|
198771
|
5.4 |
MEDIUM
Network
|
dell
|
unisphere
powermax_os
|
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scri…
|
CWE-79
Cross-site Scripting
|
CVE-2020-35170
|
2024-11-21 14:26 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198772
|
9.8 |
CRITICAL
Network
|
amaze_file_manager_project
|
amaze_file_manager
|
The Amaze File Manager application before 3.4.2 for Android does not properly restrict intents for controlling the FTP server (aka services.ftpservice.FTPReceiver.ACTION_START_FTPSERVER and services.…
|
NVD-CWE-noinfo
|
CVE-2020-35173
|
2024-11-21 14:26 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198773
|
7.2 |
HIGH
Network
|
dolibarr
|
dolibarr_erp\/crm
|
Dolibarr 12.0.3 is vulnerable to authenticated Remote Code Execution. An attacker who has the access the admin dashboard can manipulate the backup function by inserting a payload into the filename fo…
|
CWE-88
Argument Injection
|
CVE-2020-35136
|
2024-11-21 14:26 |
2020-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198774
|
8.8 |
HIGH
Network
|
phpgurukul
|
online_marriage_registration_system
|
The Online Marriage Registration System 1.0 post parameter "searchdata" in the user/search.php request is vulnerable to Time Based Sql Injection.
|
CWE-89
SQL Injection
|
CVE-2020-35151
|
2024-11-21 14:26 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198775
|
5.3 |
MEDIUM
Network
|
hashicorp
|
vault
|
HashiCorp Vault and Vault Enterprise 1.4.1 and newer allowed the enumeration of users via the LDAP auth method. Fixed in 1.5.6 and 1.6.1.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-35177
|
2024-11-21 14:26 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198776
|
6.5 |
MEDIUM
Network
|
zimbra
|
collaboration
|
In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has…
|
CWE-611
XXE
|
CVE-2020-35123
|
2024-11-21 14:26 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198777
|
9.8 |
CRITICAL
Network
|
docker
|
memcached_docker_image
|
The official memcached docker images before 1.5.11-alpine (Alpine specific) contain a blank password for a root user. System using the memcached docker container deployed by affected versions of the …
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-35197
|
2024-11-21 14:26 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198778
|
9.8 |
CRITICAL
Network
|
docker
|
rabbitmq_docker_image
|
The official rabbitmq docker images before 3.7.13-beta.1-management-alpine (Alpine specific) contain a blank password for a root user. System using the rabbitmq docker container deployed by affected …
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-35196
|
2024-11-21 14:26 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198779
|
9.8 |
CRITICAL
Network
|
docker
|
haproxy_docker_image
|
The official haproxy docker images before 1.8.18-alpine (Alpine specific) contain a blank password for a root user. System using the haproxy docker container deployed by affected versions of the dock…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-35195
|
2024-11-21 14:26 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198780
|
9.8 |
CRITICAL
Network
|
hashicorp
|
vault
|
The official vault docker images before 0.11.6 contain a blank password for a root user. System using the vault docker container deployed by affected versions of the docker image may allow a remote a…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-35192
|
2024-11-21 14:26 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
