|
196991
|
7.5 |
HIGH
Network
|
f5
|
big-ip_access_policy_manager
big-ip_advanced_firewall_manager
big-ip_analytics
big-ip_application_acceleration_manager
big-ip_application_security_manager
big-ip_domain_name_system
…
|
On BIG-IP 14.1.0-14.1.2.3, undisclosed requests can lead to a denial of service (DoS) when sent to BIG-IP HTTP/2 virtual servers. The problem can occur when ciphers, which have been blacklisted by th…
|
NVD-CWE-noinfo
|
CVE-2020-5871
|
2024-11-21 14:34 |
2020-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196992
|
8.8 |
HIGH
Network
|
thimpress
|
learnpress
|
LearnPress Wordpress plugin version prior and including 3.2.6.7 is vulnerable to SQL Injection
|
CWE-89
SQL Injection
|
CVE-2020-6010
|
2024-11-21 14:34 |
2020-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196993
|
5.4 |
MEDIUM
Network
|
ni-consul
|
sales_force_assistant
|
Cross-site scripting vulnerability in Sales Force Assistant version 11.2.48 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2020-5570
|
2024-11-21 14:34 |
2020-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196994
|
6.1 |
MEDIUM
Network
|
cybozu
|
garoon
|
Cross-site scripting vulnerability in Cybozu Garoon 4.6.0 to 5.0.0 allows remote attackers to inject arbitrary web script or HTML via the applications 'Messages' and 'Bulletin Board'.
|
CWE-79
Cross-site Scripting
|
CVE-2020-5568
|
2024-11-21 14:34 |
2020-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196995
|
7.5 |
HIGH
Network
|
cybozu
|
garoon
|
Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in Application Menu.
|
CWE-287
Improper Authentication
|
CVE-2020-5567
|
2024-11-21 14:34 |
2020-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196996
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Improper authorization vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote authenticated attackers to alter the application's data via the applications 'E-mail' and 'Messages'.
|
NVD-CWE-noinfo
|
CVE-2020-5566
|
2024-11-21 14:34 |
2020-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196997
|
4.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Improper input validation vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows a remote authenticated attacker to alter the application's data via the applications 'Workflow' and 'MultiReport'.
|
CWE-20
Improper Input Validation
|
CVE-2020-5565
|
2024-11-21 14:34 |
2020-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196998
|
6.1 |
MEDIUM
Network
|
cybozu
|
garoon
|
Cross-site scripting vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to inject arbitrary web script or HTML via the application 'E-mail'.
|
CWE-79
Cross-site Scripting
|
CVE-2020-5564
|
2024-11-21 14:34 |
2020-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196999
|
5.3 |
MEDIUM
Network
|
cybozu
|
garoon
|
Improper authentication vulnerability in Cybozu Garoon 4.0.0 to 4.10.3 allows remote attackers to obtain data in the affected product via the API.
|
CWE-287
Improper Authentication
|
CVE-2020-5563
|
2024-11-21 14:34 |
2020-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197000
|
4.9 |
MEDIUM
Network
|
cybozu
|
garoon
|
Server-side request forgery (SSRF) vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 allows a remote attacker with an administrative privilege to issue arbitrary HTTP requests to other web servers via V-…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-5562
|
2024-11-21 14:34 |
2020-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
