|
215551
|
5.3 |
MEDIUM
Network
|
mediawiki
|
mediawiki
|
In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content…
|
CWE-74
Injection
|
CVE-2020-10960
|
2024-11-21 13:56 |
2020-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215552
|
8.8 |
HIGH
Network
|
apachefriends
|
xampp
|
An issue was discovered in XAMPP before 7.2.29, 7.3.x before 7.3.16 , and 7.4.x before 7.4.4 on Windows. An unprivileged user can change a .exe configuration in xampp-contol.ini for all users (includ…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-11107
|
2024-11-21 13:56 |
2020-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215553
|
8.8 |
HIGH
Network
|
haproxy
debian
redhat
fedoraproject
canonical
opensuse
|
haproxy
debian_linux
openshift_container_platform
fedora
ubuntu_linux
leap
|
In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-11100
|
2024-11-21 13:56 |
2020-04-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215554
|
9.8 |
CRITICAL
Network
|
alienform2_project
|
alienform2
|
Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) 2.0.2 is vulnerable to Remote Command Execution via eval injection, a different issue than CVE-2002-0934. An unauthenticated, re…
|
CWE-94
Code Injection
|
CVE-2020-10948
|
2024-11-21 13:56 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215555
|
7.5 |
HIGH
Network
|
avast
|
antivirus
|
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to launch the Repair App RPC call from a Low…
|
NVD-CWE-noinfo
|
CVE-2020-10868
|
2024-11-21 13:56 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215556
|
9.8 |
CRITICAL
Network
|
avast
|
antivirus
|
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to bypass intended access restrictions on ta…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-10867
|
2024-11-21 13:56 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215557
|
7.5 |
HIGH
Network
|
avast
|
antivirus
|
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to enumerate the network interfaces and acce…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2020-10866
|
2024-11-21 13:56 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215558
|
7.5 |
HIGH
Network
|
avast
|
antivirus
|
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to make arbitrary changes to the Components …
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2020-10865
|
2024-11-21 13:56 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215559
|
6.5 |
MEDIUM
Network
|
avast
|
antivirus
|
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a reboot via RPC from a Low Integ…
|
NVD-CWE-noinfo
|
CVE-2020-10864
|
2024-11-21 13:56 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215560
|
7.5 |
HIGH
Network
|
avast
|
antivirus
|
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to trigger a shutdown via RPC from a Low Int…
|
NVD-CWE-noinfo
|
CVE-2020-10863
|
2024-11-21 13:56 |
2020-04-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
