|
201171
|
5.4 |
MEDIUM
Network
|
octobercms
|
october
|
In October from version 1.0.319 and before version 1.0.467, pasting content copied from malicious websites into the Froala richeditor could result in a successful self-XSS attack. This has been fixed…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4061
|
2024-11-21 14:32 |
2020-07-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201172
|
7.5 |
HIGH
Network
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow an unauthenticated attacker to cause a denial of service due a hang in the execution of a…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2020-4420
|
2024-11-21 14:32 |
2020-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201173
|
4.4 |
MEDIUM
Local
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local attacker to perform unauthorized actions on the system, caused by improper usage …
|
NVD-CWE-noinfo
|
CVE-2020-4414
|
2024-11-21 14:32 |
2020-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201174
|
4.7 |
MEDIUM
Local
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to obtain sensitive information using a race condition of a symbolic link. I…
|
CWE-362
Race Condition
|
CVE-2020-4387
|
2024-11-21 14:32 |
2020-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201175
|
4.7 |
MEDIUM
Local
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 could allow a local user to obtain sensitive information using a race condition of a symbolic link. I…
|
CWE-362
Race Condition
|
CVE-2020-4386
|
2024-11-21 14:32 |
2020-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201176
|
6.5 |
MEDIUM
Network
|
ibm
|
mq_for_hpe_nonstop
|
IBM MQ, IBM MQ Appliance, IBM MQ for HPE NonStop 8.0.4 and 8.1.0 could allow an attacker to cause a denial of service caused by an error within the pubsub logic. IBM X-Force ID: 179081.
|
NVD-CWE-noinfo
|
CVE-2020-4376
|
2024-11-21 14:32 |
2020-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201177
|
7.8 |
HIGH
Local
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local atta…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-4363
|
2024-11-21 14:32 |
2020-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201178
|
5.3 |
MEDIUM
Network
|
ibm
|
db2
|
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a denial of service, caused by improper handling of Secure Sockets Layer (SSL) reneg…
|
NVD-CWE-noinfo
|
CVE-2020-4355
|
2024-11-21 14:32 |
2020-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201179
|
4.3 |
MEDIUM
Network
|
atlassian
|
jira
jira_software_data_center
jira_server
jira_data_center
|
The /rest/project-templates/1.0/createshared resource in Atlassian Jira Server and Data Center before version 8.5.5, from 8.6.0 before 8.7.2, and from 8.8.0 before 8.8.1 allows remote attackers to en…
|
NVD-CWE-noinfo
|
CVE-2020-4029
|
2024-11-21 14:32 |
2020-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201180
|
4.7 |
MEDIUM
Network
|
atlassian
|
confluence
confluence_server
|
Affected versions of Atlassian Confluence Server and Data Center allowed remote attackers with system administration permissions to bypass velocity template injection mitigations via an injection vul…
|
CWE-74
Injection
|
CVE-2020-4027
|
2024-11-21 14:32 |
2020-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
