|
209501
|
4.3 |
MEDIUM
Network
|
atlassian
|
jira_service_desk
|
Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Informa…
|
NVD-CWE-noinfo
|
CVE-2020-14180
|
2024-11-21 14:02 |
2020-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209502
|
5.3 |
MEDIUM
Network
|
atlassian
|
jira_server
jira_data_center
|
Affected versions of Atlassian Jira Server and Data Center allow remote, unauthenticated attackers to view custom field names and custom SLA names via an Information Disclosure vulnerability in the /…
|
NVD-CWE-noinfo
|
CVE-2020-14179
|
2024-11-21 14:02 |
2020-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209503
|
6.5 |
MEDIUM
Network
|
atlassian
|
jira_server
|
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to impact the application's availability via a Regex-based Denial of Service (DoS) vulnerability in JQL version searc…
|
NVD-CWE-noinfo
|
CVE-2020-14177
|
2024-11-21 14:02 |
2020-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209504
|
7.5 |
HIGH
Network
|
ozeki
|
ozeki_ng_sms_gateway
|
An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The RSS To SMS module processes XML files in an unsafe manner. This opens the application to an XML External Entity attack that can be …
|
CWE-611
XXE
|
CVE-2020-14029
|
2024-11-21 14:02 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209505
|
4.9 |
MEDIUM
Network
|
ozeki
|
ozeki_ng_sms_gateway
|
An issue was discovered in Ozeki NG SMS Gateway through 4.17.6. The ASP.net SMS module can be used to read and validate the source code of ASP files. By altering the path, it can be made to read any …
|
NVD-CWE-noinfo
|
CVE-2020-14021
|
2024-11-21 14:02 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209506
|
6.1 |
MEDIUM
Network
|
apache
|
airflow
|
In Apache Airflow < 1.10.12, the "origin" parameter passed to some of the endpoints like '/trigger' was vulnerable to XSS exploit.
|
CWE-79
Cross-site Scripting
|
CVE-2020-13944
|
2024-11-21 14:02 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209507
|
5.3 |
MEDIUM
Network
|
atlassian
|
jira
data_center
jira_server
|
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affect…
|
CWE-200
Information Exposure
|
CVE-2020-14181
|
2024-11-21 14:02 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209508
|
8.8 |
HIGH
Network
|
apache
|
superset
|
While investigating a bug report on Apache Superset, it was determined that an authenticated user could craft requests via a number of templated text fields in the product that would allow arbitrary …
|
NVD-CWE-noinfo
|
CVE-2020-13948
|
2024-11-21 14:02 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209509
|
8.8 |
HIGH
Network
|
istio-operator_project
|
istio-operator
|
An incorrect access control flaw was found in the operator, openshift-service-mesh/istio-rhel8-operator all versions through 1.1.3. This flaw allows an attacker with a basic level of access to the cl…
|
CWE-862
Missing Authorization
|
CVE-2020-14306
|
2024-11-21 14:02 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209510
|
6.1 |
MEDIUM
Network
|
apache
|
atlas
|
Apache Atlas before 2.1.0 contain a XSS vulnerability. While saving search or rendering elements values are not sanitized correctly and because of that it triggers the XSS vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2020-13928
|
2024-11-21 14:02 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
