| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2020-17000 | Remote Desktop Protocol Client Information Disclosure Vulnerability | S | |
| CVE-2020-17001 | Windows Print Spooler Elevation of Privilege Vulnerability | S | |
| CVE-2020-17002 | Azure SDK for C Security Feature Bypass Vulnerability | S | |
| CVE-2020-17003 | Base3D Remote Code Execution Vulnerability | S | |
| CVE-2020-17004 | Windows Graphics Component Information Disclosure Vulnerability | S | |
| CVE-2020-17005 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | S | |
| CVE-2020-17006 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | S | |
| CVE-2020-17007 | Windows Error Reporting Elevation of Privilege Vulnerability | S | |
| CVE-2020-17010 | Win32k Elevation of Privilege Vulnerability | S | |
| CVE-2020-17011 | Windows Port Class Library Elevation of Privilege Vulnerability | S | |
| CVE-2020-17012 | Windows Bind Filter Driver Elevation of Privilege Vulnerability | S | |
| CVE-2020-17013 | Win32k Information Disclosure Vulnerability | S | |
| CVE-2020-17014 | Windows Print Spooler Elevation of Privilege Vulnerability | S | |
| CVE-2020-17015 | Microsoft SharePoint Server Spoofing Vulnerability | S | |
| CVE-2020-17016 | Microsoft SharePoint Server Spoofing Vulnerability | S | |
| CVE-2020-17017 | Microsoft SharePoint Information Disclosure Vulnerability | S | |
| CVE-2020-17018 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | S | |
| CVE-2020-17019 | Microsoft Excel Remote Code Execution Vulnerability | S | |
| CVE-2020-17020 | Microsoft Word Security Feature Bypass Vulnerability | S | |
| CVE-2020-17021 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | S | |
| CVE-2020-17022 | Microsoft Windows Codecs Library Remote Code Execution Vulnerability | S | |
| CVE-2020-17023 | Visual Studio JSON Remote Code Execution Vulnerability | S | |
| CVE-2020-17024 | Windows Client Side Rendering Print Provider Elevation of Privilege Vulnerability | S | |
| CVE-2020-17025 | Windows Remote Access Elevation of Privilege Vulnerability | S | |
| CVE-2020-17026 | Windows Remote Access Elevation of Privilege Vulnerability | S | |
| CVE-2020-17027 | Windows Remote Access Elevation of Privilege Vulnerability | S | |
| CVE-2020-17028 | Windows Remote Access Elevation of Privilege Vulnerability | S | |
| CVE-2020-17029 | Windows Canonical Display Driver Information Disclosure Vulnerability | S | |
| CVE-2020-17030 | Windows MSCTF Server Information Disclosure Vulnerability | S | |
| CVE-2020-17031 | Windows Remote Access Elevation of Privilege Vulnerability | S | |
| CVE-2020-17032 | Windows Remote Access Elevation of Privilege Vulnerability | S | |
| CVE-2020-17033 | Windows Remote Access Elevation of Privilege Vulnerability | S | |
| CVE-2020-17034 | Windows Remote Access Elevation of Privilege Vulnerability | S | |
| CVE-2020-17035 | Windows Kernel Elevation of Privilege Vulnerability | S | |
| CVE-2020-17036 | Windows Function Discovery SSDP Provider Information Disclosure Vulnerability | S | |
| CVE-2020-17037 | Windows WalletService Elevation of Privilege Vulnerability | S | |
| CVE-2020-17038 | Win32k Elevation of Privilege Vulnerability | S | |
| CVE-2020-17040 | Windows Hyper-V Security Feature Bypass Vulnerability | S | |
| CVE-2020-17041 | Windows Print Configuration Elevation of Privilege Vulnerability | S | |
| CVE-2020-17042 | Windows Print Spooler Remote Code Execution Vulnerability | S | |
| CVE-2020-17043 | Windows Remote Access Elevation of Privilege Vulnerability | S | |
| CVE-2020-17044 | Windows Remote Access Elevation of Privilege Vulnerability | S | |
| CVE-2020-17045 | Windows KernelStream Information Disclosure Vulnerability | S | |
| CVE-2020-17046 | Windows Error Reporting Denial of Service Vulnerability | S | |
| CVE-2020-17047 | Windows Network File System Denial of Service Vulnerability | S | |
| CVE-2020-17048 | Chakra Scripting Engine Memory Corruption Vulnerability | S | |
| CVE-2020-17049 | Kerberos KDC Security Feature Bypass Vulnerability | S | |
| CVE-2020-17051 | Windows Network File System Remote Code Execution Vulnerability | S | |
| CVE-2020-17052 | Scripting Engine Memory Corruption Vulnerability | S | |
| CVE-2020-17053 | Internet Explorer Memory Corruption Vulnerability | S | |
| CVE-2020-17054 | Chakra Scripting Engine Memory Corruption Vulnerability | S | |
| CVE-2020-17055 | Windows Remote Access Elevation of Privilege Vulnerability | S | |
| CVE-2020-17056 | Windows Network File System Information Disclosure Vulnerability | S | |
| CVE-2020-17057 | Windows Win32k Elevation of Privilege Vulnerability | S | |
| CVE-2020-17058 | Microsoft Browser Memory Corruption Vulnerability | S | |
| CVE-2020-17060 | Microsoft SharePoint Server Spoofing Vulnerability | S | |
| CVE-2020-17061 | Microsoft SharePoint Remote Code Execution Vulnerability | S | |
| CVE-2020-17062 | Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability | S | |
| CVE-2020-17063 | Microsoft Office Online Spoofing Vulnerability | S | |
| CVE-2020-17064 | Microsoft Excel Remote Code Execution Vulnerability | S | |
| CVE-2020-17065 | Microsoft Excel Remote Code Execution Vulnerability | S | |
| CVE-2020-17066 | Microsoft Excel Remote Code Execution Vulnerability | S | |
| CVE-2020-17067 | Microsoft Excel Security Feature Bypass Vulnerability | S | |
| CVE-2020-17068 | Windows GDI+ Remote Code Execution Vulnerability | S | |
| CVE-2020-17069 | Windows NDIS Information Disclosure Vulnerability | S | |
| CVE-2020-17070 | Windows Update Medic Service Elevation of Privilege Vulnerability | S | |
| CVE-2020-17071 | Windows Delivery Optimization Information Disclosure Vulnerability | S | |
| CVE-2020-17073 | Windows Update Orchestrator Service Elevation of Privilege Vulnerability | S | |
| CVE-2020-17074 | Windows Update Orchestrator Service Elevation of Privilege Vulnerability | S | |
| CVE-2020-17075 | Windows USO Core Worker Elevation of Privilege Vulnerability | S | |
| CVE-2020-17076 | Windows Update Orchestrator Service Elevation of Privilege Vulnerability | S | |
| CVE-2020-17077 | Windows Update Stack Elevation of Privilege Vulnerability | S | |
| CVE-2020-17078 | Raw Image Extension Remote Code Execution Vulnerability | S | |
| CVE-2020-17079 | Raw Image Extension Remote Code Execution Vulnerability | S | |
| CVE-2020-17081 | Microsoft Raw Image Extension Information Disclosure Vulnerability | S | |
| CVE-2020-17082 | Raw Image Extension Remote Code Execution Vulnerability | S | |
| CVE-2020-17083 | Microsoft Exchange Server Remote Code Execution Vulnerability | S | |
| CVE-2020-17084 | Microsoft Exchange Server Remote Code Execution Vulnerability | S | |
| CVE-2020-17085 | Microsoft Exchange Server Denial of Service Vulnerability | S | |
| CVE-2020-17086 | Raw Image Extension Remote Code Execution Vulnerability | S | |
| CVE-2020-17087 | Windows Kernel Local Elevation of Privilege Vulnerability | KEV S | |
| CVE-2020-17088 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | S | |
| CVE-2020-17089 | Microsoft SharePoint Elevation of Privilege Vulnerability | S | |
| CVE-2020-17090 | Microsoft Defender for Endpoint Security Feature Bypass Vulnerability | S | |
| CVE-2020-17091 | Microsoft Teams Remote Code Execution Vulnerability | S | |
| CVE-2020-17092 | Windows Network Connections Service Elevation of Privilege Vulnerability | S | |
| CVE-2020-17094 | Windows Error Reporting Information Disclosure Vulnerability | S | |
| CVE-2020-17095 | Windows Hyper-V Remote Code Execution Vulnerability | S | |
| CVE-2020-17096 | Windows NTFS Remote Code Execution Vulnerability | S | |
| CVE-2020-17097 | Windows Digital Media Receiver Elevation of Privilege Vulnerability | S | |
| CVE-2020-17098 | Windows GDI+ Information Disclosure Vulnerability | S | |
| CVE-2020-17099 | Windows Lock Screen Security Feature Bypass Vulnerability | S | |
| CVE-2020-17100 | Visual Studio Tampering Vulnerability | S | |
| CVE-2020-17101 | HEIF Image Extensions Remote Code Execution Vulnerability | S | |
| CVE-2020-17102 | WebP Image Extensions Information Disclosure Vulnerability | S | |
| CVE-2020-17103 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | S | |
| CVE-2020-17104 | Visual Studio Code JSHint Extension Remote Code Execution Vulnerability | S | |
| CVE-2020-17105 | AV1 Video Extension Remote Code Execution Vulnerability | S | |
| CVE-2020-17106 | HEVC Video Extensions Remote Code Execution Vulnerability | S | |
| CVE-2020-17107 | HEVC Video Extensions Remote Code Execution Vulnerability | S | |
| CVE-2020-17108 | HEVC Video Extensions Remote Code Execution Vulnerability | S | |
| CVE-2020-17109 | HEVC Video Extensions Remote Code Execution Vulnerability | S | |
| CVE-2020-17110 | HEVC Video Extensions Remote Code Execution Vulnerability | S | |
| CVE-2020-17113 | Windows Camera Codec Information Disclosure Vulnerability | S | |
| CVE-2020-17115 | Microsoft SharePoint Server Spoofing Vulnerability | S | |
| CVE-2020-17117 | Microsoft Exchange Remote Code Execution Vulnerability | S | |
| CVE-2020-17118 | Microsoft SharePoint Remote Code Execution Vulnerability | S | |
| CVE-2020-17119 | Microsoft Outlook Information Disclosure Vulnerability | S | |
| CVE-2020-17120 | Microsoft SharePoint Information Disclosure Vulnerability | S | |
| CVE-2020-17121 | Microsoft SharePoint Remote Code Execution Vulnerability | S | |
| CVE-2020-17122 | Microsoft Excel Remote Code Execution Vulnerability | S | |
| CVE-2020-17123 | Microsoft Excel Remote Code Execution Vulnerability | S | |
| CVE-2020-17124 | Microsoft PowerPoint Remote Code Execution Vulnerability | S | |
| CVE-2020-17125 | Microsoft Excel Remote Code Execution Vulnerability | S | |
| CVE-2020-17126 | Microsoft Excel Information Disclosure Vulnerability | S | |
| CVE-2020-17127 | Microsoft Excel Remote Code Execution Vulnerability | S | |
| CVE-2020-17128 | Microsoft Excel Remote Code Execution Vulnerability | S | |
| CVE-2020-17129 | Microsoft Excel Remote Code Execution Vulnerability | S | |
| CVE-2020-17130 | Microsoft Excel Security Feature Bypass Vulnerability | S | |
| CVE-2020-17131 | Chakra Scripting Engine Memory Corruption Vulnerability | S | |
| CVE-2020-17132 | Microsoft Exchange Remote Code Execution Vulnerability | S | |
| CVE-2020-17133 | Microsoft Dynamics Business Central/NAV Information Disclosure Vulnerability | S | |
| CVE-2020-17134 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | S | |
| CVE-2020-17135 | Azure DevOps Server Spoofing Vulnerability | S | |
| CVE-2020-17136 | Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability | S | |
| CVE-2020-17137 | DirectX Graphics Kernel Elevation of Privilege Vulnerability | S | |
| CVE-2020-17138 | Windows Error Reporting Information Disclosure Vulnerability | S | |
| CVE-2020-17139 | Windows Overlay Filter Security Feature Bypass Vulnerability | S | |
| CVE-2020-17140 | Windows SMB Information Disclosure Vulnerability | S | |
| CVE-2020-17141 | Microsoft Exchange Remote Code Execution Vulnerability | S | |
| CVE-2020-17142 | Microsoft Exchange Remote Code Execution Vulnerability | S | |
| CVE-2020-17143 | Microsoft Exchange Server Information Disclosure Vulnerability | S | |
| CVE-2020-17144 | Microsoft Exchange Remote Code Execution Vulnerability | KEV S | |
| CVE-2020-17145 | Azure DevOps Server and Team Foundation Services Spoofing Vulnerability | S | |
| CVE-2020-17147 | Dynamics CRM Webclient Cross-site Scripting Vulnerability | S | |
| CVE-2020-17148 | Visual Studio Code Remote Development Extension Remote Code Execution Vulnerability | S | |
| CVE-2020-17150 | Visual Studio Code Remote Code Execution Vulnerability | S | |
| CVE-2020-17152 | Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability | S | |
| CVE-2020-17153 | Microsoft Edge for Android Spoofing Vulnerability | S | |
| CVE-2020-17156 | Visual Studio Remote Code Execution Vulnerability | S | |
| CVE-2020-17158 | Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability | S | |
| CVE-2020-17159 | Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability | S | |
| CVE-2020-17160 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-17162 | Microsoft Windows Security Feature Bypass Vulnerability | S | |
| CVE-2020-17163 | Visual Studio Code Python Extension Remote Code Execution Vulnerability | S | |
| CVE-2020-17352 | Two OS command injection vulnerabilities in the User Portal of Sophos XG Firewall through 2020-08-05... | S | |
| CVE-2020-17353 | scm/define-stencil-commands.scm in LilyPond through 2.20.0, and 2.21.x through 2.21.4, when -dsafe i... | | |
| CVE-2020-17354 | LilyPond before 2.24 allows attackers to bypass the -dsafe protection mechanism via output-def-looku... | E S | |
| CVE-2020-17355 | Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F ... | | |
| CVE-2020-17360 | An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-comm... | | |
| CVE-2020-17361 | An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-comm... | E | |
| CVE-2020-17362 | search.php in the Nova Lite theme before 1.3.9 for WordPress allows Reflected XSS.... | | |
| CVE-2020-17363 | USVN (aka User-friendly SVN) before 1.0.9 allows remote code execution via shell metacharacters in t... | E | |
| CVE-2020-17364 | USVN (aka User-friendly SVN) before 1.0.9 allows XSS via SVN logs.... | S | |
| CVE-2020-17365 | Improper directory permissions in the Hotspot Shield VPN client software for Windows 10.3.0 and earl... | | |
| CVE-2020-17366 | An issue was discovered in NLnet Labs Routinator 0.1.0 through 0.7.1. It allows remote attackers to ... | E | |
| CVE-2020-17367 | Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option, wh... | | |
| CVE-2020-17368 | Firejail through 0.9.62 mishandles shell metacharacters during use of the --output or --output-stder... | | |
| CVE-2020-17372 | SugarCRM before 10.1.0 (Q3 2020) allows XSS.... | E | |
| CVE-2020-17373 | SugarCRM before 10.1.0 (Q3 2020) allows SQL Injection.... | E | |
| CVE-2020-17376 | An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 2... | E S | |
| CVE-2020-17380 | A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. ... | S | |
| CVE-2020-17381 | An issue was discovered in Ghisler Total Commander 9.51. Due to insufficient access restrictions in ... | E | |
| CVE-2020-17382 | The MSI AmbientLink MsIo64 driver 1.0.0.8 has a Buffer Overflow (0x80102040, 0x80102044, 0x80102050,... | E | |
| CVE-2020-17383 | A directory traversal vulnerability on Telos Z/IP One devices through 4.0.0r grants an unauthenticat... | E S | |
| CVE-2020-17384 | Cellopoint CelloOS - Remote Command Execution (RCE) | S | |
| CVE-2020-17385 | Cellopoint CelloOS - Unauthenticated Arbitrary File Disclosure | S | |
| CVE-2020-17386 | Cellopoint CelloOS - Server-Side Request Forgery (SSRF) | S | |
| CVE-2020-17387 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ma... | | |
| CVE-2020-17388 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ma... | | |
| CVE-2020-17389 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ma... | | |
| CVE-2020-17390 | This vulnerability allows local attackers to escalate privileges on affected installations of Parall... | | |
| CVE-2020-17391 | This vulnerability allows local attackers to disclose information on affected installations of Paral... | | |
| CVE-2020-17392 | This vulnerability allows local attackers to escalate privileges on affected installations of Parall... | | |
| CVE-2020-17393 | This vulnerability allows local attackers to disclose information on affected installations of Paral... | | |
| CVE-2020-17394 | This vulnerability allows local attackers to disclose sensitive information on affected installation... | | |
| CVE-2020-17395 | This vulnerability allows local attackers to escalate privileges on affected installations of Parall... | | |
| CVE-2020-17396 | This vulnerability allows local attackers to escalate privileges on affected installations of Parall... | | |
| CVE-2020-17397 | This vulnerability allows local attackers to escalate privileges on affected installations of Parall... | | |
| CVE-2020-17398 | This vulnerability allows local attackers to disclose information on affected installations of Paral... | | |
| CVE-2020-17399 | This vulnerability allows local attackers to escalate privileges on affected installations of Parall... | | |
| CVE-2020-17400 | This vulnerability allows local attackers to escalate privileges on affected installations of Parall... | | |
| CVE-2020-17401 | This vulnerability allows local attackers to disclose sensitive informations on affected installatio... | | |
| CVE-2020-17402 | This vulnerability allows local attackers to disclose sensitive information on affected installation... | | |
| CVE-2020-17403 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17404 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17405 | This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installat... | | |
| CVE-2020-17406 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mi... | | |
| CVE-2020-17407 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Mi... | | |
| CVE-2020-17408 | This vulnerability allows remote attackers to disclose sensitive information on affected installatio... | S | |
| CVE-2020-17409 | This vulnerability allows network-adjacent attackers to disclose sensitive information on affected i... | S | |
| CVE-2020-17410 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17411 | This vulnerability allows remote attackers to disclose sensitive information on affected installatio... | | |
| CVE-2020-17412 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17413 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17414 | This vulnerability allows local attackers to escalate privileges on affected installations of Foxit ... | | |
| CVE-2020-17415 | This vulnerability allows local attackers to escalate privileges on affected installations of Foxit ... | | |
| CVE-2020-17416 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17417 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17418 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17419 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17420 | This vulnerability allows remote attackers to disclose sensitive information on affected installatio... | | |
| CVE-2020-17421 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17422 | This vulnerability allows remote attackers to disclose sensitive information on affected installatio... | | |
| CVE-2020-17423 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17424 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17425 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17426 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17427 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17428 | This vulnerability allows remote attackers to disclose sensitive information on affected installatio... | | |
| CVE-2020-17429 | This vulnerability allows remote attackers to disclose sensitive information on affected installatio... | | |
| CVE-2020-17430 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17431 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Fo... | | |
| CVE-2020-17432 | This vulnerability allows remote attackers to disclose sensitive information on affected installatio... | | |
| CVE-2020-17433 | This vulnerability allows remote attackers to disclose sensitive information on affected installatio... | | |
| CVE-2020-17434 | This vulnerability allows remote attackers to disclose sensitive information on affected installatio... | | |
| CVE-2020-17435 | This vulnerability allows remote attackers to disclose sensitive information on affected installatio... | | |
| CVE-2020-17436 | This vulnerability allows remote attackers to disclose sensitive information on affected installatio... | | |
| CVE-2020-17437 | An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. When the Urgent flag ... | S | |
| CVE-2020-17438 | An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassem... | | |
| CVE-2020-17439 | An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses ... | | |
| CVE-2020-17440 | An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that parses ... | | |
| CVE-2020-17441 | An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 headers does not validate... | | |
| CVE-2020-17442 | An issue was discovered in picoTCP 1.7.0. The code for parsing the hop-by-hop IPv6 extension headers... | | |
| CVE-2020-17443 | An issue was discovered in picoTCP 1.7.0. The code for creating an ICMPv6 echo replies doesn't check... | | |
| CVE-2020-17444 | An issue was discovered in picoTCP 1.7.0. The routine for processing the next header field (and dedu... | | |
| CVE-2020-17445 | An issue was discovered in picoTCP 1.7.0. The code for processing the IPv6 destination options does ... | | |
| CVE-2020-17446 | asyncpg before 0.21.0 allows a malicious PostgreSQL server to trigger a crash or execute arbitrary c... | S | |
| CVE-2020-17447 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-15139. Reason: This candidat... | R | |
| CVE-2020-17448 | Telegram Desktop through 2.1.13 allows a spoofed file type to bypass the Dangerous File Type Executi... | | |
| CVE-2020-17449 | PHP-Fusion 9.03 allows XSS via the error_log file.... | E | |
| CVE-2020-17450 | PHP-Fusion 9.03 allows XSS on the preview page.... | E | |
| CVE-2020-17451 | flatCore before 1.5.7 allows XSS by an admin via the acp/acp.php?tn=pages&sub=edit&editpage=1 page_l... | E | |
| CVE-2020-17452 | flatCore before 1.5.7 allows upload and execution of a .php file by an admin.... | E | |
| CVE-2020-17453 | WSO2 Management Console through 5.10 allows XSS via the carbon/admin/login.jsp msgId parameter.... | E | |
| CVE-2020-17454 | WSO2 API Manager 3.1.0 and earlier has reflected XSS on the "publisher" component's admin interface.... | | |
| CVE-2020-17456 | SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to t... | E | |
| CVE-2020-17457 | Fujitsu ServerView Suite iRMC before 9.62F allows XSS. An authenticated attacker can store an XSS pa... | S | |
| CVE-2020-17458 | A post-authenticated stored XSS was found in MultiUx v.3.1.12.0 via the /multiux/SaveMailbox LastNam... | | |
| CVE-2020-17462 | CMS Made Simple 2.2.14 allows Authenticated Arbitrary File Upload because the File Manager does not ... | E | |
| CVE-2020-17463 | FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /n... | KEV E | |
| CVE-2020-17464 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-17465 | Dashboards and progressiveProfileForms in ForgeRock Identity Manager before 7.0.0 are vulnerable to ... | | |
| CVE-2020-17466 | Turcom TRCwifiZone through 2020-08-10 allows authentication bypass by visiting manage/control.php an... | E | |
| CVE-2020-17467 | An issue was discovered in FNET through 4.6.4. The code for processing the hostname from an LLMNR re... | | |
| CVE-2020-17468 | An issue was discovered in FNET through 4.6.4. The code for processing the hop-by-hop header (in the... | | |
| CVE-2020-17469 | An issue was discovered in FNET through 4.6.4. The code for IPv6 fragment reassembly tries to access... | | |
| CVE-2020-17470 | An issue was discovered in FNET through 4.6.4. The code that initializes the DNS client interface st... | | |
| CVE-2020-17473 | Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723... | | |
| CVE-2020-17474 | A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 a... | E | |
| CVE-2020-17475 | Lack of authentication in the network relays used in MEGVII Koala 2.9.1-c3s allows attackers to gran... | | |
| CVE-2020-17476 | Mibew Messenger before 3.2.7 allows XSS via a crafted user name.... | S | |
| CVE-2020-17477 | Incorrect LDAP ACLs in ucs-school-ldap-acls-master in UCS@school before 4.4v5-errata allow remote te... | | |
| CVE-2020-17478 | ECDSA/EC/Point.pm in Crypt::Perl before 0.33 does not properly consider timing attacks against the E... | S | |
| CVE-2020-17479 | jpv (aka Json Pattern Validator) before 2.2.2 does not properly validate input, as demonstrated by a... | E S | |
| CVE-2020-17480 | TinyMCE before 4.9.7 and 5.x before 5.1.4 allows XSS in the core parser, the paste plugin, and the v... | E | |
| CVE-2020-17482 | An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with ... | | |
| CVE-2020-17483 | An improper access control vulnerability exists in Uffizio's GPS Tracker all versions that lead to s... | | |
| CVE-2020-17484 | An Open Redirection vulnerability exists in Uffizio's GPS Tracker all versions allows an attacker to... | | |
| CVE-2020-17485 | A Remote Code Execution vulnerability exist in Uffizio's GPS Tracker all versions. The web server ca... | | |
| CVE-2020-17487 | radare2 4.5.0 misparses signature information in PE files, causing a segmentation fault in r_x509_pa... | E | |
| CVE-2020-17489 | An issue was discovered in certain configurations of GNOME gnome-shell through 3.36.4. When logging ... | E S | |
| CVE-2020-17490 | The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.... | | |
| CVE-2020-17494 | Untangle Firewall NG before 16.0 uses MD5 for passwords.... | S | |
| CVE-2020-17495 | django-celery-results through 1.2.1 stores task results in the database. Among the data it stores ar... | | |
| CVE-2020-17496 | vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax... | KEV E S | |
| CVE-2020-17497 | eapol.c in iNet wireless daemon (IWD) through 1.8 allows attackers to trigger a PTK reinstallation b... | | |
| CVE-2020-17498 | In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/di... | E S | |
| CVE-2020-17500 | Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command I... | | |
| CVE-2020-17502 | Barco TransForm N before 3.8 allows Command Injection (issue 2 of 4). The NDN-210 has a web administ... | | |
| CVE-2020-17503 | The NDN-210 has a web administration panel which is made available over https. There is a command in... | | |
| CVE-2020-17504 | The NDN-210 has a web administration panel which is made available over https. There is a command in... | | |
| CVE-2020-17505 | Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the serv... | E | |
| CVE-2020-17506 | Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web bac... | E | |
| CVE-2020-17507 | An issue was discovered in Qt through 5.12.9, and 5.13.x through 5.15.x before 5.15.1. read_xbm_body... | S | |
| CVE-2020-17508 | The ATS ESI plugin has a memory disclosure vulnerability. If you are running the plugin please upgra... | | |
| CVE-2020-17509 | ATS negative cache option is vulnerable to a cache poisoning attack. If you have this option enabled... | | |
| CVE-2020-17510 | Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may... | | |
| CVE-2020-17511 | In Airflow versions prior to 1.10.13, when creating a user using airflow CLI, the password gets logg... | | |
| CVE-2020-17513 | In Apache Airflow versions prior to 1.10.13, the Charts and Query View of the old (Flask-admin based... | | |
| CVE-2020-17514 | disabled hostname verificiation | S | |
| CVE-2020-17515 | The "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit... | | |
| CVE-2020-17516 | Apache Cassandra versions 2.1.0 to 2.1.22, 2.2.0 to 2.2.19, 3.0.0 to 3.0.23, and 3.11.0 to 3.11.9, w... | | |
| CVE-2020-17517 | Ozone S3 Gateway allows bucket and key access to non authenticated users | M | |
| CVE-2020-17518 | Apache Flink directory traversal attack: remote file writing through the REST API | | |
| CVE-2020-17519 | Apache Flink directory traversal attack: reading remote files through the REST API | KEV E | |
| CVE-2020-17520 | In the Pulsar manager 0.1.0 version, malicious users will be able to bypass pulsar-manager's admin, ... | | |
| CVE-2020-17521 | Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this f... | S | |
| CVE-2020-17522 | When ORT (now via atstccfg) generates ip_allow.config files in Apache Traffic Control 3.0.0 to 3.1.0... | | |
| CVE-2020-17523 | Apache Shiro before 1.7.1, when using Apache Shiro with Spring, a specially crafted HTTP request may... | | |
| CVE-2020-17524 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-17525 | Remote unauthenticated denial-of-service in Subversion mod_authz_svn | E S | |
| CVE-2020-17526 | Incorrect Session Validation in Apache Airflow Webserver versions prior to 1.10.14 with default conf... | M | |
| CVE-2020-17527 | Apache Tomcat: Request header mix-up between HTTP/2 streams | S | |
| CVE-2020-17528 | Apache NuttX (incubating) Out of Bound Write from invalid TCP Urgent length | | |
| CVE-2020-17529 | Apache NuttX (incubating) Out of Bound Write from invalid fragmentation offset value specified in the IP header | | |
| CVE-2020-17530 | Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code ... | KEV S | |
| CVE-2020-17531 | Deserialization flaw in EOL Tapestry 4. | | |
| CVE-2020-17532 | Apache ServiceComb Yaml remote deserialization vulnerability | S | |
| CVE-2020-17533 | Apache Accumulo Improper Handling of Insufficient Permissions | M | |
| CVE-2020-17534 | There exists a race condition between the deletion of the temporary file and the creation of the tem... | | |
| CVE-2020-17535 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2020-17536 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2020-17537 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2020-17538 | A buffer overflow vulnerability in GetNumSameData() in contrib/lips4/gdevlips.c of Artifex Software ... | E | |
| CVE-2020-17541 | Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote ... | E S | |
| CVE-2020-17542 | Cross Site Scripting (XSS) in dotCMS v5.1.5 allows remote attackers to execute arbitrary code by inj... | E | |
| CVE-2020-17551 | ImpressCMS 1.4.0 is affected by XSS in modules/system/admin.php which may result in arbitrary remote... | E | |
| CVE-2020-17563 | Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a craf... | E | |
| CVE-2020-17564 | Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a craf... | E | |
| CVE-2020-17752 | Integer overflow vulnerability in payable function of a smart contract implementation for an Ethereu... | E | |
| CVE-2020-17753 | An issue was discovered in function addMeByRC in the smart contract implementation for RC, an Ethere... | E | |
| CVE-2020-17759 | An issue was found in the Evernote client for Windows 10, 7, and 2008 in the protocol handler. This ... | | |
| CVE-2020-17891 | TP-Link Archer C1200 firmware version 1.13 Build 2018/01/24 rel.52299 EU has a XSS vulnerability all... | E | |
| CVE-2020-17901 | Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers to change the password of a use... | E | |
| CVE-2020-17952 | A remote code execution (RCE) vulnerability in /library/think/App.php of Twothink v2.0 allows attack... | E | |
| CVE-2020-17999 | Cross Site Scripting (XSS) in MiniCMS v1.10 allows remote attackers to execute arbitrary code by inj... | E |