|
208081
|
7.8 |
HIGH
Local
|
eclipse
|
platform
|
In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue a…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-27225
|
2024-11-21 14:20 |
2021-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208082
|
5.3 |
MEDIUM
Network
|
eclipse
apache
netapp
debian
oracle
|
jetty
spark
nifi
snap_creator_framework
snapcenter
snapmanager
hci
solidfire
hci_management_node
e-series_santricity_web_services
element_plug-in_for_vcenter_server
e…
|
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) paramete…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-27223
|
2024-11-21 14:20 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208083
|
9.6 |
CRITICAL
Network
|
eclipse
|
theia
|
In Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code.
|
CWE-79
Cross-site Scripting
|
CVE-2020-27224
|
2024-11-21 14:20 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208084
|
5.4 |
MEDIUM
Network
|
fastadmin
|
fastadmin
|
fastadmin V1.0.0.20200506_beta contains a cross-site scripting (XSS) vulnerability which may allow an attacker to obtain administrator credentials to log in to the background.
|
CWE-79
Cross-site Scripting
|
CVE-2020-26609
|
2024-11-21 14:20 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208085
|
7.8 |
HIGH
Local
|
softmaker
|
planmaker_2021
|
In SoftMaker Software GmbH SoftMaker Office PlanMaker 2021 (Revision 1014), a specially crafted document can cause the document parser to copy data from a particular record type into a static-sized b…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27250
|
2024-11-21 14:20 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208086
|
5.5 |
MEDIUM
Local
|
siemens
|
jt2go
teamcenter_visualization
|
A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when p…
|
-
|
CVE-2020-27008
|
2024-11-21 14:20 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208087
|
5.5 |
MEDIUM
Local
|
siemens
|
jt2go
teamcenter_visualization
|
A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when p…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-27007
|
2024-11-21 14:20 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208088
|
7.8 |
HIGH
Local
|
siemens
|
jt2go
teamcenter_visualization
|
A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when p…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27006
|
2024-11-21 14:20 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208089
|
7.8 |
HIGH
Local
|
siemens
|
jt2go
teamcenter_visualization
|
A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when p…
|
-
|
CVE-2020-27005
|
2024-11-21 14:20 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208090
|
5.5 |
MEDIUM
Local
|
siemens
|
jt2go
teamcenter_visualization
|
A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when p…
|
-
|
CVE-2020-27004
|
2024-11-21 14:20 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
