| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2020-25065 |
203 |
|
|
2020-08-31 |
2020-09-01 |
7.8 |
None |
Remote |
Low |
Not required |
Complete |
None |
None |
|
An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. Key logging may occur because of an obsolete API. The LG ID is LVE-SMP-170010 (August 2020). |
|
2 |
CVE-2020-25064 |
|
|
|
2020-08-31 |
2020-09-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An issue was discovered on LG mobile devices with Android OS 4.4, 5.0, 5.1, 6.0, 7.0, 7.1, 8.0, 8.1, 9.0, and 10 software. Certain automated testing is mishandled. The LG ID is LVE-SMP-200019 (August 2020). |
|
3 |
CVE-2020-25063 |
20 |
|
|
2020-08-31 |
2020-09-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. An application crash can occur because of incorrect application-level input validation. The LG ID is LVE-SMP-200018 (July 2020). |
|
4 |
CVE-2020-25062 |
269 |
|
Bypass |
2020-08-31 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered on LG mobile devices with Android OS 9 and 10 software. LGTelephonyProvider allows a bypass of intended privilege restrictions. The LG ID is LVE-SMP-200017 (July 2020). |
|
5 |
CVE-2020-25061 |
|
|
|
2020-08-31 |
2020-09-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered on LG mobile devices with Android OS 9 and 10 software on the VZW network. lge_property allows property overwrites. The LG ID is LVE-SMP-200016 (July 2020). |
|
6 |
CVE-2020-25059 |
20 |
|
|
2020-08-31 |
2020-09-01 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A service crash may occur because of incorrect input validation. The LG ID is LVE-SMP-200013 (July 2020). |
|
7 |
CVE-2020-25058 |
|
|
|
2020-08-31 |
2020-09-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9, and 10 software. The network_management service does not properly restrict configuration changes. The LG ID is LVE-SMP-200012 (July 2020). |
|
8 |
CVE-2020-25057 |
|
|
|
2020-08-31 |
2020-09-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered on LG mobile devices with Android OS 10 software. MDMService does not properly restrict APK installations. The LG ID is LVE-SMP-200011 (July 2020). |
|
9 |
CVE-2020-25056 |
754 |
|
|
2020-08-31 |
2020-09-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An issue was discovered on Samsung mobile devices with Q(10.0) (Galaxy S20) software. Because HAL improperly checks versions, bootloading by the S.LSI NFC chipset is mishandled. The Samsung ID is SVE-2020-16169 (August 2020). |
|
10 |
CVE-2020-25055 |
863 |
|
Bypass |
2020-08-31 |
2020-09-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The persona service allows attackers (who control an unprivileged SecureFolder process) to bypass admin restrictions in KnoxContainer. The Samsung ID is SVE-2020-18133 (August 2020). |
|
11 |
CVE-2020-25054 |
20 |
|
|
2020-08-31 |
2021-07-21 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 (August 2020). |
|
12 |
CVE-2020-25053 |
|
|
Exec Code |
2020-08-31 |
2020-09-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. RKP allows arbitrary code execution. The Samsung ID is SVE-2020-17435 (August 2020). |
|
13 |
CVE-2020-25052 |
20 |
|
DoS Exec Code Mem. Corr. |
2020-08-31 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered on Samsung mobile devices with Q(10.0) (exynos9830 chipsets) software. H-Arx allows attackers to execute arbitrary code or cause a denial of service (memory corruption) because indexes are mishandled. The Samsung ID is SVE-2020-17426 (August 2020). |
|
14 |
CVE-2020-25051 |
|
|
Bypass |
2020-08-31 |
2020-09-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. Attackers can bypass Factory Reset Protection (FRP) via AppInfo. The Samsung ID is SVE-2020-17758 (August 2020). |
|
15 |
CVE-2020-25050 |
|
|
+Info |
2020-08-31 |
2020-09-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. The CMC service allows attackers to obtain sensitive information. The Samsung ID is SVE-2020-17288 (August 2020). |
|
16 |
CVE-2020-25049 |
863 |
|
|
2020-08-31 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. StatusBarService has insufficient DEX access control. The Samsung ID is SVE-2020-17797 (August 2020). |
|
17 |
CVE-2020-25032 |
22 |
|
Dir. Trav. |
2020-08-31 |
2022-04-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format. |
|
18 |
CVE-2020-25031 |
59 |
|
|
2020-08-31 |
2020-09-04 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
checkinstall 1.6.2, when used to create a package that contains a symlink, may trigger the creation of a mode 0777 executable file. |
|
19 |
CVE-2020-25020 |
611 |
|
|
2020-08-29 |
2021-01-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
MPXJ through 8.1.3 allows XXE attacks. This affects the GanttProjectReader and PhoenixReader components. |
|
20 |
CVE-2020-25016 |
|
|
|
2020-08-29 |
2021-07-21 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
A safety violation was discovered in the rgb crate before 0.8.20 for Rust, leading to (for example) dereferencing of arbitrary pointers or disclosure of uninitialized memory. This occurs because structs can be treated as bytes for read and write operations. |
|
21 |
CVE-2020-24972 |
116 |
|
Exec Code |
2020-08-29 |
2020-10-28 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
The Kleopatra component before 3.1.12 (and before 20.07.80) for GnuPG allows remote attackers to execute arbitrary code because openpgp4fpr: URLs are supported without safe handling of command-line options. The Qt platformpluginpath command-line option can be used to load an arbitrary DLL. |
|
22 |
CVE-2020-24928 |
200 |
|
+Info |
2020-08-29 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
managers/socketManager.ts in PreMiD through 2.1.3 has a locally hosted socketio web server (port 3020) open to all origins, which allows attackers to obtain sensitive Discord user information. |
|
23 |
CVE-2020-24786 |
287 |
|
Bypass |
2020-08-31 |
2020-09-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in Zoho ManageEngine Exchange Reporter Plus before build number 5510, AD360 before build number 4228, ADSelfService Plus before build number 5817, DataSecurity Plus before build number 6033, RecoverManager Plus before build number 6017, EventLog Analyzer before build number 12136, ADAudit Plus before build number 6052, O365 Manager Plus before build number 4334, Cloud Security Plus before build number 4110, ADManager Plus before build number 7055, and Log360 before build number 5166. The remotely accessible Java servlet com.manageengine.ads.fw.servlet.UpdateProductDetails is prone to an authentication bypass. System integration properties can be modified and lead to full ManageEngine suite compromise. |
|
24 |
CVE-2020-24717 |
276 |
|
|
2020-08-27 |
2020-09-04 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
OpenZFS before 2.0.0-rc1, when used on FreeBSD, misinterprets group permissions as user permissions, as demonstrated by mode 0770 being equivalent to mode 0777. |
|
25 |
CVE-2020-24715 |
295 |
|
|
2020-08-27 |
2020-09-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, native Python code is used that lacks a comparison of the hostname to commonName and subjectAltName. |
|
26 |
CVE-2020-24714 |
295 |
|
|
2020-08-27 |
2020-09-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The Scalyr Agent before 2.1.10 has Missing SSL Certificate Validation because, in some circumstances, the openssl binary is called without the -verify_hostname option. |
|
27 |
CVE-2020-24705 |
|
|
|
2020-08-27 |
2020-09-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in certain WSO2 products. A valid Carbon Management Console session cookie may be sent to an attacker-controlled server if the victim submits a crafted Try It request, aka Session Hijacking. This affects API Manager through 3.1.0, API Manager Analytics 2.5.0, IS as Key Manager through 5.10.0, Identity Server through 5.10.0, Identity Server Analytics through 5.6.0, and IoT Server 3.1.0. |
|
28 |
CVE-2020-24703 |
|
|
|
2020-08-27 |
2020-09-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in certain WSO2 products. A valid Carbon Management Console session cookie may be sent to an attacker-controlled server if the victim submits a crafted Try It request, aka Session Hijacking. This affects API Manager 2.2.0, API Manager Analytics 2.2.0, API Microgateway 2.2.0, Data Analytics Server 3.2.0, Enterprise Integrator through 6.6.0, IS as Key Manager 5.5.0, Identity Server 5.5.0 and 5.8.0, Identity Server Analytics 5.5.0, and IoT Server 3.3.0 and 3.3.1. |
|
29 |
CVE-2020-24653 |
|
|
|
2020-08-26 |
2020-09-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
secure-store in Expo through 2.16.1 on iOS provides the insecure kSecAttrAccessibleAlwaysThisDeviceOnly policy when WHEN_UNLOCKED_THIS_DEVICE_ONLY is used. |
|
30 |
CVE-2020-24616 |
502 |
|
|
2020-08-25 |
2022-05-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP). |
|
31 |
CVE-2020-24614 |
862 |
|
Exec Code |
2020-08-25 |
2022-04-28 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository. |
|
32 |
CVE-2020-24606 |
20 |
|
DoS |
2020-08-24 |
2021-07-21 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF. |
|
33 |
CVE-2020-24598 |
601 |
|
|
2020-08-26 |
2020-08-28 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in Joomla! before 3.9.21. Lack of input validation in the vote feature of com_content leads to an open redirect. |
|
34 |
CVE-2020-24591 |
611 |
|
|
2020-08-21 |
2022-04-19 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
None |
Partial |
|
The Management Console in certain WSO2 products allows XXE attacks during EventReceiver updates. This affects API Manager through 3.0.0, API Manager Analytics 2.2.0 and 2.5.0, API Microgateway 2.2.0, Enterprise Integrator 6.2.0 and 6.3.0, and Identity Server Analytics through 5.6.0. |
|
35 |
CVE-2020-24590 |
776 |
|
|
2020-08-21 |
2020-08-27 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML Entity Expansion attacks. |
|
36 |
CVE-2020-24589 |
776 |
|
|
2020-08-21 |
2021-07-21 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
The Management Console in WSO2 API Manager through 3.1.0 and API Microgateway 2.2.0 allows XML External Entity injection (XXE) attacks. |
|
37 |
CVE-2020-24585 |
|
|
|
2020-08-21 |
2020-08-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An issue was discovered in the DTLS handshake implementation in wolfSSL before 4.5.0. Clear DTLS application_data messages in epoch 0 do not produce an out-of-order error. Instead, these messages are returned to the application. |
|
38 |
CVE-2020-24574 |
798 |
|
Exec Code |
2020-08-21 |
2022-04-29 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The client (aka GalaxyClientService.exe) in GOG GALAXY through 2.0.41 (as of 12:58 AM Eastern, 9/26/21) allows local privilege escalation from any authenticated user to SYSTEM by instructing the Windows service to execute arbitrary commands. This occurs because the attacker can inject a DLL into GalaxyClient.exe, defeating the TCP-based "trusted client" protection mechanism. |
|
39 |
CVE-2020-24572 |
78 |
|
Exec Code |
2020-08-24 |
2020-09-01 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
An issue was discovered in includes/webconsole.php in RaspAP 2.5. With authenticated access, an attacker can use a misconfigured (and virtually unrestricted) web console to attack the underlying OS (Raspberry Pi) running this software, and execute commands on the system (including ones for uploading of files and execution of code). |
|
40 |
CVE-2020-24571 |
22 |
|
Dir. Trav. |
2020-08-21 |
2020-08-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
NexusQA NexusDB before 4.50.23 allows the reading of files via ../ directory traversal. |
|
41 |
CVE-2020-24567 |
269 |
|
|
2020-08-21 |
2021-07-21 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
** DISPUTED ** voidtools Everything before 1.4.1 Beta Nightly 2020-08-18 allows privilege escalation via a Trojan horse urlmon.dll file in the installation directory. NOTE: this is only relevant if low-privileged users can write to the installation directory, which may be considered a site-specific configuration error. |
|
42 |
CVE-2020-24548 |
918 |
|
|
2020-08-26 |
2020-09-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Ericom Access Server 9.2.0 (for AccessNow and Ericom Blaze) allows SSRF to make outbound WebSocket connection requests on arbitrary TCP ports, and provides "Cannot connect to" error messages to inform the attacker about closed ports. |
|
43 |
CVE-2020-24372 |
125 |
|
|
2020-08-17 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in lj_err.c. |
|
44 |
CVE-2020-24371 |
763 |
|
|
2020-08-17 |
2020-09-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
lgc.c in Lua 5.4.0 mishandles the interaction between barriers and the sweep phase, leading to a memory access violation involving collectgarbage. |
|
45 |
CVE-2020-24370 |
191 |
|
Overflow |
2020-08-17 |
2020-09-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ldebug.c in Lua 5.4.0 allows a negation overflow and segmentation fault in getlocal and setlocal, as demonstrated by getlocal(3,2^31). |
|
46 |
CVE-2020-24369 |
476 |
|
|
2020-08-17 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ldebug.c in Lua 5.4.0 attempts to access debug information via the line hook of a stripped function, leading to a NULL pointer dereference. |
|
47 |
CVE-2020-24364 |
74 |
|
Exec Code |
2020-08-24 |
2020-08-31 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
MineTime through 1.8.5 allows arbitrary command execution via the notes field in a meeting. Could lead to RCE via meeting invite. |
|
48 |
CVE-2020-24363 |
306 |
|
|
2020-08-31 |
2020-09-08 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
TP-Link TL-WA855RE V5 20200415-rel37464 devices allow an unauthenticated attacker (on the same network) to submit a TDDP_RESET POST request for a factory reset and reboot. The attacker can then obtain incorrect access control by setting a new administrative password. |
|
49 |
CVE-2020-24361 |
273 |
|
Exec Code |
2020-08-16 |
2020-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SNMPTT before 1.4.2 allows attackers to execute shell code via EXEC, PREXEC, or unknown_trap_exec. |
|
50 |
CVE-2020-24359 |
20 |
|
|
2020-08-20 |
2020-08-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
HashiCorp vault-ssh-helper up to and including version 0.1.6 incorrectly accepted Vault-issued SSH OTPs for the subnet in which a host's network interface was located, rather than the specific IP address assigned to that interface. Fixed in 0.2.0. |
