Total
32264 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-6931 | 1 Hp | 1 Print And Scan Doctor | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| HP Print and Scan Doctor may potentially be vulnerable to local elevation of privilege. | |||||
| CVE-2020-6922 | 1 Hp | 1 Support Assistant | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | |||||
| CVE-2020-6921 | 1 Hp | 1 Support Assistant | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | |||||
| CVE-2020-6920 | 1 Hp | 1 Support Assistant | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | |||||
| CVE-2020-6919 | 1 Hp | 1 Support Assistant | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | |||||
| CVE-2020-6918 | 1 Hp | 1 Support Assistant | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | |||||
| CVE-2020-6917 | 1 Hp | 1 Support Assistant | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software. | |||||
| CVE-2020-6877 | 1 Zte | 2 Zxa10 Eodn, Zxa10 Eodn Firmware | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally for operation. This affects: ZXA10 eODN V2.3P2T1 | |||||
| CVE-2020-6873 | 1 Zte | 2 Zxr10 2800-4 Almpufb\(low\), Zxr10 2800-4 Almpufb\(low\) Firmware | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| A ZTE product has a DoS vulnerability. Because the equipment couldn’t distinguish the attack packets and normal packets with valid http links, the remote attackers could use this vulnerability to cause the equipment WEB/TELNET module denial of service and make the equipment be out of management. This affects: ZXR10 2800-4_ALMPUFB(LOW), all versions up to V3.00.40. | |||||
| CVE-2020-6869 | 1 Zte | 1 Ztemarket Apk | 2024-11-21 | 5.5 MEDIUM | 8.1 HIGH |
| All versions up to 10.06 of ZTEMarket APK are impacted by an information leak vulnerability. Due to Activity Component exposure users can exploit this vulnerability to get the private cookie and execute silent installation. | |||||
| CVE-2020-6866 | 1 Zte | 2 Zxctn 6500, Zxctn 6500 Firmware | 2024-11-21 | 4.0 MEDIUM | 4.9 MEDIUM |
| A ZTE product is impacted by a resource management error vulnerability. An attacker could exploit this vulnerability to cause a denial of service by issuing a specific command. This affects: ZXCTN 6500 version V2.10.00R3B87. | |||||
| CVE-2020-6864 | 1 Zte | 2 E8820v3, E8820v3 Firmware | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| ZTE E8820V3 router product is impacted by an information leak vulnerability. Attackers could use this vulnerability to to gain wireless passwords. After obtaining the wireless password, the attacker could collect information and attack the router. | |||||
| CVE-2020-6863 | 1 Zte | 2 E8820v3, E8820v3 Firmware | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| ZTE E8820V3 router product is impacted by a permission and access control vulnerability. Attackers could use this vulnerability to tamper with DDNS parameters and send DoS attacks on the specified URL. | |||||
| CVE-2020-6833 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GitLab EE 11.3 and later. A GitLab Workhorse bypass could lead to package and file disclosure via request smuggling. | |||||
| CVE-2020-6832 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in GitLab Enterprise Edition (EE) 8.9.0 through 12.6.1. Using the project import feature, it was possible for someone to obtain issues from private projects. | |||||
| CVE-2020-6829 | 1 Mozilla | 1 Firefox | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-magnetic trace of a few signature generations, the private key could have been computed. This vulnerability affects Firefox < 80 and Firefox for Android < 80. | |||||
| CVE-2020-6809 | 1 Mozilla | 1 Firefox | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| When a Web Extension had the all-urls permission and made a fetch request with a mode set to 'same-origin', it was possible for the Web Extension to read local files. This vulnerability affects Firefox < 74. | |||||
| CVE-2020-6750 | 2 Fedoraproject, Gnome | 2 Fedora, Glib | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| GSocketClient in GNOME GLib through 2.62.4 may occasionally connect directly to a target address instead of connecting via a proxy server when configured to do so, because the proxy_addr field is mishandled. This bug is timing-dependent and may occur only sporadically depending on network delays. The greatest security relevance is in use cases where a proxy is used to help with privacy/anonymity, even though there is no technical barrier to a direct connection. NOTE: versions before 2.60 are unaffected. | |||||
| CVE-2020-6616 | 3 Apple, Google, Samsung | 7 Ipados, Iphone Os, Mac Os X and 4 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| Some Broadcom chips mishandle Bluetooth random-number generation because a low-entropy Pseudo Random Number Generator (PRNG) is used in situations where a Hardware Random Number Generator (HRNG) should have been used to prevent spoofing. This affects, for example, Samsung Galaxy S8, S8+, and Note8 devices with the BCM4361 chipset. The Samsung ID is SVE-2020-16882 (May 2020). | |||||
| CVE-2020-6581 | 2 Fedoraproject, Nagios | 2 Fedora, Remote Plug In Executor | 2024-11-21 | 3.7 LOW | 7.3 HIGH |
| Nagios NRPE 3.2.1 has Insufficient Filtering because, for example, nasty_metachars interprets \n as the character \ and the character n (not as the \n newline sequence). This can cause command injection. | |||||