|
212091
|
7.5 |
HIGH
Network
|
hashicorp
|
consul
|
HashiCorp Consul and Consul Enterprise could crash when configured with an abnormally-formed service-router entry. Introduced in 1.6.0, fixed in 1.6.6 and 1.7.4.
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2020-12758
|
2024-11-21 14:00 |
2020-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212092
|
7.2 |
HIGH
Network
|
redash
|
redash
|
Havoc Research discovered an authenticated Server-Side Request Forgery (SSRF) via the "JSON" data source of Redash open-source 8.0.0 and prior. Possibly, other connectors are affected. The SSRF is po…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-12725
|
2024-11-21 14:00 |
2020-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212093
|
7.5 |
HIGH
Network
|
sos-berlin
|
jobscheduler
|
A vulnerability based on insecure user/password encryption in the JOE (job editor) component of SOS JobScheduler 1.12 and 1.13 allows attackers to decrypt the user/password that is optionally stored …
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2020-12712
|
2024-11-21 14:00 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212094
|
7.0 |
HIGH
Local
|
pydio
|
cells
|
The following vulnerability applies only to the Pydio Cells Enterprise OVF version 2.0.4. Prior versions of the Pydio Cells Enterprise OVF (such as version 2.0.3) have a looser policy restriction all…
|
CWE-269
Improper Privilege Management
|
CVE-2020-12850
|
2024-11-21 14:00 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212095
|
5.9 |
MEDIUM
Network
|
ciphermail
|
webmail_messenger
gateway
|
An issue was discovered in CipherMail Community Gateway Virtual Appliances and Professional/Enterprise Gateway Virtual Appliances versions 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger Virtu…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2020-12714
|
2024-11-21 14:00 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212096
|
7.2 |
HIGH
Network
|
ciphermail
|
webmail_messenger
gateway
|
An issue was discovered in CipherMail Community Gateway and Professional/Enterprise Gateway 1.0.1 through 4.7.1-0 and CipherMail Webmail Messenger 1.1.1 through 3.1.1-0. Attackers with administrative…
|
CWE-269
Improper Privilege Management
|
CVE-2020-12713
|
2024-11-21 14:00 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212097
|
7.5 |
HIGH
Network
|
mitsubishielectric
|
melsec_iq-r00cpu_firmware
melsec_iq-r01cpu_firmware
melsec_iq-r02cpu_firmware
melsec_iq-r04cpu_firmware
melsec_iq-r08cpu_firmware
melsec_iq-r16cpu_firmware
melsec_iq-r32cpu_firmware…
|
Mitsubishi MELSEC iQ-R Series PLCs with firmware 33 allow attackers to halt the industrial process by sending an unauthenticated crafted packet over the network, because this denial of service attack…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-13238
|
2024-11-21 14:00 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212098
|
7.5 |
HIGH
Network
|
hashicorp
|
vault
|
HashiCorp Vault and Vault Enterprise logged proxy environment variables that potentially included sensitive credentials. Fixed in 1.3.6 and 1.4.2.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-13223
|
2024-11-21 14:00 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212099
|
9.8 |
CRITICAL
Network
|
hashicorp
|
vault
|
HashiCorp Vault and Vault Enterprise 1.4.0 and 1.4.1, when configured with the GCP Secrets Engine, may incorrectly generate GCP Credentials with the default time-to-live lease duration instead of the…
|
CWE-269
Improper Privilege Management
|
CVE-2020-12757
|
2024-11-21 14:00 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212100
|
6.1 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A Stored Cross-Site Scripting vulnerability allowed the execution of arbitrary Javascript code in the blobs API in all previous GitLab CE/EE versions through 13.0.1
|
CWE-79
Cross-site Scripting
|
CVE-2020-13271
|
2024-11-21 14:00 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
