2020 CVE Vulnerabilities
21,060 CVEs published in 2020.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2020-25743 | LOW | 3.2 | 0.5% | Oct 6, 2020 | hw/ide/pci.c in QEMU before 5.1.1 can trigger a NULL pointer dereference because it lacks a pointer check before an ide_... |
| CVE-2020-25742 | LOW | 3.2 | 0.5% | Oct 6, 2020 | pci_change_irq_level in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pci_get_bus() might not... |
| CVE-2020-25741 | LOW | 3.2 | 0.4% | Oct 2, 2020 | fdctrl_write_data in hw/block/fdc.c in QEMU 5.0.0 has a NULL pointer dereference via a NULL block pointer for the curren... |
| CVE-2020-15671 | LOW | 3.1 | 0.5% | Oct 1, 2020 | When typing in a password under certain conditions, a race may have occured where the InputContext was not being correct... |
| CVE-2020-14378 | LOW | 3.3 | 0.4% | Sep 30, 2020 | An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large a... |
| CVE-2020-4629 | LOW | 3.3 | 0.3% | Sep 30, 2020 | IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local user with specialized access to obtain sensi... |
| CVE-2020-15731 | LOW | 3.6 | 0.5% | Sep 30, 2020 | An improper Input Validation vulnerability in the code handling file renaming and recovery in Bitdefender Engines allows... |
| CVE-2020-25084 | LOW | 3.2 | 0.3% | Sep 25, 2020 | QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked. |
| CVE-2020-16230 | LOW | 2.3 | 0.3% | Sep 18, 2020 | All version of Ewon Flexy and Cosy prior to 14.1 use wildcards such as (*) under which domains can request resources. An... |
| CVE-2020-14525 | LOW | 3.5 | 0.4% | Sep 18, 2020 | Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not neutralize or incorrectly neutralizes user-... |
| CVE-2020-15186 | LOW | 2.7 | 1.0% | Sep 17, 2020 | In Helm before versions 2.16.11 and 3.3.2 plugin names are not sanitized properly. As a result, a malicious plugin autho... |
| CVE-2020-15185 | LOW | 2.7 | 0.9% | Sep 17, 2020 | In Helm before versions 2.16.11 and 3.3.2, a Helm repository can contain duplicates of the same chart, with the last one... |
| CVE-2020-15184 | LOW | 2.7 | 1.0% | Sep 17, 2020 | In Helm before versions 2.16.11 and 3.3.2 there is a bug in which the `alias` field on a `Chart.yaml` is not properly sa... |
| CVE-2020-0382 | LOW | 2.3 | 0.2% | Sep 17, 2020 | In RunInternal of dumpstate.cpp, there is a possible user consent bypass due to an uncaught exception. This could lead t... |
| CVE-2020-3989 | LOW | 3.3 | 0.3% | Sep 16, 2020 | VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability du... |
| CVE-2020-4344 | LOW | 3.3 | 0.3% | Sep 15, 2020 | IBM Tivoli Business Service Manager 6.2.0.0 - 6.2.0.2 IF 1 allows web pages to be stored locally which can be read by an... |
| CVE-2020-13308 | LOW | 2.7 | 1.6% | Sep 15, 2020 | A vulnerability was discovered in GitLab versions before 13.1.10, 13.2.8 and 13.3.4. A user without 2 factor authenticat... |
| CVE-2020-16218 | LOW | 3.5 | 0.7% | Sep 11, 2020 | In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the software does not neutralize or incorrectly neu... |
| CVE-2020-7068 | LOW | 3.6 | 1.7% | Sep 9, 2020 | In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below 7.4.9, while processing PHAR files using phar ext... |
| CVE-2020-2044 | LOW | 3.3 | 0.7% | Sep 9, 2020 | An information exposure through log file vulnerability where an administrator's password or other sensitive information ... |
| CVE-2020-2043 | LOW | 3.3 | 0.7% | Sep 9, 2020 | An information exposure through log file vulnerability where sensitive fields are recorded in the configuration log with... |
| CVE-2020-1968 | LOW | 3.7 | 4.8% | Sep 9, 2020 | The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-... |
| CVE-2020-9083 | LOW | 2.4 | 0.2% | Sep 3, 2020 | HUAWEI Mate 20 smart phones with Versions earlier than 10.1.0.163(C00E160R3P8) have a denial of service (DoS) vulnerabil... |
| CVE-2020-24654 | LOW | 3.3 | 1.5% | Sep 2, 2020 | In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as de... |
| CVE-2020-8341 | LOW | 2.4 | 0.3% | Sep 1, 2020 | In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. While this provides sufficient prot... |
Check if your code is affected by 2020 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now