|
208661
|
8.1 |
HIGH
Network
|
postgresql
debian
|
postgresql
debian_linux
|
A flaw was found in PostgreSQL versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If a client application that creates additional database connections onl…
|
-
|
CVE-2020-25694
|
2024-11-21 14:18 |
2020-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208662
|
8.8 |
HIGH
Network
|
cmsuno_project
|
cmsuno
|
In CMSuno 1.6.2, an attacker can inject malicious PHP code as a "username" while changing his/her username & password. After that, when attacker logs in to the application, attacker's code will be ru…
|
CWE-94
Code Injection
|
CVE-2020-25557
|
2024-11-21 14:18 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208663
|
8.8 |
HIGH
Network
|
cmsuno_project
|
cmsuno
|
An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php file in CMSuno 1.6.2 and run this PHP code in the web page. In this way, attacker can takeover the contro…
|
CWE-94
Code Injection
|
CVE-2020-25538
|
2024-11-21 14:18 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208664
|
6.1 |
MEDIUM
Network
|
cacti
debian
|
cacti
debian_linux
|
A cross-site scripting (XSS) vulnerability exists in templates_import.php (Cacti 1.2.13) due to Improper escaping of error message during template import preview in the xml_path field
|
-
|
CVE-2020-25706
|
2024-11-21 14:18 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208665
|
5.9 |
MEDIUM
Network
|
python-rsa_project
redhat
fedoraproject
|
python-rsa
openstack_platform
fedora
|
It was found that python-rsa is vulnerable to Bleichenbacher timing attacks. An attacker can use this flaw via the RSA decryption API to decrypt parts of the cipher text encrypted with RSA.
|
-
|
CVE-2020-25658
|
2024-11-21 14:18 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208666
|
6.5 |
MEDIUM
Network
|
redhat
|
advanced_cluster_management_for_kubernetes
|
An issue was discovered in ManagedClusterView API, that could allow secrets to be disclosed to users without the correct permissions. Views created for an admin user would be made available for a sho…
|
CWE-863
Incorrect Authorization
|
CVE-2020-25655
|
2024-11-21 14:18 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208667
|
9.8 |
CRITICAL
Network
|
saltstack
debian
|
salt
debian_linux
|
In SaltStack Salt through 3002, salt-netapi improperly validates eauth credentials and tokens. A user can bypass authentication and invoke Salt SSH.
|
CWE-287
Improper Authentication
|
CVE-2020-25592
|
2024-11-21 14:18 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208668
|
7.5 |
HIGH
Network
|
microfocus
|
self_service_password_reset
|
Sensitive information disclosure vulnerability in Micro Focus Self Service Password Reset (SSPR) product. The vulnerability affects versions 4.4.0.0 to 4.4.0.6 and 4.5.0.1 and 4.5.0.2. In certain con…
|
NVD-CWE-noinfo
|
CVE-2020-25837
|
2024-11-21 14:18 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208669
|
6.5 |
MEDIUM
Adjacent
|
redhat
|
enterprise_linux
|
A Red Hat only CVE-2020-12352 regression issue was found in the way the Linux kernel's Bluetooth stack implementation handled the initialization of stack memory when handling certain AMP packets. Thi…
|
-
|
CVE-2020-25662
|
2024-11-21 14:18 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208670
|
8.8 |
HIGH
Adjacent
|
redhat
|
enterprise_linux
|
A Red Hat only CVE-2020-12351 regression issue was found in the way the Linux kernel's Bluetooth implementation handled L2CAP packets with A2MP CID. This flaw allows a remote attacker in an adjacent …
|
-
|
CVE-2020-25661
|
2024-11-21 14:18 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
