CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In December 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
901 CVE-2020-25094 74 2020-12-17 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
LogRhythm Platform Manager 7.4.9 allows Command Injection. To exploit this, an attacker can inject arbitrary program names and arguments into a WebSocket. These are forwarded to any remote server with a LogRhythm Smart Response agent installed. By default, the commands are run with LocalSystem privileges.
902 CVE-2020-25066 787 DoS Exec Code Overflow 2020-12-22 2021-03-26
7.5
None Remote Low Not required Partial Partial Partial
A heap-based buffer overflow in the Treck HTTP Server component before 6.0.1.68 allows remote attackers to cause a denial of service (crash/reset) or to possibly execute arbitrary code.
903 CVE-2020-25011 522 2020-12-17 2021-07-21
5.0
None Remote Low Not required Partial None None
A sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to get username and password by request /cgi-bin/webadminget.cgi script via the browser.
904 CVE-2020-25010 434 Exec Code 2020-12-17 2020-12-22
7.5
None Remote Low Not required Partial Partial Partial
An arbitrary code execution vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to upload a malicious script file by constructing a POST type request and writing a payload in the request parameters as an instruction to write a file.
905 CVE-2020-24693 2020-12-18 2020-12-18
2.1
None Local Low Not required Partial None None
The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to insufficient output sanitization.
906 CVE-2020-24683 669 Bypass 2020-12-22 2021-10-07
7.5
None Remote Low Not required Partial Partial Partial
The affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at the client node (client-side authentication). This is not as secure as having the server validate a client application before allowing a connection. Therefore, if the network communication or endpoints for these applications are not protected, unauthorized actors can bypass authentication and make unauthorized connections to the server application.
907 CVE-2020-24680 522 2020-12-22 2021-10-07
4.6
None Local Low Not required Partial Partial Partial
In S+ Operations and S+ Historian, the passwords of internal users (not Windows Users) are encrypted but improperly stored in a database.
908 CVE-2020-24679 20 Exec Code 2020-12-22 2021-10-07
10.0
None Remote Low Not required Complete Complete Complete
A S+ Operations and S+ Historian service is subject to a DoS by special crafted messages. An attacker might use this flaw to make it crash or even execute arbitrary code on the machine where the service is hosted.
909 CVE-2020-24678 Exec Code +Priv 2020-12-22 2021-10-07
6.5
None Remote Low ??? Partial Partial Partial
An authenticated user might execute malicious code under the user context and take control of the system. S+ Operations or S+ Historian database is affected by multiple vulnerabilities such as the possibility to allow remote authenticated users to gain high privileges.
910 CVE-2020-24677 754 Exec Code 2020-12-22 2021-10-07
6.5
None Remote Low ??? Partial Partial Partial
Vulnerabilities in the S+ Operations and S+ Historian web applications can lead to a possible code execution and privilege escalation, redirect the user somewhere else or download unwanted data.
911 CVE-2020-24676 Exec Code 2020-12-22 2021-09-14
4.6
None Local Low Not required Partial Partial Partial
In Symphony Plus Operations and Symphony Plus Historian, some services can be vulnerable to privilege escalation attacks. An unprivileged (but authenticated) user could execute arbitrary code and result in privilege escalation, depending on the user that the service runs as.
912 CVE-2020-24675 287 2020-12-22 2021-10-07
7.5
None Remote Low Not required Partial Partial Partial
In S+ Operations and S+ History, it is possible that an unauthenticated user could inject values to the Operations History server (or standalone S+ History server) and ultimately write values to the controlled process.
913 CVE-2020-24674 863 Exec Code 2020-12-22 2021-10-07
9.0
None Remote Low ??? Complete Complete Complete
In S+ Operations and S+ Historian, not all client commands correctly check user permission as expected. Authenticated but Unauthorized remote users could execute a Denial-of-Service (DoS) attack, execute arbitrary code, or obtain more privilege than intended on the machines.
914 CVE-2020-24673 89 Exec Code Sql 2020-12-22 2021-10-07
7.5
None Remote Low Not required Partial Partial Partial
In S+ Operations and S+ Historian, a successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. This can lead to a loss of confidentiality and data integrity or even affect the product behavior and its availability.
915 CVE-2020-24658 787 Overflow 2020-12-24 2021-07-21
4.4
None Local Medium Not required Partial Partial Partial
Arm Compiler 5 through 5.06u6 has an error in a stack protection feature designed to help spot stack-based buffer overflows in local arrays. When this feature is enabled, a protected function writes a guard value to the stack prior to (above) any vulnerable arrays in the stack. The guard value is checked for corruption on function return; corruption leads to an error-handler call. In certain circumstances, the reference value that is compared against the guard value is itself also written to the stack (after any vulnerable arrays). The reference value is written to the stack when the function runs out of registers to use for other temporary data. If both the reference value and the guard value are written to the stack, then the stack protection will fail to spot corruption when both values are overwritten with the same value. For both the reference value and the guard value to be corrupted, there would need to be both a buffer overflow and a buffer underflow in the vulnerable arrays (or some other vulnerability that causes two separated stack entries to be corrupted).
916 CVE-2020-24637 Bypass 2020-12-11 2021-11-18
9.0
None Remote Low ??? Complete Complete Complete
Two vulnerabilities in ArubaOS GRUB2 implementation allows for an attacker to bypass secureboot. Successful exploitation of this vulnerability this could lead to remote compromise of system integrity by allowing an attacker to load an untrusted or modified kernel in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.
917 CVE-2020-24634 77 2020-12-11 2021-11-18
10.0
None Remote Low Not required Complete Complete Complete
An attacker is able to remotely inject arbitrary commands by sending especially crafted packets destined to the PAPI (Aruba Networks AP Management protocol) UDP port (8211) of access-pointsor controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below ; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.
918 CVE-2020-24633 120 Exec Code Overflow 2020-12-11 2021-11-18
10.0
None Remote Low Not required Complete Complete Complete
There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below.
919 CVE-2020-24581 78 Exec Code 2020-12-22 2020-12-23
7.7
None Local Network Low ??? Complete Complete Complete
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. It contains an execute_cmd.cgi feature (that is not reachable via the web user interface) that lets an authenticated user execute Operating System commands.
920 CVE-2020-24580 287 2020-12-22 2021-07-21
5.4
None Local Network Medium Not required Partial Partial Partial
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. Lack of authentication functionality allows an attacker to assign a static IP address that was once used by a valid user.
921 CVE-2020-24579 287 Bypass 2020-12-22 2020-12-23
5.8
None Local Network Low Not required Partial Partial Partial
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. An unauthenticated attacker could bypass authentication to access authenticated pages and functionality.
922 CVE-2020-24578 732 2020-12-22 2021-07-21
3.3
None Local Network Low Not required Partial None None
An issue was discovered on D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55. It has a misconfigured FTP service that allows a malicious network user to access system folders and download sensitive files (such as the password hash file).
923 CVE-2020-24447 427 Exec Code 2020-12-11 2020-12-11
3.7
None Local High Not required Partial Partial Partial
Adobe Lightroom Classic version 10.0 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
924 CVE-2020-24445 79 XSS 2020-12-10 2021-01-13
3.5
None Remote Medium ??? None Partial None
AEM's Cloud Service offering, as well as version 6.5.6.0 (and below), are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim’s browser when they browse to the page containing the vulnerable field.
925 CVE-2020-24444 918 2020-12-10 2020-12-14
5.0
None Remote Low Not required Partial None None
AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 (6.4.8.2) have a blind Server-Side Request Forgery (SSRF) vulnerability. This vulnerability could be exploited by an unauthenticated attacker to gather information about internal systems that reside on the same network.
926 CVE-2020-24440 427 Exec Code 2020-12-11 2020-12-11
3.7
None Local High Not required Partial Partial Partial
Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
927 CVE-2020-24383 125 +Info 2020-12-11 2020-12-15
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out-of-bounds read, and potentially causing information leak or Denial-or-Service.
928 CVE-2020-24360 404 2020-12-28 2021-01-05
6.1
None Local Network Low Not required None None Complete
An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista EOS versions are: 4.24.2.4F and below releases in the 4.24.x train; 4.23.4M and below releases in the 4.23.x train; 4.22.6M and below releases in the 4.22.x train.
929 CVE-2020-24341 125 +Info 2020-12-11 2020-12-14
6.4
None Remote Low Not required Partial None Partial
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually causing Denial-of-Service or an information leak.
930 CVE-2020-24340 125 2020-12-11 2020-12-14
5.0
None Remote Low Not required None None Partial
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The code that processes DNS responses in pico_mdns_handle_data_as_answers_generic() in pico_mdns.c does not check whether the number of answers/responses specified in a DNS packet header corresponds to the response data available in the packet, leading to an out-of-bounds read, invalid pointer dereference, and Denial-of-Service.
931 CVE-2020-24339 125 2020-12-11 2020-12-14
5.0
None Remote Low Not required None None Partial
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS response packet, causing out-of-bounds reads that lead to Denial-of-Service.
932 CVE-2020-24338 787 Exec Code 2020-12-11 2020-12-14
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in picoTCP through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS response packet, causing out-of-bounds writes that lead to Denial-of-Service and Remote Code Execution.
933 CVE-2020-24337 835 2020-12-11 2020-12-14
5.0
None Remote Low Not required None None Partial
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by achieving an infinite loop in the code that parses TCP options, aka tcp_parse_options() in pico_tcp.c.
934 CVE-2020-24336 120 Overflow 2020-12-11 2020-12-15
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitrary length, a buffer overflow can occur. This bug can be exploited whenever NAT64 is enabled.
935 CVE-2020-24334 125 2020-12-11 2020-12-15
6.4
None Remote Low Not required None Partial Partial
The code that processes DNS responses in uIP through 1.0, as used in Contiki and Contiki-NG, does not check whether the number of responses specified in the DNS packet header corresponds to the response data available in the DNS packet, leading to an out-of-bounds read and Denial-of-Service in resolv.c.
936 CVE-2020-23957 79 XSS 2020-12-15 2020-12-17
4.3
None Remote Medium Not required None Partial None
Pega Platform through 8.4.x is affected by Cross Site Scripting (XSS) via the ConnectionID parameter, as demonstrated by a pyActivity=Data-TRACERSettings.pzStartTracerSession request to a PRAuth URI.
937 CVE-2020-23741 DoS 2020-12-03 2020-12-04
4.9
None Local Low Not required None None Complete
In AnyView (network police) network monitoring software 4.6.0.1, there is a local denial of service vulnerability in AnyView, attackers can use a constructed program to cause a computer crash (BSOD).
938 CVE-2020-23740 269 2020-12-03 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
In DriverGenius 9.61.5480.28 there is a local privilege escalation vulnerability in the driver wizard, attackers can use constructed programs to increase user privileges.
939 CVE-2020-23738 DoS 2020-12-03 2020-12-04
4.9
None Local Low Not required None None Complete
There is a local denial of service vulnerability in Advanced SystemCare 13 PRO 13.5.0.174. Attackers can use a constructed program to cause a computer crash (BSOD)
940 CVE-2020-23736 DoS 2020-12-03 2020-12-04
4.9
None Local Low Not required None None Complete
There is a local denial of service vulnerability in DaDa accelerator 5.6.19.816,, attackers can use constructed programs to cause computer crashes (BSOD).
941 CVE-2020-23735 269 2020-12-03 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
In Saibo Cyber Game Accelerator 3.7.9 there is a local privilege escalation vulnerability. Attackers can use the constructed program to increase user privileges
942 CVE-2020-23727 DoS 2020-12-03 2020-12-04
4.9
None Local Low Not required None None Complete
There is a local denial of service vulnerability in the Antiy Zhijia Terminal Defense System 5.0.2.10121559 and an attacker can cause a computer crash (BSOD).
943 CVE-2020-23726 DoS 2020-12-03 2020-12-04
4.9
None Local Low Not required None None Complete
There is a local denial of service vulnerability in Wise Care 365 5.5.4, attackers can cause computer crash (BSOD).
944 CVE-2020-23520 434 Exec Code 2020-12-09 2020-12-10
6.5
None Remote Low ??? Partial Partial Partial
imcat 5.2 allows an authenticated file upload and consequently remote code execution via the picture functionality.
945 CVE-2020-22083 502 Exec Code 2020-12-17 2020-12-23
7.5
None Remote Low Not required Partial Partial Partial
** DISPUTED ** jsonpickle through 1.4.1 allows remote code execution during deserialization of a malicious payload through the decode() function. Note: It has been argued that this is expected and clearly documented behaviour. pickle is known to be capable of causing arbitrary code execution, and must not be used with un-trusted data.
946 CVE-2020-21378 89 Sql 2020-12-21 2020-12-22
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in SeaCMS 10.1 (2020.02.08) via the id parameter in an edit action to admin_members_group.php.
947 CVE-2020-21377 89 Sql 2020-12-21 2020-12-22
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in yunyecms V2.0.1 via the selcart parameter.
948 CVE-2020-20412 129 2020-12-26 2020-12-30
4.3
None Remote Medium Not required None None Partial
lib/codebook.c in libvorbis before 1.3.6, as used in StepMania 5.0.12 and other products, has insufficient array bounds checking via a crafted OGG file.
949 CVE-2020-20300 89 Sql 2020-12-18 2020-12-22
7.5
None Remote Low Not required Partial Partial Partial
SQL injection vulnerability in the wp_where function in WeiPHP 5.0.
950 CVE-2020-20299 200 +Info 2020-12-18 2021-07-21
5.0
None Remote Low Not required Partial None None
WeiPHP 5.0 does not properly restrict access to pages, related to using POST.
Total number of vulnerabilities : 1530   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 (This Page)20 21 22 23 24 25 26 27 28 29 30 31
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.