CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2020-28647 79 Exec Code XSS 2020-11-17 2020-12-18
3.5
None Remote Medium ??? None Partial None
In Progress MOVEit Transfer before 2020.1, a malicious user could craft and store a payload within the application. If a victim within the MOVEit Transfer instance interacts with the stored payload, it could invoke and execute arbitrary code within the context of the victim's browser (XSS).
102 CVE-2020-28642 338 2020-11-16 2020-11-30
7.5
None Remote Low Not required Partial Partial Partial
In InfiniteWP Admin Panel before 3.1.12.3, resetPasswordSendMail generates a weak password-reset code, which makes it easier for remote attackers to conduct admin Account Takeover attacks.
103 CVE-2020-28638 287 2020-11-13 2020-12-02
7.5
None Remote Low Not required Partial Partial Partial
ask_password in Tomb 2.0 through 2.7 returns a warning when pinentry-curses is used and $DISPLAY is non-empty, causing affected users' files to be encrypted with "tomb {W] Detected DISPLAY, but only pinentry-curses is found." as the encryption key.
104 CVE-2020-28581 78 Exec Code 2020-11-18 2020-11-28
9.0
None Remote Low ??? Complete Complete Complete
A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.
105 CVE-2020-28580 78 Exec Code 2020-11-18 2020-11-28
9.0
None Remote Low ??? Complete Complete Complete
A command injection vulnerability in AddVLANItem of Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send specially crafted HTTP messages and execute arbitrary OS commands with elevated privileges.
106 CVE-2020-28579 787 Exec Code 2020-11-18 2020-12-02
6.5
None Remote Low ??? Partial Partial Partial
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an authenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges.
107 CVE-2020-28578 787 Exec Code 2020-11-18 2020-11-30
7.5
None Remote Low Not required Partial Partial Partial
A vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an unauthenticated, remote attacker to send a specially crafted HTTP message and achieve remote code execution with elevated privileges.
108 CVE-2020-28574 22 Dir. Trav. 2020-11-18 2020-12-02
6.4
None Remote Low Not required None Partial Partial
A unauthenticated path traversal arbitrary remote file deletion vulnerability in Trend Micro Worry-Free Business Security 10 SP1 could allow an unauthenticated attacker to exploit the vulnerability and modify or delete arbitrary files on the product's management console.
109 CVE-2020-28572 269 2020-11-18 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
A vulnerability in Trend Micro Apex One could allow an unprivileged user to abuse the product installer to reinstall the agent with additional malicious code in the context of a higher privilege.
110 CVE-2020-28421 269 2020-11-23 2021-07-21
4.6
None Local Low Not required Partial Partial Partial
CA Unified Infrastructure Management 20.1 and earlier contains a vulnerability in the robot (controller) component that allows local attackers to elevate privileges.
111 CVE-2020-28415 79 Exec Code XSS 2020-11-12 2020-11-17
4.3
None Remote Medium Not required None Partial None
A reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28414).
112 CVE-2020-28414 79 Exec Code XSS 2020-11-12 2020-11-17
4.3
None Remote Medium Not required None Partial None
A reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28415).
113 CVE-2020-28409 79 XSS 2020-11-10 2020-11-18
3.5
None Remote Medium ??? None Partial None
The server in Dundas BI through 8.0.0.1001 allows XSS via addition of a Component (e.g., a button) when events such as click, hover, etc. occur.
114 CVE-2020-28408 79 XSS 2020-11-10 2020-11-18
3.5
None Remote Medium ??? None Partial None
The server in Dundas BI through 8.0.0.1001 allows XSS via an HTML label when creating or editing a dashboard.
115 CVE-2020-28373 787 Exec Code Overflow 2020-11-09 2020-11-23
8.3
None Local Network Low Not required Complete Complete Complete
upnpd on certain NETGEAR devices allows remote (LAN) attackers to execute arbitrary code via a stack-based buffer overflow. This affects R6400v2 V1.0.4.102_10.0.75, R6400 V1.0.1.62_1.0.41, R7000P V1.3.2.126_10.1.66, XR300 V1.0.3.50_10.3.36, R8000 V1.0.4.62, R8300 V1.0.2.136, R8500 V1.0.2.136, R7300DST V1.0.0.74, R7850 V1.0.5.64, R7900 V1.0.4.30, RAX20 V1.0.2.64, RAX80 V1.0.3.102, and R6250 V1.0.4.44.
116 CVE-2020-28371 190 Overflow Bypass 2020-11-09 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
** UNSUPPORTED WHEN ASSIGNED ** An issue was discovered in ReadyTalk Avian 1.2.0 before 2020-10-27. The FileOutputStream.write() method in FileOutputStream.java has a boundary check to prevent out-of-bounds memory read/write operations. However, an integer overflow leads to bypassing this check and achieving the out-of-bounds access. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
117 CVE-2020-28368 862 +Info 2020-11-10 2022-01-01
2.1
None Local Low Not required Partial None None
Xen through 4.14.x allows guest OS administrators to obtain sensitive information (such as AES keys from outside the guest) via a side-channel attack on a power/energy monitoring interface, aka a "Platypus" attack. NOTE: there is only one logically independent fix: to change the access control for each such interface in Xen.
118 CVE-2020-28367 88 2020-11-18 2020-12-16
5.1
None Remote High Not required Partial Partial Partial
Go before 1.14.12 and 1.15.x before 1.15.5 allows Argument Injection.
119 CVE-2020-28366 94 2020-11-18 2020-12-16
5.1
None Remote High Not required Partial Partial Partial
Go before 1.14.12 and 1.15.x before 1.15.5 allows Code Injection.
120 CVE-2020-28364 79 XSS 2020-11-09 2020-11-17
4.3
None Remote Medium Not required None Partial None
A stored cross-site scripting (XSS) vulnerability affects the Web UI in Locust before 1.3.2, if the installation violates the usage expectations by exposing this UI to outside users.
121 CVE-2020-28362 295 DoS 2020-11-18 2021-11-30
5.0
None Remote Low Not required None None Partial
Go before 1.14.12 and 1.15.x before 1.15.4 allows Denial of Service.
122 CVE-2020-28361 444 Bypass 2020-11-18 2020-12-03
5.5
None Remote Low ??? Partial Partial None
Kamailio before 5.4.0, as used in Sip Express Router (SER) in Sippy Softswitch 4.5 through 5.2 and other products, allows a bypass of a header-removal protection mechanism via whitespace characters. This occurs in the remove_hf function in the Kamailio textops module. Particular use of remove_hf in Sippy Softswitch may allow skilled attacker having a valid credential in the system to disrupt internal call start/duration accounting mechanisms leading potentially to a loss of revenue.
123 CVE-2020-28360 918 Exec Code 2020-11-23 2021-07-15
7.5
None Remote Low Not required Partial Partial Partial
Insufficient RegEx in private-ip npm package v1.0.5 and below insufficiently filters reserved IP ranges resulting in indeterminate SSRF. An attacker can perform a large range of requests to ARIN reserved IP ranges, resulting in an indeterminable number of critical attack vectors, allowing remote attackers to request server-side resources or potentially execute arbitrary code through various SSRF techniques.
124 CVE-2020-28351 79 XSS 2020-11-09 2020-11-18
4.3
None Remote Medium Not required None Partial None
The conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack (via the PATH_INFO to index.php) due to insufficient validation for the time_zone object in the HOME_MEETING& page.
125 CVE-2020-28350 79 XSS 2020-11-19 2020-11-27
4.3
None Remote Medium Not required None Partial None
A Cross Site Scripting (XSS) vulnerability exists in OPAC in Sokrates SOWA SowaSQL through 5.6.1 via the sowacgi.php typ parameter.
126 CVE-2020-28349 20 DoS 2020-11-09 2020-11-19
6.8
None Remote Low ??? None None Complete
** DISPUTED ** An inaccurate frame deduplication process in ChirpStack Network Server 3.9.0 allows a malicious gateway to perform uplink Denial of Service via malformed frequency attributes in CollectAndCallOnceCollect in internal/uplink/collect.go. NOTE: the vendor's position is that there are no "guarantees that allowing untrusted LoRa gateways to the network should still result in a secure network."
127 CVE-2020-28348 22 Dir. Trav. 2020-11-24 2020-12-04
6.3
None Remote Medium ??? Complete None None
HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, and 0.10.8.
128 CVE-2020-28347 77 Exec Code 2020-11-08 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute arbitrary code via the slave_mac parameter. NOTE: this issue exists because of an incomplete fix for CVE-2020-10882 in which shell quotes are mishandled.
129 CVE-2020-28345 476 2020-11-08 2020-11-16
5.0
None Remote Low Not required None None Partial
An issue was discovered on LG mobile devices with Android OS 10 software. The Wi-Fi subsystem may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200025 (November 2020).
130 CVE-2020-28344 476 2020-11-08 2020-11-16
7.8
None Remote Low Not required None None Complete
An issue was discovered on LG mobile devices with Android OS 8.0, 8.1, 9.0, and 10 software. System services may crash because of the lack of a NULL parameter check. The LG ID is LVE-SMP-200024 (November 2020).
131 CVE-2020-28343 787 Exec Code 2020-11-08 2020-11-10
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. The NPU driver allows attackers to execute arbitrary code because of unintended write and read operations on memory. The Samsung ID is SVE-2020-18610 (November 2020).
132 CVE-2020-28342 Bypass 2020-11-08 2020-11-10
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (China / India) software. The S Secure application allows attackers to bypass authentication for a locked Gallery application via the Reminder application. The Samsung ID is SVE-2020-18689 (November 2020).
133 CVE-2020-28341 120 Exec Code Overflow +Info 2020-11-08 2020-11-10
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos990 chipsets) software. The S3K250AF Secure Element CC EAL 5+ chip allows attackers to execute arbitrary code and obtain sensitive information via a buffer overflow. The Samsung ID is SVE-2020-18632 (November 2020).
134 CVE-2020-28340 Bypass 2020-11-08 2020-11-10
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), Q(10.0), and R(11.0) software. Attackers can bypass Factory Reset Protection (FRP) via Secure Folder. The Samsung ID is SVE-2020-18546 (November 2020).
135 CVE-2020-28339 2020-11-07 2021-07-21
6.5
None Remote Low ??? Partial Partial Partial
The usc-e-shop (aka Collne Welcart e-Commerce) plugin before 1.9.36 for WordPress allows Object Injection because of usces_unserialize. There is not a complete POP chain.
136 CVE-2020-28334 798 2020-11-24 2020-12-03
10.0
None Remote Low Not required Complete Complete Complete
Barco wePresent WiPG-1600W devices use Hard-coded Credentials (issue 2 of 2). Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W device has a hardcoded root password hash included in the firmware image. Exploiting CVE-2020-28329, CVE-2020-28330 and CVE-2020-28331 could potentially be used in a simple and automated exploit chain to go from unauthenticated remote attacker to root shell.
137 CVE-2020-28333 287 Bypass 2020-11-24 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
Barco wePresent WiPG-1600W devices allow Authentication Bypass. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W web interface does not use session cookies for tracking authenticated sessions. Instead, the web interface uses a "SEID" token that is appended to the end of URLs in GET requests. Thus the "SEID" would be exposed in web proxy logs and browser history. An attacker that is able to capture the "SEID" and originate requests from the same IP address (via a NAT device or web proxy) would be able to access the user interface of the device without having to know the credentials.
138 CVE-2020-28332 494 2020-11-24 2020-12-03
7.5
None Remote Low Not required Partial Partial Partial
Barco wePresent WiPG-1600W devices download code without an Integrity Check. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W firmware does not perform verification of digitally signed firmware updates and is susceptible to processing and installing modified/malicious images.
139 CVE-2020-28331 2020-11-24 2020-12-03
5.0
None Remote Low Not required None Partial None
Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W device has an SSH daemon included in the firmware image. By default, the SSH daemon is disabled and does not start at system boot. The system initialization scripts read a device configuration file variable to see if the SSH daemon should be started. The web interface does not provide a visible capability to alter this configuration file variable. However, a malicious actor can include this variable in a POST such that the SSH daemon will be started when the device boots.
140 CVE-2020-28330 522 2020-11-24 2020-12-03
4.0
None Remote Low ??? Partial None None
Barco wePresent WiPG-1600W devices have Unprotected Transport of Credentials. Affected Version(s): 2.5.1.8. An attacker armed with hardcoded API credentials (retrieved by exploiting CVE-2020-28329) can issue an authenticated query to display the admin password for the main web user interface listening on port 443/tcp of a Barco wePresent WiPG-1600W device.
141 CVE-2020-28329 798 2020-11-24 2020-12-04
7.5
None Remote Low Not required Partial Partial Partial
Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authenticated, administrative functions in the API. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19.
142 CVE-2020-28328 434 Exec Code 2020-11-06 2021-12-02
9.0
None Remote Low ??? Complete Complete Complete
SuiteCRM before 7.11.17 is vulnerable to remote code execution via the system settings Log File Name setting. In certain circumstances involving admin account takeover, logger_file_name can refer to an attacker-controlled .php file under the web root.
143 CVE-2020-28327 404 2020-11-06 2020-11-20
2.1
None Remote High ??? None None Partial
A res_pjsip_session crash was discovered in Asterisk Open Source 13.x before 13.37.1, 16.x before 16.14.1, 17.x before 17.8.1, and 18.x before 18.0.1. and Certified Asterisk before 16.8-cert5. Upon receiving a new SIP Invite, Asterisk did not return the created dialog locked or referenced. This caused a gap between the creation of the dialog object, and its next use by the thread that created it. Depending on some off-nominal circumstances and timing, it was possible for another thread to free said dialog in this gap. Asterisk could then crash when the dialog object, or any of its dependent objects, were dereferenced or accessed next by the initial-creation thread. Note, however, that this crash can only occur when using a connection-oriented protocol (e.g., TCP or TLS, but not UDP) for SIP transport. Also, the remote client must be authenticated, or Asterisk must be configured for anonymous calling.
144 CVE-2020-28271 20 DoS Exec Code 2020-11-12 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
Prototype pollution vulnerability in 'deephas' versions 1.0.0 through 1.0.5 allows attacker to cause a denial of service and may lead to remote code execution.
145 CVE-2020-28270 1321 DoS Exec Code 2020-11-12 2022-01-06
7.5
None Remote Low Not required Partial Partial Partial
Prototype pollution vulnerability in 'object-hierarchy-access' versions 0.2.0 through 0.32.0 allows attacker to cause a denial of service and may lead to remote code execution.
146 CVE-2020-28269 20 DoS Exec Code 2020-11-12 2021-07-21
7.5
None Remote Low Not required Partial Partial Partial
Prototype pollution vulnerability in 'field' versions 0.0.1 through 1.0.1 allows attacker to cause a denial of service and may lead to remote code execution.
147 CVE-2020-28268 20 DoS Exec Code 2020-11-15 2021-07-21
5.0
None Remote Low Not required None None Partial
Prototype pollution vulnerability in 'controlled-merge' versions 1.0.0 through 1.2.0 allows attacker to cause a denial of service and may lead to remote code execution.
148 CVE-2020-28267 DoS Exec Code 2020-11-10 2020-11-24
5.0
None Remote Low Not required None None Partial
Prototype pollution vulnerability in '@strikeentco/set' version 1.0.0 allows attacker to cause a denial of service and may lead to remote code execution.
149 CVE-2020-28250 2020-11-06 2020-11-19
10.0
None Remote Low Not required Complete Complete Complete
Cellinx NVT Web Server 5.0.0.014b.test 2019-09-05 allows a remote user to run commands as root via SetFileContent.cgi because authentication is on the client side.
150 CVE-2020-28249 79 XSS 2020-11-06 2020-11-12
4.3
None Remote Medium Not required None Partial None
Joplin 1.2.6 for Desktop allows XSS via a LINK element in a note.
Total number of vulnerabilities : 1271   Page : 1 2 3 (This Page)4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.