CVE List - 2020 / November
Showing 101 - 200 of 1246 CVEs for November 2020 (Page 2 of 13)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-6557 | 2020-11-03 | Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75... |
| CVE-2019-4349 | 2020-11-03 | IBM Maximo Anywhere 7.6.2.0, 7.6.2.1, 7.6.3.0, and 7.6.3.1 applications can... |
| CVE-2020-4649 | 2020-11-03 | IBM Planning Analytics Local 2.0.9.2 and IBM Planning Analytics Workspace... |
| CVE-2020-4785 | 2020-11-03 | IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3,... |
| CVE-2020-26210 | 2020-11-03 | Cross-Site Scripting in BookStack |
| CVE-2020-1908 | 2020-11-03 | Improper authorization of the Screen Lock feature in WhatsApp and... |
| CVE-2020-1909 | 2020-11-03 | A use-after-free in a logging library in WhatsApp for iOS... |
| CVE-2020-26211 | 2020-11-03 | Cross-Site Scripting in BookStack |
| CVE-2020-28049 | 2020-11-04 | An issue was discovered in SDDM before 0.19.0. It incorrectly... |
| CVE-2020-2299 | 2020-11-04 | Jenkins Active Directory Plugin 2.19 and earlier allows attackers to... |
| CVE-2020-2300 | 2020-11-04 | Jenkins Active Directory Plugin 2.19 and earlier does not prohibit... |
| CVE-2020-2301 | 2020-11-04 | Jenkins Active Directory Plugin 2.19 and earlier allows attackers to... |
| CVE-2020-2302 | 2020-11-04 | A missing permission check in Jenkins Active Directory Plugin 2.19... |
| CVE-2020-2303 | 2020-11-04 | A cross-site request forgery (CSRF) vulnerability in Jenkins Active Directory... |
| CVE-2020-2304 | 2020-11-04 | Jenkins Subversion Plugin 2.13.1 and earlier does not configure its... |
| CVE-2020-2305 | 2020-11-04 | Jenkins Mercurial Plugin 2.11 and earlier does not configure its... |
| CVE-2020-2306 | 2020-11-04 | A missing permission check in Jenkins Mercurial Plugin 2.11 and... |
| CVE-2020-2307 | 2020-11-04 | Jenkins Kubernetes Plugin 1.27.3 and earlier allows low-privilege users to... |
| CVE-2020-2308 | 2020-11-04 | A missing permission check in Jenkins Kubernetes Plugin 1.27.3 and... |
| CVE-2020-2309 | 2020-11-04 | A missing/An incorrect permission check in Jenkins Kubernetes Plugin 1.27.3... |
| CVE-2020-2310 | 2020-11-04 | Missing permission checks in Jenkins Ansible Plugin 1.0 and earlier... |
| CVE-2020-2311 | 2020-11-04 | A missing permission check in Jenkins AWS Global Configuration Plugin... |
| CVE-2020-2312 | 2020-11-04 | Jenkins SQLPlus Script Runner Plugin 2.0.12 and earlier does not... |
| CVE-2020-2313 | 2020-11-04 | A missing permission check in Jenkins Azure Key Vault Plugin... |
| CVE-2020-2314 | 2020-11-04 | Jenkins AppSpider Plugin 1.0.12 and earlier stores a password unencrypted... |
| CVE-2020-2315 | 2020-11-04 | Jenkins Visualworks Store Plugin 1.1.3 and earlier does not configure... |
| CVE-2020-2316 | 2020-11-04 | Jenkins Static Analysis Utilities Plugin 1.96 and earlier does not... |
| CVE-2020-2317 | 2020-11-04 | Jenkins FindBugs Plugin 5.0.0 and earlier does not escape the... |
| CVE-2020-2318 | 2020-11-04 | Jenkins Mail Commander Plugin for Jenkins-ci Plugin 1.0.0 and earlier... |
| CVE-2020-2319 | 2020-11-04 | Jenkins VMware Lab Manager Slaves Plugin 0.2.8 and earlier stores... |
| CVE-2020-26167 | 2020-11-04 | In FUEL CMS 11.4.12 and before, the page preview feature... |
| CVE-2020-22278 | 2020-11-04 | phpMyAdmin through 5.0.2 allows CSV injection via Export Section. NOTE:... |
| CVE-2020-22276 | 2020-11-04 | WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's... |
| CVE-2020-22277 | 2020-11-04 | Import and export users and customers WordPress Plugin through 1.15.5.11... |
| CVE-2020-22275 | 2020-11-04 | Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an... |
| CVE-2020-22273 | 2020-11-04 | Neoflex Video Subscription System Version 2.0 is affected by CSRF... |
| CVE-2020-22274 | 2020-11-04 | JomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via... |
| CVE-2020-8037 | 2020-11-04 | ppp decapsulator can be convinced to allocate a large amount of memory |
| CVE-2020-8036 | 2020-11-04 | str2tokbuf used incorrectly by print-someip.c |
| CVE-2020-7129 | 2020-11-04 | A remote execution of arbitrary commands vulnerability was discovered in... |
| CVE-2020-7128 | 2020-11-04 | A remote unauthenticated arbitrary code execution vulnerability was discovered in... |
| CVE-2019-7356 | 2020-11-04 | Subrion CMS v4.2.1 allows XSS via the panel/phrases/ VALUE parameter. |
| CVE-2020-27689 | 2020-11-04 | The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516... |
| CVE-2020-27690 | 2020-11-04 | The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516... |
| CVE-2020-27691 | 2020-11-04 | The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516... |
| CVE-2020-27692 | 2020-11-04 | The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516... |
| CVE-2020-26207 | 2020-11-04 | Unsafe deserialization in DatabaseSchemaViewer |
| CVE-2020-25201 | 2020-11-04 | HashiCorp Consul Enterprise version 1.7.0 up to 1.8.4 includes a... |
| CVE-2020-25662 | 2020-11-05 | A Red Hat only CVE-2020-12352 regression issue was found in... |
| CVE-2020-27387 | 2020-11-05 | An unrestricted file upload issue in HorizontCMS through 1.0.0-beta allows... |
| CVE-2020-7761 | 2020-11-05 | Regular Expression Denial of Service (ReDoS) |
| CVE-2020-7762 | 2020-11-05 | Arbitrary File Read |
| CVE-2020-7763 | 2020-11-05 | Arbitrary File Read |
| CVE-2020-24849 | 2020-11-05 | A remote code execution vulnerability is identified in FruityWifi through... |
| CVE-2020-27402 | 2020-11-05 | The HK1 Box S905X3 TV Box contains a vulnerability that... |
| CVE-2020-15952 | 2020-11-05 | Immuta v2.8.2 is affected by stored XSS that allows a... |
| CVE-2020-15951 | 2020-11-05 | Immuta v2.8.2 accepts user-supplied project names without properly sanitizing the... |
| CVE-2020-15949 | 2020-11-05 | Immuta v2.8.2 is affected by one instance of insecure permissions... |
| CVE-2020-15950 | 2020-11-05 | Immuta v2.8.2 is affected by improper session management: user sessions... |
| CVE-2020-28047 | 2020-11-05 | AudimexEE before 14.1.1 is vulnerable to Reflected XSS (Cross-Site-Scripting). If... |
| CVE-2020-27955 | 2020-11-05 | Git LFS 2.12.0 allows Remote Code Execution. |
| CVE-2020-28115 | 2020-11-05 | SQL Injection vulnerability in "Documents component" found in AudimexEE version... |
| CVE-2020-27688 | 2020-11-05 | RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to... |
| CVE-2020-26506 | 2020-11-05 | An Authorization Bypass vulnerability in the Marmind web application with... |
| CVE-2020-25399 | 2020-11-05 | Stored XSS in InterMind iMind Server through 3.13.65 allows any... |
| CVE-2020-25398 | 2020-11-05 | CSV Injection exists in InterMind iMind Server through 3.13.65 via... |
| CVE-2020-14240 | 2020-11-05 | HCL Notes versions previous to releases 9.0.1 FP10 IF8, 10.0.1... |
| CVE-2020-4097 | 2020-11-05 | In HCL Notes version 9 previous to release 9.0.1 FixPack... |
| CVE-2018-1725 | 2020-11-05 | IBM QRadar SIEM 7.3 and 7.4 n a multi tenant... |
| CVE-2020-14222 | 2020-11-05 | HCL Digital Experience 8.5, 9.0, 9.5 is susceptible to cross... |
| CVE-2020-26505 | 2020-11-05 | A Stored Cross-Site Scripting (XSS) vulnerability in the “Marmind” web... |
| CVE-2020-26507 | 2020-11-05 | A CSV Injection (also known as Formula Injection) vulnerability in... |
| CVE-2020-13661 | 2020-11-05 | Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs... |
| CVE-2020-8267 | 2020-11-05 | A security issue was found in UniFi Protect controller v1.14.10... |
| CVE-2020-12145 | 2020-11-05 | Silver Peak Unity OrchestratorTM authentication can be subverted through manipulation of HTTP headers. |
| CVE-2020-12147 | 2020-11-05 | Unauthorized queries against the Silver Peak Unity OrchestratorTM MySQL database. |
| CVE-2020-12146 | 2020-11-05 | Silver Peak Unity OrchestratorTM subject to path traversal. |
| CVE-2020-5793 | 2020-11-05 | A vulnerability in Nessus versions 8.9.0 through 8.12.0 for Windows... |
| CVE-2020-5939 | 2020-11-05 | In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.3, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, and 13.1.0-13.1.3.4, BIG-IP Virtual... |
| CVE-2020-5942 | 2020-11-05 | In BIG-IP PEM versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and... |
| CVE-2020-5941 | 2020-11-05 | On BIG-IP versions 16.0.0-16.0.0.1 and 15.1.0-15.1.0.5, using the RESOLV::lookup command... |
| CVE-2020-5940 | 2020-11-05 | In versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.3, a stored cross-site scripting... |
| CVE-2020-5945 | 2020-11-05 | In BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, undisclosed TMUI page... |
| CVE-2020-5943 | 2020-11-05 | In versions 14.1.0-14.1.0.1 and 14.1.2.5-14.1.2.7, when a BIG-IP object is... |
| CVE-2020-5944 | 2020-11-05 | In BIG-IQ 7.1.0, accessing the DoS Summary events and DNS... |
| CVE-2020-5946 | 2020-11-05 | In BIG-IP Advanced WAF and FPS versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and... |
| CVE-2020-24426 | 2020-11-05 | Acrobat Reader DC Out-Of-Bounds Read Information Disclosure Vulnerability |
| CVE-2020-24427 | 2020-11-05 | Acrobat Reader DC Codec Input Validation Vulnerability Could Lead to Information Disclosure |
| CVE-2020-24437 | 2020-11-05 | Acrobat Reader DC Use-After-Free Vulnerability Could Lead to Arbitrary Code Execution |
| CVE-2020-24428 | 2020-11-05 | Acrobat Reader DC for macOS Race Condition Vulnerability Could Lead to Privilege Escalation |
| CVE-2020-24431 | 2020-11-05 | Acrobat Reader DC for macOS Dynamic Library Injection Vulnerability |
| CVE-2020-24429 | 2020-11-05 | Acrobat Reader DC for macOS Signature Verification Bypass Could Lead to Privilege Escalation |
| CVE-2020-24430 | 2020-11-05 | Acrobat Pro DC Use-After-Free vulnerability Could Lead to Arbitrary Code Execution |
| CVE-2020-24432 | 2020-11-05 | Acrobat Reader DC Arbitrary JavaScript Execution in PDF Documents |
| CVE-2020-24435 | 2020-11-05 | Acrobat Reader DC Heap-based Buffer Overflow Could Lead to Arbitrary Code Execution |
| CVE-2020-24434 | 2020-11-05 | Acrobat Pro DC Out-Of-Bounds Read Vulnerability Could Lead to Information Disclosure |
| CVE-2020-24438 | 2020-11-05 | Acrobat Reader DC Use-After-Free Vulnerability Could Lead to Information Disclosure |
| CVE-2020-24433 | 2020-11-05 | Adobe Acrobat Reader DC Local Privilege Escalation via Installer Component |
| CVE-2020-24439 | 2020-11-05 | Acrobat Reader DC for macOS Signature Validation Bypass |
| CVE-2020-24436 | 2020-11-05 | Acrobat Pro DC PDF Export Out-Of-Bounds Write Vulnerability Could Lead to Arbitrary Code Execution |