|
210001
|
8.8 |
HIGH
Network
|
mozilla
|
geckodriver
|
Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.
|
CWE-352
Origin Validation Error
|
CVE-2020-15660
|
2024-11-21 14:05 |
2021-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210002
|
7.8 |
HIGH
Local
|
acronis
|
true_image
|
Acronis True Image 2019 update 1 through 2020 on macOS allows local privilege escalation due to an insecure XPC service configuration.
|
NVD-CWE-noinfo
|
CVE-2020-15495
|
2024-11-21 14:05 |
2021-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210003
|
7.8 |
HIGH
Local
|
acronis
|
true_image
|
Acronis True Image for Mac before 2021 Update 4 allowed local privilege escalation due to insecure folder permissions.
|
CWE-281
Improper Preservation of Permissions
|
CVE-2020-15496
|
2024-11-21 14:05 |
2021-07-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210004
|
6.5 |
MEDIUM
Network
|
infoblox
|
nios
|
Infoblox NIOS before 8.5.2 allows entity expansion during an XML upload operation, a related issue to CVE-2003-1564.
|
CWE-776
XML Entity Expansion
|
CVE-2020-15303
|
2024-11-21 14:05 |
2021-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210005
|
7.4 |
HIGH
Network
|
broadcom
|
brocade_sannav
fabric_operating_system
|
The host SSH servers of Brocade Fabric OS before Brocade Fabric OS v7.4.2h, v8.2.1c, v8.2.2, v9.0.0, and Brocade SANnav before v2.1.1 utilize keys of less than 2048 bits, which may be vulnerable to m…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2020-15387
|
2024-11-21 14:05 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210006
|
5.3 |
MEDIUM
Network
|
broadcom
|
fabric_operating_system
|
Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0 and 8.2.2d may observe high CPU load during security scanning, which could lead to a slower response to CLI commands and other operation…
|
NVD-CWE-noinfo
|
CVE-2020-15386
|
2024-11-21 14:05 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210007
|
5.4 |
MEDIUM
Network
|
broadcom
|
sannav
|
Brocade SANnav before version 2.1.1 allows an authenticated attacker to list directories, and list files without permission. As a result, users without permission can see folders, and hidden files, a…
|
NVD-CWE-noinfo
|
CVE-2020-15385
|
2024-11-21 14:05 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210008
|
5.3 |
MEDIUM
Network
|
broadcom
|
sannav
|
Brocade SANNav before version 2.1.1 contains an information disclosure vulnerability. Successful exploitation of internal server information in the initial login response header.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2020-15384
|
2024-11-21 14:05 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210009
|
7.5 |
HIGH
Network
|
broadcom
|
sannav
|
Brocade SANnav before version 2.1.1 logs account credentials at the ‘trace’ logging level.
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-15380
|
2024-11-21 14:05 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210010
|
7.5 |
HIGH
Network
|
broadcom
|
brocade_sannav
|
Brocade SANnav before v.2.1.0a could allow remote attackers cause a denial-of-service condition due to a lack of proper validation, of the length of user-supplied data as name for custom field name.
|
CWE-20
Improper Input Validation
|
CVE-2020-15379
|
2024-11-21 14:05 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
