CVEs from 2020
Total
3,992
critical
critical 169
high
high 590
medium
medium 739
low
low 59
% Critical
4.2%
% with KEV
3.7%
% with exploit
4.0%
Top vendors
Top products
- retail_xstore_point_of_service 33
- banking_digital_experience 30
- primavera_unifier 29
- retail_service_backbone 15
- financial_services_institutional_performance_analytics 13
- insurance_policy_administration_j2ee 11
- communications_network_charging_and_control 10
- enterprise_manager_base_platform 10
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-4430 | unknown | — | 1.5 | 5y ago | IBM Data Risk Manager contains a directory traversal vulnerability that could allow a remote authenticated attacker to traverse directories and send a specially crafted URL request to download arbitr… | |||
| CVE-2020-0878 | unknown | — | 1.5 | 5y ago | Microsoft Edge and Internet Explorer contain a memory corruption vulnerability that allows attackers to execute code in the context of the current user. | |||
| CVE-2020-0683 | unknown | — | 1.5 | 5y ago | Microsoft Windows Installer contains a privilege escalation vulnerability when MSI packages process symbolic links, which allows attackers to bypass access restrictions to add or remove files. | |||
| CVE-2020-17087 | unknown | — | 1.5 | 5y ago | Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation. | |||
| CVE-2020-0938 | unknown | — | 1.5 | 5y ago | Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code exec… | |||
| CVE-2020-17144 | unknown | — | 1.5 | 5y ago | Microsoft Exchange Server improperly validates cmdlet arguments which allow an attacker to perform remote code execution. | |||
| CVE-2020-0986 | unknown | — | 1.5 | 5y ago | Microsoft Windows kernel contains an unspecified vulnerability when handling objects in memory that allows attackers to escalate privileges and execute code in kernel mode. | |||
| CVE-2020-1020 | unknown | — | 1.5 | 5y ago | Microsoft Windows Adobe Font Manager Library contains an unspecified vulnerability when handling specially crafted multi-master fonts (Adobe Type 1 PostScript format) that allows for remote code exec… | |||
| CVE-2020-1464 | unknown | — | 1.5 | 5y ago | Microsoft Windows contains a spoofing vulnerability when Windows incorrectly validates file signatures, allowing an attacker to bypass security features and load improperly signed files. | |||
| CVE-2020-1350 | unknown | — | 1.5 | 5y ago | Microsoft Windows DNS Servers fail to properly handle requests, allowing an attacker to perform remote code execution in the context of the Local System Account. The vulnerability is also known under… | |||
| CVE-2020-0674 | unknown | — | 1.5 | 5y ago | Microsoft Internet Explorer contains a memory corruption vulnerability due to the way the Scripting Engine handles objects in memory. Successful exploitation could allow remote code execution in the … | |||
| CVE-2020-1380 | unknown | — | 1.5 | 5y ago | Microsoft Internet Explorer contains a memory corruption vulnerability which can allow for remote code execution in the context of the current user. | |||
| CVE-2020-0968 | unknown | — | 1.5 | 5y ago | Microsoft Internet Explorer contains a memory corruption vulnerability due to how the Scripting Engine handles objects in memory, leading to remote code execution. | |||
| CVE-2020-26919 | unknown | — | 1.5 | 5y ago | Netgear JGS516PE devices contain a missing function level access control vulnerability. | |||
| CVE-2020-8243 | unknown | — | 1.5 | 5y ago | Ivanti Pulse Connect Secure contains an unspecified vulnerability in the admin web interface that could allow an authenticated attacker to upload a custom template to perform code execution. | |||
| CVE-2020-10221 | unknown | — | 1.5 | 5y ago | rConfig lib/ajaxHandlers/ajaxAddTemplate.php contains an OS command injection vulnerability that allows remote attackers to execute OS commands via shell metacharacters in the fileName POST parameter. | |||
| CVE-2020-10148 | unknown | — | 1.5 | 5y ago | SolarWinds Orion API contains an authentication bypass vulnerability that could allow a remote attacker to execute API commands. | |||
| CVE-2020-12271 | unknown | — | 1.5 | 5y ago | Sophos Firewall operating system (SFOS) firmware contains a SQL injection vulnerability when configured with either the administration (HTTPS) service or the User Portal is exposed on the WAN zone. S… | |||
| CVE-2020-10181 | unknown | — | 1.5 | 5y ago | Sumavision Enhanced Multimedia Router (EMR) contains a cross-site request forgery (CSRF) vulnerability allowing the creation of users with elevated privileges as administrator on a device. | |||
| CVE-2020-10987 | unknown | — | 1.5 | 5y ago | Tenda AC1900 Router AC15 Model contains an unspecified vulnerability that allows remote attackers to execute system commands via the deviceName POST parameter. | |||
| CVE-2020-8467 | unknown | — | 1.5 | 5y ago | Trend Micro Apex One and OfficeScan contain an unspecified vulnerability within a migration tool component that allows for remote code execution. | |||
| CVE-2020-8468 | unknown | — | 1.5 | 5y ago | Trend Micro Apex One, OfficeScan, and Worry-Free Business Security agents contain a content validation escape vulnerability that could allow an attacker to manipulate certain agent client components. | |||
| CVE-2020-24557 | unknown | — | 1.5 | 5y ago | Trend Micro Apex One, OfficeScan, and Worry-Free Business Security on Microsoft Windows contain an improper access control vulnerability that may allow an attacker to manipulate a particular product … | |||
| CVE-2020-8599 | unknown | — | 1.5 | 5y ago | Trend Micro Apex One and OfficeScan server contain a vulnerable EXE file that could allow a remote attacker to write data to a path on affected installations and bypass root login. | |||
| CVE-2020-3992 | unknown | — | 1.5 | 5y ago | VMware ESXi OpenSLP contains a use-after-free vulnerability that allows an attacker residing in the management network with access to port 427 to perform remote code execution. | |||
| CVE-2020-4006 | unknown | — | 1.5 | 5y ago | VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector contain a command injection vulnerability. An attacker with network access to the administrative config… | |||
| CVE-2020-29583 | unknown | — | 1.5 | 5y ago | Zyxel firewalls (ATP, USG, VM) and AP Controllers (NXC2500 and NXC5500) contain a use of hard-coded credentials vulnerability in an undocumented account ("zyfwp") with an unchangeable password. | |||
| CVE-2020-13671 | unknown | — | 1.5 | 6y ago | Improper sanitization in the extension file names is present in Drupal core. | |||
| CVE-2020-1956 | unknown | — | 1.5 | 6y ago | Apache Kylin contains an OS command injection vulnerability which could permit an attacker to perform remote code execution. | |||
| CVE-2020-0009 | unknown | — | 1.0 | — | In calc_vm_may_flags of ashmem.c, there is a possible arbitrary write to shared memory due to a permissions bypass. This could lead to local escalation of privilege by corrupting memory shared betwee… | |||
| CVE-2020-35476 | unknown | — | 1.0 | 5y ago | OS Command Injection in OpenTSDB | |||
| CVE-2020-29370 | unknown | — | — | — | An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71. | |||
| CVE-2020-29369 | unknown | — | — | — | An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations… | |||
| CVE-2020-27825 | unknown | — | — | — | A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, m… | |||
| CVE-2020-29371 | unknown | — | — | — | An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd. | |||
| CVE-2020-29373 | unknown | — | — | — | An issue was discovered in fs/io_uring.c in the Linux kernel before 5.6. It unsafely handles the root directory during path lookups, and thus a process inside a mount namespace can escape to unintend… | |||
| CVE-2020-27784 | unknown | — | — | — | A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises beca… | |||
| CVE-2020-29374 | unknown | — | — | — | An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly … | |||
| CVE-2020-27418 | unknown | — | — | — | A Use After Free vulnerability in Fedora Linux kernel 5.9.0-rc9 allows attackers to obatin sensitive information via vgacon_invert_region() function. | |||
| CVE-2020-29534 | unknown | — | — | — | An issue was discovered in the Linux kernel before 5.9.3. io_uring takes a non-refcounted reference to the files_struct of the process that submitted a request, causing execve() to incorrectly optimi… | |||
| CVE-2020-29568 | unknown | — | — | — | An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is a… | |||
| CVE-2020-29569 | unknown | — | — | — | An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when st… | |||
| CVE-2020-35513 | unknown | — | — | — | A flaw incorrect umask during file or directory modification in the Linux kernel NFS (network file system) functionality was found in the way user create and delete object using NFSv4.2 or newer if b… | |||
| CVE-2020-35519 | unknown | — | — | — | An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the sy… | |||
| CVE-2020-36310 | unknown | — | — | — | An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52. | |||
| CVE-2020-36311 | unknown | — | — | — | An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires … | |||
| CVE-2020-36313 | unknown | — | — | — | An issue was discovered in the Linux kernel before 5.7. The KVM subsystem allows out-of-range access to memslots after a deletion, aka CID-0774a964ef56. This affects arch/s390/kvm/kvm-s390.c, include… | |||
| CVE-2020-25668 | unknown | — | — | — | A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. | |||
| CVE-2020-12062 | unknown | — | — | — | The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbit… | |||
| CVE-2020-21890 | unknown | — | — | — | Buffer Overflow vulnerability in clj_media_size function in devices/gdevclj.c in Artifex Ghostscript 9.50 allows remote attackers to cause a denial of service or other unspecified impact(s) via openi… | |||
| CVE-2020-0067 | unknown | — | — | — | In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. U… | |||
| CVE-2020-25221 | unknown | — | — | — | get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page tha… | |||
| CVE-2020-14396 | unknown | — | — | — | An issue was discovered in LibVNCServer before 0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference. | |||
| CVE-2020-25623 | unknown | — | — | — | Erlang/OTP 22.3.x before 22.3.4.6 and 23.x before 23.1 allows Directory Traversal. An attacker can send a crafted HTTP request to read arbitrary files, if httpd in the inets application is used. | |||
| CVE-2020-25220 | unknown | — | — | — | The Linux kernel 4.9.x before 4.9.233, 4.14.x before 4.14.194, and 4.19.x before 4.19.140 has a use-after-free because skcd->no_refcnt was not considered during a backport of a CVE-2020-14356 patch. … | |||
| CVE-2020-0030 | unknown | — | — | — | In binder_thread_release of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User… | |||
| CVE-2020-0347 | unknown | — | — | — | In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is no… | |||
| CVE-2020-36773 | unknown | — | — | — | Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one … | |||
| CVE-2020-15900 | unknown | — | — | — | A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'po… | |||
| CVE-2020-29260 | unknown | — | — | — | libvncclient v0.9.13 was discovered to contain a memory leak via the function rfbClientCleanup(). | |||
| CVE-2020-12652 | unknown | — | — | — | The __mptctl_ioctl function in drivers/message/fusion/mptctl.c in the Linux kernel before 5.4.14 allows local users to hold an incorrect lock during the ioctl operation and trigger a race condition, … | |||
| CVE-2020-16093 | unknown | — | — | — | In LemonLDAP::NG (aka lemonldap-ng) through 2.0.8, validity of the X.509 certificate is not checked by default when connecting to remote LDAP backends, because the default configuration of the Net::L… | |||
| CVE-2020-27194 | unknown | — | — | — | An issue was discovered in the Linux kernel before 5.8.15. scalar32_min_max_or in kernel/bpf/verifier.c mishandles bounds tracking during use of 64-bit values, aka CID-5b9fbeb75b6a. | |||
| CVE-2020-28588 | unknown | — | — | — | An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been introduced in v5.1-rc4 (commit 631b… | |||
| CVE-2020-12430 | unknown | — | — | — | An issue was discovered in qemuDomainGetStatsIOThread in qemu/qemu_driver.c in libvirt 4.10.0 though 6.x before 6.1.0. A memory leak was found in the virDomainListGetStats libvirt API that is respons… | |||
| CVE-2020-28097 | unknown | — | — | — | The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka CID-973c096f6a85. | |||
| CVE-2020-10701 | unknown | — | — | — | A missing authorization flaw was found in the libvirt API responsible for changing the QEMU agent response timeout. This flaw allows read-only connections to adjust the time that libvirt waits for th… | |||
| CVE-2020-21583 | unknown | — | — | — | An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date. | |||
| CVE-2020-13802 | unknown | — | — | — | Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification. | |||
| CVE-2020-12656 | unknown | — | — | — | gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: Thi… | |||
| CVE-2020-12872 | unknown | — | — | — | yaws_config.erl in Yaws through 2.0.2 and/or 2.0.7 loads obsolete TLS ciphers, as demonstrated by ones that allow Sweet32 attacks, if running on an Erlang/OTP virtual machine with a version less than… | |||
| CVE-2020-12783 | unknown | — | — | — | Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c. | |||
| CVE-2020-12768 | unknown | — | — | — | An issue was discovered in the Linux kernel before 5.6. svm_cpu_uninit in arch/x86/kvm/svm.c has a memory leak, aka CID-d80b64ff297e. NOTE: third parties dispute this issue because it's a one-time le… | |||
| CVE-2020-11669 | unknown | — | — | — | An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, … | |||
| CVE-2020-11609 | unknown | — | — | — | An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid des… | |||
| CVE-2020-11494 | unknown | — | — | — | An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive infor… | |||
| CVE-2020-0423 | unknown | — | — | — | In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges … | |||
| CVE-2020-0066 | unknown | — | — | — | In the netlink driver, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is n… | |||
| CVE-2020-0110 | unknown | — | — | — | In psi_write of psi.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User int… | |||
| CVE-2020-14004 | unknown | — | — | — | An issue was discovered in Icinga2 before v2.12.0-rc1. The prepare-dirs script (run as part of the icinga2 systemd service) executes chmod 2750 /run/icinga2/cmd. /run/icinga2 is under control of an u… | |||
| CVE-2020-24698 | unknown | — | — | — | An issue was discovered in PowerDNS Authoritative through 4.3.0 when --enable-experimental-gss-tsig is used. A remote, unauthenticated attacker might be able to cause a double-free, leading to a cras… | |||
| CVE-2020-29663 | unknown | — | — | — | Icinga 2 v2.8.0 through v2.11.7 and v2.12.2 has an issue where revoked certificates due for renewal will automatically be renewed, ignoring the CRL. This issue is fixed in Icinga 2 v2.11.8 and v2.12.… | |||
| CVE-2020-15708 | unknown | — | — | — | Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. An attacker could use this to overwrite arbitrary files or execute arbitrary code. | |||
| CVE-2020-14401 | unknown | — | — | — | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/scale.c has a pixel_value integer overflow. | |||
| CVE-2020-24379 | unknown | — | — | — | WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection. | |||
| CVE-2020-28984 | unknown | — | — | — | prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does not properly validate the couleur, display, display_navigation, display_outils, imessage, and spip_ecran parameters. | |||
| CVE-2020-27347 | unknown | — | — | — | In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output. | |||
| CVE-2020-20703 | unknown | — | — | — | Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter. | |||
| CVE-2020-22402 | unknown | — | — | — | Cross Site Scripting (XSS) vulnerability in SOGo Web Mail before 4.3.1 allows attackers to obtain user sensitive information when a user reads an email containing malicious code. | |||
| CVE-2020-14002 | unknown | — | — | — | PuTTY 0.68 through 0.73 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where… | |||
| CVE-2020-10704 | unknown | — | — | — | A flaw was found when using samba as an Active Directory Domain Controller. Due to the way samba handles certain requests as an Active Directory Domain Controller LDAP server, an unauthorized user ca… | |||
| CVE-2020-14383 | unknown | — | — | — | A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted afte… | |||
| CVE-2020-24916 | unknown | — | — | — | CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection. | |||
| CVE-2020-12640 | unknown | — | — | — | Roundcube Webmail before 1.4.4 allows attackers to include local files and execute code via directory traversal in a plugin name to rcube_plugin_api.php. | |||
| CVE-2020-12625 | unknown | — | — | — | An issue was discovered in Roundcube Webmail before 1.4.4. There is a cross-site scripting (XSS) vulnerability in rcube_washtml.php because JavaScript code can occur in the CDATA of an HTML message. | |||
| CVE-2020-12626 | unknown | — | — | — | An issue was discovered in Roundcube Webmail before 1.4.4. A CSRF attack can cause an authenticated user to be logged out because POST was not considered. | |||
| CVE-2020-13964 | unknown | — | — | — | An issue was discovered in Roundcube Webmail before 1.3.12 and 1.4.x before 1.4.5. include/rcmail_output_html.php allows XSS via the username template object. | |||
| CVE-2020-15562 | unknown | — | — | — | An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in th… | |||
| CVE-2020-18670 | unknown | — | — | — | Cross Site Scripting (XSS) vulneraibility in Roundcube mail .4.4 via database host and user in /installer/test.php. | |||
| CVE-2020-16145 | unknown | — | — | — | Roundcube Webmail before 1.3.15 and 1.4.8 allows stored XSS in HTML messages during message display via a crafted SVG document. This issue has been fixed in 1.4.8 and 1.3.15. |