From 0a0e87cfbcea531954dc3f2c389e50105335acef Mon Sep 17 00:00:00 2001 From: security tracker role Date: Thu, 4 Mar 2021 20:10:57 +0000 Subject: automatic update --- data/CVE/2020.list | 52 ++++++++++++++++++++++++++-------------------------- 1 file changed, 26 insertions(+), 26 deletions(-) (limited to 'data/CVE/2020.list') diff --git a/data/CVE/2020.list b/data/CVE/2020.list index 65725966d5..20e5651e11 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -2262,12 +2262,12 @@ CVE-2020-35331 RESERVED CVE-2020-35330 RESERVED -CVE-2020-35329 - RESERVED -CVE-2020-35328 - RESERVED -CVE-2020-35327 - RESERVED +CVE-2020-35329 (Courier Management System 1.0 1.0 is affected by SQL Injection via 'MU ...) + TODO: check +CVE-2020-35328 (Courier Management System 1.0 - 'First Name' Stored XSS ...) + TODO: check +CVE-2020-35327 (SQL injection vulnerability was discovered in Courier Management Syste ...) + TODO: check CVE-2020-35326 RESERVED CVE-2020-35325 @@ -13911,12 +13911,12 @@ CVE-2020-24916 (CGI implementation in Yaws web server versions 1.81 to 2.0.7 is NOTE: https://github.com/vulnbe/poc-yaws-cgi-shell-injection CVE-2020-24915 RESERVED -CVE-2020-24914 - RESERVED -CVE-2020-24913 - RESERVED -CVE-2020-24912 - RESERVED +CVE-2020-24914 (A PHP object injection bug in profile.php in qcubed (all versions incl ...) + TODO: check +CVE-2020-24913 (A SQL injection vulnerability in qcubed (all versions including 3.1.1) ...) + TODO: check +CVE-2020-24912 (A reflected cross-site scripting (XSS) vulnerability in qcubed (all ve ...) + TODO: check CVE-2020-24911 RESERVED CVE-2020-24910 @@ -15832,8 +15832,8 @@ CVE-2020-24038 RESERVED CVE-2020-24037 RESERVED -CVE-2020-24036 - RESERVED +CVE-2020-24036 (PHP object injection in the Ajax endpoint of the backend in ForkCMS be ...) + TODO: check CVE-2020-24035 RESERVED CVE-2020-24034 (Sagemcom F@ST 5280 routers using firmware version 1.150.61 have insecu ...) @@ -32532,8 +32532,8 @@ CVE-2020-15940 RESERVED CVE-2020-15939 RESERVED -CVE-2020-15938 - RESERVED +CVE-2020-15938 (When traffic other than HTTP/S (eg: SSH traffic, etc...) traverses the ...) + TODO: check CVE-2020-15937 (An improper neutralization of input vulnerability in FortiGate version ...) TODO: check CVE-2020-15936 @@ -59774,8 +59774,8 @@ CVE-2020-4977 RESERVED CVE-2020-4976 RESERVED -CVE-2020-4975 - RESERVED +CVE-2020-4975 (IBM Engineering products are vulnerable to cross-site scripting. This ...) + TODO: check CVE-2020-4974 RESERVED CVE-2020-4973 @@ -59992,14 +59992,14 @@ CVE-2020-4868 RESERVED CVE-2020-4867 RESERVED -CVE-2020-4866 - RESERVED +CVE-2020-4866 (IBM Engineering products are vulnerable to cross-site scripting. This ...) + TODO: check CVE-2020-4865 (IBM Jazz Foundation products is vulnerable to cross-site scripting. Th ...) NOT-FOR-US: IBM CVE-2020-4864 (IBM Resilient SOAR V38.0 could allow an attacker on the internal net w ...) NOT-FOR-US: IBM -CVE-2020-4863 - RESERVED +CVE-2020-4863 (IBM Engineering products are vulnerable to stored cross-site scripting ...) + TODO: check CVE-2020-4862 RESERVED CVE-2020-4861 @@ -60010,10 +60010,10 @@ CVE-2020-4859 RESERVED CVE-2020-4858 RESERVED -CVE-2020-4857 - RESERVED -CVE-2020-4856 - RESERVED +CVE-2020-4857 (IBM Engineering products are vulnerable to stored cross-site scripting ...) + TODO: check +CVE-2020-4856 (IBM Engineering products are vulnerable to stored cross-site scripting ...) + TODO: check CVE-2020-4855 (IBM Jazz Foundation products is vulnerable to cross-site scripting. Th ...) NOT-FOR-US: IBM CVE-2020-4854 (IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains hard-coded cr ...) -- cgit v1.2.3