Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-09 | CVE-2020-1968 | Information Exposure Through Discrepancy vulnerability in multiple products The Raccoon attack exploits a flaw in the TLS specification which can lead to an attacker being able to compute the pre-master secret in connections which have used a Diffie-Hellman (DH) based ciphersuite. | 3.7 |
| 2020-09-03 | CVE-2020-9083 | Unspecified vulnerability in Huawei Mate 20 Firmware HUAWEI Mate 20 smart phones with Versions earlier than 10.1.0.163(C00E160R3P8) have a denial of service (DoS) vulnerability. low complexity huawei | 2.4 |
| 2020-09-02 | CVE-2020-24654 | Link Following vulnerability in multiple products In KDE Ark before 20.08.1, a crafted TAR archive with symlinks can install files outside the extraction directory, as demonstrated by a write operation to a user's home directory. | 3.3 |
| 2020-09-01 | CVE-2020-8341 | Unspecified vulnerability in Lenovo products In Lenovo systems, SMM BIOS Write Protection is used to prevent writes to SPI Flash. low complexity lenovo | 2.4 |
| 2020-09-01 | CVE-2020-2249 | Missing Encryption of Sensitive Data vulnerability in Jenkins Team Foundation Server Jenkins Team Foundation Server Plugin 5.157.1 and earlier stores a webhook secret unencrypted in its global configuration file on the Jenkins controller where it can be viewed by attackers with access to the Jenkins controller file system. | 3.3 |
| 2020-08-31 | CVE-2020-12829 | Integer Overflow or Wraparound vulnerability in multiple products In QEMU through 5.0.0, an integer overflow was found in the SM501 display driver implementation. | 3.8 |
| 2020-08-28 | CVE-2020-4591 | Missing Encryption of Sensitive Data vulnerability in IBM Spectrum Protect Server IBM Spectrum Protect Server 8.1.0.000 through 8.1.10.000 could disclose sensitive information in nondefault settings due to occasionally not encrypting the second chunk of an object in an encrypted container pool. | 3.3 |
| 2020-08-27 | CVE-2020-3504 | Resource Exhaustion vulnerability in Cisco Firepower Extensible Operating System and Nx-Os A vulnerability in the local management (local-mgmt) CLI of Cisco UCS Manager Software could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected device. | 3.3 |
| 2020-08-27 | CVE-2020-16142 | Use of Externally-Controlled Format String vulnerability in Mercedes-Benz Comand On Mercedes-Benz C Class AMG Premium Plus c220 BlueTec vehicles, the Bluetooth stack mishandles %x and %c format-string specifiers in a device name in the COMAND infotainment software. | 3.5 |
| 2020-08-27 | CVE-2020-14415 | Divide By Zero vulnerability in multiple products oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position. | 3.3 |