CVE List - 2020 / December
Showing 401 - 500 of 1538 CVEs for December 2020 (Page 5 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-17134 | 2020-12-09 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| CVE-2020-17135 | 2020-12-09 | Azure DevOps Server Spoofing Vulnerability |
| CVE-2020-17136 | 2020-12-09 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability |
| CVE-2020-17137 | 2020-12-09 | DirectX Graphics Kernel Elevation of Privilege Vulnerability |
| CVE-2020-17138 | 2020-12-09 | Windows Error Reporting Information Disclosure Vulnerability |
| CVE-2020-17139 | 2020-12-09 | Windows Overlay Filter Security Feature Bypass Vulnerability |
| CVE-2020-17140 | 2020-12-09 | Windows SMB Information Disclosure Vulnerability |
| CVE-2020-17141 | 2020-12-09 | Microsoft Exchange Remote Code Execution Vulnerability |
| CVE-2020-17142 | 2020-12-09 | Microsoft Exchange Remote Code Execution Vulnerability |
| CVE-2020-17143 | 2020-12-09 | Microsoft Exchange Server Information Disclosure Vulnerability |
| CVE-2020-17144 | 2020-12-09 | Microsoft Exchange Remote Code Execution Vulnerability |
| CVE-2020-17145 | 2020-12-09 | Azure DevOps Server and Team Foundation Services Spoofing Vulnerability |
| CVE-2020-17147 | 2020-12-09 | Dynamics CRM Webclient Cross-site Scripting Vulnerability |
| CVE-2020-17148 | 2020-12-09 | Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability |
| CVE-2020-17150 | 2020-12-09 | Visual Studio Code Remote Code Execution Vulnerability |
| CVE-2020-17152 | 2020-12-09 | Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability |
| CVE-2020-17153 | 2020-12-09 | Microsoft Edge for Android Spoofing Vulnerability |
| CVE-2020-17156 | 2020-12-09 | Visual Studio Remote Code Execution Vulnerability |
| CVE-2020-17158 | 2020-12-09 | Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability |
| CVE-2020-17159 | 2020-12-09 | Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability |
| CVE-2020-12516 | 2020-12-10 | WAGO: PLC families 750-88x and 750-352 prone to DoS attack |
| CVE-2020-2491 | 2020-12-10 | Cross-site Scripting Vulnerability in Photo Station |
| CVE-2019-7198 | 2020-12-10 | Command Injection Vulnerability in QTS and QuTS hero |
| CVE-2020-2493 | 2020-12-10 | Cross-site Scripting Vulnerability in Multimedia Console |
| CVE-2020-2494 | 2020-12-10 | Cross-site Scripting Vulnerability in Music Station |
| CVE-2020-2495 | 2020-12-10 | Cross-site scripting vulnerability in QTS and QuTS hero |
| CVE-2020-2496 | 2020-12-10 | Cross-site scripting vulnerability in QTS and QuTS hero |
| CVE-2020-2497 | 2020-12-10 | Cross-site scripting vulnerability in QTS and QuTS hero |
| CVE-2020-2498 | 2020-12-10 | Cross-site scripting vulnerability in QTS and QuTS hero |
| CVE-2020-27350 | 2020-12-10 | apt integer wraparound |
| CVE-2020-27351 | 2020-12-10 | Various memory and file descriptor leaks in apt-python |
| CVE-2020-26407 | 2020-12-10 | A XSS vulnerability exists in Gitlab CE/EE from 12.4 before... |
| CVE-2020-12594 | 2020-12-10 | A privilege escalation flaw allows a malicious, authenticated, privileged CLI... |
| CVE-2020-12595 | 2020-12-10 | An information disclosure flaw allows a malicious, authenticated, privileged web... |
| CVE-2020-24445 | 2020-12-10 | Cross-site Scripting Vulnerability in Commenting Function of Adobe Experience Manager (AEM) |
| CVE-2020-24444 | 2020-12-10 | Blind SSRF in Forms add-on for AEM |
| CVE-2020-29668 | 2020-12-10 | Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP... |
| CVE-2020-29666 | 2020-12-10 | In Lan ATMService M3 ATM Monitoring System 6.1.0, due to... |
| CVE-2020-29667 | 2020-12-10 | In Lan ATMService M3 ATM Monitoring System 6.1.0, a remote... |
| CVE-2020-8919 | 2020-12-10 | Information leakage in Gerrit |
| CVE-2020-8920 | 2020-12-10 | Overoptimization leads to private information leak in Gerrit |
| CVE-2020-26201 | 2020-12-10 | Askey AP5100W_Dual_SIG_1.01.097 and all prior versions use a weak password... |
| CVE-2020-19527 | 2020-12-10 | iCMS 7.0.14 attackers to execute arbitrary OS commands via shell... |
| CVE-2020-19142 | 2020-12-10 | iCMS 7 attackers to execute arbitrary OS commands via shell... |
| CVE-2020-25967 | 2020-12-10 | The member center function in fastadmin V1.0.0.20200506_beta is vulnerable to... |
| CVE-2020-16608 | 2020-12-10 | Notable 1.8.4 allows XSS via crafted Markdown text, with resultant... |
| CVE-2020-13526 | 2020-12-10 | SQL injection vulnerability exists in the handling of sort parameters... |
| CVE-2020-29311 | 2020-12-10 | Ubilling v1.0.9 allows Remote Command Execution as Root user by... |
| CVE-2020-26271 | 2020-12-10 | Heap out of bounds access in MakeEdge in TensorFlow |
| CVE-2020-26270 | 2020-12-10 | CHECK-fail in LSTM with zero-length input in TensorFlow |
| CVE-2020-26269 | 2020-12-10 | Heap out of bounds read in filesystem glob matching in TensorFlow |
| CVE-2020-26268 | 2020-12-10 | Write to immutable memory region in TensorFlow |
| CVE-2020-26267 | 2020-12-10 | Lack of validation in data format attributes in TensorFlow |
| CVE-2020-26266 | 2020-12-10 | Uninitialized memory access in Eigen types in TensorFlow |
| CVE-2020-8908 | 2020-12-10 | Temp directory permission issue in Guava |
| CVE-2019-4738 | 2020-12-10 | IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5 and... |
| CVE-2020-4829 | 2020-12-10 | IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a... |
| CVE-2020-7536 | 2020-12-11 | A CWE-754:Improper Check for Unusual or Exceptional Conditions vulnerability exists... |
| CVE-2020-28214 | 2020-12-11 | A CWE-760: Use of a One-Way Hash with a Predictable... |
| CVE-2020-28215 | 2020-12-11 | A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware... |
| CVE-2020-28216 | 2020-12-11 | A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in... |
| CVE-2020-28217 | 2020-12-11 | A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in... |
| CVE-2020-28218 | 2020-12-11 | A CWE-1021: Improper Restriction of Rendered UI Layers or Frames... |
| CVE-2020-28219 | 2020-12-11 | A CWE-522: Insufficiently Protected Credentials vulnerability exists in EcoStruxure Geo... |
| CVE-2020-28220 | 2020-12-11 | A CWE-119: Improper Restriction of Operations within the Bounds of... |
| CVE-2020-7535 | 2020-12-11 | A CWE-22: Improper Limitation of a Pathname to a Restricted... |
| CVE-2020-7537 | 2020-12-11 | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability... |
| CVE-2020-7539 | 2020-12-11 | A CWE-754 Improper Check for Unusual or Exceptional Conditions vulnerability... |
| CVE-2020-7540 | 2020-12-11 | A CWE-306: Missing Authentication for Critical Function vulnerability exists in... |
| CVE-2020-7541 | 2020-12-11 | A CWE-425: Direct Request ('Forced Browsing') vulnerability exists in the... |
| CVE-2020-7542 | 2020-12-11 | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability... |
| CVE-2020-7543 | 2020-12-11 | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability... |
| CVE-2020-7549 | 2020-12-11 | A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability... |
| CVE-2020-7560 | 2020-12-11 | A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert... |
| CVE-2020-17530 | 2020-12-11 | Forced OGNL evaluation, when evaluated on raw user input in... |
| CVE-2020-26409 | 2020-12-11 | A DOS vulnerability exists in Gitlab CE/EE >=10.3, <13.4.7,>=13.5, <13.5.5,>=13.6,... |
| CVE-2020-24634 | 2020-12-11 | An attacker is able to remotely inject arbitrary commands by... |
| CVE-2020-24633 | 2020-12-11 | There are multiple buffer overflow vulnerabilities that could lead to... |
| CVE-2020-24637 | 2020-12-11 | Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker... |
| CVE-2020-25838 | 2020-12-11 | Unauthorized disclosure of sensitive information vulnerability in Micro Focus Filr... |
| CVE-2020-25191 | 2020-12-11 | Incorrect permissions are set by default for an API entry-point... |
| CVE-2020-9301 | 2020-12-11 | Nolan Ray from Apple Information Security identified a security vulnerability... |
| CVE-2020-24447 | 2020-12-11 | Uncontrolled Search Path Element vulnerability in Lightroom Classic 10.0 |
| CVE-2020-24440 | 2020-12-11 | Uncontrolled Search Path Element in Adobe Prelude for Windows |
| CVE-2020-27828 | 2020-12-11 | There's a flaw in jasper's jpc encoder in versions prior... |
| CVE-2020-13556 | 2020-12-11 | An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality... |
| CVE-2020-13530 | 2020-12-11 | A denial-of-service vulnerability exists in the Ethernet/IP server functionality of... |
| CVE-2020-13520 | 2020-12-11 | An out of bounds memory corruption vulnerability exists in the... |
| CVE-2020-26415 | 2020-12-11 | Information about the starred projects for private user profiles was... |
| CVE-2020-26416 | 2020-12-11 | Information disclosure in Advanced Search component of GitLab EE starting... |
| CVE-2020-26417 | 2020-12-11 | Information disclosure via GraphQL in GitLab CE/EE 13.1 and later... |
| CVE-2020-26413 | 2020-12-11 | An issue has been discovered in GitLab CE/EE affecting all... |
| CVE-2020-26412 | 2020-12-11 | Removed group members were able to use the To-Do functionality... |
| CVE-2020-13357 | 2020-12-11 | An issue was discovered in Gitlab CE/EE versions >= 13.1... |
| CVE-2020-35126 | 2020-12-11 | Typesetter CMS 5.x through 5.1 allows admins to conduct Site... |
| CVE-2020-26408 | 2020-12-11 | A limited information disclosure vulnerability exists in Gitlab CE/EE from... |
| CVE-2020-27786 | 2020-12-11 | A flaw was found in the Linux kernel’s implementation of... |
| CVE-2020-35127 | 2020-12-11 | Ignite Realtime Openfire 4.6.0 has plugins/bookmarks/create-bookmark.jsp Stored XSS. |
| CVE-2020-26411 | 2020-12-11 | A potential DOS vulnerability was discovered in all versions of... |
| CVE-2020-35132 | 2020-12-11 | An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2... |