|
210541
|
7.5 |
HIGH
Network
|
admidio
|
admidio
|
SQL Injection was discovered in Admidio before version 3.3.13. The main cookie parameter is concatenated into a SQL query without any input validation/sanitization, thus an attacker without logging i…
|
CWE-89
SQL Injection
|
CVE-2020-11004
|
2024-11-21 13:56 |
2020-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210542
|
5.0 |
MEDIUM
Network
|
helm
|
helm
|
Their is an information disclosure vulnerability in Helm from version 3.1.0 and before version 3.2.0. `lookup` is a Helm template function introduced in Helm v3. It is able to lookup resources in the…
|
CWE-200
Information Exposure
|
CVE-2020-11013
|
2024-11-21 13:56 |
2020-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210543
|
7.5 |
HIGH
Network
|
minio
|
minio
|
MinIO versions before RELEASE.2020-04-23T00-58-49Z have an authentication bypass issue in the MinIO admin API. Given an admin access key, it is possible to perform admin API operations i.e. creating …
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2020-11012
|
2024-11-21 13:56 |
2020-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210544
|
9.8 |
CRITICAL
Network
|
veeam
|
one
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specifi…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-10915
|
2024-11-21 13:56 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210545
|
9.8 |
CRITICAL
Network
|
veeam
|
one
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VEEAM One Agent 9.5.4.4587. Authentication is not required to exploit this vulnerability. The specifi…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-10914
|
2024-11-21 13:56 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210546
|
7.8 |
HIGH
Local
|
foxitsoftware
|
foxit_reader
phantompdf
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the …
|
CWE-843
Type Confusion
|
CVE-2020-10913
|
2024-11-21 13:56 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210547
|
7.8 |
HIGH
Local
|
foxitsoftware
|
phantompdf
reader
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the …
|
CWE-843
Type Confusion
|
CVE-2020-10912
|
2024-11-21 13:56 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210548
|
7.8 |
HIGH
Local
|
foxitsoftware
|
phantompdf
reader
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the …
|
CWE-843
Type Confusion
|
CVE-2020-10911
|
2024-11-21 13:56 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210549
|
7.8 |
HIGH
Local
|
foxitsoftware
|
phantompdf
reader
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the …
|
CWE-843
Type Confusion
|
CVE-2020-10910
|
2024-11-21 13:56 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210550
|
7.8 |
HIGH
Local
|
foxitsoftware
|
phantompdf
reader
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.0.29478. User interaction is required to exploit this vulnerability in that the …
|
CWE-843
Type Confusion
|
CVE-2020-10909
|
2024-11-21 13:56 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
