آسیبپذیریهای حیاتی هفته اول آبانماه
این هفته آسیبپذیریهای «حیاتی» و «پرخطر» بسیاری در محصولات مهم Oracle ، Apple و Mozilla گزارش و وصلهها و بهروزرسانیهایی به منظور رفع آنها ارائه شد. همچنین در محصولات شرکتهای IBM، VMware، NVIDIA، Adobe، Apache وکرنل لینوکس چندین آسیبپذیری «حیاتی» و «پرخطر» وجود داشت.
لیست این آسیبپذیریها به همراه لینک وصلهها و بهروزرسانیهای ارائهشده در جدول زیر آمده است.
|
شناسه آسیبپذیری |
امتیاز مبنا |
نوع آسیبپذیری |
ارزش روز صفر |
CTI |
رفع آسیبپذیری |
|
CVE-2020-10138 |
۷.۸ |
Acronis Cyber Backup/Cyber Protect OpenSSL openssl.cnf access control |
$۲k-$5k |
۰.۶۶ |
Not Defined |
|
CVE-2020-10140 |
۷.۳ |
Acronis True Image ACL permission assignment |
$۲k-$5k |
۰.۷۵ |
Not Defined |
|
CVE-2020-10139 |
۷.۸ |
Acronis True Image OpenSSL openssl.cnf access control |
$۲k-$5k |
۰.۴۱ |
Not Defined |
|
CVE-2020-24410 |
۷.۸ |
Adobe Illustrator PDF File out-of-bounds read |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-24409 |
۷.۸ |
Adobe Illustrator PDF File out-of-bounds read |
$۲k-$5k |
۰.۰۴ |
|
|
CVE-2020-24411 |
۷.۸ |
Adobe Illustrator PDF File out-of-bounds write |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-24415 |
۷.۸ |
Adobe Illustrator SVG File memory corruption |
$۵k-$10k |
۰.۰۵ |
|
|
CVE-2020-24414 |
۷.۸ |
Adobe Illustrator SVG File memory corruption |
$۵k-$10k |
۰.۰۵ |
|
|
CVE-2020-24413 |
۷.۸ |
Adobe Illustrator SVG File memory corruption |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-24412 |
۷.۸ |
Adobe Illustrator SVG File memory corruption |
$۵k-$10k |
۰.۰۸ |
|
|
CVE-2020-24416 |
۷.۵ |
Adobe Marketo Sales Insight Plugin cross site scripting |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-5791 |
۷.۲ |
Apache Operating System os command injection |
$۱۰k-$25k |
۰.۰۴ |
Not Defined |
|
CVE-2020-9883 |
۶.۳ |
Apple iCloud Image buffer overflow |
$۱۰k-$25k |
۰.۷۳ |
|
|
CVE-2020-9984 |
۷.۳ |
Apple iCloud Image out-of-bounds read |
$۵k-$10k |
۰.۸۲ |
|
|
CVE-2020-9904 |
۸.۰ |
Apple iOS/iPadOS Application memory corruption |
$۱۰۰k and more |
۰.۹۹ |
|
|
CVE-2020-9892 |
۸.۰ |
Apple iOS/iPadOS Application memory corruption |
$۱۰۰k and more |
۰.۷۳ |
|
|
CVE-2020-9854 |
۵.۵ |
Apple iOS/iPadOS Application unknown vulnerability |
$۵۰k-$100k |
۰.۵۷ |
|
|
CVE-2020-9905 |
۴.۳ |
Apple iOS/iPadOS buffer overflow |
$۵۰k-$100k |
۰.۴۸ |
|
|
CVE-2020-9868 |
۳.۵ |
Apple iOS/iPadOS Certificate Validation certificate validation |
$۲۵k-$50k |
۰.۰۸ |
|
|
CVE-2020-9980 |
۷.۳ |
Apple iOS/iPadOS Font File out-of-bounds write |
$۱۰۰k and more |
۰.۸۱ |
|
|
CVE-2020-9883 |
۶.۳ |
Apple iOS/iPadOS Image buffer overflow |
$۱۰۰k and more |
۰.۵۰ |
|
|
CVE-2020-9984 |
۷.۳ |
Apple iOS/iPadOS Image out-of-bounds read |
$۲۵k-$50k |
۰.۴۰ |
|
|
CVE-2020-9906 |
۶.۳ |
Apple iOS/iPadOS Kernel Memory memory corruption |
$۵۰k-$100k |
۰.۴۰ |
|
|
CVE-2020-9902 |
۳.۵ |
Apple iOS/iPadOS Kernel Memory out-of-bounds read |
$۱۰k-$25k |
۰.۷۳ |
|
|
CVE-2020-9920 |
۵.۴ |
Apple iOS/iPadOS Mail Server denial of service |
$۲۵k-$50k |
۰.۴۰ |
|
|
CVE-2020-9994 |
۵.۵ |
Apple iOS/iPadOS path traversal |
$۲۵k-$50k |
۰.۵۸ |
|
|
CVE-2020-9901 |
۵.۳ |
Apple iOS/iPadOS Path Validation symlink |
$۲۵k-$50k |
۰.۵۸ |
|
|
CVE-2020-9900 |
۵.۳ |
Apple iOS/iPadOS Path Validation symlink |
$۲۵k-$50k |
۰.۹۷ |
|
|
CVE-2020-9787 |
۳.۵ |
Apple iOS/iPadOS Restrictions denial of service |
$۱۰k-$25k |
۱.۲۲ |
|
|
CVE-2020-9898 |
۵.۵ |
Apple iOS/iPadOS Restrictions sandbox |
$۵۰k-$100k |
۰.۹۱ |
|
|
CVE-2020-9863 |
۸.۰ |
Apple iOS/iPadOS uninitialized pointer |
$۱۰۰k and more |
۰.۴۸ |
|
|
CVE-2020-9985 |
۷.۳ |
Apple iOS/iPadOS USD File buffer overflow |
$۱۰۰k and more |
۲.۲۶ |
|
|
CVE-2020-9940 |
۷.۳ |
Apple iOS/iPadOS USD File buffer overflow |
$۱۰۰k and more |
۰.۸۹ |
|
|
CVE-2020-9882 |
۵.۵ |
Apple iOS/iPadOS USD File buffer overflow |
$۵۰k-$100k |
۰.۸۱ |
|
|
CVE-2020-9881 |
۵.۵ |
Apple iOS/iPadOS USD File buffer overflow |
$۵۰k-$100k |
۰.۴۰ |
|
|
CVE-2020-9880 |
۵.۵ |
Apple iOS/iPadOS USD File buffer overflow |
$۵۰k-$100k |
۰.۰۸ |
|
|
CVE-2020-3918 |
۳.۳ |
Apple iOS/iPadOS User Information sandbox |
$۲۵k-$50k |
۱.۱۳ |
|
|
CVE-2020-9883 |
۶.۳ |
Apple iTunes Image buffer overflow |
$۱۰k-$25k |
۰.۶۵ |
|
|
CVE-2020-9984 |
۷.۳ |
Apple iTunes Image out-of-bounds read |
$۵k-$10k |
۰.۳۲ |
|
|
CVE-2020-9928 |
۸.۰ |
Apple macOS Application memory corruption |
$۱۰k-$25k |
۰.۴۸ |
|
|
CVE-2020-9927 |
۸.۰ |
Apple macOS Application memory corruption |
$۱۰k-$25k |
۰.۴۸ |
|
|
CVE-2020-9921 |
۵.۵ |
Apple macOS Application memory corruption |
$۱۰k-$25k |
۰.۶۴ |
|
|
CVE-2020-9904 |
۸.۰ |
Apple macOS Application memory corruption |
$۱۰k-$25k |
۰.۴۰ |
|
|
CVE-2020-9899 |
۸.۰ |
Apple macOS Application memory corruption |
$۱۰k-$25k |
۰.۵۷ |
|
|
CVE-2020-9892 |
۸.۰ |
Apple macOS Application memory corruption |
$۱۰k-$25k |
۰.۴۰ |
|
|
CVE-2020-9869 |
۴.۳ |
Apple macOS Application memory corruption |
$۱۰k-$25k |
۱.۲۲ |
|
|
CVE-2020-3898 |
۵.۵ |
Apple macOS Application memory corruption |
$۱۰k-$25k |
۰.۰۸ |
|
|
CVE-2020-9990 |
۸.۰ |
Apple macOS Application race condition |
$۵k-$10k |
۰.۷۳ |
|
|
CVE-2020-9796 |
۸.۰ |
Apple macOS Application race condition |
$۵k-$10k |
۰.۰۸ |
|
|
CVE-2020-9854 |
۵.۵ |
Apple macOS Application unknown vulnerability |
$۱۰k-$25k |
۰.۵۷ |
|
|
CVE-2020-3915 |
۵.۵ |
Apple macOS Application unknown vulnerability |
$۱۰k-$25k |
۰.۰۸ |
|
|
CVE-2020-9905 |
۴.۳ |
Apple macOS buffer overflow |
$۱۰k-$25k |
۰.۳۲ |
|
|
CVE-2020-9868 |
۳.۵ |
Apple macOS Certificate Validation certificate validation |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-9939 |
۵.۳ |
Apple macOS Extension access control |
$۵k-$10k |
۰.۴۰ |
|
|
CVE-2020-9980 |
۷.۳ |
Apple macOS Font File out-of-bounds write |
$۱۰k-$25k |
۰.۳۲ |
|
|
CVE-2020-9986 |
۳.۵ |
Apple macOS Home Folder access control |
$۵k-$10k |
۰.۴۰ |
|
|
CVE-2020-9883 |
۶.۳ |
Apple macOS Image buffer overflow |
$۱۰k-$25k |
۰.۵۷ |
|
|
CVE-2020-9984 |
۷.۳ |
Apple macOS Image out-of-bounds read |
$۵k-$10k |
۰.۴۰ |
|
|
CVE-2020-9997 |
۳.۵ |
Apple macOS information disclosure |
$۲k-$5k |
۰.۵۷ |
|
|
CVE-2020-9887 |
۷.۳ |
Apple macOS JPEG Image memory corruption |
$۱۰k-$25k |
۰.۵۷ |
|
|
CVE-2020-9929 |
۵.۳ |
Apple macOS Kernel Memory memory corruption |
$۵k-$10k |
۰.۴۰ |
|
|
CVE-2020-9906 |
۶.۳ |
Apple macOS Kernel Memory memory corruption |
$۱۰k-$25k |
۰.۲۴ |
|
|
CVE-2020-9853 |
۳.۵ |
Apple macOS Kernel Memory memory corruption |
$۱۰k-$25k |
۰.۱۵ |
|
|
CVE-2020-9908 |
۵.۳ |
Apple macOS Kernel Memory out-of-bounds read |
$۲k-$5k |
۰.۹۷ |
|
|
CVE-2020-9902 |
۳.۵ |
Apple macOS Kernel Memory out-of-bounds read |
$۲k-$5k |
۰.۴۸ |
|
|
CVE-2020-9779 |
۵.۳ |
Apple macOS Kernel Memory out-of-bounds read |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-9920 |
۵.۴ |
Apple macOS Mail Server denial of service |
$۵k-$10k |
۰.۴۰ |
|
|
CVE-2020-9994 |
۵.۵ |
Apple macOS path traversal |
$۵k-$10k |
۰.۶۵ |
|
|
CVE-2020-9901 |
۵.۳ |
Apple macOS Path Validation symlink |
$۵k-$10k |
۰.۴۸ |
|
|
CVE-2020-9900 |
۵.۳ |
Apple macOS Path Validation symlink |
$۵k-$10k |
۰.۶۵ |
|
|
CVE-2020-9787 |
۳.۵ |
Apple macOS Restrictions denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-9810 |
۴.۳ |
Apple macOS Restrictions improper authentication |
$۱k-$2k |
۱.۵۳ |
|
|
CVE-2020-9898 |
۵.۵ |
Apple macOS Restrictions sandbox |
$۱۰k-$25k |
۰.۴۰ |
|
|
CVE-2020-9924 |
۴.۳ |
Apple macOS State Management denial of service |
$۲k-$5k |
۰.۴۸ |
|
|
CVE-2020-9935 |
۶.۵ |
Apple macOS State Management privileges assignment |
$۱۰k-$25k |
۰.۴۰ |
|
|
CVE-2020-9863 |
۸.۰ |
Apple macOS uninitialized pointer |
$۱۰k-$25k |
۰.۰۸ |
|
|
CVE-2020-9985 |
۷.۳ |
Apple macOS USD File buffer overflow |
$۱۰k-$25k |
۰.۳۲ |
|
|
CVE-2020-9940 |
۷.۳ |
Apple macOS USD File buffer overflow |
$۱۰k-$25k |
۰.۴۰ |
|
|
CVE-2020-9882 |
۵.۵ |
Apple macOS USD File buffer overflow |
$۱۰k-$25k |
۰.۷۳ |
|
|
CVE-2020-9881 |
۵.۵ |
Apple macOS USD File buffer overflow |
$۱۰k-$25k |
۰.۴۸ |
|
|
CVE-2020-9880 |
۵.۵ |
Apple macOS USD File buffer overflow |
$۱۰k-$25k |
۰.۰۸ |
|
|
CVE-2020-3918 |
۳.۳ |
Apple macOS User Information sandbox |
$۵k-$10k |
۱.۰۶ |
|
|
CVE-2020-9904 |
۸.۰ |
Apple tvOS Application memory corruption |
$۵k-$10k |
۰.۵۷ |
|
|
CVE-2020-9892 |
۸.۰ |
Apple tvOS Application memory corruption |
$۵k-$10k |
۰.۴۰ |
|
|
CVE-2020-9854 |
۵.۵ |
Apple tvOS Application unknown vulnerability |
$۵k-$10k |
۰.۰۸ |
|
|
CVE-2020-9905 |
۴.۳ |
Apple tvOS buffer overflow |
$۵k-$10k |
۰.۳۲ |
|
|
CVE-2020-9868 |
۳.۵ |
Apple tvOS Certificate Validation certificate validation |
$۲k-$5k |
۰.۲۴ |
|
|
CVE-2020-9980 |
۷.۳ |
Apple tvOS Font File out-of-bounds write |
$۵k-$10k |
۰.۲۴ |
|
|
CVE-2020-9883 |
۶.۳ |
Apple tvOS Image buffer overflow |
$۵k-$10k |
۰.۲۵ |
|
|
CVE-2020-9984 |
۷.۳ |
Apple tvOS Image out-of-bounds read |
$۲k-$5k |
۰.۱۶ |
|
|
CVE-2020-9902 |
۳.۵ |
Apple tvOS Kernel Memory out-of-bounds read |
$۱k-$2k |
۰.۴۰ |
|
|
CVE-2020-9994 |
۵.۵ |
Apple tvOS path traversal |
$۲k-$5k |
۰.۸۱ |
|
|
CVE-2020-9901 |
۵.۳ |
Apple tvOS Path Validation symlink |
$۲k-$5k |
۰.۵۷ |
|
|
CVE-2020-9900 |
۵.۳ |
Apple tvOS Path Validation symlink |
$۲k-$5k |
۰.۵۷ |
|
|
CVE-2020-9787 |
۳.۵ |
Apple tvOS Restrictions denial of service |
$۱k-$2k |
۱.۴۰ |
|
|
CVE-2020-9863 |
۸.۰ |
Apple tvOS uninitialized pointer |
$۵k-$10k |
۰.۰۸ |
|
|
CVE-2020-9940 |
۷.۳ |
Apple tvOS USD File buffer overflow |
$۵k-$10k |
۰.۳۲ |
|
|
CVE-2020-9880 |
۵.۵ |
Apple tvOS USD File buffer overflow |
$۵k-$10k |
۰.۰۸ |
|
|
CVE-2020-3918 |
۳.۳ |
Apple tvOS User Information sandbox |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-9904 |
۸.۰ |
Apple watchOS Application memory corruption |
$۵k-$10k |
۰.۵۷ |
|
|
CVE-2020-9892 |
۸.۰ |
Apple watchOS Application memory corruption |
$۵k-$10k |
۰.۴۰ |
|
|
CVE-2020-9868 |
۳.۵ |
Apple watchOS Certificate Validation certificate validation |
$۲k-$5k |
۰.۱۶ |
|
|
CVE-2020-9980 |
۷.۳ |
Apple watchOS Font File out-of-bounds write |
$۵k-$10k |
۰.۲۴ |
|
|
CVE-2020-9883 |
۶.۳ |
Apple watchOS Image buffer overflow |
$۵k-$10k |
۰.۵۷ |
|
|
CVE-2020-9984 |
۷.۳ |
Apple watchOS Image out-of-bounds read |
$۲k-$5k |
۰.۳۲ |
|
|
CVE-2020-9997 |
۳.۵ |
Apple watchOS information disclosure |
$۱k-$2k |
۰.۷۳ |
|
|
CVE-2020-9906 |
۶.۳ |
Apple watchOS Kernel Memory memory corruption |
$۵k-$10k |
۰.۲۴ |
|
|
CVE-2020-9902 |
۳.۵ |
Apple watchOS Kernel Memory out-of-bounds read |
$۱k-$2k |
۰.۴۸ |
|
|
CVE-2020-9920 |
۵.۴ |
Apple watchOS Mail Server denial of service |
$۲k-$5k |
۰.۴۱ |
|
|
CVE-2020-9994 |
۵.۵ |
Apple watchOS path traversal |
$۲k-$5k |
۰.۶۵ |
|
|
CVE-2020-9900 |
۵.۳ |
Apple watchOS Path Validation symlink |
$۲k-$5k |
۰.۴۰ |
|
|
CVE-2020-9787 |
۳.۵ |
Apple watchOS Restrictions denial of service |
$۱k-$2k |
۱.۳۲ |
|
|
CVE-2020-9863 |
۸.۰ |
Apple watchOS uninitialized pointer |
$۵k-$10k |
۰.۰۸ |
|
|
CVE-2020-9985 |
۷.۳ |
Apple watchOS USD File buffer overflow |
$۵k-$10k |
۰.۳۲ |
|
|
CVE-2020-9882 |
۵.۵ |
Apple watchOS USD File buffer overflow |
$۵k-$10k |
۰.۴۰ |
|
|
CVE-2020-9881 |
۵.۵ |
Apple watchOS USD File buffer overflow |
$۵k-$10k |
۰.۵۷ |
|
|
CVE-2020-9880 |
۵.۵ |
Apple watchOS USD File buffer overflow |
$۵k-$10k |
۰.۳۲ |
|
|
CVE-2020-3918 |
۳.۳ |
Apple watchOS User Information sandbox |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-27608 |
۳.۰ |
BigBlueButton Content-Type Header cross site scripting |
$۰-$۱k |
۰.۰۶ |
|
|
CVE-2020-27610 |
۶.۳ |
BigBlueButton Firewall Configuration access control |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-27613 |
۵.۳ |
BigBlueButton FreeSWITCH hard-coded key |
$۰-$۱k |
۰.۰۰ |
|
|
CVE-2020-27605 |
۶.۳ |
BigBlueButton Ghostscript sandbox |
$۲k-$5k |
۰.۰۰ |
Not Defined |
|
CVE-2020-27609 |
۳.۱ |
BigBlueButton Interface information disclosure |
$۱k-$2k |
۰.۰۶ |
Not Defined |
|
CVE-2020-27603 |
۵.۵ |
BigBlueButton LibreOffice Document unknown vulnerability |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-27604 |
۴.۳ |
BigBlueButton LibreOffice Sandbox bigbluebutton.properties sandbox |
$۲k-$5k |
۰.۶۶ |
|
|
CVE-2020-27607 |
۳.۱ |
BigBlueButton Mute information disclosure |
$۱k-$2k |
۰.۰۰ |
|
|
CVE-2020-25820 |
۶.۳ |
BigBlueButton Office Document server-side request forgery |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-27606 |
۳.۱ |
BigBlueButton Session Cookie missing secure attribute |
$۱k-$2k |
۰.۰۶ |
|
|
CVE-2020-27611 |
۶.۳ |
BigBlueButton STUN/TURN unknown vulnerability |
$۲k-$5k |
۰.۰۶ |
Not Defined |
|
CVE-2020-27612 |
۴.۳ |
BigBlueButton Username information disclosure |
$۱k-$2k |
۰.۰۰ |
Not Defined |
|
CVE-2020-15264 |
۸.۰ |
Boxstarter Installer WptsExtensions.dll DllMain untrusted search path |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-9331 |
۵.۳ |
CryptoPro CSP Process Creation access control |
$۱k-$2k |
۰.۵۰ |
Not Defined |
|
CVE-2020-9361 |
۳.۳ |
CryptoPro CSP Process Creation denial of service |
$۰-$۱k |
۰.۹۱ |
Not Defined |
|
CVE-2020-24847 |
۴.۳ |
FruityWifi page_config_adv.php cross-site request forgery |
$۰-$۱k |
۱.۱۵ |
Not Defined |
|
CVE-2020-24848 |
۸.۸ |
FruityWifi sudo access control |
$۲k-$5k |
۱.۵۹ |
Not Defined |
|
CVE-2020-13327 |
۶.۰ |
GitLab Runner Runner Configuration unknown vulnerability |
$۲k-$5k |
۱.۴۴ |
|
|
CVE-2020-26895 |
۵.۵ |
Lightning Network Daemon HTLC Transaction unknown vulnerability |
$۲k-$5k |
۰.۰۴ |
|
|
CVE-2020-26896 |
۶.۳ |
Lightning Network Daemon HTLC unknown vulnerability |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-27673 |
۵.۷ |
Linux Kernel dom0 Event denial of service |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-27675 |
۵.۵ |
Linux Kernel events_base.c use after free |
$۱۰k-$25k |
۰.۰۸ |
|
|
CVE-2020-25656 |
۹.۹ |
Linux Kernel KDGKBSENT/KDSKBSENT vt_do_kdgkb_ioctl race condition |
$۵k-$10k |
۰.۰۰ |
Not Defined |
|
CVE-2020-11853 |
۶.۳ |
Micro Focus Manager unknown vulnerability |
$۲k-$5k |
۰.۰۰ |
Not Defined |
|
CVE-2019-16129 |
۵.۵ |
Microchip CryptoAuthentication Library CryptoAuthLib buffer overflow |
$۲k-$5k |
۰.۹۵ |
|
|
CVE-2019-16128 |
۵.۵ |
Microchip CryptoAuthentication Library CryptoAuthLib buffer overflow |
$۲k-$5k |
۰.۹۵ |
|
|
CVE-2020-7745 |
۷.۱ |
MintegralAdSDK backdoor |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-15254 |
۸.۱ |
Mozilla Firefox Crossbeam Rust Crate from_iter memory corruption |
$۲۵k-$50k |
۰.۰۰ |
|
|
CVE-2020-15969 |
۶.۳ |
Mozilla Firefox ESR usersctp use after free |
$۲۵k-$50k |
۰.۰۶ |
Official Fix |
|
CVE-2020-15682 |
۶.۳ |
Mozilla Firefox External Protocol improper restriction of rendered ui layers |
$۲۵k-$50k |
۰.۰۰ |
|
|
CVE-2020-15684 |
۶.۳ |
Mozilla Firefox External Protocol memory corruption |
$۲۵k-$50k |
۰.۰۰ |
|
|
CVE-2020-15680 |
۴.۳ |
Mozilla Firefox Image Tag information disclosure |
$۱۰k-$25k |
۰.۰۰ |
|
|
CVE-2020-15969 |
۶.۳ |
Mozilla Firefox usersctp use after free |
$۲۵k-$50k |
۰.۰۰ |
|
|
CVE-2020-15681 |
۴.۳ |
Mozilla Firefox WASM Thread denial of service |
$۱۰k-$25k |
۰.۰۰ |
|
|
CVE-2020-15683 |
۶.۳ |
Mozilla Firefox/Firefox ESR memory corruption |
$۲۵k-$50k |
۰.۰۰ |
|
|
CVE-2019-17006 |
۵.۵ |
Mozilla Network Security Services buffer overflow |
$۱۰k-$25k |
۰.۹۵ |
|
|
CVE-2020-25648 |
۷.۵ |
Mozilla Network Security Services CCS Message denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2019-17007 |
۴.۳ |
Mozilla Network Security Services Certificate Sequence denial of service |
$۲k-$5k |
۰.۹۹ |
|
|
CVE-2018-18508 |
۴.۳ |
Mozilla Network Security Services Signature denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-5792 |
۷.۲ |
Nagios XI Apache User neutralization |
$۲k-$5k |
۰.۰۵ |
Not Defined |
|
CVE-2020-5790 |
۶.۵ |
Nagios XI cross-site request forgery |
$۰-$۱k |
۰.۰۰ |
Not Defined |
|
CVE-2020-5978 |
۶.۳ |
NVIDIA GeForce Experience nvcontainer.exe access control |
$۱k-$2k |
۱.۳۳ |
|
|
CVE-2020-5990 |
۶.۳ |
NVIDIA GeForce Experience ShadowPlay access control |
$۱k-$2k |
۱.۵۱ |
|
|
CVE-2020-5977 |
۶.۳ |
NVIDIA GeForce Experience Web Helper NodeJS Web Server uncontrolled search path |
$۱k-$2k |
۱.۶۸ |
|
|
CVE-2020-1938 |
۹.۸ |
Oracle Agile PLM Folders/Files / Attachments unknown vulnerability |
$۲۵k-$50k |
۰.۱۸ |
|
|
CVE-2020-10683 |
۹.۸ |
Oracle Agile PLM Security unknown vulnerability |
$۲۵k-$50k |
۰.۱۳ |
|
|
CVE-2020-11022 |
۶.۱ |
Oracle Agile Product Lifecycle Management for Process Supplier Portal unknown vulnerability |
$۱۰k-$25k |
۰.۰۹ |
|
|
CVE-2019-11477 |
۷.۵ |
Oracle Fujitsu M10-1 XCP Firmware denial of service |
$۵k-$10k |
۰.۲۹ |
|
|
CVE-2018-3693 |
۵.۶ |
Oracle Fujitsu M12-1/Fujitsu M12-2/Fujitsu M12-2S XCP Firmware information disclosure |
$۲k-$5k |
۱.۷۶ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle Insurance Insbridge Rating and Underwriting Framework Administrator IBFA information disclosure |
$۵k-$10k |
۰.۰۵ |
|
|
CVE-2020-11022 |
۶.۱ |
Oracle Insurance Insbridge Rating and Underwriting Framework Administrator IBFA unknown vulnerability |
$۱۰k-$25k |
۰.۰۰ |
|
|
CVE-2020-5398 |
۷.۵ |
Oracle Insurance Policy Administration J2EE Admin Console unknown vulnerability |
$۲۵k-$50k |
۰.۰۵ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle Insurance Policy Administration J2EE Architecture information disclosure |
$۵k-$10k |
۰.۰۵ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle Insurance Rules Palette Architecture information disclosure |
$۵k-$10k |
۰.۰۵ |
|
|
CVE-2020-14792 |
۴.۲ |
Oracle Java SE Hotspot unknown vulnerability |
$۲۵k-$50k |
۰.۱۲ |
|
|
CVE-2020-14781 |
۳.۷ |
Oracle Java SE JNDI information disclosure |
$۱۰k-$25k |
۰.۱۴ |
|
|
CVE-2020-14796 |
۳.۱ |
Oracle Java SE Libraries information disclosure |
$۱۰k-$25k |
۰.۰۸ |
|
|
CVE-2020-14803 |
۵.۳ |
Oracle Java SE Libraries information disclosure |
$۱۰k-$25k |
۰.۳۲ |
|
|
CVE-2020-14798 |
۳.۱ |
Oracle Java SE Libraries unknown vulnerability |
$۲۵k-$50k |
۰.۰۸ |
|
|
CVE-2020-14797 |
۳.۷ |
Oracle Java SE Libraries unknown vulnerability |
$۲۵k-$50k |
۰.۰۸ |
|
|
CVE-2020-14782 |
۳.۷ |
Oracle Java SE Libraries unknown vulnerability |
$۲۵k-$50k |
۰.۰۰ |
|
|
CVE-2020-14779 |
۳.۷ |
Oracle Java SE Serialization denial of service |
$۱۰k-$25k |
۰.۲۵ |
|
|
CVE-2020-8174 |
۹.۸ |
Oracle MySQL Cluster JS module unknown vulnerability |
$۲۵k-$50k |
۰.۰۴ |
|
|
CVE-2020-14853 |
۴.۶ |
Oracle MySQL Cluster NDBCluster Plugin unknown vulnerability |
$۱۰k-$25k |
۰.۳۷ |
|
|
CVE-2020-13935 |
۷.۵ |
Oracle MySQL Enterprise Monitor Monitoring: General denial of service |
$۵k-$10k |
۰.۰۵ |
|
|
CVE-2020-14852 |
۴.۹ |
Oracle MySQL Server Charsets denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14867 |
۴.۴ |
Oracle MySQL Server DDL denial of service |
$۲k-$5k |
۰.۲۳ |
|
|
CVE-2020-14814 |
۴.۹ |
Oracle MySQL Server DML denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14828 |
۷.۲ |
Oracle MySQL Server DML unknown vulnerability |
$۱۰k-$25k |
۰.۱۸ |
|
|
CVE-2020-14799 |
۴.۹ |
Oracle MySQL Server Encryption denial of service |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-14800 |
۶.۵ |
Oracle MySQL Server Encryption denial of service |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-14804 |
۴.۹ |
Oracle MySQL Server FTS denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14789 |
۴.۹ |
Oracle MySQL Server FTS denial of service |
$۲k-$5k |
۰.۱۶ |
|
|
CVE-2020-14765 |
۶.۵ |
Oracle MySQL Server FTS denial of service |
$۲k-$5k |
۰.۰۴ |
|
|
CVE-2020-14791 |
۲.۲ |
Oracle MySQL Server InnoDB denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14848 |
۴.۹ |
Oracle MySQL Server InnoDB denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14829 |
۴.۹ |
Oracle MySQL Server InnoDB denial of service |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-14821 |
۴.۹ |
Oracle MySQL Server InnoDB denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14776 |
۴.۹ |
Oracle MySQL Server InnoDB denial of service |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-14775 |
۶.۵ |
Oracle MySQL Server InnoDB denial of service |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-14771 |
۲.۲ |
Oracle MySQL Server LDAP Auth denial of service |
$۲k-$5k |
۰.۱۴ |
|
|
CVE-2020-14869 |
۴.۹ |
Oracle MySQL Server LDAP Auth denial of service |
$۲k-$5k |
۰.۰۹ |
|
|
CVE-2020-14827 |
۶.۵ |
Oracle MySQL Server LDAP Auth information disclosure |
$۵k-$10k |
۰.۰۴ |
|
|
CVE-2020-14878 |
۸.۰ |
Oracle MySQL Server LDAP Auth unknown vulnerability |
$۱۰k-$25k |
۰.۰۸ |
|
|
CVE-2020-14812 |
۴.۹ |
Oracle MySQL Server Locking denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14873 |
۴.۴ |
Oracle MySQL Server Logging denial of service |
$۲k-$5k |
۰.۳۰ |
|
|
CVE-2020-14893 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۹ |
|
|
CVE-2020-14891 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14888 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۹ |
|
|
CVE-2020-14868 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۴ |
|
|
CVE-2020-14866 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۵۳ |
|
|
CVE-2020-14861 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۱۹ |
|
|
CVE-2020-14845 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۴ |
|
|
CVE-2020-14839 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۴ |
|
|
CVE-2020-14837 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14809 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۹ |
|
|
CVE-2020-14794 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14793 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-14785 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-14777 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۱۶ |
|
|
CVE-2020-14773 |
۴.۹ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14846 |
۶.۵ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14836 |
۶.۵ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۴ |
|
|
CVE-2020-14830 |
۶.۵ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-14769 |
۶.۵ |
Oracle MySQL Server Optimizer denial of service |
$۲k-$5k |
۰.۰۴ |
|
|
CVE-2020-14760 |
۵.۵ |
Oracle MySQL Server Optimizer unknown vulnerability |
$۱۰k-$25k |
۰.۰۴ |
|
|
CVE-2020-14838 |
۴.۳ |
Oracle MySQL Server Privileges information disclosure |
$۵k-$10k |
۰.۲۱ |
|
|
CVE-2020-14844 |
۴.۹ |
Oracle MySQL Server PS denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14790 |
۴.۹ |
Oracle MySQL Server PS denial of service |
$۲k-$5k |
۰.۱۶ |
|
|
CVE-2020-14786 |
۴.۹ |
Oracle MySQL Server PS denial of service |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-14860 |
۲.۷ |
Oracle MySQL Server Roles unknown vulnerability |
$۱۰k-$25k |
۰.۳۳ |
|
|
CVE-2020-14672 |
۴.۹ |
Oracle MySQL Server Stored Procedure denial of service |
$۲k-$5k |
۰.۳۳ |
|
|
CVE-2020-14870 |
۴.۹ |
Oracle MySQL Server X Plugin denial of service |
$۲k-$5k |
۰.۱۳ |
|
|
CVE-2020-1730 |
۵.۳ |
Oracle MySQL Workbench denial of service |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-1967 |
۷.۵ |
Oracle MySQL Workbench Workbench: Encryption denial of service |
$۵k-$10k |
۰.۰۴ |
|
|
CVE-2020-14778 |
۶.۳ |
Oracle PeopleSoft Enterprise HCM Global Payroll Core Security unknown vulnerability |
$۱۰k-$25k |
۰.۱۶ |
|
|
CVE-2020-1954 |
۵.۳ |
Oracle PeopleSoft Enterprise PeopleTools Elastic Search information disclosure |
$۵k-$10k |
۰.۰۹ |
|
|
CVE-2020-14832 |
۶.۱ |
Oracle PeopleSoft Enterprise PeopleTools Integration Broker unknown vulnerability |
$۱۰k-$25k |
۰.۲۱ |
|
|
CVE-2020-14795 |
۶.۵ |
Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology information disclosure |
$۵k-$10k |
۰.۰۸ |
|
|
CVE-2020-11022 |
۶.۱ |
Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology unknown vulnerability |
$۱۰k-$25k |
۰.۳۰ |
|
|
CVE-2020-14802 |
۶.۱ |
Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology unknown vulnerability |
$۱۰k-$25k |
۰.۴۴ |
|
|
CVE-2020-14801 |
۶.۱ |
Oracle PeopleSoft Enterprise PeopleTools PIA Core Technology unknown vulnerability |
$۱۰k-$25k |
۰.۰۸ |
|
|
CVE-2020-14813 |
۶.۱ |
Oracle PeopleSoft Enterprise PeopleTools PIA Grids unknown vulnerability |
$۱۰k-$25k |
۰.۰۰ |
|
|
CVE-2020-11022 |
۶.۱ |
Oracle PeopleSoft Enterprise PeopleTools Portal/Charting unknown vulnerability |
$۱۰k-$25k |
۰.۳۵ |
|
|
CVE-2020-14847 |
۲.۷ |
Oracle PeopleSoft Enterprise PeopleTools Query information disclosure |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-14806 |
۵.۳ |
Oracle PeopleSoft Enterprise PeopleTools Query information disclosure |
$۵k-$10k |
۰.۰۵ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle PeopleSoft Enterprise PeopleTools Tools Admin API information disclosure |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle PeopleSoft Enterprise PeopleTools Updates Environment Mgmt information disclosure |
$۵k-$10k |
۰.۰۹ |
|
|
CVE-2018-11058 |
۹.۸ |
Oracle PeopleSoft Enterprise PeopleTools Weblogic unknown vulnerability |
$۲۵k-$50k |
۰.۲۸ |
|
|
CVE-2020-14865 |
۸.۱ |
Oracle PeopleSoft Enterprise SCM eSupplier Connection unknown vulnerability |
$۱۰k-$25k |
۰.۰۰ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle Policy Automation Connector for Siebel information disclosure |
$۵k-$10k |
۰.۰۹ |
|
|
CVE-2020-11022 |
۶.۱ |
Oracle Policy Automation Connector for Siebel unknown vulnerability |
$۱۰k-$25k |
۰.۰۵ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle Policy Automation for Mobile Devices information disclosure |
$۵k-$10k |
۰.۲۳ |
|
|
CVE-2020-11022 |
۶.۱ |
Oracle Policy Automation for Mobile Devices unknown vulnerability |
$۱۰k-$25k |
۰.۲۱ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle Policy Automation information disclosure |
$۵k-$10k |
۰.۰۹ |
|
|
CVE-2020-11022 |
۶.۱ |
Oracle Policy Automation unknown vulnerability |
$۱۰k-$25k |
۰.۰۹ |
|
|
CVE-2020-14732 |
۳.۱ |
Oracle Promotions information disclosure |
$۵k-$10k |
۰.۱۳ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle Retail Advanced Inventory Planning AIP Dashboard information disclosure |
$۵k-$10k |
۰.۲۹ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle Retail Assortment Planning Application Core information disclosure |
$۵k-$10k |
۰.۱۸ |
|
|
CVE-2019-3740 |
۶.۵ |
Oracle Retail Assortment Planning Application Core information disclosure |
$۵k-$10k |
۰.۲۹ |
|
|
CVE-2020-11022 |
۶.۱ |
Oracle Retail Back Office Security unknown vulnerability |
$۱۰k-$25k |
۰.۴۱ |
|
|
CVE-2020-1945 |
۹.۱ |
Oracle Retail Back Office Security unknown vulnerability |
$۲۵k-$50k |
۰.۱۷ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle Retail Bulk Data Integration BDI Job Scheduler information disclosure |
$۵k-$10k |
۰.۱۳ |
|
|
CVE-2020-11022 |
۶.۱ |
Oracle Retail Central Office Security unknown vulnerability |
$۱۰k-$25k |
۰.۳۰ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle Retail Integration Bus RIB Kernal information disclosure |
$۵k-$10k |
۰.۴۶ |
|
|
CVE-2019-3740 |
۶.۵ |
Oracle Retail Integration Bus RIB Kernal information disclosure |
$۵k-$10k |
۰.۴۶ |
|
|
CVE-2020-9410 |
۸.۸ |
Oracle Retail Order Broker Order Broker Foundation unknown vulnerability |
$۲۵k-$50k |
۰.۱۷ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle Retail Order Broker Store Connect information disclosure |
$۵k-$10k |
۰.۴۱ |
|
|
CVE-2019-12415 |
۵.۵ |
Oracle Retail Order Broker Store Connect information disclosure |
$۲k-$5k |
۰.۶۹ |
|
|
CVE-2020-10683 |
۹.۸ |
Oracle Retail Order Broker System Administration unknown vulnerability |
$۲۵k-$50k |
۰.۲۱ |
|
|
CVE-2019-11358 |
۶.۱ |
Oracle Retail Point-of-Service Mobile POS unknown vulnerability |
$۱۰k-$25k |
۰.۵۰ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle Retail Predictive Application Server RPAS Fusion Client information disclosure |
$۵k-$10k |
۰.۱۳ |
|
|
CVE-2019-3740 |
۶.۵ |
Oracle Retail Predictive Application Server RPAS Server information disclosure |
$۵k-$10k |
۰.۳۶ |
|
|
CVE-2020-11022 |
۶.۱ |
Oracle Retail Returns Management Security unknown vulnerability |
$۱۰k-$25k |
۰.۰۹ |
|
|
CVE-2019-3740 |
۶.۵ |
Oracle Retail Service Backbone RSB kernel information disclosure |
$۵k-$10k |
۰.۰۴ |
|
|
CVE-2020-9546 |
۹.۸ |
Oracle Retail Service Backbone RSB kernel unknown vulnerability |
$۲۵k-$50k |
۰.۰۹ |
|
|
CVE-2019-3740 |
۶.۵ |
Oracle Retail Xstore Point of Service Xenvironment information disclosure |
$۵k-$10k |
۰.۲۱ |
|
|
CVE-2020-14731 |
۳.۱ |
Oracle Segment information disclosure |
$۵k-$10k |
۰.۱۳ |
|
|
CVE-2020-11022 |
۶.۱ |
Oracle Segments unknown vulnerability |
$۱۰k-$25k |
۰.۱۳ |
|
|
CVE-2019-10072 |
۷.۵ |
Oracle Siebel Apps - Marketing Mktg/Campaign Mgmt denial of service |
$۵k-$10k |
۰.۰۴ |
|
|
CVE-2016-1000031 |
۹.۸ |
Oracle Siebel Apps - Marketing Mktg/Email Mktg Stand-Alone unknown vulnerability |
$۲۵k-$50k |
۰.۴۱ |
|
|
CVE-2020-11022 |
۶.۱ |
Oracle Siebel UI Framework UIF Open UI unknown vulnerability |
$۱۰k-$25k |
۰.۰۵ |
|
|
CVE-2020-14754 |
۵.۵ |
Oracle Solaris Filesystem denial of service |
$۲k-$5k |
۰.۵۶ |
|
|
CVE-2020-14759 |
۲.۵ |
Oracle Solaris Kernel unknown vulnerability |
$۵k-$10k |
۰.۳۴ |
|
|
CVE-2020-14758 |
۵.۶ |
Oracle Solaris Kernel unknown vulnerability |
$۵k-$10k |
۰.۶۹ |
|
|
CVE-2020-14871 |
۱۰.۰ |
Oracle Solaris Pluggable authentication module unknown vulnerability |
$۲۵k-$50k |
۰.۹۱ |
|
|
CVE-2020-14818 |
۳.۰ |
Oracle Solaris Utility unknown vulnerability |
$۱۰k-$25k |
۰.۲۲ |
|
|
CVE-2020-9484 |
۷.۰ |
Oracle Transportation Management Install unknown vulnerability |
$۱۰k-$25k |
۰.۱۳ |
|
|
CVE-2020-9488 |
۳.۷ |
Oracle Utilities Framework Common information disclosure |
$۵k-$10k |
۰.۰۴ |
|
|
CVE-2019-10173 |
۹.۸ |
Oracle Utilities Framework Common unknown vulnerability |
$۲۵k-$50k |
۰.۷۴ |
|
|
CVE-2020-1945 |
۶.۳ |
Oracle Utilities Framework General unknown vulnerability |
$۱۰k-$25k |
۰.۲۹ |
|
|
CVE-2020-14895 |
۵.۴ |
Oracle Utilities Framework System Wide unknown vulnerability |
$۱۰k-$25k |
۰.۲۵ |
|
|
CVE-2020-14892 |
۵.۵ |
Oracle VM VirtualBox denial of service |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14889 |
۶.۰ |
Oracle VM VirtualBox information disclosure |
$۲k-$5k |
۰.۰۰ |
|
|
CVE-2020-14886 |
۶.۰ |
Oracle VM VirtualBox information disclosure |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-14885 |
۶.۰ |
Oracle VM VirtualBox information disclosure |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-14884 |
۶.۰ |
Oracle VM VirtualBox information disclosure |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-14881 |
۶.۰ |
Oracle VM VirtualBox information disclosure |
$۲k-$5k |
۰.۰۸ |
|
|
CVE-2020-14872 |
۸.۲ |
Oracle VM VirtualBox unknown vulnerability |
$۱۰k-$25k |
۰.۷۵ |
|
|
CVE-2020-3909 |
۹.۸ |
Oracle ZFS Storage Appliance Kit Operating System Image unknown vulnerability |
$۲۵k-$50k |
۰.۴۲ |
|
|
CVE-2020-15270 |
۴.۳ |
parse-server Session Token operation on a resource after expiration |
$۱k-$2k |
۰.۱۶ |
Not Defined |
|
CVE-2020-13778 |
۵.۵ |
rConfig GET Request ajaxAddTemplate.php os command injection |
$۱k-$2k |
۰.۳۳ |
Not Defined |
|
CVE-2020-25157 |
۷.۵ |
R-SeeNet Webpage sql injection |
$۱k-$2k |
۰.۰۰ |
Not Defined |
|
CVE-2020-6366 |
۷.۶ |
SAP NetWeaver Compare Systems information disclosure |
$۵k-$10k |
۰.۱۲ |
Not Defined |
|
CVE-2020-6367 |
۴.۷ |
SAP NetWeaver Composite Application Framework cross site scripting |
$۵k-$10k |
۰.۱۶ |
Not Defined |
|
CVE-2020-6370 |
۳.۴ |
SAP NetWeaver Design Time Repository cross site scripting |
$۲k-$5k |
۰.۱۱ |
Not Defined |
|
CVE-2020-6369 |
۷.۳ |
SAP Solution Manager/Focused Run hard-coded password |
$۱۰k-$25k |
۰.۱۶ |
Not Defined |
|
CVE-2020-15910 |
۴.۰ |
SolarWinds N-central Cookie information disclosure |
$۱k-$2k |
۰.۰۵ |
Not Defined |
|
CVE-2020-15909 |
۵.۵ |
SolarWinds N-central unknown vulnerability |
$۲k-$5k |
۰.۰۵ |
Not Defined |
|
CVE-2020-15269 |
۷.۴ |
Spree Storefront API v2 Endpoint session expiration |
$۱k-$2k |
۰.۰۵ |
|
|
CVE-2020-27665 |
۵.۵ |
Strapi content-type-builder Route hasPermissions permission |
$۱k-$2k |
۰.۲۴ |
|
|
CVE-2020-27664 |
۵.۵ |
Strapi index.js unknown vulnerability |
$۲k-$5k |
۰.۱۶ |
|
|
CVE-2020-27666 |
۳.۵ |
Strapi WYSIWYG Editor Preview cross site scripting |
$۰-$۱k |
۰.۲۴ |
|
|
CVE-2020-24266 |
۷.۵ |
tcpreplay tcpprep get_l2len heap-based buffer overflow |
$۱k-$2k |
۰.۰۵ |
Not Defined |
|
CVE-2020-24265 |
۷.۵ |
tcpreplay tcpprep MemcmpInterceptorCommon heap-based buffer overflow |
$۲k-$5k |
۰.۰۵ |
Not Defined |
|
CVE-2020-9417 |
۷.۶ |
TIBCO Foresight Archive and Retrieval System Transaction Insight Reporting sql injection |
$۱k-$2k |
۰.۰۴ |
Not Defined |
|
CVE-2020-15906 |
۶.۳ |
Tiki Admin Password tiki-login.php improper authentication |
$۱k-$2k |
۰.۰۸ |
|
|
CVE-2020-8929 |
۵.۳ |
Tink Java missing encryption |
$۱k-$2k |
۰.۰۰ |
|
|
CVE-2020-7364 |
۴.۳ |
Ucweb UC Browser Address Bar clickjacking |
$۲k-$5k |
۰.۰۰ |
Not Defined |
|
CVE-2020-7363 |
۴.۳ |
Ucweb UC Browser Address Bar clickjacking |
$۲k-$5k |
۰.۰۹ |
Not Defined |
|
CVE-2019-14719 |
۵.۵ |
VeriFone MX900 File Manager command injection |
$۱k-$2k |
۰.۴۱ |
Not Defined |
|
CVE-2019-14713 |
۵.۵ |
VeriFone MX900 Installation insufficient verification of data authenticity |
$۱k-$2k |
۰.۵۷ |
Not Defined |
|
CVE-2019-14718 |
۵.۵ |
VeriFone MX900 Permission svc_netcontrol access control |
$۱k-$2k |
۰.۵۸ |
Not Defined |
|
CVE-2019-14711 |
۵.۵ |
VeriFone MX900 race condition |
$۰-$۱k |
۰.۵۷ |
Not Defined |
|
CVE-2019-14715 |
۷.۱ |
VeriFone Pinpad Payment Terminal SBI Bootloader memory corruption |
$۱k-$2k |
۰.۶۵ |
Not Defined |
|
CVE-2019-14717 |
۵.۵ |
VeriFone Verix OS System Call buffer overflow |
$۲k-$5k |
۰.۷۳ |
Not Defined |
|
CVE-2019-14712 |
۵.۵ |
VeriFone VerixV S1G File unknown vulnerability |
$۲k-$5k |
۰.۶۵ |
Not Defined |
|
CVE-2019-14716 |
۴.۶ |
VeriFone VerixV Shell access control |
$۰-$۱k |
۰.۴۹ |
Not Defined |
|
CVE-2020-3992 |
۴.۷ |
VMware ESXi OpenSLP use after free |
$۱۰k-$25k |
۰.۳۳ |
|
|
CVE-2020-3995 |
۴.۳ |
VMware ESXi/Workstation/Fusion VMCI Host Driver resource consumption |
$۲k-$5k |
۰.۰۰ |
Official Fix |
|
CVE-2020-3981 |
۵.۵ |
VMware ESXi/Workstation/Fusion VMX Process out-of-bounds read |
$۵k-$10k |
۰.۰۰ |
Official Fix |
|
CVE-2020-3982 |
۷.۲ |
VMware ESXi/Workstation/Fusion VMX Process out-of-bounds write |
$۱۰k-$25k |
۰.۱۷ |
|
|
CVE-2020-3998 |
۳.۳ |
VMware Horizon Client Local Privilege information disclosure |
$۲k-$5k |
۱.۰۸ |
|
|
CVE-2020-3997 |
۳.۰ |
VMware Horizon Server Scripting cross site scripting |
$۲k-$5k |
۱.۲۴ |
|
|
CVE-2020-3993 |
۵.۵ |
VMware NSX-T NSX Manager unknown vulnerability |
$۱۰k-$25k |
۰.۰۰ |
|
|
CVE-2020-3994 |
۳.۵ |
VMware vCenter Server Appliance Appliance Management Interface certificate validation |
$۵k-$10k |
۰.۰۰ |
|
|
CVE-2020-3996 |
۳.۵ |
Vmware Velero Volume information disclosure |
$۲k-$5k |
۰.۱۶ |
|
|
CVE-2020-5650 |
۶.۳ |
WordPress Simple Download Monitor Scripting cross site scripting |
$۰-$۱k |
۰.۰۸ |
Not Defined |
|
CVE-2020-5651 |
۶.۳ |
WordPress Simple Download Monitor URL sql injection |
$۱k-$2k |
۰.۰۰ |
Not Defined |
|
CVE-2020-27670 |
۳.۵ |
Xen AMD IOMMU Page-Table Entry denial of service |
$۲k-$5k |
۰.۲۴ |
|
|
CVE-2020-27671 |
۳.۵ |
Xen IOMMU TLB Flush denial of service |
$۲k-$5k |
۰.۲۴ |
|
|
CVE-2020-27672 |
۵.۵ |
Xen Superpage use after free |
$۱۰k-$25k |
۰.۲۴ |
|
|
CVE-2020-27674 |
۸.۰ |
Xen TLB Entry memory corruption |
$۱۰k-$25k |
۰.۰۸ |
|
|
CVE-2020-7371 |
۴.۳ |
Yandex Browser Address Bar clickjacking |
$۲k-$5k |
۰.۰۰ |
Not Defined |
|
CVE-2020-7369 |
۴.۳ |
Yandex Browser Address Bar clickjacking |
$۲k-$5k |
۰.۰۵ |
Not Defined |
سطح خطر حدود ۲۴% آسیبپذیریهای هفته، «پرخطر» و «حیاتی» برآورد شده است که قابل توجّه است.
ارزش روز صفرم ۵۶% آسیبپذیریهای هفته بیش از ۵۰۰۰ دلار بوده است.
خوشبختانه برای ۸۸% آسیبپذیریهای هفته، بهروزرسانیها و یا وصلههایی رسماً ارائه شده که برای جلوگیری از سوءاستفاده ازآسیبپذیریها بهتر است سریعاً اعمال شوند.
