CVE List - 2020 / December
Showing 101 - 200 of 1538 CVEs for December 2020 (Page 2 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-25649 | 2020-12-03 | A flaw was found in FasterXML Jackson Databind, where it... |
| CVE-2020-28923 | 2020-12-03 | An issue was discovered in Play Framework 2.8.0 through 2.8.4.... |
| CVE-2020-14381 | 2020-12-03 | A flaw was found in the Linux kernel’s futex implementation.... |
| CVE-2020-13531 | 2020-12-03 | A use-after-free vulnerability exists in a way Pixar OpenUSD 20.08... |
| CVE-2020-13542 | 2020-12-03 | A local privilege elevation vulnerability exists in the file system... |
| CVE-2020-13543 | 2020-12-03 | A code execution vulnerability exists in the WebSocket functionality of... |
| CVE-2020-27783 | 2020-12-03 | A XSS vulnerability was discovered in python-lxml's clean module. The... |
| CVE-2020-14351 | 2020-12-03 | A flaw was found in the Linux kernel. A use-after-free... |
| CVE-2020-27778 | 2020-12-03 | A flaw was found in Poppler in the way certain... |
| CVE-2020-28251 | 2020-12-03 | NETSCOUT AirMagnet Enterprise 11.1.4 build 37257 and earlier has a... |
| CVE-2020-25693 | 2020-12-03 | A flaw was found in CImg in versions prior to... |
| CVE-2020-23735 | 2020-12-03 | In Saibo Cyber Game Accelerator 3.7.9 there is a local... |
| CVE-2020-13584 | 2020-12-03 | An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1... |
| CVE-2020-13524 | 2020-12-03 | An out-of-bounds memory corruption vulnerability exists in the way Pixar... |
| CVE-2020-13525 | 2020-12-03 | The sort parameter in the download page /sysworkflow/en/neoclassic/reportTables/reportTables_Ajax is vulnerable... |
| CVE-2020-23726 | 2020-12-03 | There is a local denial of service vulnerability in Wise... |
| CVE-2020-23727 | 2020-12-03 | There is a local denial of service vulnerability in the... |
| CVE-2020-28175 | 2020-12-03 | There is a local privilege escalation vulnerability in Alfredo Milani... |
| CVE-2020-23740 | 2020-12-03 | In DriverGenius 9.61.5480.28 there is a local privilege escalation vulnerability... |
| CVE-2020-23741 | 2020-12-03 | In AnyView (network police) network monitoring software 4.6.0.1, there is... |
| CVE-2020-17527 | 2020-12-03 | Apache Tomcat: Request header mix-up between HTTP/2 streams |
| CVE-2020-23738 | 2020-12-03 | There is a local denial of service vulnerability in Advanced... |
| CVE-2020-23736 | 2020-12-03 | There is a local denial of service vulnerability in DaDa... |
| CVE-2020-29529 | 2020-12-03 | HashiCorp go-slug up to 0.4.3 did not fully protect against... |
| CVE-2020-29534 | 2020-12-03 | An issue was discovered in the Linux kernel before 5.9.3.... |
| CVE-2020-26248 | 2020-12-03 | Blind SQL injection during the CommentGrade process |
| CVE-2018-21270 | 2020-12-03 | Versions less than 0.0.6 of the Node.js stringstream module are... |
| CVE-2020-16123 | 2020-12-03 | Bypass of snapd pulseaudio restrictions |
| CVE-2020-27765 | 2020-12-04 | A flaw was found in ImageMagick in MagickCore/segment.c. An attacker... |
| CVE-2020-27766 | 2020-12-04 | A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker... |
| CVE-2020-27767 | 2020-12-04 | A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker... |
| CVE-2020-27770 | 2020-12-04 | Due to a missing check for 0 value of `replace_extent`,... |
| CVE-2020-27771 | 2020-12-04 | In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls... |
| CVE-2020-27772 | 2020-12-04 | A flaw was found in ImageMagick in coders/bmp.c. An attacker... |
| CVE-2020-27773 | 2020-12-04 | A flaw was found in ImageMagick in MagickCore/gem-private.h. An attacker... |
| CVE-2020-27774 | 2020-12-04 | A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker... |
| CVE-2020-27775 | 2020-12-04 | A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker... |
| CVE-2020-27776 | 2020-12-04 | A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker... |
| CVE-2020-27348 | 2020-12-04 | snapcraft may build snaps with incorrect LD_LIBRARY_PATH |
| CVE-2020-29561 | 2020-12-04 | An issue was discovered in SonicBOOM riscv-boom 3.0.0. For LR,... |
| CVE-2020-28916 | 2020-12-04 | hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an... |
| CVE-2020-29562 | 2020-12-04 | The iconv function in the GNU C Library (aka glibc... |
| CVE-2020-29565 | 2020-12-04 | An issue was discovered in OpenStack Horizon before 15.3.2, 16.x... |
| CVE-2020-5675 | 2020-12-04 | Out-of-bounds read vulnerability in GT21 model of GOT2000 series (GT2107-WTBD... |
| CVE-2020-27409 | 2020-12-04 | OpenSIS Community Edition before 7.5 is affected by a cross-site... |
| CVE-2020-27408 | 2020-12-04 | OpenSIS Community Edition through 7.6 is affected by incorrect access... |
| CVE-2020-25461 | 2020-12-04 | Invalid Memory Access in the fxProxyGetter function in moddable/xs/sources/xsProxy.c in... |
| CVE-2020-25462 | 2020-12-04 | Heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562 in... |
| CVE-2020-25463 | 2020-12-04 | Invalid Memory Access in fxUTF8Decode at moddable/xs/sources/xsCommon.c:916 in Moddable SDK... |
| CVE-2020-25464 | 2020-12-04 | Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before... |
| CVE-2020-25465 | 2020-12-04 | Null Pointer Dereference. in xObjectBindingFromExpression at moddable/xs/sources/xsSyntaxical.c:3419 in Moddable SDK... |
| CVE-2020-25449 | 2020-12-04 | Cross Site Scripting (XSS) vulnerability in Arachnys Cabot 0.11.12 can... |
| CVE-2020-28950 | 2020-12-04 | The installer of Kaspersky Anti-Ransomware Tool (KART) prior to KART... |
| CVE-2020-29572 | 2020-12-05 | app/View/Elements/genericElements/SingleViews/Fields/genericField.ctp in MISP 2.4.135 has XSS via the authkey comment... |
| CVE-2020-29573 | 2020-12-05 | sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6)... |
| CVE-2020-29599 | 2020-12-07 | ImageMagick before 6.9.11-40 and 7.x before 7.0.10-40 mishandles the -authenticate... |
| CVE-2020-28727 | 2020-12-07 | Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid... |
| CVE-2020-5799 | 2020-12-07 | The Eat Spray Love mobile app for both iOS and... |
| CVE-2020-5800 | 2020-12-07 | The Eat Spray Love mobile app for both iOS and... |
| CVE-2020-5798 | 2020-12-07 | inSync Client installer for macOS versions v6.8.0 and prior could... |
| CVE-2020-9247 | 2020-12-07 | There is a buffer overflow vulnerability in several Huawei products.... |
| CVE-2020-27151 | 2020-12-07 | An issue was discovered in Kata Containers through 1.11.3 and... |
| CVE-2020-26513 | 2020-12-07 | An issue was discovered in Intland codeBeamer ALM 10.x through... |
| CVE-2020-26122 | 2020-12-07 | Inspur NF5266M5 through 3.21.2 and other server M5 devices allow... |
| CVE-2020-29595 | 2020-12-07 | PlugIns\IDE_ACDStd.apl in ACDSee Photo Studio Studio Professional 2021 14.0 Build... |
| CVE-2020-13945 | 2020-12-07 | In Apache APISIX, the user enabled the Admin API and... |
| CVE-2020-29597 | 2020-12-07 | IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This... |
| CVE-2020-17521 | 2020-12-07 | Apache Groovy provides extension methods to aid with creating temporary... |
| CVE-2020-29600 | 2020-12-07 | In AWStats through 7.7, cgi-bin/awstats.pl?config= accepts an absolute pathname, even... |
| CVE-2020-28935 | 2020-12-07 | Local symlink attack in Unbound and NSD |
| CVE-2020-8566 | 2020-12-07 | Ceph RBD adminSecrets exposed in logs when loglevel >= 4 |
| CVE-2020-8565 | 2020-12-07 | Incomplete fix for CVE-2019-11250 allows for token leak in logs when logLevel >= 9 |
| CVE-2020-8564 | 2020-12-07 | Docker config secrets leaked when file is malformed and loglevel >= 4 |
| CVE-2020-8563 | 2020-12-07 | Secret leaks in logs for vSphere Provider kube-controller-manager |
| CVE-2020-17531 | 2020-12-08 | Deserialization flaw in EOL Tapestry 4. |
| CVE-2020-25665 | 2020-12-08 | The PALM image coder at coders/palm.c makes an improper call... |
| CVE-2020-25666 | 2020-12-08 | There are 4 places in HistogramCompare() in MagickCore/histogram.c where an... |
| CVE-2020-25674 | 2020-12-08 | WriteOnePNGImage() from coders/png.c (the PNG coder) has a for loop... |
| CVE-2020-25675 | 2020-12-08 | In the CropImage() and CropImageToTiles() routines of MagickCore/transform.c, rounding calculations... |
| CVE-2020-25676 | 2020-12-08 | In CatromWeights(), MeshInterpolate(), InterpolatePixelChannel(), InterpolatePixelChannels(), and InterpolatePixelInfo(), which are all... |
| CVE-2020-27750 | 2020-12-08 | A flaw was found in ImageMagick in MagickCore/colorspace-private.h and MagickCore/quantum.h.... |
| CVE-2020-27751 | 2020-12-08 | A flaw was found in ImageMagick in MagickCore/quantum-export.c. An attacker... |
| CVE-2020-27754 | 2020-12-08 | In IntensityCompare() of /magick/quantize.c, there are calls to PixelPacketIntensity() which... |
| CVE-2020-27756 | 2020-12-08 | In ParseMetaGeometry() of MagickCore/geometry.c, image height and width calculations can... |
| CVE-2020-27757 | 2020-12-08 | A floating point math calculation in ScaleAnyToQuantum() of /MagickCore/quantum-private.h could... |
| CVE-2020-27758 | 2020-12-08 | A flaw was found in ImageMagick in coders/txt.c. An attacker... |
| CVE-2020-25677 | 2020-12-08 | A flaw was found in Ceph-ansible v4.0.41 where it creates... |
| CVE-2020-27818 | 2020-12-08 | A flaw was found in the check_chunk_name() function of pngcheck-2.4.0.... |
| CVE-2020-25692 | 2020-12-08 | A NULL pointer dereference was found in OpenLDAP server and... |
| CVE-2020-27822 | 2020-12-08 | A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final,... |
| CVE-2020-25631 | 2020-12-08 | A vulnerability was found in Moodle 3.9 to 3.9.1, 3.8... |
| CVE-2020-25630 | 2020-12-08 | A vulnerability was found in Moodle where the decompressed size... |
| CVE-2020-25629 | 2020-12-08 | A vulnerability was found in Moodle where users with "Log... |
| CVE-2020-25628 | 2020-12-08 | The filter in the tag manager required extra sanitizing to... |
| CVE-2020-26253 | 2020-12-08 | .dev domains treated as local in Kirby |
| CVE-2020-29540 | 2020-12-08 | API calls in the Translation API feature in Systran Pure... |
| CVE-2020-29539 | 2020-12-08 | A Cross-Site Scripting (XSS) issue in WebUI Translation in Systran... |
| CVE-2020-25889 | 2020-12-08 | Online Bus Booking System Project Using PHP/MySQL version 1.0 has... |
| CVE-2020-25955 | 2020-12-08 | SourceCodester Student Management System Project in PHP version 1.0 is... |
| CVE-2020-26254 | 2020-12-08 | omniauth-apple allows attacker to fake their email address during authentication |