| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1151 |
CVE-2020-12658 |
667 |
|
|
2020-12-31 |
2021-02-08 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** gssproxy (aka gss-proxy) before 0.8.3 does not unlock cond_mutex before pthread exit in gp_worker_main() in gp_workers.c. NOTE: An upstream comment states "We are already on a shutdown path when running the code in question, so a DoS there doesn't make any sense, and there has been no additional information provided us (as upstream) to indicate why this would be a problem." |
|
1152 |
CVE-2020-12595 |
|
|
+Info |
2020-12-10 |
2020-12-14 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
An information disclosure flaw allows a malicious, authenticated, privileged web UI user to obtain a password for a remote SCP backup server that they might not otherwise be authorized to access. This affects SMG prior to 10.7.4. |
|
1153 |
CVE-2020-12594 |
269 |
|
+Priv |
2020-12-10 |
2021-07-21 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
A privilege escalation flaw allows a malicious, authenticated, privileged CLI user to escalate their privileges on the system and gain full control over the SMG appliance. This affects SMG prior to 10.7.4. |
|
1154 |
CVE-2020-12524 |
400 |
|
DoS |
2020-12-02 |
2020-12-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Uncontrolled Resource Consumption can be exploited to cause the Phoenix Contact HMIs BTP 2043W, BTP 2070W and BTP 2102W in all versions to become unresponsive and not accurately update the display content (Denial of Service). |
|
1155 |
CVE-2020-12523 |
909 |
|
|
2020-12-17 |
2020-12-21 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
On Phoenix Contact mGuard Devices versions before 8.8.3 LAN ports get functional after reboot even if they are disabled in the device configuration. For mGuard devices with integrated switch on the LAN side, single switch ports can be disabled by device configuration. After a reboot these ports get functional independent from their configuration setting: Missing Initialization of Resource |
|
1156 |
CVE-2020-12522 |
78 |
|
Exec Code |
2020-12-17 |
2020-12-23 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The reported vulnerability allows an attacker who has network access to the device to execute code with specially crafted packets in WAGO Series PFC 100 (750-81xx/xxx-xxx), Series PFC 200 (750-82xx/xxx-xxx), Series Wago Touch Panel 600 Standard Line (762-4xxx), Series Wago Touch Panel 600 Advanced Line (762-5xxx), Series Wago Touch Panel 600 Marine Line (762-6xxx) with firmware versions <=FW10. |
|
1157 |
CVE-2020-12521 |
20 |
|
|
2020-12-17 |
2020-12-21 |
6.1 |
None |
Local Network |
Low |
Not required |
None |
None |
Complete |
|
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system services or a complete reboot. |
|
1158 |
CVE-2020-12519 |
269 |
|
|
2020-12-17 |
2020-12-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i.e. to open a reverse shell with root privileges. |
|
1159 |
CVE-2020-12518 |
200 |
|
+Info |
2020-12-17 |
2020-12-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use the knowledge gained by reading the insufficiently protected sensitive information to plan further attacks. |
|
1160 |
CVE-2020-12517 |
79 |
|
+Priv XSS |
2020-12-17 |
2020-12-21 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
|
On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an authenticated low privileged user could embed malicious Javascript code to gain admin rights when the admin user visits the vulnerable website (local privilege escalation). |
|
1161 |
CVE-2020-12516 |
|
|
DoS |
2020-12-10 |
2020-12-22 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Older firmware versions (FW1 up to FW10) of the WAGO PLC family 750-88x and 750-352 are vulnerable for a special denial of service attack. |
|
1162 |
CVE-2020-12149 |
78 |
|
|
2020-12-11 |
2020-12-16 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
|
The configuration backup/restore function in Silver Peak Unity ECOSTM (ECOS) appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. This vulnerability can be exploited by an attacker with authenticated access to the Orchestrator UI or EdgeConnect UI. This affects all ECOS versions prior to: 8.1.9.15, 8.3.0.8, 8.3.1.2, 8.3.2.0, 9.0.2.0, and 9.1.0.0. |
|
1163 |
CVE-2020-12148 |
78 |
|
Exec Code |
2020-12-11 |
2020-12-16 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
|
A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM (ECOS) appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance. An attacker could exploit this vulnerability to establish an interactive channel, effectively taking control of the target system. This vulnerability can be exploited by an attacker with authenticated access to the Orchestrator UI or EdgeConnect UI. This affects all ECOS versions prior to : 8.1.9.15, 8.3.0.8, 8.3.1.2, 8.3.2.0, 9.0.2.0, and 9.1.0.0. |
|
1164 |
CVE-2020-11990 |
|
|
|
2020-12-01 |
2022-01-01 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
We have resolved a security issue in the camera plugin that could have affected certain Cordova (Android) applications. An attacker who could install (or lead the victim to install) a specially crafted (or malicious) Android application would be able to access pictures taken with the app externally. |
|
1165 |
CVE-2020-11974 |
|
|
Exec Code |
2020-12-18 |
2021-03-22 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In DolphinScheduler 1.2.0 and 1.2.1, with mysql connectorj a remote code execution vulnerability exists when choosing mysql as database. |
|
1166 |
CVE-2020-11947 |
125 |
|
|
2020-12-31 |
2021-02-18 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker. |
|
1167 |
CVE-2020-11835 |
787 |
|
|
2020-12-31 |
2021-01-06 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_da9313.c, failure to check the parameter buf in the function proc_work_mode_write in proc_work_mode_write causes a vulnerability. |
|
1168 |
CVE-2020-11834 |
787 |
|
|
2020-12-31 |
2021-01-06 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_vooc.c, the function proc_fastchg_fw_update_write in proc_fastchg_fw_update_write does not check the parameter len, resulting in a vulnerability. |
|
1169 |
CVE-2020-11833 |
787 |
|
|
2020-12-31 |
2021-01-06 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_mp2650.c, the function mp2650_data_log_write in mp2650_data_log_write does not check the parameter len which causes a vulnerability. |
|
1170 |
CVE-2020-11832 |
787 |
|
|
2020-12-31 |
2021-01-06 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
In functions charging_limit_current_write and charging_limit_time_write in /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.c have not checked the parameters, which causes a vulnerability. |
|
1171 |
CVE-2020-11720 |
798 |
|
|
2020-12-23 |
2020-12-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. During the installation, it sets up administrative access by default with the account admin and password 0000. After the installation, users/admins are not prompted to change this password. |
|
1172 |
CVE-2020-11719 |
326 |
|
|
2020-12-23 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and possibly below. It relies on broken encryption with a weak and guessable static encryption key. |
|
1173 |
CVE-2020-11718 |
319 |
|
|
2020-12-23 |
2020-12-23 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in Programi Bilanc build 007 release 014 31.01.2020 and below. Its software-update packages are downloaded via cleartext HTTP. |
|
1174 |
CVE-2020-11717 |
89 |
|
Sql |
2020-12-21 |
2020-12-22 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Programi 014 31.01.2020. It has multiple SQL injection vulnerabilities. |
|
1175 |
CVE-2020-11103 |
94 |
|
Exec Code |
2020-12-30 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
JsLink in Webswing before 2.6.12 LTS, and 2.7.x and 20.x before 20.1, allows remote code execution. |
|
1176 |
CVE-2020-11093 |
347 |
|
|
2020-12-24 |
2020-12-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Hyperledger Indy Node is the server portion of a distributed ledger purpose-built for decentralized identity. In Hyperledger Indy before version 1.12.4, there is lack of signature verification on a specific transaction which enables an attacker to make certain unauthorized alterations to the ledger. Updating a DID with a nym transaction will be written to the ledger if neither ROLE or VERKEY are being changed, regardless of sender. A malicious DID with no particular role can ask an update for another DID (but cannot modify its verkey or role). This is bad because 1) Any DID can write a nym transaction to the ledger (i.e., any DID can spam the ledger with nym transactions), 2) Any DID can change any other DID's alias, 3) The update transaction modifies the ledger metadata associated with a DID. |
|
1177 |
CVE-2020-10770 |
918 |
|
|
2020-12-15 |
2021-10-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter request_uri. This flaw allows an attacker to use this parameter to execute a Server-side request forgery (SSRF) attack. |
|
1178 |
CVE-2020-10210 |
798 |
|
|
2020-12-29 |
2021-01-14 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Because of hard-coded SSH keys for the root user in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series, Kami7B, an attacker may remotely log in through SSH. |
|
1179 |
CVE-2020-10209 |
77 |
|
Exec Code |
2020-12-30 |
2021-07-21 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows man-in-the-middle attackers to execute arbitrary commands with root level privileges. |
|
1180 |
CVE-2020-10208 |
77 |
|
Exec Code |
2020-12-30 |
2021-07-21 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows authenticated remote attackers to execute arbitrary commands with root user privileges. |
|
1181 |
CVE-2020-10207 |
798 |
|
|
2020-12-29 |
2021-01-14 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Use of Hard-coded Credentials in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows remote attackers to retrieve and modify the device settings. |
|
1182 |
CVE-2020-10206 |
798 |
|
|
2020-12-30 |
2021-01-14 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, AK5xx series, AK65x series, Aria6xx series, Aria7/AK7Xx series and Kami7B allows local attackers to view and interact with the video output of the device. |
|
1183 |
CVE-2020-10148 |
287 |
|
Exec Code Bypass |
2020-12-29 |
2020-12-31 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. This vulnerability could allow a remote attacker to bypass authentication and execute API commands which may result in a compromise of the SolarWinds instance. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected. |
|
1184 |
CVE-2020-10146 |
79 |
|
Exec Code XSS +Info |
2020-12-09 |
2020-12-10 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
The Microsoft Teams online service contains a stored cross-site scripting vulnerability in the displayName parameter that can be exploited on Teams clients to obtain sensitive information such as authentication tokens and to possibly execute arbitrary commands. This vulnerability was fixed for all Teams users in the online service on or around October 2020. |
|
1185 |
CVE-2020-10143 |
665 |
|
Exec Code |
2020-12-09 |
2021-12-20 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Macrium Reflect includes an OpenSSL component that specifies an OPENSSLDIR variable as C:\openssl\. Macrium Reflect contains a privileged service that uses this OpenSSL component. Because unprivileged Windows users can create subdirectories off of the system root, a user can create the appropriate path to a specially-crafted openssl.cnf file to achieve arbitrary code execution with SYSTEM privileges. |
|
1186 |
CVE-2020-10017 |
787 |
|
Exec Code |
2020-12-08 |
2021-03-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted audio file may lead to arbitrary code execution. |
|
1187 |
CVE-2020-10016 |
787 |
|
Exec Code Mem. Corr. |
2020-12-08 |
2022-04-26 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. An application may be able to execute arbitrary code with kernel privileges. |
|
1188 |
CVE-2020-10014 |
22 |
|
Dir. Trav. |
2020-12-08 |
2020-12-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A parsing issue in the handling of directory paths was addressed with improved path validation. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to break out of its sandbox. |
|
1189 |
CVE-2020-10013 |
|
|
Exec Code |
2020-12-08 |
2021-03-22 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A logic issue was addressed with improved state management. This issue is fixed in tvOS 14.0, iOS 14.0 and iPadOS 14.0. An application may be able to execute arbitrary code with kernel privileges. |
|
1190 |
CVE-2020-10012 |
79 |
|
XSS |
2020-12-08 |
2020-12-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An access issue was addressed with improved access restrictions. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted document may lead to a cross site scripting attack. |
|
1191 |
CVE-2020-10011 |
125 |
|
Exec Code |
2020-12-08 |
2020-12-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 14.2 and iPadOS 14.2, macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave. Processing a maliciously crafted USD file may lead to unexpected application termination or arbitrary code execution. |
|
1192 |
CVE-2020-10010 |
22 |
|
Dir. Trav. |
2020-12-08 |
2020-12-15 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A path handling issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges. |
|
1193 |
CVE-2020-10009 |
|
|
|
2020-12-08 |
2020-12-15 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A sandboxed process may be able to circumvent sandbox restrictions. |
|
1194 |
CVE-2020-10007 |
|
|
|
2020-12-08 |
2020-12-15 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to determine kernel memory layout. |
|
1195 |
CVE-2020-10006 |
|
|
|
2020-12-08 |
2020-12-15 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
This issue was addressed with improved entitlements. This issue is fixed in macOS Big Sur 11.0.1. A malicious application may be able to access restricted files. |
|
1196 |
CVE-2020-10004 |
|
|
Exec Code |
2020-12-08 |
2021-03-22 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution. |
|
1197 |
CVE-2020-10003 |
59 |
|
|
2020-12-08 |
2020-12-15 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue existed within the path validation logic for symlinks. This issue was addressed with improved path sanitization. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. A local attacker may be able to elevate their privileges. |
|
1198 |
CVE-2020-10002 |
|
|
|
2020-12-08 |
2020-12-15 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, tvOS 14.2, iTunes 12.11 for Windows. A local user may be able to read arbitrary files. |
|
1199 |
CVE-2020-9999 |
119 |
|
Exec Code Overflow Mem. Corr. |
2020-12-08 |
2021-07-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.0.1, iTunes for Windows 12.10.9. Processing a maliciously crafted text file may lead to arbitrary code execution. |
|
1200 |
CVE-2020-9996 |
416 |
|
|
2020-12-08 |
2021-03-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.0 and iPadOS 14.0. A malicious application may be able to elevate privileges. |
