2020 CVE Vulnerabilities
21,060 CVEs published in 2020.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2020-2218 | LOW | 3.3 | 0.3% | Jul 2, 2020 | Jenkins HP ALM Quality Center Plugin 1.6 and earlier stores a password unencrypted in its global configuration file on t... |
| CVE-2020-12039 | LOW | 2.4 | 0.3% | Jun 29, 2020 | Baxter Sigma Spectrum Infusion Pumps Sigma Spectrum Infusion System v's6.x model 35700BAX & Baxter Spectrum Infusion Sys... |
| CVE-2020-9558 | LOW | 3.3 | 2.0% | Jun 26, 2020 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could... |
| CVE-2020-9553 | LOW | 3.3 | 2.1% | Jun 26, 2020 | Adobe Bridge versions 10.0.1 and earlier version have an out-of-bounds read vulnerability. Successful exploitation could... |
| CVE-2020-9626 | LOW | 3.3 | 2.2% | Jun 26, 2020 | Adobe DNG Software Development Kit (SDK) 1.5 and earlier versions have an out-of-bounds read vulnerability. Successful e... |
| CVE-2020-3970 | LOW | 3.8 | 0.4% | Jun 25, 2020 | VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), ... |
| CVE-2020-15005 | LOW | 3.1 | 1.3% | Jun 24, 2020 | In MediaWiki before 1.31.8, 1.32.x and 1.33.x before 1.33.4, and 1.34.x before 1.34.2, private wikis behind a caching se... |
| CVE-2020-4071 | LOW | 2.4 | 0.4% | Jun 24, 2020 | In django-basic-auth-ip-whitelist before 0.3.4, a potential timing attack exists on websites where the basic authenticat... |
| CVE-2020-13261 | LOW | 2.7 | 0.9% | Jun 19, 2020 | Amazon EKS credentials disclosure in GitLab CE/EE 12.6 and later through 13.0.1 allows other administrators to view Amaz... |
| CVE-2020-3972 | LOW | 3.3 | 0.4% | Jun 19, 2020 | VMware Tools for macOS (11.x.x and prior before 11.1.1) contains a denial-of-service vulnerability in the Host-Guest Fil... |
| CVE-2020-6752 | LOW | 3.8 | 0.6% | Jun 17, 2020 | In OMERO before 5.6.1, group owners can access members' data in other groups. |
| CVE-2020-4050 | LOW | 3.1 | 1.7% | Jun 12, 2020 | In affected versions of WordPress, misuse of the `set-screen-option` filter's return value allows arbitrary user meta fi... |
| CVE-2020-4049 | LOW | 2.4 | 2.8% | Jun 12, 2020 | In affected versions of WordPress, when uploading themes, the name of the theme folder can be crafted in a way that coul... |
| CVE-2020-3930 | LOW | 3.3 | 0.3% | Jun 12, 2020 | GeoVision Door Access Control device family improperly stores and controls access to system logs, any users can read the... |
| CVE-2020-9848 | LOW | 2.4 | 0.3% | Jun 9, 2020 | An authorization issue was addressed with improved state management. This issue is fixed in iOS 13.5 and iPadOS 13.5. A ... |
| CVE-2020-13838 | LOW | 3.5 | 0.1% | Jun 4, 2020 | An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) software. The DeX Lockscreen feature does not ... |
| CVE-2020-13837 | LOW | 3.5 | 0.1% | Jun 4, 2020 | An issue was discovered on Samsung mobile devices with Q(10.0) software. The Lockscreen feature does not block Quick Pan... |
| CVE-2020-5297 | LOW | 2.7 | 1.2% | Jun 3, 2020 | In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this ... |
| CVE-2020-3322 | LOW | 3.3 | 0.7% | Jun 3, 2020 | A vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Microsoft Windows could allow an atta... |
| CVE-2020-3321 | LOW | 3.3 | 1.4% | Jun 3, 2020 | A vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Microsoft Windows could allow an atta... |
| CVE-2020-3319 | LOW | 3.3 | 0.7% | Jun 3, 2020 | A vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Microsoft Windows could allow an atta... |
| CVE-2020-13597 | LOW | 3.5 | 0.9% | Jun 3, 2020 | Clusters using Calico (version 3.14.0 and below), Calico Enterprise (version 2.8.2 and below), may be vulnerable to info... |
| CVE-2020-13659 | LOW | 2.5 | 0.4% | Jun 2, 2020 | address_space_map in exec.c in QEMU 4.2.0 can trigger a NULL pointer dereference related to BounceBuffer. |
| CVE-2020-1831 | LOW | 2.4 | 0.2% | May 29, 2020 | HUAWEI Mate 20 smartphones with versions earlier than 10.0.0.195(SP31C00E74R3P8) have an improper authorization vulnerab... |
| CVE-2020-3959 | LOW | 3.3 | 0.3% | May 29, 2020 | VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.1.... |
Check if your code is affected by 2020 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now