|
197591
|
9.1 |
CRITICAL
Network
|
minisnmpd_project
|
minisnmpd
|
An exploitable out-of-bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets. A specially crafted SNMP request can trigger an out-of-bounds memory read, which …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-6058
|
2024-11-21 14:35 |
2020-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197592
|
5.3 |
MEDIUM
Network
|
linuxfoundation
|
the_update_framework
|
TUF (aka The Update Framework) 0.7.2 through 0.12.1 allows Uncontrolled Resource Consumption.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-6173
|
2024-11-21 14:35 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197593
|
4.3 |
MEDIUM
Network
|
sap
|
basis
|
Automated Note Search Tool (update provided in SAP Basis 7.0, 7.01, 7.02, 7.31, 7.4, 7.5, 7.51, 7.52, 7.53 and 7.54) does not perform sufficient authorization checks leading to the reading of sensiti…
|
CWE-863
Incorrect Authorization
|
CVE-2020-6307
|
2024-11-21 14:35 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197594
|
2.7 |
LOW
Network
|
sap
|
leasing
|
Missing authorization check in a transaction within SAP Leasing (update provided in SAP_APPL 6.18, EA-APPL 6.0, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16 and 6.17).
|
CWE-862
Missing Authorization
|
CVE-2020-6306
|
2024-11-21 14:35 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197595
|
6.1 |
MEDIUM
Network
|
sap
|
process_integration
|
PI Rest Adapter of SAP Process Integration (update provided in SAP_XIAF 7.31, 7.40, 7.50) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2020-6305
|
2024-11-21 14:35 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197596
|
5.4 |
MEDIUM
Network
|
sap
|
disclosure_management
|
SAP Disclosure Management, before version 10.1, does not validate user input properly in specific use cases leading to Cross-Site Scripting.
|
CWE-79
Cross-site Scripting
|
CVE-2020-6303
|
2024-11-21 14:35 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197597
|
8.8 |
HIGH
Network
|
google
opensuse
fedoraproject
redhat
debian
|
chrome
leap
backports_sle
fedora
enterprise_linux_desktop
enterprise_linux_workstation
debian_linux
|
Use after free in audio in Google Chrome prior to 79.0.3945.117 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2020-6377
|
2024-11-21 14:35 |
2020-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197598
|
7.5 |
HIGH
Network
|
sap
|
netweaver_internet_communication_manager_\(kernel\)
netweaver_internet_communication_manager_\(krnl32nuc\)
netweaver_internet_communication_manager_\(krnl32uc\)
netweaver_internet_communicat…
|
Improper input validation in SAP NetWeaver Internet Communication Manager (update provided in KRNL32NUC & KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT KRNL64NUC & KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49…
|
CWE-20
Improper Input Validation
|
CVE-2020-6304
|
2024-11-21 14:35 |
2020-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197599
|
9.1 |
CRITICAL
Network
|
bftpd_project
|
bftpd
|
An issue was discovered in Bftpd 5.3. Under certain circumstances, an out-of-bounds read is triggered due to an uninitialized value. The daemon crashes at startup in the hidegroups_init function in d…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-6162
|
2024-11-21 14:35 |
2020-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197600
|
7.6 |
HIGH
Network
|
webfactoryltd
|
minimal_coming_soon_\&_maintenance_mode
|
A flaw in the WordPress plugin, Minimal Coming Soon & Maintenance Mode through 2.10, allows authenticated users with basic access to enable and disable maintenance-mode settings (impacting the availa…
|
CWE-862
Missing Authorization
|
CVE-2020-6168
|
2024-11-21 14:35 |
2020-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
