|
209631
|
6.1 |
MEDIUM
Network
|
cacti
debian
|
cacti
debian_linux
|
A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field
|
-
|
CVE-2020-25706
|
2024-11-21 14:18 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209632
|
5.9 |
MEDIUM
Network
|
python-rsa_project
redhat
fedoraproject
|
python-rsa
openstack_platform
fedora
|
It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
|
-
|
CVE-2020-25658
|
2024-11-21 14:18 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209633
|
6.5 |
MEDIUM
Network
|
redhat
|
advanced_cluster_management_for_kubernetes
|
An issue was discovered in ManagedClusterView API, that could allow secrets to be disclosed to users without the correct permissions. Views created for an admin user would be made available for a sho…
|
CWE-863
Incorrect Authorization
|
CVE-2020-25655
|
2024-11-21 14:18 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209634
|
9.8 |
CRITICAL
Network
|
saltstack
debian
|
salt
debian_linux
|
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
|
CWE-287
Improper Authentication
|
CVE-2020-25592
|
2024-11-21 14:18 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209635
|
7.5 |
HIGH
Network
|
microfocus
|
self_service_password_reset
|
Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. The vulnerability affects versions 4.4.0.0 to 4.4.0.6 and 4.5.0.1 and 4.5.0.2. In certain con…
|
NVD-CWE-noinfo
|
CVE-2020-25837
|
2024-11-21 14:18 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209636
|
6.5 |
MEDIUM
Adjacent
|
redhat
|
enterprise_linux
|
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. Thi…
|
-
|
CVE-2020-25662
|
2024-11-21 14:18 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209637
|
8.8 |
HIGH
Adjacent
|
redhat
|
enterprise_linux
|
A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. This flaw allows a remote attacker in an adjacent …
|
-
|
CVE-2020-25661
|
2024-11-21 14:18 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209638
|
6.5 |
MEDIUM
Network
|
redhat
netapp
|
wildfly
jboss_enterprise_application_platform
single_sign-on
jboss_fuse
jboss_data_grid
openshift_application_runtimes
fuse
oncommand_insight
service_level_manager
active_i…
|
A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able…
|
-
|
CVE-2020-25689
|
2024-11-21 14:18 |
2020-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209639
|
8.8 |
HIGH
Network
|
openfind
|
mailgates
mailaudit
|
MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and execute system commands from the cgi parameter after attackers obtain the user’s access token.
|
CWE-78
OS Command
|
CVE-2020-25849
|
2024-11-21 14:18 |
2020-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209640
|
7.5 |
HIGH
Network
|
ansible_collections_project
|
community.crypto
|
A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2020-25646
|
2024-11-21 14:18 |
2020-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
