CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In December 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
451 CVE-2020-28940 287 Exec Code Bypass 2020-12-01 2022-04-26
7.5
None Remote Low Not required Partial Partial Partial
On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admin dashboard has an authentication bypass vulnerability that could allow an unauthenticated user to execute privileged commands on the device.
452 CVE-2020-28939 434 Exec Code 2020-12-03 2020-12-07
6.5
None Remote Low ??? Partial Partial Partial
OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious files, such as PHP web shells, which can lead to arbitrary code execution on the application server.
453 CVE-2020-28938 79 XSS 2020-12-03 2020-12-03
3.5
None Remote Medium ??? None Partial None
OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users.
454 CVE-2020-28937 287 2020-12-03 2021-07-21
5.0
None Remote Low Not required Partial None None
OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Protected Health Information (PHI) stored in the application, via a direct request for the /tests/ URI.
455 CVE-2020-28935 59 DoS 2020-12-07 2021-02-12
2.1
None Local Low Not required None None Partial
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system.
456 CVE-2020-28931 352 CSRF 2020-12-16 2020-12-17
6.8
None Remote Medium Not required Partial Partial Partial
Lack of an anti-CSRF token in the entire administrative interface in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacker to force an administrator to execute external POST requests by visiting a malicious website.
457 CVE-2020-28930 79 XSS 2020-12-16 2020-12-17
3.5
None Remote Medium ??? None Partial None
A Cross-Site Scripting (XSS) issue in the 'update user' and 'delete user' functionalities in settings/users.php in EPSON EPS TSE Server 8 (21.0.11) allows an authenticated attacker to inject a JavaScript payload in the user management page that is executed by an administrator.
458 CVE-2020-28929 522 2020-12-16 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacker to remotely retrieve administrative hashed credentials via the maintenance/troubleshoot.php?download=1 URI.
459 CVE-2020-28925 2020-12-30 2021-01-04
5.0
None Remote Low Not required None Partial None
Bolt before 3.7.2 does not restrict filter options in a Request in the Twig context, and is therefore inconsistent with the "How to Harden Your PHP for Better Security" guidance.
460 CVE-2020-28923 2020-12-03 2020-12-07
4.0
None Remote Low ??? Partial None None
An issue was discovered in Play Framework 2.8.0 through 2.8.4. Carefully crafted JSON payloads sent as a form field lead to Data Amplification. This affects users migrating from a Play version prior to 2.8.0 that used the Play Java API to serialize classes with protected or private fields to JSON.
461 CVE-2020-28916 835 2020-12-04 2021-02-24
2.1
None Local Low Not required None None Partial
hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address.
462 CVE-2020-28912 +Priv 2020-12-24 2020-12-30
4.4
None Local Medium Not required Partial Partial Partial
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between the client and the server, and getting the ability to run SQL commands on behalf of the connected user. This occurs because of an incorrect security descriptor. This affects MariaDB Server before 10.1.48, 10.2.x before 10.2.35, 10.3.x before 10.3.26, 10.4.x before 10.4.16, and 10.5.x before 10.5.7. NOTE: this issue exists because certain details of the MariaDB CVE-2019-2503 fix did not comprehensively address attack variants against MariaDB. This situation is specific to MariaDB, and thus CVE-2020-28912 does NOT apply to other vendors that were originally affected by CVE-2019-2503.
463 CVE-2020-28861 1236 2020-12-14 2020-12-15
5.0
None Remote Low Not required Partial None None
OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier failed to implement access controls on /Stream/ProjectsCSV endpoint, allowing unauthenticated attackers to gain access to potentially sensitive project information stored by the application.
464 CVE-2020-28860 89 Sql 2020-12-14 2020-12-15
6.5
None Remote Low ??? Partial Partial Partial
OpenAssetDigital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input, incorporating it into its SQL queries, allowing for authenticated blind SQL injection.
465 CVE-2020-28859 79 XSS 2020-12-14 2020-12-15
4.3
None Remote Medium Not required None Partial None
OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input in multiple parameters and endpoints, allowing for reflected cross-site scripting attacks.
466 CVE-2020-28858 352 CSRF 2020-12-14 2020-12-15
6.8
None Remote Medium Not required Partial Partial Partial
OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly verify whether a request made to the application was intentionally made by the user, allowing for cross-site request forgery attacks on all user functions.
467 CVE-2020-28857 79 XSS 2020-12-14 2020-12-15
4.3
None Remote Medium Not required None Partial None
OpenAsset Digital Asset Management (DAM) through 12.0.19, does not correctly sanitize user supplied input in multiple parameters and endpoints, allowing for stored cross-site scripting attacks.
468 CVE-2020-28856 290 Bypass 2020-12-14 2020-12-15
5.0
None Remote Low Not required None Partial None
OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly determine the HTTP request's originating IP address, allowing attackers to spoof it using X-Forwarded-For in the header, by supplying localhost address such as 127.0.0.1, effectively bypassing all IP address based access controls.
469 CVE-2020-28838 352 CSRF 2020-12-11 2020-12-15
3.5
None Remote Medium ??? None Partial None
Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to cart.
470 CVE-2020-28759 120 Overflow 2020-12-26 2020-12-29
4.3
None Remote Medium Not required None None Partial
** DISPUTED ** The serializer module in OAID Tengine lite-v1.0 has a Buffer Overflow and crash. NOTE: another person has stated "I don't think there is an proof of overflow so far."
471 CVE-2020-28736 611 2020-12-30 2021-01-04
6.5
None Remote Low ??? Partial Partial Partial
Plone before 5.2.3 allows XXE attacks via a feature that is protected by an unapplied permission of plone.schemaeditor.ManageSchemata (therefore, only available to the Manager role).
472 CVE-2020-28735 918 2020-12-30 2021-01-04
6.5
None Remote Low ??? Partial Partial Partial
Plone before 5.2.3 allows SSRF attacks via the tracebacks feature (only available to the Manager role).
473 CVE-2020-28734 611 2020-12-30 2021-01-04
6.5
None Remote Low ??? Partial Partial Partial
Plone before 5.2.3 allows XXE attacks via a feature that is explicitly only available to the Manager role.
474 CVE-2020-28727 79 XSS 2020-12-07 2020-12-07
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php.
475 CVE-2020-28641 59 2020-12-22 2020-12-23
6.6
None Local Low Not required None Complete Complete
In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system.
476 CVE-2020-28583 200 +Info 2020-12-01 2021-07-21
5.0
None Remote Low Not required Partial None None
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information.
477 CVE-2020-28582 200 +Info 2020-12-01 2021-07-21
5.0
None Remote Low Not required Partial None None
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents.
478 CVE-2020-28577 200 +Info 2020-12-01 2021-07-21
5.0
None Remote Low Not required Partial None None
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names.
479 CVE-2020-28576 200 +Info 2020-12-01 2021-07-21
5.0
None Remote Low Not required Partial None None
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information.
480 CVE-2020-28575 787 Exec Code Overflow 2020-12-01 2020-12-02
4.6
None Local Low Not required Partial Partial Partial
A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute high-privileged code on the target in order to exploit this vulnerability.
481 CVE-2020-28573 200 +Info 2020-12-01 2021-07-21
5.0
None Remote Low Not required Partial None None
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal the total agents managed by the server.
482 CVE-2020-28460 400 Bypass 2020-12-22 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
This affects the package multi-ini before 2.1.2. It is possible to pollute an object's prototype by specifying the constructor.proto object as part of an array. This is a bypass of CVE-2020-28448.
483 CVE-2020-28458 20 2020-12-16 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806.
484 CVE-2020-28457 79 XSS 2020-12-15 2020-12-16
3.5
None Remote Medium ??? None Partial None
This affects the package s-cart/core before 4.4. The search functionality of the admin dashboard in core/src/Admin/Controllers/AdminOrderController.phpindex is vulnerable to XSS.
485 CVE-2020-28456 79 XSS 2020-12-15 2020-12-16
4.3
None Remote Medium Not required None Partial None
The package s-cart/core before 4.4 are vulnerable to Cross-site Scripting (XSS) via the admin panel.
486 CVE-2020-28448 400 2020-12-22 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
This affects the package multi-ini before 2.1.1. It is possible to pollute an object's prototype by specifying the proto object as part of an array.
487 CVE-2020-28442 2020-12-15 2020-12-16
7.5
None Remote Low Not required Partial Partial Partial
All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn function.
488 CVE-2020-28440 77 2020-12-11 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
All versions of package corenlp-js-interface are vulnerable to Command Injection via the main function.
489 CVE-2020-28439 77 2020-12-11 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.' Vulnerability can be exploited with the following PoC:
490 CVE-2020-28413 89 Sql 2020-12-30 2021-01-05
4.0
None Remote Low ??? Partial None None
In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mc_project_get_users function through the API SOAP.
491 CVE-2020-28396 693 2020-12-14 2021-01-14
4.9
None Remote Medium ??? Partial Partial None
A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP-8021 (All versions < V16), SICAM A8000 CP-8022 (All versions < V16). A web server misconfiguration of the affected device can cause insecure ciphers usage by a userĀ“s browser. An attacker in a privileged position could decrypt the communication and compromise confidentiality and integrity of the transmitted information.
492 CVE-2020-28365 79 XSS 2020-12-30 2021-01-04
4.3
None Remote Medium Not required None Partial None
** UNSUPPORTED WHEN ASSIGNED ** Sentrifugo 3.2 allows Stored Cross-Site Scripting (XSS) vulnerability by inserting a payload within the X-Forwarded-For HTTP header during the login process. When an administrator looks at logs, the payload is executed. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
493 CVE-2020-28283 DoS Exec Code 2020-12-29 2020-12-30
7.5
None Remote Low Not required Partial Partial Partial
Prototype pollution vulnerability in 'libnested' versions 0.0.0 through 1.5.0 allows an attacker to cause a denial of service and may lead to remote code execution.
494 CVE-2020-28282 DoS Exec Code 2020-12-29 2020-12-30
7.5
None Remote Low Not required Partial Partial Partial
Prototype pollution vulnerability in 'getobject' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution.
495 CVE-2020-28281 DoS Exec Code 2020-12-29 2020-12-30
7.5
None Remote Low Not required Partial Partial Partial
Prototype pollution vulnerability in 'set-object-value' versions 0.0.0 through 0.0.5 allows an attacker to cause a denial of service and may lead to remote code execution.
496 CVE-2020-28280 DoS Exec Code 2020-12-29 2020-12-30
7.5
None Remote Low Not required Partial Partial Partial
Prototype pollution vulnerability in 'predefine' versions 0.0.0 through 0.1.2 allows an attacker to cause a denial of service and may lead to remote code execution.
497 CVE-2020-28279 DoS Exec Code 2020-12-29 2020-12-30
7.5
None Remote Low Not required Partial Partial Partial
Prototype pollution vulnerability in 'flattenizer' versions 0.0.5 through 1.0.5 allows an attacker to cause a denial of service and may lead to remote code execution.
498 CVE-2020-28278 DoS Exec Code 2020-12-29 2020-12-30
7.5
None Remote Low Not required Partial Partial Partial
Prototype pollution vulnerability in 'shvl' versions 1.0.0 through 2.0.1 allows an attacker to cause a denial of service and may lead to remote code execution.
499 CVE-2020-28277 DoS Exec Code 2020-12-29 2020-12-30
7.5
None Remote Low Not required Partial Partial Partial
Prototype pollution vulnerability in 'dset' versions 1.0.0 through 2.0.1 allows attacker to cause a denial of service and may lead to remote code execution.
500 CVE-2020-28276 DoS Exec Code 2020-12-29 2020-12-30
7.5
None Remote Low Not required Partial Partial Partial
Prototype pollution vulnerability in 'deep-set' versions 1.0.0 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution.
Total number of vulnerabilities : 1530   Page : 1 2 3 4 5 6 7 8 9 10 (This Page)11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.