CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 2 and 2.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
501 CVE-2020-25598 670 DoS 2020-09-23 2020-11-11
2.1
None Local Low Not required None None Partial
An issue was discovered in Xen 4.14.x. There is a missing unlock in the XENMEM_acquire_resource error path. The RCU (Read, Copy, Update) mechanism is a synchronisation primitive. A buggy error path in the XENMEM_acquire_resource exits without releasing an RCU reference, which is conceptually similar to forgetting to unlock a spinlock. A buggy or malicious HVM stubdomain can cause an RCU reference to be leaked. This causes subsequent administration operations, (e.g., CPU offline) to livelock, resulting in a host Denial of Service. The buggy codepath has been present since Xen 4.12. Xen 4.14 and later are vulnerable to the DoS. The side effects are believed to be benign on Xen 4.12 and 4.13, but patches are provided nevertheless. The vulnerability can generally only be exploited by x86 HVM VMs, as these are generally the only type of VM that have a Qemu stubdomain. x86 PV and PVH domains, as well as ARM VMs, typically don't use a stubdomain. Only VMs using HVM stubdomains can exploit the vulnerability. VMs using PV stubdomains, or with emulators running in dom0, cannot exploit the vulnerability.
502 CVE-2020-25596 74 DoS 2020-09-23 2020-11-11
2.1
None Local Low Not required None None Partial
An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. One of Xen's sanitization paths injects a #GP fault, and incorrectly delivers it twice to the guest. This causes the guest kernel to observe a kernel-privilege #GP fault (typically fatal) rather than a user-privilege #GP fault (usually converted into SIGSEGV/etc.). Malicious or buggy userspace can crash the guest kernel, resulting in a VM Denial of Service. All versions of Xen from 3.2 onwards are vulnerable. Only x86 systems are vulnerable. ARM platforms are not vulnerable. Only x86 systems that support the SYSENTER instruction in 64bit mode are vulnerable. This is believed to be Intel, Centaur, and Shanghai CPUs. AMD and Hygon CPUs are not believed to be vulnerable. Only x86 PV guests can exploit the vulnerability. x86 PVH / HVM guests cannot exploit the vulnerability.
503 CVE-2020-25374 613 2020-10-28 2020-12-02
2.1
None Remote High ??? Partial None None
CyberArk Privileged Session Manager (PSM) 10.9.0.15 allows attackers to discover internal pathnames by reading an error popup message after two hours of idle time.
504 CVE-2020-25340 770 DoS 2021-02-16 2021-02-19
2.1
None Local Low Not required None None Partial
An issue was discovered in NFStream 5.2.0. Because some allocated modules are not correctly freed, if the nfstream object is directly destroyed without being used after it is created, it will cause a memory leak that may result in a local denial of service (DoS).
505 CVE-2020-25289 59 2020-09-13 2020-09-17
2.1
None Local Low Not required None Partial None
The VPN service in AVAST SecureLine before 5.6.4982.470 allows local users to write to arbitrary files via an Object Manager symbolic link from the log directory (which has weak permissions).
506 CVE-2020-25233 321 2020-12-14 2020-12-16
2.1
None Local Low Not required Partial None None
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3). The firmware update of affected devices contains the private RSA key that is used as a basis for encryption of communication with the device.
507 CVE-2020-25231 321 2020-12-14 2020-12-16
2.1
None Local Low Not required Partial None None
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3), LOGO! Soft Comfort (All versions < V8.3). The encryption of program data for the affected devices uses a static key. An attacker could use this key to extract confidential information from protected program files.
508 CVE-2020-25204 2020-10-28 2020-11-04
2.1
None Local Low Not required None Partial None
The God Kings application 0.60.1 for Android exposes a broadcast receiver to other apps called com.innogames.core.frontend.notifications.receivers.LocalNotificationBroadcastReceiver. The purpose of this broadcast receiver is to show an in-game push notification to the player. However, the application does not enforce any authorization schema on the broadcast receiver, allowing any application to send fully customizable in-game push notifications.
509 CVE-2020-25084 416 2020-09-25 2021-02-24
2.1
None Local Low Not required None None Partial
QEMU 5.0.0 has a use-after-free in hw/usb/hcd-xhci.c because the usb_packet_map return value is not checked.
510 CVE-2020-25048 74 2020-08-31 2020-09-03
2.1
None Local Low Not required Partial None None
An issue was discovered on Samsung mobile devices with Q(10.0) (with ONEUI 2.1) software. In the Lockscreen state, the Quick Share feature allows unauthenticated downloads, aka file injection. The Samsung ID is SVE-2020-17760 (August 2020).
511 CVE-2020-25047 2020-08-31 2020-09-03
2.1
None Local Low Not required Partial None None
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (released in China and India) software. The S Secure application does not enforce the intended password requirement for a locked application. The Samsung IDs are SVE-2020-16746, SVE-2020-16764 (August 2020).
512 CVE-2020-25046 532 +Info 2020-08-31 2020-09-03
2.1
None Local Low Not required Partial None None
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. The USB driver leaks address information via kernel logging. The Samsung IDs are SVE-2020-17602, SVE-2020-17603, SVE-2020-17604 (August 2020).
513 CVE-2020-24890 476 Exec Code 2020-09-16 2020-11-23
2.6
None Remote High Not required None None Partial
** DISPUTED ** libraw 20.0 has a null pointer dereference vulnerability in parse_tiff_ifd in src/metadata/tiff.cpp, which may result in context-dependent arbitrary code execution. Note: this vulnerability occurs only if you compile the software in a certain way.
514 CVE-2020-24722 294 2020-10-07 2020-10-23
2.6
None Remote High Not required None Partial None
** DISPUTED ** An issue was discovered in the GAEN (aka Google/Apple Exposure Notifications) protocol through 2020-10-05, as used in COVID-19 applications on Android and iOS. The encrypted metadata block with a TX value lacks a checksum, allowing bitflipping to amplify a contamination attack. This can cause metadata deanonymization and risk-score inflation. NOTE: the vendor's position is "We do not believe that TX power authentication would be a useful defense against relay attacks."
515 CVE-2020-24693 2020-12-18 2020-12-18
2.1
None Local Low Not required Partial None None
The Ignite portal in Mitel MiContact Center Business before 9.3.0.0 could allow a local attacker to view system information due to insufficient output sanitization.
516 CVE-2020-24661 295 2020-08-26 2020-09-08
2.6
None Remote High Not required Partial None None
GNOME Geary before 3.36.3 mishandles pinned TLS certificate verification for IMAP and SMTP services using invalid TLS certificates (e.g., self-signed certificates) when the client system is not configured to use a system-provided PKCS#11 store. This allows a meddler in the middle to present a different invalid certificate to intercept incoming and outgoing mail.
517 CVE-2020-24620 798 2020-10-01 2021-02-12
2.1
None Local Low Not required Partial None None
Unisys Stealth(core) before 4.0.134 stores passwords in a recoverable format. Therefore, a search of Enterprise Manager can potentially reveal credentials.
518 CVE-2020-24588 306 2021-05-11 2021-05-21
2.9
None Local Network Medium Not required None Partial None
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
519 CVE-2020-24586 2021-05-11 2021-05-28
2.9
None Local Network Medium Not required Partial None None
The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
520 CVE-2020-24565 125 Exec Code +Info 2020-09-29 2020-10-02
2.1
None Local Low Not required Partial None None
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the target in order to exploit these vulnerabilities. The subs affected in this vulnerability makes it unique compared to similar CVEs such as CVE-2020-24564 and CVE-2020-25770.
521 CVE-2020-24564 125 Exec Code +Info 2020-09-29 2020-10-02
2.1
None Local Low Not required Partial None None
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installations of the product. An attacker must first obtain the ability to execute low-privileged code on the target in order to exploit these vulnerabilities. The subs affected in this vulnerability makes it unique compared to similar CVEs such as CVE-2020-24565 and CVE-2020-25770.
522 CVE-2020-24505 20 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Insufficient input validation in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access.
523 CVE-2020-24504 400 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access.
524 CVE-2020-24503 863 2021-02-17 2021-02-22
2.1
None Local Low Not required Partial None None
Insufficient access control in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable information disclosure via local access.
525 CVE-2020-24502 20 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Improper input validation in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 and before version 1.4.29.0 for Windows*, may allow an authenticated user to potentially enable a denial of service via local access.
526 CVE-2020-24500 120 DoS Overflow 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable a denial of service via local access.
527 CVE-2020-24498 120 DoS Overflow 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access.
528 CVE-2020-24497 863 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Insufficient Access Control in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access.
529 CVE-2020-24496 20 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Insufficient input validation in the firmware for Intel(R) 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access.
530 CVE-2020-24495 863 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Insufficient access control in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 7.3 may allow a privileged user to potentially enable denial of service via local access.
531 CVE-2020-24494 863 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Insufficient access control in the firmware for the Intel(R) 722 Ethernet Controllers before version 1.4.3 may allow a privileged user to potentially enable denial of service via local access.
532 CVE-2020-24493 863 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Insufficient access control in the firmware for the Intel(R) 700-series of Ethernet Controllers before version 8.0 may allow a privileged user to potentially enable denial of service via local access.
533 CVE-2020-24492 863 DoS 2021-02-17 2021-02-22
2.1
None Local Low Not required None None Partial
Insufficient access control in the firmware for the Intel(R) 722 Ethernet Controllers before version 1.5 may allow a privileged user to potentially enable a denial of service via local access.
534 CVE-2020-24480 787 DoS 2021-02-17 2021-02-23
2.1
None Local Low Not required None None Partial
Out-of-bounds write in the Intel(R) XTU before version 6.5.3.25 may allow a privileged user to potentially enable denial of service via local access.
535 CVE-2020-24460 276 DoS 2020-11-12 2020-11-20
2.1
None Local Low Not required None None Partial
Incorrect default permissions in the Intel(R) DSA before version 20.8.30.6 may allow an authenticated user to potentially enable denial of service via local access.
536 CVE-2020-24452 20 DoS 2021-02-17 2021-02-23
2.1
None Local Low Not required None None Partial
Improper input validation in the Intel(R) SGX Platform Software for Windows* may allow an authenticated user to potentially enable a denial of service via local access.
537 CVE-2020-24448 DoS 2021-02-17 2021-02-23
2.1
None Local Low Not required None None Partial
Uncaught exception in some Intel(R) Graphics Drivers before version 15.33.51.5146 may allow an authenticated user to potentially enable denial of service via local access.
538 CVE-2020-24366 200 +Info 2020-11-16 2020-11-21
2.1
None Local Low Not required Partial None None
Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0 for Android via application backups.
539 CVE-2020-24352 119 DoS Overflow 2020-10-16 2020-12-14
2.1
None Local Low Not required None None Partial
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service.
540 CVE-2020-24349 20 2020-08-13 2020-09-18
2.1
None Local Low Not required None Partial None
njs through 0.4.3, used in NGINX, allows control-flow hijack in njs_value_property in njs_value.c. NOTE: the vendor considers the issue to be "fluff" in the NGINX use case because there is no remote attack surface.
541 CVE-2020-24348 125 2020-08-13 2020-09-18
2.1
None Local Low Not required None None Partial
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c.
542 CVE-2020-24347 125 2020-08-13 2020-09-18
2.1
None Local Low Not required None None Partial
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c.
543 CVE-2020-24003 2021-01-11 2021-01-14
2.1
None Local Low Not required Partial None None
Microsoft Skype through 8.59.0.77 on macOS has the disable-library-validation entitlement, which allows a local process (with the user's privileges) to obtain unprompted microphone and camera access by loading a crafted library and thereby inheriting Skype Client's microphone and camera access.
544 CVE-2020-23856 416 DoS 2021-05-18 2021-06-01
2.1
None Local Low Not required None None Partial
Use-after-Free vulnerability in cflow 1.6 in the void call(char *name, int line) function at src/parser.c, which could cause a denial of service via the pointer variable caller->callee.
545 CVE-2020-23250 327 2021-01-05 2021-01-08
2.1
None Local Low Not required Partial None None
GigaVUE-OS (GVOS) 5.4 - 5.9 uses a weak algorithm for a hash stored in internal database.
546 CVE-2020-23139 287 2020-11-09 2020-11-20
2.1
None Local Low Not required Partial None None
Microweber 1.1.18 is affected by broken authentication and session management. Local session hijacking may occur, which could result in unauthorized access to system data or functionality, or a complete system compromise.
547 CVE-2020-23136 613 2020-11-09 2020-11-20
2.1
None Local Low Not required Partial None None
Microweber v1.1.18 is affected by no session expiry after log-out.
548 CVE-2020-21588 120 Overflow 2021-04-02 2021-04-08
2.1
None Local Low Not required None None Partial
Buffer overflow in Core FTP LE v2.2 allows local attackers to cause a denial or service (crash) via a long string in the Setup->Users->Username editbox.
549 CVE-2020-17521 2020-12-07 2021-06-14
2.1
None Local Low Not required Partial None None
Apache Groovy provides extension methods to aid with creating temporary directories. Prior to this fix, Groovy's implementation of those extension methods was using a now superseded Java JDK method call that is potentially not secure on some operating systems in some contexts. Users not using the extension methods mentioned in the advisory are not affected, but may wish to read the advisory for further details. Versions Affected: 2.0 to 2.4.20, 2.5.0 to 2.5.13, 3.0.0 to 3.0.6, and 4.0.0-alpha-1. Fixed in versions 2.4.21, 2.5.14, 3.0.7, 4.0.0-alpha-2.
550 CVE-2020-17490 732 2020-11-06 2021-03-30
2.1
None Local Low Not required Partial None None
The TLS module within SaltStack Salt through 3002 creates certificates with weak file permissions.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.