|
210281
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generatio…
|
NVD-CWE-Other
|
CVE-2020-10702
|
2024-11-21 13:55 |
2020-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210282
|
9.8 |
CRITICAL
Network
|
rconfig
|
rconfig
|
rConfig 3.9.4 and previous versions has unauthenticated snippets.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, gr…
|
CWE-89
SQL Injection
|
CVE-2020-10549
|
2024-11-21 13:55 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210283
|
9.8 |
CRITICAL
Network
|
rconfig
|
rconfig
|
rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, gra…
|
CWE-89
SQL Injection
|
CVE-2020-10548
|
2024-11-21 13:55 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210284
|
9.8 |
CRITICAL
Network
|
rconfig
|
rconfig
|
rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to late…
|
CWE-89
SQL Injection
|
CVE-2020-10547
|
2024-11-21 13:55 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210285
|
9.8 |
CRITICAL
Network
|
rconfig
|
rconfig
|
rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral mo…
|
CWE-89
SQL Injection
|
CVE-2020-10546
|
2024-11-21 13:55 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210286
|
6.0 |
MEDIUM
Network
|
linuxfoundation
redhat
fedoraproject
|
cni_network_plugins
enterprise_linux
fedora
openshift_container_platform
|
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A m…
|
NVD-CWE-Other
|
CVE-2020-10749
|
2024-11-21 13:55 |
2020-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210287
|
9.8 |
CRITICAL
Network
|
github
|
github
|
An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories wi…
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2020-10516
|
2024-11-21 13:55 |
2020-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210288
|
7.5 |
HIGH
Network
|
istio
|
istio
|
Istio 1.4.x before 1.4.9 and Istio 1.5.x before 1.5.4 contain the following vulnerability when telemetry v2 is enabled: by sending a specially crafted packet, an attacker could trigger a Null Pointer…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-10739
|
2024-11-21 13:55 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210289
|
6.5 |
MEDIUM
Network
|
redhat
|
libvirt
|
A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more de…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-10703
|
2024-11-21 13:55 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210290
|
6.3 |
MEDIUM
Local
|
redhat
|
oddjob
|
A race condition was found in the mkhomedir tool shipped with the oddjob package in versions before 0.34.5 and 0.34.6 wherein, during the home creation, mkhomedir copies the /etc/skel directory into …
|
CWE-362
Race Condition
|
CVE-2020-10737
|
2024-11-21 13:55 |
2020-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
