|
210931
|
6.5 |
MEDIUM
Network
|
moodle
|
moodle
|
Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course.
|
NVD-CWE-noinfo
|
CVE-2020-1692
|
2024-11-21 14:11 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210932
|
8.8 |
HIGH
Network
|
paloaltonetworks
|
expedition_migration_tool
|
Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on…
|
CWE-352
Origin Validation Error
|
CVE-2020-1977
|
2024-11-21 14:11 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210933
|
5.5 |
MEDIUM
Local
|
paloaltonetworks
|
globalprotect
|
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash. This issue affects…
|
CWE-20
Improper Input Validation
|
CVE-2020-1976
|
2024-11-21 14:11 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210934
|
8.8 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This is…
|
CWE-611
XXE
|
CVE-2020-1975
|
2024-11-21 14:11 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210935
|
7.5 |
HIGH
Network
|
apache
|
nifi
|
In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. In the event a node attempted to join a cluster and the c…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-1942
|
2024-11-21 14:11 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210936
|
5.9 |
MEDIUM
Network
|
libpod_project
redhat
|
libpod
enterprise_linux
openshift_container_platform
|
A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious contain…
|
-
|
CVE-2020-1726
|
2024-11-21 14:11 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210937
|
6.0 |
MEDIUM
Network
|
qemu
redhat
debian
opensuse
|
qemu
enterprise_linux
openstack
debian_linux
leap
|
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-1711
|
2024-11-21 14:11 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210938
|
5.4 |
MEDIUM
Network
|
redhat
|
keycloak
single_sign-on
|
It was found in all keycloak versions before 9.0.0 that links to external applications (Application Links) in the admin console are not validated properly and could allow Stored XSS attacks. An authe…
|
CWE-79
Cross-site Scripting
|
CVE-2020-1697
|
2024-11-21 14:11 |
2020-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210939
|
7.0 |
HIGH
Local
|
redhat
|
openshift_container_platform
|
It has been found in openshift-enterprise version 3.11 and all openshift-enterprise versions from 4.1 to, including 4.3, that multiple containers modify the permissions of /etc/passwd to make them mo…
|
-
|
CVE-2020-1708
|
2024-11-21 14:11 |
2020-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210940
|
6.5 |
MEDIUM
Network
|
ceph
redhat
opensuse
canonical
|
ceph
openshift_container_storage
leap
ubuntu_linux
|
A flaw was found in the way the Ceph RGW Beast front-end handles unexpected disconnects. An authenticated attacker can abuse this flaw by making multiple disconnect attempts resulting in a permanent …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-1700
|
2024-11-21 14:11 |
2020-02-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
