|
201181
|
5.4 |
MEDIUM
Network
|
matestack
|
ui-core
|
matestack-ui-core (RubyGem) before 0.7.4 is vulnerable to XSS/Script injection. This vulnerability is patched in version 0.7.4.
|
CWE-79
Cross-site Scripting
|
CVE-2020-5241
|
2024-11-21 14:33 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201182
|
7.5 |
HIGH
Network
|
dell
|
emc_unity_operating_environment
emc_unityvsa_operating_environment
emc_unity_xt_operating_environment
|
Dell EMC Unity, Dell EMC Unity XT, and Dell EMC UnityVSA versions prior to 5.0.2.0.5.009 contain a Denial of Service vulnerability on NAS Server SSH implementation that is used to provide SFTP servic…
|
CWE-129
Improper Validation of Array Index
|
CVE-2020-5319
|
2024-11-21 14:33 |
2020-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201183
|
7.5 |
HIGH
Network
|
dell
|
emc_isilon_onefs
|
Dell EMC Isilon OneFS versions 8.1.2, 8.1.0.4, 8.1.0.3, and 8.0.0.7 contain a vulnerability in some configurations. An attacker may exploit this vulnerability to gain access to restricted files. The …
|
CWE-863
Incorrect Authorization
|
CVE-2020-5318
|
2024-11-21 14:33 |
2020-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201184
|
4.8 |
MEDIUM
Network
|
dell
|
emc_elastic_cloud_storage
|
Dell EMC ECS versions prior to 3.4.0.1 contain an XSS vulnerability. A remote authenticated malicious user could exploit this vulnerability to store malicious HTML or JavaScript code in a trusted app…
|
CWE-79
Cross-site Scripting
|
CVE-2020-5317
|
2024-11-21 14:33 |
2020-02-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201185
|
8.8 |
HIGH
Network
|
1up
|
oneupuploaderbundle
|
Multiple relative path traversal vulnerabilities in the oneup/uploader-bundle before 1.9.3 and 2.1.5 allow remote attackers to upload, copy, and modify files on the filesystem (potentially leading to…
|
CWE-22
Path Traversal
|
CVE-2020-5237
|
2024-11-21 14:33 |
2020-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201186
|
8.8 |
HIGH
Network
|
ipmitool_project
debian
fedoraproject
opensuse
|
ipmitool
debian_linux
fedora
leap
|
It's been found that multiple functions in ipmitool before 1.8.19 neglect proper checking of the data received from a remote LAN party, which may lead to buffer overflows and potentially to remote co…
|
-
|
CVE-2020-5208
|
2024-11-21 14:33 |
2020-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201187
|
6.5 |
MEDIUM
Network
|
agendaless
|
waitress
|
Waitress version 1.4.2 allows a DOS attack When waitress receives a header that contains invalid characters. When a header like "Bad-header: xxxxxxxxxxxxxxx\x10" is received, it will cause the regula…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-5236
|
2024-11-21 14:33 |
2020-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201188
|
9.8 |
CRITICAL
Network
|
nanopb_project
|
nanopb
|
There is a potentially exploitable out of memory condition In Nanopb before 0.4.1, 0.3.9.5, and 0.2.9.4. When nanopb is compiled with PB_ENABLE_MALLOC, the message to be decoded contains a repeated s…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-5235
|
2024-11-21 14:33 |
2020-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201189
|
6.5 |
MEDIUM
Network
|
cmsjunkie
|
j-businessdirectory
|
The J-BusinessDirectory extension before 5.2.9 for Joomla! allows Reverse Tabnabbing. In some configurations, the link to the business website can be entered by any user. If it doesn't contain rel="n…
|
CWE-269
Improper Privilege Management
|
CVE-2020-5182
|
2024-11-21 14:33 |
2020-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201190
|
6.5 |
MEDIUM
Network
|
messagepack
|
messagepack
|
MessagePack for C# and Unity before version 1.9.11 and 2.1.90 has a vulnerability where untrusted data can lead to DoS attack due to hash collisions and stack overflow. Review the linked GitHub Secur…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-5234
|
2024-11-21 14:33 |
2020-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
