|
196111
|
7.5 |
HIGH
Network
|
djvalidator_project
|
djvalidator
|
All versions of package djvalidator are vulnerable to Regular Expression Denial of Service (ReDoS) by sending crafted invalid emails - for example, --@------------------------------------------------…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-7779
|
2024-11-21 14:37 |
2020-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196112
|
7.3 |
HIGH
Network
|
systeminformation
|
systeminformation
|
This affects the package systeminformation before 4.30.2. The attacker can overwrite the properties and functions of an object, which can lead to executing OS commands.
|
CWE-78
OS Command
|
CVE-2020-7778
|
2024-11-21 14:37 |
2020-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196113
|
9.1 |
CRITICAL
Network
|
opencrx
|
opencrx
|
CRIXP OpenCRX version 4.30 and 5.0-20200717 and prior suffers from an unverified password change vulnerability. An attacker who is able to connect to the affected OpenCRX instance can change the pass…
|
CWE-287
Improper Authentication
|
CVE-2020-7378
|
2024-11-21 14:37 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196114
|
7.2 |
HIGH
Network
|
jsen_project
|
jsen
|
This affects all versions of package jsen. If an attacker can control the schema file, it could run arbitrary JavaScript code on the victim machine. In the module description and README file there is…
|
NVD-CWE-noinfo
|
CVE-2020-7777
|
2024-11-21 14:37 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196115
|
6.6 |
MEDIUM
Network
|
netu
|
wf2429tb_firmware
|
Improper Input validation vulnerability exists in Netis Korea D'live AP which could cause arbitrary command injection and execution when the time setting (using ntpServerlp1 parameter) for the users.…
|
CWE-20
Improper Input Validation
|
CVE-2020-7842
|
2024-11-21 14:37 |
2020-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196116
|
6.5 |
MEDIUM
Network
|
schneider-electric
|
webreports
|
A CWE-284 Improper Access Control vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause a remote attacker being able to access a restricted web resources due …
|
NVD-CWE-Other
|
CVE-2020-7573
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196117
|
8.8 |
HIGH
Network
|
schneider-electric
|
webreports
|
A CWE-611 Improper Restriction of XML External Entity Reference vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able …
|
-
|
CVE-2020-7572
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196118
|
5.4 |
MEDIUM
Network
|
schneider-electric
|
webreports
|
A CWE-79 Multiple Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Reflected) vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could…
|
-
|
CVE-2020-7571
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196119
|
5.4 |
MEDIUM
Network
|
schneider-electric
|
webreports
|
A CWE-79 Improper Neutralization of Input During Web Page Generation (Cross-site Scripting Stored) vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an au…
|
-
|
CVE-2020-7570
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196120
|
8.8 |
HIGH
Network
|
schneider-electric
|
webreports
|
A CWE-434 Unrestricted Upload of File with Dangerous Type vulnerability exists in EcoStruxure Building Operation WebReports V1.9 - V3.1 that could cause an authenticated remote user being able to upl…
|
-
|
CVE-2020-7569
|
2024-11-21 14:37 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
