2020 CVE Vulnerabilities
21,060 CVEs published in 2020.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2020-4805 | LOW | 3.3 | 0.2% | Sep 23, 2021 | IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 1895... |
| CVE-2020-4803 | LOW | 3.3 | 0.2% | Sep 23, 2021 | IBM Edge 4.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 1895... |
| CVE-2020-18974 | LOW | 3.3 | 0.8% | Aug 25, 2021 | Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the c... |
| CVE-2020-18900 | LOW | 3.3 | 0.3% | Aug 19, 2021 | A heap-based buffer overflow in the libexe_io_handle_read_coff_optional_header function of libyal libexe before 20181128... |
| CVE-2020-36473 | LOW | 3.7 | 0.5% | Aug 14, 2021 | UCWeb UC 12.12.3.1219 through 12.12.3.1226 uses cleartext HTTP, and thus man-in-the-middle attackers can discover visite... |
| CVE-2020-18464 | LOW | 3.5 | 0.3% | Aug 12, 2021 | Cross Site Request Forgery (CSRF) vulnerability in AikCms 2.0.0 in video_list.php, which can let a malicious user delete... |
| CVE-2020-18463 | LOW | 2.4 | 0.3% | Aug 12, 2021 | Cross Site Request Forgery (CSRF) vulnerability exists in v2.0.0 in video_list.php, which can let a malicious user delet... |
| CVE-2020-25082 | LOW | 3.8 | 0.2% | Aug 10, 2021 | An attacker with physical access to Nuvoton Trusted Platform Module (NPCT75x 7.2.x before 7.2.2.0) could extract an Elli... |
| CVE-2020-18442 | LOW | 3.3 | 0.7% | Jun 18, 2021 | Infinite Loop in zziplib v0.13.69 allows remote attackers to cause a denial of service via the return value "zzip_file_r... |
| CVE-2020-35762 | LOW | 2.7 | 1.0% | Jun 16, 2021 | bloofoxCMS 0.5.2.1 is infected with Path traversal in the 'fileurl' parameter that allows attackers to read local files. |
| CVE-2020-24512 | LOW | 3.3 | 0.4% | Jun 9, 2021 | Observable timing discrepancy in some Intel(R) Processors may allow an authenticated user to potentially enable informat... |
| CVE-2020-1702 | LOW | 3.3 | 0.7% | May 27, 2021 | A malicious container image can consume an unbounded amount of memory when being pulled to a container runtime host, suc... |
| CVE-2020-14329 | LOW | 3.3 | 0.3% | May 27, 2021 | A data exposure flaw was found in Ansible Tower in versions before 3.7.2, where sensitive data can be exposed from the /... |
| CVE-2020-14328 | LOW | 3.3 | 0.2% | May 27, 2021 | A flaw was found in Ansible Tower in versions before 3.7.2. A Server Side Request Forgery flaw can be abused by supplyin... |
| CVE-2020-10698 | LOW | 3.3 | 0.3% | May 27, 2021 | A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the stdout of the executed j... |
| CVE-2020-13599 | LOW | 3.3 | 0.2% | May 25, 2021 | Security problem with settings and littlefs. Zephyr versions >= 1.14.2, >= 2.3.0 contain Incorrect Default Permissions (... |
| CVE-2020-4765 | LOW | 3.3 | 0.2% | May 19, 2021 | IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which can be read by another ... |
| CVE-2020-15279 | LOW | 3.3 | 0.5% | May 18, 2021 | An Improper Access Control vulnerability in the logging component of Bitdefender Endpoint Security Tools for Windows ver... |
| CVE-2020-27769 | LOW | 3.3 | 1.1% | May 14, 2021 | In ImageMagick versions before 7.0.9-0, there are outside the range of representable values of type 'float' at MagickCor... |
| CVE-2020-4811 | LOW | 2.4 | 0.7% | May 14, 2021 | IBM Cloud Pak for Security (CP4S) 1.4.0.0, 1.5.0.0, 1.5.0.1, 1.6.0.0, and 1.6.0.1 could allow a privileged user to injec... |
| CVE-2020-14354 | LOW | 3.3 | 0.5% | May 13, 2021 | A possible use-after-free and double-free in c-ares lib version 1.16.0 if ares_destroy() is called prior to ares_getaddr... |
| CVE-2020-24588 | LOW | 3.5 | 3.5% | May 11, 2021 | The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn... |
| CVE-2020-24587 | LOW | 2.6 | 2.6% | May 11, 2021 | The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn... |
| CVE-2020-24586 | LOW | 3.5 | 5.8% | May 11, 2021 | The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn... |
| CVE-2020-36314 | LOW | 3.9 | 0.6% | Apr 7, 2021 | fr-archive-libarchive.c in GNOME file-roller through 3.38.0, as used by GNOME Shell and other software, allows Directory... |
Check if your code is affected by 2020 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now