|
200171
|
7.8 |
HIGH
Local
|
siemens
|
solid_edge
|
A vulnerability has been identified in Solid Edge SE2020 (All versions < SE2020MP13), Solid Edge SE2021 (All Versions < SE2021MP4). Affected applications lack proper validation of user-supplied data …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-28385
|
2024-11-21 14:22 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200172
|
6.1 |
MEDIUM
Network
|
inetsoftware
|
i-net_clear_reports
|
I-Net Software Clear Reports 20.10.136 web application accepts a user-controlled input that specifies a link to an external site, and uses the user supplied data in a Redirect.
|
CWE-601
Open Redirect
|
CVE-2020-28150
|
2024-11-21 14:22 |
2021-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200173
|
7.5 |
HIGH
Network
|
nats
|
nats_server
|
This affects all versions of package github.com/nats-io/nats-server/server. Untrusted accounts are able to crash the server using configs that represent a service export/import cycles. Disclaimer fro…
|
NVD-CWE-noinfo
|
CVE-2020-28466
|
2024-11-21 14:22 |
2021-03-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200174
|
8.1 |
HIGH
Network
|
xmlhttprequest_project
|
xmlhttprequest
|
This affects the package xmlhttprequest before 1.7.0; all versions of package xmlhttprequest-ssl. Provided requests are sent synchronously (async=False on xhr.open), malicious user input flowing into…
|
CWE-94
Code Injection
|
CVE-2020-28502
|
2024-11-21 14:22 |
2021-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200175
|
9.1 |
CRITICAL
Network
|
zohocorp
|
manageengine_desktop_central
|
Zoho ManageEngine Desktop Central before build 10.0.647 allows a single authentication secret from multiple agents to communicate with the server.
|
CWE-287
Improper Authentication
|
CVE-2020-28050
|
2024-11-21 14:22 |
2021-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200176
|
9.8 |
CRITICAL
Network
|
cgal
fedoraproject
debian
|
computational_geometry_algorithms_library
fedora
debian_linux
|
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of…
|
-
|
CVE-2020-28601
|
2024-11-21 14:22 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200177
|
7.5 |
HIGH
Network
|
epignosishq
|
efront
|
A predictable seed vulnerability exists in the password reset functionality of Epignosis EfrontPro 5.2.21. By predicting the seed it is possible to generate the correct password reset 1-time token. A…
|
CWE-335
Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG)
|
CVE-2020-28597
|
2024-11-21 14:22 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200178
|
6.5 |
MEDIUM
Network
|
slic3r
fedoraproject
|
libslic3r
fedora
|
An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::endElement() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted AMF file can lead to …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-28591
|
2024-11-21 14:22 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200179
|
7.8 |
HIGH
Local
|
saltstack
fedoraproject
debian
|
salt
fedora
debian_linux
|
An issue was discovered in SaltStack Salt before 3002.5. The minion's restartcheck is vulnerable to command injection via a crafted process name. This allows for a local privilege escalation by any u…
|
CWE-77
Command Injection
|
CVE-2020-28243
|
2024-11-21 14:22 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200180
|
9.1 |
CRITICAL
Network
|
bestit
|
amazon_pay
|
best it Amazon Pay Plugin before 9.4.2 for Shopware exposes Sensitive Information to an Unauthorized Actor.
|
CWE-200
Information Exposure
|
CVE-2020-28199
|
2024-11-21 14:22 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
