Total
34213 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-7113 | 1 Arubanetworks | 1 Clearpass | 2024-11-21 | 4.9 Medium |
| A vulnerability was found when an attacker, while communicating with the ClearPass management interface, is able to intercept and change parameters in the HTTP packets resulting in the compromise of some of ClearPass' service accounts. Resolution: Fixed in 6.7.10, 6.8.1, 6.9.0 and higher. | ||||
| CVE-2020-7109 | 1 Elementor | 1 Website Builder | 2024-11-21 | 9.8 Critical |
| The Elementor Page Builder plugin before 2.8.4 for WordPress does not sanitize data during creation of a new template. | ||||
| CVE-2020-6939 | 1 Tableau | 1 Tableau Server | 2024-11-21 | 9.8 Critical |
| Tableau Server installations configured with Site-Specific SAML that allows the APIs to be used by unauthenticated users. If exploited, this could allow a malicious user to configure Site-Specific SAML settings and could lead to account takeover for users of that site. Tableau Server versions affected on both Windows and Linux are: 2018.2 through 2018.2.27, 2018.3 through 2018.3.24, 2019.1 through 2019.1.22, 2019.2 through 2019.2.18, 2019.3 through 2019.3.14, 2019.4 through 2019.4.13, 2020.1 through 2020.1.10, 2020.2 through 2020.2.7, and 2020.3 through 2020.3.2. | ||||
| CVE-2020-6937 | 1 Mulesoft | 1 Mule Runtime | 2024-11-21 | 7.5 High |
| A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April 7, 2020, could allow remote attackers to submit data which can lead to resource exhaustion. | ||||
| CVE-2020-6931 | 1 Hp | 1 Print And Scan Doctor | 2024-11-21 | 7.8 High |
| HP Print and Scan Doctor may potentially be vulnerable to local elevation of privilege. | ||||
| CVE-2020-6922 | 1 Hp | 1 Support Assistant | 2024-11-21 | 7.8 High |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | ||||
| CVE-2020-6921 | 1 Hp | 1 Support Assistant | 2024-11-21 | 7.8 High |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | ||||
| CVE-2020-6920 | 1 Hp | 1 Support Assistant | 2024-11-21 | 5.5 Medium |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | ||||
| CVE-2020-6919 | 1 Hp | 1 Support Assistant | 2024-11-21 | 7.8 High |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | ||||
| CVE-2020-6918 | 1 Hp | 1 Support Assistant | 2024-11-21 | 7.8 High |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | ||||
| CVE-2020-6917 | 1 Hp | 1 Support Assistant | 2024-11-21 | 7.8 High |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | ||||
| CVE-2020-6877 | 1 Zte | 2 Zxa10 Eodn, Zxa10 Eodn Firmware | 2024-11-21 | 8.8 High |
| A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally for operation. This affects: ZXA10 eODN V2.3P2T1 | ||||
| CVE-2020-6873 | 1 Zte | 2 Zxr10 2800-4 Almpufb\(low\), Zxr10 2800-4 Almpufb\(low\) Firmware | 2024-11-21 | 5.3 Medium |
| A ZTE product has a DoS vulnerability. Because the equipment couldn’t distinguish the attack packets and normal packets with valid http links, the remote attackers could use this vulnerability to cause the equipment WEB/TELNET module denial of service and make the equipment be out of management. This affects: ZXR10 2800-4_ALMPUFB(LOW), all versions up to V3.00.40. | ||||
| CVE-2020-6869 | 1 Zte | 1 Ztemarket Apk | 2024-11-21 | 8.1 High |
| All versions up to 10.06 of ZTEMarket APK are impacted by an information leak vulnerability. Due to Activity Component exposure users can exploit this vulnerability to get the private cookie and execute silent installation. | ||||
| CVE-2020-6866 | 1 Zte | 2 Zxctn 6500, Zxctn 6500 Firmware | 2024-11-21 | 4.9 Medium |
| A ZTE product is impacted by a resource management error vulnerability. An attacker could exploit this vulnerability to cause a denial of service by issuing a specific command. This affects: ZXCTN 6500 version V2.10.00R3B87. | ||||
| CVE-2020-6864 | 1 Zte | 2 E8820v3, E8820v3 Firmware | 2024-11-21 | 6.5 Medium |
| ZTE E8820V3 router product is impacted by an information leak vulnerability. Attackers could use this vulnerability to to gain wireless passwords. After obtaining the wireless password, the attacker could collect information and attack the router. | ||||
| CVE-2020-6863 | 1 Zte | 2 E8820v3, E8820v3 Firmware | 2024-11-21 | 6.5 Medium |
| ZTE E8820V3 router product is impacted by a permission and access control vulnerability. Attackers could use this vulnerability to tamper with DDNS parameters and send DoS attacks on the specified URL. | ||||
| CVE-2020-6833 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 7.5 High |
| An issue was discovered in GitLab EE 11.3 and later. A GitLab Workhorse bypass could lead to package and file disclosure via request smuggling. | ||||
| CVE-2020-6832 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.3 Medium |
| An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. Using the project import feature, it was possible for someone to obtain issues from private projects. | ||||
| CVE-2020-6829 | 2 Mozilla, Redhat | 3 Firefox, Enterprise Linux, Openshift Do | 2024-11-21 | 5.3 Medium |
| When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox < 80 and Firefox for Android < 80. | ||||