|
197951
|
7.5 |
HIGH
Network
|
celluloid
|
reel
|
reel through 0.6.1 allows Request Smuggling attacks due to incorrect Content-Length and Transfer encoding header parsing. It is possible to conduct HTTP request smuggling attacks by sending the Conte…
|
CWE-444
HTTP Request Smuggling
|
CVE-2020-7659
|
2024-11-21 14:37 |
2020-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197952
|
7.5 |
HIGH
Network
|
synk
|
broker
|
All versions of snyk-broker before 4.73.1 are vulnerable to Information Exposure. It logs private keys if logging level is set to DEBUG.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-7654
|
2024-11-21 14:37 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197953
|
6.5 |
MEDIUM
Network
|
synk
|
broker
|
All versions of snyk-broker after 4.72.0 including and before 4.73.1 are vulnerable to Arbitrary File Read. It allows arbitrary file reads to users with access to Snyk's internal network of any files…
|
CWE-22
Path Traversal
|
CVE-2020-7650
|
2024-11-21 14:37 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197954
|
6.5 |
MEDIUM
Network
|
synk
|
broker
|
All versions of snyk-broker before 4.72.2 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users who have access to Snyk's internal network by appending the URL with a fragme…
|
CWE-22
Path Traversal
|
CVE-2020-7648
|
2024-11-21 14:37 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197955
|
6.5 |
MEDIUM
Network
|
synk
|
broker
|
All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users with access to Snyk's internal network by creating symlinks to match whitelis…
|
CWE-59
Link Following
|
CVE-2020-7653
|
2024-11-21 14:37 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197956
|
6.5 |
MEDIUM
Network
|
synk
|
broker
|
All versions of snyk-broker before 4.80.0 are vulnerable to Arbitrary File Read. It allows arbitrary file reads for users with access to Snyk's internal network via directory traversal.
|
CWE-22
Path Traversal
|
CVE-2020-7652
|
2024-11-21 14:37 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197957
|
4.3 |
MEDIUM
Network
|
synk
|
broker
|
All versions of snyk-broker before 4.79.0 are vulnerable to Arbitrary File Read. It allows partial file reads for users who have access to Snyk's internal network via patch history from GitHub Commit…
|
CWE-22
Path Traversal
|
CVE-2020-7651
|
2024-11-21 14:37 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197958
|
9.8 |
CRITICAL
Network
|
kaoni
|
ezhttptrans
|
Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download arbitrary file by setting the arguments to the ac…
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2020-7812
|
2024-11-21 14:37 |
2020-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197959
|
6.1 |
MEDIUM
Network
|
meinheld
|
meinheld
|
meinheld prior to 1.0.2 is vulnerable to HTTP Request Smuggling. HTTP pipelining issues and request smuggling attacks might be possible due to incorrect Content-Length and Transfer encoding header pa…
|
CWE-444
HTTP Request Smuggling
|
CVE-2020-7658
|
2024-11-21 14:37 |
2020-05-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197960
|
9.8 |
CRITICAL
Network
|
kaoni
|
ezhttptrans
|
Ezhttptrans.ocx ActiveX Control in Kaoni ezHTTPTrans 1.0.0.70 and prior versions contain a vulnerability that could allow remote attacker to download and execute arbitrary file by setting the argumen…
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2020-7813
|
2024-11-21 14:37 |
2020-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
