آسیبپذیریهای حیاتی هفته چهارم مردادماه
این هفته آسیبپذیریهای «حیاتی» و «پرخطر» بسیاری در محصولات مهمترین شرکتها از جمله Microsoft، Adobe، Google و Apple گزارش و وصلهها و بهروزرسانیهایی به منظور رفع آنها ارائه شد. همچنین در محصولات شرکتهای IBM، Telegram ، McAfee، Mozilla، Intel، Huawei، Siemens و Nextcloud چندین آسیبپذیری «حیاتی» و «پرخطر» وجود داشت. امّا مهمترین آسیبپذیریهای این هفته، دو آسیبپذیری مایکروسافت بود که پیش از انتشار رسمی و ارائه وصله، اکسپلویت فعّال روزصفر داشتند.
لیست این آسیبپذیریها به همراه لینک وصلهها و بهروزرسانیهای ارائهشده در جدول زیر آمده است.
|
شناسه آسیبپذیری |
امتیاز مبنا |
محصول آسیبپذیر |
نوع آسیبپذیری |
ارزش روز صفر |
اطلاعات تهدید سایبری (CTI) |
رفع آسیبپذیری |
|
CVE-2019-20383 |
۵.۳ |
ABBYY FineReader License Server |
Privilege Escalation |
$۲k-$5k |
۰.۱۹ |
|
|
CVE-2020-9698 |
۶.۳ |
Adobe Acrobat Reader Code Execution |
Memory Corruption |
$۲k-$5k |
۰.۴۸ |
|
|
CVE-2020-9699 |
۶.۳ |
Adobe Acrobat Reader Code Execution |
Memory Corruption |
$۰-$۱k |
۰.۲۶ |
|
|
CVE-2020-9700 |
۶.۳ |
Adobe Acrobat Reader Code Execution |
Memory Corruption |
$۲k-$5k |
۰.۰۹ |
|
|
CVE-2020-9701 |
۶.۳ |
Adobe Acrobat Reader Code Execution |
Memory Corruption |
$۲k-$5k |
۰.۳۵ |
|
|
CVE-2020-9704 |
۶.۳ |
Adobe Acrobat Reader Code Execution |
Memory Corruption |
$۲k-$5k |
۰.۳۵ |
|
|
CVE-2020-9697 |
۴.۳ |
Adobe Acrobat Reader |
Information Disclosure |
$۰-$۱k |
۰.۶۲ |
|
|
CVE-2020-9702 |
۴.۳ |
Adobe Acrobat Reader Memory Exhaustion |
DoS |
$۲k-$5k |
۰.۱۷ |
|
|
CVE-2020-9703 |
۴.۳ |
Adobe Acrobat Reader Memory Exhaustion |
DoS |
$۲k-$5k |
۰.۴۹ |
|
|
CVE-2020-9705 |
۴.۳ |
Adobe Acrobat Reader Out-of-Bounds |
Information Disclosure |
$۲k-$5k |
۰.۳۵ |
|
|
CVE-2020-9706 |
۴.۳ |
Adobe Acrobat Reader Out-of-Bounds |
Information Disclosure |
$۲k-$5k |
۰.۳۸ |
|
|
CVE-2020-9707 |
۴.۳ |
Adobe Acrobat Reader Out-of-Bounds |
Information Disclosure |
$۲k-$5k |
۰.۲۷ |
|
|
CVE-2020-9710 |
۴.۳ |
Adobe Acrobat Reader Out-of-Bounds |
Information Disclosure |
$۲k-$5k |
۰.۴۴ |
|
|
CVE-2020-9716 |
۴.۳ |
Adobe Acrobat Reader Out-of-Bounds |
Information Disclosure |
$۲k-$5k |
۰.۱۷ |
|
|
CVE-2020-9717 |
۴.۳ |
Adobe Acrobat Reader Out-of-Bounds |
Information Disclosure |
$۲k-$5k |
۰.۲۷ |
|
|
CVE-2020-9718 |
۴.۳ |
Adobe Acrobat Reader Out-of-Bounds |
Information Disclosure |
$۲k-$5k |
۰.۴۰ |
|
|
CVE-2020-9719 |
۴.۳ |
Adobe Acrobat Reader Out-of-Bounds |
Information Disclosure |
$۲k-$5k |
۰.۰۹ |
|
|
CVE-2020-9720 |
۴.۳ |
Adobe Acrobat Reader Out-of-Bounds |
Information Disclosure |
$۰-$۱k |
۰.۳۸ |
|
|
CVE-2020-9721 |
۴.۳ |
Adobe Acrobat Reader Out-of-Bounds |
Information Disclosure |
$۲k-$5k |
۷.۹۶ |
|
|
CVE-2020-9723 |
۴.۳ |
Adobe Acrobat Reader Out-of-Bounds |
Information Disclosure |
$۱۰k-$25k |
۰.۰۹ |
|
|
CVE-2020-9693 |
۶.۳ |
Adobe Acrobat Reader Out-of-Bounds |
Memory Corruption |
$۲k-$5k |
۰.۷۱ |
|
|
CVE-2020-9694 |
۶.۳ |
Adobe Acrobat Reader Out-of-Bounds |
Memory Corruption |
$۲k-$5k |
۰.۸۹ |
|
|
CVE-2020-9696 |
۶.۳ |
Adobe Acrobat Reader |
Privilege Escalation |
$۱۰k-$25k |
۱.۱۳ |
|
|
CVE-2020-9712 |
۶.۳ |
Adobe Acrobat Reader |
Privilege Escalation |
Calculating |
۰.۰۰+ |
|
|
CVE-2020-9714 |
۶.۳ |
Adobe Acrobat Reader |
Privilege Escalation |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-9715 |
۶.۳ |
Adobe Acrobat Reader Use-After-Free |
Memory Corruption |
$۰-$۱k |
۰.۰۰ |
|
|
CVE-2020-9722 |
۶.۳ |
Adobe Acrobat Reader Use-After-Free |
Memory Corruption |
$۰-$۱k |
۰.۰۰ |
|
|
CVE-2020-15596 |
۳.۵ |
ALPS Alpine TouchPad Driver DLL |
Information Disclosure |
$۰-$۱k |
۰.۰۰ |
|
|
CVE-2020-11976 |
۷.۵ |
Apache Wicket HTML Templates |
Information Disclosure |
$۱k-$2k |
۰.۰۰ |
|
|
CVE-2020-9875 |
۶.۳ |
Apple iCloud ImageIO Integer |
Memory Corruption |
$۵k-$10k |
۰.۴۰ |
|
|
CVE-2020-9875 |
۶.۳ |
Apple iCloud ImageIO Integer |
Memory Corruption |
$۵k-$10k |
۰.۰۷ |
|
|
CVE-2020-9919 |
۶.۳ |
Apple iCloud ImageIO |
Memory Corruption |
$۲k-$5k |
۶.۰۸ |
|
|
CVE-2020-9919 |
۶.۳ |
Apple iCloud ImageIO |
Memory Corruption |
$۱k-$2k |
۰.۰۰ |
|
|
CVE-2020-9871 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۱k-$2k |
۰.۰۵ |
|
|
CVE-2020-9871 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۰-$۱k |
۰.۲۶ |
|
|
CVE-2020-9872 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۱k-$2k |
۰.۳۴ |
|
|
CVE-2020-9872 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۲k-$5k |
۰.۱۷ |
|
|
CVE-2020-9873 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۱k-$2k |
۷.۶۵ |
|
|
CVE-2020-9873 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۲k-$5k |
۰.۱۰ |
|
|
CVE-2020-9874 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۲k-$5k |
۵.۶۴ |
|
|
CVE-2020-9874 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۱k-$2k |
۰.۰۰ |
|
|
CVE-2020-9876 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
Calculating |
۰.۰۰+ |
|
|
CVE-2020-9876 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۱k-$2k |
۰.۳۵ |
|
|
CVE-2020-9877 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۱۰k-$25k |
۱۰.۰۰- |
|
|
CVE-2020-9877 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-9879 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۵k-$10k |
۰.۰۵ |
|
|
CVE-2020-9879 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-9936 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۱۰k-$25k |
۴.۴۵ |
|
|
CVE-2020-9936 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۲k-$5k |
۰.۸۶ |
|
|
CVE-2020-9937 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۲k-$5k |
۸.۵۲ |
|
|
CVE-2020-9937 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۰-$۱k |
۸.۶۹ |
|
|
CVE-2020-9938 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۲k-$5k |
۰.۲۷ |
|
|
CVE-2020-9938 |
۶.۳ |
Apple iCloud ImageIO Out-of-Bounds |
Memory Corruption |
$۲k-$5k |
۰.۳۶ |
|
|
CVE-2020-9915 |
۶.۳ |
Apple iCloud WebKit CSP |
Privilege Escalation |
$۲k-$5k |
۸.۹۱ |
|
|
CVE-2020-9915 |
۶.۳ |
Apple iCloud WebKit CSP |
Privilege Escalation |
$۲k-$5k |
۹.۳۴ |
|
|
CVE-2020-9894 |
۶.۳ |
Apple iCloud WebKit Out-of-Bounds |
Memory Corruption |
$۱k-$2k |
۹.۲۸ |
|
|
CVE-2020-9894 |
۶.۳ |
Apple iCloud WebKit Out-of-Bounds |
Memory Corruption |
$۰-$۱k |
۰.۴۳ |
|
|
CVE-2020-9916 |
۶.۳ |
Apple iCloud WebKit Page Loading |
Spoofing |
$۱k-$2k |
۱.۵۲ |
|
|
CVE-2020-9916 |
۶.۳ |
Apple iCloud WebKit Page Loading |
Spoofing |
$۰-$۱k |
۰.۱۷ |
|
|
CVE-2020-9910 |
۶.۳ |
Apple iCloud WebKit |
Privilege Escalation |
$۰-$۱k |
۰.۴۴ |
|
|
CVE-2020-9910 |
۶.۳ |
Apple iCloud WebKit |
Privilege Escalation |
$۰-$۱k |
۰.۰۰ |
|
|
CVE-2020-9925 |
۴.۳ |
Apple iCloud WebKit Universal |
XSS |
$۱k-$2k |
۰.۰۹ |
|
|
CVE-2020-9925 |
۴.۳ |
Apple iCloud WebKit Universal |
XSS |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-9893 |
۶.۳ |
Apple iCloud WebKit Use-After-Free |
Memory Corruption |
$۱k-$2k |
۰.۰۸ |
|
|
CVE-2020-9893 |
۶.۳ |
Apple iCloud WebKit Use-After-Free |
Memory Corruption |
$۵k-$10k |
۰.۰۹ |
|
|
CVE-2020-9895 |
۶.۳ |
Apple iCloud WebKit Use-After-Free |
Memory Corruption |
Calculating |
۰.۰۰+ |
|
|
CVE-2020-9895 |
۶.۳ |
Apple iCloud WebKit Use-After-Free |
Memory Corruption |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-9862 |
۴.۸ |
Apple iCloud WebKit Web Inspector |
Command Injection |
$۱k-$2k |
۰.۰۸ |
|
|
CVE-2020-9862 |
۴.۸ |
Apple iCloud WebKit Web Inspector |
Command Injection |
$۰-$۱k |
۰.۰۰ |
|
|
CVE-2020-17505 |
۶.۳ |
Artica Web Proxy cyrus.php |
Command Injection |
$۰-$۱k |
۰.۰۰ |
Not Defined |
|
CVE-2020-17506 |
۶.۳ |
Artica Web Proxy Privileges fw.login.php |
SQL Injection |
$۱k-$2k |
۰.۰۷ |
Not Defined |
|
CVE-2020-16299 |
۵.۵ |
Artifex Ghostscript gdev10v.c bj10v_print_page() Divide-by-Zero |
DoS |
$۲k-$5k |
۰.۰۸ |
Not Defined |
|
CVE-2020-16305 |
۵.۵ |
Artifex Ghostscript gdev10v.c pcx_write_rle() |
Memory Corruption |
$۱۰k-$25k |
۰.۱۸ |
|
|
CVE-2020-16290 |
۵.۵ |
Artifex Ghostscript gdev3852.c jetp3852_print_page() |
Memory Corruption |
$۲k-$5k |
۰.۰۹ |
Not Defined |
|
CVE-2020-16302 |
۷.۸ |
Artifex Ghostscript gdev3852.c jetp3852_print_page() |
Memory Corruption |
$۱۰k-$25k |
۰.۱۷ |
|
|
CVE-2020-16297 |
۵.۵ |
Artifex Ghostscript gdevbjca.c FloydSteinbergDitheringC() |
Memory Corruption |
$۱k-$2k |
۰.۰۹ |
Not Defined |
|
CVE-2020-16308 |
۵.۵ |
Artifex Ghostscript gdevcdj.c p_print_image() |
Memory Corruption |
$۱۰k-$25k |
۰.۱۸ |
|
|
CVE-2020-16289 |
۵.۵ |
Artifex Ghostscript gdevcif.c cif_print_page() |
Memory Corruption |
$۵k-$10k |
۰.۳۸ |
Not Defined |
|
CVE-2020-16295 |
۵.۵ |
Artifex Ghostscript gdevclj.c clj_media_size() NULL Pointer Dereference |
DoS |
$۱۰k-$25k |
۰.۰۸ |
Not Defined |
|
CVE-2020-16291 |
۵.۵ |
Artifex Ghostscript gdevdj9.c |
Memory Corruption |
$۵k-$10k |
۰.۲۶ |
Not Defined |
|
CVE-2020-16310 |
۴.۳ |
Artifex Ghostscript gdevdm24.c dot24_print_page() |
DoS |
$۱۰k-$25k |
۰.۱۶ |
|
|
CVE-2020-16294 |
۵.۵ |
Artifex Ghostscript gdevepsc.c epsc_print_page() |
Memory Corruption |
$۵k-$10k |
۰.۱۶ |
Not Defined |
|
CVE-2020-17538 |
۵.۵ |
Artifex Ghostscript gdevlips.c GetNumSameData() |
Memory Corruption |
$۵k-$10k |
۰.۰۹ |
Not Defined |
|
CVE-2020-16296 |
۵.۵ |
Artifex Ghostscript gdevlips.c GetNumWrongData() |
Memory Corruption |
$۲k-$5k |
۰.۰۰ |
Not Defined |
|
CVE-2020-16287 |
۵.۵ |
Artifex Ghostscript gdevlprn.c lprn_is_black() |
Memory Corruption |
Calculating |
۰.۰۰+ |
Not Defined |
|
CVE-2020-16309 |
۵.۵ |
Artifex Ghostscript gdevlxm.c lxm5700m_print_page() |
Memory Corruption |
$۱۰k-$25k |
۰.۰۶ |
|
|
CVE-2020-16298 |
۵.۵ |
Artifex Ghostscript gdevmjc.c mj_color_correct() |
Memory Corruption |
$۲k-$5k |
۰.۰۰ |
Not Defined |
|
CVE-2020-16292 |
۵.۵ |
Artifex Ghostscript gdevmjc.c mj_raster_cmd() |
Memory Corruption |
$۱k-$2k |
۰.۰۹ |
Not Defined |
|
CVE-2020-16301 |
۵.۵ |
Artifex Ghostscript gdevokii.c okiibm_print_page1() |
Memory Corruption |
$۲k-$5k |
۴.۴۷ |
Not Defined |
|
CVE-2020-16288 |
۵.۵ |
Artifex Ghostscript gdevpjet.c pj_common_print_page() |
Memory Corruption |
$۰-$۱k |
۱.۹۹ |
Not Defined |
|
CVE-2020-16300 |
۵.۵ |
Artifex Ghostscript gdevtfnx.c tiff12_print_page() |
Memory Corruption |
$۱k-$2k |
۰.۱۸ |
Not Defined |
|
CVE-2020-16306 |
۴.۳ |
Artifex Ghostscript gdevtsep.c NULL Pointer Dereference |
DoS |
$۱k-$2k |
۰.۰۹ |
|
|
CVE-2020-16307 |
۴.۳ |
Artifex Ghostscript gdevtxtw.c NULL Pointer Dereference |
DoS |
$۱k-$2k |
۰.۰۰ |
|
|
CVE-2020-16303 |
۷.۸ |
Artifex Ghostscript gdevxps.c xps_finish_image_path() Use-After-Free |
Memory Corruption |
$۱k-$2k |
۰.۰۹ |
|
|
CVE-2020-16293 |
۵.۵ |
Artifex Ghostscript gxblend.c NULL Pointer Dereference |
DoS |
$۲k-$5k |
۰.۰۰ |
Not Defined |
|
CVE-2020-16304 |
۷.۸ |
Artifex Ghostscript gxicolor.c image_render_color_thresh() |
Memory Corruption |
$۰-$۱k |
۰.۰۹ |
|
|
CVE-2020-24343 |
۵.۵ |
Artifex MuJS jsrun.c Use-After-Free |
Memory Corruption |
$۱k-$2k |
۶.۹۴ |
Not Defined |
|
CVE-2020-8904 |
۹.۶ |
Asylo ecall_restore |
Memory Corruption |
$۲k-$5k |
۵.۸۱ |
|
|
CVE-2020-8905 |
۶.۵ |
Asylo enc_untrusted_recvfrom Deserialization |
Memory Corruption |
$۲k-$5k |
۵.۷۳ |
|
|
CVE-2020-17446 |
۶.۳ |
asyncpg Server Response |
Memory Corruption |
$۲k-$5k |
۵.۸۱ |
|
|
CVE-2020-7029 |
۶.۴ |
Avaya Aura Communication Manager/Aura Messaging System Management Interface cross site request forgery |
CSRF |
$۱k-$2k |
۰.۰۸ |
|
|
CVE-2020-8911 |
۵.۶ |
AWS S3 Crypto SDK for GoLang AES-CBC |
Weak Encryption |
$۲k-$5k |
۰.۵۳ |
|
|
CVE-2020-8912 |
۲.۵ |
AWS S3 Crypto SDK for GoLang AES-GCM Key |
Weak Encryption |
$۰-$۱k |
۱.۲۳ |
|
|
CVE-2020-6932 |
۵.۵ |
BlackBerry QNX Software Development Platform Slinger Web Server |
Code Execution |
$۲k-$5k |
۱.۰۴ |
Not Defined |
|
CVE-2020-16138 |
۶.۵ |
Cisco Unified IP Conference Station 7937G |
DoS |
$۲k-$5k |
۰.۵۲ |
Not Defined |
|
CVE-2020-16139 |
۳.۵ |
Cisco Unified IP Conference Station 7937G Restart |
DoS |
$۱k-$2k |
۶.۹۴ |
Not Defined |
|
CVE-2020-16137 |
۵.۵ |
Cisco Unified IP Conference Station 7937G SSH Administrative Console |
Privilege Escalation |
$۲۵k-$50k |
۰.۲۶ |
Not Defined |
|
CVE-2020-17462 |
۵.۵ |
CMS Made Simple File Manager File Upload |
Privilege Escalation |
$۲۵k-$50k |
۱.۳۸ |
Not Defined |
|
CVE-2020-12777 |
۷.۵ |
Combodo iTop Access Control Command |
Privilege Escalation |
$۲۵k-$50k |
۰.۴۳ |
Not Defined |
|
CVE-2020-12781 |
۸.۸ |
Combodo iTop cross site request forgery |
CSRF |
$۲۵k-$50k |
۰.۰۹ |
Not Defined |
|
CVE-2020-12778 |
۶.۱ |
Combodo iTop |
XSS |
$۲۵k-$50k |
۰.۰۹ |
Not Defined |
|
CVE-2020-12779 |
۵.۴ |
Combodo iTop File Upload Stored |
XSS |
$۱۰k-$25k |
۰.۵۲ |
Not Defined |
|
CVE-2020-12780 |
۷.۵ |
Combodo iTop |
Information Disclosure |
$۱۰k-$25k |
۰.۱۴ |
Not Defined |
|
CVE-2020-15145 |
۶.۷ |
Composer-Setup |
Privilege Escalation |
$۱۰k-$25k |
۰.۰۷ |
|
|
CVE-2020-5415 |
۱۰.۰ |
Concourse GitLab Auth Connector |
Spoofing |
$۱۰k-$25k |
۰.۱۸ |
|
|
CVE-2020-17478 |
۷.۵ |
Crypt::Perl EC Point Multiplication Point.pm Timing |
Information Disclosure |
$۱۰k-$25k |
۲.۸۱ |
|
|
CVE-2020-9526 |
۵.۹ |
CS2 Network P2P |
Information Disclosure |
$۱۰k-$25k |
۰.۱۹ |
Not Defined |
|
CVE-2020-9525 |
۸.۱ |
CS2 Network P2P Man-in-the-Middle |
Weak Authentication |
$۱۰k-$25k |
۳.۲۰ |
Not Defined |
|
CVE-2020-10055 |
۹.۸ |
Desigo CC/CC Compact BIRT |
Remote Code Execution |
$۱۰k-$25k |
۰.۱۴ |
Not Defined |
|
CVE-2020-17495 |
۷.۵ |
django-celery-results Cleartext |
Information Disclosure |
$۱۰k-$25k |
۰.۰۷ |
Not Defined |
|
CVE-2020-12673 |
۳.۵ |
Dovecot NTLM Out-of-Bounds |
DoS |
$۱۰k-$25k |
۰.۰۷ |
|
|
CVE-2020-12674 |
۳.۵ |
Dovecot RPA Request Crash |
DoS |
$۱۰k-$25k |
۲.۵۵ |
|
|
CVE-2020-12100 |
۴.۳ |
Dovecot Submission/lmtp/lda Recursion |
DoS |
$۱۰k-$25k |
۲.۸۶ |
|
|
CVE-2020-2232 |
۷.۵ |
Email Extension Plugin Configuration Password |
Information Disclosure |
$۱۰k-$25k |
۰.۰۰ |
|
|
CVE-2020-6145 |
۸.۸ |
ERPNext frappe.desk.reportview.get |
SQL Injection |
$۱۰k-$25k |
۰.۰۸ |
Not Defined |
|
CVE-2020-16186 |
۶.۱ |
Firco Continuity Login Page Stored |
XSS |
$۲۵k-$50k |
۰.۱۷ |
Not Defined |
|
CVE-2020-17367 |
۷.۸ |
Firejail |
Command Injection |
$۲۵k-$50k |
۰.۰۹ |
Not Defined |
|
CVE-2020-17368 |
۹.۸ |
Firejail |
Command Injection |
$۲۵k-$50k |
۰.۲۶ |
Not Defined |
|
CVE-2020-17451 |
۴.۸ |
flatCore |
XSS |
$۲۵k-$50k |
۰.۲۶ |
|
|
CVE-2020-17452 |
۷.۲ |
flatCore File Upload |
Remote Code Execution |
$۲۵k-$50k |
۰.۱۷ |
|
|
CVE-2019-5591 |
۳.۱ |
Fortinet FortiOS LDAP |
Information Disclosure |
$۲۵k-$50k |
۰.۵۲ |
Not Defined |
|
CVE-2020-6070 |
۷.۸ |
fsck.f2fs File System Check Out-of-Bounds |
Memory Corruption |
$۲۵k-$50k |
۰.۱۷ |
Not Defined |
|
CVE-2020-17463 |
۹.۸ |
Fuel CMS items |
SQL Injection |
$۱k-$2k |
۰.۲۶ |
Not Defined |
|
CVE-2020-9078 |
۷.۸ |
FusionCompute |
Privilege Escalation |
$۵k-$10k |
۰.۰۹ |
Not Defined |
|
CVE-2020-16205 |
۸.۸ |
Geutebrück G-Cam/G-Code URL |
Privilege Escalation |
$۱۰k-$25k |
۱.۵۶ |
Not Defined |
|
CVE-2020-13290 |
۷.۵ |
GitLab Access Control |
Privilege Escalation |
$۱۰k-$25k |
۱.۳۹ |
|
|
CVE-2020-13294 |
۵.۴ |
GitLab Application |
Unknown Vulnerability |
$۱۰k-$25k |
۱.۲۲ |
|
|
CVE-2020-13293 |
۷.۱ |
GitLab Branch Name |
Privilege Escalation |
$۱۰k-$25k |
۰.۸۷ |
|
|
CVE-2020-13288 |
۵.۵ |
GitLab CI-CD Jobs Page Stored |
XSS |
$۱۰k-$25k |
۱.۳۸ |
|
|
CVE-2020-13286 |
۴.۳ |
GitLab Configuration |
Server-Side Request Forgery |
$۱۰k-$25k |
۱.۳۰ |
|
|
CVE-2020-13292 |
۹.۶ |
GitLab E-Mail Verification |
Weak Authentication |
$۱۰k-$25k |
۱.۲۲ |
|
|
CVE-2020-13282 |
۳.۱ |
GitLab Group Transfer |
Privilege Escalation |
$۱۰k-$25k |
۱.۳۹ |
|
|
CVE-2020-13280 |
۶.۵ |
GitLab Logging Memory Exhaustion |
DoS |
$۱۰k-$25k |
۱.۳۰ |
|
|
CVE-2020-13283 |
۷.۳ |
GitLab Milestone Title |
XSS |
$۱۰k-$25k |
۱.۴۸ |
|
|
CVE-2020-13281 |
۶.۵ |
GitLab Project Import |
DoS |
$۱۰k-$25k |
۱.۳۰ |
|
|
CVE-2020-13295 |
۸.۸ |
GitLab Shared Runner |
Server-Side Request Forgery |
$۱۰k-$25k |
۰.۹۵ |
|
|
CVE-2020-13291 |
۸.۱ |
GitLab Sharing |
Privilege Escalation |
$۱۰k-$25k |
۱.۲۲ |
|
|
CVE-2020-13285 |
۷.۳ |
GitLab Tooltip |
XSS |
$۱۰k-$25k |
۱.۳۹ |
|
|
CVE-2020-17489 |
۴.۳ |
GNOME gnome-shell Password Box |
Information Disclosure |
$۱۰k-$25k |
۱.۰۴ |
Not Defined |
|
CVE-2020-0258 |
۵.۵ |
Google Android AppZygote.java stopZygoteLocked |
Information Disclosure |
$۱۰k-$25k |
۱.۳۹ |
|
|
CVE-2020-0257 |
۷.۸ |
Google Android com_android_internal_os_Zygote.cpp SpecializeCommon |
Privilege Escalation |
$۱۰k-$25k |
۱.۱۳ |
|
|
CVE-2020-0259 |
۷.۸ |
Google Android dm-android-verity.c android_verity_ctr |
Privilege Escalation |
$۱۰k-$25k |
۱.۲۲ |
|
|
CVE-2020-0239 |
۵.۵ |
Google Android DocumentsContract.java getDocumentMetadata |
Information Disclosure |
$۱۰k-$25k |
۱.۳۰ |
|
|
CVE-2020-0240 |
۸.۸ |
Google Android factory.cc NewFixedDoubleArray Integer Overflow |
Memory Corruption |
$۱۰k-$25k |
۰.۷۸ |
|
|
CVE-2020-0256 |
۶.۸ |
Google Android gpt.cc LoadPartitionTable Out-of-Bounds |
Memory Corruption |
$۱۰k-$25k |
۱.۲۲ |
|
|
CVE-2020-0247 |
۵.۵ |
Google Android ImageProcessHelper.java getHistogram Loop |
DoS |
$۱۰k-$25k |
۱.۲۳ |
|
|
CVE-2020-0248 |
۵.۵ |
Google Android InstantAppNotifier.java postInstantAppNotif |
Information Disclosure |
$۱۰k-$25k |
۱.۵۶ |
|
|
CVE-2020-0249 |
۵.۵ |
Google Android InstantAppNotifier.java postInstantAppNotif |
Information Disclosure |
$۱۰k-$25k |
۱.۲۲ |
|
|
CVE-2020-0243 |
۷.۸ |
Google Android MediaAnalyticsItem.cpp clearPropValue Use-After-Free |
Memory Corruption |
$۱۰k-$25k |
۰.۸۷ |
|
|
CVE-2020-0242 |
۷.۸ |
Google Android NuPlayerDriver.cpp reset Use-After-Free |
Memory Corruption |
$۱۰k-$25k |
۱.۱۳ |
|
|
CVE-2020-0241 |
۷.۸ |
Google Android NuPlayerStreamListener.cpp NuPlayerStreamListener Double-Free |
Memory Corruption |
$۱۰k-$25k |
۱.۳۱ |
|
|
CVE-2020-0251 |
۷.۵ |
Google Android Out-of-Bounds |
Memory Corruption |
$۱۰k-$25k |
۱.۳۰ |
|
|
CVE-2020-0254 |
۷.۵ |
Google Android Out-of-Bounds |
Memory Corruption |
$۵k-$10k |
۱.۳۹ |
|
|
CVE-2020-0260 |
۹.۱ |
Google Android Out-of-Bounds |
Memory Corruption |
$۵k-$10k |
۱.۳۰ |
|
|
CVE-2020-0250 |
۵.۵ |
Google Android Permission Check PhoneInterfaceManager.java requestCellInfoUpdateInternal |
Information Disclosure |
$۱۰k-$25k |
۱.۱۳ |
|
|
CVE-2020-8913 |
۸.۸ |
Google Android Play Core |
Remote Code Execution |
$۱۰k-$25k |
۱.۰۴ |
|
|
CVE-2020-0261 |
۵.۳ |
Google Android seccomp |
Privilege Escalation |
$۵k-$10k |
۱.۴۷ |
|
|
CVE-2020-0108 |
۷.۸ |
Google Android ServiceRecord.java postNotification |
Privilege Escalation |
$۵k-$10k |
۱.۴۹ |
|
|
CVE-2020-0238 |
۷.۰ |
Google Android updatePreferenceIntents |
Race Condition |
$۱۰k-$25k |
۱.۳۰ |
|
|
CVE-2020-0252 |
۹.۸ |
Google Android Use-After-Free |
Memory Corruption |
$۱۰k-$25k |
۱.۴۵ |
|
|
CVE-2020-0253 |
۹.۸ |
Google Android Use-After-Free |
Memory Corruption |
$۱۰k-$25k |
۱.۶۵ |
|
|
CVE-2020-8918 |
۶.۳ |
Google go-tpm TPM1.2 Library |
Information Disclosure |
$۱۰k-$25k |
۱.۳۰ |
|
|
CVE-2020-9244 |
۶.۸ |
Huawei HonorV20 Encrypted File |
Privilege Escalation |
$۵k-$10k |
۱.۹۱ |
|
|
CVE-2020-9243 |
۵.۵ |
Huawei Mate 30 |
DoS |
$۵k-$10k |
۱.۳۹ |
|
|
CVE-2020-9245 |
۵.۵ |
Huawei P30/P30 Pro |
DoS |
$۲k-$5k |
۰.۶۱ |
|
|
CVE-2020-4662 |
۸.۸ |
IBM Event Streams Schema |
Privilege Escalation |
$۲k-$5k |
۰.۲۶ |
Not Defined |
|
CVE-2020-4533 |
۶.۱ |
IBM Jazz Reporting Service Web UI |
XSS |
$۲k-$5k |
۰.۷۰ |
Not Defined |
|
CVE-2020-4539 |
۶.۱ |
IBM Jazz Reporting Service Web UI |
XSS |
$۰-$۱k |
۰.۷۱ |
Not Defined |
|
CVE-2020-4541 |
۶.۱ |
IBM Jazz Reporting Service Web UI |
XSS |
$۲k-$5k |
۰.۶۲ |
Not Defined |
|
CVE-2019-4582 |
۴.۳ |
IBM Maximo Asset Management |
Privilege Escalation |
$۰-$۱k |
۰.۴۳ |
Not Defined |
|
CVE-2020-4589 |
۹.۸ |
IBM WebSphere Application Server Deserialization |
Privilege Escalation |
$۰-$۱k |
۰.۶۱ |
|
|
CVE-2020-17497 |
۵.۵ |
iNet wireless daemon EAPOL Message eapol.c |
Privilege Escalation |
$۲k-$5k |
۰.۰۹ |
Not Defined |
|
CVE-2020-8736 |
۵.۳ |
Intel Computing Improvement Program Access Control |
Privilege Escalation |
$۲k-$5k |
۰.۱۷ |
|
|
CVE-2020-12287 |
۵.۳ |
Intel Distribution of OpenVINO Toolkit Permission |
Privilege Escalation |
$۱k-$2k |
۰.۸۶ |
|
|
CVE-2020-8679 |
۳.۳ |
Intel Graphics Drivers Kernel Mode Driver Out-of-Bounds |
DoS |
$۲k-$5k |
۱.۱۳ |
|
|
CVE-2020-0510 |
۵.۳ |
Intel Graphics Drivers Out-of-Bounds |
Memory Corruption |
$۲k-$5k |
۰.۱۷ |
|
|
CVE-2020-0513 |
۵.۳ |
Intel Graphics Drivers Out-of-Bounds |
Memory Corruption |
$۱k-$2k |
۰.۰۹ |
|
|
CVE-2020-8680 |
۵.۳ |
Intel Graphics Drivers |
Race Condition |
$۰-$۱k |
۰.۰۶ |
|
|
CVE-2020-0512 |
۳.۳ |
Intel Graphics Drivers System Driver |
DoS |
$۰-$۱k |
۰.۰۰ |
|
|
CVE-2020-8683 |
۳.۳ |
Intel Graphics Drivers System Driver |
DoS |
$۱k-$2k |
۶.۳۵ |
|
|
CVE-2020-8682 |
۳.۳ |
Intel Graphics Drivers System Driver Out-of-Bounds |
DoS |
$۱k-$2k |
۰.۰۸ |
|
|
CVE-2020-8681 |
۵.۳ |
Intel Graphics Drivers System Driver Out-of-Bounds |
Memory Corruption |
$۱k-$2k |
۰.۰۰ |
|
|
CVE-2020-8685 |
۳.۳ |
Intel LED Manager for NUC |
DoS |
$۰-$۱k |
۰.۱۸ |
|
|
CVE-2020-8743 |
۶.۷ |
Intel Mailbox Interface Driver Installer |
Privilege Escalation |
$۰-$۱k |
۰.۱۸ |
|
|
CVE-2020-8742 |
۷.۵ |
Intel NUC Firmware Validation |
Privilege Escalation |
$۰-$۱k |
۰.۲۶ |
|
|
CVE-2020-8684 |
۵.۳ |
Intel PAC with Arria 10 GX FPGA Access Control |
Privilege Escalation |
$۱k-$2k |
۰.۵۲ |
|
|
CVE-2020-0559 |
۵.۳ |
Intel PROSet-Wireless WiFi Permission |
Privilege Escalation |
$۰-$۱k |
۰.۰۰ |
|
|
CVE-2020-8688 |
۷.۵ |
Intel RAID Web Console 3 |
DoS |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-8763 |
۵.۳ |
Intel RealSense D400 Installer |
Privilege Escalation |
$۱k-$2k |
۰.۵۹ |
|
|
CVE-2020-8687 |
۶.۷ |
Intel RSTe Software RAID Driver Installer |
Privilege Escalation |
$۲k-$5k |
۰.۱۱ |
|
|
CVE-2020-12299 |
۵.۳ |
Intel Server Board BIOS Firmware |
Privilege Escalation |
$۲k-$5k |
۰.۱۰ |
|
|
CVE-2020-12300 |
۵.۳ |
Intel Server Board BIOS Firmware |
Privilege Escalation |
$۰-$۱k |
۱.۰۶ |
|
|
CVE-2020-12301 |
۵.۳ |
Intel Server Board BIOS Firmware |
Privilege Escalation |
$۲k-$5k |
۳.۶۳ |
|
|
CVE-2020-8733 |
۵.۳ |
Intel Server Board M10JNP2SB |
Memory Corruption |
$۱k-$2k |
۰.۱۵ |
|
|
CVE-2020-8716 |
۳.۳ |
Intel Server Board/Server System/Compute Module Access Control |
DoS |
$۱k-$2k |
۴.۰۷ |
|
|
CVE-2020-8711 |
۵.۳ |
Intel Server Board/Server System/Compute Module Access Control |
Privilege Escalation |
$۰-$۱k |
۴.۱۵ |
|
|
CVE-2020-8710 |
۵.۳ |
Intel Server Board/Server System/Compute Module Bootloader |
Memory Corruption |
$۱k-$2k |
۵.۲۸ |
|
|
CVE-2020-8723 |
۳.۵ |
Intel Server Board/Server System/Compute Module |
XSS |
$۰-$۱k |
۴.۵۹ |
|
|
CVE-2020-8706 |
۶.۳ |
Intel Server Board/Server System/Compute Module Daemon |
Memory Corruption |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-8707 |
۶.۳ |
Intel Server Board/Server System/Compute Module Daemon |
Memory Corruption |
$۲k-$5k |
۰.۵۰ |
|
|
CVE-2020-8715 |
۳.۳ |
Intel Server Board/Server System/Compute Module |
DoS |
$۰-$۱k |
۵.۶۲ |
|
|
CVE-2020-8731 |
۵.۳ |
Intel Server Board/Server System/Compute Module File System |
Privilege Escalation |
$۱۰k-$25k |
۰.۰۹ |
|
|
CVE-2020-8730 |
۵.۳ |
Intel Server Board/Server System/Compute Module Heap-based |
Memory Corruption |
$۲۵k-$50k |
۰.۰۹ |
|
|
CVE-2020-8732 |
۶.۳ |
Intel Server Board/Server System/Compute Module Heap-based |
Memory Corruption |
$۲۵k-$50k |
۰.۰۹ |
|
|
CVE-2020-8729 |
۵.۳ |
Intel Server Board/Server System/Compute Module |
Memory Corruption |
$۱۰k-$25k |
۰.۰۰ |
|
|
CVE-2020-8721 |
۵.۳ |
Intel Server Board/Server System/Compute Module |
Privilege Escalation |
$۵۰k-$100k |
۰.۰۹ |
|
|
CVE-2020-8709 |
۶.۳ |
Intel Server Board/Server System/Compute Module Socket Service |
Privilege Escalation |
$۱۰k-$25k |
۰.۰۹ |
|
|
CVE-2020-8717 |
۳.۳ |
Intel Server Board/Server System/Compute Module Subsystem |
DoS |
$۵k-$10k |
۰.۰۹ |
|
|
CVE-2020-8718 |
۵.۳ |
Intel Server Board/Server System/Compute Module Subsystem |
Memory Corruption |
$۱۰k-$25k |
۰.۱۸ |
|
|
CVE-2020-8719 |
۵.۳ |
Intel Server Board/Server System/Compute Module Subsystem |
Memory Corruption |
$۱۰k-$25k |
۰.۱۸ |
|
|
CVE-2020-8720 |
۵.۳ |
Intel Server Board/Server System/Compute Module Subsystem |
Memory Corruption |
$۲۵k-$50k |
۰.۰۹ |
|
|
CVE-2020-8722 |
۵.۳ |
Intel Server Board/Server System/Compute Module Subsystem |
Memory Corruption |
$۲۵k-$50k |
۰.۰۹ |
|
|
CVE-2020-8712 |
۵.۳ |
Intel Server Board/Server System/Compute Module Verification |
Privilege Escalation |
$۲۵k-$50k |
۰.۰۹ |
|
|
CVE-2020-8714 |
۵.۹ |
Intel Server Board/Server System/Compute Module |
Weak Authentication |
$۵۰k-$100k |
۰.۱۸ |
|
|
CVE-2020-8708 |
۶.۳ |
Intel Server Board/Server System/Compute Module |
Weak Authentication |
$۵۰k-$100k |
۰.۰۹ |
|
|
CVE-2020-8713 |
۶.۳ |
Intel Server Board/Server System/Compute Module |
Weak Authentication |
$۵۰k-$100k |
۰.۰۹ |
|
|
CVE-2020-8759 |
۵.۳ |
Intel SSD DCT Access Control |
Privilege Escalation |
$۱۰k-$25k |
۰.۱۸ |
|
|
CVE-2019-14630 |
۴.۸ |
Intel Thunderbolt |
Information Disclosure |
$۵۰k-$100k |
۰.۳۵ |
|
|
CVE-2019-14620 |
۴.۳ |
Intel Wireless Bluetooth Control Flow Management |
DoS |
$۲۵k-$50k |
۶.۲۰ |
|
|
CVE-2020-0554 |
۸.۶ |
Intel Wireless Bluetooth Installer |
Race Condition |
$۲۵k-$50k |
۰.۲۷ |
|
|
CVE-2020-0553 |
۴.۴ |
Intel Wireless Bluetooth Kernel Mode Driver Out-of-Bounds |
Information Disclosure |
$۱۰k-$25k |
۰.۲۷ |
|
|
CVE-2020-0555 |
۸.۴ |
Intel Wireless Bluetooth |
Privilege Escalation |
$۵۰k-$100k |
۰.۲۶ |
|
|
CVE-2020-8689 |
۶.۵ |
Intel Wireless for Open Source |
DoS |
$۵۰k-$100k |
۰.۲۶ |
|
|
CVE-2020-2231 |
۵.۴ |
Jenkins Build Stored |
XSS |
$۲k-$5k |
۰.۰۶ |
|
|
CVE-2020-2230 |
۵.۴ |
Jenkins Project Naming Strategy Description Stored |
XSS |
$۱۰k-$25k |
۰.۰۰ |
|
|
CVE-2020-2229 |
۵.۴ |
Jenkins Tooltip Stored |
XSS |
$۵k-$10k |
۰.۰۹ |
|
|
CVE-2020-2236 |
۵.۴ |
Jenkins Visualizer Plugin Tooltip Stored |
XSS |
$۵k-$10k |
۰.۰۰ |
Not Defined |
|
CVE-2020-24344 |
۵.۵ |
JerryScript |
Memory Corruption |
$۲۵k-$50k |
۸.۵۳ |
Not Defined |
|
CVE-2020-24345 |
۷.۸ |
JerryScript Memory Exhaustion |
DoS |
$۵k-$10k |
۰.۳۵ |
Not Defined |
|
CVE-2020-15824 |
۸.۸ |
JetBrains Kotlin Script Cache |
Privilege Escalation |
$۵k-$10k |
۰.۵۲ |
|
|
CVE-2020-15831 |
۶.۱ |
JetBrains TeamCity Administration UI Reflected |
XSS |
$۱k-$2k |
۰.۲۶ |
|
|
CVE-2020-15830 |
۶.۱ |
JetBrains TeamCity Administration UI Stored |
XSS |
$۵k-$10k |
۰.۱۷ |
|
|
CVE-2020-15825 |
۸.۸ |
JetBrains TeamCity Group Permission |
Privilege Escalation |
$۵k-$10k |
۰.۲۶ |
|
|
CVE-2020-15829 |
۵.۳ |
JetBrains TeamCity Log Credentials |
Information Disclosure |
$۲k-$5k |
۳.۶۳ |
|
|
CVE-2020-15826 |
۴.۳ |
JetBrains TeamCity Permission |
Privilege Escalation |
$۱k-$2k |
۰.۱۷ |
|
|
CVE-2020-15828 |
۶.۵ |
JetBrains TeamCity |
Privilege Escalation |
$۱k-$2k |
۲.۷۹ |
|
|
CVE-2020-15827 |
۷.۵ |
JetBrains ToolBox Signature Verification jetbrains-toolbox.exe |
Privilege Escalation |
$۱k-$2k |
۰.۰۰ |
|
|
CVE-2019-19704 |
۷.۵ |
JetBrains Upsource User Matching |
Information Disclosure |
$۵k-$10k |
۳.۰۶ |
|
|
CVE-2020-15821 |
۶.۵ |
JetBrains YouTrack Article Draft |
Privilege Escalation |
$۱k-$2k |
۰.۰۹ |
|
|
CVE-2020-15817 |
۸.۸ |
JetBrains YouTrack Command |
Privilege Escalation |
$۵k-$10k |
۱.۳۰ |
|
|
CVE-2020-15820 |
۵.۳ |
JetBrains YouTrack Markdown Parser File |
Information Disclosure |
$۵k-$10k |
۰.۶۹ |
|
|
CVE-2020-15819 |
۵.۳ |
JetBrains YouTrack |
Server-Side Request Forgery |
$۵k-$10k |
۰.۱۸ |
|
|
CVE-2020-15818 |
۵.۳ |
JetBrains YouTrack Subtasks Workflow |
Information Disclosure |
$۵k-$10k |
۰.۳۵ |
|
|
CVE-2020-15823 |
۷.۵ |
JetBrains YouTrack Workflow |
Server-Side Request Forgery |
$۵k-$10k |
۰.۴۸ |
|
|
CVE-2020-17479 |
۹.۸ |
jpv Validator |
Privilege Escalation |
$۵k-$10k |
۰.۹۶ |
|
|
CVE-2020-15947 |
۶.۳ |
Loway QueueMetrics qm_export_stats_run.do |
SQL Injection |
$۵k-$10k |
۰.۲۶ |
|
|
CVE-2020-15925 |
۶.۳ |
Loway QueueMetrics |
SQL Injection |
$۵k-$10k |
۰.۲۶ |
|
|
CVE-2020-24342 |
۵.۵ |
Lua Protection Mechanism luaO_pushvfstring |
Unknown Vulnerability |
$۵k-$10k |
۰.۰۰ |
Not Defined |
|
CVE-2020-11552 |
۹.۸ |
ManageEngine ADSelfService Plus |
Privilege Escalation |
$۵k-$10k |
۰.۰۹ |
|
|
CVE-2020-7304 |
۷.۶ |
McAfee Data Loss Prevention ePO Extension cross site request forgery |
CSRF |
$۵k-$10k |
۰.۸۷ |
|
|
CVE-2020-7301 |
۴.۱ |
McAfee Data Loss Prevention ePO Extension |
XSS |
$۱k-$2k |
۱.۴۹ |
|
|
CVE-2020-7303 |
۴.۱ |
McAfee Data Loss Prevention ePO Extension |
XSS |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-7302 |
۵.۴ |
McAfee Data Loss Prevention ePO Extension File Upload |
Privilege Escalation |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-7300 |
۴.۶ |
McAfee Data Loss Prevention ePO Extension |
Privilege Escalation |
$۲k-$5k |
۲.۱۷ |
|
|
CVE-2020-7305 |
۶.۷ |
McAfee Data Loss Prevention ePO Extension |
Privilege Escalation |
$۱۰k-$25k |
۰.۶۹ |
|
|
CVE-2020-7306 |
۵.۲ |
McAfee Data Loss Prevention Log File Credentials |
Information Disclosure |
$۱۰k-$25k |
۰.۰۹ |
|
|
CVE-2020-7307 |
۵.۲ |
McAfee Data Loss Prevention Log File Credentials |
Information Disclosure |
$۱k-$2k |
۰.۷۱ |
|
|
CVE-2020-17476 |
۶.۱ |
Mibew Messenger |
XSS |
$۵k-$10k |
۰.۸۰ |
|
|
CVE-2020-1591 |
۳.۵ |
Microsoft Dynamics 365 |
XSS |
$۵k-$10k |
۲.۸۴ |
|
|
CVE-2020-1497 |
۴.۳ |
Microsoft Excel |
Information Disclosure |
$۱۰k-$25k |
۱.۳۲ |
|
|
CVE-2020-1494 |
۶.۳ |
Microsoft Excel |
Remote Code Execution |
$۵k-$10k |
۰.۸۹ |
|
|
CVE-2020-1495 |
۶.۳ |
Microsoft Excel |
Remote Code Execution |
$۵k-$10k |
۲.۴۸ |
|
|
CVE-2020-1496 |
۶.۳ |
Microsoft Excel |
Remote Code Execution |
$۱۰k-$25k |
۰.۲۶ |
|
|
CVE-2020-1498 |
۶.۳ |
Microsoft Excel |
Remote Code Execution |
$۱k-$2k |
۲.۰۸ |
|
|
CVE-2020-1504 |
۶.۳ |
Microsoft Excel |
Remote Code Execution |
$۵k-$10k |
۱.۶۳ |
|
|
CVE-2020-1581 |
۶.۳ |
Microsoft Office |
Memory Corruption |
$۵k-$10k |
۰.۹۳ |
|
|
CVE-2020-1563 |
۶.۳ |
Microsoft Office |
Remote Code Execution |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-1493 |
۴.۳ |
Microsoft Outlook |
Information Disclosure |
$۵k-$10k |
۱.۶۸ |
|
|
CVE-2020-1500 |
۶.۳ |
Microsoft SharePoint Enterprise Server/SharePoint Server |
Spoofing |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-1580 |
۳.۵ |
Microsoft SharePoint Foundation |
XSS |
$۵k-$10k |
۰.۶۲ |
|
|
CVE-2020-1505 |
۴.۳ |
Microsoft SharePoint Foundation |
Information Disclosure |
$۵k-$10k |
۱.۹۰ |
|
|
CVE-2020-1573 |
۳.۵ |
Microsoft SharePoint Foundation Office |
XSS |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-1501 |
۳.۵ |
Microsoft SharePoint Foundation |
Spoofing |
$۵k-$10k |
۱.۶۳ |
|
|
CVE-2020-1499 |
۶.۳ |
Microsoft SharePoint Foundation |
Spoofing |
$۲k-$5k |
۰.۰۹ |
|
|
CVE-2020-1455 |
۴.۳ |
Microsoft SQL Server Management Studio |
DoS |
$۲k-$5k |
۰.۳۲ |
|
|
CVE-2020-0604 |
۶.۳ |
Microsoft Visual Studio Code Environment Variable |
Remote Code Execution |
$۲k-$5k |
۰.۷۹ |
|
|
CVE-2020-1531 |
۷.۰ |
Microsoft Windows Accounts Control |
Memory Corruption |
$۲k-$5k |
۰.۶۱ |
|
|
CVE-2020-1587 |
۷.۰ |
Microsoft Windows Ancillary Function Driver for WinSock |
Memory Corruption |
$۵k-$10k |
۰.۲۶ |
|
|
CVE-2020-1488 |
۷.۰ |
Microsoft Windows AppX Deployment Extension |
Privilege Escalation |
$۲k-$5k |
۰.۲۶ |
|
|
CVE-2020-1535 |
۷.۰ |
Microsoft Windows Backup Engine |
Memory Corruption |
$۰-$۱k |
۰.۱۸ |
|
|
CVE-2020-1536 |
۷.۰ |
Microsoft Windows Backup Engine |
Memory Corruption |
$۰-$۱k |
۰.۱۸ |
|
|
CVE-2020-1539 |
۷.۰ |
Microsoft Windows Backup Engine |
Memory Corruption |
$۰-$۱k |
۰.۳۵ |
|
|
CVE-2020-1540 |
۷.۰ |
Microsoft Windows Backup Engine |
Memory Corruption |
$۰-$۱k |
۰.۰۰ |
|
|
CVE-2020-1541 |
۷.۰ |
Microsoft Windows Backup Engine |
Memory Corruption |
$۰-$۱k |
۰.۰۰ |
|
|
CVE-2020-1542 |
۷.۰ |
Microsoft Windows Backup Engine |
Memory Corruption |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-1543 |
۷.۰ |
Microsoft Windows Backup Engine |
Memory Corruption |
$۱k-$2k |
۰.۰۰ |
|
|
CVE-2020-1544 |
۷.۰ |
Microsoft Windows Backup Engine |
Memory Corruption |
$۲k-$5k |
۰.۰۵ |
|
|
CVE-2020-1545 |
۷.۰ |
Microsoft Windows Backup Engine |
Memory Corruption |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-1546 |
۷.۰ |
Microsoft Windows Backup Engine |
Memory Corruption |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-1547 |
۷.۰ |
Microsoft Windows Backup Engine |
Memory Corruption |
$۱k-$2k |
۰.۰۰ |
|
|
CVE-2020-1551 |
۷.۰ |
Microsoft Windows Backup Engine |
Memory Corruption |
$۲k-$5k |
۰.۱۸ |
|
|
CVE-2020-1534 |
۷.۰ |
Microsoft Windows Backup Service |
Privilege Escalation |
$۲k-$5k |
۰.۰۹ |
|
|
CVE-2020-1549 |
۷.۰ |
Microsoft Windows CDP User |
Memory Corruption |
$۱k-$2k |
۰.۱۰ |
|
|
CVE-2020-1550 |
۷.۰ |
Microsoft Windows CDP User |
Memory Corruption |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-1560 |
۶.۸ |
Microsoft Windows Codecs Library |
Remote Code Execution |
$۱k-$2k |
۰.۰۰ |
|
|
CVE-2020-1574 |
۶.۸ |
Microsoft Windows Codecs Library |
Remote Code Execution |
$۲k-$5k |
۰.۰۵ |
|
|
CVE-2020-1585 |
۷.۵ |
Microsoft Windows Codecs Library |
Remote Code Execution |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-1511 |
۷.۰ |
Microsoft Windows Connected User Experiences and Telemetry Service |
Privilege Escalation |
$۱k-$2k |
۴.۷۶ |
|
|
CVE-2020-1489 |
۷.۰ |
Microsoft Windows CSC Service |
Memory Corruption |
$۱k-$2k |
۴.۶۴ |
|
|
CVE-2020-1489 |
۷.۰ |
Microsoft Windows CSC Service |
Memory Corruption |
$۲k-$5k |
۵.۵۵ |
|
|
CVE-2020-1513 |
۷.۰ |
Microsoft Windows CSC Service |
Memory Corruption |
$۵k-$10k |
۱.۰۸ |
|
|
CVE-2020-1527 |
۷.۰ |
Microsoft Windows Custom Protocol Engine |
Memory Corruption |
$۲k-$5k |
۰.۷۰ |
|
|
CVE-2020-1577 |
۴.۹ |
Microsoft Windows DirectWrite |
Information Disclosure |
$۵k-$10k |
۰.۳۵ |
|
|
CVE-2020-1479 |
۷.۹ |
Microsoft Windows DirectX |
Memory Corruption |
$۱۰k-$25k |
۰.۲۶ |
|
|
CVE-2020-1584 |
۶.۵ |
Microsoft Windows dnsrslvr.dll |
Memory Corruption |
$۱۰k-$25k |
۰.۵۲ |
|
|
CVE-2020-1517 |
۷.۰ |
Microsoft Windows File Server Resource Management Service |
Memory Corruption |
$۱۰k-$25k |
۰.۴۴ |
|
|
CVE-2020-1518 |
۷.۰ |
Microsoft Windows File Server Resource Management Service |
Memory Corruption |
$۲k-$5k |
۰.۳۰ |
|
|
CVE-2020-1464 |
۵.۳ |
Microsoft Windows File Signature |
Spoofing |
$۲k-$5k |
۰.۳۵ |
|
|
CVE-2020-1520 |
۷.۰ |
Microsoft Windows Font Driver Host |
Remote Code Execution |
$۰-$۱k |
۰.۰۰ |
|
|
CVE-2020-1480 |
۸.۳ |
Microsoft Windows GDI |
Memory Corruption |
$۲k-$5k |
۰.۲۶ |
|
|
CVE-2020-1529 |
۸.۳ |
Microsoft Windows GDI |
Memory Corruption |
$۵k-$10k |
۰.۷۶ |
|
|
CVE-2020-1561 |
۷.۰ |
Microsoft Windows Graphics Component |
Memory Corruption |
$۱۰k-$25k |
۰.۳۶ |
|
|
CVE-2020-1562 |
۷.۰ |
Microsoft Windows Graphics Component |
Remote Code Execution |
$۱۰k-$25k |
۰.۰۰ |
|
|
CVE-2020-1467 |
۷.۰ |
Microsoft Windows Hard Link |
Privilege Escalation |
$۱۰k-$25k |
۲.۵۶ |
|
|
CVE-2020-1485 |
۳.۹ |
Microsoft Windows Image Acquisition Service |
Information Disclosure |
$۱۰k-$25k |
۱.۲۳ |
|
|
CVE-2020-1474 |
۴.۴ |
Microsoft Windows Image Acquisition Service |
Information Disclosure |
$۱۰k-$25k |
۰.۱۲ |
|
|
CVE-2020-1557 |
۶.۳ |
Microsoft Windows JET Database Engine |
Remote Code Execution |
$۱۰k-$25k |
۰.۱۷ |
|
|
CVE-2020-1558 |
۶.۳ |
Microsoft Windows JET Database Engine |
Remote Code Execution |
$۱۰k-$25k |
۰.۲۶ |
|
|
CVE-2020-1564 |
۶.۳ |
Microsoft Windows JET Database Engine |
Remote Code Execution |
$۵k-$10k |
۰.۳۱ |
|
|
CVE-2020-1473 |
۷.۰ |
Microsoft Windows JET Database Engine |
Remote Code Execution |
$۵k-$10k |
۰.۰۵ |
|
|
CVE-2020-1578 |
۴.۹ |
Microsoft Windows Kernel |
Information Disclosure |
$۵k-$10k |
۰.۴۴ |
|
|
CVE-2020-1417 |
۸.۳ |
Microsoft Windows Kernel |
Memory Corruption |
$۲k-$5k |
۰.۱۶ |
|
|
CVE-2020-1486 |
۹.۹ |
Microsoft Windows Kernel |
Memory Corruption |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-1566 |
۹.۹ |
Microsoft Windows Kernel |
Memory Corruption |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-1566 |
۹.۹ |
Microsoft Windows Kernel |
Memory Corruption |
$۵k-$10k |
۰.۲۰ |
|
|
CVE-2020-1509 |
۸.۸ |
Microsoft Windows Local Security Authority Subsystem Service |
Privilege Escalation |
$۵k-$10k |
۰.۸۹ |
|
|
CVE-2020-1339 |
۶.۸ |
Microsoft Windows Media Audio Codec |
Remote Code Execution |
$۱۰k-$25k |
۰.۳۵ |
|
|
CVE-2020-1487 |
۴.۹ |
Microsoft Windows Media Foundation |
Information Disclosure |
$۵۰k-$100k |
۰.۰۷ |
|
|
CVE-2020-1379 |
۷.۰ |
Microsoft Windows Media Foundation |
Memory Corruption |
$۵۰k-$100k |
۰.۱۵ |
|
|
CVE-2020-1477 |
۷.۰ |
Microsoft Windows Media Foundation |
Memory Corruption |
$۵۰k-$100k |
۰.۱۹ |
|
|
CVE-2020-1478 |
۷.۰ |
Microsoft Windows Media Foundation |
Memory Corruption |
$۵۰k-$100k |
۰.۲۱ |
|
|
CVE-2020-1492 |
۷.۰ |
Microsoft Windows Media Foundation |
Memory Corruption |
$۵۰k-$100k |
۰.۰۰ |
|
|
CVE-2020-1525 |
۷.۰ |
Microsoft Windows Media Foundation |
Memory Corruption |
$۵۰k-$100k |
۰.۲۵ |
|
|
CVE-2020-1554 |
۷.۵ |
Microsoft Windows Media Foundation |
Memory Corruption |
$۵۰k-$100k |
۰.۰۰ |
|
|
CVE-2020-1472 |
۷.۵ |
Microsoft Windows Netlogon |
Privilege Escalation |
$۵۰k-$100k |
۰.۲۰ |
|
|
CVE-2020-1526 |
۷.۰ |
Microsoft Windows Network Connection Broker |
Memory Corruption |
$۵۰k-$100k |
۰.۰۰ |
|
|
CVE-2020-1337 |
۷.۰ |
Microsoft Windows Print Spooler |
Privilege Escalation |
$۵۰k-$100k |
۰.۳۰ |
|
|
CVE-2020-1565 |
۶.۳ |
Microsoft Windows Public Account Pictures Folder |
Privilege Escalation |
$۵۰k-$100k |
۰.۸۹ |
|
|
CVE-2020-1528 |
۷.۰ |
Microsoft Windows Radio Manager API |
Memory Corruption |
$۵۰k-$100k |
۱.۵۱ |
|
|
CVE-2020-1377 |
۷.۸ |
Microsoft Windows Registry |
Memory Corruption |
$۵۰k-$100k |
۰.۱۲ |
|
|
CVE-2020-1378 |
۷.۸ |
Microsoft Windows Registry |
Memory Corruption |
$۵۰k-$100k |
۰.۲۹ |
|
|
CVE-2020-1530 |
۷.۰ |
Microsoft Windows Remote Access |
Memory Corruption |
$۵۰k-$100k |
۲.۲۷ |
|
|
CVE-2020-1537 |
۷.۰ |
Microsoft Windows Remote Access |
Privilege Escalation |
$۵۰k-$100k |
۰.۰۵ |
|
|
CVE-2020-1466 |
۶.۴ |
Microsoft Windows Remote Desktop Gateway |
DoS |
$۵۰k-$100k |
۰.۰۰ |
|
|
CVE-2020-1383 |
۴.۴ |
Microsoft Windows RRAS Service |
Information Disclosure |
$۵۰k-$100k |
۰.۰۰ |
|
|
CVE-2020-1475 |
۶.۱ |
Microsoft Windows Server Resource Management Service |
Memory Corruption |
$۵۰k-$100k |
۰.۲۳ |
|
|
CVE-2020-1571 |
۷.۸ |
Microsoft Windows Setup |
Privilege Escalation |
$۵۰k-$100k |
۰.۱۴ |
|
|
CVE-2020-1459 |
۴.۰ |
Microsoft Windows Side-Channel |
Information Disclosure |
$۵۰k-$100k |
۰.۱۲ |
|
|
CVE-2020-1521 |
۷.۰ |
Microsoft Windows Speech Runtime |
Memory Corruption |
$۵۰k-$100k |
۰.۲۶ |
|
|
CVE-2020-1522 |
۷.۰ |
Microsoft Windows Speech Runtime |
Memory Corruption |
$۵۰k-$100k |
۰.۰۰ |
|
|
CVE-2020-1524 |
۷.۰ |
Microsoft Windows Speech Shell |
Memory Corruption |
$۵۰k-$100k |
۰.۰۰ |
|
|
CVE-2020-1579 |
۷.۰ |
Microsoft Windows SSDP Provider |
Memory Corruption |
$۵۰k-$100k |
۰.۲۲ |
|
|
CVE-2020-1512 |
۴.۹ |
Microsoft Windows State Repository Service |
Information Disclosure |
$۵۰k-$100k |
۲.۵۱ |
|
|
CVE-2020-1490 |
۶.۰ |
Microsoft Windows Storage Service |
Privilege Escalation |
$۲۵k-$50k |
۰.۰۸ |
|
|
CVE-2020-1515 |
۷.۰ |
Microsoft Windows Telephony Server |
Memory Corruption |
$۱۰۰k and more |
۰.۰۹ |
|
|
CVE-2020-1519 |
۷.۰ |
Microsoft Windows UPnP Device Host |
Memory Corruption |
$۲۵k-$50k |
۰.۳۵ |
|
|
CVE-2020-1538 |
۷.۰ |
Microsoft Windows UPnP Device Host |
Memory Corruption |
$۵۰k-$100k |
۱.۴۹ |
|
|
CVE-2020-1548 |
۶.۰ |
Microsoft Windows WaasMedic Service |
Information Disclosure |
$۵۰k-$100k |
۰.۱۷ |
|
|
CVE-2020-1556 |
۵.۳ |
Microsoft Windows WalletService |
Memory Corruption |
$۱۰k-$25k |
۳.۳۹ |
|
|
CVE-2020-1533 |
۶.۵ |
Microsoft Windows WalletService |
Memory Corruption |
$۵۰k-$100k |
۰.۲۴ |
|
|
CVE-2020-1510 |
۴.۹ |
Microsoft Windows Win32k |
Information Disclosure |
$۱۰۰k and more |
۰.۰۹ |
|
|
CVE-2020-1553 |
۷.۰ |
Microsoft Windows Windows Runtime |
Memory Corruption |
$۱۰۰k and more |
۰.۰۰ |
|
|
CVE-2020-1552 |
۶.۳ |
Microsoft Windows Work Folder Service |
Privilege Escalation |
$۵۰k-$100k |
۰.۰۹ |
|
|
CVE-2020-1470 |
۷.۰ |
Microsoft Windows Work Folders Service |
Memory Corruption |
$۵۰k-$100k |
۰.۱۸ |
|
|
CVE-2020-1484 |
۷.۰ |
Microsoft Windows Work Folders Service |
Memory Corruption |
$۵۰k-$100k |
۰.۰۹ |
|
|
CVE-2020-1516 |
۷.۰ |
Microsoft Windows Work Folders Service |
Memory Corruption |
$۱۰k-$25k |
۰.۰۰ |
|
|
CVE-2020-1502 |
۴.۳ |
Microsoft Word |
Information Disclosure |
$۵k-$10k |
۰.۱۷ |
|
|
CVE-2020-1503 |
۴.۳ |
Microsoft Word |
Information Disclosure |
$۵۰k-$100k |
۰.۰۹ |
|
|
CVE-2020-1583 |
۴.۳ |
Microsoft Word |
Information Disclosure |
$۵۰k-$100k |
۰.۱۸ |
|
|
CVE-2020-15647 |
۷.۴ |
Mozilla Firefox Content Provider |
Information Disclosure |
$۵۰k-$100k |
۰.۲۶ |
|
|
CVE-2020-15662 |
۶.۵ |
Mozilla Firefox Download |
Privilege Escalation |
$۵۰k-$100k |
۰.۰۹ |
|
|
CVE-2020-15649 |
۵.۵ |
Mozilla Firefox ESR File Picker |
Privilege Escalation |
$۲۵k-$50k |
۰.۱۳ |
|
|
CVE-2020-15650 |
۵.۵ |
Mozilla Firefox ESR File Picker |
Privilege Escalation |
$۱۰۰k and more |
۰.۱۸ |
|
|
CVE-2020-15661 |
۶.۵ |
Mozilla Firefox Login Autofill Password |
Information Disclosure |
$۱۰۰k and more |
۰.۳۵ |
|
|
CVE-2020-15651 |
۴.۳ |
Mozilla Firefox Unicode RTL Order |
Spoofing |
$۱۰۰k and more |
۰.۱۸ |
|
|
CVE-2020-15654 |
۶.۵ |
Mozilla Firefox/Firefox ESR/Thunderbird CSS Loop |
DoS |
$۱۰۰k and more |
۰.۱۸ |
|
|
CVE-2020-15657 |
۷.۸ |
Mozilla Firefox/Firefox ESR/Thunderbird DLL |
Privilege Escalation |
$۵۰k-$100k |
۰.۹۴ |
|
|
CVE-2020-15658 |
۶.۵ |
Mozilla Firefox/Firefox ESR/Thunderbird Download |
Spoofing |
$۵۰k-$100k |
۰.۱۵ |
|
|
CVE-2020-15653 |
۶.۳ |
Mozilla Firefox/Firefox ESR/Thunderbird iFrame Sandbox |
Privilege Escalation |
$۲۵k-$50k |
۰.۰۰ |
|
|
CVE-2020-15652 |
۶.۵ |
Mozilla Firefox/Firefox ESR/Thunderbird Javascript Error Cross-Origin |
Information Disclosure |
$۵۰k-$100k |
۰.۰۰ |
|
|
CVE-2020-15656 |
۸.۸ |
Mozilla Firefox/Firefox ESR/Thunderbird JIT Optimizer |
Unknown Vulnerability |
$۵۰k-$100k |
۰.۱۷ |
|
|
CVE-2020-15659 |
۶.۳ |
Mozilla Firefox/Firefox ESR/Thunderbird |
Memory Corruption |
$۵۰k-$100k |
۰.۰۹ |
|
|
CVE-2020-15655 |
۶.۵ |
Mozilla Firefox/Firefox ESR/Thunderbird Redirect CORS |
Privilege Escalation |
$۵۰k-$100k |
۰.۰۹ |
|
|
CVE-2020-15648 |
۶.۵ |
Mozilla Firefox/Thunderbird X-Frame-Options Header |
Privilege Escalation |
$۵۰k-$100k |
۰.۰۷ |
|
|
CVE-2020-15139 |
۸.۸ |
MyBB MyCode Visual Editor DOM-Based |
XSS |
$۵۰k-$100k |
۰.۲۶ |
|
|
CVE-2020-17447 |
۸.۸ |
MyBB Visual Editor |
XSS |
$۵۰k-$100k |
۶.۲۷ |
|
|
CVE-2020-8229 |
۵.۵ |
Nextcloud Desktop Client OCUtil.dll Memory Leak |
DoS |
$۵۰k-$100k |
۰.۰۵ |
|
|
CVE-2020-8224 |
۷.۸ |
Nextcloud Desktop Client OpenSSL Config Code Injection |
Privilege Escalation |
$۵۰k-$100k |
۰.۲۶ |
|
|
CVE-2020-24346 |
۷.۸ |
njs njs_json.c njs_json_parse_iterator_call Use-After-Free |
Memory Corruption |
$۵۰k-$100k |
۲.۹۶ |
Not Defined |
|
CVE-2020-24348 |
۵.۵ |
njs njs_json.c njs_json_stringify_iterator Out-of-Bounds |
Memory Corruption |
$۵۰k-$100k |
۰.۱۵ |
Not Defined |
|
CVE-2020-24347 |
۵.۵ |
njs njs_lvlhsh.c njs_lvlhsh_level_find Out-of-Bounds |
Memory Corruption |
$۵۰k-$100k |
۰.۰۰ |
Not Defined |
|
CVE-2020-24349 |
۵.۵ |
njs njs_value.c njs_value_property |
Privilege Escalation |
$۵۰k-$100k |
۰.۰۹ |
Not Defined |
|
CVE-2020-15141 |
۳.۰ |
openapi-python-client OpenAPI Document |
Directory Traversal |
$۵۰k-$100k |
۰.۴۴ |
|
|
CVE-2020-15142 |
۸.۰ |
openapi-python-client OpenAPI Document |
Remote Code Execution |
$۵۰k-$100k |
۰.۰۹ |
|
|
CVE-2020-9403 |
۵.۵ |
PACTware Password |
Information Disclosure |
$۱۰k-$25k |
۰.۰۹ |
|
|
CVE-2020-9404 |
۵.۵ |
PACTware Password |
Privilege Escalation |
$۱۰k-$25k |
۰.۰۵ |
|
|
CVE-2020-2035 |
۳.۰ |
Palo Alto PAN-OS Policy Enforcement |
Privilege Escalation |
$۲۵k-$50k |
۰.۰۰ |
Not Defined |
|
CVE-2020-17449 |
۵.۴ |
php-fusion Log File |
XSS |
$۵۰k-$100k |
۰.۰۶ |
Not Defined |
|
CVE-2020-17450 |
۶.۱ |
php-fusion Preview Page |
XSS |
$۵k-$10k |
۰.۸۳ |
Not Defined |
|
CVE-2020-2235 |
۶.۵ |
Pipeline Maven Integration Plugin cross site request forgery |
CSRF |
$۵۰k-$100k |
۰.۰۶ |
Not Defined |
|
CVE-2020-2233 |
۶.۵ |
Pipeline Maven Integration Plugin Permission Check Credentials |
Information Disclosure |
$۵۰k-$100k |
۰.۱۲ |
Not Defined |
|
CVE-2020-2234 |
۶.۵ |
Pipeline Maven Integration Plugin Permission Check |
Privilege Escalation |
$۵۰k-$100k |
۰.۴۵ |
Not Defined |
|
CVE-2020-16248 |
۵.۸ |
Prometheus Blackbox Exporter |
Server-Side Request Forgery |
$۵۰k-$100k |
۰.۰۰ |
Not Defined |
|
CVE-2020-16092 |
۷.۵ |
QEMU net_tx_pkt.c net_tx_pkt_add_raw_fragment Assertion |
DoS |
$۲۵k-$50k |
۰.۰۰ |
Not Defined |
|
CVE-2020-17507 |
۵.۵ |
Qt qxbmhandler.cpp read_xbm_body |
Memory Corruption |
$۵۰k-$100k |
۰.۹۷ |
|
|
CVE-2020-22722 |
۷.۸ |
Rapid Scada ScadaAgentSvc.exe |
Privilege Escalation |
$۵۰k-$100k |
۰.۴۱ |
Not Defined |
|
CVE-2020-17360 |
۵.۵ |
ReadyTalk Avian classpath-common.h arrayCopy Integer Overflow |
Memory Corruption |
$۵۰k-$100k |
۱.۲۴ |
|
|
CVE-2020-17361 |
۵.۵ |
ReadyTalk Avian classpath-common.h arrayCopy |
Memory Corruption |
$۵۰k-$100k |
۰.۵۱ |
|
|
CVE-2020-13278 |
۶.۱ |
RosarioSIS Student Information System Modules.php Reflected |
XSS |
$۲۵k-$50k |
۰.۵۵ |
|
|
CVE-2020-16145 |
۶.۱ |
Roundcube Webmail Message Display Stored |
XSS |
$۲۵k-$50k |
۱.۹۲ |
|
|
CVE-2020-13124 |
۸.۸ |
SABnzbd Web Configuration Interface |
Command Injection |
$۲۵k-$50k |
۰.۰۶ |
Not Defined |
|
CVE-2020-16277 |
۸.۸ |
SAINT Security Suite Analytics |
SQL Injection |
$۲۵k-$50k |
۰.۰۹ |
Not Defined |
|
CVE-2020-16275 |
۶.۱ |
SAINT Security Suite Credential Manager |
XSS |
$۵۰k-$100k |
۰.۳۰ |
Not Defined |
|
CVE-2020-16278 |
۶.۱ |
SAINT Security Suite Permission |
XSS |
$۵۰k-$100k |
۰.۱۶ |
Not Defined |
|
CVE-2020-16276 |
۸.۸ |
SAINT Security Suite |
SQL Injection |
$۵۰k-$100k |
۰.۲۶ |
Not Defined |
|
CVE-2020-6295 |
۷.۸ |
SAP Adaptive Server Enterprise Installation Log File |
Information Disclosure |
$۵۰k-$100k |
۰.۰۰ |
Not Defined |
|
CVE-2020-6298 |
۸.۱ |
SAP Banking Services Generic Market Data |
Privilege Escalation |
$۵۰k-$100k |
۱.۶۴ |
Not Defined |
|
CVE-2020-6300 |
۴.۸ |
SAP Business Intelligence Platform Central Management Console Stored |
XSS |
$۵k-$10k |
۰.۷۱ |
Not Defined |
|
CVE-2020-6294 |
۹.۱ |
SAP Business Intelligence Platform Xvfb |
Privilege Escalation |
$۵k-$10k |
۰.۱۶ |
Not Defined |
|
CVE-2020-6297 |
۴.۴ |
SAP Data Intelligence |
Information Disclosure |
$۵k-$10k |
۲.۷۴ |
Not Defined |
|
CVE-2020-6301 |
۸.۱ |
SAP ERP HCM Travel Management |
Privilege Escalation |
$۱۰k-$25k |
۰.۰۰ |
Not Defined |
|
CVE-2020-6309 |
۷.۵ |
SAP NetWeaver AS JAVA Web Service |
DoS |
$۲۵k-$50k |
۰.۰۶ |
Not Defined |
|
CVE-2020-6293 |
۶.۵ |
SAP NetWeaver Knowledge Management |
Privilege Escalation |
$۲۵k-$50k |
۰.۰۰ |
Not Defined |
|
CVE-2020-6284 |
۹.۰ |
SAP NetWeaver Knowledge Management Stored |
XSS |
$۲۵k-$50k |
۰.۰۰ |
Not Defined |
|
CVE-2020-6296 |
۸.۸ |
SAP NetWeaver/ABAP Platform ABAP Server Code Injection |
Privilege Escalation |
$۱۰k-$25k |
۰.۱۲ |
Not Defined |
|
CVE-2020-6299 |
۴.۳ |
SAP NetWeaver/ABAP Platform ABAP Server |
Information Disclosure |
$۱۰k-$25k |
۰.۱۵ |
Not Defined |
|
CVE-2020-6310 |
۴.۳ |
SAP NetWeaver/ABAP Platform SOA Configuration Trace |
Information Disclosure |
$۱۰k-$25k |
۰.۰۰ |
Not Defined |
|
CVE-2020-6273 |
۴.۳ |
SAP S4 HANA Attachment Service |
DoS |
$۲۵k-$50k |
۰.۰۰ |
Not Defined |
|
CVE-2020-22720 |
۵.۳ |
Securepoint Lueneburg Securepoint SSL VPN Client Privileges SPSSLVpnService.exe |
Privilege Escalation |
$۱۰k-$25k |
۰.۰۵ |
Not Defined |
|
CVE-2020-9527 |
۷.۳ |
Shenzhen Hichip Vision Technology V20 P2P Service |
Memory Corruption |
$۲۵k-$50k |
۰.۰۰ |
Not Defined |
|
CVE-2020-9529 |
۶.۳ |
Shenzhen Hichip Vision Technology V20 |
Privilege Escalation |
$۱۰k-$25k |
۰.۰۰ |
Not Defined |
|
CVE-2020-9528 |
۵.۶ |
Shenzhen Hichip Vision Technology V20 |
Weak Authentication |
$۵۰k-$100k |
۰.۰۸ |
Not Defined |
|
CVE-2020-15781 |
۳.۵ |
Siemens SICAM WEB firmware for SICAM A8000 RTU Login Screen Log |
XSS |
$۲۵k-$50k |
۰.۰۰ |
|
|
CVE-2020-7360 |
۷.۴ |
SmartControl |
Privilege Escalation |
$۲۵k-$50k |
۰.۰۰ |
|
|
CVE-2020-11733 |
۸.۰ |
Spirent Avalanche Admin Interface Default Credentials |
Privilege Escalation |
$۲۵k-$50k |
۰.۰۰ |
Not Defined |
|
CVE-2020-17372 |
۵.۴ |
SugarCRM |
XSS |
$۵k-$10k |
۰.۳۵ |
|
|
CVE-2020-17373 |
۵.۳ |
SugarCRM |
SQL Injection |
$۵k-$10k |
۰.۰۹ |
|
|
CVE-2020-15071 |
۶.۱ |
Symphony CMS content.blueprintsevents.php appendSubheading |
XSS |
$۰-$۱k |
۰.۱۷ |
Not Defined |
|
CVE-2020-17448 |
۷.۸ |
Telegram Desktop Protection Mechanism |
Spoofing |
$۲k-$5k |
۰.۱۷ |
Not Defined |
|
CVE-2020-16170 |
۹.۸ |
Temi Application Default Credentials |
Weak Authentication |
$۲k-$5k |
۸.۹۱ |
Not Defined |
|
CVE-2020-13175 |
۷.۵ |
Teradici Cloud Access Connector Management Interface Credentials |
Information Disclosure |
$۱k-$2k |
۶.۴۲ |
Not Defined |
|
CVE-2020-13176 |
۶.۱ |
Teradici Cloud Access Connector Management Interface Stored |
XSS |
$۲k-$5k |
۵.۹۸ |
Not Defined |
|
CVE-2020-13174 |
۶.۱ |
Teradici Managament Console Web Server Clickjacking |
Privilege Escalation |
$۱k-$2k |
۰.۰۹ |
Not Defined |
|
CVE-2020-13179 |
۵.۵ |
Teradici PCoIP Standard Agent/Graphics Agent Broker Protocol Message Crash |
DoS |
$۲k-$5k |
۰.۲۶ |
|
|
CVE-2020-13178 |
۶.۷ |
Teradici PCoIP Standard Agent/Graphics Agent Signature Validation |
Privilege Escalation |
$۲k-$5k |
۰.۴۵ |
|
|
CVE-2020-13177 |
۷.۸ |
Teradici PCoIP Standard Agent/Graphics Agent Support Bundler |
Privilege Escalation |
$۱k-$2k |
۰.۰۹ |
|
|
CVE-2019-17339 |
۸.۱ |
TIBCO Silver Fabric VirtualRouter |
XSS |
$۰-$۱k |
۰.۵۶ |
Not Defined |
|
CVE-2020-12648 |
۶.۱ |
TinyMCE Classic Editing Mode |
XSS |
Calculating |
۰.۰۰+ |
Not Defined |
|
CVE-2020-17480 |
۶.۱ |
TinyMCE Core Parser/Paste Plugin/Visualchars Plugin |
XSS |
$۱k-$2k |
۹.۸۸ |
|
|
CVE-2020-24330 |
۷.۱ |
TrouSerS tcsd |
Privilege Escalation |
$۰-$۱k |
۰.۳۵ |
Not Defined |
|
CVE-2020-24332 |
۸.۰ |
TrouSerS tcsd Symlink |
Privilege Escalation |
$۲k-$5k |
۰.۳۶ |
Not Defined |
|
CVE-2020-24331 |
۷.۱ |
TrouSerS tcsd tcsd.conf |
Privilege Escalation |
$۰-$۱k |
۰.۶۶ |
Not Defined |
|
CVE-2020-17466 |
۹.۸ |
Turcom TRCwifiZone Redirect control.php |
Weak Authentication |
$۲k-$5k |
۰.۰۰ |
Not Defined |
|
CVE-2020-17496 |
۶.۳ |
vBulletin Incomplete Fix CVE-2019-16759 widget_tabbedcontainer_tab_panel |
Privilege Escalation |
$۱k-$2k |
۱.۷۹ |
Not Defined |
|
CVE-2020-12107 |
۵.۵ |
VPNCrypt M10 WiFi Module |
Command Injection |
$۰-$۱k |
۰.۰۹ |
Not Defined |
|
CVE-2020-12106 |
۶.۳ |
VPNCrypt M10 WiFi Module |
Privilege Escalation |
$۰-$۱k |
۶.۸۵ |
Not Defined |
|
CVE-2020-17498 |
۳.۵ |
Wireshark Kafka Protocol Dissector packet-kafka.c Double-Free |
DoS |
$۲k-$5k |
۰.۱۷ |
Not Defined |
|
CVE-2020-17362 |
۶.۱ |
WordPress Nova Lite Theme search.php Reflected |
XSS |
$۲k-$5k |
۰.۱۷ |
سطح خطر حدود ۲۲% آسیبپذیریهای هفته، «پرخطر» و «حیاتی» برآورد شده است.
ارزش روز صفرم ۷۹ % آسیبپذیریهای هفته بیش از ۲۰۰۰ دلار بوده است.
خوشبختانه برای ۷۷% آسیبپذیریهای هفته، بهروزرسانیها و یا وصلههایی رسماً ارائه شده که برای جلوگیری از سوءاستفاده ازآسیبپذیریها بهتر است سریعاً اعمال شوند.
همچنین با ۱۵۳ مورد، اکثر آسیبپذیریهای هفته (۳۲%) از نوع «تخریب حافظه» بودند.
