|
209911
|
6.1 |
MEDIUM
Network
|
typo3
|
typo3
|
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site…
|
-
|
CVE-2020-26227
|
2024-11-21 14:19 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209912
|
5.4 |
MEDIUM
Network
|
scratchaddons
|
scratch_addons
|
Scratch Addons is a WebExtension that supports both Chrome and Firefox. Scratch Addons before version 1.3.2 is vulnerable to DOM-based XSS. If the victim visited a specific website, the More Links ad…
|
-
|
CVE-2020-26239
|
2024-11-21 14:19 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209913
|
7.5 |
HIGH
Network
|
scratchverifier
|
scratchverifier
|
In ScratchVerifier before commit a603769, an attacker can hijack the verification process to log into someone else's account on any site that uses ScratchVerifier for logins. A possible exploitation …
|
-
|
CVE-2020-26236
|
2024-11-21 14:19 |
2020-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209914
|
7.8 |
HIGH
Local
|
pritunl
|
pritunl-client-electron
|
Privilege escalation via arbitrary file write in pritunl electron client 1.0.1116.6 through v1.2.2550.20. Successful exploitation of the issue may allow an attacker to execute code on the effected sy…
|
CWE-59
Link Following
|
CVE-2020-25989
|
2024-11-21 14:19 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209915
|
8.1 |
HIGH
Network
|
semantic-release_project
|
semantic-release
|
In the npm package semantic-release before version 17.2.3, secrets that would normally be masked by `semantic-release` can be accidentally disclosed if they contain characters that become encoded whe…
|
-
|
CVE-2020-26226
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209916
|
6.1 |
MEDIUM
Network
|
jupyter
debian
|
notebook
debian_linux
|
Jupyter Notebook before version 6.1.5 has an Open redirect vulnerability. A maliciously crafted link to a notebook server could redirect the browser to a different website. All notebook servers are t…
|
-
|
CVE-2020-26215
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209917
|
9.8 |
CRITICAL
Network
|
planet
|
nvr-915_firmware
nvr-1615_firmware
|
The firmware of the PLANET Technology Corp NVR-915 and NVR-1615 before 2020-10-28 embeds default credentials for root access via telnet. By exposing telnet on the Internet, remote root access on the …
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-26097
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209918
|
6.1 |
MEDIUM
Network
|
cisco
|
iot_field_network_director
|
Multiple vulnerabilities in the web UI of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against users on an affe…
|
CWE-74
Injection
|
CVE-2020-26081
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209919
|
4.1 |
MEDIUM
Network
|
cisco
|
iot_field_network_director
|
A vulnerability in the user management functionality of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to manage user information for users in different domains …
|
CWE-269
Improper Privilege Management
|
CVE-2020-26080
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209920
|
6.5 |
MEDIUM
Network
|
cisco
|
iot_field_network_director
|
A vulnerability in the file system of Cisco IoT Field Network Director (FND) could allow an authenticated, remote attacker to overwrite files on an affected system. The vulnerability is due to insuff…
|
CWE-22
Path Traversal
|
CVE-2020-26078
|
2024-11-21 14:19 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
