CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2020

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
201 CVE-2020-27985 287 2020-11-23 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
Security Onion v2 prior to 2.3.10 has an incorrect sudo configuration, which allows the administrative user to obtain root access without using the sudo password by editing and executing /home/<user>/SecurityOnion/setup/so-setup.
202 CVE-2020-27982 79 XSS 2020-11-02 2020-11-09
4.3
None Remote Medium Not required None Partial None
IceWarp 11.4.5.0 allows XSS via the language parameter.
203 CVE-2020-27977 2020-11-09 2020-11-17
4.6
None Local Low Not required Partial Partial Partial
CapaSystems CapaInstaller before 6.0.101 does not properly assign, modify, or check privileges for an actor who attempts to edit registry values, allowing an attacker to escalate privileges.
204 CVE-2020-27955 427 Exec Code 2020-11-05 2021-12-16
10.0
None Remote Low Not required Complete Complete Complete
Git LFS 2.12.0 allows Remote Code Execution.
205 CVE-2020-27746 922 2020-11-27 2021-01-28
4.3
None Remote Medium Not required Partial None None
Slurm before 19.05.8 and 20.x before 20.02.6 exposes Sensitive Information to an Unauthorized Actor because xauth for X11 magic cookies is affected by a race condition in a read operation on the /proc filesystem.
206 CVE-2020-27745 120 Overflow 2020-11-27 2022-01-17
6.8
None Remote Medium Not required Partial Partial Partial
Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin.
207 CVE-2020-27708 269 2020-11-02 2021-07-21
7.2
None Local Low Not required Complete Complete Complete
A vulnerability exists in the Origin Client that could allow a non-Administrative user to elevate their access to either Administrator or System. Once the user has obtained elevated access, they may be able to take control of the system and perform actions otherwise reserved for high privileged users or system Administrators.
208 CVE-2020-27697 426 2020-11-18 2020-12-02
6.9
None Local Medium Not required Complete Complete Complete
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a non-protected location with high privileges (symlink attack) which can lead to obtaining administrative privileges during the installation of the product.
209 CVE-2020-27696 2020-11-18 2020-12-02
6.9
None Local Medium Not required Complete Complete Complete
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a specific Windows system directory which can lead to obtaining administrative privileges during the installation of the product.
210 CVE-2020-27695 426 2020-11-18 2020-12-01
6.9
None Local Medium Not required Complete Complete Complete
Trend Micro Security 2020 (Consumer) contains a vulnerability in the installer package that could be exploited by placing a malicious DLL in a local directory which can lead to obtaining administrative privileges during the installation of the product.
211 CVE-2020-27694 2020-11-09 2020-11-24
6.5
None Remote Low ??? Partial Partial Partial
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 has updated a specific critical library that may vulnerable to attack.
212 CVE-2020-27693 916 2020-11-09 2020-11-24
2.1
None Local Low Not required Partial None None
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 stores administrative passwords using a hash that is considered outdated.
213 CVE-2020-27692 352 CSRF 2020-11-04 2020-11-10
6.8
None Remote Medium Not required Partial Partial Partial
The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains multiple CSRF vulnerabilities within its web management portal. Attackers can, for example, use this to update the TR-069 configuration server settings (responsible for managing devices remotely). This makes it possible to remotely reboot the device or upload malicious firmware.
214 CVE-2020-27691 79 XSS 2020-11-04 2020-11-10
4.3
None Remote Medium Not required None Partial None
The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 allows XSS via URLBlocking Settings, SNMP Settings, and System Log Settings.
215 CVE-2020-27690 120 Overflow 2020-11-04 2020-11-10
4.9
None Local Low Not required None None Complete
The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains a buffer overflow within its web management portal. When a POST request is sent to /boaform/admin/formDOMAINBLK with a large blkDomain value, the Boa server crashes.
216 CVE-2020-27689 798 Exec Code 2020-11-04 2020-11-10
5.0
None Remote Low Not required Partial None None
The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains undocumented default admin credentials for the web management interface. A remote attacker could exploit this vulnerability to login and execute commands on the device, as well as upgrade the firmware image to a malicious version.
217 CVE-2020-27688 522 2020-11-05 2020-11-13
5.0
None Remote Low Not required Partial None None
RVToolsPasswordEncryption.exe in RVTools 4.0.6 allows users to encrypt passwords to be used in the configuration files. This encryption used a static IV and key, and thus using the Decrypt() method from VISKD.cs from the RVTools.exe executable allows for decrypting the encrypted passwords. The accounts used in the configuration files have access to vSphere instances.
218 CVE-2020-27663 922 2020-11-26 2021-07-21
4.0
None Remote Low ??? Partial None None
In GLPI before 9.5.3, ajax/getDropdownValue.php has an Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to read data from any itemType (e.g., Ticket, Users, etc.).
219 CVE-2020-27662 922 2020-11-26 2021-07-21
4.0
None Remote Low ??? Partial None None
In GLPI before 9.5.3, ajax/comments.php has an Insecure Direct Object Reference (IDOR) vulnerability that allows an attacker to read data from any database table (e.g., glpi_tickets, glpi_users, etc.).
220 CVE-2020-27660 89 Exec Code Sql 2020-11-30 2020-12-22
10.0
None Remote Low Not required Complete Complete Complete
SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter.
221 CVE-2020-27659 79 XSS 2020-11-30 2020-12-22
3.5
None Remote Medium ??? None Partial None
Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) profile parameter.
222 CVE-2020-27629 2020-11-16 2020-12-01
5.0
None Remote Low Not required Partial None None
In JetBrains TeamCity before 2020.1.5, secure dependency parameters could be not masked in depending builds when there are no internal artifacts.
223 CVE-2020-27628 2020-11-16 2020-11-23
4.0
None Remote Low ??? Partial None None
In JetBrains TeamCity before 2020.1.5, the Guest user had access to audit records.
224 CVE-2020-27627 74 2020-11-16 2020-12-01
5.8
None Remote Medium Not required Partial Partial None
JetBrains TeamCity before 2020.1.2 was vulnerable to URL injection.
225 CVE-2020-27626 918 2020-11-16 2020-11-21
5.0
None Remote Low Not required None Partial None
JetBrains YouTrack before 2020.3.5333 was vulnerable to SSRF.
226 CVE-2020-27625 2020-11-16 2020-11-21
5.0
None Remote Low Not required Partial None None
In JetBrains YouTrack before 2020.3.888, notifications might have mentioned inaccessible issues.
227 CVE-2020-27624 918 2020-11-16 2020-11-21
5.0
None Remote Low Not required None Partial None
JetBrains YouTrack before 2020.3.888 was vulnerable to SSRF.
228 CVE-2020-27623 +Info 2020-11-16 2020-11-30
5.0
None Remote Low Not required Partial None None
JetBrains IdeaVim before version 0.58 might have caused an information leak in limited circumstances.
229 CVE-2020-27622 2020-11-16 2020-11-23
5.0
None Remote Low Not required Partial None None
In JetBrains IntelliJ IDEA before 2020.2, the built-in web server could expose information about the IDE version.
230 CVE-2020-27617 617 2020-11-06 2022-01-06
4.0
None Remote Low ??? None None Partial
eth_get_gso_type in net/eth.c in QEMU 4.2.1 allows guest OS users to trigger an assertion failure. A guest can crash the QEMU process via packet data that lacks a valid Layer 3 protocol.
231 CVE-2020-27616 682 2020-11-06 2022-01-01
4.0
None Remote Low ??? None None Partial
ati_2d_blt in hw/display/ati_2d.c in QEMU 4.2.1 can encounter an outside-limits situation in a calculation. A guest can crash the QEMU process.
232 CVE-2020-27589 295 2020-11-06 2020-11-20
5.0
None Remote Low Not required None Partial None
Synopsys hub-rest-api-python (aka blackduck on PyPI) version 0.0.25 - 0.0.52 does not validate SSL certificates in certain cases.
233 CVE-2020-27587 521 2020-11-30 2020-12-01
2.1
None Local Low Not required Partial None None
Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access to files in the File Vault via a brute-force attack on the password.
234 CVE-2020-27586 319 2020-11-30 2020-12-01
4.3
None Remote Medium Not required Partial None None
Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text.
235 CVE-2020-27585 521 2020-11-30 2020-12-04
2.1
None Local Low Not required None Partial None
Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password.
236 CVE-2020-27558 287 2020-11-17 2020-12-01
4.0
None Remote Low ??? Partial None None
Use of an undocumented user in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to view the video stream.
237 CVE-2020-27557 312 2020-11-17 2021-07-21
2.1
None Local Low Not required Partial None None
Unprotected Storage of Credentials vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 allows local users to gain access to the video streaming username and password via SQLite files containing plain text credentials.
238 CVE-2020-27556 2020-11-17 2021-07-21
5.0
None Remote Low Not required None Partial None
A predictable device ID in BASETech GE-131 BT-1837836 firmware 20180921 allows unauthenticated remote attackers to connect to the device.
239 CVE-2020-27555 522 Exec Code 2020-11-17 2021-07-21
10.0
None Remote Low Not required Complete Complete Complete
Use of default credentials for the telnet server in BASETech GE-131 BT-1837836 firmware 20180921 allows remote attackers to execute arbitrary system commands as the root user.
240 CVE-2020-27554 319 +Info 2020-11-17 2021-07-21
5.0
None Remote Low Not required Partial None None
Cleartext Transmission of Sensitive Information vulnerability in BASETech GE-131 BT-1837836 firmware 20180921 exists which could leak sensitive information transmitted between the mobile app and the camera device.
241 CVE-2020-27553 22 Dir. Trav. 2020-11-17 2020-12-01
5.0
None Remote Low Not required Partial None None
In BASETech GE-131 BT-1837836 firmware 20180921, the web-server on the system is configured with the option “DocumentRoot /etc“. This allows an attacker with network access to the web-server to download any files from the “/etc” folder without authentication. No path traversal sequences are needed to exploit this vulnerability.
242 CVE-2020-27524 134 2020-11-11 2020-12-30
4.8
None Local Network Low Not required Partial None Partial
On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version (N+R_CN_AU_P0395) mishandles %x and %s format string specifiers in a device name. This may lead to memory content leaks and potentially crash the services.
243 CVE-2020-27523 287 DoS 2020-11-11 2021-07-21
5.0
None Remote Low Not required None None Partial
Solstice-Pod up to 5.0.2 WEBRTC server mishandles the format-string specifiers %x; %p; %c and %s in the screen_key, display_name, browser_name, and operation_system parameter during the authentication process. This may crash the server and force Solstice-Pod to reboot, which leads to a denial of service.
244 CVE-2020-27486 120 Overflow 2020-11-16 2020-12-02
6.5
None Remote Low ??? Partial Partial Partial
Garmin Forerunner 235 before 8.20 is affected by: Buffer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the string length provided in the data section of the PRG file. It allocates memory for the string immediately, and then copies the string into the TVM object by using a function similar to strcpy. This copy can exceed the length of the allocated string data and overwrite heap data. A successful exploit would allow a ConnectIQ app store application to escape and perform activities outside the restricted application execution environment.
245 CVE-2020-27485 129 2020-11-16 2020-12-02
6.5
None Remote Low ??? Partial Partial Partial
Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check the index provided when accessing the local variable in the LGETV and LPUTV instructions. This provides the ability to both read and write memory outside the bounds of the TVM context allocation. It can be leveraged to construct a use-after-free scenario, leading to a constrained read/write primitive across the entire MAX32630 address space. A successful exploit would allow a ConnectIQ app store application to escape and perform activities outside the restricted application execution environment.
246 CVE-2020-27484 190 Overflow 2020-11-16 2020-12-02
6.5
None Remote Low ??? Partial Partial Partial
Garmin Forerunner 235 before 8.20 is affected by: Integer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter fails to check for overflow when allocating the array for the NEWA instruction. This a constrained read/write primitive across the entire MAX32630 address space. A successful exploit would allow a ConnectIQ app store application to escape and perform activities outside the restricted application execution environment.
247 CVE-2020-27483 129 Exec Code +Info 2020-11-16 2020-12-02
6.5
None Remote Low ??? Partial Partial Partial
Garmin Forerunner 235 before 8.20 is affected by: Array index error. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the offset provided for the stack value duplication instruction, DUP. The offset is unchecked and memory prior to the start of the execution stack can be read and treated as a TVM object. A successful exploit could use the vulnerability to leak runtime information such as the heap handle or pointer for a number of TVM context variables. Some reachable values may be controlled enough to forge a TVM object on the stack, leading to possible remote code execution.
248 CVE-2020-27481 89 Sql 2020-11-12 2020-11-23
7.5
None Remote Low Not required Partial Partial Partial
An unauthenticated SQL Injection vulnerability in Good Layers LMS Plugin <= 2.1.4 exists due to the usage of "wp_ajax_nopriv" call in WordPress, which allows any unauthenticated user to get access to the function "gdlr_lms_cancel_booking" where POST Parameter "id" was sent straight into SQL query without sanitization.
249 CVE-2020-27459 79 Exec Code XSS 2020-11-16 2020-11-21
4.3
None Remote Medium Not required None Partial None
Chronoforeum 2.0.11 allows Stored XSS vulnerabilities when inserting a crafted payload into a post. If any user sees the post, the inserted XSS code is executed.
250 CVE-2020-27423 307 DoS 2020-11-16 2020-12-01
5.0
None Remote Low Not required None None Partial
Anuko Time Tracker v1.19.23.5311 lacks rate limit on the password reset module which allows attacker to perform Denial of Service attack on any legitimate user's mailbox
Total number of vulnerabilities : 1271   Page : 1 2 3 4 5 (This Page)6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.