|
196161
|
8.8 |
HIGH
Network
|
mastersoft
|
zook
|
An improper input validation vulnerability of ZOOK software (remote administration tool) could allow a remote attacker to create arbitrary file. The ZOOK viewer has the "Tight file CMD" function to c…
|
CWE-20
Improper Input Validation
|
CVE-2020-7869
|
2024-11-21 14:37 |
2021-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196162
|
9.8 |
CRITICAL
Network
|
helpu
|
helpu
|
A remote code execution vulnerability exists in helpUS(remote administration tool) due to improper validation of parameter of ShellExecutionExA function used for login.
|
NVD-CWE-Other
|
CVE-2020-7868
|
2024-11-21 14:37 |
2021-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196163
|
9.8 |
CRITICAL
Network
|
cnesty
|
helpcom
|
A vulnerability of Helpcom could allow an unauthenticated attacker to execute arbitrary command. This vulnerability exists due to insufficient validation of the parameter. This issue affects: Cnesty …
|
CWE-20
Improper Input Validation
|
CVE-2020-7871
|
2024-11-21 14:37 |
2021-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196164
|
8.8 |
HIGH
Network
|
helpu
|
helpuviewer
helpuserver
helpuftclient
helpuftserver
|
A vulnerability in agent program of HelpU remote control solution could allow an authenticated remote attacker to execute arbitrary commands This vulnerability is due to insufficient input santizatio…
|
CWE-20
Improper Input Validation
|
CVE-2020-7862
|
2024-11-21 14:37 |
2021-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196165
|
9.8 |
CRITICAL
Network
|
dext5
|
dext5_editor
|
Parameter manipulation can bypass authentication to cause file upload and execution. This will execute the remote code. This issue affects: Raonwiz DEXT5Editor versions prior to 3.5.1405747.1100.03.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-7864
|
2024-11-21 14:37 |
2021-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196166
|
7.8 |
HIGH
Local
|
unegg_project
|
unegg
|
UnEGG v0.5 and eariler versions have a Integer overflow vulnerability, triggered when the user opens a malformed specific file that is mishandled by UnEGG. Attackers could exploit this and arbitrary …
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-7860
|
2024-11-21 14:37 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196167
|
7.5 |
HIGH
Network
|
freebsd
netapp
|
freebsd
clustered_data_ontap
|
In FreeBSD 12.2-STABLE before r367402, 11.4-STABLE before r368202, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 the handler for a routing option caches a pointer into th…
|
CWE-416
Use After Free
|
CVE-2020-7469
|
2024-11-21 14:37 |
2021-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196168
|
7.5 |
HIGH
Network
|
gosaml2_project
|
gosaml2
|
This affects all versions <0.7.0 of package github.com/russellhaering/gosaml2. There is a crash on nil-pointer dereference caused by sending malformed XML signatures.
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-7731
|
2024-11-21 14:37 |
2021-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196169
|
8.8 |
HIGH
Network
|
rapid7
|
metasploit
|
By launching the drb_remote_codeexec exploit, a Metasploit Framework user will inadvertently expose Metasploit to the same deserialization issue that is exploited by that module, due to the reliance …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-7385
|
2024-11-21 14:37 |
2021-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196170
|
9.8 |
CRITICAL
Network
|
anysupport
|
anysupport
|
AnySupport (Remote support solution) before 2019.3.21.0 allows directory traversing because of swprintf function to copy file from a management PC to a client PC. This can be lead to arbitrary file e…
|
CWE-22
Path Traversal
|
CVE-2020-7861
|
2024-11-21 14:37 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
