|
211431
|
4.3 |
MEDIUM
Adjacent
|
tridium
|
niagara_enterprise_security
niagara
|
A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hanging and requires a manual restart of Niagara (Versions 4.6.96.28, 4.7.109.2…
|
NVD-CWE-Other
|
CVE-2020-14483
|
2024-11-21 14:03 |
2020-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211432
|
9.1 |
CRITICAL
Network
|
redhat
|
cloudforms_management_engine
|
A high severity vulnerability was found in all active versions of Red Hat CloudForms before 5.11.7.0. The out of band OS command injection vulnerability can be exploited by authenticated attacker whi…
|
CWE-78
OS Command
|
CVE-2020-14324
|
2024-11-21 14:03 |
2020-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211433
|
9.1 |
CRITICAL
Network
|
redhat
|
cloudforms
|
Red Hat CloudForms before 5.11.7.0 was vulnerable to the User Impersonation authorization flaw which allows malicious attacker to create existent and non-existent role-based access control user, with…
|
NVD-CWE-noinfo
|
CVE-2020-14325
|
2024-11-21 14:03 |
2020-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211434
|
5.5 |
MEDIUM
Local
|
x.org
debian
canonical
|
xorg-server
debian_linux
ubuntu_linux
|
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could r…
|
-
|
CVE-2020-14347
|
2024-11-21 14:03 |
2020-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211435
|
6.7 |
MEDIUM
Local
|
x.org
fedoraproject
canonical
opensuse
|
libx11
fedora
ubuntu_linux
leap
|
An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setu…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-14344
|
2024-11-21 14:03 |
2020-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211436
|
5.9 |
MEDIUM
Network
|
redhat
|
enmasse
amq_online
|
It was found that the AMQ Online console is vulnerable to a Cross-Site Request Forgery (CSRF) which is exploitable in cases where preflight checks are not instigated or bypassed. For example authoris…
|
CWE-352
Origin Validation Error
|
CVE-2020-14319
|
2024-11-21 14:03 |
2020-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211437
|
7.5 |
HIGH
Network
|
inductiveautomation
|
ignition_gateway
|
The affected product is vulnerable to an information leak, which may allow an attacker to obtain sensitive information on the Ignition 8 (all versions prior to 8.0.13).
|
CWE-862
Missing Authorization
|
CVE-2020-14520
|
2024-11-21 14:03 |
2020-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211438
|
5.8 |
MEDIUM
Network
|
redhat
|
ansible_tower
|
A data exposure flaw was found in Tower, where sensitive data was revealed from the HTTP return error codes. This flaw allows an unauthenticated, remote attacker to retrieve pages from the default or…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-14337
|
2024-11-21 14:03 |
2020-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211439
|
8.8 |
HIGH
Local
|
redhat
|
satellite
|
A flaw was found in Red Hat Satellite 6 which allows privileged attacker to read cache files. These cache credentials could help attacker to gain complete control of the Satellite instance.
|
-
|
CVE-2020-14334
|
2024-11-21 14:03 |
2020-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211440
|
8.8 |
HIGH
Network
|
freemedsoftware
|
openclinic_ga
|
OpenClinic GA 5.09.02 and 5.89.05b does not properly verify uploaded files, which may allow a low-privilege user to upload and execute arbitrary files on the system.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-14488
|
2024-11-21 14:03 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
