|
196941
|
5.5 |
MEDIUM
Local
|
adobe
|
acrobat_dc
acrobat_reader_dc
|
Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have an invalid memory access vulnerability. Succe…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2020-9593
|
2024-11-21 14:40 |
2020-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196942
|
7.8 |
HIGH
Local
|
adobe
|
acrobat_dc
acrobat_reader_dc
|
Adobe Acrobat and Reader versions 2020.006.20042 and earlier, 2017.011.30166 and earlier, 2017.011.30166 and earlier, and 2015.006.30518 and earlier have a security bypass vulnerability. Successful e…
|
NVD-CWE-noinfo
|
CVE-2020-9592
|
2024-11-21 14:40 |
2020-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196943
|
7.8 |
HIGH
Local
|
adobe
|
illustrator
|
Adobe Illustrator versions 24.1.2 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution .
|
CWE-787
Out-of-bounds Write
|
CVE-2020-9575
|
2024-11-21 14:40 |
2020-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196944
|
4.8 |
MEDIUM
Network
|
secureauth
|
secureauth_identity_provider
|
SecureAuth.aspx in SecureAuth IdP 9.3.0 suffers from a client-side template injection that allows for script execution, in the same manner as XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2020-9437
|
2024-11-21 14:40 |
2020-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196945
|
7.5 |
HIGH
Network
|
apache
debian
|
traffic_server
debian_linux
|
Apache Traffic Server 6.0.0 to 6.2.3, 7.0.0 to 7.1.10, and 8.0.0 to 8.0.7 is vulnerable to certain types of HTTP/2 HEADERS frames that can cause the server to allocate a large amount of memory and sp…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2020-9494
|
2024-11-21 14:40 |
2020-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196946
|
9.8 |
CRITICAL
Network
|
apache
oracle
|
spark
business_intelligence
|
In Apache Spark 2.4.5 and earlier, a standalone resource manager's master may be configured to require authentication (spark.authenticate) via a shared secret. When enabled, however, a specially-craf…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-9480
|
2024-11-21 14:40 |
2020-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196947
|
5.9 |
MEDIUM
Network
|
tinxy
|
smart_wifi_door_lock_firmware
|
Tinxy Door Lock with firmware before 3.2 allow attackers to unlock a door by replaying an Unlock request that occurred when the attacker was previously authorized. In other words, door-access revocat…
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2020-9438
|
2024-11-21 14:40 |
2020-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196948
|
5.4 |
MEDIUM
Network
|
fortinet
|
fortiwlc
|
An improper neutralization of input vulnerability in FortiWLC 8.5.1 allows a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the ESS profile or the Radius Prof…
|
CWE-79
Cross-site Scripting
|
CVE-2020-9288
|
2024-11-21 14:40 |
2020-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196949
|
5.3 |
MEDIUM
Network
|
apache
|
archiva
|
Apache Archiva login service before 2.2.5 is vulnerable to LDAP injection. A attacker is able to retrieve user attribute data from the connected LDAP server by providing special values to the login f…
|
CWE-74
Injection
|
CVE-2020-9495
|
2024-11-21 14:40 |
2020-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196950
|
7.8 |
HIGH
Local
|
huawei
|
fusionsphere_openstack
|
FusionSphere OpenStack 6.5.1 have an improper permissions management vulnerability. The software does not correctly perform a privilege assignment when an actor attempts to perform an action. Success…
|
CWE-269
Improper Privilege Management
|
CVE-2020-9225
|
2024-11-21 14:40 |
2020-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
