|
208711
|
5.9 |
MEDIUM
Network
|
python-rsa_project
redhat
fedoraproject
|
python-rsa
openstack_platform
fedora
|
It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
|
-
|
CVE-2020-25658
|
2024-11-21 14:18 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208712
|
6.5 |
MEDIUM
Network
|
redhat
|
advanced_cluster_management_for_kubernetes
|
An issue was discovered in ManagedClusterView API, that could allow secrets to be disclosed to users without the correct permissions. Views created for an admin user would be made available for a sho…
|
CWE-863
Incorrect Authorization
|
CVE-2020-25655
|
2024-11-21 14:18 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208713
|
9.8 |
CRITICAL
Network
|
saltstack
debian
|
salt
debian_linux
|
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
|
CWE-287
Improper Authentication
|
CVE-2020-25592
|
2024-11-21 14:18 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208714
|
7.5 |
HIGH
Network
|
microfocus
|
self_service_password_reset
|
Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. The vulnerability affects versions 4.4.0.0 to 4.4.0.6 and 4.5.0.1 and 4.5.0.2. In certain con…
|
NVD-CWE-noinfo
|
CVE-2020-25837
|
2024-11-21 14:18 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208715
|
6.5 |
MEDIUM
Adjacent
|
redhat
|
enterprise_linux
|
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. Thi…
|
-
|
CVE-2020-25662
|
2024-11-21 14:18 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208716
|
8.8 |
HIGH
Adjacent
|
redhat
|
enterprise_linux
|
A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. This flaw allows a remote attacker in an adjacent …
|
-
|
CVE-2020-25661
|
2024-11-21 14:18 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208717
|
6.5 |
MEDIUM
Network
|
redhat
netapp
|
wildfly
jboss_enterprise_application_platform
single_sign-on
jboss_fuse
jboss_data_grid
openshift_application_runtimes
fuse
oncommand_insight
service_level_manager
active_i…
|
A memory leak flaw was found in WildFly in all versions up to 21.0.0.Final, where host-controller tries to reconnect in a loop, generating new connections which are not properly closed while not able…
|
-
|
CVE-2020-25689
|
2024-11-21 14:18 |
2020-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208718
|
8.8 |
HIGH
Network
|
openfind
|
mailgates
mailaudit
|
MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and execute system commands from the cgi parameter after attackers obtain the user’s access token.
|
CWE-78
OS Command
|
CVE-2020-25849
|
2024-11-21 14:18 |
2020-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208719
|
7.5 |
HIGH
Network
|
ansible_collections_project
|
community.crypto
|
A flaw was found in Ansible Collection community.crypto. openssl_privatekey_info exposes private key in logs. This directly impacts confidentiality
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2020-25646
|
2024-11-21 14:18 |
2020-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208720
|
7.5 |
HIGH
Network
|
commvault
|
commcell
|
In CommCell in Commvault before 14.68, 15.x before 15.58, 16.x before 16.44, 17.x before 17.29, and 18.x before 18.13, Directory Traversal can occur such that an attempt to view a log file can instea…
|
CWE-22
Path Traversal
|
CVE-2020-25780
|
2024-11-21 14:18 |
2020-10-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
