| 2020-02-04 | CVE-2019-15623 | Exposure of Private Information in Nextcloud Server 16.0.1 causes the server to send it's domain and user IDs to the Nextcloud Lookup Server without any further data when the Lookup server is disabled. | 5.3 |
| 2020-01-16 | CVE-2020-7106 | Cross-site Scripting vulnerability in multiple products
Cacti 1.2.8 has stored XSS in data_sources.php, color_templates_item.php, graphs.php, graph_items.php, lib/api_automation.php, user_admin.php, and user_group_admin.php, as demonstrated by the description parameter in data_sources.php (a raw string from the database that is displayed by $header to trigger the XSS). | 6.1 |
| 2020-01-10 | CVE-2020-1765 | An improper control of parameters allows the spoofing of the from fields of the following screens: AgentTicketCompose, AgentTicketForward, AgentTicketBounce and AgentTicketEmailOutbound. | 5.3 |
| 2020-01-08 | CVE-2020-6615 | NULL Pointer Dereference vulnerability in multiple products
GNU LibreDWG 0.9.3.2564 has an invalid pointer dereference in dwg_dynapi_entity_value in dynapi.c (dynapi.c is generated by gen-dynapi.pl). | 6.5 |
| 2020-01-08 | CVE-2020-6611 | NULL Pointer Dereference vulnerability in multiple products
GNU LibreDWG 0.9.3.2564 has a NULL pointer dereference in get_next_owned_entity in dwg.c. | 6.5 |
| 2020-01-06 | CVE-2019-18179 | An issue was discovered in Open Ticket Request System (OTRS) 7.0.x through 7.0.12, and Community Edition 5.0.x through 5.0.38 and 6.0.x through 6.0.23. | 4.3 |
| 2020-01-03 | CVE-2019-5846 | Out-of-bounds Write vulnerability in multiple products
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
| 2020-01-03 | CVE-2019-5845 | Out-of-bounds Write vulnerability in multiple products
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
| 2020-01-03 | CVE-2019-5844 | Out-of-bounds Write vulnerability in multiple products
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | 6.5 |
| 2020-01-02 | CVE-2019-14864 | Ansible, versions 2.9.x before 2.9.1, 2.8.x before 2.8.7 and Ansible versions 2.7.x before 2.7.15, is not respecting the flag no_log set it to True when Sumologic and Splunk callback plugins are used send tasks results events to collectors. | 6.5 |