CVEs from 2020
Total
3,799
critical
critical 206
high
high 563
medium
medium 745
low
low 59
% Critical
5.4%
% with KEV
3.8%
% with exploit
5.4%
Top vendors
- oracle 476
- schneider-electric 139
- siemens 103
- netapp 28
- arista 15
- rockwellautomation 9
- fasterxml 8
- kubernetes 8
Top products
- retail_xstore_point_of_service 33
- banking_digital_experience 30
- primavera_unifier 29
- retail_service_backbone 15
- financial_services_institutional_performance_analytics 13
- insurance_policy_administration_j2ee 11
- communications_network_charging_and_control 10
- enterprise_manager_base_platform 10
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-15395 | unknown | — | — | — | In MediaInfoLib in MediaArea MediaInfo 20.03, there is a stack-based buffer over-read in Streams_Fill_PerStream in Multiple/File_MpegPs.cpp (aka an off-by-one during MpegPs parsing). | |||
| CVE-2020-36774 | unknown | — | — | — | plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash). | |||
| CVE-2020-1504 | unknown | — | — | — | ||||
| CVE-2020-0435 | unknown | — | — | — | ||||
| CVE-2020-14376 | unknown | — | — | — | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying iv_data from the VM guest memory into host memory can lead to a large buffer overflow. … | |||
| CVE-2020-10593 | unknown | — | — | — | Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (memory leak), aka TROVE-2020-004. This occurs in circpad_setup_machine_on_c… | |||
| CVE-2020-8516 | unknown | — | — | — | The daemon in Tor through 0.4.1.8 and 0.4.2.x through 0.4.2.6 does not verify that a rendezvous node is known before attempting to connect to it, which might make it easier for remote attackers to di… | |||
| CVE-2020-9481 | unknown | — | — | — | Apache ATS 6.0.0 to 6.2.3, 7.0.0 to 7.1.9, and 8.0.0 to 8.0.6 is vulnerable to a HTTP/2 slow read attack. | |||
| CVE-2020-12965 | unknown | — | — | — | ||||
| CVE-2020-17508 | unknown | — | — | — | The ATS ESI plugin has a memory disclosure vulnerability. If you are running the plugin please upgrade. Apache Traffic Server versions 7.0.0 to 7.1.11 and 8.0.0 to 8.1.0 are affected. | |||
| CVE-2020-24241 | unknown | — | — | — | In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c. | |||
| CVE-2020-17509 | unknown | — | — | — | ATS negative cache option is vulnerable to a cache poisoning attack. If you have this option enabled, please upgrade or disable this feature. Apache Traffic Server versions 7.0.0 to 7.1.11 and 8.0.0 … | |||
| CVE-2020-1944 | unknown | — | — | — | There is a vulnerability in Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.8, and 8.0.0 to 8.0.5 with a smuggling attack and Transfer-Encoding and Content length headers. Upgrade to versions 7.1.… | |||
| CVE-2020-9494 | unknown | — | — | — | Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and sp… | |||
| CVE-2020-13164 | unknown | — | — | — | In Wireshark 3.2.0 to 3.2.3, 3.0.0 to 3.0.10, and 2.6.0 to 2.6.16, the NFS dissector could crash. This was addressed in epan/dissectors/packet-nfs.c by preventing excessive recursion, such as for a c… | |||
| CVE-2020-26575 | unknown | — | — | — | In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of o… | |||
| CVE-2020-25789 | unknown | — | — | — | An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. The cached_url feature mishandles JavaScript inside an SVG document. | |||
| CVE-2020-25788 | unknown | — | — | — | An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. imgproxy in plugins/af_proxy_http/init.php mishandles $_REQUEST["url"] in an error message. | |||
| CVE-2020-27745 | unknown | — | — | — | Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin. | |||
| CVE-2020-8517 | unknown | — | — | — | An issue was discovered in Squid before 4.10. Due to incorrect input validation, the NTLM authentication credentials parser in ext_lm_group_acl may write to memory outside the credentials buffer. On … | |||
| CVE-2020-29411 | unknown | — | — | — | ||||
| CVE-2020-29487 | unknown | — | — | — | ||||
| CVE-2020-0034 | unknown | — | — | — | In vp8_decode_frame of decodeframe.c, there is a possible out of bounds read due to improper input validation. This could lead to remote information disclosure if error correction were turned on, wit… | |||
| CVE-2020-35533 | unknown | — | — | — | In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file. | |||
| CVE-2020-36388 | unknown | — | — | — | In CiviCRM before 5.21.3 and 5.22.x through 5.24.x before 5.24.3, users may be able to upload and execute a crafted PHAR archive. | |||
| CVE-2020-36129 | unknown | — | — | — | AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aom_image.c. | |||
| CVE-2020-36130 | unknown | — | — | — | AOM v2.0.1 was discovered to contain a NULL pointer dereference via the component av1/av1_dx_iface.c. | |||
| CVE-2020-36133 | unknown | — | — | — | AOM v2.0.1 was discovered to contain a global buffer overflow via the component av1/encoder/partition_search.h. | |||
| CVE-2020-10772 | unknown | — | — | — | An incomplete fix for CVE-2020-12662 was shipped for Unbound in Red Hat Enterprise Linux 7, as part of erratum RHSA-2020:2414. Vulnerable versions of Unbound could still amplify an incoming query int… | |||
| CVE-2020-5973 | unknown | — | — | — | ||||
| CVE-2020-19824 | unknown | — | — | — | An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the ao_c parameter. | |||
| CVE-2020-12135 | unknown | — | — | — | bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow … | |||
| CVE-2020-8013 | unknown | — | — | — | ||||
| CVE-2020-8025 | unknown | — | — | — | ||||
| CVE-2020-36476 | unknown | — | — | — | An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data… | |||
| CVE-2020-15993 | unknown | — | — | — | Use after free in printing in Google Chrome prior to 86.0.4240.99 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||
| CVE-2020-14059 | unknown | — | — | — | An issue was discovered in Squid 5.x before 5.0.3. Due to an Incorrect Synchronization, a Denial of Service can occur when processing objects in an SMP cache because of an Ipc::Mem::PageStack::pop AB… | |||
| CVE-2020-17448 | unknown | — | — | — | Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Execution protection mechanism, as demonstrated by use of the chat window with a filename that lacks an ex… | |||
| CVE-2020-36280 | unknown | — | — | — | Leptonica before 1.80.0 allows a heap-based buffer over-read in pixReadFromTiffStream, related to tiffio.c. | |||
| CVE-2020-36278 | unknown | — | — | — | Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c. | |||
| CVE-2020-6104 | unknown | — | — | — | An exploitable information disclosure vulnerability exists in the get_dnode_of_data functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause information disclosure re… | |||
| CVE-2020-6105 | unknown | — | — | — | An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause Information overwrite resulting in… | |||
| CVE-2020-6106 | unknown | — | — | — | An exploitable information disclosure vulnerability exists in the init_node_manager functionality of F2fs-Tools F2fs.Fsck 1.12 and 1.13. A specially crafted filesystem can be used to disclose informa… | |||
| CVE-2020-11061 | unknown | — | — | — | In Bareos Director less than or equal to 16.2.10, 17.2.9, 18.2.8, and 19.2.7, a heap overflow allows a malicious client to corrupt the director's memory via oversized digest strings sent during initi… | |||
| CVE-2020-15474 | unknown | — | — | — | In nDPI through 3.2, there is a stack overflow in extractRDNSequence in lib/protocols/tls.c. | |||
| CVE-2020-15473 | unknown | — | — | — | In nDPI through 3.2, the OpenVPN dissector is vulnerable to a heap-based buffer over-read in ndpi_search_openvpn in lib/protocols/openvpn.c. | |||
| CVE-2020-15861 | unknown | — | — | — | Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following. | |||
| CVE-2020-2727 | unknown | — | — | — | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily expl… | |||
| CVE-2020-4050 | unknown | — | — | — | In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fields to be saved. It does require an admin to install a plugin that would misus… | |||
| CVE-2020-9369 | unknown | — | — | — | Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service (disk consumption from temporary files, and a flood of notifications to listmasters) via a series of requests with mal… | |||
| CVE-2020-15801 | unknown | — | — | — | In Python 3.8.4, sys.path restrictions specified in a python38._pth file are ignored, allowing code to be loaded from arbitrary locations. The <executable-name>._pth file (e.g., the python._pth file)… | |||
| CVE-2020-2704 | unknown | — | — | — | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily expl… | |||
| CVE-2020-12423 | unknown | — | — | — | When the Windows DLL "webauthn.dll" was missing from the Operating System, and a malicious one was placed in a folder in the user's %PATH%, Firefox may have loaded the DLL, leading to arbitrary code … | |||
| CVE-2020-13645 | unknown | — | — | — | In GNOME glib-networking through 2.64.2, the implementation of GTlsClientConnection skips hostname verification of the server's TLS certificate if the application fails to specify the expected server… | |||
| CVE-2020-35511 | unknown | — | — | — | A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file. | |||
| CVE-2020-27818 | unknown | — | — | — | A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. An attacker able to pass a malicious file to be processed by pngcheck could cause a temporary denial of service, posing a low ri… | |||
| CVE-2020-14889 | unknown | — | — | — | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.16. Easily exploitable vulnerability allows high p… | |||
| CVE-2020-2958 | unknown | — | — | — | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Difficult t… | |||
| CVE-2020-11741 | unknown | — | — | — | An issue was discovered in xenoprof in Xen through 4.13.x, allowing guest OS users (with active profiling) to obtain sensitive information about other guests, cause a denial of service, or possibly g… | |||
| CVE-2020-11743 | unknown | — | — | — | An issue was discovered in Xen through 4.13.x, allowing guest OS users to cause a denial of service because of a bad error path in GNTTABOP_map_grant. Grant table operations are expected to return 0 … | |||
| CVE-2020-25596 | unknown | — | — | — | An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. O… | |||
| CVE-2020-25601 | unknown | — | — | — | An issue was discovered in Xen through 4.14.x. There is a lack of preemption in evtchn_reset() / evtchn_destroy(). In particular, the FIFO event channel model allows guests to have a large number of … | |||
| CVE-2020-26955 | unknown | — | — | — | When a user downloaded a file in Firefox for Android, if a cookie is set, it would have been re-sent during a subsequent file download operation on the same domain, regardless of whether the original… | |||
| CVE-2020-5235 | unknown | — | — | — | There is a potentially exploitable out of memory condition In Nanopb before 0.4.1, 0.3.9.5, and 0.2.9.4. When nanopb is compiled with PB_ENABLE_MALLOC, the message to be decoded contains a repeated s… | |||
| CVE-2020-6830 | unknown | — | — | — | For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code can't call the bridging functions. That token was being used for JS-to-native also, but it isn't need… | |||
| CVE-2020-16143 | unknown | — | — | — | The seafile-client client 7.0.8 for Seafile is vulnerable to DLL hijacking because it loads exchndl.dll from the current working directory. | |||
| CVE-2020-23914 | unknown | — | — | — | An issue was discovered in cpp-peglib through v0.1.12. A NULL pointer dereference exists in the peg::AstOptimizer::optimize() located in peglib.h. It allows an attacker to cause Denial of Service. | |||
| CVE-2020-6098 | unknown | — | — | — | An exploitable denial of service vulnerability exists in the freeDiameter functionality of freeDiameter 1.3.2. A specially crafted Diameter request can trigger a memory corruption resulting in denial… | |||
| CVE-2020-6630 | unknown | — | — | — | An issue was discovered in GPAC version 0.8.0. There is a NULL pointer dereference in the function gf_isom_get_media_data_size() in isomedia/isom_read.c. | |||
| CVE-2020-21428 | unknown | — | — | — | Buffer Overflow vulnerability in function LoadRGB in PluginDDS.cpp in FreeImage 3.18.0 allows remote attackers to run arbitrary code and cause other impacts via crafted image file. | |||
| CVE-2020-21048 | unknown | — | — | — | An issue in the dither.c component of libsixel prior to v1.8.4 allows attackers to cause a denial of service (DOS) via a crafted PNG file. | |||
| CVE-2020-36308 | unknown | — | — | — | Redmine before 4.0.7 and 4.1.x before 4.1.1 allows attackers to discover the subject of a non-visible issue by performing a CSV export and reading time entries. | |||
| CVE-2020-9308 | unknown | — | — | — | archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an invalid or corrupted header (such as a header size of zero), leading to a SIGSEGV or possibly unsp… | |||
| CVE-2020-5967 | unknown | — | — | — | NVIDIA Linux GPU Display Driver, all versions, contains a vulnerability in the UVM driver, in which a race condition may lead to a denial of service. | |||
| CVE-2020-27304 | unknown | — | — | — | The CivetWeb web library does not validate uploaded filepaths when running on an OS other than Windows, when using the built-in HTTP form-based file upload mechanism, via the mg_handle_form_request A… | |||
| CVE-2020-25269 | unknown | — | — | — | An issue was discovered in InspIRCd 2 before 2.0.29 and 3 before 3.6.0. The pgsql module contains a use after free vulnerability. When combined with the sqlauth or sqloper modules, this vulnerability… | |||
| CVE-2020-11709 | unknown | — | — | — | cpp-httplib through 0.5.8 does not filter \r\n in parameters passed into the set_redirect and set_header functions, which creates possibilities for CRLF injection and HTTP response splitting in some … | |||
| CVE-2020-11558 | unknown | — | — | — | An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. audio_sample_entry_Read in isomedia/box_code_base.c does not properly decide when to make gf_isom_box_del calls. This le… | |||
| CVE-2020-10592 | unknown | — | — | — | Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (CPU consumption), aka TROVE-2020-002. | |||
| CVE-2020-2689 | unknown | — | — | — | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily expl… | |||
| CVE-2020-2726 | unknown | — | — | — | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult t… | |||
| CVE-2020-14152 | unknown | — | — | — | In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption. | |||
| CVE-2020-0550 | unknown | — | — | — | ||||
| CVE-2020-20894 | unknown | — | — | — | ||||
| CVE-2020-8620 | unknown | — | — | — | In BIND 9.15.6 -> 9.16.5, 9.17.0 -> 9.17.3, An attacker who can establish a TCP connection with the server and send data on that connection can exploit this to trigger the assertion failure, causing … | |||
| CVE-2020-27545 | unknown | — | — | — | libdwarf before 20201017 has a one-byte out-of-bounds read because of an invalid pointer dereference via an invalid line table in a crafted object. | |||
| CVE-2020-35471 | unknown | — | — | — | ||||
| CVE-2020-20898 | unknown | — | — | — | Integer Overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts. | |||
| CVE-2020-13817 | unknown | — | — | — | ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed pack… | |||
| CVE-2020-5963 | unknown | — | — | — | NVIDIA Windows GPU Display Driver, all versions, contains a vulnerability in the Inter Process Communication APIs, in which improper access control may lead to code execution, denial of service, or i… | |||
| CVE-2020-22935 | unknown | — | — | — | ||||
| CVE-2020-24240 | unknown | — | — | — | GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input,… | |||
| CVE-2020-8028 | unknown | — | — | — | ||||
| CVE-2020-12801 | unknown | — | — | — | If LibreOffice has an encrypted document open and crashes, that document is auto-saved encrypted. On restart, LibreOffice offers to restore the document and prompts for the password to decrypt it. If… | |||
| CVE-2020-8030 | unknown | — | — | — | ||||
| CVE-2020-35494 | unknown | — | — | — | There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to… | |||
| CVE-2020-19188 | unknown | — | — | — | Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command. | |||
| CVE-2020-16155 | unknown | — | — | — | The CPAN::Checksums package 2.12 for Perl does not uniquely define signed data. | |||
| CVE-2020-25603 | unknown | — | — | — | An issue was discovered in Xen through 4.14.x. There are missing memory barriers when accessing/allocating an event channel. Event channels control structures can be accessed lockless as long as the … | |||
| CVE-2020-25595 | unknown | — | — | — | An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back f… |