آسیب‌پذیری‌های حیاتی هفته چهارم آذرماه

این هفته آسیب‌پذیری‌های «حیاتی» و «پرخطر» بسیاری در محصولات مهم Microsoft و Cisco گزارش و وصله‌ها و به‌روزرسانی‌هایی به منظور رفع آن‌ها ارائه شد. همچنین در محصولات شرکت‌های Apple، Adobe، Apache، Mozilla، F5 و کرنل لینوکس چندین آسیب‌پذیری «حیاتی» و «پرخطر» وجود داشت.

لیست این آسیب‌پذیری‌ها به همراه لینک وصله‌ها و به‌روزرسانی‌های ارائه‌شده در جدول زیر آمده است.

شناسه آسیب‌پذیری	امتیاز مبنا	عنوان آسیب‌پذیری	ارزش روز صفر	رفع آسیب‌پذیری
CVE-2020-29075	۴.۳	Adobe Acrobat Reader information disclosure	$۱۰k-$25k	Official Fix
CVE-2020-24445	۳.۵	Adobe Experience Manager/AEM Forms add-on Form cross site scripting	$۱k-$2k	Official Fix
CVE-2020-24444	۶.۳	Adobe Experience Manager/AEM Forms add-on server-side request forgery	$۵k-$10k	Official Fix
CVE-2020-24447	۴.۵	Adobe Lightroom Classic uncontrolled search path	$۲k-$5k	Official Fix
CVE-2020-24440	۴.۲	Adobe Prelude uncontrolled search path	$۲k-$5k	Official Fix
CVE-2020-27614	۷.۸	AnyDesk XPC Interface access control	$۱k-$2k	Not Defined
CVE-2020-17515	۳.۵	Apache Airflow trigger cross site scripting	$۲k-$5k	Official Fix
CVE-2020-13945	۶.۵	Apache APISIX Admin API improper authentication	$۵k-$10k	Not Defined
CVE-2020-17521	۵.۵	Apache Groovy Extension temp file	$۵k-$10k	Official Fix
CVE-2020-17529	۷.۳	Apache NuttX Fragmentation out-of-bounds write	$۱۰k-$25k	Not Defined
CVE-2020-17528	۶.۳	Apache NuttX TCP Packet out-of-bounds write	$۱۰k-$25k	Not Defined
CVE-2020-17530	۶.۳	Apache Struts OGNL Evaluation Remote Privilege Escalation	$۱۰k-$25k	Not Defined
CVE-2020-9991	۷.۵	Apple iCloud denial of service	$۲k-$5k	Official Fix
CVE-2020-9993	۴.۳	Apple iOS/iPadOS Address Bar clickjacking	$۵۰k-$100k	Official Fix
CVE-2020-9954	۷.۸	Apple iOS/iPadOS Audio File buffer overflow	$۱۰۰k and more	Official Fix
CVE-2020-9991	۷.۵	Apple iOS/iPadOS denial of service	$۱۰k-$25k	Official Fix
CVE-2020-9977	۵.۵	Apple iOS/iPadOS Entitlement Verification information disclosure	$۱۰k-$25k	Official Fix
CVE-2020-9963	۵.۵	Apple iOS/iPadOS Icon Cache information disclosure	$۱۰k-$25k	Official Fix
CVE-2020-9849	۶.۵	Apple iOS/iPadOS information disclosure	$۲۵k-$50k	Official Fix
CVE-2020-9989	۵.۵	Apple iOS/iPadOS Message information disclosure	$۱۰k-$25k	Official Fix
CVE-2020-9988	۵.۵	Apple iOS/iPadOS Message information disclosure	$۱۰k-$25k	Official Fix
CVE-2020-9966	۷.۸	Apple iOS/iPadOS out-of-bounds read	$۲۵k-$50k	Official Fix
CVE-2020-9965	۷.۸	Apple iOS/iPadOS out-of-bounds read	$۲۵k-$50k	Official Fix
CVE-2020-9944	۵.۵	Apple iOS/iPadOS out-of-bounds read	$۱۰k-$25k	Official Fix
CVE-2020-9943	۵.۵	Apple iOS/iPadOS out-of-bounds read	$۱۰k-$25k	Official Fix
CVE-2020-9972	۷.۸	Apple iOS/iPadOS USD File buffer overflow	$۱۰۰k and more	Official Fix
CVE-2020-9996	۷.۸	Apple iOS/iPadOS use after free	$۲۵k-$50k	Official Fix
CVE-2020-9981	۷.۸	Apple iOS/iPadOS use after free	$۱۰۰k and more	Official Fix
CVE-2020-9950	۸.۸	Apple iOS/iPadOS use after free	$۱۰۰k and more	Official Fix
CVE-2020-9949	۷.۸	Apple iOS/iPadOS use after free	$۵۰k-$100k	Official Fix
CVE-2020-9969	۵.۵	Apple iOS/iPadOS User Information sandbox	$۲۵k-$50k	Official Fix
CVE-2020-9947	۸.۸	Apple iOS/iPadOS Web Contents use after free	$۱۰۰k and more	Official Fix
CVE-2020-27895	۳.۳	Apple iTunes information disclosure	$۲k-$5k	Official Fix
CVE-2020-9999	۷.۸	Apple iTunes Text File memory corruption	$۱۰k-$25k	Official Fix
CVE-2020-9981	۷.۸	Apple iTunes use after free	$۱۰k-$25k	Official Fix
CVE-2020-9947	۸.۸	Apple iTunes Web Contents use after free	$۱۰k-$25k	Official Fix
CVE-2020-9945	۴.۳	Apple macOS Address Bar clickjacking	$۱۰k-$25k	Official Fix
CVE-2020-9942	۴.۳	Apple macOS Address Bar clickjacking	$۱۰k-$25k	Official Fix
CVE-2020-9954	۷.۸	Apple macOS Audio File buffer overflow	$۱۰k-$25k	Official Fix
CVE-2020-9991	۷.۵	Apple macOS denial of service	$۲k-$5k	Official Fix
CVE-2020-9922	۶.۵	Apple macOS Email state issue	$۱۰k-$25k	Official Fix
CVE-2020-9977	۵.۵	Apple macOS Entitlement Verification information disclosure	$۲k-$5k	Official Fix
CVE-2020-9963	۵.۵	Apple macOS Icon Cache information disclosure	$۲k-$5k	Official Fix
CVE-2020-9849	۶.۵	Apple macOS information disclosure	$۵k-$10k	Official Fix
CVE-2020-27906	۸.۸	Apple macOS integer overflow	$۱۰k-$25k	Official Fix
CVE-2020-27898	۵.۵	Apple macOS Managed Frame Protection denial of service	$۲k-$5k	Official Fix
CVE-2020-9989	۵.۵	Apple macOS Message information disclosure	$۲k-$5k	Official Fix
CVE-2020-9988	۵.۵	Apple macOS Message information disclosure	$۲k-$5k	Official Fix
CVE-2020-27894	۵.۵	Apple macOS Metadata unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-9966	۷.۸	Apple macOS out-of-bounds read	$۵k-$10k	Official Fix
CVE-2020-9965	۷.۸	Apple macOS out-of-bounds read	$۵k-$10k	Official Fix
CVE-2020-9944	۵.۵	Apple macOS out-of-bounds read	$۲k-$5k	Official Fix
CVE-2020-9943	۵.۵	Apple macOS out-of-bounds read	$۲k-$5k	Official Fix
CVE-2020-27896	۵.۵	Apple macOS path traversal	$۱۰k-$25k	Official Fix
CVE-2020-27900	۵.۵	Apple macOS Snapshot permission	$۱۰k-$25k	Official Fix
CVE-2020-27904	۷.۸	Apple macOS State Management memory corruption	$۱۰k-$25k	Official Fix
CVE-2020-9999	۷.۸	Apple macOS Text File memory corruption	$۱۰k-$25k	Official Fix
CVE-2020-27903	۷.۸	Apple macOS unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-9996	۷.۸	Apple macOS use after free	$۵k-$10k	Official Fix
CVE-2020-9981	۷.۸	Apple macOS use after free	$۱۰k-$25k	Official Fix
CVE-2020-9949	۷.۸	Apple macOS use after free	$۱۰k-$25k	Official Fix
CVE-2020-9969	۵.۵	Apple macOS User Information sandbox	$۵k-$10k	Official Fix
CVE-2020-9993	۴.۳	Apple Safari Address Bar clickjacking	$۲۵k-$50k	Official Fix
CVE-2020-9987	۴.۳	Apple Safari Address Bar clickjacking	$۲۵k-$50k	Official Fix
CVE-2020-9945	۴.۳	Apple Safari Address Bar clickjacking	$۲۵k-$50k	Official Fix
CVE-2020-9942	۴.۳	Apple Safari Address Bar clickjacking	$۲۵k-$50k	Official Fix
CVE-2020-9950	۸.۸	Apple Safari use after free	$۲۵k-$50k	Official Fix
CVE-2020-9947	۸.۸	Apple Safari Web Contents use after free	$۲۵k-$50k	Official Fix
CVE-2020-9954	۷.۸	Apple tvOS Audio File buffer overflow	$۵k-$10k	Official Fix
CVE-2020-9991	۷.۵	Apple tvOS denial of service	$۱k-$2k	Official Fix
CVE-2020-9849	۶.۵	Apple tvOS information disclosure	$۲k-$5k	Official Fix
CVE-2020-9966	۷.۸	Apple tvOS out-of-bounds read	$۲k-$5k	Official Fix
CVE-2020-9965	۷.۸	Apple tvOS out-of-bounds read	$۲k-$5k	Official Fix
CVE-2020-9944	۵.۵	Apple tvOS out-of-bounds read	$۱k-$2k	Official Fix
CVE-2020-9943	۵.۵	Apple tvOS out-of-bounds read	$۱k-$2k	Official Fix
CVE-2020-9981	۷.۸	Apple tvOS use after free	$۵k-$10k	Official Fix
CVE-2020-9950	۸.۸	Apple tvOS use after free	$۵k-$10k	Official Fix
CVE-2020-9949	۷.۸	Apple tvOS use after free	$۵k-$10k	Official Fix
CVE-2020-9969	۵.۵	Apple tvOS User Information sandbox	$۲k-$5k	Official Fix
CVE-2020-9947	۸.۸	Apple tvOS Web Contents use after free	$۵k-$10k	Official Fix
CVE-2020-9993	۴.۳	Apple watchOS Address Bar clickjacking	$۵k-$10k	Official Fix
CVE-2020-9954	۷.۸	Apple watchOS Audio File buffer overflow	$۵k-$10k	Official Fix
CVE-2020-9991	۷.۵	Apple watchOS denial of service	$۱k-$2k	Official Fix
CVE-2020-9849	۶.۵	Apple watchOS information disclosure	$۲k-$5k	Official Fix
CVE-2020-9989	۵.۵	Apple watchOS Message information disclosure	$۱k-$2k	Official Fix
CVE-2020-9966	۷.۸	Apple watchOS out-of-bounds read	$۲k-$5k	Official Fix
CVE-2020-9965	۷.۸	Apple watchOS out-of-bounds read	$۲k-$5k	Official Fix
CVE-2020-9944	۵.۵	Apple watchOS out-of-bounds read	$۱k-$2k	Official Fix
CVE-2020-9943	۵.۵	Apple watchOS out-of-bounds read	$۱k-$2k	Official Fix
CVE-2020-9981	۷.۸	Apple watchOS use after free	$۵k-$10k	Official Fix
CVE-2020-9950	۸.۸	Apple watchOS use after free	$۵k-$10k	Official Fix
CVE-2020-9949	۷.۸	Apple watchOS use after free	$۵k-$10k	Official Fix
CVE-2020-9969	۵.۵	Apple watchOS User Information sandbox	$۲k-$5k	Official Fix
CVE-2020-9947	۸.۸	Apple watchOS Web Contents use after free	$۵k-$10k	Official Fix
CVE-2020-24637	۷.۲	Aruba Networks 9000 Gateway GRUB2 Remote Privilege Escalation	$۲k-$5k	Not Defined
CVE-2020-24633	۹.۸	Aruba Networks 9000 Gateway Service Port 8211 buffer overflow	$۲k-$5k	Not Defined
CVE-2020-24634	۹.۸	Aruba Networks 9000 Gateway Service Port 8211 injection	$۲k-$5k	Official Fix
CVE-2020-15357	۹.۸	Askey AP5100W Ping/Traceroute/Route os command injection	$۲k-$5k	Not Defined
CVE-2020-26201	۹.۸	Askey AP5100W Telnet/SSH weak password	$۱k-$2k	Official Fix
CVE-2020-15023	۵.۹	Askey AP5100W WPS PIN password recovery	$۲k-$5k	Not Defined
CVE-2020-29656	۷.۵	ASUS RT-AC88U Download Master direct request	$۲k-$5k	Not Defined
CVE-2020-29655	۷.۵	ASUS RT-AC88U Download Master Title injection	$۲k-$5k	Not Defined
CVE-2020-35176	۵.۵	AWStats awstats.pl pathname traversal	$۱k-$2k	Not Defined
CVE-2020-29600	۹.۸	AWStats awstats.pl pathname traversal	$۱k-$2k	Not Defined
CVE-2020-15375	۵.۳	Brocade Fabric OS Command Line Interface input validation	$۱k-$2k	Official Fix
CVE-2020-15376	۶.۳	Brocade Fabric OS Virtual Fabric Mode access control	$۲k-$5k	Official Fix
CVE-2020-27133	۹.۹	Cisco Jabber Custom Protocol command injection	$۱۰k-$25k	Official Fix
CVE-2020-27127	۹.۹	Cisco Jabber Custom Protocol Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-27132	۹.۹	Cisco Jabber Message Content Validator information disclosure	$۵k-$10k	Official Fix
CVE-2020-27134	۹.۹	Cisco Jabber XMPP Message injection	$۱۰k-$25k	Official Fix
CVE-2020-26085	۹.۹	Cisco Jabber XMPP Message Remote Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2020-25111	۹.۸	Contiki IPv6 Header Length memory corruption	$۲k-$5k	Not Defined
CVE-2020-25112	۹.۸	Contiki IPv6 Header memory corruption	$۲k-$5k	Not Defined
CVE-2020-13985	۷.۳	Contiki TCPIP Stack rpl-ext-header.c rpl_remove_header memory corruption	$۲k-$5k	Not Defined
CVE-2020-13988	۷.۳	Contiki TCPIP Stack uip.c uip_process integer overflow	$۲k-$5k	Not Defined
CVE-2020-13987	۷.۳	Contiki TCPIP Stack uip.c upper_layer_chksum out-of-bounds read	$۱k-$2k	Not Defined
CVE-2020-13984	۷.۵	Contiki TCPIP Stack uip6.c ext_hdr_options_process infinite loop	$۰-$۱k	Not Defined
CVE-2020-13986	۵.۳	Contiki TCPIP Stacl rpl-ext-header.c rpl_remove_header infinite loop	$۰-$۱k	Not Defined
CVE-2020-24336	۵.۶	Contiki/Contiki-NG Domain Name ip64-dns64.c buffer overflow	$۲k-$5k	Not Defined
CVE-2020-28440	۹.۸	corenlp-js-interface command injection	$۲k-$5k	Not Defined
CVE-2020-28439	۹.۸	corenlp-js-prefab index.js injection	$۲k-$5k	Not Defined
CVE-2020-5799	۹.۸	Eat Spray Love mobile App backdoor	$۱k-$2k	Not Defined
CVE-2020-5800	۹.۸	Eat Spray Love mobile App improper authentication	$۱k-$2k	Not Defined
CVE-2020-29576	۹.۸	Eggdrop Docker image improper authentication	$۲k-$5k	Official Fix
CVE-2020-13556	۶.۳	EIP Stack Group OpENer Ethernet out-of-bounds write	$۲k-$5k	Not Defined
CVE-2020-13530	۵.۳	EIP Stack Group OpENer Ethernet resource consumption	$۰-$۱k	Not Defined
CVE-2020-29575	۹.۸	Elixir Docker Image improper authentication	$۲k-$5k	Official Fix
CVE-2020-29579	۹.۸	Express Gateway Docker Image improper authentication	$۲k-$5k	Official Fix
CVE-2020-27713	۷.۵	F5 BIG-IP AFM Traffic Management Microkernel denial of service	$۲k-$5k	Official Fix
CVE-2020-5949	۷.۵	F5 BIG-IP FTP denial of service	$۵k-$10k	Not Defined
CVE-2020-5950	۵.۳	F5 BIG-IP iControl REST cross site scripting	$۲k-$5k	Not Defined
CVE-2020-5948	۹.۶	F5 BIG-IP iControl REST cross site scripting	$۲k-$5k	Not Defined
CVE-2020-27730	۹.۸	F5 BIG-IP NGINX Controller Agent pathname traversal	$۱۰k-$25k	Official Fix
CVE-2020-17470	۴.۸	FNET DNS Client Interface fnet_dns.c _fnet_dns_poll initialization	$۲k-$5k	Not Defined
CVE-2020-17468	۷.۳	FNET IPv6 Extension Header fnet_ip6.c _fnet_ip6_ext_header_handler_options out-of-bounds read	$۱k-$2k	Not Defined
CVE-2020-17469	۵.۳	FNET IPv6 Fragmentation fnet_ip6.c _fnet_ip6_reassembly uninitialized pointer	$۰-$۱k	Not Defined
CVE-2020-17467	۳.۵	FNET LLMNR Request fnet_llmnr.c _fnet_llmnr_poll information disclosure	$۰-$۱k	Not Defined
CVE-2020-24383	۵.۶	FNET mDNS Query out-of-bounds read	$۱k-$2k	Not Defined
CVE-2020-13357	۴.۳	GitLab Community Edition/Enterprise Edition Feature Flag improper authorization	$۱k-$2k	Official Fix
CVE-2020-26413	۵.۳	GitLab Community Edition/Enterprise Edition GraphQL information disclosure	$۱k-$2k	Official Fix
CVE-2020-26409	۶.۵	GitLab Community Edition/Enterprise Edition Markdown resource consumption	$۰-$۱k	Official Fix
CVE-2020-26408	۵.۳	GitLab Community Edition/Enterprise Edition Profile information disclosure	$۱k-$2k	Official Fix
CVE-2020-26407	۵.۴	GitLab Community Edition/Enterprise Edition Project Import cross site scripting	$۰-$۱k	Official Fix
CVE-2020-26417	۵.۳	GitLab Community Edition/Enterprise Edition Project information disclosure	$۱k-$2k	Official Fix
CVE-2020-26411	۴.۳	GitLab Community Edition/Enterprise Edition Project Search denial of service	$۰-$۱k	Official Fix
CVE-2020-26415	۴.۳	GitLab Community Edition/Enterprise Edition REST API information disclosure	$۱k-$2k	Official Fix
CVE-2020-26416	۴.۴	GitLab Enterprise Edition Advanced Search information disclosure	$۰-$۱k	Official Fix
CVE-2020-26412	۴.۳	GitLab Enterprise Edition Group Member information disclosure	$۰-$۱k	Official Fix
CVE-2020-16599	۶.۵	GNU Binutils _bfd_elf_get_symbol_version_string null pointer dereference	$۰-$۱k	Official Fix
CVE-2020-16592	۵.۵	GNU Binutils bfd_hash_lookup use after free	$۲k-$5k	Official Fix
CVE-2020-16598	۵.۵	GNU Binutils debug_get_real_type null pointer dereference	$۰-$۱k	Official Fix
CVE-2020-16590	۵.۵	GNU Binutils File Descriptor process_symbol_table double free	$۲k-$5k	Official Fix
CVE-2020-16591	۵.۵	GNU Binutils process_symbol_table denial of service	$۰-$۱k	Official Fix
CVE-2020-16593	۵.۵	GNU Binutils scan_unit_for_symbols denial of service	$۰-$۱k	Official Fix
CVE-2020-29573	۷.۵	GNU C Library ldbl2mpn.c sprintf stack-based overflow	$۲k-$5k	Official Fix
CVE-2020-8908	۳.۳	Google Guava Temp Directory com.google.common.io.Files.createTempDir temp file	$۱۰k-$25k	Official Fix
CVE-2020-29564	۹.۸	Hashicorp Consul improper authentication	$۲k-$5k	Workaround
CVE-2020-9247	۷.۸	Huawei Honor 20 Pro Configuration Parameter buffer overflow	$۱۰k-$25k	Not Defined
CVE-2020-4829	۷.۸	IBM AIX/VIOS ksu Command Local Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2020-4633	۸.۸	IBM Resilient SOAR Formula injection	$۱۰k-$25k	Official Fix
CVE-2019-4738	۶.۵	IBM Sterling B2B Integrator Standard Edition Dashboard UI information disclosure	$۵k-$10k	Official Fix
CVE-2020-19527	۹.۸	iCMS install.php os command injection	$۱k-$2k	Not Defined
CVE-2020-19142	۹.۸	iCMS install.php os command injection	$۱k-$2k	Not Defined
CVE-2020-35127	۵.۴	Ignite Realtime Openfire Bookmark create-bookmark.jsp cross site scripting	$۰-$۱k	Not Defined
CVE-2020-35201	۵.۴	Ignite Realtime Openfire create-bookmark.jsp cross site scripting	$۰-$۱k	Not Defined
CVE-2020-35199	۳.۵	Ignite Realtime Openfire create-bookmark.jsp cross site scripting	$۰-$۱k	Not Defined
CVE-2020-35202	۵.۴	Ignite Realtime Openfire db-access.jsp cross site scripting	$۰-$۱k	Not Defined
CVE-2020-35200	۵.۴	Ignite Realtime Openfire spark-form.jsp cross site scripting	$۰-$۱k	Not Defined
CVE-2020-29597	۹.۸	IncomCMS script.php unrestricted upload	$۲k-$5k	Not Defined
CVE-2020-7788	۷.۳	ini Package INI Parser injection	$۲k-$5k	Official Fix
CVE-2020-29602	۹.۸	irssi Docker Image improper authentication	$۲k-$5k	Official Fix
CVE-2020-29589	۹.۸	kapacitor Docker Image improper authentication	$۲k-$5k	Not Defined
CVE-2020-27151	۸.۸	Kata Containers unknown vulnerability	$۲k-$5k	Official Fix
CVE-2020-26253	۵.۹	Kirby CMS/Panel Admin Panel cms origin validation	$۲k-$5k	Official Fix
CVE-2020-26255	۹.۱	Kirby CMS/Panel phar File unrestricted upload	$۲k-$5k	Official Fix
CVE-2020-8564	۵.۵	Kubernetes Config File log file	$۰-$۱k	Official Fix
CVE-2020-8566	۵.۵	Kubernetes kube-controller-manager Ceph RBD log file	$۰-$۱k	Official Fix
CVE-2020-8565	۵.۵	Kubernetes Token log file	$۰-$۱k	Official Fix
CVE-2020-8563	۵.۵	Kubernetes VSphere Credential log file	$۰-$۱k	Official Fix
CVE-2020-29666	۵.۳	Lan ATMService M3 ATM Monitoring System Log File log file	$۱k-$2k	Not Defined
CVE-2020-29667	۹.۸	Lan ATMService M3 ATM Monitoring System Session session expiration	$۱k-$2k	Not Defined
CVE-2020-35208	۳.۹	LastPass Password Manager improper authentication	$۰-$۱k	Not Defined
CVE-2020-35207	۳.۹	LastPass Password Manager improper authentication	$۰-$۱k	Not Defined
CVE-2020-29660	۷.۸	Linux Kernel Locking tty_io.c unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-27786	۷.۸	Linux Kernel MIDI use after free	$۵k-$10k	Official Fix
CVE-2020-27825	۵.۷	Linux Kernel ring_buffer.c use after free	$۵k-$10k	Not Defined
CVE-2020-29661	۷.۸	Linux Kernel tty Subsystem tty_jobctrl.c use after free	$۱۰k-$25k	Official Fix
CVE-2020-10143	۷.۸	Macrium Reflect openssl.cnf access control	$۲k-$5k	Not Defined
CVE-2020-7339	۶.۳	McAfee Database Security Server Sensor SHA1 Certificate certificate validation	$۵k-$10k	Official Fix
CVE-2020-7337	۶.۷	McAfee VirusScan Enterprise Windows Defender Application Control permission assignment	$۲k-$5k	Official Fix
CVE-2020-25183	۵.۵	Medtronic Smart Model 25000 Patient Reader App Authentication improper authentication	$۱k-$2k	Not Defined
CVE-2020-25187	۸.۸	Medtronic Smart Model 25000 Patient Reader Debug Command heap-based overflow	$۲k-$5k	Not Defined
CVE-2020-27252	۹.۶	Medtronic Smart Model 25000 Patient Reader Update System toctou	$۱k-$2k	Not Defined
CVE-2020-17135	۵.۴	Microsoft Azure DevOps Server unknown vulnerability	$۱۰k-$25k	Official Fix
CVE-2020-17145	۵.۴	Microsoft Azure DevOps Server/Team Foundation Server input validation	$۱۰k-$25k	Official Fix
CVE-2020-16971	۹.۱	Microsoft Azure SDK for Java protection mechanism	$۱۰k-$25k	Official Fix
CVE-2020-17160	۷.۴	Microsoft Azure Sphere protection mechanism	$۱۰k-$25k	Official Fix
CVE-2020-17002	۹.۱	Microsoft C SDK for Azure IoT protection mechanism	$۱۰k-$25k	Official Fix
CVE-2020-17152	۸.۸	Microsoft Dynamics 365 for Finance and Operations unknown vulnerability	Calculating	Official Fix
CVE-2020-17158	۸.۸	Microsoft Dynamics 365 for Finance and Operations unknown vulnerability	Calculating	Official Fix
CVE-2020-17131	۷.۵	Microsoft Edge/ChakraCore Chakra Scripting Engine memory corruption	$۵۰k-$100k	Official Fix
CVE-2020-17126	۵.۵	Microsoft Excel information disclosure	$۵k-$10k	Official Fix
CVE-2020-17130	۶.۵	Microsoft Excel protection mechanism	$۱۰k-$25k	Official Fix
CVE-2020-17127	۷.۸	Microsoft Excel Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-17125	۷.۸	Microsoft Excel Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-17123	۷.۸	Microsoft Excel Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-17129	۷.۸	Microsoft Excel Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-17128	۷.۸	Microsoft Excel Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-17147	۵.۴	Microsoft Microsoft Dynamics 365 cross site scripting	$۵k-$10k	Official Fix
CVE-2020-17133	۶.۵	Microsoft Microsoft Dynamics NAV 2015 information disclosure	Calculating	Official Fix
CVE-2020-17153	۶.۱	Microsoft Microsoft Edge information disclosure	$۲۵k-$50k	Official Fix
CVE-2020-17143	۸.۸	Microsoft Microsoft Exchange Server information disclosure	$۱۰k-$25k	Official Fix
CVE-2020-17142	۹.۱	Microsoft Microsoft Exchange Server Remote Privilege Escalation	$۲۵k-$50k	Official Fix
CVE-2020-17132	۹.۱	Microsoft Microsoft Exchange Server Remote Privilege Escalation	$۲۵k-$50k	Official Fix
CVE-2020-17117	۷.۲	Microsoft Microsoft Exchange Server Remote Privilege Escalation	$۲۵k-$50k	Official Fix
CVE-2020-17141	۸.۴	Microsoft Microsoft Exchange Server Remote Privilege Escalation	$۲۵k-$50k	Official Fix
CVE-2020-17144	۸.۴	Microsoft Microsoft Exchange Server Remote Privilege Escalation	$۲۵k-$50k	Official Fix
CVE-2020-17122	۷.۸	Microsoft Office/Office Web Apps/SharePoint Server Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-17119	۷.۵	Microsoft Outlook information disclosure	$۵k-$10k	Official Fix
CVE-2020-17124	۷.۸	Microsoft PowerPoint Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-17120	۶.۵	Microsoft SharePoint information disclosure	$۵k-$10k	Official Fix
CVE-2020-17089	۸.۰	Microsoft SharePoint Remote Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2020-17121	۸.۸	Microsoft SharePoint Remote Privilege Escalation	$۲۵k-$50k	Official Fix
CVE-2020-17115	۸.۰	Microsoft SharePoint Remote Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2020-17118	۹.۸	Microsoft SharePoint unknown vulnerability	$۲۵k-$50k	Official Fix
CVE-2020-10146	۵.۷	Microsoft Teams Message cross site scripting	$۵k-$10k	Official Fix
CVE-2020-17159	۷.۸	Microsoft Visual Studio Java Extension Pack Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-17156	۷.۸	Microsoft Visual Studio Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-17148	۷.۸	Microsoft Visual Studio Remote SSH Extension Local Privilege Escalation	$۱۰k-$25k	Official Fix
CVE-2020-17150	۷.۸	Microsoft Visual Studio TS-Lint Extension Remote Code Execution	$۱۰k-$25k	Official Fix
CVE-2020-16962	۷.۸	Microsoft Windows Backup Engine Local Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2020-16963	۷.۸	Microsoft Windows Backup Engine Local Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2020-16964	۷.۸	Microsoft Windows Backup Engine Local Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2020-16961	۷.۸	Microsoft Windows Backup Engine Local Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2020-16959	۷.۸	Microsoft Windows Backup Engine Local Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2020-16958	۷.۸	Microsoft Windows Backup Engine Local Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2020-16960	۷.۸	Microsoft Windows Backup Engine Local Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2020-17134	۷.۸	Microsoft Windows Cloud Files Mini Filter Driver Local Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2020-17103	۷.۸	Microsoft Windows Cloud Files Mini Filter Driver Local Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2020-17136	۷.۸	Microsoft Windows Cloud Files Mini Filter Driver Local Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2020-17097	۷.۸	Microsoft Windows Digital Media Receiver unknown vulnerability	$۲۵k-$50k	Official Fix
CVE-2020-17137	۷.۸	Microsoft Windows DirectX Graphics Local Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2020-17094	۵.۵	Microsoft Windows Error Reporting information disclosure	$۱۰k-$25k	Official Fix
CVE-2020-17138	۵.۵	Microsoft Windows Error Reporting information disclosure	$۱۰k-$25k	Official Fix
CVE-2020-17098	۵.۵	Microsoft Windows GDI+ information disclosure	$۱۰k-$25k	Official Fix
CVE-2020-17095	۹.۹	Microsoft Windows Hyper-V Remote Privilege Escalation	$۱۰۰k and more	Official Fix
CVE-2020-16996	۶.۵	Microsoft Windows Kerberos protection mechanism	$۵۰k-$100k	Official Fix
CVE-2020-17099	۶.۸	Microsoft Windows Lock Screen improper authentication	$۱۰k-$25k	Official Fix
CVE-2020-17092	۷.۸	Microsoft Windows Network Connections Service Local Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2020-17096	۸.۸	Microsoft Windows NTFS Remote Privilege Escalation	$۵۰k-$100k	Official Fix
CVE-2020-17139	۷.۸	Microsoft Windows Overlay Filter protection mechanism	$۵۰k-$100k	Official Fix
CVE-2020-17140	۶.۵	Microsoft Windows SMB information disclosure	$۲۵k-$50k	Official Fix
CVE-2020-25631	۶.۱	Moodle Book Chapter Title cross site scripting	$۲k-$5k	Official Fix
CVE-2020-25629	۸.۸	Moodle Log in as access control	$۱۰k-$25k	Official Fix
CVE-2020-25628	۶.۱	Moodle Tag Manager cross site scripting	$۲k-$5k	Official Fix
CVE-2020-25630	۷.۵	Moodle ZIP File resource consumption	$۵k-$10k	Official Fix
CVE-2020-26963	۴.۳	Mozilla Firefox API denial of service	$۱۰k-$25k	Official Fix
CVE-2020-26955	۶.۵	Mozilla Firefox File Download information disclosure	$۱۰k-$25k	Official Fix
CVE-2020-26954	۴.۳	Mozilla Firefox Fullscreen improper restriction of rendered ui layers	$۲۵k-$50k	Official Fix
CVE-2020-26952	۸.۸	Mozilla Firefox JIT Compiler memory corruption	$۲۵k-$50k	Official Fix
CVE-2020-26962	۶.۱	Mozilla Firefox Login Autofill clickjacking	$۲۵k-$50k	Official Fix
CVE-2020-26969	۸.۸	Mozilla Firefox memory corruption	$۲۵k-$50k	Official Fix
CVE-2020-26957	۶.۵	Mozilla Firefox OneCRL improper validation of integrity check value	$۲۵k-$50k	Official Fix
CVE-2020-26964	۶.۵	Mozilla Firefox Remote Debugging via USB Remote Privilege Escalation	$۲۵k-$50k	Official Fix
CVE-2020-26967	۵.۵	Mozilla Firefox Screenshot injection	$۱۰k-$25k	Official Fix
CVE-2020-26960	۸.۸	Mozilla Firefox/Thunderbird Compact use after free	$۲۵k-$50k	Official Fix
CVE-2020-26951	۶.۱	Mozilla Firefox/Thunderbird Event Parser cross site scripting	$۱۰k-$25k	Official Fix
CVE-2020-26953	۴.۳	Mozilla Firefox/Thunderbird Fullscreen improper restriction of rendered ui layers	$۲۵k-$50k	Official Fix
CVE-2020-26961	۶.۵	Mozilla Firefox/Thunderbird IPv6 Address dns rebinding	$۲۵k-$50k	Official Fix
CVE-2020-26965	۶.۵	Mozilla Firefox/Thunderbird Keyboard Layout unknown vulnerability	$۲۵k-$50k	Official Fix
CVE-2020-26966	۶.۵	Mozilla Firefox/Thunderbird mDNS information disclosure	$۱۰k-$25k	Official Fix
CVE-2020-26968	۸.۸	Mozilla Firefox/Thunderbird memory corruption	$۲۵k-$50k	Official Fix
CVE-2020-26958	۶.۱	Mozilla Firefox/Thunderbird MIME Type protection mechanism	$۲۵k-$50k	Official Fix
CVE-2020-26959	۸.۸	Mozilla Firefox/Thunderbird Reference use after free	$۲۵k-$50k	Official Fix
CVE-2020-26956	۶.۱	Mozilla Firefox/Thunderbird SVG Event cross site scripting	$۱۰k-$25k	Official Fix
CVE-2020-26950	۸.۸	Mozilla Firefox/Thunderbird use after free	$۲۵k-$50k	Official Fix
CVE-2020-29601	۹.۸	Notary Docker Image improper authentication	$۲k-$5k	Official Fix
CVE-2020-25110	۵.۶	Nut OS Ethernut memory corruption	$۲k-$5k	Not Defined
CVE-2020-25109	۵.۶	Nut OS Ethernut memory corruption	$۲k-$5k	Not Defined
CVE-2020-25108	۵.۶	Nut OS Ethernut memory corruption	$۲k-$5k	Not Defined
CVE-2020-25107	۵.۶	Nut OS Ethernut memory corruption	$۲k-$5k	Not Defined
CVE-2020-26254	۷.۷	omniauth-apple Gem authentication spoofing	$۱k-$2k	Official Fix
CVE-2020-25889	۹.۸	Online Bus Booking System Login Page sql injection	$۱k-$2k	Not Defined
CVE-2020-29259	۶.۱	Online Examination System feedback.php cross site scripting	$۰-$۱k	Not Defined
CVE-2020-29257	۶.۱	Online Examination System feedback.php cross site scripting	$۰-$۱k	Not Defined
CVE-2020-29258	۶.۱	Online Examination System index.php cross site scripting	$۰-$۱k	Not Defined
CVE-2020-1971	۷.۵	OpenSSL x509 Certificate GENERAL_NAME_cmp null pointer dereference	$۵k-$10k	Official Fix
CVE-2020-2020	۵.۵	Palo Alto Cortex XDR Agent Exception exceptional condition	$۰-$۱k	Official Fix
CVE-2020-2049	۷.۸	Palo Alto Cortex XDR Agent uncontrolled search path	$۲k-$5k	Not Defined
CVE-2020-28086	۷.۵	pass Git Repository Remote Privilege Escalation	$۲k-$5k	Not Defined
CVE-2020-35132	۵.۴	phpLDAPadmin function.php get_request cross site scripting	$۰-$۱k	Official Fix
CVE-2020-7776	۷.۱	PHPOffice PhpSpreadsheet Excel File cross site scripting	$۰-$۱k	Official Fix
CVE-2020-19165	۶.۳	PHPSHE sql injection	$۱k-$2k	Not Defined
CVE-2020-24338	۵.۶	picoTCP Domain Name Decompression pico_dns_common.c pico_dns_decompress_name out-of-bounds write	$۲k-$5k	Not Defined
CVE-2020-17444	۵.۳	picoTCP Header Field pico_ipv6.c pico_ipv6_check_headers_sequence integer overflow	$۲k-$5k	Not Defined
CVE-2020-17442	۵.۳	picoTCP Header Length pico_ipv6.c pico_ipv6_process_hopbyhop integer overflow	$۲k-$5k	Not Defined
CVE-2020-17443	۵.۳	picoTCP ICMPv6 Echo Request Packet pico_icmp6.c pico_icmp6_send_echoreply_not_frag memory corruption	$۲k-$5k	Not Defined
CVE-2020-17441	۵.۳	picoTCP IPv6 Header pico_ipv6.c pico_ipv6_extension_headers out-of-bounds read	$۱k-$2k	Not Defined
CVE-2020-24340	۳.۷	picoTCP/picoTCP-NG DNS Packet pico_mdns.c pico_mdns_handle_data_as_answers_generic out-of-bounds read	$۱k-$2k	Not Defined
CVE-2020-24339	۳.۷	picoTCP/picoTCP-NG Domain Name Decompression pico_dns_common.c pico_dns_decompress_name out-of-bounds read	$۱k-$2k	Not Defined
CVE-2020-24337	۵.۳	picoTCP/picoTCP-NG TCP Options pico_tcp.c tcp_parse_options denial of service	$۰-$۱k	Not Defined
CVE-2020-24341	۵.۶	picoTCP/picoTCP-NG TCP pico_tcp.c out-of-bounds read	$۱k-$2k	Not Defined
CVE-2020-29578	۹.۸	piwik Docker Image improper authentication	$۲k-$5k	Official Fix
CVE-2020-27351	۲.۰	python-apt arfile.cc release of resource	$۰-$۱k	Official Fix
CVE-2020-29651	۷.۵	python-py incorrect regex	$۱k-$2k	Official Fix
CVE-2020-27821	۶.۰	QEMU Memory Management API out-of-bounds write	$۱۰k-$25k	Official Fix
CVE-2020-2493	۶.۱	QNAP Multimedia Console cross site scripting	$۰-$۱k	Official Fix
CVE-2020-2491	۶.۱	QNAP QTS Photo Station cross site scripting	$۰-$۱k	Official Fix
CVE-2019-7198	۵.۵	QNAP QTS/QuTS command injection	$۱k-$2k	Official Fix
CVE-2020-2498	۶.۱	QNAP QTS/QuTS cross site scripting	$۰-$۱k	Official Fix
CVE-2020-2497	۶.۱	QNAP QTS/QuTS cross site scripting	$۰-$۱k	Official Fix
CVE-2020-2496	۶.۱	QNAP QTS/QuTS cross site scripting	$۰-$۱k	Official Fix
CVE-2020-2495	۶.۱	QNAP QTS/QuTS cross site scripting	$۰-$۱k	Official Fix
CVE-2020-7787	۸.۲	react-adal JWT Token authentication spoofing	$۱k-$2k	Not Defined
CVE-2020-26249	۸.۷	Red Discord Bot Dashboard Name code injection	$۲k-$5k	Official Fix
CVE-2020-29591	۹.۸	registry Docker Image improper authentication	$۲k-$5k	Not Defined
CVE-2020-26832	۷.۶	SAP AS ABAP/S4 HANA Landscape Transformation authorization	$۱۰k-$25k	Not Defined
CVE-2020-26816	۴.۵	SAP AS JAVA Key Storage Service missing encryption	$۲k-$5k	Not Defined
CVE-2020-26838	۹.۱	SAP Business Warehouse/BW4HANA os command injection	$۱۰k-$25k	Not Defined
CVE-2020-26831	۹.۶	SAP BusinessObjects BI Platform Crystal Report server-side request forgery	$۱۰k-$25k	Not Defined
CVE-2020-26828	۶.۴	SAP Disclosure Management Spreadsheet unrestricted upload	$۱۰k-$25k	Not Defined
CVE-2020-26835	۶.۱	SAP NetWeaver AS ABAP cross site scripting	$۵k-$10k	Not Defined
CVE-2020-26829	۱۰.۰	SAP NetWeaver AS JAVA improper authentication	$۱۰k-$25k	Not Defined
CVE-2020-26826	۶.۵	SAP NetWeaver AS JAVA Process Integration Monitoring unrestricted upload	$۱۰k-$25k	Not Defined
CVE-2020-26836	۶.۱	SAP Solution Manager Trace Analysis redirect	$۵k-$10k	Not Defined
CVE-2020-26830	۶.۳	SAP Solution Manager User Experience Monitoring access control	$۱۰k-$25k	Not Defined
CVE-2020-26837	۹.۱	SAP Solution Manager User Experience Monitoring path traversal	$۱۰k-$25k	Not Defined
CVE-2020-28215	۵.۵	Schneider Electric Easergy T300 authorization	$۱k-$2k	Not Defined
CVE-2020-28218	۴.۹	Schneider Electric Easergy T300 improper restriction of rendered ui layers	$۱k-$2k	Not Defined
CVE-2020-28217	۳.۷	Schneider Electric Easergy T300 missing encryption	$۰-$۱k	Not Defined
CVE-2020-28216	۳.۷	Schneider Electric Easergy T300 missing encryption	$۰-$۱k	Not Defined
CVE-2020-7560	۵.۵	Schneider Electric EcoStruxure Control Expert/Unity Pro write-what-where condition	$۲k-$5k	Not Defined
CVE-2020-28219	۴.۳	Schneider Electric EcoStruxure Geo SCADA Expert Virtual ViewX insufficiently protected credentials	$۱k-$2k	Not Defined
CVE-2020-28214	۲.۶	Schneider Electric Modicon M221 hash without salt	$۰-$۱k	Not Defined
CVE-2020-28220	۵.۵	Schneider Electric Modicon M258 memory corruption	$۲k-$5k	Official Fix
CVE-2020-7543	۲.۱	Schneider Electric Modicon M340 Modbus unusual condition	$۰-$۱k	Not Defined
CVE-2020-7542	۲.۱	Schneider Electric Modicon M340 Modbus unusual condition	$۰-$۱k	Not Defined
CVE-2020-7536	۳.۵	Schneider Electric Modicon M340 SNMP unusual condition	$۱k-$2k	Official Fix
CVE-2020-7535	۳.۵	Schneider Electric Modicon M340 Web Server path traversal	$۱k-$2k	Not Defined
CVE-2020-7539	۳.۵	Schneider Electric Modicon M340/Modicon Quantum/Modicon Premium HTTP unusual condition	$۱k-$2k	Not Defined
CVE-2020-7541	۴.۳	Schneider Electric Modicon M340/Modicon Quantum/Modicon Premium Web Server direct request	$۲k-$5k	Not Defined
CVE-2020-7540	۶.۳	Schneider Electric Modicon M340/Modicon Quantum/Modicon Premium Web Server missing authentication	$۱k-$2k	Not Defined
CVE-2020-7549	۳.۵	Schneider Electric Modicon M340/Modicon Quantum/Modicon Premium Web Server unusual condition	$۱k-$2k	Not Defined
CVE-2020-7537	۲.۱	Schneider Electric Modicon M580 Modbus unusual condition	$۰-$۱k	Not Defined
CVE-2020-12149	۶.۸	Silver Peak Unity ECOSTM Configuration Backup os command injection	$۲k-$5k	Not Defined
CVE-2020-12148	۶.۸	Silver Peak Unity ECOSTM nslookup API os command injection	$۱k-$2k	Not Defined
CVE-2020-29581	۹.۸	spiped Docker Image access control	$۲k-$5k	Official Fix
CVE-2020-29580	۹.۸	Storm Docker Image improper authentication	$۲k-$5k	Official Fix
CVE-2020-12594	۸.۸	Symantec Messaging Gateway CLI access control	$۱۰k-$25k	Official Fix
CVE-2020-12595	۴.۳	Symantec Messaging Gateway Web UI information disclosure	$۵k-$10k	Official Fix
CVE-2020-29540	۷.۵	Systran Pure Neural Server API denial of service	$۰-$۱k	Official Fix
CVE-2020-29539	۵.۴	Systran Pure Neural Server cross site scripting	$۰-$۱k	Official Fix
CVE-2020-29590	۹.۸	teamspeak Docker Image improper authentication	$۲k-$5k	Not Defined
CVE-2020-26267	۴.۴	TensorFlow API tf.raw_ops.DataFormatVecPermute out-of-bounds read	$۰-$۱k	Official Fix
CVE-2020-26271	۴.۴	TensorFlow Computation Graph out-of-bounds read	$۰-$۱k	Official Fix
CVE-2020-26270	۴.۴	TensorFlow LSTM/GRU denial of service	$۰-$۱k	Official Fix
CVE-2020-26266	۴.۴	TensorFlow Model uninitialized resource	$۱k-$2k	Official Fix
CVE-2020-26269	۳.۵	TensorFlow out-of-bounds read	$۰-$۱k	Official Fix
CVE-2020-26268	۴.۴	TensorFlow Python Interpreter tf.raw_ops.ImmutableConst denial of service	$۰-$۱k	Official Fix
CVE-2020-17439	۷.۳	uIP DNS Reply resolv.c newdata dns rebinding	$۲k-$5k	Not Defined
CVE-2020-24334	۵.۶	uIP DNS Response resolv.c out-of-bounds read	$۱k-$2k	Not Defined
CVE-2020-17440	۵.۳	uIP DNS Response resolv.c parse_name null pointer dereference	$۰-$۱k	Not Defined
CVE-2020-17438	۳.۵	uIP IP Header Length uip.c uip_reass denial of service	$۲k-$5k	Not Defined
CVE-2020-17437	۵.۵	uIP TCP Flag uip.c uip_process buffer overflow	$۲k-$5k	Not Defined
CVE-2020-29654	۶.۳	Western Digital Dashboard DLL uncontrolled search path	$۲k-$5k	Official Fix
CVE-2020-29563	۶.۳	Western Digital My Cloud OS improper authentication	$۱k-$2k	Official Fix
CVE-2020-26419	۳.۱	Wireshark Dissection Engine memory leak	$۰-$۱k	Official Fix
CVE-2020-26418	۳.۱	Wireshark Kafka Protocol Dissector denial of service	$۰-$۱k	Official Fix
CVE-2020-26420	۳.۱	Wireshark RTPS Protocol Dissector memory leak	$۰-$۱k	Official Fix
CVE-2020-26421	۴.۲	Wireshark USB HID Protocol Dissector denial of service	$۰-$۱k	Official Fix
CVE-2020-29577	۹.۸	znc Docker Image improper authentication	$۲k-$5k	Official Fix

سطح خطر حدود ۴۶% آسیب‌پذیری‌های هفته، «پرخطر» و «حیاتی» برآورد شده است که بسیار قابل‌توجه است.

ارزش روز صفرم ۴۷% آسیب‌پذیری‌های هفته بیش از ۵۰۰۰ دلار بوده است.

خوشبختانه برای ۷۰% آسیب‌پذیری‌‌های هفته، به‌روزرسانی‌ها و یا وصله‌هایی رسماً ارائه شده که برای جلوگیری از سوءاستفاده ازآسیب‌پذیری‌ها بهتر است سریعاً اعمال شوند.

خدمات آپا

سایر آسیب پذیری ها

آسیب‌پذیری‌های حیاتی هفته چهارم آذرماه