|
220761
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10
windows_server_2016
|
An elevation of privilege vulnerability exists when Windows Defender Security Center handles certain objects in memory.To exploit the vulnerability, an attacker would first have to log on to the syst…
|
NVD-CWE-noinfo
|
CVE-2020-0762
|
2024-11-21 13:54 |
2020-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220762
|
7.5 |
HIGH
Network
|
microsoft
|
azure_devops_server
team_foundation_server
|
An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Eleva…
|
NVD-CWE-noinfo
|
CVE-2020-0758
|
2024-11-21 13:54 |
2020-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220763
|
5.4 |
MEDIUM
Network
|
microsoft
|
team_foundation_server
azure_devops_server
|
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'.
|
CWE-79
Cross-site Scripting
|
CVE-2020-0700
|
2024-11-21 13:54 |
2020-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220764
|
9.8 |
CRITICAL
Network
|
microsoft
|
windows_10
windows_server_2016
windows_server_2019
|
An elevation of privilege vulnerability exists when DirectX improperly handles objects in memory, aka 'DirectX Elevation of Privilege Vulnerability'.
|
NVD-CWE-noinfo
|
CVE-2020-0690
|
2024-11-21 13:54 |
2020-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220765
|
9.8 |
CRITICAL
Network
|
twistedmatrix
fedoraproject
debian
canonical
|
twisted
fedora
debian_linux
ubuntu_linux
|
In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with a content-length and a chunked encoding header, the content-length took precedence and the remai…
|
CWE-444
HTTP Request Smuggling
|
CVE-2020-10109
|
2024-11-21 13:54 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220766
|
9.8 |
CRITICAL
Network
|
twistedmatrix
fedoraproject
debian
canonical
oracle
|
twisted
fedora
debian_linux
ubuntu_linux
solaris
zfs_storage_appliance_kit
|
In Twisted Web through 19.10.0, there was an HTTP request splitting vulnerability. When presented with two content-length headers, it ignored the first header. When the second content-length value wa…
|
CWE-444
HTTP Request Smuggling
|
CVE-2020-10108
|
2024-11-21 13:54 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220767
|
9.8 |
CRITICAL
Network
|
sumavision
|
enhanced_multimedia_router_firmware
|
goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of arbitrary users with elevated privileges (administrator) on a device, as demonstrated by a setString=new_us…
|
CWE-352
Origin Validation Error
|
CVE-2020-10181
|
2024-11-21 13:54 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220768
|
6.1 |
MEDIUM
Network
|
munkireport_project
|
munkireport
|
An issue was discovered in Munkireport before 5.3.0.3923. An unauthenticated actor can send a custom XSS payload through the /report/broken_client endpoint. The payload will be executed by any authen…
|
CWE-79
Cross-site Scripting
|
CVE-2020-10192
|
2024-11-21 13:54 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220769
|
5.4 |
MEDIUM
Network
|
munkireport_project
|
munkireport
|
An issue was discovered in MunkiReport before 5.3.0. An authenticated actor can send a custom XSS payload through the /module/comment/save endpoint. The payload will be executed by any authenticated …
|
CWE-79
Cross-site Scripting
|
CVE-2020-10191
|
2024-11-21 13:54 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220770
|
8.8 |
HIGH
Network
|
munkireport_project
|
munkireport
|
An issue was discovered in MunkiReport before 5.3.0. An authenticated user could achieve SQL Injection in app/models/tablequery.php by crafting a special payload on the /datatables/data endpoint.
|
CWE-89
SQL Injection
|
CVE-2020-10190
|
2024-11-21 13:54 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
