| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2020-28049 |
362 |
|
|
2020-11-04 |
2021-01-28 |
3.3 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in SDDM before 0.19.0. It incorrectly starts the X server in a way that - for a short time period - allows local unprivileged users to create a connection to the X server without providing proper authentication. A local attacker can thus access X server display contents and, for example, intercept keystrokes or access the clipboard. This is caused by a race condition during Xauthority file creation. |
|
2 |
CVE-2020-27673 |
|
|
DoS |
2020-10-22 |
2022-04-26 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271. |
|
3 |
CVE-2020-27672 |
362 |
|
DoS +Priv |
2020-10-22 |
2022-04-26 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in Xen through 4.14.x allowing x86 guest OS users to cause a host OS denial of service, achieve data corruption, or possibly gain privileges by exploiting a race condition that leads to a use-after-free involving 2MiB and 1GiB superpages. |
|
4 |
CVE-2020-27671 |
|
|
DoS +Priv |
2020-10-22 |
2022-04-26 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in Xen through 4.14.x allowing x86 HVM and PVH guest OS users to cause a denial of service (data corruption), cause a data leak, or possibly gain privileges because coalescing of per-page IOMMU TLB flushes is mishandled. |
|
5 |
CVE-2020-27153 |
415 |
|
DoS Exec Code |
2020-10-15 |
2022-04-05 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In BlueZ before 5.55, a double free was found in the gatttool disconnect_cb() routine from shared/att.c. A remote attacker could potentially cause a denial of service or code execution, during service discovery, due to a redundant disconnect MGMT event. |
|
6 |
CVE-2020-26935 |
89 |
|
Sql |
2020-10-10 |
2021-03-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject malicious SQL in to a query. |
|
7 |
CVE-2020-26934 |
79 |
|
XSS |
2020-10-10 |
2021-01-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link. |
|
8 |
CVE-2020-26164 |
400 |
|
DoS |
2020-10-07 |
2021-01-26 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
In kdeconnect-kde (aka KDE Connect) before 20.08.2, an attacker on the local network could send crafted packets that trigger use of large amounts of CPU, memory, or network connection slots, aka a Denial of Service attack. |
|
9 |
CVE-2020-26116 |
116 |
|
|
2020-09-27 |
2021-12-07 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
http.client in Python 3.x before 3.5.10, 3.6.x before 3.6.12, 3.7.x before 3.7.9, and 3.8.x before 3.8.5 allows CRLF injection if the attacker controls the HTTP request method, as demonstrated by inserting CR and LF control characters in the first argument of HTTPConnection.request. |
|
10 |
CVE-2020-26088 |
276 |
|
Bypass |
2020-09-24 |
2022-04-27 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a. |
|
11 |
CVE-2020-25863 |
|
|
|
2020-10-06 |
2021-02-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts. |
|
12 |
CVE-2020-25862 |
354 |
|
|
2020-10-06 |
2021-02-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum. |
|
13 |
CVE-2020-25829 |
|
|
DoS |
2020-10-16 |
2022-06-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSSEC validation state, instead of their actual DNSSEC Secure state, via a DNS ANY query. This results in a denial of service for installation that always validate (dnssec=validate), and for clients requesting validation when on-demand validation is enabled (dnssec=process). |
|
14 |
CVE-2020-25645 |
319 |
|
|
2020-10-13 |
2021-03-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two endpoints to read the traffic unencrypted. The main threat from this vulnerability is to data confidentiality. |
|
15 |
CVE-2020-25643 |
20 |
|
DoS Overflow Mem. Corr. |
2020-10-06 |
2021-10-19 |
7.5 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Complete |
|
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. |
|
16 |
CVE-2020-25284 |
863 |
|
|
2020-09-13 |
2022-04-28 |
1.9 |
None |
Local |
Medium |
Not required |
None |
Partial |
None |
|
The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe. |
|
17 |
CVE-2020-25219 |
674 |
|
|
2020-09-09 |
2022-04-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
url::recvline in url.cpp in libproxy 0.4.x through 0.4.15 allows a remote HTTP server to trigger uncontrolled recursion via a response composed of an infinite stream that lacks a newline character. This leads to stack exhaustion. |
|
18 |
CVE-2020-25212 |
787 |
|
|
2020-09-09 |
2022-04-28 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b4487b935452. |
|
19 |
CVE-2020-25040 |
732 |
|
|
2020-09-16 |
2021-07-21 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Sylabs Singularity through 3.6.2 has Insecure Permissions on temporary directories used in explicit and implicit container build operations, a different vulnerability than CVE-2020-25039. |
|
20 |
CVE-2020-25039 |
732 |
|
|
2020-09-16 |
2021-07-21 |
5.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
None |
|
Sylabs Singularity 3.2.0 through 3.6.2 has Insecure Permissions on temporary directories used in fakeroot or user namespace container execution. |
|
21 |
CVE-2020-25032 |
22 |
|
Dir. Trav. |
2020-08-31 |
2022-04-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in Flask-CORS (aka CORS Middleware for Flask) before 3.0.9. It allows ../ directory traversal to access private resources because resource matching does not ensure that pathnames are in a canonical format. |
|
22 |
CVE-2020-24977 |
125 |
|
|
2020-09-04 |
2022-07-25 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
GNOME project libxml2 v2.9.10 has a global buffer over-read vulnerability in xmlEncodeEntitiesInternal at libxml2/entities.c. The issue has been fixed in commit 50f06b3e. |
|
23 |
CVE-2020-24654 |
59 |
|
|
2020-09-02 |
2022-05-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. |
|
24 |
CVE-2020-24614 |
862 |
|
Exec Code |
2020-08-25 |
2022-04-28 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Fossil before 2.10.2, 2.11.x before 2.11.2, and 2.12.x before 2.12.1 allows remote authenticated users to execute arbitrary code. An attacker must have check-in privileges on the repository. |
|
25 |
CVE-2020-24606 |
20 |
|
DoS |
2020-08-24 |
2021-07-21 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHandleReply() livelocking in peer_digest.cc mishandles EOF. |
|
26 |
CVE-2020-24553 |
79 |
|
XSS |
2020-09-02 |
2021-09-16 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Go before 1.14.8 and 1.15.x before 1.15.1 allows XSS because text/html is the default for CGI/FCGI handlers that lack a Content-Type header. |
|
27 |
CVE-2020-24394 |
732 |
|
|
2020-08-19 |
2021-06-14 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered. |
|
28 |
CVE-2020-16845 |
835 |
|
|
2020-08-06 |
2021-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs. |
|
29 |
CVE-2020-16166 |
330 |
|
+Info |
2020-07-30 |
2022-04-26 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c. |
|
30 |
CVE-2020-16116 |
22 |
|
Dir. Trav. |
2020-08-03 |
2022-05-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory via ../ directory traversal. |
|
31 |
CVE-2020-16011 |
787 |
|
Overflow |
2020-11-03 |
2021-03-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Heap buffer overflow in UI in Google Chrome on Windows prior to 86.0.4240.183 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
|
32 |
CVE-2020-16009 |
787 |
|
|
2020-11-03 |
2021-07-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
|
33 |
CVE-2020-16008 |
787 |
|
Overflow |
2020-11-03 |
2021-03-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Stack buffer overflow in WebRTC in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit stack corruption via a crafted WebRTC packet. |
|
34 |
CVE-2020-16007 |
20 |
|
|
2020-11-03 |
2021-07-21 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Insufficient data validation in installer in Google Chrome prior to 86.0.4240.183 allowed a local attacker to potentially elevate privilege via a crafted filesystem. |
|
35 |
CVE-2020-16006 |
787 |
|
|
2020-11-03 |
2021-03-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
|
36 |
CVE-2020-16005 |
787 |
|
|
2020-11-03 |
2021-07-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Insufficient policy enforcement in ANGLE in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
|
37 |
CVE-2020-16004 |
416 |
|
|
2020-11-03 |
2021-07-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Use after free in user interface in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
|
38 |
CVE-2020-15966 |
|
|
+Info |
2020-09-21 |
2021-03-04 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to obtain potentially sensitive information via a crafted Chrome Extension. |
|
39 |
CVE-2020-15965 |
843 |
|
|
2020-09-21 |
2021-01-30 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Type confusion in V8 in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. |
|
40 |
CVE-2020-15964 |
787 |
|
|
2020-09-21 |
2021-07-21 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Insufficient data validation in media in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
|
41 |
CVE-2020-15963 |
|
|
|
2020-09-21 |
2021-01-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Insufficient policy enforcement in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. |
|
42 |
CVE-2020-15962 |
|
|
|
2020-09-21 |
2021-01-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Insufficient policy validation in serial in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. |
|
43 |
CVE-2020-15961 |
|
|
|
2020-09-21 |
2021-01-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Insufficient policy validation in extensions in Google Chrome prior to 85.0.4183.121 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. |
|
44 |
CVE-2020-15960 |
787 |
|
Overflow |
2020-09-21 |
2021-01-29 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Heap buffer overflow in storage in Google Chrome prior to 85.0.4183.121 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. |
|
45 |
CVE-2020-15959 |
|
|
+Info |
2020-09-21 |
2021-01-30 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Insufficient policy enforcement in networking in Google Chrome prior to 85.0.4183.102 allowed an attacker who convinced the user to enable logging to obtain potentially sensitive information from process memory via social engineering. |
|
46 |
CVE-2020-15900 |
787 |
|
Mem. Corr. |
2020-07-28 |
2022-04-27 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A memory corruption issue was found in Artifex Ghostscript 9.50 and 9.52. Use of a non-standard PostScript operator can allow overriding of file access controls. The 'rsearch' calculation for the 'post' size resulted in a size that was too large, and could underflow to max uint32_t. This was fixed in commit 5d499272b95a6b890a1397e11d20937de000d31b. |
|
47 |
CVE-2020-15811 |
444 |
|
Http R.Spl. Bypass |
2020-09-02 |
2021-03-04 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
|
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Splitting attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the browser cache and any downstream caches with content from an arbitrary source. Squid uses a string search instead of parsing the Transfer-Encoding header to find chunked encoding. This allows an attacker to hide a second request inside Transfer-Encoding: it is interpreted by Squid as chunked and split out into a second request delivered upstream. Squid will then deliver two distinct responses to the client, corrupting any downstream caches. |
|
48 |
CVE-2020-15810 |
444 |
|
Bypass |
2020-09-02 |
2021-03-17 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poisoning. This allows any client, including browser scripts, to bypass local security and poison the proxy cache and any downstream caches with content from an arbitrary source. When configured for relaxed header parsing (the default), Squid relays headers containing whitespace characters to upstream servers. When this occurs as a prefix to a Content-Length header, the frame length specified will be ignored by Squid (allowing for a conflicting length to be used from another Content-Length header) but relayed upstream. |
|
49 |
CVE-2020-15780 |
862 |
|
Bypass |
2020-07-15 |
2022-04-27 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30. |
|
50 |
CVE-2020-15719 |
295 |
|
|
2020-07-14 |
2022-05-12 |
4.0 |
None |
Remote |
High |
Not required |
Partial |
Partial |
None |
|
libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux. |
