آسیبپذیریهای حیاتی هفته چهارم بهمنماه
این هفته محصولات بسیار مهم گوگل(Chrome، Android و ...)، مایکروسافت(Windows، Office و ...) و ادوبی(Acrobat Reader، Flash Player و ...) چندین آسیبپذیری با سطح خطر «حیاتی» و «بالا» داشتند. همچنین در سوئیچهای صنعتی زیمنس و محصولات پرکاربرد شرکتهای اینتل و آیبیام چندین آسیبپذیری مهم شناسایی شده است.
|
شناسه آسیبپذیری |
محصول آسیبپذیر |
نوع آسیبپذیری |
|
CVE-2020-3756 |
Adobe Acrobat Reader Memory Exhaustion |
Denial of Service |
|
CVE-2020-3763 |
Adobe Acrobat Reader |
Privilege Escalation |
|
CVE-2020-3762 |
Adobe Acrobat Reader |
Privilege Escalation |
|
CVE-2020-3759 |
Adobe Digital Editions |
Information Disclosure |
|
CVE-2020-3760 |
Adobe Digital Editions |
Remote Code Execution |
|
CVE-2020-3741 |
Adobe Experience Manager |
Denial of Service |
|
CVE-2020-3757 |
Adobe Flash Player Type Confusion |
Memory Corruption |
|
CVE-2020-3740 |
Adobe Framemaker Code Execution |
Memory Corruption |
|
CVE-2020-3739 |
Adobe Framemaker Code Execution |
Memory Corruption |
|
CVE-2020-3734 |
Adobe Framemaker Code Execution |
Memory Corruption |
|
CVE-2020-3735 |
Adobe Framemaker Heap-based |
Memory Corruption |
|
CVE-2020-3731 |
Adobe Framemaker Heap-based |
Memory Corruption |
|
CVE-2020-3738 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3737 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3736 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3733 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3732 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3730 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3729 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3728 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3727 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3726 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3725 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3724 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3723 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3722 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3721 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-3720 |
Adobe Framemaker Out-of-Bounds |
Memory Corruption |
|
CVE-2020-8947 |
Artica Pandora FMS functions_netflow.php |
Privilege Escalation |
|
CVE-2020-8614 |
Askey AP4000W Service Port 54188 bd_svr |
Remote Code Execution |
|
CVE-2019-20099 |
Atlassian JIRA Server/Data Center VerifyPopServerConnection!add.jspa |
Cross Site Request Forgery |
|
CVE-2019-20098 |
Atlassian JIRA Server/Data Center VerifySmtpServerConnection!add.jspa |
Cross Site Request Forgery |
|
CVE-2020-5399 |
Cloud Foundry CredHub Database Connection |
Weak Encryption |
|
CVE-2019-16336 |
Cypress PSoC 4 Bluetooth Low Energy Crash |
Denial of Service |
|
CVE-2020-8962 |
D-Link DIR-842 REVC MTFWU strcpy |
Memory Corruption |
|
CVE-2020-2125 |
Debian Package Builder Plugin Global Configuration |
Information Disclosure |
|
CVE-2020-6973 |
Digi International ConnectPort LTS 32 MEI |
Cross Site Scripting |
|
CVE-2020-6975 |
Digi International ConnectPort LTS 32 MEI File Upload |
Privilege Escalation |
|
CVE-2020-7957 |
Dovecot IMAP/LMTP |
Denial of Service |
|
CVE-2020-7046 |
Dovecot Submission-Login Loop |
Denial of Service |
|
CVE-2020-2113 |
Git Parameter Plugin Stored |
Cross Site Scripting |
|
CVE-2020-2112 |
Git Parameter Plugin Stored |
Cross Site Scripting |
|
CVE-2020-8949 |
Gocloud S2A_WL/S2A/S3A K2P MTK/S3A/ISP3000 Ping |
Privilege Escalation |
|
CVE-2020-0030 |
Google Android binder.c binder_thread_release |
Memory Corruption |
|
CVE-2020-0022 |
Google Android Bluetooth packet_fragmenter.cc reassemble_and_dispatch |
Memory Corruption |
|
CVE-2020-0005 |
Google Android btm_acl.cc btm_read_remote_ext_features_complete |
Memory Corruption |
|
CVE-2020-0015 |
Google Android CertInstaller.java onCreate |
Privilege Escalation |
|
CVE-2020-0020 |
Google Android ExifInterface.java getAttributeRange |
Information Disclosure |
|
CVE-2020-0027 |
Google Android HidRawSensor.cpp batch |
Memory Corruption |
|
CVE-2020-0018 |
Google Android InputDispatcher.cpp appendDescription |
Information Disclosure |
|
CVE-2020-0028 |
Google Android NetworkMonitor.java notifyNetworkTested |
Information Disclosure |
|
CVE-2020-0021 |
Google Android PackageManagerService.java removeUnusedPackagesLPw |
Denial of Service |
|
CVE-2020-0026 |
Google Android Parcel.cpp continueWrite |
Memory Corruption |
|
CVE-2020-0023 |
Google Android Permission Check AdapterService.java setPhonebookAccessPermission |
Information Disclosure |
|
CVE-2019-2200 |
Google Android PermissionManagerService.java updatePermissions |
Privilege Escalation |
|
CVE-2020-0017 |
Google Android |
Privilege Escalation |
|
CVE-2020-0014 |
Google Android Window |
Privilege Escalation |
|
CVE-2020-2121 |
Google Kubernetes Engine Plugin YAML Parser |
Remote Code Execution |
|
CVE-2020-6417 |
Google Chrome Installer |
Privilege Escalation |
|
CVE-2020-6416 |
Google Chrome Stream Heap-based |
Memory Corruption |
|
CVE-2020-6415 |
Google Chrome Javascript Heap-based |
Memory Corruption |
|
CVE-2020-6414 |
Google Chrome Safe Browsing |
Privilege Escalation |
|
CVE-2020-6413 |
Google Chrome Blink |
Privilege Escalation |
|
CVE-2020-6412 |
Google Chrome Omnibox |
Domain spoofing |
|
CVE-2020-6411 |
Google Chrome Omnibox |
Domain spoofing |
|
CVE-2020-6410 |
Google Chrome Policy Enforcement |
Domain spoofing |
|
CVE-2020-6409 |
Google Chrome Omnibox |
Privilege Escalation |
|
CVE-2020-6408 |
Google Chrome Policy Enforcement CORS |
Information Disclosure |
|
CVE-2020-6406 |
Google Chrome Audio Use-After-Free |
Memory Corruption |
|
CVE-2020-6405 |
Google Chrome SQLite Out-of-Bounds |
Information Disclosure |
|
CVE-2020-6404 |
Google Chrome Blink Heap-based |
Memory Corruption |
|
CVE-2020-6403 |
Google Chrome |
Omnibox spoofing |
|
CVE-2020-6402 |
Google Chrome Policy Enforcement |
Privilege Escalation |
|
CVE-2020-6401 |
Google Chrome Omnibox |
Domain spoofing |
|
CVE-2020-6400 |
Google Chrome CORS |
Information Disclosure |
|
CVE-2020-6399 |
Google Chrome AppCache Cross-Origin |
Information Disclosure |
|
CVE-2020-6398 |
Google Chrome PDFium Heap-based |
Memory Corruption |
|
CVE-2020-6397 |
Google Chrome Security |
UI spoofing |
|
CVE-2020-6396 |
Google Chrome |
Skia spoofing |
|
CVE-2020-6395 |
Google Chrome Javascript Out-of-Bounds |
Information Disclosure |
|
CVE-2020-6394 |
Google Chrome Blink CSP |
Privilege Escalation |
|
CVE-2020-6393 |
Google Chrome Blink Cross-Origin |
Information Disclosure |
|
CVE-2020-6392 |
Google Chrome Policy Enforcement |
Privilege Escalation |
|
CVE-2020-6391 |
Google Chrome Blink CSP |
Privilege Escalation |
|
CVE-2020-6390 |
Google Chrome Out-of-Bounds |
Memory Corruption |
|
CVE-2020-6389 |
Google Chrome WebRTC Out-of-Bounds |
Memory Corruption |
|
CVE-2020-6388 |
Google Chrome WebAudio Out-of-Bounds |
Memory Corruption |
|
CVE-2020-6387 |
Google Chrome WebRTC Out-of-Bounds |
Memory Corruption |
|
CVE-2020-6385 |
Google Chrome Policy Enforcement |
Privilege Escalation |
|
CVE-2020-6382 |
Google Chrome Javascript Type Confusion |
Memory Corruption |
|
CVE-2020-6381 |
Google Chrome Javascript Integer Overflow |
Memory Corruption |
|
CVE-2020-6380 |
Google Chrome Policy Enforcement |
Privilege Escalation |
|
CVE-2020-6379 |
Google Chrome v8 Use-After-Free |
Memory Corruption |
|
CVE-2020-6378 |
Google Chrome Speech Use-After-Free |
Memory Corruption |
|
CVE-2020-2109 |
Groovy Plugin Sandbox |
Privilege Escalation |
|
CVE-2020-2131 |
Harvest SCM Plugin config.xml |
Information Disclosure |
|
CVE-2020-2130 |
Harvest SCM Plugin Global Configuration Password |
Information Disclosure |
|
CVE-2019-18915 |
HP System Event Utility |
Privilege Escalation |
|
CVE-2019-4427 |
IBM Cloud CLI Windows Installer |
Weak Authentication |
|
CVE-2019-4741 |
IBM Content Navigator |
Server-Side Request Forgery |
|
CVE-2019-4431 |
IBM Rational Publishing Engine Web UI |
Cross Site Scripting |
|
CVE-2019-4592 |
IBM Tivoli Monitoring Service |
Denial of Service |
|
CVE-2019-4666 |
IBM UrbanCode Deploy/UrbanCode Build |
Information Disclosure |
|
CVE-2020-8815 |
IKTeam BearFTP Connection Slowloris |
Denial of Service |
|
CVE-2020-0561 |
Intel Authenticate Access |
Unknown Vulnerability |
|
CVE-2020-0563 |
Intel Authenticate Permission |
Unknown Vulnerability |
|
CVE-2020-0562 |
Intel Authenticate Permission |
Unknown Vulnerability |
|
CVE-2020-0560 |
Intel Authenticate Permission |
Unknown Vulnerability |
|
CVE-2019-14598 |
Intel CSME Subsystem |
Privilege Escalation |
|
CVE-2020-0564 |
Intel RWC3 Permission |
Privilege Escalation |
|
CVE-2020-8992 |
Linux Kernel Journal Size block_validity.c |
Denial of Service |
|
CVE-2020-7208 |
LinuxKI |
Cross Site Scripting |
|
CVE-2020-7209 |
LinuxKI |
Remote Code Execution |
|
CVE-2018-14553 |
Libgd gd.c gdImageClone |
Denial of Service |
|
CVE-2020-8991 |
LVM2 lvmetad-core.c vg_lookup |
Denial of Service |
|
CVE-2020-5239 |
Mailu fetchmail Script |
Privilege Escalation |
|
CVE-2020-0702 |
Microsoft Surface Hub Security Feature |
Weak Authentication |
|
CVE-2020-0693 |
Microsoft SharePoint Enterprise Server |
Cross Site Scripting |
|
CVE-2020-0759 |
Microsoft Office Excel |
Memory Corruption |
|
CVE-2020-0756 |
Microsoft Windows Key Isolation Service |
Information Disclosure |
|
CVE-2020-0755 |
Microsoft Windows Key Isolation Service |
Information Disclosure |
|
CVE-2020-0754 |
Microsoft Windows Error Reporting |
Privilege Escalation |
|
CVE-2020-0753 |
Microsoft Windows Error Reporting |
Privilege Escalation |
|
CVE-2020-0752 |
Microsoft Windows Windows Search Indexer |
Memory Corruption |
|
CVE-2020-0751 |
Microsoft Windows Hyper-V |
Denial of Service |
|
CVE-2020-0750 |
Microsoft Windows Connected Devices Platform Service |
Memory Corruption |
|
CVE-2020-0749 |
Microsoft Windows Connected Devices Platform Service |
Memory Corruption |
|
CVE-2020-0748 |
Microsoft Windows Key Isolation Service |
Information Disclosure |
|
CVE-2020-0747 |
Microsoft Windows Data Sharing Service |
Privilege Escalation |
|
CVE-2020-0746 |
Microsoft Windows Graphics Component |
Information Disclosure |
|
CVE-2020-0745 |
Microsoft Windows Graphics Component |
Memory Corruption |
|
CVE-2020-0744 |
Microsoft Windows GDI |
Information Disclosure |
|
CVE-2020-0743 |
Microsoft Windows Connected Devices Platform Service |
Memory Corruption |
|
CVE-2020-0742 |
Microsoft Windows Connected Devices Platform Service |
Memory Corruption |
|
CVE-2020-0741 |
Microsoft Windows Connected Devices Platform Service |
Memory Corruption |
|
CVE-2020-0740 |
Microsoft Windows Connected Devices Platform Service |
Privilege Escalation |
|
CVE-2020-0739 |
Microsoft Windows |
Privilege Escalation |
|
CVE-2020-0737 |
Microsoft Windows tapisrv.dll |
Memory Corruption |
|
CVE-2020-0736 |
Microsoft Windows Kernel |
Information Disclosure |
|
CVE-2020-0735 |
Microsoft Windows Windows Search Indexer |
Memory Corruption |
|
CVE-2020-0733 |
Microsoft Malicious Software Removal Tool Junction |
Privilege Escalation |
|
CVE-2020-0732 |
Microsoft Windows DirectX |
Privilege Escalation |
|
CVE-2020-0731 |
Microsoft Windows Win32k |
Memory Corruption |
|
CVE-2020-0730 |
Microsoft Windows User Profile Service |
Privilege Escalation |
|
CVE-2020-0728 |
Microsoft Windows Modules Installer Service |
Information Disclosure |
|
CVE-2020-0727 |
Microsoft Windows Connected User Experiences and Telemetry Service |
Privilege Escalation |
|
CVE-2020-0719 CVE-2020-0720 CVE-2020-0721 CVE-2020-0722 CVE-2020-0723 CVE-2020-0724 CVE-2020-0725 CVE-2020-0726
|
Microsoft Windows Win32k |
Memory Corruption |
|
CVE-2020-0716 CVE-2020-0717
|
Microsoft Windows Win32k |
Information Disclosure |
|
CVE-2020-0715 |
Microsoft Windows Graphics Component |
Memory Corruption |
|
CVE-2020-0714 |
Microsoft Windows DirectX |
Information Disclosure |
|
CVE-2020-0709 |
Microsoft Windows DirectX |
Memory Corruption |
|
CVE-2020-0708 |
Microsoft Windows Imaging Library |
Memory Corruption |
|
CVE-2020-0707 |
Microsoft Windows IME |
Memory Corruption |
|
CVE-2020-0706 |
Microsoft Edge |
Information Disclosure |
|
CVE-2020-0706 |
Microsoft Internet Explorer |
Information Disclosure |
|
CVE-2020-0705 |
Microsoft Windows Network Driver Interface Specification |
Information Disclosure |
|
CVE-2020-0704 |
Microsoft Windows Wireless Network Manager |
Memory Corruption |
|
CVE-2020-0703 |
Microsoft Windows Backup Service |
Privilege Escalation |
|
CVE-2020-0701 |
Microsoft Windows Client License Service |
Memory Corruption |
|
CVE-2020-0698 |
Microsoft Windows Telephony Service |
Information Disclosure |
|
CVE-2020-0697 |
Microsoft Office OLicenseHeartbeat |
Privilege Escalation |
|
CVE-2020-0696 |
Microsoft Office Security Feature |
Privilege Escalation |
|
CVE-2020-0695 |
Microsoft Office Online Server Cross-Origin |
Privilege Escalation |
|
CVE-2020-0694 |
Microsoft SharePoint Enterprise Server |
Cross Site Scripting |
|
CVE-2020-0692 |
Microsoft Exchange Server Exchange Web Services |
Privilege Escalation |
|
CVE-2020-0691 |
Microsoft Windows Win32k |
Memory Corruption |
|
CVE-2020-0689 |
Microsoft Windows Secure Boot |
Privilege Escalation |
|
CVE-2020-0688 |
Microsoft Exchange Server |
Memory Corruption |
|
CVE-2020-0686 |
Microsoft Windows Windows Installer |
Privilege Escalation |
|
CVE-2020-0685 |
Microsoft Windows COM Server |
Privilege Escalation |
|
CVE-2020-0683 |
Microsoft Windows Windows Installer |
Privilege Escalation |
|
CVE-2020-0682 |
Microsoft Windows Function Discovery Service |
Memory Corruption |
|
CVE-2020-0680 |
Microsoft Windows Function Discovery Service |
Memory Corruption |
|
CVE-2020-0679 |
Microsoft Windows Function Discovery Service |
Memory Corruption |
|
CVE-2020-0678 |
Microsoft Windows Error Reporting Manager |
Privilege Escalation |
|
CVE-2020-0677 |
Microsoft Windows Key Isolation Service |
Information Disclosure |
|
CVE-2020-0676 |
Microsoft Windows Key Isolation Service |
Information Disclosure |
|
CVE-2020-0675 |
Microsoft Windows Key Isolation Service |
Information Disclosure |
|
CVE-2020-0668 CVE-2020-0669 CVE-2020-0670 CVE-2020-0671 CVE-2020-0672
|
Microsoft Windows Kernel |
Memory Corruption |
|
CVE-2020-0667 |
Microsoft Windows Windows Search Indexer |
Memory Corruption |
|
CVE-2020-0666 |
Microsoft Windows Windows Search Indexer |
Memory Corruption |
|
CVE-2020-0665 |
Microsoft Windows Active Directory |
Privilege Escalation |
|
CVE-2020-0663 |
Microsoft Edge Cross-Domain |
Privilege Escalation |
|
CVE-2020-0661 |
Microsoft Windows Hyper-V |
Denial of Service |
|
CVE-2020-0660 |
Microsoft Windows Remote Desktop Protocol |
Denial of Service |
|
CVE-2020-0659 |
Microsoft Windows Data Sharing Service |
Privilege Escalation |
|
CVE-2020-0658 |
Microsoft Windows Common Log File System Driver |
Information Disclosure |
|
CVE-2020-0657 |
Microsoft Windows Common Log File System Driver |
Memory Corruption |
|
CVE-2020-0655 |
Microsoft Windows Remote Desktop Service |
Memory Corruption |
|
CVE-2020-0618 |
Microsoft SQL Server Reporting Services |
Privilege Escalation |
|
CVE-2020-0738 |
Microsoft Windows Media Foundation |
Memory Corruption |
|
CVE-2020-0729 |
Microsoft Windows LNK |
Privilege Escalation |
|
CVE-2020-0662 |
Microsoft Windows |
Memory Corruption |
|
CVE-2020-0734 |
Microsoft Windows Remote Desktop |
Privilege Escalation |
|
CVE-2020-0681 |
Microsoft Windows Remote Desktop |
Privilege Escalation |
|
CVE-2020-0767 |
Microsoft Edge/ChakraCore Scripting Engine |
Memory Corruption |
|
CVE-2020-0713 |
Microsoft Edge/ChakraCore Scripting Engine |
Memory Corruption |
|
CVE-2020-0712 |
Microsoft Edge/ChakraCore Scripting Engine |
Memory Corruption |
|
CVE-2020-0711 |
Microsoft Edge/ChakraCore Scripting Engine |
Memory Corruption |
|
CVE-2020-0710 |
Microsoft Edge/ChakraCore Scripting Engine |
Memory Corruption |
|
CVE-2020-0674 |
Microsoft Internet Explorer Scripting Engine |
Memory Corruption |
|
CVE-2020-0673 |
Microsoft Internet Explorer Scripting Engine |
Memory Corruption |
|
CVE-2020-8894 |
MISP ACL ThreadsController.php |
Unknown Vulnerability |
|
CVE-2020-8893 |
MISP Galaxy View view.ctp |
Unknown Vulnerability |
|
CVE-2020-8892 |
MISP HTTP PUT |
Unknown Vulnerability |
|
CVE-2020-8890 |
MISP Time Skew |
Unknown Vulnerability |
|
CVE-2020-8891 |
MISP Username |
Unknown Vulnerability |
|
CVE-2020-8946 |
Netis WF2471 sys_log_clean.cgi |
Privilege Escalation |
|
CVE-2020-2115 |
NUnit Plugin XML Parser |
XML External Entity |
|
CVE-2020-8953 |
OpenVPN Access Server LDAP |
Weak Authentication |
|
CVE-2020-7217 |
openSUSE wicked ni_dhcp4_fsm_process_dhcp4_packet |
Denial of Service |
|
CVE-2020-1976 |
Palo Alto GlobalProtect Crash |
Denial of Service |
|
CVE-2020-1975 |
Palo Alto PAN-OS Web Interface |
Privilege Escalation |
|
CVE-2020-8596 |
Participants Database Plugin participants-database.php |
SQL injection |
|
CVE-2020-2116 |
Pipeline GitHub Notify Step Plugin |
Cross Site Request Forgery |
|
CVE-2020-2118 |
Pipeline GitHub Notify Step Plugin Permission Check |
Privilege Escalation |
|
CVE-2020-2117 |
Pipeline GitHub Notify Step Plugin Permission Check |
Privilege Escalation |
|
CVE-2020-2123 |
RadarGun Plugin YAML Parser |
Remote Code Execution |
|
CVE-2020-8950 |
Radeon AMD User Experience Program Launcher AUEPLauncher Service |
Privilege Escalation |
|
CVE-2018-3987 |
Rakuten Viber Secret Chat |
Information Disclosure |
|
CVE-2019-11867 |
Realtek NDIS Driver rt640x64.sys |
Memory Corruption |
|
CVE-2020-6189 |
SAP Business Intelligence Platform Setting Pages |
Information Disclosure |
|
CVE-2020-6188 |
SAP ERP/S-4 HANA VAT Pro-Rata Reports |
Privilege Escalation |
|
CVE-2020-6186 |
SAP Host Agent |
Denial of Service |
|
CVE-2020-6183 |
SAP Host Agent Shared Memory |
Information Disclosure |
|
CVE-2020-6192 |
SAP Landscape Management Host Agent |
Privilege Escalation |
|
CVE-2020-6191 |
SAP Landscape Management Host Agent |
Privilege Escalation |
|
CVE-2020-6177 |
SAP Mobile Platform XML Document |
Denial of Service |
|
CVE-2020-6190 |
SAP NetWeaver AS JAVA Endpoint |
Information Disclosure |
|
CVE-2020-6193 |
SAP NetWeaver Reflected |
Cross Site Scripting |
|
CVE-2020-6181 |
SAP NetWeaver Response Splitting |
Privilege Escalation |
|
CVE-2020-6187 |
SAP NetWeaver XML Document |
Denial of Service |
|
CVE-2020-6184 |
SAP NetWeaver/S-4HANA ABAP Online Community Reflected |
Cross Site Scripting |
|
CVE-2020-6185 |
SAP NetWeaver/S-4HANA ABAP Online Community Stored |
Cross Site Scripting |
|
CVE-2020-2110 |
Script Security Plugin Sandbox |
Privilege Escalation |
|
CVE-2020-3935 |
Secom Dr.ID Cookie Cleartext |
Information Disclosure |
|
CVE-2020-3934 |
Secom Dr.ID |
SQL injection |
|
CVE-2020-3933 |
Secom Dr.ID User |
Information Disclosure |
|
CVE-2019-13946 |
Siemens SCALANCE DCE-RPC interface Memory Exhaustion |
Denial of Service |
|
CVE-2019-13941 |
Siemens OZW672/OZW772 Web Server export |
Information Disclosure |
|
CVE-2019-13940 |
Siemens SIMATIC S7-1200 CPU Web Server |
Denial of Service |
|
CVE-2019-13926 |
Siemens SCALANCE S602 Web Server |
Denial of Service |
|
CVE-2019-13925 |
Siemens SCALANCE S602 Web Server |
Denial of Service |
|
CVE-2019-13924 |
Siemens SCALANCE X-408 Administrative Web Interface Clickjacking |
Privilege Escalation |
|
CVE-2019-3998 |
SimpliSafe SS3 |
Weak Authentication |
|
CVE-2020-8802 |
SuiteCRM Access Control action_saveHTMLField |
Unknown Vulnerability |
|
CVE-2020-8803 |
SuiteCRM add_to_prospect_list |
Directory Traversal |
|
CVE-2020-8800 |
SuiteCRM EmailsControllerActionGetFromFields |
Privilege Escalation |
|
CVE-2020-8801 |
SuiteCRM Phar Deserialization |
Unknown Vulnerability |
|
CVE-2020-8804 |
SuiteCRM SOAP API |
SQL injection |
|
CVE-2020-8964 |
TimeTools T550 Cookie t3.cgi |
Weak Authentication |
|
CVE-2020-8963 |
TimeTools T550 t3.cgi |
Privilege Escalation |
|
CVE-2020-8955 |
WeeChat irc-mode.c irc_mode_channel_update |
Memory Corruption |
