CVE List - 2020 / December
Showing 901 - 1000 of 1538 CVEs for December 2020 (Page 10 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-13931 | 2020-12-17 | If Apache TomEE 8.0.0-M1 - 8.0.3, 7.1.0 - 7.1.3, 7.0.0-M1... |
| CVE-2020-13509 | 2020-12-17 | An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged... |
| CVE-2020-13510 | 2020-12-17 | An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged... |
| CVE-2020-13511 | 2020-12-17 | An information disclosure vulnerability exists in the WinRing0x64 Driver Privileged... |
| CVE-2020-13518 | 2020-12-17 | An information disclosure vulnerability exists in the WinRing0x64 Driver IRP... |
| CVE-2020-13517 | 2020-12-17 | An information disclosure vulnerability exists in the WinRing0x64 Driver IRP... |
| CVE-2020-13516 | 2020-12-17 | An information disclosure vulnerability exists in the WinRing0x64 Driver IRP... |
| CVE-2020-27780 | 2020-12-17 | A flaw was found in Linux-Pam in versions prior to... |
| CVE-2020-14232 | 2020-12-17 | A vulnerability in the input parameter handling of HCL Notes... |
| CVE-2020-11974 | 2020-12-18 | In DolphinScheduler 1.2.0 and 1.2.1, with mysql connectorj a remote... |
| CVE-2020-27781 | 2020-12-18 | User credentials can be manipulated and stolen by Native CephFS... |
| CVE-2020-7838 | 2020-12-18 | A arbitrary code execution vulnerability exists in the way that... |
| CVE-2020-28052 | 2020-12-18 | An issue was discovered in Legion of the Bouncy Castle... |
| CVE-2020-24693 | 2020-12-18 | The Ignite portal in Mitel MiContact Center Business before 9.3.0.0... |
| CVE-2020-25612 | 2020-12-18 | The NuPoint Messenger of Mitel MiCollab before 9.2 could allow... |
| CVE-2020-25610 | 2020-12-18 | The AWV component of Mitel MiCollab before 9.2 could allow... |
| CVE-2020-25611 | 2020-12-18 | The AWV portal of Mitel MiCollab before 9.2 could allow... |
| CVE-2020-25606 | 2020-12-18 | The AWV component of Mitel MiCollab before 9.2 could allow... |
| CVE-2020-27340 | 2020-12-18 | The online help portal of Mitel MiCollab before 9.2 could... |
| CVE-2020-25609 | 2020-12-18 | The NuPoint Messenger Portal of Mitel MiCollab before 9.2 could... |
| CVE-2020-25608 | 2020-12-18 | The SAS portal of Mitel MiCollab before 9.2 could allow... |
| CVE-2020-27154 | 2020-12-18 | The chat window of Mitel BusinessCTI Enterprise (MBC-E) Client for... |
| CVE-2020-27639 | 2020-12-18 | The Bluetooth handset of Mitel MiVoice 6873i, 6930, and 6940... |
| CVE-2020-27640 | 2020-12-18 | The Bluetooth handset of Mitel MiVoice 6940 and 6930 MiNet... |
| CVE-2020-35474 | 2020-12-18 | In MediaWiki before 1.35.1, the combination of Html::rawElement and Message::text... |
| CVE-2020-35475 | 2020-12-18 | In MediaWiki before 1.35.1, the messages userrights-expiry-current and userrights-expiry-none can... |
| CVE-2020-35478 | 2020-12-18 | MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. MediaWiki:blanknamespace potentially can... |
| CVE-2020-35477 | 2020-12-18 | MediaWiki before 1.35.1 blocks legitimate attempts to hide log entries... |
| CVE-2020-35480 | 2020-12-18 | An issue was discovered in MediaWiki before 1.35.1. Missing users... |
| CVE-2020-35479 | 2020-12-18 | MediaWiki before 1.35.1 allows XSS via BlockLogFormatter.php. Language::translateBlockExpiry itself does... |
| CVE-2020-35555 | 2020-12-18 | An issue was discovered on LG mobile devices with Android... |
| CVE-2020-35554 | 2020-12-18 | An issue was discovered on LG mobile devices with Android... |
| CVE-2020-35553 | 2020-12-18 | An issue was discovered on Samsung mobile devices with Q(10.0)... |
| CVE-2020-35552 | 2020-12-18 | An issue was discovered in the GPS daemon on Samsung... |
| CVE-2020-35551 | 2020-12-18 | An issue was discovered on Samsung mobile devices with O(8.x),... |
| CVE-2020-35550 | 2020-12-18 | An issue was discovered on Samsung mobile devices with O(8.x),... |
| CVE-2020-35549 | 2020-12-18 | An issue was discovered on Samsung mobile devices with O(8.x),... |
| CVE-2020-35548 | 2020-12-18 | An issue was discovered in Finder on Samsung mobile devices... |
| CVE-2019-16957 | 2020-12-18 | SolarWinds Web Help Desk 12.7.0 allows XSS via the First... |
| CVE-2019-16955 | 2020-12-18 | SolarWinds Web Help Desk 12.7.0 allows XSS via an uploaded... |
| CVE-2020-26178 | 2020-12-18 | In tangro Business Workflow before 1.18.1, knowing an attachment ID,... |
| CVE-2020-26177 | 2020-12-18 | In tangro Business Workflow before 1.18.1, a user's profile contains... |
| CVE-2020-26176 | 2020-12-18 | An issue was discovered in tangro Business Workflow before 1.18.1.... |
| CVE-2020-26175 | 2020-12-18 | In tangro Business Workflow before 1.18.1, an attacker can manipulate... |
| CVE-2020-26174 | 2020-12-18 | tangro Business Workflow before 1.18.1 requests a list of allowed... |
| CVE-2020-26173 | 2020-12-18 | An incorrect access control implementation in Tangro Business Workflow before... |
| CVE-2020-26172 | 2020-12-18 | Every login in tangro Business Workflow before 1.18.1 generates the... |
| CVE-2020-26171 | 2020-12-18 | In tangro Business Workflow before 1.18.1, the documentId of attachment... |
| CVE-2020-25494 | 2020-12-18 | Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to... |
| CVE-2020-25495 | 2020-12-18 | A reflected Cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO)... |
| CVE-2020-25901 | 2020-12-18 | Host Header Injection in Spiceworks 7.5.7.0 allowing the attacker to... |
| CVE-2020-4764 | 2020-12-18 | IBM Planning Analytics 2.0 is vulnerable to cross-site request forgery... |
| CVE-2020-26251 | 2020-12-18 | CORS configuration is possibly vulnerable |
| CVE-2020-20277 | 2020-12-18 | There are multiple unauthenticated directory traversal vulnerabilities in different FTP... |
| CVE-2020-20276 | 2020-12-18 | An unauthenticated stack-based buffer overflow vulnerability in common.c's handle_PORT in... |
| CVE-2020-20285 | 2020-12-18 | There is a XSS in the user login page in... |
| CVE-2020-26280 | 2020-12-18 | XSS in OpenSlides |
| CVE-2020-27687 | 2020-12-18 | ThingsBoard before v3.2 is vulnerable to Host header injection in... |
| CVE-2020-20299 | 2020-12-18 | WeiPHP 5.0 does not properly restrict access to pages, related... |
| CVE-2020-20300 | 2020-12-18 | SQL injection vulnerability in the wp_where function in WeiPHP 5.0. |
| CVE-2020-20298 | 2020-12-18 | Eval injection vulnerability in the parserCommom method in the ParserTemplate... |
| CVE-2020-13515 | 2020-12-18 | A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP... |
| CVE-2020-13512 | 2020-12-18 | A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged... |
| CVE-2020-13513 | 2020-12-18 | A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged... |
| CVE-2020-13514 | 2020-12-18 | A privilege escalation vulnerability exists in the WinRing0x64 Driver Privileged... |
| CVE-2020-13519 | 2020-12-18 | A privilege escalation vulnerability exists in the WinRing0x64 Driver IRP... |
| CVE-2020-13535 | 2020-12-18 | A privilege escalation vulnerability exists in Kepware LinkMaster 3.0.94.0. In... |
| CVE-2020-17520 | 2020-12-18 | In the Pulsar manager 0.1.0 version, malicious users will be... |
| CVE-2020-5803 | 2020-12-18 | Relative Path Traversal in Marvell QConvergeConsole GUI 5.5.0.74 allows a... |
| CVE-2020-4080 | 2020-12-18 | HCL Verse v10 and v11 is susceptible to a Stored... |
| CVE-2020-14271 | 2020-12-18 | HCL iNotes v9, v10 and v11 is susceptible to a... |
| CVE-2020-14224 | 2020-12-18 | A vulnerability in the MIME message handling of the HCL... |
| CVE-2020-7200 | 2020-12-18 | A potential security vulnerability has been identified in HPE Systems... |
| CVE-2020-7203 | 2020-12-18 | A potential security vulnerability has been identified in HPE iLO... |
| CVE-2020-7201 | 2020-12-18 | A potential security vulnerability has been identified in the HPE... |
| CVE-2020-35573 | 2020-12-20 | srs2.c in PostSRSd before 1.10 allows remote attackers to cause... |
| CVE-2020-35579 | 2020-12-20 | tindy2013 subconverter 0.6.4 has a /sub?target=%TARGET%&url=%URL%&config=%CONFIG% API endpoint that accepts... |
| CVE-2020-29447 | 2020-12-21 | Affected versions of Atlassian Crucible allow remote attackers to impact... |
| CVE-2020-35589 | 2020-12-21 | The limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows wp-admin/options-general.php?page=limit-login-attempts&tab= XSS.... |
| CVE-2020-35590 | 2020-12-21 | LimitLoginAttempts.php in the limit-login-attempts-reloaded plugin before 2.17.4 for WordPress allows... |
| CVE-2020-26049 | 2020-12-21 | Nifty-PM CPE 2.3 is affected by stored HTML injection. The... |
| CVE-2020-35273 | 2020-12-21 | EgavilanMedia User Registration & Login System with Admin Panel 1.0... |
| CVE-2020-35274 | 2020-12-21 | DotCMS Add Template with admin panel 20.11 is affected by... |
| CVE-2020-35275 | 2020-12-21 | Coastercms v5.8.18 is affected by cross-site Scripting (XSS). A user... |
| CVE-2020-35276 | 2020-12-21 | EgavilanMedia ECM Address Book 1.0 is affected by SQL injection.... |
| CVE-2019-16959 | 2020-12-21 | SolarWinds Web Help Desk 12.7.0 allows CSV Injection, also known... |
| CVE-2020-3999 | 2020-12-21 | VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior... |
| CVE-2020-27846 | 2020-12-21 | A signature verification vulnerability exists in crewjam/saml. This flaw allows... |
| CVE-2020-35497 | 2020-12-21 | A flaw was found in ovirt-engine 4.4.3 and earlier allowing... |
| CVE-2020-17526 | 2020-12-21 | Incorrect Session Validation in Apache Airflow Webserver versions prior to... |
| CVE-2020-26263 | 2020-12-21 | RSA vulnerability in tslite-ng |
| CVE-2020-27254 | 2020-12-21 | Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, XEFD, XEXF... |
| CVE-2020-14225 | 2020-12-21 | HCL iNotes is susceptible to a Tabnabbing vulnerability caused by... |
| CVE-2020-26422 | 2020-12-21 | Buffer overflow in QUIC dissector in Wireshark 3.4.0 to 3.4.1... |
| CVE-2020-6881 | 2020-12-21 | ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which... |
| CVE-2020-6882 | 2020-12-21 | ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which... |
| CVE-2020-25860 | 2020-12-21 | The install.c module in the Pengutronix RAUC update client prior... |
| CVE-2020-5808 | 2020-12-21 | In certain scenarios in Tenable.sc prior to 5.17.0, a scanner... |
| CVE-2020-4988 | 2020-12-21 | Loopback 8.0.0 contains a vulnerability that could allow an attacker... |
| CVE-2020-4555 | 2020-12-21 | IBM Financial Transaction Manager 3.0.6 and 3.1.0 does not invalidate... |