|
201651
|
7.8 |
HIGH
Local
|
adobe
|
bridge
|
Adobe Bridge versions 10.0 have a heap-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-9552
|
2024-11-21 14:40 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201652
|
7.8 |
HIGH
Local
|
adobe
|
bridge
|
Adobe Bridge versions 10.0 have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-9551
|
2024-11-21 14:40 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201653
|
7.5 |
HIGH
Network
|
tp-link
|
archer_c50
|
TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2020-9375
|
2024-11-21 14:40 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201654
|
5.3 |
MEDIUM
Local
|
kde
debian
fedoraproject
|
okular
debian_linux
fedora
|
KDE Okular before 1.10.0 allows code execution via an action link in a PDF document.
|
NVD-CWE-noinfo
|
CVE-2020-9359
|
2024-11-21 14:40 |
2020-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201655
|
7.3 |
HIGH
Network
|
supsystic
|
pricing_table_by_supsystic
|
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoin…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-9392
|
2024-11-21 14:40 |
2020-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201656
|
7.5 |
HIGH
Network
|
rconfig
|
rconfig
|
An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated attacker can retrieve saved cleartext credentials via a GET request to settings.php. Because the applicati…
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2020-9425
|
2024-11-21 14:40 |
2020-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201657
|
6.5 |
MEDIUM
Network
|
signotec
|
signopad-api\/web
|
An issue was discovered in signotec signoPAD-API/Web (formerly Websocket Pad Server) before 3.1.1 on Windows. It is possible to perform a Denial of Service attack because the application doesn't limi…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2020-9345
|
2024-11-21 14:40 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201658
|
6.1 |
MEDIUM
Network
|
atlassian
|
subversion_application_lifecycle_management
|
Subversion ALM for the enterprise before 8.8.2 allows reflected XSS at multiple locations.
|
CWE-79
Cross-site Scripting
|
CVE-2020-9344
|
2024-11-21 14:40 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201659
|
6.5 |
MEDIUM
Network
|
signotec
|
signopad-api\/web
|
An issue was discovered in signotec signoPAD-API/Web (formerly Websocket Pad Server) before 3.1.1 on Windows. It is possible to perform a Denial of Service attack because the implementation doesn't l…
|
NVD-CWE-noinfo
|
CVE-2020-9343
|
2024-11-21 14:40 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201660
|
9.8 |
CRITICAL
Network
|
logicaldoc
|
logicaldoc
|
LogicalDoc before 8.3.3 could allow an attacker to upload arbitrary files, leading to command execution or retrieval of data from the database. LogicalDoc provides a functionality to add documents. T…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-9423
|
2024-11-21 14:40 |
2020-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
