|
208581
|
7.5 |
HIGH
Network
|
huawei
|
usg6000v_firmware
|
Huawei USG6000V with versions V500R001C20SPC300, V500R003C00SPC100, and V500R005C00SPC100 have an out-of-bounds read vulnerability. Due to a logical flaw in a JSON parsing routine, a remote, unauthen…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-1863
|
2024-11-21 14:11 |
2020-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208582
|
3.9 |
LOW
Local
|
redhat
fedoraproject
debian
|
ansible_tower
ansible
cloudforms_management_engine
openstack
fedora
debian_linux
|
A flaw was found in Ansible 2.7.16 and prior, 2.8.8 and prior, and 2.9.5 and prior when a password is set with the argument "password" of svn module, it is used on svn command line, disclosing to oth…
|
-
|
CVE-2020-1739
|
2024-11-21 14:11 |
2020-03-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208583
|
9.8 |
CRITICAL
Network
|
apache
|
shardingsphere
|
In Apache ShardingSphere(incubator) 4.0.0-RC3 and 4.0.0, the ShardingSphere's web console uses the SnakeYAML library for parsing YAML inputs to load datasource configuration. SnakeYAML allows to unma…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-1947
|
2024-11-21 14:11 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208584
|
7.8 |
HIGH
Local
|
paloaltonetworks
|
pan-os
|
A predictable temporary filename vulnerability in PAN-OS allows local privilege escalation. This issue allows a local attacker who bypassed the restricted shell to execute commands as a low privilege…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-1981
|
2024-11-21 14:11 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208585
|
7.8 |
HIGH
Local
|
paloaltonetworks
|
pan-os
|
A shell command injection vulnerability in the PAN-OS CLI allows a local authenticated user to escape the restricted shell and escalate privileges. This issue affects only PAN-OS 8.1 versions earlier…
|
CWE-78
OS Command
|
CVE-2020-1980
|
2024-11-21 14:11 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208586
|
7.8 |
HIGH
Local
|
paloaltonetworks
|
pan-os
|
A format string vulnerability in the PAN-OS log daemon (logd) on Panorama allows a network based attacker with knowledge of registered firewall devices and access to Panorama management interfaces to…
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2020-1979
|
2024-11-21 14:11 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208587
|
5.0 |
MEDIUM
Local
|
redhat
fedoraproject
debian
|
cloudforms_management_engine
ansible_tower
ansible
openstack
fedora
debian_linux
|
A race condition flaw was found in Ansible Engine 2.7.17 and prior, 2.8.9 and prior, 2.9.6 and prior when running a playbook with an unprivileged become user. When Ansible needs to run a module with …
|
CWE-362
Race Condition
|
CVE-2020-1733
|
2024-11-21 14:11 |
2020-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208588
|
7.8 |
HIGH
Local
|
redhat
|
ansible_tower
ansible_engine
|
A flaw was found in Ansible 2.7.17 and prior, 2.8.9 and prior, and 2.9.6 and prior when using the Extract-Zip function from the win_unzip module as the extracted file(s) are not checked if they belon…
|
CWE-22
Path Traversal
|
CVE-2020-1737
|
2024-11-21 14:11 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208589
|
7.0 |
HIGH
Local
|
redhat
|
openshift_container_platform
|
It has been found that in openshift-enterprise version 3.11 and openshift-enterprise versions 4.1 up to, including 4.3, multiple containers modify the permissions of /etc/passwd to make them modifiab…
|
-
|
CVE-2020-1706
|
2024-11-21 14:11 |
2020-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208590
|
7.4 |
HIGH
Local
|
redhat
|
ansible_tower
ansible_engine
|
A flaw was found in the pipe lookup plugin of ansible. Arbitrary commands can be run, when the pipe lookup plugin uses subprocess.Popen() with shell=True, by overwriting ansible facts and the variabl…
|
-
|
CVE-2020-1734
|
2024-11-21 14:11 |
2020-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
