Total
29483 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-35481 | 1 Solarwinds | 1 Serv-u | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SolarWinds Serv-U before 15.2.2 allows Unauthenticated Macro Injection. | |||||
| CVE-2020-35168 | 2 Dell, Oracle | 6 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite, Database and 3 more | 2024-11-21 | 7.5 HIGH | 4.7 MEDIUM |
| Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. | |||||
| CVE-2020-35167 | 2 Dell, Oracle | 6 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite, Database and 3 more | 2024-11-21 | 7.5 HIGH | 4.8 MEDIUM |
| Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. | |||||
| CVE-2020-35166 | 2 Dell, Oracle | 6 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite, Database and 3 more | 2024-11-21 | 7.5 HIGH | 5.1 MEDIUM |
| Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. | |||||
| CVE-2020-35164 | 2 Dell, Oracle | 6 Bsafe Crypto-c-micro-edition, Bsafe Micro-edition-suite, Database and 3 more | 2024-11-21 | 7.5 HIGH | 6.7 MEDIUM |
| Dell BSAFE Crypto-C Micro Edition, versions before 4.1.5, and Dell BSAFE Micro Edition Suite, versions before 4.6, contain an Observable Timing Discrepancy Vulnerability. | |||||
| CVE-2020-2185 | 1 Jenkins | 1 Amazon Ec2 | 2024-11-21 | 6.8 MEDIUM | 5.6 MEDIUM |
| Jenkins Amazon EC2 Plugin 1.50.1 and earlier does not validate SSH host keys when connecting agents, enabling man-in-the-middle attacks. | |||||
| CVE-2020-2100 | 1 Jenkins | 1 Jenkins | 2024-11-21 | 5.0 MEDIUM | 5.8 MEDIUM |
| Jenkins 2.218 and earlier, LTS 2.204.1 and earlier was vulnerable to a UDP amplification reflection denial of service attack on port 33848. | |||||
| CVE-2020-2041 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb service to crash. Repeated attempts to send this request result in denial of service to all PAN-OS services by restarting the device and putting it into maintenance mode. This issue impacts all versions of PAN-OS 8.0, and PAN-OS 8.1 versions earlier than 8.1.16. | |||||
| CVE-2020-2003 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 8.5 HIGH | 6.5 MEDIUM |
| An external control of filename vulnerability in the command processing of PAN-OS allows an authenticated administrator to delete arbitrary system files affecting the integrity of the system or causing denial of service to all PAN-OS services. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions before 8.1.14; PAN-OS 9.0 versions before 9.0.7; PAN-OS 9.1 versions before 9.1.1. | |||||
| CVE-2020-29666 | 1 Lanatmservice | 1 M3 Atm Monitoring System | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| In Lan ATMService M3 ATM Monitoring System 6.1.0, due to a directory-listing vulnerability, a remote attacker can view log files, located in /websocket/logs/, that contain a user's cookie values and the predefined developer's cookie value. | |||||
| CVE-2020-29651 | 3 Fedoraproject, Oracle, Pytest | 3 Fedora, Zfs Storage Appliance Kit, Py | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A denial of service via regular expression in the py.path.svnwc component of py (aka python-py) through 1.9.0 could be used by attackers to cause a compute-time denial of service attack by supplying malicious input to the blame functionality. | |||||
| CVE-2020-29602 | 1 Irssi | 1 Docker Image | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The official irssi docker images before 1.1-alpine (Alpine specific) contain a blank password for a root user. System using the irssi docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password. | |||||
| CVE-2020-29601 | 1 Docker | 1 Notary Docker Image | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The official notary docker images before signer-0.6.1-1 contain a blank password for a root user. System using the notary docker container deployed by affected versions of the docker image may allow an remote attacker to achieve root access with a blank password. | |||||
| CVE-2020-29581 | 1 Docker | 1 Spiped Alpine Docker Image | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The official spiped docker images before 1.5-alpine contain a blank password for a root user. Systems using the spiped docker container deployed by affected versions of the docker image may allow an remote attacker to achieve root access with a blank password. | |||||
| CVE-2020-29580 | 1 Docker | 1 Storm Docker Image | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The official storm Docker images before 1.2.1 contain a blank password for a root user. Systems using the Storm Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password. | |||||
| CVE-2020-29579 | 1 Express-gateway | 1 Express-gateway Docker Image | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The official Express Gateway Docker images before 1.14.0 contain a blank password for a root user. Systems using the Express Gateway Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access. | |||||
| CVE-2020-29578 | 1 Matomo | 1 Piwik Fpm-alpine Docker Image | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The official piwik Docker images before fpm-alpine (Alpine specific) contain a blank password for a root user. Systems using the Piwik Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access. | |||||
| CVE-2020-29577 | 1 Znc | 1 Znc Docker Image | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The official znc docker images before 1.7.1-slim contain a blank password for a root user. Systems using the znc docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password. | |||||
| CVE-2020-29576 | 1 Eggheads | 1 Eggdrop Docker Image | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The official eggdrop Docker images before 1.8.4rc2 contain a blank password for a root user. Systems using the Eggdrop Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank password. | |||||
| CVE-2020-29575 | 1 Docker | 1 Elixir Alpine Docker Image | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The official elixir Docker images before 1.8.0-alpine (Alpine specific) contain a blank password for a root user. Systems using the elixir Linux Docker container deployed by affected versions of the Docker image may allow a remote attacker to achieve root access with a blank password. | |||||