| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2020-9000 | An issue was discovered in iPortalis iCS 7.1.13.0. Attackers can send a sequence of requests to rapi... | | |
| CVE-2020-9001 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-9002 | An issue was discovered in iPortalis iCS 7.1.13.0. An attacker can gain privileges by intercepting a... | | |
| CVE-2020-9003 | A stored XSS vulnerability exists in the Modula Image Gallery plugin before 2.2.5 for WordPress. Suc... | | |
| CVE-2020-9004 | A remote authenticated authorization-bypass vulnerability in Wowza Streaming Engine 4.8.0 and earlie... | E | |
| CVE-2020-9005 | meshsystem.dll in Valve Dota 2 through 2020-02-17 allows remote attackers to achieve code execution ... | E | |
| CVE-2020-9006 | The Popup Builder plugin 2.2.8 through 2.6.7.6 for WordPress is vulnerable to SQL injection (in the ... | E | |
| CVE-2020-9007 | Codoforum 4.8.8 allows self-XSS via the title of a new topic.... | E | |
| CVE-2020-9008 | Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/PeopleTool v9.1 allows users to ... | E | |
| CVE-2020-9009 | The ShipStation.com plugin 1.1 and earlier for CS-Cart allows remote attackers to insert arbitrary i... | E S | |
| CVE-2020-9012 | A cross-site scripting (XSS) vulnerability in the Import People functionality in Gluu Identity Confi... | E | |
| CVE-2020-9013 | Arvato Skillpipe 3.0 allows attackers to bypass intended print restrictions by deleting E | ||
| CVE-2020-9014 | In Epson iProjection v2.30, the driver file (EMP_NSAU.sys) allows local users to cause a denial of s... | S | |
| CVE-2020-9015 | Arista DCS-7050QX-32S-R 4.20.9M, DCS-7050CX3-32S-R 4.20.11M, and DCS-7280SRAM-48C6-R 4.22.0.1F devic... | | |
| CVE-2020-9016 | Dolibarr 11.0 allows XSS via the joinfiles, topic, or code parameter, or the HTTP Referer header.... | E | |
| CVE-2020-9017 | LiteCart through 2.2.1 allows CSV injection via a customer's profile.... | E | |
| CVE-2020-9018 | LiteCart through 2.2.1 allows admin/?app=users&doc=edit_user CSRF to add a user.... | E | |
| CVE-2020-9019 | The WPJobBoard plugin 5.5.3 for WordPress allows Persistent XSS via the Add Job form, as demonstrate... | E | |
| CVE-2020-9020 | Iteris Vantage Velocity Field Unit 2.3.1, 2.4.2, and 3.0 devices allow the injection of OS commands ... | E | |
| CVE-2020-9021 | Post Oak AWAM Bluetooth Field Device 7400v2.08.21.2018, 7800SD.2015.1.16, 2011.3, 7400v2.02.01.2019,... | E | |
| CVE-2020-9022 | An issue was discovered on Xirrus XR520, XR620, XR2436, and XH2-120 devices. The cgi-bin/ViewPage.cg... | E | |
| CVE-2020-9023 | Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have two users that are not documented an... | E | |
| CVE-2020-9024 | Iteris Vantage Velocity Field Unit 2.3.1 and 2.4.2 devices have world-writable permissions for the /... | E | |
| CVE-2020-9025 | Iteris Vantage Velocity Field Unit 2.4.2 devices have multiple stored XSS issues in all parameters o... | E | |
| CVE-2020-9026 | ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the PING field of the resou... | E | |
| CVE-2020-9027 | ELTEX NTP-RG-1402G 1v10 3.25.3.32 devices allow OS command injection via the TRACE field of the reso... | E | |
| CVE-2020-9028 | Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices al... | E | |
| CVE-2020-9029 | Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices al... | E | |
| CVE-2020-9030 | Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices al... | E | |
| CVE-2020-9031 | Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices al... | E | |
| CVE-2020-9032 | Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices al... | E | |
| CVE-2020-9033 | Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices al... | E | |
| CVE-2020-9034 | Symmetricom SyncServer S100 2.90.70.3, S200 1.30, S250 1.25, S300 2.65.0, and S350 2.80.1 devices mi... | E | |
| CVE-2020-9036 | Jeedom through 4.0.38 allows XSS.... | E S | |
| CVE-2020-9038 | Joplin through 1.0.184 allows Arbitrary File Read via XSS.... | E S | |
| CVE-2020-9039 | Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 and 5.5... | | |
| CVE-2020-9040 | Couchbase Server Java SDK before 2.7.1.1 allows a potential attacker to forge an SSL certificate and... | | |
| CVE-2020-9041 | In Couchbase Server 6.0.3 and Couchbase Sync Gateway through 2.7.0, the Cluster management, views, q... | | |
| CVE-2020-9042 | In Couchbase Server 6.0, credentials cached by a browser can be used to perform a CSRF attack if an ... | | |
| CVE-2020-9043 | The wpCentral plugin before 1.5.1 for WordPress allows disclosure of the connection key.... | E S | |
| CVE-2020-9044 | Metasys Improper Restriction of XML External Entity Reference | S | |
| CVE-2020-9045 | C•CURE 9000 and victor Video Management System - Cleartext storage of user credentials upon installation or upgrade of software. | S | |
| CVE-2020-9046 | Kantech EntraPass Security Management Software - System Permissions Vulnerability | S | |
| CVE-2020-9047 | exacqVision Software - Improper Verification of Cryptographic Signature | S | |
| CVE-2020-9048 | victor Web Client - Arbitrary File Deletion Vulnerability | S | |
| CVE-2020-9049 | victor Web Client and C•CURE Web Client JSON Web Token (JWT) Vulnerability | S | |
| CVE-2020-9050 | Metasys Reporting Engine (MRE) Web Services - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') | S | |
| CVE-2020-9051 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-9052 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-9053 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2020-9054 | ZyXEL NAS products running firmware version 5.21 and earlier are vulnerable to pre-authentication command injection in weblogin.cgi | KEV E S | |
| CVE-2020-9055 | Versiant Lynx Customer Service Portal version 3.5.2 is vulnerable to stored cross-site scripting, which may allow an attacker to execute arbitrary JavaScript | S | |
| CVE-2020-9056 | Periscope BuySpeed version 14.5 is vulnerable to stored cross-site scripting | S | |
| CVE-2020-9057 | Z-Wave devices based on Silicon Labs 100, 200, and 300 series chipsets do not support encryption, al... | | |
| CVE-2020-9058 | Z-Wave devices based on Silicon Labs 500 series chipsets using CRC-16 encapsulation, including but l... | | |
| CVE-2020-9059 | Z-Wave devices based on Silicon Labs 500 series chipsets using S0 authentication are susceptible to ... | | |
| CVE-2020-9060 | Z-Wave devices based on Silicon Labs 500 series chipsets using S2, including but likely not limited ... | | |
| CVE-2020-9061 | Z-Wave devices using Silicon Labs 500 and 700 series chipsets, including but not likely limited to t... | | |
| CVE-2020-9062 | Diebold Nixdorf ProCash 2100xe USB ATMs running Wincor Probase version 1.1.30 do not encrypt, authen... | | |
| CVE-2020-9063 | NCR SelfServ ATMs running APTRA XFS 05.01.00 or earlier do not authenticate or protect the integrity... | E | |
| CVE-2020-9064 | Huawei smartphone Honor V30 with versions earlier than OxfordS-AN00A 10.0.1.167(C00E166R4P1) have an... | | |
| CVE-2020-9065 | Huawei smart phone Taurus-AL00B with versions earlier than 10.0.0.203(C00E201R7P2) have a use-after-... | | |
| CVE-2020-9066 | Huawei smartphones OxfordP-AN10B with versions earlier than 10.0.1.169(C00E166R4P1) have an improper... | | |
| CVE-2020-9067 | There is a buffer overflow vulnerability in some Huawei products. The vulnerability can be exploited... | | |
| CVE-2020-9068 | Huawei AR3200 products with versions of V200R007C00SPC900, V200R007C00SPCa00, V200R007C00SPCb00, V20... | | |
| CVE-2020-9069 | There is an information leakage vulnerability in some Huawei products. An unauthenticated, adjacent ... | | |
| CVE-2020-9070 | Huawei smartphones Taurus-AL00B with versions earlier than 10.0.0.205(C00E201R7P2) have an improper ... | | |
| CVE-2020-9071 | There is a few bytes out-of-bounds read vulnerability in some Huawei products. The software reads da... | | |
| CVE-2020-9072 | Huawei OSD product with versions earlier than OSD_uwp_9.0.32.0 have a local privilege escalation vul... | | |
| CVE-2020-9073 | Huawei P20 smartphones with versions earlier than 10.0.0.156(C00E156R1P4) have an improper authentic... | | |
| CVE-2020-9074 | Huawei Smartphones HONOR 20 PRO;Honor View 20;HONOR 20 have an improper handling of exceptional cond... | | |
| CVE-2020-9075 | Huawei products Secospace USG6300;USG6300E with versions of V500R001C30,V500R001C50,V500R001C60,V500... | | |
| CVE-2020-9076 | HUAWEI P30;HUAWEI P30 Pro;Tony-AL00B smartphones with versions earlier than 10.1.0.135(C00E135R2P11)... | | |
| CVE-2020-9077 | HUAWEI P30 smart phones with versions earlier than 10.1.0.160(C00E160R2P11) have an information expo... | | |
| CVE-2020-9078 | FusionCompute 8.0.0 have local privilege escalation vulnerability. A local, authenticated attacker c... | | |
| CVE-2020-9079 | FusionSphere OpenStack 8.0.0 have a protection mechanism failure vulnerability. The product incorrec... | | |
| CVE-2020-9080 | There is an improper privilege management vulnerability in Huawei smart phone product. A local, auth... | | |
| CVE-2020-9081 | There is an improper authorization vulnerability in some Huawei smartphones. An attacker could perfo... | | |
| CVE-2020-9082 | There is an information disclosure vulnerability in several smartphones. The system has a logic judg... | | |
| CVE-2020-9083 | HUAWEI Mate 20 smart phones with Versions earlier than 10.1.0.163(C00E160R3P8) have a denial of serv... | | |
| CVE-2020-9084 | Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a use-after-free (UAF) vulnerability... | | |
| CVE-2020-9085 | There is a NULL pointer dereference vulnerability in some Huawei products. An attacker may send spec... | | |
| CVE-2020-9086 | There is a buffer error vulnerability in some Huawei product. An unauthenticated attacker may send s... | | |
| CVE-2020-9087 | Taurus-AL00A version 10.0.0.1(C00E1R1P1) has an out-of-bounds read vulnerability in XFRM module. An ... | | |
| CVE-2020-9089 | There is an information vulnerability in Huawei smartphones. A function in a module can be called wi... | | |
| CVE-2020-9090 | FusionAccess version 6.5.1 has an improper authorization vulnerability. A command is authorized with... | | |
| CVE-2020-9091 | Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an out-of-bounds read and write vuln... | | |
| CVE-2020-9092 | HUAWEI Mate 20 versions earlier than 10.1.0.163(C00E160R3P8) have a JavaScript injection vulnerabili... | | |
| CVE-2020-9093 | There is a use after free vulnerability in Taurus-AL00A versions 10.0.0.1(C00E1R1P1). A module does ... | | |
| CVE-2020-9094 | There is an out of bound read vulnerability in some verisons of Huawei CloudEngine product. A module... | | |
| CVE-2020-9095 | HUAWEI P30 Pro smartphone with Versions earlier than 10.1.0.160(C00E160R2P8) has an integer overflow... | | |
| CVE-2020-9096 | HUAWEI P30 Pro smartphones with Versions earlier than 10.1.0.160(C00E160R2P8) have an out of bound r... | | |
| CVE-2020-9098 | Huawei OceanStor 5310 product with version of V500R007C60SPC100 has an invalid pointer access vulner... | | |
| CVE-2020-9099 | Huawei products IPS Module; NGFW Module; NIP6300; NIP6600; NIP6800; Secospace USG6300; Secospace USG... | | |
| CVE-2020-9100 | Earlier than HiSuite 10.1.0.500 have a DLL hijacking vulnerability. This vulnerability exists due to... | | |
| CVE-2020-9101 | There is an out-of-bounds write vulnerability in some products. An unauthenticated attacker crafts m... | | |
| CVE-2020-9102 | There is a information leak vulnerability in some Huawei products, and it could allow a local attack... | | |
| CVE-2020-9103 | HUAWEI Mate 20 smartphones with 9.0.0.205(C00E205R2P1) have a logic error vulnerability. In a specia... | | |
| CVE-2020-9104 | HUAWEI P30 smartphones with Versions earlier than 10.1.0.123(C431E22R2P5),Versions earlier than 10.1... | | |
| CVE-2020-9105 | Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an insufficient input validation vul... | | |
| CVE-2020-9106 | HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have a path traversal vulnerability. Th... | | |
| CVE-2020-9107 | HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vu... | | |
| CVE-2020-9108 | HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) have an out-of-bounds read and write vu... | | |
| CVE-2020-9109 | There is an information disclosure vulnerability in several smartphones. The device does not suffici... | | |
| CVE-2020-9110 | Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have an information disclosure vulnerabil... | | |
| CVE-2020-9111 | E6878-370 versions 10.0.3.1(H557SP27C233),10.0.3.1(H563SP21C233) and E6878-870 versions 10.0.3.1(H55... | | |
| CVE-2020-9112 | Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a privilege elevation vulnerability.... | | |
| CVE-2020-9113 | HUAWEI Mate 20 versions earlier than 10.0.0.188(C00E74R3P8) have a buffer overflow vulnerability in ... | | |
| CVE-2020-9114 | FusionCompute versions 6.3.0, 6.3.1, 6.5.0, 6.5.1 and 8.0.0 have a privilege escalation vulnerabilit... | | |
| CVE-2020-9115 | ManageOne versions 6.5.1.1.B010, 6.5.1.1.B020, 6.5.1.1.B030, 6.5.1.1.B040, ,6.5.1.1.B050, 8.0.0 and ... | | |
| CVE-2020-9116 | Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An authenticat... | | |
| CVE-2020-9117 | HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10... | | |
| CVE-2020-9118 | There is an insufficient integrity check vulnerability in Huawei Sound X Product. The system does no... | | |
| CVE-2020-9119 | There is a privilege escalation vulnerability on some Huawei smart phones due to design defects. The... | | |
| CVE-2020-9120 | CloudEngine 1800V versions V100R019C10SPC500 has a resource management error vulnerability. Remote u... | | |
| CVE-2020-9122 | Some Huawei products have an insufficient input verification vulnerability. Attackers can exploit th... | | |
| CVE-2020-9123 | HUAWEI P30 Pro versions earlier than 10.1.0.160(C00E160R2P8) and versions earlier than 10.1.0.160(C0... | | |
| CVE-2020-9124 | There is a memory leak vulnerability in some versions of Huawei CloudEngine product. An unauthentica... | | |
| CVE-2020-9125 | There is an out-of-bound read vulnerability in huawei smartphone Mate 30 versions earlier than 10.1.... | | |
| CVE-2020-9127 | Some Huawei products have a command injection vulnerability. Due to insufficient input validation, a... | | |
| CVE-2020-9128 | FusionCompute versions 8.0.0 have an insecure encryption algorithm vulnerability. Attackers with hig... | | |
| CVE-2020-9129 | HUAWEI Mate 30 versions earlier than 10.1.0.159(C00E159R7P2) have a vulnerability of improper buffer... | | |
| CVE-2020-9137 | There is a privilege escalation vulnerability in some versions of CloudEngine 12800,CloudEngine 5800... | | |
| CVE-2020-9138 | There is a heap-based buffer overflow vulnerability in some Huawei Smartphone, Successful exploit of... | | |
| CVE-2020-9139 | There is a improper input validation vulnerability in some Huawei Smartphone.Successful exploit of t... | | |
| CVE-2020-9140 | There is a vulnerability with buffer access with incorrect length value in some Huawei Smartphone.Un... | | |
| CVE-2020-9141 | There is a improper privilege management vulnerability in some Huawei smartphone. Successful exploit... | | |
| CVE-2020-9142 | There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation... | | |
| CVE-2020-9143 | There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of... | | |
| CVE-2020-9144 | There is a heap overflow vulnerability in some Huawei smartphone, attackers can exploit this vulnera... | | |
| CVE-2020-9145 | There is an Out-of-bounds Write vulnerability in some Huawei smartphone. Successful exploitation of ... | | |
| CVE-2020-9146 | A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local atta... | | |
| CVE-2020-9147 | A memory buffer error vulnerability exists in a component interface of Huawei Smartphone. Local atta... | | |
| CVE-2020-9148 | An application bypass mechanism vulnerability exists in a component interface of Huawei Smartphone. ... | | |
| CVE-2020-9149 | An application error verification vulnerability exists in a component interface of Huawei Smartphone... | | |
| CVE-2020-9158 | There is a Missing Cryptographic Step vulnerability in Huawei Smartphone. Successful exploitation of... | | |
| CVE-2020-9199 | B2368-22 V100R001C00;B2368-57 V100R001C00;B2368-66 V100R001C00 have a command injection vulnerabilit... | | |
| CVE-2020-9200 | There has a CSV injection vulnerability in iManager NetEco 6000 versions V600R021C00. An attacker wi... | | |
| CVE-2020-9201 | There is an out-of-bounds read vulnerability in some versions of NIP6800, Secospace USG6600 and USG9... | | |
| CVE-2020-9202 | There is an information disclosure vulnerability in TE Mobile software versions V600R006C10,V600R006... | | |
| CVE-2020-9203 | There is a resource management errors vulnerability in Huawei P30. Local attackers construct broadca... | | |
| CVE-2020-9205 | There has a CSV injection vulnerability in ManageOne 8.0.1. An attacker with common privilege may ex... | | |
| CVE-2020-9206 | The eUDC660 product has a resource management vulnerability. An attacker with high privilege needs t... | | |
| CVE-2020-9207 | There is an improper authentication vulnerability in some verisons of Huawei CloudEngine product. A ... | | |
| CVE-2020-9208 | There is an information leak vulnerability in iManager NetEco 6000 versions V600R021C00. A module is... | | |
| CVE-2020-9209 | There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a modu... | | |
| CVE-2020-9210 | There is an insufficient integrity vulnerability in Huawei products. A module does not perform suffi... | | |
| CVE-2020-9211 | There is an out-of-bound read and write vulnerability in Huawei smartphone. A module dose not verify... | | |
| CVE-2020-9212 | There is a vulnerability in some version of USG9500 that the device improperly handles the informati... | | |
| CVE-2020-9213 | There is a denial of service vulnerability in some huawei products. In specific scenarios, due to th... | | |
| CVE-2020-9222 | There is a privilege escalation vulnerability in Huawei FusionCompute product. Due to insufficient v... | | |
| CVE-2020-9223 | There is a denial of service vulnerability in some Huawei smartphones. Due to the improper processin... | | |
| CVE-2020-9225 | FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software doe... | | |
| CVE-2020-9226 | HUAWEI P30 with versions earlier than 10.1.0.135(C00E135R2P11) have an improper signature verificati... | | |
| CVE-2020-9227 | Huawei Smart Phones Moana-AL00B with versions earlier than 10.1.0.166 have a missing initialization ... | | |
| CVE-2020-9228 | FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of c... | | |
| CVE-2020-9229 | FusionCompute 8.0.0 has an information disclosure vulnerability. Due to the properly protection of c... | | |
| CVE-2020-9230 | WS5800-10 version 10.0.3.25 has a denial of service vulnerability. Due to improper verification of s... | | |
| CVE-2020-9233 | FusionCompute 8.0.0 have an insufficient authentication vulnerability. An attacker may exploit the v... | | |
| CVE-2020-9235 | Huawei smartphones HONOR 20 PRO Versions earlier than 10.1.0.230(C432E9R5P1),Versions earlier than 1... | | |
| CVE-2020-9236 | There is an improper interface design vulnerability in Huawei product. A module interface of the imp... | | |
| CVE-2020-9237 | Huawei smartphone Taurus-AL00B with versions earlier than 10.1.0.126(C00E125R5P3) have a user after ... | | |
| CVE-2020-9238 | Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability. A f... | | |
| CVE-2020-9239 | Huawei smartphones BLA-A09 versions 8.0.0.123(C212),versions earlier than 8.0.0.123(C567),versions e... | | |
| CVE-2020-9240 | Taurus-AN00B versions earlier than 10.1.0.156(C00E155R7P2) have a buffer overflow vulnerability. A f... | | |
| CVE-2020-9241 | Huawei 5G Mobile WiFi E6878-370 with versions of 10.0.3.1(H563SP1C00),10.0.3.1(H563SP21C233) have an... | | |
| CVE-2020-9242 | FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently valid... | | |
| CVE-2020-9243 | HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a denial of service vulnerabi... | | |
| CVE-2020-9244 | HUAWEI Mate 20 versions Versions earlier than 10.1.0.160(C00E160R3P8);HUAWEI Mate 20 Pro versions Ve... | | |
| CVE-2020-9245 | HUAWEI P30 versions Versions earlier than 10.1.0.160(C00E160R2P11);HUAWEI P30 Pro versions Versions ... | | |
| CVE-2020-9246 | FusionCompute 8.0.0 has an information leak vulnerability. A module does not launch strict access co... | | |
| CVE-2020-9247 | There is a buffer overflow vulnerability in several Huawei products. The system does not sufficientl... | | |
| CVE-2020-9248 | Huawei FusionComput 8.0.0 have an improper authorization vulnerability. A module does not verify som... | | |
| CVE-2020-9249 | HUAWEI P30 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have a denial of service ... | | |
| CVE-2020-9250 | There is an insufficient authentication vulnerability in some Huawei smart phone. An unauthenticated... | | |
| CVE-2020-9251 | HUAWEI Mate 20 smartphones with versions earlier than 10.1.0.160(C00E160R2P11) have an improper auth... | | |
| CVE-2020-9252 | HUAWEI Mate 20 versions earlier than 10.1.0.160(C00E160R3P8), HUAWEI Mate 20 X versions earlier than... | | |
| CVE-2020-9253 | There is a stack overflow vulnerability in some Huawei smart phone. An attacker can craft specific p... | | |
| CVE-2020-9254 | HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earli... | | |
| CVE-2020-9255 | Huawei Honor 10 smartphones with versions earlier than 10.0.0.178(C00E178R1P4) have a denial of serv... | | |
| CVE-2020-9256 | Huawei Mate 30 Pro smartphones with versions earlier than 10.1.0.150(C00E136R5P3) have an improper a... | | |
| CVE-2020-9257 | HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E19R2P5patch02), versions earli... | | |
| CVE-2020-9258 | HUAWEI P30 smartphone with versions earlier than 10.1.0.135(C00E135R2P11) have an improper input ver... | | |
| CVE-2020-9259 | Huawei Honor V30 smartphones with versions earlier than 10.1.0.212(C00E210R5P1) have an improper aut... | | |
| CVE-2020-9260 | HUAWEI P30 and HUAWEI P30 Pro smartphones with versions earlier than 10.1.0.123(C432E22R2P5) and ver... | | |
| CVE-2020-9261 | HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a type confusion vulnerabilit... | | |
| CVE-2020-9262 | HUAWEI Mate 30 with versions earlier than 10.1.0.150(C00E136R5P3) have a use after free vulnerabilit... | | |
| CVE-2020-9263 | HUAWEI Mate 30 versions earlier than 10.1.0.150(C00E136R5P3) and HUAWEI P30 version earlier than 10.... | | |
| CVE-2020-9264 | ESET Archive Support Module before 1296 allows virus-detection bypass via a crafted Compression Info... | | |
| CVE-2020-9265 | phpMyChat-Plus 1.98 is vulnerable to multiple SQL injections against the deluser.php Delete User fun... | E | |
| CVE-2020-9266 | SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary changing of the admin passw... | E | |
| CVE-2020-9267 | SOPlanning 1.45 is vulnerable to a CSRF attack that allows for arbitrary user creation via process/x... | E | |
| CVE-2020-9268 | SoPlanning 1.45 is vulnerable to SQL Injection in the OrderBy clause, as demonstrated by the projets... | E | |
| CVE-2020-9269 | SOPlanning 1.45 is vulnerable to authenticated SQL Injection that leads to command execution via the... | E | |
| CVE-2020-9270 | ICE Hrm 26.2.0 is vulnerable to CSRF that leads to password reset via service.php.... | E | |
| CVE-2020-9271 | ICE Hrm 26.2.0 is vulnerable to CSRF that leads to user creation via service.php.... | E | |
| CVE-2020-9272 | ProFTPD 1.3.7 has an out-of-bounds (OOB) read vulnerability in mod_cap via the cap_text.c cap_to_tex... | S | |
| CVE-2020-9273 | In ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channe... | | |
| CVE-2020-9274 | An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detecte... | S | |
| CVE-2020-9275 | An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A cfm UDP service listening on port... | E | |
| CVE-2020-9276 | An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The function do_cgi(), which proces... | E | |
| CVE-2020-9277 | An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. Authentication can be bypassed when... | E | |
| CVE-2020-9278 | An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. The device can be reset to its defa... | E | |
| CVE-2020-9279 | An issue was discovered on D-Link DSL-2640B B2 EU_4.01B devices. A hard-coded account allows managem... | E | |
| CVE-2020-9280 | In SilverStripe through 4.5, files uploaded via Forms to folders migrated from Silverstripe CMS 3.x ... | | |
| CVE-2020-9281 | A cross-site scripting (XSS) vulnerability in the HTML Data Processor for CKEditor 4.0 before 4.14 a... | S | |
| CVE-2020-9282 | In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before 19.10.2, certain personal inf... | | |
| CVE-2020-9283 | golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature... | E | |
| CVE-2020-9285 | Some versions of Sonos One (1st and 2nd generation) allow partial or full memory access via attacker... | E | |
| CVE-2020-9286 | An improper authorization vulnerability in FortiADC may allow a remote authenticated user with low p... | | |
| CVE-2020-9287 | An Unsafe Search Path vulnerability in FortiClient EMS online installer 6.2.1 and below may allow a ... | | |
| CVE-2020-9288 | An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated at... | | |
| CVE-2020-9289 | Use of a hard-coded cryptographic key to encrypt password data in CLI configuration in FortiManager ... | | |
| CVE-2020-9290 | An Unsafe Search Path vulnerability in FortiClient for Windows online installer 6.2.3 and below may ... | | |
| CVE-2020-9291 | An Insecure Temporary File vulnerability in FortiClient for Windows 6.2.1 and below may allow a loca... | | |
| CVE-2020-9292 | An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacke... | | |
| CVE-2020-9294 | An improper authentication vulnerability in FortiMail 5.4.10, 6.0.7, 6.2.2 and earlier and FortiVoic... | | |
| CVE-2020-9295 | FortiOS 6.2 running AV engine version 6.00142 and below, FortiOS 6.4 running AV engine version 6.001... | S | |
| CVE-2020-9296 | Netflix Titus uses Java Bean Validation (JSR 380) custom constraint validators. When building custom... | | |
| CVE-2020-9297 | Netflix Titus, all versions prior to version v0.1.1-rc.274, uses Java Bean Validation (JSR 380) cust... | S | |
| CVE-2020-9298 | The Spinnaker template resolution functionality is vulnerable to Server-Side Request Forgery (SSRF),... | S | |
| CVE-2020-9299 | There were XSS vulnerabilities discovered and reported in the Dispatch application, affecting name a... | | |
| CVE-2020-9300 | The Access Control issues include allowing a regular user to view a restricted incident, user role e... | | |
| CVE-2020-9301 | Nolan Ray from Apple Information Security identified a security vulnerability in Spinnaker, all vers... | S | |
| CVE-2020-9306 | Tesla SolarCity Solar Monitoring Gateway through 5.46.43 has a "Use of Hard-coded Credentials" issue... | E | |
| CVE-2020-9307 | Hirschmann OS2, RSP, and RSPE devices before HiOS 08.3.00 allow a denial of service. An unauthentica... | | |
| CVE-2020-9308 | archive_read_support_format_rar5.c in libarchive before 3.4.2 attempts to unpack a RAR5 file with an... | S | |
| CVE-2020-9309 | Silverstripe CMS through 4.5 can be susceptible to script execution from malicious upload contents u... | | |
| CVE-2020-9310 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2020-9311 | In SilverStripe through 4.5, malicious users with a valid Silverstripe CMS login (usually CMS access... | | |
| CVE-2020-9314 | ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x allows image injection in ... | | |
| CVE-2020-9315 | ** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Oracle iPlanet Web Server 7.0.x has Incorrect Access Contr... | | |
| CVE-2020-9318 | Red Gate SQL Monitor 9.0.13 through 9.2.14 allows an administrative user to perform a SQL injection ... | | |
| CVE-2020-9320 | Avira AV Engine before 8.3.54.138 allows virus-detection bypass via a crafted ISO archive. This affe... | | |
| CVE-2020-9321 | configurationwatcher.go in Traefik 2.x before 2.1.4 and TraefikEE 2.0.0 mishandles the purging of ce... | S | |
| CVE-2020-9323 | Aquaforest TIFF Server 4.0 allows Unauthenticated File and Directory Enumeration via tiffserver/tssp... | E | |
| CVE-2020-9324 | Aquaforest TIFF Server 4.0 allows Unauthenticated SMB Hash Capture via UNC.... | E | |
| CVE-2020-9325 | Aquaforest TIFF Server 4.0 allows Unauthenticated Arbitrary File Download.... | E | |
| CVE-2020-9326 | BeyondTrust Privilege Management for Windows and Mac (aka PMWM; formerly Avecto Defendpoint) 5.1 thr... | | |
| CVE-2020-9327 | In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and... | S | |
| CVE-2020-9329 | Gogs through 0.11.91 allows attackers to violate the admin-specified repo-creation policy due to an ... | E S | |
| CVE-2020-9330 | Certain Xerox WorkCentre printers before 073.xxx.000.02300 do not require the user to reenter or val... | E S | |
| CVE-2020-9331 | CryptoPro CSP through 5.0.0.10004 on 32-bit platforms allows Local Privilege Escalation (by local us... | E | |
| CVE-2020-9332 | ftusbbus2.sys in FabulaTech USB for Remote Desktop through 2020-02-19 allows privilege escalation vi... | E | |
| CVE-2020-9334 | A stored XSS vulnerability exists in the Envira Photo Gallery plugin through 1.7.6 for WordPress. Su... | | |
| CVE-2020-9335 | Multiple stored XSS vulnerabilities exist in the 10Web Photo Gallery plugin before 1.5.46 WordPress.... | | |
| CVE-2020-9336 | fauzantrif eLection 2.0 has XSS via the Admin Dashboard -> Settings -> Election -> "message if elect... | E | |
| CVE-2020-9337 | In GolfBuddy Course Manager 1.1, passwords are sent (with base64 encoding) via a GET request.... | | |
| CVE-2020-9338 | SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field.... | E | |
| CVE-2020-9339 | SOPlanning 1.45 allows XSS via the Name or Comment to status.php.... | E | |
| CVE-2020-9340 | fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter.... | E | |
| CVE-2020-9341 | CandidATS 2.1.0 is vulnerable to CSRF that allows for an administrator account to be added via the i... | E | |
| CVE-2020-9342 | The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compressi... | | |
| CVE-2020-9343 | An issue was discovered in signotec signoPAD-API/Web (formerly Websocket Pad Server) before 3.1.1 on... | E | |
| CVE-2020-9344 | Subversion ALM for the enterprise before 8.8.2 allows reflected XSS at multiple locations.... | E | |
| CVE-2020-9345 | An issue was discovered in signotec signoPAD-API/Web (formerly Websocket Pad Server) before 3.1.1 on... | E | |
| CVE-2020-9346 | Zoho ManageEngine Password Manager Pro 10.4 and prior has no protection against Cross-site Request F... | | |
| CVE-2020-9347 | Zoho ManageEngine Password Manager Pro through 10.x has a CSV Excel Macro Injection vulnerability vi... | | |
| CVE-2020-9349 | The CACAGOO Cloud Storage Intelligent Camera TV-288ZD-2MP with firmware 3.4.2.0919 allows access to ... | E | |
| CVE-2020-9350 | Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly.... | | |
| CVE-2020-9351 | An issue was discovered in SmartClient 12.0. If an unauthenticated attacker makes a POST request to ... | E | |
| CVE-2020-9352 | An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in ... | E | |
| CVE-2020-9353 | An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) loadFile provided by th... | E | |
| CVE-2020-9354 | An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) saveFile provided by th... | E | |
| CVE-2020-9355 | danfruehauf NetworkManager-ssh before 1.2.11 allows privilege escalation because extra options are m... | | |
| CVE-2020-9359 | KDE Okular before 1.10.0 allows code execution via an action link in a PDF document.... | S | |
| CVE-2020-9361 | CryptoPro CSP through 5.0.0.10004 on 64-bit platforms allows local users with the SeChangeNotifyPriv... | E | |
| CVE-2020-9362 | The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG ... | | |
| CVE-2020-9363 | The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archi... | | |
| CVE-2020-9364 | An issue was discovered in helpers/mailer.php in the Creative Contact Form extension 4.6.2 before 20... | E | |
| CVE-2020-9365 | An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pu... | S | |
| CVE-2020-9366 | A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Sp... | S | |
| CVE-2020-9367 | The MPS Agent in Zoho ManageEngine Desktop Central MSP build MSP build 10.0.486 is vulnerable to DLL... | | |
| CVE-2020-9368 | The Module Olea Gift On Order module through 5.0.8 for PrestaShop enables an unauthenticated user to... | E | |
| CVE-2020-9369 | Sympa 6.2.38 through 6.2.52 allows remote attackers to cause a denial of service (disk consumption f... | S | |
| CVE-2020-9370 | HUMAX HGA12R-02 BRGCAA 1.1.53 devices allow Session Hijacking.... | | |
| CVE-2020-9371 | Stored XSS exists in the Appointment Booking Calendar plugin before 1.3.35 for WordPress. In the cpa... | E | |
| CVE-2020-9372 | The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input (in fields suc... | E | |
| CVE-2020-9374 | On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics... | E | |
| CVE-2020-9375 | TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a deni... | E | |
| CVE-2020-9376 | D-Link DIR-610 devices allow Information Disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZED_GROUP=1... | E S | |
| CVE-2020-9377 | D-Link DIR-610 devices allow Remote Command Execution via the cmd parameter to command.php. NOTE: Th... | KEV E S | |
| CVE-2020-9379 | The Software Development Kit of the MiContact Center Business with Site Based Security 8.0 through 9... | | |
| CVE-2020-9380 | IPTV Smarters WEB TV PLAYER through 2020-02-22 allows attackers to execute OS commands by uploading ... | E | |
| CVE-2020-9381 | controllers/admin.js in Total.js CMS 13 allows remote attackers to execute arbitrary code via a POST... | E S | |
| CVE-2020-9382 | An issue was discovered in the Widgets extension through 1.4.0 for MediaWiki. Improper title sanitiz... | E S | |
| CVE-2020-9383 | An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c le... | S | |
| CVE-2020-9384 | An Insecure Direct Object Reference (IDOR) vulnerability in the Change Password feature of Subex ROC... | E | |
| CVE-2020-9385 | A NULL Pointer Dereference exists in libzint in Zint 2.7.1 because multiple + characters are mishand... | E | |
| CVE-2020-9386 | In Mahara 18.10 before 18.10.5, 19.04 before 19.04.4, and 19.10 before 19.10.2, file metadata inform... | S | |
| CVE-2020-9387 | In Mahara 19.04 before 19.04.5 and 19.10 before 19.10.3, account details are shared in the Elasticse... | S | |
| CVE-2020-9388 | CSRF protection was not present in SquaredUp before version 4.6.0. A CSRF attack could have been pos... | | |
| CVE-2020-9389 | A username enumeration issue was discovered in SquaredUp before version 4.6.0. The login functionali... | | |
| CVE-2020-9390 | SquaredUp allowed Stored XSS before version 4.6.0. A user was able to create a dashboard that execut... | | |
| CVE-2020-9391 | An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. I... | E S | |
| CVE-2020-9392 | An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because... | E | |
| CVE-2020-9393 | An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allo... | | |
| CVE-2020-9394 | An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. It allo... | | |
| CVE-2020-9395 | An issue was discovered on Realtek RTL8195AM, RTL8711AM, RTL8711AF, and RTL8710AF devices before 2.0... | S | |
| CVE-2020-9398 | ISPConfig before 3.1.15p3, when the undocumented reverse_proxy_panel_allowed=sites option is manuall... | | |
| CVE-2020-9399 | The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. This affects ve... | | |
| CVE-2020-9402 | Django 1.11 before 1.11.29, 2.2 before 2.2.11, and 3.0 before 3.0.4 allows SQL Injection if untruste... | S | |
| CVE-2020-9403 | In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stored in a recoverable format, an... | | |
| CVE-2020-9404 | In PACTware before 4.1 SP6 and 5.x before 5.0.5.31, passwords are stored in an insecure manner, and ... | | |
| CVE-2020-9405 | IBL Online Weather before 4.3.5a allows unauthenticated reflected XSS via the redirect page.... | | |
| CVE-2020-9406 | IBL Online Weather before 4.3.5a allows unauthenticated eval injection via the queryBCP method of th... | | |
| CVE-2020-9407 | IBL Online Weather before 4.3.5a allows attackers to obtain sensitive information by reading the IWE... | | |
| CVE-2020-9408 | TIBCO Spotfire Server Script Trust Problem Exposes Remote Code Execution Vulnerability | S | |
| CVE-2020-9409 | TIBCO JasperReports Server Fails To Enforce Access Restrictions | S | |
| CVE-2020-9410 | TIBCO JasperReports Library | S | |
| CVE-2020-9411 | TIBCO Managed File Transfer Platform Server for IBM i Authentication Bypass | S | |
| CVE-2020-9412 | TIBCO Managed File Transfer Platform Server for IBM i Arbitrary Command Execution | S | |
| CVE-2020-9413 | TIBCO Managed File Transfer reflected XSS vulerability | S | |
| CVE-2020-9414 | TIBCO Managed File Transfer reflected XSS vulerability | S | |
| CVE-2020-9415 | TIBCO Data Virtualization | S | |
| CVE-2020-9416 | TIBCO Spotfire Stored Cross Site Scripting Vulnerability | S | |
| CVE-2020-9417 | TIBCO Foresight SQL Injection | S | |
| CVE-2020-9418 | An untrusted search path vulnerability in the installer of PDFescape Desktop version 4.0.22 and earl... | | |
| CVE-2020-9419 | Multiple stored cross-site scripting (XSS) vulnerabilities in Arcadyan Wifi routers VRV9506JAC23 all... | | |
| CVE-2020-9420 | The login password of the web administrative dashboard in Arcadyan Wifi routers VRV9506JAC23 is sent... | E | |
| CVE-2020-9423 | LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary files, leading to command execut... | E | |
| CVE-2020-9425 | An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated attacke... | E S | |
| CVE-2020-9426 | OX Guard 2.10.3 and earlier allows XSS.... | | |
| CVE-2020-9427 | OX Guard 2.10.3 and earlier allows SSRF.... | | |
| CVE-2020-9428 | In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. Thi... | E | |
| CVE-2020-9429 | In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissect... | | |
| CVE-2020-9430 | In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could cr... | E | |
| CVE-2020-9431 | In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak m... | E | |
| CVE-2020-9432 | openssl_x509_check_host in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it us... | S | |
| CVE-2020-9433 | openssl_x509_check_email in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it u... | S | |
| CVE-2020-9434 | openssl_x509_check_ip_asc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it ... | S | |
| CVE-2020-9435 | PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002... | E | |
| CVE-2020-9436 | PHOENIX CONTACT TC ROUTER 3002T-4G through 2.05.3, TC ROUTER 2002T-3G through 2.05.3, TC ROUTER 3002... | E | |
| CVE-2020-9437 | SecureAuth.aspx in SecureAuth IdP 9.3.0 suffers from a client-side template injection that allows fo... | | |
| CVE-2020-9438 | Tinxy Door Lock with firmware before 3.2 allow attackers to unlock a door by replaying an Unlock req... | | |
| CVE-2020-9439 | Multiple cross-site scripting (XSS) vulnerabilities in Uncanny Owl Tin Canny LearnDash Reporting bef... | | |
| CVE-2020-9440 | A cross-site scripting (XSS) vulnerability in the WSC plugin through 5.5.7.5 for CKEditor 4 allows r... | | |
| CVE-2020-9442 | OpenVPN Connect 3.1.0.361 on Windows has Insecure Permissions for %PROGRAMDATA%\OpenVPN Connect\driv... | E | |
| CVE-2020-9443 | Zulip Desktop before 4.0.3 loaded untrusted content in an Electron webview with web security disable... | | |
| CVE-2020-9444 | Zulip Server before 2.1.3 allows reverse tabnabbing via the Markdown functionality.... | | |
| CVE-2020-9445 | Zulip Server before 2.1.3 allows XSS via the modal_link feature in the Markdown functionality.... | | |
| CVE-2020-9447 | There is an XSS (cross-site scripting) vulnerability in GwtUpload 1.0.3 in the file upload functiona... | E | |
| CVE-2020-9449 | An insecure random number generation vulnerability in BlaB! AX, BlaB! AX Pro, BlaB! WS (client), and... | | |
| CVE-2020-9450 | An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe exposes a... | E | |
| CVE-2020-9451 | An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe keeps a l... | E | |
| CVE-2020-9452 | An issue was discovered in Acronis True Image 2020 24.5.22510. anti_ransomware_service.exe includes ... | E | |
| CVE-2020-9453 | In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of ser... | S | |
| CVE-2020-9454 | A CSRF vulnerability in the RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote att... | E | |
| CVE-2020-9455 | The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with m... | E | |
| CVE-2020-9456 | In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the user controller allows remote aut... | E | |
| CVE-2020-9457 | The RegistrationMagic plugin through 4.6.0.3 for WordPress allows remote authenticated users (with m... | E | |
| CVE-2020-9458 | In the RegistrationMagic plugin through 4.6.0.3 for WordPress, the export function allows remote aut... | E | |
| CVE-2020-9459 | Multiple Stored Cross-site scripting (XSS) vulnerabilities in the Webnus Modern Events Calendar Lite... | E | |
| CVE-2020-9460 | Octech Oempro 4.7 through 4.11 allow XSS by an authenticated user. The parameter CampaignName in Cam... | E | |
| CVE-2020-9461 | Octech Oempro 4.7 through 4.11 allow stored XSS by an authenticated user. The FolderName parameter o... | E | |
| CVE-2020-9462 | An issue was discovered in all Athom Homey and Homey Pro devices up to the current version 4.2.0. An... | | |
| CVE-2020-9463 | Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metachar... | E | |
| CVE-2020-9464 | A Denial-of-Service vulnerability exists in BECKHOFF Ethernet TCP/IP Bus Coupler BK9000. After an at... | | |
| CVE-2020-9465 | An issue was discovered in EyesOfNetwork eonweb 5.1 through 5.3 before 5.3-3. The eonweb web interfa... | E | |
| CVE-2020-9466 | The Export Users to CSV plugin through 1.4.2 for WordPress allows CSV Injection.... | | |
| CVE-2020-9467 | Piwigo 2.10.1 has stored XSS via the file parameter in a /ws.php request because of the pwg.images.s... | S | |
| CVE-2020-9468 | The Community plugin 2.9.e-beta for Piwigo allows users to set image information on images in albums... | S | |
| CVE-2020-9470 | An issue was discovered in Wing FTP Server 6.2.5 before February 2020. Due to insecure permissions w... | E | |
| CVE-2020-9471 | Umbraco Cloud 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via... | E | |
| CVE-2020-9472 | Umbraco CMS 8.5.3 allows an authenticated file upload (and consequently Remote Code Execution) via t... | E | |
| CVE-2020-9473 | The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 has a passwordless ftp ssh user. By using... | E | |
| CVE-2020-9474 | The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows remote code execution via the back... | E | |
| CVE-2020-9475 | The S. Siedle & Soehne SG 150-0 Smart Gateway before 1.2.4 allows local privilege escalation via a r... | E | |
| CVE-2020-9476 | ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password b... | | |
| CVE-2020-9477 | An issue was discovered on HUMAX HGA12R-02 BRGCAA 1.1.53 devices. A vulnerability in the authenticat... | | |
| CVE-2020-9478 | An issue was discovered in Rubrik 5.0.3-2296. An OS command injection vulnerability allows an authen... | | |
| CVE-2020-9479 | unzip directory traversal | | |
| CVE-2020-9480 | In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to requi... | S | |
| CVE-2020-9481 | Apache ATS 6.0.0 to 6.2.3, 7.0.0 to 7.1.9, and 8.0.0 to 8.0.6 is vulnerable to a HTTP/2 slow read at... | S | |
| CVE-2020-9482 | If NiFi Registry 0.1.0 to 0.5.0 uses an authentication mechanism other than PKI, when the user click... | S | |
| CVE-2020-9483 | **Resolved** When use H2/MySQL/TiDB as Apache SkyWalking storage, the metadata query through GraphQL... | | |
| CVE-2020-9484 | When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.... | S | |
| CVE-2020-9485 | An issue was found in Apache Airflow versions 1.10.10 and below. A stored XSS vulnerability was disc... | | |
| CVE-2020-9486 | In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which inclu... | | |
| CVE-2020-9487 | In Apache NiFi 1.0.0 to 1.11.4, the NiFi download token (one-time password) mechanism used a fixed c... | | |
| CVE-2020-9488 | Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allo... | S | |
| CVE-2020-9489 | A carefully crafted or corrupt file may trigger a System.exit in Tika's OneNote Parser. Crafted or c... | S | |
| CVE-2020-9490 | Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' heade... | S | |
| CVE-2020-9491 | In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as... | | |
| CVE-2020-9492 | In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client mi... | S | |
| CVE-2020-9493 | Java deserialization in Chainsaw | M | |
| CVE-2020-9494 | Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain t... | | |
| CVE-2020-9495 | Apache Archiva login service before 2.2.5 is vulnerable to LDAP injection. A attacker is able to ret... | | |
| CVE-2020-9496 | XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache O... | E | |
| CVE-2020-9497 | Apache Guacamole 1.1.0 and older do not properly validate datareceived from RDP servers via static v... | | |
| CVE-2020-9498 | Apache Guacamole 1.1.0 and older may mishandle pointers involved inprocessing data received via RDP ... | | |
| CVE-2020-9499 | Some Dahua products have buffer overflow vulnerabilities. After the successful login of the legal ac... | | |
| CVE-2020-9500 | Some products of Dahua have Denial of Service vulnerabilities. After the successful login of the leg... | | |
| CVE-2020-9501 | Attackers can obtain Cloud Key information from the Dahua Web P2P control in specific ways. Cloud Ke... | | |
| CVE-2020-9502 | Some Dahua products with Build time before December 2019 have Session ID predictable vulnerabilities... | | |
| CVE-2020-9514 | An issue was discovered in the IMPress for IDX Broker plugin before 2.6.2 for WordPress. wrappers.ph... | E | |
| CVE-2020-9517 | There is an improper restriction of rendered UI layers or frames vulnerability in Micro Focus Servic... | | |
| CVE-2020-9518 | Login filter can access configuration files vulnerability in Micro Focus Service Manager (Web Tier),... | | |
| CVE-2020-9519 | HTTP methods reveled in Web services vulnerability in Micro Focus Service manager (server), affectin... | | |
| CVE-2020-9520 | A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4... | | |
| CVE-2020-9521 | An SQL injection vulnerability was discovered in Micro Focus Service Manager Automation (SMA), affec... | | |
| CVE-2020-9522 | Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) p... | | |
| CVE-2020-9523 | Insufficiently protected credentials vulnerability on Micro Focus enterprise developer and enterpris... | | |
| CVE-2020-9524 | Cross Site scripting vulnerability on Micro Focus Enterprise Server and Enterprise developer, affect... | | |
| CVE-2020-9525 | CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an auth... | | |
| CVE-2020-9526 | CS2 Network P2P through 3.x, as used in millions of Internet of Things devices, suffers from an info... | | |
| CVE-2020-9527 | Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20, after 2018-08-09 through 20... | | |
| CVE-2020-9528 | Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different ... | | |
| CVE-2020-9529 | Firmware developed by Shenzhen Hichip Vision Technology (V6 through V20), as used by many different ... | | |
| CVE-2020-9530 | An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. The export component of GetApps(co... | | |
| CVE-2020-9531 | An issue was discovered on Xiaomi MIUI V11.0.5.0.QFAEUXM devices. In the Web resources of GetApps(co... | | |
| CVE-2020-9534 | fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup webpa... | E | |
| CVE-2020-9535 | fmwlan.c on D-Link DIR-615Jx10 devices has a stack-based buffer overflow via the formWlanSetup_Wizar... | E | |
| CVE-2020-9540 | Sophos HitmanPro.Alert before build 861 allows local elevation of privilege.... | | |
| CVE-2020-9543 | OpenStack Manila <7.4.1, >=8.0.0 <8.1.1, and >=9.0.0 <9.1.1 allows attackers to view, update, delete... | E S | |
| CVE-2020-9544 | An issue was discovered on D-Link DSL-2640B E1 EU_1.01 devices. The administrative interface doesn't... | E | |
| CVE-2020-9545 | Pale Moon 28.x before 28.8.4 has a segmentation fault related to module scripting, as demonstrated b... | | |
| CVE-2020-9546 | FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadg... | S | |
| CVE-2020-9547 | FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadg... | S | |
| CVE-2020-9548 | FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadg... | S | |
| CVE-2020-9549 | In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF do... | E | |
| CVE-2020-9550 | Rubetek SmartHome 2020 devices use unencrypted 433 MHz communication between controllers and beacons... | | |
| CVE-2020-9551 | Adobe Bridge versions 10.0 have an out-of-bounds write vulnerability. Successful exploitation could ... | S | |
| CVE-2020-9552 | Adobe Bridge versions 10.0 have a heap-based buffer overflow vulnerability. Successful exploitation ... | S | |
| CVE-2020-9553 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successfu... | S | |
| CVE-2020-9554 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successf... | S | |
| CVE-2020-9555 | Adobe Bridge versions 10.0.1 and earlier version have a stack-based buffer overflow vulnerability. S... | S | |
| CVE-2020-9556 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successf... | S | |
| CVE-2020-9557 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successfu... | S | |
| CVE-2020-9558 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successfu... | S | |
| CVE-2020-9559 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successf... | S | |
| CVE-2020-9560 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successf... | S | |
| CVE-2020-9561 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successf... | S | |
| CVE-2020-9562 | Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Successful expl... | S | |
| CVE-2020-9563 | Adobe Bridge versions 10.0.1 and earlier version have a heap overflow vulnerability. Successful expl... | S | |
| CVE-2020-9564 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successf... | S | |
| CVE-2020-9565 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successf... | S | |
| CVE-2020-9566 | Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Successful ex... | S | |
| CVE-2020-9567 | Adobe Bridge versions 10.0.1 and earlier version have an use after free vulnerability. Successful ex... | S | |
| CVE-2020-9568 | Adobe Bridge versions 10.0.1 and earlier version have a memory corruption vulnerability. Successful ... | S | |
| CVE-2020-9569 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds write vulnerability. Successf... | S | |
| CVE-2020-9570 | Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exp... | S | |
| CVE-2020-9571 | Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exp... | S | |
| CVE-2020-9572 | Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exp... | S | |
| CVE-2020-9573 | Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exp... | S | |
| CVE-2020-9574 | Adobe Illustrator versions 24.0.2 and earlier have a memory corruption vulnerability. Successful exp... | S | |
| CVE-2020-9575 | Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exp... | S | |
| CVE-2020-9576 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9577 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9578 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9579 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9580 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9581 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9582 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9583 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9584 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9585 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9586 | Adobe Character Animator versions 3.2 and earlier have a buffer overflow vulnerability. Successful e... | | |
| CVE-2020-9587 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9588 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9589 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability... | S | |
| CVE-2020-9590 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability... | S | |
| CVE-2020-9591 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9592 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9593 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9594 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9595 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9596 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9597 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9598 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9599 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9600 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9601 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9602 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9603 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9604 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9605 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9606 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9607 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9608 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9609 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9610 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9611 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9612 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9613 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9614 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9615 | Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.3... | | |
| CVE-2020-9616 | Adobe Premiere Pro versions 14.1 and earlier have an out-of-bounds read vulnerability. Successful ex... | | |
| CVE-2020-9617 | Adobe Premiere Rush versions 1.5.8 and earlier have an out-of-bounds read vulnerability. Successful ... | | |
| CVE-2020-9618 | Adobe Audition versions 13.0.5 and earlier have an out-of-bounds read vulnerability. Successful expl... | S | |
| CVE-2020-9620 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability... | S | |
| CVE-2020-9621 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have a heap overflow vulnerability... | S | |
| CVE-2020-9622 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnera... | S | |
| CVE-2020-9623 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnera... | S | |
| CVE-2020-9624 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnera... | S | |
| CVE-2020-9625 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnera... | | |
| CVE-2020-9626 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnera... | S | |
| CVE-2020-9627 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnera... | | |
| CVE-2020-9628 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnera... | | |
| CVE-2020-9629 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnera... | S | |
| CVE-2020-9630 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9631 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9632 | Magento versions 2.3.4 and earlier, 2.2.11 and earlier (see note), 1.14.4.4 and earlier, and 1.9.4.4... | | |
| CVE-2020-9633 | Adobe Flash Player Desktop Runtime 32.0.0.371 and earlier, Adobe Flash Player for Google Chrome 32.0... | | |
| CVE-2020-9634 | Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds write vulnerability. Successful e... | S | |
| CVE-2020-9635 | Adobe Framemaker versions 2019.0.5 and below have an out-of-bounds write vulnerability. Successful e... | S | |
| CVE-2020-9636 | Adobe Framemaker versions 2019.0.5 and below have a memory corruption vulnerability. Successful expl... | S | |
| CVE-2020-9637 | Adobe After Effects versions 17.1 and earlier have a heap overflow vulnerability. Successful exploit... | S | |
| CVE-2020-9638 | Adobe After Effects versions 17.1 and earlier have a heap overflow vulnerability. Successful exploit... | S | |
| CVE-2020-9639 | Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exp... | S | |
| CVE-2020-9640 | Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exp... | S | |
| CVE-2020-9641 | Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exp... | S | |
| CVE-2020-9642 | Adobe Illustrator versions 24.1.2 and earlier have a buffer errors vulnerability. Successful exploit... | S | |
| CVE-2020-9643 | Adobe Experience Manager versions 6.5 and earlier have a server-side request forgery (ssrf) vulnerab... | S | |
| CVE-2020-9644 | Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting (stored) vulnerability... | S | |
| CVE-2020-9645 | Adobe Experience Manager versions 6.5 and earlier have a blind server-side request forgery (ssrf) vu... | S | |
| CVE-2020-9646 | Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds write vulnerability. Successful ... | | |
| CVE-2020-9647 | Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting (dom-based) vulnerabil... | S | |
| CVE-2020-9648 | Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting vulnerability. Success... | S | |
| CVE-2020-9649 | Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds read vulnerability. Successful e... | | |
| CVE-2020-9650 | Adobe Media Encoder versions 14.2 and earlier have an out-of-bounds write vulnerability. Successful ... | | |
| CVE-2020-9651 | Adobe Experience Manager versions 6.5 and earlier have a cross-site scripting (reflected) vulnerabil... | S | |
| CVE-2020-9652 | Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds read vulnerability. Successful ex... | S | |
| CVE-2020-9653 | Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds write vulnerability. Successful e... | S | |
| CVE-2020-9654 | Adobe Premiere Pro versions 14.2 and earlier have an out-of-bounds write vulnerability. Successful e... | S | |
| CVE-2020-9655 | Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds read vulnerability. Successful... | S | |
| CVE-2020-9656 | Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds write vulnerability. Successfu... | S | |
| CVE-2020-9657 | Adobe Premiere Rush versions 1.5.12 and earlier have an out-of-bounds write vulnerability. Successfu... | S | |
| CVE-2020-9658 | Adobe Audition versions 13.0.6 and earlier have an out-of-bounds write vulnerability. Successful exp... | S | |
| CVE-2020-9659 | Adobe Audition versions 13.0.6 and earlier have an out-of-bounds write vulnerability. Successful exp... | S | |
| CVE-2020-9660 | Adobe After Effects versions 17.1 and earlier have an out-of-bounds write vulnerability. Successful ... | S | |
| CVE-2020-9661 | Adobe After Effects versions 17.1 and earlier have an out-of-bounds read vulnerability. Successful e... | S | |
| CVE-2020-9662 | Adobe After Effects versions 17.1 and earlier have an out-of-bounds write vulnerability. Successful ... | S | |
| CVE-2020-9663 | Adobe Reader Mobile versions 20.0.1 and earlier have a directory traversal vulnerability. Successful... | | |
| CVE-2020-9664 | Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a php object injection vulnerabi... | | |
| CVE-2020-9665 | Magento versions 1.14.4.5 and earlier, and 1.9.4.5 and earlier have a stored cross-site scripting vu... | | |
| CVE-2020-9666 | Adobe Campaign Classic before 20.2 have an out-of-bounds read vulnerability. Successful exploitation... | | |
| CVE-2020-9667 | Uncontrolled Search Path Element in AGSService.exe | | |
| CVE-2020-9668 | AGSService program mishandling symbolic links | | |
| CVE-2020-9669 | Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a lack of exploit mitigations... | | |
| CVE-2020-9670 | Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulne... | | |
| CVE-2020-9671 | Adobe Creative Cloud Desktop Application versions 5.1 and earlier have an insecure file permissions ... | | |
| CVE-2020-9672 | Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versi... | | |
| CVE-2020-9673 | Adobe ColdFusion 2016 update 15 and earlier versions, and ColdFusion 2018 update 9 and earlier versi... | | |
| CVE-2020-9674 | Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful explo... | | |
| CVE-2020-9675 | Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds read vulnerability. Successful exploi... | | |
| CVE-2020-9676 | Adobe Bridge versions 10.0.3 and earlier have an out-of-bounds write vulnerability. Successful explo... | | |
| CVE-2020-9677 | Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vulnerability. Successful exploita... | | |
| CVE-2020-9678 | Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vulnerability. Successful exploit... | | |
| CVE-2020-9679 | Adobe Prelude versions 9.0 and earlier have an out-of-bounds read vulnerability. Successful exploita... | | |
| CVE-2020-9680 | Adobe Prelude versions 9.0 and earlier have an out-of-bounds write vulnerability. Successful exploit... | | |
| CVE-2020-9681 | Adobe Genuine Service privilege escalation vulnerability | | |
| CVE-2020-9682 | Adobe Creative Cloud Desktop Application versions 5.1 and earlier have a symlink vulnerability vulne... | | |
| CVE-2020-9683 | Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerabil... | | |
| CVE-2020-9684 | Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerabi... | | |
| CVE-2020-9685 | Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerabi... | | |
| CVE-2020-9686 | Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds read vulnerabil... | | |
| CVE-2020-9687 | Adobe Photoshop versions Photoshop CC 2019, and Photoshop 2020 have an out-of-bounds write vulnerabi... | | |
| CVE-2020-9688 | Adobe Download Manager version 2.0.0.518 have a command injection vulnerability. Successful exploita... | | |
| CVE-2020-9689 | Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a path traversal vulnerability.... | S | |
| CVE-2020-9690 | Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have an observable timing discrepanc... | S | |
| CVE-2020-9691 | Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scriptin... | S | |
| CVE-2020-9692 | Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a security mitigation bypass vu... | S | |
| CVE-2020-9693 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9694 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9696 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9697 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9698 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9699 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9700 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9701 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9702 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9703 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9704 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9705 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9706 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9707 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9708 | GHSL-2020-133: Insufficient validation of user input in resolveRepositoryPath function | | |
| CVE-2020-9710 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9712 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9714 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9715 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | E S | |
| CVE-2020-9716 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9717 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9718 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9719 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9720 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9721 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9722 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9723 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and ear... | | |
| CVE-2020-9724 | Adobe Lightroom versions 9.2.0.10 and earlier have an insecure library loading vulnerability. Succes... | | |
| CVE-2020-9725 | FrameMaker File Parsing Stack-based Buffer Overflow | S | |
| CVE-2020-9726 | FrameMaker File Parsing Out-Of-Bounds Read Vulnerability | S | |
| CVE-2020-9727 | Out-of-bounds memory access could lead to code execution | | |
| CVE-2020-9728 | Out-of-bounds memory access could lead to code execution | | |
| CVE-2020-9729 | Out-of-bounds memory access could lead to code execution | | |
| CVE-2020-9730 | Out-of-bounds memory access could lead to code execution | | |
| CVE-2020-9731 | Out-of-bounds memory access could lead to code execution | | |
| CVE-2020-9732 | Stored XSS in AEM Sites Components | S | |
| CVE-2020-9733 | Sensitive information disclosure possible in AEM | S | |
| CVE-2020-9734 | Stored XSS in AEM Forms component | | |
| CVE-2020-9735 | Stored XSS in AEM's Content Repository Development Environment | | |
| CVE-2020-9736 | Stored XSS in AEM's Content Repository Development Environment | | |
| CVE-2020-9737 | Stored XSS in AEM's Content Repository Development Environment | | |
| CVE-2020-9738 | Stored XSS in AEM's Content Repository Development Environment | | |
| CVE-2020-9739 | Adobe Media Encoder FLV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2020-9740 | Stored XSS in AEM Design Importer Component | | |
| CVE-2020-9741 | Stored XSS in AEM Forms Components | | |
| CVE-2020-9742 | Reflected XSS in AEM Inbox module | | |
| CVE-2020-9743 | HTML injection in AEM's content editor component | | |
| CVE-2020-9744 | Adobe Media Encoder WMV File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2020-9745 | Adobe Media Encoder PSD File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability | | |
| CVE-2020-9746 | Exploitable NULL pointer deref could lead to arbitrary code execution | | |
| CVE-2020-9747 | Double-free vulnerability in Adobe Animate 20.5 | | |
| CVE-2020-9748 | Stack overflow vulnerability in Adobe Animate 20.5 | S | |
| CVE-2020-9749 | Out-of-bounds read vulnerability in Adobe Animate 20.5 | | |
| CVE-2020-9750 | Out-of-bounds read vulnerability in Adobe Animate 20.5 | | |
| CVE-2020-9751 | Naver Cloud Explorer before 2.2.2.11 allows the system to download an arbitrary file from the attack... | | |
| CVE-2020-9752 | Naver Cloud Explorer before 2.2.2.11 allows the attacker can move a local file in any path on the fi... | | |
| CVE-2020-9753 | Whale Browser Installer before 1.2.0.5 versions don't support signature verification for Flash insta... | | |
| CVE-2020-9754 | NAVER Whale browser mobile app before 1.10.6.2 allows the attacker to bypass its browser unlock func... | | |
| CVE-2020-9756 | Patriot Viper RGB Driver 1.1 and prior exposes IOCTL and allows insufficient access control. The IOC... | E | |
| CVE-2020-9757 | The SEOmatic component before 3.3.0 for Craft CMS allows Server-Side Template Injection that leads t... | E S | |
| CVE-2020-9758 | An issue was discovered in chat.php in LiveZilla Live Chat 8.0.1.3 (Helpdesk). A blind JavaScript in... | | |
| CVE-2020-9759 | webOS TV Emulator privilege escalation vulnerability | E | |
| CVE-2020-9760 | An issue was discovered in WeeChat before 2.7.1 (0.3.4 to 2.7 are affected). When a new IRC message ... | S | |
| CVE-2020-9761 | An issue was discovered in UNCTAD ASYCUDA World 2001 through 2020. The Java RMI Server has an Insecu... | | |
| CVE-2020-9767 | A vulnerability related to Dynamic-link Library (“DLL”) loading in the Zoom Sharing Service would al... | | |
| CVE-2020-9768 | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.... | | |
| CVE-2020-9769 | Multiple issues were addressed by updating to version 8.1.1850. This issue is fixed in macOS Catalin... | | |
| CVE-2020-9770 | A logic issue was addressed with improved state management. This issue is fixed in iOS 13.4 and iPad... | | |
| CVE-2020-9771 | This issue was addressed with a new entitlement. This issue is fixed in macOS Catalina 10.15.4. A us... | | |
| CVE-2020-9772 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 1... | | |
| CVE-2020-9773 | The issue was addressed with improved handling of icon caches. This issue is fixed in iOS 14.0 and i... | | |
| CVE-2020-9774 | An issue existed with Siri Suggestions access to encrypted data. The issue was fixed by limiting acc... | | |
| CVE-2020-9775 | An issue existed in the handling of tabs displaying picture in picture video. The issue was correcte... | | |
| CVE-2020-9776 | This issue was addressed with a new entitlement. This issue is fixed in macOS Catalina 10.15.4. A ma... | | |
| CVE-2020-9777 | An issue existed in the selection of video file by Mail. The issue was fixed by selecting the latest... | | |
| CVE-2020-9779 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Cat... | | |
| CVE-2020-9780 | The issue was resolved by clearing application previews when content is deleted. This issue is fixed... | | |
| CVE-2020-9781 | The issue was addressed by clearing website permission prompts after navigation. This issue is fixed... | | |
| CVE-2020-9782 | A parsing issue in the handling of directory paths was addressed with improved path validation. This... | | |
| CVE-2020-9783 | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.... | | |
| CVE-2020-9784 | A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1. A malici... | | |
| CVE-2020-9785 | Multiple memory corruption issues were addressed with improved state management. This issue is fixed... | | |
| CVE-2020-9786 | This issue was addressed with improved checks This issue is fixed in macOS Catalina 10.15.4, Securit... | | |
| CVE-2020-9787 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.4 and iPadOS 1... | | |
| CVE-2020-9788 | A validation issue was addressed with improved input sanitization. This issue is fixed in macOS Cata... | | |
| CVE-2020-9789 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | | |
| CVE-2020-9790 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | | |
| CVE-2020-9791 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.5 ... | | |
| CVE-2020-9792 | A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.5 a... | | |
| CVE-2020-9793 | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 1... | | |
| CVE-2020-9794 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 a... | | |
| CVE-2020-9795 | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.... | | |
| CVE-2020-9796 | A race condition was addressed with improved state handling. This issue is fixed in macOS Catalina 1... | | |
| CVE-2020-9797 | An information disclosure issue was addressed by removing the vulnerable code. This issue is fixed i... | | |
| CVE-2020-9799 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Cata... | | |
| CVE-2020-9800 | A type confusion issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 ... | | |
| CVE-2020-9801 | A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.1. A mali... | | |
| CVE-2020-9802 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 1... | | |
| CVE-2020-9803 | A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 13.5 an... | | |
| CVE-2020-9804 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.... | | |
| CVE-2020-9805 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 1... | | |
| CVE-2020-9806 | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 1... | | |
| CVE-2020-9807 | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 1... | | |
| CVE-2020-9808 | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 1... | | |
| CVE-2020-9809 | An information disclosure issue was addressed with improved state management. This issue is fixed in... | | |
| CVE-2020-9810 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.... | | |
| CVE-2020-9811 | An information disclosure issue was addressed with improved state management. This issue is fixed in... | | |
| CVE-2020-9812 | An information disclosure issue was addressed with improved state management. This issue is fixed in... | | |
| CVE-2020-9813 | A logic issue existed resulting in memory corruption. This was addressed with improved state managem... | | |
| CVE-2020-9814 | A logic issue existed resulting in memory corruption. This was addressed with improved state managem... | | |
| CVE-2020-9815 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 a... | | |
| CVE-2020-9816 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | | |
| CVE-2020-9817 | A permissions issue existed. This issue was addressed with improved permission validation. This issu... | | |
| CVE-2020-9818 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | KEV | |
| CVE-2020-9819 | A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 1... | KEV | |
| CVE-2020-9820 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 1... | | |
| CVE-2020-9821 | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 1... | | |
| CVE-2020-9822 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in mac... | | |
| CVE-2020-9823 | This issue was addressed with improved checks. This issue is fixed in iOS 13.5 and iPadOS 13.5. User... | | |
| CVE-2020-9824 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.... | | |
| CVE-2020-9825 | An access issue was addressed with additional sandbox restrictions. This issue is fixed in iOS 13.5 ... | | |
| CVE-2020-9826 | A denial of service issue was addressed with improved input validation. This issue is fixed in iOS 1... | | |
| CVE-2020-9827 | A denial of service issue was addressed with improved input validation. This issue is fixed in iOS 1... | | |
| CVE-2020-9828 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Cat... | | |
| CVE-2020-9829 | A validation issue was addressed with improved input sanitization. This issue is fixed in iOS 13.5 a... | | |
| CVE-2020-9830 | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 1... | | |
| CVE-2020-9831 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Cata... | | |
| CVE-2020-9832 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Cat... | | |
| CVE-2020-9833 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in ma... | | |
| CVE-2020-9834 | A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS... | | |
| CVE-2020-9835 | An issue existed in the pausing of FaceTime video. The issue was resolved with improved logic. This ... | | |
| CVE-2020-9837 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 a... | | |
| CVE-2020-9838 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.5 a... | | |
| CVE-2020-9839 | A race condition was addressed with improved state handling. This issue is fixed in iOS 13.5 and iPa... | | |
| CVE-2020-9840 | In SwiftNIO Extras before 1.4.1, a logic issue was addressed with improved restrictions.... | | |
| CVE-2020-9841 | An integer overflow was addressed through improved input validation. This issue is fixed in macOS Ca... | | |
| CVE-2020-9842 | An entitlement parsing issue was addressed with improved parsing. This issue is fixed in iOS 13.5 an... | | |
| CVE-2020-9843 | An input validation issue was addressed with improved input validation. This issue is fixed in iOS 1... | | |
| CVE-2020-9844 | A double free issue was addressed with improved memory management. This issue is fixed in iOS 13.5 a... | | |
| CVE-2020-9846 | A logic issue was addressed with improved state management. This issue is fixed in macOS Monterey 12... | | |
| CVE-2020-9847 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Cata... | | |
| CVE-2020-9848 | An authorization issue was addressed with improved state management. This issue is fixed in iOS 13.5... | | |
| CVE-2020-9849 | An information disclosure issue was addressed with improved state management. This issue is fixed in... | | |
| CVE-2020-9850 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.5 and iPadOS 1... | | |
| CVE-2020-9851 | An access issue was addressed with improved access restrictions. This issue is fixed in macOS Catali... | | |
| CVE-2020-9852 | An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.5... | | |
| CVE-2020-9853 | A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Catal... | | |
| CVE-2020-9854 | A logic issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iPadOS 13.... | | |
| CVE-2020-9855 | A validation issue existed in the handling of symlinks. This issue was addressed with improved valid... | | |
| CVE-2020-9856 | This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.5. An app... | | |
| CVE-2020-9857 | An issue existed in the parsing of URLs. This issue was addressed with improved input validation. Th... | | |
| CVE-2020-9858 | A dynamic library loading issue was addressed with improved path searching. This issue is fixed in W... | | |
| CVE-2020-9859 | A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 1... | KEV | |
| CVE-2020-9860 | A custom URL scheme handling issue was addressed with improved input validation. This issue is fixed... | | |
| CVE-2020-9861 | A stack overflow issue existed in Swift for Linux. The issue was addressed with improved input valid... | | |
| CVE-2020-9862 | A command injection issue existed in Web Inspector. This issue was addressed with improved escaping.... | | |
| CVE-2020-9863 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in iO... | | |
| CVE-2020-9864 | A logic issue was addressed with improved restrictions. This issue is fixed in macOS Catalina 10.15.... | | |
| CVE-2020-9865 | A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS ... | | |
| CVE-2020-9866 | A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina... | | |
| CVE-2020-9868 | A certificate validation issue existed when processing administrator added certificates. This issue ... | | |
| CVE-2020-9869 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS ... | | |
| CVE-2020-9870 | A logic issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iPadOS 13.... | | |
| CVE-2020-9871 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | | |
| CVE-2020-9872 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | | |
| CVE-2020-9873 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 ... | | |
| CVE-2020-9874 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | | |
| CVE-2020-9875 | An integer overflow was addressed through improved input validation. This issue is fixed in iOS 13.6... | | |
| CVE-2020-9876 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | | |
| CVE-2020-9877 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 a... | | |
| CVE-2020-9878 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6... | | |
| CVE-2020-9879 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | | |
| CVE-2020-9880 | A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and i... | | |
| CVE-2020-9881 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6... | | |
| CVE-2020-9882 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6... | | |
| CVE-2020-9883 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6... | | |
| CVE-2020-9884 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | | |
| CVE-2020-9885 | An issue existed in the handling of iMessage tapbacks. The issue was resolved with additional verifi... | | |
| CVE-2020-9887 | A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS... | | |
| CVE-2020-9888 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 a... | | |
| CVE-2020-9889 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | | |
| CVE-2020-9890 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 a... | | |
| CVE-2020-9891 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 a... | | |
| CVE-2020-9892 | Multiple memory corruption issues were addressed with improved state management. This issue is fixed... | | |
| CVE-2020-9893 | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.... | | |
| CVE-2020-9894 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 ... | | |
| CVE-2020-9895 | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.... | | |
| CVE-2020-9897 | An out-of-bounds write was addressed with improved input validation. This issue is fixed in iOS 14.2... | | |
| CVE-2020-9898 | This issue was addressed with improved entitlements. This issue is fixed in iOS 13.6 and iPadOS 13.6... | | |
| CVE-2020-9899 | A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS... | | |
| CVE-2020-9900 | An issue existed within the path validation logic for symlinks. This issue was addressed with improv... | | |
| CVE-2020-9901 | An issue existed within the path validation logic for symlinks. This issue was addressed with improv... | | |
| CVE-2020-9902 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 a... | | |
| CVE-2020-9903 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 1... | | |
| CVE-2020-9904 | A memory corruption issue was addressed with improved state management. This issue is fixed in iOS 1... | | |
| CVE-2020-9905 | A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 13.6 and i... | | |
| CVE-2020-9906 | A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 1... | | |
| CVE-2020-9907 | A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS ... | KEV | |
| CVE-2020-9908 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Cat... | | |
| CVE-2020-9909 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in iOS 13.6 a... | | |
| CVE-2020-9910 | Multiple issues were addressed with improved logic. This issue is fixed in iOS 13.6 and iPadOS 13.6,... | | |
| CVE-2020-9911 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 13.6 and iPadOS 1... | | |
| CVE-2020-9912 | A logic issue was addressed with improved restrictions. This issue is fixed in Safari 13.1.2. A mali... | | |
| CVE-2020-9913 | This issue was addressed with improved data protection. This issue is fixed in macOS Catalina 10.15.... | | |
| CVE-2020-9914 | An input validation issue existed in Bluetooth. This issue was addressed with improved input validat... | | |
| CVE-2020-9915 | An access issue existed in Content Security Policy. This issue was addressed with improved access re... | | |
| CVE-2020-9916 | A URL Unicode encoding issue was addressed with improved state management. This issue is fixed in iO... | | |
| CVE-2020-9917 | This issue was addressed with improved checks. This issue is fixed in iOS 13.6 and iPadOS 13.6. A re... | | |
| CVE-2020-9918 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Cat... | | |
| CVE-2020-9919 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6... | | |
| CVE-2020-9920 | A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.6 and iP... | | |
| CVE-2020-9921 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS ... | | |
| CVE-2020-9922 | A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10... | | |
| CVE-2020-9923 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in iOS 13... | | |
| CVE-2020-9924 | A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10... | | |
| CVE-2020-9925 | A logic issue was addressed with improved state management. This issue is fixed in iOS 13.6 and iPad... | | |
| CVE-2020-9926 | A use after free issue was addressed with improved memory management. This issue is fixed in iOS 13.... | | |
| CVE-2020-9927 | A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS... | | |
| CVE-2020-9928 | Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed ... | | |
| CVE-2020-9929 | A memory corruption issue was addressed with improved memory handling. This issue is fixed in macOS ... | | |
| CVE-2020-9930 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Cat... | | |
| CVE-2020-9931 | A denial of service issue was addressed with improved input validation. This issue is fixed in iOS 1... | | |
| CVE-2020-9932 | A memory corruption issue was addressed with improved validation. This issue is fixed in Safari 13.0... | | |
| CVE-2020-9933 | An authorization issue was addressed with improved state management. This issue is fixed in iOS 13.6... | | |
| CVE-2020-9934 | An issue existed in the handling of environment variables. This issue was addressed with improved va... | KEV | |
| CVE-2020-9935 | A logic issue was addressed with improved state management. This issue is fixed in macOS Catalina 10... | | |
| CVE-2020-9936 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | | |
| CVE-2020-9937 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | | |
| CVE-2020-9938 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 ... | | |
| CVE-2020-9939 | This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.6. A loca... | | |
| CVE-2020-9940 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6... | | |
| CVE-2020-9941 | This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.7, Securi... | | |
| CVE-2020-9942 | An inconsistent user interface issue was addressed with improved state management. This issue is fix... | | |
| CVE-2020-9943 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big ... | | |
| CVE-2020-9944 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big ... | | |
| CVE-2020-9945 | A spoofing issue existed in the handling of URLs. This issue was addressed with improved input valid... | | |
| CVE-2020-9946 | This issue was addressed with improved checks. This issue is fixed in iOS 14.0 and iPadOS 14.0, watc... | | |
| CVE-2020-9947 | A use after free issue was addressed with improved memory management. This issue is fixed in watchOS... | | |
| CVE-2020-9948 | A type confusion issue was addressed with improved memory handling. This issue is fixed in Safari 14... | | |
| CVE-2020-9949 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS B... | | |
| CVE-2020-9950 | A use after free issue was addressed with improved memory management. This issue is fixed in watchOS... | | |
| CVE-2020-9951 | A use after free issue was addressed with improved memory management. This issue is fixed in Safari ... | | |
| CVE-2020-9952 | An input validation issue was addressed with improved input validation. This issue is fixed in iOS 1... | | |
| CVE-2020-9954 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in watchOS ... | | |
| CVE-2020-9955 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in wat... | | |
| CVE-2020-9956 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big... | | |
| CVE-2020-9958 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | | |
| CVE-2020-9959 | A lock screen issue allowed access to messages on a locked device. This issue was addressed with imp... | | |
| CVE-2020-9960 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big... | | |
| CVE-2020-9961 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Cat... | | |
| CVE-2020-9962 | A buffer overflow was addressed with improved size validation. This issue is fixed in macOS Big Sur ... | | |
| CVE-2020-9963 | The issue was addressed with improved handling of icon caches. This issue is fixed in macOS Big Sur ... | | |
| CVE-2020-9964 | A memory initialization issue was addressed with improved memory handling. This issue is fixed in iO... | | |
| CVE-2020-9965 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big... | | |
| CVE-2020-9966 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Big... | | |
| CVE-2020-9967 | Multiple memory corruption issues were addressed with improved input validation. This issue is fixed... | | |
| CVE-2020-9968 | A logic issue was addressed with improved restrictions. This issue is fixed in iOS 14.0 and iPadOS 1... | | |
| CVE-2020-9969 | An access issue was addressed with additional sandbox restrictions. This issue is fixed in macOS Big... | | |
| CVE-2020-9971 | A logic issue was addressed with improved validation. This issue is fixed in watchOS 7.0, tvOS 14.0,... | | |
| CVE-2020-9972 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 14.0... | | |
| CVE-2020-9973 | An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Cata... | | |
| CVE-2020-9974 | A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.... | | |
| CVE-2020-9975 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS B... | | |
| CVE-2020-9976 | A logic issue was addressed with improved state management. This issue is fixed in iOS 14.0 and iPad... | | |
| CVE-2020-9977 | A validation issue existed in the entitlement verification. This issue was addressed with improved v... | | |
| CVE-2020-9978 | This issue was addressed with improved setting propagation. This issue is fixed in macOS Big Sur 11.... | | |
| CVE-2020-9979 | A trust issue was addressed by removing a legacy API. This issue is fixed in iOS 14.0 and iPadOS 14.... | | |
| CVE-2020-9980 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS... | | |
| CVE-2020-9981 | A use after free issue was addressed with improved memory management. This issue is fixed in watchOS... | | |
| CVE-2020-9982 | This issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed i... | | |
| CVE-2020-9983 | An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Saf... | | |
| CVE-2020-9984 | An out-of-bounds read was addressed with improved input validation. This issue is fixed in iOS 13.6 ... | | |
| CVE-2020-9985 | A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 13.6... | | |
| CVE-2020-9986 | A file access issue existed with certain home folder files. This was addressed with improved access ... | | |
| CVE-2020-9987 | An inconsistent user interface issue was addressed with improved state management. This issue is fix... | | |
| CVE-2020-9988 | The issue was addressed with improved deletion. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.... | | |
| CVE-2020-9989 | The issue was addressed with improved deletion. This issue is fixed in macOS Big Sur 11.0.1, watchOS... | | |
| CVE-2020-9990 | A race condition was addressed with additional validation. This issue is fixed in macOS Catalina 10.... | | |
| CVE-2020-9991 | This issue was addressed with improved checks. This issue is fixed in macOS Big Sur 11.0.1, watchOS ... | | |
| CVE-2020-9992 | This issue was addressed by encrypting communications over the network to devices running iOS 14, iP... | | |
| CVE-2020-9993 | The issue was addressed with improved UI handling. This issue is fixed in watchOS 7.0, Safari 14.0, ... | | |
| CVE-2020-9994 | A path handling issue was addressed with improved validation. This issue is fixed in iOS 13.5 and iP... | | |
| CVE-2020-9995 | An issue existed in the parsing of URLs. This issue was addressed with improved input validation. Th... | | |
| CVE-2020-9996 | A use after free issue was addressed with improved memory management. This issue is fixed in macOS B... | | |
| CVE-2020-9997 | An information disclosure issue was addressed with improved state management. This issue is fixed in... | | |
| CVE-2020-9999 | A memory corruption issue was addressed with improved state management. This issue is fixed in macOS... | |