|
195961
|
7.2 |
HIGH
Network
|
tp-link
|
tl-wr841n_firmware
|
A buffer overflow in the httpd daemon on TP-Link TL-WR841N V10 (firmware version 3.16.9) devices allows an authenticated remote attacker to execute arbitrary code via a GET request to the page for th…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-8423
|
2024-11-21 14:38 |
2020-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195962
|
6.3 |
MEDIUM
Local
|
opensuse
|
texlive-filesystem
leap
|
A Race Condition Enabling Link Following vulnerability in the cron job shipped with texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software …
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2020-8017
|
2024-11-21 14:38 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195963
|
7.0 |
HIGH
Local
|
opensuse
|
texlive-filesystem
|
A Race Condition Enabling Link Following vulnerability in the packaging of texlive-filesystem of SUSE Linux Enterprise Module for Desktop Applications 15-SP1, SUSE Linux Enterprise Software Developme…
|
-
|
CVE-2020-8016
|
2024-11-21 14:38 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195964
|
7.8 |
HIGH
Local
|
exim
|
exim
|
A UNIX Symbolic Link (Symlink) Following vulnerability in the packaging of exim in openSUSE Factory allows local attackers to escalate from user mail to root. This issue affects: openSUSE Factory exi…
|
-
|
CVE-2020-8015
|
2024-11-21 14:38 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195965
|
7.8 |
HIGH
Local
|
ui
|
unifi_video
|
In UniFi Video v3.10.1 (for Windows 7/8/10 x64) there is a Local Privileges Escalation to SYSTEM from arbitrary file deletion and DLL hijack vulnerabilities. The issue was fixed by adjusting the .tsE…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-8146
|
2024-11-21 14:38 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195966
|
6.5 |
MEDIUM
Network
|
ui
|
unifi_video
|
The UniFi Video Server (Windows) web interface configuration restore functionality at the “backup” and “wizard” endpoints does not implement sufficient privilege checks. Low privileged users, belongi…
|
NVD-CWE-noinfo
|
CVE-2020-8145
|
2024-11-21 14:38 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195967
|
8.4 |
HIGH
Adjacent
|
ui
|
unifi_video
|
The UniFi Video Server v3.9.3 and prior (for Windows 7/8/10 x64) web interface Firmware Update functionality, under certain circumstances, does not validate firmware download destinations to ensure t…
|
CWE-22
Path Traversal
|
CVE-2020-8144
|
2024-11-21 14:38 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195968
|
8.8 |
HIGH
Network
|
auth0
|
login_by_auth0
|
An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. A user can perform an insecure direct object reference.
|
NVD-CWE-Other
|
CVE-2020-7948
|
2024-11-21 14:38 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195969
|
9.8 |
CRITICAL
Network
|
auth0
|
login_by_auth0
|
An issue was discovered in the Login by Auth0 plugin before 4.0.0 for WordPress. It has numerous fields that can contain data that is pulled from different sources. One issue with this is that the da…
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2020-7947
|
2024-11-21 14:38 |
2020-04-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195970
|
7.5 |
HIGH
Network
|
zohocorp
|
manageengine_desktop_central
|
Zoho ManageEngine Desktop Central before 10.0.483 allows unauthenticated users to access PDFGenerationServlet, leading to sensitive information disclosure.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-8509
|
2024-11-21 14:38 |
2020-03-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
