|
198681
|
8.8 |
HIGH
Local
|
veritas
|
cloudpoint
netbackup_cloudpoint
|
An issue was discovered in Veritas CloudPoint before 8.3.0.1+hotfix. The CloudPoint Windows Agent leverages OpenSSL. This OpenSSL library attempts to load the \usr\local\ssl\openssl.cnf configuration…
|
NVD-CWE-noinfo
|
CVE-2020-36162
|
2024-11-21 14:28 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198682
|
8.8 |
HIGH
Local
|
veritas
|
aptare_it_analytics
|
An issue was discovered in Veritas APTARE 10.4 before 10.4P9 and 10.5 before 10.5P3. By default, on Windows systems, users can create directories under C:\. A low privileged user can create a directo…
|
NVD-CWE-noinfo
|
CVE-2020-36161
|
2024-11-21 14:28 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198683
|
8.8 |
HIGH
Local
|
veritas
|
system_recovery
|
An issue was discovered in Veritas System Recovery before 21.2. On start-up, it loads the OpenSSL library from \usr\local\ssl. This library attempts to load the from \usr\local\ssl\openssl.cnf config…
|
NVD-CWE-noinfo
|
CVE-2020-36160
|
2024-11-21 14:28 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198684
|
7.5 |
HIGH
Network
|
gjson_project
|
gjson
|
GJSON <=v1.6.5 allows attackers to cause a denial of service (panic: runtime error: slice bounds out of range) via a crafted GET call.
|
CWE-129
Improper Validation of Array Index
|
CVE-2020-36067
|
2024-11-21 14:28 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198685
|
7.5 |
HIGH
Network
|
gjson_project
|
gjson
|
GJSON <1.6.5 allows attackers to cause a denial of service (remote) via crafted JSON.
|
NVD-CWE-noinfo
|
CVE-2020-36066
|
2024-11-21 14:28 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198686
|
5.3 |
MEDIUM
Network
|
veritas
|
desktop_and_laptop_option
|
Veritas Desktop and Laptop Option (DLO) before 9.5 disclosed operational information on the backup processing status through a URL that did not require authentication.
|
NVD-CWE-noinfo
|
CVE-2020-36159
|
2024-11-21 14:28 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198687
|
6.7 |
MEDIUM
Local
|
linux
fedoraproject
debian
netapp
|
linux_kernel
fedora
debian_linux
cloud_backup
solidfire_baseboard_management_controller_firmware
|
mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-36158
|
2024-11-21 14:28 |
2021-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198688
|
9.8 |
CRITICAL
Network
|
ultimatemember
|
ultimate_member
|
An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Roles. Due to the lack of filtering on the role parameter that cou…
|
NVD-CWE-noinfo
|
CVE-2020-36157
|
2024-11-21 14:28 |
2021-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198689
|
8.8 |
HIGH
Network
|
ultimatemember
|
ultimate_member
|
An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Authenticated Privilege Escalation via Profile Update. Any user with wp-admin access to the profile.php page cou…
|
CWE-269
Improper Privilege Management
|
CVE-2020-36156
|
2024-11-21 14:28 |
2021-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198690
|
9.8 |
CRITICAL
Network
|
ultimatemember
|
ultimate_member
|
An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Meta. An attacker could supply an array parameter for sensitive me…
|
CWE-269
Improper Privilege Management
|
CVE-2020-36155
|
2024-11-21 14:28 |
2021-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
