|
212191
|
6.3 |
MEDIUM
Network
|
veritas
|
aptare
|
Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating spe…
|
CWE-863
Incorrect Authorization
|
CVE-2020-12875
|
2024-11-21 14:00 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212192
|
9.8 |
CRITICAL
Network
|
veritas
|
aptare
|
Veritas APTARE versions prior to 10.4 included code that bypassed the normal login process when specific authentication credentials were provided to the server.
|
CWE-287
Improper Authentication
|
CVE-2020-12874
|
2024-11-21 14:00 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212193
|
6.1 |
MEDIUM
Network
|
progress
|
moveit_automation
|
An issue was discovered in Progress MOVEit Automation Web Admin. A Web Admin application endpoint failed to adequately sanitize malicious input, which could allow an unauthenticated attacker to execu…
|
CWE-79
Cross-site Scripting
|
CVE-2020-12677
|
2024-11-21 14:00 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212194
|
6.5 |
MEDIUM
Adjacent
|
alberta
tracetogether
health
gov
|
abtracetogether
tracetogether
covidsafe
protego_safe
|
The COVIDSafe (Australia) app 1.0 and 1.1 for iOS allows a remote attacker to crash the app, and consequently interfere with COVID-19 contact tracing, via a Bluetooth advertisement containing manufac…
|
NVD-CWE-noinfo
|
CVE-2020-12717
|
2024-11-21 14:00 |
2020-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212195
|
9.8 |
CRITICAL
Network
|
simplefilelist
|
simple-file-list
|
WordPress Plugin Simple File List before 4.2.8 is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input.
|
CWE-22
Path Traversal
|
CVE-2020-12832
|
2024-11-21 14:00 |
2020-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212196
|
5.3 |
MEDIUM
Network
|
linuxfoundation
|
free_range_routing
|
An issue was discovered in FRRouting FRR (aka Free Range Routing) through 7.3.1. When using the split-config feature, the init script creates an empty config file with world-readable default permissi…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-12831
|
2024-11-21 14:00 |
2020-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212197
|
9.8 |
CRITICAL
Network
|
trendnet
|
tv-ip512wn_firmware
|
TRENDnet ProView Wireless camera TV-IP512WN 1.0R 1.0.4 is vulnerable to an unauthenticated stack-based buffer overflow in handling RTSP packets. This may result in remote code execution or denial of …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-12763
|
2024-11-21 14:00 |
2020-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212198
|
6.1 |
MEDIUM
Network
|
iubenda
|
iubenda-cookie-law-solution
|
The iubenda-cookie-law-solution plugin before 2.3.5 for WordPress does not restrict URL sanitization to http protocols.
|
CWE-20
Improper Input Validation
|
CVE-2020-12742
|
2024-11-21 14:00 |
2020-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212199
|
4.3 |
MEDIUM
Network
|
dkd
|
direct_mail
|
The direct_mail extension through 5.2.3 for TYPO3 allows Information Disclosure via a newsletter subscriber data Special Query.
|
CWE-862
Missing Authorization
|
CVE-2020-12700
|
2024-11-21 14:00 |
2020-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212200
|
6.1 |
MEDIUM
Network
|
dkd
|
direct_mail
|
The direct_mail extension through 5.2.3 for TYPO3 has an Open Redirect via jumpUrl.
|
CWE-601
Open Redirect
|
CVE-2020-12699
|
2024-11-21 14:00 |
2020-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
