|
214051
|
6.1 |
MEDIUM
Network
|
redhat
|
jboss_enterprise_application_platform
openshift_application_runtimes
resteasy
fuse
|
A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs.…
|
-
|
CVE-2020-10688
|
2024-11-21 13:55 |
2021-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214052
|
7.8 |
HIGH
Local
|
redhat
|
single_sign-on
|
An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container can use this flaw to modify the /etc/passwd and escalate their …
|
-
|
CVE-2020-10695
|
2024-11-21 13:55 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214053
|
7.5 |
HIGH
Network
|
invigo
|
automatic_device_management
|
A directory traversal on the /admin/search_by.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to read arbitrary server files accessible to the user running …
|
CWE-22
Path Traversal
|
CVE-2020-10584
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214054
|
8.8 |
HIGH
Network
|
invigo
|
automatic_device_management
|
The /admin/admapi.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary OS commands on the server as the user running the appli…
|
CWE-78
OS Command
|
CVE-2020-10583
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214055
|
9.8 |
CRITICAL
Network
|
invigo
|
automatic_device_management
|
A SQL injection on the /admin/display_errors.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to execute arbitrary SQL requests (including data reading and m…
|
CWE-89
SQL Injection
|
CVE-2020-10582
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214056
|
7.5 |
HIGH
Network
|
invigo
|
automatic_device_management
|
Multiple session validity check issues in several administration functionalities of Invigo Automatic Device Management (ADM) through 5.0 allow remote attackers to read potentially sensitive data host…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-10581
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214057
|
8.8 |
HIGH
Network
|
invigo
|
automatic_device_management
|
A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary PHP code on the server as the…
|
CWE-77
Command Injection
|
CVE-2020-10580
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214058
|
7.5 |
HIGH
Network
|
invigo
|
automatic_device_management
|
A directory traversal on the /admin/sysmon.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to list the content of arbitrary server directories accessible to…
|
CWE-22
Path Traversal
|
CVE-2020-10579
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214059
|
8.8 |
HIGH
Network
|
github
|
github
|
A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers use…
|
NVD-CWE-noinfo
|
CVE-2020-10519
|
2024-11-21 13:55 |
2021-03-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214060
|
5.9 |
MEDIUM
Network
|
owncloud
|
owncloud
|
An issue was discovered in ownCloud before 10.4. An attacker can bypass authentication on a password-protected image by displaying its preview.
|
CWE-287
Improper Authentication
|
CVE-2020-10254
|
2024-11-21 13:55 |
2021-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
