|
210051
|
7.5 |
HIGH
Network
|
jetbrains
|
pycharm
|
In JetBrains PyCharm 2019.2.5 and 2019.3 on Windows, Apple Notarization Service credentials were included. This is fixed in 2019.2.6 and 2019.3.3.
|
CWE-312
CWE-522
Cleartext Storage of Sensitive Information
Insufficiently Protected Credentials
|
CVE-2020-11694
|
2024-11-21 13:58 |
2020-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210052
|
7.5 |
HIGH
Network
|
wireshark
debian
opensuse
|
wireshark
debian_linux
leap
|
In Wireshark 3.2.0 to 3.2.2, 3.0.0 to 3.0.9, and 2.6.0 to 2.6.15, the BACapp dissector could crash. This was addressed in epan/dissectors/packet-bacapp.c by limiting the amount of recursion.
|
CWE-674
Uncontrolled Recursion
|
CVE-2020-11647
|
2024-11-21 13:58 |
2020-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210053
|
5.5 |
MEDIUM
Local
|
linux
redhat
opensuse
|
linux_kernel
enterprise_linux
leap
|
An issue was discovered in the Linux kernel before 5.2 on the powerpc platform. arch/powerpc/kernel/idle_book3s.S does not have save/restore functionality for PNV_POWERSAVE_AMR, PNV_POWERSAVE_UAMOR, …
|
NVD-CWE-noinfo
|
CVE-2020-11669
|
2024-11-21 13:58 |
2020-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210054
|
7.1 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel before 5.6.1, drivers/media/usb/gspca/xirlink_cit.c (aka the Xirlink camera USB driver) mishandles invalid descriptors, aka CID-a246b4d54770.
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-11668
|
2024-11-21 13:58 |
2020-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210055
|
7.5 |
HIGH
Network
|
castlerock
|
snmpc_online
|
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It includes the username and password values in cleartext within each request's cookie value.
|
CWE-319
CWE-522
Cleartext Transmission of Sensitive Information
Insufficiently Protected Credentials
|
CVE-2020-11557
|
2024-11-21 13:58 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210056
|
5.4 |
MEDIUM
Network
|
castlerock
|
snmpc_online
|
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There are multiple persistent (stored) and reflected XSS vulnerabilities.
|
CWE-79
Cross-site Scripting
|
CVE-2020-11556
|
2024-11-21 13:58 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210057
|
7.5 |
HIGH
Network
|
castlerock
|
snmpc_online
|
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive credential information from backup files.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-11555
|
2024-11-21 13:58 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210058
|
7.5 |
HIGH
Network
|
castlerock
|
snmpc_online
|
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. It allows remote attackers to obtain sensitive information via info.php4.
|
NVD-CWE-noinfo
|
CVE-2020-11554
|
2024-11-21 13:58 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210059
|
8.8 |
HIGH
Network
|
castlerock
|
snmpc_online
|
An issue was discovered in Castle Rock SNMPc Online 12.10.10 before 2020-01-28. There is pervasive CSRF.
|
CWE-352
Origin Validation Error
|
CVE-2020-11553
|
2024-11-21 13:58 |
2020-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210060
|
4.8 |
MEDIUM
Network
|
netgear
|
d7800_firmware
r7500_firmware
r7800_firmware
r8900_firmware
r9000_firmware
rax120_firmware
xr500_firmware
xr700_firmware
rbr20_firmware
rbs20_firmware
rbk20_firmware
…
|
Certain NETGEAR devices are affected by stored XSS. This affects D7800 before 1.0.1.56, R7500v2 before 1.0.3.46, R7800 before 1.0.2.68, R8900 before 1.0.4.28, R9000 before 1.0.4.28, RAX120 before 1.0…
|
CWE-79
Cross-site Scripting
|
CVE-2020-11775
|
2024-11-21 13:58 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
