Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-06 | CVE-2020-5643 | Improper Input Validation vulnerability in Cybozu Garoon 5.0.0/5.0.1/5.0.2 Improper input validation vulnerability in Cybozu Garoon 5.0.0 to 5.0.2 allows a remote authenticated attacker to delete some data of the bulletin board via unspecified vector. | 5.5 |
| 2020-11-06 | CVE-2020-27347 | Out-of-bounds Write vulnerability in Tmux Project Tmux In tmux before version 3.1c the function input_csi_dispatch_sgr_colon() in file input.c contained a stack-based buffer-overflow that can be exploited by terminal output. | 7.8 |
| 2020-11-06 | CVE-2020-15708 | Incorrect Permission Assignment for Critical Resource vulnerability in Canonical Ubuntu Linux 20.04 Ubuntu's packaging of libvirt in 20.04 LTS created a control socket with world read and write permissions. | 7.8 |
| 2020-11-05 | CVE-2020-7207 | Improper Privilege Management vulnerability in HP products A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). | 7.2 |
| 2020-11-05 | CVE-2020-6877 | Information Exposure vulnerability in ZTE Zxa10 Eodn Firmware 2.3P2T1 A ZTE product is impacted by an information leak vulnerability. | 4.0 |
| 2020-11-05 | CVE-2020-25837 | Unspecified vulnerability in Microfocus Self Service Password Reset Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. | 7.5 |
| 2020-11-05 | CVE-2020-25662 | Improper Initialization vulnerability in Redhat Enterprise Linux 8.3 A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. | 6.5 |
| 2020-11-05 | CVE-2020-25661 | Type Confusion vulnerability in Redhat Enterprise Linux 8.3 A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. | 8.8 |
| 2020-11-05 | CVE-2020-17510 | Improper Authentication vulnerability in multiple products Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. | 9.8 |
| 2020-11-05 | CVE-2020-13537 | Incorrect Default Permissions vulnerability in Moxa Mxview 3.1.8 An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. | 7.2 |