|
215441
|
9.8 |
CRITICAL
Network
|
askey
|
ap5100w_firmware
|
Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and all prior versions allows remote attackers to execute arbitrary commands via a shell metacharacter in the ping, traceroute, or ro…
|
CWE-78
OS Command
|
CVE-2020-15357
|
2024-11-21 14:05 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215442
|
5.2 |
MEDIUM
Local
|
linuxfoundation
fedoraproject
debian
|
containerd
fedora
debian_linux
|
containerd is an industry-standard container runtime and is available as a daemon for Linux and Windows. In containerd before versions 1.3.9 and 1.4.3, the containerd-shim API is improperly exposed t…
|
-
|
CVE-2020-15257
|
2024-11-21 14:05 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215443
|
4.4 |
MEDIUM
Local
|
linux
|
linux_kernel
|
The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-15437
|
2024-11-21 14:05 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215444
|
6.7 |
MEDIUM
Local
|
linux
broadcom
netapp
|
linux_kernel
brocade_fabric_operating_system_firmware
cloud_backup
solidfire_\&_hci_management_node
solidfire_baseboard_management_controller_firmware
h410c_firmware
h610c_firmw…
|
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
|
CWE-416
Use After Free
|
CVE-2020-15436
|
2024-11-21 14:05 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215445
|
5.4 |
MEDIUM
Network
|
octobercms
|
october
|
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, backend users with access to upload files …
|
CWE-79
Cross-site Scripting
|
CVE-2020-15249
|
2024-11-21 14:05 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215446
|
4.2 |
MEDIUM
Local
|
octobercms
|
october
|
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.470, backend users with the default "Publisher"…
|
CWE-269
Improper Privilege Management
|
CVE-2020-15248
|
2024-11-21 14:05 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215447
|
5.2 |
MEDIUM
Local
|
octobercms
|
october
|
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, an authenticated backend user with the cms…
|
NVD-CWE-Other
|
CVE-2020-15247
|
2024-11-21 14:05 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215448
|
7.5 |
HIGH
Network
|
octobercms
|
october
|
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.421 and before version 1.0.469, an attacker can read local files on an Oct…
|
CWE-22
Path Traversal
|
CVE-2020-15246
|
2024-11-21 14:05 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215449
|
6.1 |
MEDIUM
Network
|
salesagility
|
suitecrm
|
SuiteCRM through 7.11.13 has an Open Redirect in the Documents module via a crafted SVG document.
|
CWE-601
Open Redirect
|
CVE-2020-15300
|
2024-11-21 14:05 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215450
|
7.8 |
HIGH
Local
|
salesagility
|
suitecrm
|
SuiteCRM through 7.11.13 allows CSV Injection via registration fields in the Accounts, Contacts, Opportunities, and Leads modules. These fields are mishandled during a Download Import File Template o…
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2020-15301
|
2024-11-21 14:05 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
