CVE List - 2020 / December
Showing 1201 - 1300 of 1538 CVEs for December 2020 (Page 13 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-35678 | 2020-12-27 | Autobahn|Python before 20.12.3 allows redirect header injection. |
| CVE-2020-8289 | 2020-12-27 | Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where validation is... |
| CVE-2020-8290 | 2020-12-27 | Backblaze for Windows and Backblaze for macOS before 7.0.0.439 suffer from improper privilege management in `bztransmit` helper due to lack of permission handling and validation before creation of client update... |
| CVE-2020-7845 | 2020-12-27 | Jiransecurity Spamsniper Stack-based Buffer Overflow Vulnerability |
| CVE-2020-35448 | 2020-12-27 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1. A heap-based buffer over-read can occur in bfd_getl_signed_32 in libbfd.c because... |
| CVE-2020-35728 | 2020-12-27 | FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (aka embedded Xalan in org.glassfish.web/javax.servlet.jsp.jstl). |
| CVE-2020-35729 | 2020-12-27 | KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions/authenticate.php user parameter. |
| CVE-2020-29204 | 2020-12-27 | XXL-JOB 2.2.0 allows Stored XSS (in Add User) to bypass the 20-character limit via xxl-job-admin/src/main/java/com/xxl/job/admin/controller/UserController.java. |
| CVE-2020-29299 | 2020-12-27 | Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd during a password-change action. This affects VPN On-premise before ZLD V4.39 week38, VPN Orchestrator before... |
| CVE-2020-29249 | 2020-12-27 | CXUUCMS V3 allows class="layui-input" XSS. |
| CVE-2020-29250 | 2020-12-27 | CXUUCMS V3 allows XSS via the first and third input fields to /public/admin.php. |
| CVE-2020-29156 | 2020-12-27 | The WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the order_id parameter in a fetch_order_status action. |
| CVE-2020-35736 | 2020-12-27 | GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join is misused. |
| CVE-2020-35738 | 2020-12-28 | WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through... |
| CVE-2020-28093 | 2020-12-28 | On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, admin, support, user, and nobody have a password of 1234. |
| CVE-2020-28094 | 2020-12-28 | On Tenda AC1200 (Model AC6) 15.03.06.51_multi devices, the default settings for the router speed test contain links to download malware named elive or CNKI E-Learning. |
| CVE-2020-28096 | 2020-12-28 | FOSCAM FHD X1 1.14.2.4 devices allow attackers (with physical UART access) to login via the ipc.fos~ password. |
| CVE-2020-29193 | 2020-12-28 | Panasonic Security System WV-S2231L 4.25 has an insecure hard-coded password of lkjhgfdsa (which is just the asdf keyboard row in reverse order). |
| CVE-2020-29194 | 2020-12-28 | Panasonic Security System WV-S2231L 4.25 allows a denial of service of the admin control panel (which will require a physical reset to restore administrative control) via Randomnum=99AC8CEC6E845B28&mode=1 in a POST... |
| CVE-2020-29242 | 2020-12-28 | dhowden tag before 2020-11-19 allows "panic: runtime error: index out of range" via readPICFrame. |
| CVE-2020-29243 | 2020-12-28 | dhowden tag before 2020-11-19 allows "panic: runtime error: index out of range" via readAPICFrame. |
| CVE-2020-29244 | 2020-12-28 | dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readTextWithDescrFrame. |
| CVE-2020-29245 | 2020-12-28 | dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readAtomData. |
| CVE-2020-29160 | 2020-12-28 | An issue was discovered in Zammad before 3.5.1. A REST API call allows an attacker to change Ticket Article data in a way that defeats auditing. |
| CVE-2020-29159 | 2020-12-28 | An issue was discovered in Zammad before 3.5.1. The default signup Role (for newly created Users) can be a privileged Role, if configured by an admin. This behvaior was unintended. |
| CVE-2020-29158 | 2020-12-28 | An issue was discovered in Zammad before 3.5.1. An Agent with Customer permissions in a Group can bypass intended access control on internal Articles via the Ticket detail view. |
| CVE-2020-26035 | 2020-12-28 | An issue was discovered in Zammad before 3.4.1. There is Stored XSS via a Tags element in a TIcket. |
| CVE-2020-26034 | 2020-12-28 | An account-enumeration issue was discovered in Zammad before 3.4.1. The Create User functionality is implemented in a way that would enable an anonymous user to guess valid user email addresses.... |
| CVE-2020-26033 | 2020-12-28 | An issue was discovered in Zammad before 3.4.1. The Tag and Link REST API endpoints (for add and delete) lack a CSRF token check. |
| CVE-2020-26032 | 2020-12-28 | An SSRF issue was discovered in Zammad before 3.4.1. The SMS configuration interface for Massenversand is implemented in a way that renders the result of a test request to the... |
| CVE-2020-26031 | 2020-12-28 | An issue was discovered in Zammad before 3.4.1. The global-search feature leaks Knowledge Base drafts to Knowledge Base readers (who are authenticated but have insufficient permissions). |
| CVE-2020-26030 | 2020-12-28 | An issue was discovered in Zammad before 3.4.1. There is an authentication bypass in the SSO endpoint via a crafted header, when SSO is not configured. An attacker can create... |
| CVE-2020-26029 | 2020-12-28 | An issue was discovered in Zammad before 3.4.1. There are wrong authorization checks for impersonation requests via X-On-Behalf-Of. The authorization checks are performed for the actual user and not the... |
| CVE-2020-26028 | 2020-12-28 | An issue was discovered in Zammad before 3.4.1. Admin Users without a ticket.* permission can access Tickets. |
| CVE-2020-35627 | 2020-12-28 | Ultimate WooCommerce Gift Cards 3.0.2 is affected by a file upload vulnerability in the Custom GiftCard Template that can remotely execute arbitrary code. Once it contains the function "Custom Gift... |
| CVE-2020-26569 | 2020-12-28 | In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries.... |
| CVE-2020-24360 | 2020-12-28 | An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device... |
| CVE-2020-15898 | 2020-12-28 | In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction. This vulnerability is only susceptible to exploitation by unidirectional traffic (ex. UDP) and not bidirectional... |
| CVE-2020-27837 | 2020-12-28 | A flaw was found in GDM in versions prior to 3.38.2.1. A race condition in the handling of session shutdown makes it possible to bypass the lock screen for a... |
| CVE-2020-26289 | 2020-12-28 | Regular expression Denial of Service in date-and-time |
| CVE-2020-14273 | 2020-12-28 | HCL Domino is susceptible to a Denial of Service (DoS) vulnerability due to insufficient validation of input to its public API. An unauthenticated attacker could could exploit this vulnerability to... |
| CVE-2020-26290 | 2020-12-28 | Critical security issues in XML encoding in Dex |
| CVE-2020-35766 | 2020-12-28 | The test suite in libopendkim in OpenDKIM through 2.10.3 allows local users to gain privileges via a symlink attack against the /tmp/testkeys file (related to t-testdata.h, t-setup.c, and t-cleanup.c). NOTE:... |
| CVE-2020-25507 | 2020-12-28 | An incorrect permission assignment during the installation script of TeamworkCloud 18.0 thru 19.0 allows a local unprivileged attacker to execute arbitrary code as root. During installation, the user is instructed... |
| CVE-2020-35730 | 2020-12-28 | An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a... |
| CVE-2020-35610 | 2020-12-28 | [20201101] - Core - com_finder ignores access levels on autosuggest |
| CVE-2020-35611 | 2020-12-28 | [20201102] - Core - Disclosure of secrets in Global Configuration page |
| CVE-2020-35612 | 2020-12-28 | [20201103] - Core - Path traversal in mod_random_image |
| CVE-2020-35613 | 2020-12-28 | [20201104] - Core - SQL injection in com_users list view |
| CVE-2020-35614 | 2020-12-28 | [20201105] - Core - User Enumeration in backend login |
| CVE-2020-35615 | 2020-12-28 | [20201106] - Core - CSRF in com_privacy emailexport feature |
| CVE-2020-35616 | 2020-12-28 | [20201107] - Core - Write ACL violation in multiple core views |
| CVE-2020-27172 | 2020-12-28 | An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges. |
| CVE-2020-13473 | 2020-12-28 | NCH Express Accounts 8.24 and earlier allows local users to discover the cleartext password by reading the configuration file. |
| CVE-2020-13474 | 2020-12-28 | In NCH Express Accounts 8.24 and earlier, an authenticated low-privilege user can enter a crafted URL to access higher-privileged functionalities such as Add/Edit users. |
| CVE-2020-13476 | 2020-12-28 | NCH Express Invoice 8.06 to 8.24 is vulnerable to Reflected XSS in the Quotes List module. |
| CVE-2020-26286 | 2020-12-28 | Arbitary file upload |
| CVE-2020-26287 | 2020-12-28 | Stored XSS in mermaid diagrams |
| CVE-2020-35769 | 2020-12-29 | miniserv.pl in Webmin 1.962 on Windows mishandles special characters in query arguments to the CGI program. |
| CVE-2020-25847 | 2020-12-29 | Command Injection Vulnerability in QTS and QuTS hero |
| CVE-2020-17533 | 2020-12-29 | Apache Accumulo Improper Handling of Insufficient Permissions |
| CVE-2020-29475 | 2020-12-29 | nopCommerce Store 4.30 is affected by cross-site scripting (XSS) in the Schedule tasks name field. This vulnerability can allow an attacker to inject the XSS payload in Schedule tasks and... |
| CVE-2020-5802 | 2020-12-29 | An attacker-controlled memory allocation size can be passed to the C++ new operator in RnaDaSvr.dll by sending a specially crafted ConfigureItems message to TCP port 4241. This will cause an... |
| CVE-2020-5806 | 2020-12-29 | An attacker-controlled memory allocation size can be passed to the C++ new operator in the CServerManager::HandleBrowseLoadIconStreamRequest in messaging.dll. This can be done by sending a specially crafted message to 127.0.0.1:7153.... |
| CVE-2020-5801 | 2020-12-29 | An attacker can craft and send an OpenNamespace message to port 4241 with valid session-id that triggers an unhandled exception in CFTLDManager::HandleRequest function in RnaDaSvr.dll, resulting in process termination. Observed... |
| CVE-2020-5807 | 2020-12-29 | An unauthenticated remote attacker can send data to RsvcHost.exe listening on TCP port 5241 to add entries in the FactoryTalk Diagnostics event log. The attacker can specify long fields in... |
| CVE-2020-29471 | 2020-12-29 | OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Profile Image. An admin can upload a profile image as a malicious code using JavaScript. Whenever anyone will see the... |
| CVE-2020-29470 | 2020-12-29 | OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Subject field of mail. This vulnerability can allow an attacker to inject the XSS payload in the Subject field of... |
| CVE-2020-28277 | 2020-12-29 | Prototype pollution vulnerability in 'dset' versions 1.0.0 through 2.0.1 allows attacker to cause a denial of service and may lead to remote code execution. |
| CVE-2020-28276 | 2020-12-29 | Prototype pollution vulnerability in 'deep-set' versions 1.0.0 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution. |
| CVE-2020-28281 | 2020-12-29 | Prototype pollution vulnerability in 'set-object-value' versions 0.0.0 through 0.0.5 allows an attacker to cause a denial of service and may lead to remote code execution. |
| CVE-2020-28282 | 2020-12-29 | Prototype pollution vulnerability in 'getobject' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution. |
| CVE-2020-28283 | 2020-12-29 | Prototype pollution vulnerability in 'libnested' versions 0.0.0 through 1.5.0 allows an attacker to cause a denial of service and may lead to remote code execution. |
| CVE-2020-28278 | 2020-12-29 | Prototype pollution vulnerability in 'shvl' versions 1.0.0 through 2.0.1 allows an attacker to cause a denial of service and may lead to remote code execution. |
| CVE-2020-28279 | 2020-12-29 | Prototype pollution vulnerability in 'flattenizer' versions 0.0.5 through 1.0.5 allows an attacker to cause a denial of service and may lead to remote code execution. |
| CVE-2020-28280 | 2020-12-29 | Prototype pollution vulnerability in 'predefine' versions 0.0.0 through 0.1.2 allows an attacker to cause a denial of service and may lead to remote code execution. |
| CVE-2020-9124 | 2020-12-29 | There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthenticated, remote attacker may exploit this vulnerability by sending specific message to the affected product. Due... |
| CVE-2020-9125 | 2020-12-29 | There is an out-of-bound read vulnerability in huawei smartphone Mate 30 versions earlier than 10.1.0.156 (C00E155R7P2). An attacker with specific permission can exploit this vulnerability by sending crafted packet with... |
| CVE-2020-9093 | 2020-12-29 | There is a use after free vulnerability in Taurus-AL00A versions 10.0.0.1(C00E1R1P1). A module does not deal with specific message properly, which makes a function refer to memory after it has... |
| CVE-2020-9208 | 2020-12-29 | There is an information leak vulnerability in iManager NetEco 6000 versions V600R021C00. A module is lack of authentication. Attackers without access to the module can exploit this vulnerability to obtain... |
| CVE-2020-9094 | 2020-12-29 | There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module does not deal with specific message properly. Attackers can exploit this vulnerability by... |
| CVE-2020-35773 | 2020-12-29 | The site-offline plugin before 1.4.4 for WordPress lacks certain wp_create_nonce and wp_verify_nonce calls, aka CSRF. |
| CVE-2020-35774 | 2020-12-29 | server/handler/HistogramQueryHandler.scala in Twitter TwitterServer (aka twitter-server) before 20.12.0, in some configurations, allows XSS via the /histograms endpoint. |
| CVE-2020-1848 | 2020-12-29 | There is a resource management error vulnerability in Jackman-AL00D versions 8.2.0.185(C00R2P1). Local attackers construct malicious application files, causing system applications to run abnormally. |
| CVE-2020-9207 | 2020-12-29 | There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A module does not verify the input file properly. Attackers can exploit this vulnerability by crafting malicious... |
| CVE-2020-9223 | 2020-12-29 | There is a denial of service vulnerability in some Huawei smartphones. Due to the improper processing of received abnormal messages, remote attackers may exploit this vulnerability to cause a denial... |
| CVE-2020-35735 | 2020-12-29 | Vidyo 02-09-/D allows clickjacking via the portal/ URI. |
| CVE-2020-16268 | 2020-12-29 | The MSI installer in 1E Client 4.1.0.267 and 5.0.0.745 allows remote authenticated users and local users to gain elevated privileges via the repair option. This applies to installations that have... |
| CVE-2020-27643 | 2020-12-29 | The %PROGRAMDATA%\1E\Client directory in 1E Client 5.0.0.745 and 4.1.0.267 allows remote authenticated users and local users to create and modify files in protected directories (where they would not normally have... |
| CVE-2020-27644 | 2020-12-29 | The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unquoted path when executing %PROGRAMFILES%\1E\Client\Tachyon.Performance.Metrics.exe. This may allow remote authenticated users and local users to gain elevated privileges by... |
| CVE-2020-27645 | 2020-12-29 | The Inventory module of the 1E Client 5.0.0.745 doesn't handle an unquoted path when executing %PROGRAMFILES%\1E\Client\Tachyon.Performance.Metrics.exe. This may allow remote authenticated users and local users to gain elevated privileges. |
| CVE-2020-10148 | 2020-12-29 | SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands |
| CVE-2020-10210 | 2020-12-29 | Because of hard-coded SSH keys for the root user in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series, Kami7B, an attacker may remotely log in through... |
| CVE-2020-10207 | 2020-12-29 | Use of Hard-coded Credentials in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows remote attackers to retrieve and modify the device... |
| CVE-2020-35800 | 2020-12-29 | Certain NETGEAR devices are affected by incorrect configuration of security settings. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10, D6000 before... |
| CVE-2020-35796 | 2020-12-29 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects CBR40 before 2.5.0.10, D6220 before 1.0.0.60, D6400 before 1.0.0.94, D7000v2 before 1.0.0.62, D8500 before 1.0.3.50,... |
| CVE-2020-35795 | 2020-12-29 | Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects AC2100 before 1.2.0.72, AC2400 before 1.2.0.72, AC2600 before 1.2.0.72, CBK40 before 2.5.0.10, CBR40 before 2.5.0.10,... |
| CVE-2020-35842 | 2020-12-29 | Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JNR1010v2 before 1.1.0.62, JR6150 before 1.0.1.24, JWNR2010v5 before 1.1.0.62, R6020 before 1.0.0.42, R6050 before... |
| CVE-2020-35841 | 2020-12-29 | Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JNR1010v2 before 1.1.0.62, JR6150 before 1.0.1.24, JWNR2010v5 before 1.1.0.62, R6020 before 1.0.0.42, R6050 before... |
| CVE-2020-35840 | 2020-12-29 | Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.38, D7000 before 1.0.1.78, JNR1010v2 before 1.1.0.62, JR6150 before 1.0.1.24, JWNR2010v5 before 1.1.0.62, R6020 before 1.0.0.42, R6050 before... |