|
209641
|
5.3 |
MEDIUM
Network
|
philips
|
dreammapper
|
Philips DreamMapper, Version 2.24 and prior. Information written to log files can give guidance to a potential attacker.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-14518
|
2024-11-21 14:03 |
2020-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209642
|
7.8 |
HIGH
Local
|
linux
redhat
opensuse
debian
canonical
netapp
|
linux_kernel
enterprise_linux
leap
debian_linux
ubuntu_linux
cloud_backup
solidfire
hci_management_node
active_iq_unified_manager
solidfire_baseboard_management_controller_…
|
A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or e…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-14356
|
2024-11-21 14:03 |
2020-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209643
|
6.1 |
MEDIUM
Network
|
ovirt
|
ovirt-engine
|
A flaw was found in Ovirt Engine's web interface in ovirt 4.4 and earlier, where it did not filter user-controllable parameters completely, resulting in a reflected cross-site scripting attack. This …
|
-
|
CVE-2020-14333
|
2024-11-21 14:03 |
2020-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209644
|
4.3 |
MEDIUM
Adjacent
|
tridium
|
niagara_enterprise_security
niagara
|
A timeout during a TLS handshake can result in the connection failing to terminate. This can result in a Niagara thread hanging and requires a manual restart of Niagara (Versions 4.6.96.28, 4.7.109.2…
|
NVD-CWE-Other
|
CVE-2020-14483
|
2024-11-21 14:03 |
2020-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209645
|
9.1 |
CRITICAL
Network
|
redhat
|
cloudforms_management_engine
|
A high severity vulnerability was found in all active versions of Red Hat CloudForms before 5.11.7.0. The out of band OS command injection vulnerability can be exploited by authenticated attacker whi…
|
CWE-78
OS Command
|
CVE-2020-14324
|
2024-11-21 14:03 |
2020-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209646
|
9.1 |
CRITICAL
Network
|
redhat
|
cloudforms
|
Red Hat CloudForms before 5.11.7.0 was vulnerable to the User Impersonation authorization flaw which allows malicious attacker to create existent and non-existent role-based access control user, with…
|
NVD-CWE-noinfo
|
CVE-2020-14325
|
2024-11-21 14:03 |
2020-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209647
|
5.5 |
MEDIUM
Local
|
x.org
debian
canonical
|
xorg-server
debian_linux
ubuntu_linux
|
A flaw was found in the way xserver memory was not properly initialized. This could leak parts of server memory to the X client. In cases where Xorg server runs with elevated privileges, this could r…
|
-
|
CVE-2020-14347
|
2024-11-21 14:03 |
2020-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209648
|
6.7 |
MEDIUM
Local
|
x.org
fedoraproject
canonical
opensuse
|
libx11
fedora
ubuntu_linux
leap
|
An integer overflow leading to a heap-buffer overflow was found in The X Input Method (XIM) client was implemented in libX11 before version 1.6.10. As per upstream this is security relevant when setu…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-14344
|
2024-11-21 14:03 |
2020-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209649
|
5.9 |
MEDIUM
Network
|
redhat
|
enmasse
amq_online
|
It was found that the AMQ Online console is vulnerable to a Cross-Site Request Forgery (CSRF) which is exploitable in cases where preflight checks are not instigated or bypassed. For example authoris…
|
CWE-352
Origin Validation Error
|
CVE-2020-14319
|
2024-11-21 14:03 |
2020-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209650
|
7.5 |
HIGH
Network
|
inductiveautomation
|
ignition_gateway
|
The affected product is vulnerable to an information leak, which may allow an attacker to obtain sensitive information on the Ignition 8 (all versions prior to 8.0.13).
|
CWE-862
Missing Authorization
|
CVE-2020-14520
|
2024-11-21 14:03 |
2020-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
