|
196081
|
7.8 |
HIGH
Local
|
oneidentity
|
syslog-ng
|
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of syslog-ng of SUSE Linux Enterprise Debuginfo 11-SP3, SUSE Linux Enterprise Debuginfo 11-SP4, SUSE Linux Enterprise Module fo…
|
-
|
CVE-2020-8019
|
2024-11-21 14:38 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196082
|
7.8 |
HIGH
Local
|
opensuse
|
leap
tumbleweed_kopano-spamd
|
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of kopano-spamd of openSUSE Leap 15.1, openSUSE Tumbleweed allowed local attackers with the privileges of the kopano user to es…
|
-
|
CVE-2020-8014
|
2024-11-21 14:38 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196083
|
5.3 |
MEDIUM
Local
|
opensuse
|
hylafax\+
|
A Incorrect Default Permissions vulnerability in the packaging of hylafax+ of openSUSE Leap 15.2, openSUSE Leap 15.1, openSUSE Factory allows local attackers to escalate from user uucp to users calli…
|
-
|
CVE-2020-8024
|
2024-11-21 14:38 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196084
|
7.8 |
HIGH
Local
|
apache
opensuse
|
tomcat
leap
|
A Incorrect Default Permissions vulnerability in the packaging of tomcat on SUSE Enterprise Storage 5, SUSE Linux Enterprise Server 12-SP2-BCL, SUSE Linux Enterprise Server 12-SP2-LTSS, SUSE Linux En…
|
-
|
CVE-2020-8022
|
2024-11-21 14:38 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196085
|
8.8 |
HIGH
Network
|
bitdefender
|
total_security_2020
|
Improper Input Validation vulnerability in the Safepay browser component of Bitdefender Total Security 2020 allows an external, specially crafted web page to run remote commands inside the Safepay Ut…
|
CWE-20
Improper Input Validation
|
CVE-2020-8102
|
2024-11-21 14:38 |
2020-06-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196086
|
6.5 |
MEDIUM
Network
|
rubyonrails
debian
|
rails
debian_linux
|
A CSRF vulnerability exists in rails <= 6.0.3 rails-ujs module that could allow attackers to send CSRF tokens to wrong domains.
|
CWE-352
Origin Validation Error
|
CVE-2020-8167
|
2024-11-21 14:38 |
2020-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196087
|
9.8 |
CRITICAL
Network
|
rubyonrails
debian
opensuse
|
rails
debian_linux
leap
|
A deserialization of untrusted data vulnernerability exists in rails < 5.2.4.3, rails < 6.0.3.1 that can allow an attacker to unmarshal user-provided objects in MemCacheStore and RedisCacheStore pote…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-8165
|
2024-11-21 14:38 |
2020-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196088
|
7.5 |
HIGH
Network
|
rack_project
debian
canonical
|
rack
debian_linux
ubuntu_linux
|
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie pr…
|
CWE-20
Improper Input Validation
|
CVE-2020-8184
|
2024-11-21 14:38 |
2020-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196089
|
7.5 |
HIGH
Network
|
rubyonrails
debian
opensuse
|
rails
debian_linux
leap
backports_sle
|
A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-8164
|
2024-11-21 14:38 |
2020-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196090
|
7.5 |
HIGH
Network
|
rubyonrails
debian
|
rails
debian_linux
|
A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be m…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-8162
|
2024-11-21 14:38 |
2020-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
