|
211671
|
8.2 |
HIGH
Network
|
perl
fedoraproject
opensuse
oracle
|
perl
fedora
leap
communications_eagle_lnp_application_processor
sd-wan_edge
enterprise_manager_base_platform
communications_billing_and_revenue_management
communications_offline_…
|
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2020-10543
|
2024-11-21 13:55 |
2020-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211672
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
A flaw was found in QEMU in the implementation of the Pointer Authentication (PAuth) support for ARM introduced in version 4.0 and fixed in version 5.0.0. A general failure of the signature generatio…
|
NVD-CWE-Other
|
CVE-2020-10702
|
2024-11-21 13:55 |
2020-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211673
|
9.8 |
CRITICAL
Network
|
rconfig
|
rconfig
|
rConfig 3.9.4 and previous versions has unauthenticated snippets.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, gr…
|
CWE-89
SQL Injection
|
CVE-2020-10549
|
2024-11-21 13:55 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211674
|
9.8 |
CRITICAL
Network
|
rconfig
|
rconfig
|
rConfig 3.9.4 and previous versions has unauthenticated devices.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral movement, gra…
|
CWE-89
SQL Injection
|
CVE-2020-10548
|
2024-11-21 13:55 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211675
|
9.8 |
CRITICAL
Network
|
rconfig
|
rconfig
|
rConfig 3.9.4 and previous versions has unauthenticated compliancepolicyelements.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to late…
|
CWE-89
SQL Injection
|
CVE-2020-10547
|
2024-11-21 13:55 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211676
|
9.8 |
CRITICAL
Network
|
rconfig
|
rconfig
|
rConfig 3.9.4 and previous versions has unauthenticated compliancepolicies.inc.php SQL injection. Because, by default, nodes' passwords are stored in cleartext, this vulnerability leads to lateral mo…
|
CWE-89
SQL Injection
|
CVE-2020-10546
|
2024-11-21 13:55 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211677
|
6.0 |
MEDIUM
Network
|
linuxfoundation
redhat
fedoraproject
|
cni_network_plugins
enterprise_linux
fedora
openshift_container_platform
|
A vulnerability was found in all versions of containernetworking/plugins before version 0.8.6, that allows malicious containers in Kubernetes clusters to perform man-in-the-middle (MitM) attacks. A m…
|
NVD-CWE-Other
|
CVE-2020-10749
|
2024-11-21 13:55 |
2020-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211678
|
9.8 |
CRITICAL
Network
|
github
|
github
|
An improper access control vulnerability was identified in the GitHub Enterprise Server API that allowed an organization member to escalate permissions and gain access to unauthorized repositories wi…
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2020-10516
|
2024-11-21 13:55 |
2020-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211679
|
7.5 |
HIGH
Network
|
istio
|
istio
|
Istio 1.4.x before 1.4.9 and Istio 1.5.x before 1.5.4 contain the following vulnerability when telemetry v2 is enabled: by sending a specially crafted packet, an attacker could trigger a Null Pointer…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-10739
|
2024-11-21 13:55 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211680
|
6.5 |
MEDIUM
Network
|
redhat
|
libvirt
|
A NULL pointer dereference was found in the libvirt API responsible introduced in upstream version 3.10.0, and fixed in libvirt 6.0.0, for fetching a storage pool based on its target path. In more de…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-10703
|
2024-11-21 13:55 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
