Total
35011 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-26964 | 2 Google, Mozilla | 2 Android, Firefox | 2024-11-21 | 6.8 Medium |
| If the Remote Debugging via USB feature was enabled in Firefox for Android on an Android version prior to Android 6.0, untrusted apps could have connected to the feature and operated with the privileges of the browser to read and interact with web content. The feature was implemented as a unix domain socket, protected by the Android SELinux policy; however, SELinux was not enforced for versions prior to 6.0. This was fixed by removing the Remote Debugging via USB feature from affected devices. *Note: This issue only affected Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 83. | ||||
| CVE-2020-26963 | 1 Mozilla | 1 Firefox | 2024-11-21 | 4.3 Medium |
| Repeated calls to the history and location interfaces could have been used to hang the browser. This was addressed by introducing rate-limiting to these API calls. This vulnerability affects Firefox < 83. | ||||
| CVE-2020-26961 | 2 Mozilla, Redhat | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2024-11-21 | 6.5 Medium |
| When DNS over HTTPS is in use, it intentionally filters RFC1918 and related IP ranges from the responses as these do not make sense coming from a DoH resolver. However when an IPv4 address was mapped through IPv6, these addresses were erroneously let through, leading to a potential DNS Rebinding attack. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. | ||||
| CVE-2020-26943 | 1 Openstack | 1 Blazar-dashboard | 2024-11-21 | 9.9 Critical |
| An issue was discovered in OpenStack blazar-dashboard before 1.3.1, 2.0.0, and 3.0.0. A user allowed to access the Blazar dashboard in Horizon may trigger code execution on the Horizon host as the user the Horizon service runs under (because the Python eval function is used). This may result in Horizon host unauthorized access and further compromise of the Horizon service. All setups using the Horizon dashboard with the blazar-dashboard plugin are affected. | ||||
| CVE-2020-26931 | 1 Netgear | 6 Wc7500, Wc7500 Firmware, Wc7600 and 3 more | 2024-11-21 | 5.9 Medium |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WC7500 before 6.5.5.24, WC7600 before 6.5.5.24, WC7600v2 before 6.5.5.24, and WC9500 before 6.5.5.24. | ||||
| CVE-2020-26928 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Rbk752 and 11 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11. | ||||
| CVE-2020-26927 | 1 Netgear | 34 Ac2100, Ac2100 Firmware, Ac2400 and 31 more | 2024-11-21 | 9.4 Critical |
| Certain NETGEAR devices are affected by authentication bypass. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.42, R6080 before 1.0.0.42, R6050 before 1.0.1.26, JR6150 before 1.0.1.26, R6120 before 1.0.0.66, R6220 before 1.1.0.100, R6260 before 1.1.0.66, R6700v2 before 1.2.0.62, R6800 before 1.2.0.62, R6900v2 before 1.2.0.62, AC2100 before 1.2.0.62, AC2400 before 1.2.0.62, AC2600 before 1.2.0.62, R7450 before 1.2.0.62, and WNR2020 before 1.1.0.62. | ||||
| CVE-2020-26926 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Rbk752 and 11 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by authentication bypass. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11. | ||||
| CVE-2020-26925 | 1 Netgear | 2 Gs808e, Gs808e Firmware | 2024-11-21 | 3.2 Low |
| NETGEAR GS808E devices before 1.7.1.0 are affected by denial of service. | ||||
| CVE-2020-26924 | 1 Netgear | 4 Wac720, Wac720 Firmware, Wac730 and 1 more | 2024-11-21 | 3.1 Low |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WAC720 before 3.9.1.13 and WAC730 before 3.9.1.13. | ||||
| CVE-2020-26906 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Rbk752 and 11 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11. | ||||
| CVE-2020-26905 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Rbk752 and 11 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11. | ||||
| CVE-2020-26904 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Rbk752 and 11 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11. | ||||
| CVE-2020-26903 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Rbk752 and 11 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11. | ||||
| CVE-2020-26901 | 1 Netgear | 12 Rbk752, Rbk752 Firmware, Rbk852 and 9 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. | ||||
| CVE-2020-26900 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Rbk752 and 11 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.15.25, RBR850 before 3.2.15.25, and RBS850 before 3.2.15.25. | ||||
| CVE-2020-26899 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Rbk752 and 11 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by disclosure of sensitive information. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11. | ||||
| CVE-2020-26897 | 1 Netgear | 14 Cbr40, Cbr40 Firmware, Rbk752 and 11 more | 2024-11-21 | 9.6 Critical |
| Certain NETGEAR devices are affected by disclosure of administrative credentials. This affects CBR40 before 2.5.0.10, RBK752 before 3.2.15.25, RBR750 before 3.2.15.25, RBS750 before 3.2.15.25, RBK852 before 3.2.10.11, RBR850 before 3.2.10.11, and RBS850 before 3.2.10.11. | ||||
| CVE-2020-26887 | 1 Avm | 2 Fritz\!box 7490, Fritz\!box 7490 Firmware | 2024-11-21 | 7.8 High |
| FRITZ!OS before 7.21 on FRITZ!Box devices allows a bypass of a DNS Rebinding protection mechanism. | ||||
| CVE-2020-26869 | 1 Pcvuesolutions | 1 Pcvue | 2024-11-21 | 7.5 High |
| ARC Informatique PcVue prior to version 12.0.17 is vulnerable to information exposure, allowing unauthorized users to access session data of legitimate users. This issue also affects third-party systems based on the Web Services Toolkit. | ||||