CVE List - 2020 / December
Showing 1 - 100 of 1538 CVEs for December 2020 (Page 1 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-9117 | 2020-12-01 | HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions... |
| CVE-2020-9114 | 2020-12-01 | FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a... |
| CVE-2020-15257 | 2020-12-01 | containerd-shim API Exposed to Host Network Containers |
| CVE-2020-7335 | 2020-12-01 | Privilege Escalation vulnerability in McAfee Total Protection (MTP) |
| CVE-2020-4128 | 2020-12-01 | HCL Domino is susceptible to a lockout policy bypass vulnerability... |
| CVE-2020-7545 | 2020-12-01 | A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª... |
| CVE-2020-7546 | 2020-12-01 | A CWE-79: Improper Neutralization of Input During Web Page Generation... |
| CVE-2020-7547 | 2020-12-01 | A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and... |
| CVE-2020-7548 | 2020-12-01 | A CWE-330 - Use of Insufficiently Random Values vulnerability exists... |
| CVE-2020-7533 | 2020-12-01 | A CWE-255: Credentials Management vulnerability exists in Web Server on... |
| CVE-2020-25177 | 2020-12-01 | WECON PLC Editor Versions 1.3.8 and prior has a stack-based... |
| CVE-2020-25181 | 2020-12-01 | WECON PLC Editor Versions 1.3.8 and prior has a heap-based... |
| CVE-2020-26762 | 2020-12-01 | A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and... |
| CVE-2020-28993 | 2020-12-01 | A Directory Traversal vulnerability exists in ATX miniCMTS200a Broadband Gateway... |
| CVE-2020-28971 | 2020-12-01 | An issue was discovered on Western Digital My Cloud OS... |
| CVE-2020-28940 | 2020-12-01 | On Western Digital My Cloud OS 5 devices before 5.06.115,... |
| CVE-2020-28970 | 2020-12-01 | An issue was discovered on Western Digital My Cloud OS... |
| CVE-2020-6880 | 2020-12-01 | A ZXELINK wireless controller has a SQL injection vulnerability. A... |
| CVE-2020-11990 | 2020-12-01 | We have resolved a security issue in the camera plugin... |
| CVE-2020-29315 | 2020-12-01 | ThinkAdmin version v1 v6 has a stored XSS vulnerability which... |
| CVE-2020-8539 | 2020-12-01 | Kia Motors Head Unit with Software version: SOP.003.30.18.0703, SOP.005.7.181019, and... |
| CVE-2019-16958 | 2020-12-01 | Cross-site Scripting (XSS) vulnerability in SolarWinds Web Help Desk 12.7.0... |
| CVE-2020-28573 | 2020-12-01 | An improper access control information disclosure vulnerability in Trend Micro... |
| CVE-2020-28575 | 2020-12-01 | A heap-based buffer overflow privilege escalation vulnerability in Trend Micro... |
| CVE-2020-28576 | 2020-12-01 | An improper access control information disclosure vulnerability in Trend Micro... |
| CVE-2020-28577 | 2020-12-01 | An improper access control information disclosure vulnerability in Trend Micro... |
| CVE-2020-28582 | 2020-12-01 | An improper access control information disclosure vulnerability in Trend Micro... |
| CVE-2020-28583 | 2020-12-01 | An improper access control information disclosure vulnerability in Trend Micro... |
| CVE-2020-26250 | 2020-12-01 | Base class whitelist configuration ignored in OAuthenticator |
| CVE-2020-14383 | 2020-12-02 | A flaw was found in samba's DNS server. An authenticated... |
| CVE-2020-25656 | 2020-12-02 | A flaw was found in the Linux kernel. A use-after-free... |
| CVE-2020-25704 | 2020-12-02 | A flaw memory leak in the Linux kernel performance monitoring... |
| CVE-2020-27813 | 2020-12-02 | An integer overflow vulnerability exists with the length of websocket... |
| CVE-2020-7199 | 2020-12-02 | A security vulnerability has been identified in the HPE Edgeline... |
| CVE-2020-14305 | 2020-12-02 | An out-of-bounds memory write flaw was found in how the... |
| CVE-2012-0955 | 2020-12-02 | software-properties incorrectly validated TLS certificates |
| CVE-2020-25723 | 2020-12-02 | A reachable assertion issue was found in the USB EHCI... |
| CVE-2020-27816 | 2020-12-02 | The elasticsearch-operator does not validate the namespace where kibana logging... |
| CVE-2020-4102 | 2020-12-02 | HCL Notes is susceptible to a Buffer Overflow vulnerability in... |
| CVE-2020-14260 | 2020-12-02 | HCL Domino is susceptible to a Buffer Overflow vulnerability in... |
| CVE-2020-6018 | 2020-12-02 | Valve's Game Networking Sockets prior to version v1.2.0 improperly handles... |
| CVE-2020-29454 | 2020-12-02 | Editors/LogViewerController.cs in Umbraco through 8.9.1 allows a user to visit... |
| CVE-2020-5423 | 2020-12-02 | Cloud Controller is vulnerable to denial of service via YAML parsing |
| CVE-2020-29456 | 2020-12-02 | Multiple cross-site scripting (XSS) vulnerabilities in Papermerge before 1.5.2 allow... |
| CVE-2020-29458 | 2020-12-02 | Textpattern CMS 4.6.2 allows CSRF via the prefs subsystem. |
| CVE-2020-14369 | 2020-12-02 | This release fixes a Cross Site Request Forgery vulnerability was... |
| CVE-2020-28272 | 2020-12-02 | Prototype pollution vulnerability in 'keyget' versions 1.0.0 through 2.2.0 allows... |
| CVE-2020-28273 | 2020-12-02 | Prototype pollution vulnerability in 'set-in' versions 1.0.0 through 2.0.0 allows... |
| CVE-2020-25638 | 2020-12-02 | A flaw was found in hibernate-core in versions prior to... |
| CVE-2020-12524 | 2020-12-02 | Phoenix Contact BTP Touch Panels uncontrolled resource consumption |
| CVE-2020-13956 | 2020-12-02 | Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can... |
| CVE-2020-29239 | 2020-12-02 | Online Birth Certificate System Project V 1.0 is affected by... |
| CVE-2020-25265 | 2020-12-02 | AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite... |
| CVE-2020-29240 | 2020-12-02 | Lepton-CMS 4.7.0 is affected by cross-site scripting (XSS). An attacker... |
| CVE-2020-25266 | 2020-12-02 | AppImage appimaged before 1.0.3 does not properly check whether a... |
| CVE-2020-29389 | 2020-12-02 | The official Crux Linux Docker images 3.0 through 3.4 contain... |
| CVE-2017-14451 | 2020-12-02 | An exploitable out-of-bounds read vulnerability exists in libevm (Ethereum Virtual... |
| CVE-2020-13493 | 2020-12-02 | A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when... |
| CVE-2017-2910 | 2020-12-02 | An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function... |
| CVE-2020-13494 | 2020-12-02 | A heap overflow vulnerability exists in the Pixar OpenUSD 20.05... |
| CVE-2020-13496 | 2020-12-02 | An exploitable vulnerability exists in the way Pixar OpenUSD 20.05... |
| CVE-2020-13497 | 2020-12-02 | An exploitable vulnerability exists in the way Pixar OpenUSD 20.05... |
| CVE-2020-13498 | 2020-12-02 | An exploitable vulnerability exists in the way Pixar OpenUSD 20.05... |
| CVE-2020-28206 | 2020-12-02 | An issue was discovered in Bitrix24 Bitrix Framework (1c site... |
| CVE-2020-26244 | 2020-12-02 | Cryptographic issues in Python oic |
| CVE-2020-29288 | 2020-12-02 | An SQL injection vulnerability was discovered in Gym Management System... |
| CVE-2020-29287 | 2020-12-02 | An SQL injection vulnerability was discovered in Car Rental Management... |
| CVE-2020-29285 | 2020-12-02 | SQL injection vulnerability was discovered in Point of Sales in... |
| CVE-2020-29284 | 2020-12-02 | The file view-chair-list.php in Multi Restaurant Table Reservation System 1.0... |
| CVE-2020-29283 | 2020-12-02 | An SQL injection vulnerability was discovered in Online Doctor Appointment... |
| CVE-2020-29282 | 2020-12-02 | SQL injection vulnerability in BloodX 1.0 allows attackers to bypass... |
| CVE-2020-29280 | 2020-12-02 | The Victor CMS v1.0 application is vulnerable to SQL injection... |
| CVE-2020-29279 | 2020-12-02 | PHP remote file inclusion in the assign_resume_tpl method in Application/Common/Controller/BaseController.class.php... |
| CVE-2020-14318 | 2020-12-03 | A flaw was found in the way samba handled file... |
| CVE-2020-14339 | 2020-12-03 | A flaw was found in libvirt, where it leaked a... |
| CVE-2020-25711 | 2020-12-03 | A flaw was found in infinispan 10 REST API, where... |
| CVE-2020-27759 | 2020-12-03 | In IntensityCompare() of /MagickCore/quantize.c, a double value was being casted... |
| CVE-2020-27760 | 2020-12-03 | In `GammaImage()` of /MagickCore/enhance.c, depending on the `gamma` value, it's... |
| CVE-2020-27761 | 2020-12-03 | WritePALMImage() in /coders/palm.c used size_t casts in several areas of... |
| CVE-2020-27762 | 2020-12-03 | A flaw was found in ImageMagick in coders/hdr.c. An attacker... |
| CVE-2020-27763 | 2020-12-03 | A flaw was found in ImageMagick in MagickCore/resize.c. An attacker... |
| CVE-2020-27764 | 2020-12-03 | In /MagickCore/statistic.c, there are several areas in ApplyEvaluateOperator() where a... |
| CVE-2020-26246 | 2020-12-03 | Authorization bypass in Pimcore |
| CVE-2020-5638 | 2020-12-03 | Cross-site scripting vulnerability in desknet's NEO (desknet's NEO Small License... |
| CVE-2020-5676 | 2020-12-03 | GROWI v4.1.3 and earlier allow remote attackers to obtain information... |
| CVE-2020-5677 | 2020-12-03 | Reflected cross-site scripting vulnerability in GROWI v4.0.0 and earlier allows... |
| CVE-2020-5678 | 2020-12-03 | Stored cross-site scripting vulnerability in GROWI v3.8.1 and earlier allows... |
| CVE-2020-5679 | 2020-12-03 | Improper restriction of rendered UI layers or frames in EC-CUBE... |
| CVE-2020-5680 | 2020-12-03 | Improper input validation vulnerability in EC-CUBE versions from 3.0.5 to... |
| CVE-2020-6111 | 2020-12-03 | An exploitable denial-of-service vulnerability exists in the IPv4 functionality of... |
| CVE-2020-6021 | 2020-12-03 | Check Point Endpoint Security Client for Windows before version E84.20... |
| CVE-2020-6017 | 2020-12-03 | Valve's Game Networking Sockets prior to version v1.2.0 improperly handles... |
| CVE-2020-28937 | 2020-12-03 | OpenClinic version 0.8.2 is affected by a missing authentication vulnerability... |
| CVE-2020-2320 | 2020-12-03 | Jenkins Plugin Installation Manager Tool 2.1.3 and earlier does not... |
| CVE-2020-2321 | 2020-12-03 | A cross-site request forgery (CSRF) vulnerability in Jenkins Shelve Project... |
| CVE-2020-2322 | 2020-12-03 | Jenkins Chaos Monkey Plugin 0.3 and earlier does not perform... |
| CVE-2020-2323 | 2020-12-03 | Jenkins Chaos Monkey Plugin 0.4 and earlier does not perform... |
| CVE-2020-2324 | 2020-12-03 | Jenkins CVS Plugin 2.16 and earlier does not configure its... |
| CVE-2020-28938 | 2020-12-03 | OpenClinic version 0.8.2 is affected by a stored XSS vulnerability... |
| CVE-2020-28939 | 2020-12-03 | OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file... |