|
197321
|
7.8 |
HIGH
Local
|
neutrinolabs
|
xrdp
|
The xrdp-sesman service before version 0.9.13.1 can be crashed by connecting over port 3350 and supplying a malicious payload. Once the xrdp-sesman process is dead, an unprivileged attacker on the se…
|
-
|
CVE-2020-4044
|
2024-11-21 14:32 |
2020-07-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197322
|
7.5 |
HIGH
Network
|
coturn_project
debian
fedoraproject
canonical
opensuse
|
coturn
debian_linux
fedora
ubuntu_linux
leap
|
In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an …
|
-
|
CVE-2020-4067
|
2024-11-21 14:32 |
2020-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197323
|
5.4 |
MEDIUM
Network
|
oauth2_proxy_project
|
oauth2_proxy
|
In OAuth2 Proxy from version 5.1.1 and less than version 6.0.0, users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This is exp…
|
-
|
CVE-2020-4037
|
2024-11-21 14:32 |
2020-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197324
|
5.4 |
MEDIUM
Network
|
ibm
|
business_process_manager
business_automation_workflow
|
IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScrip…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4557
|
2024-11-21 14:32 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197325
|
7.5 |
HIGH
Network
|
ibm
|
api_connect
|
IBM API Connect V2018.4.1.0 through 2018.4.1.11 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 181324.
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-4452
|
2024-11-21 14:32 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197326
|
6.5 |
MEDIUM
Network
|
hcltech
|
notes
|
HCL Notes is vulnerable to an information leakage vulnerability through its support for the 'mailto' protocol. This vulnerability could result in files from the user's filesystem or connected network…
|
NVD-CWE-noinfo
|
CVE-2020-4089
|
2024-11-21 14:32 |
2020-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197327
|
5.9 |
MEDIUM
Network
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an attacker to obtain sensitive information due to insecure communications being used between the application and server. IBM X-Force ID: 1…
|
CWE-200
Information Exposure
|
CVE-2020-4565
|
2024-11-21 14:32 |
2020-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197328
|
5.4 |
MEDIUM
Network
|
ibm
|
maximo_asset_management
|
IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended fun…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4223
|
2024-11-21 14:32 |
2020-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197329
|
5.3 |
MEDIUM
Network
|
jhipster
|
generator-jhipster-kotlin
|
In generator-jhipster-kotlin version 1.6.0 log entries are created for invalid password reset attempts. As the email is provided by a user and the api is public this can be used by an attacker to for…
|
-
|
CVE-2020-4072
|
2024-11-21 14:32 |
2020-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197330
|
5.5 |
MEDIUM
Local
|
vmware
|
workstation
fusion
esxi
cloud_foundation
|
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxne…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-3971
|
2024-11-21 14:32 |
2020-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
