|
208591
|
7.5 |
HIGH
Network
|
playgroundsessions
|
playground_sessions
|
Playground Sessions v2.5.582 (and earlier) for Windows, stores the user credentials in plain text allowing anyone with access to UserProfiles.sol to extract the email and password.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-24227
|
2024-11-21 14:14 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208592
|
8.8 |
HIGH
Network
|
tp-link
|
tl-wpa4220_firmware
|
httpd on TP-Link TL-WPA4220 devices (versions 2 through 4) allows remote authenticated users to execute arbitrary OS commands by sending crafted POST requests to the endpoint /admin/powerline. Fixed …
|
CWE-78
OS Command
|
CVE-2020-24297
|
2024-11-21 14:14 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208593
|
3.3 |
LOW
Local
|
jetbrains
|
youtrack
|
Sensitive information could be disclosed in the JetBrains YouTrack application before 2020.2.0 for Android via application backups.
|
NVD-CWE-noinfo
|
CVE-2020-24366
|
2024-11-21 14:14 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208594
|
7.8 |
HIGH
Local
|
intel
|
nuc_8_mainstream-g_kit_nuc8i5inh_firmware
nuc_8_mainstream-g_kit_nuc8i7inh_firmware
nuc_8_mainstream-g_mini_pc_nuc8i5inh_firmware
nuc_8_mainstream-g_mini_pc_nuc8i7inh_firmware
nuc_8_pro_b…
|
Insecure inherited permissions in firmware update tool for some Intel(R) NUCs may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-24525
|
2024-11-21 14:14 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208595
|
5.5 |
MEDIUM
Local
|
intel
|
driver_\&_support_assistant
|
Incorrect default permissions in the Intel(R) DSA before version 20.8.30.6 may allow an authenticated user to potentially enable denial of service via local access.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-24460
|
2024-11-21 14:14 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208596
|
7.8 |
HIGH
Local
|
intel
|
board_id_tool
|
Incorrect default permissions in the Intel(R) Board ID Tool version v.1.01 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-24456
|
2024-11-21 14:14 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208597
|
7.5 |
HIGH
Network
|
intel
|
quartus_prime
|
Improper Restriction of XML External Entity Reference in subsystem forIntel(R) Quartus(R) Prime Pro Edition before version 20.3 and Intel(R) Quartus(R) Prime Standard Edition before version 20.2 may …
|
CWE-611
XXE
|
CVE-2020-24454
|
2024-11-21 14:14 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208598
|
6.1 |
MEDIUM
Network
|
adobe
|
connect
|
Adobe Connect version 11.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page,…
|
-
|
CVE-2020-24443
|
2024-11-21 14:14 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208599
|
6.1 |
MEDIUM
Network
|
adobe
|
connect
|
Adobe Connect version 11.0 (and earlier) is affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page,…
|
-
|
CVE-2020-24442
|
2024-11-21 14:14 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208600
|
5.5 |
MEDIUM
Local
|
adobe
|
acrobat_reader
|
Adobe Acrobat Reader for Android version 20.6.2 (and earlier) does not properly restrict access to directories created by the application. This could result in disclosure of sensitive information sto…
|
NVD-CWE-Other
|
CVE-2020-24441
|
2024-11-21 14:14 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
