|
208171
|
9.8 |
CRITICAL
Network
|
clickhouse-driver_project
|
clickhouse-driver
|
clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code (on a database client) via a crafted server response, due to a buffer overflow.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-26759
|
2024-11-21 14:20 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208172
|
9.8 |
CRITICAL
Network
|
gdatasoftware
|
g_data
|
An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges.
|
CWE-59
Link Following
|
CVE-2020-27172
|
2024-11-21 14:20 |
2020-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208173
|
5.9 |
MEDIUM
Network
|
arista
|
eos
|
In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. This can result in…
|
NVD-CWE-noinfo
|
CVE-2020-26569
|
2024-11-21 14:20 |
2020-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208174
|
8.8 |
HIGH
Network
|
user_registration_\&_login_and_user_management_system_with_admin_panel_project
|
user_registration_\&_login_and_user_management_system_with_admin_panel
|
A Cross Site Request Forgery (CSRF) vulnerability exists in the loginsystem page in PHPGurukul User Registration & Login and User Management System With Admin Panel 2.1.
|
CWE-352
Origin Validation Error
|
CVE-2020-26766
|
2024-11-21 14:20 |
2020-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208175
|
7.5 |
HIGH
Network
|
emerson
|
x-stream_enhanced_xegp_firmware
x-stream_enhanced_xegk_firmware
x-stream_enhanced_xefd_firmware
x-stream_enhanced_xexf_firmware
|
Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, XEFD, XEXF – all revisions, The affected products are vulnerable to improper authentication for accessing log and backup data, whi…
|
CWE-287
Improper Authentication
|
CVE-2020-27254
|
2024-11-21 14:20 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208176
|
8.8 |
HIGH
Network
|
mitel
|
businesscti_enterprise
|
The chat window of Mitel BusinessCTI Enterprise (MBC-E) Client for Windows before 6.4.11 and 7.x before 7.0.3 could allow an attacker to gain access to user information by sending arbitrary code, due…
|
CWE-20
Improper Input Validation
|
CVE-2020-27154
|
2024-11-21 14:20 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208177
|
4.8 |
MEDIUM
Network
|
trendmicro
|
interscan_web_security_virtual_appliance
|
A cross-site scripting (XSS) vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product in a manner separate…
|
CWE-79
Cross-site Scripting
|
CVE-2020-27010
|
2024-11-21 14:20 |
2020-12-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208178
|
7.5 |
HIGH
Network
|
magic_home_pro_project
|
magic_home_pro
|
The Magic Home Pro application 1.5.1 for Android allows Authentication Bypass. The security control that the application currently has in place is a simple Username and Password authentication functi…
|
CWE-287
Improper Authentication
|
CVE-2020-27199
|
2024-11-21 14:20 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208179
|
6.5 |
MEDIUM
Network
|
tibco
|
partnerexpress
|
The REST API component of TIBCO Software Inc.'s TIBCO PartnerExpress contains a vulnerability that theoretically allows an unauthenticated attacker with network access to obtain an authenticated logi…
|
NVD-CWE-noinfo
|
CVE-2020-27147
|
2024-11-21 14:20 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208180
|
9.8 |
CRITICAL
Network
|
google
|
android
|
Product: AndroidVersions: Android kernelAndroid ID: A-127973231References: Upstream kernel
|
NVD-CWE-noinfo
|
CVE-2020-27068
|
2024-11-21 14:20 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
