CVE List - 2020 / December
Showing 501 - 600 of 1538 CVEs for December 2020 (Page 6 of 16)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2020-35135 | 2020-12-11 | The ultimate-category-excluder plugin before 1.2 for WordPress allows ultimate-category-excluder.php CSRF. |
| CVE-2020-7789 | 2020-12-11 | Command Injection |
| CVE-2020-7788 | 2020-12-11 | Prototype Pollution |
| CVE-2020-7790 | 2020-12-11 | Arbitrary File Read |
| CVE-2020-7792 | 2020-12-11 | Prototype Pollution |
| CVE-2020-7793 | 2020-12-11 | Regular Expression Denial of Service (ReDoS) |
| CVE-2020-17515 | 2020-12-11 | The "origin" parameter passed to some of the endpoints like... |
| CVE-2020-28838 | 2020-12-11 | Cross Site Request Forgery (CSRF) in CART option in OpenCart... |
| CVE-2020-4633 | 2020-12-11 | IBM Resilient SOAR V38.0 could allow a remote attacker to... |
| CVE-2020-29591 | 2020-12-11 | Versions of the Official registry Docker images through 2.7.0 contain... |
| CVE-2020-29254 | 2020-12-11 | TikiWiki 21.2 allows templates to be edited without CSRF protection.... |
| CVE-2020-27508 | 2020-12-11 | In two-factor authentication, the system also sending 2fa secret key... |
| CVE-2020-15357 | 2020-12-11 | Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and all prior versions... |
| CVE-2020-12149 | 2020-12-11 | OS Command Injection - Management File Upload |
| CVE-2020-15023 | 2020-12-11 | Askey AP5100W devices through AP5100W_Dual_SIG_1.01.097 are affected by WPS PIN... |
| CVE-2020-12148 | 2020-12-11 | OS Command Injection - nslookup API |
| CVE-2020-29574 | 2020-12-11 | An SQL injection vulnerability in the WebAdmin of Cyberoam OS... |
| CVE-2020-27127 | 2020-12-11 | Cisco Jabber Desktop and Mobile Client Software Vulnerabilities |
| CVE-2020-27132 | 2020-12-11 | Cisco Jabber Desktop and Mobile Client Software Vulnerabilities |
| CVE-2020-27133 | 2020-12-11 | Cisco Jabber Desktop and Mobile Client Software Vulnerabilities |
| CVE-2020-27134 | 2020-12-11 | Cisco Jabber Desktop and Mobile Client Software Vulnerabilities |
| CVE-2020-26265 | 2020-12-11 | Consensus flaw during block processing |
| CVE-2020-26264 | 2020-12-11 | LES Server DoS via GetProofsV2 |
| CVE-2020-7791 | 2020-12-11 | Denial of Service (DoS) |
| CVE-2020-28440 | 2020-12-11 | Command Injection |
| CVE-2020-28439 | 2020-12-11 | Command Injection |
| CVE-2020-27825 | 2020-12-11 | A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel... |
| CVE-2020-26419 | 2020-12-11 | Memory leak in the dissection engine in Wireshark 3.4.0 allows... |
| CVE-2020-26420 | 2020-12-11 | Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and... |
| CVE-2020-26421 | 2020-12-11 | Crash in USB HID protocol dissector and possibly other dissectors... |
| CVE-2020-26418 | 2020-12-11 | Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and... |
| CVE-2020-5948 | 2020-12-11 | On BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.2.7, 13.1.0-13.1.3.4, 12.1.0-12.1.5.2, and 11.6.1-11.6.5.2,... |
| CVE-2020-5950 | 2020-12-11 | On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allow for... |
| CVE-2020-35149 | 2020-12-11 | lib/utils.js in mquery before 3.2.3 allows a pollution attack because... |
| CVE-2020-27713 | 2020-12-11 | In certain configurations on version 13.1.3.4, when a BIG-IP AFM... |
| CVE-2020-5949 | 2020-12-11 | On BIG-IP versions 14.0.0-14.0.1 and 13.1.0-13.1.3.4, certain traffic pattern sent... |
| CVE-2020-19165 | 2020-12-11 | PHPSHE 1.7 has SQL injection via the admin.php?mod=user&userlevel_id=1 userlevel_id[] parameter. |
| CVE-2020-27730 | 2020-12-11 | In versions 3.0.0-3.9.0, 2.0.0-2.9.0, and 1.0.1, the NGINX Controller Agent... |
| CVE-2020-29455 | 2020-12-11 | A cross-Site Scripting (XSS) vulnerability in this.showInvalid and this.showInvalidCountry in... |
| CVE-2020-15376 | 2020-12-11 | Brocade Fabric OS versions before v9.0.0 and after version v8.1.0,... |
| CVE-2020-15375 | 2020-12-11 | Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e, v8.1.2k, v8.2.0_CBN3,... |
| CVE-2020-13984 | 2020-12-11 | An issue was discovered in Contiki through 3.0. An infinite... |
| CVE-2020-13985 | 2020-12-11 | An issue was discovered in Contiki through 3.0. A memory... |
| CVE-2020-13986 | 2020-12-11 | An issue was discovered in Contiki through 3.0. An infinite... |
| CVE-2020-13987 | 2020-12-11 | An issue was discovered in Contiki through 3.0. An Out-of-Bounds... |
| CVE-2020-13988 | 2020-12-11 | An issue was discovered in Contiki through 3.0. An Integer... |
| CVE-2020-35175 | 2020-12-11 | Frappe Framework 12 and 13 does not properly validate the... |
| CVE-2020-17437 | 2020-12-11 | An issue was discovered in uIP 1.0, as used in... |
| CVE-2020-17438 | 2020-12-11 | An issue was discovered in uIP 1.0, as used in... |
| CVE-2020-17439 | 2020-12-11 | An issue was discovered in uIP 1.0, as used in... |
| CVE-2020-17440 | 2020-12-11 | An issue was discovered in uIP 1.0, as used in... |
| CVE-2020-17441 | 2020-12-11 | An issue was discovered in picoTCP 1.7.0. The code for... |
| CVE-2020-17442 | 2020-12-11 | An issue was discovered in picoTCP 1.7.0. The code for... |
| CVE-2020-17443 | 2020-12-11 | An issue was discovered in picoTCP 1.7.0. The code for... |
| CVE-2020-17444 | 2020-12-11 | An issue was discovered in picoTCP 1.7.0. The routine for... |
| CVE-2020-17445 | 2020-12-11 | An issue was discovered in picoTCP 1.7.0. The code for... |
| CVE-2020-17467 | 2020-12-11 | An issue was discovered in FNET through 4.6.4. The code... |
| CVE-2020-17468 | 2020-12-11 | An issue was discovered in FNET through 4.6.4. The code... |
| CVE-2020-17469 | 2020-12-11 | An issue was discovered in FNET through 4.6.4. The code... |
| CVE-2020-17470 | 2020-12-11 | An issue was discovered in FNET through 4.6.4. The code... |
| CVE-2020-24334 | 2020-12-11 | The code that processes DNS responses in uIP through 1.0,... |
| CVE-2020-24336 | 2020-12-11 | An issue was discovered in Contiki through 3.0 and Contiki-NG... |
| CVE-2020-24337 | 2020-12-11 | An issue was discovered in picoTCP and picoTCP-NG through 1.7.0.... |
| CVE-2020-24338 | 2020-12-11 | An issue was discovered in picoTCP through 1.7.0. The DNS... |
| CVE-2020-24339 | 2020-12-11 | An issue was discovered in picoTCP and picoTCP-NG through 1.7.0.... |
| CVE-2020-24340 | 2020-12-11 | An issue was discovered in picoTCP and picoTCP-NG through 1.7.0.... |
| CVE-2020-24341 | 2020-12-11 | An issue was discovered in picoTCP and picoTCP-NG through 1.7.0.... |
| CVE-2020-24383 | 2020-12-11 | An issue was discovered in FNET through 4.6.4. The code... |
| CVE-2020-25107 | 2020-12-11 | An issue was discovered in the DNS implementation in Ethernut... |
| CVE-2020-25108 | 2020-12-11 | An issue was discovered in the DNS implementation in Ethernut... |
| CVE-2020-25109 | 2020-12-11 | An issue was discovered in the DNS implementation in Ethernut... |
| CVE-2020-25110 | 2020-12-11 | An issue was discovered in the DNS implementation in Ethernut... |
| CVE-2020-25111 | 2020-12-11 | An issue was discovered in the IPv6 stack in Contiki... |
| CVE-2020-25112 | 2020-12-11 | An issue was discovered in the IPv6 stack in Contiki... |
| CVE-2020-35176 | 2020-12-11 | In AWStats through 7.8, cgi-bin/awstats.pl?config= accepts a partial absolute pathname... |
| CVE-2020-29654 | 2020-12-11 | Western Digital Dashboard before 3.2.2.9 allows DLL Hijacking that leads... |
| CVE-2020-29563 | 2020-12-11 | An issue was discovered on Western Digital My Cloud OS... |
| CVE-2020-35201 | 2020-12-12 | Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp users Stored XSS. |
| CVE-2020-35202 | 2020-12-12 | Ignite Realtime Openfire 4.6.0 has plugins/dbaccess/db-access.jsp sql Stored XSS. |
| CVE-2020-35200 | 2020-12-12 | Ignite Realtime Openfire 4.6.0 has plugins/clientcontrol/spark-form.jsp Reflective XSS. |
| CVE-2020-35199 | 2020-12-12 | Ignite Realtime Openfire 4.6.0 has create-bookmark.jsp groupchatJID Stored XSS. |
| CVE-2020-35208 | 2020-12-12 | An issue was discovered in the LogMein LastPass Password Manager... |
| CVE-2020-35207 | 2020-12-12 | An issue was discovered in the LogMein LastPass Password Manager... |
| CVE-2020-29669 | 2020-12-14 | In the Macally WIFISD2-2A82 Media and Travel Router 2.000.010, the... |
| CVE-2020-35235 | 2020-12-14 | vendor/elfinder/php/connector.minimal.php in the secure-file-manager plugin through 2.5 for WordPress loads... |
| CVE-2020-35234 | 2020-12-14 | The easy-wp-smtp plugin before 1.4.4 for WordPress allows Administrator account... |
| CVE-2020-5635 | 2020-12-14 | Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an... |
| CVE-2020-5636 | 2020-12-14 | Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an... |
| CVE-2020-5637 | 2020-12-14 | Improper validation of integrity check value vulnerability in Aterm SA3500G... |
| CVE-2020-5639 | 2020-12-14 | Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2... |
| CVE-2020-5665 | 2020-12-14 | Improper check or handling of exceptional conditions in MELSEC iQ-F... |
| CVE-2020-35236 | 2020-12-14 | The GitLab Webhook Handler in amazee.io Lagoon before 1.12.3 has... |
| CVE-2020-17511 | 2020-12-14 | In Airflow versions prior to 1.10.13, when creating a user... |
| CVE-2020-17513 | 2020-12-14 | In Apache Airflow versions prior to 1.10.13, the Charts and... |
| CVE-2020-29227 | 2020-12-14 | An issue was discovered in Car Rental Management System 1.0.... |
| CVE-2020-14244 | 2020-12-14 | A vulnerability in the MIME message handling of the Domino... |
| CVE-2020-35378 | 2020-12-14 | SQL Injection in the login page in Online Bus Ticket... |
| CVE-2020-14268 | 2020-12-14 | A vulnerability in the MIME message handling of the Notes... |
| CVE-2020-35382 | 2020-12-14 | SQL Injection in Classbooking before 2.4.1 via the username field... |
| CVE-2020-25179 | 2020-12-14 | GE Healthcare Imaging and Ultrasound Products may allow specific credentials... |