|
196151
|
6.0 |
MEDIUM
Local
|
oneplus
|
oneplus_7_pro_firmware
|
An issue was discovered on OnePlus 7 Pro devices before 10.0.3.GM21BA. The firmware was found to contain functionality that allows a privileged user (root) in the Rich Execution Environment (REE) to …
|
NVD-CWE-noinfo
|
CVE-2020-7958
|
2024-11-21 14:38 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196152
|
6.5 |
MEDIUM
Network
|
mongodb
|
mongodb_enterprise_kubernetes_operator
|
X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the Kubernetes cluster improper access to MongoDB instances. Customers who do not use X…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-7922
|
2024-11-21 14:38 |
2020-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196153
|
5.3 |
MEDIUM
Local
|
bitdefender
|
antimalware_software_development_kit
|
Untrusted Search Path vulnerability in Bitdefender High-Level Antimalware SDK for Windows allows an attacker to load third party code from a DLL library in the search path. This issue affects: Bitdef…
|
CWE-426
Untrusted Search Path
|
CVE-2020-8096
|
2024-11-21 14:38 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196154
|
7.5 |
HIGH
Network
|
st
|
stm32f1_firmware
|
STMicroelectronics STM32F1 devices have Incorrect Access Control.
|
NVD-CWE-noinfo
|
CVE-2020-8004
|
2024-11-21 14:38 |
2020-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196155
|
9.8 |
CRITICAL
Network
|
utils-extend_project
|
utils-extend
|
Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using…
|
CWE-20
Improper Input Validation
|
CVE-2020-8147
|
2024-11-21 14:38 |
2020-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196156
|
6.1 |
MEDIUM
Network
|
revive-adserver
|
revive_adserver
|
An Open Redirect vulnerability was discovered in Revive Adserver version < 5.0.5 and reported by HackerOne user hoangn144. A remote attacker could trick logged-in users to open a specifically crafted…
|
CWE-601
Open Redirect
|
CVE-2020-8143
|
2024-11-21 14:38 |
2020-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196157
|
6.8 |
MEDIUM
Physics
|
revive-adserver
|
revive_adserver
|
A security restriction bypass vulnerability has been discovered in Revive Adserver version < 5.0.5 by HackerOne user hoangn144. Revive Adserver, like many other applications, requires the logged in u…
|
CWE-863
Incorrect Authorization
|
CVE-2020-8142
|
2024-11-21 14:38 |
2020-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196158
|
7.2 |
HIGH
Network
|
tp-link
|
tl-wr841n_firmware
|
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for th…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-8423
|
2024-11-21 14:38 |
2020-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196159
|
6.3 |
MEDIUM
Local
|
opensuse
|
texlive-filesystem
leap
|
A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software …
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2020-8017
|
2024-11-21 14:38 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196160
|
7.0 |
HIGH
Local
|
opensuse
|
texlive-filesystem
|
A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Developme…
|
-
|
CVE-2020-8016
|
2024-11-21 14:38 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
