|
202241
|
6.1 |
MEDIUM
Network
|
sap
|
netweaver_as_abap_business_server_pages
|
SAP NetWeaver AS ABAP Business Server Pages Test Application SBSPEXT_TABLE, versions 700, 701, 702, 730, 731, 740, 750, 751, 752, 753, 754, does not sufficiently encode user-controlled inputs, result…
|
CWE-79
Cross-site Scripting
|
CVE-2020-6246
|
2024-11-21 14:35 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202242
|
4.4 |
MEDIUM
Local
|
sap
|
business_one
|
Under certain conditions SAP Business One (Backup service), versions 9.3, 10.0, allows an attacker with admin permissions to view SYSTEM user password in clear text, leading to Information Disclosure.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-6239
|
2024-11-21 14:35 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202243
|
9.8 |
CRITICAL
Network
|
sap
|
commerce
commerce_data_hub
|
SAP Commerce, versions - 6.7, 1808, 1811, 1905, and SAP Commerce (Data Hub), versions - 6.7, 1808, 1811, 1905, allows an attacker to bypass the authentication and/or authorization that has been confi…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-6265
|
2024-11-21 14:35 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202244
|
8.8 |
HIGH
Network
|
zoom
|
zoom
|
An exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 processes messages including shared code snippets. A specially crafted chat message can cause an arbit…
|
CWE-22
Path Traversal
|
CVE-2020-6110
|
2024-11-21 14:35 |
2020-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202245
|
9.8 |
CRITICAL
Network
|
zoom
|
zoom
|
An exploitable path traversal vulnerability exists in the Zoom client, version 4.6.10 processes messages including animated GIFs. A specially crafted chat message can cause an arbitrary file write, w…
|
CWE-22
Path Traversal
|
CVE-2020-6109
|
2024-11-21 14:35 |
2020-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202246
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in notifications in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass notification restrictions via a crafted HTML page.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-6504
|
2024-11-21 14:35 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202247
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-6503
|
2024-11-21 14:35 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202248
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Incorrect implementation in permissions in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-6502
|
2024-11-21 14:35 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202249
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in CSP in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-6501
|
2024-11-21 14:35 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202250
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in interstitials in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
NVD-CWE-noinfo
|
CVE-2020-6500
|
2024-11-21 14:35 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
