|
214571
|
9.8 |
CRITICAL
Network
|
apache
oracle
|
camel
flexcube_private_banking
enterprise_manager_base_platform
communications_diameter_signaling_router
|
Apache Camel Netty enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrade t…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-11973
|
2024-11-21 13:59 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214572
|
9.8 |
CRITICAL
Network
|
apache
oracle
|
camel
flexcube_private_banking
enterprise_manager_base_platform
communications_diameter_signaling_router
|
Apache Camel RabbitMQ enables Java deserialization by default. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.0, 3.0.0 up to 3.1.0 are affected. 2.x users should upgrade to 2.25.1, 3.x users should upgrad…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-11972
|
2024-11-21 13:59 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214573
|
7.5 |
HIGH
Network
|
apache
oracle
|
camel
flexcube_private_banking
enterprise_manager_base_platform
communications_diameter_signaling_router
communications_diameter_intelligence_hub
|
Apache Camel's JMX is vulnerable to Rebind Flaw. Apache Camel 2.22.x, 2.23.x, 2.24.x, 2.25.x, 3.0.0 up to 3.1.0 is affected. Users should upgrade to 3.2.0.
|
NVD-CWE-noinfo
|
CVE-2020-11971
|
2024-11-21 13:59 |
2020-05-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214574
|
8.8 |
HIGH
Network
|
westerndigital
|
wd_discovery
|
The Western Digital WD Discovery application before 3.8.229 for MyCloud Home on Windows and macOS is vulnerable to CSRF, with impacts such as stealing data, modifying disk contents, or exhausting dis…
|
CWE-352
Origin Validation Error
|
CVE-2020-12427
|
2024-11-21 13:59 |
2020-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214575
|
9.8 |
CRITICAL
Network
|
zulipchat
|
zulip_desktop
|
Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option.
|
CWE-295
Improper Certificate Validation
|
CVE-2020-12637
|
2024-11-21 13:59 |
2020-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214576
|
8.8 |
HIGH
Network
|
advantech
|
webaccess
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application…
|
CWE-22
Path Traversal
|
CVE-2020-12026
|
2024-11-21 13:59 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214577
|
9.8 |
CRITICAL
Network
|
advantech
|
webaccess
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An improper validation vulnerability exists that could allow an attacker to inject specially crafted input into memory where it can b…
|
CWE-129
Improper Validation of Array Index
|
CVE-2020-12022
|
2024-11-21 13:59 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214578
|
7.5 |
HIGH
Network
|
advantech
|
webaccess
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-12018
|
2024-11-21 13:59 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214579
|
7.5 |
HIGH
Network
|
advantech
|
webaccess
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands.
|
CWE-89
SQL Injection
|
CVE-2020-12014
|
2024-11-21 13:59 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214580
|
7.1 |
HIGH
Local
|
advantech
|
webaccess
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow an authenticated user to use a specially crafted file to delete…
|
CWE-22
Path Traversal
|
CVE-2020-12010
|
2024-11-21 13:59 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
