|
209671
|
6.5 |
MEDIUM
Network
|
mozilla
|
firefox
thunderbird
|
Using object or embed tags, it was possible to frame other websites, even if they disallowed framing using the X-Frame-Options header. This vulnerability affects Thunderbird < 78 and Firefox < 78.0.2.
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2020-15648
|
2024-11-21 14:05 |
2020-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209672
|
7.4 |
HIGH
Network
|
mozilla
|
firefox
|
A Content Provider in Firefox for Android allowed local files accessible by the browser to be read by a remote webpage, leading to sensitive data disclosure, including cookies for other origins. This…
|
CWE-200
Information Exposure
|
CVE-2020-15647
|
2024-11-21 14:05 |
2020-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209673
|
8.8 |
HIGH
Local
|
passmark
|
performancetest
osforensics
burnintest
|
An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The kernel driver exposes IOCTL functionality that allows low-privilege users to r…
|
NVD-CWE-noinfo
|
CVE-2020-15480
|
2024-11-21 14:05 |
2020-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209674
|
8.8 |
HIGH
Local
|
passmark
|
performancetest
osforensics
burnintest
|
An issue was discovered in PassMark BurnInTest through 9.1, OSForensics through 7.1, and PerformanceTest through 10. The driver's IOCTL request handler attempts to copy the input buffer onto the stac…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-15479
|
2024-11-21 14:05 |
2020-08-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209675
|
8.8 |
HIGH
Network
|
cohesive
|
vns3
|
The administrative interface of Cohesive Networks vns3:vpn appliances before version 4.11.1 is vulnerable to authenticated remote code execution leading to server compromise.
|
CWE-78
OS Command
|
CVE-2020-15467
|
2024-11-21 14:05 |
2020-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209676
|
5.3 |
MEDIUM
Network
|
hashicorp
|
terraform_enterprise
|
HashiCorp Terraform Enterprise up to v202006-1 contained a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. Fixed in v202007-1.
|
NVD-CWE-noinfo
|
CVE-2020-15511
|
2024-11-21 14:05 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209677
|
9.8 |
CRITICAL
Network
|
zohocorp
|
manageengine_desktop_central
|
An issue was discovered in the client side of Zoho ManageEngine Desktop Central 10.0.552.W. An attacker-controlled server can trigger an integer overflow in InternetSendRequestEx and InternetSendRequ…
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2020-15588
|
2024-11-21 14:05 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209678
|
7.5 |
HIGH
Network
|
veeam
|
one_firmware
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Veeam ONE 10.0.0.750_20200415. Authentication is not required to exploit this vulnerability. …
|
-
|
CVE-2020-15419
|
2024-11-21 14:05 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209679
|
7.5 |
HIGH
Network
|
veeam
|
one_firmware
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Veeam ONE 10.0.0.750_20200415. Authentication is not required to exploit this vulnerability. …
|
-
|
CVE-2020-15418
|
2024-11-21 14:05 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209680
|
6.3 |
MEDIUM
Adjacent
|
netgear
|
r6700_firmware
|
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Authentication is not required to exploit this vul…
|
-
|
CVE-2020-15417
|
2024-11-21 14:05 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
