CVE List - 2020 / November
Showing 301 - 400 of 1246 CVEs for November 2020 (Page 4 of 13)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-24404 | 2020-11-09 | Incorrect permissions in Integrations component could lead to unauthorized deletion of cmsPages via REST API |
| CVE-2020-28349 | 2020-11-09 | An inaccurate frame deduplication process in ChirpStack Network Server 3.9.0... |
| CVE-2020-28351 | 2020-11-09 | The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow... |
| CVE-2020-15297 | 2020-11-09 | Insufficient validation in the Bitdefender Update Server and BEST Relay... |
| CVE-2020-24353 | 2020-11-09 | Pega Platform before 8.4.0 has a XSS issue via stream... |
| CVE-2020-8276 | 2020-11-09 | The implementation of Brave Desktop's privacy-preserving analytics system (P3A) between... |
| CVE-2020-8268 | 2020-11-09 | Prototype pollution vulnerability in json8-merge-patch npm package < 1.0.3 may... |
| CVE-2020-8150 | 2020-11-09 | A cryptographic issue in Nextcloud Server 19.0.1 allowed an attacker... |
| CVE-2020-8133 | 2020-11-09 | A wrong generation of the passphrase for the encrypted block... |
| CVE-2020-25655 | 2020-11-09 | An issue was discovered in ManagedClusterView API, that could allow... |
| CVE-2020-9300 | 2020-11-09 | The Access Control issues include allowing a regular user to... |
| CVE-2020-9299 | 2020-11-09 | There were XSS vulnerabilities discovered and reported in the Dispatch... |
| CVE-2020-14366 | 2020-11-09 | A vulnerability was found in keycloak, where path traversal using... |
| CVE-2020-23136 | 2020-11-09 | Microweber v1.1.18 is affected by no session expiry after log-out. |
| CVE-2020-23138 | 2020-11-09 | An unrestricted file upload vulnerability was discovered in the Microweber... |
| CVE-2020-23139 | 2020-11-09 | Microweber 1.1.18 is affected by broken authentication and session management.... |
| CVE-2020-23140 | 2020-11-09 | Microweber 1.1.18 is affected by insufficient session expiration. When changing... |
| CVE-2020-26542 | 2020-11-09 | An issue was discovered in the MongoDB Simple LDAP plugin... |
| CVE-2020-27982 | 2020-11-09 | IceWarp 11.4.5.0 allows XSS via the language parameter. |
| CVE-2020-28364 | 2020-11-09 | A stored cross-site scripting (XSS) vulnerability affects the Web UI... |
| CVE-2020-27977 | 2020-11-09 | CapaSystems CapaInstaller before 6.0.101 does not properly assign, modify, or... |
| CVE-2020-4650 | 2020-11-09 | IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0... |
| CVE-2020-4651 | 2020-11-09 | IBM Maximo Spatial Asset Management 7.6.0.3, 7.6.0.4, 7.6.0.5, and 7.6.1.0... |
| CVE-2020-4759 | 2020-11-09 | IBM FileNet Content Manager 5.5.4 and 5.5.5 is potentially vulnerable... |
| CVE-2020-28371 | 2020-11-09 | An issue was discovered in ReadyTalk Avian 1.2.0 before 2020-10-27.... |
| CVE-2020-26168 | 2020-11-09 | The LDAP authentication method in LdapLoginModule in Hazelcast IMDG Enterprise... |
| CVE-2020-28373 | 2020-11-09 | upnpd on certain NETGEAR devices allows remote (LAN) attackers to... |
| CVE-2020-14188 | 2020-11-09 | The preprocessArgs function in the Atlassian gajira-create GitHub Action before... |
| CVE-2020-14189 | 2020-11-09 | The execute function in in the Atlassian gajira-comment GitHub Action... |
| CVE-2020-27016 | 2020-11-09 | Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is... |
| CVE-2020-27017 | 2020-11-09 | Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is... |
| CVE-2020-27018 | 2020-11-09 | Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is... |
| CVE-2020-27019 | 2020-11-09 | Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is... |
| CVE-2020-27693 | 2020-11-09 | Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores... |
| CVE-2020-27694 | 2020-11-09 | Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 has... |
| CVE-2020-13927 | 2020-11-10 | The previous default setting for Airflow's Experimental API was to... |
| CVE-2020-16125 | 2020-11-10 | gdm3 would start gnome-initial-setup if it cannot contact accountservice |
| CVE-2020-0439 | 2020-11-10 | In generatePackageInfo of PackageManagerService.java, there is a possible permissions bypass... |
| CVE-2020-0442 | 2020-11-10 | In Message and toBundle of Notification.java, there is a possible... |
| CVE-2020-0443 | 2020-11-10 | In LocaleList of LocaleList.java, there is a possible forced reboot... |
| CVE-2020-0418 | 2020-11-10 | In getPermissionInfosForGroup of Utils.java, there is a logic error. This... |
| CVE-2020-0448 | 2020-11-10 | In getPhoneAccountsForPackage of TelecomServiceImpl.java, there is a possible way to... |
| CVE-2020-0409 | 2020-11-10 | In create of FileMap.cpp, there is a possible out of... |
| CVE-2020-0450 | 2020-11-10 | In rw_i93_sm_format of rw_i93.cc, there is a possible out of... |
| CVE-2020-0441 | 2020-11-10 | In Message and toBundle of Notification.java, there is a possible... |
| CVE-2020-0451 | 2020-11-10 | In sbrDecoder_AssignQmfChannels2SbrChannels of sbrdecoder.cpp, there is a possible out of... |
| CVE-2020-0452 | 2020-11-10 | In exif_entry_get_value of exif-entry.c, there is a possible out of... |
| CVE-2020-0453 | 2020-11-10 | In updateNotification of BeamTransferManager.java, there is a possible permission bypass... |
| CVE-2020-0424 | 2020-11-10 | In send_vc of res_send.cpp, there is a possible out of... |
| CVE-2020-0454 | 2020-11-10 | In callCallbackForRequest of ConnectivityService.java, there is a possible permission bypass... |
| CVE-2020-0438 | 2020-11-10 | In the AIBinder_Class constructor of ibinder.cpp, there is a possible... |
| CVE-2020-0449 | 2020-11-10 | In btm_sec_disconnected of btm_sec.cc, there is a possible memory corruption... |
| CVE-2020-0437 | 2020-11-10 | In CellBroadcastReceiver's intent handlers, there is a possible denial of... |
| CVE-2020-0447 | 2020-11-10 | There is a possible out of bounds write due to... |
| CVE-2020-0445 | 2020-11-10 | There is a possible out of bounds write due to... |
| CVE-2020-0446 | 2020-11-10 | There is a possible out of bounds write due to... |
| CVE-2020-24384 | 2020-11-10 | A10 Networks ACOS and aGalaxy management Graphical User Interfaces (GUIs)... |
| CVE-2020-5388 | 2020-11-10 | Dell Inspiron 15 7579 2-in-1 BIOS versions prior to 1.31.0... |
| CVE-2020-4568 | 2020-11-10 | IBM Tivoli Key Lifecycle Manager 3.0, 3.0.1, and 4.0 stores... |
| CVE-2020-4704 | 2020-11-10 | IBM Content Navigator 3.0CD is vulnerable to stored cross-site scripting.... |
| CVE-2020-4760 | 2020-11-10 | IBM Content Navigator 3.0CD is vulnerable to cross-site scripting. This... |
| CVE-2020-12485 | 2020-11-10 | The frame touch module does not make validity judgments on... |
| CVE-2020-7766 | 2020-11-10 | Prototype Pollution |
| CVE-2020-28267 | 2020-11-10 | Prototype pollution vulnerability in '@strikeentco/set' version 1.0.0 allows attacker to... |
| CVE-2020-26809 | 2020-11-10 | SAP Commerce Cloud, versions- 1808,1811,1905,2005, allows an attacker to bypass... |
| CVE-2020-6316 | 2020-11-10 | SAP ERP and SAP S/4 HANA allows an authenticated user... |
| CVE-2020-26811 | 2020-11-10 | SAP Commerce Cloud (Accelerator Payment Mock), versions - 1808, 1811,... |
| CVE-2020-26808 | 2020-11-10 | SAP AS ABAP(DMIS), versions - 2011_1_620, 2011_1_640, 2011_1_700, 2011_1_710, 2011_1_730,... |
| CVE-2020-26815 | 2020-11-10 | SAP Fiori Launchpad (News tile Application), versions - 750,751,752,753,754,755, allows... |
| CVE-2020-26819 | 2020-11-10 | SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740,... |
| CVE-2020-26820 | 2020-11-10 | SAP NetWeaver AS JAVA, versions - 7.20, 7.30, 7.31, 7.40,... |
| CVE-2020-26814 | 2020-11-10 | SAP Process Integration (PGP Module - Business-to-Business Add On), version... |
| CVE-2020-26822 | 2020-11-10 | SAP Solution Manager (JAVA stack), version - 7.20, allows an... |
| CVE-2020-26817 | 2020-11-10 | SAP 3D Visual Enterprise Viewer, version - 9, allows an... |
| CVE-2020-26824 | 2020-11-10 | SAP Solution Manager (JAVA stack), version - 7.20, allows an... |
| CVE-2020-26818 | 2020-11-10 | SAP NetWeaver AS ABAP (Web Dynpro), versions - 731, 740,... |
| CVE-2020-26821 | 2020-11-10 | SAP Solution Manager (JAVA stack), version - 7.20, allows an... |
| CVE-2020-26823 | 2020-11-10 | SAP Solution Manager (JAVA stack), version - 7.20, allows an... |
| CVE-2020-26810 | 2020-11-10 | SAP Commerce Cloud (Accelerator Payment Mock), versions - 1808, 1811,... |
| CVE-2020-26807 | 2020-11-10 | SAP ERP Client for E-Bilanz, version - 1.0, installation sets... |
| CVE-2020-25074 | 2020-11-10 | The cache action in action/cache.py in MoinMoin through 1.9.10 allows... |
| CVE-2020-27403 | 2020-11-10 | A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1... |
| CVE-2020-27146 | 2020-11-10 | TIBCO iProcess Workspace Browser CSRF |
| CVE-2020-28055 | 2020-11-10 | A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1... |
| CVE-2020-28368 | 2020-11-10 | Xen through 4.14.x allows guest OS administrators to obtain sensitive... |
| CVE-2020-23968 | 2020-11-10 | Ilex International Sign&go Workstation Security Suite 7.1 allows elevation of... |
| CVE-2019-7357 | 2020-11-10 | Subrion CMS 4.2.1 has CSRF in panel/modules/plugins/. The attacker can... |
| CVE-2020-24063 | 2020-11-10 | The Canto plugin 1.3.0 for WordPress allows includes/lib/download.php?subdomain= SSRF. |
| CVE-2020-28409 | 2020-11-10 | The server in Dundas BI through 8.0.0.1001 allows XSS via... |
| CVE-2020-28408 | 2020-11-10 | The server in Dundas BI through 8.0.0.1001 allows XSS via... |
| CVE-2020-24367 | 2020-11-10 | Incorrect file permissions in BlueStacks 4 through 4.230 on Windows... |
| CVE-2020-25267 | 2020-11-10 | An XSS issue exists in the question-pool file-upload preview feature... |
| CVE-2020-25268 | 2020-11-10 | Remote Code Execution can occur via the external news feed... |
| CVE-2020-17049 | 2020-11-11 | Kerberos KDC Security Feature Bypass Vulnerability |
| CVE-2020-16126 | 2020-11-11 | accountsservice drops ruid, allows unprivileged users to send it signals |
| CVE-2020-16127 | 2020-11-11 | accountsservice .pam_environment infinite loop |
| CVE-2020-16970 | 2020-11-11 | Azure Sphere Unsigned Code Execution Vulnerability |
| CVE-2020-16979 | 2020-11-11 | Microsoft SharePoint Information Disclosure Vulnerability |
| CVE-2020-16981 | 2020-11-11 | Azure Sphere Elevation of Privilege Vulnerability |
| CVE-2020-16982 | 2020-11-11 | Azure Sphere Unsigned Code Execution Vulnerability |