Max CVSS 9.3 Min CVSS 2.1 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-1971 4.3
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they
20-10-2021 - 11:15 08-12-2020 - 16:15
CVE-2020-8277 5.0
A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial of Service in versions < 15.2.1, < 14.15.1, and < 12.19.1 by getting the application to resolve a DNS record with a larger number
20-10-2021 - 11:15 19-11-2020 - 01:15
CVE-2020-25643 7.5
A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial
19-10-2021 - 13:45 06-10-2020 - 14:15
CVE-2019-20372 4.3
NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer.
22-09-2021 - 00:15 09-01-2020 - 21:15
CVE-2020-12321 5.8
Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
21-07-2021 - 11:39 12-11-2020 - 18:15
CVE-2020-2922 4.3
Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.29 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with ne
21-07-2021 - 11:39 15-04-2020 - 14:15
CVE-2020-1472 9.3
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
21-07-2021 - 11:39 17-08-2020 - 19:15
CVE-2020-16166 4.3
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c
21-07-2021 - 11:39 30-07-2020 - 21:15
CVE-2020-2814 4.0
Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.6.47 and prior, 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with net
26-05-2021 - 12:15 15-04-2020 - 14:15
CVE-2020-25654 9.0
An ACL bypass flaw was found in pacemaker. An attacker having a local account on the cluster and in the haclient group could use IPC communication with various daemons directly to perform certain tasks that they would be prevented by ACLs from doing
04-03-2021 - 20:48 24-11-2020 - 20:15
CVE-2020-28367 5.1
Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.
16-12-2020 - 03:15 18-11-2020 - 17:15
CVE-2020-24659 5.0
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the app
26-10-2020 - 16:15 04-09-2020 - 15:15
CVE-2020-16166 4.3
The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c
28-09-2020 - 16:15 30-07-2020 - 21:15
CVE-2020-1472 9.3
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'.
28-09-2020 - 13:48 17-08-2020 - 19:15
CVE-2020-24659 5.0
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the app
25-09-2020 - 20:15 04-09-2020 - 15:15
CVE-2020-15862 7.2
Net-SNMP through 5.7.3 has Improper Privilege Management because SNMP WRITE access to the EXTEND MIB provides the ability to run arbitrary commands as root.
04-09-2020 - 14:58 20-08-2020 - 01:17
CVE-2020-13867 2.1
Open-iSCSI targetcli-fb through 2.1.52 has weak permissions for /etc/target (and for the backup directory and backup files).
30-08-2020 - 23:15 05-06-2020 - 18:15
CVE-2020-14019 4.6
Open-iSCSI rtslib-fb through 2.1.72 has weak permissions for /etc/target/saveconfig.json because shutil.copyfile (instead of shutil.copy) is used, and thus permissions are not preserved.
07-08-2020 - 12:15 19-06-2020 - 11:15
CVE-2016-5766 6.8
Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based
22-04-2019 - 17:48 07-08-2016 - 10:59
Back to Top Mark selected
Back to Top