CVE List - 2020 / October
Showing 1 - 100 of 1594 CVEs for October 2020 (Page 1 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2019-20902 | 2020-10-01 | Upgrading Crowd via XML Data Transfer can reactivate a disabled... |
| CVE-2019-20903 | 2020-10-01 | The hyperlinks functionality in atlaskit/editor-core in before version 113.1.5 allows... |
| CVE-2020-8109 | 2020-10-01 | Bitdefender ace.xmd parser out-of-bounds write (VA-8772) |
| CVE-2020-24861 | 2020-10-01 | GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings... |
| CVE-2020-24860 | 2020-10-01 | CMS Made Simple 2.2.14 allows an authenticated user with access... |
| CVE-2020-25990 | 2020-10-01 | WebsiteBaker 2.12.2 allows SQL Injection via parameter 'display_name' in /websitebaker/admin/preferences/save.php.... |
| CVE-2020-4576 | 2020-10-01 | IBM WebSphere Application Server 7.5, 8.0, 8.5, and 9.0 traditional... |
| CVE-2020-24620 | 2020-10-01 | Unisys Stealth(core) before 4.0.134 stores passwords in a recoverable format.... |
| CVE-2020-16844 | 2020-10-01 | In Istio 1.5.0 though 1.5.8 and Istio 1.6.0 through 1.6.7,... |
| CVE-2020-25017 | 2020-10-01 | Envoy through 1.15.0 only considers the first value when multiple... |
| CVE-2020-25018 | 2020-10-01 | Envoy master between 2d69e30 and 3b5acb2 may fail to parse... |
| CVE-2019-19393 | 2020-10-01 | The Web application on Rittal CMC PU III 7030.000 V3.00... |
| CVE-2020-15228 | 2020-10-01 | Environment Variable Injection in GitHub Actions |
| CVE-2020-25200 | 2020-10-01 | Pritunl 1.29.2145.25 allows attackers to enumerate valid VPN usernames via... |
| CVE-2020-15678 | 2020-10-01 | When recursing through graphical layers while scrolling, an iterator may... |
| CVE-2020-15677 | 2020-10-01 | By exploiting an Open Redirect vulnerability on a website, an... |
| CVE-2020-15676 | 2020-10-01 | Firefox sometimes ran the onload handler for SVG elements that... |
| CVE-2020-15675 | 2020-10-01 | When processing surfaces, the lifetime may outlive a persistent buffer... |
| CVE-2020-15674 | 2020-10-01 | Mozilla developers reported memory safety bugs present in Firefox 80.... |
| CVE-2020-15673 | 2020-10-01 | Mozilla developers reported memory safety bugs present in Firefox 80... |
| CVE-2020-15671 | 2020-10-01 | When typing in a password under certain conditions, a race... |
| CVE-2020-15670 | 2020-10-01 | Mozilla developers reported memory safety bugs present in Firefox for... |
| CVE-2020-15669 | 2020-10-01 | When aborting an operation, such as a fetch, an abort... |
| CVE-2020-15668 | 2020-10-01 | A lock was missing when accessing a data structure and... |
| CVE-2020-15667 | 2020-10-01 | When processing a MAR update file, after the signature has... |
| CVE-2020-15666 | 2020-10-01 | When trying to load a non-video in an audio/video context... |
| CVE-2020-15665 | 2020-10-01 | Firefox did not reset the address bar after the beforeunload... |
| CVE-2020-15664 | 2020-10-01 | By holding a reference to the eval() function from an... |
| CVE-2020-15663 | 2020-10-01 | If Firefox is installed to a user-writable directory, the Mozilla... |
| CVE-2020-15533 | 2020-10-01 | In Zoho ManageEngine Application Manager 14.7 Build 14730 (before 14684,... |
| CVE-2020-15227 | 2020-10-01 | Remote Code Execution vulnerability |
| CVE-2020-11979 | 2020-10-01 | As mitigation for CVE-2020-1945 Apache Ant 1.10.8 changed the permissions... |
| CVE-2020-14223 | 2020-10-01 | HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross-site... |
| CVE-2020-5784 | 2020-10-01 | Server-Side Request Forgery in Teltonika firmware TRB2_R_00.02.04.3 allows a low... |
| CVE-2020-5789 | 2020-10-01 | Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote,... |
| CVE-2020-5786 | 2020-10-01 | Cross-site request forgery in Teltonika firmware TRB2_R_00.02.04.3 allows a remote... |
| CVE-2020-5785 | 2020-10-01 | Insufficient output sanitization in Teltonika firmware TRB2_R_00.02.04.3 allows an unauthenticated... |
| CVE-2020-5787 | 2020-10-01 | Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote,... |
| CVE-2020-5788 | 2020-10-01 | Relative Path Traversal in Teltonika firmware TRB2_R_00.02.04.3 allows a remote,... |
| CVE-2020-9486 | 2020-10-01 | In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution... |
| CVE-2020-9487 | 2020-10-01 | In Apache NiFi 1.0.0 to 1.11.4, the NiFi download token... |
| CVE-2020-13940 | 2020-10-01 | In Apache NiFi 1.0.0 to 1.11.4, the notification service manager... |
| CVE-2020-9491 | 2020-10-01 | In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and... |
| CVE-2020-5387 | 2020-10-01 | Dell XPS 13 9370 BIOS versions prior to 1.13.1 contains... |
| CVE-2020-26511 | 2020-10-02 | The wpo365-login plugin before v11.7 for WordPress allows use of... |
| CVE-2020-26518 | 2020-10-02 | Artica Pandora FMS before 743 allows unauthenticated attackers to conduct... |
| CVE-2020-26519 | 2020-10-02 | Artifex MuPDF before 1.18.0 has a heap based buffer over-write... |
| CVE-2020-26523 | 2020-10-02 | Froala Editor before 3.2.2 allows XSS via pasted content. |
| CVE-2020-26524 | 2020-10-02 | CodeLathe FileCloud before 20.2.0.11915 allows username enumeration. |
| CVE-2020-26540 | 2020-10-02 | An issue was discovered in Foxit Reader and PhantomPDF before... |
| CVE-2020-26539 | 2020-10-02 | An issue was discovered in Foxit Reader and PhantomPDF before... |
| CVE-2020-26538 | 2020-10-02 | An issue was discovered in Foxit Reader and PhantomPDF before... |
| CVE-2020-26537 | 2020-10-02 | An issue was discovered in Foxit Reader and PhantomPDF before... |
| CVE-2020-26536 | 2020-10-02 | An issue was discovered in Foxit Reader and PhantomPDF before... |
| CVE-2020-26535 | 2020-10-02 | An issue was discovered in Foxit Reader and PhantomPDF before... |
| CVE-2020-26534 | 2020-10-02 | An issue was discovered in Foxit Reader and PhantomPDF before... |
| CVE-2019-19199 | 2020-10-02 | REDDOXX MailDepot 2032 SP2 2.2.1242 has Insufficient Session Expiration because... |
| CVE-2020-12123 | 2020-10-02 | CSRF vulnerabilities in the /cgi-bin/ directory of the WAVLINK WN530H4... |
| CVE-2020-12124 | 2020-10-02 | A remote command-line injection vulnerability in the /cgi-bin/live_api.cgi endpoint of... |
| CVE-2020-12125 | 2020-10-02 | A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of... |
| CVE-2020-12126 | 2020-10-02 | Multiple authentication bypass vulnerabilities in the /cgi-bin/ endpoint of the... |
| CVE-2020-12127 | 2020-10-02 | An information disclosure vulnerability in the /cgi-bin/ExportAllSettings.sh endpoint of the... |
| CVE-2020-14293 | 2020-10-02 | conf_datetime in Secudos DOMOS 5.8 allows remote attackers to execute... |
| CVE-2020-14294 | 2020-10-02 | An issue was discovered in Secudos Qiata FTA 1.70.19. The... |
| CVE-2020-17382 | 2020-10-02 | The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow... |
| CVE-2020-17482 | 2020-10-02 | An issue has been found in PowerDNS Authoritative Server before... |
| CVE-2020-24696 | 2020-10-02 | An issue was discovered in PowerDNS Authoritative through 4.3.0 when... |
| CVE-2020-24697 | 2020-10-02 | An issue was discovered in PowerDNS Authoritative through 4.3.0 when... |
| CVE-2020-24698 | 2020-10-02 | An issue was discovered in PowerDNS Authoritative through 4.3.0 when... |
| CVE-2020-25741 | 2020-10-02 | fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer... |
| CVE-2020-26124 | 2020-10-02 | openmediavault before 4.1.36 and 5.x before 5.5.12 allows authenticated PHP... |
| CVE-2020-26134 | 2020-10-02 | Live Helper Chat before 3.44v allows stored XSS in chat... |
| CVE-2020-26135 | 2020-10-02 | Live Helper Chat before 3.44v allows reflected XSS via the... |
| CVE-2020-13168 | 2020-10-02 | SysAid 20.1.11b26 allows reflected XSS via the ForgotPassword.jsp accountid parameter. |
| CVE-2020-7736 | 2020-10-02 | Prototype Pollution |
| CVE-2020-7737 | 2020-10-02 | Prototype Pollution |
| CVE-2020-8110 | 2020-10-02 | Bitdefender ceva_emu.cvd module denial-of-service (VA-8766) |
| CVE-2020-7738 | 2020-10-02 | Arbitrary Code Execution |
| CVE-2020-25623 | 2020-10-02 | Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory... |
| CVE-2020-18184 | 2020-10-02 | In PluxXml V5.7,the theme edit function /PluXml/core/admin/parametres_edittpl.php allows remote attackers... |
| CVE-2020-18185 | 2020-10-02 | class.plx.admin.php in PluXml 5.7 allows attackers to execute arbitrary PHP... |
| CVE-2020-18190 | 2020-10-02 | Bludit v3.8.1 is affected by directory traversal. Remote attackers are... |
| CVE-2020-18191 | 2020-10-02 | GetSimpleCMS-3.3.15 is affected by directory traversal. Remote attackers are able... |
| CVE-2020-7069 | 2020-10-02 | Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV |
| CVE-2020-7070 | 2020-10-02 | PHP parses encoded cookie names so malicious `__Host-` cookies can be sent |
| CVE-2020-24356 | 2020-10-02 | Local Privilege Escalation in cloudflared |
| CVE-2020-5422 | 2020-10-02 | UAA password may appear in BOSH System Metrics Server process arguments |
| CVE-2020-26541 | 2020-10-02 | The Linux kernel through 5.8.13 does not properly enforce the... |
| CVE-2020-5979 | 2020-10-02 | NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability... |
| CVE-2020-5980 | 2020-10-02 | NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability... |
| CVE-2020-5981 | 2020-10-02 | NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability... |
| CVE-2020-5982 | 2020-10-02 | NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability... |
| CVE-2020-24568 | 2020-10-02 | An issue was discovered in MB CONNECT LINE mymbCONNECT24 and... |
| CVE-2020-24627 | 2020-10-02 | A remote stored xss vulnerability was discovered in HPE KVM... |
| CVE-2020-24628 | 2020-10-02 | A remote code injection vulnerability was discovered in HPE KVM... |
| CVE-2020-15230 | 2020-10-02 | Arbitrary file read un Vapor |
| CVE-2020-24397 | 2020-10-02 | An issue was discovered in the client side of Zoho... |
| CVE-2020-15589 | 2020-10-02 | A design issue was discovered in GetInternetRequestHandle, InternetSendRequestEx and InternetSendRequestByBitrate... |
| CVE-2020-13337 | 2020-10-02 | An issue has been discovered in GitLab affecting versions from... |
| CVE-2020-13338 | 2020-10-02 | An issue has been discovered in GitLab affecting versions prior... |