|
208291
|
6.5 |
MEDIUM
Network
|
electronjs
|
electron
|
The Electron framework lets you write cross-platform desktop applications using JavaScript, HTML and CSS. In affected versions of Electron IPC messages sent from the main process to a subframe in the…
|
-
|
CVE-2020-26272
|
2024-11-21 14:19 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208292
|
7.2 |
HIGH
Network
|
openmage
|
openmage
|
OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, an administrator with permission to import/export data and to edit cms pages was able to inje…
|
CWE-22
CWE-434
Path Traversal
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-26295
|
2024-11-21 14:19 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208293
|
7.2 |
HIGH
Network
|
openmage
|
openmage
|
OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.5, there is a vulnerability which enables remote code execution. In affected versions an adminis…
|
-
|
CVE-2020-26285
|
2024-11-21 14:19 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208294
|
7.2 |
HIGH
Network
|
openmage
|
openmage
|
OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.6, there is a vulnerability which enables remote code execution. In affected versions an adminis…
|
-
|
CVE-2020-26252
|
2024-11-21 14:19 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208295
|
8.0 |
HIGH
Adjacent
|
weave
|
weave
|
Weave Net is open source software which creates a virtual network that connects Docker containers across multiple hosts and enables their automatic discovery. Weave Net before version 2.8.0 has a vul…
|
-
|
CVE-2020-26278
|
2024-11-21 14:19 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208296
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab affecting all versions starting from 12.4. The regex used for package names is written in a way that makes execution time have quadratic growth based on the len…
|
NVD-CWE-noinfo
|
CVE-2020-26414
|
2024-11-21 14:19 |
2021-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208297
|
7.2 |
HIGH
Network
|
coturn_project
fedoraproject
|
coturn
fedora
|
Coturn is free open source implementation of TURN and STUN Server. Coturn before version 4.5.2 by default does not allow peers to connect and relay packets to loopback addresses in the range of `127.…
|
-
|
CVE-2020-26262
|
2024-11-21 14:19 |
2021-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208298
|
7.8 |
HIGH
Local
|
safervpn
|
safervpn
|
SaferVPN for Windows Ver 5.0.3.3 through 5.0.4.15 could allow local privilege escalation from low privileged users to SYSTEM via a crafted openssl configuration file. This issue is similar to CVE-201…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-26050
|
2024-11-21 14:19 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208299
|
5.4 |
MEDIUM
Network
|
redcarpet_project
debian
|
redcarpet
debian_linux
|
Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTM…
|
-
|
CVE-2020-26298
|
2024-11-21 14:19 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208300
|
8.8 |
HIGH
Network
|
smartbear
|
collaborator
|
In SmartBear Collaborator Server through 13.3.13302, use of the Google Web Toolkit (GWT) API introduces a post-authentication Java deserialization vulnerability. The application's UpdateMemento class…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-26118
|
2024-11-21 14:19 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
