020-26172]
166565Tangro Business Workflow Attachment upload access control
166564Mitel MiCollab NuPoint Messenger access control [CVE-2020-25612]
166563Mitel MiCollab AWV Portal cross site scripting [CVE-2020-25611]
166562Mitel MiCollab AWV access control [CVE-2020-25610]
166561Mitel MiCollab NuPoint Messenger Portal cross site scripting
166560Mitel MiCollab SAS Portal sql injection [CVE-2020-25608]
166559Mitel MiCollab AWV cross site scripting [CVE-2020-25606]
166558Mitel MiContact Center Business Ignite Portal information disclosure
166557SolarWinds Web Help Desk User Account cross site scripting [CVE-2019-16957]
166556SolarWinds Web Help Desk SVG Document cross site scripting [CVE-2019-16955]
166555Smilegate Stove Client input validation [CVE-2020-7838]
166554Bouncy Castle Legion of the Bouncy Castle Utility Method OpenBSDBCrypt.checkPassword comparison
166553Trend Micro InterScan Web Security Virtual Appliance command injection
166552Trend Micro InterScan Web Security Virtual Appliance improper authentication
166551Trend Micro InterScan Web Security Virtual Appliance Admin Interface unknown vulnerability
166550Trend Micro InterScan Web Security Virtual Appliance improper authorization
166549Trend Micro InterScan Web Security Virtual Appliance cross site scripting
166548Trend Micro InterScan Web Security Virtual Appliance cross-site request forgery
166547IBM Security Key Lifecycle Manager information exposure [CVE-2020-4846]
166546IBM Security Key Lifecycle Manager Web UI cross site scripting
166545Spotweb sql injection [CVE-2020-35545]
166544FasterXML jackson-databind deserialization [CVE-2020-35491]
166543FasterXML jackson-databind deserialization [CVE-2020-35490]
166542Rocklobster Contact Form 7 unrestricted upload [CVE-2020-35489]
166541Linux-PAM Empty Password improper authentication [CVE-2020-27780]
166540Trend Micro InterScan Web Security Virtual Appliance Web Interface cross site scripting
166539Fleet SAML Response authentication spoofing [CVE-2020-26276]
166538jsonpickle decode deserialization
166537Flexmonster Pivot Table & Charts To Remote CSV cross site scripting
166536Flexmonster Pivot Table & Charts XMLA cross site scripting [CVE-2020-20141]
166535Flexmonster Pivot Table & Charts Remote Report cross site scripting
166534Flexmonster Pivot Table & Charts Remote JSON cross site scripting
166533CMS Made Simple Showtime2 Slideshow Module cross site scripting
166532BitDefender Hypervisor Introspection Compiler Optimization IntPeParseUnwindData null pointer dereference
166531BitDefender Hypervisor Introspection IntLixFileGetPath memory corruption
166530BitDefender HVI IntLixTaskDumpTree out-of-bounds read
166529HCL Notes Parameter stack-based overflow [CVE-2020-14232]
166528Apache TomEE ActiveMQ Broker improper authentication [CVE-2020-13931]
166527Lantronix XPort EDGE Telnet CLI information disclosure [CVE-2020-13528]
166526Lantronix XPort EDGE Web Manager improper authentication [CVE-2020-13527]
166525NZXT Cam IO Request Packet information disclosure [CVE-2020-13518]
166524NZXT Cam IO Request Packet information disclosure [CVE-2020-13517]
166523NZXT Cam IO Request Packet information disclosure [CVE-2020-13516]
166522NZXT Cam IO Request Packet information disclosure [CVE-2020-13511]
166521NZXT Cam IO Request Packet information disclosure [CVE-2020-13510]
166520NZXT Cam IO Request Packet information disclosure [CVE-2020-13509]
166519Phoenix Contact mGuard LAN Port missing initialization of resource
166518WAGO PFC 100 os command injection [CVE-2020-12522]
166517Phoenix Contact PLCnext LLDP Packet denial of service [CVE-2020-12521]
166516Phoenix Contact PLCnext privileges management [CVE-2020-12519]
166515Phoenix Contact PLCnext information disclosure [CVE-2020-12518]
166514Phoenix Contact PLCnext cross site scripting [CVE-2020-12517]
166513Hashicorp Vault Enterprise Sentinel EGP Policy Feature unknown vulnerability
166512Memcached Docker Image hard-coded password [CVE-2020-35197]
166511Rabbitmq Docker Image hard-coded password [CVE-2020-35196]
166510Haproxy Docker Image hard-coded password [CVE-2020-35195]
166509Influxdb Docker Image hard-coded password [CVE-2020-35194]
166508Vault Docker Image hard-coded password [CVE-2020-35192]
166507Drupal Docker Image hard-coded password [CVE-2020-35191]
166506Plone Docker Image hard-coded password [CVE-2020-35190]
166505Kong Docker Image hard-coded password [CVE-2020-35189]
166504Chronograf Docker Image hard-coded password [CVE-2020-35188]
166503Telegraf Docker Image hard-coded password [CVE-2020-35187]
166502Adminer Docker Image hard-coded password [CVE-2020-35186]
166501Ghost Docker Image hard-coded password [CVE-2020-35185]
166500Composer Docker Image hard-coded password [CVE-2020-35184]
166499Hashicorp Vault/Vault Enterprise LDAP Auth Method information disclosure
166498Synacor Zimbra Collaboration Suite SAML Consumer Store Extension xml external entity reference
166497SSH Component denial of service [CVE-2020-29652]
166496Sonatype Nexus Repository Manager xml external entity reference
166495Magic Home Pro Application improper authentication [CVE-2020-27199]
166494Oracle Application Server Websocket access control [CVE-2020-25096]
166493LogRhythm Platform Manager Websocket cross-site request forgery
166492LogRhythm Platform Manager Websocket command injection [CVE-2020-25094]
166491Kyland KPS2204 webadminget.cgi information disclosure
166490Kyland KPS2204 Instruction unrestricted upload [CVE-2020-25010]
166489Infraware ML Report MLReportDeamon.exe sub_41EAF0 stack-based overflow
166488connection-tester Package index.js injection
166487Dell BSAFE Micro Edition Suite buffer overflow [CVE-2020-5360]
166486Dell BSAFE Micro Edition Suite return value [CVE-2020-5359]
166485IBM Financial Transaction Manager Login Dialog information disclosure
166484IBM Financial Transaction Manager information exposure [CVE-2020-4907]
166483IBM Financial Transaction Manager information disclosure [CVE-2020-4906]
166482IBM Financial Transaction Manager cleartext transmission [CVE-2020-4905]
166481IBM Financial Transaction Manager cross-site request forgery
166480IBM Sterling File Gateway Web UI cross site scripting [CVE-2020-4658]
166479IBM Sterling B2B Integrator Web UI cross site scripting [CVE-2020-4657]
166478Vmware macOS Sensor for VMware Carbon Black Cloud Installation Remote Privilege Escalation
166477Irfan Skiljan IrfanView PCX File out-of-bounds write [CVE-2020-35133]
166476Pluck CMS unrestricted upload [CVE-2020-29607]
166475Epson EPS TSE Server 8 Administrative Interface cross-site request forgery
166474Epson EPS TSE Server 8 users.php cross site scripting
166473Epson EPS TSE Server 8 information disclosure [CVE-2020-28929]
166472systeminformation command injection [CVE-2020-26274]
166471Dell EMC iDRAC9 Web Application cross site scripting [CVE-2020-26198]
166470SolarWinds N-central AdvancedScripts HTTP Endpoint cross-site request forgery
166469SolarWinds N-central Network Interface improper authentication
166468SolarWinds N-Central Administrative Console hard-coded credentials
166467HCL BigFix Inventory TLS-RSA Cipher Suite risky encryption [CVE-2020-14254]
166466HCL BigFix Inventory missing secure attribute [CVE-2020-14248]
166465AdRem NetCrunch Credential Manager credentials storage [CVE-2019-14483]
166464AdRem NetCrunch Web Client hard-coded key [CVE-2019-14482]
166463AdRem NetCrunch Web Client cross-site request forgery [CVE-2019-14481]
166462AdRem NetCrunch user session [CVE-2019-14480]
166461AdRem NetCrunch Remote Privilege Escalation [CVE-2019-14479]
166460AdRem NetCrunch Web Client cross site scripting [CVE-2019-14478]
166459AdRem NetCrunch Credentials Database credentials storage [CVE-2019-14477]
166458AdRem NetCrunch SMB Request server-side request forgery [CVE-2019-14476]
166457p11-kit Byte Array heap-based overflow [CVE-2020-29363]
166456p11-kit RPC heap-based overflow [CVE-2020-29362]
166455p11-kit LIST Command integer overflow [CVE-2020-29361]
166454SolarWinds N-central SSH access control [CVE-2020-25619]
166453SolarWinds N-Central sudo Configuration access control [CVE-2020-25618]
166452SolarWinds N-Central Administration Console path traversal [CVE-2020-25617]
166451GROWI pathname traversal [CVE-2020-5683]
166450GROWI denial of service [CVE-2020-5682]
166449OpenTSDB gnuplot File tmp command injection Package code injection [CVE-2020-28458]
166447osquery command injection [CVE-2020-26273]
166446XStream os command injection [CVE-2020-26259]
166445XStream server-side request forgery [CVE-2020-26258]
166444Software AG Terracotta Server OSS Docker Image hard-coded password
166443Appbase Streams Docker Image hard-coded password [CVE-2020-35468]
166442Docker Docs Docker Image hard-coded password [CVE-2020-35467]
166441Blackfire Docker Image hard-coded password [CVE-2020-35466]
166440FullArmor HAPI File Share Mount Docker Image hard-coded password
166439Weave Cloud Agent Docker Image hard-coded password [CVE-2020-35464]
166438Instana Dynamic APM Docker Image hard-coded password [CVE-2020-35463]
166437CoScale Agent Docker Image weak password [CVE-2020-35462]
166436PHPJabbers Appointment Scheduler Admin Login Page index.php cross site scripting
166435jsonparser GET Call denial of service [CVE-2020-35381]
166434GJSON JSON File denial of service [CVE-2020-35380]
166433Sonarqube Docker Image hard-coded password [CVE-2020-35193]
166432Keysight Database Connector Plugin access control [CVE-2020-35122]
166431Keysight Database Connector Plugin Save Macro Parameter cross site scripting
166430Icinga certificate validation [CVE-2020-29663]
166429SourceCodester Alumni Management System gallery.php unrestricted upload
166428D-Link DSR-250 Unified Services Router Web Interface command injection
166427D-Link DSR-250 Configuration File injection [CVE-2020-25758]
166426D-Link DSR-150/DSR-250/DSR-500/DSR-1000AC LUA CGI access control
166425Host Engineering H0-ECOM100/H2-ECOM100/H4-ECOM100 Configuration Web Server denial of service
166424PEGA Platform cross site scripting [CVE-2020-23957]
166423Keycloak authentication replay [CVE-2020-14302]
166422Keycloak server-side request forgery [CVE-2020-10770]
166421SolarWinds Database Performance Analyzer cross site scripting
166420Google Asylo ecall_restore buffer overflow
166419Google Asylo enc_untrusted_recvfrom buffer overflow
166418Google Asylo enc_untrusted_read buffer overflow
166417Google Asylo enc_untrusted_inet_pton buffer overflow
166416Google Asylo enc_untrusted_recvmsg buffer overflow
166415Google Asylo enc_untrusted_inet_ntop out-of-bounds read
166414Google Asylo FromkLinuxSockAddr memory corruption
166413Google Asylo enc_untrusted_create_wait_queue buffer overflow
166412Google Asylo sgx_params out-of-bounds read
166411Google Asylo Ecall_restore memory corruption
166410IBM Tivoli Netcool Impact Remote Privilege Escalation [CVE-2020-4849]
166409IBM Connect:Direct for UNIX CLI improper authentication [CVE-2020-4747]
166408EGavilan Barcodes Generator index.php cross site scripting
166407EGavilan Media Expense Management System Add Expense cross site scripting
166406Xen null pointer dereference [CVE-2020-29571]
166405Xen denial of service [CVE-2020-29570]
166404Linux Kernel Kernel Thread denial of service [CVE-2020-29569]
166403Xen denial of service [CVE-2020-29568]
166402Xen denial of service [CVE-2020-29567]
166401Xen denial of service [CVE-2020-29566]
166400Xen XAPI xenstore denial of service [CVE-2020-29487]
166399Xen xenstore denial of service [CVE-2020-29486]
166398Xen Ocaml xenstored Implementation denial of service [CVE-2020-29485]
166397Xen Xenstore denial of service [CVE-2020-29484]
166396Xen Shared Memory denial of service [CVE-2020-29483]
166395Xen xenstore Path $DOMID denial of service
166394Xen Xenstore Node access control [CVE-2020-29481]
166393Xen xenstore permission [CVE-2020-29480]
166392Xen Ocaml xenstored Implementation access control [CVE-2020-29479]
166391s-cart Package Admin Dashboard AdminOrderController.phpindex cross site scripting
166390s-cart Package Admin Panel cross site scripting [CVE-2020-28456]
166389Foxit Reader/PhantomPDF PDF File denial of service [CVE-2020-28203]
166388Linux Kernel RTAS authorization [CVE-2020-27777]
166387TIBCO PartnerExpress REST API unknown vulnerability [CVE-2020-27147]
166386Google Android nl80211.c nl80211_policy out-of-bounds read
166385Google Android l2tp Subsystem use after free [CVE-2020-27067]
166384Google Android xfrm6_tunnel.c xfrm6_tunnel_free_spi use after free
166383Google Android GpuService.cpp getGpuStatsAppInfo information disclosure
166382Google Android Package Metadata information disclosure [CVE-2020-27056]
166381Google Android WiFi Configuration showWarningMessagesIfAppropriate information disclosure
166380Google Android BluetoothManagerService onFactoryReset permission
166379Google Android WiFi Name broadcastWifiCredentialChanged information disclosure
166378Google Android Lock Task Mode getLockTaskLaunchMode permission
166377Google Android NFA_RwI93WriteMultipleBlocks out-of-bounds write
166376Google Android rw_i93_send_cmd_write_multi_blocks out-of-bounds write
166375Google Android rw_t3t_send_raw_frame out-of-bounds write
166374Google Android RW_SendRawFrame out-of-bounds write
166373Google Android ce_t4t_update_binary out-of-bounds read
166372Google Android nfc_ncif_proc_ee_action out-of-bounds read
166371Google Android CE_SendRawFrame out-of-bounds write
166370Google Android Parcel.cpp restartWrite memory corruption
166369Google Android nfc_enabled out-of-bounds read
166368Google Android showProvisioningNotification information disclosure
166367Google Android NFC Server phNxpNciHal_core_initialized out-of-bounds read
166366Google Android postNotification information disclosure
166365Google Android C2SoftVorbisDec.cpp process memory leak
166364Google Android NFC Server phNxpNciHal_core_initialized out-of-bounds read
166363Google Android NFC Server phNxpNciHal_send_ext_cmd out-of-bounds write
166362Google Android C2AllocatorIon.cpp priorLinearAllocation use after free
166361Google Android createSimSelectNotification information disclosure
166360Google Android nfc_ncif_proc_get_routing out-of-bounds read
166359Google Android getRadioAccessFamily information disclosure
166358Google Android nfc_data_event out-of-bounds read
166357Google Android onCreate permission
166356Google Android TextView denial of service
166355Google Android filter_incoming_event out-of-bounds read
166354Google Android nfc_ncif_proc_get_routing out-of-bounds read
166353Google Android Fingerprint information disclosure [CVE-2020-27026]
166352Google Android information disclosure
166351Google Android Bluetooth smp_br_state_machine_event out-of-bounds read
166350Google Android setErrorPlaybackState information disclosure
166349Google Android avrc_ctrl_pars_vendor_cmd out-of-bounds read X11 XkbSetDeviceInfo heap-based overflow
166347Google Android startInputUncheckedLocked information disclosure
166346Google Android bitreader.c FLAC__bitreader_read_rice_signed_block out-of-bounds read
166345Google Android codebook.c decode_packed_entry_number out-of-bounds read
166344Google Android BiometricServiceBase canUseBiometric information disclosure
166343Google Android cpdf_renderstatus.cpp LoadSMask use after free
166342Google Android JBig2_SddProc.cpp decode_Huffman integer overflow
166341Google Android ih264d_sei.c ih264d_parse_ave out-of-bounds read
166340Google Android cpdf_sampledfunc.cpp v_Call information disclosure
166339Google Android Bitstream bitstream.cpp BitstreamFillCache out-of-bounds read
166338Google Android MatroskaExtractor.cpp readBlock resource consumption
166337Google Android floor1.c floor1_info_unpack information disclosure
166336Google Android eas_mdls.c Parse_data out-of-bounds write
166335Google Android ihevc_inter_pred_filters_ssse3_intr.c ihevc_inter_pred_chroma_copy_ssse3 information disclosure
166334Google Android stream_decoder.c read_metadata_vorbiscomment_ denial of service
166333Google Android openAssetFileListener permission
166332Google Android areFunctionsSupported permission
166331Google Android ComposerClient.h destroyResources memory corruption
166330Google Android DrmManagerService.cpp ~DrmManagerService memory corruption
166329Google Android IncidentService.cpp command information disclosure
166328Google Android AndroidManifest.xml permission
166327Google Android callUnchecked permission
166326Google Android callUnchecked permission
166325Google Android restoration.c extend_frame_lowbd out-of-bounds write
166324Google Android Network Configuration sendLinkConfigurationChangedBroadcast information disclosure
166323Google Android onNotificationRemoved log file
166322Google Android createInputConsumer permission
166321Google Android HalCamera.cpp requestNewFrame use after free
166320Google Android updateIncomingFileConfirmNotification unrestricted upload
166319Google Android queryInternal information disclosure
166318Google Android nci_proc_ee_management_rsp information disclosure
166317Google Android SPDIFEncoder.cpp writeBurstBufferBytes information disclosure
166316js-data Package deepFill code injection
166315Envoy UDP Datagram denial of service [CVE-2020-35471]
166314Envoy Network Filter unknown vulnerability [CVE-2020-35470]
166313Apple macOS Server Profile Manager cross site scripting [CVE-2020-9995]
166312Apple macOS Wi-Fi denial of service [CVE-2020-27898]
166311Apple macOS WebRTC use after free [CVE-2020-15969]
166310Apple macOS System Preferences sandbox [CVE-2020-10009]
166309Apple macOS Ruby path traversal [CVE-2020-27896]
166308Apple macOS Quick Look cross site scripting [CVE-2020-10012]
166307Apple macOS Power Management state issue [CVE-2020-10007]
166306Apple macOS NSRemoteView sandbox [CVE-2020-27901]
166305Apple macOS Model IO state issue [CVE-2020-10004]
166304Apple macOS Model IO out-of-bounds read [CVE-2020-13524]
166303Apple macOS Logging path traversal [CVE-2020-10010]
166302Apple macOS libxpc path traversal [CVE-2020-10014]
166301Apple macOS libxml2 use after free [CVE-2020-27926]
166300Apple macOS libxml2 use after free [CVE-2020-27920]
166299Apple macOS libxml2 integer overflow [CVE-2020-27911]
166298Apple macOS Kernel Local Privilege Escalation [CVE-2020-29620]
166297Apple macOS Kernel memory corruption [CVE-2020-27949]
166296Apple macOS Kernel race condition [CVE-2020-27921]
166295Apple macOS Kernel use after free [CVE-2020-9975]
166294Apple macOS Kernel memory corruption [CVE-2020-9967]
166293Apple macOS Kernel memory corruption [CVE-2020-10016]
166292Apple macOS Kernel state issue [CVE-2020-9974]
166291Apple macOS Intel Graphics Driver memory corruption [CVE-2020-27907]
166290Apple macOS Intel Graphics Driver out-of-bounds write [CVE-2020-27897]
166289Apple macOS Intel Graphics Driver out-of-bounds write [CVE-2020-10015]
166288Apple macOS ImageIO out-of-bounds write [CVE-2020-27923]
166287Apple macOS ImageIO out-of-bounds write [CVE-2020-27912]
166286Apple macOS ImageIO out-of-bounds read [CVE-2020-29619]
166285Apple macOS ImageIO out-of-bounds read [CVE-2020-29617]
166284Apple macOS ImageIO out-of-bounds write [CVE-2020-29611]
166283Apple macOS ImageIO out-of-bounds read [CVE-2020-29618]
166282Apple macOS ImageIO out-of-bounds read [CVE-2020-27924]
166281Apple macOS ImageIO memory corruption [CVE-2020-29616]
166280Apple macOS Image Processing out-of-bounds write [CVE-2020-27919]
166279Apple macOS HomeKit unknown vulnerability [CVE-2020-9978]
166278Apple macOS Graphics Drivers out-of-bounds write [CVE-2020-29612]
166277Apple macOS Graphics Drivers memory corruption [CVE-2020-27947]
166276Apple macOS Foundation state issue [CVE-2020-10002]
166275Apple macOS FontParser memory corruption [CVE-2020-27944]
166274Apple macOS FontParser memory corruption [CVE-2020-27943]
166273Apple macOS FontParser memory corruption [CVE-2020-27931]
166272Apple macOS FontParser out-of-bounds read [CVE-2020-9956]
166271Apple macOS FontParser out-of-bounds write [CVE-2020-27952]
166270Apple macOS FontParser buffer overflow [CVE-2020-9962]
166269Apple macOS FontParser information disclosure [CVE-2020-27946]
166268Apple macOS CoreText state issue [CVE-2020-27922]
166267Apple macOS CoreAudio out-of-bounds write [CVE-2020-10017]
166266Apple macOS CoreAudio out-of-bounds read [CVE-2020-27908]
166265Apple macOS CoreAudio out-of-bounds read [CVE-2020-9960]
166264Apple macOS CoreAudio out-of-bounds write [CVE-2020-27948]
166263Apple macOS Bluetooth integer overflow [CVE-2020-27906]
166262Apple macOS Audio out-of-bounds write [CVE-2020-27916]
166261Apple macOS Audio out-of-bounds read [CVE-2020-9944]
166260Apple macOS Audio out-of-bounds read [CVE-2020-9943]
166259Apple macOS Audio out-of-bounds read [CVE-2020-27910]
166258Apple macOS AppleMobileFileIntegrity Local Privilege Escalation
166257Apple macOS AppleGraphicsControl behavioral workflow [CVE-2020-27941]
166256Apple macOS App Store privileges management [CVE-2020-27903]
166255Apple macOS AMD memory corruption [CVE-2020-27915]
166254Apple macOS AMD memory corruption [CVE-2020-27914]
166253Apple Safari WebRTC use after free [CVE-2020-15969]
166252Apple tvOS WebRTC use after free [CVE-2020-15969]
166251Apple tvOS ImageIO out-of-bounds write [CVE-2020-29611]
166250Apple tvOS ImageIO out-of-bounds read [CVE-2020-29618]
166249Apple tvOS ImageIO out-of-bounds read [CVE-2020-29619]
166248Apple tvOS ImageIO out-of-bounds read [CVE-2020-29617]
166247Apple tvOS FontParser memory corruption [CVE-2020-27944]
166246Apple tvOS FontParser memory corruption [CVE-2020-27943]
166245Apple tvOS FontParser information disclosure [CVE-2020-27946]
166244Apple tvOS CoreAudio out-of-bounds write [CVE-2020-27948]
166243Apple watchOS WebRTC use after free [CVE-2020-15969]
166242Apple watchOS Security unknown vulnerability [CVE-2020-27951]
166241Apple watchOS ImageIO out-of-bounds write [CVE-2020-29611]
166240Apple watchOS ImageIO out-of-bounds read [CVE-2020-29618]
166239Apple watchOS ImageIO out-of-bounds read [CVE-2020-29619]
166238Apple watchOS ImageIO out-of-bounds read [CVE-2020-29617]
166237Apple watchOS FontParser memory corruption [CVE-2020-27944]
166236Apple watchOS FontParser memory corruption [CVE-2020-27943]
166235Apple watchOS FontParser information disclosure [CVE-2020-27946]
166234Apple watchOS CoreAudio out-of-bounds write [CVE-2020-27948]
166233Apple iOS/iPadOS WebRTC use after free [CVE-2020-15969]
166232Apple iOS/iPadOS Security unknown vulnerability [CVE-2020-27951]
166231Apple iOS/iPadOS ImageIO out-of-bounds write [CVE-2020-29611]
166230Apple iOS/iPadOS ImageIO out-of-bounds read [CVE-2020-29618]
166229Apple iOS/iPadOS ImageIO out-of-bounds read [CVE-2020-29619]
166228Apple iOS/iPadOS ImageIO out-of-bounds read [CVE-2020-29617]
166227Apple iOS/iPadOS FontParser memory corruption [CVE-2020-27944]
166226Apple iOS/iPadOS FontParser memory corruption [CVE-2020-27943]
166225Apple iOS/iPadOS FontParser information disclosure [CVE-2020-27946]
166224Apple iOS/iPadOS CoreAudio out-of-bounds read [CVE-2020-27948]
166223Apple iOS/iPadOS App Store state issue [CVE-2020-29613]
166222curl Certificate Revocation certificate validation [CVE-2020-8286] cURL FTP Wildcard stack-based overflow [CVE-2020-8285]
166220curl FTP PASV information disclosure [CVE-2020-8284]
166219Citrix Virtual Apps/Virtual Desktops/XenApp/XenDesktop Universal Print Server privileges management
166218Ubiquiti EdgePower 24V-54V cross-site request forgery [CVE-2020-8282]
166217Citrix Gateway Plug-in Services privileges management [CVE-2020-8258]
166216Citrix Gateway Plug-in access control [CVE-2020-8257]
166215libcURL Connection use after free [CVE-2020-8231]
166214curl File Name injection [CVE-2020-8177]
166213curl DNS Server information disclosure [CVE-2020-8169]
166212Jon Iles Packwood MPXJ ZIP Stream pathname traversal
166211Gnome GLib g_option_group_add_entries integer overflow [Disputed]
166210Google Go Encoding XML Package encoding error [CVE-2020-29511]
166209Google Go Encoding XML Package encoding error [CVE-2020-29510]
166208Google Go Encoding XML Package encoding error [CVE-2020-29509]
166207SabaiApp Directories Pro Plugin CSV File cross site scripting
166206SabaiApp Directories Pro Plugin cross site scripting [CVE-2020-29303]
166205OpenAsset Digital Asset Management ProjectsCSV access control
166204Unicenter Asset Management sql injection [CVE-2020-28860]
166203OpenAsset Digital Asset Management Scripting cross site scripting
166202OpenAsset Digital Asset Management cross-site request forgery
166201OpenAsset Digital Asset Management cross site scripting [CVE-2020-28857]
166200Siemens SICAM A8000 CP-8022 Web Server protection mechanism [CVE-2020-28396]
166199Siemens LOGO! 8 BM Website/Access Tool insufficiently protected credentials
166198Siemens LOGO! 8 BM/LOGO! Soft Comfort UDF hard-coded key [CVE-2020-25234]
166197Siemens LOGO! 8 BM Firmware hard-coded key [CVE-2020-25233]
166196Siemens LOGO! 8 BM tcp risky encryption
166195Siemens LOGO! 8 BM/LOGO! Soft Comfort hard-coded key [CVE-2020-25231]
166194Siemens LOGO! 8 BM Service Port 10005 risky encryption [CVE-2020-25230]
166193Siemens LOGO! 8 BM authentication replay [CVE-2020-25229]
166192Siemens LOGO! 8 BM Service Port 10005 missing authentication
166191NewPK newpost.php sql injection
166190Dan McDougall GateOne SSH Connection os command injection [CVE-2020-20184]
166189ZyXEL P1302-T10 v3 Admin Page resource injection [CVE-2020-20183]
166188QuantConnect Lean Json.NET library deserialization [CVE-2020-20136]
166187Gallagher Command Centre Enterprise Data Interface sql injection
166186Gallagher Command Centre Server type confusion [CVE-2020-16103]
166185Gallagher Command Centre Server improper authentication [CVE-2020-16102]
166184Siemens SIMATIC ET 200SP/SIMATIC S7-1500 Web Server denial of service
166183Eclipse Che CodeReady Workspace services cross-site request forgery
166182Google Android restoration.c extend_frame_highbd heap-based overflow
166181Google Android addEscrowToken denial of service
166180Google Android listen information disclosure
166179Google Android Network Traffic onUserStopped information disclosure
166178Google Android eventpoll.c do_epoll_ctl use after free
166177Google Android Kernel hid-multitouch.c out-of-bounds write
166176Google Android res_cache.cpp resolv_cache_lookup information disclosure
166175Google Android Bluetooth Server sdp_server_handle_client_req information disclosure
166174Google Android Certificate createNameCredentialDialog information disclosure
166173Google Android WiFi Configuration sendConfiguredNetworkChangedBroadcast information disclosure
166172Google Android SPDIFEncoder.cpp writeBurstBufferBytes integer overflow
166171Google Android out-of-bounds write [CVE-2020-0457]
166170Google Android out-of-bounds write [CVE-2020-0456]
166169Google Android out-of-bounds read [CVE-2020-0455]
166168Google Android auditfilter.c audit_free_lsm_field privileges management
166167Google Android createVirtualDisplay permission
166166Google Android addWindow clickjacking
166165Google Android Broadcom Nexus Firmware hard-coded password [CVE-2020-0019]
166164Google Android Broadcom Nexus Firmware hard-coded password [CVE-2020-0016]
166163Siemens XHQ Web Interface cross-site request forgery [CVE-2019-19289]
166162Siemens XHQ Web Interface cross site scripting [CVE-2019-19288]
166161Siemens XHQ path traversal [CVE-2019-19287]
166160Siemens XHQ sql injection [CVE-2019-19286]
166159Siemens XHQ Web Interface cross site scriting [CVE-2019-19285]
166158Siemens XHQ cross site scripting [CVE-2019-19284]
166157Siemens XHQ Web Server information disclosure [CVE-2019-19283]
166156Classbooking CSV File sql injection [CVE-2020-35382]
166155Online Bus Ticket Reservation Login Page sql injection [CVE-2020-35378]
166154Mobile Viewpoint Wireless Multiplex Terminal Playout Server hard-coded credentials
166153Project Worlds Car Rental Management System index.php file inclusion
166152OpenAsset Asset Management HTTP Request access control [CVE-2020-28856]
166151GE Healthcare Signa credentials management [CVE-2020-25179]
166150GE Healthcare Signa cleartext transmission [CVE-2020-25175]
166149BitDefender Antivirus Plus SafePay origin validation [CVE-2020-15733]
166148HCL Notes Client MIME Message stack-based overflow [CVE-2020-14268]
166147HCL Domino Server MIME Message stack-based overflow [CVE-2020-14244]
166146Apache Airflow Charts/Query server-side request forgery [CVE-2020-17513]
166145Apache Airflow CLI log file [CVE-2020-17511]
166144Mitsubishi Electric MELSEC iQ-F FX5U(C) ARP Packet unknown vulnerability
166143FileZen pathname traversal [CVE-2020-5639]
166142NEC Aterm SA3500G improper validation of integrity check value
166141NEC Aterm SA3500G URL Remote Privilege Escalation [CVE-2020-5636]
166140NEC Aterm SA3500G URL unknown vulnerability [CVE-2020-5635] Lagoon GitLab Webhook access control [CVE-2020-35236]
166138secure-file-manager Plugin elFinder connector.minimal.php access control
166137easy-wp-smtp Plugin log file [CVE-2020-35234]
166136Macally WIFISD2-2A82 Guest User Password shadow credentials storage
166135SolarWinds Orion Network Management Sunburst/Solorigate backdoor
166134Medtronic Smart Model 25000 Patient Reader Update System toctou
166133Medtronic Smart Model 25000 Patient Reader Debug Command heap-based overflow
166132Medtronic Smart Model 25000 Patient Reader App Authentication improper authentication
166131LastPass Password Manager improper authentication [CVE-2020-35208] [Disputed]
166130LastPass Password Manager improper authentication [CVE-2020-35207] [Disputed]
166129Ignite Realtime Openfire db-access.jsp cross site scripting
166128Ignite Realtime Openfire create-bookmark.jsp cross site scripting
166127Ignite Realtime Openfire spark-form.jsp cross site scripting
166126Ignite Realtime Openfire create-bookmark.jsp cross site scripting
166125F5 BIG-IP iControl REST cross site scripting [CVE-2020-5950]
166124F5 BIG-IP FTP denial of service [CVE-2020-5949]
166123F5 BIG-IP iControl REST cross site scripting [CVE-2020-5948]
166122AWStats pathname traversal
166121Frappe Framework API input validation [CVE-2020-35175]
166120mquery Operation utils.js injection
166119Western Digital Dashboard DLL uncontrolled search path [CVE-2020-29654]
166118Western Digital My Cloud OS improper authentication [CVE-2020-29563]
166117SmartyStreets liveAddressPlugin.js Parameter this.showInvalidCountry cross site scripting
166116Linux Kernel ring_buffer.c use after free
166115F5 BIG-IP NGINX Controller Agent pathname traversal [CVE-2020-27730]
166114F5 BIG-IP AFM Traffic Management Microkernel denial of service
166113Wireshark USB HID Protocol Dissector denial of service [CVE-2020-26421]
166112Wireshark RTPS Protocol Dissector memory leak [CVE-2020-26420]
166111Wireshark Dissection Engine memory leak [CVE-2020-26419]
166110Wireshark Kafka Protocol Dissector denial of service [CVE-2020-26418]
166109Contiki IPv6 Header memory corruption [CVE-2020-25112]
166108Contiki IPv6 Header Length memory corruption [CVE-2020-25111]
166107Nut OS Ethernut memory corruption [CVE-2020-25110]
166106Nut OS Ethernut memory corruption [CVE-2020-25109]
166105Nut OS Ethernut memory corruption [CVE-2020-25108]
166104Nut OS Ethernut memory corruption [CVE-2020-25107]
166103FNET mDNS Query out-of-bounds read [CVE-2020-24383]
166102picoTCP/picoTCP-NG TCP pico_tcp.c out-of-bounds read
166101picoTCP/picoTCP-NG DNS Packet pico_mdns.c pico_mdns_handle_data_as_answers_generic out-of-bounds read
166100picoTCP/picoTCP-NG Domain Name Decompression pico_dns_common.c pico_dns_decompress_name out-of-bounds read
166099picoTCP Domain Name Decompression pico_dns_common.c pico_dns_decompress_name out-of-bounds write
166098picoTCP/picoTCP-NG TCP Options pico_tcp.c tcp_parse_options denial of service
166097Contiki/Contiki-NG Domain Name ip64-dns64.c buffer overflow
166096uIP DNS Response resolv.c out-of-bounds read
166095PHPSHE sql injection [CVE-2020-19165]
166094FNET DNS Client Interface fnet_dns.c _fnet_dns_poll initialization
166093FNET IPv6 Fragmentation fnet_ip6.c _fnet_ip6_reassembly uninitialized pointer
166092FNET IPv6 Extension Header fnet_ip6.c _fnet_ip6_ext_header_handler_options out-of-bounds read
166091FNET LLMNR Request fnet_llmnr.c _fnet_llmnr_poll information disclosure
166090Valid picoTCP IPv6 Destination Options pico_ipv6.c pico_ipv6_process_destopt out-of-bounds read
166089picoTCP Header Field pico_ipv6.c pico_ipv6_check_headers_sequence integer overflow
166088picoTCP ICMPv6 Echo Request Packet pico_icmp6.c pico_icmp6_send_echoreply_not_frag memory corruption
166087picoTCP Header Length pico_ipv6.c pico_ipv6_process_hopbyhop integer overflow
166086picoTCP IPv6 Header pico_ipv6.c pico_ipv6_extension_headers out-of-bounds read
166085uIP DNS Response resolv.c parse_name null pointer dereference
166084uIP DNS Reply resolv.c newdata dns rebinding
166083uIP IP Header Length uip.c uip_reass denial of service
166082uIP TCP Flag uip.c uip_process buffer overflow
166081Brocade Fabric OS Virtual Fabric Mode access control [CVE-2020-15376]
166080Brocade Fabric OS Command Line Interface input validation [CVE-2020-15375]
166079Contiki TCPIP Stack uip.c uip_process integer overflow
166078Contiki TCPIP Stack uip.c upper_layer_chksum out-of-bounds read
166077Contiki TCPIP Stacl rpl-ext-header.c rpl_remove_header infinite loop
166076Contiki TCPIP Stack rpl-ext-header.c rpl_remove_header memory corruption
166075Contiki TCPIP Stack uip6.c ext_hdr_options_process infinite loop
166074i18n Language Tag TextLocalizer.cs denial of service
166073Sophos Cyberoam OS WebAdmin sql injection [CVE-2020-29574]
166072corenlp-js-interface command injection [CVE-2020-28440]
166071corenlp-js-prefab index.js injection
166070Canonical Go Ethereum Consensus calculation [CVE-2020-26265]
166069Go Ethereum GetProofsV2 Request resource consumption [CVE-2020-26264]
166068ua-parser-js incorrect regex [CVE-2020-7793]
166067IBM Resilient SOAR Formula injection [CVE-2020-4633]
166066registry Docker Image improper authentication [CVE-2020-29591]
166065teamspeak Docker Image improper authentication [CVE-2020-29590]
166064kapacitor Docker Image improper authentication [CVE-2020-29589]
166063TikiWiki Web-based Management Interface cross-site request forgery
166062OpenCart CMS CART Option cross-site request forgery [CVE-2020-28838]
166061Frappe Two-factor Authentication information disclosure [CVE-2020-27508]
166060Apache Airflow trigger cross site scripting
166059Askey AP5100W Ping/Traceroute/Route os command injection [CVE-2020-15357]
166058Askey AP5100W WPS PIN password recovery [CVE-2020-15023]
166057Silver Peak Unity ECOSTM Configuration Backup os command injection
166056Silver Peak Unity ECOSTM nslookup API os command injection [CVE-2020-12148]
166055mout Package code injection [CVE-2020-7792]
166054spatie browsershot URL path traversal [CVE-2020-7790]
166053ini Package INI Parser injection [CVE-2020-7788]
166052Cisco Jabber Custom Protocol privileges management [CVE-2020-27127]
166051Cisco Jabber Message Content Validator information disclosure
166050Cisco Jabber Custom Protocol command injection [CVE-2020-27133]
166049Cisco Jabber XMPP Message injection [CVE-2020-27134]
166048Cisco Jabber XMPP Message Remote Privilege Escalation [CVE-2020-26085]
166047node-notifier command injection [CVE-2020-7789]
166046Netflix Spinnaker SpEL Expression deserialization [CVE-2020-9301]
166045Schneider Electric EcoStruxure Control Expert/Unity Pro write-what-where condition
166044Schneider Electric Modicon M340/Modicon Quantum/Modicon Premium Web Server unusual condition
166043Schneider Electric Modicon M340 Modbus unusual condition [CVE-2020-7543]
166042Schneider Electric Modicon M340 Modbus unusual condition [CVE-2020-7542]
166041Schneider Electric Modicon M340/Modicon Quantum/Modicon Premium Web Server direct request
166040Schneider Electric Modicon M340/Modicon Quantum/Modicon Premium Web Server missing authentication
166039Schneider Electric Modicon M340/Modicon Quantum/Modicon Premium HTTP unusual condition
166038Schneider Electric Modicon M580 Modbus unusual condition [CVE-2020-7537]
166037Schneider Electric Modicon M340 SNMP unusual condition [CVE-2020-7536]
166036Schneider Electric Modicon M340 Web Server path traversal [CVE-2020-7535]
166035ultimate-category-excluder Plugin ultimate-category-excluder.php cross-site request forgery
166034phpLDAPadmin function.php get_request cross site scripting
166033Ignite Realtime Openfire Bookmark create-bookmark.jsp cross site scripting
166032Typesetter CMS Admin/Configuration cross site scripting [CVE-2020-35126] [Disputed]
166031Schneider Electric Modicon M258 memory corruption [CVE-2020-28220]
166030Schneider Electric EcoStruxure Geo SCADA Expert Virtual ViewX insufficiently protected credentials
166029Schneider Electric Easergy T300 improper restriction of rendered ui layers
166028Schneider Electric Easergy T300 missing encryption [CVE-2020-28217]
166027Schneider Electric Easergy T300 missing encryption [CVE-2020-28216]
166026Schneider Electric Easergy T300 authorization [CVE-2020-28215]
166025Schneider Electric Modicon M221 hash without salt [CVE-2020-28214]
166024Jasper jpc Encoder out-of-bounds write [CVE-2020-27828]
166023Linux Kernel MIDI use after free [CVE-2020-27786]
166022GitLab Community Edition/Enterprise Edition Project information disclosure
166021GitLab Enterprise Edition Advanced Search information disclosure
166020GitLab Community Edition/Enterprise Edition REST API information disclosure
166019GitLab Community Edition/Enterprise Edition GraphQL information disclosure
166018GitLab Enterprise Edition Group Member information disclosure
166017GitLab Community Edition/Enterprise Edition Project Search denial of service
166016GitLab Community Edition/Enterprise Edition Markdown resource consumption
166015GitLab Community Edition/Enterprise Edition Profile information disclosure
166014Micro Focus Filr information disclosure [CVE-2020-25838]
166013Aruba Networks 9000 Gateway GRUB2 Remote Privilege Escalation
166012Aruba Networks 9000 Gateway Service Port 8211 injection [CVE-2020-24634]
166011Aruba Networks 9000 Gateway Service Port 8211 buffer overflow
166010Adobe Lightroom Classic uncontrolled search path [CVE-2020-24447]
166009Adobe Prelude uncontrolled search path [CVE-2020-24440]
166008Apache Struts OGNL Evaluation Remote Privilege Escalation [CVE-2020-17530]
166007EIP Stack Group OpENer Ethernet out-of-bounds write [CVE-2020-13556]
166006EIP Stack Group OpENer Ethernet resource consumption [CVE-2020-13530]
166005Pixar OpenUSD USD File out-of-bounds read [CVE-2020-13520]
166004GitLab Community Edition/Enterprise Edition Feature Flag improper authorization
166003Gerrit FilteredRepository Wrapper improper authorization [CVE-2020-8920]
166002Gerrit REST API improper authorization [CVE-2020-8919]
166001Google Guava Temp Directory temp file
166000IBM AIX/VIOS ksu Command privileges management [CVE-2020-4829]
165999Ubilling Config File command injection [CVE-2020-29311]
165998TensorFlow Computation Graph out-of-bounds read [CVE-2020-26271]
165997TensorFlow LSTM/GRU denial of service [CVE-2020-26270]
165996TensorFlow out-of-bounds read [CVE-2020-26269]
165995TensorFlow Python Interpreter tf.raw_ops.ImmutableConst denial of service
165994TensorFlow API tf.raw_ops.DataFormatVecPermute out-of-bounds read
165993TensorFlow Model uninitialized resource [CVE-2020-26266]
165992Askey AP5100W Telnet/SSH weak password [CVE-2020-26201]
165991FastAdmin Template injection [CVE-2020-25967]
165990iCMS install.php os command injection
165989iCMS install.php os command injection
165988Notable Markdown Text cross site scripting [CVE-2020-16608]
165987ProcessMaker reportTables_Ajax sql injection
165986IBM Sterling B2B Integrator Standard Edition Dashboard UI information disclosure
165985Sympa SOAP API authenticateAndRun access control
165984Lan ATMService M3 ATM Monitoring System Session session expiration
165983Lan ATMService M3 ATM Monitoring System Log File log file [CVE-2020-29666]
165982GitLab Community Edition/Enterprise Edition Project Import cross site scripting
165981Adobe Experience Manager/AEM Forms add-on Form cross site scripting
165980Adobe Experience Manager/AEM Forms add-on server-side request forgery
165979Symantec Messaging Gateway Web UI information disclosure [CVE-2020-12595]
165978Symantec Messaging Gateway CLI access control [CVE-2020-12594]
165977Adobe Acrobat Reader information disclosure [CVE-2020-29075]
165976python-apt release of resource
165975APT deb Package integer overflow
165974Music Music Station cross site scripting [CVE-2020-2494]
165973QNAP Multimedia Console cross site scripting [CVE-2020-2493]
165972QNAP QTS Photo Station cross site scripting [CVE-2020-2491]
165971WAGO PLC 750-88x/PLC 750-352 resource consumption [CVE-2020-12516]
165970McAfee Database Security Server Sensor SHA1 Certificate certificate validation
165969Online Examination System feedback.php cross site scripting
165968Online Examination System index.php cross site scripting
165967Online Examination System feedback.php cross site scripting
165966pass Git Repository improper authentication [CVE-2020-28086]
165965synapse Synapse Event send_join denial of service
165964TOTOLINK A3002RU os command injection [CVE-2020-25499]
165963Artifex MuPDF newband_writer use after free
165962GNU Binutils _bfd_elf_get_symbol_version_string null pointer dereference
165961GNU Binutils debug_get_real_type null pointer dereference
165960GNU Binutils scan_unit_for_symbols denial of service
165959GNU Binutils bfd_hash_lookup use after free
165958GNU Binutils process_symbol_table denial of service
165957GNU Binutils File Descriptor process_symbol_table double free
165956Academy Software Foundation OpenEXR EXR File ImfTiledOutputFile.cpp writeTileData heap-based overflow
165955Academy Software Foundation OpenEXR EXR File makePreview.cpp generatePreview null pointer dereference
165954Academy Software Foundation OpenEXR EXR File ImfMultiPartInputFile.cpp chunkOffsetReconstruction heap-based overflow
165953Macrium Reflect openssl.cnf access control
165952react-adal JWT Token authentication spoofing [CVE-2020-7787]
165951PHPOffice PhpSpreadsheet Excel File cross site scripting [CVE-2020-7776]
165950Linux Kernel tty Subsystem tty_jobctrl.c use after free
165949Linux Kernel Locking tty_io.c use after free
165948Flexense DupScout Enterprise Web Server settings buffer overflow
165947SAP Business Warehouse/BW4HANA os command injection [CVE-2020-26838]
165946SAP Solution Manager User Experience Monitoring path traversal
165945SAP Solution Manager Trace Analysis redirect [CVE-2020-26836]
165944SAP NetWeaver AS ABAP cross site scripting [CVE-2020-26835]
165943Valid HANA Database SAML improper authentication [CVE-2020-26834]
165942SAP AS ABAP/S4 HANA Landscape Transformation authorization [CVE-2020-26832]
165941SAP BusinessObjects BI Platform Crystal Report server-side request forgery
165940SAP Solution Manager User Experience Monitoring access control
165939SAP NetWeaver AS JAVA improper authentication [CVE-2020-26829]
165938SAP Disclosure Management Spreadsheet unrestricted upload [CVE-2020-26828]
165937SAP NetWeaver AS JAVA Process Integration Monitoring unrestricted upload
165936SAP AS JAVA Key Storage Service missing encryption [CVE-2020-26816]
165935JupyterHub jupyterhub-systemdspawner API Token exposure of resource
165934BookStack Image URL or injection
165933WECON LeviStudioU Project File heap-based overflow [CVE-2020-25199]
165932imcat Picture unrestricted upload [CVE-2020-23520]
165931Palo Alto Cortex XDR Agent uncontrolled search path [CVE-2020-2049]
165930Palo Alto Cortex XDR Agent Exception exceptional condition [CVE-2020-2020]
165929Apache NuttX Fragmentation out-of-bounds write [CVE-2020-17529]
165928Apache NuttX TCP Packet out-of-bounds write [CVE-2020-17528]
165927McAfee VirusScan Enterprise Windows Defender Application Control permission assignment
165926JerryScript main-utils.c main_print_unhandled_exception out-of-bounds read
165925python-py incorrect regex [CVE-2020-29651]
165924Apple iTunes Text File memory corruption [CVE-2020-9999]
165923Apple macOS Text File memory corruption [CVE-2020-9999]
165922Apple iOS/iPadOS use after free [CVE-2020-9996]
165921Apple macOS use after free [CVE-2020-9996]
165920Apple iOS/iPadOS Address Bar clickjacking [CVE-2020-9993]
165919Apple Safari Address Bar clickjacking [CVE-2020-9993]
165918Apple watchOS Address Bar clickjacking [CVE-2020-9993]
165917Apple tvOS denial of service [CVE-2020-9991]
165916Apple iCloud denial of service [CVE-2020-9991]
165915Apple iOS/iPadOS denial of service [CVE-2020-9991]
165914Apple watchOS denial of service [CVE-2020-9991]
165913Apple macOS denial of service [CVE-2020-9991]
165912Apple iOS/iPadOS Message information disclosure [CVE-2020-9989]
165911Apple watchOS Message information disclosure [CVE-2020-9989]
165910Apple macOS Message information disclosure [CVE-2020-9989]
165909Apple iOS/iPadOS Message information disclosure [CVE-2020-9988]
165908Apple macOS Message information disclosure [CVE-2020-9988]
165907Apple Safari Address Bar clickjacking [CVE-2020-9987]
165906Apple macOS use after free [CVE-2020-9981]
165905Apple tvOS use after free [CVE-2020-9981]
165904Apple iTunes use after free [CVE-2020-9981]
165903Apple iOS/iPadOS use after free [CVE-2020-9981]
165902Apple watchOS use after free [CVE-2020-9981]
165901Apple iOS/iPadOS Entitlement Verification information disclosure
165900Apple macOS Entitlement Verification information disclosure [CVE-2020-9977]
165899Apple macOS Kernel information disclosure [CVE-2020-9974]
165898Apple iOS/iPadOS USD File buffer overflow [CVE-2020-9972]
165897Apple tvOS User Information sandbox [CVE-2020-9969]
165896Apple iOS/iPadOS User Information sandbox [CVE-2020-9969]
165895Apple watchOS User Information sandbox [CVE-2020-9969]
165894Apple macOS User Information sandbox [CVE-2020-9969]
165893Apple iOS/iPadOS out-of-bounds read [CVE-2020-9966]
165892Apple tvOS out-of-bounds read [CVE-2020-9966]
165891Apple watchOS out-of-bounds read [CVE-2020-9966]
165890Apple macOS out-of-bounds read [CVE-2020-9966]
165889Apple tvOS out-of-bounds read [CVE-2020-9965]
165888Apple iOS/iPadOS out-of-bounds read [CVE-2020-9965]
165887Apple watchOS out-of-bounds read [CVE-2020-9965]
165886Apple macOS out-of-bounds read [CVE-2020-9965]
165885Apple iOS/iPadOS Icon Cache information disclosure [CVE-2020-9963]
165884Apple macOS Icon Cache information disclosure [CVE-2020-9963]
165883Apple iOS/iPadOS Audio File buffer overflow [CVE-2020-9954]
165882Apple macOS Audio File buffer overflow [CVE-2020-9954]
165881Apple tvOS Audio File buffer overflow [CVE-2020-9954]
165880Apple watchOS Audio File buffer overflow [CVE-2020-9954]
165879Apple iOS/iPadOS use after free [CVE-2020-9950]
165878Apple Safari use after free [CVE-2020-9950]
165877Apple tvOS use after free [CVE-2020-9950]
165876Apple watchOS use after free [CVE-2020-9950]
165875Apple tvOS use after free [CVE-2020-9949]
165874Apple iOS/iPadOS use after free [CVE-2020-9949]
165873Apple watchOS use after free [CVE-2020-9949]
165872Apple macOS use after free [CVE-2020-9949]
165871Apple Safari Web Contents use after free [CVE-2020-9947]
165870Apple tvOS Web Contents use after free [CVE-2020-9947]
165869Apple iTunes Web Contents use after free [CVE-2020-9947]
165868Apple iOS/iPadOS Web Contents use after free [CVE-2020-9947]
165867Apple watchOS Web Contents use after free [CVE-2020-9947]
165866Apple Safari Address Bar clickjacking [CVE-2020-9945]
165865Apple macOS Address Bar clickjacking [CVE-2020-9945]
165864Apple iOS/iPadOS out-of-bounds read [CVE-2020-9944]
165863Apple tvOS out-of-bounds read [CVE-2020-9944]
165862Apple watchOS out-of-bounds read [CVE-2020-9944]
165861Apple macOS out-of-bounds read [CVE-2020-9944]
165860Apple tvOS out-of-bounds read [CVE-2020-9943]
165859Apple iOS/iPadOS out-of-bounds read [CVE-2020-9943]
165858Apple watchOS out-of-bounds read [CVE-2020-9943]
165857Apple macOS out-of-bounds read [CVE-2020-9943]
165856Apple Safari Address Bar clickjacking [CVE-2020-9942]
165855Apple macOS Address Bar clickjacking [CVE-2020-9942]
165854Apple macOS Email state issue [CVE-2020-9922]
165853Apple tvOS information disclosure [CVE-2020-9849]
165852Apple iOS/iPadOS information disclosure [CVE-2020-9849]
165851Apple watchOS information disclosure [CVE-2020-9849]
165850Apple macOS information disclosure [CVE-2020-9849]
165849irssi Docker Image improper authentication [CVE-2020-29602]
165848Notary Docker Image improper authentication [CVE-2020-29601]
165847spiped Docker Image access control [CVE-2020-29581]
165846Storm Docker Image improper authentication [CVE-2020-29580]
165845Express Gateway Docker Image improper authentication [CVE-2020-29579]
165844piwik Docker Image improper authentication [CVE-2020-29578]
165843znc Docker Image improper authentication [CVE-2020-29577]
165842Eggdrop Docker image improper authentication [CVE-2020-29576]
165841Elixir Docker Image improper authentication [CVE-2020-29575]
165840Hashicorp Consul improper authentication [CVE-2020-29564]
165839Systran Pure Neural Server API denial of service [CVE-2020-29540]
165838Systran Pure Neural Server cross site scripting [CVE-2020-29539]
165837Plum IK-401 Configuration File information disclosure [CVE-2020-28946]
165836deepref code injection [CVE-2020-28274]
165835Apple macOS Kernel initialization [CVE-2020-27950]
165834Apple macOS FontParser out-of-bounds write [CVE-2020-27927]
165833Apple macOS WebKit use after free [CVE-2020-27918]
165832Apple macOS libxml2 use after free [CVE-2020-27917]
165831Apple macOS Audio out-of-bounds write [CVE-2020-27916]
165830Apple macOS ImageIO out-of-bounds write [CVE-2020-27912]
165829Apple macOS libxml2 integer overflow [CVE-2020-27911]
165828Apple macOS Audio out-of-bounds read [CVE-2020-27910]
165827Apple macOS integer overflow [CVE-2020-27906]
165826Apple macOS State Management memory corruption [CVE-2020-27904]
165825Apple macOS privileges management [CVE-2020-27903]
165824Apple macOS Snapshot permission [CVE-2020-27900]
165823Apple macOS Managed Frame Protection denial of service [CVE-2020-27898]
165822Apple macOS path traversal [CVE-2020-27896]
165821Apple iTunes information disclosure [CVE-2020-27895]
165820Apple macOS Metadata unknown vulnerability [CVE-2020-27894]
165819QEMU Memory Management API out-of-bounds write [CVE-2020-27821]
165818ImageMagick txt.c integer overflow
165817ImageMagick quantum-private.h ScaleAnyToQuantum integer overflow
165816ImageMagick geometry.c ParseMetaGeometry divide by zero
165815ImageMagick image.c SetImageExtent memory leak
165814ImageMagick quantize.c IntensityCompare integer overflow
165813ImageMagick miff.c AcquireMagickMemory memory leak
165812ImageMagick quantum-private.h heap-based overflow
165811ImageMagick quantum-export.c integer overflow
165810ImageMagick colorspace-private.h divide by zero
165809AnyDesk XPC Interface access control [CVE-2020-27614]
165808aptdaemon policykit authorization [CVE-2020-27349]
165807Mozilla Firefox memory corruption [CVE-2020-26969]
165806Mozilla Firefox/Thunderbird memory corruption [CVE-2020-26968]
165805Mozilla Firefox Screenshot injection [CVE-2020-26967]
165804Mozilla Firefox/Thunderbird mDNS information disclosure [CVE-2020-26966]
165803Mozilla Firefox/Thunderbird Keyboard Layout unknown vulnerability
165802Mozilla Firefox Remote Debugging via USB Remote Privilege Escalation
165801Mozilla Firefox API denial of service [CVE-2020-26963]
165800Mozilla Firefox Login Autofill clickjacking [CVE-2020-26962]
165799Mozilla Firefox/Thunderbird IPv6 Address dns rebinding [CVE-2020-26961]
165798Mozilla Firefox/Thunderbird Compact use after free
165797Mozilla Firefox/Thunderbird Reference use after free [CVE-2020-26959]
165796Mozilla Firefox/Thunderbird MIME Type protection mechanism [CVE-2020-26958]
165795Mozilla Firefox OneCRL improper validation of integrity check value
165794Mozilla Firefox/Thunderbird SVG Event cross site scripting [CVE-2020-26956]
165793Mozilla Firefox File Download information disclosure [CVE-2020-26955]
165792Mozilla Firefox Fullscreen improper restriction of rendered ui layers
165791Mozilla Firefox/Thunderbird Fullscreen improper restriction of rendered ui layers
165790Mozilla Firefox JIT Compiler memory corruption [CVE-2020-26952]
165789Mozilla Firefox/Thunderbird Event Parser cross site scripting
165788Mozilla Firefox/Thunderbird use after free [CVE-2020-26950]
165787fast-csv incorrect regex [CVE-2020-26256]
165786Kirby CMS/Panel phar File unrestricted upload [CVE-2020-26255]
165785omniauth-apple Gem authentication spoofing [CVE-2020-26254]
165784Red Discord Bot Dashboard Name code injection [CVE-2020-26249]
165783Opencast Hostname Verification origin validation [CVE-2020-26234]
165782Git Credential Manager Core Working Directory git.exe name resolution
165781SourceCodester Student Management System Subject cross site scripting
165780Online Bus Booking System Login Page sql injection [CVE-2020-25889]
165779ImageMagick pixel.c InterpolatePixelInfo integer overflow
165778ImageMagick transform.c CropImage integer overflow
165777ImageMagick PNG Coder png.c WriteOnePNGImage out-of-bounds read
165776ImageMagick tiff.c TIFFGetProfiles out-of-bounds read
165775ImageMagick histogram.c HistogramCompare integer overflow
165774ImageMagick PALM Image palm.c AcquireQuantumMemory out-of-bounds read
165773ImageMagick PNG Coder png.c WriteOnePNGImage out-of-bounds write
165772ImageMagick channel.c ConformPixelInfo heap-based overflow
165771Moodle cross site scripting [CVE-2020-25627]
165770OpenSSL x509 Certificate GENERAL_NAME_cmp null pointer dereference
165769Apache Tapestry deserialization [CVE-2020-17531]
165768Aptdaemon DBus Interface information disclosure [CVE-2020-16128]
165767DiveBook Plugin divelog.php sql injection
165766DiveBook Plugin cross site scripting [CVE-2020-14206]
165765DiveBook Plugin Log Dive Form access control [CVE-2020-14205]
165764Apple macOS CoreAudio out-of-bounds write [CVE-2020-10017]
165763Apple macOS Kernel memory corruption [CVE-2020-10016]
165762Apple macOS Path Validation sandbox [CVE-2020-10014]
165761Apple iOS/iPadOS state issue [CVE-2020-10013]
165760Apple tvOS state issue [CVE-2020-10013]
165759Apple macOS Document cross site scripting [CVE-2020-10012]
165758Apple macOS Model I/O out-of-bounds read [CVE-2020-10011]
165757Apple macOS Logging path traversal [CVE-2020-10010]
165756Apple macOS Crash Reporter symlink [CVE-2020-10003]
165755Apple macOS Foundation behavioral workflow [CVE-2020-10002]
165754Apple macOS sandbox [CVE-2020-10009]
165753Apple macOS state issue [CVE-2020-10007]
165752Apple macOS access control [CVE-2020-10006]
165751Apple macOS Model I/O behavioral workflow [CVE-2020-10004]
165750Microsoft Windows SMB information disclosure [CVE-2020-17140]
165749Microsoft Windows NTFS Remote Privilege Escalation [CVE-2020-17096]
165748Microsoft Windows Digital Media Receiver privileges management
165747Microsoft Windows Lock Screen improper authentication [CVE-2020-17099]
165746Microsoft Windows Hyper-V Remote Privilege Escalation [CVE-2020-17095]
165745Microsoft Windows Error Reporting information disclosure [CVE-2020-17094]
165744Microsoft Windows Backup Engine privileges management [CVE-2020-16962]
165743Microsoft Windows Backup Engine privileges management [CVE-2020-16963]
165742Microsoft Windows Backup Engine privileges management [CVE-2020-16964]
165741Microsoft Windows Backup Engine privileges management [CVE-2020-16961]
165740Microsoft Windows Backup Engine privileges management [CVE-2020-16959]
165739Microsoft Windows Backup Engine privileges management [CVE-2020-16958]
165738Microsoft Windows Backup Engine privileges management [CVE-2020-16960]
165737Microsoft Visual Studio TS-Lint Extension code injection [CVE-2020-17150]
165736Microsoft Visual Studio code injection [CVE-2020-17156]
165735Microsoft Visual Studio Java Extension Pack code injection [CVE-2020-17159]
165734Microsoft Visual Studio Remote SSH Extension code injection [CVE-2020-17148]
165733Microsoft Windows Cloud Files Mini Filter Driver privileges management
165732Microsoft Windows Cloud Files Mini Filter Driver privileges management
165731Microsoft Windows Overlay Filter protection mechanism [CVE-2020-17139]
165730Microsoft Windows Network Connections Service privileges management
165729Microsoft Windows Error Reporting information disclosure [CVE-2020-17138]
165728Microsoft Windows Kerberos protection mechanism [CVE-2020-16996]
165727Microsoft Windows Cloud Files Mini Filter Driver privileges management
165726Microsoft SharePoint privileges management [CVE-2020-17089]
165725Microsoft SharePoint unknown vulnerability [CVE-2020-17118]
165724Microsoft SharePoint Remote Privilege Escalation [CVE-2020-17121]
165723Microsoft SharePoint information disclosure [CVE-2020-17120]
165722Microsoft SharePoint input validation [CVE-2020-17115]
165721Microsoft Office/Office Web Apps/SharePoint Server Remote Code Execution
165720Microsoft Excel information disclosure [CVE-2020-17126]
165719Microsoft Excel Remote Code Execution [CVE-2020-17127]
165718Microsoft Excel Remote Code Execution [CVE-2020-17125]
165717Microsoft Outlook information disclosure [CVE-2020-17119]
165716Microsoft Excel Remote Code Execution [CVE-2020-17123]
165715Microsoft PowerPoint Remote Code Execution [CVE-2020-17124]
165714Microsoft Excel Remote Code Execution [CVE-2020-17129]
165713Microsoft Excel Remote Code Execution [CVE-2020-17128]
165712Microsoft Excel protection mechanism [CVE-2020-17130]
165711Microsoft Windows GDI+ information disclosure [CVE-2020-17098]
165710Microsoft Windows DirectX Graphics privileges management [CVE-2020-17137]
165709Microsoft Microsoft Exchange Server code injection [CVE-2020-17142]
165708Microsoft Microsoft Exchange Server code injection [CVE-2020-17132]
165707Microsoft Microsoft Exchange Server Remote Privilege Escalation
165706Microsoft Microsoft Exchange Server code injection [CVE-2020-17141]
165705Microsoft Microsoft Exchange Server code injection [CVE-2020-17144]
165704Microsoft Microsoft Exchange Server information disclosure [CVE-2020-17143]
165703Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption
165702Microsoft Microsoft Edge input validation [CVE-2020-17153]
165701Microsoft Dynamics 365 for Finance and Operations code injection
165700Microsoft Dynamics 365 for Finance and Operations code injection
165699Microsoft Microsoft Dynamics NAV 2015 information disclosure
165698Microsoft Microsoft Dynamics 365 cross site scripting [CVE-2020-17147]
165697Microsoft Azure Sphere protection mechanism [CVE-2020-17160]
165696Microsoft Azure SDK for Java protection mechanism [CVE-2020-16971]
165695Microsoft C SDK for Azure IoT protection mechanism [CVE-2020-17002]
165694Microsoft Azure DevOps Server input validation [CVE-2020-17135]
165693Microsoft Azure DevOps Server/Team Foundation Server input validation
165692QNAP QTS/QuTS cross site scripting [CVE-2020-2498]
165691QNAP QTS/QuTS cross site scripting [CVE-2020-2497]
165690QNAP QTS/QuTS cross site scripting [CVE-2020-2496]
165689QNAP QTS/QuTS cross site scripting [CVE-2020-2495]
165688QNAP QTS/QuTS command injection [CVE-2019-7198]
165687Wildfly OpenTracing API memory leak [CVE-2020-27822]
165686pngcheck check_chunk_name out-of-bounds read
165685Kirby CMS/Panel Admin Panel cms origin validation
165684OpenLDAP RDN null pointer dereference [CVE-2020-25692]
165683Ceph-ansible iscsi-gateway.conf cleartext storage
165682Moodle Book Chapter Title cross site scripting [CVE-2020-25631]
165681Moodle ZIP File resource consumption [CVE-2020-25630]
165680Moodle Log in as access control [CVE-2020-25629]
165679Moodle Tag Manager cross site scripting [CVE-2020-25628]
165678ASUS RT-AC88U Download Master Title injection [CVE-2020-29655]
165677ASUS RT-AC88U Download Master direct request [CVE-2020-29656]
165676Kubernetes kube-controller-manager Ceph RBD log file [CVE-2020-8566]
165675Kubernetes Token log file [CVE-2020-8565]
165674Kubernetes Config File log file [CVE-2020-8564]
165673Kubernetes VSphere Credential log file [CVE-2020-8563]
165672AWStats pathname traversal
165671ImageMagick PDF File pdf.c os command injection
165670IncomCMS script.php unrestricted upload
165669Acdsee Photo Studio Studio Professional 2021 IDE_ACDStd.apl memory corruption
165668Nlnet Labs Unbound/NSD PID File link following [CVE-2020-28935]
165667Apache Groovy Extension temp file [CVE-2020-17521]
165666Apache APISIX Admin API improper authentication [CVE-2020-13945]
165665Huawei Honor 20 Pro Configuration Parameter buffer overflow [CVE-2020-9247]
165664Eat Spray Love mobile App improper authentication [CVE-2020-5800]
165663Eat Spray Love mobile App backdoor [CVE-2020-5799]
165662inSync Client Installer improper validation of integrity check value
165661Kata Containers unknown vulnerability [CVE-2020-27151]
165660Intland codeBeamer ALM ReqIF XML Data xml external entity reference
165659Inspur NF5266M5 Baseboard Management Controller signature verification
165658Microsoft Teams Message cross site scripting [CVE-2020-10146]
165657SeedDMS class.DropFolderChooser.php cross site scripting
165656Google Chrome V8 uninitialized pointer [CVE-2020-16042]
165655Google Chrome Networking out-of-bounds read [CVE-2020-16041]
165654Google Chrome V8 Remote Code Execution [CVE-2020-16040]
165653Google Chrome Extension use after free [CVE-2020-16039]
165652Google Chrome Media use after free [CVE-2020-16038]
165651Google Chrome Clipboard use after free [CVE-2020-16037]
165650Apple iCloud WebKit use after free [CVE-2020-9951]
165649Apple iCloud WebKit use after free [CVE-2020-9947]
165648Apple iCloud WebKit use after free [CVE-2020-27918]
165647Apple iCloud WebKit out-of-bounds write [CVE-2020-9983]
165646Apple iCloud WebKit use after free [CVE-2020-27918]
165645Apple iCloud WebKit use after free [CVE-2020-9951]
165644Apple iCloud SQLite denial of service [CVE-2020-13631]
165643Apple iCloud SQLite information disclosure [CVE-2020-9849]
165642Apple iCloud SQLite memory corruption [CVE-2020-13630]
165641Apple iCloud SQLite denial of service [CVE-2020-13435]
165640Apple iCloud SQLite denial of service [CVE-2020-13434]
165639Apple iCloud libxml2 use after free [CVE-2020-9981]
165638Apple iCloud libxml2 integer overflow [CVE-2020-27911]
165637Apple iCloud libxml2 use after free [CVE-2020-27917]
165636Apple iCloud ImageIO out-of-bounds write [CVE-2020-9876]
165635Apple iCloud ImageIO out-of-bounds write [CVE-2020-27912]
165634Apple iCloud ImageIO out-of-bounds read [CVE-2020-9961]
165633Apple iCloud Foundation state issue [CVE-2020-10002]
165632GNU C Library ldbl2mpn.c sprintf stack-based overflow
165631MISP genericField.ctp cross site scripting
165630National Instruments CompactRIO Driver permission assignment
165629Kaspersky Anti-Ransomware Tool uncontrolled search path [CVE-2020-28950]
165628ImageMagick statistic.c integer overflow
165627ImageMagick quantum.h integer overflow
165626ImageMagick statistic.c integer overflow
165625ImageMagick gem-private.h divide by zero
165624ImageMagick bmp.c integer overflow
165623Moddable SDK xsSyntaxical.c:3419 xObjectBindingFromExpression denial of service
165622Moddable SDK xsDebug.c heap-based overflow
165621Moddable SDK xsCommon.c fxUTF8Decode denial of service
165620Moddable SDK xsSyntaxical.c fxCheckArrowFunction heap-based overflow
165619Moddable SDK xsProxy.c fxProxyGetter denial of service
165618Arachnys Cabot Address Column cross site scripting [CVE-2020-25449]
165617ImageMagick pdf.c RestoreMSCWarning integer overflow
165616ImageMagick SubstituteString integer overflow
165615ImageMagick quantum.h integer overflow
165614ImageMagick statistic.c integer overflow
165613ImageMagick segment.c divide by zero
165612openSIS Community Edition SideForStudent.php cross site scripting
165611openSIS Community Edition ResetUserInfo.php access control
165610Mitsubishi Electric GT2107-WTBD out-of-bounds read [CVE-2020-5675]
165609OpenStack Horizon redirect [CVE-2020-29565]
165608GNU C Library UCS4 Text denial of service [CVE-2020-29562]
165607SonicBOOM riscv-boom authorization [CVE-2020-29561]
165606QEMU RX Descriptor e1000e_core.c infinite loop
165605snapcraft uncontrolled search path [CVE-2020-27348]
165604Linux Kernel Reference execve unknown vulnerability
165603Hashicorp go-slug pathname traversal [CVE-2020-29529]
165602productcomments sql injection [CVE-2020-26248]
165601AnyView Monitoring Software denial of service [CVE-2020-23741]
165600DriverGenius Driver Wizard access control [CVE-2020-23740]
165599Advanced SystemCare denial of service [CVE-2020-23738]
165598DaDa Accelerator denial of service [CVE-2020-23736]
165597Apache Tomcat Request Header information disclosure [CVE-2020-17527]
165596PulseAudio Snap Policy Module race condition [CVE-2020-16123]
165595stringstream Module out-of-bounds read [CVE-2018-21270]
165594Allen-Bradley MicroLogix 1100 denial of service [CVE-2020-6111]
165593Check Point Endpoint Security Client Installation uncontrolled search path
165592Valve Game Networking Sockets Plain-Text Message SNP_ReceiveUnreliableSegment heap-based overflow
165591OpenClinic test_new.php unrestricted upload
165590OpenClinic Check.php cross site scripting [CVE-2020-28938]
165589OpenClinic direct request [CVE-2020-28937]
165588Play Framework Java API unknown vulnerability [CVE-2020-28923]
165587Netscout AirMagnet Enterprise Sensor access control [CVE-2020-28251]
165586Almico Speedfan access control [CVE-2020-28175]
165585python-lxml Clean Module cross site scripting [CVE-2020-27783]
165584Poppler pdftohtml uninitialized pointer [CVE-2020-27778]
165583ImageMagick statistic.c ApplyEvaluateOperator integer overflow
165582ImageMagick resize.c divide by zero
165581ImageMagick hdr.c integer overflow
165580ImageMagick palm.c WritePALMImage integer overflow
165579ImageMagick enhance.c GammaImage divide by zero
165578ImageMagick quantize.c IntensityCompare integer overflow
165577Infinispan REST API access control [CVE-2020-25711]
165576CImg load_pnm heap-based overflow
165575FasterXML Jackson Databind xml external entity reference [CVE-2020-25649]
165574Saibo Game Accelerator access control [CVE-2020-23735]
165573Antiy Zhijia Terminal Defense System denial of service [CVE-2020-23727]
165572Wise Care 365 denial of service [CVE-2020-23726]
165571CVS Plugin XML Parser xml external entity reference [CVE-2020-2324]
165570Chaos Monkey Plugin authorization [CVE-2020-2323]
165569Chaos Monkey Plugin Read memory leak
165568Shelve Project Plugin cross-site request forgery [CVE-2020-2321]
165567Plugin Installation Manager Tool Plugin Download code download
165566Linux Kernel futex use after free [CVE-2020-14381]
165565Linux Kernel perf Subsystem use after free [CVE-2020-14351]
165564libvirt File Descriptor control release of resource
165563Samba privileges assignment [CVE-2020-14318]
165562WebKit WebKitGTK Web Page use after free [CVE-2020-13584]
165561WebKit WebKitGTK Websocket use after free [CVE-2020-13543]
165560LogicalDoc permission [CVE-2020-13542]
165559Pixar OpenUSD USD File Ha USD File Handler use after free
165558ProcessMaker reportTables_Ajax sql injection
165557Pixar OpenUSD USD File out-of-bounds read [CVE-2020-13524]
165556EC-CUBE denial of service [CVE-2020-5680]
165555EC-CUBE UI Layer clickjacking [CVE-2020-5679]
165554GROWI cross site scripting [CVE-2020-5678]
165553GROWI cross site scripting [CVE-2020-5677]
165552GROWI information disclosure [CVE-2020-5676]
165551Desknet NEO cross site scripting [CVE-2020-5638]
165550Xerox DocuShare XML xml entity expansion [CVE-2020-27177]
165549Mozilla Thunderbird SMTP Server Response Code stack-based overflow
165548Pimcore improper authorization [CVE-2020-26246]
165547Gym Management System manage_user.php sql injection
165546Car Rental Management System view_car.php sql injection
165545Point of Sales in PHP-PDO edit_category.php sql injection
165544Multi Restaurant Table Reservation System view-chair-list.php sql injection
165543Online Doctor Appointment Booking System getuser.php sql injection
165542BloodX sql injection [CVE-2020-29282]
165541Victor CMS search.php sql injection
16554074CMS BaseController.class.php assign_resume_tpl file inclusion
165539Bitrix Framework excessive authentication [CVE-2020-28206]
165538Python oic cryptographic issues [CVE-2020-26244]
165537Crux Linux Docker Image credentials management [CVE-2020-29389]
165536Lepton CMS Admin Page cross site scripting [CVE-2020-29240]
165535Online Birth Certificate System Project User Registration cross site scripting
165534set-in Prototype code injection [CVE-2020-28273]
165533keyget Prototype code injection [CVE-2020-28272]
165532hibernate-core JPA Criteria API sql injection [CVE-2020-25638]
165531AppImage appimaged MP3 File code download [CVE-2020-25266]
165530AppImage libappimage Desktop File path traversal [CVE-2020-25265]
165529Red Hat CloudForms HTTP Request cross-site request forgery [CVE-2020-14369]
165528Apache HttpClient URI Object unknown vulnerability [CVE-2020-13956]
165527Pixar OpenUSD Encoding out-of-bounds read [CVE-2020-13498]
165526Pixar OpenUSD Encoding out-of-bounds read [CVE-2020-13497]
165525Pixar OpenUSD Encoding out-of-bounds read [CVE-2020-13496]
165524Pixar OpenUSD USD File out-of-bounds read [CVE-2020-13494]
165523Pixar OpenUSD USD File heap-based overflow [CVE-2020-13493]
165522Phoenix Contact BTP 2043W/BTP 2070W/BTP 2102W resource consumption
165521libxls XLS File xls_addCell out-of-bounds write
165520cpp-ethereum libevm Smart Contract Code out-of-bounds write [CVE-2017-14451]
165519FreeBSD ICMPv6 use after free [CVE-2020-7469]
165518FreeBSD rtsold memory corruption [CVE-2020-25577]
165517Textpattern CMS prefs Subsystem cross-site request forgery [CVE-2020-29458]
165516Papermerge create folder cross site scripting
165515HPE Edgeline Infrastructure Manager improper authentication [CVE-2020-7199]
165514Valve Game Networking Sockets libsodium Decrypt stack-based overflow
165513CAPI YAML Parser resource consumption [CVE-2020-5423]
165512HCL Notes DXL buffer overflow [CVE-2020-4102]
165511Umbraco LogViewerController.cs access control
165510elasticsearch-operator-container Namespace Validator redirect
165509Gorilla Websocket Frame integer overflow [CVE-2020-27813]
165508QEMU USB EHCI Emulation assertion [CVE-2020-25723]
165507Linux Kernel Performance Monitoring Subsystem resource consumption
165506Samba DNS Server denial of service [CVE-2020-14383]
165505Linux Kernel Voice over IP H.323 Connection Tracking out-of-bounds write
165504HCL Domino DXL buffer overflow [CVE-2020-14260]
165503Software-properties certificate validation
165502Trend Micro Apex One/OfficeScan XG information disclosure [CVE-2020-28583]
165501Trend Micro Apex One/OfficeScan XG information disclosure [CVE-2020-28582]
165500Trend Micro Apex One/OfficeScan XG information disclosure [CVE-2020-28577]
165499Trend Micro Apex One/OfficeScan XG information disclosure [CVE-2020-28576]
165498Trend Micro ServerProtect for Linux heap-based overflow [CVE-2020-28575]
165497Trend Micro Apex One/OfficeScan XG information disclosure [CVE-2020-28573]
165496oauthenticator Whitelist improper authorization [CVE-2020-26250]
165495Kia Head Unit micomd command injection [CVE-2020-8539]
165494Schneider Electric Smartlink/PowerTag/Wiser Series Gateway random values
165493Schneider Electric EcoStruxure/SmartStruxure access control [CVE-2020-7547]
165492Schneider Electric EcoStruxure/SmartStruxure Web Page Generation cross site scripting
165491Schneider Electric EcoStruxure/SmartStruxure access control [CVE-2020-7545]
165490Schneider Electric Modicon Quantum/ModiconPremium Legacy Communication Module credentials management
165489ZXELINK ZXV10 W908 sql injection [CVE-2020-6880]
165488HCL Domino ID Vault Service excessive authentication [CVE-2020-4128]
165487ThinkAdmin cross site scripting [CVE-2020-29315]
165486ATX miniCMTS200a Broadband Gateway/Pico CMTS pathname traversal
165485Western Digital My Cloud OS improper authentication [CVE-2020-28971]
165484Western Digital My Cloud OS Cookie improper authentication [CVE-2020-28970]
165483Western Digital My Cloud OS NAS Admin Dashboard improper authentication
165482Edimax IC-3116W/IC-3140W GET Request ipcam_cgi doGetSysteminfo stack-based overflow
165481WECON PLC Editor heap-based overflow [CVE-2020-25181]
165480WECON PLC Editor stack-based overflow [CVE-2020-25177]
165479Apache Cordova Camera Plugin access control [CVE-2020-11990]
165478SolarWinds Web Help Desk cross site scripting [CVE-2019-16958]
165477Huawei Nova 4/SydneyM-AL00 out-of-bounds write [CVE-2020-9117]
165476Huawei FusionCompute Administrator access control [CVE-2020-9114]
165475McAfee Total Protection Microsoft Windows Client access control
165474containerd containerd-shim API resource transfer [CVE-2020-15257]
165473Huawei FusionCompute command injection [CVE-2020-9116]
165472Huawei ManageOne Plugin command injection [CVE-2020-9115]
165471Lenovo PCManager config [CVE-2020-8351]
165470SAP Adaptive Server Enterprise ASE Cockpit log file [CVE-2020-6317]
165469HCL Domino LDAP Service excessive authentication [CVE-2020-4129]
165468HCL Domino Login cross-site request forgery [CVE-2020-4127]
165467HCL iNotes HTTP Session cleartext transmission [CVE-2020-4126]
165466Upload Widget in OutSystems Platform unrestricted upload [CVE-2020-29441]
165465Tesla Model X Pairing certificate validation [CVE-2020-29440]
165464Tesla Model X Authentication improper authentication [CVE-2020-29439]
165463Tesla Model X Signature Verification signature verification [CVE-2020-29438]
165462EventON Plugin Search Field addons cross site scripting
165461dlt-daemon Diagnostic Log dlt_common.c dlt_filter_load buffer overflow
165460Quick Heal Total Security File Vault excessive authentication
165459Quick Heal Total Security Quarantine inadequate encryption [CVE-2020-27586]
165458Quick Heal Total Security excessive authentication [CVE-2020-27585]
165457PbootCMS Password cross-site request forgery [CVE-2020-17901]
165456Mitsubishi Electric MELSEC iQ-R denial of service [CVE-2020-16850]
165455Canon MF237w IPv4/ICMPv4 information disclosure [CVE-2020-16849]
165454Automation Template classes injection
165453Audacity audacity-$USER temp file
165452Estil Hill Lock Password Manager Safe App backdoor [CVE-2020-29392]
165451ZeroShell kerbynet os command injection
165450NetArt News Lister News Headline cross site scripting [CVE-2020-29364]
165449minidlna UPnP HTTP Request buffer overflow [CVE-2020-28926]
165448UCMS File Upload unrestricted upload [CVE-2020-25537]
165447IBM Business Automation Workflow log file [CVE-2020-4900]
165446IBM Cloud Pak for Security session fixiation [CVE-2020-4696]
165445IBM Cloud Pak for Security csv injection [CVE-2020-4627]
165444IBM Cloud Pak for Security HTTP Request information disclosure
165443IBM Cloud Pak for Security cookie without 'httponly' flag [CVE-2020-4625]
165442IBM Cloud Pak for Security inadequate encryption [CVE-2020-4624]
165441PNGOUT PNG File integer overflow [CVE-2020-29384]
165440Canto Plugin tree.php server-side request forgery
165439Canto Plugin get.php server-side request forgery
165438Canto Plugin detail.php server-side request forgery
165437Fujitsu Eternus Storage DX200 S4 csp improper restriction of rendered ui layers
165436Synology SafeAccess request.cgi sql injection
165435Synology SafeAccess cross site scripting [CVE-2020-27659]
165434QEMU Host Controller Driver hcd-ohci.c stack-based overflow
165433Fuji Electric V-Server Lite out-of-bounds write [CVE-2020-25171]
165432V-SOL V1600D4L/V1600D-MINI RSA Private Key hard-coded key [CVE-2020-29383]
165431V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 RSA Private Key hard-coded key
165430V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 CLI command injection
165429V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 Telnet cleartext transmission
165428V-SOL V1600D4L/V1600D-MINI Firmware Update sh improper authentication
165427V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 CLI hard-coded credentials
165426V-SOL V1600D hard-coded credentials [CVE-2020-29377]
165425V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 Telnet Service hard-coded credentials
165424V-SOL V1600D/V1600D4L/V1600D-MINI/V1600G1/V1600G2 hard-coded password
165423Linux Kernel gup gup.c get_user_pages race condition
165422Linux Kernel Filesystem io_uring.c path traversal
165421Linux Kernel madvise.c do_madvise race condition
165420Linux Kernel storage.c romfs_dev_read uninitialized pointer
165419Linux Kernel Slowpath slub.c kmem_cache_alloc_bulk race condition
165418Linux Kernel mmap.c expand_upwards race condition
165417Linux Kernel THP Mapcount Check huge_memory.c __split_huge_pmd race condition
165416Linux Kernel Fair Scheduler show_numa_stats use after free
165415Eclipse Jetty gzip injection [CVE-2020-27218]
165414Blosc C-Blosc2 Compressed Data blosc2.c heap-based overflow
165413systeminformation Prototype si.inetChecksite os command injection
165412com.softwaremill.akka-http-session Header cross-site request forgery
165411Sagemcom F@ST3486 NET DOCSIS Configuration File backupsettings.conf access control
165410Devid Espenschied PC Analyser Physical Memory PCADRVX64.SYS privileges management
165409Devid Espenschied PC Analyser IOCTL Handler Function PCADRVX64.SYS memory corruption
165408Slurm proc race condition
165407Slurm PMIx MPI plugin buffer overflow [CVE-2020-27745]
165406LibVNCServer Exception divide by zero [CVE-2020-25708]
165405ZyXEL UTM/VPN HTTP Packet fbwifi_continue.cgi buffer overflow
165404Red Hat Enterprise Linux Unbound resource consumption [CVE-2020-10772]
165403B&R Industrial Automation APROL AprolSqlServer improper authentication
165402B&R Industrial Automation APROL AprolSqlServer pathname traversal
165401B&R Industrial Automation APROL EnMon sql injection [CVE-2019-19876]
165400B&R Industrial Automation APROL AprolCluster Script injection
165399B&R Industrial Automation APROL Web Interface injection [CVE-2019-19874]
165398B&R Industrial Automation APROL AprolSqlServer DBMS improper authentication
165397B&R Industrial Automation APROL AprolLoader injection [CVE-2019-19872]
165396B&R Industrial Automation APROL IosHttp Service/JSON interface unknown vulnerability
165395Crafter CMS Crafter Studio cross site scripting [CVE-2017-15686]
165394Crafter CMS Crafter Studio xml external entity reference [CVE-2017-15685]
165393Crafter CMS Crafter Studio pathname traversal [CVE-2017-15684]
165392Crafter CMS Crafter Studio information disclosure [CVE-2017-15683]
165391Crafter CMS Crafter Studio injection [CVE-2017-15682]
165390Crafter CMS Crafter Studio pathname traversal [CVE-2017-15681]
165389Crafter CMS Crafter Studio resource injection [CVE-2017-15680]
165388CyberArk Endpoint Privilege Manager Credential Theft Protection protection mechanism
165387Ericsson BSCS iX R18 Billing & Rating cross site scripting [CVE-2020-29145]
165386Ericsson BSCS iX R18 Billing & Rating Alert Dashboard Comment cross site scripting
165385cPanel WHM Transfer Tool Interface cross site scripting [CVE-2020-29137]
165384cPanel 2FA improper authentication [CVE-2020-29136]
165383cPanel URL Parameter injection [CVE-2020-29135]
165382Coremail XT Signature upload.jsp cross site scripting
165381libslirp Packet Length slirp.c buffer overflow
165380libslirp Packet Length ncsi.c buffer overflow
165379BigBlueButton Email Address edit improper authentication
165378BigBlueButton excessive authentication [CVE-2020-29042]
165377GLPI getDropdownValue.php resource injection
165376GLPI comments.php resource injection
165375Zetetic SQLCipher sqlite3.c sqlite3Strlen30 use after free
165374Cloudera Data Engineering cross-site request forgery [CVE-2020-26936]
165373Intelbras TIP200/TIP200LITE/TIP300 cgiServer.exx pathname traversal
165372Intelbras TIP200/TIP200LITE/TIP300 cgiServer.exx cross site scripting
165371djvalidator incorrect regex [CVE-2020-7779]
165370systeminformation os command injection [CVE-2020-7778]
165369petl XML Document xml injection [CVE-2020-29128]
165368FactoryTalk Linx Address Space Layout Randomization heap-based overflow
165367FactoryTalk Linx Check Routine denial of service [CVE-2020-27253]
165366Rockwell Automation FactoryTalk Linx Port Range heap-based overflow
165365spice-vdagentd Client Connection race condition [CVE-2020-25653]
165364spice-vdagentd Unix Domain Socket spice-vdagent-sock allocation of resources
165363spice-vdagent File Transfer race condition [CVE-2020-25651]
165362x11vnc shmget Call scan.c access control
165361osCommerce Newsletter cross site scripting [CVE-2020-29070]
165360Nanopb Message memory corruption [CVE-2020-26243]
165359GLPI caldav.php authorization
165358spice-vdagentd File Transfer spice-vdagent-sock allocation of resources
165357Atlassian Fisheye/Crucible MessageBundleResource denial of service
165356Atlassian Fisheye/Crucible EyeQL incorrect regex [CVE-2020-14190]
165355LiquidFiles cross site scripting [CVE-2020-29072]
165354LiquidFiles Attachment permission [CVE-2020-29071]
165353Go Ethereum Block denial of service [CVE-2020-26242]
165352Go Ethereum Consensus calculation [CVE-2020-26241]
165351Go Ethereum ethash Mining DAG Generation calculation [CVE-2020-26240]
165350CRIXP OpenCRX Password Change password recovery [CVE-2020-7378]
165349Vmware SD-WAN Orchestrator sql injection [CVE-2020-4003]
165348Vmware SD-WAN Orchestrator System Parameter permission assignment
165347Vmware SD-WAN Orchestrator hard-coded password [CVE-2020-4001]
165346Vmware SD-WAN Orchestrator pathname traversal [CVE-2020-4000]
165345Vmware SD-WAN Orchestrator API access control [CVE-2020-3985]
165344Vmware SD-WAN Orchestrator sql injection [CVE-2020-3984]
165343Modern Honey Network Geolocations _get_flag_ip_localdb denial of service
165342CDATA FD8000 inadequate encryption [CVE-2020-29063]
165341CDATA FD8000 improper authentication [CVE-2020-29062]
165340CDATA FD8000 hard-coded password [CVE-2020-29061]
165339CDATA FD8000 Debug Account hard-coded password [CVE-2020-29060]
165338CDATA FD8000 hard-coded password [CVE-2020-29059]
165337CDATA FD8000 missing encryption [CVE-2020-29058]
165336CDATA FD8000 Telnet Service denial of service [CVE-2020-29057]
165335CDATA FD8000 TFTP Config sandbox [CVE-2020-29056]
165334CDATA FD8000 Management Interface cleartext transmission [CVE-2020-29055]
165333CDATA FD8000 missing encryption [CVE-2020-29054]
165332Hrsale projects_calendar cross site scripting
165331Xen stack-based overflow [CVE-2020-29040]
165330MISP ACL GalaxyElementsController.php access control
165329Karenderia Multiple Restaurant System sql injection [CVE-2020-28994]
165328musl libc Buffer Size buffer overflow [CVE-2020-28928]
165327SeedDMS out.AddDocument.php redirect
165326cron-utils Template injection [CVE-2020-26238]
165325Highlight.js code injection [CVE-2020-26237]
165324Time Crate Environment Variable try_now_local null pointer dereference
165323Jupyter Server redirect [CVE-2020-26232]
165322Pacemaker ACL access control [CVE-2020-25654]
165321Wildfly Resource Adapter log file [CVE-2020-25640]
165320SimplePHPscripts News Script PHP Pro News Edit sql injection
165319SimplePHPscripts News Script PHP Pro cross site scripting [CVE-2020-25474]
165318SimplePHPscripts News Script PHP Pro Session Cookie cookie without 'httponly' flag
165317SimplePHPscripts News Script PHP Pro User cross-site request forgery
165316RTA 499ES EtherNet-IP Adaptor Source Code stack-based overflow
165315MicroStrategy PDF Generator server-side request forgery [CVE-2020-24815]
165314Apache Unomi Endpoint context.json injection
165313FASTGate FGA2130FWB Admin Web Panel cross-site request forgery
165312Heketi log file [CVE-2020-10763]
165311gluster-block CLI cmd_history.log log file
165310TOTOLINK A850R-V1/F1-V2 Management Interface backdoor [CVE-2015-9551]
165309TOTOLINK A850R-V1/F1-V2 Web Management Interface access control
165308MongoDB Message Decompressor denial of service [CVE-2019-20925]
165307Seiko Epson Product untrusted search path [CVE-2020-5674]
165306Netgear GS108Ev3 cross-site request forgery [CVE-2020-5641]
165305PollNY Extension Answer Option cross site scripting [CVE-2020-29003]
165304CologneBlue Skin qbfind Message CologneBlueTemplate.php cross site scripting
165303Gitea repo_form.go encoding error
165302Hashicorp Nomad/Nomad Enterprise Docker File Sandbox sandbox
165301Matrix Synap JSON denial of service [CVE-2020-26890]
165300Ortus TestBox Query String HTMLRunner.cfm command injection
165299Ortus TestBox Query String index.cfm pathname traversal
165298MongoDB Ops Manager API Key information disclosure [CVE-2020-7927]
165297VMware Workspace One Access command injection [CVE-2020-4006]
165296SPIP configurer_preferences.php unknown vulnerability [CVE-2020-28984]
165295Magicpin User Registration cross site scripting [CVE-2020-28927]
165294Mutt/NeoMutt IMAP Server Response cleartext transmission [CVE-2020-28896]
165293WinSCP FTP Server denial of service [CVE-2020-28864]
165292private-ip IP Range Filter server-side request forgery [CVE-2020-28360]
165291Scratch Regular Expression cross site scripting [CVE-2020-26239]
165290October CMS Twig Sandbox authorization [CVE-2020-26231]
165289TYPO3 RSS Widget xml external entity reference [CVE-2020-26229]
165288TYPO3 Session Identifier cleartext storage [CVE-2020-26228]
165287TYPO3 Fluid cross site scripting [CVE-2020-26227]
165286PostgreSQL psql Interactive Terminal privileges management [CVE-2020-25696]
165285rhacm Internal API hard-coded key [CVE-2020-25688]
165284Cephx improper authentication [CVE-2020-25660]
165283Playground Sessions UserProfiles.sol credentials storage
165282Linux Kernel 8250_core.c serial8250_isa_init_ports null pointer dereference
165281Linux Kernel Error Field block_dev.c use after free
165280October CMS Upload File evil.svg cross site scripting
165279October CMS New User authorization [CVE-2020-15248]
165278October CMS Twig Sandbox authorization [CVE-2020-15247]
165277October CMS authorization [CVE-2020-15246]
165276Jingyun Antivirus Driver ZySandbox.sys denial of service
165275Jingyun Antivirus Driver ZySandbox.sys denial of service
165274Jingyun Antivirus Driver ZySandbox.sys denial of service
165273Jingyun Antivirus Driver ZySandbox.sys denial of service
165272Jingyun Antivirus Driver hookbody.sys denial of service
165271MongoDB Query buffer overflow [CVE-2020-7928]
165270SalesForce Tableau Server SAML unknown vulnerability [CVE-2020-6939]
165269IBM Spectrum Protect Plus hard-coded credentials [CVE-2020-4854]
165268IBM Spectrum Protect Plus channel accessible [CVE-2020-4783]
165267IBM Spectrum Protect Operations Center WebSocket Event improper authentication
165266Intel BlueZ information disclosure [CVE-2020-12352]
165265Intel BlueZ input validation [CVE-2020-12351]
165264Intel PROSet/Wireless WiFi out-of-bounds write [CVE-2020-0569]
165263Tianocore EDK II denial of service [CVE-2019-14587]
165262Tianocore EDK II use after free [CVE-2019-14586]
165261Tianocore EDK II DxeImageVerificationHandler Local Privilege Escalation
165260Tianocore EDK II Integer Truncation integer overflow [CVE-2019-14563]
165259MongoDB recursion [CVE-2018-20803]
165258MongoDB Server Selection Subsystem exceptional condition [CVE-2020-7926]
165257MongoDB Role Name Parser denial of service [CVE-2020-7925]
165256jsen Schema File Function.apply Remote Privilege Escalation
165255CA Unified Infrastructure Management Robot Controller privileges management
165254Hashicorp Consul/Consul Enterprise ACL permission [CVE-2020-28053]
165253Security Onion sudo so-setup access control
165252OTRS improper authentication [CVE-2020-1778]
165251MongoDB use after free [CVE-2019-2393]
165250MongoDB Mod Operator integer overflow [CVE-2019-2392]
165249MongoDB IndexBoundsBuilder denial of service [CVE-2019-20924]
165248MongoDB Javascript routine [CVE-2019-20923]
165247Tianocore EDK II DxeImageVerificationHandler denial of service
165246Tianocore EDK II resource consumption [CVE-2019-14559]
165245Tianocore EDK II information disclosure [CVE-2019-14553]
165244MongoDB denial of service [CVE-2018-20805]
165243MongoDB applyOps Invocation denial of service [CVE-2018-20804]
165242MongoDB QueryPlanner denial of service [CVE-2018-20802]
165241Barco wePresent WiPG-1600W Firmware Update improper validation of integrity check value
165240Barco wePresent WiPG-1600W SSH hard-coded credentials [CVE-2020-28334]
165239Barco wePresent WiPG-1600W Web UI return.cgi access control
165238Barco wePresent WiPG-1600W authentication bypass [CVE-2020-28333]
165237Barco wePresent WiPG-1600W cleartext storage [CVE-2020-28330]
165236Barco wePresent Service Port 4001 hard-coded credentials [CVE-2020-28329]
165235Libsvm Model SVM svm.cpp svm_predict_values denial of service
165234Paradox IP150 stack-based overflow [CVE-2020-25189]
165233HCL Notes Email Message denial of service [CVE-2020-14258]
165232HCL Domino denial of service [CVE-2020-14234]
165231HCL Domino Email Message denial of service [CVE-2020-14230]
165230TP-LINK Archer C9 symlink [CVE-2020-5797]
165229Xpdf endType3Char use after free
165228Paradox IP150 buffer overflow [CVE-2020-25185]
165227Netis Korea D'live AP Time Setting command injection [CVE-2020-7842]
165226IBM Sterling B2B Integrator Standard Edition inadequate encryption
165225IBM DB2 Accessories Suite/DB2/DB2 Connect Server untrusted search path
165224VMware ESXi System Call privileges management [CVE-2020-4005]
165223VMware ESXi/Workstation/Fusion XHCI USB Controller use after free
165222Linux Kernel fbcon vt.c KD_FONT_OP_COPY out-of-bounds read
165221TP-LINK WDR7400 devDiscoverHandle Server copy_msg_element buffer overflow
165220Netskope Admin Portal csv injection [CVE-2020-28845]
165219ScratchVerifier improper authentication [CVE-2020-26236]
165218NetIQ Identity Manager injection [CVE-2020-25839]
165217PDFResurrect Header Validation pdf_get_version heap-based overflow
165216libvips im_vips2dz.c im_vips2dz uninitialized pointer
165215libsixel fromgif.c gif_out_code array index
165214ImageMagick xpm.c ReadXPMImage buffer overflow
165213Drupal File unrestricted upload [CVE-2020-13671]
165212Mitsubishi Electric MELSEC iQ-R resource consumption [CVE-2020-5668]
165211IBM Power9 L1 Cache information disclosure [CVE-2020-4788]
165210Schneider Electric EcoStruxure Building Operation WebReports Access Control access control
165209Schneider Electric EcoStruxure Building Operation WebReports XML External Entity xml external entity reference
165208Schneider Electric EcoStruxure Building Operation WebReports Web Page Generation cross site scripting
165207Schneider Electric EcoStruxure Building Operation WebReports Web Page Generation cross site scripting
165206Schneider Electric EcoStruxure Building Operation WebReports unrestricted upload
165205Schneider Electric Modicon M221 information disclosure [CVE-2020-7568]
165204Schneider Electric Modicon M221 missing encryption [CVE-2020-7567]
165203Schneider Electric Modicon M221 random values [CVE-2020-7566]
165202Schneider Electric Modicon M221 inadequate encryption [CVE-2020-7565]
165201Schneider Electric Easergy T300 access control [CVE-2020-7561]
165200Schneider Electric EcoStruxure Control Expert PLC Simulator buffer overflow
165199Schneider Electric IGSS Definition Configuration Group File Def.exe out-of-bounds write
165198Schneider Electric IGSS Definition Configuration Group File Def.exe out-of-bounds read
165197Schneider Electric IGSS Definition Configuration Group File Def.exe out-of-bounds write
165196Schneider Electric IGSS Definition Configuration Group File Def.exe out-of-bounds write
165195Schneider Electric IGSS Definition Configuration Group File Def.exe memory corruption
165194Schneider Electric IGSS Definition Configuration Group File Def.exe out-of-bounds write
165193Schneider Electric IGSS Definition Configuration Def.exe memory corruption
165192Schneider Electric IGSS Definition Configuration Def.exe memory corruption
165191Schneider Electric IGSS Definition Def.exe memory corruption
165190Schneider Electric EcoStruxure Operator Terminal Expert privileges management
165189Schneider Electric EcoStruxure Control Expert PLC Simulator unusual condition
165188BigBlueButton Control Character ApiController.groovy escape output
165187BigBlueButton Poll permission assignment [CVE-2020-28953]
165186Sokrates SOWA SowaSQL OPAC sowacgi.php cross site scripting
165185Schneider Electric EcoStruxure Control Expert PLC Simulator code download
165184Schneider Electric EcoStruxure Control Expert PLC Simulator excessive authentication
165183Schneider Electric EcoStruxure Control Expert PLC Simulator authorization
165182Schneider Electric EcoStruxure Building Operation WebStation Web Page Generation cross site scripting
165181Schneider Electric EcoStruxure Building Operation Enterprise Server Installer unquoted search path
165180Pritunl Electron Client access control [CVE-2020-25989]
165179OpenWrt libuci file.c uci_parse_package use after free
165178Archive_Tar Filename injection [CVE-2020-28949]
165177Archive_Tar PHAR deserialization [CVE-2020-28948]
165176Linux Kernel Speakup Driver spk_ttyio.c denial of service
165175Rclone entropy [CVE-2020-28924]
165174ZTE ZXHN Z500/ZXHN F670L Rule Configuration input validation
165173MISP Template Element cross site scripting [CVE-2020-28947]
165172PrimeKey EJBCA EJBCA Enrollment improper authorization [CVE-2020-28942]
165171Moodle Participants Table Download insertion of sensitive information into sent data
165170Moodle cross site scripting [CVE-2020-25702]
165169Moodle Upload Course Tool access control [CVE-2020-25701]
165168Moodle Database Module Web Service sql injection [CVE-2020-25700]
165167Moodle Capability Check access control [CVE-2020-25699]
165166Moodle User Enrollment access control [CVE-2020-25698]
165165YzmCMS Editor cross site scripting [CVE-2020-22394]
165164TwinCAT XAR TcSysUI.exe default permission
165163Endress+Hauser Ecograph T information disclosure [CVE-2020-12496]
165162Endress+Hauser Ecograph T Web-based User Interface Private privileges management
165161Johnson Controls American Dynamics Victor Web Client HTTP API improper authorization
165160IBM Jazz Reporting Service Web UI cross site scripting [CVE-2020-4718]
165159IBM DB2/DB2 Connect Server buffer overflow [CVE-2020-4701]
165158JamoDat TSMManager Collector authorization [CVE-2020-28054]
165157com.oppo.ovoicemanager permission [CVE-2020-11831]
165156com.oppo.qualityprotect unknown vulnerability [CVE-2020-11830]
165155com.coloros.codebook Backup/Restore SDK privileges management
165154Nextcloud Social Server Certificate certificate validation [CVE-2020-8279]
165153Nextcloud Social App access control [CVE-2020-8278]
165152Node.js DNS Request resource consumption [CVE-2020-8277]
165151F5 BIG-IP/BIG-IP Virtual Edition TCP Sequence Number random values
165150PulseAudio Bluez module-bluez5-device.c double free
165149InfluxDB JWT Token handler.go improper authentication
165148Cisco DNA Spaces Connector Web-based Management Interface os command injection
165147Cisco IoT Field Network Director REST API missing authentication
165146Cisco Expressway Software TURN Server access control [CVE-2020-3482]
165145Cisco Webex Meetings/WebEx Meetings Server Connection input validation
165144Cisco Integrated Management Controller API Subsystem memory corruption
165143Cisco Webex Meetings/WebEx Meetings Server Meeting Room Lobby information disclosure
165142Cisco Webex Meetings/WebEx Meetings Server Authentication Token dynamically-managed code resources
165141Trend Micro InterScan Web Security Virtual Appliance HTTP Message ModifyVLANItem os command injection
165140Trend Micro InterScan Web Security Virtual Appliance HTTP Message AddVLANItem os command injection
165139Trend Micro InterScan Web Security Virtual Appliance HTTP Message out-of-bounds write
165138Trend Micro InterScan Web Security Virtual Appliance HTTP Message out-of-bounds write
165137Trend Micro Worry-Free Business Security Management Console path traversal
165136Trend Micro Apex One Product Installer access control [CVE-2020-28572]
165135Trend Micro Security 2020 Installation symlink [CVE-2020-27697]
165134Trend Micro Security 2020 Installation untrusted search path
165133Trend Micro Security 2020 Installation untrusted search path
165132semantic-release URL escape output [CVE-2020-26226]
165131Jupyter Notebook Link redirect [CVE-2020-26215]
165130grocy Add Recipe Module cross site scripting [CVE-2020-25454]
165129Beijing Liangjing Zhicheng ljcmsshop user.php cross site scripting
165128SuiteCRM Accounts/Contacts/Opportunities/Leads csv injection
165127SuiteCRM Documents Module redirect [CVE-2020-15300]
165126SuiteCRM Documents Preview cross site scripting [CVE-2020-14208]
165125Western Digital iNAND authentication replay [CVE-2020-13799]
165124GitLab Enterprise Edition Schedule denial of service [CVE-2020-13360]
165123GitLab Community Edition/Enterprise Edition Project Maintainer state issue
165122GitLab Community Edition/Enterprise Edition Multipart Protection information disclosure
165121GitLab Community Edition/Enterprise Edition LFS Upload EE path traversal
165120Symantec Endpoint Detection & Response information disclosure
165119Libapreq2 Multipart Parser denial of service [CVE-2019-12412]
165118Valve Game Networking Sockets Negative Offset SNP_ReceiveUnreliableSegment memory corruption
165117IBM MQ Appliance Segmented Message denial of service [CVE-2020-4592]
165116Cisco IoT Field Network Director API missing authentication [CVE-2020-3392]
165115Cisco Secure Web Appliance Log Subscription Subsystem os command injection
165114Werkzeug URL redirect [CVE-2020-28724]
165113Google Go argument injection [CVE-2020-28367]
165112Google Go code injection [CVE-2020-28366]
165111Google Go certificate validation [CVE-2020-28362]
165110cxuucms search.php sql injection
165109TP-LINK TL-WPA4220 POST Request syslog denial of service
165108Cisco Webex Meeting API cross site scriting [CVE-2020-27126]
165107Trusted Computing Group Trusted Platform Module Library Family initialization
165106RSA Archer URL cross site scripting [CVE-2020-26884]
165105Planet Technology Corp NVR-915/NVR-1615 Telnet Server hard-coded credentials
165104Cisco IoT Field Network Director Web UI cross site scripting
165103Cisco IoT Field Network Director JSON access control [CVE-2020-26080]
165102Cisco IoT Field Network Director credentials storage [CVE-2020-26079]
165101Cisco IoT Field Network Director API file inclusion [CVE-2020-26078]
165100Cisco IoT Field Network Director access control [CVE-2020-26077]
165099Cisco IoT Field Network Director access control [CVE-2020-26076]
165098Cisco IoT Field Network Director REST API sql injection [CVE-2020-26075]
165097Cisco IoT Field Network Director SOAP API access control [CVE-2020-26072]
165096Cisco TelePresence Collaboration Endpoint/RoomOS xAPI service authorization
165095lemocms Uploads.php unrestricted upload
165094TP-LINK TL-WPA4220 httpd powerline os command injection
165093Schneider Electric Modicon M340 Web Server buffer overflow [CVE-2020-7564]
165092Schneider Electric Modicon M340 Web Server out-of-bounds write
165091Schneider Electric Modicon M340 Web Server out-of-bounds read
165090Kamailio Whitespace remove_hf protection mechanism
165089PHPGurukul User Registration & Login/User Management System Admin Panel cross site scripting
165088view_statistics Extension missing encryption [CVE-2020-28917]
165087Linux Kernel fbcon buffer overflow [CVE-2020-28915]
165086Kata Containers permission [CVE-2020-28914]
165085SourceCodester Water Billing System process.php sql injection
165084SourceCodester Online Clothing Store Image Upload Products.php unrestricted upload
165083SourceCodester Online Clothing Store offer.php cross site scripting
165082SourceCodester Online Clothing Store login.php sql injection
165081SourceCodester Tourism Management System create-package.php unrestricted upload
165080SourceCodester Simple Grocery Store Sales and Inventory System login.php sql injection
165079SourceCodester Library Management System Image Upload unrestricted upload
165078SourceCodester Gym Management System cross site scripting [CVE-2020-28129]
165077PESCMS Team Parameter cross site scripting [CVE-2020-28092]
165076Kaa IoT Platform Dashboard cross site scripting [CVE-2020-26701]
165075Aviatrix Controller API unrestricted upload [CVE-2020-26553]
165074Aviatrix Controller API Endpoint improper authentication [CVE-2020-26552]
165073Aviatrix Controller credentials storage [CVE-2020-26551]
165072Aviatrix Controller Encrypted File insufficiently protected credentials
165071Aviatrix Controller .htaccess protection mechanism [CVE-2020-26549]
165070Aviatrix Controller sudo access control [CVE-2020-26548]
165069GitLab Community Edition/Enterprise Edition Package Upload path traversal
165068TYPO3 Fluid cross site scripting [CVE-2020-26216]
165067Genexis Platinum 4410 UPNP/Freeciv Service X_GetAccess information disclosure
165066Kyocera ECOSYS M2640IDW Machine Address Book cross site scripting
165065Taskcafe Project Management Tool Access Token information disclosure
165064GitLab Community Edition/Enterprise Edition Scheduled Pipeline API permission
165063GitLab Community Edition/Enterprise Edition Administration Page cross-site request forgery
165062GitLab Enterprise Edition Advanced Search incorrect regex [CVE-2020-13349]
165061GitLab Enterprise Edition Branch access control [CVE-2020-13348]
165060BASETech GE-131 BT-1837836 Video Stream information disclosure
165059BASETech GE-131 BT-1837836 Video Stream information disclosure
165058BASETech GE-131 BT-1837836 Remote Code Execution [CVE-2020-27556]
165057BASETech GE-131 BT-1837836 Telnet Server hard-coded credentials
165056BASETech GE-131 BT-1837836 missing encryption [CVE-2020-27554]
165055BASETech GE-131 BT-1837836 pathname traversal [CVE-2020-27553]
165054LimeSurvey cross site scripting [CVE-2020-25798]
165053fastadmin-tp6 Ajax.php sql injection
165052Tobesoft XPlatform hta File input validation
165051y18n code injection [CVE-2020-7774]
165050Artworks Gallery in PHP, CSS, JavaScript, and MySQL Artwork unrestricted upload
165049Artworks Gallery in PHP, CSS, JavaScript, and MySQL unrestricted upload
165048Progress MOVEit Transfer cross site scripting [CVE-2020-28647]
165047ResourceXpress Qubi3 Debug Interface information disclosure [CVE-2020-25746]
165046BinaryNights ForkLift injection [CVE-2020-27192]
165045Cisco Security Manager Serialized Java Object deserialization
165044Cisco Security Manager pathname traversal [CVE-2020-27130]
165043Cisco Security Manager input validation [CVE-2020-27125]
165042GitLab Enterprise Edition Private Project information disclosure
165041Micro Focus Arcsight Logger cross site scripting [CVE-2020-25834]
165040Micro Focus IDOL cross site scripting [CVE-2020-25833]
165039Micro Focus Filr Scripting cross site scripting [CVE-2020-25832]
165038Linux Kernel ICMP Packet random values [CVE-2020-25705]
165037BinaryNights ForkLift Helper Tool access control [CVE-2020-15349]
165036KeyCloak unnecessary privileges [CVE-2020-14389]
165035GitLab Community Edition/Enterprise Edition Kubernetes Agent API access control
165034GitLab Community Edition/Enterprise Edition Container Registry resource consumption
165033Gitaly Import information disclosure [CVE-2020-13353]
165032GitLab Community Edition/Enterprise Edition Project EE information disclosure
165031Micro Focus Arcsight Logger cross site scripting [CVE-2020-11860]
165030Micro Focus Arcsight Logger code injection [CVE-2020-11851]
165029Keycloak cross site scripting [CVE-2020-10776]
165028HorizontCMS Theme unrestricted upload
165027GARMIN Forerunner 235 ConnectIQ TVM buffer overflow [CVE-2020-27486]
165026GARMIN Forerunner 235 ConnectIQ TVM use after free [CVE-2020-27485]
165025GARMIN Forerunner 235 ConnectIQ TVM write integer overflow
165024GARMIN Forerunner 235 ConnectIQ TVM array index [CVE-2020-27483]
165023Airleader Master Tomcat Manager hard-coded credentials [CVE-2020-26510]
165022Airleader Master/Easy hard-coded credentials [CVE-2020-26509]
165021Canon Oce ColorWave 3500 WebTools information disclosure [CVE-2020-26508]
165020PrestaShop Product Comments Link cross site scripting [CVE-2020-26225]
165019PrestaShop Shopping Cart access control [CVE-2020-26224]
165018Xstream Security Framework os command injection [CVE-2020-26217]
165017IBM Sterling File Gateway Authorization Token missing secure attribute
165016IBM Sterling B2B Integrator Standard Edition Web UI cross site scripting
165015IBM Sterling B2B Integrator Standard Edition Privileges access control
165014IBM Sterling B2B Integrator Standard Edition Dashboard UI information disclosure
165013IBM Business Automation Workflow Web UI cross site scripting
165012IBM Sterling B2B Integrator Standard Edition log file [CVE-2020-4671]
165011IBM Sterling File Gateway Authorization Token missing secure attribute
165010IBM Sterling B2B Integrator Standard Edition sql injection [CVE-2020-4655]
165009IBM Sterling File Gateway sql injection [CVE-2020-4647]
165008IBM Sterling B2B Integrator Standard Edition log file [CVE-2020-4566]
165007IBM Sterling File Gateway information exposure [CVE-2020-4476]
165006IBM Sterling B2B Integrator Standard Edition information exposure
165005CloudAvid PParam setAddress memory leak
165004Gila CMS unrestricted upload [CVE-2020-28692]
165003Nagios XI Account Information cross site scripting [CVE-2020-27991]
165002Nagios XI Deployment Tool cross site scripting [CVE-2020-27990]
165001Nagios XI Dashboard Tools cross site scripting [CVE-2020-27989]
165000Nagios XI Manage Users Page cross site scripting [CVE-2020-27988]
164999AVideo information disclosure [CVE-2020-23490]
164998Avideo import.json.php access control
164997JetBrains TeamCity Dependency unknown vulnerability [CVE-2020-27629]
164996JetBrains TeamCity Audit Record unknown vulnerability [CVE-2020-27628]
164995JetBrains TeamCity URL injection [CVE-2020-27627]
164994JetBrains YouTrack server-side request forgery [CVE-2020-27626]
164993JetBrains YouTrack Notification information disclosure [CVE-2020-27625]
164992JetBrains YouTrack server-side request forgery [CVE-2020-27624]
164991JetBrains IdeaVim information disclosure [CVE-2020-27623]
164990JetBrains IntelliJ IDEA Web Server information disclosure [CVE-2020-27622]
164989Chronoforeum Post cross site scripting [CVE-2020-27459]
164988Anuko Time Tracker Password Reset denial of service [CVE-2020-27423]
164987Anuko Time Tracker password recovery [CVE-2020-27422]
164986LionWiki index.php file inclusion
164985JetBrains Ktor request smuggling [CVE-2020-26129]
164984PHPGurukul User Registration & Login/User Management System sql injection
164983JetBrains YouTrack Workflow Rule behavioral workflow [CVE-2020-25210]
164982JetBrains YouTrack REST API access control [CVE-2020-25209]
164981JetBrains ToolBox Browser Protocol Remote Privilege Escalation
164980JetBrains ToolBox Browser Protocol denial of service [CVE-2020-25013]
164979JetBrains YouTrack Backup information disclosure [CVE-2020-24366]
164978Ivanti Endpoint Manager frm_splitfrm.aspx cross site scripting
164977Ivanti Endpoint Manager ldprov.cgi information disclosure
164976Ivanti Endpoint Manager alert_log.aspx sql injection
164975Amazon AWS Encryption SDK AES-GCM cryptographic issues [CVE-2020-8897]
164974markdown-it-highlightjs cross site scripting [CVE-2020-7773]
164973Firebase util DeepCopy.ts deepExtend code injection
164972Citrix SD-WAN Center os command injection [CVE-2020-8273]
164971Citrix SD-WAN Center improper authentication [CVE-2020-8272]
164970Citrix SD-WAN Center path traversal [CVE-2020-8271]
164969Citrix Virtual Apps/XenDesktop os command injection [CVE-2020-8270]
164968Citrix Virtual Apps/XenDesktop access control [CVE-2020-8269]
164967Nextcloud Server insufficiently protected credentials [CVE-2020-8259]
164966Nextcloud Server insufficiently protected credentials [CVE-2020-8152]
164965Mitsubishi Electric MELSEC iQ-R resource consumption [CVE-2020-5666]
164964XooNIps deserialization [CVE-2020-5664]
164963XooNIps cross site scripting [CVE-2020-5663]
164962XooNIps cross site scripting [CVE-2020-5662]
164961XooNIps sql injection [CVE-2020-5659]
164960Volkswagen Polo Discover Media Infotainment System insufficient verification of data authenticity
164959WPBakery XSS Protection Mechanism kses_remove_filters protection mechanism
164958orbisius-child-theme-creator orbisius_ctc_theme_editor_manage_file cross-site request forgery
164957Nagios XI Auto-Discovery input validation [CVE-2020-28648]
164956InfiniteWP Admin Panel Password resetPasswordSendMail password recovery
164955controlled-merge Prototype code injection [CVE-2020-28268]
164954PostgreSQL permission [CVE-2020-25695]
164953PostgreSQL Client Application downgrade [CVE-2020-25694]
164952QNAP QTS os command injection [CVE-2020-2492]
164951QNAP QTS command injection [CVE-2020-2490]
164950Daimler Mercedes HERMES Debug Interface information disclosure
164949Daimler Mercedes HERMES improper authentication [CVE-2019-19562]
164948Daimler Mercedes HERMES Debug Interface information disclosure
164947Daimler Mercedes HERMES Debug Interface improper authentication
164946Daimler Mercedes HERMES Debug Interface information disclosure
164945Daimler Mercedes HERMES Debug Interface improper authentication
164944Reddoxx MailDepot cross site scripting [CVE-2020-26554]
164943doc-path denial of service [CVE-2020-7772]
164942One Identity Password Manager insertion of sensitive information into sent data
164941Opera Touch Address Bar clickjacking [CVE-2020-6157]
164940Nagios XI permission [CVE-2020-5796]
164939Tomb ask_password information disclosure
164938Eclipse Hono AMQP Protocol Adapter resource consumption [CVE-2020-27217]
164937Radar COVID Notification information disclosure [CVE-2020-26230]
164936Spree APIv2 authorization [CVE-2020-26223]
164935PassMark BurnInTest/OSForensics/PerformanceTest IOCTL DirectIo32.sys memory corruption
164934rConfig userprocess.php improper authentication [CVE-2020-13638]
164933Intel Open WebRTC Toolkit control flow [CVE-2020-12338]
164932Intel PROSet/Wireless WiFi control flow [CVE-2020-12313]
164931Intel CPU PMC access control [CVE-2020-0599]
164930Huawei Mate 30 buffer overflow [CVE-2020-9129]
164929Huawei Secospace USG9500 injection.Affected command injection
164928NetApp Element Software inadequate encryption [CVE-2020-8583]
164927NetApp Element Software information disclosure [CVE-2020-8582]
164926Pixar OpenUSD USD File heap-based overflow [CVE-2020-6156]
164925Pixar OpenUSD USD File heap-based overflow [CVE-2020-6155]
164924Pixar OpenUSD Decompression heap-based overflow [CVE-2020-6150]
164923Pixar OpenUSD USD File heap-based overflow [CVE-2020-6149]
164922Pixar OpenUSD Decompression heap-based overflow [CVE-2020-6148]
164921Pixar OpenUSD Decompression heap-based overflow [CVE-2020-6147]
164920Valve Game Networking Sockets Statistics Message Received_Data denial of service
164919IBM InfoSphere Information Server History information disclosure
164918SAP Fiori Launchpad News Tile Application cross site scripting
164917Dependabot $({curl injection
164916CMSuno injection [CVE-2020-25557]
164915CMSuno central.php injection
164914BD Alaris 8015 PC Unit/Alaris Systems Manager improper authentication
164913Nexcom NIO 50 cleartext transmission [CVE-2020-25155]
164912Nexcom NIO 50 input validation [CVE-2020-25151]
164911fastadmin-tp6 Ajax.php sql injection
164910Huawei Secospace USG6600 Protocol denial of service [CVE-2020-1847]
164909Avaya WebLM Admin Interface xml external entity reference [CVE-2020-7032]
164908Apache OpenOffice Document cross site scripting [CVE-2020-13958]
164907Intel Data Center Manager Console information disclosure [CVE-2020-8669]
164906Avaya Equinox Conferencing Unified Portal Client cross site scripting
164905TranzWare Payment Gateway Scripting cross site scripting [CVE-2020-28415]
164904TranzWare Payment Gateway cross site scripting [CVE-2020-28414]
164903FlexDotnetCMS HTTP GET Request unrestricted upload [CVE-2020-27386]
164902FlexDotnetCMS pathname traversal [CVE-2020-27385]
164901Color Dialog Plugin cross site scripting [CVE-2020-27193]
164900Sentrifugo POST Request 2 sql injection
164899Sentrifugo Announcement unrestricted upload [CVE-2020-26804]
164898Sentrifugo unrestricted upload [CVE-2020-26803]
164897Couchbase Erlang Communication os command injection [CVE-2020-24719]
164896Intel NUC Firmware Update Tool permission [CVE-2020-24525]
164895Intel DSA permission [CVE-2020-24460]
164894Intel Board ID Tool permission [CVE-2020-24456]
164893Intel Quartus Prime Standard Edition XML Subsystem xml external entity reference
164892Untangle Firewall NG unknown vulnerability [CVE-2020-17494]
164891ARM v8-M TrustZone initialization [CVE-2020-16273]
164890Siemens SIMATIC S7-300 CPU/SINUMERIK 840D sl Service Port 102 resource consumption
164889ResourceXpress Meeting Monitor sql injection [CVE-2020-13877]
164888Ivanti Endpoint Manager File Extension EditLaunchPadDialog.aspx unrestricted upload
164887AMD VBIOS Flash Tool SDK Driver routine [CVE-2020-12927]
164886AMD Trusted Platform Module toctou [CVE-2020-12926]
164885AMD Extension to Linux hwmon Service Linux-based Running Average Power Limit Interface routine
164884Intel Data Center Manager Console denial of service [CVE-2020-12353]
164883Intel XTU access control [CVE-2020-12350]
164882Intel Data Center Manager Console information disclosure [CVE-2020-12349]
164881Intel Data Center Manager Console input validation [CVE-2020-12347]
164880Intel Battery Life Diagnostic Tool Installer permission [CVE-2020-12346]
164879Intel Data Center Manager Console Installer permission [CVE-2020-12345]
164878Intel NUC Firmware buffer overflow [CVE-2020-12337]
164877Intel NUC Firmware initialization [CVE-2020-12336]
164876Intel Processor Identification Utility Installer permission [CVE-2020-12335]
164875Intel Advisor Tools Installer permission [CVE-2020-12334]
164874Intel QAT insufficiently protected credentials [CVE-2020-12333]
164873Intel HID Event Filter Driver Installer permission [CVE-2020-12332]
164872Intel Unite Cloud Service Client access control [CVE-2020-12331]
164871Intel Falcon 8+ UAS AscTec Thermal Viewer permission [CVE-2020-12330]
164870Intel VTune Profiler uncontrolled search path [CVE-2020-12329]
164869Intel Thunderbolt DCH Driver protection mechanism [CVE-2020-12328]
164868Intel Thunderbolt DCH Driver information disclosure [CVE-2020-12327]
164867Intel Thunderbolt DCH Driver information disclosure [CVE-2020-12326]
164866Intel Thunderbolt DCH Driver buffer overflow [CVE-2020-12325]
164865Intel Thunderbolt DCH Driver protection mechanism [CVE-2020-12324]
164864Intel ADAS IE input validation [CVE-2020-12323]
164863Microsoft SCS Add-on uncontrolled search path [CVE-2020-12320]
164862Intel EMA Credentials information disclosure [CVE-2020-12316]
164861Intel EMA path traversal [CVE-2020-12315]
164860Intel CSI2 Host Controller Driver information disclosure [CVE-2020-0573]
164859Intel S2600ST/S2600WF Firmware input validation [CVE-2020-0572]
164858Intel 50GbE IP Core Exception denial of service [CVE-2020-8767]
164857Intel SGX DCAP denial of service [CVE-2020-8766]
164856Intel CPU BIOS access control [CVE-2020-8764]
164855Intel CSME algorithmic complexity [CVE-2020-8761]
164854Intel AMT Subsystem integer overflow [CVE-2020-8760]
164853Intel AMT Subsystem out-of-bounds read [CVE-2020-8757]
164852Intel CSME Subsystem input validation [CVE-2020-8756]
164851Intel CSME/SPS Subsystem race condition [CVE-2020-8755]
164850Intel AMT/ISM Subsystem information disclosure [CVE-2020-8754]
164849Intel AMT/ISM DHCP Subsystem out-of-bounds read [CVE-2020-8753]
164848Intel AMT/ISM IPv6 subsystem out-of-bounds write [CVE-2020-8752]
164847Intel CSME/TXE Control Flow Management information disclosure
164846Intel TXE Kernel Mode Driver use after free [CVE-2020-8750]
164845Intel AMT Subsystem out-of-bounds read [CVE-2020-8749]
164844Intel AMT Subsystem out-of-bounds read [CVE-2020-8747]
164843Intel AMT Subsystem integer overflow [CVE-2020-8746]
164842Intel CSME/TXE Control Flow Management control flow [CVE-2020-8745]
164841Intel CSME/TXE/SPS Initialization access control [CVE-2020-8744]
164840Intel CPU BIOS Platform Sample Code out-of-bounds write [CVE-2020-8740]
164839Intel CPU BIOS Platform Sample Code access control [CVE-2020-8739]
164838Intel CPU BIOS Platform Sample Code access control [CVE-2020-8738]
164837Intel Stratix 10 FPGA memory corruption [CVE-2020-8737]
164836Intel CSME/TXE/SPS/SoC Boot Guard insecure default initialization of resource
164835Intel CPU Isolation information disclosure [CVE-2020-8698]
164834Intel CPU information disclosure [CVE-2020-8696]
164833Intel CPU RAPL Interface information disclosure [CVE-2020-8695]
164832Linux CPU Linux kernel Driver information disclosure [CVE-2020-8694]
164831Intel Ethernet 700 Series Controller Firmware memory corruption
164830Intel Ethernet 700 Series Controller or denial of service
164829Intel Ethernet 700 Series Controller control flow [CVE-2020-8691]
164828Intel Ethernet 700 Series Controller or protection mechanism
164827Intel Visual Compute Accelerator denial of service [CVE-2020-8677]
164826Intel Visual Compute Accelerator access control [CVE-2020-8676]
164825SugarCRM Installation authorization [CVE-2020-7472]
164824deephas Prototype code injection [CVE-2020-28271]
164823object-hierarchy-access code injection [CVE-2020-28270]
164822field Prototype code injection [CVE-2020-28269]
164821lettre library Sendmail injection
164820BAB eibPort lighttpd resource consumption [CVE-2020-24573]
164819Ivanti Endpoint Manager DLL ldiscn32.exe uncontrolled search path
164818Ivanti Endpoint Manager Named Pipe access control [CVE-2020-13770]
164817Intel AMT information disclosure [CVE-2020-12356]
164816Intel TXE RPMB Protocol Message Subsystem improper authentication
164815Intel AMT SDK Installer permission [CVE-2020-12354]
164814Intel Wireless Bluetooth denial of service [CVE-2020-12322]
164813Intel Wireless Bluetooth buffer overflow [CVE-2020-12321]
164812Intel PROSet/Wireless WiFi Control Flow Management denial of service
164811Intel PROSet/Wireless WiFi protection mechanism [CVE-2020-12318]
164810Intel PROSet/Wireless Software memory corruption [CVE-2020-12317]
164809Intel PROSet/Wireless WiFi denial of service [CVE-2020-12314]
164808Intel Stratix 10 FPGA buffer overflow [CVE-2020-12312]
164807Intel Client SSD/Data Center SSD Control Flow Management information disclosure
164806Intel Client SSD/Data Center SSD Control Flow Management information disclosure
164805Intel Client SSD/Data Center SSD information disclosure [CVE-2020-12309]
164804Intel Computing Improvement Program Access Control information disclosure
164803Intel High Definition Audio Driver permission [CVE-2020-12307]
164802Intel RealSense D400 Series Dynamic Calibration Tool permission
164801Intel DAL SDK Access Control access control [CVE-2020-12304]
164800Intel CSME/TXE DAL Subsystem use after free [CVE-2020-12303]
164799Intel CSME Driver/TXE access control [CVE-2020-12297]
164798Intel CPU BIOS buffer overflow [CVE-2020-0593]
164797Intel CPU BIOS out-of-bounds write [CVE-2020-0592]
164796Intel CPU BIOS buffer overflow [CVE-2020-0591]
164795Intel CPU BIOS input validation [CVE-2020-0590]
164794Intel CPU BIOS access control [CVE-2020-0588]
164793Intel CPU BIOS access control [CVE-2020-0587]
164792Intel DC P4800X/DC P4801X/Optane 900P/Optane 905P denial of service
164791Intel Unite Client information disclosure [CVE-2020-0575]
164790Apache Batik GET Request server-side request forgery [CVE-2019-17566]
164789Intel Media SDK permission [CVE-2019-11121]
164788Google Chrome Site Isolation use after free [CVE-2020-16017]
164787Google Chrome v8 Remote Code Execution [CVE-2020-16013]
164786Huawei FusionCompute Encryption Algorithm information disclosure
164785Good Layers LMS Plugin POST Parameter wp_ajax_nopriv sql injection
164784Cacti Template Import templates_import.php cross site scripting
164783Python-RSA information disclosure [CVE-2020-25658]
164782Apache CXF services cross site scripting
164781json8 Prototype code injection [CVE-2020-7770]
164780nodemailer Email Address command injection [CVE-2020-7769]
164779McAfee Endpoint Security Firewall ePO Extension cross site scripting
164778McAfee Endpoint Security Firewall ePO Extension cross-site request forgery
164777McAfee Endpoint Security unquoted search path [CVE-2020-7331]
164776Qualcomm Snapdragon Auto SIP sigcomp Message memory corruption
164775Qualcomm Snapdragon Compute/Snapdragon Mobile memory corruption
164774Qualcomm Snapdragon DSP Process improper authorization [CVE-2020-11209]
164773Qualcomm Snapdragon DSP Services memory corruption [CVE-2020-11208]
164772Qualcomm Snapdragon Auto LibFastCV buffer overflow [CVE-2020-11207]
164771Qualcomm Snapdragon Auto Fastrpc buffer overflow [CVE-2020-11206]
164770Qualcomm Snapdragon Auto integer overflow [CVE-2020-11205]
164769Qualcomm Snapdragon Auto Library buffer overflow [CVE-2020-11202]
164768Qualcomm Snapdragon Auto Library memory corruption [CVE-2020-11201]
164767Qualcomm Snapdragon Auto ASF Clip integer overflow [CVE-2020-11196]
164766Qualcomm Snapdragon Auto MKV Clip buffer overflow [CVE-2020-11193]
164765Qualcomm Snapdragon Auto MP4 Clip buffer overflow [CVE-2020-11184]
164764Qualcomm Snapdragon Auto Bluetooth Transport Driver use after free
164763Qualcomm Snapdragon Auto Data Buffer buffer overflow [CVE-2020-11168]
164762Qualcomm Snapdragon Auto GUID Attribute buffer overflow [CVE-2020-11132]
164761Qualcomm Snapdragon Auto WMA Message integer overflow [CVE-2020-11131]
164760Qualcomm Snapdragon Auto WiFi HAL buffer overflow [CVE-2020-11130]
164759Qualcomm Snapdragon Auto Extensible Boot Loader integer overflow
164758Qualcomm Snapdragon Auto Gatekeeper Trustzone information disclosure
164757Qualcomm Snapdragon Auto WiFi HAL buffer overflow [CVE-2020-11121]
164756Cisco IOS XR Ingress Packet Processor denial of service [CVE-2020-26070]
164755NVIDIA GeForce NOW OpenSSL Dependency uncontrolled search path cross site scripting [CVE-2020-26221] EXIF Data information disclosure [CVE-2020-26220] redirect [CVE-2020-26219] cross site scripting [CVE-2020-26218]
164750Palo Alto PAN-OS GlobalProtect Gateway improper authorization
164749Palo Alto PAN-OS Log File log file [CVE-2020-2048]
164748Palo Alto PAN-OS Panorama Software information disclosure [CVE-2020-2022]
164747Palo Alto PAN-OS Management Web Interface os command injection
164746Palo Alto PAN-OS Signature-Based Threat Detection Engine unusual condition
164745Lenovo Notebook VariableServiceSmm Driver toctou [CVE-2020-8354]
164744Lenovo Desktop/Workstation EHBC config [CVE-2020-8353]
164743Lenovo Desktop Configuration Change Detection BIOS Setting security check for standard
164742Vmware Pivotal Scheduler missing encryption [CVE-2020-5426]
164741Audi A7 MMI Multiplayer format string [CVE-2020-27524]
164740Solstice-Pod WebRTC Server denial of service [CVE-2020-27523]
164739MoinMoin SVG File hard-coded credentials [CVE-2020-15275]
164738IBM Cognos Controller privileges management [CVE-2020-4685]
164737grpc/grpc-js Prototype loadPackageDefinition code injection
164736express-validators URL incorrect regex [CVE-2020-7767]
164735Adobe Reader Mobile information disclosure [CVE-2020-24441]
164734Adobe Connect cross site scripting [CVE-2020-24443]
164733Adobe Connect cross site scripting [CVE-2020-24442]
164732McAfee MVision Endpoint DNS Request server-side request forgery
164731McAfee MVision Endpoint HTTP Request server-side request forgery
164730AccountsService .pam_environment infinite loop
164729AccountsService D-Bus Message privileges management [CVE-2020-16126]
164728Microsoft Edge memory corruption [CVE-2020-17052]
164727Microsoft Edge memory corruption [CVE-2020-17058]
164726Microsoft Windows WalletService privileges management [CVE-2020-17037]
164725Microsoft Windows WalletService information disclosure [CVE-2020-16999]
164724Microsoft Windows Update Orchestrator Service privileges management
164723Microsoft Windows Update Stack privileges management [CVE-2020-17077]
164722Microsoft Windows Update Medic Service privileges management
164721Microsoft Windows USO Core Worker privileges management [CVE-2020-17075]
164720Microsoft Windows Delivery Optimization information disclosure
164719Microsoft Windows Update Orchestrator Service privileges management
164718Microsoft Windows Update Orchestrator Service privileges management
164717Microsoft Windows NDIS information disclosure [CVE-2020-17069]
164716Microsoft Windows Kernel privileges management [CVE-2020-17087]
164715Microsoft Windows Kernel privileges management [CVE-2020-17035]
164714Microsoft Windows Defender for Endpoint Security information disclosure
164713Microsoft Visual Studio unknown vulnerability [CVE-2020-17100]
164712Microsoft Visual Studio Code JSHint Extension input validation
164711Microsoft HEVC Video Extensions Remote Code Execution [CVE-2020-17109]
164710Microsoft HEVC Video Extensions Remote Code Execution [CVE-2020-17108]
164709Microsoft Windows Camera Codec information disclosure [CVE-2020-17113]
164708Microsoft HEVC Video Extensions Remote Code Execution [CVE-2020-17110]
164707Microsoft HEVC Video Extensions Remote Code Execution [CVE-2020-17107]
164706Microsoft Raw Image Extension Remote Code Execution [CVE-2020-17078]
164705Microsoft Raw Image Extension Local Privilege Escalation [CVE-2020-17079]
164704Microsoft Raw Image Extension information disclosure [CVE-2020-17081]
164703Microsoft Raw Image Extension Remote Code Execution [CVE-2020-17086]
164702Microsoft Raw Image Extension Remote Code Execution [CVE-2020-17082]
164701Microsoft WebP Image Extension information disclosure [CVE-2020-17102]
164700Microsoft AV1 Video Extension Remote Code Execution [CVE-2020-17105]
164699Microsoft HEIF Image Extension Remote Code Execution [CVE-2020-17101]
164698Microsoft HEVC Video Extensions Remote Code Execution [CVE-2020-17106]
164697Microsoft Windows Bind Filter Driver privileges management [CVE-2020-17012]
164696Microsoft Windows Port Class Library privileges management [CVE-2020-17011]
164695Microsoft Windows Win32k information disclosure [CVE-2020-17013]
164694Microsoft Windows Client Side Rendering Print Provider privileges management
164693Microsoft Windows privileges management [CVE-2020-17025]
164692Microsoft Windows Print Spooler privileges management [CVE-2020-17014]
164691Microsoft Windows Error Reporting privileges management [CVE-2020-17007]
164690Microsoft Windows Win32 privileges management [CVE-2020-17010]
164689Microsoft Windows privileges management [CVE-2020-17055]
164688Microsoft Windows Network File System information disclosure
164687Microsoft Windows Win32k privileges management [CVE-2020-17057]
164686Microsoft Windows Print Spooler privileges management [CVE-2020-17001]
164685Microsoft Windows Remote Desktop Protocol Server information disclosure
164684Microsoft Windows unknown vulnerability [CVE-2020-1599]
164683Microsoft Windows Remote Desktop Protocol Client information disclosure
164682Microsoft Windows Function Discovery SSDP Provider information disclosure
164681Microsoft Windows Network File System denial of service [CVE-2020-17047]
164680Microsoft Windows Hyper-V improper authentication [CVE-2020-17040]
164679Microsoft Windows Network File System Remote Code Execution [CVE-2020-17051]
164678Microsoft Windows Kerberos privileges management [CVE-2020-17049]
164677Microsoft Windows privileges management [CVE-2020-17034]
164676Microsoft Windows Print Configuration privileges management [CVE-2020-17041]
164675Microsoft Windows Print Spooler Remote Code Execution [CVE-2020-17042]
164674Microsoft Windows privileges management [CVE-2020-17043]
164673Microsoft Windows Error Reporting denial of service [CVE-2020-17046]
164672Microsoft Windows KernelStream information disclosure [CVE-2020-17045]
164671Microsoft Windows privileges management [CVE-2020-17044]
164670Microsoft Windows privileges management [CVE-2020-17028]
164669Microsoft Windows MSCTF Server information disclosure [CVE-2020-17030]
164668Microsoft Windows privileges management [CVE-2020-17027]
164667Microsoft Windows privileges management [CVE-2020-17031]
164666Microsoft Windows privileges management [CVE-2020-17026]
164665Microsoft Windows privileges management [CVE-2020-17033]
164664Microsoft Windows privileges management [CVE-2020-17032]
164663Microsoft Teams Local Privilege Escalation [CVE-2020-17091]
164662Microsoft Edge/ChakraCore memory corruption [CVE-2020-17054]
164661Microsoft Internet Explorer memory corruption [CVE-2020-17052]
164660Microsoft Internet Explorer memory corruption [CVE-2020-17053]
164659Microsoft Edge/ChakraCore memory corruption [CVE-2020-17048]
164658Microsoft SharePoint Server input validation [CVE-2020-17060]
164657Microsoft SharePoint Server Remote Privilege Escalation [CVE-2020-17061]
164656Microsoft SharePoint Server information disclosure [CVE-2020-17017]
164655Microsoft SharePoint Server input validation [CVE-2020-17015]
164654Microsoft SharePoint Server information disclosure [CVE-2020-16979]
164653Microsoft SharePoint Server input validation [CVE-2020-17016]
164652Microsoft Office improper authentication [CVE-2020-17020]
164651Microsoft Office/365 Apps for Enterprise input validation [CVE-2020-17063]
164650Microsoft Office Access Connectivity Engine Remote Code Execution
164649Microsoft Excel Remote Code Execution [CVE-2020-17067]
164648Microsoft Excel memory corruption [CVE-2020-17019]
164647Microsoft Excel memory corruption [CVE-2020-17066]
164646Microsoft Excel memory corruption [CVE-2020-17064]
164645Microsoft Excel memory corruption [CVE-2020-17065]
164644Microsoft Windows GDI+ Local Privilege Escalation [CVE-2020-17068]
164643Microsoft Windows Graphics privileges management [CVE-2020-17038]
164642Microsoft Windows Graphics information disclosure [CVE-2020-17004]
164641Microsoft Windows Canonical Display Driver information disclosure
164640Microsoft Windows DirectX privileges management [CVE-2020-16998]
164639Microsoft Exchange Server buffer overflow [CVE-2020-17084]
164638Microsoft Exchange Server denial of service [CVE-2020-17085]
164637Microsoft Exchange Server cross site scripting [CVE-2020-17083]
164636Microsoft Dynamics CRM cross site scripting [CVE-2020-17006]
164635Microsoft Dynamics 365 cross site scripting [CVE-2020-17021]
164634Microsoft Dynamics 365 cross site scripting [CVE-2020-17018]
164633Microsoft Dynamics 365 cross site scripting [CVE-2020-17005]
164632Microsoft Internet Explorer memory corruption [CVE-2020-17058]
164631Microsoft Windows Common Log File System Driver privileges management
164630Microsoft Azure Sphere Local Privilege Escalation [CVE-2020-16991]
164629Microsoft Azure Sphere information disclosure [CVE-2020-16990]
164628Microsoft Azure Sphere privileges management [CVE-2020-16989]
164627Microsoft Azure Sphere privileges management [CVE-2020-16992]
164626Microsoft Azure Sphere double free [CVE-2020-16970]
164625Microsoft Azure Sphere Local Privilege Escalation [CVE-2020-16994]
164624Microsoft Azure Sphere privileges management [CVE-2020-16993]
164623Microsoft Azure Sphere privileges management [CVE-2020-16988]
164622Microsoft Azure Sphere Local Privilege Escalation [CVE-2020-16983]
164621Microsoft Azure Sphere Local Privilege Escalation [CVE-2020-16982]
164620Microsoft Azure Sphere privileges management [CVE-2020-16981]
164619Microsoft Azure Sphere Local Privilege Escalation [CVE-2020-16984]
164618Microsoft Azure Sphere Local Privilege Escalation [CVE-2020-16987]
164617Microsoft Azure Sphere denial of service [CVE-2020-16986]
164616Microsoft Azure Sphere information disclosure [CVE-2020-16985]
164615Microsoft Azure DevOps Server unknown vulnerability [CVE-2020-1325]
164614Dundas BI Event cross site scripting [CVE-2020-28409]
164613Dundas BI Dashboard cross site scripting [CVE-2020-28408]
164612Xen Energy Monitoring Interface information disclosure [CVE-2020-28368]
164611SAP Fiori Launchpad News Tile Application server-side request forgery
164610SAP Process Integration PGP Module Business-to-Business Add On information disclosure
164609SAP Commerce Cloud Accelerator Payment Mock server-side request forgery
164608News ILIAS Magpie RSS injection [CVE-2020-25268]
164607ILIAS question-pool file-upload Preview cross site scripting
164606BlueStacks File Permission access control [CVE-2020-24367]
164605Canto Plugin download.php server-side request forgery [CVE-2020-24063]
164604Ilex Sign&Go Workstation Security Suite 000-sngWSService1.log symlink
164603Subrion CMS Plugin cross-site request forgery [CVE-2019-7357]
164602json-ptr Prototype set code injection
164601SAP ERP/S-4 HANA authorization [CVE-2020-6316]
164600Dell Inspiron 15 7579 2-in-1 BIOS SMM Communication buffer overflow
164599IBM Content Navigator Web UI cross site scripting [CVE-2020-4760]
164598IBM Content Navigator Web UI cross site scripting [CVE-2020-4704]
164597IBM Tivoli Key Lifecycle Manager insufficiently protected credentials
164596strikeentco set code injection [CVE-2020-28267]
164595TCL V8-R851T02-LF1/V8-T658T01-LF1 tcl Local Privilege Escalation
164594TCL V8-R851T02-LF1/V8-T658T01-LF1 Web Server information disclosure
164593TIBCO iProcess Workspace cross-site request forgery [CVE-2020-27146]
164592SAP Solution Manager Upgrade Legacy Ports Service authorization
164591SAP Solution Manager Upgrade Diagnostics Agent Connection Service authorization
164590SAP Solution Manager Outside Discovery Configuration Service authorization
164589SAP Solution Manager SVG Converter Service authorization [CVE-2020-26821]
164588SAP NetWeaver AS JAVA Administrator Console access control [CVE-2020-26820]
164587SAP NetWeaver AS ABAP Log File access control [CVE-2020-26819]
164586SAP NetWeaver AS ABAP information disclosure [CVE-2020-26818]
164585SAP 3D Visual Enterprise Viewer HPGL File denial of service [CVE-2020-26817]
164584SAP Commerce Cloud Commerce Module denial of service [CVE-2020-26810]
164583SAP Commerce Cloud Secure Media Folder medias improper authentication
164582SAP AS ABAP/S4 HANA code injection [CVE-2020-26808]
164581SAP ERP Client for E-Bilanz Filesystem Permission permission
164580MoinMoin HTTP Request pathname traversal
164579Apache Airflow Experimental API improper authentication [CVE-2020-13927]
164578Vivo Frame Touch Module denial of service [CVE-2020-12485]
164577A10 ACOS/aGalaxy Graphical User Interface Remote Code Execution
164576Google Android callCallbackForRequest permission assignment
164575Google Android updateNotification default permission
164574Google Android exif-entry.c exif_entry_get_value integer overflow
164573Google Android sbrdecoder.cpp sbrDecoder_AssignQmfChannels2SbrChannels out-of-bounds write
164572Google Android rw_i93_sm_format initialization
164571Google Android btm_sec_disconnected use after free
164570Google Android getPhoneAccountsForPackage information disclosure
164569Google Android out-of-bounds write [CVE-2020-0447]
164568Google Android out-of-bounds write [CVE-2020-0446]
164567Google Android out-of-bounds write [CVE-2020-0445]
164566Google Android LocaleList unusual condition
164565Google Android UI toBundle denial of service
164564Google Android Notification toBundle resource consumption
164563Google Android generatePackageInfo permission
164562Google Android ibinder.cpp AIBinder_Class uninitialized pointer
164561Google Android CellBroadcastReceiver's denial of service [CVE-2020-0437]
164560Google Android res_send.cpp send_vc out-of-bounds read
164559Google Android getPermissionInfosForGroup permission
164558Google Android FileMap.cpp out-of-bounds write
164557gdm3 gnome-initial-setup unusual condition [CVE-2020-16125]
164556IBM FileNet Content Manager csv injection [CVE-2020-4759]
164555IBM Maximo Spatial Asset Management cross-site request forgery
164554IBM Maximo Spatial Asset Management Local Cache information disclosure
164553Netgear R6250 upnpd buffer overflow [CVE-2020-28373]
164552ReadyTalk Avian FileOutputStream.write integer overflow
164551Locust Web UI cross site scripting [CVE-2020-28364]
164550CapaSystems CapaInstaller Privileges access control [CVE-2020-27977]
164549Trend Micro Interscan Messaging Security Virtual Appliance Library unknown vulnerability
164548Trend Micro Interscan Messaging Security Virtual Appliance Password Storage unknown vulnerability
164547Trend Micro Interscan Messaging Security Virtual Appliance information disclosure
164546Trend Micro Interscan Messaging Security Virtual Appliance server-side request forgery
164545Trend Micro Interscan Messaging Security Virtual Appliance XML External Entity xml external entity reference
164544Trend Micro Interscan Messaging Security Virtual Appliance cross-site request forgery
164543Simple LDAP Plugin Microsoft Active Directory Authentication improper authentication
164542Hazelcast IMDG Enterprise/Jet Enterprise LdapLoginModule members improper authentication
164541Microweber User Change session expiration [CVE-2020-23140]
164540Microweber user session [CVE-2020-23139]
164539Microweber Admin Account Page unrestricted upload [CVE-2020-23138]
164538Microweber session expiration [CVE-2020-23136]
164537Red Hat KeyCloak URL Transformation path traversal [CVE-2020-14366]
164536Atlassian gajira-comment GitHub Action Remote Privilege Escalation
164535Atlassian gajira-create GitHub Action preprocessArgs Remote Privilege Escalation
164534Netflix Dispatch Access Control access control [CVE-2020-9300]
164533Netflix Dispatch Incident Priority cross site scripting [CVE-2020-9299]
164532Brave Browser Desktop's Privacy-Preserving Analytics System cleartext storage
164531json8-merge-patch Package Constructor code injection [CVE-2020-8268]
164530Nextcloud Server Encrypted File downgrade [CVE-2020-8150]
164529Nextcloud Server Passphrase signature verification [CVE-2020-8133]
164528Red Hat Advanced Cluster Management for Kubernetes ManagedClusterView API permission
164527PEGA Platform Request Header cross site scripting [CVE-2020-24353]
164526BitDefender Endpoint Security Tools Update Server/BEST Relay server-side request forgery
164525Mitel ShoreTel Home Meeting Page index.php cross site scripting
164524ChirpStack Network Server Frequency Attribute collect.go CollectAndCallOnceCollect denial of service [Disputed]
164523Magento File Upload unrestricted upload [CVE-2020-24407]
164522Magento Installation information disclosure [CVE-2020-24406]
164521Magento Inventory Module improper authorization [CVE-2020-24405]
164520Magento Integrations improper authorization [CVE-2020-24404]
164519Magento Inventory Source permission [CVE-2020-24403]
164518Magento Integrations improper authorization [CVE-2020-24402]
164517Magento Authorization authorization [CVE-2020-24401]
164516Magento sql injection [CVE-2020-24400]
164515find-my-way Package Route denial of service [CVE-2020-7764]
164514TP-LINK Archer A7 AC1750 os command injection [CVE-2020-28347]
164513Server Status HTTP Status/SMTP Status cross site scripting
164512Countdown Timer Macro cross site scripting
164511Linking New Windows Macro cross site scripting
164510Refined Toolkit UI-Image/UI-Button cross site scripting
164509PlantUML Database Information Macro cross site scripting
164508LG Mobile Devices Wi-Fi Subsystem denial of service [CVE-2020-28345]
164507LG Mobile Devices System Service denial of service [CVE-2020-28344]
164506Samsung Mobile Devices NPU Driver memory corruption [CVE-2020-28343]
164505Samsung Mobile Devices S Secure Application improper authentication
164504Samsung Mobile Devices S3K250AF Secure Element CC EAL 5+ Chip buffer overflow
164503Samsung Mobile Devices Factory Reset Protection unknown vulnerability
164502usc-e-shop Plugin usces_unserialize injection
164501PackageKit Repository privileges management [CVE-2020-16122]
164500PackageKit information exposure [CVE-2020-16121]
164499NetApp SANtricity OS Controller Software Transmission cleartext transmission
164498Nessus Network Monitor path traversal [CVE-2020-5794]
164497Cisco WebEx Network Recording Player/Webex Player Email Attachment memory corruption
164496Cisco WebEx Network Recording Player/Webex Player Email Attachment memory corruption
164495Cisco SD-WAN CLI privileges management [CVE-2020-3600]
164494Cisco SD-WAN privileges management [CVE-2020-3595]
164493Cisco SD-WAN privileges management [CVE-2020-3594]
164492Cisco SD-WAN privileges management [CVE-2020-3593]
164491Cisco SD-WAN vManage Web-based Management Interface improper authorization
164490Cisco SD-WAN vManage Web-based Management Interface cross site scripting
164489Cisco SD-WAN vManage Web-based Management Interface cross site scripting
164488Cisco Webex Meetings Desktop App Virtualization Channel Messaging path traversal
164487Cisco SD-WAN vManage Web-based Management Interface cross site scripting
164486Cisco SD-WAN vManage Web-based Management Interface cross site scripting
164485Cisco IP Phone TCP Ingress denial of service [CVE-2020-3574]
164484Cisco WebEx Network Recording Player/Webex Player Email Attachment memory corruption
164483Cisco AnyConnect Secure Mobility Client Interprocess Communication input validation
164482Cisco Identity Services Engine Web-based Management Interface cross site scripting
164481Cisco SD-WAN Packet Filter input validation [CVE-2020-3444]
164480Cisco Integrated Management Controller Web UI os command injection
164479Cisco IOS Preboot eXecution Environment Boot Loader access control
164478SuiteCRM File Name php logger_file_name access control
164477Asterisk PBX SIP Invite res_pjsip_session denial of service
164476Axios Package Redirect server-side request forgery [CVE-2020-28168]
164475Cisco SD-WAN vManage CLI argument injection [CVE-2020-27129]
164474Cisco SD-WAN vManage Application Data Endpoint path traversal
164473Cisco AnyConnect Secure Mobility Client Interprocess Communication routine
164472Cisco Identity Services Engine Active Directory Account privileges assignment
164471Cisco Unified Communications Manager IM & Presence Service XCP Authentication Service denial of service
164470Alerta improper authentication [CVE-2020-26214]
164469teler Error denial of service [CVE-2020-26213]
164468Cisco TelePresence Collaboration Endpoint Video Endpoint API exposure of resource
164467Cisco Edge Fog Fabric REST API exposure of resource [CVE-2020-26084]
164466Cisco Identity Services Engine Web-based Management Interface cross site scripting
164465B. Braun OnlineSuite DLL uncontrolled search path [CVE-2020-25174]
164464B. Braun OnlineSuite path traversal [CVE-2020-25172]
164463B. Braun OnlineSuite Excel Export injection [CVE-2020-25170]
164462ad-ldap-connector Admin Panel cross-site request forgery [CVE-2020-15259]
164461Raptor RDF Syntax Library raptor_xml_writer.c raptor_xml_writer_start_element_common buffer overflow
164460NetApp SANtricity OS Controller Software denial of service [CVE-2020-8580]
164459HPE OneView/Synergy Composer access control [CVE-2020-7198]
164458TP-LINK Archer A7 USB Driver symlink [CVE-2020-5795]
164457IBM UrbanCode Deploy information disclosure [CVE-2020-4484]
164456IBM UrbanCode Deploy information exposure [CVE-2020-4483]
164455IBM UrbanCode Deploy REST Call access control [CVE-2020-4482]
164454Synopsys hub-rest-api-python SSL Certificate certificate validation
164453Play Framework PlayJava denial of service [CVE-2020-27196]
164452Play Framework JSON Document recursion [CVE-2020-26883]
164451Play Framework JSON form-data resource consumption
164450Cellinx NVT Web Server SetFileContent.cgi improper authentication
164449Joplin Note cross site scripting [CVE-2020-28249]
164448Asterisk PBX INVITE infinite loop [CVE-2020-28242]
164447MIT Kerberos 5 ASN.1 asn1_encode.c recursion
164446NATS nats-server access control [CVE-2020-26892]
164445NATS nats-server JWT Library null pointer dereference [CVE-2020-26521]
164444SaltStack Salt salt-netapi improper authentication [CVE-2020-25592]
164443SaltStack Salt TLS Module certificate validation [CVE-2020-17490]
164442SaltStack Salt Salt API os command injection [CVE-2020-16846]
164441Kuka SVisual Components License Manager Service denial of service
164440Kuka Visual Components License Manager Service information disclosure
164439Studyplus App API Key hard-coded credentials [CVE-2020-5667]
164438Mitsubishi Electric GT1455-QTBDE TCPIP resource consumption [CVE-2020-5649]
164437Mitsubishi Electric GT1455-QTBDE TCPIP argument injection
164436Mitsubishi Electric GT1455-QTBDE TCPIP access control [CVE-2020-5647]
164435Mitsubishi Electric GT1455-QTBDE TCPIP null pointer dereference
164434Mitsubishi Electric GT1455-QTBDE TCPIP session fixiation [CVE-2020-5645]
164433Mitsubishi Electric GT1455-QTBDE TCPIP buffer overflow [CVE-2020-5644]
164432Cybozu Garoon Bulletin Board input validation [CVE-2020-5643]
164431libmaxminddb maxminddb.c dump_entry_data_list heap-based overflow
164430tmux input.c input_csi_dispatch_sgr_colon stack-based overflow
164429libvirt Socket permission assignment [CVE-2020-15708]
164428Apple watchOS WebKit use after free [CVE-2020-27918]
164427Apple watchOS Logging path traversal [CVE-2020-10010]
164426Apple watchOS libxml2 integer overflow [CVE-2020-27911]
164425Apple watchOS libxml2 use after free [CVE-2020-27917]
164424Apple watchOS Kernel type confusion [CVE-2020-27932]
164423Apple watchOS Kernel memory corruption [CVE-2020-10016]
164422Apple watchOS Kernel state issue [CVE-2020-9974]
164421Apple watchOS Kernel initialization [CVE-2020-27950]
164420Apple watchOS IOAcceleratorFamily memory corruption [CVE-2020-27905]
164419Apple watchOS ImageIO out-of-bounds write [CVE-2020-27912]
164418Apple watchOS Foundation state issue [CVE-2020-10002]
164417Apple watchOS FontParser out-of-bounds write [CVE-2020-27927]
164416Apple watchOS FontParser memory corruption [CVE-2020-27930]
164415Apple watchOS Crash Reporter symlink [CVE-2020-10003]
164414Apple watchOS CoreAudio out-of-bounds read [CVE-2020-27909]
164413Apple watchOS CoreAudio out-of-bounds write [CVE-2020-10017]
164412Apple watchOS Audio out-of-bounds write [CVE-2020-27916]
164411Apple watchOS Audio out-of-bounds read [CVE-2020-27910]
164410Apple macOS Kernel initialization [CVE-2020-27950]
164409Apple macOS Kernel type confusion [CVE-2020-27932]
164408Apple macOS FontParser memory corruption [CVE-2020-27930]
164407Apple tvOS WebKit use after free [CVE-2020-27918]
164406Apple tvOS Logging path traversal [CVE-2020-10010]
164405Apple tvOS libxml2 integer overflow [CVE-2020-27911]
164404Apple tvOS libxml2 use after free [CVE-2020-27917]
164403Apple tvOS Kernel memory corruption [CVE-2020-10016]
164402Apple tvOS Kernel information disclosure [CVE-2020-9974]
164401Apple tvOS IOAcceleratorFamily memory corruption [CVE-2020-27905]
164400Apple tvOS ImageIO out-of-bounds write [CVE-2020-27912]
164399Apple tvOS Foundation behavioral workflow [CVE-2020-10002]
164398Apple tvOS FontParser out-of-bounds write [CVE-2020-27927]
164397Apple tvOS Crash Reporter symlink [CVE-2020-10003]
164396Apple tvOS CoreAudio out-of-bounds read [CVE-2020-27909]
164395Apple tvOS CoreAudio out-of-bounds write [CVE-2020-10017]
164394Apple tvOS Audio out-of-bounds write [CVE-2020-27916]
164393Apple tvOS Audio out-of-bounds read [CVE-2020-27910]
164392Apple iOS/iPadOS WebKit use after free [CVE-2020-27918]
164391Apple iOS/iPadOS Model I/O out-of-bounds read [CVE-2020-10011]
164390Apple iOS/iPadOS Model I/O out-of-bounds read [CVE-2020-13524]
164389Apple iOS/iPadOS Model I/O behavioral workflow [CVE-2020-10004]
164388Apple iOS/iPadOS Logging path traversal [CVE-2020-10010]
164387Apple iOS/iPadOS libxml2 use after free [CVE-2020-27926]
164386Apple iOS/iPadOS libxml2 integer overflow [CVE-2020-27911]
164385Apple iOS/iPadOS libxml2 use after free [CVE-2020-27917]
164384Apple iOS/iPadOS Keyboard improper authentication [CVE-2020-27902]
164383Apple iOS/iPadOS Kernel type confusion [CVE-2020-27932]
164382Apple iOS/iPadOS Kernel memory corruption [CVE-2020-10016]
164381Apple iOS/iPadOS Kernel information disclosure [CVE-2020-9974]
164380Apple iOS/iPadOS Kernel information disclosure [CVE-2020-27950]
164379Apple iOS/iPadOS IOAcceleratorFamily memory corruption [CVE-2020-27905]
164378Apple iOS/iPadOS ImageIO out-of-bounds write [CVE-2020-27912]
164377Apple iOS/iPadOS Foundation behavioral workflow [CVE-2020-10002]
164376Apple iOS/iPadOS FontParser out-of-bounds write [CVE-2020-27927]
164375Apple iOS/iPadOS FontParser memory corruption [CVE-2020-27930]
164374Apple iOS/iPadOS Crash Reporter symlink [CVE-2020-10003]
164373Apple iOS/iPadOS CoreAudio out-of-bounds read [CVE-2020-27909]
164372Apple iOS/iPadOS CoreAudio out-of-bounds write [CVE-2020-10017]
164371Apple iOS/iPadOS CallKit state issue [CVE-2020-27925]
164370Apple iOS/iPadOS Audio out-of-bounds write [CVE-2020-27916]
164369Apple iOS/iPadOS Audio out-of-bounds read [CVE-2020-27910]
164368Apple iOS FaceTime out-of-bounds read [CVE-2020-27929]
164367UniFi Protect controller API improper authentication [CVE-2020-8267]
164366HPE Proliant Gen10 Server Intel Innovation Engine access control
164365ZTE ZXA10 eODN information disclosure [CVE-2020-6877]
164364Check Point Endpoint Security Log File link following [CVE-2020-6015]
164363F5 BIG-IP Advanced WAF/BIG-IP FPS Traffic Management Microkernel denial of service
164362F5 BIG-IP TMUI Page cross site scripting [CVE-2020-5945]
164361F5 BIG-IQ DNS Overview Page information exposure [CVE-2020-5944]
164360F5 BIG-IP REST Interface access control [CVE-2020-5943]
164359F5 BIG-IP PEM Traffic Management Microkernel denial of service
164358F5 BIG-IP Traffic Management Microkernel lookup denial of service
164357F5 BIG-IP Configuration utility Traffic Management User Interface cross site scripting
164356F5 BIG-IP Virtual Edition Traffic Management Microkernel O denial of service
164355Tenable Nessus/Nessus Agent access control [CVE-2020-5793]
164354Marmind Todo injection [CVE-2020-26507]
164353Marmind cross site scripting [CVE-2020-26505]
164352Micro Focus Self Service Password Reset information disclosure
164351Red Hat Linux Bluetooth Stack stack-based overflow [CVE-2020-25662]
164350Red Hat Linux L2CAP Packet type confusion [CVE-2020-25661]
164349Apache Shiro Spring improper authentication [CVE-2020-17510]
164348HCL Digital Experience cross site scripting [CVE-2020-14222]
164347Telerik Fiddler Local Privilege Escalation [CVE-2020-13661]
164346Moxa MXView permission [CVE-2020-13537]
164345Moxa MXView permission [CVE-2020-13536]
164344Silver Peak Unity Orchestrator REST API sqlExecution path traversal
164343Silver Peak Unity Orchestrator REST API debugFiles path traversal
164342Silver Peak Unity Orchestrator HTTP Host Header improper authentication
164341IBM QRadar SIEM Multi Tenant Configuration information disclosure
164340phantom-html-to-pdf information disclosure [CVE-2020-7763]
164339jsreport-chrome-pdf information disclosure [CVE-2020-7762]
164338AudimexEE sql injection [CVE-2020-28115]
164337AudimexEE Configuration Parameter cross site scripting [CVE-2020-28047]
164336Git LFS command injection [CVE-2020-27955]
164335RVTools Configuration File RVToolsPasswordEncryption.exe insufficiently protected credentials
164334Hindotech HK1 Box S905X3 Serial Port su Local Privilege Escalation
164333Marmind Web Application Web GUI authorization [CVE-2020-26506]
164332InterMind iMind Server Chat cross site scripting [CVE-2020-25399]
164331InterMind iMind Server CSV Export injection [CVE-2020-25398]
164330FruityWifi Metacharacter page_config_adv.php os command injection
164329Immuta cross site scripting [CVE-2020-15952]
164328Immuta Project Name redirect [CVE-2020-15951]
164327Immuta user session [CVE-2020-15950]
164326Immuta User Account permission [CVE-2020-15949]
164325absolunet kafe Email Validator denial of service [CVE-2020-7761]
164324HorizontCMS FileManager unrestricted upload
164323Aruba AirWave command injection [CVE-2020-7129]
164322Aruba AirWave command injection [CVE-2020-7128]
164321SDDM X Server race condition [CVE-2020-28049]
164320Relish VH510 Web Management Portal denial of service [CVE-2020-27692]
164319Relish VH510 URLBlocking Setting cross site scripting [CVE-2020-27691]
164318Relish VH510 Web Management Portal formDOMAINBLK buffer overflow
164317Relish VH510 Web Management Interface backdoor [CVE-2020-27689]
164316DatabaseSchemaViewer dbschema File deserialization [CVE-2020-26207]
164315Hashicorp Consul Enterprise Namespace denial of service [CVE-2020-25201]
164314Subrion CMS cross site scripting [CVE-2019-7356]
164313tcpdump ppp Decapsulator allocation of resources [CVE-2020-8037]
164312tcpdump SOME/IP Dissector tok2strbuf out-of-bounds read
164311Fuel CMS Page Preview access control [CVE-2020-26167]
164310VMware Lab Manager Slaves Plugin credentials storage [CVE-2020-2319]
164309Mail Commander Plugin for Jenkins-ci Plugin credentials storage
164308FindBugs Plugin Tooltip cross site scripting [CVE-2020-2317]
164307Static Analysis Utilities Plugin Tooltip Configure cross site scripting
164306Visualworks Store Plugin XML Parser xml external entity reference
164305AppSpider Plugin Configuration File credentials storage [CVE-2020-2314]
164304Azure Key Vault Plugin Credentials Read authorization
164303Jenkins SQLPlus Script Runner Plugin Command Line Argument insufficiently protected credentials
164302Jenkins AWS Global Configuration Plugin authorization [CVE-2020-2311]
164301Ansible Plugin authorization [CVE-2020-2310]
164300Kubernetes Plugin authorization [CVE-2020-2309]
164299Kubernetes Plugin Template Name authorization [CVE-2020-2308]
164298Kubernetes Plugin Environment Variable information disclosure
164297Mercurial Plugin Installation authorization [CVE-2020-2306]
164296Mercurial Plugin XML Parser xml external entity reference [CVE-2020-2305]
164295Subversion Plugin XML Parser xml external entity reference [CVE-2020-2304]
164294Active Directory Plugin cross-site request forgery [CVE-2020-2303]
164293Active Directory Plugin Domain Health Check Diagnostic Page authorization
164292Active Directory Plugin Windows ADSI Mode improper authentication
164291Active Directory Plugin Windows ADSI Mode improper authentication
164290Active Directory Plugin improper authentication [CVE-2020-2299]
164289phpMyAdmin Export Section injection [CVE-2020-22278]
164288Import and Export Users and Customers Plugin Customer Profile injection
164287WeForms Plugin injection [CVE-2020-22276]
164286Easy Registration Forms Plugin injection [CVE-2020-22275]
164285JomSocial Customer Profile injection [CVE-2020-22274]
164284Neoflex Video Subscription System cross-site request forgery
164283Linux Kernel KVM Hypervisor stack-based overflow [CVE-2020-27152]
164282HCL Notes Client cross site scripting [CVE-2020-14240]
164281HCL Notes Client Email Composer buffer overflow [CVE-2020-4097]
164280QEMU ati-vga Emulator process ati_2d_blt out-of-bounds read
164279QEMU Networking Helper eth_get_gso_type assertion
164278Adobe Acrobat Reader use after free [CVE-2020-24438]
164277Adobe Acrobat Reader use after free [CVE-2020-24437]
164276Adobe Acrobat Reader use after free [CVE-2020-24430]
164275Adobe Acrobat Reader race condition [CVE-2020-24428]
164274Adobe Acrobat Reader out-of-bounds read [CVE-2020-24434]
164273Adobe Acrobat Reader out-of-bounds read [CVE-2020-24426]
164272Adobe Acrobat Reader out-of-bounds write [CVE-2020-24436]
164271Adobe Acrobat Reader security check for standard [CVE-2020-24431]
164270Adobe Acrobat Reader input validation [CVE-2020-24427]
164269Adobe Acrobat Reader signature verification [CVE-2020-24429]
164268Adobe Acrobat Reader signature verification [CVE-2020-24439]
164267Adobe Acrobat Reader input validation [CVE-2020-24432]
164266Adobe Acrobat Reader access control [CVE-2020-24433]
164265Adobe Acrobat Reader heap-based overflow [CVE-2020-24435]
164264BookStack Link cross site scripting [CVE-2020-26211]
164263BookStack Link cross site scripting [CVE-2020-26210]
164262Facebook WhatsApp/WhatsApp Business Video Call use after free
164261Facebook WhatsApp/WhatsApp Business Siri improper authorization
164260IBM App Connect Enterprise Certified Container improper restriction of rendered ui layers
164259IBM Planning Analytics Local TM1Web User Session user session
164258IBM Maximo Anywhere config [CVE-2019-4349]
164257Sony KD-65AF8 USB3 Device denial of service [CVE-2020-28207]
164256Google Chrome Networking clickjacking [CVE-2020-6557]
164255Google Chrome UI buffer overflow [CVE-2020-16011]
164254Google Chrome UI buffer overflow [CVE-2020-16010]
164253Google Chrome v8 heap-based overflow [CVE-2020-16009]
164252Google Chrome WebRTC buffer overflow [CVE-2020-16008]
164251Google Chrome Installer access control [CVE-2020-16007]
164250Google Chrome v8 heap-based overflow [CVE-2020-16006]
164249Google Chrome ANGLE heap-based overflow [CVE-2020-16005]
164248Google Chrome User Interface use after free [CVE-2020-16004]
164247Google Chrome Renderer Process use after free [CVE-2020-15998]
164246Google Chrome Mojo use after free [CVE-2020-15997]
164245Google Chrome Passwords use after free [CVE-2020-15996]
164244Google Chrome v8 out-of-bounds write [CVE-2020-15995]
164243Google Chrome v8 use after free [CVE-2020-15994]
164242Google Chrome Printing use after free [CVE-2020-15993]
164241Google Chrome Same Origin Policy unknown vulnerability [CVE-2020-15992]
164240Google Chrome Password Manager use after free [CVE-2020-15991]
164239Google Chrome Autofill use after free [CVE-2020-15990]
164238Google Chrome PDFium uninitialized pointer [CVE-2020-15989]
164237Google Chrome Download access control [CVE-2020-15988]
164236Google Chrome WebRTC Stream use after free [CVE-2020-15987]
164235Google Chrome Media integer overflow [CVE-2020-15986]
164234Google Chrome clickjacking [CVE-2020-15985]
164233Google Chrome Omnibox clickjacking [CVE-2020-15984]
164232Google Chrome webUI improper restriction of rendered ui layers
164231Google Chrome information disclosure [CVE-2020-15982]
164230Google Chrome out-of-bounds read [CVE-2020-15981]
164229Google Chrome Intents Local Privilege Escalation [CVE-2020-15980]
164228Google Chrome v8 heap-based overflow [CVE-2020-15979]
164227Google Chrome Navigation input validation [CVE-2020-15978]
164226Google Chrome Dialog Validation information disclosure [CVE-2020-15977]
164225Google Chrome HTML use after free [CVE-2020-15976]
164224Google Chrome SwiftShader integer overflow [CVE-2020-15975]
164223Google Blink integer overflow [CVE-2020-15974]
164222Google Chrome Same Origin Policy unknown vulnerability [CVE-2020-15973]
164221Google Chrome Audio use after free [CVE-2020-15972]
164220Google Chrome Renderer Process use after free [CVE-2020-15971]
164219Google Chrome NFC use after free [CVE-2020-15970]
164218Google Chrome WebRTC use after free [CVE-2020-15969]
164217Google Chrome Blink use after free [CVE-2020-15968]
164216Google Chrome Payments use after free [CVE-2020-15967]
164215Swift JSON stack-based overflow [CVE-2020-9861]
164214Module Olea Gift On Order getfile.php pathname traversal
164213Nextcloud Server WebAuthn improper authentication [CVE-2020-8236]
164212Nextcloud Server API Call credentials storage [CVE-2020-8183]
164211Nextcloud Server Encryption random values [CVE-2020-8173]
164210browserless-chrome File Path path traversal [CVE-2020-7758]
164209droppy Configuration File path traversal [CVE-2020-7757]
164208Check Point Software Endpoint Security Client Anti-Bot/Threat Emulation uncontrolled search path
164207Mitsubishi Electric MELSEC iQ-R Network Interface resource consumption
164206Mitsubishi Electric MELSEC iQ-R Network Interface argument injection
164205Mitsubishi Electric MELSEC iQ-R Network Interface access control
164204Mitsubishi Electric MELSEC iQ-R Network Interface null pointer dereference
164203Mitsubishi Electric MELSEC iQ-R Network Interface IP session fixiation
164202Mitsubishi Electric MELSEC iQ-R Network Interface buffer overflow
164201Mitsubishi Electric MELSEC iQ-R/MELSEC iQ-Q/MELSEC iQ-L 02 resource consumption
164200ProlinOS access control [CVE-2020-28046]
164199ProlinOS Signature insufficient verification of data authenticity
164198ProlinOS Management Mode permission [CVE-2020-28044]
164197MISP REST Client server-side request forgery [CVE-2020-28043]
164196ServiceStack JWT Signature Verification signature verification
164195Netgear Nighthawk R7000 NAT protection mechanism [CVE-2020-28041]
164194WordPress Background Image cross-site request forgery [CVE-2020-28040]
164193WordPress File meta.php is_protected_meta path traversal
164192WordPress Post Slug cross site scripting [CVE-2020-28038]
164191WordPress Installation functions.php is_blog_installed access control
164190WordPress XML-RPC class-wp-xmlrpc-server.php access control
164189WordPress XML-RPC access control [CVE-2020-28035]
164188WordPress Global Variable cross site scripting [CVE-2020-28034]
164187WordPress Embed unknown vulnerability [CVE-2020-28033]
164186WordPress FilteredIterator.php deserialization
164185eramba HTTP Host Header injection [CVE-2020-28031]
164184Wireshark GQUIC Dissector packet-gquic.c denial of service
164183SonarQube Project Endpoint submit improper authentication
164182Dr.Fone DriverInstall.exe access control
164181IceWarp cross site scripting [CVE-2020-27982]
164180Electronic Arts Origin Client access control [CVE-2020-27708]
164179REDCap Messenger cross site scripting [CVE-2020-27359]
164178REDCap CSV information disclosure [CVE-2020-27358]
164177Bouncy Castle BC/BC-FJA RSA Private Key information exposure
164176WildFly Connection resource consumption [CVE-2020-25689]
164175osTicket server-side request forgery [CVE-2020-24881]
164174NeDi pwsec.php cross site scripting
164173NeDi rt-popup.php cross site scripting
164172Moxa VPort 461 command injection [CVE-2020-23639]
164171Electronic Arts Origin Client Javascript cross site scripting
164170Oracle WebLogic Server Remote Code Execution [CVE-2020-14750]
164169Foxit Reader Javascript API app.opencPDFWebPage access control
164168go-ipfs Routing Table unknown vulnerability [CVE-2020-10937]
164167Shun Hu JUUKO K-808 authentication replay [CVE-2018-19025]
164166Shun Hu JUUKO K-800 authentication replay [CVE-2018-17932]
164165QNAP Photo Station Scripting photo_station cross site scripting
164164QNAP Photo Station Scripting photo_station cross site scripting
164163QNAP Photo Station cross site scripting [CVE-2018-19954]
164162QNAP Music Station SQL Injection sql injection [CVE-2018-19952]
164161QNAP Music Station Scripting cross site scripting [CVE-2018-19951]
164160QNAP Music Station Command command injection [CVE-2018-19950]
164159Qualcomm Snapdragon Auto PDU state issue [CVE-2020-3704]
164158Qualcomm Snapdragon Auto Bluetooth buffer overflow [CVE-2020-3703]
164157Qualcomm Snapdragon Auto Permission use after free [CVE-2020-3696]
164156Qualcomm Snapdragon Auto qseecom buffer overflow [CVE-2020-3694]
164155Qualcomm Snapdragon Auto qseecom buffer overflow [CVE-2020-3693]
164154Qualcomm Snapdragon Auto IMEI buffer overflow [CVE-2020-3692]
164153Qualcomm Snapdragon Auto SMUU Configuration unknown vulnerability
164152Qualcomm Snapdragon Auto QSEE permission [CVE-2020-3684]
164151Qualcomm Snapdragon Consumer IOT API buffer overflow [CVE-2020-3678]
164150Qualcomm Snapdragon Auto SIP Message buffer overflow [CVE-2020-3673]
164149Qualcomm Snapdragon Auto NAS Transport out-of-bounds read [CVE-2020-3670]
164148Qualcomm Snapdragon Auto Device Control array index [CVE-2020-3657]
164147Qualcomm Snapdragon Auto SIP Message buffer overflow [CVE-2020-3654]
164146Qualcomm Snapdragon Auto access control [CVE-2020-3638]
164145Qualcomm Snapdragon Auto array index [CVE-2020-11174]
164144Qualcomm Snapdragon Auto fastRPC Driver race condition [CVE-2020-11173]
164143Qualcomm Snapdragon Wired Infrastructure and Networking fscanf stack-based overflow
164142Qualcomm Snapdragon Auto L2CAP Packet integer overflow [CVE-2020-11169]
164141Qualcomm Snapdragon Auto Perfdump access control [CVE-2020-11164]
164140Qualcomm Snapdragon Auto MHI Driver buffer overflow [CVE-2020-11162]
164139Qualcomm Snapdragon Auto Control Message denial of service [CVE-2020-11157]
164138Qualcomm Snapdragon Auto Bluetooth buffer overflow [CVE-2020-11156]
164137Qualcomm Snapdragon Auto Bluetooth buffer overflow [CVE-2020-11155]
164136Qualcomm Snapdragon Auto Bluetooth buffer overflow [CVE-2020-11154]
164135Qualcomm Snapdragon Auto GATT Data out-of-bounds read [CVE-2020-11153]
164134Qualcomm Snapdragon Auto Bluetooth estack buffer overflow [CVE-2020-11141]
164133Qualcomm Snapdragon Auto MHI Command out-of-bounds read [CVE-2020-11125]
164132Qualcomm Snapdragon Compute Bluetooth buffer overflow [CVE-2020-11114]
164131MailGates/MailAudit command injection [CVE-2020-25849]
164130vBulletin subWidgets Data widget_tabbedcontainer_tab_panel command injection
164129NVIDIA CUDA Toolkit NVJPEG Library out-of-bounds write [CVE-2020-5991]
164128VMware Tanzu SSO Operator Dashboard improper authentication [CVE-2020-5425]
164127IBM i2 iBase unrestricted upload [CVE-2020-4588]
164126IBM i2 iBase information exposure [CVE-2020-4584]
164125apt Error Message path traversal [CVE-2020-15703]
164124baserCMS Edit Template unrestricted upload [CVE-2020-15277]
164123baserCMS Blog Comment cross site scripting [CVE-2020-15276]
164122baserCMS Edit Feed Settings cross site scripting [CVE-2020-15273]
164121Microsoft Windows Kernel Cryptography Driver cng.sys CfgAdtpFormatPropertyBlock buffer overflow
164120codemirror Regular Expression incorrect regex [CVE-2020-7760]
164119Pimcore sql injection [CVE-2020-7759]
164118F5 BIG-IP IPSec Tunnel inadequate encryption [CVE-2020-5938]
164117F5 BIG-IP AFM Traffic Management Microkernel denial of service
164116Big BIG-IP LTM Traffic Management Microkernel resource consumption
164115F5 BIG-IP MQTT Traffic denial of service [CVE-2020-5935]
164114F5 BIG-IP APM SLO URL denial of service [CVE-2020-5934]
164113F5 BIG-IP HTTP Compression resource consumption [CVE-2020-5933]
164112F5 BIG-IP ASM Configuration Utility cross site scripting [CVE-2020-5932]
164111F5 BIG-IP OneConnect Profile resource consumption [CVE-2020-5931]
164110IBM Resilient SOAR authentication spoofing [CVE-2020-4864]
164109IBM i2 Analyst Notebook memory corruption [CVE-2020-4724]
164108IBM i2 Analyst Notebook memory corruption [CVE-2020-4723]
164107IBM i2 Analyst Notebook memory corruption [CVE-2020-4722]
164106IBM i2 Analyst Notebook Memory memory corruption [CVE-2020-4721]
164105FastReport GetProcAddress inadequate encryption
164104SmartStoreNET unknown vulnerability [CVE-2020-27996]
164103Zoho ManageEngine Applications Manager sql injection
164102Hrsale pathname traversal [CVE-2020-27993]
164101EyesOfNetwork AutoDiscovery Module autodiscovery.php os command injection
164100EyesOfNetwork eonweb Web Interface functions.php username_available sql injection
164099WSO2 API Manager cross site scripting [CVE-2020-27885]
164098Click Studios Passwordstate PIN Generator information disclosure
164097Western Digital My Cloud NAS access control [CVE-2020-27744]
164096Trend Micro Antivirus information exposure [CVE-2020-27015]
164095Trend Micro Antivirus Web Threat Protection race condition [CVE-2020-27014]
164094Sal machine_list cross site scripting
164093Commvault CommCell pathname traversal [CVE-2020-25780]
164092Ansible Community Private Key openssl_privatekey_info log file
164091WSO2 Enterprise Integrator BPMN Explorer Task cross site scripting
164090Broadleaf Scripting HTTP POST cross site scripting [CVE-2020-21266]
164089Samba Winbind service null pointer dereference [CVE-2020-14323]
164088IBM Security Directory Server Authorization Token missing secure attribute
164087IBM Security Directory Server information exposure [CVE-2019-4547]
164086Rapid7 Metasploit APK File command injection [CVE-2020-7384]
164085chart.js Options Parameter code injection [CVE-2020-7746]
164084Synology Router Manager Set-Cookie Header cookie without 'httponly' flag
164083Synology Router Manager DDNS channel accessible [CVE-2020-27657]
164082Synology DiskStation Manager DDNS channel accessible [CVE-2020-27656]
164081Synology Router Manager QuickConnect access control [CVE-2020-27655]
164080Synology Router Manager lbd tcp access control
164079Synology Router Manager QuickConnect channel accessible [CVE-2020-27653]
164078Synology DiskStation Manager QuickConnect channel accessible
164077Synology Router Manager missing secure attribute [CVE-2020-27651]
164076Synology DiskStation Manager missing secure attribute [CVE-2020-27650]
164075Synology Router Manager OpenVPN Client certificate validation
164074Synology DiskStation Manager OpenVPN Client channel accessible
164073SonarQube values missing encryption [Disputed]
164072Firefly III Auto-Complete cross site scripting [CVE-2020-27981]
164071Genexis Platinum-4410 cross site scripting [CVE-2020-27980]
164070Citadel WebCit Object Reference msg_confirm_move authorization
164069Citadel WebCit Parameter cross site scripting [CVE-2020-27741]
164068Citadel WebCit information disclosure [CVE-2020-27740]
164067Citadel WebCit user session [CVE-2020-27739]
164066Dual DHCP DNS Server DualServer.exe access control
164065Home DNS Server HomeDNSServer.exe access control
164064Open DHCP Server OpenDHCPServer.exe access control
164063Open TFTP Server Multithreaded OpenTFTPServerMT.exe access control
164062Sectona Spectra SOAP API Endpoint improper authentication [CVE-2020-25966]
164061CyberArk Privileged Session Manager Error Popup Message information disclosure
164060God Kings App Push Notification improper authorization [CVE-2020-25204]
164059QSC Q-SYS Core Manager TFTP Service passwd pathname traversal
164058Gophish Cookie session expiration [CVE-2020-24713]
164057Gophish Account Settings Page cross site scripting [CVE-2020-24712]
164056Gophish Account Settings Page denial of service [CVE-2020-24711]
164055Gophish server-side request forgery [CVE-2020-24710]
164054Gophish Landing Page/Email Template cross site scripting [CVE-2020-24709]
164053Gophish Send Profile Form cross site scripting [CVE-2020-24708]
164052Gophish CSV csv injection [CVE-2020-24707]
164051Winston Configuration unknown vulnerability [CVE-2020-16263]
164050Winston access control [CVE-2020-16262]
164049Winston U-Boot Interrupt access control [CVE-2020-16261]
164048Winston improper authorization [CVE-2020-16260]
164047Winston permission assignment [CVE-2020-16259]
164046Winston Monit Service hard-coded credentials [CVE-2020-16258]
164045Winston API cross-site request forgery [CVE-2020-16256]
164044NVIDIA DGX AMI BMC Firmware weak prng [CVE-2020-11616]
164043NVIDIA DGX Cipher Key hard-coded key [CVE-2020-11615]
164042NVIDIA DGX-1/DGX-2 AMI BMC Firmware information disclosure [CVE-2020-11489]
164041NVIDIA DGX-1/DGX-2 Firmware Signature code download [CVE-2020-11488]
164040NVIDIA DGX-1/DGX-2/DGX A100 AMI BMC Firmware hard-coded key [CVE-2020-11487]
164039NVIDIA DGX-1 AMI BMC Firmware unrestricted upload [CVE-2020-11486]
164038NVIDIA DGX-1 cross-site request forgery [CVE-2020-11485]
164037NVIDIA DGX-1 AMI BMC Firmware IPMI information disclosure
164036NVIDIA DGX-1/DGX-2 AMI BMC Firmware hard-coded credentials [CVE-2020-11483]
164035QNAP QTS cross site scripting [CVE-2018-19953]
164034QNAP QTS command injection [CVE-2018-19949]
164033QNAP QTS cross site scripting [CVE-2018-19943]
164032IBM WebSphere Application Server path traversal [CVE-2020-4782]
164031Microsoft Sterling Connect Direct buffer overflow [CVE-2020-4767]
164030Shibboleth Identify Provider Login Flow denial of service [CVE-2020-27978]
164029osCommerce Phoenix CE POST Parameter mail.php os command injection
164028osCommerce Phoenix CE define_language.php cross-site request forgery
164027NeoPost Mail Accounting Software Pro FUS_SCM_BlockStart.php cross site scripting
164026Grafana Query cross site scripting [CVE-2020-24303]
164025Snap7 Server COTP Protocol denial of service [CVE-2020-22552]
164024Winston API command injection [CVE-2020-16257]
164023Red Discord Bot Mod Module access control [CVE-2020-15278]
164022Pulse Connect Secure User Web Interface cross site scripting
164021Pulse Connect Secure/Pulse Policy Secure User Web Interface cross site scripting
164020Pulse Connect Secure/Pulse Policy Secure Cookie buffer overflow
164019Pulse Connect Secure Admin Web Interface unrestricted upload
164018Pulse Connect Secure Admin Web Interface input validation [CVE-2020-8255]
164017Pulse Secure Desktop Client Dynamic Certificate Trust path traversal
164016Pulse Secure Desktop Client access control [CVE-2020-8250]
164015Pulse Secure Desktop Client buffer overflow [CVE-2020-8249]
164014Pulse Secure Desktop Client access control [CVE-2020-8248]
164013Pulse Secure Desktop Client channel accessible [CVE-2020-8241]
164012Pulse Secure Desktop Client Embedded Browser unknown vulnerability
164011Pulse Secure Desktop Client Registry Privileges access control
164010Mozilla Firefox EC Scalar Point Multiplication key management
164009SonicWALL Global VPN Client Library uncontrolled search path
164008SonicWALL Global VPN Client untrusted search path [CVE-2020-5144]
164007Apple Music Application information disclosure [CVE-2020-9982]
164006Apple tvOS Assets resource transfer [CVE-2020-9979]
164005Apple tvOS Web Contents memory corruption [CVE-2020-9932]
164004Apple iOS/iPadOS Web Contents memory corruption [CVE-2020-9932]
164003Apple Safari Web Contents memory corruption [CVE-2020-9932]
164002Apple Safari Javascript input validation [CVE-2020-9860]
164001Apple macOS Application access control [CVE-2020-9786]
164000Apple macOS Path Validation path traversal [CVE-2020-9782]
163999Apple macOS Siri Suggestion access control [CVE-2020-9774]
163998dat.gui RGB/RGBA incorrect regex [CVE-2020-7755]
163997Apple macOS Image out-of-bounds read [CVE-2020-3880]
163996Apple tvOS Image out-of-bounds read [CVE-2020-3880]
163995Apple iOS/iPadOS Image out-of-bounds read [CVE-2020-3880]
163994Apple watchOS Image out-of-bounds read [CVE-2020-3880]
163993Apple macOS Application memory corruption [CVE-2020-3863]
163992MediaWiki RandomGameUnit Extension hard-coded credentials [CVE-2020-27957]
163991SourceCodester Car Rental Management System File Upload unrestricted upload
163990Texas Instruments CC2538 Zigbee Protocol zclParseInDiscCmdsRspCmd stack-based overflow
163989Texas Instruments CC2538 Zigbee Protocol zclHandleExternal stack-based overflow
163988Texas Instruments CC2538 Zigbee Protocol zclParseInWriteCmd stack-based overflow
163987Ubiquiti UniFi Meshing Access Point UAP-AC-M Credential Cache state issue
163986Wire AVS/Secure Messenger sdp.c sdp_media_set_lattr denial of service
163985Western Digital My Cloud NAS AvailableApps.php privileges management
163984Western Digital My Cloud NAS DsdkProxy.php input validation
163983Western Digital My Cloud cgi_api.php access control
163982Western Digital My Cloud reg_device.php input validation
163981Greenmart Theme Search cross site scripting [CVE-2020-16140]
163980Blueman D-Bus Interface argument injection [CVE-2020-15238]
163979Western Digital My Cloud buffer overflow [CVE-2020-12830]
163978Apple iOS/iPadOS SSH signature verification [CVE-2019-8901]
163977Apple iTunes Storage Access API information disclosure [CVE-2019-8898]
163976Apple Safari Storage Access API information disclosure [CVE-2019-8898]
163975Apple tvOS Storage Access API information disclosure [CVE-2019-8898]
163974Apple iOS/iPadOS Storage Access API information disclosure [CVE-2019-8898]
163973Apple macOS State Management state issue [CVE-2019-8858]
163972Apple iOS/iPadOS Live Photo information disclosure [CVE-2019-8857]
163971Apple macOS API state issue [CVE-2019-8856]
163970Apple watchOS API state issue [CVE-2019-8856]
163969Apple iOS/iPadOS API state issue [CVE-2019-8856]
163968Apple macOS Restrictions sandbox [CVE-2019-8855]
163967Apple tvOS MAC Address information disclosure [CVE-2019-8854]
163966Apple watchOS MAC Address information disclosure [CVE-2019-8854]
163965Apple macOS MAC Address information disclosure [CVE-2019-8854]
163964Apple macOS Application memory corruption [CVE-2019-8852]
163963Apple macOS State Management improper authentication [CVE-2019-8851]
163962Apple watchOS Audio File out-of-bounds read [CVE-2019-8850]
163961Apple tvOS Audio File out-of-bounds read [CVE-2019-8850]
163960Apple iOS/iPadOS Audio File out-of-bounds read [CVE-2019-8850]
163959Apple macOS Audio File out-of-bounds read [CVE-2019-8850]
163958Apple iTunes Application access control [CVE-2019-8848]
163957Apple iOS/iPadOS Application access control [CVE-2019-8848]
163956Apple macOS Application access control [CVE-2019-8848]
163955Apple iCloud Application access control [CVE-2019-8848]
163954Apple watchOS Application access control [CVE-2019-8848]
163953Apple tvOS Application access control [CVE-2019-8848]
163952Apple macOS Application memory corruption [CVE-2019-8847]
163951Apple iTunes Web Contents use after free [CVE-2019-8846]
163950Apple Safari Web Contents use after free [CVE-2019-8846]
163949Apple iOS/iPadOS Web Contents use after free [CVE-2019-8846]
163948Apple iCloud Web Contents use after free [CVE-2019-8846]
163947Apple tvOS Web Contents use after free [CVE-2019-8846]
163946Apple iTunes Web Contents memory corruption [CVE-2019-8844]
163945Apple Safari Web Contents memory corruption [CVE-2019-8844]
163944Apple iOS/iPadOS Web Contents memory corruption [CVE-2019-8844]
163943Apple iCloud Web Contents memory corruption [CVE-2019-8844]
163942Apple watchOS Web Contents memory corruption [CVE-2019-8844]
163941Apple tvOS Web Contents memory corruption [CVE-2019-8844]
163940Apple macOS Print Job buffer overflow [CVE-2019-8842]
163939Apple iOS/iPadOS access control [CVE-2019-8841]
163938Apple Xcode out-of-bounds read [CVE-2019-8840]
163937Apple macOS Privileges denial of service [CVE-2019-8839]
163936Apple tvOS Application memory corruption [CVE-2019-8838]
163935Apple macOS Application memory corruption [CVE-2019-8838]
163934Apple watchOS Application memory corruption [CVE-2019-8838]
163933Apple iOS/iPadOS Application memory corruption [CVE-2019-8838]
163932Apple macOS access control [CVE-2019-8837]
163931Apple tvOS Application memory corruption [CVE-2019-8836]
163930Apple iOS/iPadOS Application memory corruption [CVE-2019-8836]
163929Apple watchOS Application memory corruption [CVE-2019-8836]
163928Apple iTunes Web Contents memory corruption [CVE-2019-8835]
163927Apple Safari Web Contents memory corruption [CVE-2019-8835]
163926Apple iOS/iPadOS Web Contents memory corruption [CVE-2019-8835]
163925Apple iCloud Web Contents memory corruption [CVE-2019-8835]
163924Apple tvOS Web Contents memory corruption [CVE-2019-8835]
163923Apple iTunes HSTS Preload access control [CVE-2019-8834]
163922Apple iOS/iPadOS HSTS Preload access control [CVE-2019-8834]
163921Apple macOS HSTS Preload access control [CVE-2019-8834]
163920Apple iCloud HSTS Preload access control [CVE-2019-8834]
163919Apple watchOS HSTS Preload access control [CVE-2019-8834]
163918Apple tvOS HSTS Preload access control [CVE-2019-8834]
163917Apple tvOS Application memory corruption [CVE-2019-8833]
163916Apple macOS Application memory corruption [CVE-2019-8833]
163915Apple watchOS Application memory corruption [CVE-2019-8833]
163914Apple iOS/iPadOS Application memory corruption [CVE-2019-8833]
163913Apple tvOS Application memory corruption [CVE-2019-8832]
163912Apple macOS Application memory corruption [CVE-2019-8832]
163911Apple watchOS Application memory corruption [CVE-2019-8832]
163910Apple iOS/iPadOS Application memory corruption [CVE-2019-8832]
163909Apple watchOS memory corruption [CVE-2019-8831]
163908Apple tvOS memory corruption [CVE-2019-8831]
163907Apple iOS/iPadOS memory corruption [CVE-2019-8831]
163906Apple macOS memory corruption [CVE-2019-8831]
163905Apple iOS/iPadOS FaceTime out-of-bounds read [CVE-2019-8830]
163904Apple macOS FaceTime out-of-bounds read [CVE-2019-8830]
163903Apple watchOS FaceTime out-of-bounds read [CVE-2019-8830]
163902Apple tvOS FaceTime out-of-bounds read [CVE-2019-8830]
163901Apple tvOS Application memory corruption [CVE-2019-8829]
163900Apple iOS/iPadOS Application memory corruption [CVE-2019-8829]
163899Apple watchOS Application memory corruption [CVE-2019-8829]
163898Apple macOS Application memory corruption [CVE-2019-8829]
163897Apple tvOS Application memory corruption [CVE-2019-8828]
163896Apple watchOS Application memory corruption [CVE-2019-8828]
163895Apple macOS Application memory corruption [CVE-2019-8828]
163894Apple iOS/iPadOS Application memory corruption [CVE-2019-8828]
163893Apple iOS/iPadOS WebKit information disclosure [CVE-2019-8827]
163892Apple tvOS WebKit information disclosure [CVE-2019-8827]
163891Apple iTunes WebKit information disclosure [CVE-2019-8827]
163890Apple Safari WebKit information disclosure [CVE-2019-8827]
163889Apple macOS State Management memory corruption [CVE-2019-8826]
163888Apple iTunes State Management memory corruption [CVE-2019-8825]
163887Apple iCloud State Management memory corruption [CVE-2019-8825]
163886Apple iOS State Management memory corruption [CVE-2019-8825]
163885Apple macOS State Management memory corruption [CVE-2019-8825]
163884Apple macOS State Management memory corruption [CVE-2019-8824]
163883Apple tvOS information disclosure [CVE-2019-8809]
163882Apple watchOS information disclosure [CVE-2019-8809]
163881Apple iOS/iPadOS information disclosure [CVE-2019-8809]
163880Apple macOS information disclosure [CVE-2019-8809]
163879Apple tvOS random values [CVE-2019-8799]
163878Apple watchOS random values [CVE-2019-8799]
163877Apple macOS random values [CVE-2019-8799]
163876Apple iOS/iPadOS random values [CVE-2019-8799]
163875Apple watchOS Airdrop access control [CVE-2019-8796]
163874Apple iOS/iPadOS Airdrop access control [CVE-2019-8796]
163873Apple macOS Airdrop access control [CVE-2019-8796]
163872Apple Swift File Descriptor information disclosure [CVE-2019-8790]
163871Apple tvOS Kernel Memory information disclosure [CVE-2019-8780]
163870Apple iOS/iPadOS Kernel Memory information disclosure [CVE-2019-8780]
163869Apple macOS Address Book information disclosure [CVE-2019-8777]
163868Appl macOS Application memory corruption [CVE-2019-8776]
163867Apple macOS iBooks File resource consumption [CVE-2019-8774]
163866Apple iOS/iPadOS iBooks File resource consumption [CVE-2019-8774]
163865Apple iTunes Web Contents memory corruption [CVE-2019-8773]
163864Apple watchOS Web Contents memory corruption [CVE-2019-8773]
163863Apple tvOS Web Contents memory corruption [CVE-2019-8773]
163862Apple iCloud Web Contents memory corruption [CVE-2019-8773]
163861Apple iOS/iPadOS Web Contents memory corruption [CVE-2019-8773]
163860Apple Safari Web Contents memory corruption [CVE-2019-8773]
163859Apple iOS iFrame Sandbox sandbox [CVE-2019-8771]
163858Apple Safari iFrame Sandbox sandbox [CVE-2019-8771]
163857Apple iTunes Web Contents cross site scripting [CVE-2019-8762]
163856Apple watchOS Web Contents cross site scripting [CVE-2019-8762]
163855Apple tvOS Web Contents cross site scripting [CVE-2019-8762]
163854Apple iCloud Web Contents cross site scripting [CVE-2019-8762]
163853Apple iOS/iPadOS Web Contents cross site scripting [CVE-2019-8762]
163852Apple Safari Web Contents cross site scripting [CVE-2019-8762]
163846Apple macOS iFrame unknown vulnerability [CVE-2019-8754]
163845Apple tvOS Web Contents cross site scripting [CVE-2019-8753]
163844Apple iOS Web Contents cross site scripting [CVE-2019-8753]
163843Apple watchOS Web Contents cross site scripting [CVE-2019-8753]
163842Apple macOS Web Contents cross site scripting [CVE-2019-8753]
163841Apple iTunes Web Contents memory corruption [CVE-2019-8752]
163840Apple watchOS Web Contents memory corruption [CVE-2019-8752]
163839Apple tvOS Web Contents memory corruption [CVE-2019-8752]
163838Apple iCloud Web Contents memory corruption [CVE-2019-8752]
163837Apple iOS/iPadOS Web Contents memory corruption [CVE-2019-8752]
163836Apple Safari Web Contents memory corruption [CVE-2019-8752]
163835Apple iTunes Web Contents memory corruption [CVE-2019-8751]
163834Apple watchOS Web Contents memory corruption [CVE-2019-8751]
163833Apple tvOS Web Contents memory corruption [CVE-2019-8751]
163832Apple iCloud Web Contents memory corruption [CVE-2019-8751]
163831Apple iOS/iPadOS Web Contents memory corruption [CVE-2019-8751]
163830Apple Safari Web Contents memory corruption [CVE-2019-8751]
163825Apple iTunes Application out-of-bounds read [CVE-2019-8746]
163824Apple watchOS Application out-of-bounds read [CVE-2019-8746]
163823Apple tvOS Application out-of-bounds read [CVE-2019-8746]
163822Apple iCloud Application out-of-bounds read [CVE-2019-8746]
163821Apple iOS Application out-of-bounds read [CVE-2019-8746]
163820Apple macOS Application out-of-bounds read [CVE-2019-8746]
163817Apple tvOS Application memory corruption [CVE-2019-8740]
163816Apple watchOS Application memory corruption [CVE-2019-8740]
163815Apple iOS/iPadOS Application memory corruption [CVE-2019-8740]
163814Apple iTunes Web Contents memory corruption [CVE-2019-8734]
163813Apple watchOS Web Contents memory corruption [CVE-2019-8734]
163812Apple tvOS Web Contents memory corruption [CVE-2019-8734]
163811Apple Safari Web Contents memory corruption [CVE-2019-8734]
163810Apple iCloud Web Contents memory corruption [CVE-2019-8734]
163809Apple iOS Web Contents memory corruption [CVE-2019-8734]
163808Apple iOS Call information disclosure [CVE-2019-8732]
163807Apple iTunes Web Contents memory corruption [CVE-2019-8728]
163806Apple tvOS Web Contents memory corruption [CVE-2019-8728]
163805Apple watchOS Web Contents memory corruption [CVE-2019-8728]
163804Apple Safari Web Contents memory corruption [CVE-2019-8728]
163803Apple iCloud Web Contents memory corruption [CVE-2019-8728]
163802Apple iOS Web Contents memory corruption [CVE-2019-8728]
163801Apple tvOS Application memory corruption [CVE-2019-8718]
163800Apple iOS Application memory corruption [CVE-2019-8718]
163799Apple watchOS Application memory corruption [CVE-2019-8718]
163797Apple tvOS Application memory corruption [CVE-2019-8712]
163796Apple iOS Application memory corruption [CVE-2019-8712]
163795Apple watchOS Application memory corruption [CVE-2019-8712]
163794Apple iOS Application memory corruption [CVE-2019-8709]
163793Apple watchOS Application memory corruption [CVE-2019-8709]
163792Apple tvOS Application memory corruption [CVE-2019-8709]
163791Apple macOS Application memory corruption [CVE-2019-8709]
163786Apple macOS buffer overflow [CVE-2019-8696]
163785Sierra macOS buffer overflow [CVE-2019-8675]
163784Apple watchOS Image denial of service [CVE-2019-8668]
163783Apple tvOS Image denial of service [CVE-2019-8668]
163782Apple iOS Image denial of service [CVE-2019-8668]
163781Apple watchOS Message denial of service [CVE-2019-8664]
163780Apple iOS Message denial of service [CVE-2019-8664]
163779Apple macOS MIME inadequate encryption [CVE-2019-8645]
163778Apple macOS SMIME Certificate certificate validation
163777Apple macOS sandbox [CVE-2019-8640]
163776Apple Safari Web Contents memory corruption [CVE-2019-8639]
163775Apple iTunes Web Contents memory corruption [CVE-2019-8639]
163774Apple iOS Web Contents memory corruption [CVE-2019-8639]
163773Apple iCloud Web Contents memory corruption [CVE-2019-8639]
163772Apple watchOS Web Contents memory corruption [CVE-2019-8639]
163771Apple Safari Web Contents memory corruption [CVE-2019-8638]
163770Apple iTunes Web Contents memory corruption [CVE-2019-8638]
163769Apple iOS Web Contents memory corruption [CVE-2019-8638]
163768Apple iCloud Web Contents memory corruption [CVE-2019-8638]
163767Apple watchOS Web Contents memory corruption [CVE-2019-8638]
163766Apple watchOS memory corruption [CVE-2019-8633]
163765Apple tvOS memory corruption [CVE-2019-8633]
163764Apple iOS memory corruption [CVE-2019-8633]
163763Apple macOS memory corruption [CVE-2019-8633]
163762Apple tvOS iMessage Conversation access control [CVE-2019-8631]
163761Apple iOS iMessage Conversation access control [CVE-2019-8631]
163760Apple macOS iMessage Conversation access control [CVE-2019-8631]
163759Apple iOS sandbox [CVE-2019-8618]
163758Apple macOS sandbox [CVE-2019-8618]
163757Apple watchOS sandbox [CVE-2019-8618]
163750Apple iOS Font File out-of-bounds read [CVE-2019-8582]
163749Apple macOS Font File out-of-bounds read [CVE-2019-8582]
163748Apple iTunes Font File out-of-bounds read [CVE-2019-8582]
163747Apple tvOS Font File out-of-bounds read [CVE-2019-8582]
163746Apple iCloud Font File out-of-bounds read [CVE-2019-8582]
163745Apple macOS input validation [CVE-2019-8579]
163744Apple watchOS denial of service [CVE-2019-8573]
163743Apple iOS denial of service [CVE-2019-8573]
163742Apple macOS denial of service [CVE-2019-8573]
163741Apple tvOS User Information information disclosure [CVE-2019-8570]
163740Apple Safari User Information information disclosure [CVE-2019-8570]
163739Apple iTunes User Information information disclosure [CVE-2019-8570]
163738Apple iCloud User Information information disclosure [CVE-2019-8570]
163737Apple iOS User Information information disclosure [CVE-2019-8570]
163736Apple macOS Driver unknown vulnerability [CVE-2019-8564]
163733Apple macOS initialization [CVE-2019-8539]
163732Apple macOS VCF File denial of service [CVE-2019-8538]
163731Apple watchOS VCF File denial of service [CVE-2019-8538]
163730Apple macOS Application memory corruption [CVE-2019-8534]
163729Apple iOS Application permission [CVE-2019-8532]
163728Apple watchOS Application permission [CVE-2019-8532]
163727Apple iOS Server Certificate certificate validation [CVE-2019-8531]
163726Apple watchOS Server Certificate certificate validation [CVE-2019-8531]
163725Apple macOS Server Certificate certificate validation [CVE-2019-8531]
163724Apple macOS Application use after free [CVE-2019-8528]
163723Apple watchOS Application use after free [CVE-2019-8528]
163722Apple iOS Application use after free [CVE-2019-8528]
163718Apple macOS Validation symlink [CVE-2019-6238]
163717Apple tvOS memory allocation [CVE-2018-4474]
163716Apple iTunes memory allocation [CVE-2018-4474]
163715Apple Safari memory allocation [CVE-2018-4474]
163714Apple watchOS memory allocation [CVE-2018-4474]
163713Apple iCloud memory allocation [CVE-2018-4474]
163712Apple iOS memory allocation [CVE-2018-4474]
163711Apple macOS Application access control [CVE-2018-4468]
163710Apple macOS memory corruption [CVE-2018-4451]
163709Apple tvOS Memory Initialization memory corruption [CVE-2018-4448]
163708Apple watchOS Memory Initialization memory corruption [CVE-2018-4448]
163707Apple iOS Memory Initialization memory corruption [CVE-2018-4448]
163706Apple macOS Memory Initialization memory corruption [CVE-2018-4448]
163705Apple iTunes User Information information disclosure [CVE-2018-4444]
163704Apple tvOS User Information information disclosure [CVE-2018-4444]
163703Apple iOS User Information information disclosure [CVE-2018-4444]
163702Apple Safarai User Information information disclosure [CVE-2018-4444]
163701Apple tvOS Configuration access control [CVE-2018-4433]
163700Apple iOS Configuration access control [CVE-2018-4433]
163699Apple watchOS Configuration access control [CVE-2018-4433]
163698Apple macOS Configuration access control [CVE-2018-4433]
163697Apple iOS Lockscreen access control [CVE-2018-4428]
163692Apple tvOS Message resource consumption [CVE-2018-4381]
163691Apple iOS Message resource consumption [CVE-2018-4381]
163690Apple iOS Entitlement information disclosure [CVE-2018-4339]
163689Apple macOS DiskArbitration permission [CVE-2018-4296]
163688NetApp Clustered Data ONTAP Intercluster LIF denial of service
163687npm-user-validate Email Validator incorrect regex [CVE-2020-7754]
163686Check Point ZoneAlarm Anti-Ransomware untrusted search path [CVE-2020-6023]
163685Check Point ZoneAlarm Anti-Ransomware permission [CVE-2020-6022]
163684Victor CMS category.php sql injection
163683IObit Malware Fighter Privileges uncontrolled search path [CVE-2020-23864]
163682Micro Focus Operation Bridge Manager/Operation Bridge Privileges access control
163681Micro Focus Operation bridge Manager improper authentication
1636801Password command-line tool/SCIM Bridge prng seed [CVE-2020-10256]
163679Pulse Secure Desktop Save information disclosure [CVE-2020-8956]
163678trim Package Regular Expression incorrect regex
163677konzept-ix publiXone RemoteFunctions Endpoint access control
163676konzept-ix publiXone appletError.jsp cross site scripting
163675konzept-ix publiXone Configuration File hard-coded key
163674konzept-ix publiXone file access [CVE-2020-27180]
163673konzept-ix publiXone User Account password recovery [CVE-2020-27179]
163672Pulse Connect Secure/Pulse Policy Secure XML External Entity server-side request forgery
163671pam_tacplus libtac RAND_pseudo_bytes random values
163670Ruckus vRioT API improper authorization
163669Ruckus API Endpoint createUser command injection
163668Facebook Hermes Javascript Interpreter out-of-bounds read [CVE-2020-1915]
163667OpenRC checkpath symlink [CVE-2018-21269]
163666Motion-Project Motion HTTP Request webu.c denial of service
163665Octopus Deploy HTTP Host Header redirect [CVE-2020-26161]
163664FireEye eMPS sort_by sql injection
163663Wiki.js Search Result cross site scripting [CVE-2020-15274]
163662git-tag-annotation-action Environment Variable os command injection
163661lookatme terminal/file_loader os command injection
163660opentmpfiles symlink [CVE-2017-18925]
163659systeminformation Curl os command injection [CVE-2020-7752]
163658HPE StoreServ Management Console improper authentication [CVE-2020-7197]
163657HPE BlueData EPIC Software Platform Kerberos Password information disclosure
163656Aruba AirWave Software Remote Code Execution [CVE-2020-7127]
163655Aruba AirWave server-side request forgery [CVE-2020-7126]
163654Aruba AirWave Privileges insufficient privileges [CVE-2020-7125]
163653Aruba AirWave access control [CVE-2020-7124]
163652ZTE eVDC Verification cross site scripting [CVE-2020-6876]
163651KDE Partition Manager fstab kpmcore_externalcommand access control
163650AntSword View Site cross site scripting [CVE-2020-25470]
163649Aruba AirWave command injection [CVE-2020-24632]
163648Aruba AirWave command injection [CVE-2020-24631]
163647AntSword System Command cross site scripting [CVE-2020-18766]
163646Arista EOS IS-IS Router Remote Privilege Escalation [CVE-2020-15897]
163645Arista CloudVision eXchange Server ControllerOob Agent denial of service
163644pathval Package resource consumption [CVE-2020-7751]
163643illumos pam_framework.c parse_user_name buffer overflow
163642YOURLS Admin Panel PHP Plugin cross site scripting [CVE-2020-27388]
163641Google Chrome Printing use after free [CVE-2020-16003]
163640Google Chrome Freetype heap-based overflow [CVE-2020-15999]
163639Google Chrome PDFium use after free [CVE-2020-16002]
163638Google Chrome Media use after free [CVE-2020-16001]
163637Google Chrome Blink out-of-bounds write [CVE-2020-16000]
163636NVIDIA GeForce Experience ShadowPlay access control [CVE-2020-5990]
163635NVIDIA GeForce Experience nvcontainer.exe access control
163634NVIDIA GeForce Experience Web Helper NodeJS Web Server uncontrolled search path
163633UCMS fopen access control
163632FruityWifi sudo access control [CVE-2020-24848]
163631FruityWifi page_config_adv.php cross-site request forgery
163630VMware Horizon Client Local Privilege information disclosure
163629VMware Horizon Server Scripting cross site scripting [CVE-2020-3997]
163628CRMEB downloadimage Interface server-side request forgery [CVE-2020-25466]
163627Eclipse Jetty temp file [CVE-2020-27216]
163626CryptoPro CSP Process Creation denial of service [CVE-2020-9361]
163625CryptoPro CSP Process Creation access control [CVE-2020-9331]
163624FRITZ!Box Protection Mechanism dns rebinding [CVE-2020-26887]
163623Belkin LINKSYS WRT160NL mini_httpd create_dir buffer overflow
163622VeriFone MX900 File Manager command injection [CVE-2019-14719]
163621VeriFone MX900 Permission svc_netcontrol access control
163620VeriFone Verix OS System Call buffer overflow [CVE-2019-14717]
163619VeriFone VerixV Shell access control [CVE-2019-14716]
163618VeriFone Pinpad Payment Terminal SBI Bootloader memory corruption
163617VeriFone MX900 Installation insufficient verification of data authenticity
163616VeriFone VerixV S1G File unknown vulnerability [CVE-2019-14712]
163615VeriFone MX900 race condition [CVE-2019-14711]
163614Comtrend AR-5387un cross site scripting [CVE-2018-8062]
163613Apple watchOS information disclosure [CVE-2020-9997]
163612Apple macOS information disclosure [CVE-2020-9997]
163611Apple watchOS path traversal [CVE-2020-9994]
163610Apple tvOS path traversal [CVE-2020-9994]
163609Apple macOS path traversal [CVE-2020-9994]
163608Apple iOS/iPadOS path traversal [CVE-2020-9994]
163607Apple macOS Application race condition [CVE-2020-9990]
163606Apple macOS Home Folder access control [CVE-2020-9986]
163605Apple watchOS USD File buffer overflow [CVE-2020-9985]
163604Apple macOS USD File buffer overflow [CVE-2020-9985]
163603Apple iOS/iPadOS USD File buffer overflow [CVE-2020-9985]
163602Apple iCloud Image out-of-bounds read [CVE-2020-9984]
163601Apple iTunes Image out-of-bounds read [CVE-2020-9984]
163600Apple watchOS Image out-of-bounds read [CVE-2020-9984]
163599Apple tvOS Image out-of-bounds read [CVE-2020-9984]
163598Apple macOS Image out-of-bounds read [CVE-2020-9984]
163597Apple iOS/iPadOS Image out-of-bounds read [CVE-2020-9984]
163596Apple watchOS Font File out-of-bounds write [CVE-2020-9980]
163595Apple tvOS Font File out-of-bounds write [CVE-2020-9980]
163594Apple macOS Font File out-of-bounds write [CVE-2020-9980]
163593Apple iOS/iPadOS Font File out-of-bounds write [CVE-2020-9980]
163592Apple tvOS USD File buffer overflow [CVE-2020-9940]
163591Apple macOS USD File buffer overflow [CVE-2020-9940]
163590Apple iOS/iPadOS USD File buffer overflow [CVE-2020-9940]
163589Apple macOS Extension access control [CVE-2020-9939]
163588Apple macOS State Management privileges assignment [CVE-2020-9935]
163587Apple macOS Kernel Memory memory corruption [CVE-2020-9929]
163586Apple macOS Application memory corruption [CVE-2020-9928]
163585Apple macOS Application memory corruption [CVE-2020-9927]
163584Apple macOS State Management denial of service [CVE-2020-9924]
163583Apple macOS Application memory corruption [CVE-2020-9921]
163582Apple watchOS Mail Server denial of service [CVE-2020-9920]
163581Apple macOS Mail Server denial of service [CVE-2020-9920]
163580Apple iOS/iPadOS Mail Server denial of service [CVE-2020-9920]
163579Apple macOS Kernel Memory out-of-bounds read [CVE-2020-9908]
163578Apple watchOS Kernel Memory memory corruption [CVE-2020-9906]
163577Apple macOS Kernel Memory memory corruption [CVE-2020-9906]
163576Apple iOS/iPadOS Kernel Memory memory corruption [CVE-2020-9906]
163575Apple tvOS buffer overflow [CVE-2020-9905]
163574Apple macOS buffer overflow [CVE-2020-9905]
163573Apple iOS/iPadOS buffer overflow [CVE-2020-9905]
163572Apple watchOS Application memory corruption [CVE-2020-9904]
163571Apple tvOS Application memory corruption [CVE-2020-9904]
163570Apple macOS Application memory corruption [CVE-2020-9904]
163569Apple iOS/iPadOS Application memory corruption [CVE-2020-9904]
163568Apple watchOS Kernel Memory out-of-bounds read [CVE-2020-9902]
163567Apple tvOS Kernel Memory out-of-bounds read [CVE-2020-9902]
163566Apple macOS Kernel Memory out-of-bounds read [CVE-2020-9902]
163565Apple iOS/iPadOS Kernel Memory out-of-bounds read [CVE-2020-9902]
163564Apple tvOS Path Validation symlink [CVE-2020-9901]
163563Apple macOS Path Validation symlink [CVE-2020-9901]
163562Apple iOS/iPadOS Path Validation symlink [CVE-2020-9901]
163561Apple watchOS Path Validation symlink [CVE-2020-9900]
163560Apple tvOS Path Validation symlink [CVE-2020-9900]
163559Apple macOS Path Validation symlink [CVE-2020-9900]
163558Apple iOS/iPadOS Path Validation symlink [CVE-2020-9900]
163557Apple macOS Application memory corruption [CVE-2020-9899]
163556Apple macOS Restrictions sandbox [CVE-2020-9898]
163555Apple iOS/iPadOS Restrictions sandbox [CVE-2020-9898]
163554Apple watchOS Application memory corruption [CVE-2020-9892]
163553Apple tvOS Application memory corruption [CVE-2020-9892]
163552Apple macOS Application memory corruption [CVE-2020-9892]
163551Apple iOS/iPadOS Application memory corruption [CVE-2020-9892]
163550Apple macOS JPEG Image memory corruption [CVE-2020-9887]
163549Apple iCloud Image buffer overflow [CVE-2020-9883]
163548Apple iTunes Image buffer overflow [CVE-2020-9883]
163547Apple watchOS Image buffer overflow [CVE-2020-9883]
163546Apple tvOS Image buffer overflow [CVE-2020-9883]
163545Apple macOS Image buffer overflow [CVE-2020-9883]
163544Apple iOS/iPadOS Image buffer overflow [CVE-2020-9883]
163543Apple watchOS USD File buffer overflow [CVE-2020-9882]
163542Apple macOS USD File buffer overflow [CVE-2020-9882]
163541Apple iOS/iPadOS USD File buffer overflow [CVE-2020-9882]
163540Apple watchOS USD File buffer overflow [CVE-2020-9881]
163539Apple macOS USD File buffer overflow [CVE-2020-9881]
163538Apple iOS/iPadOS USD File buffer overflow [CVE-2020-9881]
163537Apple watchOS USD File buffer overflow [CVE-2020-9880]
163536Apple tvOS USD File buffer overflow [CVE-2020-9880]
163535Apple macOS USD File buffer overflow [CVE-2020-9880]
163534Apple iOS/iPadOS USD File buffer overflow [CVE-2020-9880]
163533Apple macOS Application memory corruption [CVE-2020-9869]
163532Apple watchOS Certificate Validation certificate validation [CVE-2020-9868]
163531Apple tvOS Certificate Validation certificate validation [CVE-2020-9868]
163530Apple macOS Certificate Validation certificate validation [CVE-2020-9868]
163529Apple iOS/iPadOS Certificate Validation certificate validation
163528Apple watchOS uninitialized pointer [CVE-2020-9863]
163527Apple tvOS uninitialized pointer [CVE-2020-9863]
163526Apple macOS uninitialized pointer [CVE-2020-9863]
163525Apple iOS/iPadOS uninitialized pointer [CVE-2020-9863]
163524Apple tvOS Application unknown vulnerability [CVE-2020-9854]
163523Apple macOS Application unknown vulnerability [CVE-2020-9854]
163522Apple iOS/iPadOS Application unknown vulnerability [CVE-2020-9854]
163521Apple macOS Kernel Memory memory corruption [CVE-2020-9853]
163520Apple macOS Restrictions improper authentication [CVE-2020-9810]
163519Apple macOS Application race condition [CVE-2020-9796]
163518Apple watchOS Restrictions denial of service [CVE-2020-9787]
163517Apple tvOS Restrictions denial of service [CVE-2020-9787]
163516Apple macOS Restrictions denial of service [CVE-2020-9787]
163515Apple iOS/iPadOS Restrictions denial of service [CVE-2020-9787]
163514Apple macOS Kernel Memory out-of-bounds read [CVE-2020-9779]
163513Vmware Velero Volume information disclosure [CVE-2020-3996]
163512Apple watchOS User Information sandbox [CVE-2020-3918]
163511Apple tvOS User Information sandbox [CVE-2020-3918]
163510Apple macOS User Information sandbox [CVE-2020-3918]
163509Apple iOS/iPadOS User Information sandbox [CVE-2020-3918]
163508Apple macOS Application unknown vulnerability [CVE-2020-3915]
163507Apple macOS Application memory corruption [CVE-2020-3898]
163506Linux Kernel events_base.c use after free
163505Xen TLB Entry memory corruption [CVE-2020-27674]
163504Linux Kernel dom0 Event denial of service [CVE-2020-27673]
163503Xen Superpage use after free [CVE-2020-27672]
163502Xen IOMMU TLB Flush denial of service [CVE-2020-27671]
163501Xen AMD IOMMU Page-Table Entry denial of service [CVE-2020-27670]
163500Strapi WYSIWYG Editor Preview cross site scripting [CVE-2020-27666]
163499Strapi content-type-builder Route hasPermissions permission
163498Strapi index.js unknown vulnerability [CVE-2020-27664]
163497LeviStudioU Parameter xml external entity reference [CVE-2020-25186]
163496Eyoucms login.php cross-site request forgery
163495Tiki Admin Password tiki-login.php improper authentication
163494parse-server Session Token operation after expiration [CVE-2020-15270]
163493GitLab Runner Runner Configuration unknown vulnerability [CVE-2020-13327]
163492Micro Focus Manager Remote Privilege Escalation [CVE-2020-11853]
163491fabric8-maven-plugin wildfly-swarm/Thorntail Custom Configuration deserialization
163490Mozilla Network Security Services Certificate Sequence denial of service
163489Mozilla Network Security Services buffer overflow [CVE-2019-17006]
163488Microchip CryptoAuthentication Library CryptoAuthLib buffer overflow
163487Microchip CryptoAuthentication Library CryptoAuthLib buffer overflow
163486Atmel Advanced Software Framework integer overflow [CVE-2019-16127]
163485Mozilla Network Security Services Signature denial of service
163484Elasticsearch Field Level Security permission [CVE-2020-7020]
163483Biscom Secure File Transfer insufficiently protected credentials
163482ImageMagick layer.c OptimizeLayerFrames divide by zero
163481DedeCMS cross site scripting [CVE-2020-27533]
163480Hashicorp Nomad/Nomad Enterprise sandbox [CVE-2020-27195]
163479Octopus Deploy Websocket Endpoint unknown vulnerability [CVE-2020-27155]
163478AtomXCMS dump.php path traversal
163477AtomXCMS dump.php access control S3900 24T4S access control [CVE-2020-24033]
163475Adobe Animate FLA File out-of-bounds read [CVE-2020-9750]
163474Adobe Animate FLA File out-of-bounds read [CVE-2020-9749]
163473Adobe Animate FLA File stack-based overflow [CVE-2020-9748]
163472Adobe Animate FLA File double free [CVE-2020-9747]
163471Cisco ASA Web-based Management Interface cross site scripting
163470Cisco ASA/Firepower Threat Defense TLS Connection information exposure
163469Cisco ASA/Firepower Threat Defense Web Services Interface cross site scripting
163468Cisco ASA/Firepower Threat Defense Web Services Interface cross site scripting
163467Cisco ASA/Firepower Threat Defense Web Services Interface cross site scripting
163466Cisco ASA/Firepower Threat Defense Web Services Interface cross site scripting
163465Cisco ASA/Firepower Threat Defense Web Services Interface authorization
163464Cisco Firepower Threat Defense denial of service [CVE-2020-3577]
163463Cisco ASA/Firepower Threat Defense TLS Connection resource consumption
163462Cisco Firepower Threat Defense ICMPv6 Packet resource consumption
163461Cisco Firepower Threat Defense TCP Interception access control
163460Cisco ASA/Firepower Threat Defense FTP Inspection Engine access control
163459Cisco Firepower Threat Defense TCP Packet denial of service [CVE-2020-3563]
163458Cisco Firepower Threat Defense TLS inspection memory corruption
163457Cisco ASA/Firepower Threat Defense Clientless SSL VPN crlf injection
163456Cisco FirePOWER Management Center Web-based Management Interface redirect
163455Cisco FirePOWER Management Center API Daemon certificate validation
163454Cisco ASA/Firepower Threat Defense SIP Inspection denial of service
163453Cisco ASA/Firepower Threat Defense TCP Packet resource consumption
163452Cisco FirePOWER Management Center Web-based Management Interface cross site scripting
163451Cisco FirePOWER Management Center sfmgr Daemon path traversal
163450Cisco FirePOWER Management Center sftunnel inadequate encryption
163449Cisco Firepower Threat Defense SNMP resource consumption [CVE-2020-3533]
163448Cisco ASA/Firepower Threat Defense SSL VPN Negotiation resource consumption
163447Cisco ASA/Firepower Threat Defense OSPFv2 Packet denial of service
163446Cisco FirePOWER Management Center Web-based Management Interface cross site scripting
163445Cisco Firepower Threat Defense Multi-Instance sandbox [CVE-2020-3514]
163444Cisco FirePOWER Management Center Licensing Service resource management
163443Cisco FXOS CLI os command injection [CVE-2020-3459]
163442Cisco ASA/Firepower Threat Defense Secure Boot protection mechanism
163441Cisco FXOS CLI os command injection [CVE-2020-3457]
163440Cisco FXOS Firepower Chassis Manager cross-site request forgery
163439Cisco FXOS Secure Boot protection mechanism [CVE-2020-3455]
163438Cisco ASA/Firepower Threat Defense Web Services Interface unrestricted upload
163437Cisco FirePOWER Management Center Common Access Card Authentication improper authentication
163436Cisco ASA/Firepower Threat Defense IP Fragment Reassembly resource consumption
163435Cisco Firepower Threat Defense CLI backdoor [CVE-2020-3352]
163434Cisco ASA/Firepower Threat Defense SSL Inspection denial of service
163433Cisco ASA/Firepower Threat Defense HTTP Request resource consumption
163432Cisco Integrated Services Router Snort Detection Engine protection mechanism
163431BigBlueButton Greenlight Merge Account admins.js cross site scripting
163430fastd receive.c denial of service
163429FileImporter Extension unknown vulnerability [CVE-2020-27621]
163428Cosmos Skin rawElement cross site scripting
163427Python HTTP eval unknown vulnerability
163426Loginizer SQL Injection lz_valid_ip sql injection
163425cm-download-manager cross site scripting [CVE-2020-27344]
163424Adobe Dreamweaver uncontrolled search path [CVE-2020-24425]
163423Adobe Premiere Pro uncontrolled search path [CVE-2020-24424]
163422Adobe Media Encoder uncontrolled search path [CVE-2020-24423]
163421Adobe Creative Cloud Desktop Application uncontrolled search path
163420Adobe InDesign indd File memory corruption [CVE-2020-24421]
163419Adobe Photoshop uncontrolled search path [CVE-2020-24420]
163418Adobe After Effects uncontrolled search path [CVE-2020-24419]
163417Adobe After Effects aepx File out-of-bounds read
163416WSO2 API Manager publisher cross site scripting [CVE-2020-17454]
163415Ghisler Total Commander Access Restriction TOTALCMD64.EXE access control
163414Arista EOS DHCP Packet denial of service [CVE-2020-17355]
163413TensorFlow Large Value tf.image.crop_and_resize memory corruption
163412TensorFlow Dimensions tf.quantization.quantize_and_dequantize out-of-bounds read
163411magento-lts Gem Product Attribute injection [CVE-2020-15244]
163410omniauth-auth0 Gem JWT Token Signature Validation jwt_validator.verify improper authentication
163409Apache Hadoop Web Endpoint Authentication improper authentication
163408scratch-svg-renderer SVG _transformMeasurements cross site scripting
163407Fortinet FortiOS Command Line Interface information disclosure
163406Simple Download Monitor URL sql injection [CVE-2020-5651]
163405Simple Download Monitor Scripting cross site scripting [CVE-2020-5650]
163404BigBlueButton FreeSWITCH hard-coded key [CVE-2020-27613]
163403BigBlueButton Username information disclosure [CVE-2020-27612]
163402BigBlueButton STUN/TURN risky encryption [CVE-2020-27611]
163401BigBlueButton Firewall Configuration access control [CVE-2020-27610]
163400BigBlueButton Interface information disclosure [CVE-2020-27609]
163399BigBlueButton Content-Type Header cross site scripting [CVE-2020-27608]
163398BigBlueButton Mute information disclosure [CVE-2020-27607]
163397BigBlueButton Session Cookie missing secure attribute [CVE-2020-27606]
163396BigBlueButton Ghostscript sandbox [CVE-2020-27605]
163395BigBlueButton LibreOffice Sandbox sandbox
163394BigBlueButton LibreOffice Document unknown vulnerability [CVE-2020-27603]
163393BigBlueButton Office Document server-side request forgery [CVE-2020-25820]
163392Acronis True Image ACL permission assignment
163391Acronis True Image OpenSSL openssl.cnf access control
163390Acronis Cyber Backup/Cyber Protect OpenSSL openssl.cnf access control
163389Mozilla Firefox External Protocol memory corruption [CVE-2020-15684]
163388Mozilla Firefox External Protocol improper restriction of rendered ui layers
163387Mozilla Firefox WASM Thread denial of service [CVE-2020-15681]
163386Mozilla Firefox Image Tag information disclosure [CVE-2020-15680]
163385Mozilla Firefox Crossbeam Rust Crate from_iter memory corruption
163384Mozilla Firefox usersctp use after free [CVE-2020-15969]
163383Mozilla Firefox/Firefox ESR memory corruption [CVE-2020-15683]
163382Mozilla Firefox ESR usersctp use after free [CVE-2020-15969]
163381Oracle VM VirtualBox denial of service [CVE-2020-14892]
163380Oracle VM VirtualBox information disclosure [CVE-2020-14889]
163379Oracle VM VirtualBox information disclosure [CVE-2020-14886]
163378Oracle VM VirtualBox information disclosure [CVE-2020-14885]
163377Oracle VM VirtualBox information disclosure [CVE-2020-14884]
163376Oracle VM VirtualBox information disclosure [CVE-2020-14881]
163375Oracle VM VirtualBox Local Privilege Escalation [CVE-2020-14872]
163374Oracle Utilities Framework Common information disclosure [CVE-2020-9488]
163373Oracle Utilities Framework System Wide unknown vulnerability
163372Oracle Utilities Framework General information disclosure [CVE-2020-1945]
163371Oracle Utilities Framework General xml external entity reference
163370Oracle Utilities Framework Common deserialization [CVE-2019-10173]
163369Oracle Solaris Kernel unknown vulnerability [CVE-2020-14759]
163368Oracle Solaris Utility unknown vulnerability [CVE-2020-14818]
163367Oracle Solaris Filesystem denial of service [CVE-2020-14754]
163366Oracle Solaris Kernel unknown vulnerability [CVE-2020-14758]
163365Oracle Fujitsu M12-1/Fujitsu M12-2/Fujitsu M12-2S XCP Firmware information disclosure
163364Oracle Fujitsu M10-1 XCP Firmware denial of service [CVE-2019-11477]
163363Oracle ZFS Storage Appliance Kit Operating System Image buffer overflow
163362Oracle Solaris Pluggable authentication module parse_user_name stack-based overflow
163361Oracle Agile Product Lifecycle Management for Process Supplier Portal cross site scripting
163360Oracle Transportation Management Install deserialization [CVE-2020-9484]
163359Oracle Agile PLM Security xml external entity reference [CVE-2020-10683]
163358Oracle Agile PLM Folders/Files / Attachments input validation
163357Oracle Siebel UI Framework UIF Open UI cross site scripting [CVE-2020-11022]
163356Oracle Siebel Apps - Marketing Mktg/Campaign Mgmt denial of service
163355Oracle Siebel Apps - Marketing Mktg/Email Mktg Stand-Alone access control
163354Oracle Retail Customer Management and Segmentation Foundation Segment information disclosure
163353Oracle Retail Customer Management and Segmentation Foundation Promotions information disclosure
163352Oracle Retail Predictive Application Server RPAS Fusion Client information disclosure
163351Oracle Retail Order Broker Store Connect information disclosure
163350Oracle Retail Integration Bus RIB Kernal information disclosure
163349Oracle Retail Bulk Data Integration BDI Job Scheduler information disclosure
163348Oracle Retail Assortment Planning Application Core information disclosure
163347Oracle Retail Advanced Inventory Planning AIP Dashboard information disclosure
163346Oracle Retail Order Broker Store Connect information disclosure
163345Oracle Retail Returns Management Security cross site scripting
163344Oracle Retail Point-of-Service Mobile POS cross site scripting
163343Oracle Retail Customer Management and Segmentation Foundation Segments cross site scripting
163342Oracle Retail Central Office Security cross site scripting [CVE-2020-11022]
163341Oracle Retail Back Office Security cross site scripting [CVE-2020-11022]
163340Oracle Retail Xstore Point of Service Xenvironment information disclosure
163339Oracle Retail Service Backbone RSB kernel information disclosure
163338Oracle Retail Predictive Application Server RPAS Server information disclosure
163337Oracle Retail Integration Bus RIB Kernal information disclosure
163336Oracle Retail Assortment Planning Application Core information disclosure
163335Oracle Retail Order Broker Order Broker Foundation injection
163334Oracle Retail Returns Management Security information disclosure
163333Oracle Retail Point-of-Service Security information disclosure
163332Oracle Retail Integration Bus RIB Kernal information disclosure
163331Oracle Retail Central Office Security information disclosure
163330Oracle Retail Back Office Security information disclosure [CVE-2020-1945]
163329Oracle Retail Service Backbone RSB kernel deserialization [CVE-2020-9546]
163328Oracle Retail Price Management Security xml external entity reference
163327Oracle Retail Order Broker System Administration xml external entity reference
163326Oracle Policy Automation for Mobile Devices information disclosure
163325Oracle Policy Automation Connector for Siebel information disclosure
163324Oracle Policy Automation information disclosure [CVE-2020-9488]
163323Oracle Policy Automation for Mobile Devices cross site scripting
163322Oracle Policy Automation Connector for Siebel cross site scripting
163321Oracle Policy Automation cross site scripting [CVE-2020-11022]
163320Oracle PeopleSoft Enterprise PeopleTools Query information disclosure
163319Oracle PeopleSoft Enterprise PeopleTools Updates Environment Mgmt information disclosure
163318Oracle PeopleSoft Enterprise PeopleTools Tools Admin API information disclosure
163317Oracle PeopleSoft Enterprise PeopleTools Query information disclosure
163316Oracle PeopleSoft Enterprise PeopleTools Elastic Search information disclosure
163315Oracle PeopleSoft Enterprise PeopleTools Portal/Charting cross site scripting
163314Oracle PeopleSoft Enterprise PeopleTools PIA Grids unknown vulnerability
163313Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology cross site scripting
163312Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology unknown vulnerability
163311Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology unknown vulnerability
163310Oracle PeopleSoft Enterprise PeopleTools Integration Broker unknown vulnerability
163309Oracle PeopleSoft Enterprise HCM Global Payroll Core Security Remote Privilege Escalation
163308Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology information disclosure
163307Oracle PeopleSoft Enterprise SCM eSupplier Connection unknown vulnerability
163306Oracle PeopleSoft Enterprise PeopleTools Weblogic out-of-bounds read
163305Oracle MySQL Server LDAP Auth denial of service [CVE-2020-14771]
163304Oracle MySQL Server InnoDB denial of service [CVE-2020-14791]
163303Oracle MySQL Server Roles unknown vulnerability [CVE-2020-14860]
163302Oracle MySQL Server Privileges information disclosure [CVE-2020-14838]
163301Oracle MySQL Server Logging denial of service [CVE-2020-14873]
163300Oracle MySQL Server DDL denial of service [CVE-2020-14867]
163299Oracle MySQL Cluster NDBCluster Plugin unknown vulnerability
163298Oracle MySQL Server X Plugin denial of service [CVE-2020-14870]
163297Oracle MySQL Server Stored Procedure denial of service [CVE-2020-14672]
163296Oracle MySQL Server LDAP Auth denial of service [CVE-2020-14869]
163295Oracle MySQL Server Encryption denial of service [CVE-2020-14799]
163294Oracle MySQL Server PS denial of service [CVE-2020-14844]
163293Oracle MySQL Server PS denial of service [CVE-2020-14790]
163292Oracle MySQL Server PS denial of service [CVE-2020-14786]
163291Oracle MySQL Server Optimizer denial of service [CVE-2020-14893]
163290Oracle MySQL Server Optimizer denial of service [CVE-2020-14891]
163289Oracle MySQL Server Optimizer denial of service [CVE-2020-14888]
163288Oracle MySQL Server Optimizer denial of service [CVE-2020-14868]
163287Oracle MySQL Server Optimizer denial of service [CVE-2020-14866]
163286Oracle MySQL Server Optimizer denial of service [CVE-2020-14861]
163285Oracle MySQL Server Optimizer denial of service [CVE-2020-14845]
163284Oracle MySQL Server Optimizer denial of service [CVE-2020-14839]
163283Oracle MySQL Server Optimizer denial of service [CVE-2020-14837]
163282Oracle MySQL Server Optimizer denial of service [CVE-2020-14809]
163281Oracle MySQL Server Optimizer denial of service [CVE-2020-14794]
163280Oracle MySQL Server Optimizer denial of service [CVE-2020-14793]
163279Oracle MySQL Server Optimizer denial of service [CVE-2020-14785]
163278Oracle MySQL Server Optimizer denial of service [CVE-2020-14777]
163277Oracle MySQL Server Optimizer denial of service [CVE-2020-14773]
163276Oracle MySQL Server Locking denial of service [CVE-2020-14812]
163275Oracle MySQL Server FTS denial of service [CVE-2020-14804]
163274Oracle MySQL Server FTS denial of service [CVE-2020-14789]
163273Oracle MySQL Server DML denial of service [CVE-2020-14814]
163272Oracle MySQL Server Charsets denial of service [CVE-2020-14852]
163271Oracle MySQL Server InnoDB denial of service [CVE-2020-14848]
163270Oracle MySQL Server InnoDB denial of service [CVE-2020-14829]
163269Oracle MySQL Server InnoDB denial of service [CVE-2020-14821]
163268Oracle MySQL Server InnoDB denial of service [CVE-2020-14776]
163267Oracle MySQL Workbench denial of service [CVE-2020-1730]
163266Oracle MySQL Server Optimizer unknown vulnerability [CVE-2020-14760]
163265Oracle MySQL Server LDAP Auth information disclosure [CVE-2020-14827]
163264Oracle MySQL Server Encryption denial of service [CVE-2020-14800]
163263Oracle MySQL Server Optimizer denial of service [CVE-2020-14846]
163262Oracle MySQL Server Optimizer denial of service [CVE-2020-14836]
163261Oracle MySQL Server Optimizer denial of service [CVE-2020-14830]
163260Oracle MySQL Server Optimizer denial of service [CVE-2020-14769]
163259Oracle MySQL Server FTS denial of service [CVE-2020-14765]
163258Oracle MySQL Server InnoDB denial of service [CVE-2020-14775]
163257Oracle MySQL Server DML Remote Privilege Escalation [CVE-2020-14828]
163256Oracle MySQL Workbench Workbench: Encryption denial of service
163255Oracle MySQL Enterprise Monitor Monitoring: General denial of service
163254Oracle MySQL Server LDAP Auth unknown vulnerability [CVE-2020-14878]
163253Oracle MySQL Cluster JS module memory corruption [CVE-2020-8174]
163252Oracle Java SE Libraries unknown vulnerability [CVE-2020-14798]
163251Oracle Java SE Libraries information disclosure [CVE-2020-14796]
163250Oracle Java SE Serialization denial of service [CVE-2020-14779]
163249Oracle Java SE Libraries unknown vulnerability [CVE-2020-14797]
163248Oracle Java SE Libraries unknown vulnerability [CVE-2020-14782]
163247Oracle Java SE JNDI information disclosure [CVE-2020-14781]
163246Oracle Java SE Hotspot unknown vulnerability [CVE-2020-14792]
163245Oracle Java SE Libraries information disclosure [CVE-2020-14803]
163244Oracle Insurance Rules Palette Architecture information disclosure
163243Oracle Insurance Policy Administration J2EE Architecture information disclosure
163242Oracle Insurance Insbridge Rating and Underwriting Framework Administrator IBFA information disclosure
163241Oracle Insurance Insbridge Rating and Underwriting Framework Administrator IBFA cross site scripting
163240Oracle Insurance Policy Administration J2EE Admin Console code download
163239Oracle Insurance Policy Administration J2EE Architecture deserialization
163238Oracle Hyperion BI+ IQR-Foundation service information disclosure
163237Oracle Hyperion Planning Application Development Framework unknown vulnerability
163236Oracle Hyperion Lifecycle Management Shared Services unknown vulnerability
163235Oracle Hyperion Lifecycle Management Shared Services unknown vulnerability
163234Oracle Hyperion BI+ IQR-Foundation service information disclosure
163233Oracle Hyperion Analytic Provider Services Smart View Provider unknown vulnerability
163232Oracle Hyperion Essbase Security/Provisioning information disclosure
163231Oracle Hyperion Infrastructure Technology UI/Visualization unknown vulnerability
163230Oracle Hyperion Essbase Security/Provisioning buffer overflow
163229Oracle Hospitality Suite8 WebConnect unknown vulnerability [CVE-2020-14810]
163228Oracle Hospitality OPERA 5 Property Services Logging unknown vulnerability
163227Oracle Hospitality OPERA 5 Property Services Logging Remote Privilege Escalation
163226Oracle Hospitality Guest Access Base deserialization [CVE-2020-9484]
163225Oracle Hospitality Suite8 WebConnect unknown vulnerability [CVE-2020-14807]
163224Oracle Hospitality Guest Access Base operation after expiration
163223Oracle Healthcare Foundation Admin Console cross site scripting
163222Oracle Healthcare Data Repository Database Module Remote Code Execution
163221Oracle Health Sciences Empirica Signal User Interface xml external entity reference
163220Oracle Healthcare Foundation Self Service Analytics input validation
163219Oracle GraalVM Enterprise Edition Java information disclosure
163218Oracle WebLogic Server information disclosure [CVE-2020-9488]
163217Oracle Outside In Technology Installation unknown vulnerability
163216Oracle Business Process Management Suite Document Service denial of service
163215Oracle WebLogic Server Console cross site scripting [CVE-2020-11022]
163214Oracle WebCenter Portal Blogs/Wikis cross site scripting [CVE-2020-9281]
163213Oracle JDeveloper ADF Faces cross site scripting [CVE-2020-11022]
163212Oracle Business Process Management Suite Runtime Engine unknown vulnerability
163211Oracle Business Process Management Suite Runtime Engine cross site scripting
163210Oracle BI Publisher BI Publisher Security cross site scripting
163209Oracle Business Process Management Suite Runtime Engine information disclosure
163208Oracle Outside In Technology Installation use after free [CVE-2020-15389]
163207Oracle WebLogic Server Web Services unknown vulnerability [CVE-2020-14757]
163206Oracle Managed File Transfer MFT Runtime Server deserialization
163205Oracle Business Intelligence Enterprise Edition Analytics Web Administration unknown vulnerability
163204Oracle Business Intelligence Enterprise Edition Analytics Actions Remote Code Execution
163203Oracle BI Publisher BI Publisher Security unknown vulnerability
163202Oracle WebLogic Server Console Remote Privilege Escalation [CVE-2020-14883]
163201Oracle HTTP Server null pointer dereference [CVE-2019-10097]
163200Oracle WebLogic Server information disclosure [CVE-2020-14820]
163199Oracle HTTP Server SSL Module denial of service [CVE-2020-1967]
163198Oracle Business Intelligence Enterprise Edition Installation information disclosure
163197Oracle Management Pack for GoldenGate Monitor denial of service
163196Oracle Data Integrator Jave APIs data processing [CVE-2016-2510]
163195Oracle Business Intelligence Enterprise Edition Analytics Actions unknown vulnerability
163194Oracle BI Publisher Mobile Service unknown vulnerability [CVE-2020-14784]
163193Oracle BI Publisher BI Publisher Security unknown vulnerability
163192Oracle BI Publisher E-Business Suite - XDO unknown vulnerability
163191Oracle BI Publisher E-Business Suite - XDO unknown vulnerability
163190Oracle WebLogic Server Remote Code Execution [CVE-2020-14859]
163189Oracle WebLogic Server Remote Code Execution [CVE-2020-14825]
163188Oracle WebLogic Server Remote Code Execution [CVE-2020-14841]
163187Oracle WebLogic Server Console Remote Code Execution [CVE-2020-14882]
163186Oracle WebLogic Server Centralized Thirdparty Jars deserialization
163185Oracle WebCenter Portal Security Framework deserialization [CVE-2019-10173]
163184Oracle WebCenter Portal Security Framework Remote Code Execution
163183Oracle WebCenter Portal Portlet Services xml external entity reference
163182Oracle HTTP Server Web Listener buffer overflow [CVE-2019-5482]
163181Oracle GoldenGate Application Adapters Security Service out-of-bounds read
163180Oracle GoldenGate Application Adapters Build Request deserialization
163179Oracle GoldenGate Application Adapters deserialization [CVE-2018-8088]
163178Oracle Enterprise Repository Security Subsystem - 12c Remote Code Execution
163177Oracle Endeca Information Discovery Studio Endeca Server deserialization
163176Oracle Endeca Information Discovery Integrator Integrator ETL xml external entity reference
163175Oracle Data Integrator Install/config/upgrade input validation
163174Oracle Access Manager Web Server Plugin out-of-bounds read [CVE-2018-11058]
163173Oracle Identity Manager Connector General/Misc deserialization
163172Oracle Hospitality RES 3700 CAL information disclosure [CVE-2020-14783]
163171Oracle Hospitality Reporting and Analytics Installation information disclosure
163170Oracle Hospitality Simphony Simphony Apps cross site scripting
163169Oracle Hospitality Materials Control Mobile Authorization cross site scripting
163168Oracle FLEXCUBE Private Banking information disclosure [CVE-2020-9488]
163167Oracle FLEXCUBE Core Banking information disclosure [CVE-2020-9488]
163166Oracle Financial Services Retail Customer Analytics User Interface information disclosure
163165Oracle Financial Services Price Creation and Discovery User Interface information disclosure
163164Oracle Financial Services Market Risk Measurement and Management Infrastructure information disclosure
163163Oracle Financial Services Institutional Performance Analytics User Interface information disclosure
163162Oracle Financial Services Analytical Applications Infrastructure information disclosure
163161Oracle FLEXCUBE Core Banking information disclosure [CVE-2019-10247]
163160Oracle FLEXCUBE Private Banking denial of service [CVE-2020-1951]
163159Oracle Insurance Data Foundation Infrastructure cross site scripting
163158Oracle Insurance Allocation Manager for Enterprise Profitability User Interface cross site scripting
163157Oracle Insurance Accounting Analyzer IFRS17 cross site scripting
163156Oracle FLEXCUBE Private Banking cross site scripting [CVE-2020-1941]
163155Oracle Financial Services Regulatory Reporting for US Federal Reserve User Interface cross site scripting
163154Oracle Financial Services Regulatory Reporting for European Banking Authority User Interface cross site scripting
163153Oracle Financial Services Profitability Management User Interface cross site scripting
163152Oracle Financial Services Price Creation and Discovery User Interface cross site scripting
163151Oracle Financial Services Market Risk Measurement and Management Infrastructure cross site scripting
163150Oracle Financial Services Loan Loss Forecasting and Provisioning User Interface cross site scripting
163149Oracle Financial Services Liquidity Risk Measurement and Management User Interface cross site scripting
163148Oracle Financial Services Liquidity Risk Management User Interface cross site scripting
163147Oracle Financial Services Institutional Performance Analytics User Interface cross site scripting
163146Oracle Financial Services Hedge Management and IFRS Valuations User Interface cross site scripting
163145Oracle Financial Services Funds Transfer Pricing User Interface cross site scripting
163144Oracle Financial Services Data Integration Hub User Interface cross site scripting
163143Oracle Financial Services Data Governance for US Regulatory Reporting User Interface cross site scripting
163142Oracle Financial Services Data Foundation Infrastructure cross site scripting
163141Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach User Interface cross site scripting
163140Oracle Financial Services Basel Regulatory Capital Basic User Interface cross site scripting
163139Oracle Financial Services Balance Sheet Planning User Interface cross site scripting
163138Oracle Financial Services Asset Liability Management User Interface cross site scripting
163137Oracle Financial Services Analytical Applications Reconciliation Framework User Interface cross site scripting
163136Oracle Financial Services Analytical Applications Infrastructure cross site scripting
163135Oracle Banking Digital Experience Framework cross site scripting
163134Oracle FLEXCUBE Universal Banking Infrastructure information disclosure
163133Oracle FLEXCUBE Direct Banking Pre Login information disclosure
163132Oracle FLEXCUBE Direct Banking Pre Login information disclosure
163131Oracle Banking Payments information disclosure [CVE-2020-14896]
163130Oracle Banking Corporate Lending information disclosure [CVE-2020-14894]
163129Oracle FLEXCUBE Private Banking code download [CVE-2020-5398]
163128Oracle Financial Services Regulatory Reporting with AgileREPORTER code download
163127Oracle Banking Digital Experience Framework deserialization [CVE-2020-14195]
163126Oracle Financial Services Analytical Applications Infrastructure denial of service
163125Oracle FLEXCUBE Private Banking deserialization [CVE-2020-11973]
163124Oracle Financial Services Retail Customer Analytics User Interface deserialization
163123Oracle Financial Services Regulatory Reporting with AgileREPORTER deserialization
163122Oracle Financial Services Price Creation and Discovery User Interface deserialization
163121Oracle Financial Services Institutional Performance Analytics User Interface deserialization
163120Oracle Financial Services Analytical Applications Infrastructure deserialization
163119Oracle Financial Services Analytical Applications Infrastructure xml external entity reference
163118Oracle Banking Platform Collections deserialization [CVE-2019-10173]
163117Oracle Banking Platform Collections xml external entity reference
163116Oracle Banking Platform Collections cross site scripting [CVE-2019-17495]
163115Oracle Enterprise Manager for Peoplesoft PSEM Plugin information disclosure
163114Oracle Enterprise Manager Base Platform Connector Framework information disclosure
163113Oracle Enterprise Manager Ops Center Reports in Ops Center cross site scripting
163112Oracle Enterprise Manager Base Platform Event Management unknown vulnerability
163111Oracle Application Performance Management (APM) Comp Management/Life Cycle Management information disclosure
163110Oracle Application Testing Suite Load Testing for Web Apps code download
163109Oracle Enterprise Manager for Storage Management Privilege Management denial of service
163108Oracle Enterprise Manager Base Platform Connector Framework code download
163107Oracle Application Testing Suite Load Testing for Web Apps operation after expiration
163106Oracle Application Testing Suite Load Testing for Web Apps out-of-bounds read
163105Oracle Enterprise Manager Ops Center Agent Provisioning xml external entity reference
163104Oracle Installed Base APIs unknown vulnerability [CVE-2020-14822]
163103Oracle Applications Framework Popup windows unknown vulnerability
163102Oracle Application Object Library Diagnostics unknown vulnerability
163101Oracle Applications Manager SQL Extensions information disclosure
163100Oracle Applications Manager AMP EBS Integration information disclosure
163099Oracle CRM Technical Foundation Preferences unknown vulnerability
163098Oracle Applications Manager Oracle Diagnostics Interfaces unknown vulnerability
163097Oracle CRM Technical Foundation Preferences denial of service
163096Oracle Trade Management User Interface unknown vulnerability
163095Oracle Trade Management User Interface unknown vulnerability
163094Oracle Trade Management User Interface unknown vulnerability
163093Oracle Trade Management User Interface unknown vulnerability
163092Oracle Trade Management User Interface unknown vulnerability
163091Oracle Trade Management User Interface unknown vulnerability
163090Oracle One-to-One Fulfillment Print Server unknown vulnerability
163089Oracle One-to-One Fulfillment Print Server unknown vulnerability
163088Oracle Marketing Marketing Administration unknown vulnerability
163087Oracle Marketing Marketing Administration unknown vulnerability
163086Oracle Marketing Marketing Administration unknown vulnerability
163085Oracle Marketing Marketing Administration unknown vulnerability
163084Oracle Marketing Marketing Administration unknown vulnerability
163083Oracle CRM Technical Foundation Flex Fields unknown vulnerability
163082Oracle Universal Work Queue Internal Operations Remote Privilege Escalation
163081Oracle Trade Management User Interface unknown vulnerability
163080Oracle Marketing Marketing Administration unknown vulnerability
163079Oracle E-Business Suite Secure Enterprise Search Search Integration Engine unknown vulnerability
163078Oracle Universal Work Queue Work Provider Administration Remote Code Execution
163077Oracle Primavera Unifier information disclosure [CVE-2020-9488]
163076Oracle Primavera Unifier Platform denial of service [CVE-2020-9489]
163075Oracle Primavera Unifier input validation [CVE-2018-17196]
163074Oracle Primavera Unifier Platform input validation [CVE-2019-17558]
163073Oracle Instantis EnterpriseTrack denial of service [CVE-2020-13935]
163072Oracle Primavera Unifier Platform xml external entity reference
163071Oracle Primavera Unifier Platform xml external entity reference
163070Oracle Primavera Gateway Admin cross site scripting [CVE-2019-17495]
163069Oracle Instantis EnterpriseTrack buffer overflow [CVE-2020-11984]
163068Oracle Communications Services Gatekeeper Media Control UI information disclosure
163067Oracle Communications Application Session Controller WS/WEB information disclosure
163066Oracle Communications Session Route Manager information disclosure
163065Oracle Communications Session Report Manager information disclosure
163064Oracle Communications Element Manager information disclosure
163063Oracle Communications Diameter Signaling Router IDIH information disclosure
163062Oracle Communications Diameter Signaling Router denial of service
163061Oracle Communications Diameter Signaling Router User Interface unknown vulnerability
163060Oracle Communications Diameter Signaling Router IDIH information disclosure
163059Oracle Enterprise Session Border Controller cross site scripting
163058Oracle Communications WebRTC Session Controller ME cross site scripting
163057Oracle Communications Diameter Signaling Router User Interface unknown vulnerability
163056Oracle Communications Diameter Signaling Router Platform cross site scripting
163055Oracle Communications Diameter Signaling Router IDIH cross site scripting
163054Oracle Communications Diameter Signaling Router IDIH cross site scripting
163053Oracle Communications Application Session Controller cross site scripting
163052Oracle Communications Session Route Manager information disclosure
163051Oracle Communications Session Report Manager information disclosure
163050Oracle Communications Element Manager information disclosure
163049Oracle Communications Session Border Controller Platform integer overflow
163048Oracle Communications Diameter Signaling Router IDIH information disclosure
163047Oracle Communications Session Route Manager deserialization [CVE-2020-9484]
163046Oracle Communications Session Report Manager deserialization
163045Oracle Communications Element Manager deserialization [CVE-2020-9484]
163044Oracle Communications Diameter Signaling Router deserialization
163043Oracle Communications Diameter Signaling Router IDIH deserialization
163042Oracle Communications Session Route Manager denial of service
163041Oracle Communications Session Route Manager denial of service
163040Oracle Communications Session Report Manager denial of service
163039Oracle Communications Session Border Controller System denial of service
163038Oracle Communications Element Manager denial of service [CVE-2019-12402]
163037Oracle Communications Diameter Signaling Router IDIH denial of service
163036Oracle Communications Diameter Signaling Router IDIH code download
163035Oracle Communications Session Route Manager deserialization [CVE-2020-14195]
163034Oracle Communications Session Report Manager deserialization
163033Oracle Communications Evolved Communications Application Server Universal Data Record deserialization
163032Oracle Communications Element Manager deserialization [CVE-2020-14195]
163031Oracle Communications Diameter Signaling Router IDIH deserialization
163030Oracle Communications Session Route Manager operation after expiration
163029Oracle Communications Session Report Manager operation after expiration
163028Oracle Communications Element Manager operation after expiration
163027Oracle Communications Application Session Controller WS/WEB operation after expiration
163026Oracle Communications Session Route Manager xml external entity reference
163025Oracle Communications Session Route Manager buffer overflow [CVE-2020-11984]
163024Oracle Communications Session Report Manager buffer overflow
163023Oracle Communications Element Manager buffer overflow [CVE-2020-11984]
163022Oracle Communications EAGLE Software Network Stack memory corruption
163021Oracle Communications Diameter Signaling Router Platform Remote Code Execution
163020Oracle Communications Diameter Signaling Router IDIH xml external entity reference
163019Oracle Communications Diameter Signaling Router IDIH Remote Code Execution
163018Oracle Communications Diameter Signaling Router IDIH deserialization
163017Oracle Communications Application Session Controller WS/WEB xml external entity reference
163016Oracle Communications Unified Inventory Management information disclosure
163015Oracle Communications Offline Mediation Controller information disclosure
163014Oracle Communications Billing and Revenue Management Billing Operation Center information disclosure
163013Oracle Communications Messaging Server denial of service [CVE-2020-9489]
163012Oracle Communications Billing and Revenue Management Billing Operation Center cross site scripting
163011Oracle Communications Billing and Revenue Management integer overflow
163010Oracle Communications Unified Inventory Management deserialization
163009Oracle Communications Unified Inventory Management xml external entity reference
163008Oracle Communications BRM Elastic Charging Engine Diameter Gateway/SDK deserialization
163007Oracle TimesTen In-Memory Database Apache ZooKeeper information disclosure
163006Oracle TimesTen In-Memory Database Dave Gamble/cJSON denial of service
163005Oracle TimesTen In-Memory Database Apache Log4j deserialization
163004Oracle TimesTen In-Memory Database EM TimesTen plugin out-of-bounds read
163003Oracle REST Data Services General information disclosure [CVE-2020-14745]
163002Oracle REST Data Services jQuery cross site scripting [CVE-2020-11023]
163001Oracle REST Data Services General information disclosure [CVE-2020-14744]
163000Oracle REST Data Services Apache Commons FileUpload access control
162999Oracle REST Data Services Eclipse Jetty request smuggling [CVE-2017-7658]
162998Oracle Big Data Graph Spatial/Graph deserialization [CVE-2019-0192]
162997Oracle Database Server Core RDBMS unknown vulnerability [CVE-2020-14742]
162996Oracle Database Server SQL Developer Install information disclosure
162995Oracle Database Server Java VM unknown vulnerability [CVE-2020-14743]
162994Oracle Database Server Database Vault unknown vulnerability [CVE-2020-14736]
162993Oracle Database Server RDBMS Security information disclosure
162992Oracle Database Server Database Filesystem denial of service
162991Oracle Database Server Oracle Application Express Quick Poll unknown vulnerability
162990Oracle Database Server Oracle Application Express Packaged Apps unknown vulnerability
162989Oracle Database Server Oracle Application Express Group Calendar unknown vulnerability
162988Oracle Database Server Oracle Application Express Data Reporter unknown vulnerability
162987Oracle Database Server Oracle Application Express cross site scripting
162986Oracle Database Server Oracle Application Express unknown vulnerability
162985Oracle Database Server ORDS cross site scripting [CVE-2020-11023]
162984Oracle Database Server Application Express cross site scripting
162983Oracle Database Server Workload Manager denial of service [CVE-2020-13935]
162982Oracle Database Server Oracle Text Remote Code Execution [CVE-2020-14734]
162981Oracle Database Server Scheduler Local Privilege Escalation [CVE-2020-14735]
162980Oracle Database Server bzip2 out-of-bounds write [CVE-2019-12900]
162979Lightning Network Daemon HTLC improper validation of integrity check value
162978Lightning Network Daemon HTLC Transaction improper validation of integrity check value
162977TIBCO Foresight Archive and Retrieval System Transaction Insight Reporting sql injection
162976Yandex Browser Address Bar clickjacking [CVE-2020-7371]
162975Danyil Vasilenko Bolt Browser Address Bar clickjacking [CVE-2020-7370]
162974Yandex Browser Address Bar clickjacking [CVE-2020-7369]
162973Ucweb UC Browser Address Bar clickjacking [CVE-2020-7364]
162972Ucweb UC Browser Address Bar clickjacking [CVE-2020-7363]
162971Nagios XI Apache User neutralization [CVE-2020-5792]
162970Apache Operating System os command injection [CVE-2020-5791]
162969Nagios XI cross-site request forgery [CVE-2020-5790]
162968VMware ESXi/Workstation/Fusion VMCI Host Driver resource consumption
162967VMware vCenter Server Appliance Appliance Management Interface certificate validation
162966VMware NSX-T NSX Manager unknown vulnerability [CVE-2020-3993]
162965VMware ESXi OpenSLP use after free [CVE-2020-3992]
162964VMware ESXi/Workstation/Fusion VMX Process out-of-bounds write
162963VMware ESXi/Workstation/Fusion VMX Process out-of-bounds read
162962Mozilla Network Security Services CCS Message denial of service
162961R-SeeNet Webpage sql injection [CVE-2020-25157]
162960InterMind iMind Self-Diagnostic Archive information disclosure
162959Adobe Marketo Sales Insight Plugin cross site scripting [CVE-2020-24416]
162958Adobe Illustrator SVG File memory corruption [CVE-2020-24415]
162957Adobe Illustrator SVG File memory corruption [CVE-2020-24414]
162956Adobe Illustrator SVG File memory corruption [CVE-2020-24413]
162955Adobe Illustrator SVG File memory corruption [CVE-2020-24412]
162954Adobe Illustrator PDF File out-of-bounds write [CVE-2020-24411]
162953Adobe Illustrator PDF File out-of-bounds read [CVE-2020-24410]
162952Adobe Illustrator PDF File out-of-bounds read [CVE-2020-24409]
162951Netwrix Account Lockout Examiner improper authentication [CVE-2020-15931]
162950Spree Storefront API v2 Endpoint session expiration [CVE-2020-15269]
162949Boxstarter Installer WptsExtensions.dll DllMain untrusted search path
162948DomainMod Password Storage hash without salt [CVE-2019-9080]
162947SAP NetWeaver Design Time Repository cross site scripting [CVE-2020-6370]
162946SAP Solution Manager/Focused Run hard-coded password [CVE-2020-6369]
162945SAP NetWeaver Composite Application Framework cross site scripting
162944SAP NetWeaver Compare Systems information disclosure [CVE-2020-6366]
162943SAP Banking Services Report access control [CVE-2020-6362]
162942SAP 3D Visual Enterprise Viewer VE Viewer information disclosure
162941SAP BusinessObjects Business Intelligence Platform Web Services server-side request forgery
162940IBM Spectrum Scale/Elastic Storage System denial of service [CVE-2020-4756]
162939IBM Spectrum Scale Web UI cross site scripting [CVE-2020-4755]
162938IBM Spectrum Scale missing secure attribute [CVE-2020-4749]
162937IBM Spectrum Scale Web UI cross site scripting [CVE-2020-4748]
162936IBM Sterling B2B Integrator Standard Edition Web UI cross site scripting
162935IBM Spectrum Scale mmfsd denial of service [CVE-2020-4491]
162934GE Reason S20 Ethernet Switch cross site scripting [CVE-2020-16246]
162933IBM Sterling B2B Integrator Standard Edition Back-End Database sql injection
162932osm-static-maps cross site scripting [CVE-2020-7749]
162931@tsed deepExtend resource consumption
162929OneThird CMS file inclusion [CVE-2020-5640]
162928Huawei Mate 30 use after free [CVE-2020-9263]
162927Huawei Mate 20 Bluetooth Module buffer overflow [CVE-2020-9113]
162926Huawei Taurus-AN00B information disclosure [CVE-2020-9112]
162925Huawei E6878-370/E6878-870 Event denial of service [CVE-2020-9111]
162924Huawei Mate 20 cross site scripting [CVE-2020-9092]
162923HPE Intelligent Management Center iccselectrules injection
162922HPE Intelligent Management Center perfaddormoddevicemonitor injection
162921HPE Intelligent Management Center ictexpertcsvdownload injection
162920HPE Intelligent Management Center devicethresholdconfig injection
162919HPE Intelligent Management Center devsoftsel injection
162918HPE Intelligent Management Center deviceselect injection
162917HPE Intelligent Management Center faultflasheventselectfact injection
162916HPE Intelligent Management Center userselectpagingcontent injection
162915HPE Intelligent Management Center reportpage injection
162914HPE Intelligent Management Center powershellconfigcontent injection
162913HPE Intelligent Management Center tvxlanlegend injection
162912HPE Intelligent Management Center viewbatchtaskresultdetailfact injection
162911HPE Intelligent Management Center forwardredirect injection
162910HPE Intelligent Management Center sshconfig injection
162909HPE Intelligent Management Center smsrulesdownload injection
162908HPE Intelligent Management Center ictexpertdownload injection
162907HPE Intelligent Management Center thirdpartyperfselecttask injection
162906HPE Intelligent Management Center mediaforaction injection
162905HPE Intelligent Management Center wmiconfigcontent injection
162904HPE Intelligent Management Center viewtaskresultdetailfact injection
162903HPE Intelligent Management Center iccselectdymicparam injection
162902HPE Intelligent Management Center soapconfigcontent injection
162901HPE Intelligent Management Center actionselectcontent injection
162900HPE Intelligent Management Center templateselect injection
162899HPE Intelligent Management Center guidatadetail injection
162898HPE Intelligent Management Center injection [CVE-2020-7170]
162897HPE Intelligent Management Center ictexpertcsvdownload injection
162896HPE Intelligent Management Center selectusergroup injection
162895HPE Intelligent Management Center quicktemplateselect injection
162894HPE Intelligent Management Center operatorgrouptreeselectcontent injection
162893HPE Intelligent Management Center iccselectcommand injection
162892HPE Intelligent Management Center operationselect injection
162891HPE Intelligent Management Center navigationto injection
162890HPE Intelligent Management Center operatorgroupselectcontent injection
162889HPE Intelligent Management Center reporttaskselect injection
162888HPE Intelligent Management Center iccselectdeviceseries injection
162887HPE Intelligent Management Center customtemplateselect injection
162886HPE Intelligent Management Center perfselecttask injection
162885HPE Intelligent Management Center selviewnavcontent injection
162884HPE Intelligent Management Center faultinfo_content injection
162883HPE Intelligent Management Center injection [CVE-2020-7155]
162882HPE Intelligent Management Center ifviewselectpage injection
162881HPE Intelligent Management Center iccselectdevtype injection
162880HPE Intelligent Management Center faultparasset injection
162879HPE Intelligent Management Center faulttrapgroupselect injection
162878HPE Intelligent Management Center faultstatchoosefaulttype injection
162877HPE Intelligent Management Center ictexpertcsvdownload injection
162876HPE Intelligent Management Center deployselectsoftware injection
162875HPE Intelligent Management Center injection [CVE-2020-7147]
162874HPE Intelligent Management Center devgroupselect injection
162873HPE Intelligent Management Center chooseperfview injection [CVE-2020-7145]
162872HPE Intelligent Management Center comparefilesresult injection
162871HPE Intelligent Management Center faultdevparasset injection
162870HPE Intelligent Management Center eventinfo_content injection
162869HPE Intelligent Management Center adddevicetoview injection
162868Allen-Bradley Flex IO 1794-AENT-B denial of service [CVE-2020-6085]
162867Allen-Bradley Flex IO 1794-AENT-B ENIP Request Path Logical Segment denial of service
162866Matrix Synapse Session m.login.recaptcha cross site scripting
162865HPE Intelligent Management Center addvsiinterfaceinfo injection
162864HPE Intelligent Management Center injection [CVE-2020-24651]
162863HPE Intelligent Management Center injection [CVE-2020-24650]
162862HPE Intelligent Management Center input validation [CVE-2020-24649]
162861HPE Intelligent Management Center accessmgrservlet deserialization
162860HPE Intelligent Management Center accessmgrservlet input validation
162859HPE Intelligent Management Center tftpserver buffer overflow
162858HPE Intelligent Management Center operatoronlinelist_content access control
162857HPE Intelligent Management Center improper authentication [CVE-2020-24629]
162856yubihsm-shell Process _send_secure_msg denial of service
162855yubihsm-shell Operations yh_create_session out-of-bounds write
162854Freebox Server UPnP MediaServer dns rebinding [CVE-2020-24375]
162853GoPro gpmf-parser GPMF_ScaledData divide by zero
162852GoPro gpmf-parser GPMF_Decompress divide by zero
162851GoPro gpmf-parser GPMF_ScaledData out-of-bounds read
162850GoPro gpmf-parser GPMF_ExpandComplexTYPE out-of-bounds write
162849JetBrains YouTrack URL Filter server-side request forgery [CVE-2020-15822]
162848Orchid Platform Attribute cross site scripting [CVE-2020-15263]
162847webpack-subresource-integrity Chunk improper validation of integrity check value
162846Veyon Service unquoted search path [CVE-2020-15261]
162845object-path includeInheritedProps Mode set code injection
162844Sylius Verification authentication spoofing
162843Apache Kylin Restful API improper authentication [CVE-2020-13937]
162842Sprecher SPRECON-E Configuration File command injection [CVE-2020-11496]
162841Infinispan REST API/HotRod API authorization [CVE-2020-10746] Built-In Communication Channel cross site scripting
162839tcpreplay tcpprep get_l2len heap-based overflow
162838tcpreplay tcpprep MemcmpInterceptorCommon heap-based overflow
162837Tink Java missing encryption [CVE-2020-8929]
162836SolarWinds N-central Cookie information disclosure [CVE-2020-15910]
162835SolarWinds N-central session fixiation [CVE-2020-15909]
162834rConfig GET Request ajaxAddTemplate.php os command injection
162833MintegralAdSDK backdoor [CVE-2020-7745]
162832Linux Kernel KDGKBSENT/KDSKBSENT vt_do_kdgkb_ioctl race condition
162831Sage EasyPay Transformation cross site scripting [CVE-2020-13893]
162830OX Software OX App Suite/OX Documents API server-side request forgery
162829OX Software OX App Suite/OX Documents Backend information disclosure
162828OX Software OX App Suite/OX Documents Backend cross site scriting
162827TAXII libtaxii XML Parser server-side request forgery [CVE-2020-27197]
162826Linux Kernel 64-bit Value verifier.c scalar32_min_max_or memory corruption
162825Overwolf access control [CVE-2020-25214]
162824Microsoft Visual Studio Code JSON Remote Code Execution [CVE-2020-17023]
162823Microsoft Windows Codecs Library memory corruption [CVE-2020-17022]
162822Juniper Junos Virtual Chassis resource consumption [CVE-2020-1689]
162821ClearPass Junos Web API key management [CVE-2020-1688]
162820Juniper Junos VXLAN resource consumption [CVE-2020-1687]
162819Juniper Junos vmcore double free [CVE-2020-1686]
162818Juniper Junos Firewall Filter information exposure [CVE-2020-1685]
162817Juniper Junos HTTP Traffic resource consumption [CVE-2020-1684]
162816Juniper Junos vmcore memory leak [CVE-2020-1683]
162815Juniper Junos srxpfe denial of service [CVE-2020-1682]
162814Juniper Junos NDP exceptional condition [CVE-2020-1681]
162812Juniper Junos NAT64 format string [CVE-2020-1680]
162811Juniper Junos Packet Forwarding Engine denial of service [CVE-2020-1679]
162810Juniper Junos BGP Packet memory leak [CVE-2020-1678]
162809Juniper Mist Cloud UI SAML Response improper authentication [CVE-2020-1677]
162808Juniper Mist Cloud UI SAML Response improper authentication [CVE-2020-1676]
162807Juniper Mist Cloud UI SAML improper authentication [CVE-2020-1675]
162806Juniper Junos MACsec Packet protection mechanism [CVE-2020-1674]
162805Juniper Junos J-Web cross site scripting [CVE-2020-1673]
162804Juniper Junos jdhcpd denial of service [CVE-2020-1672]
162803Juniper Junos JDHCPD out-of-bounds read [CVE-2020-1671]
162802Juniper Junos Routing Engine resource consumption [CVE-2020-1670]
162801Juniper Junos Device Manager Container passwd credentials storage
162800Juniper Junos Routing Engine resource consumption [CVE-2020-1668]
162799Juniper Junos Multiservices PIC Management Daemon race condition
162798Juniper Junos System Console access control [CVE-2020-1666]
162797Juniper Junos Packet Forwarding Engine denial of service [CVE-2020-1665]
162796Juniper Junos Daemon stack-based overflow [CVE-2020-1664]
162795Juniper Junos RPD denial of service [CVE-2020-1662]
162794Juniper Junos jdhcp denial of service [CVE-2020-1661]
162793Juniper Junos Multiservices PIC Management Daemon denial of service
162792Juniper Junos key-management-daemon denial of service [CVE-2020-1657]
162791Juniper Junos DHCPv6 Relay-Agent Service null pointer dereference
162790EZCast Pro II Administration Panel information disclosure [CVE-2019-12305]
162789IBM Resilient OnPrem command injection [CVE-2020-4636]
162788IBM Security Guardium Big Data Intelligence inadequate encryption
162787Apereo CAS Secret Key improper authentication [CVE-2020-27178]
162786Dell EMC NetWorker improper authorization [CVE-2020-26183]
162785Dell EMC NetWorker privileges assignment [CVE-2020-26182]
162784Wire URL shell.openExternal input validation
162783Anuko Time Tracker CSV Export injection [CVE-2020-15255]
162782crossbeam-channel from_iter memory corruption
162781XWiki Application Server Servlet code injection [CVE-2020-15252]
162780containerd insufficiently protected credentials [CVE-2020-15157]
162779VMware Horizon Client Installation access control [CVE-2020-3991]
162778Aptean Product Configurator Main Login Page sql injection [CVE-2020-26944]
162777ClamXAV Helper Tool injection [CVE-2020-26893]
162776libass ass_outline_construct integer overflow
162775Testimonial Rotator Plugin post.php cross site scripting
162774Magento File Upload cross site scripting [CVE-2020-24408]
162773OLIMPOKS Error Message cross site scripting [CVE-2020-16270]
162772Gogs git Hook os command injection [CVE-2020-15867]
162771Red Hat JBoss EAP Legacy SecurityRealm improper authentication
162770Gitea git Hook os command injection [CVE-2020-14144]
162769Bender COMTRAXX CP915 improper authorization [CVE-2019-19885]
162768BASSMIDI Plugin out-of-bounds write [CVE-2019-19513]
162767BASS Audio Library MP3 File BASS_StreamCreateFile infinite loop
162766BASS Audio Library WAV File BASS_StreamCreateFile out-of-bounds read
162765BASS Audio Library OGG File BASS_StreamCreateFile use after free
162764Mark Text cross site scripting [CVE-2020-27176]
162763Amazon AWS Firecracker Serial Console memory leak [CVE-2020-27174]
162762OpenStack blazar-dashboard access control [CVE-2020-26943]
162761Sage DPW Kurskatalog cross site scripting [CVE-2020-26584]
162760Sage DPW Expenses Claiming cross site scripting [CVE-2020-26583]
162759PowerDNS Recursor Cached Record denial of service [CVE-2020-25829]
162758QEMU ATI VGA Device ati_2d.c ati_2d_blt denial of service
162757vm-superio Serial Console FIFO memory allocation [CVE-2020-27173]
162756phpRedisAdmin login.php cross site scripting
162755Siemens SIPORT MP Single Sign-On authentication spoofing [CVE-2020-7591]
162754OTRS Chat Conversation information disclosure [CVE-2020-1777]
162753Siemens Desigo Insight Web Application information exposure [CVE-2020-15794]
162752Siemens Desigo Insight X-Frame-Options clickjacking [CVE-2020-15793]
162751Siemens Desigo Insight Web Service sql injection [CVE-2020-15792]
162750Atlassian JIRA Server Issue Key ActionsAndOperations permission
162749Eclipse Vert.x Backslash path traversal [CVE-2019-17640]
162748F2fs-Tools F2fs.Fsck f2fs Filesystem fsck_chk_orphan_node heap-based overflow
162747F2fs-Tools F2fs.Fsck f2fs Filesystem dev_read information disclosure
162746F2fs-Tools F2fs.Fsck Filesystem init_node_manager information disclosure
162745F2fs-Tools F2fs.Fsck f2fs Filesystem unknown vulnerability [CVE-2020-6105]
162744F2fs-Tools F2fs.Fsck f2fs Filesystem get_dnode_of_data information disclosure
162743Qualcomm QCMAP SetGatewayUrl os command injection
162742Qualcomm QCMAP Mobile Hotspot QCMAP_Web_CLIENT Tokenizer denial of service
162741libarchive Archive File archive_string.c archive_string_append_from_wcs out-of-bounds write
162740B&R GateManager 4260/GateManager 9250 log file [CVE-2020-11646]
162739B&R GateManager 4260/GateManager 9250 denial of service [CVE-2020-11645]
162738B&R GateManager 4260/GateManager 9250 Audit Log neutralization for logs
162737B&R GateManager 4260/GateManager 9250 information disclosure
162736B&R SiteManager file access [CVE-2020-11642]
162735B&R SiteManager file inclusion [CVE-2020-11641]
162734B&R Automation Runtime TFTP Service memory leak [CVE-2020-11637]
162733com.mintegral.msdk:alphab Android SDK information disclosure
162732IBM Security Access Manager/Security Verify Access improper authentication
162731IBM Security Access Manager/Security Verify Access response splitting
162730McAfee MVision Endpoint Core Trust Component security check for standard
162729McAfee Active Response Core Trust Component security check for standard
162728McAfee Application and Change Control MSI Configuration access control
162727Veritas APTARE Login improper authentication [CVE-2020-27157]
162726Veritas APTARE Authorization improper authorization [CVE-2020-27156]
162725SAP 3D Visual Enterprise Viewer RH File denial of service [CVE-2020-6376]
162724SAP 3D Visual Enterprise Viewer CGM File denial of service [CVE-2020-6375]
162723SAP 3D Visual Enterprise Viewer JT File denial of service [CVE-2020-6374]
162722SAP 3D Visual Enterprise Viewer PDF File denial of service [CVE-2020-6373]
162721SAP 3D Visual Enterprise Viewer PDF File denial of service [CVE-2020-6372]
162720SAP NetWeaver Application Server ABAP information disclosure
162719SAP Business Planning and Consolidation cross site scripting
162718SAP NetWeaver AS JAVA Start Page redirect [CVE-2020-6365]
162717SAP Solution Manager/Focused Run CA Introscope Enterprise Manager code injection
162716SAP Commerce Cloud session expiration [CVE-2020-6363]
162715SAP Netweaver Enterprise Portal Fiori Framework Page cross site scripting
162714SAP NetWeaver Application Server Java cross site scripting [CVE-2020-6319]
162713SAP Commerce Cloud Web CMS Components cross site scripting [CVE-2020-6272]
162712Live Chat - Live Support cross-site request forgery [CVE-2020-5642]
162711BlueZ MGMT Event att.c disconnect_cb double free
162710ThinkPad ThinkPad Stack Wireless Router improper authentication
162709Lenovo Cloud Networking Operating System REST API input validation
162708Lenovo HardwareScan Plugin Vantage Hardware Scan uncontrolled search path
162707Lenovo Diagnostics DLL untrusted search path [CVE-2020-8338]
162706Lenovo/IBM System X Server BIOS Mode USB Driver toctou [CVE-2020-8332]
162705Rapid7 Nexpose sql injection [CVE-2020-7383]
162704McAfee ePolicy Orchistrator cross site scripting [CVE-2020-7318]
162703McAfee ePolicy Orchistrator cross site scripting [CVE-2020-7317]
162702Duo Network Gateway Log log file [CVE-2020-3483]
162701Duo Authentication for Windows Logon/RDP improper authentication
162700Grocy Create Shopping List Module cross site scripting [CVE-2020-15253]
162699Singularity unsquashfs path traversal
162698Open Enclave Syscall information disclosure [CVE-2020-15224]
162697Adobe Flash Player HTTP Response null pointer dereference [CVE-2020-9746]
162696BlackBerry UEM UEM Core Service denial of service [CVE-2020-6933]
162695IBM Security Access Manager Appliance session expiration [CVE-2020-4395]
162694Trend Micro Antivirus Webserver API access control [CVE-2020-27013]
162693Telegram Desktop Export Telegram Data wizard improper authentication
162692Trend Micro Antivirus Kernel Extension information disclosure
162691Trend Micro Antivirus Web Threat Protection access control [CVE-2020-25777]
162690United Planet Intrexx Professional cross site scripting [CVE-2020-24188]
162689Google Android Kernel binder.c binder_release_work use after free
162688Google Android Pendingintent constructImportFailureNotification information disclosure
162687Google Android Error Handling String8.cpp appendFormatV privileges management
162686Google Android Permission Check GpuService.cpp setUpdatableDriverPath memory corruption
162685Google Android Permission Check generateInfo information disclosure
162684Google Android Settings Screen permission [CVE-2020-0416]
162683Google Android SystemUI information disclosure [CVE-2020-0415]
162682Google Android Audio Buffer Threads.cpp threadLoop information disclosure
162681Google Android Bluetooth Server gatt_process_read_by_type_rsp information disclosure
162680Google Android setProcessMemoryTrimLevel information disclosure
162679Google Android AACExtractor.cpp ~AACExtractor out-of-bounds write
162678Google Android Pendingintent setNotification information disclosure
162677Google Android String16.cpp remove integer overflow
162676Google Android Pendingintent showDataRoamingNotification information disclosure
162675Google Android PendingIntent Error updateMwi information disclosure
162674Google Android Permission Check onWnmFrameReceived information disclosure
162673Google Android Bluetooth Server gatt_process_read_by_type_rsp out-of-bounds read
162672Google Android out-of-bounds read [CVE-2020-0376]
162671Google Android out-of-bounds read [CVE-2020-0371]
162670Google Android out-of-bounds write [CVE-2020-0367]
162669Google Android out-of-bounds read [CVE-2020-0339]
162668Google Android out-of-bounds write [CVE-2020-0283]
162667Google Android Permission Check getCarrierPrivilegeStatus information disclosure
162666Allen-Bradley Flex IO 1794-AENT-B ENIP Request Path Data Segment denial of service
162665Allen-Bradley Flex IO 1794-AENT-B ENIP Request Path Data Segment denial of service
162664Allen-Bradley Flex IO 1794-AENT-B ENIP Request Path Port Segment denial of service
162663LAquis SCADA Project File out-of-bounds read [CVE-2020-25188]
162662IProom MMC+ Server Login Page redirect [CVE-2020-24551]
162661Google Android SurfaceFlinger SurfaceFlinger.cpp createLayer privileges management
162660Siemens DCA Vantage Analyzer Onboard Database hard-coded password
162659McAfee Total Protection Task Scheduling privileges management
162658Trend Micro Antivirus Internationalized Domain Name access control
162657Linux Kernel Geneve Endpoint cleartext transmission [CVE-2020-25645]
162656Foxit Reader Annotation Object use after free [CVE-2020-17417]
162655Foxit Reader JPEG2000 Image out-of-bounds write [CVE-2020-17416]
162654Foxit PhantomPDF Update Service permission assignment [CVE-2020-17415]
162653Foxit Reader Update Service permission [CVE-2020-17414]
162652Foxit PhantomPDF U3D Object stack-based overflow [CVE-2020-17413]
162651Foxit PhantomPDF U3D Object information disclosure [CVE-2020-17412]
162650Foxit PhantomPDF U3D Object information disclosure [CVE-2020-17411]
162649Foxit PhantomPDF GIF File access control [CVE-2020-17410]
162648Netgear R6120/R6080/R6260/R6220/R6020/JNR3210/WNR2020 mini_httpd Service improper authentication
162647Microhard Bullet-LTE Authentication Header stack-based overflow
162646Microhard Bullet-LTE improper authentication
162645Siemens DCA Vantage Analyzer Kiosk Mode access control [CVE-2020-15797]
162644Channelmgnt Plug-In ACL access control [CVE-2020-15251]
162643Apache Solr API improper authorization [CVE-2020-13957]
162642AMD ATIKMDAG.SYS API out-of-bounds read [CVE-2020-12933]
162641AMD Ryzen Master AMD Driver access control [CVE-2020-12928]
162640AMD ATIKMDAG.SYS API out-of-bounds read
162639Apache Fineract information disclosure [CVE-2018-20243]
162638Microsoft Windows Kernel memory corruption [CVE-2020-16890]
162637Microsoft Windows Remote Desktop Protocol information disclosure
162636Microsoft Windows Remote Desktop Protocol denial of service [CVE-2020-16927]
162635Microsoft Windows Remote Desktop Service denial of service [CVE-2020-16863]
162634Microsoft Windows Media Foundation memory corruption [CVE-2020-16915]
162633Microsoft Windows Unified Extensible Firmware Interface access control
162632Microsoft Windows Hyper-V memory corruption [CVE-2020-1047]
162631Microsoft Windows Win32k memory corruption [CVE-2020-16913]
162630Microsoft Windows Kernel Image memory corruption [CVE-2020-16892]
162629Microsoft Windows KernelStream information disclosure [CVE-2020-16889]
162628Microsoft Windows Installer access control [CVE-2020-16902]
162627Microsoft Windows Hyper-V access control [CVE-2020-16891]
162626Microsoft Windows Hyper-V denial of service [CVE-2020-1243]
162625Microsoft Windows NAT memory corruption [CVE-2020-16894]
162624Microsoft Windows Error Reporting access control [CVE-2020-16905]
162623Microsoft Windows COM Server access control [CVE-2020-16916]
162622Microsoft Visual Studio Code Python Extension access control
162621Microsoft PowerShellGet WDAC access control [CVE-2020-16886]
162620Microsoft Windows Camera Codec Pack memory corruption [CVE-2020-16968]
162619Microsoft Windows Camera Codec Pack memory corruption [CVE-2020-16967]
162618Microsoft Windows COM Server access control [CVE-2020-16935]
162617Microsoft Windows Backup Service access control [CVE-2020-16976]
162616Microsoft Windows Jet Database Engine memory corruption [CVE-2020-16924]
162615Microsoft Windows Storage VSP Driver access control [CVE-2020-16885]
162614Microsoft Windows Network Connections Service memory corruption
162613Microsoft Windows Hyper-V memory corruption [CVE-2020-1080]
162612Microsoft Windows iSCSI Target Service access control [CVE-2020-16980]
162611Microsoft Windows Storage Services access control [CVE-2020-0764]
162610Microsoft Windows File Signature Validation signature verification
162609Microsoft Windows Backup Service access control [CVE-2020-16974]
162608Microsoft Windows Backup Service access control [CVE-2020-16973]
162607Microsoft Windows Backup Service access control [CVE-2020-16975]
162606Microsoft Windows Application Compatibility Client Library access control
162605Microsoft Windows Reparse Point access control [CVE-2020-16877]
162604Microsoft Windows Backup Service improper authentication [CVE-2020-16972]
162603Microsoft Windows Application Compatibility Client Library access control
162602Microsoft Windows Text Services Framework information disclosure
162601Microsoft Windows Enterprise App Management Service information disclosure
162600Microsoft Windows Error Reporting Manager access control [CVE-2020-16895]
162599Microsoft Windows NetBIOS over TCP information disclosure [CVE-2020-16897]
162598Microsoft Windows TCPIP Stack Remote Code Execution [CVE-2020-16898]
162597Microsoft Windows Backup Service access control [CVE-2020-16936]
162596Microsoft Windows Win32k memory corruption [CVE-2020-16907]
162595Microsoft Windows User Profile Service access control [CVE-2020-16940]
162594Microsoft Windows Backup Service access control [CVE-2020-16912]
162593Microsoft Windows Error Reporting access control [CVE-2020-16909]
162592Microsoft Windows Setup access control [CVE-2020-16908]
162591Microsoft Windows TCPIP Stack denial of service [CVE-2020-16899]
162590Microsoft Windows Kernel information disclosure [CVE-2020-16901]
162589Microsoft Windows Event System memory corruption [CVE-2020-16900]
162588Microsoft SharePoint Server Application Package origin validation
162587Microsoft SharePoint Server information disclosure [CVE-2020-16950]
162586Microsoft SharePoint Server information disclosure [CVE-2020-16941]
162585Microsoft SharePoint Server cross site scripting [CVE-2020-16946]
162584Microsoft SharePoint Server cross site scripting [CVE-2020-16945]
162583Microsoft SharePoint Server cross site scripting [CVE-2020-16944]
162582Microsoft SharePoint Server Application Package access control
162581Microsoft SharePoint Server information disclosure [CVE-2020-16942]
162580Microsoft SharePoint Server information disclosure [CVE-2020-16953]
162579Microsoft SharePoint Server information disclosure [CVE-2020-16948]
162578Microsoft 3D Viewer memory corruption [CVE-2020-17003]
162577Microsoft Office memory corruption [CVE-2020-16954]
162576Microsoft Excel memory corruption [CVE-2020-16931]
162575Microsoft Outlook memory corruption [CVE-2020-16947]
162574Microsoft Outlook denial of service [CVE-2020-16949]
162573Microsoft 3D Viewer/365 Apps for Enterprise memory corruption
162572Microsoft Office Access Connectivity Engine memory corruption
162571Microsoft Office AppVLP access control [CVE-2020-16928]
162570Microsoft Office AppVLP access control [CVE-2020-16955]
162569Microsoft Office Excel memory corruption [CVE-2020-16930]
162568Microsoft Excel memory corruption [CVE-2020-16932]
162567Microsoft Office AppVLP improper authorization [CVE-2020-16934]
162566Microsoft Office memory corruption [CVE-2020-16929]
162565Microsoft Word LNK File 7pk security [CVE-2020-16933]
162564Microsoft Windows Kernel information disclosure [CVE-2020-16938]
162563Microsoft Windows Graphics memory corruption [CVE-2020-1167]
162562Microsoft Windows Graphics memory corruption [CVE-2020-16923]
162561Microsoft Windows GDI+ information disclosure [CVE-2020-16914]
162560Microsoft Windows GDI+ memory corruption [CVE-2020-16911]
162559Microsoft Exchange Server information disclosure [CVE-2020-16969]
162558Microsoft Dynamics 365 Commerce improper authorization [CVE-2020-16943]
162557Microsoft Microsoft Dynamics 365 cross site scripting [CVE-2020-16956]
162556Microsoft Microsoft Dynamics 365 cross site scripting [CVE-2020-16978]
162555Microsoft Windows Group Policy privileges assignment [CVE-2020-16939]
162554Microsoft Azure Functions privileges management [CVE-2020-16904]
162553Microsoft Network Watcher Agent Virtual Machine Extension for Linux privileges management
162552Microsoft Microsoft .NET Framework information disclosure [CVE-2020-16937]
162551OpenRobotics ros_comm Communications Package XML RPC Library integer overflow
162550mathjs deepExtend dynamically-determined object attributes
162549Webmin Command Shell Endpoint input validation [CVE-2020-8821]
162548Webmin Cluster Shell Commands Endpoint cross site scripting [CVE-2020-8820]
162547HelpDeskZ Auto-Login sql injection [CVE-2020-26546]
162546Octopus Deploy Task Log debug log file [CVE-2020-25825]
162545JUnit4 Test Rule information disclosure [CVE-2020-15250]
162544Sonatype Nexus Repository Manager pathname traversal [CVE-2020-15012]
162543Webmin Read User Email Module/Mailboxes Endpoint cross site scripting
162542JFrog Artifactory improper authentication [CVE-2019-17444]
162541Huawei Taurus-AN00B Module buffer overflow [CVE-2020-9240]
162540Huawei Taurus-AN00B Module buffer overflow [CVE-2020-9238]
162539Huawei WS5800-10 Message denial of service [CVE-2020-9230]
162538Huawei P30 Pro buffer overflow [CVE-2020-9123]
162537Huawei WS7200-10 input validation [CVE-2020-9122]
162536Huawei Taurus-AN00B information disclosure [CVE-2020-9110]
162535Huawei Mate 20 information disclosure [CVE-2020-9109]
162534Huawei P30 Pro Message out-of-bounds write [CVE-2020-9108]
162533Huawei P30 Pro Message out-of-bounds read [CVE-2020-9107]
162532Huawei P30 Pro path traversal [CVE-2020-9106]
162531Huawei Taurus-AN00B out-of-bounds write [CVE-2020-9091]
162530Huawei FusionAccess improper authorization [CVE-2020-9090]
162529Huawei Taurus-AL00A XFRM Module out-of-bounds read [CVE-2020-9087]
162528Samsung Update Inter-Process Communication deserialization [CVE-2020-7811]
162527IBM Curam Social Program Management readLine denial of service
162526IBM Curam Social Program Management OOTB Build Script information disclosure
162525IBM Curam Social Program Management risky encryption [CVE-2020-4778]
162524IBM Curam Social Program Management path traversal [CVE-2020-4776]
162523IBM Curam Social Program Management cross site scripting [CVE-2020-4775]
162522IBM Curam Social Program Management information disclosure [CVE-2020-4774]
162521IBM Curam Social Program Management cross-site request forgery
162520IBM Curam Social Program Management xml external entity reference
162519IBM InfoSphere Information Server Web UI cross site scriting
162518IBM InfoSphere Information Server cross site scriting [CVE-2020-4740]
162517IBM Security Access Manager/Security Verify Access information exposure
162516IBM Security Guardium File Content injection [CVE-2020-4689]
162515IBM Security Guardium Web UI cross site scripting [CVE-2020-4681]
162514IBM Security Guardium Web UI cross site scripting [CVE-2020-4680]
162513IBM Security Guardium Web UI cross site scriting [CVE-2020-4679]
162512IBM Security Guardium Admin Access information disclosure [CVE-2020-4678]
162511IBM Security Access Manager/Security Verify Access information exposure
162510IBM Security Access Manager/Security Verify Access Access Manager information exposure
162509IBM Cognos Analytics Servlet information exposure [CVE-2020-4388]
162508IBM Cognos Analytics Excel File injection [CVE-2020-4302]
162507ARC Informatique PcVue information disclosure [CVE-2020-26869]
162506ARC Informatique PcVue Web Client denial of service [CVE-2020-26868]
162505ARC Informatique PcVue Interface deserialization [CVE-2020-26867]
162504Apache Tomcat HTTP2 Client information disclosure [CVE-2020-13943]
162503GitLab Permission Check permission [CVE-2020-13341]
162502SonicWALL SonicOS Login Page information exposure [CVE-2020-5143]
162501SonicWALL SonicOS SSL VPN Web Interface cross site scripting
162500SonicWALL SonicOS Virtual Assist Ticket ID protection mechanism
162499SonicWALL SonicOS SSL VPN Service out-of-bounds read [CVE-2020-5140]
162498SonicWALL SonicOS release of reference [CVE-2020-5139]
162497SonicWALL SonicOS SSL VPN Service heap-based overflow [CVE-2020-5138]
162496SonicWALL SonicOS SSL VPN Service buffer overflow [CVE-2020-5137]
162495SonicWALL SonicOS SSL-VPN Portal buffer overflow [CVE-2020-5136]
162494SonicWALL SonicOS buffer overflow [CVE-2020-5135]
162493SonicWALL SonicOS out-of-bounds read [CVE-2020-5134]
162492SonicWALL SonicOS buffer overflow [CVE-2020-5133]
162491Atlassian JIRA Server Issue Filter Export File cross site scripting
162490Huawei Taurus-AN00B input validation [CVE-2020-9105]
162489Emby Server Image server-side request forgery
162488Monero GUI monero-wallet-gui lib authorization
162487MyBatis Object Stream deserialization [CVE-2020-26945]
162486phpMyAdmin SearchController sql injection [CVE-2020-26935]
162485phpMyAdmin Transformation Feature cross site scripting [CVE-2020-26934]
162484Sympa Package permission [CVE-2020-26932]
162483Apache Calcite Hostname Verification information disclosure [CVE-2020-13955]
162482Pepperl Fuchs RocketLinx Comtrol TFTP Service information disclosure
162481Pepperl Fuchs RocketLinx Comtrol Administration Interface command injection
162480Pepperl Fuchs RocketLinx Comtrol Administration Interface cross-site request forgery
162479Pepperl Fuchs RocketLinx Comtrol Administration Interface backdoor
162478Pepperl Fuchs RocketLinx Comtrol Administration Interface improper authentication
162477Netgear WC7500/WC7600/WC7600v2/WC9500 information disclosure
162476Netgear EX7700 config [CVE-2020-26930]
162475Netgear R6220/R6230 injection [CVE-2020-26929]
162474Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 improper authentication
162473Netgear WNR2020 improper authentication [CVE-2020-26927]
162472Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 improper authentication
162471Netgear GS808E denial of service [CVE-2020-26925]
162470Netgear WAC720/WAC730 information disclosure [CVE-2020-26924]
162469Netgear WC7500/WC7600/WC7600v2/WC9500 cross site scripting [CVE-2020-26923]
162468Netgear WC7500/WC7600/WC7600v2/WC9500 command injection [CVE-2020-26922]
162467Netgear GS110EMX/GS810EMX/XS512EM/XS724EM improper authentication
162466Netgear SRK60/SRR60/SRS60 command injection [CVE-2020-26920]
162465Netgear JGS516PE Access Control access control [CVE-2020-26919]
162464Netgear R8500 cross site scripting [CVE-2020-26918]
162463Netgear R8500 cross site scripting [CVE-2020-26917]
162462Netgear WNR2020 config [CVE-2020-26916]
162461Netgear XR700 cross site scripting [CVE-2020-26915]
162460Netgear WNR2020 command injection [CVE-2020-26914]
162459Netgear XR500 buffer overflow [CVE-2020-26913]
162458Netgear WNR2020 cross-site request forgery [CVE-2020-26912]
162457Netgear WNR2020 access control [CVE-2020-26911]
162456Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 command injection
162455Netgear D7800/R7500v2 command injection [CVE-2020-26909]
162454Netgear WNR2020 improper authentication [CVE-2020-26908]
162453Netgear RBK852/RBR850/RBS850 os command injection [CVE-2020-26907]
162452Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
162451Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
162450Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
162449Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
162448Netgear RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 command injection
162447Netgear RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
162446Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
162445Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
162444Netgear RAX40 config [CVE-2020-26898]
162443Netgear CBR40/RBK752/RBR750/RBS750/RBK852/RBR850/RBS850 information disclosure
162442Garfield Petshop act_user.php cross-site request forgery
162441Xerox WorkCentre EC7836/WorkCentre EC7856 Description Page cross site scripting
162440ConnectWise Automate permission [CVE-2020-15838]
162439OnePlus App Locker Google Assistant improper authorization [CVE-2020-13626]
162438Victor Web Client denial of service [CVE-2020-9048]
162437Dell EMC OpenManage Integration for Microsoft System Center Log log file
162436IBM Informix Spatial out-of-bounds write [CVE-2020-4799]
162435IBM QRadar SIEM Java Deserialization deserialization [CVE-2020-4280]
162434Faulkner Wildlife Issues in the New Millennium cmd.exe privileges management
162433forma.lms cross-site request forgery [CVE-2020-26802]
162432HAPI FHIR Testpage Overlay cross site scripting [CVE-2020-24301]
162431Facebook Hermes Javascript SaveGeneratorLong control flow
162430Mozilla Thunderbird Microsoft Exchange Autodiscovery cleartext transmission
162429Smartstore WebApi Authentication improper authentication [CVE-2020-15243]
162428Next.js redirect [CVE-2020-15242]
162427Fluid Engine cross site scriting [CVE-2020-15241]
162426GitLab Key Storage information disclosure [CVE-2020-13344]
162425GitLab CI Job Log cross site scripting [CVE-2020-13340]
162424GitLab SVG File Preview cross site scripting [CVE-2020-13339]
162423Mozilla Firefox ECDSA Signature Generation information disclosure
162422Mozilla Firefox Coordinate information disclosure [CVE-2020-12400]
162421Zoho ManageEngine Applications Manager AAMRequestProcessor Servlet improper authorization
162420IBM QRadar SIEM Active Directory Authentication improper authentication
162419Nahimic APO Software Component Driver privileges management [CVE-2019-19115]
162418D-Link CGI Script upgradeStatusReboot.cgi denial of service
162417SourceCodester Online Bus Booking System Admin Login Screen admin.php sql injection
162416SourceCodester Booking System book_now.php cross site scripting
162415PHPGurukul hospital-management-system-in-php patient-search.php cross site scripting
162414PHPGurukul hostel-management-system cross site scripting [CVE-2020-25270]
162413PyroCMS anomaly.module.blocks cross-site request forgery
162412PyroCMS cross-site request forgery [CVE-2020-25262]
162411Nerrvana Plugin XML Parser xml external entity reference [CVE-2020-2298]
162410SMS Notification Plugin Global Configuration cleartext storage
162409Shared Objects Plugin Shared Object cross-site request forgery
162408Maven Cascade Release Plugin cross-site request forgery [CVE-2020-2295]
162407Maven Cascade Release Plugin Permission Check authorization [CVE-2020-2294]
162406Persona Plugin Permission path traversal [CVE-2020-2293]
162405Release Plugin Badge Tooltip cross site scripting [CVE-2020-2292]
162404couchdb-statistics Plugin Global Configuration cleartext storage
162403Active Choices Plugin Sandbox cross site scripting [CVE-2020-2290]
162402Active Choices Plugin cross site scripting [CVE-2020-2289]
162401Audit Trail Plugin Regular Expression incorrect regex [CVE-2020-2288]
162400Audit Trail Plugin Stapler Web Framework unknown vulnerability
162399Role-based Authorization Strategy Plugin Permission Cache permission
162398Cisco StarOS CLI input validation [CVE-2020-3602]
162397Cisco StarOS CLI input validation [CVE-2020-3601]
162396Cisco Vision Dynamic Signage Director Web-based Management Interface improper authentication
162395Cisco Nexus Data Broker Configuration Backup pathname traversal
162394Cisco Expressway Series Session Initiation Protocol denial of service
162393Cisco Identity Services Engine Web-based Management Interface cross site scripting
162392Cisco Email Security Appliance Antispam Protection Mechanism input validation
162391Cisco Industrial Network Director Management REST API denial of service
162390Cisco Video Surveillance 8000 Series IP Camera Cisco Discovery Protocol memory corruption
162389Cisco Video Surveillance 8000 Series IP Camera Cisco Discovery Protocol certain memory leak
162388Cisco SD-WAN vManage Web-based Management Interface cross site scripting
162387Cisco Webex Teams Client DLL Loader uncontrolled search path
162386Cisco Identity Services Engine Web-based Management Interface Administrator authorization
162385Cisco FirePOWER Management Center Web-based Management Interface cross site scripting
162384McAfee File/Removable Media Protection unquoted search path [CVE-2020-7316]
162383Sympa Configuration File privileges management [CVE-2020-26880]
162382wp-courses Plugin JSON REST API wp-json authorization
162381Cure53 DOMPurify cross site scripting [CVE-2020-26870]
162380Dynamic OOO Widget code injection [CVE-2020-26596]
162379KDE Connect Packet denial of service [CVE-2020-26164]
162378Soplanning Key improper authentication [CVE-2020-25867]
162377Contao Tag injection [CVE-2020-25768]
162376Peplink Balance Web Admin connector.php information disclosure
162375ImpressCMS admin.php cross site scripting
162374Smarter Coffee Maker Firmware Update improper authorization [CVE-2020-15501]
162373GLPI API Search sql injection [CVE-2020-15226]
162372GLPI Public FAQ information disclosure [CVE-2020-15217]
162371GLPI install.php cross site scripting
162370GLPI sql injection [CVE-2020-15176]
162369GLPI Image pluginimage.send.php information disclosure
162368GitLab Confirmation Email resource consumption [CVE-2020-13342]
162367Zabbix Server Remote Privilege Escalation [CVE-2020-11800]
162366MikroTik RouterOS SMB Server integer underflow [CVE-2019-16160]
162365MonoCMS Blog File denial of service [CVE-2020-25985]
162364Symphony CMS event.publish_article.php cross site scripting
162363GAEN Metadata Block information disclosure [CVE-2020-24722] [Disputed]
162362Spice Remote Display System QUIC Image Decoder buffer overflow
162361GitLab Runner injection [CVE-2020-13347]
162360GitLab API information disclosure [CVE-2020-13346]
162359GitLab Group Membership denial of service [CVE-2020-13335]
162358GitLab GraphQL Query improper authorization [CVE-2020-13334]
162357GitLab Project privileges management [CVE-2020-13332]
162356simpl-schema unknown vulnerability [CVE-2020-7742]
162355Atlassian JIRA Server/Data Center SEN information disclosure
162354node-pdf-generator server-side request forgery [CVE-2020-7740]
162353Samsung Mobile Devices TimaService privileges management [CVE-2020-26607]
162352Samsung Mobile Devices Secure Folder information disclosure [CVE-2020-26606]
162351Samsung Mobile Devices Log information disclosure [CVE-2020-26605]
162350Samsung Mobile Devices Pendingintent privileges management [CVE-2020-26604]
162349Samsung Mobile Devices Sticker Center pathname traversal [CVE-2020-26603]
162348Samsung Mobile Devices Pendingintent exposure of resource [CVE-2020-26602]
162347Samsung Mobile Device Pendingintent privileges management [CVE-2020-26601]
162346Samsung Mobile Device Auto Hotspot information disclosure [CVE-2020-26600]
162345Samsung Mobile Device Dynamic Lockscreen improper authentication
162344LG Mobile Devices Network Management denial of service [CVE-2020-26598]
162343LG Mobile Devices Wi-Fi Subsystem denial of service [CVE-2020-26597] input validation [CVE-2020-24807]
162341Facebook WhatsApp/WhatsApp Business/WhatsApp for Portal RTP Extension Header out-of-bounds write
162340Facebook WhatsApp/WhatsApp Business E-AC-3 Audio Stream heap-based overflow
162339Facebook WhatsApp Media ContentProvider URI information disclosure
162338Facebook WhatsApp/WhatsApp Business Attachment pathname traversal
162337Facebook WhatsApp/WhatsApp Business Unzip denial of service [CVE-2020-1903]
162336Facebook WhatsApp/WhatsApp Business Google service cleartext transmission
162335Facebook WhatsApp Message denial of service [CVE-2020-1901]
162334Zoho ManageEngine Applications Manager RCA module sql injection
162333Zoho ManageEngine Applications Manager SAP Module sql injection
162332xmpp-http-upload path traversal [CVE-2020-15239]
162331Electron Context Isolation sandbox [CVE-2020-15215]
162330Electron will-navigate sandbox
162329GitLab cross site scripting [CVE-2020-13345]
162328GitLab Custom Project Template information disclosure [CVE-2020-13343]
162327GitLab API denial of service [CVE-2020-13333]
162326HCL AppScan Enterprise Rule Update escape output [CVE-2019-4326]
162325HCL AppScan Enterprise REST API User Detail cryptographic issues
162324Sierra Wireless ALEOS RPC Server unknown vulnerability [CVE-2020-8782]
162323Sierra Wireless ALEOS improper authorization [CVE-2020-8781]
162322hellojs Package cross site scripting [CVE-2020-7741]
162321phantomjs-seo URL server-side request forgery [CVE-2020-7739]
162320MPD PPP Authentication out-of-bounds read [CVE-2020-7466]
162319MPD L2TP memory corruption [CVE-2020-7465]
162318IBM MQ Appliance Log File information disclosure [CVE-2020-4528]
162317D-Link DAP-1360U Ping privileges management [CVE-2020-26582]
162316Wireshark Facebook Zero Protocol Dissector packet-fbzero.c by infinite loop
162315Leostream Connection Broker HTTP Header browser_client cross site scripting
162314Wireshark BLIP Protocol Dissector packet-blip.c null pointer dereference
162313Wireshark MIME Multipart Dissector packet-multipart.c denial of service
162312Wireshark TCP Dissector packet-tcp.c denial of service
162311Crafter CMS Crafter Studio os command injection [CVE-2020-25803]
162310Crafter CMS Groovy Script os command injection [CVE-2020-25802]
162309QEMU pci.c ide_cancel_dma_sync null pointer dereference
162308QEMU pci.c pci_change_irq_level null pointer dereference
162307WildFly OpenSSL HTTP Session memory leak [CVE-2020-25644]
162306Linux Kernel HDLC_PPP Module memory corruption [CVE-2020-25643]
162305Linux Kernel biovecs infinite loop [CVE-2020-25641]
162304QEMU libvirt API access control [CVE-2020-25637]
162303IBM Security Access Manager Appliance Web UI cross site scriting
162302MonoCMS Blog log.xml inadequate encryption
162301MonoCMS Blog cross-site request forgery [CVE-2020-25986]
162300Ruby WEBrick request smuggling [CVE-2020-25613]
162299projectworlds Car Rental Management System Admin Login message_admin.php cross site scripting
162298GNU C Library search.texi return value
162297Elecom WRC-1167GST2 os command injection [CVE-2020-5634]
162296InfoCage SiteShell Access Restriction unknown vulnerability [CVE-2020-5632]
162295CMONOS.JP cross site scriting [CVE-2020-5631]
162294OpenSC TCOS Smart Card Software Driver tcos_decipher buffer overflow
162293OpenSC gemsafe GPK Smart Card Software Driver sc_pkcs15emu_gemsafeGPK_init stack-based overflow
162292OpenSC Oberthur Smart Card Software Driver sc_oberthur_read_file buffer overflow
162291Shrine derivation_endpoint Plugin Utils.secure_compare information exposure
162290Intel CPU BIOS Firmware information disclosure [CVE-2020-8671]
162289Nextcloud Deck Attachment authorization [CVE-2020-8235]
162288Nextcloud Preferred Providers App Password excessive authentication
162287Nextcloud Server permission [CVE-2020-8223]
162286Nextcloud Deck Board Sharing access control [CVE-2020-8182]
162285ZTE ZXONE 19700 SNPE Access Control access control [CVE-2020-6875]
162284IBM Maximo Asset Management HTTP Command improper authentication
162283ClickStudios Passwordstate Password Reset Portal ResetPassword improper authentication
162282CuppaCMS unrestricted upload [CVE-2020-26048]
162281Ansible aws_ssm Connection Plugin information disclosure [CVE-2020-25635]
162280Symmetric DS mx4j improper authentication [CVE-2020-24231]
162279Wiki.js Storage Module pathname traversal [CVE-2020-15236]
162278RACTF Key information disclosure [CVE-2020-15235]
162277Intel Driver & Support Assistant permission [CVE-2020-12302]
162276Intel CPU BIOS Firmware information disclosure [CVE-2020-0571]
162275Intel CPU BIOS Firmware denial of service [CVE-2019-14558]
162274Intel CPU BIOS Firmware buffer overflow [CVE-2019-14557]
162273Intel CPU BIOS Firmware denial of service [CVE-2019-14556]
162272json-pointer input validation [CVE-2020-7709]
162271qdPM File Upload cross site scripting [CVE-2020-26166]
162270Ansible Base aws_ssm Connection Plugin access control [CVE-2020-25636]
162268oauth2-server OAuth 2.0 code injection [CVE-2017-18924] [Disputed]
162267Google Osconfig Agent race condition
162266tribe29 Checkmk permission
162265REDDOXX MailDepot Mailbox permission [CVE-2019-19200]
162264Platinum Mobile MobileHandler.ashx access control
162263SevOne Network Management System Device Manager Page injection
162262SevOne Network Management System Alert Summary sql injection
162261SevOne Network Management System Traceroute traceroute.php command injection
162260NVIDIA Virtual GPU Manager vGPU Plugin denial of service [CVE-2020-5989]
162259NVIDIA Virtual GPU Manager vGPU Plugin double free [CVE-2020-5988]
162258NVIDIA Virtual GPU Manager vGPU Plugin privileges management
162257NVIDIA Virtual GPU Manager vGPU Plugin memory corruption [CVE-2020-5986]
162256NVIDIA Virtual GPU Manager vGPU Plugin memory corruption [CVE-2020-5985]
162255NVIDIA Virtual GPU Manager vGPU Plugin use after free [CVE-2020-5984]
162254NVIDIA Virtual GPU Manager vGPU Plugin/Host Driver Kernel Module privileges management
162253NVIDIA Windows GPU Display Driver Kernel Mode Layer nvlddmkm.sys denial of service
162252NVIDIA Windows GPU Display Driver DirectX11 User Mode Driver x.dll memory corruption
162251NVIDIA Windows GPU Display Driver DLL code injection [CVE-2020-5980]
162250NVIDIA Windows GPU Display Driver Control Panel privileges management
162249Cloud Foundry BOSH System Metrics Server UAA Password information disclosure
162248Linux Kernel Secure Boot Forbidden Signature Database blacklist.c privileges management
162247Damstra Smart Asset Version origin validation
162246Damstra Smart Asset Login Page Username information disclosure
162245Damstra Smart Asset DNS Server sql injection
162244Trend Micro Antivirus symlink [CVE-2020-25776]
162243HPE KVM IP Console Switch G2 4x1Ex32 code injection [CVE-2020-24628]
162242HPE KVM IP Console Switch G2 4x1Ex32 Stored cross site scriting
162241MB Connect Line mymbCONNECT24/mbCONNECT24 lancompenent Blind sql injection
162240Zoho ManageEngine Desktop Central InternetSendRequestEx integer overflow
162239Zoho ManageEngine Desktop Central TLS Certificate Validation InternetSendRequestByBitrate improper authentication
162238ORY Fosite Authorization Endpoint redirect [CVE-2020-15234]
162237ORY Fosite Redirect redirect [CVE-2020-15233]
162236ProVide SDL xml external entity reference [CVE-2020-15232]
162235mapfish-print JSONP cross site scripting [CVE-2020-15231]
162234Vapor Web Framework path traversal [CVE-2020-15230]
162233GitLab Editing Stored cross site scriting
162232GitLab Group Name Stored cross site scriting
162231fusionauth-saml Signature improper authentication [CVE-2020-12676]
162230PHP HTTP Cookie input validation [CVE-2020-7070]
162229PHP AES-CCM openssl_encrypt input validation
162228Erlang OTP path traversal [CVE-2020-25623]
162227cloudflared Configuration File privileges management [CVE-2020-24356]
162226GetSimpleCMS log.php path traversal
162225Bludit upload-profile-picture path traversal
162224Pluxml Configuration File class.plx.admin.php code injection
162223Pluxml Theme Editor parametres_edittpl.php code injection
162222BitDefender Engine ceva_emu.cvd Module uninitialized pointer
162221shiba load code injection
162220safetydance set Prototype privileges management
162219bmoor set Prototype privileges management
162218Foxit Reader/PhantomPDF Protection Mechanism code injection [CVE-2020-26540]
162217Foxit Reader/PhantomPDF use after free [CVE-2020-26539]
162216Foxit Reader/PhantomPDF taskkill.exe privileges management
162215Foxit Reader/PhantomPDF Shading memory corruption [CVE-2020-26537]
162214Foxit Reader/PhantomPDF null pointer dereference [CVE-2020-26536]
162213Foxit Reader/PhantomPDF v8 TslAlloc denial of service
162212Foxit Reader/PhantomPDF AcroForm ClearItems use after free
162211CodeLathe FileCloud Username information disclosure [CVE-2020-26524]
162210Froala Editor Content Paste cross site scriting [CVE-2020-26523]
162209Artifex MuPDF pixmap.c memory corruption
162208Artica Pandora FMS chart_generator.php sql injection
162207wpo365-login Plugin JWT Token missing encryption [CVE-2020-26511]
162206Live Helper Chat Reflected cross site scriting [CVE-2020-26135]
162205Live Helper Chat BBcode Stored cross site scriting
162204OpenMediaVault rpc.php json_encode_safe code injection
162203QEMU fdc.c fdctrl_write_data null pointer dereference
162202PowerDNS Authenticate GSS-TSIG Signature double free [CVE-2020-24698]
162201PowerDNS Authoritative GSS-TSIG Signature denial of service [CVE-2020-24697]
162200PowerDNS Authoritative GSS-TSIG Signature denial of service [CVE-2020-24696]
162199PowerDNS Authoritative Server Record uninitialized resource [CVE-2020-17482]
162198MSI AmbientLink MsIo64 Driver memory corruption [CVE-2020-17382]
162197SECUDOS Qiata FTA Comment Persistent cross site scriting
162196SECUDOS DOMOS Web Interface conf_datetime command injection
162195SysAid ForgotPassword.jsp Reflected cross site scriting
162194WAVLINK WN530H4 information disclosure
162193WAVLINK WN530H4 improper authentication [CVE-2020-12126]
162192WAVLINK WN530H4 makeRequest.cgi memory corruption
162191WAVLINK WN530H4 live_api.cgi command injection
162190WAVLINK WN530H4 cross-site request forgery [CVE-2020-12123]
162189REDDOXX MailDepot Session improper authentication [CVE-2019-19199]
162188Apache NiFi UI/API inadequate encryption [CVE-2020-9491]
162187Apache NiFi Download Token denial of service [CVE-2020-9487]
162186Apache NiFi Stateless Execution Engine cleartext storage [CVE-2020-9486]
162185Teltonika TRB2 path traversal [CVE-2020-5789]
162184Teltonika TRB2 delete path traversal
162183Teltonika TRB2 remove path traversal
162182Teltonika TRB2 cross-site request forgery [CVE-2020-5786]
162181Teltonika TRB2 Reflected cross site scripting [CVE-2020-5785]
162180Teltonika TRB2 server-side request forgery [CVE-2020-5784]
162179Dell XPS 13 9370 BIOS Exception exceptional condition [CVE-2020-5387]
162178IBM WebSphere Application Server information disclosure [CVE-2020-4576]
162177Pritunl Error Message session Username information disclosure
162176Envoy URL Local Privilege Escalation [CVE-2020-25018]
162175Envoy Header setCopy privileges management
162174Unisys Stealth Password missing encryption [CVE-2020-24620]
162173Istio Policy privileges management [CVE-2020-16844]
162172Mozilla Firefox/Firefox ESR/Thunderbird ComputeClippedCompositionBounds use after free
162171Mozilla Firefox/Firefox ESR/Thunderbird redirect [CVE-2020-15677]
162170Mozilla Firefox/Firefox ESR/Thunderbird DOM-Based cross site scriting
162169Mozilla Firefox Surface memory corruption [CVE-2020-15675]
162168Mozilla Firefox memory corruption [CVE-2020-15674]
162167Mozilla Firefox/Firefox ESR/Thunderbird memory corruption [CVE-2020-15673]
162166Mozilla Firefox Password information disclosure [CVE-2020-15671]
162165Mozilla Firefox/Firefox ESR/Thunderbird memory corruption [CVE-2020-15670]
162164Mozilla Firefox ESR/Thunderbird Abort Signal use after free [CVE-2020-15669]
162163Mozilla Firefox Certificate Import locking [CVE-2020-15668]
162162Mozilla Firefox MAR Update File heap-based overflow [CVE-2020-15667]
162161Mozilla Firefox Media Error information disclosure [CVE-2020-15666]
162160Mozilla Firefox Address Bar authentication spoofing [CVE-2020-15665]
162159Mozilla Firefox/Firefox ESR/Thunderbird Extension eval privileges management
162158Mozilla Firefox/Firefox ESR/Thunderbird Maintenance Service updater.exe code injection
162157Zoho ManageEngine Application Manager AlarmEscalation sql injection
162156@actions core exportVariable input validation
162154HCL Digital Experience Reflected cross site scriting [CVE-2020-14223]
162153Apache NiFi Notification Service Manager xml external entity reference
162152Apache ant File Permission privileges management [CVE-2020-11979]
162151Rittal CMC PU III Web Management Interface backdoor [CVE-2019-19393]
162150WebsiteBaker save.php sql injection
162149GetSimple CMS Settings Page Persistent cross site scriting
162148CMS Made Simple Content Manager Persistent cross site scriting
162147BitDefender Engine ace.xmd Parser out-of-bounds write [CVE-2020-8109]
162146Atlassian Atlaskit Editor cross site scriting [CVE-2019-20903]
162145Atlassian JIRA Crowd Upgrade privileges management [CVE-2019-20902]
162144Pulse Connect Secure Admin Web Interface xml external entity reference
162143Pulse Connect Secure Admin Web Interface code injection [CVE-2020-8243]
162142Pulse Connect Secure/Pulse Policy Secure Web Interface cross site scripting
162141Eaton 9000x DLL vci11un6.DLL untrusted search path
162140BigBlueButton Greenlight privileges management [CVE-2020-26163]
162139jwt-go Access Restriction privileges management [CVE-2020-26160]
162138Oniguruma Regex regcomp.c concat_opt_exact_str memory corruption
162137Leanote Desktop Node Integration cross site scriting [CVE-2020-26158]
162136Leanote Desktop Node Integration cross site scriting [CVE-2020-26157]
162135libproxy url.cpp memory corruption
162134Logaritmo Aware CallManager info.php phpinfo information disclosure
162133nats.js/ Credentials information disclosure [CVE-2020-26149]
162132md4c md4c.c md_push_block_bytes uninitialized resource
162131urllib3 putrequest crlf injection
162130Cybereason Endpoint Protection PowerShell privileges management
162129Hoosk CMS index.php cross site scriting
162128Hoosk CMS index.php sql injection
162127Hoosk CMS index.php code injection
162126MantisBT bug_actiongroup_page.php cross site scripting
162125Hashicorp Vault Enterprise Access Control privileges management
162124MantisBT file_download.php information disclosure
162123Django REST Framework API Viewer input validation [CVE-2020-25626]
162122MantisBT Project privileges management [CVE-2020-25288]
162121GAEN Trace privileges management [CVE-2020-24721]
162120MB Connect Line mymbCONNECT24/mbCONNECT24 com_mb24proxy cross-site request forgery
162119MB Connect Line mymbCONNECT24/mbCONNECT24 knximport sql injection
162118CMS Made Simple moduleinterface.php cross site scriting
162117HFish cross site scriting [CVE-2020-22481]
162116Pluck CMS File Upload command injection [CVE-2020-21564]
162115Halo CMS Backup File path traversal [CVE-2020-21527]
162114Halo CMS startsWith path traversal
162113Halo CMS startsWith path traversal
162112Halo CMS wordpress) xml external entity reference
162111Halo CMS server-side request forgery [CVE-2020-21523]
162110Halo CMS ZIP path traversal [CVE-2020-21522]
162109FrontAccounting inst_lang.php path traversal
162108MetInfo sql injection [CVE-2020-20800]
162107Nacos Access Control privileges management [CVE-2020-19676]
162106Niushop B2B2C Multi-Business Basic Background Upload getimagesize privileges management
162105Niushop B2B2C Multi-Business Basic improper authentication [CVE-2020-19670]
162104Re:Desk Yii Framework actionEmailTemplates sql injection
162103Zoho Application Control Plus Element Configuration IP Address information disclosure
162102Zoho Application Control Plus Mail Gateway Configuration server-side request forgery
162101Re:Desk File Upload privileges management [CVE-2020-15488]
162100Re:Desk Password Reset Ticket.php getBaseCriteria sql injection
162099dpdk move_desc integer overflow
162098dpdk Guest Virtual Machine Memory out-of-bounds read [CVE-2020-14377]
162097dpdk vm Guest Memory buffer overflow [CVE-2020-14376]
162096dpdk Virtio Ring Descriptor toctou [CVE-2020-14375]
162095dpdk Virtual Machine copy_data buffer overflow
162094Ozeki NG SMS Gateway .NET Framework deserialization [CVE-2020-14030]
162093Apache Tapestry URL resource transfer [CVE-2020-13953]
162092Apache Superset Database Connection information disclosure [CVE-2020-13952]
162091Apache OpenMeetings NetTest Web Service denial of service [CVE-2020-13951]
162090Harbor information disclosure [CVE-2020-13794]
162089Lansweeper Web Console cross-site request forgery [CVE-2020-13658]
162088GitLab Error Tracking Stored cross site scriting
162087GitLab Wiki Page Stored cross site scriting
162086GitLab Bitbucket Project Stored cross site scriting
162085GitLab Blob View Stored cross site scriting
162084GitLab PyPi File API Stored cross site scriting
162083GitLab Project Import privileges management [CVE-2020-13326]
162082GitLab Issue Page denial of service [CVE-2020-13325]
162081GitLab API information disclosure [CVE-2020-13324]
162080GitLab Private Merge Request information disclosure [CVE-2020-13323]
162079GitLab Permission privileges management [CVE-2020-13322]
162078GitLab cross site scriting [CVE-2020-13321]
162077GitLab Project Security Dashboard information disclosure [CVE-2020-13320]
162076GitLab Permission Check privileges management [CVE-2020-13319]
162075GitLab Access Control privileges management [CVE-2020-13296]
162074RainbowFish PacsOne Server Signup Page sql injection [CVE-2020-12870]
162073RainbowFish PacsOne Server cross site scriting [CVE-2020-12869]
162072RainbowFish PacsOne Server Access Control privileges management
162071WAGO 750-890 improper authentication [CVE-2020-12506]
162070WAGO 750-831/750-852/750-880/750-881/750-882/750-885 improper authentication
162069handlebars Regular Expression incorrect regex [CVE-2019-20922]
162068bootstrap-select OPTION Element cross site scriting [CVE-2019-20921]
162067handlebars Lookup Helper cross site scriting [CVE-2019-20920]
162066Atheros AR9132/AR9283/AR9285 WPA2 improper authentication [CVE-2019-18991]
162065Realtek RTL8812AR/RTL8196D/RTL8192ER/RTL8881AN WPA2 improper authentication
162064MediaTek MT7620N WPA2 improper authentication [CVE-2019-18989]
162063ANIXIS Password Reset Client GINA CP Module privileges management
162062Zoho ManageEngine ADSelfService Plus GINA CP Module privileges management
162061Apache Hadoop Kerberos Authentication privileges management [CVE-2018-11765]
162060SonicWALL SSL VPN DNS information disclosure [CVE-2020-5132]
162059IBM WebSphere Application Server Error Message information disclosure
162058BitDefender Engine input validation [CVE-2020-15731]
162057August Connect Wi-Fi Bridge App Network Authentication hard-coded key
162056goxmldsig Signature Validation signature verification [CVE-2020-15216]
162055IBM Security Secret Server privileges management [CVE-2020-4607]
162054Trend Micro Security 2020 privileges management [CVE-2020-25775]
162053Trend Micro Apex One ServerMigrationTool memory corruption [CVE-2020-25774]
162052Trend Micro Apex One ServerMigrationTool privileges management
162051Trend Micro Apex One memory corruption [CVE-2020-25772]
162050Trend Micro Apex One memory corruption [CVE-2020-25771]
162049Trend Micro Apex One memory corruption [CVE-2020-25770]
162048Trend Micro Apex One memory corruption [CVE-2020-24565]
162047Trend Micro Apex One memory corruption [CVE-2020-24564]
162046Trend Micro Apex One Security Agent Unload code injection [CVE-2020-24563]
162045Trend Micro OfficeScan code injection [CVE-2020-24562]
162044FileImporter Extension Page Creation privileges management [CVE-2020-26121]
162043MobileFrontend Extension parseHTML DOM-Based cross site scriting
162042MediaWiki Actor ID exceptional condition [CVE-2020-25869]
162041MediaWiki Message Content mw.message.parse cross site scriting
162040OATHAuth Extension improper authentication [CVE-2020-25827]
162039MediaWiki getFiltersDesc cross site scriting
162038MediaWiki jQuery mw.message.parse cross site scriting
162037MediaWiki Special:UserRights Page User information disclosure
162036MediaWiki Special:Contributions Page cross site scriting [CVE-2020-25812]
162035TigerVNC TLS Certificate CSecurityTLS.cxx improper authentication
162034Python http.client privileges management [CVE-2020-26116]
162033projectworlds Visitor Management System Stored cross site scriting
162032projectworlds Visitor Management System sql injection [CVE-2020-25760]
162031SourceCodester Seat Reservation System sql injection [CVE-2020-25762]
162030SourceCodester Seat Reservation System unrestricted upload [CVE-2020-25763]
162029Observium Professional/Enterprise/Community unrestricted upload
162028Observium Professional/Enterprise/Community cross site scripting
162027Observium Professional/Enterprise/Community sql injection
162026Observium Professional/Enterprise/Community syslog_rules cross site scriting
162025Observium Professional/Enterprise/Community unrestricted upload
162024Observium Professional/Enterprise/Community path traversal [CVE-2020-25144]
162023Observium Professional/Enterprise/Community sql injection [CVE-2020-25143]
162022Observium Professional/Enterprise/Community addsrv cross-site request forgery
162021Observium Professional/Enterprise/Community view cross site scripting
162020GE Reason S20 Ethernet Switch cross site scripting [CVE-2020-16242]
162019TensorFlow out-of-bounds write [CVE-2020-15214]
162018TensorFlow memory corruption [CVE-2020-15213]
162017TensorFlow out-of-bounds write [CVE-2020-15212]
162016TensorFlow out-of-bounds write [CVE-2020-15211]
162015TensorFlow TFLite Model input validation [CVE-2020-15210]
162014TensorFlow TFLite Model null pointer dereference [CVE-2020-15209]
162013TensorFlow out-of-bounds write [CVE-2020-15208]
162012TensorFlow ResolveAxis memory corruption
162011TensorFlow input validation [CVE-2020-15206]
162010TensorFlow tf.raw_ops.StringNGrams memory corruption
162009TensorFlow ctx->session_state null pointer dereference
162008TensorFlow tf.strings.as_string input validation
162007TensorFlow Shard API Remote Code Execution [CVE-2020-15202]
162006TensorFlow RaggedCountSparseOutput input validation
162005TensorFlow RaggedCountSparseOutput heap-based overflow
162004TensorFlow RaggedCountSparseOutput input validation
162003TensorFlow SparseCountSparseOutput memory corruption
162002TensorFlow SparseCountSparseOutput assertion
162001TensorFlow RaggedCountSparseOutput memory corruption
162000TensorFlow SparseFillEmptyRowsGrad heap-based overflow
161999TensorFlow SparseFillEmptyRowsGrad assertion
161998TensorFlow dlpack.to_dlpack uninitialized resource
161997TensorFlow dlpack.to_dlpack input validation
161996TensorFlow dlpack.to_dlpack null pointer dereference
161995TensorFlow tf.raw_ops.Switch input validation
161994IBM InfoSphere Information Server clickjacking [CVE-2020-4727]
161993IBM Business Automation Workflow Error Message information disclosure
161992Observium Professional/Enterprise/Community cross site scripting
161991Observium Professional/Enterprise/Community syslog_rules cross site scripting
161990Observium Professional/Enterprise/Community alert_test_id cross site scriting
161989Observium Professional/Enterprise/Community alert_check cross site scriting
161988jdownloads categories.php order sql injection
161987ng-packagr command injection [CVE-2020-7735]
161986F5 BIG-IP/BIG-IQ denial of service [CVE-2020-5930]
161985F5 BIG-IP cleartext storage [CVE-2020-5929]
161984Observium Professional/Enterprise/Community unrestricted upload
161983Observium Professional/Enterprise/Community cross site scripting
161982Observium Professional/Enterprise/Community inc.php path traversal
161981Observium Professional/Enterprise/Community inc.php unrestricted upload
161980Observium Professional/Enterprise/Community sql injection
161979Observium Professional/Enterprise/Community cross site scripting
161978Observium Professional/Enterprise/Community actions.php sql injection
161977jdownloads jdownloadshelper.php updateLog sql injection
161976jdownloads jdownloadshelper.php getUserLimits sql injection
161975Brocade Fabric OS REST API Reflected cross site scriting
161974Brocade Fabric OS REST API memory corruption [CVE-2020-15373]
161973Brocade Fabric OS Command-Line Interface privileges management
161972Brocade Fabric OS code injection [CVE-2020-15371]
161971Brocade Fabric OS Log File Password information disclosure
161970Brocade Fabric OS Supportlink CLI Credentials information disclosure
161969U.S. Air Force Sensor Data Management System extract75 integer coercion
161968Brocade SANnav LDAP injection privileges management [CVE-2019-16212]
161967Brocade SANnav Password Storage cleartext storage [CVE-2019-16211]
161966Brocade Fabric OS HTTP Management Interface Header Injection privileges management
161965Brocade Fabric OS Management Interface denial of service [CVE-2018-6448]
161964Brocade Fabric OS HTTP Management Interface Reflected cross site scriting
161963Apple macOS Sandbox privileges management [CVE-2020-9968]
161962Apple macOS Model IO memory corruption [CVE-2020-9973]
161961Apple macOS Mail privileges management [CVE-2020-9941]
161960Apple macOS ImageIO memory corruption [CVE-2020-9961]
161959Apple iCloud WebKit Universal cross site scriting
161958cPanel Cron Editor Interface cross site scripting [CVE-2020-26115]
161957cPanel Cron Jobs interface cross site scripting [CVE-2020-26114]
161956cPanel WHM Manage API Tokens Interface cross site scripting [CVE-2020-26113]
161955cPanel Email Quota Cache privileges management [CVE-2020-26112]
161954cPanel WHM Edit DNS Zone Interface cross site scripting [CVE-2020-26111]
161953cPanel DNS Zone Manager DNSSEC Interface cross site scripting
161952cPanel Protection Mechanism privileges management [CVE-2020-26109]
161951cPanel File Extension code injection [CVE-2020-26108]
161950cPanel PowerDNS API Key inadequate encryption
161949cPanel Permission log file [CVE-2020-26106]
161948cPanel chkservd Test Credential insufficiently protected credentials
161947cPanel SRS Secret insecure storage of sensitive information [CVE-2020-26104]
161946cPanel mailman weak password [CVE-2020-26103]
161945cPanel Auth Policy API privileges management [CVE-2020-26102]
161944cPanel RNDC insufficiently protected credentials [CVE-2020-26101]
161943cPanel csh Jail privileges management
161942cPanel Protect SMTP Greylist privileges management [CVE-2020-26099]
161941cPanel Exim Filter code injection [CVE-2020-26098]
161940Rubetek RV-3406/RV-3409/RV-3411 Telnet Service hard-coded password
161939Rubetek RV-3406/RV-3409/RV-3411 RTSP Server cleartext storage
161938Rubetek RV-3406/RV-3409/RV-3411 Telnet Service improper authentication
161937Hak5 WiFi Pineapple Mark VII ui path traversal
161936QEMU TD List hcd-ohci.c infinite loop
161935Sophos SG UTM WebAdmin code injection [CVE-2020-25223]
161934Framer Preview App privileges management [CVE-2020-25203]
161933QEMU exec.c flatview_read_continue out-of-bounds write
161932QEMU hcd-xhci.c usb_packet_map use after free
161931Mitel MiContact Center Business Ignite Portal input validation
161930HTML Form Entry Module Velocity Template Language File code injection
161929Pexip Infinity SIP input validation [CVE-2020-24615]
161928Mitel MiCloud Management Portal information disclosure [CVE-2020-24595]
161927Mitel MiCloud Management Portal cross site scripting [CVE-2020-24594]
161926Mitel MiCloud Management Portal sql injection [CVE-2020-24593]
161925Mitel MiCloud Management Portal escape output [CVE-2020-24592]
161924Multi User Plugin cross-site request forgery [CVE-2020-23837]
161923Zoho ManageEngine Applications Manager header.jsp cross site scripting
161922Zoho ManageEngine Applications Manager REST API sql injection
161921Pexip Infinity H.323 denial of service [CVE-2020-13387]
161920Pexip Infinity RTP input validation [CVE-2020-12824]
161919Pexip Reverse Proxy/TURN Server UDP Access Control input validation
161918Pexip Infinity System Backup Restore input validation [CVE-2019-7178]
161917Pexip Infinity code injection [CVE-2019-7177]
161916Pagure Blame View blame.html cross site scripting
161915Pexip Infinity XML Parser denial of service [CVE-2018-10585]
161914Pexip Infinity TLS Handshake resource consumption [CVE-2018-10432]
161913Lenovo Enterprise Network Disk DOM-Based cross site scripting
161912Lenovo Enterprise Network Disk URL cross site scripting [CVE-2020-8347]
161911Lenovo Desktop/ThinkStation SMI Callback code injection [CVE-2020-8333]
161910Cisco Wireless LAN Controller resource consumption [CVE-2020-3560]
161909Cisco Aironet Access Point resource consumption [CVE-2020-3559]
161908Cisco Aironet Access Point null pointer dereference [CVE-2020-3552]
161907Cisco Catalyst 9200 Polaris Kernel input validation [CVE-2020-3527]
161906Cisco IOS XE COPS Engine input validation [CVE-2020-3526]
161905Cisco IOS XE ROM Monitor access control [CVE-2020-3524]
161904Cisco IOS XE Web Server Authentication input validation [CVE-2020-3516]
161903Cisco IOS XE Aggregation Services routine [CVE-2020-3513]
161902Cisco IOS/IOS XE Link Layer Discovery Protocol 7pk error [CVE-2020-3512]
161901Cisco IOS/IOS XE ISDN Subsystem input validation [CVE-2020-3511]
161900Cisco IOS XE Umbrella Connector 7pk error [CVE-2020-3510]
161899Cisco IOS XE DHCP Message 7pk error [CVE-2020-3509]
161898Cisco IOS XE Aggregation Services resource consumption [CVE-2020-3508]
161897Cisco IOS XE File System Permission access control [CVE-2020-3503]
161896Cisco IOS XE Control/Provisioning input validation [CVE-2020-3497]
161895Cisco IOS XE Control/Provisioning input validation [CVE-2020-3494]
161894Cisco IOS XE Control/Provisioning input validation [CVE-2020-3493]
161893Cisco IOS XE/AireOS Control/Provisioning input validation [CVE-2020-3492]
161892Cisco IOS XE Control/Provisioning input validation [CVE-2020-3489]
161891Cisco IOS XE Control/Provisioning input validation [CVE-2020-3488]
161890Cisco IOS XE Control/Provisioning input validation [CVE-2020-3487]
161889Cisco IOS XE Control/Provisioning input validation [CVE-2020-3486]
161888Cisco IOS XE Zone-Based Firewall unusual condition [CVE-2020-3480]
161887Cisco IOS/IOS XE Border Gateway Protocol input validation [CVE-2020-3479]
161886Cisco IOS/IOS XE CLI Parser input validation [CVE-2020-3477]
161885Cisco IOS XE CLI file access [CVE-2020-3476]
161884Cisco IOS XE Web Management Framework input validation [CVE-2020-3475]
161883Cisco IOS XE Web Management Framework input validation [CVE-2020-3474]
161882Cisco IOS XE input validation [CVE-2020-3465]
161881Cisco IOS XE WPA2/WPA3 input validation [CVE-2020-3429]
161880Cisco IOS XE WLAN Local Profiling input validation [CVE-2020-3428]
161879Cisco IOS LPWA Subsystem access control [CVE-2020-3426]
161878Cisco IOS XE Web Management Framework input validation [CVE-2020-3425]
161877Cisco IOS XE Lua Interpreter memory corruption [CVE-2020-3423]
161876Cisco IOS XE IP SLA Responder state issue [CVE-2020-3422]
161875Cisco IOS XE Zone-Based Firewall unusual condition [CVE-2020-3421]
161874Cisco IOS XE ICMPv6 Traffic access control [CVE-2020-3418]
161873Cisco IOS XE ROM Monitor os command injection [CVE-2020-3417]
161872Cisco IOS XE RSP3 routine [CVE-2020-3416]
161871Cisco IOS XE IPv4/IPv6 data processing [CVE-2020-3414]
161870Cisco IOS/IOS XE PROFINET input validation [CVE-2020-3409]
161869Cisco IOS/IOS XE Split DNS incorrect regex [CVE-2020-3408]
161868Cisco IOS XE Access Control List null pointer dereference [CVE-2020-3407]
161867Cisco IOS XE Telnet/SSH authorization [CVE-2020-3404]
161866Cisco IOS XE CLI os command injection [CVE-2020-3403]
161865Cisco IOS XE Web UI authorization [CVE-2020-3400]
161864Cisco IOS XE Control/Provisioning denial of service [CVE-2020-3399]
161863Cisco IOS XE USB 3.0 SSD access control [CVE-2020-3396]
161862Cisco IOS XE Role-Based Access Control privileges management
161861Cisco IOS XE SNMP Trap input validation [CVE-2020-3390]
161860Cisco IOS XE mDNS input validation [CVE-2020-3359]
161859Cisco IOS XE Web Management input validation [CVE-2020-3141]
161858jdownloads send.php sql injection
161857Hotspot Shield VPN Directory Permission privileges management
161856Joplin Desktop Emded Tag cross site scripting [CVE-2020-15930]
161855Nakivo Backup / Replication Transporter Access Control privileges management
161854Nakivo Backup / Replication Director Director Web Interface privileges management
161853ActFax Folder Permission TSClientB.exe privileges management
161852ORY Fosite Storage Error exceptional condition [CVE-2020-15223]
161851ORY Fosite improper authentication [CVE-2020-15222]
161850PrestaShop Attachments cross site scripting [CVE-2020-15162]
161849PrestaShop Contact Form cross site scripting [CVE-2020-15161]
161848PrestaShop Catalog Product Edition Page Blind sql injection
161847JerryScript opcodes.c privileges management
161846iSmartgate Pro clickjacking [CVE-2020-13119]
161845iSmartgate Pro File Upload privileges management [CVE-2020-12843]
161844iSmartgate Pro checkUserExpirationDate.php code injection
161843iSmartgate Pro index.php cross-site request forgery
161842iSmartgate Pro index.php cross-site request forgery
161841iSmartgate Pro checkExpirationDate.php code injection
161840iSmartgate Pro mailAdmin.php code injection
161839iSmartgate Pro File Upload unrestricted upload [CVE-2020-12837]
161838Fortinet FortiTester cross site scriting [CVE-2020-12815]
161837Fortinet FortiManager/FortiAnalyzer cross site scripting [CVE-2020-12811]
161836iSmartgate Pro index.php cross-site request forgery
161835iSmartgate Pro index.php cross-site request forgery
161834AVEVA eDNA Enterprise Data Historian SOAP FavoritesService.asmx sql injection
161833Check Point Security Management CA Web Management input validation
161832Linux Kernel NFC Socket rawsock.c privileges management
161831Gemtek WRTM-127ACN/WRTM-127x9 Monitor Diagnostic Network Page privileges management
161830Untis WebUntis cross site scriting [CVE-2020-22453]
161829Telmat AccessLog Administration Panel code injection [CVE-2020-16148]
161828Telmat AccessLog Login Page code injection [CVE-2020-16147]
161827Liferay Portal URL Encoding privileges management [CVE-2020-15840]
161826AVEVA eDNA Enterprise Data Historian SOAP ednareporting.asmx sql injection
161825AVEVA eDNA Enterprise Data Historian Web Service Alias.asmx sql injection
161824AVEVA eDNA Enterprise Data Historian Web Service Alias.asmx sql injection
161823AVEVA eDNA Enterprise Data Historian SOAP ednareporting.asmx sql injection
161822AVEVA eDNA Enterprise Data Historian SOAP ednareporting.asmx sql injection
161821AVEVA eDNA Enterprise Data Historian SOAP ednareporting.asmx sql injection
161820AVEVA eDNA Enterprise Data Historian Web Service DNAPoints.asmx sql injection
161819Fortinet FortiGate Log privileges management [CVE-2020-12818]
161818Fortinet FortiAnalyzer injection [CVE-2020-12817]
161817Fortinet FortiNAC Stored cross site scriting [CVE-2020-12816]
161816iSmartgate Pro opendoor.php cross-site request forgery
161815Trend Micro Security 2019 SSL Certificate Validator certificate validation
161814Trend Micro Security 2019 SSL Certificate Validator certificate validation
161813Xen Timer Migration race condition [CVE-2020-25604]
161812Xen Event Channel smp_*mb memory corruption
161811Xen Error denial of service [CVE-2020-25602]
161810Xen FIFO Event Channel evtchn_destroy denial of service
161809Xen Event Channel denial of service [CVE-2020-25600]
161808Xen evtchn_reset memory corruption
161807Xen RCU denial of service [CVE-2020-25598]
161806Xen denial of service [CVE-2020-25597]
161805Xen SYSENTER null termination
161804Xen PCI Passthrough backdoor [CVE-2020-25595]
161803IgniteNet HeliOS GLinq cross-site request forgery [CVE-2020-5783]
161802IgniteNet HeliOS GLinq denial of service [CVE-2020-5782]
161801IgniteNet HeliOS GLinq Luci Configuration luci authenticator.htmlauth denial of service
161800IBM Security Secret Server SSL Certificate Validator improper authentication
161799IBM Security Secret Server privileges management [CVE-2020-4324]
161798gon Gem XSS Protection Mechanism json_dumper.rb cross site scripting
161797YGOPro ygocore integer overflow [CVE-2020-24213]
161796Liquibase Runner Plugin Permission Check authorization [CVE-2020-2285]
161795Liquibase Runner Plugin XML Parser xml external entity reference
161794Liquibase Runner Plugin Changeset Content Stored cross site scripting
161793Implied Labels Plugin Permission Check authorization [CVE-2020-2282]
161792Lockable Resources Plugin cross-site request forgery [CVE-2020-2281]
161791Warnings Plugin cross-site request forgery [CVE-2020-2280]
161790Script Security Plugin Sandbox protection mechanism [CVE-2020-2279]
161789GE Digital APM Classic Hash hash without salt [CVE-2020-16244]
161788GE Digital APM Classic JSON authorization [CVE-2020-16240]
161787GLPI risky encryption [CVE-2020-11031]
161786Aruba CX Switch Cisco Discovery Protocol denial of service [CVE-2020-7122]
161785Aruba CX Switch Link Layer Discovery Protocol denial of service
161784HPE Pay Per Use Utility Computing Service Meter doPost code injection
161783HPE Pay Per Use Utility Computing Service Meter doGet path traversal
161782HPE Pay Per Use Utility Computing Service Meter execute path traversal
161781podman Varlink API/REST API information disclosure [CVE-2020-14370]
161780ansible-engine dnf Module signature verification [CVE-2020-14365]
161779Wildfly Elytron Form Authentication session fixiation [CVE-2020-10714]
161778Undertow HTTP input validation [CVE-2020-10687]
161777PingID integration CefSharp.BrowserSubprocess.exe privileges management
161776Cisco IOS XR DVMRP resource consumption [CVE-2020-3569]
161775Cisco TelePresence Collaboration Endpoint Video Endpoint API path traversal
161773Cisco Unified Communications Manager Web-based Management Interface cross-site request forgery
161772Cisco Email Security Appliance Content Filter input validation
161771Cisco Unity Connection Web Management Interface path traversal
161770Cisco Hosted Collaboration Mediation Fulfillment Web-based Interface cross-site request forgery
161769Cisco Web Security Appliance API Framework Header Injection response splitting
161768Cisco WebEx UCF File input validation [CVE-2020-3116]
161767peg-markdown markdown_lib.c process_raw_blocks null pointer dereference
161766Cisco Email Security Appliance Advanced Malware Protection input validation
161765Cisco Email Security Appliance Email Message Filter input validation
161764Cisco Unified Contact Center Express Administration Web Interface unrestricted upload
161763Cisco UCS C-Series Rack Servers Signature Validation signature verification
161762Cisco FirePOWER Management Center Web-based Management Interface improper authentication
161761Cisco Emergency Responder Web-based Management Interface cross site scripting
161760Cisco IOS XR Border Gateway Protocol resource management [CVE-2019-16023]
161759Cisco IOS XR Border Gateway Protocol resource management [CVE-2019-16021]
161758Cisco IOS XR Border Gateway Protocol resource management [CVE-2019-16019]
161757Cisco OAMP OpsConsole Server access control [CVE-2019-16017]
161756Cisco IOS/IOS XE Web UI cross-site request forgery [CVE-2019-16009]
161755Cisco AnyConnect Secure Mobility Client insufficient verification of data authenticity
161754Cisco Vision Dynamic Signage Director REST API Endpoint missing authentication
161753Cisco Umbrella Roaming Client Installer insufficient verification of data authenticity
161752Cisco Small Business Switches Web UI config [CVE-2019-15993]
161751Cisco ASA/Firepower Threat Defense Lua Interpreter memory corruption
161750Cisco Managed Services Accelerator Web Interface redirect [CVE-2019-15974]
161749Cisco Web Security Appliance Web-based Management Interface cross site scripting
161748Cisco Unified Communications Manager Web-based Management Interface information disclosure
161747Cisco Small Business SPA500 Testing Script input validation [CVE-2019-15959]
161746Cisco Small Business RV Series Router Web-based Management Interface input validation
161745Cisco TelePresence Collaboration Endpoint/RoomOS input validation
161744Cisco WebEx Network Recording Player/Webex Player ARF File memory corruption
161743Cisco WebEx Network Recording Player/Webex Player ARF File memory corruption
161742Cisco WebEx Network Recording Player/Webex Player ARF File memory corruption
161741Telestream Tektronix Medius/Sentry Server Login Page index.php sql injection
161740IBM Data Risk Manager hard-coded credentials [CVE-2020-4622]
161739IBM Data Risk Manager authorization [CVE-2020-4621]
161738IBM Data Risk Manager Extension unrestricted upload [CVE-2020-4620]
161737IBM Data Risk Manager Credential Storage cleartext storage [CVE-2020-4619]
161736IBM Data Risk Manager input validation [CVE-2020-4618]
161735IBM Data Risk Manager cross-site request forgery [CVE-2020-4617]
161734IBM Data Risk Manager information disclosure [CVE-2020-4616]
161733IBM Data Risk Manager Web UI cross site scripting [CVE-2020-4615]
161732IBM Data Risk Manager risky encryption [CVE-2020-4614]
161731IBM Data Risk Manager risky encryption [CVE-2020-4613]
161730IBM Data Risk Manager information disclosure [CVE-2020-4612]
161729IBM Data Risk Manager permission assignment [CVE-2020-4611]
161728VMware Horizon DaaS Two-factor Authentication missing authentication
161727SourceCodester Simple Library Management System New Book privileges management
161726SourceCodester Simple Library Management System Login Panel admin.php improper authentication
161725PHPGurukul Zoo Management System animal-detail.php sql injection
161724Shotcut TLS mainwindow.cpp VerifyNone) risky encryption
161723Arista CloudVision Portal Configlet Management improper authentication
161722Verint Workforce Optimization API information disclosure [CVE-2020-23446]
161721Liferay Portal/Liferay DXP Multipart Form unrestricted upload
161720Ozeki NG SMS Gateway TXT File Module denial of service [CVE-2020-14031]
161719Ozeki NG SMS Gateway Autoreply path traversal [CVE-2020-14028]
161718Ozeki NG SMS Gateway Database Connection argument injection [CVE-2020-14027]
161717Ozeki NG SMS Gateway CSV Export csv injection [CVE-2020-14026]
161716Ozeki NG SMS Gateway cross-site request forgery [CVE-2020-14025]
161715Ozeki NG SMS Gateway Stored cross site scripting [CVE-2020-14024]
161714Ozeki NG SMS Gateway SMS WCF/RSS to SMS server-side request forgery
161713Ozeki NG SMS Gateway Bulk Import unrestricted upload [CVE-2020-14022]
161712Micro Focus Operation Bridge Reporter hard-coded credentials
161711Micro Focus Operation Bridge Reporter authorization [CVE-2020-11856]
161710Micro Focus Operation Bridge Reporter privileges management [CVE-2020-11855]
161709cabot Package Endpoint Column cross site scriting [CVE-2020-7734]
161708Google Chrome Offscreen Canvas use after free [CVE-2020-6576]
161707Google Chrome Omnibox Domain input validation
161706Google Chrome WebRTC information disclosure [CVE-2020-6570]
161705Google Chrome WebUSB integer overflow [CVE-2020-6569]
161704Google Chrome Policy Enforcement privileges management [CVE-2020-6568]
161703Google Chrome Command Line privileges management [CVE-2020-6567]
161702Google Chrome Media origin validation [CVE-2020-6566]
161701Google Chrome Omnibox authentication spoofing [CVE-2020-6565]
161700Google Chrome Permission Dialog permissions [CVE-2020-6564]
161699Google Chrome Intent information disclosure [CVE-2020-6563]
161698Google Chrome Blink permission assignment [CVE-2020-6562]
161697Google Chrome Content Security Policy origin validation [CVE-2020-6561]
161696Google Chrome Autofill origin validation [CVE-2020-6560]
161695Google Chrome Presentation API use after free [CVE-2020-6559]
161694Google Chrome iOSWeb privileges management [CVE-2020-6558]
161693Google Chrome Swiftshader out-of-bounds write [CVE-2020-6556]
161692Google Chrome WebUSB use after free [CVE-2020-6541]
161691Google Chrome Skia out-of-bounds write [CVE-2020-6540]
161690Google Chrome CSS use after free [CVE-2020-6539]
161689Google Chrome WebView origin validation [CVE-2020-6538]
161688Google Chrome v8 type confusion [CVE-2020-6537]
161687Google Chrome SCTP use after free [CVE-2020-6532]
161686IBM Aspera Web Application Web UI cross site scriting [CVE-2020-4731]
161685IBM WebSphere Application Server XML Data xml external entity reference
161684IBM WebSphere Application Server Liberty oAuth/openidConnectServer denial of service
161683IBM DataPower Gateway HTTP2 Request denial of service [CVE-2020-4581]
161682IBM DataPower Gateway denial of service [CVE-2020-4580]
161681IBM DataPower Gateway HTTP2 Request denial of service [CVE-2020-4579]
161680IBM Business Automation Content Analyzer on Cloud Authorization Token missing encryption
161679Google Chrome Policy Enforcement information disclosure [CVE-2020-15966]
161678Google Chrome v8 type confusion [CVE-2020-15965]
161677Google Chrome Media out-of-bounds write [CVE-2020-15964]
161676Google Chrome Policy Enforcement sandbox [CVE-2020-15963]
161675Google Chrome Serial Policy Validator memory corruption [CVE-2020-15962]
161674Google Chrome Extension Policy Validator sandbox [CVE-2020-15961]
161673Google Chrome Storage out-of-bounds write [CVE-2020-15960]
161672Advantech WebAccess Node permission assignment [CVE-2020-16202]
161671AVEVA Enterprise Data Management Web sql injection [CVE-2020-13501]
161670AVEVA Enterprise Data Management Web sql injection [CVE-2020-13500]
161669AVEVA Enterprise Data Management Web sql injection [CVE-2020-13499]
161668Fatek PLC WinProladder stack-based overflow [CVE-2020-16234]
161667Drupal AJAX API cross site scriting [CVE-2020-13666]
161666Drupal File Module privileges management [CVE-2020-13670]
161665FreeBSD ftpd privileges management [CVE-2020-7468]
161664Drupal Experimental Workspaces privileges management [CVE-2020-13667]
161663Drupal CKEditor Reflected cross site scriting
161662Drupal Reflected cross site scriting [CVE-2020-13668]
161661FreeBSD bhyve SVM Guest privileges management [CVE-2020-7467]
161660FreeBSD bhyve privileges management [CVE-2020-24718]
161659FreeBSD ure Device Driver injection [CVE-2020-7464]
161658Acronis Cyber Backup server-side request forgery [CVE-2020-16171]
161657ModSecurity resource consumption [CVE-2020-15598] [Disputed]
161656Atlassian Jira Service Desk Server/Data Center Project Request Type information disclosure
161655Atlassian JIRA Server/Data Center QueryComponent!Default.jspa information disclosure
161654Atlassian JIRA Server/Data Center incorrect regex [CVE-2020-14177]
161653sized-chunks crate InlineArray array index
161652sized-chunks crate insert_from double free
161651sized-chunks crate memory leak [CVE-2020-25794]
161650sized-chunks crate array index [CVE-2020-25793]
161649sized-chunks crate pair array index
161648sized-chunks crate unit array index
161647Typesetter CMS unrestricted upload [CVE-2020-25790]
161646Tiny RSS cross site scripting [CVE-2020-25789]
161645Tiny RSS Error Message init.php unknown vulnerability
161644Tiny RSS URL input validation [CVE-2020-25787]
161643D-Link DIR-816L/DIR-803 URL Encoding info.php cross site scripting
161642Huawei HiSilicon RTSP Stream information disclosure [CVE-2020-24216] [Disputed]
161641Huawei HiSilicon printf memory corruption [Disputed]
161640Huawei HiSilicon box_ProcessRequest unrestricted upload [Disputed]
161639Huawei HiSilicon box_ProcessRequest path traversal [Disputed]
161638Huawei HiSilicon Telnet Service privileges management [CVE-2020-24218] [Disputed]
161637Huawei HiSilicon backdoor [CVE-2020-24215] [Disputed]
161636Huawei Taurus-AN00B use after free [CVE-2020-9084]
161635Citrix XenMobile Server improper authentication [CVE-2020-8253]
161634libuv realpath buffer overflow
161633Node.js resource consumption [CVE-2020-8251]
161632Citrix ADC/Gateway/NetScaler Gateway/SD-WAN WANOP Management Interface privileges management
161631Citrix ADC/Gateway/NetScaler Gateway/SD-WAN WANOP Management Network resource consumption
161630Citrix ADC/Gateway/NetScaler Gateway/SD-WAN WANOP SSL VPN Web Portal cross site scripting
161629json-bigint resource consumption [CVE-2020-8237]
161628Nextcloud Desktop Client cleartext storage [CVE-2020-8225]
161627Node.js request smuggling [CVE-2020-8201]
161626Citrix Storefront Server improper authentication [CVE-2020-8200]
161625TypeORM Prototype Remote Code Execution [CVE-2020-8158]
161624Puppet Enterprise CD4PE Deployment Definition Credentials insufficiently protected credentials
161623Spring Framework RFD privileges management [CVE-2020-5421]
161622InstallBuilder for Qt Windows Installer untrusted search path
161621MISP Login Page privileges management [CVE-2020-25766]
161620RESTEasy Client information exposure [CVE-2020-25633]
161619Philips Collaboration Platform config [CVE-2020-16247]
161618eWON Flexy/Cosy injection [CVE-2020-16230]
161617Philips Collaboration Platform downgrade [CVE-2020-16200]
161616Philips Collaboration Platform protection mechanism [CVE-2020-16198]
161615SOY CMS unrestricted upload [CVE-2020-15189]
161614Alfresco Reset Password Add-On input validation [CVE-2020-15181]
161613Philips Collaboration Platform unknown vulnerability [CVE-2020-14525]
161612Philips Collaboration Platform cross-site request forgery [CVE-2020-14506]
161611Linux Kernel Screen Size out-of-bounds write [CVE-2020-14390]
161610Ozeki NG SMS Gateway RSS to SMS Module xml external entity reference
161609Ozeki NG SMS Gateway ASP.NET SMS Module privileges management
161608Micro Focus Operation Agent privileges management [CVE-2020-11861]
161607HPE Universal API Framework sql injection [CVE-2020-24623]
161606SOY CMS Inquiry Form deserialization [CVE-2020-15188]
161605Google Android NetworkStackNotifier permissions [CVE-2020-0405]
161604Google Android netd out-of-bounds read [CVE-2020-0365]
161603Google Android NFC out-of-bounds write [CVE-2020-0350]
161602Google Android NFC permissions [CVE-2020-0349]
161601Google Android NFC out-of-bounds read [CVE-2020-0348]
161600Google Android iptables out-of-bounds write [CVE-2020-0347]
161599Google Android NFC out-of-bounds write [CVE-2020-0335]
161598Google Android NFC out-of-bounds write [CVE-2020-0334]
161597Google Android Settings permissions [CVE-2020-0331]
161596Google Android Networking permissions [CVE-2020-0327]
161595Google Android NFC out-of-bounds write [CVE-2020-0326]
161594Google Android NFC information disclosure [CVE-2020-0325]
161593Google Android NFC out-of-bounds write [CVE-2020-0319]
161592Google Android Telephony default permission [CVE-2020-0316]
161591Google Android Zen Mode default permission [CVE-2020-0315]
161590Google Android NotificationManagerService default permission
161589Google Android InputManagerService default permission [CVE-2020-0311]
161588Google Android Settings default permission [CVE-2020-0310]
161587Google Android Bluetooth Server integer overflow [CVE-2020-0309]
161586Google Android Settings default permission [CVE-2020-0307]
161585Google Android Settings default permission [CVE-2020-0304]
161584Google Android Settings default permission [CVE-2020-0302]
161583Google Android NFC out-of-bounds read [CVE-2020-0300]
161582Google Android Bluetooth default permission [CVE-2020-0299]
161581Google Android Bluetooth default permission [CVE-2020-0298]
161580Google Android Telecom default permission [CVE-2020-0295]
161579Google Android Wallpaper Manager default permission [CVE-2020-0294]
161578Google Android Bluetooth out-of-bounds read [CVE-2020-0292]
161577Google Android Bluetooth out-of-bounds read [CVE-2020-0291]
161576Google Android Bluetooth AVRCP information disclosure [CVE-2020-0286]
161575Google Android Telephony default permission [CVE-2020-0285]
161574Google Android Telephony default permission [CVE-2020-0284]
161573Google Android NFC out-of-bounds read [CVE-2020-0282]
161572Google Android NFC out-of-bounds read [CVE-2020-0281]
161571Google Android Telephony default permission [CVE-2020-0276]
161570Google Android hwservicemanager out-of-bounds write [CVE-2020-0273]
161569Google Android libhwbinder initialization [CVE-2020-0272]
161568Google Android Settings App privileges management [CVE-2020-0271]
161567Google Android Audio Settings permissions [CVE-2020-0269]
161566Google Android NFC race condition [CVE-2020-0268]
161565Google Android Telephony permissions [CVE-2020-0265]
161564Google Android Accessibility Service privileges management [CVE-2020-0263]
161563Adobe Media Encoder out-of-bounds read [CVE-2020-9745]
161562Adobe Media Encoder out-of-bounds read [CVE-2020-9744]
161561Adobe Media Encoder out-of-bounds read [CVE-2020-9739]
161560AppSpider Installer uncontrolled search path [CVE-2020-7358]
161559NVIDIA GeForce Now Network Test information disclosure [CVE-2020-5976]
161558NVIDIA GeForce Now information disclosure [CVE-2020-5975]
1615571CRM System authorization [CVE-2020-15958]
161556Gradle Enterprise cross-site request forgery [CVE-2020-15776]
161555Gradle Enterprise insecure storage of sensitive information [CVE-2020-15775]
161554Gradle Enterprise Session session expiration [CVE-2020-15774]
161553Gradle Enterprise Export API origin validation [CVE-2020-15773]
161552Gradle Enterprise SAML IDP server-side request forgery [CVE-2020-15772]
161551Gradle Enterprise/Enterprise Build Cache Node missing encryption
161550Gradle Enterprise excessive authentication [CVE-2020-15770]
161549Gradle Enterprise URL cross site scripting [CVE-2020-15769]
161548Gradle Enterprise/Enterprise Build Cache Node headers information disclosure
161547Gradle Enterprise cleartext transmission [CVE-2020-15767]
161546Google Android Bluetooth out-of-bounds write [CVE-2020-0354]
161545Google Android System UI exceptional condition [CVE-2020-0318]
161544Google Android WiFi Tethering privileges management [CVE-2020-0262]
161543Google Android Audio Server permission assignment [CVE-2020-0089]
161542UNIQLO App redirect [CVE-2020-5629]
161541UNIQLO App redirect [CVE-2020-5628]
161540Buffalo WHR-G54S cross site scripting [CVE-2020-5606]
161539Buffalo WHR-G54S path traversal [CVE-2020-5605]
161538Cesanta Mongoose mg_get_http_header buffer overflow [Disputed]
161537paGO Commerce Plugin sql injection [CVE-2020-25751]
161536DotPlant2 Pay2PayPayment.php Pay2PayPayment xml external entity reference
161535SaferVPN Log link following
161534webTareas editclient.php cross site scripting
161533webTareas Directory path traversal [CVE-2020-25734]
161532webTareas unrestricted upload [CVE-2020-25733]
161531Nitro Pro Rendering Engine integer overflow [CVE-2020-6116]
161530Nitro Pro Table use after free [CVE-2020-6115]
161529Nitro Pro Object Stream Parser integer overflow [CVE-2020-6113]
161528Nitro Pro JPEG 2000 File out-of-bounds write [CVE-2020-6112]
161527ZoneMinder download.php cross site scripting
161526Reset Password Add-On password recovery [CVE-2020-25728]
161525Reset Password Add-On sql injection [CVE-2020-25727]
161524Sqreen PHP Agent Daemon Virtual Machine signature verification
161523Sqreen PyMiniRacer out-of-bounds write [CVE-2020-25489]
161522yWorks yEd Desktop XSL xml injection [CVE-2020-25216]
161521yWorks yEd Desktop XML Data xml external entity reference [CVE-2020-25215]
161520Objective Systems Objective Open CBOR Run-time input validation
161519FasterXML jackson-databind Serialized deserialization [CVE-2020-24750]
161518TitanHQ SpamTitan Sandbox passwd privileges management
161517TitanHQ SpamTitan ISO privileges management [CVE-2020-24045]
161516Helm Plugin injection [CVE-2020-15187]
161515Helm Plugin Name input validation [CVE-2020-15186]
161514Helm Chart injection [CVE-2020-15185]
161513Helm Chart.yaml input validation
161512SOY CMS Reflected cross site scripting [CVE-2020-15183]
161511SOY CMS SOY Inquiry unrestricted upload [CVE-2020-15182]
161510Xerces JBoss JAXP XMLSchemaValidator input validation
161509Apache Superset Python code injection [CVE-2020-13948]
161508Apache Airflow Endpoint trigger cross site scripting
161507RAD SecFlow-1v Web-based Management Interface Stored cross site scriting
161506SolarWinds Orion Platform Administrator Account Stored cross site scripting
161505TitanHQ SpamTitan mailqueue.php input validation
161504TitanHQ SpamTitan mailqueue.php eval input validation
161503TitanHQ SpamTitan certs-x.php input validation
161502TitanHQ SpamTitan certs-x.php input validation
161501TitanHQ SpamTitan snmp-x.php input validation
161500Google Android f2fs.h inline_data_addr integer overflow
161499Google Android Catpipe Library use after free [CVE-2020-0434]
161498Google Android blk-mq-tag.c blk_mq_queue_tag_busy_iter use after free
161497Google Android networking.c skb_to_mamac integer overflow
161496Google Android keyboard.c kbd_keycode out-of-bounds write
161495Google Android skbuff.h skb_headlen out-of-bounds read
161494Google Android l2tp_core.c l2tp_session_delete use after free
161493Google Android CamX race condition [CVE-2020-0428]
161492Google Android core.c create_pinctrl use after free
161491Google Android SyncManager default permission [CVE-2020-0426]
161490Google Android Lockdown information disclosure [CVE-2020-0425]
161489Google Android Disk Encryption fscrypt_ice.c inadequate encryption
161488Google Android libmpeg2dec out-of-bounds write [CVE-2020-0406]
161487Google Android uvc_driver.c uvc_scan_chain_forward privileges management
161486Google Android FPC TrustZone Fingerprint App privileges management
161485Google Android setInstallerPackageName authorization
161484Google Android showLimitedSimFunctionWarningNotification authorization
161483Google Android getNotificationBuilder authorization
161482Google Android Telephony authorization [CVE-2020-0396]
161481Google Android showNotification authorization
161480Google Android onCreate privileges management
161479Google Android CryptoPlugin.cpp decrypt_1_2 out-of-bounds read
161478Google Android SurfaceFlinger.cpp getLayerDebugInfo double free
161477Google Android applyPolicy privileges management
161476Google Android zygote SE Policy App default permission [CVE-2020-0390]
161475Google Android createSaveNotification authorization
161474Google Android createEmergencyLocationUserNotification default permission
161473Google Android SmartSpace Package privileges management [CVE-2020-0387]
161472Google Android onCreate privileges management
161471Google Android Media Extractor eas_mdls.c Parse_insh out-of-bounds write
161470Google Android Media Extractor eas_mdls.c Parse_art out-of-bounds write
161469Google Android eas_mdls.c Parse_ins out-of-bounds write
161468Google Android dumpstate.cpp RunInternal unusual condition
161467Google Android eas_mdls.c Parse_wave integer overflow
161466Google Android bitalloc.c allocExcessBits out-of-bounds write
161465Google Android Bluetooth Service authentication spoofing [CVE-2020-0379]
161464Google Android Telephony authorization [CVE-2020-0375]
161463Google Android NFC privileges management [CVE-2020-0374]
161462Google Android SoundTriggerHwService race condition [CVE-2020-0373]
161461Google Android ActivityManager authorization [CVE-2020-0372]
161460Google Android libAACdec out-of-bounds read [CVE-2020-0370]
161459Google Android libavb integer overflow [CVE-2020-0369]
161458Google Android PackageInstaller privileges management [CVE-2020-0366]
161457Google Android libDRCdec out-of-bounds read [CVE-2020-0364]
161456Google Android libmedia input validation [CVE-2020-0363]
161455Google Android libstagefright input validation [CVE-2020-0362]
161454Google Android libDRCdec uninitialized resource [CVE-2020-0361]
161453Google Android Notification Access Confirmation privileges management
161452Google Android GLESRenderEngine out-of-bounds read [CVE-2020-0359]
161451Google Android Surfaceflinger toctou [CVE-2020-0358]
161450Google Android Surfaceflinger locking [CVE-2020-0357]
161449Google Android Audio HAL memory corruption [CVE-2020-0356]
161448Google Android libFraunhoferAAC out-of-bounds read [CVE-2020-0355]
161447Google Android libmp4extractor memory corruption [CVE-2020-0353]
161446Google Android MediaProvider sql injection [CVE-2020-0352]
161445Google Android libstagefright input validation [CVE-2020-0351]
161444Google Android Mediaserver integer overflow [CVE-2020-0346]
161443Google Android DocumentsUI external reference [CVE-2020-0345]
161442Google Android MediaProvider sql injection [CVE-2020-0344]
161441Google Android NetworkStatsService default permission [CVE-2020-0343]
161440Google Android out-of-bounds write [CVE-2020-0342]
161439Google Android DisplayManager authorization [CVE-2020-0341]
161438Google Android libcodec2_soft_mp3dec missing initialization of resource
161437Google Android AccountManager external reference [CVE-2020-0338]
161436Google Android MediaProvider external reference [CVE-2020-0337]
161435Google Android Surfaceflinger type confusion [CVE-2020-0336]
161434Google Android UrlQuerySanitizer input validation [CVE-2020-0333]
161433Google Android libstagefright infinite loop [CVE-2020-0332]
161432Google Android iorap use after free [CVE-2020-0330]
161431Google Android OMX Encoder out-of-bounds read [CVE-2020-0329]
161430Google Android Camera integer overflow [CVE-2020-0328]
161429Google Android libsonivox out-of-bounds read [CVE-2020-0324]
161428Google Android libavb out-of-bounds read [CVE-2020-0323]
161427Google Android apexd out-of-bounds read [CVE-2020-0322]
161426Google Android mp3 Extractor missing initialization of resource
161425Google Android libstagefright input validation [CVE-2020-0320]
161424Google Android UsageStatsManager default permission [CVE-2020-0317]
161423Google Android AudioService authorization [CVE-2020-0314]
161422Google Android Battery Saver default permission [CVE-2020-0312]
161421Google Android Window Manager default permission [CVE-2020-0308]
161420Google Android LLVM privileges management [CVE-2020-0306]
161419Google Android Media Extractor use after free [CVE-2020-0303]
161418Google Android libstagefright input validation [CVE-2020-0301]
161417Google Android devicepolicy Service default permission [CVE-2020-0297]
161416Google Android ADB Server/USB Server default permission [CVE-2020-0296]
161415Google Android Java Network API default permission [CVE-2020-0293]
161414Google Android PackageManager authorization [CVE-2020-0290]
161413Google Android PackageManager authorization [CVE-2020-0289]
161412Google Android PackageManager authorization [CVE-2020-0288]
161411Google Android libmkvextractor resource consumption [CVE-2020-0287]
161410Google Android AAC Parser out-of-bounds read [CVE-2020-0279]
161409Google Android out-of-bounds write [CVE-2020-0278]
161408Google Android NetworkPolicyManagerService authorization [CVE-2020-0277]
161407Google Android MediaProvider default permission [CVE-2020-0275]
161406Google Android OMX Parser information disclosure [CVE-2020-0274]
161405Google Android tremolo out-of-bounds read [CVE-2020-0270]
161404Google Android windowmanager external reference [CVE-2020-0267]
161403Google Android Factory Reset Protection authorization [CVE-2020-0266]
161402Google Android libstagefright integer overflow [CVE-2020-0264]
161401Google Android combined_decode.cpp DecodeFrameCombinedMode out-of-bounds write
161400Google Android out-of-bounds write [CVE-2020-0229]
161399Google Android screencap input validation [CVE-2020-0130]
161398Google Android mediadrm out-of-bounds read [CVE-2020-0125]
161397Google Android out-of-bounds write [CVE-2020-0123]
161396Google Android verifyIntentFiltersIfNeeded privileges management
161395DBI Module hv_fetch return value
161394SuSE Linux Enterprise Module for SUSE Manager Server Salt access control
161393Apple iOS/iPadOS SpringBoard privileges management [Disputed]
161392Atlassian JIRA Server/Data Center ViewUserHover.jspa information disclosure
161391Bosch Smart Home System App Certificate Validation certificate validation
161390Nitro Pro File out-of-bounds write [CVE-2020-6146]
161389Sylabs Singularity Permission permission assignment [CVE-2020-25040]
161388Sylabs Singularity Permission permission assignment [CVE-2020-25039]
161387Genexis Platinum 4410 WiFi Access Point cross-site request forgery
161386Freebox Server OS Web Interface DNS Rebinding input validation
161385Freebox Server UPnP IGD DNS Rebinding input validation
161384Freebox HD DNS DNS Rebinding input validation
161383Freebox Server UPnP MediaServer cross-site request forgery [CVE-2020-24373]
161382Elementor Page Builder Custom Link Attributes Control Stored cross site scripting
161381KeyCloak NodeJS Adapter information disclosure [CVE-2020-1694]
161380AMQ Online Configuration denial of service [CVE-2020-14348]
161379Openshift service-mesh/istio-rhel8-operator Remote Privilege Escalation
161378Apache Atlas Search cross site scripting [CVE-2020-13928]
161377RAD SecFlow-1v os-image Web-based Management Interface cross-site request forgery
161376KeyCloak Data Filter cross site scripting [CVE-2020-10748]
161375WildFly Embedded Managed Process API privileges management [CVE-2020-10718]
161374openshift Error Page input validation [CVE-2020-10715]
161373Apple Safari WebKit memory corruption [CVE-2020-9983]
161372Apple Safari WebKit cross site scriting [CVE-2020-9952]
161371Apple Safari WebKit use after free [CVE-2020-9951]
161370Apple Safari WebKit type confusion [CVE-2020-9948]
161369Apple tvOS WebKit cross site scriting [CVE-2020-9952]
161368Apple tvOS Sandbox privileges management [CVE-2020-9968]
161367Apple tvOS Phone Lockscreen improper authentication
161366Apple tvOS Keyboard information disclosure [CVE-2020-9976]
161365Apple watchOS WebKit cross site scriting [CVE-2020-9952]
161364Apple watchOS Sandbox privileges management [CVE-2020-9968]
161363Apple watchOS Phone Lockscreen improper authentication
161362Apple watchOS Keyboard information disclosure [CVE-2020-9976]
161361Apple Xcode IDE Device Support privileges management [CVE-2020-9992]
161360Apple iOS/iPadOS WebKit cross site scriting [CVE-2020-9952]
161359Apple iOS/iPadOS Siri Lockscreen improper authentication
161358Apple iOS/iPadOS Sandbox privileges management [CVE-2020-9968]
161357Apple iOS/iPadOS Phone improper authentication [CVE-2020-9946]
161356Apple iOS/iPadOS Model I/O memory corruption [CVE-2020-9973]
161355Apple iOS/iPadOS Keyboard information disclosure [CVE-2020-9976]
161354Apple iOS/iPadOS IOSurfaceAccelerator Kernel Memory information disclosure
161353Apple iOS/iPadOS IDE Device Support privileges management [CVE-2020-9992]
161352Apple iOS/iPadOS Icons information disclosure [CVE-2020-9773]
161351Apple iOS/iPadOS Assets resource transfer [CVE-2020-9979]
161350Apple iOS/iPadOS AppleAVD memory corruption [CVE-2020-9958]
161349ua-parser-js incorrect regex [CVE-2020-7733]
161348Schneider Electric SCADAPack x70 Security Administrator SDB File deserialization
161347Schneider Electric SCADAPack 7x Remote Connect Access Control access control
161346Schneider Electric SCADAPack 7x Remote Connect improper authorization
161345Schneider Electric SCADAPack 7x Remote Connect RCZ File path traversal
161344Schneider Electric SCADAPack 7x Remote Connect PRJ File deserialization
161343IBM Security Trusteer Pinpoint Detect information disclosure
161342IBM Maximo Asset Management redirect [CVE-2020-4409]
161341VMware Workstation/Horizon Client Cortado Thinprint integer overflow
161340VMware Workstation/Horizon Client Cortado Thinprint out-of-bounds write
161339VMware Workstation/Horizon Client Cortado Thinprint out-of-bounds read
161338VMware Workstation/Horizon Client Cortado Thinprint out-of-bounds read
161337VMware Workstation/Horizon Client Cortado Thinprint out-of-bounds read
161336VMware Fusion Path privileges management [CVE-2020-3980]
161335xmlquery XML Data input validation [CVE-2020-25614]
161334Gnuplot command.c com_line code injection
161333tiffinfo tiffinfo.c TIFFReadRawDataTiled null pointer dereference
161332LibRaw tiff.cpp parse_tiff_ifd null pointer dereference
161331LibRaw normalize_model.cpp GetNormalizedModel buffer overflow
161330Storable Configs Plugin config.xml path traversal
161329Storable Configs Plugin Permission path traversal [CVE-2020-2277]
161328Selection tasks Plugin Permission os command injection [CVE-2020-2276]
161327Copy Data to Workspace Plugin Permission path traversal [CVE-2020-2275]
161326ElasTest Plugin Global Configuration cleartext storage [CVE-2020-2274]
161325ElasTest Plugin cross-site request forgery [CVE-2020-2273]
161324ElasTest Plugin Permission Check authorization [CVE-2020-2272]
161323Locked Files Report Plugin Stored cross site scripting [CVE-2020-2271]
161322ClearCase Release Plugin Stored cross site scripting [CVE-2020-2270]
161321chosen-views-tabbar Plugin Stored cross site scripting [CVE-2020-2269]
161320MongoDB Plugin cross-site request forgery [CVE-2020-2268]
161319MongoDB Plugin Permission Check authorization [CVE-2020-2267]
161318Description Column Plugin Stored cross site scripting [CVE-2020-2266]
161317Coverage-Complexity Scatter Plot Plugin Stored cross site scripting
161316Custom Job Icon Plugin Stored cross site scripting [CVE-2020-2264]
161315Radiator View Plugin Stored cross site scripting [CVE-2020-2263]
161314Android Lint Plugin Stored cross site scripting [CVE-2020-2262]
161313Perfecto Plugin os command injection [CVE-2020-2261]
161312Perfecto Plugin Permission Check authorization [CVE-2020-2260]
161311computer-queue-plugin Stored cross site scripting [CVE-2020-2259]
161310Health Advisor by CloudBees Plugin Permission Check authorization
161309Validating String Parameter Plugin Stored cross site scripting
161308Pipeline Maven Integration Plugin Stored cross site scripting
161307Blue Ocean Plugin Permission Check server-side request forgery
161306Blue Ocean Plugin path traversal [CVE-2020-2254]
161305Email Extension Plugin SMTP Server certificate validation [CVE-2020-2253]
161304Mailer Plugin SMTP Server certificate validation [CVE-2020-2252]
161303Red Hat Wildfly Elytron WildFlySecurityManager authorization
161302Red Hat JBoss EAP RFC7230 unknown vulnerability [CVE-2020-1710]
161301Perl-DBI stack-based overflow [CVE-2020-14393]
161300cryptsetup LUKS2 Validator luks2_json_metadata.c hdr_validate_segments out-of-bounds write
161299Colin Percival bsdiff memory corruption [CVE-2020-14315]
161298KeyCloak allocation of resources [CVE-2020-10758]
161297PostgreSQL Installer untrusted search path [CVE-2020-10733]
161296Gnuplot print_set_output double free
161295Perl-DBI dbd_db_login6_sv memory corruption
161294Linux Kernel unnecessary privileges [CVE-2020-14386]
161293Linux Kernel ZRAM Kernel Module hot_add Kernel Memory resource consumption
161292McAfee Web Gateway Access Control improper authorization [CVE-2020-7297]
161291McAfee Email Gateway path traversal [CVE-2020-7268]
161290Linux Kernel prctl information disclosure
161289TIBCO Spotfire Analyst Spotfire Client cross site scriting [CVE-2020-9416]
161288Lenovo System Interface Foundation Configuration File default permission
161287Lenovo System Update toctou [CVE-2020-8342]
161286Lenovo System x IMM2 cross site scripting [CVE-2020-8340]
161285Lenovo IBM BladeCenter Advanced Management Module Web Interface insufficiently protected credentials
161284McAfee Web Gateway Configuration File improper authorization
161283McAfee Web Gateway Access Control improper authorization [CVE-2020-7295]
161282McAfee Web Gateway REST Interface improper authorization [CVE-2020-7294]
161281McAfee Web Gateway Access Control Password improper authorization
161280IBM Spectrum Protect Plus path traversal [CVE-2020-4711]
161279IBM Spectrum Protect Plus Administrative Console unrestricted upload
161278IBM Business Automation Workflow Web UI cross site scripting
161277IBM Maximo Asset Management cross-site request forgery [CVE-2020-4526]
161276IBM Maximo Asset Management Java deserialization [CVE-2020-4521]
161275IBM Tivoli Business Service Manager insecure storage of sensitive information
161274BlackCat CMS cross-site request forgery [CVE-2020-25453]
161273Nifty Project Management cross site scripting [CVE-2020-25071]
161272ElkarBackup DefaultController.php Source inadequate encryption
161271ElkarBackup Persistent cross site scripting [CVE-2020-24924]
161270Trend Micro ServerProtect for Linux SPLX Console command injection
161269projectworlds House Rental index.php sql injection
161268SourceCodester Online Course Registration Upload Filter my-profile.php unrestricted upload
161267VR CAM P1 Access Control improper authentication [CVE-2020-23512]
161266Spiceworks users cross-site request forgery
161265Gallagher Command Centre DCOM Websocket memory corruption [CVE-2020-16101]
161264Gallagher Command Centre DCOM Websocket denial of service [CVE-2020-16100]
161263Gallagher Command Centre Guard Tour Event input validation [CVE-2020-16099]
161262Gallagher Command Centre Credentials improper authentication
161261Gallagher Controller Key insufficiently protected credentials
161260Gallagher Command Centre Credentials improper authorization [CVE-2020-16096]
161259ScratchSig Extension Stored cross site scripting [CVE-2020-15179]
161258contactform module Contact Form cross site scripting [CVE-2020-15178]
161257Act Module Message deserialization [CVE-2020-15172]
161256Yii unserialize deserialization
161255Linux Kernel XFS File System memory corruption [CVE-2020-14385] X11 Server integer overflow [CVE-2020-14362] X11 Server integer overflow [CVE-2020-14361] X11 Server X Input Extension Protocol Decoder integer overflow X11 Server XkbSetNames memory corruption
161250Linux Kernel Video out-of-bounds write [CVE-2020-14331]
161249Linux Kernel EXT File System out-of-bounds read [CVE-2020-14314]
161248Linux Kernel Ethernet Driver Kernel Memory information disclosure
161247GitLab 2FA denial of service [CVE-2020-13308]
161246GitLab 2FA user session [CVE-2020-13307]
161245GitLab Permission privileges management [CVE-2020-13303]
161244Apache Syncope Flowable Extension code injection [CVE-2020-11977]
161243Linux Kernel Enhanced IBPB Local Privilege Escalation [CVE-2020-10767]
161242Linux Kernel SSBD Local Privilege Escalation [CVE-2020-10766]
161241Red Hat Enterprise Linux PGP Signature signature verification
161240IBM Maximo Asset Management Back-End Database sql injection [CVE-2019-4671]
161239Brotli Decompression denial of service [CVE-2020-8927]
161238rand_core crate type conversion [CVE-2020-25576]
161237failure Crate type confusion [CVE-2020-25575]
161236http crate reserve integer overflow
161235linked-hash-map uninitialized pointer [CVE-2020-25573]
161234Intel CPU BIOS Firmware privileges management [CVE-2020-24457]
161233Codoforum Admin Dashboard cross site scripting [CVE-2020-21845]
161232Private Internet Access Kill Switch information disclosure [CVE-2020-15590]
161231GitLab EKS privileges management [CVE-2020-13318]
161230GitLab GraphQL API denial of service [CVE-2020-13317]
161229GitLab Command Line privileges management [CVE-2020-13316]
161228GitLab Profile Activity Page denial of service [CVE-2020-13315]
161227GitLab Omniauth Endpoint cross site scriting [CVE-2020-13314]
161226GitLab Authorization privileges management [CVE-2020-13313]
161225GitLab OAuth Endpoint Brute Force improper authentication
161224GitLab Wiki denial of service [CVE-2020-13311]
161223GitLab gitlab-runner denial of service [CVE-2020-13310]
161222GitLab Repository Mirroring server-side request forgery [CVE-2020-13309]
161221GitLab Webhook denial of service [CVE-2020-13306]
161220GitLab Project Invitation Link improper authentication [CVE-2020-13305]
161219GitLab 2FA improper authentication [CVE-2020-13304]
161218GitLab Session Revokation improper authentication [CVE-2020-13302]
161217GitLab Standalone Vulnerability Page Stored cross site scriting
161216GitLab OAuth Authorization privileges management [CVE-2020-13300]
161215GitLab Revocation improper authentication [CVE-2020-13299]
161214GitLab Conan Package Upload File information disclosure
161213GitLab 2FA improper authentication [CVE-2020-13297]
161212GitLab 2FA improper authentication [CVE-2020-13289]
161211GitLab EPIC information disclosure [CVE-2020-13287]
161210GitLab API Authorization improper authentication [CVE-2020-13284]
161209MikroTik RouterOS SMB Server array index [CVE-2020-11881]
161208vtecrm vtenext cross-site request forgery [CVE-2020-10229]
161207vtecrm vtenext File Upload unrestricted upload [CVE-2020-10228]
161206vtecrm vtenext Email cross site scripting [CVE-2020-10227]
161205QT Library untrusted search path [CVE-2020-0570]
161204KaiOS Note Application injection [CVE-2019-14761]
161203KaiOS Recorder Application injection [CVE-2019-14760]
161202KaiOS Radio Application injection [CVE-2019-14759]
161201KaiOS File Manager cross site scripting [CVE-2019-14758]
161200KaiOS Contacts Application cross site scripting [CVE-2019-14757]
161199KaiOS Email Application cross site scripting [CVE-2019-14756]
161198Mike Rooijackers Recall Products admin.php Stored cross site scripting
161197Mike Rooijackers Recall Products sql injection [CVE-2020-25379]
161196AccessPress Themes WP Floating Menu cross site scripting [CVE-2020-25378]
161195SoftradeWeb SNC WP SMART CRM cross site scripting [CVE-2020-25375]
161194Ericsson RX8200 Reflected cross site scripting [CVE-2020-22158]
161193Apache Struts File Upload permissions [CVE-2019-0233]
161192Apache Struts Double OGNL Evaluation dynamically-determined object attributes
161191Dataiku DSS privileges management [CVE-2020-8817]
161190LG PC Suite Setup DLL Local Privilege Escalation [CVE-2020-7807]
161189ThinkAdmin path traversal [CVE-2020-25540]
161188LemonLDAP::NG Access Control direct request [CVE-2020-24660]
161187Sagemcom F@ST3686 RgDiagnostics.asp cross site scripting
161186Rukovoditel Project Management App cross site scripting [CVE-2020-21732]
161185Gazie cross site scripting [CVE-2020-21731]
161184Atmel ATSAMA5 Secure Monitor hard-coded credentials [CVE-2020-12789]
161183Atmel ATSAMA5 CMAC Verification information exposure [CVE-2020-12788]
161182Atmel ATSAMA5 Secure Mode privileges management [CVE-2020-12787]
161181AT91bootstrap Authentication Key Memory inadequate encryption
161180AT91bootstrap CMAC information exposure [CVE-2020-11683]
161179Kingsoft WPS Office GdiDrawHoriLineIAlt qbrush.cpp setMatrix out-of-bounds write
161178Avast SecureLine VPN Service link following [CVE-2020-25289]
161177Pligg admin_editor.php unrestricted upload
161176WordPress comment-template.php information disclosure
161175Linux Kernel hugetlb sysctl hugetlb.c race condition
161174Linux Kernel rbd Block Device Driver rbd.c permissions
161173Wibu-Systems CodeMeter denial of service [CVE-2020-16233]
161172Wibu-Systems CodeMeter signature verification [CVE-2020-14515]
161171Wibu-Systems CodeMeter input validation [CVE-2020-14513]
161170Wibu-Systems CodeMeter WebSocket API origin validation [CVE-2020-14519]
161169Wibu-Systems CodeMeter inadequate encryption [CVE-2020-14517]
161168Wibu-Systems CodeMeter memory corruption [CVE-2020-14509]
161167Backblaze privileges management [CVE-2020-8152]
161166Backblaze privileges management [CVE-2020-8150]
161165Microsoft Windows finger.exe privileges management
161164LG Mobile Devices BT Manager authorization [CVE-2020-25283]
161163LG Mobile Devices lguicc authorization [CVE-2020-25282]
161162LG Mobile Devices unknown vulnerability [CVE-2020-25281]
161161Samsung Mobile Devices Debugging Command privileges management
161160Samsung Mobile Devices Exynos Chipset buffer overflow [CVE-2020-25279]
161159Samsung Mobile Devices Quram Image Codec Library out-of-bounds write
161158ArGo Soft Mail Server cross-site request forgery [CVE-2020-23824]
161157libX11 integer overflow [CVE-2020-14363]
161156Ansible Engine Check Mode neutralization for logs [CVE-2020-14332]
161155Ansible URI Module neutralization for logs [CVE-2020-14330]
161154Google Chrome Policy privileges management [CVE-2020-15959]
161153Google Chrome Mojo race condition [CVE-2020-6575]
161152Google Chrome Installer privileges management [CVE-2020-6574]
161151Google Chrome Video use after free [CVE-2020-6573]
161150Huawei Smartphone information disclosure [CVE-2020-9239]
161149PrimeKey EJBCA Client Certificate certificate validation [CVE-2020-25276]
161148Philips Patient Information Center iX Message Parser denial of service
161147Philips Patient Information Center iX Certificate Enrollment Service denial of service
161146Philips Patient Information Center iX input validation [CVE-2020-16216]
161145Philips Patient Information Center iX Surveillance Station exposure of resource
161144Bluetooth Core LE/BR/EDR improper authentication [CVE-2020-15802]
161143Ruby on Rails Action View cross site scripting [CVE-2020-15169]
161142ZeroMQ TCP Socket resource consumption [CVE-2020-15166]
161141Xiaomi R3600 set_WAN6 Interface privileges management [CVE-2020-14100]
161140Xiaomi AI Speaker OTA memory corruption [CVE-2020-14096]
161139Apache Cocoon StreamGenerator xml external entity reference [CVE-2020-11991]
161138QNAP Helpdesk cross-site request forgery [CVE-2018-19948]
161137QNAP Helpdesk information disclosure [CVE-2018-19947]
161136QNAP Helpdesk Certificate Validation certificate validation [CVE-2018-19946]
161135InspIRCd pgsql Module use after free [CVE-2020-25269]
161134Taoensso Nippy deserialization [CVE-2020-24164]
161133Philips Patient Information Center iX Certificate Revocation unknown vulnerability
161132Philips Patient Information Center iX improper authentication
161131Philips Patient Information Center iX Web Application cross site scripting
161130Philips Patient Information Center iX CSV File csv injection
161129InspIRCd Silence Module use after free [CVE-2019-20918]
161128InspIRCd MySQL Module null pointer dereference [CVE-2019-20917]
161127Hyland OnBase JSON deserialization [CVE-2020-25260]
161126Hyland OnBase XML Data deserialization [CVE-2020-25259]
161125Hyland OnBase ASP.NET BinaryFormatter.Deserialize deserialization
161124Hyland OnBase XML Data xml external entity reference [CVE-2020-25257]
161123Hyland OnBase PKI Certificate/Private Key hard-coded credentials
161122Hyland OnBase denial of service [CVE-2020-25255]
161121Hyland OnBase AddWorkViewLinkedServer sql injection
161120Hyland OnBase sql injection [CVE-2020-25253]
161119Hyland OnBase cross-site request forgery [CVE-2020-25252]
161118Hyland OnBase Client authorization [CVE-2020-25251]
161117Hyland OnBase Client Application Log privileges management
161116Hyland OnBase Client Application unknown vulnerability [CVE-2020-25249]
161115Hyland OnBase path traversal [CVE-2020-25248]
161114Hyland OnBase path traversal [CVE-2020-25247]
161113Intel AMT/ISM Network Subsystem memory corruption [CVE-2020-8758]
161112McAfee Agent DLL insufficient privileges [CVE-2020-7315]
161111McAfee Agent Installer Local Privilege Escalation [CVE-2020-7314]
161110McAfee Agent Installer uncontrolled search path [CVE-2020-7312]
161109McAfee Agent Installer insufficient privileges [CVE-2020-7311]
161108atftpd Daemon assert assertion
161107Icegram Email Subscribers / Newsletters Plugin missing authentication
161106IBM WebSphere Application Server Web UI cross site scripting
161105Linux Kernel Reference Counting gup.c get_gate_page Underflow operation after expiration
161104iCMS cross-site request forgery [CVE-2020-24739]
161103Zulip Desktop User Interface cross site scripting [CVE-2020-24582]
161102Atop Technology Industrial 3G-4G Gateway Web Management Interface os command injection
161101NEC ExpressCluster XML Data xml external entity reference [CVE-2020-17408]
161100XWiki Application Server Servlet code injection [CVE-2020-15171]
161099apollo-adminservice Access Control input validation [CVE-2020-15170]
161098node-fetch Size allocation of resources
161097Avast Antivirus Login Password Manager insufficiently protected credentials
161096Bitcoin Core denial of service [CVE-2020-14198]
161095Apache ActiveMQ Registry LocateRegistry.createRegistry improper authentication
161094Apache ActiveMQ RMIConnectorServer privileges management [CVE-2020-11998]
161093Linux Kernel s390/s390x cmm_timeout information disclosure
161092Bitcoin Core/Bitcoin Knots Transaction Inv Message resource consumption
161091Linux Kernel Patch CVE-2020-14356 use after free [CVE-2020-25220]
161090Twilio Authy race condition [CVE-2020-24655]
161089PHP PHAR File phar_parse_zipfile use after free
161088libproxy url.cpp recvline out-of-bounds write
161087Yaws Web Server CGI os command injection [CVE-2020-24916]
161086Yaws Web Server WebDAV xml external entity reference [CVE-2020-24379]
161085Facebook Hermes Javascript Interpreter Remote Code Execution
161084Facebook Hermes out-of-bounds read [CVE-2020-1912]
161083Nagios XI Backend Script privileges management [CVE-2020-15903]
161082Siemens SIMATIC S7-300 CPU/SIMATIC S7-400 CPU Password insufficiently protected credentials
161081Siemens Spectrum Power Web Server information disclosure [CVE-2020-15790]
161080Siemens Polarion Subversion Webclient Web Application cross-site request forgery
161079Siemens Polarion Subversion Webclient Web Application cross site scriting
161078Siemens SIMATIC HMI United Comfort Panel authentication bypass
161077Siemens SIMATIC HMI Basic Panel Brute Force excessive authentication
161076Siemens Siveillance Video Client NTLM Authentication cleartext transmission
161075Siemens Spectrum Power Configuration File User cleartext storage
161074ACCEL-PPP l2tp memory corruption [CVE-2020-15173]
161073Python TUF authorization [CVE-2020-15163]
161072Loway QueueMetrics sql injection [CVE-2020-13127]
161071Siemens License Management Utility lmgrd unnecessary privileges
161070Siemens SIMATIC RTLS Locating Manager Service unquoted search path
161069Siemens SIMATIC RTLS Locating Manager default permission [CVE-2020-10050]
161068Siemens SIMATIC RTLS Locating Manager Startup Script default permission
161067Ingenico Telium 2 NTPT3 Local Privilege Escalation [CVE-2018-17774]
161066Ingenico Telium 2 NTPT3 buffer overflow [CVE-2018-17773]
161065Ingenico Telium 2 TRACE Protocol code injection [CVE-2018-17772]
161064Ingenico Telium 2 FTP hard-coded credentials [CVE-2018-17771]
161063Ingenico Telium 2 NTPT3 Protocol buffer overflow [CVE-2018-17770]
161062Ingenico Telium 2 buffer overflow [CVE-2018-17769]
161061Ingenico Telium 2 TRACE Protocol Local Privilege Escalation [CVE-2018-17768]
161060Ingenico Telium 2 ppp hard-coded credentials [CVE-2018-17767]
161059Ingenico Telium 2 NTPT3 permission assignment [CVE-2018-17766]
161058Ingenico Telium 2 TRACE Protocol Local Privilege Escalation [CVE-2018-17765]
161057McAfee MVision Endpoint Symbolic Links link following [CVE-2020-7325]
161056McAfee MVision Endpoint Access Control privileges management
161055McAfee Endpoint Security Authentication McTray.exe authentication bypass
161054McAfee Endpoint Security information disclosure [CVE-2020-7322]
161053McAfee Endpoint Security Protection Mechanism protection mechanism
161052McAfee Endpoint Security Access Control access control [CVE-2020-7319]
161051SAP 3D Visual Enterprise Viewer RLE File input validation [CVE-2020-6361]
161050SAP 3D Visual Enterprise Viewer dib File input validation [CVE-2020-6360]
161049SAP 3D Visual Enterprise Viewer PLT File input validation [CVE-2020-6359]
161048SAP 3D Visual Enterprise Viewer FBX File input validation [CVE-2020-6358]
161047SAP 3D Visual Enterprise Viewer U3D File input validation [CVE-2020-6357]
161046SAP 3D Visual Enterprise Viewer BMP File input validation [CVE-2020-6356]
161045SAP 3D Visual Enterprise Viewer TGA File input validation [CVE-2020-6355]
161044SAP 3D Visual Enterprise Viewer SKP File input validation [CVE-2020-6354]
161043SAP 3D Visual Enterprise Viewer SKP File input validation [CVE-2020-6353]
161042SAP 3D Visual Enterprise Viewer FBX File input validation [CVE-2020-6352]
161041SAP 3D Visual Enterprise Viewer FBX File input validation [CVE-2020-6351]
161040SAP 3D Visual Enterprise Viewer BMP File input validation [CVE-2020-6350]
161039SAP 3D Visual Enterprise Viewer GIF File input validation [CVE-2020-6349]
161038SAP 3D Visual Enterprise Viewer GIF File input validation [CVE-2020-6348]
161037SAP 3D Visual Enterprise Viewer HDR File input validation [CVE-2020-6347]
161036SAP 3D Visual Enterprise Viewer BMP File input validation [CVE-2020-6346]
161035SAP 3D Visual Enterprise Viewer TGA File input validation [CVE-2020-6345]
161034SAP 3D Visual Enterprise Viewer PDF File input validation [CVE-2020-6344]
161033SAP 3D Visual Enterprise Viewer EPS File input validation [CVE-2020-6343]
161032SAP 3D Visual Enterprise Viewer U3D File input validation [CVE-2020-6342]
161031SAP 3D Visual Enterprise Viewer EPS File input validation [CVE-2020-6341]
161030SAP 3D Visual Enterprise Viewer PCX File input validation [CVE-2020-6340]
161029SAP 3D Visual Enterprise Viewer BMP File input validation [CVE-2020-6339]
161028SAP 3D Visual Enterprise Viewer RH File input validation [CVE-2020-6338]
161027SAP 3D Visual Enterprise Viewer HDR File input validation [CVE-2020-6337]
161026SAP 3D Visual Enterprise Viewer PCX File input validation [CVE-2020-6336]
161025SAP 3D Visual Enterprise Viewer HPGL File input validation [CVE-2020-6335]
161024SAP 3D Visual Enterprise Viewer SKP File input validation [CVE-2020-6334]
161023SAP 3D Visual Enterprise Viewer 3DM File input validation [CVE-2020-6333]
161022SAP 3D Visual Enterprise Viewer HPGL File input validation [CVE-2020-6332]
161021SAP 3D Visual Enterprise Viewer HPGL File input validation [CVE-2020-6331]
161020SAP 3D Visual Enterprise Viewer 3DM File input validation [CVE-2020-6330]
161019SAP 3D Visual Enterprise Viewer SKP File input validation [CVE-2020-6329]
161018SAP 3D Visual Enterprise Viewer CGM File input validation [CVE-2020-6328]
161017SAP 3D Visual Enterprise Viewer 3DM File input validation [CVE-2020-6327]
161016SAP NetWeaver Knowledge Management Stored cross site scriting
161015SAP NetWeaver AS ABAP BSP Test Application sbspext_table Reflected cross site scriting
161014SAP 3D Visual Enterprise Viewer 3DM File input validation [CVE-2020-6322]
161013SAP 3D Visual Enterprise Viewer U3D File input validation [CVE-2020-6321]
161012SAP Marketing Servlet privileges management [CVE-2020-6320]
161011SAP NetWeaver ABAP Server code injection [CVE-2020-6318]
161010SAP 3D Visual Enterprise Viewer HPGL File input validation [CVE-2020-6314]
161009SAP NetWeaver Application Server XML Forms Stored cross site scriting
161008SAP BusinessObjects Business Intelligence Platform Web Intelligence HTML Interface Stored cross site scriting
161007SAP Bank Analyzer/S-4HANA Banking Services improper authorization
161006SAP Commerce Backoffice URL session fixiation [CVE-2020-6302]
161005SAP Business Intelligence Platform Web Intelligence HTML Interface unrestricted upload
161004SAP Fiori Launchpad Reflected cross site scriting [CVE-2020-6283]
161003File Manager Plugin code injection [CVE-2020-25213]
161002Linux Kernel NFS Client nfs4proc.c toctou
161001Linux Kernel Netlink Config nf_conntrack_netlink.c ctnetlink_parse_tuple_filter buffer overflow
161000Kentico cross site scripting [CVE-2020-24794]
160999Octopus Deploy Password log file [CVE-2020-24566]
160998Project Worlds Car Rental Management System Vehicle Image Upload unrestricted upload
160997SourceCodester Stock Management System Brand Name Persistent cross site scripting
160996SourceCodester Stock Management System sql injection [CVE-2020-24197]
160995SourceCodester Online Bike Rental File Upload Image unrestricted upload
160994SourceCodester Daily Tracker System user-profile.php cross site scripting
160993silk-v3-decoder Decode return value [CVE-2020-24074]
160992Palo Alto PAN-OS Log File opcmdhistory.log Password log file
160991Palo Alto PAN-OS Log File log file [CVE-2020-2043]
160990Palo Alto PAN-OS Management Web Interface stack-based overflow
160989Palo Alto PAN-OS Maintenance Mode config [CVE-2020-2041]
160988Palo Alto PAN-OS Authentication Interface buffer overflow [CVE-2020-2040]
160987Palo Alto PAN-OS Management Web Interface resource consumption
160986Palo Alto PAN-OS Management Interface os command injection [CVE-2020-2038]
160985Palo Alto PAN-OS Management Interface os command injection [CVE-2020-2037]
160984Palo Alto PAN-OS Management Web Interface Reflected cross site scripting
160983OpenSSL TLS inadequate encryption [CVE-2020-1968]
160982Linux Kernel IPsec cleartext transmission [CVE-2020-1749]
160981Red Hat JBossWeb WebSocket resource consumption [CVE-2020-14384]
160980cifs-utils mount.cifs command injection
160979COVIDSafe Bluetooth authorization [CVE-2020-14292]
160978Apache NetBeans Gradle Project code injection [CVE-2020-11986]
160977Yodobashi App redirect [CVE-2020-5627]
160976IBM Business Process Manager Web UI Stored cross site scriting
160975IBM Business Process Manager Web UI cross site scriting [CVE-2020-4516]
160974Qualcomm Snapdragon Auto ASLR information disclosure [CVE-2020-3679]
160973Qualcomm Snapdragon Auto information disclosure [CVE-2020-3674]
160972Qualcomm Snapdragon Auto MHI Command buffer overflow [CVE-2020-3656]
160971Qualcomm Snapdragon Auto NAS Transport integer underflow [CVE-2020-3634]
160970Qualcomm Snapdragon Compute Q6 Testbus out-of-bounds read [CVE-2020-3617]
160969Qualcomm Snapdragon Auto Ape Clip assertion [CVE-2020-11135]
160968Qualcomm Snapdragon Consumer IOT/Snapdragon Mobile Capture Request use after free
160967Qualcomm Snapdragon Auto Client Map Table use after free [CVE-2020-11124]
160966Microsoft SQL Server Reporting Services input validation [CVE-2020-1044]
160965Microsoft Edge Browser Helper Object memory corruption [CVE-2020-16884]
160964Microsoft Visual Studio Code JSON input validation [CVE-2020-16881]
160963Microsoft Windows Projected Filesystem input validation [CVE-2020-16879]
160962Microsoft Dynamics 365 cross site scripting [CVE-2020-16878]
160961Microsoft Xamarin.Forms Android WebView insecure default initialization of resource
160960Microsoft Dynamics 365 cross site scripting [CVE-2020-16872]
160959Microsoft Dynamics 365 cross site scripting [CVE-2020-16871]
160958Microsoft Dynamics 365 cross site scripting [CVE-2020-16864]
160957Microsoft Dynamics 365 cross site scripting [CVE-2020-16861]
160956Microsoft Dynamics 365 input validation [CVE-2020-16860]
160955Microsoft Dynamics 365 cross site scripting [CVE-2020-16859]
160954Microsoft Dynamics 365 cross site scripting [CVE-2020-16858]
160953Microsoft Visual Studio memory corruption [CVE-2020-16856]
160952Microsoft Office out-of-bounds read [CVE-2020-16855]
160951Microsoft Windows Kernel memory corruption [CVE-2020-16854]
160950Microsoft OneDrive link following [CVE-2020-16853]
160949Microsoft OneDrive privileges management [CVE-2020-16852]
160948Microsoft OneDrive link following [CVE-2020-16851]
160947Microsoft Windows UPnP Service privileges management [CVE-2020-1598]
160946Microsoft Windows TLS risky encryption [CVE-2020-1596]
160945Microsoft Excel memory corruption [CVE-2020-1594]
160944Microsoft Windows Kernel initialization [CVE-2020-1592]
160943Microsoft Windows Connected User Experiences/Telemetry Service privileges management
160942Microsoft Windows Kernel information disclosure [CVE-2020-1589]
160941Microsoft SharePoint Server cross site scripting [CVE-2020-1575]
160940Microsoft Windows Storage Services privileges management [CVE-2020-1559]
160939Microsoft Windows InstallService privileges management [CVE-2020-1532]
160938Microsoft SharePoint Server Profile Data privileges management
160937Microsoft SharePoint Server cross site scripting [CVE-2020-1514]
160936Microsoft Windows Microsoft COM for Windows privileges management
160935Microsoft Internet Explorer Start-Up Application privileges management
160934Microsoft Windows Function Discovery Service privileges management
160933Microsoft SharePoint Server cross site scripting [CVE-2020-1482]
160932Microsoft Windows CloudExperienceHost privileges management [CVE-2020-1471]
160931Microsoft SharePoint Server Profile Data input validation [CVE-2020-1440]
160930Microsoft Windows fdSSDP.dll privileges management [CVE-2020-1376]
160929Microsoft SharePoint Server cross site scripting [CVE-2020-1345]
160928Microsoft Office Word code injection [CVE-2020-1338]
160927Microsoft Excel memory corruption [CVE-2020-1335]
160926Microsoft Office Excel memory corruption [CVE-2020-1332]
160925Microsoft Windows DirectX privileges management [CVE-2020-1308]
160924Microsoft Windows Windows Runtime privileges management [CVE-2020-1303]
160923Microsoft Windows GDI information disclosure [CVE-2020-1256]
160922Microsoft Windows Win32k information disclosure [CVE-2020-1250]
160921Microsoft Windows Win32k privileges management [CVE-2020-1245]
160920Microsoft Windows DNS denial of service [CVE-2020-1228]
160919Microsoft SharePoint Server cross site scripting [CVE-2020-1227]
160918Microsoft SharePoint Server Excel information disclosure [CVE-2020-1224]
160917Microsoft Office Word code injection [CVE-2020-1218]
160916Microsoft SharePoint Server input validation [CVE-2020-1205]
160915Microsoft SharePoint Server cross site scripting [CVE-2020-1198]
160914Microsoft Office Excel memory corruption [CVE-2020-1193]
160913Microsoft Edge/ChakraCore Scripting Engine out-of-bounds write
160912Microsoft Windows Windows Runtime privileges management [CVE-2020-1169]
160911Microsoft Windows StartTileData.dll privileges management [CVE-2020-1159]
160910Microsoft Windows Win32k.sys privileges management [CVE-2020-1152]
160909Microsoft Windows Store Runtime privileges management [CVE-2020-1146]
160908Microsoft Windows Diagnostics Hub Standard Collector privileges management
160907Microsoft Windows Diagnostics Hub Standard Collector privileges management
160906Microsoft Windows Language Pack Installer unusual condition [CVE-2020-1122]
160905Microsoft Windows StartTileData.dll information disclosure [CVE-2020-1119]
160904Microsoft Windows Common Log File System Driver privileges management
160903Microsoft Windows Shell Infrastructure privileges management
160902Microsoft Windows GDI dynamically-managed code resources [CVE-2020-1097]
160901Microsoft Windows Graphics Component dynamically-managed code resources
160900Microsoft Windows Graphics Component memory corruption [CVE-2020-1083]
160899Microsoft Windows JET Database Engine memory corruption [CVE-2020-1074]
160898Microsoft Windows DirectX privileges management [CVE-2020-1053]
160897Microsoft Windows ssdpsrv.dll privileges management [CVE-2020-1052]
160896Microsoft ASP.NET Core Security Feature privileges management
160895Microsoft Windows JET Database Engine memory corruption [CVE-2020-1039]
160894Microsoft Windows Routing Utilities denial of service [CVE-2020-1038]
160893Microsoft Windows Kernel privileges management [CVE-2020-1034]
160892Microsoft Windows Kernel information disclosure [CVE-2020-1033]
160891Microsoft Windows DHCP Server information disclosure [CVE-2020-1031]
160890Microsoft Windows Print Spooler privileges management [CVE-2020-1030]
160889Microsoft Windows Group Policy privileges management [CVE-2020-1013]
160888Microsoft Internet Explorer Wininit.dll privileges management
160887Microsoft Windows Graphics Component privileges management [CVE-2020-0998]
160886Microsoft Windows Mobile Device Management authorization [CVE-2020-0989]
160885Microsoft Windows Windows Defender Application Control permission assignment
160884Microsoft Windows Win32k information disclosure [CVE-2020-0941]
160883Microsoft Windows Kernel information disclosure [CVE-2020-0928]
160882Microsoft Windows Graphics Component information disclosure [CVE-2020-0921]
160881Microsoft Windows State Repository Service information disclosure
160880Microsoft Windows Function Discovery SSDP Provider privileges management
160879Microsoft Windows Modules Installer privileges management [CVE-2020-0911]
160878Microsoft Windows Hyper-V permission assignment [CVE-2020-0904]
160877Microsoft Windows Hyper-V privileges management [CVE-2020-0890]
160876Microsoft Windows Storage Services privileges management [CVE-2020-0886]
160875Microsoft Windows splwow64.exe information disclosure
160874Microsoft Windows Shell Infrastructure memory corruption [CVE-2020-0870]
160873Microsoft Windows Active Directory integrated DNS information disclosure
160872Microsoft Windows dnsrslvr.dll memory corruption [CVE-2020-0839]
160871Microsoft Windows NTFS privileges management [CVE-2020-0838]
160870Microsoft Windows Active Directory Federation Service 2FA improper authentication
160869Microsoft Windows DNS input validation [CVE-2020-0836]
160868Microsoft Windows Projected Filesystem permission assignment
160867Microsoft Windows splwow64.exe privileges management
160866Microsoft Windows Cryptographic Catalog Service privileges management
160865Microsoft Windows Store Runtime privileges management [CVE-2020-0766]
160864Microsoft Windows Active Directory integrated DNS privileges management
160863Microsoft Windows Active Directory integrated DNS memory corruption
160862Microsoft Windows Active Directory integrated DNS information disclosure
160861Microsoft Windows RSoP Service Application privileges management
160860Microsoft Exchange Server Email code injection [CVE-2020-16875]
160859Microsoft Visual Studio code injection [CVE-2020-16874]
160858Microsoft Dynamics 365 Web Request input validation [CVE-2020-16862]
160857Microsoft Dynamics 365 for Finance/Operations input validation
160856Microsoft SharePoint Server API code download [CVE-2020-1595]
160855Microsoft Windows Media Audio Decoder memory corruption [CVE-2020-1593]
160854Microsoft SharePoint Server Markup code download [CVE-2020-1576]
160853Microsoft Windows Media Audio Decoder code injection [CVE-2020-1508]
160852Microsoft SharePoint Enterprise Server ASP.Net Web Control privileges management
160851Microsoft SharePoint Server Markup code download [CVE-2020-1453]
160850Microsoft SharePoint Server Markup code download [CVE-2020-1452]
160849Microsoft Windows Codecs Library memory corruption [CVE-2020-1319]
160848Microsoft Windows GDI+ memory corruption [CVE-2020-1285]
160847Microsoft Windows memory corruption [CVE-2020-1252]
160846Microsoft SharePoint Server Markup code download [CVE-2020-1210]
160845Microsoft SharePoint Server Markup code download [CVE-2020-1200]
160844Microsoft Edge/ChakraCore Scripting Engine out-of-bounds write
160843Microsoft Windows Codecs Library memory corruption [CVE-2020-1129]
160842Microsoft Edge/ChakraCore Scripting Engine memory corruption
160841Microsoft Windows Camera Codec Pack memory corruption [CVE-2020-0997]
160840Microsoft Windows Microsoft COM for Windows memory corruption
160839Microsoft Windows Text Service Module memory corruption [CVE-2020-0908]
160838Microsoft Internet Explorer memory corruption [CVE-2020-0878]
160837Microsoft ChakraCore/Edge memory corruption [CVE-2020-0878]
160836FreeBSD IPv4 DHCP Client heap-based overflow [CVE-2020-7461]
160835FreeBSD SCTP Socket use after free [CVE-2020-7463]
160834FreeBSD IPv6 Hop-by-Hop Option use after free [CVE-2020-7462]
160833Adobe Experience Manager input validation [CVE-2020-9743]
160832Adobe Experience Manager Reflected cross site scripting [CVE-2020-9742]
160831Adobe Experience Manager Stored cross site scripting [CVE-2020-9741]
160830Adobe Experience Manager Stored cross site scripting [CVE-2020-9740]
160829Adobe Experience Manager Stored cross site scripting [CVE-2020-9738]
160828Adobe Experience Manager Stored cross site scripting [CVE-2020-9737]
160827Adobe Experience Manager Stored cross site scripting [CVE-2020-9736]
160826Adobe Experience Manager Stored cross site scripting [CVE-2020-9735]
160825Adobe Experience Manager Stored cross site scripting [CVE-2020-9734]
160824Adobe Experience Manager information disclosure [CVE-2020-9733]
160823Adobe Experience Manager Storage cross site scripting [CVE-2020-9732]
160822Adobe Framemaker out-of-bounds write [CVE-2020-9725]
160821Adobe Framemaker out-of-bounds read [CVE-2020-9726]
160820Adobe InDesign Remote Code Execution [CVE-2020-9731]
160819Adobe InDesign Remote Code Execution [CVE-2020-9730]
160818Adobe InDesign Remote Code Execution [CVE-2020-9729]
160817Adobe InDesign Remote Code Execution [CVE-2020-9728]
160816Adobe InDesign Remote Code Execution [CVE-2020-9727]
160815Qualcomm Snapdragon Auto WLAN information disclosure [CVE-2020-3702]
160814Qualcomm Snapdragon Auto Service Info Parser integer underflow
160813Qualcomm Snapdragon Auto WLAN TCP IP Verification memory corruption
160812Qualcomm Snapdragon Auto PMF buffer overflow [CVE-2020-3668]
160811Qualcomm Snapdragon Auto WPA buffer overflow [CVE-2020-3667]
160810Qualcomm Snapdragon Auto Host Command out-of-bounds write [CVE-2020-3666]
160809Qualcomm Snapdragon Auto DSP Driver input validation [CVE-2020-3648]
160808Qualcomm Snapdragon Compute debugfs out-of-bounds write [CVE-2020-3647]
160807Qualcomm Snapdragon Compute buffer overflow [CVE-2020-3646]
160806Qualcomm Snapdragon Auto Secure Touch Session information disclosure
160805Qualcomm Snapdragon Auto Secure Display Touch information disclosure
160804Qualcomm Snapdragon Compute Table Header memory corruption [CVE-2020-3640]
160803Qualcomm Snapdragon Auto memory corruption [CVE-2020-3636]
160802Qualcomm Snapdragon Auto DSP buffer overflow [CVE-2020-3629]
160801Qualcomm Snapdragon Auto integer overflow [CVE-2020-3624]