|
208631
|
3.5 |
LOW
Network
|
touchbase.ai_project
|
touchbase.ai
|
toucbase.ai before version 2.0 leaks information by not stripping exif data from images. Anyone with access to the uploaded image of other users could obtain its geolocation, device, and software ver…
|
-
|
CVE-2020-26220
|
2024-11-21 14:19 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208632
|
6.1 |
MEDIUM
Network
|
touchbase.ai_project
|
touchbase.ai
|
touchbase.ai before version 2.0 is vulnerable to Open Redirect. Impacts can be many, and vary from theft of information and credentials, to the redirection to malicious websites containing attacker-c…
|
-
|
CVE-2020-26219
|
2024-11-21 14:19 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208633
|
6.1 |
MEDIUM
Network
|
touchbase.ai_project
|
touchbase.ai
|
touchbase.ai before version 2.0 is vulnerable to Cross-Site Scripting. The vulnerability allows an attacker to inject HTML payloads which could result in defacement, user redirection to a malicious w…
|
-
|
CVE-2020-26218
|
2024-11-21 14:19 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208634
|
8.6 |
HIGH
Network
|
cisco
|
ios_xr
|
A vulnerability in the ingress packet processing function of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, remote attacker to cause a de…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2020-26070
|
2024-11-21 14:19 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208635
|
9.8 |
CRITICAL
Network
|
hazelcast
|
hazelcast
jet
|
The LDAP authentication method in LdapLoginModule in Hazelcast IMDG Enterprise 4.x before 4.0.3, and Jet Enterprise 4.x through 4.2, doesn't verify properly the password in some system-user-dn scenar…
|
CWE-287
Improper Authentication
|
CVE-2020-26168
|
2024-11-21 14:19 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208636
|
6.5 |
MEDIUM
Network
|
cisco
|
edge_fog_fabric
|
A vulnerability in the REST API of Cisco Edge Fog Fabric could allow an authenticated, remote attacker to access files outside of their authorization sphere on an affected device. The vulnerability i…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-26084
|
2024-11-21 14:19 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208637
|
7.5 |
HIGH
Network
|
teler_project
|
teler
|
In teler before version 0.0.1, if you run teler inside a Docker container and encounter `errors.Exit` function, it will cause denial-of-service (`SIGSEGV`) because it doesn't get process ID and proce…
|
-
|
CVE-2020-26213
|
2024-11-21 14:19 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208638
|
4.3 |
MEDIUM
Network
|
cisco
|
telepresence_collaboration_endpoint
|
A vulnerability in the video endpoint API (xAPI) of Cisco TelePresence Collaboration Endpoint (CE) Software could allow an authenticated, remote attacker to gain access to sensitive information on an…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-26086
|
2024-11-21 14:19 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208639
|
4.8 |
MEDIUM
Network
|
cisco
|
identity_services_engine
|
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scr…
|
CWE-79
Cross-site Scripting
|
CVE-2020-26083
|
2024-11-21 14:19 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208640
|
9.8 |
CRITICAL
Network
|
alerta_project
|
alerta
|
In Alerta before version 8.1.0, users may be able to bypass LDAP authentication if they provide an empty password when Alerta server is configure to use LDAP as the authorization provider. Only deplo…
|
-
|
CVE-2020-26214
|
2024-11-21 14:19 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
