|
208261
|
7.5 |
HIGH
Network
|
rockwellautomation
|
factorytalk_linx
|
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which …
|
-
|
CVE-2020-27255
|
2024-11-21 14:20 |
2020-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208262
|
7.5 |
HIGH
Network
|
rockwellautomation
|
factorytalk_linx
|
A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious pack…
|
-
|
CVE-2020-27253
|
2024-11-21 14:20 |
2020-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208263
|
9.8 |
CRITICAL
Network
|
rockwellautomation
|
factorytalk_linx
|
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could resul…
|
-
|
CVE-2020-27251
|
2024-11-21 14:20 |
2020-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208264
|
7.5 |
HIGH
Network
|
matrix
fedoraproject
|
synapse
fedora
|
Matrix Synapse before 1.20.0 erroneously permits non-standard NaN, Infinity, and -Infinity JSON values in fields of m.room.member events, allowing remote attackers to execute a denial of service atta…
|
CWE-20
Improper Input Validation
|
CVE-2020-26890
|
2024-11-21 14:20 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208265
|
6.1 |
MEDIUM
Network
|
cisco
|
webex_meetings
|
A vulnerability in an API of Cisco Webex Meetings could allow an unauthenticated, remote attacker to conduct cross-site scripting attacks. The vulnerability is due to improper validation of user-supp…
|
CWE-79
Cross-site Scripting
|
CVE-2020-27126
|
2024-11-21 14:20 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208266
|
6.0 |
MEDIUM
Local
|
trustedcomputinggroup
|
trusted_platform_module
|
Trusted Computing Group (TCG) Trusted Platform Module Library Family 2.0 Library Specification Revisions 1.38 through 1.59 has Incorrect Access Control during a non-orderly TPM shut-down that uses US…
|
CWE-665
Improper Initialization
|
CVE-2020-26933
|
2024-11-21 14:20 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208267
|
6.1 |
MEDIUM
Network
|
reddoxx
|
maildepot
|
REDDOXX MailDepot 2033 (aka 2.3.3022) allows XSS via an incoming HTML e-mail message.
|
CWE-79
Cross-site Scripting
|
CVE-2020-26554
|
2024-11-21 14:20 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208268
|
6.1 |
MEDIUM
Network
|
rsa
|
archer
|
RSA Archer 6.8 through 6.8.0.3 and 6.9 contains a URL injection vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability by tricking a victim application user in…
|
CWE-74
Injection
|
CVE-2020-26884
|
2024-11-21 14:20 |
2020-11-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208269
|
9.8 |
CRITICAL
Network
|
aviatrix
|
controller
|
An issue was discovered in Aviatrix Controller before R6.0.2483. Several APIs contain functions that allow arbitrary files to be uploaded to the web tree.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-26553
|
2024-11-21 14:20 |
2020-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208270
|
7.5 |
HIGH
Network
|
aviatrix
|
controller
|
An issue was discovered in Aviatrix Controller before R6.0.2483. Multiple executable files, that implement API endpoints, do not require a valid session ID for access.
|
NVD-CWE-noinfo
|
CVE-2020-26552
|
2024-11-21 14:20 |
2020-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
