CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In October 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
201 CVE-2020-26182 552 2020-10-16 2020-10-21
4.0
None Remote Low ??? None Partial None
Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' related operations in an unintended manner. The vulnerability is not exploitable by users authenticated via LDAP.
202 CVE-2020-26166 79 XSS 2020-10-05 2020-10-13
3.5
None Remote Medium ??? None Partial None
The file upload functionality in qdPM 9.1 doesn't check the file description, which allows remote authenticated attackers to inject web script or HTML via the attachments info parameter, aka XSS. This can occur during creation of a ticket, project, or task.
203 CVE-2020-26164 400 DoS 2020-10-07 2021-01-26
4.9
None Local Low Not required None None Complete
In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack.
204 CVE-2020-26162 79 XSS 2020-10-09 2020-10-23
4.3
None Remote Medium Not required None Partial None
Xerox WorkCentre EC7836 before 073.050.059.25300 and EC7856 before 073.020.059.25300 devices allow XSS via Description pages.
205 CVE-2020-26161 601 2020-10-26 2022-06-03
5.8
None Remote Medium Not required Partial Partial None
In Octopus Deploy through 2020.4.2, an attacker could redirect users to an external site via a modified HTTP Host header.
206 CVE-2020-26135 79 XSS 2020-10-02 2021-11-30
4.3
None Remote Medium Not required None Partial None
Live Helper Chat before 3.44v allows reflected XSS via the setsettingajax PATH_INFO.
207 CVE-2020-26134 79 XSS 2020-10-02 2020-10-08
4.3
None Remote Medium Not required None Partial None
Live Helper Chat before 3.44v allows stored XSS in chat messages with an operator via BBCode.
208 CVE-2020-26133 269 2020-10-28 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in Dual DHCP DNS Server 7.40. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the DualServer.exe binary.
209 CVE-2020-26132 269 2020-10-28 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in Home DNS Server 0.10. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the HomeDNSServer.exe binary.
210 CVE-2020-26131 269 2020-10-28 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
Issues were discovered in Open DHCP Server (Regular) 1.75 and Open DHCP Server (LDAP Based) 0.1Beta. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenDHCPServer.exe (Regular) or the OpenDHCPLdap.exe (LDAP Based) binary.
211 CVE-2020-26130 269 2020-10-28 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
Issues were discovered in Open TFTP Server multithreaded 1.66 and Open TFTP Server single port 1.66. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the OpenTFTPServerMT.exe or the OpenTFTPServerSP.exe binary.
212 CVE-2020-26124 94 Exec Code 2020-10-02 2022-01-06
9.0
None Remote Low ??? Complete Complete Complete
openmediavault before 4.1.36 and 5.x before 5.5.12 allows authenticated PHP code injection attacks, via the sortfield POST parameter of rpc.php, because json_encode_safe is not used in config/databasebackend.inc. Successful exploitation allows arbitrary command execution on the underlying operating system as root.
213 CVE-2020-26061 640 Bypass 2020-10-05 2021-07-21
5.0
None Remote Low Not required None Partial None
ClickStudios Passwordstate Password Reset Portal prior to build 8501 is affected by an authentication bypass vulnerability. The ResetPassword function does not validate whether the user has successfully authenticated using security questions. An unauthenticated, remote attacker can send a crafted HTTP request to the /account/ResetPassword page to set a new password for any registered user.
214 CVE-2020-26048 434 Exec Code 2020-10-05 2020-10-14
6.5
None Remote Low ??? Partial Partial Partial
The file manager option in CuppaCMS before 2019-11-12 allows an authenticated attacker to upload a malicious file within an image extension and through a custom request using the rename function provided by the file manager is able to modify the image extension into PHP resulting in remote arbitrary code execution.
215 CVE-2020-25990 89 Sql 2020-10-01 2020-10-05
7.5
None Remote Low Not required Partial Partial Partial
WebsiteBaker 2.12.2 allows SQL Injection via parameter 'display_name' in /websitebaker/admin/preferences/save.php. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
216 CVE-2020-25987 532 2020-10-06 2020-10-07
5.0
None Remote Low Not required Partial None None
MonoCMS Blog 1.0 stores hard-coded admin hashes in the log.xml file in the source files for MonoCMS Blog. Hash type is bcrypt and hashcat mode 3200 can be used to crack the hash.
217 CVE-2020-25986 352 CSRF 2020-10-06 2020-10-14
4.3
None Remote Medium Not required None Partial None
A Cross Site Request Forgery (CSRF) vulnerability in MonoCMS Blog 1.0 allows attackers to change the password of a user.
218 CVE-2020-25985 22 Dir. Trav. 2020-10-07 2020-10-07
5.5
None Remote Low ??? None Partial Partial
MonoCMS Blog 1.0 is affected by: Arbitrary File Deletion. Any authenticated user can delete files on and off the webserver (php files can be unlinked and not deleted).
219 CVE-2020-25966 306 +Info 2020-10-28 2022-04-26
5.0
None Remote Low Not required Partial None None
** DISPUTED ** Sectona Spectra before 3.4.0 has a vulnerable SOAP API endpoint that leaks sensitive information about the configured assets without proper authentication. This could be used by unauthorized parties to get configured login credentials of the assets via a modified pAccountID value. NOTE: The vendor has indicated this is not a vulnerability and states "This vulnerability occurred due to wrong configuration of system."
220 CVE-2020-25867 287 Bypass 2020-10-07 2020-10-15
4.3
None Remote Medium Not required Partial None None
SoPlanning before 1.47 doesn't correctly check the security key used to publicly share plannings. It allows a bypass to get access without authentication.
221 CVE-2020-25866 476 2020-10-06 2021-01-20
5.0
None Remote Low Not required None None Partial
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasonable compression ratios and rejecting ZIP bombs.
222 CVE-2020-25863 2020-10-06 2021-02-10
5.0
None Remote Low Not required None None Partial
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.
223 CVE-2020-25862 354 2020-10-06 2021-02-10
5.0
None Remote Low Not required None None Partial
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.
224 CVE-2020-25859 78 2020-10-15 2020-10-28
7.2
None Local Low Not required Complete Complete Complete
The QCMAP_CLI utility in the Qualcomm QCMAP software suite prior to versions released in October 2020 uses a system() call without validating the input, while handling a SetGatewayUrl() request. A local attacker with shell access can pass shell metacharacters and run arbitrary commands. If QCMAP_CLI can be run via sudo or setuid, this also allows elevating privileges to root. This version of QCMAP is used in many kinds of networking devices, primarily mobile hotspots and LTE routers.
225 CVE-2020-25858 476 DoS 2020-10-15 2020-10-26
5.0
None Remote Low Not required None None Partial
The QCMAP_Web_CLIENT binary in the Qualcomm QCMAP software suite prior to versions released in October 2020 does not validate the return value of a strstr() or strchr() call in the Tokenizer() function. An attacker who invokes the web interface with a crafted URL can crash the process, causing denial of service. This version of QCMAP is used in many kinds of networking devices, primarily mobile hotspots and LTE routers.
226 CVE-2020-25829 DoS 2020-10-16 2022-06-15
5.0
None Remote Low Not required None None Partial
An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This results in a denial of service for installation that always validate (dnssec=validate), and for clients requesting validation when on-demand validation is enabled (dnssec=process).
227 CVE-2020-25825 2020-10-12 2020-10-26
5.0
None Remote Low Not required Partial None None
In Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensitive information to the user in the task logs.
228 CVE-2020-25824 862 2020-10-14 2021-07-21
2.1
None Local Low Not required Partial None None
Telegram Desktop through 2.4.3 does not require passcode entry upon pushing the Export key within the Export Telegram Data wizard. The threat model is a victim who has voluntarily opened Export Wizard but is then distracted. An attacker then approaches the unattended desktop and pushes the Export key. This attacker may consequently gain access to all chat conversation and media files.
229 CVE-2020-25820 918 2020-10-21 2020-10-29
4.0
None Remote Low ??? Partial None None
BigBlueButton before 2.2.7 allows remote authenticated users to read local files and conduct SSRF attacks via an uploaded Office document that has a crafted URL in an ODF xlink field.
230 CVE-2020-25803 913 Exec Code 2020-10-06 2020-10-09
9.0
None Remote Low ??? Complete Complete Complete
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker template exposed objects. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7.
231 CVE-2020-25802 913 Exec Code 2020-10-06 2020-10-09
9.0
None Remote Low ??? Complete Complete Complete
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy scripting. This issue affects: Crafter Software Crafter CMS 3.0 versions prior to 3.0.27; 3.1 versions prior to 3.1.7.
232 CVE-2020-25780 22 Dir. Trav. 2020-10-29 2020-11-13
5.0
None Remote Low Not required Partial None None
In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instead view a file outside of the log-files folder.
233 CVE-2020-25779 Bypass 2020-10-13 2022-05-03
2.1
None Local Low Not required None Partial None
Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved websites list of Trend Micro Antivirus for Mac to bypass the web threat protection feature.
234 CVE-2020-25778 200 Exec Code +Info 2020-10-14 2021-07-21
2.1
None Local Low Not required Partial None None
Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in a specific kernel extension where an attacker could supply a kernel pointer and leak several bytes of memory. An attacker must first obtain the ability to execute high-privileged code on the target system in order to exploit this vulnerability.
235 CVE-2020-25777 Bypass 2020-10-14 2020-10-26
5.8
None Remote Medium Not required Partial Partial None
Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a specific kernel extension request attack where an attacker could bypass the Web Threat Protection feature of the product. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
236 CVE-2020-25776 269 Exec Code 2020-10-02 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a symbolic link privilege escalation attack where an attacker could exploit a critical file on the system to escalate their privileges. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
237 CVE-2020-25768 20 2020-10-07 2021-07-21
5.0
None Remote Low Not required None Partial None
Contao before 4.4.52, 4.9.x before 4.9.6, and 4.10.x before 4.10.1 have Improper Input Validation. It is possible to inject insert tags in front end forms which will be replaced when the page is rendered.
238 CVE-2020-25765 20 Exec Code 2020-10-27 2021-12-01
10.0
None Remote Low Not required Complete Complete Complete
Addressed remote code execution vulnerability in reg_device.php due to insufficient validation of user input.in Western Digital My Cloud Devices prior to 5.4.1140.
239 CVE-2020-25743 476 2020-10-06 2020-10-07
2.1
None Local Low Not required None None Partial
hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_cancel_dma_sync call.
240 CVE-2020-25742 476 2020-10-06 2020-10-07
2.1
None Local Low Not required None None Partial
pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not return a valid pointer.
241 CVE-2020-25741 476 2020-10-02 2020-10-14
2.1
None Local Low Not required None None Partial
fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the current drive.
242 CVE-2020-25648 770 DoS 2020-10-20 2022-05-10
5.0
None Remote Low Not required None None Partial
A flaw was found in the way NSS handled CCS (ChangeCipherSpec) messages in TLS 1.3. This flaw allows a remote attacker to send multiple CCS messages, causing a denial of service for servers compiled with the NSS library. The highest threat from this vulnerability is to system availability. This flaw affects NSS versions before 3.58.
243 CVE-2020-25646 116 2020-10-29 2020-11-03
5.0
None Remote Low Not required Partial None None
A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality
244 CVE-2020-25645 319 2020-10-13 2021-03-26
5.0
None Remote Low Not required Partial None None
A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality.
245 CVE-2020-25644 401 DoS 2020-10-06 2021-10-19
5.0
None Remote Low Not required None None Partial
A memory leak flaw was found in WildFly OpenSSL in versions prior to 1.1.3.Final, where it removes an HTTP session. It may allow the attacker to cause OOM leading to a denial of service. The highest threat from this vulnerability is to system availability.
246 CVE-2020-25643 20 DoS Overflow Mem. Corr. 2020-10-06 2021-10-19
7.5
None Remote Medium ??? Partial Partial Complete
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
247 CVE-2020-25641 835 DoS 2020-10-06 2020-12-04
4.9
None Local Low Not required None None Complete
A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue requests to a block device, resulting in a denial of service. The highest threat from this vulnerability is to system availability.
248 CVE-2020-25637 415 DoS 2020-10-06 2020-12-04
7.2
None Local Low Not required Complete Complete Complete
A double free memory issue was found to occur in the libvirt API, in versions before 6.8.0, responsible for requesting information about network interfaces of a running QEMU domain. This flaw affects the polkit access control driver. Specifically, clients connecting to the read-write socket with limited ACL permissions could use this flaw to crash the libvirt daemon, resulting in a denial of service, or potentially escalate their privileges on the system. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
249 CVE-2020-25636 552 2020-10-05 2020-10-09
3.6
None Local Low Not required None Partial Partial
A flaw was found in Ansible Base when using the aws_ssm connection plugin as there is no namespace separation for file transfers. Files are written directly to the root bucket, making possible to have collisions when running multiple ansible processes. This issue affects mainly the service availability.
250 CVE-2020-25635 212 2020-10-05 2020-10-08
2.1
None Local Low Not required Partial None None
A flaw was found in Ansible Base when using the aws_ssm connection plugin as garbage collector is not happening after playbook run is completed. Files would remain in the bucket exposing the data. This issue affects directly data confidentiality.
Total number of vulnerabilities : 1563   Page : 1 2 3 4 5 (This Page)6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.