Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-11-05 | CVE-2020-6877 | Information Exposure vulnerability in ZTE Zxa10 Eodn Firmware 2.3P2T1 A ZTE product is impacted by an information leak vulnerability. | 4.0 |
| 2020-11-05 | CVE-2020-25837 | Unspecified vulnerability in Microfocus Self Service Password Reset Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. | 7.5 |
| 2020-11-05 | CVE-2020-25662 | Improper Initialization vulnerability in Redhat Enterprise Linux 8.3 A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. | 6.5 |
| 2020-11-05 | CVE-2020-25661 | Type Confusion vulnerability in Redhat Enterprise Linux 8.3 A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. | 8.8 |
| 2020-11-05 | CVE-2020-17510 | Improper Authentication vulnerability in multiple products Apache Shiro before 1.7.0, when using Apache Shiro with Spring, a specially crafted HTTP request may cause an authentication bypass. | 9.8 |
| 2020-11-05 | CVE-2020-13537 | Incorrect Default Permissions vulnerability in Moxa Mxview 3.1.8 An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. | 7.2 |
| 2020-11-05 | CVE-2020-13536 | Incorrect Default Permissions vulnerability in Moxa Mxview 3.1.8 An exploitable local privilege elevation vulnerability exists in the file system permissions of Moxa MXView series 3.1.8 installation. | 7.2 |
| 2020-11-05 | CVE-2020-6015 | Unspecified vulnerability in Checkpoint Endpoint Security E84.10 Check Point Endpoint Security for Windows before E84.10 can reach denial of service during clean install of the client which will prevent the storage of service log files in non-standard locations. | 2.1 |
| 2020-11-05 | CVE-2020-5946 | Unspecified vulnerability in F5 products In BIG-IP Advanced WAF and FPS versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, under some circumstances, certain format client-side alerts sent to the BIG-IP virtual server configured with DataSafe may cause the Traffic Management Microkernel (TMM) to restart, resulting in a Denial-of-Service (DoS). | 5.0 |
| 2020-11-05 | CVE-2020-5945 | Cross-site Scripting vulnerability in F5 products In BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, undisclosed TMUI page contains a stored cross site scripting vulnerability (XSS). | 8.5 |