CVEs from 2020
Total
4,811
critical
critical 193
high
high 470
medium
medium 675
low
low 56
% Critical
4.0%
% with KEV
3.0%
% with exploit
3.1%
Top products
- banking_digital_experience 30
- retail_xstore_point_of_service 28
- primavera_unifier 27
- retail_service_backbone 15
- financial_services_institutional_performance_analytics 10
- communications_network_charging_and_control 10
- communications_contacts_server 9
- agile_plm 8
| CVE | Severity | CVSS | Risk | Published | Description | Impact |
|---|---|---|---|---|---|---|
| CVE-2020-6823 | critical | — | 9.5 | — | A malicious extension could have called <code>browser.identity.launchWebAuthFlow</code>, controlling the redirect_uri, and through the Promise returned, obtain the Auth code and gain access to the us… | |
| CVE-2020-6382 | critical | — | 9.5 | — | Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6524 | critical | — | 9.5 | — | Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6518 | critical | — | 9.5 | — | Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who had convinced the user to use developer tools to potentially exploit heap corruption via a craft… | |
| CVE-2020-6511 | critical | — | 9.5 | — | Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |
| CVE-2020-26963 | critical | — | 9.5 | — | Repeated calls to the history and location interfaces could have been used to hang the browser. This was addressed by introducing rate-limiting to these API calls. This vulnerability affects Firefox … | |
| CVE-2020-6512 | critical | — | 9.5 | — | Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6510 | critical | — | 9.5 | — | Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-26968 | critical | — | 9.5 | — | Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these… | |
| CVE-2020-6515 | critical | — | 9.5 | — | Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-16008 | critical | — | 9.5 | — | Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet. | |
| CVE-2020-6522 | critical | — | 9.5 | — | Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2020-8955 | critical | — | 9.5 | — | irc_mode_channel_update in plugins/irc/irc-mode.c in WeeChat through 2.7 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified othe… | |
| CVE-2020-28038 | critical | — | 9.5 | — | WordPress before 5.5.2 allows stored XSS via post slugs. | |
| CVE-2020-6394 | critical | — | 9.5 | — | Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page. | |
| CVE-2020-6796 | critical | — | 9.5 | — | A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially … | |
| CVE-2020-12392 | critical | — | 9.5 | — | The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP POST data of a request, which can be controlled by the website. If a user used the 'Copy as cURL' feature and past… | |
| CVE-2020-6807 | critical | — | 9.5 | — | When a device was changed while a stream was about to be destroyed, the <code>stream-reinit</code> task may have been executed after the stream was destroyed, causing a use-after-free and a potential… | |
| CVE-2020-8794 | critical | — | 9.5 | — | OpenSMTPD before 6.6.4 allows remote code execution because of an out-of-bounds read in mta_io in mta_session.c for multi-line replies. Although this vulnerability affects the client side of OpenSMTP… | |
| CVE-2020-26956 | critical | — | 9.5 | — | In some cases, removing HTML elements during sanitization would keep existing SVG event handlers and therefore lead to XSS. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbir… | |
| CVE-2020-14355 | critical | — | 9.5 | — | Multiple buffer overflow vulnerabilities were found in the QUIC image decoding process of the SPICE remote display system, before spice-0.14.2-1. Both the SPICE client (spice-gtk) and server are affe… | |
| CVE-2020-11100 | critical | — | 9.5 | — | In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2… | |
| CVE-2020-6378 | critical | — | 9.5 | — | Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6413 | critical | — | 9.5 | — | Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass HTML validators via a crafted HTML page. | |
| CVE-2020-6379 | critical | — | 9.5 | — | Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6813 | critical | — | 9.5 | — | When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement in the CSS block could allow an attacker to inject arbitrary styles, bypassing the intent of the Co… | |
| CVE-2020-6533 | critical | — | 9.5 | — | Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6392 | critical | — | 9.5 | — | Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a … | |
| CVE-2020-6398 | critical | — | 9.5 | — | Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |
| CVE-2020-6078 | critical | — | 9.5 | — | An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing mDNS messages in mdns_recv, the return value of the mdns_read_h… | |
| CVE-2020-6396 | critical | — | 9.5 | — | Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |
| CVE-2020-9760 | critical | — | 9.5 | — | An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affected). When a new IRC message 005 is received with longer nick prefixes, a buffer overflow and possibly a crash can happen when a… | |
| CVE-2020-6395 | critical | — | 9.5 | — | Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |
| CVE-2020-6808 | critical | — | 9.5 | — | When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed to create an HTML document, which is then presented. Previously, this document's URL (as reported by… | |
| CVE-2020-6401 | critical | — | 9.5 | — | Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | |
| CVE-2020-15968 | critical | — | 9.5 | — | Use after free in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6412 | critical | — | 9.5 | — | Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | |
| CVE-2020-6792 | critical | — | 9.5 | — | When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird < 68.5. | |
| CVE-2020-6526 | critical | — | 9.5 | — | Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | |
| CVE-2020-15979 | critical | — | 9.5 | — | Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6416 | critical | — | 9.5 | — | Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6794 | critical | — | 9.5 | — | If a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was no… | |
| CVE-2020-16006 | critical | — | 9.5 | — | Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6400 | critical | — | 9.5 | — | Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |
| CVE-2020-6528 | critical | — | 9.5 | — | Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page. | |
| CVE-2020-6399 | critical | — | 9.5 | — | Insufficient policy enforcement in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |
| CVE-2020-6530 | critical | — | 9.5 | — | Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption … | |
| CVE-2020-6402 | critical | — | 9.5 | — | Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a c… | |
| CVE-2020-6406 | critical | — | 9.5 | — | Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6390 | critical | — | 9.5 | — | Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6071 | critical | — | 9.5 | — | An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing compressed labels in mDNS messages, the compression poi… | |
| CVE-2020-6411 | critical | — | 9.5 | — | Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name. | |
| CVE-2020-6410 | critical | — | 9.5 | — | Insufficient policy enforcement in navigation in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to confuse the user via a crafted domain name. | |
| CVE-2020-6409 | critical | — | 9.5 | — | Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote attacker who convinced the user to enter a URI to bypass navigation restrictions via a crafted domain n… | |
| CVE-2020-28037 | critical | — | 9.5 | — | is_blog_installed in wp-includes/functions.php in WordPress before 5.5.2 improperly determines whether WordPress is already installed, which might allow an attacker to perform a new installation, lea… | |
| CVE-2020-28035 | critical | — | 9.5 | — | WordPress before 5.5.2 allows attackers to gain privileges via XML-RPC. | |
| CVE-2020-9759 | critical | — | 9.5 | — | A Vulnerability of LG Electronic web OS TV Emulator could allow an attacker to escalate privileges and overwrite certain files. This vulnerability is due to wrong environment setting. An attacker cou… | |
| CVE-2020-15982 | critical | — | 9.5 | — | Inappropriate implementation in cache in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |
| CVE-2020-15967 | critical | — | 9.5 | — | Use after free in payments in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2020-16005 | critical | — | 9.5 | — | Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6516 | critical | — | 9.5 | — | Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | |
| CVE-2020-15990 | critical | — | 9.5 | — | Use after free in autofill in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2020-15975 | critical | — | 9.5 | — | Integer overflow in SwiftShader in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-12394 | critical | — | 9.5 | — | A logic flaw in our location bar implementation could have allowed a local attacker to spoof the current location by selecting a different origin and removing focus from the input element. This vulne… | |
| CVE-2020-6529 | critical | — | 9.5 | — | Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in a privileged network position to leak cross-origin data via a crafted HTML page. | |
| CVE-2020-6795 | critical | — | 9.5 | — | When processing a message that contains multiple S/MIME signatures, a bug in the MIME processing code caused a null pointer dereference, leading to an unexploitable crash. This vulnerability affects … | |
| CVE-2020-15972 | critical | — | 9.5 | — | Use after free in audio in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-28033 | critical | — | 9.5 | — | WordPress before 5.5.2 mishandles embeds from disabled sites on a multisite network, as demonstrated by allowing a spam embed. | |
| CVE-2020-6073 | critical | — | 9.5 | — | An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Videolabs libmicrodns 0.1.0. When parsing the RDATA section in a TXT record in mDNS messages, multiple… | |
| CVE-2020-11523 | critical | — | 9.5 | — | libfreerdp/gdi/region.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Integer Overflow. | |
| CVE-2020-15971 | critical | — | 9.5 | — | Use after free in printing in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2020-6389 | critical | — | 9.5 | — | Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentially exploit heap corruption via a crafted video stream. | |
| CVE-2020-6525 | critical | — | 9.5 | — | Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6527 | critical | — | 9.5 | — | Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass content security policy via a crafted HTML page. | |
| CVE-2020-28034 | critical | — | 9.5 | — | WordPress before 5.5.2 allows XSS associated with global variables. | |
| CVE-2020-15976 | critical | — | 9.5 | — | Use after free in WebXR in Google Chrome on Android prior to 86.0.4240.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-6534 | critical | — | 9.5 | — | Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |
| CVE-2020-26965 | critical | — | 9.5 | — | Some websites have a feature "Show Password" where clicking a button will change a password field into a textbook field, revealing the typed password. If, when using a software keyboard that remember… | |
| CVE-2020-15985 | critical | — | 9.5 | — | Inappropriate implementation in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to spoof security UI via a crafted HTML page. | |
| CVE-2020-15974 | critical | — | 9.5 | — | Integer overflow in Blink in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to bypass site isolation via a crafted HTML page. | |
| CVE-2020-15684 | critical | — | 9.5 | — | Mozilla developers reported memory safety bugs present in Firefox 81. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been expl… | |
| CVE-2020-26952 | critical | — | 9.5 | — | Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affect… | |
| CVE-2020-15992 | critical | — | 9.5 | — | Insufficient policy enforcement in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML… | |
| CVE-2020-28039 | critical | — | 9.5 | — | is_protected_meta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is considered protected. | |
| CVE-2020-35730 | high | — | 9.5 | 3y ago | An XSS issue was discovered in Roundcube Webmail before 1.2.13, 1.3.x before 1.3.16, and 1.4.x before 1.4.10. The attacker can send a plain text e-mail message, with JavaScript in a link reference el… | |
| CVE-2020-23256 | critical | — | 9.5 | 3y ago | electerm allows unauthorized users to execute arbitrary commands | |
| CVE-2020-26269 | critical | — | 9.5 | 4y ago | In TensorFlow release candidate versions 2.4.0rc*, the general implementation for matching filesystem paths to globbing pattern is vulnerable to an access out of bounds of the array holding the direc… | |
| CVE-2020-6418 | high | — | 9.5 | 5y ago | Google Chromium V8 Engine contains a type confusion vulnerability allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web… | |
| CVE-2020-13672 | critical | — | 9.5 | 5y ago | Drupal core Cross-site Scripting (XSS) vulnerability | |
| CVE-2020-26271 | critical | — | 9.5 | 6y ago | In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memory while building the computation graph. The MakeEdge function creates an edge … | |
| CVE-2020-26270 | critical | — | 9.5 | 6y ago | In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length results in a CHECK failure when using the CUDA backend. This can result in a q… | |
| CVE-2020-26268 | critical | — | 9.5 | 6y ago | In affected versions of TensorFlow the tf.raw_ops.ImmutableConst operation returns a constant tensor created from a memory mapped file which is assumed immutable. However, if the type of the tensor i… | |
| CVE-2020-26267 | critical | — | 9.5 | 6y ago | In affected versions of TensorFlow the tf.raw_ops.DataFormatVecPermute API does not validate the src_format and dst_format attributes. The code assumes that these two arguments define a permutation o… | |
| CVE-2020-26266 | critical | — | 9.5 | 6y ago | In affected versions of TensorFlow under certain cases a saved model can trigger use of uninitialized values during code execution. This is caused by having tensor buffers be filled with the default … | |
| CVE-2020-16017 | high | — | 9.5 | 6y ago | Google Chrome contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. | |
| CVE-2020-16013 | high | — | 9.5 | 6y ago | Google Chromium V8 Engine contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could… | |
| CVE-2020-15999 | high | — | 9.5 | 6y ago | Important: freetype security update | |
| CVE-2020-15254 | critical | — | 9.5 | 6y ago | Crossbeam is a set of tools for concurrent programming. In crossbeam-channel before version 0.4.4, the bounded channel incorrectly assumes that `Vec::from_iter` has allocated capacity that same as th… | |
| CVE-2020-37227 | high | 8.8 | 8.8 | 11d ago | HS Brand Logo Slider 2.1 contains an unrestricted file upload vulnerability that allows authenticated users to bypass client-side file extension validation by uploading arbitrary files. Attackers can… | |
| CVE-2020-11113 | high | 8.8 | 8.8 | 6y ago | FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). |