CVE List - 2020 / November
Showing 801 - 900 of 1246 CVEs for November 2020 (Page 9 of 13)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-26225 | 2020-11-16 | Reflected XSS in PrestaShop Product Comments |
| CVE-2020-14389 | 2020-11-17 | It was found that Keycloak before version 12.0.0 would permit... |
| CVE-2020-26406 | 2020-11-17 | Certain SAST CiConfiguration information could be viewed by unauthorized users... |
| CVE-2020-13358 | 2020-11-17 | A vulnerability in the internal Kubernetes agent api in GitLab... |
| CVE-2020-13353 | 2020-11-17 | When importing repos via URL, one time use git credentials... |
| CVE-2020-13352 | 2020-11-17 | Private group info is leaked leaked in GitLab CE/EE version... |
| CVE-2020-13354 | 2020-11-17 | A potential DOS vulnerability was discovered in GitLab CE/EE starting... |
| CVE-2020-25834 | 2020-11-17 | Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting... |
| CVE-2020-11860 | 2020-11-17 | Cross-Site Scripting vulnerability on Micro Focus ArcSight Logger product, affecting... |
| CVE-2020-11851 | 2020-11-17 | Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product,... |
| CVE-2020-25832 | 2020-11-17 | Reflected Cross Site scripting vulnerability on Micro Focus Filr product,... |
| CVE-2020-25705 | 2020-11-17 | A flaw in ICMP packets in the Linux kernel may... |
| CVE-2020-25833 | 2020-11-17 | Persistent cross-Site Scripting vulnerability on Micro Focus IDOL product, affecting... |
| CVE-2020-10776 | 2020-11-17 | A flaw was found in Keycloak before version 12.0.0, where... |
| CVE-2020-15349 | 2020-11-17 | BinaryNights ForkLift 3.x before 3.4 has a local privilege escalation... |
| CVE-2020-27192 | 2020-11-17 | BinaryNights ForkLift 3.4 was compiled with the com.apple.security.cs.disable-library-validation flag enabled... |
| CVE-2020-27125 | 2020-11-17 | Cisco Security Manager Static Credential Vulnerability |
| CVE-2020-27131 | 2020-11-17 | Cisco Security Manager Java Deserialization Vulnerabilities |
| CVE-2020-27130 | 2020-11-17 | Cisco Security Manager Path Traversal Vulnerability |
| CVE-2020-7774 | 2020-11-17 | Prototype Pollution |
| CVE-2020-7841 | 2020-11-17 | TOBESOFT XPLATFORM arbitrary hta file execution vulnerability |
| CVE-2020-28647 | 2020-11-17 | In Progress MOVEit Transfer before 2020.1, a malicious user could... |
| CVE-2020-28688 | 2020-11-17 | The add artwork functionality in ARTWORKS GALLERY IN PHP, CSS,... |
| CVE-2020-28687 | 2020-11-17 | The edit profile functionality in ARTWORKS GALLERY IN PHP, CSS,... |
| CVE-2020-25746 | 2020-11-17 | QED ResourceXpress Qubi3 devices before 1.40.9 could allow a local... |
| CVE-2020-27558 | 2020-11-17 | Use of an undocumented user in BASETech GE-131 BT-1837836 firmware... |
| CVE-2020-27557 | 2020-11-17 | Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware... |
| CVE-2020-27556 | 2020-11-17 | A predictable device ID in BASETech GE-131 BT-1837836 firmware 20180921... |
| CVE-2020-27555 | 2020-11-17 | Use of default credentials for the telnet server in BASETech... |
| CVE-2020-25798 | 2020-11-17 | A stored cross-site scripting (XSS) vulnerability in LimeSurvey before and... |
| CVE-2020-27554 | 2020-11-17 | Cleartext Transmission of Sensitive Information vulnerability in BASETech GE-131 BT-1837836... |
| CVE-2020-27553 | 2020-11-17 | In BASETech GE-131 BT-1837836 firmware 20180921, the web-server on the... |
| CVE-2020-21665 | 2020-11-17 | In fastadmin V1.0.0.20191212_beta, when a user with administrator rights has... |
| CVE-2020-13958 | 2020-11-17 | A vulnerability in Apache OpenOffice scripting events allows an attacker... |
| CVE-2020-13351 | 2020-11-17 | Insufficient permission checks in scheduled pipeline API in GitLab CE/EE... |
| CVE-2020-26701 | 2020-11-17 | Cross-site scripting (XSS) vulnerability in Dashboards section in Kaa IoT... |
| CVE-2020-13350 | 2020-11-17 | CSRF in runner administration page in all versions of GitLab... |
| CVE-2020-25400 | 2020-11-17 | Cross domain policies in Taskcafe Project Management tool before version... |
| CVE-2020-13348 | 2020-11-17 | An issue has been discovered in GitLab EE affecting all... |
| CVE-2020-13349 | 2020-11-17 | An issue has been discovered in GitLab EE affecting all... |
| CVE-2020-26405 | 2020-11-17 | Path traversal vulnerability in package upload functionality in GitLab CE/EE... |
| CVE-2020-28138 | 2020-11-17 | SourceCodester Online Clothing Store 1.0 is affected by a SQL... |
| CVE-2020-28139 | 2020-11-17 | SourceCodester Online Clothing Store 1.0 is affected by a cross-site... |
| CVE-2020-28140 | 2020-11-17 | SourceCodester Online Clothing Store 1.0 is affected by an arbitrary... |
| CVE-2020-28133 | 2020-11-17 | An issue was discovered in SourceCodester Simple Grocery Store Sales... |
| CVE-2020-28136 | 2020-11-17 | An Arbitrary File Upload is discovered in SourceCodester Tourism Management... |
| CVE-2020-25988 | 2020-11-17 | UPNP Service listening on port 5555 in Genexis Platinum 4410... |
| CVE-2020-25890 | 2020-11-17 | The web application of Kyocera printer (ECOSYS M2640IDW) is affected... |
| CVE-2020-28129 | 2020-11-17 | Stored Cross-site scripting (XSS) vulnerability in SourceCodester Gym Management System... |
| CVE-2020-28130 | 2020-11-17 | An Arbitrary File Upload in the Upload Image component in... |
| CVE-2020-26548 | 2020-11-17 | An issue was discovered in Aviatrix Controller before R5.4.1290. There... |
| CVE-2020-26549 | 2020-11-17 | An issue was discovered in Aviatrix Controller before R5.4.1290. The... |
| CVE-2020-26550 | 2020-11-17 | An issue was discovered in Aviatrix Controller before R5.3.1151. An... |
| CVE-2020-26551 | 2020-11-17 | An issue was discovered in Aviatrix Controller before R5.3.1151. Encrypted... |
| CVE-2020-26216 | 2020-11-17 | Cross-Site Scripting in TYPO3 Fluid |
| CVE-2020-26552 | 2020-11-17 | An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple... |
| CVE-2020-26553 | 2020-11-17 | An issue was discovered in Aviatrix Controller before R6.0.2483. Several... |
| CVE-2020-28914 | 2020-11-17 | An improper file permissions vulnerability affects Kata Containers prior to... |
| CVE-2020-28092 | 2020-11-17 | PESCMS Team 2.3.2 has multiple reflected XSS via the id... |
| CVE-2020-28183 | 2020-11-17 | SQL injection vulnerability in SourceCodester Water Billing System 1.0 via... |
| CVE-2020-28366 | 2020-11-18 | Arbitrary code execution in go command with cgo in cmd/go and cmd/cgo |
| CVE-2020-28367 | 2020-11-18 | Arbitrary code execution via the go command with cgo in cmd/go |
| CVE-2020-28915 | 2020-11-18 | A buffer over-read (at the framebuffer layer) in the fbcon... |
| CVE-2020-28917 | 2020-11-18 | An issue was discovered in the view_statistics (aka View frontend... |
| CVE-2020-24723 | 2020-11-18 | Cross Site Scripting (XSS) vulnerability in the Registration page of... |
| CVE-2020-28361 | 2020-11-18 | Kamailio before 5.4.0, as used in Sip Express Router (SER)... |
| CVE-2020-7563 | 2020-11-18 | A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server... |
| CVE-2020-7564 | 2020-11-18 | A CWE-120: Buffer Copy without Checking Size of Input ('Classic... |
| CVE-2020-7562 | 2020-11-18 | A CWE-125: Out-of-Bounds Read vulnerability exists in the Web Server... |
| CVE-2020-6016 | 2020-11-18 | Valve's Game Networking Sockets prior to version v1.2.0 improperly handles... |
| CVE-2020-28724 | 2020-11-18 | Open redirect vulnerability in werkzeug before 0.11.6 via a double... |
| CVE-2020-26884 | 2020-11-18 | RSA Archer 6.8 through 6.8.0.3 and 6.9 contains a URL... |
| CVE-2020-28005 | 2020-11-18 | httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4)... |
| CVE-2020-24297 | 2020-11-18 | httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows... |
| CVE-2020-25406 | 2020-11-18 | app\admin\controller\sys\Uploads.php in lemocms 1.8.x allows users to upload files to... |
| CVE-2020-28362 | 2020-11-18 | Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of... |
| CVE-2020-28091 | 2020-11-18 | cxuucms v3 has a SQL injection vulnerability, which can lead... |
| CVE-2020-26933 | 2020-11-18 | Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0... |
| CVE-2020-26554 | 2020-11-18 | REDDOXX MailDepot 2033 (aka 2.3.3022) allows XSS via an incoming... |
| CVE-2020-4592 | 2020-11-18 | IBM MQ Appliance 9.1.CD and LTS could allow an authenticated... |
| CVE-2020-26068 | 2020-11-18 | Cisco Telepresence CE Software and RoomOS Software Unauthorized Token Generation Vulnerability |
| CVE-2020-26072 | 2020-11-18 | Cisco IoT Field Network Director SOAP API Authorization Bypass Vulnerability |
| CVE-2020-26075 | 2020-11-18 | Cisco IoT Field Network REST API Insufficient Input Validation Vulnerability |
| CVE-2020-26076 | 2020-11-18 | Cisco IoT Field Network Director Information Disclosure Vulnerability |
| CVE-2020-26077 | 2020-11-18 | Cisco IoT Field Network Director Improper Access Control Vulnerability |
| CVE-2020-26078 | 2020-11-18 | Cisco IoT Field Network Director File Overwrite Vulnerability |
| CVE-2020-26079 | 2020-11-18 | Cisco IoT Field Network Director Unprotected Storage of Credentials Vulnerability |
| CVE-2020-26080 | 2020-11-18 | Cisco IoT Field Network Director Improper Domain Access Control Vulnerability |
| CVE-2020-26081 | 2020-11-18 | Cisco IoT Field Network Director Cross-Site Scripting Vulnerabilities |
| CVE-2020-27126 | 2020-11-18 | Cisco Webex Meetings API Cross-Site Scripting Vulnerability |
| CVE-2020-3367 | 2020-11-18 | Cisco Secure Web Appliance Privilege Escalation Vulnerability |
| CVE-2020-3392 | 2020-11-18 | Cisco IoT Field Network Director Missing API Authentication Vulnerability |
| CVE-2020-3419 | 2020-11-18 | Cisco Webex Meetings and Cisco Webex Meetings Server Ghost Join Vulnerability |
| CVE-2020-3441 | 2020-11-18 | Cisco Webex Meetings and Cisco Webex Meetings Server Information Disclosure Vulnerability |
| CVE-2020-3470 | 2020-11-18 | Cisco Integrated Management Controller Multiple Remote Code Execution Vulnerabilities |
| CVE-2020-3471 | 2020-11-18 | Cisco Webex Meetings and Cisco Webex Meetings Server Unauthorized Audio Information Exposure Vulnerability |
| CVE-2020-3482 | 2020-11-18 | Cisco Expressway Software Unauthorized Access Information Disclosure Vulnerability |
| CVE-2020-3531 | 2020-11-18 | Cisco IoT Field Network Director Unauthenticated REST API Vulnerability |
| CVE-2020-3586 | 2020-11-18 | Cisco DNA Spaces Connector Command Injection Vulnerability |
| CVE-2020-26097 | 2020-11-18 | The firmware of the PLANET Technology Corp NVR-915 and NVR-1615... |