|
214201
|
6.1 |
MEDIUM
Network
|
apache
|
atlas
|
Apache Atlas before 2.1.0 contain a XSS vulnerability. While saving search or rendering elements values are not sanitized correctly and because of that it triggers the XSS vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2020-13928
|
2024-11-21 14:02 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214202
|
9.8 |
CRITICAL
Network
|
daemonology
|
bsdiff
|
A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the san…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-14315
|
2024-11-21 14:02 |
2020-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214203
|
5.5 |
MEDIUM
Local
|
linux
debian
canonical
starwindsoftware
|
linux_kernel
debian_linux
ubuntu_linux
starwind_virtual_san
|
A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to…
|
-
|
CVE-2020-14314
|
2024-11-21 14:02 |
2020-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214204
|
4.4 |
MEDIUM
Local
|
linux
|
linux_kernel
|
A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the k…
|
-
|
CVE-2020-14304
|
2024-11-21 14:02 |
2020-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214205
|
9.8 |
CRITICAL
Network
|
mi
|
r3600_firmware
|
In Xiaomi router R3600 ROM version<1.0.66, filters in the set_WAN6 interface can be bypassed, causing remote code execution. The router administrator can gain root access from this vulnerability.
|
CWE-77
Command Injection
|
CVE-2020-14100
|
2024-11-21 14:02 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214206
|
9.8 |
CRITICAL
Network
|
mi
|
xiaomi_ai_speaker_firmware
|
Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen when the speaker verifying a malicious firmware during OTA process.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2020-14096
|
2024-11-21 14:02 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214207
|
7.5 |
HIGH
Network
|
bitcoin
|
bitcoin_core
|
Bitcoin Core 0.20.0 allows remote denial of service.
|
NVD-CWE-noinfo
|
CVE-2020-14198
|
2024-11-21 14:02 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214208
|
5.9 |
MEDIUM
Network
|
apache
oracle
debian
|
activemq
flexcube_private_banking
communications_diameter_signaling_router
debian_linux
|
Apache ActiveMQ uses LocateRegistry.createRegistry() to create the JMX RMI registry and binds the server to the "jmxrmi" entry. It is possible to connect to the registry without authentication and ca…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-13920
|
2024-11-21 14:02 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214209
|
5.7 |
MEDIUM
Adjacent
|
health
|
covidsafe
|
In the COVIDSafe application through 1.0.21 for Android, unsafe use of the Bluetooth transport option in the GATT connection allows attackers to trick the application into establishing a connection o…
|
NVD-CWE-noinfo
|
CVE-2020-14292
|
2024-11-21 14:02 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214210
|
7.2 |
HIGH
Network
|
zohocorp
|
manageengine_applications_manager
|
Zoho ManageEngine Applications Manager 14710 and before allows an authenticated admin user to upload a vulnerable jar in a specific location, which leads to remote code execution.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-14008
|
2024-11-21 14:02 |
2020-09-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
