|
210021
|
5.3 |
MEDIUM
Network
|
apache
quarkus
oracle
netapp
|
httpclient
quarkus
primavera_unifier
peoplesoft_enterprise_peopletools
data_integrator
peoplesoft_enterprise_pt_peopletools
nosql_database
retail_customer_management_and_segmenta…
|
Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host…
|
NVD-CWE-noinfo
|
CVE-2020-13956
|
2024-11-21 14:02 |
2020-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210022
|
9.8 |
CRITICAL
Network
|
hcltech
|
domino
|
HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Domino or execute attacker-control…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-14260
|
2024-11-21 14:02 |
2020-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210023
|
8.1 |
HIGH
Network
|
linux
netapp
|
linux_kernel
cloud_backup
a250_firmware
fas_500f_firmware
aff_500f_firmware
solidfire_baseboard_management_controller_firmware
|
An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated…
|
-
|
CVE-2020-14305
|
2024-11-21 14:02 |
2020-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210024
|
5.4 |
MEDIUM
Network
|
atlassian
|
automation_for_jira
|
Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & <jira-installation>/jira/bin directorie…
|
CWE-74
Injection
|
CVE-2020-14193
|
2024-11-21 14:02 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210025
|
5.3 |
MEDIUM
Network
|
intelbras
|
tip200_firmware
tip200lite_firmware
tip300_firmware
|
Intelbras TIP 200 60.61.75.15, TIP 200 LITE 60.61.75.15, and TIP 300 65.61.75.22 devices allow cgi-bin/cgiServer.exx?page=../ Directory Traversal.
|
CWE-22
Path Traversal
|
CVE-2020-13886
|
2024-11-21 14:02 |
2020-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210026
|
7.5 |
HIGH
Network
|
atlassian
|
crucible
fisheye
|
Affected versions of Atlassian Fisheye/Crucible allow remote attackers to achieve Regex Denial of Service via user-supplied regex in EyeQL. The affected versions are before version 4.8.4.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-14190
|
2024-11-21 14:02 |
2020-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210027
|
7.5 |
HIGH
Network
|
atlassian
|
crucible
fisheye
|
Affected versions of Atlassian Fisheye/Crucible allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the MessageBundleResource within Atlassi…
|
NVD-CWE-noinfo
|
CVE-2020-14191
|
2024-11-21 14:02 |
2020-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210028
|
9.8 |
CRITICAL
Network
|
apache
|
unomi
|
It is possible to inject malicious OGNL or MVEL scripts into the /context.json public endpoint. This was partially fixed in 1.5.1 but a new attack vector was found. In Apache Unomi version 1.5.2 scri…
|
CWE-74
Injection
|
CVE-2020-13942
|
2024-11-21 14:02 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210029
|
7.5 |
HIGH
Network
|
hcltech
|
notes
|
HCL Notes is susceptible to a Denial of Service vulnerability caused by improper validation of user-supplied input. A remote unauthenticated attacker could exploit this vulnerability using a speciall…
|
CWE-20
Improper Input Validation
|
CVE-2020-14258
|
2024-11-21 14:02 |
2020-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210030
|
7.5 |
HIGH
Network
|
hcltech
|
domino
|
HCL Domino is susceptible to a Denial of Service vulnerability due to improper validation of user-supplied input, potentially giving an attacker the ability to crash the server. Versions previous to …
|
CWE-20
Improper Input Validation
|
CVE-2020-14234
|
2024-11-21 14:02 |
2020-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
