|
209481
|
9.8 |
CRITICAL
Network
|
openclinic_ga_project
|
openclinic_ga
|
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the description parameter. An attacker can make an authenticated HTTP request to trigger this vul…
|
CWE-89
SQL Injection
|
CVE-2020-27235
|
2024-11-21 14:20 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209482
|
9.8 |
CRITICAL
Network
|
openclinic_ga_project
|
openclinic_ga
|
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the serviceUID parameter. An attacker can make an authenticated HTTP request to trigger this vuln…
|
CWE-89
SQL Injection
|
CVE-2020-27234
|
2024-11-21 14:20 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209483
|
9.8 |
CRITICAL
Network
|
openclinic_ga_project
|
openclinic_ga
|
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173.3 in the supplierUID parameter. An attacker can make an authenticated HTTP request to trigger this vul…
|
CWE-89
SQL Injection
|
CVE-2020-27233
|
2024-11-21 14:20 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209484
|
7.8 |
HIGH
Local
|
openclinic_ga_project
|
openclinic_ga
|
An incorrect default permissions vulnerability exists in the installation functionality of OpenClinic GA 5.173.3. Overwriting the binary can result in privilege escalation. An attacker can replace a …
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-27228
|
2024-11-21 14:20 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209485
|
9.8 |
CRITICAL
Network
|
openclinic_ga_project
|
openclinic_ga
|
An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially crafted web requests can cause commands to be executed on the server. An attacker can send a web reques…
|
CWE-78
OS Command
|
CVE-2020-27227
|
2024-11-21 14:20 |
2021-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209486
|
6.0 |
MEDIUM
Local
|
linux
fedoraproject
debian
canonical
|
linux_kernel
fedora
debian_linux
ubuntu_linux
|
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic…
|
CWE-193
Off-by-one Error
|
CVE-2020-27171
|
2024-11-21 14:20 |
2021-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209487
|
4.7 |
MEDIUM
Local
|
linux
fedoraproject
canonical
debian
|
linux_kernel
fedora
ubuntu_linux
debian_linux
|
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spec…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2020-27170
|
2024-11-21 14:20 |
2021-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209488
|
7.8 |
HIGH
Local
|
softaculous
|
softaculous
|
Softaculous before 5.5.7 is affected by a code execution vulnerability because of External Initialization of Trusted Variables or Data Stores. This leads to privilege escalation on the local host.
|
CWE-665
Improper Initialization
|
CVE-2020-26886
|
2024-11-21 14:20 |
2021-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209489
|
7.5 |
HIGH
Network
|
mediaarea
fedoraproject
|
mediainfo
fedora
|
Mediainfo before version 20.08 has a heap buffer overflow vulnerability via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-26797
|
2024-11-21 14:20 |
2021-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209490
|
4.3 |
MEDIUM
Physics
|
hamilton-medical
|
hamilton-t1_firmware
|
In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, an XML validation vulnerability in the ventilator allows privileged attackers with physical access to render the device persistently un…
|
-
|
CVE-2020-27282
|
2024-11-21 14:20 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
