|
210221
|
8.8 |
HIGH
Local
|
xen
debian
fedoraproject
opensuse
|
xen
debian_linux
fedora
leap
|
An issue was discovered in Xen through 4.13.x, allowing x86 Intel HVM guest OS users to cause a host OS denial of service or possibly gain privileges because of insufficient cache write-back under VT…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-15565
|
2024-11-21 14:05 |
2020-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210222
|
7.5 |
HIGH
Network
|
mobileiron
|
reporting_database
enterprise_connector
cloud
sentry
core
|
An arbitrary file reading vulnerability in MobileIron Core versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attackers to read …
|
NVD-CWE-noinfo
|
CVE-2020-15507
|
2024-11-21 14:05 |
2020-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210223
|
6.5 |
MEDIUM
Local
|
xen
debian
fedoraproject
|
xen
debian_linux
fedora
|
An issue was discovered in Xen through 4.13.x, allowing Arm guest OS users to cause a hypervisor crash because of a missing alignment check in VCPUOP_register_vcpu_info. The hypercall VCPUOP_register…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2020-15564
|
2024-11-21 14:05 |
2020-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210224
|
6.5 |
MEDIUM
Local
|
xen
debian
fedoraproject
opensuse
|
xen
debian_linux
fedora
leap
|
An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2020-15563
|
2024-11-21 14:05 |
2020-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210225
|
9.8 |
CRITICAL
Network
|
mobileiron
|
reporting_database
enterprise_connector
cloud
sentry
core
|
An authentication bypass vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0 that allows remote attacke…
|
NVD-CWE-noinfo
|
CVE-2020-15506
|
2024-11-21 14:05 |
2020-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210226
|
9.8 |
CRITICAL
Network
|
mobileiron
|
core
enterprise_connector
sentry
monitor_and_reporting_database
|
A remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, 10.5.1.0, 10.5.2.0 and 10.6.0.0; and Sentry versions 9.7.2 …
|
CWE-706
Use of Incorrectly-Resolved Name or Reference
|
CVE-2020-15505
|
2024-11-21 14:05 |
2020-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210227
|
5.5 |
MEDIUM
Local
|
whoopsie_project
|
whoopsie
|
The parse_report() function in whoopsie.c in Whoopsie through 0.2.69 mishandles memory allocation failures, which allows an attacker to cause a denial of service via a malformed crash file.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2020-15570
|
2024-11-21 14:05 |
2020-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210228
|
5.5 |
MEDIUM
Local
|
milkytracker_project
debian
|
milkytracker
debian_linux
|
PlayerGeneric.cpp in MilkyTracker through 1.02.00 has a use-after-free in the PlayerGeneric destructor.
|
CWE-416
Use After Free
|
CVE-2020-15569
|
2024-11-21 14:05 |
2020-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210229
|
6.1 |
MEDIUM
Network
|
roundcube
debian
|
webmail
debian_linux
|
An issue was discovered in Roundcube Webmail before 1.2.11, 1.3.x before 1.3.14, and 1.4.x before 1.4.7. It allows XSS via a crafted HTML e-mail message, as demonstrated by a JavaScript payload in th…
|
CWE-79
Cross-site Scripting
|
CVE-2020-15562
|
2024-11-21 14:05 |
2020-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210230
|
9.8 |
CRITICAL
Network
|
solarwinds
|
serv-u_ftp_server
|
SolarWinds Serv-U FTP server before 15.2.1 does not validate an argument path.
|
CWE-20
Improper Input Validation
|
CVE-2020-15543
|
2024-11-21 14:05 |
2020-07-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
