|
196781
|
7.8 |
HIGH
Local
|
dell
|
os_recovery_image_for_microsoft_windows_10
|
Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user wi…
|
CWE-863
Incorrect Authorization
|
CVE-2020-5343
|
2024-11-21 14:33 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196782
|
6.1 |
MEDIUM
Network
|
rsa
|
archer
|
RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect application users t…
|
CWE-601
Open Redirect
|
CVE-2020-5337
|
2024-11-21 14:33 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196783
|
6.1 |
MEDIUM
Network
|
rsa
|
archer
|
RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL injection vulnerability. An unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user t…
|
CWE-74
Injection
|
CVE-2020-5336
|
2024-11-21 14:33 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196784
|
8.8 |
HIGH
Network
|
rsa
|
archer
|
RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a cross-site request forgery vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim…
|
CWE-352
Origin Validation Error
|
CVE-2020-5335
|
2024-11-21 14:33 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196785
|
6.1 |
MEDIUM
Network
|
rsa
|
archer
|
RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contains a Document Object Model (DOM) based cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulne…
|
CWE-79
Cross-site Scripting
|
CVE-2020-5334
|
2024-11-21 14:33 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196786
|
4.3 |
MEDIUM
Network
|
rsa
|
archer
|
RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerabilit…
|
CWE-863
Incorrect Authorization
|
CVE-2020-5333
|
2024-11-21 14:33 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196787
|
7.2 |
HIGH
Network
|
rsa
|
archer
|
RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain a command injection vulnerability. AN authenticated malicious user with administrator privileges could potentially exploit this vulnerability t…
|
CWE-78
OS Command
|
CVE-2020-5332
|
2024-11-21 14:33 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196788
|
5.5 |
MEDIUM
Local
|
rsa
|
archer
|
RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an information exposure vulnerability. Users’ session information could potentially be stored in cache or log files. An authenticated malicious…
|
CWE-200
Information Exposure
|
CVE-2020-5331
|
2024-11-21 14:33 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196789
|
3.1 |
LOW
Network
|
simplesamlphp
|
simplesamlphp
|
SimpleSAMLphp versions before 1.18.6 contain an information disclosure vulnerability. The module controller in `SimpleSAML\Module` that processes requests for pages hosted by modules, has code to ide…
|
CWE-178
Improper Handling of Case Sensitivity
|
CVE-2020-5301
|
2024-11-21 14:33 |
2020-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196790
|
7.3 |
HIGH
Network
|
sustainsys
|
saml2
|
In Saml2 Authentication Services for ASP.NET versions before 1.0.2, and between 2.0.0 and 2.6.0, there is a vulnerability in how tokens are validated in some cases. Saml2 tokens are usually used as b…
|
CWE-287
Improper Authentication
|
CVE-2020-5268
|
2024-11-21 14:33 |
2020-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
