Lista CVE - 2020 / Ottobre
Visualizzazione 101 - 200 di 1594 CVE per Ottobre 2020 (Pagina 2 di 16)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2020-12676 | 2020-10-02 | FusionAuth fusionauth-samlv2 0.2.3 allows remote attackers to forge messages and bypass authentication via a SAML assertion that lacks a Signature element, aka a "Signature exclusion attack". |
| CVE-2020-15232 | 2020-10-02 | XML External Entity attack in mapfish-print |
| CVE-2020-26525 | 2020-10-02 | Damstra Smart Asset 2020.7 has SQL injection via the API/api/Asset originator parameter. This allows forcing the database and server to initiate remote connections to third party DNS servers. |
| CVE-2020-26526 | 2020-10-02 | An issue was discovered in Damstra Smart Asset 2020.7. It is possible to enumerate valid usernames on the login page. The application sends a different server response when the username... |
| CVE-2020-26527 | 2020-10-02 | An issue was discovered in API/api/Version in Damstra Smart Asset 2020.7. Cross-origin resource sharing trusts random origins by accepting the arbitrary 'Origin: example.com' header and responding with 200 OK and... |
| CVE-2020-15234 | 2020-10-02 | Redirect URL matching ignores character casing |
| CVE-2020-15233 | 2020-10-02 | OAuth2 Redirect URL validity does not respect query parameters and character casing for loopback addresses |
| CVE-2020-5983 | 2020-10-02 | NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin and the host driver kernel module, in which the potential exists to write to a memory location that is... |
| CVE-2020-5984 | 2020-10-02 | NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which it may have the use-after-free vulnerability while freeing some resources, which may lead to denial of service,... |
| CVE-2020-5985 | 2020-10-02 | NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data length is not validated, which may lead to tampering or denial of service. This... |
| CVE-2020-5986 | 2020-10-02 | NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which an input data size is not validated, which may lead to tampering or denial of service. This... |
| CVE-2020-5987 | 2020-10-02 | NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin in which guest-supplied parameters remain writable by the guest after the plugin has validated them, which may lead to... |
| CVE-2020-5988 | 2020-10-02 | NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This... |
| CVE-2020-5989 | 2020-10-02 | NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which it can dereference a NULL pointer, which may lead to denial of service. This affects vGPU version... |
| CVE-2020-25776 | 2020-10-02 | Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their... |
| CVE-2017-18924 | 2020-10-04 | oauth2-server (aka node-oauth2-server) through 3.1.1 implements OAuth 2.0 without PKCE. It does not prevent authorization code injection. This is similar to CVE-2020-7692. NOTE: the vendor states 'As RFC7636 is an... |
| CVE-2020-7709 | 2020-10-05 | Prototype Pollution |
| CVE-2020-26166 | 2020-10-05 | The file upload functionality in qdPM 9.1 doesn't check the file description, which allows remote authenticated attackers to inject web script or HTML via the attachments info parameter, aka XSS.... |
| CVE-2020-25636 | 2020-10-05 | A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket,... |
| CVE-2020-8228 | 2020-10-05 | A missing rate limit in the Preferred Providers app 1.7.0 allowed an attacker to set the password an uncontrolled amount of times. |
| CVE-2020-8235 | 2020-10-05 | Missing access control in Nextcloud Deck 1.0.4 caused an insecure direct object reference allowing an attacker to view all attachments. |
| CVE-2020-8223 | 2020-10-05 | A logic error in Nextcloud Server 19.0.0 caused a privilege escalation allowing malicious users to reshare with higher permissions than they got assigned themselves. |
| CVE-2020-8182 | 2020-10-05 | Improper access control in Nextcloud Deck 0.8.0 allowed an attacker to reshare boards shared with them with more permissions than they had themselves. |
| CVE-2020-25635 | 2020-10-05 | A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket... |
| CVE-2020-4493 | 2020-10-05 | IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow an attacker to bypass authentication and issue commands using a specially crafted HTTP command. IBM X-Force ID: 181995. |
| CVE-2020-26061 | 2020-10-05 | ClickStudios Passwordstate Password Reset Portal prior to build 8501 is affected by an authentication bypass vulnerability. The ResetPassword function does not validate whether the user has successfully authenticated using security... |
| CVE-2019-14557 | 2020-10-05 | Buffer overflow in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable elevation of... |
| CVE-2020-12302 | 2020-10-05 | Improper permissions in the Intel(R) Driver & Support Assistant before version 20.7.26.7 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2019-14558 | 2020-10-05 | Insufficient control flow management in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable... |
| CVE-2020-8671 | 2020-10-05 | Insufficient control flow management in BIOS firmware 8th, 9th Generation Intel(R) Core(TM) Processors and Intel(R) Celeron(R) Processor 4000 Series may allow an authenticated user to potentially enable information disclosure via... |
| CVE-2019-14556 | 2020-10-05 | Improper initialization in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow a privileged user to potentially enable denial of... |
| CVE-2020-0571 | 2020-10-05 | Improper conditions check in BIOS firmware for 8th Generation Intel(R) Core(TM) Processors and Intel(R) Pentium(R) Silver Processor Series may allow an authenticated user to potentially enable information disclosure via local... |
| CVE-2020-26048 | 2020-10-05 | The file manager option in CuppaCMS before 2019-11-12 allows an authenticated attacker to upload a malicious file within an image extension and through a custom request using the rename function... |
| CVE-2020-6875 | 2020-10-05 | A ZTE product is impacted by the improper access control vulnerability. Due to lack of an authentication protection mechanism in the program, attackers could use this vulnerability to gain access... |
| CVE-2020-15236 | 2020-10-05 | Directory Traversal in Wiki.js |
| CVE-2020-15235 | 2020-10-05 | Sensitive data exposure in RACTF |
| CVE-2020-24231 | 2020-10-05 | Symmetric DS <3.12.0 uses mx4j to provide access to JMX over HTTP. mx4j, by default, has no auth and is available on all interfaces. An attacker can interact with JMX:... |
| CVE-2020-16226 | 2020-10-05 | Mitsubishi Electric Multiple Products |
| CVE-2020-15237 | 2020-10-05 | Timing attack in Shrine |
| CVE-2020-25613 | 2020-10-06 | An issue was discovered in Ruby through 2.5.8, 2.6.x through 2.6.6, and 2.7.x through 2.7.1. WEBrick, a simple HTTP server bundled with Ruby, had not checked the transfer-encoding header value... |
| CVE-2020-25637 | 2020-10-06 | A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This... |
| CVE-2020-25643 | 2020-10-06 | A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the... |
| CVE-2020-25644 | 2020-10-06 | A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to... |
| CVE-2020-26572 | 2020-10-06 | The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher. |
| CVE-2020-26571 | 2020-10-06 | The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init. |
| CVE-2020-26570 | 2020-10-06 | The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file. |
| CVE-2020-5631 | 2020-10-06 | Stored cross-site scripting vulnerability in CMONOS.JP ver2.0.20191009 and earlier allows remote attackers to inject arbitrary script via unspecified vectors. |
| CVE-2020-5632 | 2020-10-06 | InfoCage SiteShell series (Host type SiteShell for IIS V1.4, V1.5, and V1.6, Host type SiteShell for IIS prior to revision V2.0.0.6, V2.1.0.7, V2.1.1.6, V3.0.0.11, V4.0.0.6, V4.1.0.5, and V4.2.0.1, Host type... |
| CVE-2020-5634 | 2020-10-06 | ELECOM LAN routers (WRC-2533GST2 firmware versions prior to v1.14, WRC-1900GST2 firmware versions prior to v1.14, WRC-1750GST2 firmware versions prior to v1.14, and WRC-1167GST2 firmware versions prior to v1.10) allow an... |
| CVE-1999-0199 | 2020-10-06 | manual/search.texi in the GNU C Library (aka glibc) before 2.2 lacks a statement about the unspecified tdelete return value upon deletion of a tree's root, which might allow attackers to... |
| CVE-2020-25987 | 2020-10-06 | MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml file in the source files for MonoCMS Blog. Hash type is bcrypt and hashcat mode 3200 can be used to... |
| CVE-2020-25986 | 2020-10-06 | A Cross Site Request Forgery (CSRF) vulnerability in MonoCMS Blog 1.0 allows attackers to change the password of a user. |
| CVE-2020-23832 | 2020-10-06 | A Persistent Cross-Site Scripting (XSS) vulnerability in message_admin.php in Projectworlds Car Rental Management System v1.0 allows unauthenticated remote attackers to harvest an admin login session cookie and steal an admin... |
| CVE-2020-24214 | 2020-10-06 | An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can send a crafted unauthenticated RTSP request to cause a buffer overflow and application crash.... |
| CVE-2020-24215 | 2020-10-06 | An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. Attackers can use hard-coded credentials in HTTP requests to perform any administrative task on the device... |
| CVE-2020-24216 | 2020-10-06 | An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. When the administrator configures a secret URL for RTSP streaming, the stream is still available via... |
| CVE-2020-24217 | 2020-10-06 | An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. The file-upload endpoint does not enforce authentication. Attackers can send an unauthenticated HTTP request to upload... |
| CVE-2020-24218 | 2020-10-06 | An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can log in as root via the password that is hard-coded in the executable file. |
| CVE-2020-24219 | 2020-10-06 | An issue was discovered on URayTech IPTV/H.264/H.265 video encoders through 1.97. Attackers can send crafted unauthenticated HTTP requests to exploit path traversal and pattern-matching programming flaws, and retrieve any file... |
| CVE-2020-25641 | 2020-10-06 | A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter... |
| CVE-2020-15598 | 2020-10-06 | Trustwave ModSecurity 3.x through 3.0.4 allows denial of service via a special request. NOTE: The discoverer reports "Trustwave has signaled they are disputing our claims." The CVE suggests that there... |
| CVE-2020-7465 | 2020-10-06 | The L2TP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted L2TP control packet with AVP Q.931 Cause Code to execute arbitrary code or cause... |
| CVE-2020-7466 | 2020-10-06 | The PPP implementation of MPD before 5.9 allows a remote attacker who can send specifically crafted PPP authentication message to cause the daemon to read beyond allocated memory buffer, which... |
| CVE-2020-8781 | 2020-10-06 | Lack of input sanitization in UpdateRebootMgr service of ALEOS 4.11 and later allow an escalation to root from a low-privilege process. |
| CVE-2020-8782 | 2020-10-06 | ALEOS LAN-Side RPC Service Remote Code Execution |
| CVE-2020-25802 | 2020-10-06 | Authenticated attackers with developer privileges in Crafter Studio may execute OS commands via Groovy scripting. |
| CVE-2020-25743 | 2020-10-06 | hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call. |
| CVE-2020-25742 | 2020-10-06 | pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer. |
| CVE-2020-25803 | 2020-10-06 | Authenticated attackers with developer privileges in Crafter Studio may execute OS commands via deep inspection of FreeMarker template exposed objects. |
| CVE-2019-19200 | 2020-10-06 | REDDOXX MailDepot 2032 2.2.1242 allows authenticated users to access the mailboxes of other users. |
| CVE-2020-7741 | 2020-10-06 | Cross-site Scripting (XSS) |
| CVE-2020-26574 | 2020-10-06 | Leostream Connection Broker 8.2.x is affected by stored XSS. An unauthenticated attacker can inject arbitrary JavaScript code via the webquery.pl User-Agent HTTP header. It is rendered by the admins the... |
| CVE-2020-25862 | 2020-10-06 | In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF... |
| CVE-2020-25866 | 2020-10-06 | In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was... |
| CVE-2020-25863 | 2020-10-06 | In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME... |
| CVE-2020-26575 | 2020-10-06 | In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement. |
| CVE-2020-7739 | 2020-10-06 | Server-side Request Forgery (SSRF) |
| CVE-2020-26582 | 2020-10-06 | D-Link DAP-1360U before 3.0.1 devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the IP JSON value for ping (aka res_config_action=3&res_config_id=18). |
| CVE-2019-4725 | 2020-10-06 | IBM Security Access Manager Appliance 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially... |
| CVE-2020-4528 | 2020-10-06 | IBM MQ Appliance (IBM DataPower Gateway 10.0.0.0 and 2018.4.1.0 through 2018.4.1.12) could allow a local user, under special conditions, to obtain highly sensitive information from log files. IBM X-Force ID:... |
| CVE-2020-7740 | 2020-10-06 | Server-side Request Forgery (SSRF) |
| CVE-2020-24807 | 2020-10-06 | The socket.io-file package through 2.0.31 for Node.js relies on client-side validation of file types, which allows remote attackers to execute arbitrary code by uploading an executable file via a modified... |
| CVE-2019-4325 | 2020-10-06 | "HCL AppScan Enterprise makes use of broken or risky cryptographic algorithm to store REST API user details." |
| CVE-2019-4326 | 2020-10-06 | "HCL AppScan Enterprise security rules update administration section of the web application console is missing HTTP Strict-Transport-Security Header." |
| CVE-2020-15174 | 2020-10-06 | Unpreventable top-level navigation in Electron |
| CVE-2020-1901 | 2020-10-06 | Receiving a large text message containing URLs in WhatsApp for iOS prior to v2.20.91.4 could have caused the application to freeze while processing the message. |
| CVE-2020-1902 | 2020-10-06 | A user running a quick search on a highly forwarded message on WhatsApp for Android from v2.20.108 to v2.20.140 or WhatsApp Business for Android from v2.20.35 to v2.20.49 could have... |
| CVE-2020-1903 | 2020-10-06 | An issue when unzipping docx, pptx, and xlsx documents in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have resulted in an out-of-memory... |
| CVE-2020-1904 | 2020-10-06 | A path validation issue in WhatsApp for iOS prior to v2.20.61 and WhatsApp Business for iOS prior to v2.20.61 could have allowed for directory traversal overwriting files when sending specially... |
| CVE-2020-1905 | 2020-10-06 | Media ContentProvider URIs used for opening attachments in other apps were generated sequentially prior to WhatsApp for Android v2.20.185, which could have allowed a malicious third party app chosen to... |
| CVE-2020-1906 | 2020-10-06 | A buffer overflow in WhatsApp for Android prior to v2.20.130 and WhatsApp Business for Android prior to v2.20.46 could have allowed an out-of-bounds write when processing malformed local videos with... |
| CVE-2020-1907 | 2020-10-06 | A stack overflow in WhatsApp for Android prior to v2.20.196.16, WhatsApp Business for Android prior to v2.20.196.12, WhatsApp for iOS prior to v2.20.90, WhatsApp Business for iOS prior to v2.20.90,... |
| CVE-2020-15215 | 2020-10-06 | Context isolation bypass in Electron |
| CVE-2020-26598 | 2020-10-06 | An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, and 9.0 software. The Network Management component could allow an unauthorized actor to kill a TCP connection.... |
| CVE-2020-26597 | 2020-10-06 | An issue was discovered on LG mobile devices with Android OS 9.0 and 10 software. The Wi-Fi subsystem has incorrect input validation, leading to a crash. The LG ID is... |
| CVE-2020-13343 | 2020-10-06 | An issue has been discovered in GitLab affecting all versions starting from 11.2. Unauthorized Users Can View Custom Project Template |
| CVE-2020-13345 | 2020-10-06 | An issue has been discovered in GitLab affecting all versions starting from 10.8. Reflected XSS on Multiple Routes |
| CVE-2020-13333 | 2020-10-06 | A potential DOS vulnerability was discovered in GitLab versions 13.1, 13.2 and 13.3. The api to update an asset as a link from a release had a regex check which... |
| CVE-2020-15239 | 2020-10-06 | Directory Traversal in xmpp-http-upload |
| CVE-2020-26599 | 2020-10-06 | An issue was discovered on Samsung mobile devices with Q(10.0) software. The DynamicLockscreen Terms and Conditions can be accepted without authentication. The Samsung ID is SVE-2020-17079 (October 2020). |