|
197601
|
7.5 |
HIGH
Network
|
freebsd
netapp
|
freebsd
clustered_data_ontap
|
In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 the handler for a routing option caches a pointer into th…
|
CWE-416
Use After Free
|
CVE-2020-7469
|
2024-11-21 14:37 |
2021-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197602
|
7.5 |
HIGH
Network
|
gosaml2_project
|
gosaml2
|
This affects all versions <0.7.0 of package github.com/russellhaering/gosaml2. There is a crash on nil-pointer dereference caused by sending malformed XML signatures.
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-7731
|
2024-11-21 14:37 |
2021-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197603
|
8.8 |
HIGH
Network
|
rapid7
|
metasploit
|
By launching the drb_remote_codeexec exploit, a Metasploit Framework user will inadvertently expose Metasploit to the same deserialization issue that is exploited by that module, due to the reliance …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-7385
|
2024-11-21 14:37 |
2021-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197604
|
9.8 |
CRITICAL
Network
|
anysupport
|
anysupport
|
AnySupport (Remote support solution) before 2019.3.21.0 allows directory traversing because of swprintf function to copy file from a management PC to a client PC. This can be lead to arbitrary file e…
|
CWE-22
Path Traversal
|
CVE-2020-7861
|
2024-11-21 14:37 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197605
|
8.6 |
HIGH
Network
|
cdnetworks
|
aquanplayer
|
There is a directory traversing vulnerability in the download page url of AquaNPlayer 2.0.0.92. The IP of the download page url is localhost and an attacker can traverse directories using "dot dot" s…
|
CWE-22
Path Traversal
|
CVE-2020-7858
|
2024-11-21 14:37 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197606
|
9.8 |
CRITICAL
Network
|
tobesoft
|
xplatform
|
A vulnerability of XPlatform could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient validation of improper classes. This issue affects: To…
|
CWE-20
Improper Input Validation
|
CVE-2020-7857
|
2024-11-21 14:37 |
2021-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197607
|
9.8 |
CRITICAL
Network
|
cnesty
|
helpcom
|
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient authentication validation.
|
CWE-287
Improper Authentication
|
CVE-2020-7856
|
2024-11-21 14:37 |
2021-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197608
|
7.8 |
HIGH
Local
|
innorix
|
file_transfer_solution
|
Innorix Web-Based File Transfer Solution versuibs prior to and including 9.2.18.385 contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to th…
|
CWE-88
Argument Injection
|
CVE-2020-7851
|
2024-11-21 14:37 |
2021-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197609
|
6.5 |
MEDIUM
Network
|
mcafee
|
endpoint_security
|
Cleartext Transmission of Sensitive Information between McAfee Endpoint Security (ENS) for Windows prior to 10.7.0 February 2021 Update and McAfee Global Threat Intelligence (GTI) servers using DNS a…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-7308
|
2024-11-21 14:37 |
2021-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197610
|
7.8 |
HIGH
Local
|
douzone
|
nbbdownloader.ocx
|
NBBDownloader.ocx ActiveX Control in Groupware contains a vulnerability that could allow remote files to be downloaded and executed by setting the arguments to the activex method. A remote attacker c…
|
CWE-88
Argument Injection
|
CVE-2020-7850
|
2024-11-21 14:37 |
2021-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
