| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
201 |
CVE-2020-17396 |
190 |
|
Exec Code Overflow |
2020-08-25 |
2020-08-28 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor module. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before allocating a buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Was ZDI-CAN-11217. |
|
202 |
CVE-2020-17395 |
191 |
|
Exec Code |
2020-08-25 |
2020-08-28 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the prl_naptd process. The issue results from the lack of proper validation of user-supplied data, which can result in an integer underflow before writing to memory. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11134. |
|
203 |
CVE-2020-17394 |
129 |
|
Exec Code +Info |
2020-08-25 |
2020-08-31 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the OEMNet component. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11132. |
|
204 |
CVE-2020-17393 |
20 |
|
Exec Code +Info |
2020-08-25 |
2020-08-28 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor kext. The issue results from the lack of proper validation of user-supplied data, which can result a pointer to be leaked after the handler is done. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-10520. |
|
205 |
CVE-2020-17392 |
822 |
|
Exec Code |
2020-08-25 |
2020-08-28 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handler for HOST_IOCTL_SET_KERNEL_SYMBOLS in the prl_hypervisor kext. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the kernel. Was ZDI-CAN-10519. |
|
206 |
CVE-2020-17391 |
749 |
|
Exec Code +Info |
2020-08-25 |
2020-08-31 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handler for HOST_IOCTL_INIT_HYPERVISOR in the prl_hypervisor kext. The issue results from the exposure of dangerous method or function to the unprivileged user. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the kernel. Was ZDI-CAN-10518. |
|
207 |
CVE-2020-17390 |
125 |
|
Exec Code |
2020-08-25 |
2020-09-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the hypervisor kernel extension. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-10030. |
|
208 |
CVE-2020-17389 |
22 |
|
Exec Code Dir. Trav. Bypass |
2020-08-25 |
2020-08-28 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the decryptFile method of the GWTTestServiceImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10502. |
|
209 |
CVE-2020-17388 |
749 |
|
Exec Code Bypass |
2020-08-25 |
2020-08-28 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the Tomcat configuration file. The issue results from the lack of proper restriction to the Tomcat admin console. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10799. |
|
210 |
CVE-2020-17387 |
22 |
|
Exec Code Dir. Trav. Bypass |
2020-08-25 |
2020-08-28 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the writeObjectToConfigFile method of the GWTTestServiceImpl class. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-10565. |
|
211 |
CVE-2020-17386 |
918 |
|
|
2020-08-25 |
2020-08-26 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. With cookie of an authenticated user, attackers can temper with the URL parameter and access arbitrary file on system. |
|
212 |
CVE-2020-17385 |
22 |
|
Dir. Trav. |
2020-08-25 |
2020-08-27 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system. |
|
213 |
CVE-2020-17384 |
78 |
|
Exec Code |
2020-08-25 |
2020-08-27 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. With the cookie of the system administrator, attackers can inject and remotely execute arbitrary command to manipulate the system. |
|
214 |
CVE-2020-17376 |
611 |
|
|
2020-08-26 |
2020-09-14 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously undergone live migration, a user may gain access to destination host devices that share the same paths as host devices previously referenced by the virtual machine on the source host. This can include block devices that map to different Cinder volumes at the destination than at the source. Only deployments allowing host-based connections (for instance, root and ephemeral devices) are affected. |
|
215 |
CVE-2020-17373 |
89 |
|
Sql |
2020-08-12 |
2020-10-28 |
3.5 |
None |
Remote |
Medium |
??? |
Partial |
None |
None |
|
SugarCRM before 10.1.0 (Q3 2020) allows SQL Injection. |
|
216 |
CVE-2020-17372 |
79 |
|
XSS |
2020-08-12 |
2020-08-13 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
SugarCRM before 10.1.0 (Q3 2020) allows XSS. |
|
217 |
CVE-2020-17368 |
78 |
|
|
2020-08-11 |
2021-01-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stderr option, which may lead to command injection. |
|
218 |
CVE-2020-17367 |
88 |
|
|
2020-08-11 |
2022-04-28 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, which may lead to command injection. |
|
219 |
CVE-2020-17366 |
295 |
|
DoS Bypass |
2020-08-05 |
2020-10-19 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
An issue was discovered in NLnet Labs Routinator 0.1.0 through 0.7.1. It allows remote attackers to bypass intended access restrictions or to cause a denial of service on dependent routing systems by strategically withholding RPKI Route Origin Authorisation ".roa" files or X509 Certificate Revocation List files from the RPKI relying party's view. |
|
220 |
CVE-2020-17364 |
79 |
|
XSS |
2020-08-05 |
2020-08-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
USVN (aka User-friendly SVN) before 1.0.9 allows XSS via SVN logs. |
|
221 |
CVE-2020-17362 |
79 |
|
XSS |
2020-08-12 |
2020-08-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
search.php in the Nova Lite theme before 1.3.9 for WordPress allows Reflected XSS. |
|
222 |
CVE-2020-17361 |
755 |
|
|
2020-08-12 |
2021-12-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h returns silently when a negative length is provided (instead of throwing an exception). This could result in data being lost during the copy, with varying consequences depending on the subsequent use of the destination buffer. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
|
223 |
CVE-2020-17360 |
125 |
|
Overflow Bypass |
2020-08-12 |
2021-12-16 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypass of these checks, and out-of-bounds read/write. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
|
224 |
CVE-2020-17353 |
|
|
|
2020-08-05 |
2020-09-22 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe is used, lacks restrictions on embedded-ps and embedded-svg, as demonstrated by including dangerous PostScript code. |
|
225 |
CVE-2020-17352 |
78 |
|
Exec Code |
2020-08-07 |
2020-08-12 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Two OS command injection vulnerabilities in the User Portal of Sophos XG Firewall through 2020-08-05 potentially allow an authenticated attacker to remotely execute arbitrary code. |
|
226 |
CVE-2020-16847 |
79 |
|
XSS |
2020-08-04 |
2020-08-11 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Extreme Analytics in Extreme Management Center before 8.5.0.169 allows unauthenticated reflected XSS via a parameter in a GET request, aka CFD-4887. |
|
227 |
CVE-2020-16845 |
835 |
|
|
2020-08-06 |
2021-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. |
|
228 |
CVE-2020-16843 |
|
|
DoS |
2020-08-04 |
2020-08-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the network stack can freeze under heavy ingress traffic. This can result in a denial of service on the microVM when it is configured with a single network interface, and an availability problem for the microVM network interface on which the issue is triggered. |
|
229 |
CVE-2020-16610 |
352 |
|
CSRF |
2020-08-28 |
2020-09-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Hoosk Codeigniter CMS before 1.7.2 is affected by a Cross Site Request Forgery (CSRF). When an attacker induces authenticated admin user to a malicious web page, any accounts can be deleted without admin user's intention. |
|
230 |
CVE-2020-16310 |
369 |
|
DoS |
2020-08-13 |
2022-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
|
231 |
CVE-2020-16309 |
787 |
|
DoS Overflow |
2020-08-13 |
2022-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51. |
|
232 |
CVE-2020-16308 |
787 |
|
DoS Overflow |
2020-08-13 |
2022-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in p_print_image() in devices/gdevcdj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
|
233 |
CVE-2020-16307 |
476 |
|
DoS |
2020-08-13 |
2022-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A null pointer dereference vulnerability in devices/vector/gdevtxtw.c and psi/zbfont.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51. |
|
234 |
CVE-2020-16306 |
476 |
|
DoS |
2020-08-13 |
2022-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A null pointer dereference vulnerability in devices/gdevtsep.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted postscript file. This is fixed in v9.51. |
|
235 |
CVE-2020-16305 |
787 |
|
DoS Overflow |
2020-08-13 |
2022-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in pcx_write_rle() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
|
236 |
CVE-2020-16304 |
787 |
|
Overflow |
2020-08-13 |
2022-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51. |
|
237 |
CVE-2020-16303 |
416 |
|
|
2020-08-13 |
2022-06-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A use-after-free vulnerability in xps_finish_image_path() in devices/vector/gdevxps.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51. |
|
238 |
CVE-2020-16302 |
120 |
|
Overflow |
2020-08-13 |
2022-06-29 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to escalate privileges via a crafted PDF file. This is fixed in v9.51. |
|
239 |
CVE-2020-16301 |
120 |
|
DoS Overflow |
2020-08-13 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in okiibm_print_page1() in devices/gdevokii.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
|
240 |
CVE-2020-16300 |
787 |
|
DoS Overflow |
2020-08-13 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in tiff12_print_page() in devices/gdevtfnx.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
|
241 |
CVE-2020-16299 |
369 |
|
DoS |
2020-08-13 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A Division by Zero vulnerability in bj10v_print_page() in contrib/japanese/gdev10v.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
|
242 |
CVE-2020-16298 |
120 |
|
DoS Overflow |
2020-08-13 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in mj_color_correct() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
|
243 |
CVE-2020-16297 |
787 |
|
DoS Overflow |
2020-08-13 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in FloydSteinbergDitheringC() in contrib/gdevbjca.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
|
244 |
CVE-2020-16296 |
787 |
|
DoS Overflow |
2020-08-13 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in GetNumWrongData() in contrib/lips4/gdevlips.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
|
245 |
CVE-2020-16295 |
476 |
|
DoS |
2020-08-13 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A null pointer dereference vulnerability in clj_media_size() in devices/gdevclj.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
|
246 |
CVE-2020-16294 |
120 |
|
DoS Overflow |
2020-08-13 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in epsc_print_page() in devices/gdevepsc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
|
247 |
CVE-2020-16293 |
476 |
|
DoS |
2020-08-13 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A null pointer dereference vulnerability in compose_group_nonknockout_nonblend_isolated_allmask_common() in base/gxblend.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
|
248 |
CVE-2020-16292 |
787 |
|
DoS Overflow |
2020-08-13 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in mj_raster_cmd() in contrib/japanese/gdevmjc.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
|
249 |
CVE-2020-16291 |
787 |
|
DoS Overflow |
2020-08-13 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in contrib/gdevdj9.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
|
250 |
CVE-2020-16290 |
787 |
|
DoS Overflow |
2020-08-13 |
2020-08-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in jetp3852_print_page() in devices/gdev3852.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This is fixed in v9.51. |
