Vulnerability Trends

CVE-2020-1472An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, us...
CVE-2020-17382MSI Ambient Link Multiple Vulnerabilities. Multiple stack buffer overflows were found in the MsIo64 driver used by the service MSI AmbiLighter from MS...
CVE-2020-1895A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions...
CVE-2020-8437The bencoding parser in BitTorrent uTorrent through 3.5.5 (build 45505) misparses nested bencoded dictionaries, which allows a remote attacker to caus...
CVE-2020-3989VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an out-of-bounds write is...
CVE-2020-15802Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specifica...
CVE-2020-3990VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to an integer overflow...
CVE-2020-9992Apple Bug Allows Code Execution on iPhone, iPad, iPod
CVE-2020-6506Insufficient policy enforcement in WebView in Google Chrome on Android prior to 83.0.4103.106 allowed a remote attacker to bypass site isolation via a...
CVE-2020-1350A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests, aka 'Windows DNS Server...
CVE-2019-11510In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can sen...
CVE-2020-8243CVE-2020-8243
CVE-2020-6020Check Point Security Management's Internal CA web management before Jumbo HFAs R80.20 Take 160, R80.30 Take 210, and R80.40 Take 38, can be manipulate...
CVE-2020-4643IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A rem...
CVE-2020-4486IBM QRadar 7.2.0 thorugh 7.2.9 could allow an authenticated user to overwrite or delete arbitrary files due to a flaw after WinCollect installation. I...
CVE-2019-19781An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal.
CVE-202-1472CVE-202-1472
CVE-2020-8207Improper access control in Citrix Workspace app for Windows 1912 CU1 and 2006.1 causes privilege escalation and code execution when the automatic upda...
CVE-2020-25768CVE-2020-25768
CVE-2020-15604An incomplete SSL server certification validation vulnerability in the Trend Micro Security 2019 (v15) consumer family of products could allow an atta...