|
196381
|
9.8 |
CRITICAL
Network
|
sap
|
commerce
commerce_data_hub
|
SAP Commerce, versions - 6.7, 1808, 1811, 1905, and SAP Commerce (Data Hub), versions - 6.7, 1808, 1811, 1905, allows an attacker to bypass the authentication and/or authorization that has been confi…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-6265
|
2024-11-21 14:35 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196382
|
8.8 |
HIGH
Network
|
zoom
|
zoom
|
An exploitable partial path traversal vulnerability exists in the way Zoom Client version 4.6.10 processes messages including shared code snippets. A specially crafted chat message can cause an arbit…
|
CWE-22
Path Traversal
|
CVE-2020-6110
|
2024-11-21 14:35 |
2020-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196383
|
9.8 |
CRITICAL
Network
|
zoom
|
zoom
|
An exploitable path traversal vulnerability exists in the Zoom client, version 4.6.10 processes messages including animated GIFs. A specially crafted chat message can cause an arbitrary file write, w…
|
CWE-22
Path Traversal
|
CVE-2020-6109
|
2024-11-21 14:35 |
2020-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196384
|
4.3 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in notifications in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to bypass notification restrictions via a crafted HTML page.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-6504
|
2024-11-21 14:35 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196385
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in accessibility in Google Chrome prior to 74.0.3729.108 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-6503
|
2024-11-21 14:35 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196386
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Incorrect implementation in permissions in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof security UI via a crafted HTML page.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-6502
|
2024-11-21 14:35 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196387
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Insufficient policy enforcement in CSP in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass content security policy via a crafted HTML page.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-6501
|
2024-11-21 14:35 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196388
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in interstitials in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
NVD-CWE-noinfo
|
CVE-2020-6500
|
2024-11-21 14:35 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196389
|
6.5 |
MEDIUM
Network
|
google
|
chrome
|
Inappropriate implementation in AppCache in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to bypass AppCache security restrictions via a crafted HTML page.
|
NVD-CWE-noinfo
|
CVE-2020-6499
|
2024-11-21 14:35 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196390
|
6.5 |
MEDIUM
Network
|
google
debian
|
chrome
debian_linux
|
Incorrect implementation in user interface in Google Chrome on iOS prior to 83.0.4103.88 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-6498
|
2024-11-21 14:35 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
