|
199981
|
7.5 |
HIGH
Network
|
pureftpd
fedoraproject
|
pure-ftpd
fedora
|
An issue was discovered in Pure-FTPd 1.0.49. An out-of-bounds (OOB) read has been detected in the pure_strcmp function in utils.c.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-9365
|
2024-11-21 14:40 |
2020-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199982
|
7.8 |
HIGH
Local
|
sophos
|
cloud_optix
mobile
intercept_x_endpoint
intercept_x_for_server
secure_web_gateway
endpoint_protection
|
The Sophos AV parsing engine before 2020-01-14 allows virus-detection bypass via a crafted ZIP archive. This affects Endpoint Protection, Cloud Optix, Mobile, Intercept X Endpoint, Intercept X for Se…
|
CWE-436
Interpretation Conflict
|
CVE-2020-9363
|
2024-11-21 14:40 |
2020-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199983
|
7.8 |
HIGH
Local
|
quickheal
|
home_security
internet_security
total_security_multi-device
antivirus_pro
antivirus_for_server
total_security
|
The Quick Heal AV parsing engine (November 2019) allows virus-detection bypass via a crafted GPFLAG in a ZIP archive. This affects Total Security, Home Security, Total Security Multi-Device, Internet…
|
CWE-436
Interpretation Conflict
|
CVE-2020-9362
|
2024-11-21 14:40 |
2020-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199984
|
9.8 |
CRITICAL
Network
|
networkmanager-ssh_project
debian
|
networkmanager-ssh
debian_linux
|
danfruehauf NetworkManager-ssh before 1.2.11 allows privilege escalation because extra options are mishandled.
|
NVD-CWE-noinfo
|
CVE-2020-9355
|
2024-11-21 14:40 |
2020-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199985
|
7.5 |
HIGH
Network
|
smartclient
|
smartclient
|
An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) saveFile provided by the console functionality on the /tools/developerConsoleOperations.jsp (or /isomorphic/IDACall) URL a…
|
CWE-22
Path Traversal
|
CVE-2020-9354
|
2024-11-21 14:40 |
2020-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199986
|
7.5 |
HIGH
Network
|
smartclient
|
smartclient
|
An issue was discovered in SmartClient 12.0. The Remote Procedure Call (RPC) loadFile provided by the console functionality on the /tools/developerConsoleOperations.jsp (or /isomorphic/IDACall) URL i…
|
CWE-22
Path Traversal
|
CVE-2020-9353
|
2024-11-21 14:40 |
2020-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199987
|
9.8 |
CRITICAL
Network
|
smartclient
|
smartclient
|
An issue was discovered in SmartClient 12.0. Unauthenticated exploitation of blind XXE can occur in the downloadWSDL feature by sending a POST request to /tools/developerConsoleOperations.jsp with a …
|
CWE-611
XXE
|
CVE-2020-9352
|
2024-11-21 14:40 |
2020-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199988
|
5.4 |
MEDIUM
Network
|
sas
|
visual_analytics
|
Graph Builder in SAS Visual Analytics 8.5 allows XSS via a graph template that is accessed directly.
|
CWE-79
Cross-site Scripting
|
CVE-2020-9350
|
2024-11-21 14:40 |
2020-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199989
|
5.5 |
MEDIUM
Local
|
f-secure
|
cloud_protection_for_salesforce
internet_gatekeeper
email_and_server_security
|
The F-Secure AV parsing engine before 2020-02-05 allows virus-detection bypass via crafted Compression Method data in a GZIP archive. This affects versions before 17.0.605.474 (on Linux) of Cloud Pro…
|
CWE-436
Interpretation Conflict
|
CVE-2020-9342
|
2024-11-21 14:40 |
2020-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199990
|
8.8 |
HIGH
Network
|
auieo
|
candidats
|
CandidATS 2.1.0 is vulnerable to CSRF that allows for an administrator account to be added via the index.php?m=settings&a=addUser URI.
|
CWE-352
Origin Validation Error
|
CVE-2020-9341
|
2024-11-21 14:40 |
2020-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
