|
208641
|
7.5 |
HIGH
Network
|
huawei
|
nip6800_firmware
secospace_usg6600_firmware
usg9500_firmware
|
Huawei NIP6800 versions V500R001C30, V500R001C60SPC500, and V500R005C00; and Secospace USG6600 and USG9500 versions V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, and V500R005C00 have an in…
|
CWE-20
CWE-125
Improper Input Validation
Out-of-bounds Read
|
CVE-2020-1828
|
2024-11-21 14:11 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208642
|
9.8 |
CRITICAL
Network
|
redhat
|
spacewalk
|
A flaw was found in Spacewalk up to version 2.9 where it was vulnerable to XML internal entity attacks via the /rpc/api endpoint. An unauthenticated remote attacker could use this flaw to retrieve th…
|
CWE-611
XXE
|
CVE-2020-1693
|
2024-11-21 14:11 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208643
|
7.8 |
HIGH
Local
|
redhat
|
openshift_service_mesh
|
An insecure modification vulnerability in the /etc/passwd file was found in all versions of OpenShift ServiceMesh (maistra) before 1.0.8 in the openshift/istio-kialia-rhel7-operator-container. An att…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-1704
|
2024-11-21 14:11 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208644
|
6.5 |
MEDIUM
Network
|
moodle
|
moodle
|
Moodle before version 3.7.2 is vulnerable to information exposure of service tokens for users enrolled in the same course.
|
NVD-CWE-noinfo
|
CVE-2020-1692
|
2024-11-21 14:11 |
2020-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208645
|
8.8 |
HIGH
Network
|
paloaltonetworks
|
expedition_migration_tool
|
Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on…
|
CWE-352
Origin Validation Error
|
CVE-2020-1977
|
2024-11-21 14:11 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208646
|
5.5 |
MEDIUM
Local
|
paloaltonetworks
|
globalprotect
|
A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect software running on Mac OS allows authenticated local users to cause the Mac OS kernel to hang or crash. This issue affects…
|
CWE-20
Improper Input Validation
|
CVE-2020-1976
|
2024-11-21 14:11 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208647
|
8.8 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
Missing XML validation vulnerability in the PAN-OS web interface on Palo Alto Networks PAN-OS software allows authenticated users to inject arbitrary XML that results in privilege escalation. This is…
|
CWE-611
XXE
|
CVE-2020-1975
|
2024-11-21 14:11 |
2020-02-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208648
|
7.5 |
HIGH
Network
|
apache
|
nifi
|
In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. In the event a node attempted to join a cluster and the c…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-1942
|
2024-11-21 14:11 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208649
|
5.9 |
MEDIUM
Network
|
libpod_project
redhat
|
libpod
enterprise_linux
openshift_container_platform
|
A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious contain…
|
-
|
CVE-2020-1726
|
2024-11-21 14:11 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208650
|
6.0 |
MEDIUM
Network
|
qemu
redhat
debian
opensuse
|
qemu
enterprise_linux
openstack
debian_linux
leap
|
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-1711
|
2024-11-21 14:11 |
2020-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
