| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1251 |
CVE-2020-8938 |
787 |
|
|
2020-12-15 |
2020-12-17 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to FromkLinuxSockAddr with attacker controlled content and size of klinux_addr which allows an attacker to write memory values from within the enclave. We recommend upgrading past commit a37fb6a0e7daf30134dbbf357c9a518a1026aa02 |
|
1252 |
CVE-2020-8937 |
787 |
|
|
2020-12-15 |
2020-12-17 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to enc_untrusted_create_wait_queue that uses a pointer queue that relies on UntrustedLocalMemcpy, which fails to validate where the pointer is located. This allows an attacker to write memory values from within the enclave. We recommend upgrading past commit a37fb6a0e7daf30134dbbf357c9a518a1026aa02 |
|
1253 |
CVE-2020-8936 |
125 |
|
|
2020-12-15 |
2020-12-18 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to UntrustedCall. UntrustedCall failed to validate the buffer range within sgx_params and allowed the host to return a pointer that was an address within the enclave memory. This allowed an attacker to read memory values from within the enclave. |
|
1254 |
CVE-2020-8935 |
119 |
|
Overflow |
2020-12-15 |
2021-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allow an attacker to make an Ecall_restore function call to reallocate untrusted code and overwrite sections of the Enclave memory address. We recommend updating your library. |
|
1255 |
CVE-2020-8920 |
|
|
+Info |
2020-12-10 |
2021-10-07 |
2.7 |
None |
Local Network |
Low |
??? |
Partial |
None |
None |
|
An information leak vulnerability exists in Gerrit versions prior to 2.14.22, 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where an overoptimization with the FilteredRepository wrapper skips the verification of access on All-Users repositories, allowing an attacker to get read access to all users' personal information associated with their accounts. |
|
1256 |
CVE-2020-8919 |
863 |
|
+Info |
2020-12-10 |
2020-12-16 |
2.7 |
None |
Local Network |
Low |
??? |
Partial |
None |
None |
|
An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where a missing access check on the branch REST API allows an attacker with only the default set of priviledges to read all other user's personal account data as well as sub-trees with restricted access. |
|
1257 |
CVE-2020-8908 |
732 |
|
|
2020-12-10 |
2022-05-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured. |
|
1258 |
CVE-2020-8566 |
532 |
|
|
2020-12-07 |
2021-03-29 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims. This affects < v1.19.3, < v1.18.10, < v1.17.13. |
|
1259 |
CVE-2020-8565 |
532 |
|
|
2020-12-07 |
2020-12-08 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
In Kubernetes, if the logging level is set to at least 9, authorization and bearer tokens will be written to log files. This can occur both in API server logs and client tool output like kubectl. This affects <= v1.19.3, <= v1.18.10, <= v1.17.13, < v1.20.0-alpha2. |
|
1260 |
CVE-2020-8564 |
532 |
|
|
2020-12-07 |
2021-03-29 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects < v1.19.3, < v1.18.10, < v1.17.13. |
|
1261 |
CVE-2020-8563 |
532 |
|
|
2020-12-07 |
2021-03-29 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects < v1.19.3. |
|
1262 |
CVE-2020-8539 |
276 |
|
|
2020-12-01 |
2020-12-08 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Kia Motors Head Unit with Software version: SOP.003.30.18.0703, SOP.005.7.181019, and SOP.007.1.191209 may allow an attacker to inject unauthorized commands, by executing the micomd executable deamon, to trigger unintended functionalities. In addition, this executable may be used by an attacker to inject commands to generate CAN frames that are sent into the M-CAN bus (Multimedia CAN bus) of the vehicle. |
|
1263 |
CVE-2020-8466 |
77 |
|
Exec Code |
2020-12-17 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2, with the improved password hashing method enabled, could allow an unauthenticated attacker to execute certain commands by providing a manipulated password. |
|
1264 |
CVE-2020-8465 |
287 |
|
Exec Code Bypass CSRF |
2020-12-17 |
2021-07-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to manipulate system updates using a combination of CSRF bypass (CVE-2020-8461) and authentication bypass (CVE-2020-8464) to execute code as user root. |
|
1265 |
CVE-2020-8464 |
918 |
|
|
2020-12-17 |
2020-12-22 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to send requests that appear to come from the localhost which could expose the product's admin interface to users who would not normally have access. |
|
1266 |
CVE-2020-8463 |
863 |
|
Bypass |
2020-12-17 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to bypass a global authorization check for anonymous users by manipulating request paths. |
|
1267 |
CVE-2020-8462 |
79 |
|
XSS |
2020-12-17 |
2020-12-21 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product. |
|
1268 |
CVE-2020-8461 |
352 |
|
Bypass CSRF |
2020-12-17 |
2020-12-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A CSRF protection bypass vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to get a victim's browser to send a specifically encoded request without requiring a valid CSRF token. |
|
1269 |
CVE-2020-8290 |
269 |
|
|
2020-12-27 |
2020-12-31 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Backblaze for Windows and Backblaze for macOS before 7.0.0.439 suffer from improper privilege management in `bztransmit` helper due to lack of permission handling and validation before creation of client update directories allowing for local escalation of privilege via rogue client update binary. |
|
1270 |
CVE-2020-8289 |
295 |
|
Exec Code |
2020-12-27 |
2020-12-31 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Backblaze for Windows before 7.0.1.433 and Backblaze for macOS before 7.0.1.434 suffer from improper certificate validation in `bztransmit` helper due to hardcoded whitelist of strings in URLs where validation is disabled leading to possible remote code execution via client update functionality. |
|
1271 |
CVE-2020-8286 |
295 |
|
|
2020-12-14 |
2022-05-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
curl 7.41.0 through 7.73.0 is vulnerable to an improper check for certificate revocation due to insufficient verification of the OCSP response. |
|
1272 |
CVE-2020-8285 |
787 |
|
Overflow |
2020-12-14 |
2022-05-13 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
curl 7.21.0 to and including 7.73.0 is vulnerable to uncontrolled recursion due to a stack overflow issue in FTP wildcard match parsing. |
|
1273 |
CVE-2020-8284 |
|
|
|
2020-12-14 |
2022-05-13 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP address and port, and this way potentially make curl extract information about services that are otherwise private and not disclosed, for example doing port scanning and service banner extractions. |
|
1274 |
CVE-2020-8283 |
269 |
|
Exec Code |
2020-12-14 |
2020-12-17 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
An authorised user on a Windows host running Citrix Universal Print Server can perform arbitrary command execution as SYSTEM in CVAD versions before 2009, 1912 LTSR CU1 hotfixes CTX285870 and CTX286120, 7.15 LTSR CU6 hotfix CTX285344 and 7.6 LTSR CU9. |
|
1275 |
CVE-2020-8282 |
352 |
|
Exec Code CSRF |
2020-12-14 |
2020-12-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A security issue was found in EdgePower 24V/54V firmware v1.7.0 and earlier where, due to missing CSRF protections, an attacker would have been able to perform unauthorized remote code execution. |
|
1276 |
CVE-2020-8258 |
269 |
|
|
2020-12-14 |
2020-12-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, allows an attacker to modify arbitrary files. |
|
1277 |
CVE-2020-8257 |
269 |
|
|
2020-12-14 |
2020-12-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Improper privilege management on services run by Citrix Gateway Plug-in for Windows, versions before and including 13.0-61.48 and 12.1-58.15, lead to privilege escalation attacks |
|
1278 |
CVE-2020-8231 |
416 |
|
|
2020-12-14 |
2022-05-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Due to use of a dangling pointer, libcurl 7.29.0 through 7.71.1 can use the wrong connection when sending data. |
|
1279 |
CVE-2020-8177 |
74 |
|
|
2020-12-14 |
2022-06-17 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
curl 7.20.0 through 7.70.0 is vulnerable to improper restriction of names for files and other resources that can lead too overwriting a local file when the -J flag is used. |
|
1280 |
CVE-2020-8169 |
200 |
|
+Info |
2020-12-14 |
2022-04-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
curl 7.62.0 through 7.70.0 is vulnerable to an information disclosure vulnerability that can lead to a partial password being leaked over the network and to the DNS server(s). |
|
1281 |
CVE-2020-7845 |
787 |
|
Exec Code Overflow |
2020-12-27 |
2020-12-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Spamsniper 5.0 ~ 5.2.7 contain a stack-based buffer overflow vulnerability caused by improper boundary checks when parsing MAIL FROM command. It leads remote attacker to execute arbitrary code via crafted packet. |
|
1282 |
CVE-2020-7838 |
20 |
|
Exec Code |
2020-12-18 |
2020-12-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A arbitrary code execution vulnerability exists in the way that the Stove client improperly validates input value. An attacker could execute arbitrary code when the user access to crafted web page. This issue affects: Smilegate STOVE Client 0.0.4.72. |
|
1283 |
CVE-2020-7837 |
787 |
|
Overflow |
2020-12-16 |
2020-12-18 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in ML Report Program. There is a stack-based buffer overflow in function sub_41EAF0 at MLReportDeamon.exe. The function will call vsprintf without checking the length of strings in parameters given by attacker. And it finally leads to a stack-based buffer overflow via access to crafted web page. This issue affects: Infraware ML Report 2.19.312.0000. |
|
1284 |
CVE-2020-7793 |
400 |
|
DoS |
2020-12-11 |
2020-12-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The package ua-parser-js before 0.7.23 are vulnerable to Regular Expression Denial of Service (ReDoS) in multiple regexes (see linked commit for more info). |
|
1285 |
CVE-2020-7792 |
|
|
|
2020-12-11 |
2020-12-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
This affects all versions of package mout. The deepFillIn function can be used to 'fill missing properties recursively', while the deepMixIn 'mixes objects into the target object, recursively mixing existing child objects as well'. In both cases, the key used to access the target object recursively is not checked, leading to a Prototype Pollution. |
|
1286 |
CVE-2020-7791 |
|
|
|
2020-12-11 |
2021-05-04 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
This affects the package i18n before 2.1.15. Vulnerability arises out of insufficient handling of erroneous language tags in src/i18n/Concrete/TextLocalizer.cs and src/i18n/LocalizedApplication.cs. |
|
1287 |
CVE-2020-7790 |
22 |
|
Dir. Trav. |
2020-12-11 |
2020-12-14 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
This affects the package spatie/browsershot from 0.0.0. By specifying a URL in the file:// protocol an attacker is able to include arbitrary files in the resultant PDF. |
|
1288 |
CVE-2020-7789 |
78 |
|
|
2020-12-11 |
2020-12-17 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
This affects the package node-notifier before 9.0.0. It allows an attacker to run arbitrary commands on Linux machines due to the options params not being sanitised when being passed an array. |
|
1289 |
CVE-2020-7788 |
400 |
|
|
2020-12-11 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
This affects the package ini before 1.3.6. If an attacker submits a malicious INI file to an application that parses it with ini.parse, they will pollute the prototype on the application. This can be exploited further depending on the context. |
|
1290 |
CVE-2020-7787 |
287 |
|
|
2020-12-09 |
2020-12-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
This affects all versions of package react-adal. It is possible for a specially crafted JWT token and request URL can cause the nonce, session and refresh values to be incorrectly validated, causing the application to treat an attacker-generated JWT token as authentic. The logical defect is caused by how the nonce, session and refresh values are stored in the browser local storage or session storage. Each key is automatically appended by ||. When the received nonce and session keys are generated, the list of values is stored in the browser storage, separated by ||, with || always appended to the end of the list. Since || will always be the last 2 characters of the stored values, an empty string ("") will always be in the list of the valid values. Therefore, if an empty session parameter is provided in the callback URL, and a specially-crafted JWT token contains an nonce value of "" (empty string), then adal.js will consider the JWT token as authentic. |
|
1291 |
CVE-2020-7781 |
77 |
|
|
2020-12-16 |
2021-07-21 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
This affects the package connection-tester before 0.2.1. The injection point is located in line 15 in index.js. The following PoC demonstrates the vulnerability: |
|
1292 |
CVE-2020-7776 |
79 |
|
XSS |
2020-12-09 |
2021-01-19 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
This affects the package phpoffice/phpspreadsheet from 0.0.0. The library is vulnerable to XSS when creating an html output from an excel file by adding a comment on any cell. The root cause of this issue is within the HTML writer where user comments are concatenated as part of link and this is returned as HTML. A fix for this issue is available on commit 0ed5b800be2136bcb8fa9c1bdf59abc957a98845/master branch. |
|
1293 |
CVE-2020-7560 |
123 |
|
Exec Code |
2020-12-11 |
2022-01-31 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A CWE-123: Write-what-where Condition vulnerability exists in EcoStruxure™ Control Expert (all versions) and Unity Pro (former name of EcoStruxure™ Control Expert) (all versions), that could cause a crash of the software or unexpected code execution when opening a malicious file in EcoStruxure™ Control Expert software. |
|
1294 |
CVE-2020-7549 |
754 |
|
|
2020-12-11 |
2020-12-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules (see security notification for affected versions), that could cause denial of HTTP and FTP services when a series of specially crafted requests is sent to the controller over HTTP. |
|
1295 |
CVE-2020-7548 |
330 |
|
|
2020-12-01 |
2020-12-08 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A CWE-330 - Use of Insufficiently Random Values vulnerability exists in Smartlink, PowerTag, and Wiser Series Gateways (see security notification for version information) that could allow unauthorized users to login. |
|
1296 |
CVE-2020-7547 |
284 |
|
|
2020-12-01 |
2020-12-04 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A CWE-284: Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow a user the ability to perform actions via the web interface at a higher privilege level. |
|
1297 |
CVE-2020-7546 |
79 |
|
XSS |
2020-12-01 |
2020-12-04 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
A CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow an attacker to perform actions on behalf of the authorized user when accessing an affected webpage. |
|
1298 |
CVE-2020-7545 |
284 |
|
Exec Code |
2020-12-01 |
2020-12-04 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A CWE-284:Improper Access Control vulnerability exists in EcoStruxureª and SmartStruxureª Power Monitoring and SCADA Software (see security notification for version information) that could allow for arbitrary code execution on the server when an authorized user access an affected webpage. |
|
1299 |
CVE-2020-7543 |
754 |
|
DoS |
2020-12-11 |
2021-08-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller. |
|
1300 |
CVE-2020-7542 |
754 |
|
DoS |
2020-12-11 |
2021-08-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A CWE-754: Improper Check for Unusual or Exceptional Conditions vulnerability exists in Modicon M580, Modicon M340, Legacy Controllers Modicon Quantum & Modicon Premium (see security notifications for affected versions), that could cause denial of service when a specially crafted Read Physical Memory request over Modbus is sent to the controller. |
