CVE List - 2020 / December
Showing 501 - 600 of 1538 CVEs for December 2020 (Page 6 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-7789 | 2020-12-11 | Command Injection |
| CVE-2020-7788 | 2020-12-11 | Prototype Pollution |
| CVE-2020-7790 | 2020-12-11 | Arbitrary File Read |
| CVE-2020-7792 | 2020-12-11 | Prototype Pollution |
| CVE-2020-7793 | 2020-12-11 | Regular Expression Denial of Service (ReDoS) |
| CVE-2020-17515 | 2020-12-11 | The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit. This issue affects Apache Airflow versions prior to 1.10.13. This is same as CVE-2020-13944... |
| CVE-2020-28838 | 2020-12-11 | Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to cart. |
| CVE-2020-4633 | 2020-12-11 | IBM Resilient SOAR V38.0 could allow a remote attacker to execute arbitrary code on the system, caused by formula injection due to improper input validation. |
| CVE-2020-29591 | 2020-12-11 | Versions of the Official registry Docker images through 2.7.0 contain a blank password for the root user. Systems deployed using affected versions of the registry container may allow a remote... |
| CVE-2020-29254 | 2020-12-11 | TikiWiki 21.2 allows templates to be edited without CSRF protection. This could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on... |
| CVE-2020-27508 | 2020-12-11 | In two-factor authentication, the system also sending 2fa secret key in response, which enables an intruder to breach the 2fa security. |
| CVE-2020-15357 | 2020-12-11 | Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and all prior versions allows remote attackers to execute arbitrary commands via a shell metacharacter in the ping, traceroute, or route options. |
| CVE-2020-12149 | 2020-12-11 | OS Command Injection - Management File Upload |
| CVE-2020-15023 | 2020-12-11 | Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN offline brute-force cracking. This arises because of issues with the random number selection for the Diffie-Hellman exchange. By capturing an... |
| CVE-2020-12148 | 2020-12-11 | OS Command Injection - nslookup API |
| CVE-2020-29574 | 2020-12-11 | An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely. |
| CVE-2020-27127 | 2020-12-11 | Cisco Jabber Desktop and Mobile Client Software Vulnerabilities |
| CVE-2020-27132 | 2020-12-11 | Cisco Jabber Desktop and Mobile Client Software Vulnerabilities |
| CVE-2020-27133 | 2020-12-11 | Cisco Jabber Desktop and Mobile Client Software Vulnerabilities |
| CVE-2020-27134 | 2020-12-11 | Cisco Jabber Desktop and Mobile Client Software Vulnerabilities |
| CVE-2020-26265 | 2020-12-11 | Consensus flaw during block processing |
| CVE-2020-26264 | 2020-12-11 | LES Server DoS via GetProofsV2 |
| CVE-2020-7791 | 2020-12-11 | Denial of Service (DoS) |
| CVE-2020-28440 | 2020-12-11 | Command Injection |
| CVE-2020-28439 | 2020-12-11 | Command Injection |
| CVE-2020-27825 | 2020-12-11 | A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may... |
| CVE-2020-26419 | 2020-12-11 | Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file. |
| CVE-2020-26420 | 2020-12-11 | Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. |
| CVE-2020-26421 | 2020-12-11 | Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. |
| CVE-2020-26418 | 2020-12-11 | Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file. |
| CVE-2020-5948 | 2020-12-11 | On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the... |
| CVE-2020-5950 | 2020-12-11 | On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is... |
| CVE-2020-35149 | 2020-12-11 | lib/utils.js in mquery before 3.2.3 allows a pollution attack because a special property (e.g., __proto__) can be copied during a merge or clone operation. |
| CVE-2020-27713 | 2020-12-11 | In certain configurations on version 13.1.3.4, when a BIG-IP AFM HTTP security profile is applied to a virtual server and the BIG-IP system receives a request with specific characteristics, the... |
| CVE-2020-5949 | 2020-12-11 | On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent to a virtual server configured with an FTP profile can cause the FTP channel to break. |
| CVE-2020-19165 | 2020-12-11 | PHPSHE 1.7 has SQL injection via the admin.php?mod=user&userlevel_id=1 userlevel_id[] parameter. |
| CVE-2020-27730 | 2020-12-11 | In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent does not use absolute paths when calling system utilities. |
| CVE-2020-29455 | 2020-12-11 | A cross-Site Scripting (XSS) vulnerability in this.showInvalid and this.showInvalidCountry in SmartyStreets liveAddressPlugin.js 3.2 allows remote attackers to inject arbitrary web script or HTML via any address parameter (e.g., street or... |
| CVE-2020-15376 | 2020-12-11 | Brocade Fabric OS versions before v9.0.0 and after version v8.1.0, configured in Virtual Fabric mode contain a weakness in the ldap implementation that could allow a remote ldap user to... |
| CVE-2020-15375 | 2020-12-11 | Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3, v7.4.2g contain an improper input validation weakness in the command line interface when secccrypptocfg is invoked. The vulnerability could allow... |
| CVE-2020-13984 | 2020-12-11 | An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in ext_hdr_options_process in net/ipv6/uip6.c. |
| CVE-2020-13985 | 2020-12-11 | An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header... |
| CVE-2020-13986 | 2020-12-11 | An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in... |
| CVE-2020-13987 | 2020-12-11 | An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c. |
| CVE-2020-13988 | 2020-12-11 | An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in... |
| CVE-2020-35175 | 2020-12-11 | Frappe Framework 12 and 13 does not properly validate the HTTP method for the frappe.client API. |
| CVE-2020-17437 | 2020-12-11 | An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag is set in a TCP packet, and the stack is configured... |
| CVE-2020-17438 | 2020-12-11 | An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to properly validate the total length of an... |
| CVE-2020-17439 | 2020-12-11 | An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that the incoming DNS replies... |
| CVE-2020-17440 | 2020-12-11 | An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses incoming DNS packets does not validate that domain names present in... |
| CVE-2020-17441 | 2020-12-11 | An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate whether the IPv6 payload length field is equal to the actual size of... |
| CVE-2020-17442 | 2020-12-11 | An issue was discovered in picoTCP 1.7.0. The code for parsing the hop-by-hop IPv6 extension headers does not validate the bounds of the extension header length value, which may result... |
| CVE-2020-17443 | 2020-12-11 | An issue was discovered in picoTCP 1.7.0. The code for creating an ICMPv6 echo replies doesn't check whether the ICMPv6 echo request packet's size is shorter than 8 bytes. If... |
| CVE-2020-17444 | 2020-12-11 | An issue was discovered in picoTCP 1.7.0. The routine for processing the next header field (and deducing whether the IPv6 extension headers are valid) doesn't check whether the header extension... |
| CVE-2020-17445 | 2020-12-11 | An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 destination options does not check for a valid length of the destination options header. This results in... |
| CVE-2020-17467 | 2020-12-11 | An issue was discovered in FNET through 4.6.4. The code for processing the hostname from an LLMNR request doesn't check for '\0' termination. Therefore, the deduced length of the hostname... |
| CVE-2020-17468 | 2020-12-11 | An issue was discovered in FNET through 4.6.4. The code for processing the hop-by-hop header (in the IPv6 extension headers) doesn't check for a valid length of an extension header,... |
| CVE-2020-17469 | 2020-12-11 | An issue was discovered in FNET through 4.6.4. The code for IPv6 fragment reassembly tries to access a previous fragment starting from a network incoming fragment that still doesn't have... |
| CVE-2020-17470 | 2020-12-11 | An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface structure does not set sufficiently random transaction IDs (they are always set to 1... |
| CVE-2020-24334 | 2020-12-11 | The code that processes DNS responses in uIP through 1.0, as used in Contiki and Contiki-NG, does not check whether the number of responses specified in the DNS packet header... |
| CVE-2020-24336 | 2020-12-11 | An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the... |
| CVE-2020-24337 | 2020-12-11 | An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause... |
| CVE-2020-24338 | 2020-12-11 | An issue was discovered in picoTCP through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to... |
| CVE-2020-24339 | 2020-12-11 | An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with... |
| CVE-2020-24340 | 2020-12-11 | An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The code that processes DNS responses in pico_mdns_handle_data_as_answers_generic() in pico_mdns.c does not check whether the number of answers/responses specified in... |
| CVE-2020-24341 | 2020-12-11 | An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to... |
| CVE-2020-24383 | 2020-12-11 | An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading... |
| CVE-2020-25107 | 2020-12-11 | An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. There is no check on whether a domain name has '\0' termination. This may lead to successful... |
| CVE-2020-25108 | 2020-12-11 | An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The DNS response data length is not checked (it can be set to an arbitrary value from... |
| CVE-2020-25109 | 2020-12-11 | An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The number of DNS queries/responses (set in a DNS header) is not checked against the data present.... |
| CVE-2020-25110 | 2020-12-11 | An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The length byte of a domain name in a DNS query/response is not checked, and is used... |
| CVE-2020-25111 | 2020-12-11 | An issue was discovered in the IPv6 stack in Contiki through 3.0. There is an insufficient check for the IPv6 header length. This leads to Denial-of-Service and potential Remote Code... |
| CVE-2020-25112 | 2020-12-11 | An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution... |
| CVE-2020-35176 | 2020-12-11 | In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname (omitting the initial /etc), even though it was intended to only read a file in the /etc/awstats/awstats.conf format. NOTE: this... |
| CVE-2020-29654 | 2020-12-11 | Western Digital Dashboard before 3.2.2.9 allows DLL Hijacking that leads to compromise of the SYSTEM account. |
| CVE-2020-29563 | 2020-12-11 | An issue was discovered on Western Digital My Cloud OS 5 devices before 5.07.118. A NAS Admin authentication bypass vulnerability could allow an unauthenticated user to gain access to the... |
| CVE-2020-35201 | 2020-12-12 | Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp users Stored XSS. |
| CVE-2020-35202 | 2020-12-12 | Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql Stored XSS. |
| CVE-2020-35200 | 2020-12-12 | Ignite Realtime Openfire 4.6.0 has plugins/clientcontrol/spark-form.jsp Reflective XSS. |
| CVE-2020-35199 | 2020-12-12 | Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchatJID Stored XSS. |
| CVE-2020-35208 | 2020-12-12 | An issue was discovered in the LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app 4.8.11.2403 for iOS. The password authentication for unlocking can be bypassed by forcing the authentication result to... |
| CVE-2020-35207 | 2020-12-12 | An issue was discovered in the LogMein LastPass Password Manager (aka com.lastpass.ilastpass) app 4.8.11.2403 for iOS. The PIN authentication for unlocking can be bypassed by forcing the authentication result to... |
| CVE-2020-29669 | 2020-12-14 | In the Macally WIFISD2-2A82 Media and Travel Router 2.000.010, the Guest user is able to reset its own password. This process has a vulnerability which can be used to take... |
| CVE-2020-35235 | 2020-12-14 | vendor/elfinder/php/connector.minimal.php in the secure-file-manager plugin through 2.5 for WordPress loads elFinder code without proper access control. Thus, any authenticated user can run the elFinder upload command to achieve remote code... |
| CVE-2020-35234 | 2020-12-14 | The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account takeover, as exploited in the wild in December 2020. If an attacker can list the wp-content/plugins/easy-wp-smtp/ directory, then they can... |
| CVE-2020-5635 | 2020-12-14 | Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an... |
| CVE-2020-5636 | 2020-12-14 | Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to send a specially crafted request to a specific URL, which may result in an... |
| CVE-2020-5637 | 2020-12-14 | Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program. |
| CVE-2020-5639 | 2020-12-14 | Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitrary... |
| CVE-2020-5665 | 2020-12-14 | Improper check or handling of exceptional conditions in MELSEC iQ-F series FX5U(C) CPU unit firmware version 1.060 and earlier allows an attacker to cause a denial-of-service (DoS) condition on program... |
| CVE-2020-35236 | 2020-12-14 | The GitLab Webhook Handler in amazee.io Lagoon before 1.12.3 has incorrect access control associated with project deletion. |
| CVE-2020-17511 | 2020-12-14 | In Airflow versions prior to 1.10.13, when creating a user using airflow CLI, the password gets logged in plain text in the Log table in Airflow Metadatase. Same happened when... |
| CVE-2020-17513 | 2020-12-14 | In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old (Flask-admin based) UI were vulnerable for SSRF attack. |
| CVE-2020-29227 | 2020-12-14 | An issue was discovered in Car Rental Management System 1.0. An unauthenticated user can perform a file inclusion attack against the /index.php file with a partial filename in the "page"... |
| CVE-2020-14244 | 2020-12-14 | A vulnerability in the MIME message handling of the Domino server (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This... |
| CVE-2020-35378 | 2020-12-14 | SQL Injection in the login page in Online Bus Ticket Reservation 1.0 allows attackers to execute arbitrary SQL commands and bypass authentication via the username and password fields. |
| CVE-2020-14268 | 2020-12-14 | A vulnerability in the MIME message handling of the Notes client (versions 9 and 10) could potentially be exploited by an unauthenticated attacker resulting in a stack buffer overflow. This... |
| CVE-2020-35382 | 2020-12-14 | SQL Injection in Classbooking before 2.4.1 via the username field of a CSV file when adding a new user. |
| CVE-2020-25179 | 2020-12-14 | GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network. |
| CVE-2020-25175 | 2020-12-14 | GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network. |