|
196031
|
6.1 |
MEDIUM
Network
|
citrix
|
xenmobile_server
|
Improper input validation in Citrix XenMobile Server 10.12 before RP1, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.11 before RP6 and Citrix XenMobile Server before 10.9 RP5 a…
|
CWE-79
Cross-site Scripting
|
CVE-2020-8208
|
2024-11-21 14:38 |
2020-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196032
|
5.5 |
MEDIUM
Local
|
nextcloud
|
desktop
|
A memory leak in the OCUtil.dll library used by Nextcloud Desktop Client 2.6.4 can lead to a DoS against the host system.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-8229
|
2024-11-21 14:38 |
2020-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196033
|
7.8 |
HIGH
Local
|
nextcloud
|
desktop
|
A code injection in Nextcloud Desktop Client 2.6.4 allowed to load arbitrary code when placing a malicious OpenSSL config into a fixed directory.
|
CWE-94
Code Injection
|
CVE-2020-8224
|
2024-11-21 14:38 |
2020-08-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196034
|
7.8 |
HIGH
Local
|
opensuse
|
leap
backports_sle
tumbleweed
|
A Incorrect Default Permissions vulnerability in the packaging of inn in openSUSE Leap 15.2, openSUSE Tumbleweed, openSUSE Leap 15.1 allows local attackers with control of the new user to escalate th…
|
-
|
CVE-2020-8026
|
2024-11-21 14:38 |
2020-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196035
|
9.3 |
CRITICAL
Local
|
suse
|
linux_enterprise_server
linux_enterprise_software_development_kit
linux_enterprise_high_performance_computing
|
A Incorrect Execution-Assigned Permissions vulnerability in the permissions package of SUSE Linux Enterprise Server 12-SP4, SUSE Linux Enterprise Server 15-LTSS, SUSE Linux Enterprise Server for SAP …
|
-
|
CVE-2020-8025
|
2024-11-21 14:38 |
2020-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196036
|
8.8 |
HIGH
Local
|
bitdefender
|
endpoint_security
|
Improper Authentication vulnerability in Bitdefender Endpoint Security for Mac allows an unprivileged process to restart the main service and potentially inject third-party code into a trusted proces…
|
CWE-287
Improper Authentication
|
CVE-2020-8108
|
2024-11-21 14:38 |
2020-08-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196037
|
6.8 |
MEDIUM
Network
|
pulsesecure
ivanti
|
pulse_connect_secure
connect_secure
pulse_policy_secure
policy_secure
|
A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 that allowed an authenticated attacker via the administrator web interface to perform an arbitrary file reading vulnerability thro…
|
CWE-22
Path Traversal
|
CVE-2020-8222
|
2024-11-21 14:38 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196038
|
4.9 |
MEDIUM
Network
|
pulsesecure
ivanti
|
pulse_connect_secure
connect_secure
pulse_policy_secure
policy_secure
|
A path traversal vulnerability exists in Pulse Connect Secure <9.1R8 which allows an authenticated attacker to read arbitrary files via the administrator web interface.
|
CWE-22
Path Traversal
|
CVE-2020-8221
|
2024-11-21 14:38 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196039
|
6.5 |
MEDIUM
Network
|
pulsesecure
ivanti
|
pulse_connect_secure
connect_secure
pulse_policy_secure
policy_secure
|
A denial of service vulnerability exists in Pulse Connect Secure <9.1R8 that allows an authenticated attacker to perform command injection via the administrator web which can cause DOS.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-8220
|
2024-11-21 14:38 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196040
|
7.2 |
HIGH
Network
|
pulsesecure
ivanti
|
pulse_connect_secure
connect_secure
pulse_policy_secure
policy_secure
|
An insufficient permission check vulnerability exists in Pulse Connect Secure <9.1R8 that allows an attacker to change the password of a full administrator.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-8219
|
2024-11-21 14:38 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
