| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2020-6000 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2020-6001 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2020-6002 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2020-6003 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2020-6004 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2020-6005 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2020-6006 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a... | R | |
| CVE-2020-6007 | Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer ... | E | |
| CVE-2020-6008 | LifterLMS Wordpress plugin version below 3.37.15 is vulnerable to arbitrary file write leading to re... | | |
| CVE-2020-6009 | LearnDash Wordpress plugin version below 3.1.6 is vulnerable to Unauthenticated SQL Injection.... | | |
| CVE-2020-6010 | LearnPress Wordpress plugin version prior and including 3.2.6.7 is vulnerable to SQL Injection... | E | |
| CVE-2020-6012 | ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory with l... | | |
| CVE-2020-6013 | ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who alread... | | |
| CVE-2020-6014 | Check Point Endpoint Security Client for Windows, with Anti-Bot or Threat Emulation blades installed... | | |
| CVE-2020-6015 | Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean ins... | | |
| CVE-2020-6016 | Valve's Game Networking Sockets prior to version v1.2.0 improperly handles unreliable segments with ... | E S | |
| CVE-2020-6017 | Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long unreliable segments ... | E S | |
| CVE-2020-6018 | Valve's Game Networking Sockets prior to version v1.2.0 improperly handles long encrypted messages i... | E S | |
| CVE-2020-6019 | Valve's Game Networking Sockets prior to version v1.2.0 improperly handles inlined statistics messag... | E S | |
| CVE-2020-6020 | Check Point Security Management's Internal CA web management before Jumbo HFAs R80.10 Take 278, R80.... | | |
| CVE-2020-6021 | Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the di... | | |
| CVE-2020-6022 | Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to delete arbitrary files w... | | |
| CVE-2020-6023 | Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges whil... | | |
| CVE-2020-6024 | Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 b... | | |
| CVE-2020-6058 | An exploitable out-of-bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incom... | E | |
| CVE-2020-6059 | An exploitable out of bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incom... | E | |
| CVE-2020-6060 | A stack buffer overflow vulnerability exists in the way MiniSNMPD version 1.4 handles multiple conne... | E | |
| CVE-2020-6061 | An exploitable heap out-of-bounds read vulnerability exists in the way CoTURN 4.5.1.1 web server par... | E | |
| CVE-2020-6062 | An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses PO... | E | |
| CVE-2020-6063 | An exploitable out-of-bounds write vulnerability exists in the uncompress_scan_line function of the ... | E | |
| CVE-2020-6064 | An exploitable out-of-bounds write vulnerability exists in the uncompress_scan_line function of the ... | E | |
| CVE-2020-6065 | An exploitable out-of-bounds write vulnerability exists in the bmp_parsing function of the igcore19d... | E | |
| CVE-2020-6066 | An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG SOFx parser of the... | E | |
| CVE-2020-6067 | An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll TIFF tifread parser of ... | E | |
| CVE-2020-6068 | An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll PNG pngread parser of t... | E | |
| CVE-2020-6069 | An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG jpegread precision... | E | |
| CVE-2020-6070 | An exploitable code execution vulnerability exists in the file system checking functionality of fsck... | E | |
| CVE-2020-6071 | An exploitable denial-of-service vulnerability exists in the resource record-parsing functionality o... | E | |
| CVE-2020-6072 | An exploitable code execution vulnerability exists in the label-parsing functionality of Videolabs l... | E | |
| CVE-2020-6073 | An exploitable denial-of-service vulnerability exists in the TXT record-parsing functionality of Vid... | E | |
| CVE-2020-6074 | An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155. A spec... | E | |
| CVE-2020-6075 | An exploitable out-of-bounds write vulnerability exists in the store_data_buffer function of the igc... | E | |
| CVE-2020-6076 | An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll ICO icoread parser of t... | E | |
| CVE-2020-6077 | An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videol... | E | |
| CVE-2020-6078 | An exploitable denial-of-service vulnerability exists in the message-parsing functionality of Videol... | E | |
| CVE-2020-6079 | An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videola... | E | |
| CVE-2020-6080 | An exploitable denial-of-service vulnerability exists in the resource allocation handling of Videola... | E | |
| CVE-2020-6081 | An exploitable code execution vulnerability exists in the PLC_Task functionality of 3S-Smart Softwar... | E | |
| CVE-2020-6082 | An exploitable out-of-bounds write vulnerability exists in the ico_read function of the igcore19d.dl... | E | |
| CVE-2020-6083 | An exploitable denial of service vulnerability exists in the ENIP Request Path Port Segment function... | E | |
| CVE-2020-6084 | An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment funct... | E | |
| CVE-2020-6085 | An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment funct... | E | |
| CVE-2020-6086 | An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment function... | E | |
| CVE-2020-6087 | An exploitable denial of service vulnerability exists in the ENIP Request Path Data Segment function... | E | |
| CVE-2020-6088 | An exploitable denial of service vulnerability exists in the ENIP Request Path Network Segment funct... | E | |
| CVE-2020-6089 | An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20. A ... | E | |
| CVE-2020-6090 | An exploitable code execution vulnerability exists in the Web-Based Management (WBM) functionality o... | | |
| CVE-2020-6091 | An exploitable authentication bypass vulnerability exists in the ESPON Web Control functionality of ... | | |
| CVE-2020-6092 | An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern ob... | E | |
| CVE-2020-6093 | An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML ... | E | |
| CVE-2020-6094 | An exploitable code execution vulnerability exists in the TIFF fillinraster function of the igcore19... | E | |
| CVE-2020-6095 | An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/... | E S | |
| CVE-2020-6096 | An exploitable signed comparison vulnerability exists in the ARMv7 memcpy() implementation of GNU gl... | | |
| CVE-2020-6097 | An exploitable denial of service vulnerability exists in the atftpd daemon functionality of atftp 0.... | E | |
| CVE-2020-6098 | An exploitable denial of service vulnerability exists in the freeDiameter functionality of freeDiame... | E | |
| CVE-2020-6099 | An exploitable code execution vulnerability exists in the file format parsing functionality of Graph... | E | |
| CVE-2020-6100 | An exploitable memory corruption vulnerability exists in AMD atidxx64.dll 26.20.15019.19000 graphics... | E | |
| CVE-2020-6101 | An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX... | E | |
| CVE-2020-6102 | An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX... | E | |
| CVE-2020-6103 | An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX... | E | |
| CVE-2020-6104 | An exploitable information disclosure vulnerability exists in the get_dnode_of_data functionality of... | E | |
| CVE-2020-6105 | An exploitable code execution vulnerability exists in the multiple devices functionality of F2fs-Too... | E | |
| CVE-2020-6106 | An exploitable information disclosure vulnerability exists in the init_node_manager functionality of... | E | |
| CVE-2020-6107 | An exploitable information disclosure vulnerability exists in the dev_read functionality of F2fs-Too... | E | |
| CVE-2020-6108 | An exploitable code execution vulnerability exists in the fsck_chk_orphan_node functionality of F2fs... | E | |
| CVE-2020-6109 | An exploitable path traversal vulnerability exists in the Zoom client, version 4.6.10 processes mess... | E | |
| CVE-2020-6110 | An exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 pro... | E | |
| CVE-2020-6111 | An exploitable denial-of-service vulnerability exists in the IPv4 functionality of Allen-Bradley Mic... | | |
| CVE-2020-6112 | An exploitable code execution vulnerability exists in the JPEG2000 Stripe Decoding functionality of ... | E | |
| CVE-2020-6113 | An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, In... | E | |
| CVE-2020-6114 | An exploitable SQL injection vulnerability exists in the Admin Reports functionality of Glacies IceH... | E | |
| CVE-2020-6115 | An exploitable vulnerability exists in the cross-reference table repairing functionality of Nitro So... | E | |
| CVE-2020-6116 | An arbitrary code execution vulnerability exists in the rendering functionality of Nitro Software, I... | E | |
| CVE-2020-6117 | SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The ... | E | |
| CVE-2020-6118 | SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The ... | E | |
| CVE-2020-6119 | SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The ... | E | |
| CVE-2020-6120 | SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The f... | E | |
| CVE-2020-6121 | SQL injection vulnerabilities exist in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The ... | E | |
| CVE-2020-6122 | SQL injection vulnerability exists in the CheckDuplicateStudent.php page of OS4Ed openSIS 7.3. The m... | E | |
| CVE-2020-6123 | An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed open... | E | |
| CVE-2020-6124 | An exploitable sql injection vulnerability exists in the email parameter functionality of OS4Ed open... | E | |
| CVE-2020-6125 | An exploitable SQL injection vulnerability exists in the GetSchool.php functionality of OS4Ed openSI... | E | |
| CVE-2020-6126 | SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. The cours... | E | |
| CVE-2020-6127 | SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. The id pa... | E | |
| CVE-2020-6128 | SQL injection vulnerability exists in the CoursePeriodModal.php page of OS4Ed openSIS 7.3. A special... | E | |
| CVE-2020-6129 | SQL injection vulnerabilities exist in the course_period_id parameters used in OS4Ed openSIS 7.3 pag... | E | |
| CVE-2020-6130 | SQL injection vulnerabilities exist in the course_period_id parameters used in OS4Ed openSIS 7.3 pag... | E | |
| CVE-2020-6131 | SQL injection vulnerabilities exist in the course_period_id parameters used in OS4Ed openSIS 7.3 pag... | E | |
| CVE-2020-6132 | SQL injection vulnerability exists in the ID parameters of OS4Ed openSIS 7.3 pages. The id parameter... | E | |
| CVE-2020-6133 | SQL injection vulnerabilities exist in the ID parameters of OS4Ed openSIS 7.3 pages. The id paramete... | E | |
| CVE-2020-6134 | SQL injection vulnerabilities exist in the ID parameters of OS4Ed openSIS 7.3 pages. The id paramete... | E | |
| CVE-2020-6135 | An exploitable SQL injection vulnerability exists in the Validator.php functionality of OS4Ed openSI... | E | |
| CVE-2020-6136 | An exploitable SQL injection vulnerability exists in the DownloadWindow.php functionality of OS4Ed o... | E | |
| CVE-2020-6137 | SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The pas... | E | |
| CVE-2020-6138 | SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The una... | E | |
| CVE-2020-6139 | SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The use... | E | |
| CVE-2020-6140 | SQL injection vulnerability exists in the password reset functionality of OS4Ed openSIS 7.3. The pas... | E | |
| CVE-2020-6141 | An exploitable SQL injection vulnerability exists in the login functionality of OS4Ed openSIS 7.3. A... | E | |
| CVE-2020-6142 | A remote code execution vulnerability exists in the Modules.php functionality of OS4Ed openSIS 7.3. ... | E | |
| CVE-2020-6143 | A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The ... | E | |
| CVE-2020-6144 | A remote code execution vulnerability exists in the install functionality of OS4Ed openSIS 7.4. The ... | E | |
| CVE-2020-6145 | An SQL injection vulnerability exists in the frappe.desk.reportview.get functionality of ERPNext 11.... | E | |
| CVE-2020-6146 | An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13... | E | |
| CVE-2020-6147 | A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sect... | E | |
| CVE-2020-6148 | A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sect... | E | |
| CVE-2020-6149 | A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sect... | E | |
| CVE-2020-6150 | A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software USDC file format SPECS... | E | |
| CVE-2020-6151 | A memory corruption vulnerability exists in the TIFF handle_COMPRESSION_PACKBITS functionality of Ac... | | |
| CVE-2020-6152 | A code execution vulnerability exists in the DICOM parse_dicom_meta_info functionality of Accusoft I... | E | |
| CVE-2020-6153 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-6155 | A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep a... | E | |
| CVE-2020-6156 | A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sect... | E | |
| CVE-2020-6157 | Opera Touch for iOS before version 2.4.5 is vulnerable to an address bar spoofing attack. The vulner... | | |
| CVE-2020-6158 | Opera Mini for Android before version 52.2 is vulnerable to an address bar spoofing attack. The vuln... | | |
| CVE-2020-6159 | URLs using “javascript:” have the protocol removed when pasted into the address bar to protect users... | | |
| CVE-2020-6162 | An issue was discovered in Bftpd 5.3. Under certain circumstances, an out-of-bounds read is triggere... | | |
| CVE-2020-6163 | The WikibaseMediaInfo extension 1.35 for MediaWiki allows XSS because of improper template syntax wi... | S | |
| CVE-2020-6164 | In SilverStripe through 4.5.0, a specific URL path configured by default through the silverstripe/fr... | | |
| CVE-2020-6165 | SilverStripe 4.5.0 allows attackers to read certain records that should not have been placed into a ... | | |
| CVE-2020-6166 | A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.15, allows authenti... | E | |
| CVE-2020-6167 | A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows a CSRF a... | E | |
| CVE-2020-6168 | A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows authenti... | E | |
| CVE-2020-6170 | An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P4410-V2 1.28 devices allows at... | E | |
| CVE-2020-6171 | A cross-site scripting (XSS) vulnerability in the index page of the CLink Office 2.0 management cons... | E | |
| CVE-2020-6173 | TUF (aka The Update Framework) 0.7.2 through 0.12.1 allows Uncontrolled Resource Consumption.... | E S | |
| CVE-2020-6174 | TUF (aka The Update Framework) through 0.12.1 has Improper Verification of a Cryptographic Signature... | S | |
| CVE-2020-6175 | Citrix SD-WAN 10.2.x before 10.2.6 and 11.0.x before 11.0.3 has Missing SSL Certificate Validation.... | | |
| CVE-2020-6177 | SAP Mobile Platform, version 3.0, does not sufficiently validate an XML document accepted from an un... | | |
| CVE-2020-6178 | SAP Enable Now, before version 1911, sends the Session ID cookie value in URL. This might be stolen ... | | |
| CVE-2020-6181 | Under some circumstances the SAML SSO implementation in the SAP NetWeaver (SAP_BASIS versions 702, 7... | | |
| CVE-2020-6183 | SAP Host Agent, version 7.21, allows an unprivileged user to read the shared memory or write to the ... | | |
| CVE-2020-6184 | Under certain conditions, ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/... | | |
| CVE-2020-6185 | Under certain conditions ABAP Online Community in SAP NetWeaver (SAP_BASIS version 7.40) and SAP S/4... | | |
| CVE-2020-6186 | SAP Host Agent, version 7.21, allows an attacker to cause a slowdown in processing of username/passw... | | |
| CVE-2020-6187 | SAP NetWeaver (Guided Procedures), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not suffi... | | |
| CVE-2020-6188 | VAT Pro-Rata reports in SAP ERP (SAP_APPL versions 600, 602, 603, 604, 605, 606, 616 and SAP_FIN ver... | | |
| CVE-2020-6189 | Certain settings page(s) in SAP Business Objects Business Intelligence Platform (CMC), version 4.2, ... | | |
| CVE-2020-6190 | Certain vulnerable endpoints in SAP NetWeaver AS Java (Heap Dump Application), versions 7.30, 7.31, ... | | |
| CVE-2020-6191 | SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious... | | |
| CVE-2020-6192 | SAP Landscape Management, version 3.0, allows an attacker with admin privileges to execute malicious... | | |
| CVE-2020-6193 | SAP NetWeaver (Knowledge Management ICE Service), versions 7.30, 7.31, 7.40, 7.50, allows an unauthe... | | |
| CVE-2020-6195 | SAP Business Objects Business Intelligence Platform (CMC), version 4.1, 4.2, shows cleartext passwor... | | |
| CVE-2020-6196 | SAP BusinessObjects Mobile (MobileBIService), version 4.2, allows an attacker to generate multiple r... | | |
| CVE-2020-6197 | SAP Enable Now, before version 1908, does not invalidate session tokens in a timely manner. The Insu... | | |
| CVE-2020-6198 | SAP Solution Manager (Diagnostics Agent), version 720, allows unencrypted connections from unauthent... | | |
| CVE-2020-6199 | The view FIMENAV_COMPCERT in SAP ERP (MENA Certificate Management), EAPPGLO version 607, SAP_FIN ver... | | |
| CVE-2020-6200 | The SAP Commerce (SmartEdit Extension), versions- 6.6, 6.7, 1808, 1811, is vulnerable to client-side... | | |
| CVE-2020-6201 | The SAP Commerce (Testweb Extension), versions- 6.6, 6.7, 1808, 1811, 1905, does not sufficiently en... | | |
| CVE-2020-6202 | SAP NetWeaver Application Server Java (User Management Engine), versions- 7.10, 7.11, 7.20, 7.30, 7.... | | |
| CVE-2020-6203 | SAP NetWeaver UDDI Server (Services Registry), versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; a... | | |
| CVE-2020-6204 | The selection query in SAP Treasury and Risk Management (Transaction Management) (EA-FINSERV?version... | | |
| CVE-2020-6205 | SAP NetWeaver AS ABAP Business Server Pages (Smart Forms), SAP_BASIS versions- 7.00, 7.01, 7.02, 7.1... | | |
| CVE-2020-6206 | SAP Cloud Platform Integration for Data Services, version 1.0, allows user inputs to be reflected as... | | |
| CVE-2020-6207 | SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check... | KEV E | |
| CVE-2020-6208 | SAP Business Objects Business Intelligence Platform (Crystal Reports), versions- 4.1, 4.2, allows an... | | |
| CVE-2020-6209 | SAP Disclosure Management, version 10.1, does not perform necessary authorization checks for an auth... | | |
| CVE-2020-6210 | SAP Fiori Launchpad, versions- 753, 754, does not sufficiently encode user-controlled inputs, and he... | | |
| CVE-2020-6211 | SAP Business Objects Business Intelligence Platform (AdminTools), versions 4.1, 4.2, allows an attac... | | |
| CVE-2020-6212 | Egypt localized withholding tax reports Clearing of Liabilities and Remittance Statement and Summary... | | |
| CVE-2020-6213 | SAP NetWeaver AS ABAP Business Server Pages Test Application SBSPEXT_PHTMLB, versions 700, 701, 702,... | | |
| CVE-2020-6214 | SAP S/4HANA (Financial Products Subledger), version 100, uses an incorrect authorization object in s... | | |
| CVE-2020-6215 | SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731,... | | |
| CVE-2020-6216 | SAP Business Objects Business Intelligence Platform (BI Launchpad), version 4.2, does not sufficient... | | |
| CVE-2020-6217 | SAP NetWeaver AS ABAP Business Server Pages Test Application IT00, versions 700, 701, 702, 730, 731,... | | |
| CVE-2020-6218 | Admin tools and Query Builder in SAP Business Objects Business Intelligence Platform, versions 4.1, ... | | |
| CVE-2020-6219 | SAP Business Objects Business Intelligence Platform (CrystalReports WebForm Viewer), versions 4.1, 4... | | |
| CVE-2020-6220 | BI Launchpad and CMC in SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, does... | | |
| CVE-2020-6221 | Web Intelligence HTML interface in SAP Business Objects Business Intelligence Platform, versions 4.1... | | |
| CVE-2020-6222 | SAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface), versions 4.1,... | | |
| CVE-2020-6223 | The open document of SAP Business Objects Business Intelligence Platform, versions 4.1, 4.2, allows ... | | |
| CVE-2020-6224 | SAP NetWeaver AS Java (HTTP Service), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, allows an a... | | |
| CVE-2020-6225 | SAP NetWeaver (Knowledge Management), versions (KMC-CM - 7.00, 7.01, 7.02, 7.30, 7.31, 7.40, 7.50 an... | | |
| CVE-2020-6226 | SAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface), version 4.2, ... | | |
| CVE-2020-6227 | SAP Business Objects Business Intelligence Platform (CMS / Auditing issues), version 4.2, allows att... | | |
| CVE-2020-6228 | SAP Business Client, versions 6.5, 7.0, does not perform necessary integrity checks which could be e... | | |
| CVE-2020-6229 | SAP NetWeaver AS ABAP (Business Server Pages application CRM_BSP_FRAME), versions 700, 701, 702, 710... | | |
| CVE-2020-6230 | SAP OrientDB, version 3.0, allows an authenticated attacker with script execute/write permissions to... | | |
| CVE-2020-6231 | SAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface), version 4.2, ... | | |
| CVE-2020-6232 | SAP Commerce, versions 1811, 1905, does not perform necessary authorization checks for an anonymous ... | | |
| CVE-2020-6233 | SAP S/4 HANA (Financial Products Subledger and Banking Services), versions - FSAPPL 400, 450, 500 an... | | |
| CVE-2020-6234 | SAP Host Agent, version 7.21, allows an attacker with admin privileges to use the operation framewor... | | |
| CVE-2020-6235 | SAP Solution Manager (Diagnostics Agent), version 7.2, does not perform the authentication check for... | | |
| CVE-2020-6236 | SAP Landscape Management, version 3.0, and SAP Adaptive Extensions, version 1.0, allows an attacker ... | | |
| CVE-2020-6237 | Under certain conditions, SAP Business Objects Business Intelligence Platform, version 4.1, 4.2, dsw... | | |
| CVE-2020-6238 | SAP Commerce, versions - 6.6, 6.7, 1808, 1811, 1905, does not process XML input securely in the Rest... | | |
| CVE-2020-6239 | Under certain conditions SAP Business One (Backup service), versions 9.3, 10.0, allows an attacker w... | | |
| CVE-2020-6240 | SAP NetWeaver AS ABAP (Web Dynpro ABAP), versions (SAP_UI 750, 752, 753, 754 and SAP_BASIS 700, 710,... | | |
| CVE-2020-6241 | SAP Adaptive Server Enterprise, version 16.0, allows an authenticated user to execute crafted databa... | | |
| CVE-2020-6242 | SAP Business Objects Business Intelligence Platform (Live Data Connect), versions 1.0, 2.0, 2.1, 2.2... | | |
| CVE-2020-6243 | Under certain conditions, SAP Adaptive Server Enterprise (XP Server on Windows Platform), versions 1... | | |
| CVE-2020-6244 | SAP Business Client, version 7.0, allows an attacker after a successful social engineering attack to... | | |
| CVE-2020-6245 | SAP Business Objects Business Intelligence Platform, version 4.2, allows an attacker with access to ... | | |
| CVE-2020-6246 | SAP NetWeaver AS ABAP Business Server Pages Test Application SBSPEXT_TABLE, versions 700, 701, 702, ... | | |
| CVE-2020-6247 | SAP Business Objects Business Intelligence Platform, version 4.2, allows an unauthenticated attacker... | | |
| CVE-2020-6248 | SAP Adaptive Server Enterprise (Backup Server), version 16.0, does not perform the necessary validat... | | |
| CVE-2020-6249 | The use of an admin backend report within SAP Master Data Governance, versions - S4CORE 101, S4FND 1... | | |
| CVE-2020-6250 | SAP Adaptive Server Enterprise, version 16.0, allows an authenticated attacker to exploit certain mi... | | |
| CVE-2020-6251 | Under certain conditions or error scenarios SAP Business Objects Business Intelligence Platform, ver... | | |
| CVE-2020-6252 | Under certain conditions SAP Adaptive Server Enterprise (Cockpit), version 16.0, allows an attacker ... | | |
| CVE-2020-6253 | Under certain conditions, SAP Adaptive Server Enterprise (Web Services), versions 15.7, 16.0, allows... | | |
| CVE-2020-6254 | SAP Enterprise Threat Detection, versions 1.0, 2.0, does not sufficiently encode error response page... | | |
| CVE-2020-6256 | SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 801, 802, 803, 804, allows user... | | |
| CVE-2020-6257 | SAP Business Objects Business Intelligence Platform (CMC and BI Launchpad) 4.2 does not sufficiently... | | |
| CVE-2020-6258 | SAP Identity Management, version 8.0, does not perform necessary authorization checks for an authent... | | |
| CVE-2020-6259 | Under certain conditions SAP Adaptive Server Enterprise, versions 15.7, 16.0, allows an attacker to ... | | |
| CVE-2020-6260 | SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to inject superflous data th... | | |
| CVE-2020-6261 | SAP Solution Manager (Trace Analysis), version 7.20, allows an attacker to perform a log injection i... | | |
| CVE-2020-6262 | Service Data Download in SAP Application Server ABAP (ST-PI, before versions 2008_1_46C, 2008_1_620,... | | |
| CVE-2020-6263 | Standalone clients connecting to SAP NetWeaver AS Java via P4 Protocol, versions (SAP-JEECOR 7.00, 7... | | |
| CVE-2020-6264 | SAP Commerce, versions - 6.7, 1808, 1811, 1905, may allow an attacker to access information under ce... | | |
| CVE-2020-6265 | SAP Commerce, versions - 6.7, 1808, 1811, 1905, and SAP Commerce (Data Hub), versions - 6.7, 1808, 1... | | |
| CVE-2020-6266 | SAP Fiori for SAP S/4HANA, versions - 100, 200, 300, 400, allows an attacker to redirect users to a ... | | |
| CVE-2020-6267 | Some sensitive cookies in SAP Disclosure Management, version 10.1, are missing HttpOnly flag, leadin... | | |
| CVE-2020-6268 | Statutory Reporting for Insurance Companies in SAP ERP (EA-FINSERV versions - 600, 603, 604, 605, 60... | | |
| CVE-2020-6269 | Under certain conditions SAP Business Objects Business Intelligence Platform, version 4.2, allows an... | | |
| CVE-2020-6270 | SAP NetWeaver AS ABAP (Banking Services), versions - 710, 711, 740, 750, 751, 752, 75A, 75B, 75C, 75... | | |
| CVE-2020-6271 | SAP Solution Manager (Problem Context Manager), version 7.2, does not perform the necessary authenti... | | |
| CVE-2020-6272 | SAP Commerce Cloud versions - 1808, 1811, 1905, 2005, does not sufficiently encode user inputs, whic... | | |
| CVE-2020-6273 | SAP S/4 HANA (Fiori UI for General Ledger Accounting), versions 103, 104, does not perform necessary... | | |
| CVE-2020-6275 | SAP Netweaver AS ABAP, versions 700, 701, 702, 710, 711, 730, 731, 740, 750, 751, 752, 753, 754, are... | | |
| CVE-2020-6276 | SAP Business Objects Business Intelligence Platform (bipodata), version 4.2, does not sufficiently e... | | |
| CVE-2020-6278 | SAP Business Objects Business Intelligence Platform (BI Launchpad and CMC), versions 4.1, 4.2, allow... | | |
| CVE-2020-6279 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-6280 | SAP NetWeaver (ABAP Server) and ABAP Platform, versions 731, 740, 750, allows an attacker with admin... | | |
| CVE-2020-6281 | SAP Business Objects Business Intelligence Platform (BI Launchpad), version 4.2, does not sufficient... | | |
| CVE-2020-6282 | SAP NetWeaver AS JAVA (IIOP service) (SERVERCORE), versions 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50... | | |
| CVE-2020-6283 | SAP Fiori Launchpad does not sufficiently encode user controlled inputs, and hence allowing the atta... | | |
| CVE-2020-6284 | SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows the automatic execut... | | |
| CVE-2020-6285 | SAP NetWeaver - XML Toolkit for JAVA (ENGINEAPI) (versions- 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50... | | |
| CVE-2020-6286 | The insufficient input path validation of certain parameter in the web service of SAP NetWeaver AS J... | | |
| CVE-2020-6287 | SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform... | KEV | |
| CVE-2020-6288 | SAP Business Objects Business Intelligence Platform (Web Intelligence HTML interface) allows an atta... | | |
| CVE-2020-6289 | SAP Disclosure Management, version 10.1, had insufficient protection against Cross-Site Request Forg... | | |
| CVE-2020-6290 | SAP Disclosure Management, version 10.1, is vulnerable to Session Fixation attacks wherein the attac... | | |
| CVE-2020-6291 | SAP Disclosure Management, version 10.1, session mechanism does not have expiration data set therefo... | | |
| CVE-2020-6292 | Logout mechanism in SAP Disclosure Management, version 10.1, does not invalidate one of the session ... | | |
| CVE-2020-6293 | SAP NetWeaver (Knowledge Management), versions - 7.30, 7.31, 7.40, 7.50, allows an unauthenticated a... | | |
| CVE-2020-6294 | Xvfb of SAP Business Objects Business Intelligence Platform, versions - 4.2, 4.3, platform on Unix d... | | |
| CVE-2020-6295 | Under certain conditions the SAP Adaptive Server Enterprise, version 16.0, allows an attacker to acc... | | |
| CVE-2020-6296 | SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 700, 701, 702, 710, 711, 730, 731, 740, 75... | | |
| CVE-2020-6297 | Under certain conditions the upgrade of SAP Data Hub 2.7 to SAP Data Intelligence, version - 3.0, al... | | |
| CVE-2020-6298 | SAP Banking Services (Generic Market Data), versions - 400, 450, 500, allows an unauthorized user to... | | |
| CVE-2020-6299 | SAP NetWeaver (ABAP Server) and ABAP Platform, versions - 740, 750, 751, 752, 753, 754, 755, allows ... | | |
| CVE-2020-6300 | SAP Business Objects Business Intelligence Platform (Central Management Console), versions- 4.2, 4.3... | | |
| CVE-2020-6301 | SAP ERP (HCM Travel Management), versions - 600, 602, 603, 604, 605, 606, 607, 608, allows an authen... | | |
| CVE-2020-6302 | SAP Commerce versions 6.7, 1808, 1811, 1905, 2005 contains the jSession ID in the backoffice URL whe... | | |
| CVE-2020-6303 | SAP Disclosure Management, before version 10.1, does not validate user input properly in specific us... | | |
| CVE-2020-6304 | Improper input validation in SAP NetWeaver Internet Communication Manager (update provided in KRNL32... | | |
| CVE-2020-6305 | PI Rest Adapter of SAP Process Integration (update provided in SAP_XIAF 7.31, 7.40, 7.50) does not s... | | |
| CVE-2020-6306 | Missing authorization check in a transaction within SAP Leasing (update provided in SAP_APPL 6.18, E... | | |
| CVE-2020-6307 | Automated Note Search Tool (update provided in SAP Basis 7.0, 7.01, 7.02, 7.31, 7.4, 7.5, 7.51, 7.52... | | |
| CVE-2020-6308 | SAP BusinessObjects Business Intelligence Platform (Web Services) versions - 410, 420, 430, allows a... | | |
| CVE-2020-6309 | SAP NetWeaver AS JAVA, versions - (ENGINEAPI 7.10; WSRM 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50; J2... | | |
| CVE-2020-6310 | Improper access control in SOA Configuration Trace component in SAP NetWeaver (ABAP Server) and ABAP... | | |
| CVE-2020-6311 | Banking services from SAP 9.0 (Bank Analyzer), version - 500, and SAP S/4HANA for financial products... | | |
| CVE-2020-6312 | SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface), versions - 4.1... | | |
| CVE-2020-6313 | SAP NetWeaver Application Server JAVA(XML Forms) versions 7.30, 7.31, 7.40, 7.50 does not sufficient... | | |
| CVE-2020-6314 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received f... | | |
| CVE-2020-6315 | SAP 3D Visual Enterprise Viewer, version 9, allows an attacker to send certain manipulated file to t... | | |
| CVE-2020-6316 | SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has... | | |
| CVE-2020-6317 | In certain situations, an attacker with regular user credentials and local access to an ASE cockpit ... | | |
| CVE-2020-6318 | A Remote Code Execution vulnerability exists in the SAP NetWeaver (ABAP Server, up to release 7.40) ... | E | |
| CVE-2020-6319 | SAP NetWeaver Application Server Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, and 7.50 allow... | | |
| CVE-2020-6320 | SAP Marketing (Servlet), version-130,140,150, allows an authenticated attacker to invoke certain fun... | | |
| CVE-2020-6321 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated U3D file received fr... | | |
| CVE-2020-6322 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated 3DM file received fr... | | |
| CVE-2020-6323 | SAP NetWeaver Enterprise Portal (Fiori Framework Page) versions - 7.50, 7.31, 7.40, does not suffici... | | |
| CVE-2020-6324 | SAP Netweaver AS ABAP(BSP Test Application sbspext_table), version-700,701,720,730,731,740,750,751,7... | | |
| CVE-2020-6326 | SAP NetWeaver (Knowledge Management), version-7.30,7.31,7.40,7.50, allows an authenticated attacker ... | | |
| CVE-2020-6327 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated 3DM file received fr... | | |
| CVE-2020-6328 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated CGM file received fr... | | |
| CVE-2020-6329 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received fr... | | |
| CVE-2020-6330 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated 3DM file received fr... | | |
| CVE-2020-6331 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received f... | | |
| CVE-2020-6332 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received f... | | |
| CVE-2020-6333 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated 3DM file received fr... | | |
| CVE-2020-6334 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received fr... | | |
| CVE-2020-6335 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HPGL file received f... | | |
| CVE-2020-6336 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received fr... | | |
| CVE-2020-6337 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HDR file received fr... | | |
| CVE-2020-6338 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated RH file received fro... | | |
| CVE-2020-6339 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received fr... | | |
| CVE-2020-6340 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PCX file received fr... | | |
| CVE-2020-6341 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated EPS file received fr... | | |
| CVE-2020-6342 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated U3D file received fr... | | |
| CVE-2020-6343 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated EPS file received fr... | | |
| CVE-2020-6344 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received fr... | | |
| CVE-2020-6345 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TGA file received fr... | | |
| CVE-2020-6346 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received fr... | | |
| CVE-2020-6347 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated HDR file received fr... | | |
| CVE-2020-6348 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated GIF file received fr... | | |
| CVE-2020-6349 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated GIF file received fr... | | |
| CVE-2020-6350 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received fr... | | |
| CVE-2020-6351 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FBX file received fr... | | |
| CVE-2020-6352 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FBX file received fr... | | |
| CVE-2020-6353 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received fr... | | |
| CVE-2020-6354 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated SKP file received fr... | | |
| CVE-2020-6355 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TGA file received fr... | | |
| CVE-2020-6356 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated BMP file received fr... | | |
| CVE-2020-6357 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated U3D file received fr... | | |
| CVE-2020-6358 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated FBX file received fr... | | |
| CVE-2020-6359 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PLT file received fr... | | |
| CVE-2020-6360 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated DIB file received fr... | | |
| CVE-2020-6361 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated RLE files received f... | | |
| CVE-2020-6362 | SAP Banking Services version 500, use an incorrect authorization object in some of its reports. Alth... | | |
| CVE-2020-6363 | SAP Commerce Cloud, versions - 1808, 1811, 1905, 2005, exposes several web applications that maintai... | | |
| CVE-2020-6364 | SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, ... | | |
| CVE-2020-6365 | SAP NetWeaver AS Java, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, Start Page allows an una... | | |
| CVE-2020-6366 | SAP NetWeaver (Compare Systems) versions - 7.20, 7.30, 7.40, 7.50, does not sufficiently validate up... | | |
| CVE-2020-6367 | There is a reflected cross site scripting vulnerability in SAP NetWeaver Composite Application Frame... | | |
| CVE-2020-6368 | SAP Business Planning and Consolidation, versions - 750, 751, 752, 753, 754, 755, 810, 100, 200, can... | | |
| CVE-2020-6369 | SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, ... | | |
| CVE-2020-6370 | SAP NetWeaver Design Time Repository (DTR), versions - 7.11, 7.30, 7.31, 7.40, 7.50, does not suffic... | | |
| CVE-2020-6371 | User enumeration vulnerability can be exploited to get a list of user accounts and personal user inf... | | |
| CVE-2020-6372 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received fr... | | |
| CVE-2020-6373 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated PDF file received fr... | | |
| CVE-2020-6374 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated Jupiter Tessallation... | | |
| CVE-2020-6375 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated Right Computer Graph... | | |
| CVE-2020-6376 | SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated Right Hemisphere Bin... | | |
| CVE-2020-6377 | Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potenti... | E S | |
| CVE-2020-6378 | Use after free in speech in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potent... | E S | |
| CVE-2020-6379 | Use after free in V8 in Google Chrome prior to 79.0.3945.130 allowed a remote attacker to potentiall... | | |
| CVE-2020-6380 | Insufficient policy enforcement in extensions in Google Chrome prior to 79.0.3945.130 allowed a remo... | | |
| CVE-2020-6381 | Integer overflow in JavaScript in Google Chrome on ChromeOS and Android prior to 80.0.3987.87 allowe... | E S | |
| CVE-2020-6382 | Type confusion in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to pot... | E S | |
| CVE-2020-6383 | Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentiall... | E S | |
| CVE-2020-6384 | Use after free in WebAudio in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to pote... | E S | |
| CVE-2020-6385 | Insufficient policy enforcement in storage in Google Chrome prior to 80.0.3987.87 allowed a remote a... | E S | |
| CVE-2020-6386 | Use after free in speech in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potent... | E S | |
| CVE-2020-6387 | Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to po... | | |
| CVE-2020-6388 | Out of bounds access in WebAudio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to... | | |
| CVE-2020-6389 | Out of bounds write in WebRTC in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to po... | | |
| CVE-2020-6390 | Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.87 allowed a remote attac... | E S | |
| CVE-2020-6391 | Insufficient validation of untrusted input in Blink in Google Chrome prior to 80.0.3987.87 allowed a... | E S | |
| CVE-2020-6392 | Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.87 allowed an atta... | E S | |
| CVE-2020-6393 | Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote att... | S | |
| CVE-2020-6394 | Insufficient policy enforcement in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote att... | E S | |
| CVE-2020-6395 | Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to... | | |
| CVE-2020-6396 | Inappropriate implementation in Skia in Google Chrome prior to 80.0.3987.87 allowed a remote attacke... | E S | |
| CVE-2020-6397 | Inappropriate implementation in sharing in Google Chrome prior to 80.0.3987.87 allowed a remote atta... | E S | |
| CVE-2020-6398 | Use of uninitialized data in PDFium in Google Chrome prior to 80.0.3987.87 allowed a remote attacker... | S | |
| CVE-2020-6399 | Insufficient policy enforcement in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote ... | | |
| CVE-2020-6400 | Inappropriate implementation in CORS in Google Chrome prior to 80.0.3987.87 allowed a remote attacke... | E S | |
| CVE-2020-6401 | Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed... | | |
| CVE-2020-6402 | Insufficient policy enforcement in downloads in Google Chrome on OS X prior to 80.0.3987.87 allowed ... | | |
| CVE-2020-6403 | Incorrect implementation in Omnibox in Google Chrome on iOS prior to 80.0.3987.87 allowed a remote a... | E S | |
| CVE-2020-6404 | Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attack... | E S | |
| CVE-2020-6405 | Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obt... | | |
| CVE-2020-6406 | Use after free in audio in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to potentia... | S | |
| CVE-2020-6407 | Out of bounds memory access in streams in Google Chrome prior to 80.0.3987.122 allowed a remote atta... | | |
| CVE-2020-6408 | Insufficient policy enforcement in CORS in Google Chrome prior to 80.0.3987.87 allowed a local attac... | E S | |
| CVE-2020-6409 | Inappropriate implementation in Omnibox in Google Chrome prior to 80.0.3987.87 allowed a remote atta... | | |
| CVE-2020-6410 | Insufficient policy enforcement in navigation in Google Chrome prior to 80.0.3987.87 allowed a remot... | | |
| CVE-2020-6411 | Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed... | | |
| CVE-2020-6412 | Insufficient validation of untrusted input in Omnibox in Google Chrome prior to 80.0.3987.87 allowed... | | |
| CVE-2020-6413 | Inappropriate implementation in Blink in Google Chrome prior to 80.0.3987.87 allowed a remote attack... | | |
| CVE-2020-6414 | Insufficient policy enforcement in Safe Browsing in Google Chrome prior to 80.0.3987.87 allowed a re... | | |
| CVE-2020-6415 | Inappropriate implementation in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote a... | E S | |
| CVE-2020-6416 | Insufficient data validation in streams in Google Chrome prior to 80.0.3987.87 allowed a remote atta... | E S | |
| CVE-2020-6417 | Inappropriate implementation in installer in Google Chrome prior to 80.0.3987.87 allowed a local att... | | |
| CVE-2020-6418 | Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentiall... | KEV E S | |
| CVE-2020-6419 | Out of bounds write in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potent... | E S | |
| CVE-2020-6420 | Insufficient policy enforcement in media in Google Chrome prior to 80.0.3987.132 allowed a remote at... | | |
| CVE-2020-6422 | Use after free in WebGL in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potenti... | E S | |
| CVE-2020-6423 | Use after free in audio in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentia... | | |
| CVE-2020-6424 | Use after free in media in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potenti... | | |
| CVE-2020-6425 | Insufficient policy enforcement in extensions in Google Chrome prior to 80.0.3987.149 allowed an att... | S | |
| CVE-2020-6426 | Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.149 allowed a remote attacker... | E S | |
| CVE-2020-6427 | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potenti... | E S | |
| CVE-2020-6428 | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potenti... | E S | |
| CVE-2020-6429 | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potenti... | E S | |
| CVE-2020-6430 | Type Confusion in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially... | E | |
| CVE-2020-6431 | Insufficient policy enforcement in full screen in Google Chrome prior to 81.0.4044.92 allowed a remo... | | |
| CVE-2020-6432 | Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remo... | | |
| CVE-2020-6433 | Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remot... | | |
| CVE-2020-6434 | Use after free in devtools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to poten... | E | |
| CVE-2020-6435 | Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed a remot... | | |
| CVE-2020-6436 | Use after free in window management in Google Chrome prior to 81.0.4044.92 allowed a remote attacker... | | |
| CVE-2020-6437 | Inappropriate implementation in WebView in Google Chrome prior to 81.0.4044.92 allowed a remote atta... | E | |
| CVE-2020-6438 | Insufficient policy enforcement in extensions in Google Chrome prior to 81.0.4044.92 allowed an atta... | E | |
| CVE-2020-6439 | Insufficient policy enforcement in navigations in Google Chrome prior to 81.0.4044.92 allowed a remo... | | |
| CVE-2020-6440 | Inappropriate implementation in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacke... | | |
| CVE-2020-6441 | Insufficient policy enforcement in omnibox in Google Chrome prior to 81.0.4044.92 allowed a remote a... | | |
| CVE-2020-6442 | Inappropriate implementation in cache in Google Chrome prior to 81.0.4044.92 allowed a remote attack... | E | |
| CVE-2020-6443 | Insufficient data validation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a rem... | | |
| CVE-2020-6444 | Uninitialized use in WebRTC in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to pote... | E | |
| CVE-2020-6445 | Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a re... | | |
| CVE-2020-6446 | Insufficient policy enforcement in trusted types in Google Chrome prior to 81.0.4044.92 allowed a re... | | |
| CVE-2020-6447 | Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a rem... | E | |
| CVE-2020-6448 | Use after free in V8 in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially... | E | |
| CVE-2020-6449 | Use after free in audio in Google Chrome prior to 80.0.3987.149 allowed a remote attacker to potenti... | E S | |
| CVE-2020-6450 | Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to pote... | E S | |
| CVE-2020-6451 | Use after free in WebAudio in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to pote... | S | |
| CVE-2020-6452 | Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to p... | | |
| CVE-2020-6453 | Inappropriate implementation in V8 in Google Chrome prior to 80.0.3987.162 allowed a remote attacker... | | |
| CVE-2020-6454 | Use after free in extensions in Google Chrome prior to 81.0.4044.92 allowed an attacker who convince... | | |
| CVE-2020-6455 | Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to pot... | | |
| CVE-2020-6456 | Insufficient validation of untrusted input in clipboard in Google Chrome prior to 81.0.4044.92 allow... | | |
| CVE-2020-6457 | Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacke... | | |
| CVE-2020-6458 | Out of bounds read and write in PDFium in Google Chrome prior to 81.0.4044.122 allowed a remote atta... | | |
| CVE-2020-6459 | Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to pote... | E | |
| CVE-2020-6460 | Insufficient data validation in URL formatting in Google Chrome prior to 81.0.4044.122 allowed a rem... | | |
| CVE-2020-6461 | Use after free in storage in Google Chrome prior to 81.0.4044.129 allowed a remote attacker who had ... | | |
| CVE-2020-6462 | Use after free in task scheduling in Google Chrome prior to 81.0.4044.129 allowed a remote attacker ... | | |
| CVE-2020-6463 | Use after free in ANGLE in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potenti... | | |
| CVE-2020-6464 | Type confusion in Blink in Google Chrome prior to 81.0.4044.138 allowed a remote attacker to potenti... | E | |
| CVE-2020-6465 | Use after free in reader mode in Google Chrome on Android prior to 83.0.4103.61 allowed a remote att... | | |
| CVE-2020-6466 | Use after free in media in Google Chrome prior to 83.0.4103.61 allowed a remote attacker who had com... | | |
| CVE-2020-6467 | Use after free in WebRTC in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potenti... | | |
| CVE-2020-6468 | Type confusion in V8 in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentially... | | |
| CVE-2020-6469 | Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an... | | |
| CVE-2020-6470 | Insufficient validation of untrusted input in clipboard in Google Chrome prior to 83.0.4103.61 allow... | S | |
| CVE-2020-6471 | Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an... | E S | |
| CVE-2020-6472 | Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an... | E S | |
| CVE-2020-6473 | Insufficient policy enforcement in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote att... | E S | |
| CVE-2020-6474 | Use after free in Blink in Google Chrome prior to 83.0.4103.61 allowed a remote attacker to potentia... | E S | |
| CVE-2020-6475 | Incorrect implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote atta... | E | |
| CVE-2020-6476 | Insufficient policy enforcement in tab strip in Google Chrome prior to 83.0.4103.61 allowed an attac... | E | |
| CVE-2020-6477 | Inappropriate implementation in installer in Google Chrome on OS X prior to 83.0.4103.61 allowed a l... | | |
| CVE-2020-6478 | Inappropriate implementation in full screen in Google Chrome prior to 83.0.4103.61 allowed a remote ... | | |
| CVE-2020-6479 | Inappropriate implementation in sharing in Google Chrome prior to 83.0.4103.61 allowed a remote atta... | | |
| CVE-2020-6480 | Insufficient policy enforcement in enterprise in Google Chrome prior to 83.0.4103.61 allowed a local... | E | |
| CVE-2020-6481 | Insufficient policy enforcement in URL formatting in Google Chrome prior to 83.0.4103.61 allowed a r... | | |
| CVE-2020-6482 | Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.61 allowed an... | E | |
| CVE-2020-6483 | Insufficient policy enforcement in payments in Google Chrome prior to 83.0.4103.61 allowed a remote ... | E | |
| CVE-2020-6484 | Insufficient data validation in ChromeDriver in Google Chrome prior to 83.0.4103.61 allowed a remote... | | |
| CVE-2020-6485 | Insufficient data validation in media router in Google Chrome prior to 83.0.4103.61 allowed a remote... | E | |
| CVE-2020-6486 | Insufficient policy enforcement in navigations in Google Chrome prior to 83.0.4103.61 allowed a remo... | | |
| CVE-2020-6487 | Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote... | | |
| CVE-2020-6488 | Insufficient policy enforcement in downloads in Google Chrome prior to 83.0.4103.61 allowed a remote... | E | |
| CVE-2020-6489 | Inappropriate implementation in developer tools in Google Chrome prior to 83.0.4103.61 allowed a rem... | E | |
| CVE-2020-6490 | Insufficient data validation in loader in Google Chrome prior to 83.0.4103.61 allowed a remote attac... | | |
| CVE-2020-6491 | Insufficient data validation in site information in Google Chrome prior to 83.0.4103.61 allowed a re... | | |
| CVE-2020-6492 | Use after free in ANGLE in Google Chrome prior to 83.0.4103.97 allowed a remote attacker to potentia... | E S | |
| CVE-2020-6493 | Use after free in WebAuthentication in Google Chrome prior to 83.0.4103.97 allowed a remote attacker... | | |
| CVE-2020-6494 | Incorrect security UI in payments in Google Chrome on Android prior to 83.0.4103.97 allowed a remote... | | |
| CVE-2020-6495 | Insufficient policy enforcement in developer tools in Google Chrome prior to 83.0.4103.97 allowed an... | | |
| CVE-2020-6496 | Use after free in payments in Google Chrome on MacOS prior to 83.0.4103.97 allowed a remote attacker... | | |
| CVE-2020-6497 | Insufficient policy enforcement in Omnibox in Google Chrome on iOS prior to 83.0.4103.88 allowed a r... | | |
| CVE-2020-6498 | Incorrect implementation in user interface in Google Chrome on iOS prior to 83.0.4103.88 allowed a r... | | |
| CVE-2020-6499 | Inappropriate implementation in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote att... | | |
| CVE-2020-6500 | Inappropriate implementation in interstitials in Google Chrome prior to 80.0.3987.87 allowed a remot... | | |
| CVE-2020-6501 | Insufficient policy enforcement in CSP in Google Chrome prior to 80.0.3987.87 allowed a remote attac... | | |
| CVE-2020-6502 | Incorrect implementation in permissions in Google Chrome prior to 80.0.3987.87 allowed a remote atta... | | |
| CVE-2020-6503 | Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a remo... | E S | |
| CVE-2020-6504 | Insufficient policy enforcement in notifications in Google Chrome prior to 74.0.3729.108 allowed a r... | E | |
| CVE-2020-6505 | Use after free in speech in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to potent... | | |
| CVE-2020-6506 | Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowe... | | |
| CVE-2020-6507 | Out of bounds write in V8 in Google Chrome prior to 83.0.4103.106 allowed a remote attacker to poten... | E S | |
| CVE-2020-6509 | Use after free in extensions in Google Chrome prior to 83.0.4103.116 allowed an attacker who convinc... | | |
| CVE-2020-6510 | Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote att... | | |
| CVE-2020-6511 | Information leak in content security policy in Google Chrome prior to 84.0.4147.89 allowed a remote ... | | |
| CVE-2020-6512 | Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially... | | |
| CVE-2020-6513 | Heap buffer overflow in PDFium in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to p... | | |
| CVE-2020-6514 | Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in... | E | |
| CVE-2020-6515 | Use after free in tab strip in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to pote... | | |
| CVE-2020-6516 | Policy bypass in CORS in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to leak cross... | | |
| CVE-2020-6517 | Heap buffer overflow in history in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to ... | | |
| CVE-2020-6518 | Use after free in developer tools in Google Chrome prior to 84.0.4147.89 allowed a remote attacker w... | | |
| CVE-2020-6519 | Policy bypass in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to bypass cont... | E | |
| CVE-2020-6520 | Buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentia... | | |
| CVE-2020-6521 | Side-channel information leakage in autofill in Google Chrome prior to 84.0.4147.89 allowed a remote... | | |
| CVE-2020-6522 | Inappropriate implementation in external protocol handlers in Google Chrome prior to 84.0.4147.89 al... | | |
| CVE-2020-6523 | Out of bounds write in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to pote... | | |
| CVE-2020-6524 | Heap buffer overflow in WebAudio in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to... | | |
| CVE-2020-6525 | Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to pot... | | |
| CVE-2020-6526 | Inappropriate implementation in iframe sandbox in Google Chrome prior to 84.0.4147.89 allowed a remo... | | |
| CVE-2020-6527 | Insufficient policy enforcement in CSP in Google Chrome prior to 84.0.4147.89 allowed a remote attac... | | |
| CVE-2020-6528 | Incorrect security UI in basic auth in Google Chrome on iOS prior to 84.0.4147.89 allowed a remote a... | | |
| CVE-2020-6529 | Inappropriate implementation in WebRTC in Google Chrome prior to 84.0.4147.89 allowed an attacker in... | | |
| CVE-2020-6530 | Out of bounds memory access in developer tools in Google Chrome prior to 84.0.4147.89 allowed an att... | E S | |
| CVE-2020-6531 | Side-channel information leakage in scroll to text in Google Chrome prior to 84.0.4147.89 allowed a ... | | |
| CVE-2020-6532 | Use after free in SCTP in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentia... | | |
| CVE-2020-6533 | Type Confusion in V8 in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially... | | |
| CVE-2020-6534 | Heap buffer overflow in WebRTC in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to p... | | |
| CVE-2020-6535 | Insufficient data validation in WebUI in Google Chrome prior to 84.0.4147.89 allowed a remote attack... | | |
| CVE-2020-6536 | Incorrect security UI in PWAs in Google Chrome prior to 84.0.4147.89 allowed a remote attacker who h... | | |
| CVE-2020-6537 | Type confusion in V8 in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to execute ar... | | |
| CVE-2020-6538 | Inappropriate implementation in WebView in Google Chrome on Android prior to 84.0.4147.105 allowed a... | | |
| CVE-2020-6539 | Use after free in CSS in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potential... | | |
| CVE-2020-6540 | Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potenti... | | |
| CVE-2020-6541 | Use after free in WebUSB in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potent... | | |
| CVE-2020-6542 | Use after free in ANGLE in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potenti... | | |
| CVE-2020-6543 | Use after free in task scheduling in Google Chrome prior to 84.0.4147.125 allowed a remote attacker ... | | |
| CVE-2020-6544 | Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potenti... | | |
| CVE-2020-6545 | Use after free in audio in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potenti... | | |
| CVE-2020-6546 | Inappropriate implementation in installer in Google Chrome prior to 84.0.4147.125 allowed a local at... | | |
| CVE-2020-6547 | Incorrect security UI in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to ... | | |
| CVE-2020-6548 | Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who h... | | |
| CVE-2020-6549 | Use after free in media in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potenti... | | |
| CVE-2020-6550 | Use after free in IndexedDB in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to pot... | | |
| CVE-2020-6551 | Use after free in WebXR in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potenti... | | |
| CVE-2020-6552 | Use after free in Blink in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to potenti... | | |
| CVE-2020-6553 | Use after free in offline mode in Google Chrome on iOS prior to 84.0.4147.125 allowed a remote attac... | | |
| CVE-2020-6554 | Use after free in extensions in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to po... | | |
| CVE-2020-6555 | Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obt... | E | |
| CVE-2020-6556 | Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacke... | | |
| CVE-2020-6557 | Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote a... | | |
| CVE-2020-6558 | Insufficient policy enforcement in iOSWeb in Google Chrome on iOS prior to 85.0.4183.83 allowed a re... | | |
| CVE-2020-6559 | Use after free in presentation API in Google Chrome prior to 85.0.4183.83 allowed a remote attacker ... | | |
| CVE-2020-6560 | Insufficient policy enforcement in autofill in Google Chrome prior to 85.0.4183.83 allowed a remote ... | | |
| CVE-2020-6561 | Inappropriate implementation in Content Security Policy in Google Chrome prior to 85.0.4183.83 allow... | | |
| CVE-2020-6562 | Insufficient policy enforcement in Blink in Google Chrome prior to 85.0.4183.83 allowed a remote att... | | |
| CVE-2020-6563 | Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83... | | |
| CVE-2020-6564 | Inappropriate implementation in permissions in Google Chrome prior to 85.0.4183.83 allowed a remote ... | | |
| CVE-2020-6565 | Inappropriate implementation in Omnibox in Google Chrome on iOS prior to 85.0.4183.83 allowed a remo... | S | |
| CVE-2020-6566 | Insufficient policy enforcement in media in Google Chrome prior to 85.0.4183.83 allowed a remote att... | S | |
| CVE-2020-6567 | Insufficient validation of untrusted input in command line handling in Google Chrome on Windows prio... | S | |
| CVE-2020-6568 | Insufficient policy enforcement in intent handling in Google Chrome on Android prior to 85.0.4183.83... | S | |
| CVE-2020-6569 | Integer overflow in WebUSB in Google Chrome prior to 85.0.4183.83 allowed a remote attacker who had ... | E S | |
| CVE-2020-6570 | Information leakage in WebRTC in Google Chrome prior to 85.0.4183.83 allowed a remote attacker to ob... | E S | |
| CVE-2020-6571 | Insufficient data validation in Omnibox in Google Chrome prior to 85.0.4183.83 allowed a remote atta... | E S | |
| CVE-2020-6572 | Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to execute ... | KEV | |
| CVE-2020-6573 | Use after free in video in Google Chrome on Android prior to 85.0.4183.102 allowed a remote attacker... | | |
| CVE-2020-6574 | Insufficient policy enforcement in installer in Google Chrome on OS X prior to 85.0.4183.102 allowed... | S | |
| CVE-2020-6575 | Race in Mojo in Google Chrome prior to 85.0.4183.102 allowed a remote attacker who had compromised t... | S | |
| CVE-2020-6576 | Use after free in offscreen canvas in Google Chrome prior to 85.0.4183.102 allowed a remote attacker... | S | |
| CVE-2020-6577 | The IT-Recht Kanzlei plugin in Zen Cart 1.5.6c (German edition) allows itrk-api.php rechtstext_langu... | E | |
| CVE-2020-6578 | Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to includes/templates/template_defa... | E | |
| CVE-2020-6579 | Cross-site scripting (XSS) vulnerability in mailhive/cloudbeez/cloudloader.php and mailhive/cloudbee... | E | |
| CVE-2020-6581 | Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as ... | E | |
| CVE-2020-6582 | Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small neg... | E | |
| CVE-2020-6583 | BigProf Online Invoicing System (OIS) through 2.6 has XSS that can be leveraged for session hijackin... | E | |
| CVE-2020-6584 | Nagios Log Server 2.1.3 has Incorrect Access Control.... | | |
| CVE-2020-6585 | Nagios Log Server 2.1.3 has CSRF.... | | |
| CVE-2020-6586 | Nagios Log Server 2.1.3 allows XSS by visiting /profile and entering a crafted name field that is mi... | | |
| CVE-2020-6589 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6590 | Forcepoint Web Security Content Gateway versions prior to 8.5.4 improperly process XML input, leadin... | | |
| CVE-2020-6591 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6592 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6593 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6594 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6595 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6596 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6597 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6598 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6599 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6600 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6601 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6602 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6603 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6604 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6605 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6606 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6607 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6608 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unuse... | R | |
| CVE-2020-6609 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c.... | E S | |
| CVE-2020-6610 | GNU LibreDWG 0.9.3.2564 has an attempted excessive memory allocation in read_sections_map in decode_... | E | |
| CVE-2020-6611 | GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c.... | E | |
| CVE-2020-6612 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c... | E | |
| CVE-2020-6613 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c.... | E | |
| CVE-2020-6614 | GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c.... | E | |
| CVE-2020-6615 | GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (d... | E | |
| CVE-2020-6616 | Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random... | E | |
| CVE-2020-6617 | stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_int.... | E | |
| CVE-2020-6618 | stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__find_table.... | E | |
| CVE-2020-6619 | stb stb_truetype.h through 1.22 has an assertion failure in stbtt__buf_seek.... | E | |
| CVE-2020-6620 | stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_get8.... | E | |
| CVE-2020-6621 | stb stb_truetype.h through 1.22 has a heap-based buffer over-read in ttUSHORT.... | E | |
| CVE-2020-6622 | stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_peek8.... | E | |
| CVE-2020-6623 | stb stb_truetype.h through 1.22 has an assertion failure in stbtt__cff_get_index.... | E | |
| CVE-2020-6624 | jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c.... | E | |
| CVE-2020-6625 | jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gp... | E | |
| CVE-2020-6627 | The web-management application on Seagate Central NAS STCG2000300, STCG3000300, and STCG4000300 devi... | E | |
| CVE-2020-6628 | Ming (aka libming) 0.4.8 has a heap-based buffer over-read in the function decompile_SWITCH() in dec... | E | |
| CVE-2020-6629 | Ming (aka libming) 0.4.8 has z NULL pointer dereference in the function decompileGETURL2() in decomp... | E | |
| CVE-2020-6630 | An issue was discovered in GPAC version 0.8.0. There is a NULL pointer dereference in the function g... | E | |
| CVE-2020-6631 | An issue was discovered in GPAC version 0.8.0. There is a NULL pointer dereference in the function g... | E | |
| CVE-2020-6632 | In PrestaShop 1.7.6.2, XSS can occur during addition or removal of a QuickAccess link. This is relat... | S | |
| CVE-2020-6637 | openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of i... | E S | |
| CVE-2020-6638 | Grin through 2.1.1 has Insufficient Validation.... | E S | |
| CVE-2020-6640 | An improper neutralization of input vulnerability in the Admin Profile of FortiAnalyzer may allow a ... | | |
| CVE-2020-6641 | Two authorization bypass through user-controlled key vulnerabilities in the Fortinet FortiPresence 2... | | |
| CVE-2020-6643 | An improper neutralization of input vulnerability in the URL Description in Fortinet FortiIsolator v... | | |
| CVE-2020-6644 | An insufficient session expiration vulnerability in FortiDeceptor 3.0.0 and below allows an attacker... | | |
| CVE-2020-6645 | Rejected reason: Not used... | R | |
| CVE-2020-6646 | An improper neutralization of input vulnerability in FortiWeb allows a remote authenticated attacker... | | |
| CVE-2020-6647 | An improper neutralization of input vulnerability in the dashboard of FortiADC may allow an authenti... | | |
| CVE-2020-6648 | A cleartext storage of sensitive information vulnerability in FortiOS command line interface in vers... | | |
| CVE-2020-6649 | An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and below... | | |
| CVE-2020-6650 | Arbitrary code execution through “Update Manager” Class | S | |
| CVE-2020-6651 | Command injection via specially crafted file name during config file upload | S | |
| CVE-2020-6652 | Incorrect privilege assignment allowing non-admin users to upload config files | S | |
| CVE-2020-6653 | Sensitive date stored in logcat file | S | |
| CVE-2020-6654 | DLL Hijacking | S | |
| CVE-2020-6655 | File parsing Out-Of-Bounds read remote code execution | S | |
| CVE-2020-6656 | File parsing Type Confusion Remote code execution vulerability | S | |
| CVE-2020-6660 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6661 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6662 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6663 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6664 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6665 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6666 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6667 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6668 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6669 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6670 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6671 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6672 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6673 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6674 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6675 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6676 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6677 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6678 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6679 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6680 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6681 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6682 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6683 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6684 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6685 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6686 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6687 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6688 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6689 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6690 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6691 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6692 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6693 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6694 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6695 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6696 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6697 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6698 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6699 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6700 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6701 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6702 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6703 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6704 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6705 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6706 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6707 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6708 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6709 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6710 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6711 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6712 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6713 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6714 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6715 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6716 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6717 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6718 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6719 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6720 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6721 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6722 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6723 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6724 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6725 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6726 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6727 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6728 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6729 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6730 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6731 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6732 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6733 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6734 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6735 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6736 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6737 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6738 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6739 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6740 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6741 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6742 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6743 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6744 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6745 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6746 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6747 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6748 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6749 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6750 | GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address ins... | E | |
| CVE-2020-6752 | In OMERO before 5.6.1, group owners can access members' data in other groups.... | | |
| CVE-2020-6753 | The Login by Auth0 plugin before 4.0.0 for WordPress allows stored XSS on multiple pages, a differen... | | |
| CVE-2020-6754 | dotCMS before 5.2.4 is vulnerable to directory traversal, leading to incorrect access control. It al... | E M | |
| CVE-2020-6756 | languageOptions.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows unauthentic... | E | |
| CVE-2020-6757 | contentHostProperties.php in Rasilient PixelStor 5000 K:4.0.1580-20150629 (KDI Version) allows authe... | E | |
| CVE-2020-6758 | A cross-site scripting (XSS) vulnerability in Option/optionsAll.php in Rasilient PixelStor 5000 K:4.... | E | |
| CVE-2020-6760 | Schmid ZI 620 V400 VPN 090 routers allow an attacker to execute OS commands as root via shell metach... | E | |
| CVE-2020-6764 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-6765 | D-Link DSL-GS225 J1 AU_1.0.4 devices allow an admin to execute OS commands by placing shell metachar... | S | |
| CVE-2020-6767 | Path Traversal in Bosch Video Management System (BVMS) | S | |
| CVE-2020-6768 | Path Traversal in Bosch Video Management System (BVMS) | S | |
| CVE-2020-6769 | Missing Authentication for Critical Function in Bosch Video Streaming Gateway | S | |
| CVE-2020-6770 | Deserialization of Untrusted Data in Bosch BVMS Mobile Video Service | | |
| CVE-2020-6771 | Uncontrolled Search Path Element in Bosch IP Helper | | |
| CVE-2020-6774 | Kiosk Mode Breakout in Bosch Recording Station | | |
| CVE-2020-6776 | CSRF in Bosch PRAESIDEO and Bosch PRAESENSA Management Interface | | |
| CVE-2020-6777 | Stored XSS in Bosch PRAESIDEO and Bosch PRAESENSA Management Interface | | |
| CVE-2020-6779 | Hard-coded Credentials in the Database of Bosch FSM-2500 Server and Bosch FSM-5000 Server | | |
| CVE-2020-6780 | Password Hash With Insufficient Computational Effort in the Database of Bosch FSM-2500 Server and Bosch FSM-5000 Server | | |
| CVE-2020-6781 | Improper Certificate Validation in Bosch Smart Home System App for iOS | | |
| CVE-2020-6785 | Uncontrolled Search Path Element in Bosch BVMS and BVMS Viewer | | |
| CVE-2020-6786 | Uncontrolled Search Path Element in Bosch Video Recording Manager Installer | | |
| CVE-2020-6787 | Uncontrolled Search Path Element in Bosch Video Client installer | | |
| CVE-2020-6788 | Uncontrolled Search Path Element in Bosch Configuration Manager Installer | | |
| CVE-2020-6789 | Uncontrolled Search Path Element in Bosch Monitor Wall Installer | | |
| CVE-2020-6790 | Uncontrolled Search Path Element in Bosch Video Streaming Gateway Installer | | |
| CVE-2020-6792 | When deriving an identifier for an email message, uninitialized memory was used in addition to the m... | | |
| CVE-2020-6793 | When processing an email message with an ill-formed envelope, Thunderbird could read data from a ran... | | |
| CVE-2020-6794 | If a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted... | E S | |
| CVE-2020-6795 | When processing a message that contains multiple S/MIME signatures, a bug in the MIME processing cod... | | |
| CVE-2020-6796 | A content process could have modified shared memory relating to crash reporting information, crash i... | | |
| CVE-2020-6797 | By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbit... | | |
| CVE-2020-6798 | If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsin... | | |
| CVE-2020-6799 | Command line arguments could have been injected during Firefox invocation as a shell handler for cer... | S | |
| CVE-2020-6800 | Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firef... | | |
| CVE-2020-6801 | Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evid... | | |
| CVE-2020-6802 | In Mozilla Bleach before 3.11, a mutation XSS affects users calling bleach.clean with noscript and a... | E | |
| CVE-2020-6803 | Open redirect in Mozilla WebThings Gateway | S | |
| CVE-2020-6804 | XSS in Mozilla WebThings Gateway | S | |
| CVE-2020-6805 | When removing data about an origin whose tab was recently closed, a use-after-free could occur in th... | | |
| CVE-2020-6806 | By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the en... | | |
| CVE-2020-6807 | When a device was changed while a stream was about to be destroyed, the stream-reinit t... | | |
| CVE-2020-6808 | When a JavaScript URL (javascript:) is evaluated and the result is a string, this string is parsed t... | | |
| CVE-2020-6809 | When a Web Extension had the all-urls permission and made a fetch request with a mode set to 'same-o... | | |
| CVE-2020-6810 | After a website had entered fullscreen mode, it could have used a previously opened popup to obscure... | | |
| CVE-2020-6811 | The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a req... | E | |
| CVE-2020-6812 | The first time AirPods are connected to an iPhone, they become named after the user's name by defaul... | | |
| CVE-2020-6813 | When protecting CSS blocks with the nonce feature of Content Security Policy, the @import statement ... | | |
| CVE-2020-6814 | Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of thes... | | |
| CVE-2020-6815 | Mozilla developers reported memory safety and script safety bugs present in Firefox 73. Some of thes... | | |
| CVE-2020-6816 | In Mozilla Bleach before 3.12, a mutation XSS in bleach.clean when RCDATA and either svg or math tag... | E | |
| CVE-2020-6817 | bleach.clean behavior parsing style attributes could result in a regular expression denial of servic... | E | |
| CVE-2020-6819 | Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-a... | KEV E | |
| CVE-2020-6820 | Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-fre... | KEV | |
| CVE-2020-6821 | When reading from areas partially or fully outside the source resource with WebGL's copyTexSub... | | |
| CVE-2020-6822 | On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 ... | | |
| CVE-2020-6823 | A malicious extension could have called browser.identity.launchWebAuthFlow, controlling... | | |
| CVE-2020-6824 | Initially, a user opens a Private Browsing Window and generates a password for a site, then closes t... | | |
| CVE-2020-6825 | Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bug... | | |
| CVE-2020-6826 | Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis reported memory safety bugs present ... | | |
| CVE-2020-6827 | When following a link that opened an intent://-schemed URL, causing a custom tab to be opened, Firef... | | |
| CVE-2020-6828 | A malicious Android application could craft an Intent that would have been processed by Firefox for ... | | |
| CVE-2020-6829 | When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; wh... | | |
| CVE-2020-6830 | For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code ca... | | |
| CVE-2020-6831 | A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led... | S | |
| CVE-2020-6832 | An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. Using the project im... | | |
| CVE-2020-6833 | An issue was discovered in GitLab EE 11.3 and later. A GitLab Workhorse bypass could lead to package... | | |
| CVE-2020-6835 | An issue was discovered in Bftpd before 5.4. There is a heap-based off-by-one error during file-tran... | | |
| CVE-2020-6836 | grammar-parser.jison in the hot-formula-parser package before 3.0.1 for Node.js is vulnerable to arb... | S | |
| CVE-2020-6838 | In mruby 2.1.0, there is a use-after-free in hash_values_at in mrbgems/mruby-hash-ext/src/hash-ext.c... | E | |
| CVE-2020-6839 | In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_to_dbl in string.c.... | E | |
| CVE-2020-6840 | In mruby 2.1.0, there is a use-after-free in hash_slice in mrbgems/mruby-hash-ext/src/hash-ext.c.... | E S | |
| CVE-2020-6841 | D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands ... | E | |
| CVE-2020-6842 | D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary O... | | |
| CVE-2020-6843 | Zoho ManageEngine ServiceDesk Plus 11.0 Build 11007 allows XSS. This issue was fixed in version 11.0... | E | |
| CVE-2020-6844 | In TopManage OLK 2020, login CSRF can be chained with another vulnerability in order to takeover adm... | E | |
| CVE-2020-6845 | An issue was discovered in TopManage OLK 2020. As there is no ReadOnly on the Session cookie, the us... | E | |
| CVE-2020-6847 | OpenTrade through 0.2.0 has a DOM-based XSS vulnerability that is executed when an administrator att... | E S | |
| CVE-2020-6848 | Axper Vision II 4 devices allow XSS via the DEVICE_NAME (aka Device Name) parameter to the configWeb... | E | |
| CVE-2020-6849 | The marketo-forms-and-tracking plugin through 1.0.2 for WordPress allows wp-admin/admin.php?page=mar... | E | |
| CVE-2020-6850 | Utilities.php in the miniorange-saml-20-single-sign-on plugin before 4.8.84 for WordPress allows XSS... | E | |
| CVE-2020-6851 | OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t... | E S | |
| CVE-2020-6852 | CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmware 3.4.2.0919 has weak authenticati... | E | |
| CVE-2020-6854 | A cross-site scripting (XSS) vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and... | | |
| CVE-2020-6855 | A large or infinite loop vulnerability in the JOC Cockpit component of SOS JobScheduler 1.11 and 1.1... | | |
| CVE-2020-6856 | An XML External Entity (XEE) vulnerability exists in the JOC Cockpit component of SOS JobScheduler 1... | | |
| CVE-2020-6857 | CarbonFTP v1.4 uses insecure proprietary password encryption with a hard-coded weak encryption key. ... | E | |
| CVE-2020-6858 | Hotels Styx through 1.0.0.beta8 allows HTTP response splitting due to CRLF Injection. This is exploi... | E | |
| CVE-2020-6859 | Multiple Insecure Direct Object Reference vulnerabilities in includes/core/class-files.php in the Ul... | S | |
| CVE-2020-6860 | libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the read... | E | |
| CVE-2020-6861 | A flawed protocol design in the Ledger Monero app before 1.5.1 for Ledger Nano and Ledger S devices ... | E | |
| CVE-2020-6862 | V6.0.10P2T2 and V6.0.10P2T5 of F6x2W product are impacted by Information leak vulnerability. Unautho... | E | |
| CVE-2020-6863 | ZTE E8820V3 router product is impacted by a permission and access control vulnerability. Attackers c... | | |
| CVE-2020-6864 | ZTE E8820V3 router product is impacted by an information leak vulnerability. Attackers could use thi... | | |
| CVE-2020-6865 | ZTE SDN controller platform is impacted by an information leakage vulnerability. Due to the program'... | | |
| CVE-2020-6866 | A ZTE product is impacted by a resource management error vulnerability. An attacker could exploit th... | | |
| CVE-2020-6867 | ZTE's SDON controller is impacted by the resource management error vulnerability. When RPC is freque... | | |
| CVE-2020-6868 | There is an input validation vulnerability in a PON terminal product of ZTE, which supports the crea... | | |
| CVE-2020-6869 | All versions up to 10.06 of ZTEMarket APK are impacted by an information leak vulnerability. Due to ... | | |
| CVE-2020-6870 | The version V12.17.20T115 of ZTE U31R20 product is impacted by a design error vulnerability. An atta... | | |
| CVE-2020-6871 | The server management software module of ZTE has an authentication issue vulnerability, which allows... | | |
| CVE-2020-6872 | The server management software module of ZTE has a storage XSS vulnerability. The attacker inserts s... | | |
| CVE-2020-6873 | A ZTE product has a DoS vulnerability. Because the equipment couldn’t distinguish the attack packets... | | |
| CVE-2020-6874 | A ZTE product is impacted by the cryptographic issues vulnerability. The encryption algorithm is not... | | |
| CVE-2020-6875 | A ZTE product is impacted by the improper access control vulnerability. Due to lack of an authentica... | | |
| CVE-2020-6876 | A ZTE product is impacted by an XSS vulnerability. The vulnerability is caused by the lack of correc... | | |
| CVE-2020-6877 | A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerabi... | | |
| CVE-2020-6878 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6879 | Some ZTE devices have input verification vulnerabilities. The devices support configuring a static p... | | |
| CVE-2020-6880 | A ZXELINK wireless controller has a SQL injection vulnerability. A remote attacker does not need to ... | | |
| CVE-2020-6881 | ZTE E8810/E8820/E8822 series routers have an MQTT DoS vulnerability, which is caused by the failure ... | | |
| CVE-2020-6882 | ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard... | | |
| CVE-2020-6883 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6884 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6885 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6886 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6887 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6888 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6889 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6890 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6891 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6892 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6893 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6894 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6895 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6896 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6897 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6898 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6899 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6900 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6901 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6902 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6903 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6904 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6905 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6906 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6907 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6908 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6909 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6910 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6911 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-6917 | Potential security vulnerabilities including compromise of integrity, and allowed communication with... | S | |
| CVE-2020-6918 | Potential security vulnerabilities including compromise of integrity, and allowed communication with... | S | |
| CVE-2020-6919 | Potential security vulnerabilities including compromise of integrity, and allowed communication with... | S | |
| CVE-2020-6920 | Potential security vulnerabilities including compromise of integrity, and allowed communication with... | S | |
| CVE-2020-6921 | Potential security vulnerabilities including compromise of integrity, and allowed communication with... | S | |
| CVE-2020-6922 | Potential security vulnerabilities including compromise of integrity, and allowed communication with... | S | |
| CVE-2020-6923 | HP Linux Imaging and Printing Software - Potential Memory Buffer Overflow | | |
| CVE-2020-6931 | HP Print and Scan Doctor may potentially be vulnerable to local elevation of privilege.... | | |
| CVE-2020-6932 | An information disclosure and remote code execution vulnerability in the slinger web server of the B... | | |
| CVE-2020-6933 | An improper input validation vulnerability in the UEM Core of BlackBerry UEM version(s) 12.13.0, 12.... | S | |
| CVE-2020-6937 | A Denial of Service vulnerability in MuleSoft Mule CE/EE 3.8.x, 3.9.x, and 4.x released before April... | | |
| CVE-2020-6938 | A sensitive information disclosure vulnerability in Tableau Server 10.5, 2018.x, 2019.x, 2020.x rele... | | |
| CVE-2020-6939 | Tableau Server installations configured with Site-Specific SAML that allows the APIs to be used by u... | | |
| CVE-2020-6948 | A remote code execution issue was discovered in HashBrown CMS through 1.3.3. Server/Entity/Deployer/... | E | |
| CVE-2020-6949 | A privilege escalation issue was discovered in the postUser function in HashBrown CMS through 1.3.3.... | E | |
| CVE-2020-6950 | Directory traversal in Eclipse Mojarra before 2.3.14 allows attackers to read arbitrary files via th... | S | |
| CVE-2020-6954 | An issue was discovered on Cayin SMP-PRO4 devices. A user can discover a saved password by viewing t... | E | |
| CVE-2020-6955 | An issue was discovered on Cayin SMP-PRO4 devices. They allow image_preview.html?filename= reflected... | E | |
| CVE-2020-6956 | PCS DEXICON 3.4.1 allows XSS via the loginName parameter in login_action.jsp.... | E | |
| CVE-2020-6958 | An XXE vulnerability in JnlpSupport in Yet Another Java Service Wrapper (YAJSW) 12.14, as used in NS... | E | |
| CVE-2020-6959 | The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 ... | | |
| CVE-2020-6960 | The following versions of MAXPRO VMS and NVR, MAXPRO VMS:HNMSWVMS prior to Version VMS560 Build 595 ... | | |
| CVE-2020-6961 | In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinic... | | |
| CVE-2020-6962 | In ApexPro Telemetry Server, Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinic... | | |
| CVE-2020-6963 | In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinica... | | |
| CVE-2020-6964 | In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinica... | | |
| CVE-2020-6965 | In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinica... | | |
| CVE-2020-6966 | In ApexPro Telemetry Server Versions 4.2 and prior, CARESCAPE Telemetry Server v4.2 & prior, Clinica... | | |
| CVE-2020-6967 | In Rockwell Automation all versions of FactoryTalk Diagnostics software, a subsystem of the FactoryT... | | |
| CVE-2020-6968 | Honeywell INNCOM INNControl 3 allows workstation users to escalate application user privileges throu... | | |
| CVE-2020-6969 | It is possible to unmask credentials and other sensitive information on “unprotected” project files,... | S | |
| CVE-2020-6970 | A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC... | | |
| CVE-2020-6971 | In Emerson ValveLink v12.0.264 to v13.4.118, a vulnerability in the ValveLink software may allow a l... | | |
| CVE-2020-6972 | In Notifier Web Server (NWS) Version 3.50 and earlier, the Honeywell Fire Web Server’s authenticatio... | | |
| CVE-2020-6973 | Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Vers... | | |
| CVE-2020-6974 | Honeywell Notifier Web Server (NWS) Version 3.50 is vulnerable to a path traversal attack, which all... | | |
| CVE-2020-6975 | Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Vers... | | |
| CVE-2020-6976 | Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. An out-of-bounds read overflow... | | |
| CVE-2020-6977 | A restricted desktop environment escape vulnerability exists in the Kiosk Mode functionality of affe... | | |
| CVE-2020-6978 | In Honeywell WIN-PAK 4.7.2, Web and prior versions, the affected product is vulnerable due to the us... | | |
| CVE-2020-6979 | In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the affected products use a hard-coded cryp... | | |
| CVE-2020-6980 | Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, ... | | |
| CVE-2020-6981 | In Moxa EDS-G516E Series firmware, Version 5.2 or lower, an attacker may gain access to the system w... | | |
| CVE-2020-6982 | In Honeywell WIN-PAK 4.7.2, Web and prior versions, the header injection vulnerability has been iden... | | |
| CVE-2020-6983 | In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or l... | | |
| CVE-2020-6984 | Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, ... | | |
| CVE-2020-6985 | In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or l... | | |
| CVE-2020-6986 | In all versions of Omron PLC CJ Series, an attacker can send a series of specific data packets withi... | M | |
| CVE-2020-6987 | In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or l... | | |
| CVE-2020-6988 | Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, ... | | |
| CVE-2020-6989 | In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or l... | | |
| CVE-2020-6990 | Rockwell Automation MicroLogix 1400 Controllers Series B v21.001 and prior, Series A, all versions, ... | | |
| CVE-2020-6991 | In Moxa EDS-G516E Series firmware, Version 5.2 or lower, weak password requirements may allow an att... | | |
| CVE-2020-6992 | A local privilege escalation vulnerability has been identified in the GE Digital CIMPLICITY HMI/SCAD... | | |
| CVE-2020-6993 | In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or l... | | |
| CVE-2020-6994 | A buffer overflow vulnerability was found in some devices of Hirschmann Automation and Control HiOS ... | M | |
| CVE-2020-6995 | In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or l... | | |
| CVE-2020-6996 | Triangle MicroWorks DNP3 Outstation LibrariesDNP3 Outstation .NET Protocol components and DNP3 Outst... | | |
| CVE-2020-6997 | In Moxa EDS-G516E Series firmware, Version 5.2 or lower, sensitive information is transmitted over s... | | |
| CVE-2020-6998 | Rockwell Automation CompactLogix 5370 and ControlLogix 5570 Controllers Improper Input Validation | S | |
| CVE-2020-6999 | In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages... | S |