|
200311
|
6.8 |
MEDIUM
Network
|
helm
|
helm
|
In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins from a tar archive over HTTP. It is possible for a malicious plugin author…
|
-
|
CVE-2020-4053
|
2024-11-21 14:32 |
2020-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200312
|
6.1 |
MEDIUM
Network
|
requarks
|
wiki.js
|
In Wiki.js before 2.4.107, there is a stored cross-site scripting through template injection. This vulnerability exists due to an insecure validation mechanism intended to insert v-pre tags into rend…
|
-
|
CVE-2020-4052
|
2024-11-21 14:32 |
2020-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200313
|
6.5 |
MEDIUM
Network
|
ibm
|
mq
|
IBM MQ Appliance and IBM MQ AMQP Channels 8.0, 9.0 LTS, 9.1 LTS, and 9.1 CD do not correctly block or allow clients based on the certificate distinguished name SSLPEER setting. IBM X-Force ID: 177403.
|
CWE-295
Improper Certificate Validation
|
CVE-2020-4320
|
2024-11-21 14:32 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200314
|
7.5 |
HIGH
Network
|
ibm
|
mq
websphere_mq
|
IBM MQ and MQ Appliance 7.1, 7.5, 8.0, 9.0 LTS, 9.1 LTS, and 9.1 C are vulnerable to a denial of service attack due to an error within the Data Conversion logic. IBM X-Force ID: 177081.
|
NVD-CWE-noinfo
|
CVE-2020-4310
|
2024-11-21 14:32 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200315
|
5.4 |
MEDIUM
Network
|
openjsf
debian
netapp
|
dijit
debian_linux
snapcenter
oncommand_workflow_automation
oncommand_insight
active_iq_unified_manager
|
In Dijit before versions 1.11.11, and greater than or equal to 1.12.0 and less than 1.12.9, and greater than or equal to 1.13.0 and less than 1.13.8, and greater than or equal to 1.14.0 and less than…
|
-
|
CVE-2020-4051
|
2024-11-21 14:32 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200316
|
7.8 |
HIGH
Local
|
vmware
|
horizon_client
|
VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. A local user on the system whe…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-3961
|
2024-11-21 14:32 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200317
|
7.5 |
HIGH
Network
|
ibm
|
spectrum_protect_client
spectrum_protect_for_space_management
|
IBM Spectrum Protect Client 8.1.7.0 through 8.1.9.1 (Linux and Windows), 8.1.9.0 trough 8.1.9.1 (AIX) and IBM Spectrum Protect for Space Management 8.1.7.0 through 8.1.9.1 (Linux), 8.1.9.0 through 8.…
|
CWE-287
Improper Authentication
|
CVE-2020-4494
|
2024-11-21 14:32 |
2020-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200318
|
6.5 |
MEDIUM
Network
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 discloses highly sensitive information in plain text in the virgo log file which could be used in further attacks against the system. IBM X-Force ID: 1…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-4477
|
2024-11-21 14:32 |
2020-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200319
|
6.5 |
MEDIUM
Network
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 could allow an unauthenticated attacker to cause a denial of service or hijack DNS sessions by send a specially crafted HTTP command to the remote serv…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-4471
|
2024-11-21 14:32 |
2020-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200320
|
8.0 |
HIGH
Network
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.5 Administrative Console could allow an authenticated attacker to upload arbitrary files which could be execute arbitrary code on the vulnerable server. …
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-4470
|
2024-11-21 14:32 |
2020-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
