|
209721
|
6.5 |
MEDIUM
Network
|
squid-cache
canonical
debian
fedoraproject
opensuse
|
squid
ubuntu_linux
debian_linux
fedora
leap
|
An issue was discovered in Squid before 4.13 and 5.x before 5.0.4. Due to incorrect data validation, HTTP Request Smuggling attacks may succeed against HTTP and HTTPS traffic. This leads to cache poi…
|
CWE-444
HTTP Request Smuggling
|
CVE-2020-15810
|
2024-11-21 14:06 |
2020-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209722
|
5.5 |
MEDIUM
Local
|
arm
fedoraproject
debian
|
mbed_tls
fedora
debian_linux
|
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode …
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2020-16150
|
2024-11-21 14:06 |
2020-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209723
|
9.0 |
CRITICAL
Network
|
redlion
|
n-tron_702-w_firmware
n-tron_702m12-w_firmware
|
The affected product is vulnerable to reflected cross-site scripting, which may allow an attacker to remotely execute arbitrary code and perform actions in the context of an attacked user on the N-Tr…
|
-
|
CVE-2020-16210
|
2024-11-21 14:06 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209724
|
8.8 |
HIGH
Network
|
redlion
|
n-tron_702-w_firmware
n-tron_702m12-w_firmware
|
The affected product is vulnerable to cross-site request forgery, which may allow an attacker to modify different configurations of a device by luring an authenticated user to click on a crafted link…
|
-
|
CVE-2020-16208
|
2024-11-21 14:06 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209725
|
9.0 |
CRITICAL
Network
|
redlion
|
n-tron_702-w_firmware
n-tron_702m12-w_firmware
|
The affected product is vulnerable to stored cross-site scripting, which may allow an attacker to remotely execute arbitrary code to gain access to sensitive data on the N-Tron 702-W / 702M12-W (all …
|
-
|
CVE-2020-16206
|
2024-11-21 14:06 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209726
|
9.8 |
CRITICAL
Network
|
redlion
|
n-tron_702-w_firmware
n-tron_702m12-w_firmware
|
The affected product is vulnerable due to an undocumented interface found on the device, which may allow an attacker to execute commands as root on the device on the N-Tron 702-W / 702M12-W (all vers…
|
-
|
CVE-2020-16204
|
2024-11-21 14:06 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209727
|
5.5 |
MEDIUM
Local
|
canonical
|
ppp
|
The modprobe child process in the ./debian/patches/load_ppp_generic_if_needed patch file incorrectly handled module loading. A local non-root attacker could exploit the MODPROBE_OPTIONS environment v…
|
CWE-20
Improper Input Validation
|
CVE-2020-15704
|
2024-11-21 14:06 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209728
|
7.5 |
HIGH
Network
|
linuxfoundation
|
acrn
|
Missing access control restrictions in the Hypervisor component of the ACRN Project (v2.0 and v1.6.1) allow a malicious entity, with root access in the Service VM userspace, to abuse the PCIe assign/…
|
NVD-CWE-Other
|
CVE-2020-15687
|
2024-11-21 14:06 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209729
|
3.5 |
LOW
Adjacent
|
mercedes-benz
|
comand
|
On Mercedes-Benz C Class AMG Premium Plus c220 BlueTec vehicles, the Bluetooth stack mishandles %x and %c format-string specifiers in a device name in the COMAND infotainment software.
|
CWE-134
Use of Externally-Controlled Format String
|
CVE-2020-16142
|
2024-11-21 14:06 |
2020-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209730
|
5.4 |
MEDIUM
Network
|
osticket
|
osticket
|
osTicket before 1.14.3 allows XSS because include/staff/banrule.inc.php has an unvalidated echo $info['notes'] call.
|
CWE-79
Cross-site Scripting
|
CVE-2020-16193
|
2024-11-21 14:06 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
