CVE List - 2020 / November
Showing 201 - 300 of 1246 CVEs for November 2020 (Page 3 of 13)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-6015 | 2020-11-05 | Check Point Endpoint Security for Windows before E84.10 can reach... |
| CVE-2020-25661 | 2020-11-05 | A Red Hat only CVE-2020-12351 regression issue was found in... |
| CVE-2020-13536 | 2020-11-05 | An exploitable local privilege elevation vulnerability exists in the file... |
| CVE-2020-13537 | 2020-11-05 | An exploitable local privilege elevation vulnerability exists in the file... |
| CVE-2020-7207 | 2020-11-05 | A local elevation of privilege using physical access security vulnerability... |
| CVE-2020-17510 | 2020-11-05 | Apache Shiro before 1.7.0, when using Apache Shiro with Spring,... |
| CVE-2020-25837 | 2020-11-05 | Sensitive information disclosure vulnerability in Micro Focus Self Service Password... |
| CVE-2020-6877 | 2020-11-05 | A ZTE product is impacted by an information leak vulnerability.... |
| CVE-2020-15708 | 2020-11-06 | Libvirt Service Arbitrary File Write Privilege Escalation Vulnerability |
| CVE-2020-5643 | 2020-11-06 | Improper input validation vulnerability in Cybozu Garoon 5.0.0 to 5.0.2... |
| CVE-2020-5644 | 2020-11-06 | Buffer overflow vulnerability in TCP/IP function included in the firmware... |
| CVE-2020-5645 | 2020-11-06 | Session fixation vulnerability in TCP/IP function included in the firmware... |
| CVE-2020-5646 | 2020-11-06 | NULL pointer dereferences vulnerability in TCP/IP function included in the... |
| CVE-2020-5647 | 2020-11-06 | Improper access control vulnerability in TCP/IP function included in the... |
| CVE-2020-5648 | 2020-11-06 | Improper neutralization of argument delimiters in a command ('Argument Injection')... |
| CVE-2020-5649 | 2020-11-06 | Resource management error vulnerability in TCP/IP function included in the... |
| CVE-2020-5667 | 2020-11-06 | Studyplus App for Android v6.3.7 and earlier and Studyplus App... |
| CVE-2020-27347 | 2020-11-06 | tmux stack buffer overflow in function input_csi_dispatch_sgr_colon |
| CVE-2020-28241 | 2020-11-06 | libmaxminddb before 1.4.3 has a heap-based buffer over-read in dump_entry_data_list... |
| CVE-2020-28242 | 2020-11-06 | An issue was discovered in Asterisk Open Source 13.x before... |
| CVE-2020-28249 | 2020-11-06 | Joplin 1.2.6 for Desktop allows XSS via a LINK element... |
| CVE-2020-28250 | 2020-11-06 | Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user... |
| CVE-2020-28196 | 2020-11-06 | MIT Kerberos 5 (aka krb5) before 1.17.2 and 1.18.x before... |
| CVE-2020-16846 | 2020-11-06 | An issue was discovered in SaltStack Salt through 3002. Sending... |
| CVE-2020-17490 | 2020-11-06 | The TLS module within SaltStack Salt through 3002 creates certificates... |
| CVE-2020-25592 | 2020-11-06 | In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials... |
| CVE-2020-26521 | 2020-11-06 | The JWT library in NATS nats-server before 2.1.9 allows a... |
| CVE-2020-26892 | 2020-11-06 | The JWT library in NATS nats-server before 2.1.9 has Incorrect... |
| CVE-2020-27152 | 2020-11-06 | An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the... |
| CVE-2020-27616 | 2020-11-06 | ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits... |
| CVE-2020-27617 | 2020-11-06 | eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users... |
| CVE-2020-10292 | 2020-11-06 | Service DoS through arbitrary pointer dereferencing on KUKA simulator |
| CVE-2020-10291 | 2020-11-06 | RVD#3336: System information disclosure without authentication on KUKA simulators |
| CVE-2020-27589 | 2020-11-06 | Synopsys hub-rest-api-python (aka blackduck on PyPI) version 0.0.25 - 0.0.52... |
| CVE-2020-26883 | 2020-11-06 | In Play Framework 2.6.0 through 2.8.2, stack consumption can occur... |
| CVE-2020-27196 | 2020-11-06 | An issue was discovered in PlayJava in Play Framework 2.6.0... |
| CVE-2020-26882 | 2020-11-06 | In Play Framework 2.6.0 through 2.8.2, data amplification can occur... |
| CVE-2020-4482 | 2020-11-06 | IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could... |
| CVE-2020-4483 | 2020-11-06 | IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could... |
| CVE-2020-4484 | 2020-11-06 | IBM UrbanCode Deploy (UCD) 6.2.7.3, 6.2.7.4, 7.0.3.0, and 7.0.4.0 could... |
| CVE-2020-5795 | 2020-11-06 | UNIX Symbolic Link (Symlink) Following in TP-Link Archer A7(US)_V5_200721 allows... |
| CVE-2020-7198 | 2020-11-06 | There is a remote escalation of privilege possible for a... |
| CVE-2020-8580 | 2020-11-06 | SANtricity OS Controller Software versions 11.30 and higher are susceptible... |
| CVE-2020-8577 | 2020-11-06 | SANtricity OS Controller Software versions 11.50.1 and higher are susceptible... |
| CVE-2020-25170 | 2020-11-06 | B. Braun OnlineSuite |
| CVE-2020-25174 | 2020-11-06 | B. Braun OnlineSuite |
| CVE-2020-25172 | 2020-11-06 | B. Braun OnlineSuite |
| CVE-2020-5794 | 2020-11-06 | A vulnerability in Nessus Network Monitor versions 5.11.0, 5.11.1, and... |
| CVE-2020-26213 | 2020-11-06 | Denial of Service in teler |
| CVE-2017-18926 | 2020-11-06 | raptor_xml_writer_start_element_common in raptor_xml_writer.c in Raptor RDF Syntax Library 2.0.15 miscalculates... |
| CVE-2020-26214 | 2020-11-06 | LDAP authentication bypass in Alerta |
| CVE-2020-28327 | 2020-11-06 | A res_pjsip_session crash was discovered in Asterisk Open Source 13.x... |
| CVE-2020-26083 | 2020-11-06 | Cisco Identity Services Engine Cross-Site Scripting Vulnerability |
| CVE-2020-26084 | 2020-11-06 | Cisco Edge Fog Fabric Resource Exposure Vulnerability |
| CVE-2020-26086 | 2020-11-06 | Cisco TelePresence Collaboration Endpoint Software Information Disclosure Vulnerability |
| CVE-2020-27121 | 2020-11-06 | Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability |
| CVE-2020-27122 | 2020-11-06 | Cisco Identity Services Engine Privilege Escalation Vulnerability |
| CVE-2020-27123 | 2020-11-06 | Cisco AnyConnect Secure Mobility Client for Windows Arbitrary File Read Vulnerability |
| CVE-2020-27128 | 2020-11-06 | Cisco SD-WAN vManage Software Arbitrary File Creation Vulnerability |
| CVE-2020-27129 | 2020-11-06 | Cisco SD-WAN vManage Software Command Injection Vulnerability |
| CVE-2020-3284 | 2020-11-06 | Cisco IOS XR Software Enhanced Preboot eXecution Environment Unsigned Code Execution Vulnerability |
| CVE-2020-3371 | 2020-11-06 | Cisco Integrated Management Controller Command Injection Vulnerability |
| CVE-2020-3444 | 2020-11-06 | Cisco SD-WAN Software Packet Filtering Bypass Vulnerability |
| CVE-2020-3551 | 2020-11-06 | Cisco Identity Services Engine Cross-Site Scripting Vulnerability |
| CVE-2020-3556 | 2020-11-06 | Cisco AnyConnect Secure Mobility Client Arbitrary Code Execution Vulnerability |
| CVE-2020-3573 | 2020-11-06 | Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities |
| CVE-2020-3574 | 2020-11-06 | Cisco IP Phone TCP Packet Flood Denial of Service Vulnerability |
| CVE-2020-3579 | 2020-11-06 | Cisco SD-WAN vManage Software Cross-Site Scripting Vulnerability |
| CVE-2020-3587 | 2020-11-06 | Cisco SD-WAN vManage Software Cross-Site Scripting Vulnerability |
| CVE-2020-3588 | 2020-11-06 | Cisco Webex Meetings Desktop App Arbitrary Code Execution Vulnerability |
| CVE-2020-3590 | 2020-11-06 | Cisco SD-WAN vManage Software Cross-Site Scripting Vulnerability |
| CVE-2020-3591 | 2020-11-06 | Cisco SD-WAN vManage Cross-Site Scripting Vulnerability |
| CVE-2020-3592 | 2020-11-06 | Cisco SD-WAN vManage Software Authorization Bypass Vulnerability |
| CVE-2020-3593 | 2020-11-06 | Cisco SD-WAN Software Privilege Escalation Vulnerability |
| CVE-2020-3594 | 2020-11-06 | Cisco SD-WAN Software Privilege Escalation Vulnerability |
| CVE-2020-3595 | 2020-11-06 | Cisco SD-WAN Software Privilege Escalation Vulnerability |
| CVE-2020-3600 | 2020-11-06 | Cisco SD-WAN Software Privilege Escalation Vulnerability |
| CVE-2020-3603 | 2020-11-06 | Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities |
| CVE-2020-3604 | 2020-11-06 | Cisco Webex Network Recording Player and Cisco Webex Player Arbitrary Code Execution Vulnerabilities |
| CVE-2020-28328 | 2020-11-06 | SuiteCRM before 7.11.17 is vulnerable to remote code execution via... |
| CVE-2020-28168 | 2020-11-06 | Axios NPM package 0.21.0 contains a Server-Side Request Forgery (SSRF)... |
| CVE-2020-15259 | 2020-11-06 | CSRF in Auth0 ad-ldap-connector |
| CVE-2020-16121 | 2020-11-07 | PackageKit error messages leak presence and mimetype of files to unprivileged users |
| CVE-2020-16122 | 2020-11-07 | Packagekit's apt backend lets user install untrusted local packages |
| CVE-2020-28339 | 2020-11-07 | The usc-e-shop (aka Collne Welcart e-Commerce) plugin before 1.9.36 for... |
| CVE-2020-28342 | 2020-11-08 | An issue was discovered on Samsung mobile devices with P(9.0)... |
| CVE-2020-28343 | 2020-11-08 | An issue was discovered on Samsung mobile devices with P(9.0)... |
| CVE-2020-28341 | 2020-11-08 | An issue was discovered on Samsung mobile devices with Q(10.0)... |
| CVE-2020-28340 | 2020-11-08 | An issue was discovered on Samsung mobile devices with O(8.x),... |
| CVE-2020-28345 | 2020-11-08 | An issue was discovered on LG mobile devices with Android... |
| CVE-2020-28344 | 2020-11-08 | An issue was discovered on LG mobile devices with Android... |
| CVE-2020-7764 | 2020-11-08 | Web Cache Poisoning |
| CVE-2020-28347 | 2020-11-08 | tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows... |
| CVE-2020-24400 | 2020-11-09 | SQL injection allows arbitrary read from database |
| CVE-2020-24402 | 2020-11-09 | Incorrect permissions in the Integrations component could lead to unauthorized deletion of customer details via REST API |
| CVE-2020-24401 | 2020-11-09 | Incorrect permissions following the deletion of a user role or deactivation of a user |
| CVE-2020-24403 | 2020-11-09 | Incorrect permissions could lead to unauthorized modification of inventory source data via REST API |
| CVE-2020-24405 | 2020-11-09 | Incorrect permissions in Inventory module could lead to unauthorized modification of inventory stock data |
| CVE-2020-24406 | 2020-11-09 | Document root path disclosure on Maintenance page |
| CVE-2020-24407 | 2020-11-09 | Arbitrary code execution via file import functionality |