|
210571
|
6.1 |
MEDIUM
Network
|
plesk
|
obsidian
|
A GET-based XSS reflected vulnerability in Plesk Obsidian 18.0.17 allows remote unauthenticated users to inject arbitrary JavaScript, HTML, or CSS via a GET parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2020-11583
|
2024-11-21 13:58 |
2020-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210572
|
5.9 |
MEDIUM
Local
|
canonical
|
ubuntu_linux
|
It was discovered that snapctl user-open allowed altering the $XDG_DATA_DIRS environment variable when calling the system xdg-open. OpenURL() in usersession/userd/launcher.go would alter $XDG_DATA_DI…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-11934
|
2024-11-21 13:58 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210573
|
6.8 |
MEDIUM
Physics
|
canonical
|
ubuntu_linux
snapd
|
cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices was run without restrictions on every boot, which a physical attacker could exploit by crafting cloud-init user-data/meta-d…
|
NVD-CWE-Other
|
CVE-2020-11933
|
2024-11-21 13:58 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210574
|
5.3 |
MEDIUM
Network
|
avertx
|
hd838_firmware
hd438_firmware
|
An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. Failed web UI login attempts elicit di…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2020-11625
|
2024-11-21 13:58 |
2020-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210575
|
9.8 |
CRITICAL
Network
|
avertx
|
hd838_firmware
hd438_firmware
|
An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. They do not require users to change th…
|
CWE-521
Weak Password Requirements
|
CVE-2020-11624
|
2024-11-21 13:58 |
2020-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210576
|
6.8 |
MEDIUM
Physics
|
avertx
|
hd838_firmware
hd438_firmware
|
An issue was discovered in AvertX Auto focus Night Vision HD Indoor/Outdoor IP Dome Camera HD838 and Night Vision HD Indoor/Outdoor Mini IP Bullet Camera HD438. An attacker with physical access to th…
|
NVD-CWE-noinfo
|
CVE-2020-11623
|
2024-11-21 13:58 |
2020-07-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210577
|
9.8 |
CRITICAL
Network
|
superwebmailer
|
superwebmailer
|
SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An unauthenticated remote attacker can exploit this behavior to ex…
|
CWE-94
Code Injection
|
CVE-2020-11546
|
2024-11-21 13:58 |
2020-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210578
|
7.8 |
HIGH
Local
|
gog
|
galaxy
|
In GOG Galaxy 1.2.67, there is a service that is vulnerable to weak file/service permissions: GalaxyClientService.exe. An attacker can put malicious code in a Trojan horse GalaxyClientService.exe. Af…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-11827
|
2024-11-21 13:58 |
2020-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210579
|
9.8 |
CRITICAL
Network
|
rittal
|
cmciii-pu-9333e0fb_firmware
pdu-3c002dec_firmware
cmc_iii_pu_7030.000_firmware
lcp-cw_firmware
iot_interface_3124.300
|
An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices. There is a least privilege violation.
|
CWE-269
Improper Privilege Management
|
CVE-2020-11956
|
2024-11-21 13:58 |
2020-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210580
|
8.8 |
HIGH
Network
|
rittal
|
cmciii-pu-9333e0fb_firmware
pdu-3c002dec_firmware
cmc_iii_pu_7030.000_firmware
lcp-cw_firmware
iot_interface_3124.300
|
An issue was discovered on Rittal PDU-3C002DEC through 5.15.70 and CMCIII-PU-9333E0FB through 3.15.70 devices. There are insecure permissions.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-11955
|
2024-11-21 13:58 |
2020-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
