CVE news

CVE-2020-4549

IBM i2 Analyst Notebook 9.2.1 could allow a local attacker to execute arbitrary code on the system,

CVE-2020-4553

IBM i2 Analyst Notebook 9.2.1 and 9.2.2 could allow a local attacker to execute arbitrary code on th

CVE-2020-8108

Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivilege

CVE-2020-14310

There is an issue on grub2 before version 2.06 at function read_section_as_string(). It expects a fo

CVE-2020-14311

There is an issue with grub2 before version 2.06 while handling symlink on ext filesystems. A filesy

CVE-2020-15870

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (Issue 2 of 2).

CVE-2020-5413

Spring Integration framework provides Kryo Codec implementations as an alternative for Java (de)seri

CVE-2020-5396

VMware GemFire versions prior to 9.10.0, 9.9.2, 9.8.7, and 9.7.6, and VMware Tanzu GemFire for VMs v

CVE-2020-5414

VMware Tanzu Application Service for VMs (2.7.x versions prior to 2.7.19, 2.8.x versions prior to 2.

CVE-2019-11286

VMware GemFire versions prior to 9.10.0, 9.9.1, 9.8.5, and 9.7.5, and VMware Tanzu GemFire for VMs v

CVE-2020-15869

Sonatype Nexus Repository Manager OSS/Pro versions before 3.25.1 allow XSS (issue 1 of 2).

CVE-2020-15871

Sonatype Nexus Repository Manager OSS/Pro version before 3.25.1 allows Remote Code Execution.

CVE-2020-15128

In OctoberCMS before version 1.0.468, encrypted cookie values were not tied to the name of the cooki

CVE-2020-15133

In faye-websocket before version 0.11.0, there is a lack of certification validation in TLS handshak

CVE-2020-15134

Faye before version 1.4.0, there is a lack of certification validation in TLS handshakes. Faye uses

CVE-2020-5384

Authentication Bypass Vulnerability RSA MFA Agent 2.0 for Microsoft Windows contains an Authenticati