CVEs from 2020
Total
3,797
critical
critical 206
high
high 563
medium
medium 745
low
low 59
% Critical
5.4%
% with KEV
3.8%
% with exploit
5.4%
Top vendors
- oracle 476
- schneider-electric 139
- siemens 103
- netapp 28
- arista 15
- rockwellautomation 9
- fasterxml 8
- kubernetes 8
Top products
- retail_xstore_point_of_service 33
- banking_digital_experience 30
- primavera_unifier 29
- retail_service_backbone 15
- financial_services_institutional_performance_analytics 13
- insurance_policy_administration_j2ee 11
- communications_network_charging_and_control 10
- enterprise_manager_base_platform 10
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-13361 | unknown | — | — | — | In QEMU 5.0.0 and earlier, es1370_transfer_audio in hw/audio/es1370.c does not properly validate the frame count, which allows guest OS users to trigger an out-of-bounds access during an es1370_write… | |||
| CVE-2020-13362 | unknown | — | — | — | In QEMU 5.0.0 and earlier, megasas_lookup_frame in hw/scsi/megasas.c has an out-of-bounds read via a crafted reply_queue_head field from a guest OS user. | |||
| CVE-2020-13765 | unknown | — | — | — | rom_copy() in hw/core/loader.c in QEMU 4.0 and 4.1.0 does not validate the relationship between two addresses, which allows attackers to trigger an invalid memory copy operation. | |||
| CVE-2020-14394 | unknown | — | — | — | An infinite loop flaw was found in the USB xHCI controller emulation of QEMU while computing the length of the Transfer Request Block (TRB) Ring. This flaw allows a privileged guest user to hang the … | |||
| CVE-2020-15469 | unknown | — | — | — | In QEMU 4.2.0, a MemoryRegionOps object may lack read/write callback methods, leading to a NULL pointer dereference. | |||
| CVE-2020-10380 | unknown | — | — | — | RMySQL through 0.10.19 allows SQL Injection. | |||
| CVE-2020-12278 | unknown | — | — | — | An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. path.c mishandles equivalent filenames that exist because of NTFS Alternate Data Streams. This may allow remote code execution… | |||
| CVE-2020-12279 | unknown | — | — | — | An issue was discovered in libgit2 before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code execution when c… | |||
| CVE-2020-13124 | unknown | — | — | — | SABnzbd 2.3.9 and 3.0.0Alpha2 has a command injection vulnerability in the web configuration interface that permits an authenticated user to execute arbitrary Python commands on the underlying operat… | |||
| CVE-2020-27350 | unknown | — | — | — | APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfi… | |||
| CVE-2020-3810 | unknown | — | — | — | Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files. | |||
| CVE-2020-19861 | unknown | — | — | — | When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_r… | |||
| CVE-2020-21583 | unknown | — | — | — | An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or execute arbitrary commands via the path parameter when setting the date. | |||
| CVE-2020-13802 | unknown | — | — | — | Rebar3 versions 3.0.0-beta.3 to 3.13.2 are vulnerable to OS command injection via URL parameter of dependency specification. | |||
| CVE-2020-16269 | unknown | — | — | — | radare2 4.5.0 misparses DWARF information in executable files, causing a segmentation fault in parse_typedef in type_dwarf.c via a malformed DW_AT_name in the .debug_info section. | |||
| CVE-2020-27793 | unknown | — | — | — | An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c. This could allow an attacker to cause a crash, and perform a denail of service attack. | |||
| CVE-2020-27794 | unknown | — | — | — | A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash. | |||
| CVE-2020-27795 | unknown | — | — | — | A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument, anal_fcn_data (core, input + 1) --> RAnalFunction *fcn = r_anal_… | |||
| CVE-2020-12783 | unknown | — | — | — | Exim through 4.93 has an out-of-bounds read in the SPA authenticator that could result in SPA/NTLM authentication bypass in auths/spa.c and auths/auth-spa.c. | |||
| CVE-2020-15997 | unknown | — | — | — | Use after free in Mojo in Google Chrome prior to 86.0.4240.99 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. | |||
| CVE-2020-16003 | unknown | — | — | — | Use after free in printing in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-16045 | unknown | — | — | — | Use after Free in Payments in Google Chrome on Android prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted H… | |||
| CVE-2020-6383 | unknown | — | — | — | Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-6384 | unknown | — | — | — | Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-6386 | unknown | — | — | — | Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-6501 | unknown | — | — | — | Insufficient policy enforcement in CSP in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page. | |||
| CVE-2020-6492 | unknown | — | — | — | Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. | |||
| CVE-2020-6543 | unknown | — | — | — | Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-14403 | unknown | — | — | — | An issue was discovered in LibVNCServer before 0.9.13. libvncserver/hextile.c allows out-of-bounds access via encodings. | |||
| CVE-2020-6564 | unknown | — | — | — | Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to spoof the contents of a permission dialog via a crafted HTML page. | |||
| CVE-2020-6559 | unknown | — | — | — | Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-13753 | unknown | — | — | — | The bubblewrap sandbox of WebKitGTK and WPE WebKit, prior to 2.28.3, failed to properly block access to CLONE_NEWUSER and the TIOCSTI ioctl. CLONE_NEWUSER could potentially be used to confuse xdg-des… | |||
| CVE-2020-9947 | unknown | — | — | — | A use after free issue was addressed with improved memory management. This issue is fixed in watchOS 7.0, iOS 14.0 and iPadOS 14.0, iTunes for Windows 12.10.9, iCloud for Windows 11.5, tvOS 14.0, Saf… | |||
| CVE-2020-24379 | unknown | — | — | — | WebDAV implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to XXE injection. | |||
| CVE-2020-24916 | unknown | — | — | — | CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection. | |||
| CVE-2020-6539 | unknown | — | — | — | Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-36843 | unknown | — | — | 1y ago | Ed25519 Signature Malleability in ed25519-java Due to Missing Scalar Range Check | |||
| CVE-2020-27534 | unknown | — | — | 2y ago | util/binfmt_misc/check.go in Builder in Docker Engine before 19.03.9 calls os.OpenFile with a potentially unsafe qemu-check temporary pathname, constructed with an empty first argument in an ioutil.T… | |||
| CVE-2020-15136 | unknown | — | — | 2y ago | In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records. When starting a gateway, TLS authentication will only be attempted on e… | |||
| CVE-2020-15114 | unknown | — | — | 2y ago | In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access. However, it is possible to include the gateway address as an endpoin… | |||
| CVE-2020-15113 | unknown | — | — | 2y ago | In etcd before versions 3.3.23 and 3.4.10, certain directory paths are created (etcd data directory and the directory path when provided to automatically generate self-signed certificates for TLS con… | |||
| CVE-2020-24922 | unknown | — | — | 3y ago | xuxueli xxl-job Cross-Site Request Forgery Vulnerability | |||
| CVE-2020-21485 | unknown | — | — | 3y ago | Alluxio Cross Site Scripting vulnerability | |||
| CVE-2020-22755 | unknown | — | — | 3y ago | MCMS vulnerable to arbitrary code execution via crafted thumbnail | |||
| CVE-2020-20913 | unknown | — | — | 3y ago | Ming-Soft MCMS vulnerable to SQL injection | |||
| CVE-2020-36640 | unknown | — | — | 4y ago | bonita-connector-webservice XML External Entity vulnerability | |||
| CVE-2020-36641 | unknown | — | — | 4y ago | aXMLRPC XML External Entity vulnerability | |||
| CVE-2020-15115 | unknown | — | — | 4y ago | etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation, which allows for very short passwords, such as those with a length of one. This may allow an attacker to guess … | |||
| CVE-2020-15112 | unknown | — | — | 4y ago | In etcd before versions 3.3.23 and 3.4.10, it is possible to have an entry index greater then the number of entries in the ReadAll method in wal/wal.go. This could cause issues when WAL entries are b… | |||
| CVE-2020-15106 | unknown | — | — | 4y ago | In etcd before versions 3.3.23 and 3.4.10, a large slice causes panic in decodeRecord method. The size of a record is stored in the length field of a WAL file and no additional validation is done on … | |||
| CVE-2020-23622 | unknown | — | — | 4y ago | 4thline cling uPnP protocol issue can lead to denial of service | |||
| CVE-2020-7677 | unknown | — | — | 4y ago | thenify before 3.3.1 made use of unsafe calls to `eval`. | |||
| CVE-2020-28191 | unknown | — | — | 4y ago | Togglz console missing cross-site request forgery (CSRF) protection | |||
| CVE-2020-10650 | unknown | — | — | 4y ago | jackson-databind vulnerable to unsafe deserialization | |||
| CVE-2020-28865 | unknown | — | — | 4y ago | Insufficiently Protected Credentials in PowerJob | |||
| CVE-2020-28088 | unknown | — | — | 4y ago | Jeecg-Boot CMS arbitrary file upload vulnerability | |||
| CVE-2020-7021 | unknown | — | — | 4y ago | Insertion of Sensitive Information into Log File in Elasticsearch | |||
| CVE-2020-29582 | unknown | — | — | 4y ago | Incorrect Default Permissions in JetBrains Kotlin | |||
| CVE-2020-25476 | unknown | — | — | 4y ago | Liferay Portal Vulnerable to Cross-Site Scripting (XSS) via User Name Parameter | |||
| CVE-2020-8920 | unknown | — | — | 4y ago | Information leak in Gerrit | |||
| CVE-2020-16971 | unknown | — | — | 4y ago | Azure SDK for Java Security Feature Bypass Vulnerability | |||
| CVE-2020-27822 | unknown | — | — | 4y ago | Wildfly has a memory leak vulnerability | |||
| CVE-2020-2323 | unknown | — | — | 4y ago | Missing permission checks in Jenkins Chaos Monkey Plugin | |||
| CVE-2020-2320 | unknown | — | — | 4y ago | Jenkins Plugin Installation Manager Tool did not verify plugin downloads | |||
| CVE-2020-2322 | unknown | — | — | 4y ago | Missing permission checks in Jenkins Chaos Monkey Plugin | |||
| CVE-2020-2324 | unknown | — | — | 4y ago | XXE vulnerability in Jenkins CVS Plugin | |||
| CVE-2020-2321 | unknown | — | — | 4y ago | CSRF vulnerability in Jenkins Shelve Project Plugin | |||
| CVE-2020-2319 | unknown | — | — | 4y ago | Password stored in plain text by Jenkins VMware Lab Manager Slaves Plugin | |||
| CVE-2020-2318 | unknown | — | — | 4y ago | Passwords stored in plain text by Mail Commander Plugin for Jenkins-ci Plugin | |||
| CVE-2020-2311 | unknown | — | — | 4y ago | Missing permission check in Jenkins AWS Global Configuration Plugin allows replacing plugin configuration | |||
| CVE-2020-2314 | unknown | — | — | 4y ago | Password stored in plain text by Jenkins AppSpider Plugin | |||
| CVE-2020-2315 | unknown | — | — | 4y ago | XXE vulnerability in Jenkins Visualworks Store Plugin | |||
| CVE-2020-2309 | unknown | — | — | 4y ago | Missing authorization in Jenkins Kubernetes Plugin | |||
| CVE-2020-2313 | unknown | — | — | 4y ago | Missing permission checks in Jenkins Azure Key Vault Plugin allow enumerating credentials IDs | |||
| CVE-2020-2310 | unknown | — | — | 4y ago | Missing permission checks in Jenkins Ansible Plugin allow enumerating credentials IDs | |||
| CVE-2020-2312 | unknown | — | — | 4y ago | Password written to the build log by Jenkins SQLPlus Script Runner Plugin | |||
| CVE-2020-2308 | unknown | — | — | 4y ago | Missing Authorization in Jenkins Kubernetes Plugin | |||
| CVE-2020-2316 | unknown | — | — | 4y ago | Stored XSS vulnerability in Jenkins Static Analysis Utilities Plugin | |||
| CVE-2020-2306 | unknown | — | — | 4y ago | Missing Authorization in Jenkins Mercurial Plugin | |||
| CVE-2020-2307 | unknown | — | — | 4y ago | Exposure of Sensitive Information to an Unauthorized Actor in Jenkins Kubernetes Plugin | |||
| CVE-2020-2304 | unknown | — | — | 4y ago | XXE vulnerability in Jenkins Subversion Plugin | |||
| CVE-2020-2305 | unknown | — | — | 4y ago | XXE vulnerability in Jenkins Mercurial Plugin | |||
| CVE-2020-2300 | unknown | — | — | 4y ago | Improper Authentication (empty password) in Jenkins Active Directory Plugin | |||
| CVE-2020-2302 | unknown | — | — | 4y ago | Missing permission check in Jenkins Active Directory Plugin allows accessing domain health check page | |||
| CVE-2020-2303 | unknown | — | — | 4y ago | CSRF vulnerability in Jenkins Active Directory Plugin | |||
| CVE-2020-2301 | unknown | — | — | 4y ago | Authentication cache in Active Directory Jenkins Plugin allows logging in with any password | |||
| CVE-2020-2299 | unknown | — | — | 4y ago | Improper Authentication in Jenkins Active Directory Plugin | |||
| CVE-2020-25689 | unknown | — | — | 4y ago | Uncontrolled Resource Consumption in WildFly | |||
| CVE-2020-10721 | unknown | — | — | 4y ago | fabric8-maven-plugin: insecure way to construct Yaml Object leading to remote code execution | |||
| CVE-2020-2298 | unknown | — | — | 4y ago | XXE vulnerability in Jenkins Nerrvana Plugin | |||
| CVE-2020-2295 | unknown | — | — | 4y ago | CSRF vulnerability in Jenkins Maven Cascade Release Plugin | |||
| CVE-2020-2294 | unknown | — | — | 4y ago | Missing permission checks in Jenkins Maven Cascade Release Plugin | |||
| CVE-2020-2297 | unknown | — | — | 4y ago | Access token stored in plain text by Jenkins SMS Notification Plugin | |||
| CVE-2020-2292 | unknown | — | — | 4y ago | Stored XSS vulnerability in Jenkins Release Plugin | |||
| CVE-2020-2293 | unknown | — | — | 4y ago | Arbitrary file read vulnerability in Jenkins Persona Plugin | |||
| CVE-2020-2289 | unknown | — | — | 4y ago | Stored XSS vulnerability in Jenkins Active Choices Plugin | |||
| CVE-2020-2296 | unknown | — | — | 4y ago | CSRF vulnerability in Jenkins Shared Objects Plugin | |||
| CVE-2020-2290 | unknown | — | — | 4y ago | Stored XSS vulnerability in Jenkins Active Choices Plugin | |||
| CVE-2020-2288 | unknown | — | — | 4y ago | Incorrect default pattern in Jenkins Audit Trail Plugin | |||
| CVE-2020-2291 | unknown | — | — | 4y ago | Password stored in plain text by Jenkins couchdb-statistics Plugin |