2020 CVE Vulnerabilities
21,060 CVEs published in 2020.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2020-4919 | LOW | 3.8 | 0.6% | Jan 4, 2021 | IBM Cloud Pak System 2.3 has insufficient logout controls which could allow an authenticated privileged user to imperson... |
| CVE-2020-11947 | LOW | 3.8 | 0.5% | Dec 31, 2020 | iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated informat... |
| CVE-2020-35448 | LOW | 3.3 | 1.3% | Dec 27, 2020 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35.1.... |
| CVE-2020-2505 | LOW | 2.3 | 0.3% | Dec 24, 2020 | If exploited, this vulnerability could allow attackers to gain sensitive information via generation of error messages. Q... |
| CVE-2020-24693 | LOW | 3.3 | 0.3% | Dec 18, 2020 | The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system informat... |
| CVE-2020-4846 | LOW | 2.7 | 1.0% | Dec 17, 2020 | IBM Security Key Lifecycle Manager 3.0.1 and 4.0 could allow a remote attacker to obtain sensitive information when a de... |
| CVE-2020-4906 | LOW | 3.3 | 0.3% | Dec 16, 2020 | IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4 allows web pages to be stored locally whic... |
| CVE-2020-4008 | LOW | 3.6 | 0.2% | Dec 16, 2020 | The installer of the macOS Sensor for VMware Carbon Black Cloud (prior to 3.5.1) handles certain files in an insecure wa... |
| CVE-2020-29480 | LOW | 2.3 | 0.3% | Dec 15, 2020 | An issue was discovered in Xen through 4.14.x. Neither xenstore implementation does any permission checks when reporting... |
| CVE-2020-27057 | LOW | 3.3 | 0.1% | Dec 15, 2020 | In getGpuStatsGlobalInfo and getGpuStatsAppInfo of GpuService.cpp, there is a possible permission bypass due to a missin... |
| CVE-2020-27056 | LOW | 3.3 | 0.1% | Dec 15, 2020 | In SELinux policies of mls, there is a missing permission check. This could lead to local information disclosure of pack... |
| CVE-2020-0481 | LOW | 3.3 | 0.1% | Dec 15, 2020 | In AndroidManifest.xml, there is a possible permissions bypass. This could lead to local escalation of privilege allowin... |
| CVE-2020-0368 | LOW | 3.3 | 0.1% | Dec 15, 2020 | In queryInternal of CallLogProvider.java, there is a possible permission bypass due to improper input validation. This c... |
| CVE-2020-8938 | LOW | 3.3 | 0.1% | Dec 15, 2020 | An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to From... |
| CVE-2020-8937 | LOW | 3.3 | 0.1% | Dec 15, 2020 | An arbitrary memory overwrite vulnerability in Asylo versions up to 0.6.0 allows an attacker to make a host call to enc_... |
| CVE-2020-0459 | LOW | 3.3 | 0.1% | Dec 14, 2020 | In sendConfiguredNetworkChangedBroadcast of WifiConfigManager.java, there is a possible leak of sensitive WiFi configura... |
| CVE-2020-8284 | LOW | 3.7 | 3.9% | Dec 14, 2020 | A malicious server can use the FTP PASV response to trick curl 7.73.0 and earlier into connecting back to a given IP add... |
| CVE-2020-28838 | LOW | 3.5 | 0.4% | Dec 11, 2020 | Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items... |
| CVE-2020-8908 | LOW | 3.3 | 1.0% | Dec 10, 2020 | A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine... |
| CVE-2020-26270 | LOW | 3.3 | 0.2% | Dec 10, 2020 | In affected versions of TensorFlow running an LSTM/GRU model where the LSTM/GRU layer receives an input with zero-length... |
| CVE-2020-26271 | LOW | 3.3 | 0.2% | Dec 10, 2020 | In affected versions of TensorFlow under certain cases, loading a saved model can result in accessing uninitialized memo... |
| CVE-2020-8920 | LOW | 3.5 | 0.4% | Dec 10, 2020 | An information leak vulnerability exists in Gerrit versions prior to 2.14.22, 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 wh... |
| CVE-2020-8919 | LOW | 3.5 | 0.3% | Dec 10, 2020 | An information leak vulnerability exists in Gerrit versions prior to 2.15.21, 2.16.25, 3.0.15, 3.1.10, 3.2.5 where a mis... |
| CVE-2020-29668 | LOW | 3.7 | 2.0% | Dec 10, 2020 | Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API access by sending any arbitrary string (except on... |
| CVE-2020-27351 | LOW | 2.8 | 0.4% | Dec 10, 2020 | Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.... |
Check if your code is affected by 2020 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now