|
197151
|
4.8 |
MEDIUM
Network
|
emc
|
rsa_authentication_manager
|
RSA Authentication Manager versions prior to 8.4 P11 contain a stored cross-site scripting vulnerability in the Security Console. A malicious RSA Authentication Manager Security Console administrator…
|
CWE-79
Cross-site Scripting
|
CVE-2020-5346
|
2024-11-21 14:33 |
2020-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197152
|
7.5 |
HIGH
Network
|
dell
|
r1-2210_firmware
r1-2401_firmware
pc5500_firmware
x1000_firmware
x4012_firmware
|
Dell EMC Networking X-Series firmware versions 3.0.1.2 and older, Dell EMC Networking PC5500 firmware versions 4.1.0.22 and older and Dell EMC PowerEdge VRTX Switch Modules firmware versions 2.0.0.77…
|
-
|
CVE-2020-5330
|
2024-11-21 14:33 |
2020-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197153
|
4.9 |
MEDIUM
Network
|
auth0
|
auth0.js
|
auth0.js (NPM package auth0-js) greater than version 8.0.0 and before version 9.12.3 has a vulnerability. In the case of an (authentication) error, the error object returned by the library contains t…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-5263
|
2024-11-21 14:33 |
2020-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197154
|
7.5 |
HIGH
Network
|
git
git-scm
debian
canonical
fedoraproject
opensuse
|
git
debian_linux
ubuntu_linux
fedora
leap
|
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. Git uses external "credential helper" programs to store …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-5260
|
2024-11-21 14:33 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197155
|
3.7 |
LOW
Network
|
tendermint
|
tendermint
|
Tendermint before versions 0.33.3, 0.32.10, and 0.31.12 has a denial-of-service vulnerability. Tendermint does not limit the number of P2P connection requests. For each p2p connection, it allocates X…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-5303
|
2024-11-21 14:33 |
2020-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197156
|
6.5 |
MEDIUM
Network
|
mh-wikibot_project
|
mh-wikibot
|
MH-WikiBot (an IRC Bot for interacting with the Miraheze API), had a bug that allowed any unprivileged user to access the steward commands on the IRC interface by impersonating the Nickname used by a…
|
CWE-269
Improper Privilege Management
|
CVE-2020-5302
|
2024-11-21 14:33 |
2020-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197157
|
5.3 |
MEDIUM
Network
|
ory
|
hydra
|
In Hydra (an OAuth2 Server and OpenID Certified™ OpenID Connect Provider written in Go), before version 1.4.0+oryOS.17, when using client authentication method 'private_key_jwt' [1], OpenId specifica…
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2020-5300
|
2024-11-21 14:33 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197158
|
7.8 |
HIGH
Local
|
dell
|
latitude_7202_firmware
|
Dell Latitude 7202 Rugged Tablet BIOS versions prior to A28 contain a UAF vulnerability in EFI_BOOT_SERVICES in system management mode. A local unauthenticated attacker may exploit this vulnerability…
|
CWE-416
Use After Free
|
CVE-2020-5348
|
2024-11-21 14:33 |
2020-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197159
|
7.5 |
HIGH
Network
|
dell
|
emc_isilon_onefs
|
Dell EMC Isilon OneFS versions 8.2.2 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing oth…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-5347
|
2024-11-21 14:33 |
2020-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197160
|
3.5 |
LOW
Network
|
viewvc
|
viewvc
|
ViewVC before versions 1.1.28 and 1.2.1 has a XSS vulnerability in CVS show_subdir_lastmod support. The impact of this vulnerability is mitigated by the need for an attacker to have commit privileges…
|
CWE-79
Cross-site Scripting
|
CVE-2020-5283
|
2024-11-21 14:33 |
2020-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
