|
196761
|
5.5 |
MEDIUM
Local
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.6 agent files, in non-default configurations, on Windows are assigned access to everyone with full control permissions, which could allow a local user to…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-4631
|
2024-11-21 14:33 |
2020-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196762
|
5.4 |
MEDIUM
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0.0 through 2.0.9.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended f…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4645
|
2024-11-21 14:33 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196763
|
5.4 |
MEDIUM
Network
|
ibm
|
planning_analytics_local
|
IBM Planning Analytics Local 2.0.0 through 2.0.9.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker c…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2020-4644
|
2024-11-21 14:33 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196764
|
7.8 |
HIGH
Local
|
sonicwall
|
netextender
|
SonicWall NetExtender Windows client vulnerable to arbitrary file write vulnerability, this allows attacker to overwrite a DLL and execute code with the same privilege in the host operating system. T…
|
CWE-20
Improper Input Validation
|
CVE-2020-5131
|
2024-11-21 14:33 |
2020-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196765
|
5.3 |
MEDIUM
Network
|
sonicwall
|
sonicos
|
SonicOS SSLVPN LDAP login request allows remote attackers to cause external service interaction (DNS) due to improper validation of the request. This vulnerability impact SonicOS version 6.5.4.4-44n …
|
CWE-20
Improper Input Validation
|
CVE-2020-5130
|
2024-11-21 14:33 |
2020-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196766
|
6.5 |
MEDIUM
Network
|
traccar
|
traccar
|
Traccar GPS Tracking System before version 4.9 has a LDAP injection vulnerability. It occurs when user input is being used in LDAP search filter. By providing specially crafted input, an attacker can…
|
CWE-74
Injection
|
CVE-2020-5246
|
2024-11-21 14:33 |
2020-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196767
|
6.5 |
MEDIUM
Network
|
dell
|
powerprotect_data_manager
powerprotect_x400_firmware
|
Dell PowerProtect Data Manager (PPDM) versions prior to 19.4 and Dell PowerProtect X400 versions prior to 3.2 contain an improper authorization vulnerability. A remote authenticated malicious user ma…
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2020-5356
|
2024-11-21 14:33 |
2020-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196768
|
8.8 |
HIGH
Network
|
dell
|
emc_data_protection_advisor
|
Dell EMC Data Protection Advisor 6.4, 6.5 and 18.1 contain an OS command injection vulnerability. A remote authenticated malicious user may exploit this vulnerability to execute arbitrary commands on…
|
CWE-78
OS Command
|
CVE-2020-5352
|
2024-11-21 14:33 |
2020-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196769
|
6.5 |
MEDIUM
Network
|
github_flavored_markdown_project
fedoraproject
|
github_flavored_markdown
fedora
|
The table extension in GitHub Flavored Markdown before version 0.29.0.gfm.1 takes O(n * n) time to parse certain inputs. An attacker could craft a markdown table which would take an unreasonably long…
|
-
|
CVE-2020-5238
|
2024-11-21 14:33 |
2020-07-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196770
|
5.4 |
MEDIUM
Network
|
dell
|
powermax_os
emc_unisphere_for_powermax_virtual_appliance
emc_unisphere_for_powermax
|
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.17, Dell EMC Unisphere for PowerMax Virtual Appliance versions prior to 9.1.0.17, and PowerMax OS Release 5978 contain an authorization bypass …
|
CWE-862
Missing Authorization
|
CVE-2020-5345
|
2024-11-21 14:33 |
2020-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
