|
211701
|
7.8 |
HIGH
Local
|
redhat
|
single_sign-on
|
An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container can use this flaw to modify the /etc/passwd and escalate their …
|
-
|
CVE-2020-10695
|
2024-11-21 13:55 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211702
|
7.5 |
HIGH
Network
|
invigo
|
automatic_device_management
|
A directory traversal on the /admin/search_by.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to read arbitrary server files accessible to the user running …
|
CWE-22
Path Traversal
|
CVE-2020-10584
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211703
|
8.8 |
HIGH
Network
|
invigo
|
automatic_device_management
|
The /admin/admapi.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary OS commands on the server as the user running the appli…
|
CWE-78
OS Command
|
CVE-2020-10583
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211704
|
9.8 |
CRITICAL
Network
|
invigo
|
automatic_device_management
|
A SQL injection on the /admin/display_errors.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to execute arbitrary SQL requests (including data reading and m…
|
CWE-89
SQL Injection
|
CVE-2020-10582
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211705
|
7.5 |
HIGH
Network
|
invigo
|
automatic_device_management
|
Multiple session validity check issues in several administration functionalities of Invigo Automatic Device Management (ADM) through 5.0 allow remote attackers to read potentially sensitive data host…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-10581
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211706
|
8.8 |
HIGH
Network
|
invigo
|
automatic_device_management
|
A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary PHP code on the server as the…
|
CWE-77
Command Injection
|
CVE-2020-10580
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211707
|
7.5 |
HIGH
Network
|
invigo
|
automatic_device_management
|
A directory traversal on the /admin/sysmon.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to list the content of arbitrary server directories accessible to…
|
CWE-22
Path Traversal
|
CVE-2020-10579
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211708
|
8.8 |
HIGH
Network
|
github
|
github
|
A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers use…
|
NVD-CWE-noinfo
|
CVE-2020-10519
|
2024-11-21 13:55 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211709
|
5.9 |
MEDIUM
Network
|
owncloud
|
owncloud
|
An issue was discovered in ownCloud before 10.4. An attacker can bypass authentication on a password-protected image by displaying its preview.
|
CWE-287
Improper Authentication
|
CVE-2020-10254
|
2024-11-21 13:55 |
2021-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211710
|
8.3 |
HIGH
Network
|
owncloud
|
owncloud
|
An issue was discovered in ownCloud before 10.4. Because of an SSRF issue (via the apps/files_sharing/external remote parameter), an authenticated attacker can interact with local services blindly (a…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-10252
|
2024-11-21 13:55 |
2021-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
