|
208991
|
7.5 |
HIGH
Network
|
apache
|
traffic_server
|
ATS negative cache option is vulnerable to a cache poisoning attack. If you have this option enabled, please upgrade or disable this feature. Apache Traffic Server versions 7.0.0 to 7.1.11 and 8.0.0 …
|
CWE-444
HTTP Request Smuggling
|
CVE-2020-17509
|
2024-11-21 14:08 |
2021-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208992
|
7.5 |
HIGH
Network
|
apache
|
traffic_server
|
The ATS ESI plugin has a memory disclosure vulnerability. If you are running the plugin please upgrade. Apache Traffic Server versions 7.0.0 to 7.1.11 and 8.0.0 to 8.1.0 are affected.
|
NVD-CWE-noinfo
|
CVE-2020-17508
|
2024-11-21 14:08 |
2021-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208993
|
7.2 |
HIGH
Network
|
barco
|
transform_n
|
The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authentica…
|
CWE-77
Command Injection
|
CVE-2020-17504
|
2024-11-21 14:08 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208994
|
7.2 |
HIGH
Network
|
barco
|
transform_n
|
The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow authenticated users to the administration panel to perform authentica…
|
CWE-77
Command Injection
|
CVE-2020-17503
|
2024-11-21 14:08 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208995
|
7.2 |
HIGH
Network
|
barco
|
transform_n
|
Barco TransForm N before 3.8 allows Command Injection (issue 2 of 4). The NDN-210 has a web administration panel which is made available over https. There is a command injection issue that will allow…
|
CWE-77
Command Injection
|
CVE-2020-17502
|
2024-11-21 14:08 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208996
|
9.8 |
CRITICAL
Network
|
barco
|
transform_n
|
Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows Command Injection (issue 1 of 4). The NDN-210 has a web administration panel which is made available over ht…
|
CWE-77
Command Injection
|
CVE-2020-17500
|
2024-11-21 14:08 |
2021-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208997
|
7.5 |
HIGH
Network
|
apache
|
flink
|
A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the Jo…
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2020-17519
|
2024-11-21 14:08 |
2021-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208998
|
7.5 |
HIGH
Network
|
apache
|
flink
|
Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system, through a maliciously modified HTTP HEADER. The files can be …
|
CWE-22
Path Traversal
|
CVE-2020-17518
|
2024-11-21 14:08 |
2021-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208999
|
8.1 |
HIGH
Network
|
apache
|
accumulo
|
Apache Accumulo versions 1.5.0 through 1.10.0 and version 2.0.0 do not properly check the return value of some policy enforcement functions before permitting an authenticated user to perform certain …
|
-
|
CVE-2020-17533
|
2024-11-21 14:08 |
2020-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209000
|
7.7 |
HIGH
Network
|
apache
|
airflow
|
Incorrect Session Validation in Apache Airflow Webserver versions prior to 1.10.14 with default config allows a malicious airflow user on site A where they log in normally, to access unauthorized Air…
|
NVD-CWE-noinfo
|
CVE-2020-17526
|
2024-11-21 14:08 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
