|
208251
|
7.2 |
HIGH
Network
|
coturn_project
fedoraproject
|
coturn
fedora
|
Coturn is free open source implementation of TURN and STUN Server. Coturn before version 4.5.2 by default does not allow peers to connect and relay packets to loopback addresses in the range of `127.…
|
-
|
CVE-2020-26262
|
2024-11-21 14:19 |
2021-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208252
|
7.8 |
HIGH
Local
|
safervpn
|
safervpn
|
SaferVPN for Windows Ver 5.0.3.3 through 5.0.4.15 could allow local privilege escalation from low privileged users to SYSTEM via a crafted openssl configuration file. This issue is similar to CVE-201…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-26050
|
2024-11-21 14:19 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208253
|
5.4 |
MEDIUM
Network
|
redcarpet_project
debian
|
redcarpet
debian_linux
|
Redcarpet is a Ruby library for Markdown processing. In Redcarpet before version 3.5.1, there is an injection vulnerability which can enable a cross-site scripting attack. In affected versions no HTM…
|
-
|
CVE-2020-26298
|
2024-11-21 14:19 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208254
|
8.8 |
HIGH
Network
|
smartbear
|
collaborator
|
In SmartBear Collaborator Server through 13.3.13302, use of the Google Web Toolkit (GWT) API introduces a post-authentication Java deserialization vulnerability. The application's UpdateMemento class…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-26118
|
2024-11-21 14:19 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208255
|
6.8 |
MEDIUM
Physics
|
dell
|
inspiron_5675_firmware
|
Dell Inspiron 5675 BIOS versions prior to 1.4.1 contain a UEFI BIOS RuntimeServices overwrite vulnerability. A local attacker with access to system memory may exploit this vulnerability by overwritin…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-26186
|
2024-11-21 14:19 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208256
|
4.3 |
MEDIUM
Network
|
totalonlinesolutions
|
advanced_webhost_billing_system
|
Advanced Webhost Billing System 3.7.0 is affected by Cross Site Request Forgery (CSRF) attacks that can delete a contact from the My Additional Contact page.
|
CWE-352
Origin Validation Error
|
CVE-2020-25950
|
2024-11-21 14:19 |
2021-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208257
|
9.9 |
CRITICAL
Network
|
cisco
|
jabber
|
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile platforms could allow an attacker to execute arbitrary programs on the underlying operating system (OS) w…
|
CWE-78
OS Command
|
CVE-2020-26085
|
2024-11-21 14:19 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208258
|
6.7 |
MEDIUM
Local
|
dell
|
emc_unity_operating_environment
emc_unity_vsa_operating_environment
emc_unity_xt_operating_environment
|
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contain a plain-text password storage vulnerability. A user credentials (including the Unisphere admin privilege user) password …
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-26199
|
2024-11-21 14:19 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208259
|
7.8 |
HIGH
Local
|
dell
|
emc_powerscale_onefs
emc_isilon_onefs
|
Dell EMC Isilon OneFS versions 8.1 and later and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability on a SmartLock Compliance mode cluster. The compadmin user connec…
|
NVD-CWE-noinfo
|
CVE-2020-26181
|
2024-11-21 14:19 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208260
|
5.4 |
MEDIUM
Network
|
thedaylightstudio
|
fuel_cms
|
FUEL CMS 1.4.11 has stored XSS in Blocks/Navigation/Site variables. This could lead to cookie stealing and other malicious actions. This vulnerability can be exploited with an authenticated account a…
|
CWE-79
Cross-site Scripting
|
CVE-2020-26046
|
2024-11-21 14:19 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
