|
211661
|
9.8 |
CRITICAL
Network
|
pam-krb5_project
debian
|
pam-krb5
debian_linux
|
pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underly…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-10595
|
2024-11-21 13:55 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211662
|
9.8 |
CRITICAL
Network
|
paessler
|
prtg_network_monitor
|
A webserver component in Paessler PRTG Network Monitor 19.2.50 to PRTG 20.1.56 allows unauthenticated remote command execution via a crafted POST request or the what parameter of the screenshot funct…
|
CWE-20
Improper Input Validation
|
CVE-2020-10374
|
2024-11-21 13:55 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211663
|
5.9 |
MEDIUM
Network
|
opensource-socialnetwork
|
open_source_social_network
|
An issue was discovered in Open Source Social Network (OSSN) through 5.3. A user-controlled file path with a weak cryptographic rand() can be used to read any file with the permissions of the webserv…
|
CWE-338
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
|
CVE-2020-10560
|
2024-11-21 13:55 |
2020-03-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211664
|
8.8 |
HIGH
Network
|
advantech
|
webaccess
|
In Advantech WebAccess, Versions 8.4.2 and prior. A stack-based buffer overflow vulnerability caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-10607
|
2024-11-21 13:55 |
2020-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211665
|
6.5 |
MEDIUM
Network
|
sun
|
ehrd
|
Sunnet eHRD, a human training and development management system, contains a vulnerability of Broken Access Control. After login, attackers can use a specific URL, access unauthorized functionality an…
|
CWE-863
Incorrect Authorization
|
CVE-2020-10510
|
2024-11-21 13:55 |
2020-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211666
|
6.1 |
MEDIUM
Network
|
sun
|
ehrd
|
Sunnet eHRD, a human training and development management system, contains vulnerability of Cross-Site Scripting (XSS), attackers can inject arbitrary command into the system and launch XSS attack.
|
CWE-79
Cross-site Scripting
|
CVE-2020-10509
|
2024-11-21 13:55 |
2020-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211667
|
7.5 |
HIGH
Network
|
sun
|
ehrd
|
Sunnet eHRD, a human training and development management system, improperly stores system files. Attackers can use a specific URL and capture confidential information.
|
NVD-CWE-noinfo
|
CVE-2020-10508
|
2024-11-21 13:55 |
2020-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211668
|
9.8 |
CRITICAL
Network
|
codesys
|
control_for_plcnext
control_for_beaglebone
control_for_empc-a\/imx6
control_for_iot2000
control_for_linux
control_for_pfc100
control_for_pfc200
control_for_raspberry_pi
contro…
|
CODESYS V3 web server before 3.5.15.40, as used in CODESYS Control runtime systems, has a buffer overflow.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-10245
|
2024-11-21 13:55 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211669
|
7.8 |
HIGH
Local
|
asus
|
device_activation
|
DevActSvc.exe in ASUS Device Activation before 1.0.7.0 for Windows 10 notebooks and PCs could lead to unsigned code execution with no additional restrictions when a user puts an application at a part…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-10649
|
2024-11-21 13:55 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211670
|
5.4 |
MEDIUM
Network
|
wpforms
|
contact_form
|
A stored cross-site scripting (XSS) vulnerability exists in the WPForms Contact Form (aka wpforms-lite) plugin before 1.5.9 for WordPress.
|
CWE-79
Cross-site Scripting
|
CVE-2020-10385
|
2024-11-21 13:55 |
2020-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
