|
196571
|
6.1 |
MEDIUM
Network
|
zenphoto
|
zenphoto
|
Cross-site scripting vulnerability in Zenphoto versions prior to 1.5.7 allows remote attackers to inject an arbitrary JavaScript via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2020-5592
|
2024-11-21 14:34 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196572
|
6.7 |
MEDIUM
Local
|
dell
|
latitude_5300_firmware
latitude_5300_2-in-1_firmware
latitude_5400_firmware
latitude_5401_firmware
latitude_5500_firmware
latitude_5501_firmware
latitude_7200_2_in_1_firmware
lat…
|
Select Dell Client Consumer and Commercial platforms include an issue that allows the BIOS Admin password to be changed through Dell's manageability interface without knowledge of the current BIOS Ad…
|
NVD-CWE-Other
|
CVE-2020-5363
|
2024-11-21 14:34 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196573
|
8.8 |
HIGH
Adjacent
|
sony
|
wf-1000x_firmware
wf-sp700n_firmware
wh-1000xm2_firmware
wh-1000xm3_firmware
wh-ch700n_firmware
wh-h900n_firmware
wh-xb700_firmware
wh-xb900n_firmware
wi-1000x_firmware
wi-…
|
SONY Wireless Headphones WF-1000X, WF-SP700N, WH-1000XM2, WH-1000XM3, WH-CH700N, WH-H900N, WH-XB700, WH-XB900N, WI-1000X, WI-C600N and WI-SP600N with firmware versions prior to 4.5.2 have vulnerabili…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-5589
|
2024-11-21 14:34 |
2020-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196574
|
7.5 |
HIGH
Network
|
xack
|
xack_dns
|
XACK DNS 1.11.0 to 1.11.4, 1.10.0 to 1.10.8, 1.8.0 to 1.8.23, 1.7.0 to 1.7.18, and versions before 1.7.0 allow remote attackers to cause a denial of service condition resulting in degradation of the …
|
CWE-674
Uncontrolled Recursion
|
CVE-2020-5591
|
2024-11-21 14:34 |
2020-06-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196575
|
7.5 |
HIGH
Network
|
vmware
|
spring_cloud_config
|
Spring Cloud Config, versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-co…
|
CWE-22
Path Traversal
|
CVE-2020-5410
|
2024-11-21 14:34 |
2020-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196576
|
4.6 |
MEDIUM
Physics
|
cybozu
|
kintone
|
Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2020-5573
|
2024-11-21 14:34 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196577
|
4.6 |
MEDIUM
Physics
|
cybozu
|
mailwise
|
Android App 'Mailwise for Android' 1.0.0 to 1.0.1 allows an attacker to obtain credential information registered in the product via unspecified vectors.
|
CWE-200
Information Exposure
|
CVE-2020-5572
|
2024-11-21 14:34 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196578
|
9.8 |
CRITICAL
Network
|
cybozu
|
desktop
|
Cybozu Desktop for Windows 2.0.23 to 2.2.40 allows remote code execution via unspecified vectors.
|
CWE-20
Improper Input Validation
|
CVE-2020-5537
|
2024-11-21 14:34 |
2020-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196579
|
7.8 |
HIGH
Local
|
druva
|
insync_client
|
Relative path traversal in Druva inSync Windows Client 6.6.3 allows a local, unauthenticated attacker to execute arbitrary operating system commands with SYSTEM privileges.
|
CWE-22
Path Traversal
|
CVE-2020-5752
|
2024-11-21 14:34 |
2020-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196580
|
7.5 |
HIGH
Network
|
dell
|
emc_isilon_onefs
|
Dell EMC Isilon versions 8.2.2 and earlier contain a remotesupport vulnerability. The pre-configured support account, remotesupport, is bundled in the Dell EMC Isilon OneFS installation. This account…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2020-5365
|
2024-11-21 14:34 |
2020-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
