|
197001
|
8.8 |
HIGH
Network
|
microfocus
|
service_manager_automation
|
An SQL injection vulnerability was discovered in Micro Focus Service Manager Automation (SMA), affecting versions 2019.08, 2019.05, 2019.02, 2018.08, 2018.05, 2018.02. The vulnerability could allow f…
|
CWE-89
SQL Injection
|
CVE-2020-9521
|
2024-11-21 14:40 |
2020-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197002
|
5.4 |
MEDIUM
Network
|
microfocus
|
vibe
|
A stored XSS vulnerability was discovered in Micro Focus Vibe, affecting all Vibe version prior to 4.0.7. The vulnerability could allows a remote attacker to craft and store malicious content into Vi…
|
CWE-79
Cross-site Scripting
|
CVE-2020-9520
|
2024-11-21 14:40 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197003
|
7.8 |
HIGH
Local
|
adobe
|
bridge
|
Adobe Bridge versions 10.0 have a heap-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-9552
|
2024-11-21 14:40 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197004
|
7.8 |
HIGH
Local
|
adobe
|
bridge
|
Adobe Bridge versions 10.0 have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-9551
|
2024-11-21 14:40 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197005
|
7.5 |
HIGH
Network
|
tp-link
|
archer_c50
|
TP-Link Archer C50 V3 devices before Build 200318 Rel. 62209 allows remote attackers to cause a denial of service via a crafted HTTP Header containing an unexpected Referer field.
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2020-9375
|
2024-11-21 14:40 |
2020-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197006
|
5.3 |
MEDIUM
Local
|
kde
debian
fedoraproject
|
okular
debian_linux
fedora
|
KDE Okular before 1.10.0 allows code execution via an action link in a PDF document.
|
NVD-CWE-noinfo
|
CVE-2020-9359
|
2024-11-21 14:40 |
2020-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197007
|
7.3 |
HIGH
Network
|
supsystic
|
pricing_table_by_supsystic
|
An issue was discovered in the pricing-table-by-supsystic plugin before 1.8.2 for WordPress. Because there is no permission check on the ImportJSONTable, createFromTpl, and getJSONExportTable endpoin…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-9392
|
2024-11-21 14:40 |
2020-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197008
|
7.5 |
HIGH
Network
|
rconfig
|
rconfig
|
An issue was discovered in includes/head.inc.php in rConfig before 3.9.4. An unauthenticated attacker can retrieve saved cleartext credentials via a GET request to settings.php. Because the applicati…
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2020-9425
|
2024-11-21 14:40 |
2020-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197009
|
6.5 |
MEDIUM
Network
|
signotec
|
signopad-api\/web
|
An issue was discovered in signotec signoPAD-API/Web (formerly Websocket Pad Server) before 3.1.1 on Windows. It is possible to perform a Denial of Service attack because the application doesn't limi…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2020-9345
|
2024-11-21 14:40 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197010
|
6.1 |
MEDIUM
Network
|
atlassian
|
subversion_application_lifecycle_management
|
Subversion ALM for the enterprise before 8.8.2 allows reflected XSS at multiple locations.
|
CWE-79
Cross-site Scripting
|
CVE-2020-9344
|
2024-11-21 14:40 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
