2020 CVE Vulnerabilities
21,060 CVEs published in 2020.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2020-2249 | LOW | 3.3 | 0.3% | Sep 1, 2020 | Jenkins Team Foundation Server Plugin 5.157.1 and earlier stores a webhook secret unencrypted in its global configuratio... |
| CVE-2020-12829 | LOW | 3.8 | 0.4% | Aug 31, 2020 | In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. This flaw occurs in the... |
| CVE-2020-4591 | LOW | 3.3 | 0.2% | Aug 28, 2020 | IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due... |
| CVE-2020-3504 | LOW | 3.3 | 0.3% | Aug 27, 2020 | A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, loc... |
| CVE-2020-16142 | LOW | 3.5 | 0.8% | Aug 27, 2020 | On Mercedes-Benz C Class AMG Premium Plus c220 BlueTec vehicles, the Bluetooth stack mishandles %x and %c format-string ... |
| CVE-2020-14415 | LOW | 3.3 | 0.5% | Aug 27, 2020 | oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position. |
| CVE-2020-5928 | LOW | 3.1 | 0.2% | Aug 26, 2020 | In versions 15.1.0-15.1.0.4, 15.0.0-15.0.1.3, 14.1.0-14.1.2.6, 13.1.0-13.1.3.4, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, BI... |
| CVE-2020-16241 | LOW | 2.1 | 0.2% | Aug 21, 2020 | Philips SureSigns VS4, A.07.107 and prior does not restrict or incorrectly restricts access to a resource from an unaut... |
| CVE-2020-16237 | LOW | 2.1 | 0.3% | Aug 21, 2020 | Philips SureSigns VS4, A.07.107 and prior receives input or data, but it does not validate or incorrectly validates that... |
| CVE-2020-4548 | LOW | 2.7 | 0.7% | Aug 20, 2020 | IBM Content Navigator 3.0.7 and 3.0.8 is vulnerable to improper input validation. A malicious administrator could bypass... |
| CVE-2020-15637 | LOW | 3.3 | 4.1% | Aug 20, 2020 | This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomP... |
| CVE-2020-9710 | LOW | 3.3 | 2.8% | Aug 19, 2020 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.3... |
| CVE-2020-9707 | LOW | 3.3 | 2.8% | Aug 19, 2020 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.3... |
| CVE-2020-9706 | LOW | 3.3 | 2.8% | Aug 19, 2020 | Adobe Acrobat and Reader versions 2020.009.20074 and earlier, 2020.001.30002, 2017.011.30171 and earlier, and 2015.006.3... |
| CVE-2020-13282 | LOW | 3.5 | 0.7% | Aug 13, 2020 | For GitLab before 13.0.12, 13.1.6, 13.2.3 after a group transfer occurs, members from a parent group keep their access l... |
| CVE-2020-6653 | LOW | 3.9 | 0.3% | Aug 12, 2020 | Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or re... |
| CVE-2020-2035 | LOW | 3 | 0.8% | Aug 12, 2020 | When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering... |
| CVE-2020-8912 | LOW | 2.5 | 0.2% | Aug 11, 2020 | A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attac... |
| CVE-2020-16092 | LOW | 3.8 | 0.4% | Aug 11, 2020 | In QEMU through 5.0.0, an assertion failure can occur in the network packet processing. This issue affects the e1000e an... |
| CVE-2020-4243 | LOW | 3.7 | 0.9% | Aug 5, 2020 | IBM Security Identity Governance and Intelligence 5.2.6 Virtual Appliance could allow a remote attacker to obtain sensit... |
| CVE-2020-16201 | LOW | 3.3 | 1.4% | Aug 4, 2020 | Delta Industrial Automation CNCSoft ScreenEditor, Versions 1.01.23 and prior. Multiple out-of-bounds read vulnerabilitie... |
| CVE-2020-13523 | LOW | 3.3 | 0.5% | Aug 4, 2020 | An exploitable information disclosure vulnerability exists in SoftPerfect’s RAM Disk 4.1 spvve.sys driver. A specially c... |
| CVE-2020-16116 | LOW | 3.3 | 1.7% | Aug 3, 2020 | In kerfuffle/jobs.cpp in KDE Ark before 20.08.0, a crafted archive can install files outside the extraction directory vi... |
| CVE-2020-16166 | LOW | 3.7 | 5.2% | Jul 30, 2020 | The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information a... |
| CVE-2020-15103 | LOW | 3.5 | 1.5% | Jul 27, 2020 | In FreeRDP less than or equal to 2.1.2, an integer overflow exists due to missing input sanitation in rdpegfx channel. A... |
Check if your code is affected by 2020 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now