|
217751
|
5.3 |
MEDIUM
Network
|
atlassian
|
jira
data_center
jira_server
|
Affected versions of Atlassian Jira Server and Data Center allow an unauthenticated user to enumerate users via an Information Disclosure vulnerability in the /ViewUserHover.jspa endpoint. The affect…
|
CWE-200
Information Exposure
|
CVE-2020-14181
|
2024-11-21 14:02 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217752
|
8.8 |
HIGH
Network
|
apache
|
superset
|
While investigating a bug report on Apache Superset, it was determined that an authenticated user could craft requests via a number of templated text fields in the product that would allow arbitrary …
|
NVD-CWE-noinfo
|
CVE-2020-13948
|
2024-11-21 14:02 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217753
|
8.8 |
HIGH
Network
|
istio-operator_project
|
istio-operator
|
An incorrect access control flaw was found in the operator, openshift-service-mesh/istio-rhel8-operator all versions through 1.1.3. This flaw allows an attacker with a basic level of access to the cl…
|
CWE-862
Missing Authorization
|
CVE-2020-14306
|
2024-11-21 14:02 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217754
|
6.1 |
MEDIUM
Network
|
apache
|
atlas
|
Apache Atlas before 2.1.0 contain a XSS vulnerability. While saving search or rendering elements values are not sanitized correctly and because of that it triggers the XSS vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2020-13928
|
2024-11-21 14:02 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217755
|
9.8 |
CRITICAL
Network
|
daemonology
|
bsdiff
|
A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the san…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-14315
|
2024-11-21 14:02 |
2020-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217756
|
5.5 |
MEDIUM
Local
|
linux
debian
canonical
starwindsoftware
|
linux_kernel
debian_linux
ubuntu_linux
starwind_virtual_san
|
A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to…
|
-
|
CVE-2020-14314
|
2024-11-21 14:02 |
2020-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217757
|
4.4 |
MEDIUM
Local
|
linux
|
linux_kernel
|
A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the k…
|
-
|
CVE-2020-14304
|
2024-11-21 14:02 |
2020-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217758
|
9.8 |
CRITICAL
Network
|
mi
|
r3600_firmware
|
In Xiaomi router R3600 ROM version<1.0.66, filters in the set_WAN6 interface can be bypassed, causing remote code execution. The router administrator can gain root access from this vulnerability.
|
CWE-77
Command Injection
|
CVE-2020-14100
|
2024-11-21 14:02 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217759
|
9.8 |
CRITICAL
Network
|
mi
|
xiaomi_ai_speaker_firmware
|
Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen when the speaker verifying a malicious firmware during OTA process.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2020-14096
|
2024-11-21 14:02 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217760
|
7.5 |
HIGH
Network
|
bitcoin
|
bitcoin_core
|
Bitcoin Core 0.20.0 allows remote denial of service.
|
NVD-CWE-noinfo
|
CVE-2020-14198
|
2024-11-21 14:02 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
