|
210801
|
9.8 |
CRITICAL
Network
|
apache
|
heron
|
It was noticed that Apache Heron 0.20.2-incubating, Release 0.20.1-incubating, and Release v-0.20.0-incubating does not configure its YAML parser to prevent the instantiation of arbitrary types, resu…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-1964
|
2024-11-21 14:11 |
2020-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210802
|
8.6 |
HIGH
Network
|
juniper
|
junos
junos_os_evolved
|
In a certain condition, receipt of a specific BGP UPDATE message might cause Juniper Networks Junos OS and Junos OS Evolved devices to advertise an invalid BGP UPDATE message to other peers, causing …
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2020-1632
|
2024-11-21 14:11 |
2020-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210803
|
5.3 |
MEDIUM
Network
|
libssh
canonical
netapp
redhat
fedoraproject
oracle
|
libssh
ubuntu_linux
cloud_backup
enterprise_linux
fedora
mysql_workbench
|
A flaw was found in libssh versions before 0.8.9 and before 0.9.4 in the way it handled AES-CTR (or DES ciphers if enabled) ciphers. The server or client could crash when the connection hasn't been f…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-1730
|
2024-11-21 14:11 |
2020-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210804
|
5.5 |
MEDIUM
Local
|
huawei
|
mate_30_pro_firmware
mate_30_firmware
|
There is an improper authentication vulnerability in several smartphones. Certain function interface in the system does not sufficiently validate the caller's identity in certain share scenario, succ…
|
CWE-287
Improper Authentication
|
CVE-2020-1801
|
2024-11-21 14:11 |
2020-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210805
|
7.8 |
HIGH
Local
|
facebook
|
instagram
|
A large heap overflow could occur in Instagram for Android when attempting to upload an image with specially crafted dimensions. This affects versions prior to 128.0.0.26.128.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-1895
|
2024-11-21 14:11 |
2020-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210806
|
7.8 |
HIGH
Local
|
oculus
|
desktop
|
Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges…
|
CWE-59
Link Following
|
CVE-2020-1885
|
2024-11-21 14:11 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210807
|
5.5 |
MEDIUM
Local
|
juniper
|
junos_os_evolved
|
A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via raw objmon configuration files. This issue affects all versions of Junos OS Evolved prior…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-1624
|
2024-11-21 14:11 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210808
|
5.5 |
MEDIUM
Local
|
juniper
|
junos_os_evolved
|
A local, authenticated user with shell can view sensitive configuration information via the ev.ops configuration file. This issue affects all versions of Junos OS Evolved prior to 19.2R1.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-1623
|
2024-11-21 14:11 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210809
|
5.5 |
MEDIUM
Local
|
juniper
|
junos_os_evolved
|
A local, authenticated user with shell can obtain the hashed values of login passwords and shared secrets via the EvoSharedObjStore. This issue affects all versions of Junos OS Evolved prior to 19.1R…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-1622
|
2024-11-21 14:11 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210810
|
5.5 |
MEDIUM
Local
|
juniper
|
junos_os_evolved
|
A local, authenticated user with shell can obtain the hashed values of login passwords via configd traces. This issue affects all versions of Junos OS Evolved prior to 19.3R1.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-1621
|
2024-11-21 14:11 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
