| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
301 |
CVE-2020-16138 |
20 |
|
|
2020-08-12 |
2021-07-21 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
** UNSUPPORTED WHEN ASSIGNED ** A denial-of-service issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to remotely disable the device until it is power cycled. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE’s reference information. |
|
302 |
CVE-2020-16137 |
269 |
|
|
2020-08-12 |
2021-07-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** UNSUPPORTED WHEN ASSIGNED ** A privilege escalation issue in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to reset the credentials for the SSH administrative console to arbitrary values. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded. For more information on this, and how to upgrade, refer to the CVE’s reference information. |
|
303 |
CVE-2020-16134 |
522 |
|
|
2020-08-04 |
2021-07-21 |
7.7 |
None |
Local Network |
Low |
??? |
Complete |
Complete |
Complete |
|
An issue was discovered on Swisscom Internet Box 2, Internet Box Standard, Internet Box Plus prior to 10.04.38, Internet Box 3 prior to 11.01.20, and Internet Box light prior to 08.06.06. Given the (user-configurable) credentials for the local Web interface or physical access to a device's plus or reset button, an attacker can create a user with elevated privileges on the Sysbus-API. This can then be used to modify local or remote SSH access, thus allowing a login session as the superuser. |
|
304 |
CVE-2020-16131 |
79 |
|
XSS |
2020-08-03 |
2020-08-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Tiki before 21.2 allows XSS because [\s\/"\'] is not properly considered in lib/core/TikiFilter/PreventXss.php. |
|
305 |
CVE-2020-16116 |
22 |
|
Dir. Trav. |
2020-08-03 |
2022-05-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal. |
|
306 |
CVE-2020-16092 |
617 |
|
DoS |
2020-08-11 |
2020-10-13 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e and vmxnet3 network devices. A malicious guest user/process could use this flaw to abort the QEMU process on the host, resulting in a denial of service condition in net_tx_pkt_add_raw_fragment in hw/net/net_tx_pkt.c. |
|
307 |
CVE-2020-16087 |
74 |
|
|
2020-08-13 |
2020-08-19 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in Zalo.exe in VNG Zalo Desktop 19.8.1.0. An attacker can run arbitrary commands on a remote Windows machine running the Zalo client by sending the user of the device a crafted file. |
|
308 |
CVE-2020-15956 |
120 |
|
Overflow |
2020-08-04 |
2020-08-06 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unauthenticated attackers to trigger a buffer overflow and application termination via a malformed payload. |
|
309 |
CVE-2020-15947 |
89 |
|
Exec Code Sql |
2020-08-13 |
2020-08-19 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A SQL injection vulnerability in the qm_adm/qm_export_stats_run.do endpoint of Loway QueueMetrics before 19.10.21 allows remote authenticated users to execute arbitrary SQL commands via the exportId parameter. |
|
310 |
CVE-2020-15944 |
79 |
|
XSS |
2020-08-04 |
2020-08-06 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors in the dashboard of other users. To exploit this vulnerability, an attacker has to be authenticated. |
|
311 |
CVE-2020-15943 |
862 |
|
XSS |
2020-08-04 |
2021-07-21 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
|
An issue was discovered in the Gantt-Chart module before 5.5.4 for Jira. Due to a missing privilege check, it is possible to read and write to the module configuration of other users. This can also be used to deliver an XSS payload to other users' dashboards. To exploit this vulnerability, an attacker has to be authenticated. |
|
312 |
CVE-2020-15926 |
79 |
|
Exec Code XSS |
2020-08-18 |
2020-08-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Rocket.Chat through 3.4.2 allows XSS where an attacker can send a specially crafted message to a channel or in a direct message to the client which results in remote code execution on the client side. |
|
313 |
CVE-2020-15925 |
89 |
|
Exec Code Sql |
2020-08-13 |
2020-08-19 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
A SQL injection vulnerability at a tpf URI in Loway QueueMetrics before 19.10.21 allows remote authenticated attackers to execute arbitrary SQL commands via the TPF_XPAR1 parameter. |
|
314 |
CVE-2020-15907 |
79 |
|
XSS |
2020-08-07 |
2020-08-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In Mahara 19.04 before 19.04.6, 19.10 before 19.10.4, and 20.04 before 20.04.1, certain places could execute file or folder names containing JavaScript. |
|
315 |
CVE-2020-15868 |
863 |
|
|
2020-08-12 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Sonatype Nexus Repository Manager OSS/Pro before 3.26.0 has Incorrect Access Control. |
|
316 |
CVE-2020-15865 |
20 |
|
Exec Code |
2020-08-18 |
2021-07-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A Remote Code Execution vulnerability in Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0 allows an attacker to encode C# scripts as base-64 in the report XML file so that they will be compiled and executed on the server that processes this file. This can be used to fully compromise the server. |
|
317 |
CVE-2020-15862 |
269 |
|
|
2020-08-20 |
2020-09-04 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root. |
|
318 |
CVE-2020-15861 |
59 |
|
|
2020-08-20 |
2020-09-04 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Net-SNMP through 5.7.3 allows Escalation of Privileges because of UNIX symbolic link (symlink) following. |
|
319 |
CVE-2020-15858 |
22 |
|
Dir. Trav. |
2020-08-21 |
2020-09-03 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
Some devices of Thales DIS (formerly Gemalto, formerly Cinterion) allow Directory Traversal by physically proximate attackers. The directory path access check of the internal flash file system can be circumvented. This flash file system can store application-specific data and data needed for customer Java applications, TLS and OTAP (Java over-the-air-provisioning) functionality. The affected products and releases are: BGS5 up to and including SW RN 02.000 / ARN 01.001.06 EHSx and PDSx up to and including SW RN 04.003 / ARN 01.000.04 ELS61 up to and including SW RN 02.002 / ARN 01.000.04 ELS81 up to and including SW RN 05.002 / ARN 01.000.04 PLS62 up to and including SW RN 02.000 / ARN 01.000.04 |
|
320 |
CVE-2020-15831 |
79 |
|
XSS |
2020-08-08 |
2020-08-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
JetBrains TeamCity before 2019.2.3 is vulnerable to reflected XSS in the administration UI. |
|
321 |
CVE-2020-15830 |
79 |
|
XSS |
2020-08-08 |
2020-08-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
JetBrains TeamCity before 2019.2.3 is vulnerable to stored XSS in the administration UI. |
|
322 |
CVE-2020-15829 |
200 |
|
+Info |
2020-08-08 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In JetBrains TeamCity before 2019.2.3, password parameters could be disclosed via build logs. |
|
323 |
CVE-2020-15828 |
200 |
|
+Info |
2020-08-08 |
2021-07-21 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
In JetBrains TeamCity before 2020.1.1, project parameter values can be retrieved by a user without appropriate permissions. |
|
324 |
CVE-2020-15827 |
347 |
|
|
2020-08-08 |
2020-08-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
In JetBrains ToolBox version 1.17 before 1.17.6856, the set of signature verifications omitted the jetbrains-toolbox.exe file. |
|
325 |
CVE-2020-15826 |
863 |
|
|
2020-08-08 |
2021-07-21 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
In JetBrains TeamCity before 2020.1, users are able to assign more permissions than they have. |
|
326 |
CVE-2020-15825 |
269 |
|
|
2020-08-08 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
In JetBrains TeamCity before 2020.1, users with the Modify Group permission can elevate other users' privileges. |
|
327 |
CVE-2020-15824 |
269 |
|
|
2020-08-08 |
2022-03-03 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
In JetBrains Kotlin from 1.4-M1 to 1.4-RC (as Kotlin 1.3.7x is not affected by the issue. Fixed version is 1.4.0) there is a script-cache privilege escalation vulnerability due to kotlin-main-kts cached scripts in the system temp directory, which is shared by all users by default. |
|
328 |
CVE-2020-15823 |
918 |
|
|
2020-08-08 |
2020-08-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
JetBrains YouTrack before 2020.2.8873 is vulnerable to SSRF in the Workflow component. |
|
329 |
CVE-2020-15821 |
276 |
|
|
2020-08-08 |
2020-08-10 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
In JetBrains YouTrack before 2020.2.6881, a user without permission is able to create an article draft. |
|
330 |
CVE-2020-15820 |
200 |
|
+Info |
2020-08-08 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In JetBrains YouTrack before 2020.2.6881, the markdown parser could disclose hidden file existence. |
|
331 |
CVE-2020-15819 |
918 |
|
|
2020-08-08 |
2020-08-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
JetBrains YouTrack before 2020.2.10643 was vulnerable to SSRF that allowed scanning internal ports. |
|
332 |
CVE-2020-15818 |
200 |
|
+Info |
2020-08-08 |
2021-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In JetBrains YouTrack before 2020.2.8527, the subtasks workflow could disclose issue existence. |
|
333 |
CVE-2020-15817 |
94 |
|
Exec Code |
2020-08-08 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
In JetBrains YouTrack before 2020.1.1331, an external user could execute commands against arbitrary issues. |
|
334 |
CVE-2020-15781 |
79 |
|
Exec Code XSS |
2020-08-14 |
2020-08-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A vulnerability has been identified in SICAM WEB firmware for SICAM A8000 RTUs (All versions < V05.30). The login screen does not sufficiently sanitize input, which enables an attacker to generate specially crafted log messages. If an unsuspecting victim views the log messages via the web browser, these log messages might be interpreted and executed as code by the web application. This Cross-Site-Scripting (XSS) vulnerability might compromize the confidentiality, integrity and availability of the web application. |
|
335 |
CVE-2020-15777 |
502 |
|
Exec Code |
2020-08-25 |
2020-11-09 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in the Maven Extension plugin before 1.6 for Gradle Enterprise. The extension uses a socket connection to send serialized Java objects. Deserialization is not restricted to an allow-list, thus allowing an attacker to achieve code execution via a malicious deserialization gadget chain. The socket is not bound exclusively to localhost. The port this socket is assigned to is randomly selected and is not intentionally exposed to the public (either by design or documentation). This could potentially be used to achieve remote code execution and local privilege escalation. |
|
336 |
CVE-2020-15702 |
367 |
|
Exec Code |
2020-08-06 |
2020-09-14 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to escalate privileges. Fixed in 2.20.1-0ubuntu2.24, 2.20.9 versions prior to 2.20.9-0ubuntu7.16 and 2.20.11 versions prior to 2.20.11-0ubuntu27.6. Was ZDI-CAN-11234. |
|
337 |
CVE-2020-15701 |
755 |
|
DoS |
2020-08-06 |
2020-09-14 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6. |
|
338 |
CVE-2020-15694 |
20 |
|
|
2020-08-14 |
2021-02-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
In Nim 1.2.4, the standard library httpClient fails to properly validate the server response. For example, httpClient.get().contentLength() does not raise any error if a malicious server provides a negative Content-Length. |
|
339 |
CVE-2020-15693 |
74 |
|
|
2020-08-14 |
2021-02-08 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
In Nim 1.2.4, the standard library httpClient is vulnerable to a CR-LF injection in the target URL. An injection is possible if the attacker controls any part of the URL provided in a call (such as httpClient.get or httpClient.post), the User-Agent header value, or custom HTTP header names or values. |
|
340 |
CVE-2020-15692 |
88 |
|
Exec Code |
2020-08-14 |
2021-02-08 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
In Nim 1.2.4, the standard library browsers mishandles the URL argument to browsers.openDefaultBrowser. This argument can be a local file path that will be opened in the default explorer. An attacker can pass one argument to the underlying open command to execute arbitrary registered system commands. |
|
341 |
CVE-2020-15687 |
|
|
DoS |
2020-08-31 |
2020-09-08 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/de-assign Hypercalls via crafted ioctls and payloads. This attack results in a corrupt state and Denial of Service (DoS) for previously assigned PCIe devices to the Service VM at runtime. |
|
342 |
CVE-2020-15662 |
|
|
|
2020-08-10 |
2020-08-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A rogue webpage could override the injected WKUserScript used by the download feature, this exploit could result in the user downloading an unintended file. This vulnerability affects Firefox for iOS < 28. |
|
343 |
CVE-2020-15661 |
522 |
|
|
2020-08-10 |
2020-08-14 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A rogue webpage could override the injected WKUserScript used by the logins autofill, this exploit could result in leaking a password for the current domain. This vulnerability affects Firefox for iOS < 28. |
|
344 |
CVE-2020-15659 |
787 |
|
Mem. Corr. |
2020-08-10 |
2020-08-21 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Mozilla developers and community members reported memory safety bugs present in Firefox 78 and Firefox ESR 78.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 79, Firefox ESR < 68.11, Firefox ESR < 78.1, Thunderbird < 68.11, and Thunderbird < 78.1. |
|
345 |
CVE-2020-15658 |
754 |
|
|
2020-08-10 |
2020-08-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1. |
|
346 |
CVE-2020-15657 |
427 |
|
|
2020-08-10 |
2020-08-14 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Firefox could be made to load attacker-supplied DLL files from the installation directory. This required an attacker that is already capable of placing files in the installation directory. *Note: This issue only affected Windows operating systems. Other operating systems are unaffected.*. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1. |
|
347 |
CVE-2020-15656 |
843 |
|
|
2020-08-10 |
2020-08-18 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
JIT optimizations involving the Javascript arguments object could confuse later optimizations. This risk was already mitigated by various precautions in the code, resulting in this bug rated at only moderate severity. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1. |
|
348 |
CVE-2020-15655 |
|
|
Bypass |
2020-08-10 |
2022-05-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
A redirected HTTP request which is observed or modified through a web extension could bypass existing CORS checks, leading to potential disclosure of cross-origin information. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1. |
|
349 |
CVE-2020-15654 |
835 |
|
|
2020-08-10 |
2020-08-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
When in an endless loop, a website specifying a custom cursor using CSS could make it look like the user is interacting with the user interface, when they are not. This could lead to a perceived broken state, especially when interactions with existing browser dialogs and warnings do not work. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1. |
|
350 |
CVE-2020-15653 |
|
|
Bypass |
2020-08-10 |
2020-08-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An iframe sandbox element with the allow-popups flag could be bypassed when using noopener links. This could have led to security issues for websites relying on sandbox configurations that allowed popups and hosted arbitrary content. This vulnerability affects Firefox ESR < 78.1, Firefox < 79, and Thunderbird < 78.1. |
