CVE List - 2020 / December
Showing 1001 - 1100 of 1538 CVEs for December 2020 (Page 11 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-4757 | 2020-12-21 | IBM FileNet Content Manager and IBM Content Navigator 3.0.CD is... |
| CVE-2020-4794 | 2020-12-21 | IBM Automation Workstream Services 19.0.3, 20.0.1, 20.0.2, IBM Business Automation... |
| CVE-2020-4870 | 2020-12-21 | IBM MQ 9.2 CD and LTS are vulnerable to a... |
| CVE-2020-26275 | 2020-12-21 | Open redirect vulnerability |
| CVE-2020-4840 | 2020-12-21 | IBM Security Secret Server 10.6 could allow a remote attacker... |
| CVE-2020-4841 | 2020-12-21 | IBM Security Secret Server 10.6 could allow a remote attacker... |
| CVE-2020-4842 | 2020-12-21 | IBM Security Secret Server 10.6 could allow a remote attacker... |
| CVE-2020-4843 | 2020-12-21 | IBM Security Secret Server 10.6 stores potentially sensitive information in... |
| CVE-2020-21377 | 2020-12-21 | SQL injection vulnerability in yunyecms V2.0.1 via the selcart parameter. |
| CVE-2020-21378 | 2020-12-21 | SQL injection vulnerability in SeaCMS 10.1 (2020.02.08) via the id... |
| CVE-2020-35604 | 2020-12-21 | An XXE attack can occur in Kronos WebTA 5.0.4 when... |
| CVE-2020-35605 | 2020-12-21 | The Graphics Protocol feature in graphics.c in kitty before 0.19.3... |
| CVE-2020-35606 | 2020-12-21 | Arbitrary command execution can occur in Webmin through 1.962. Any... |
| CVE-2020-35151 | 2020-12-21 | The Online Marriage Registration System 1.0 post parameter "searchdata" in... |
| CVE-2018-7580 | 2020-12-21 | Philips Hue is vulnerable to a Denial of Service attack.... |
| CVE-2020-11717 | 2020-12-21 | An issue was discovered in Programi 014 31.01.2020. It has... |
| CVE-2020-8995 | 2020-12-21 | Programi Bilanc Build 007 Release 014 31.01.2020 supplies a .exe... |
| CVE-2020-26277 | 2020-12-21 | Arbitrary read/write in DBdeployer |
| CVE-2020-29596 | 2020-12-21 | MiniWeb HTTP server 0.8.19 allows remote attackers to cause a... |
| CVE-2020-26281 | 2020-12-21 | request smuggling in async-h1 |
| CVE-2020-35626 | 2020-12-21 | An issue was discovered in the PushToWatch extension for MediaWiki... |
| CVE-2020-35625 | 2020-12-21 | An issue was discovered in the Widgets extension for MediaWiki... |
| CVE-2020-35624 | 2020-12-21 | An issue was discovered in the SecurePoll extension for MediaWiki... |
| CVE-2020-35623 | 2020-12-21 | An issue was discovered in the CasAuth extension for MediaWiki... |
| CVE-2020-35622 | 2020-12-21 | An issue was discovered in the GlobalUsage extension for MediaWiki... |
| CVE-2020-26284 | 2020-12-21 | Hugo can execute a binary from the current directory on Windows |
| CVE-2020-29583 | 2020-12-22 | Firmware version 4.60 of Zyxel USG devices contains an undocumented... |
| CVE-2020-28460 | 2020-12-22 | Prototype Pollution |
| CVE-2020-28448 | 2020-12-22 | Prototype Pollution |
| CVE-2018-15632 | 2020-12-22 | Improper input validation in database creation logic in Odoo Community... |
| CVE-2018-15633 | 2020-12-22 | Cross-site scripting (XSS) issue in "document" module in Odoo Community... |
| CVE-2018-15634 | 2020-12-22 | Cross-site scripting (XSS) issue in attachment management in Odoo Community... |
| CVE-2018-15638 | 2020-12-22 | Cross-site scripting (XSS) issue in mail module in Odoo Community... |
| CVE-2018-15641 | 2020-12-22 | Cross-site scripting (XSS) issue in web module in Odoo Community... |
| CVE-2018-15645 | 2020-12-22 | Improper access control in message routing in Odoo Community 12.0... |
| CVE-2019-11781 | 2020-12-22 | Improper input validation in portal component in Odoo Community 12.0... |
| CVE-2019-11782 | 2020-12-22 | Improper access control in Odoo Community 14.0 and earlier and... |
| CVE-2019-11783 | 2020-12-22 | Improper access control in mail module (channel partners) in Odoo... |
| CVE-2019-11784 | 2020-12-22 | Improper access control in mail module (notifications) in Odoo Community... |
| CVE-2019-11785 | 2020-12-22 | Improper access control in mail module (followers) in Odoo Community... |
| CVE-2019-11786 | 2020-12-22 | Improper access control in Odoo Community 13.0 and earlier and... |
| CVE-2020-29396 | 2020-12-22 | A sandboxing issue in Odoo Community 11.0 through 13.0 and... |
| CVE-2020-25106 | 2020-12-22 | Nanosystems SupRemo 4.1.3.2348 allows attackers to obtain LocalSystem access because... |
| CVE-2020-13557 | 2020-12-22 | A use after free vulnerability exists in the JavaScript engine... |
| CVE-2020-13560 | 2020-12-22 | A use after free vulnerability exists in the JavaScript engine... |
| CVE-2020-13570 | 2020-12-22 | A use-after-free vulnerability exists in the JavaScript engine of Foxit... |
| CVE-2020-24578 | 2020-12-22 | An issue was discovered on D-Link DSL-2888A devices with firmware... |
| CVE-2020-24579 | 2020-12-22 | An issue was discovered on D-Link DSL-2888A devices with firmware... |
| CVE-2020-24580 | 2020-12-22 | An issue was discovered on D-Link DSL-2888A devices with firmware... |
| CVE-2020-24581 | 2020-12-22 | An issue was discovered on D-Link DSL-2888A devices with firmware... |
| CVE-2020-13547 | 2020-12-22 | A type confusion vulnerability exists in the JavaScript engine of... |
| CVE-2020-35608 | 2020-12-22 | A code execution vulnerability exists in the normal world’s signed... |
| CVE-2020-35609 | 2020-12-22 | A denial-of-service vulnerability exists in the asynchronous ioctl functionality of... |
| CVE-2020-14231 | 2020-12-22 | A vulnerability in the input parameter handling of HCL Client... |
| CVE-2020-14270 | 2020-12-22 | HCL Domino v9, v10, v11 is susceptible to an Information... |
| CVE-2020-25066 | 2020-12-22 | A heap-based buffer overflow in the Treck HTTP Server component... |
| CVE-2020-27336 | 2020-12-22 | An issue was discovered in Treck IPv6 before 6.0.1.68. Improper... |
| CVE-2020-27337 | 2020-12-22 | An issue was discovered in Treck IPv6 before 6.0.1.68. Improper... |
| CVE-2020-27338 | 2020-12-22 | An issue was discovered in Treck IPv6 before 6.0.1.68. Improper... |
| CVE-2020-24678 | 2020-12-22 | Potential Privilege Escalation in Symphony Plus |
| CVE-2020-24676 | 2020-12-22 | Insecure Windows Services in Symphony Plus |
| CVE-2020-24677 | 2020-12-22 | Insecure Web Service in Symphony Plus |
| CVE-2020-24679 | 2020-12-22 | Denial of Service attack on Symphony Plus |
| CVE-2020-24680 | 2020-12-22 | Improper Credential Storage in Symphony Plus |
| CVE-2020-24683 | 2020-12-22 | Authentication Bypass in Symphony Plus |
| CVE-2020-24674 | 2020-12-22 | Improper Authorization in Symphony Plus |
| CVE-2020-24673 | 2020-12-22 | SQL Injection in Symphony Plus |
| CVE-2020-24675 | 2020-12-22 | Weak Authentication in Symphony Plus |
| CVE-2020-14874 | 2020-12-22 | Vulnerability in the Oracle Cloud Infrastructure Identity and Access Management... |
| CVE-2020-28641 | 2020-12-22 | In Malwarebytes Free 4.1.0.56, a symbolic link may be used... |
| CVE-2020-35665 | 2020-12-23 | An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06... |
| CVE-2020-35656 | 2020-12-23 | Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary... |
| CVE-2020-35657 | 2020-12-23 | Jaws through 1.8.0 allows remote authenticated administrators to execute arbitrary... |
| CVE-2020-35658 | 2020-12-23 | SpamTitan before 7.09 allows attackers to tamper with backups, because... |
| CVE-2020-25190 | 2020-12-23 | MOXA NPort IAW5000A-I/O Series |
| CVE-2020-25194 | 2020-12-23 | MOXA NPort IAW5000A-I/O Series |
| CVE-2020-25198 | 2020-12-23 | MOXA NPort IAW5000A-I/O Series |
| CVE-2020-25192 | 2020-12-23 | MOXA NPort IAW5000A-I/O Series |
| CVE-2020-25153 | 2020-12-23 | MOXA NPort IAW5000A-I/O Series |
| CVE-2020-25196 | 2020-12-23 | MOXA NPort IAW5000A-I/O Series |
| CVE-2020-35136 | 2020-12-23 | Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution. An... |
| CVE-2020-35584 | 2020-12-23 | In Solstice Pod before 3.0.3, the web services allow users... |
| CVE-2020-35585 | 2020-12-23 | In Solstice Pod before 3.3.0 (or Open4.3), the screen key... |
| CVE-2020-35586 | 2020-12-23 | In Solstice Pod before 3.3.0 (or Open4.3), the Administrator password... |
| CVE-2020-29550 | 2020-12-23 | An issue was discovered in URVE Build 24.03.2020. The password... |
| CVE-2020-6159 | 2020-12-23 | URLs using “javascript:” have the protocol removed when pasted into... |
| CVE-2020-29552 | 2020-12-23 | An issue was discovered in URVE Build 24.03.2020. By using... |
| CVE-2020-35587 | 2020-12-23 | In Solstice Pod before 3.0.3, the firmware can easily be... |
| CVE-2020-35650 | 2020-12-23 | Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Groups for LearnDash... |
| CVE-2020-29551 | 2020-12-23 | An issue was discovered in URVE Build 24.03.2020. Using the... |
| CVE-2020-9439 | 2020-12-23 | Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Owl Tin Canny... |
| CVE-2020-11718 | 2020-12-23 | An issue was discovered in Programi Bilanc build 007 release... |
| CVE-2020-11720 | 2020-12-23 | An issue was discovered in Programi Bilanc build 007 release... |
| CVE-2020-11719 | 2020-12-23 | An issue was discovered in Programi Bilanc build 007 release... |
| CVE-2020-4642 | 2020-12-23 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect... |
| CVE-2018-1000891 | 2020-12-23 | Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving... |
| CVE-2018-1000892 | 2020-12-23 | Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when receiving... |
| CVE-2018-1000893 | 2020-12-23 | Bitcoin SV before 0.1.1 allows uncontrolled resource consumption when deserializing... |
| CVE-2020-13968 | 2020-12-23 | CRK Business Platform <= 2019.1 allows can inject SQL statements... |
| CVE-2020-13969 | 2020-12-23 | CRK Business Platform <= 2019.1 allows reflected XSS via erro.aspx... |