|
197581
|
7.8 |
HIGH
Local
|
bitdefender
|
total_security
internet_security
antivirus_plus
|
A Process Control vulnerability in ProductAgentUI.exe as used in Bitdefender Antivirus Plus allows an attacker to tamper with product settings via a specially crafted DLL file. This issue affects: Bi…
|
NVD-CWE-Other
|
CVE-2020-8107
|
2024-11-21 14:38 |
2022-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197582
|
7.8 |
HIGH
Local
|
goabode
|
iota_all-in-one_security_kit_firmware
|
OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One Security Kit allows an attacker to inject commands and gain root access. This issue affects: Abode iota All-…
|
CWE-78
OS Command
|
CVE-2020-8105
|
2024-11-21 14:38 |
2021-12-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197583
|
6.1 |
MEDIUM
Network
|
rocket.chat
|
rocket.chat
|
A link preview rendering issue in Rocket.Chat versions before 3.9 could lead to potential XSS attacks.
|
CWE-79
Cross-site Scripting
|
CVE-2020-8291
|
2024-11-21 14:38 |
2021-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197584
|
6.5 |
MEDIUM
Network
|
citrix
|
netscaler_gateway
gateway
application_delivery_controller_firmware
|
Citrix ADC and Citrix/NetScaler Gateway before 13.0-82.41, 12.1-62.23, 11.1-65.20 and Citrix ADC 12.1-FIPS before 12.1-55.238 suffer from improper access control allowing SAML authentication hijack t…
|
NVD-CWE-Other
|
CVE-2020-8300
|
2024-11-21 14:38 |
2021-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197585
|
6.5 |
MEDIUM
Adjacent
|
citrix
|
netscaler_gateway
gateway
application_delivery_controller_firmware
sd-wan_wanop
|
Citrix ADC and Citrix/NetScaler Gateway 13.0 before 13.0-76.29, 12.1-61.18, 11.1-65.20, Citrix ADC 12.1-FIPS before 12.1-55.238, and Citrix SD-WAN WANOP Edition before 11.4.0, 11.3.2, 11.3.1a, 11.2.3…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-8299
|
2024-11-21 14:38 |
2021-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197586
|
6.5 |
MEDIUM
Network
|
mongodb
|
mongomirror
database_tools
|
Usage of specific command line parameter in MongoDB Tools which was originally intended to just skip hostname checks, may result in MongoDB skipping all certificate validation. This may result in acc…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-7924
|
2024-11-21 14:38 |
2021-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197587
|
5.5 |
MEDIUM
Local
|
lenovo
|
pcmanager
|
A denial of service vulnerability was reported in Lenovo PCManager, prior to version 3.0.200.2042, that could allow configuration files to be written to non-standard locations.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-8357
|
2024-11-21 14:38 |
2021-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197588
|
4.9 |
MEDIUM
Network
|
lenovo
|
xclarity_orchestrator
|
An internal product security audit of LXCO, prior to version 1.2.2, discovered that optional passwords, if specified, for the Syslog and SMTP forwarders are written to an internal LXCO log file in cl…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-8356
|
2024-11-21 14:38 |
2021-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197589
|
9.8 |
CRITICAL
Network
|
fs-path_project
|
fs-path
|
fs-path node module before 0.0.25 is vulnerable to command injection by way of user-supplied inputs via the `copy`, `copySync`, `remove`, and `removeSync` methods.
|
CWE-77
Command Injection
|
CVE-2020-8298
|
2024-11-21 14:38 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197590
|
6.7 |
MEDIUM
Local
|
nextcloud
fedoraproject
|
nextcloud_server
fedora
|
Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured.
|
CWE-521
Weak Password Requirements
|
CVE-2020-8296
|
2024-11-21 14:38 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
