| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
451 |
CVE-2020-28940 |
287 |
|
Exec Code Bypass |
2020-12-01 |
2022-04-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
On Western Digital My Cloud OS 5 devices before 5.06.115, the NAS Admin dashboard has an authentication bypass vulnerability that could allow an unauthenticated user to execute privileged commands on the device. |
|
452 |
CVE-2020-28939 |
434 |
|
Exec Code |
2020-12-03 |
2020-12-07 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
OpenClinic version 0.8.2 is affected by a medical/test_new.php insecure file upload vulnerability. This vulnerability allows authenticated users (with substantial privileges) to upload malicious files, such as PHP web shells, which can lead to arbitrary code execution on the application server. |
|
453 |
CVE-2020-28938 |
79 |
|
XSS |
2020-12-03 |
2020-12-03 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
OpenClinic version 0.8.2 is affected by a stored XSS vulnerability in lib/Check.php that allows users of the application to force actions on behalf of other users. |
|
454 |
CVE-2020-28937 |
287 |
|
|
2020-12-03 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Protected Health Information (PHI) stored in the application, via a direct request for the /tests/ URI. |
|
455 |
CVE-2020-28935 |
59 |
|
DoS |
2020-12-07 |
2021-02-12 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
NLnet Labs Unbound, up to and including version 1.12.0, and NLnet Labs NSD, up to and including version 4.3.3, contain a local vulnerability that would allow for a local symlink attack. When writing the PID file, Unbound and NSD create the file if it is not there, or open an existing file for writing. In case the file was already present, they would follow symlinks if the file happened to be a symlink instead of a regular file. An additional chown of the file would then take place after it was written, making the user Unbound/NSD is supposed to run as the new owner of the file. If an attacker has local access to the user Unbound/NSD runs as, she could create a symlink in place of the PID file pointing to a file that she would like to erase. If then Unbound/NSD is killed and the PID file is not cleared, upon restarting with root privileges, Unbound/NSD will rewrite any file pointed at by the symlink. This is a local vulnerability that could create a Denial of Service of the system Unbound/NSD is running on. It requires an attacker having access to the limited permission user Unbound/NSD runs as and point through the symlink to a critical file on the system. |
|
456 |
CVE-2020-28931 |
352 |
|
CSRF |
2020-12-16 |
2020-12-17 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Lack of an anti-CSRF token in the entire administrative interface in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacker to force an administrator to execute external POST requests by visiting a malicious website. |
|
457 |
CVE-2020-28930 |
79 |
|
XSS |
2020-12-16 |
2020-12-17 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
A Cross-Site Scripting (XSS) issue in the 'update user' and 'delete user' functionalities in settings/users.php in EPSON EPS TSE Server 8 (21.0.11) allows an authenticated attacker to inject a JavaScript payload in the user management page that is executed by an administrator. |
|
458 |
CVE-2020-28929 |
522 |
|
|
2020-12-16 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Unrestricted access to the log downloader functionality in EPSON EPS TSE Server 8 (21.0.11) allows an unauthenticated attacker to remotely retrieve administrative hashed credentials via the maintenance/troubleshoot.php?download=1 URI. |
|
459 |
CVE-2020-28925 |
|
|
|
2020-12-30 |
2021-01-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Bolt before 3.7.2 does not restrict filter options in a Request in the Twig context, and is therefore inconsistent with the "How to Harden Your PHP for Better Security" guidance. |
|
460 |
CVE-2020-28923 |
|
|
|
2020-12-03 |
2020-12-07 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An issue was discovered in Play Framework 2.8.0 through 2.8.4. Carefully crafted JSON payloads sent as a form field lead to Data Amplification. This affects users migrating from a Play version prior to 2.8.0 that used the Play Java API to serialize classes with protected or private fields to JSON. |
|
461 |
CVE-2020-28916 |
835 |
|
|
2020-12-04 |
2021-02-24 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
hw/net/e1000e_core.c in QEMU 5.0.0 has an infinite loop via an RX descriptor with a NULL buffer address. |
|
462 |
CVE-2020-28912 |
|
|
+Priv |
2020-12-24 |
2020-12-30 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
With MariaDB running on Windows, when local clients connect to the server over named pipes, it's possible for an unprivileged user with an ability to run code on the server machine to intercept the named pipe connection and act as a man-in-the-middle, gaining access to all the data passed between the client and the server, and getting the ability to run SQL commands on behalf of the connected user. This occurs because of an incorrect security descriptor. This affects MariaDB Server before 10.1.48, 10.2.x before 10.2.35, 10.3.x before 10.3.26, 10.4.x before 10.4.16, and 10.5.x before 10.5.7. NOTE: this issue exists because certain details of the MariaDB CVE-2019-2503 fix did not comprehensively address attack variants against MariaDB. This situation is specific to MariaDB, and thus CVE-2020-28912 does NOT apply to other vendors that were originally affected by CVE-2019-2503. |
|
463 |
CVE-2020-28861 |
1236 |
|
|
2020-12-14 |
2020-12-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
OpenAsset Digital Asset Management (DAM) 12.0.19 and earlier failed to implement access controls on /Stream/ProjectsCSV endpoint, allowing unauthenticated attackers to gain access to potentially sensitive project information stored by the application. |
|
464 |
CVE-2020-28860 |
89 |
|
Sql |
2020-12-14 |
2020-12-15 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
OpenAssetDigital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input, incorporating it into its SQL queries, allowing for authenticated blind SQL injection. |
|
465 |
CVE-2020-28859 |
79 |
|
XSS |
2020-12-14 |
2020-12-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly sanitize user supplied input in multiple parameters and endpoints, allowing for reflected cross-site scripting attacks. |
|
466 |
CVE-2020-28858 |
352 |
|
CSRF |
2020-12-14 |
2020-12-15 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly verify whether a request made to the application was intentionally made by the user, allowing for cross-site request forgery attacks on all user functions. |
|
467 |
CVE-2020-28857 |
79 |
|
XSS |
2020-12-14 |
2020-12-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
OpenAsset Digital Asset Management (DAM) through 12.0.19, does not correctly sanitize user supplied input in multiple parameters and endpoints, allowing for stored cross-site scripting attacks. |
|
468 |
CVE-2020-28856 |
290 |
|
Bypass |
2020-12-14 |
2020-12-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
OpenAsset Digital Asset Management (DAM) through 12.0.19 does not correctly determine the HTTP request's originating IP address, allowing attackers to spoof it using X-Forwarded-For in the header, by supplying localhost address such as 127.0.0.1, effectively bypassing all IP address based access controls. |
|
469 |
CVE-2020-28838 |
352 |
|
CSRF |
2020-12-11 |
2020-12-15 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to cart. |
|
470 |
CVE-2020-28759 |
120 |
|
Overflow |
2020-12-26 |
2020-12-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
** DISPUTED ** The serializer module in OAID Tengine lite-v1.0 has a Buffer Overflow and crash. NOTE: another person has stated "I don't think there is an proof of overflow so far." |
|
471 |
CVE-2020-28736 |
611 |
|
|
2020-12-30 |
2021-01-04 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Plone before 5.2.3 allows XXE attacks via a feature that is protected by an unapplied permission of plone.schemaeditor.ManageSchemata (therefore, only available to the Manager role). |
|
472 |
CVE-2020-28735 |
918 |
|
|
2020-12-30 |
2021-01-04 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Plone before 5.2.3 allows SSRF attacks via the tracebacks feature (only available to the Manager role). |
|
473 |
CVE-2020-28734 |
611 |
|
|
2020-12-30 |
2021-01-04 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Plone before 5.2.3 allows XXE attacks via a feature that is explicitly only available to the Manager role. |
|
474 |
CVE-2020-28727 |
79 |
|
XSS |
2020-12-07 |
2020-12-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) exists in SeedDMS 6.0.13 via the folderid parameter to views/bootstrap/class.DropFolderChooser.php. |
|
475 |
CVE-2020-28641 |
59 |
|
|
2020-12-22 |
2020-12-23 |
6.6 |
None |
Local |
Low |
Not required |
None |
Complete |
Complete |
|
In Malwarebytes Free 4.1.0.56, a symbolic link may be used delete an arbitrary file on the system by exploiting the local quarantine system. |
|
476 |
CVE-2020-28583 |
200 |
|
+Info |
2020-12-01 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version, build and patch information. |
|
477 |
CVE-2020-28582 |
200 |
|
+Info |
2020-12-01 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal number of managed agents. |
|
478 |
CVE-2020-28577 |
200 |
|
+Info |
2020-12-01 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal server hostname and db names. |
|
479 |
CVE-2020-28576 |
200 |
|
+Info |
2020-12-01 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version and build information. |
|
480 |
CVE-2020-28575 |
787 |
|
Exec Code Overflow |
2020-12-01 |
2020-12-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affected installations. An attacker must first obtain the ability to execute high-privileged code on the target in order to exploit this vulnerability. |
|
481 |
CVE-2020-28573 |
200 |
|
+Info |
2020-12-01 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal the total agents managed by the server. |
|
482 |
CVE-2020-28460 |
400 |
|
Bypass |
2020-12-22 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
This affects the package multi-ini before 2.1.2. It is possible to pollute an object's prototype by specifying the constructor.proto object as part of an array. This is a bypass of CVE-2020-28448. |
|
483 |
CVE-2020-28458 |
20 |
|
|
2020-12-16 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806. |
|
484 |
CVE-2020-28457 |
79 |
|
XSS |
2020-12-15 |
2020-12-16 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
This affects the package s-cart/core before 4.4. The search functionality of the admin dashboard in core/src/Admin/Controllers/AdminOrderController.phpindex is vulnerable to XSS. |
|
485 |
CVE-2020-28456 |
79 |
|
XSS |
2020-12-15 |
2020-12-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The package s-cart/core before 4.4 are vulnerable to Cross-site Scripting (XSS) via the admin panel. |
|
486 |
CVE-2020-28448 |
400 |
|
|
2020-12-22 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
This affects the package multi-ini before 2.1.1. It is possible to pollute an object's prototype by specifying the proto object as part of an array. |
|
487 |
CVE-2020-28442 |
|
|
|
2020-12-15 |
2020-12-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
All versions of package js-data are vulnerable to Prototype Pollution via the deepFillIn function. |
|
488 |
CVE-2020-28440 |
77 |
|
|
2020-12-11 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
All versions of package corenlp-js-interface are vulnerable to Command Injection via the main function. |
|
489 |
CVE-2020-28439 |
77 |
|
|
2020-12-11 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.' Vulnerability can be exploited with the following PoC: |
|
490 |
CVE-2020-28413 |
89 |
|
Sql |
2020-12-30 |
2021-01-05 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
In MantisBT 2.24.3, SQL Injection can occur in the parameter "access" of the mc_project_get_users function through the API SOAP. |
|
491 |
CVE-2020-28396 |
693 |
|
|
2020-12-14 |
2021-01-14 |
4.9 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
None |
|
A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP-8021 (All versions < V16), SICAM A8000 CP-8022 (All versions < V16). A web server misconfiguration of the affected device can cause insecure ciphers usage by a userĀ“s browser. An attacker in a privileged position could decrypt the communication and compromise confidentiality and integrity of the transmitted information. |
|
492 |
CVE-2020-28365 |
79 |
|
XSS |
2020-12-30 |
2021-01-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
** UNSUPPORTED WHEN ASSIGNED ** Sentrifugo 3.2 allows Stored Cross-Site Scripting (XSS) vulnerability by inserting a payload within the X-Forwarded-For HTTP header during the login process. When an administrator looks at logs, the payload is executed. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
|
493 |
CVE-2020-28283 |
|
|
DoS Exec Code |
2020-12-29 |
2020-12-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Prototype pollution vulnerability in 'libnested' versions 0.0.0 through 1.5.0 allows an attacker to cause a denial of service and may lead to remote code execution. |
|
494 |
CVE-2020-28282 |
|
|
DoS Exec Code |
2020-12-29 |
2020-12-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Prototype pollution vulnerability in 'getobject' version 0.1.0 allows an attacker to cause a denial of service and may lead to remote code execution. |
|
495 |
CVE-2020-28281 |
|
|
DoS Exec Code |
2020-12-29 |
2020-12-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Prototype pollution vulnerability in 'set-object-value' versions 0.0.0 through 0.0.5 allows an attacker to cause a denial of service and may lead to remote code execution. |
|
496 |
CVE-2020-28280 |
|
|
DoS Exec Code |
2020-12-29 |
2020-12-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Prototype pollution vulnerability in 'predefine' versions 0.0.0 through 0.1.2 allows an attacker to cause a denial of service and may lead to remote code execution. |
|
497 |
CVE-2020-28279 |
|
|
DoS Exec Code |
2020-12-29 |
2020-12-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Prototype pollution vulnerability in 'flattenizer' versions 0.0.5 through 1.0.5 allows an attacker to cause a denial of service and may lead to remote code execution. |
|
498 |
CVE-2020-28278 |
|
|
DoS Exec Code |
2020-12-29 |
2020-12-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Prototype pollution vulnerability in 'shvl' versions 1.0.0 through 2.0.1 allows an attacker to cause a denial of service and may lead to remote code execution. |
|
499 |
CVE-2020-28277 |
|
|
DoS Exec Code |
2020-12-29 |
2020-12-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Prototype pollution vulnerability in 'dset' versions 1.0.0 through 2.0.1 allows attacker to cause a denial of service and may lead to remote code execution. |
|
500 |
CVE-2020-28276 |
|
|
DoS Exec Code |
2020-12-29 |
2020-12-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Prototype pollution vulnerability in 'deep-set' versions 1.0.0 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution. |
