|
198921
|
9.8 |
CRITICAL
Network
|
gentoo
|
ebuild_for_slurm
|
pkg_postinst in the Gentoo ebuild for Slurm through 22.05.3 unnecessarily calls chown to assign root's ownership on files in the live root filesystem. This could be exploited by the slurm user to bec…
|
NVD-CWE-noinfo
|
CVE-2020-36770
|
2024-11-21 14:30 |
2024-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198922
|
9.8 |
CRITICAL
Network
|
reiner-lemoine-institut
|
nesp2
|
A vulnerability was found in rl-institut NESP2 Initial Release/1.0. It has been classified as critical. Affected is an unknown function of the file app/database.py. The manipulation leads to sql inje…
|
-
|
CVE-2020-36768
|
2024-11-21 14:30 |
2023-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198923
|
7.5 |
HIGH
Network
|
vareille
|
tinyfiledialogs
|
tinyfiledialogs (aka tiny file dialogs) before 3.8.0 allows shell metacharacters in titles, messages, and other input data.
|
NVD-CWE-noinfo
|
CVE-2020-36767
|
2024-11-21 14:30 |
2023-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198924
|
5.4 |
MEDIUM
Network
|
duxcms_project
|
duxcms
|
Cross Site Scripting (XSS) vulnerability in DuxCMS 2.1 allows remote attackers to run arbitrary code via the content, time, copyfrom parameters when adding or editing a post.
|
CWE-79
Cross-site Scripting
|
CVE-2020-36763
|
2024-11-21 14:30 |
2023-08-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198925
|
9.8 |
CRITICAL
Network
|
ons
|
ras_collection_instrument
|
A vulnerability was found in ONS Digital RAS Collection Instrument up to 2.0.27 and classified as critical. Affected by this issue is the function jobs of the file .github/workflows/comment.yml. The …
|
-
|
CVE-2020-36762
|
2024-11-21 14:30 |
2023-07-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198926
|
7.8 |
HIGH
Local
|
hitachi
|
compute_systems_manager
device_manager
replication_manager
tiered_storage_manager
tuning_manager
|
Incorrect Default Permissions vulnerability in Hitachi Device Manager on Linux (Device Manager Server component), Hitachi Tiered Storage Manager on Linux, Hitachi Replication Manager on Linux, Hitach…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-36695
|
2024-11-21 14:30 |
2023-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198927
|
5.3 |
MEDIUM
Network
|
crypto-js_project
|
crypto-js
|
The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an integer, which makes the output more predictable than necessary.
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2020-36732
|
2024-11-21 14:30 |
2023-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198928
|
6.7 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurren…
|
CWE-416
Use After Free
|
CVE-2020-36694
|
2024-11-21 14:30 |
2023-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198929
|
5.4 |
MEDIUM
Network
|
sophos
|
web_appliance
|
A reflected XSS via POST vulnerability in report scheduler of Sophos Web Appliance versions older than 4.3.10.4 allows execution of JavaScript code in the victim browser via a malicious form that mus…
|
CWE-79
Cross-site Scripting
|
CVE-2020-36692
|
2024-11-21 14:30 |
2023-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198930
|
8.8 |
HIGH
Network
|
e-plugins
|
wp_membership
fitness_trainer
hotel_directory
hospital_\&_doctor_directory
lawyer_directory
institutions_directory
real_estate_pro
final_user
directory_pro
photographer…
|
The directory-pro WordPress plugin before 1.9.5, final-user-wp-frontend-user-profiles WordPress plugin before 1.2.2, producer-retailer WordPress plugin through TODO, photographer-directory WordPress …
|
NVD-CWE-noinfo
|
CVE-2020-36666
|
2024-11-21 14:30 |
2023-03-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
