|
210031
|
7.8 |
HIGH
Local
|
foxitsoftware
|
phantompdf
reader
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the …
|
CWE-843
Type Confusion
|
CVE-2020-10891
|
2024-11-21 13:56 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210032
|
8.8 |
HIGH
Network
|
foxitsoftware
|
phantompdf
reader
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the …
|
CWE-352
Origin Validation Error
|
CVE-2020-10890
|
2024-11-21 13:56 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210033
|
7.8 |
HIGH
Local
|
foxitsoftware
|
phantompdf
reader
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the …
|
CWE-843
Type Confusion
|
CVE-2020-10889
|
2024-11-21 13:56 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210034
|
7.5 |
HIGH
Network
|
git-scm
debian
canonical
fedoraproject
|
git
debian_linux
ubuntu_linux
fedora
|
Affected versions of Git have a vulnerability whereby Git can be tricked into sending private credentials to a host controlled by an attacker. This bug is similar to CVE-2020-5260(GHSA-qm7j-c969-7j4q…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-11008
|
2024-11-21 13:56 |
2020-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210035
|
8.8 |
HIGH
Network
|
vestacp
|
vesta_control_panel
|
An elevation of privilege in Vesta Control Panel through 0.9.8-26 allows an attacker to gain root system access from the admin account via v-change-user-password (aka the user password change script).
|
NVD-CWE-noinfo
|
CVE-2020-10787
|
2024-11-21 13:56 |
2020-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210036
|
8.8 |
HIGH
Network
|
vestacp
|
vesta_control_panel
|
A remote command execution in Vesta Control Panel through 0.9.8-26 allows any authenticated user to execute arbitrary commands on the system via cron jobs.
|
CWE-863
Incorrect Authorization
|
CVE-2020-10786
|
2024-11-21 13:56 |
2020-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210037
|
8.8 |
HIGH
Network
|
tortoise_orm_project
|
tortoise_orm
|
In Tortoise ORM before versions 0.15.23 and 0.16.6, various forms of SQL injection have been found for MySQL and when filtering or doing mass-updates on char/text fields. SQLite & PostgreSQL are only…
|
CWE-89
SQL Injection
|
CVE-2020-11010
|
2024-11-21 13:56 |
2020-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210038
|
5.4 |
MEDIUM
Network
|
zulip
|
zulip_server
|
Zulip Server before 2.1.3 allows XSS via a Markdown link, with resultant account takeover.
|
CWE-79
Cross-site Scripting
|
CVE-2020-10935
|
2024-11-21 13:56 |
2020-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210039
|
8.8 |
HIGH
Network
|
sophos
|
anti-virus_for_sophos_central
anti-virus_for_sophos_home
|
Mac Endpoint for Sophos Central before 9.9.6 and Mac Endpoint for Sophos Home before 2.2.6 allow Privilege Escalation.
|
CWE-59
Link Following
|
CVE-2020-10947
|
2024-11-21 13:56 |
2020-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210040
|
7.5 |
HIGH
Network
|
ftpdmin_project
|
ftpdmin
|
A buffer overflow vulnerability in FTPDMIN 0.96 allows attackers to crash the server via a crafted packet.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-10813
|
2024-11-21 13:56 |
2020-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
