Lista CVE - 2020 / Agosto
Visualizzazione 301 - 400 di 1160 CVE per Agosto 2020 (Pagina 4 di 12)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2020-13278 | 2020-08-12 | Reflected Cross-Site Scripting vulnerability in Modules.php in RosarioSIS Student Information System < 6.5.1 allows remote attackers to execute arbitrary web script via embedding javascript or HTML tags in a GET... |
| CVE-2020-13288 | 2020-08-12 | In GitLab before 13.0.12, 13.1.6, and 13.2.3, a stored XSS vulnerability exists in the CI/CD Jobs page |
| CVE-2020-13291 | 2020-08-12 | In GitLab before 13.2.3, project sharing could temporarily allow too permissive access. |
| CVE-2020-13290 | 2020-08-12 | In GitLab before 13.0.12, 13.1.6, and 13.2.3, improper access control was used on the Applications page |
| CVE-2020-12100 | 2020-08-12 | In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply nested... |
| CVE-2020-17497 | 2020-08-12 | eapol.c in iNet wireless daemon (IWD) through 1.8 allows attackers to trigger a PTK reinstallation by retransmitting EAPOL Msg4/4. |
| CVE-2020-12673 | 2020-08-12 | In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read. |
| CVE-2020-12674 | 2020-08-12 | In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled. |
| CVE-2020-17446 | 2020-08-12 | asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary code (on a database client) via a crafted server response, because of access to an... |
| CVE-2020-6653 | 2020-08-12 | Sensitive date stored in logcat file |
| CVE-2020-15137 | 2020-08-12 | Integer overflow in HoRNDIS |
| CVE-2020-17506 | 2020-08-12 | Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php. |
| CVE-2020-17505 | 2020-08-12 | Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via service_cmds_peform. |
| CVE-2020-5415 | 2020-08-12 | Concourse's GitLab auth allows impersonation |
| CVE-2020-2035 | 2020-08-12 | PAN-OS: URL filtering policy is not enforced on TLS handshakes for decrypted HTTPS sessions |
| CVE-2020-7374 | 2020-08-12 | Documalis Free PDF Editor / Free PDF Scanner Stack Based Buffer Overflow |
| CVE-2020-17360 | 2020-08-12 | An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these... |
| CVE-2020-17361 | 2020-08-12 | An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h returns silently when a negative length is provided (instead of throwing an exception). This could result... |
| CVE-2020-17507 | 2020-08-12 | An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body in gui/image/qxbmhandler.cpp has a buffer over-read. |
| CVE-2020-12106 | 2020-08-12 | The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the... |
| CVE-2020-12107 | 2020-08-12 | The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command injection via a text field, which allow full control over this module's Operating System. |
| CVE-2020-8904 | 2020-08-12 | Arbitrary trusted memory overwrite vulnerability in Asylo |
| CVE-2020-8905 | 2020-08-12 | Confidential Information Disclosure vulnerability in Asylo |
| CVE-2020-16137 | 2020-08-12 | A privilege escalation issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to reset the credentials for the SSH administrative console to arbitrary values. Note: We... |
| CVE-2020-16138 | 2020-08-12 | A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this... |
| CVE-2020-16139 | 2020-08-12 | A denial-of-service in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers restart the device remotely through sending specially crafted packets. Note: We cannot prove this vulnerability exists.... |
| CVE-2020-17362 | 2020-08-12 | search.php in the Nova Lite theme before 1.3.9 for WordPress allows Reflected XSS. |
| CVE-2020-15868 | 2020-08-12 | Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control. |
| CVE-2020-15596 | 2020-08-12 | The ALPS ALPINE touchpad driver before 8.2206.1717.634, as used on various Dell, HP, and Lenovo laptops, allows attackers to conduct Path Disclosure attacks via a "fake" DLL file. |
| CVE-2020-17449 | 2020-08-12 | PHP-Fusion 9.03 allows XSS via the error_log file. |
| CVE-2020-17450 | 2020-08-12 | PHP-Fusion 9.03 allows XSS on the preview page. |
| CVE-2020-7300 | 2020-08-12 | DLP ePO extension - Improper Authorization |
| CVE-2020-7301 | 2020-08-12 | DLP ePO extension - Cross site scripting |
| CVE-2020-16287 | 2020-08-13 | A buffer overflow vulnerability in lprn_is_black() in contrib/lips4/gdevlprn.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is... |
| CVE-2020-16288 | 2020-08-13 | A buffer overflow vulnerability in pj_common_print_page() in devices/gdevpjet.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is... |
| CVE-2020-16289 | 2020-08-13 | A buffer overflow vulnerability in cif_print_page() in devices/gdevcif.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is... |
| CVE-2020-16290 | 2020-08-13 | A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is... |
| CVE-2020-16291 | 2020-08-13 | A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is... |
| CVE-2020-16292 | 2020-08-13 | A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is... |
| CVE-2020-16293 | 2020-08-13 | A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This... |
| CVE-2020-16294 | 2020-08-13 | A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is... |
| CVE-2020-16295 | 2020-08-13 | A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This... |
| CVE-2020-16296 | 2020-08-13 | A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF... |
| CVE-2019-14630 | 2020-08-13 | Reliance on untrusted inputs in a security decision in some Intel(R) Thunderbolt(TM) controllers may allow unauthenticated user to potentially enable information disclosure via physical access. |
| CVE-2020-16297 | 2020-08-13 | A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file.... |
| CVE-2020-16298 | 2020-08-13 | A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is... |
| CVE-2020-16299 | 2020-08-13 | A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This... |
| CVE-2020-16300 | 2020-08-13 | A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is... |
| CVE-2020-16301 | 2020-08-13 | A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is... |
| CVE-2020-16302 | 2020-08-13 | A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51. |
| CVE-2020-16303 | 2020-08-13 | A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51. |
| CVE-2020-16304 | 2020-08-13 | A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed... |
| CVE-2020-16305 | 2020-08-13 | A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is... |
| CVE-2020-16306 | 2020-08-13 | A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed... |
| CVE-2020-8759 | 2020-08-13 | Improper access control in the installer for Intel(R) SSD DCT versions before 3.0.23 may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2020-16307 | 2020-08-13 | A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This... |
| CVE-2020-16308 | 2020-08-13 | A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is... |
| CVE-2020-16309 | 2020-08-13 | A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is... |
| CVE-2020-16310 | 2020-08-13 | A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This... |
| CVE-2020-17538 | 2020-08-13 | A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript from v9.18 to v9.50 allows a remote attacker to cause a denial of service via a crafted PDF... |
| CVE-2020-12287 | 2020-08-13 | Incorrect permissions in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2020.2 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-8763 | 2020-08-13 | Improper permissions in the installer for the Intel(R) RealSense(TM) D400 Series UWP driver for Windows* 10 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-8743 | 2020-08-13 | Improper permissions in the installer for the Intel(R) Mailbox Interface driver, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-8742 | 2020-08-13 | Improper input validation in the firmware for Intel(R) NUCs may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2020-8736 | 2020-08-13 | Improper access control in subsystem for the Intel(R) Computing Improvement Program before version 2.4.5718 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-8733 | 2020-08-13 | Improper buffer restrictions in the firmware for Intel(R) Server Board M10JNP2SB before version 7.210 may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2020-8708 | 2020-08-13 | Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. |
| CVE-2020-8730 | 2020-08-13 | Heap-based overflow for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-8731 | 2020-08-13 | Incorrect execution-assigned permissions in the file system for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of... |
| CVE-2020-8707 | 2020-08-13 | Buffer overflow in daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent... |
| CVE-2020-8719 | 2020-08-13 | Buffer overflow in subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local... |
| CVE-2020-8721 | 2020-08-13 | Improper input validation for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via local access. |
| CVE-2020-8710 | 2020-08-13 | Buffer overflow in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege via... |
| CVE-2020-8711 | 2020-08-13 | Improper access control in the bootloader for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow a privileged user to potentially enable escalation of privilege... |
| CVE-2020-8712 | 2020-08-13 | Buffer overflow in a verification process for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an authenticated user to potentially enable escalation of privilege... |
| CVE-2020-8718 | 2020-08-13 | Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via... |
| CVE-2020-7302 | 2020-08-13 | DLP ePO extension - Unrestricted Upload of File with Dangerous Type |
| CVE-2020-8722 | 2020-08-13 | Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable escalation of privilege via... |
| CVE-2020-8732 | 2020-08-13 | Heap-based buffer overflow in the firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege... |
| CVE-2020-8709 | 2020-08-13 | Improper authentication in socket services for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.45 may allow an unauthenticated user to potentially enable escalation of privilege via... |
| CVE-2020-8723 | 2020-08-13 | Cross-site scripting for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. |
| CVE-2020-8713 | 2020-08-13 | Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. |
| CVE-2020-7303 | 2020-08-13 | DLP ePO extension - Cross-site scripting |
| CVE-2020-8706 | 2020-08-13 | Buffer overflow in a daemon for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable escalation of privilege via... |
| CVE-2020-8729 | 2020-08-13 | Buffer copy without checking size of input for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of... |
| CVE-2020-8715 | 2020-08-13 | Invalid pointer for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an unauthenticated user to potentially enable denial of service via local access. |
| CVE-2020-8716 | 2020-08-13 | Improper access control for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service via local access. |
| CVE-2020-8714 | 2020-08-13 | Improper authentication for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-7304 | 2020-08-13 | DLP ePO extension - Cross-site request forgery |
| CVE-2020-8717 | 2020-08-13 | Improper input validation in a subsystem for some Intel Server Boards, Server Systems and Compute Modules before version 1.59 may allow an authenticated user to potentially enable denial of service... |
| CVE-2020-7305 | 2020-08-13 | DLP ePO extension - Privilege escalation |
| CVE-2020-7306 | 2020-08-13 | DLP for Mac - Unprotected Storage of Credentials |
| CVE-2020-8720 | 2020-08-13 | Buffer overflow in a subsystem for some Intel(R) Server Boards, Server Systems and Compute Modules before version 1.59 may allow a privileged user to potentially enable denial of service via... |
| CVE-2020-8689 | 2020-08-13 | Improper buffer restrictions in the Intel(R) Wireless for Open Source before version 1.5 may allow an unauthenticated user to potentially enable denial of service via adjacent access. |
| CVE-2020-8688 | 2020-08-13 | Improper input validation in the Intel(R) RAID Web Console 3 for Windows* may allow an unauthenticated user to potentially enable denial of service via network access. |
| CVE-2020-8687 | 2020-08-13 | Uncontrolled search path in the installer for Intel(R) RSTe Software RAID Driver for the Intel(R) Server Board M10JNP2SB before version 4.7.0.1119 may allow an authenticated user to potentially enable escalation... |
| CVE-2020-8685 | 2020-08-13 | Improper authentication in subsystem for Intel (R) LED Manager for NUC before version 1.2.3 may allow privileged user to potentially enable denial of service via local access. |
| CVE-2020-8684 | 2020-08-13 | Improper access control in firmware for Intel(R) PAC with Arria(R) 10 GX FPGA before Intel Acceleration Stack version 1.2.1 may allow a privileged user to potentially enable escalation of privilege... |
| CVE-2020-0510 | 2020-08-13 | Out of bounds read in some Intel(R) Graphics Drivers before versions 15.45.31.5127 and 15.40.45.5126 may allow an authenticated user to potentially enable escalation of privilege via local access. |
| CVE-2020-0513 | 2020-08-13 | Out of bounds write for some Intel(R) Graphics Drivers before version 15.33.50.5129 may allow an authenticated user to potentially enable escalation of privilege via local access. |