CVE List - 2020 / November
Showing 901 - 1000 of 1246 CVEs for November 2020 (Page 10 of 13)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-27695 | 2020-11-18 | Trend Micro Security 2020 (Consumer) contains a vulnerability in the... |
| CVE-2020-27696 | 2020-11-18 | Trend Micro Security 2020 (Consumer) contains a vulnerability in the... |
| CVE-2020-27697 | 2020-11-18 | Trend Micro Security 2020 (Consumer) contains a vulnerability in the... |
| CVE-2020-28572 | 2020-11-18 | A vulnerability in Trend Micro Apex One could allow an... |
| CVE-2020-28574 | 2020-11-18 | A unauthenticated path traversal arbitrary remote file deletion vulnerability in... |
| CVE-2020-28578 | 2020-11-18 | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance... |
| CVE-2020-28579 | 2020-11-18 | A vulnerability in Trend Micro InterScan Web Security Virtual Appliance... |
| CVE-2020-28580 | 2020-11-18 | A command injection vulnerability in AddVLANItem of Trend Micro InterScan... |
| CVE-2020-28581 | 2020-11-18 | A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan... |
| CVE-2020-25454 | 2020-11-18 | Cross-site Scripting (XSS) vulnerability in grocy 2.7.1 via the add... |
| CVE-2020-15301 | 2020-11-18 | SuiteCRM through 7.11.13 allows CSV Injection via registration fields in... |
| CVE-2020-15300 | 2020-11-18 | SuiteCRM through 7.11.13 has an Open Redirect in the Documents... |
| CVE-2020-14208 | 2020-11-18 | SuiteCRM 7.11.13 is affected by stored Cross-Site Scripting (XSS) in... |
| CVE-2020-13799 | 2020-11-18 | Western Digital has identified a security vulnerability in the Replay... |
| CVE-2020-26215 | 2020-11-18 | Open redirect in Jupyter Notebook |
| CVE-2020-22723 | 2020-11-18 | A cross-site scripting (XSS) vulnerability in Beijing Liangjing Zhicheng Technology... |
| CVE-2020-26226 | 2020-11-18 | Secret disclosure in semantic-release |
| CVE-2020-12593 | 2020-11-18 | Symantec Endpoint Detection & Response, prior to 4.5, may be... |
| CVE-2019-12412 | 2020-11-18 | A flaw in the libapreq2 v2.07 to v2.13 multipart parser... |
| CVE-2020-13355 | 2020-11-18 | An issue has been discovered in GitLab CE/EE affecting all... |
| CVE-2020-13356 | 2020-11-18 | An issue has been discovered in GitLab CE/EE affecting all... |
| CVE-2020-13359 | 2020-11-18 | The Terraform API in GitLab CE/EE 12.10+ exposed the object... |
| CVE-2020-25699 | 2020-11-19 | In moodle, insufficient capability checks could lead to users with... |
| CVE-2020-7561 | 2020-11-19 | A CWE-306: Missing Authentication for Critical Function vulnerability exists in... |
| CVE-2020-5947 | 2020-11-19 | In versions 16.0.0-16.0.0.1 and 15.1.0-15.1.1, on specific BIG-IP platforms, attackers... |
| CVE-2020-8277 | 2020-11-19 | A Node.js application that allows an attacker to trigger a... |
| CVE-2020-8279 | 2020-11-19 | Missing validation of server certificates for out-going connections in Nextcloud... |
| CVE-2020-8278 | 2020-11-19 | Improper access control in Nextcloud Social app version 0.3.1 allowed... |
| CVE-2019-20933 | 2020-11-19 | InfluxDB before 1.7.6 has an authentication bypass vulnerability in the... |
| CVE-2020-15710 | 2020-11-19 | Potential double-free in pulseaudio |
| CVE-2020-4701 | 2020-11-19 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect... |
| CVE-2020-4718 | 2020-11-19 | IBM Jazz Reporting Service 6.0.6, 6.0.6.1, 7.0, and 7.0.1 is... |
| CVE-2020-28054 | 2020-11-19 | JamoDat TSMManager Collector version up to 6.5.0.21 is vulnerable to... |
| CVE-2020-28941 | 2020-11-19 | An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel... |
| CVE-2020-9049 | 2020-11-19 | victor Web Client and C•CURE Web Client JSON Web Token (JWT) Vulnerability |
| CVE-2020-11829 | 2020-11-19 | Dynamic loading of services in the backup and restore SDK... |
| CVE-2020-11830 | 2020-11-19 | QualityProtect has a vulnerability to execute arbitrary system commands, affected... |
| CVE-2020-11831 | 2020-11-19 | OvoiceManager has system permission to write vulnerability reports for arbitrary... |
| CVE-2020-25698 | 2020-11-19 | Users' enrollment capabilities were not being sufficiently checked in Moodle... |
| CVE-2020-25701 | 2020-11-19 | If the upload course tool in Moodle was used to... |
| CVE-2020-25703 | 2020-11-19 | The participants table download in Moodle always included user emails,... |
| CVE-2020-25702 | 2020-11-19 | In Moodle, it was possible to include JavaScript when re-naming... |
| CVE-2020-25700 | 2020-11-19 | In moodle, some database module web services allowed students to... |
| CVE-2020-6879 | 2020-11-19 | Some ZTE devices have input verification vulnerabilities. The devices support... |
| CVE-2020-28942 | 2020-11-19 | An issue exists in PrimeKey EJBCA before 7.4.3 when enrolling... |
| CVE-2020-12495 | 2020-11-19 | ENDRESS+HAUSER: Ecograph T utilizing Webserver firmware version 1.x has improper privilege management |
| CVE-2020-12496 | 2020-11-19 | ENDRESS+HAUSER: Ecograph T utilizing Webserver firmware version 2.x exposures sensitive information to an unauthorized actor |
| CVE-2020-12510 | 2020-11-19 | Beckhoff: Privilege Escalation through TwinCat System |
| CVE-2020-28947 | 2020-11-19 | In MISP 2.4.134, XSS exists in the template element index... |
| CVE-2020-22394 | 2020-11-19 | In YzmCMS v5.5 the member contribution function in the editor... |
| CVE-2020-28949 | 2020-11-19 | Archive_Tar through 1.4.10 has :// filename sanitization only to address... |
| CVE-2020-28948 | 2020-11-19 | Archive_Tar through 1.4.10 allows an unserialization attack because phar: is... |
| CVE-2020-28951 | 2020-11-19 | libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may... |
| CVE-2020-28924 | 2020-11-19 | An issue was discovered in Rclone before 1.53.3. Due to... |
| CVE-2020-28350 | 2020-11-19 | A Cross Site Scripting (XSS) vulnerability exists in OPAC in... |
| CVE-2020-25989 | 2020-11-19 | Privilege escalation via arbitrary file write in pritunl electron client... |
| CVE-2020-28210 | 2020-11-19 | A CWE-79 Improper Neutralization of Input During Web Page Generation... |
| CVE-2020-7569 | 2020-11-19 | A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability... |
| CVE-2020-7570 | 2020-11-19 | A CWE-79 Improper Neutralization of Input During Web Page Generation... |
| CVE-2020-7571 | 2020-11-19 | A CWE-79 Multiple Improper Neutralization of Input During Web Page... |
| CVE-2020-7572 | 2020-11-19 | A CWE-611 Improper Restriction of XML External Entity Reference vulnerability... |
| CVE-2020-7573 | 2020-11-19 | A CWE-284 Improper Access Control vulnerability exists in EcoStruxure Building... |
| CVE-2020-28211 | 2020-11-19 | A CWE-863: Incorrect Authorization vulnerability exists in PLC Simulator on... |
| CVE-2020-28212 | 2020-11-19 | A CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists... |
| CVE-2020-28213 | 2020-11-19 | A CWE-494: Download of Code Without Integrity Check vulnerability exists... |
| CVE-2020-7538 | 2020-11-19 | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability... |
| CVE-2020-7559 | 2020-11-19 | A CWE-120: Buffer Copy without Checking Size of Input ('Classic... |
| CVE-2020-7544 | 2020-11-19 | A CWE-269 Improper Privilege Management vulnerability exists in EcoStruxureª Operator... |
| CVE-2020-7550 | 2020-11-19 | A CWE-119 Improper Restriction of Operations within the Bounds of... |
| CVE-2020-7551 | 2020-11-19 | A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe)... |
| CVE-2020-7552 | 2020-11-19 | A CWE-787: Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe)... |
| CVE-2020-7553 | 2020-11-19 | A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe)... |
| CVE-2020-7554 | 2020-11-19 | A CWE-119 Improper Restriction of Operations within the Bounds of... |
| CVE-2020-7555 | 2020-11-19 | A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe)... |
| CVE-2020-7556 | 2020-11-19 | A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe)... |
| CVE-2020-7557 | 2020-11-19 | A CWE-125 Out-of-bounds Read vulnerability exists in IGSS Definition (Def.exe)... |
| CVE-2020-7558 | 2020-11-19 | A CWE-787 Out-of-bounds Write vulnerability exists in IGSS Definition (Def.exe)... |
| CVE-2020-7565 | 2020-11-19 | A CWE-326: Inadequate Encryption Strength vulnerability exists in Modicon M221... |
| CVE-2020-7566 | 2020-11-19 | A CWE-334: Small Space of Random Values vulnerability exists in... |
| CVE-2020-7567 | 2020-11-19 | A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in... |
| CVE-2020-7568 | 2020-11-19 | A CWE-200: Exposure of Sensitive Information to an Unauthorized Actor... |
| CVE-2020-28954 | 2020-11-19 | web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitization, as... |
| CVE-2020-28953 | 2020-11-19 | In BigBlueButton before 2.2.29, a user can vote more than... |
| CVE-2020-28209 | 2020-11-19 | A CWE-428 Windows Unquoted Search Path vulnerability exists in EcoStruxure... |
| CVE-2020-19667 | 2020-11-20 | Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c... |
| CVE-2020-5668 | 2020-11-20 | Uncontrolled resource consumption vulnerability in MELSEC iQ-R Series modules (R00/01/02CPU... |
| CVE-2020-4788 | 2020-11-20 | IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could... |
| CVE-2020-4739 | 2020-11-20 | IBM DB2 Accessories Suite for Linux, UNIX, and Windows, DB2... |
| CVE-2020-4937 | 2020-11-20 | IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.2 uses... |
| CVE-2020-25839 | 2020-11-20 | NetIQ Identity Manager 4.8 prior to version 4.8 SP2 HF1... |
| CVE-2020-7842 | 2020-11-20 | D'live AP command injection vulnerability |
| CVE-2020-19668 | 2020-11-20 | Unverified indexs into the array lead to out of bound... |
| CVE-2020-13671 | 2020-11-20 | Drupal core does not properly sanitize certain filenames on uploaded... |
| CVE-2020-28877 | 2020-11-20 | Buffer overflow in in the copy_msg_element function for the devDiscoverHandle... |
| CVE-2020-28974 | 2020-11-20 | A slab-out-of-bounds read in fbcon in the Linux kernel before... |
| CVE-2020-26236 | 2020-11-20 | Verification Code Hijacking in ScratchVerifier |
| CVE-2020-20739 | 2020-11-20 | im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized... |
| CVE-2020-20740 | 2020-11-20 | PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow... |
| CVE-2020-28845 | 2020-11-20 | A CSV injection vulnerability in the Admin portal for Netskope... |
| CVE-2020-4005 | 2020-11-20 | VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before... |