|
199881
|
4.9 |
MEDIUM
Network
|
octobercms
|
october
|
In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to delete arbitrary local files of an October CMS server. The vul…
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2020-5296
|
2024-11-21 14:33 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199882
|
4.9 |
MEDIUM
Network
|
octobercms
|
october
|
In OctoberCMS (october/october composer package) versions from 1.0.319 and before 1.0.466, an attacker can exploit this vulnerability to read local files of an October CMS server. The vulnerability i…
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2020-5295
|
2024-11-21 14:33 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199883
|
6.0 |
MEDIUM
Local
|
dell
|
dock_wd15_firmware
dock_wd19_firmware
thunderbolt_dock_tb16_firmware
precision_dual_usb-c_thunderbolt_dock_-_tb18dc_firmware
|
Dell Dock Firmware Update Utilities for Dell Client Consumer and Commercial docking stations contain an Arbitrary File Overwrite vulnerability. The vulnerability is limited to the Dell Dock Firmware …
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-5357
|
2024-11-21 14:33 |
2020-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199884
|
5.3 |
MEDIUM
Network
|
glpi-project
|
glpi
|
GLPI before before version 9.4.6 has a vulnerability involving a default encryption key. GLPIKEY is public and is used on every instance. This means anyone can decrypt sensitive data stored using thi…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-5248
|
2024-11-21 14:33 |
2020-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199885
|
7.8 |
HIGH
Local
|
dell
|
os_recovery_image_for_microsoft_windows_10
|
Dell Client platforms restored using a Dell OS recovery image downloaded before December 20, 2019, may contain an insecure inherited permissions vulnerability. A local authenticated malicious user wi…
|
CWE-863
Incorrect Authorization
|
CVE-2020-5343
|
2024-11-21 14:33 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199886
|
6.1 |
MEDIUM
Network
|
rsa
|
archer
|
RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect application users t…
|
CWE-601
Open Redirect
|
CVE-2020-5337
|
2024-11-21 14:33 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199887
|
6.1 |
MEDIUM
Network
|
rsa
|
archer
|
RSA Archer, versions prior to 6.7 P1 (6.7.0.1), contain a URL injection vulnerability. An unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user t…
|
CWE-74
Injection
|
CVE-2020-5336
|
2024-11-21 14:33 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199888
|
8.8 |
HIGH
Network
|
rsa
|
archer
|
RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contain a cross-site request forgery vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim…
|
CWE-352
Origin Validation Error
|
CVE-2020-5335
|
2024-11-21 14:33 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199889
|
6.1 |
MEDIUM
Network
|
rsa
|
archer
|
RSA Archer, versions prior to 6.7 P2 (6.7.0.2), contains a Document Object Model (DOM) based cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulne…
|
CWE-79
Cross-site Scripting
|
CVE-2020-5334
|
2024-11-21 14:33 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199890
|
4.3 |
MEDIUM
Network
|
rsa
|
archer
|
RSA Archer, versions prior to 6.7 P3 (6.7.0.3), contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerabilit…
|
CWE-863
Incorrect Authorization
|
CVE-2020-5333
|
2024-11-21 14:33 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
