|
201781
|
5.3 |
MEDIUM
Network
|
cisco
|
application_policy_infrastructure_controller
|
A vulnerability in the out of band (OOB) management interface IP table rule programming for Cisco Application Policy Infrastructure Controller (APIC) could allow an unauthenticated, remote attacker t…
|
CWE-20
Improper Input Validation
|
CVE-2020-3139
|
2024-11-21 14:30 |
2020-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201782
|
6.1 |
MEDIUM
Network
|
cisco
|
jabber_guest
|
A vulnerability in the web-based management interface of Cisco Jabber Guest could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-ba…
|
CWE-79
Cross-site Scripting
|
CVE-2020-3136
|
2024-11-21 14:30 |
2020-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201783
|
6.5 |
MEDIUM
Network
|
cisco
|
email_security_appliance
|
A vulnerability in the zip decompression engine of Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) c…
|
CWE-20
Improper Input Validation
|
CVE-2020-3134
|
2024-11-21 14:30 |
2020-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201784
|
6.5 |
MEDIUM
Network
|
cisco
|
webex_teams
|
A vulnerability in the Cisco Webex Teams client for Windows could allow an authenticated, remote attacker to cause the client to crash, resulting in a denial of service (DoS) condition. The attacker …
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-3131
|
2024-11-21 14:30 |
2020-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201785
|
4.8 |
MEDIUM
Network
|
cisco
|
unity_connection
|
A vulnerability in the web-based management interface of Cisco Unity Connection Software could allow an authenticated, remote attacker to perform a stored cross-site scripting (XSS) attack. The vulne…
|
CWE-79
Cross-site Scripting
|
CVE-2020-3129
|
2024-11-21 14:30 |
2020-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201786
|
6.1 |
MEDIUM
Network
|
cisco
|
sg250x-24_firmware
sg250x-24p_firmware
sg250x-48_firmware
sg250x-48p_firmware
sg250-08_firmware
sg250-08hp_firmware
sg250-10p_firmware
sg250-18_firmware
sg250-26_firmware
s…
|
A vulnerability in the web-based management interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack…
|
CWE-79
Cross-site Scripting
|
CVE-2020-3121
|
2024-11-21 14:30 |
2020-01-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201787
|
5.4 |
MEDIUM
Network
|
openmrs
|
appointment_scheduling_module
|
A vulnerability was found in OpenMRS Appointment Scheduling Module up to 1.12.x. It has been classified as problematic. This affects the function validateFieldName of the file api/src/main/java/org/o…
|
CWE-79
Cross-site Scripting
|
CVE-2020-36635
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201788
|
9.1 |
CRITICAL
Network
|
unzip_project
|
unzip
|
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
|
CWE-22
Path Traversal
|
CVE-2020-36561
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201789
|
5.4 |
MEDIUM
Network
|
indeed
|
util
|
A vulnerability classified as problematic has been found in Indeed Engineering util up to 1.0.33. Affected is the function visit/appendTo of the file varexport/src/main/java/com/indeed/util/varexport…
|
-
|
CVE-2020-36634
|
2024-11-21 14:29 |
2022-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201790
|
5.3 |
MEDIUM
Network
|
labstack
|
echo
|
Due to improper sanitization of user input on Windows, the static file handler allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has p…
|
CWE-22
Path Traversal
|
CVE-2020-36565
|
2024-11-21 14:29 |
2022-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
