|
208641
|
4.9 |
MEDIUM
Network
|
trendmicro
|
interscan_messaging_security_virtual_appliance
|
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an XML External Entity Processing (XXE) vulnerability which could allow an authenticated administrator to read …
|
CWE-611
XXE
|
CVE-2020-27017
|
2024-11-21 14:20 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208642
|
8.8 |
HIGH
Network
|
trendmicro
|
interscan_messaging_security_virtual_appliance
|
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a cross-site request forgery (CSRF) vulnerability which could allow an attacker to modify policy rules by trick…
|
CWE-352
Origin Validation Error
|
CVE-2020-27016
|
2024-11-21 14:20 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208643
|
9.8 |
CRITICAL
Network
|
percona
|
percona_server
|
An issue was discovered in the MongoDB Simple LDAP plugin through 2020-10-02 for Percona Server when using the SimpleLDAP authentication in conjunction with Microsoft’s Active Directory, Percona has …
|
CWE-287
Improper Authentication
|
CVE-2020-26542
|
2024-11-21 14:20 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208644
|
6.7 |
MEDIUM
Local
|
cisco
|
sd-wan_vmanage
|
A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. T…
|
CWE-88
Argument Injection
|
CVE-2020-27129
|
2024-11-21 14:20 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208645
|
6.5 |
MEDIUM
Network
|
cisco
|
sd-wan
|
A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to write arbitrary files to an affected system. The vulnerability is d…
|
CWE-22
Path Traversal
|
CVE-2020-27128
|
2024-11-21 14:20 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208646
|
5.5 |
MEDIUM
Local
|
cisco
|
anyconnect_secure_mobility_client
|
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to read arbitrary files on the unde…
|
NVD-CWE-noinfo
|
CVE-2020-27123
|
2024-11-21 14:20 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208647
|
6.7 |
MEDIUM
Local
|
cisco
|
identity_services_engine
|
A vulnerability in the Microsoft Active Directory integration of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to elevate privileges on an affected device. To expl…
|
CWE-269
Improper Privilege Management
|
CVE-2020-27122
|
2024-11-21 14:20 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208648
|
6.5 |
MEDIUM
Network
|
cisco
|
unified_communications_manager_im_and_presence_service
|
A vulnerability in Cisco Unified Communications Manager IM & Presence Service (Unified CM IM&P) Software could allow an authenticated, remote attacker to cause the Cisco XCP Authentication Se…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2020-27121
|
2024-11-21 14:20 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208649
|
7.5 |
HIGH
Network
|
lightbend
|
play_framework
|
An issue was discovered in PlayJava in Play Framework 2.6.0 through 2.8.2. The body parsing of HTTP requests eagerly parses a payload given a Content-Type header. A deep JSON structure sent to a vali…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27196
|
2024-11-21 14:20 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208650
|
7.5 |
HIGH
Network
|
lightbend
|
play_framework
|
In Play Framework 2.6.0 through 2.8.2, stack consumption can occur because of unbounded recursion during parsing of crafted JSON documents.
|
CWE-674
Uncontrolled Recursion
|
CVE-2020-26883
|
2024-11-21 14:20 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
