|
199251
|
4.4 |
MEDIUM
Local
|
opcfoundation
|
ua-.netstandard
|
A Privilege Elevation vulnerability in OPC UA .NET Standard Stack 1.4.363.107 could allow a rogue application to establish a secure connection.
|
CWE-295
Improper Certificate Validation
|
CVE-2020-29457
|
2024-11-21 14:24 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199252
|
4.3 |
MEDIUM
Network
|
atlassian
|
jira
data_center
jira_server
|
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to enumerate Jira projects via an Information Disclosure vulnerability in the Jira Projects plugin report page. The a…
|
NVD-CWE-noinfo
|
CVE-2020-29451
|
2024-11-21 14:24 |
2021-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199253
|
5.3 |
MEDIUM
Network
|
jetbrains
oracle
|
kotlin
communications_cloud_native_core_network_slice_selection_function
communications_cloud_native_core_policy
communications_cloud_native_core_service_communication_proxy
|
In JetBrains Kotlin before 1.4.21, a vulnerable Java API was used for temporary file and folder creation. An attacker was able to read data from such files and list directories due to insecure permis…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-29582
|
2024-11-21 14:24 |
2021-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199254
|
5.3 |
MEDIUM
Network
|
linuxfoundation
|
harbor
|
In Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2 the catalog’s registry API is exposed on an unauthenticated path.
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-29662
|
2024-11-21 14:24 |
2021-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199255
|
9.8 |
CRITICAL
Network
|
dlink
|
dir-825_r1_firmware
|
An issue was discovered on D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20. A buffer overflow in the web interface allows attackers to achieve pre-authentication remote code execution.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2020-29557
|
2024-11-21 14:24 |
2021-01-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199256
|
4.3 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
An issue was discovered in MantisBT before 2.24.4. Due to insufficient access-level checks, any logged-in user allowed to perform Group Actions can get access to the Summary fields of private Issues …
|
CWE-863
Incorrect Authorization
|
CVE-2020-29605
|
2024-11-21 14:24 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199257
|
6.5 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
An issue was discovered in MantisBT before 2.24.4. A missing access check in bug_actiongroup.php allows an attacker (with rights to create new issues) to use the COPY group action to create a clone, …
|
CWE-862
Missing Authorization
|
CVE-2020-29604
|
2024-11-21 14:24 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199258
|
4.3 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
In manage_proj_edit_page.php in MantisBT before 2.24.4, any unprivileged logged-in user can retrieve Private Projects' names via the manage_proj_edit_page.php project_id parameter, without having acc…
|
CWE-922
Insecure Storage of Sensitive Information
|
CVE-2020-29603
|
2024-11-21 14:24 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199259
|
4.9 |
MEDIUM
Network
|
rsa
|
archer
|
Archer before 6.9 P1 (6.9.0.1) contains an improper access control vulnerability in an API. A remote authenticated malicious administrative user can potentially exploit this vulnerability to gather i…
|
NVD-CWE-noinfo
|
CVE-2020-29538
|
2024-11-21 14:24 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199260
|
5.4 |
MEDIUM
Network
|
rsa
|
archer
|
Archer before 6.8 P2 (6.8.0.2) is affected by an open redirect vulnerability. A remote privileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attack…
|
CWE-601
Open Redirect
|
CVE-2020-29537
|
2024-11-21 14:24 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
