|
202651
|
8.8 |
HIGH
Network
|
dell
|
emc_powerscale_onefs
emc_isilon_onefs
|
Dell EMC Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability. An authenticated malicious user may exploit this vulnerabili…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-5369
|
2024-11-21 14:34 |
2020-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202652
|
7.5 |
HIGH
Network
|
tradingtechnologies
|
trading_technologies_messaging
|
A flaw in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) relates to invalid parameter handling when calling strcpy_s() with an invalid parameter (i.e., a long src string parameter) as a part of p…
|
NVD-CWE-Other
|
CVE-2020-5779
|
2024-11-21 14:34 |
2020-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202653
|
7.5 |
HIGH
Network
|
tradingtechnologies
|
trading_technologies_messaging
|
A flaw exists in Trading Technologies Messaging 7.1.28.3 (ttmd.exe) due to improper validation of user-supplied data when processing a type 8 message sent to default TCP RequestPort 10200. An unauthe…
|
CWE-119
CWE-20
Incorrect Access of Indexable Resource ('Range Error')
Improper Input Validation
|
CVE-2020-5778
|
2024-11-21 14:34 |
2020-09-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202654
|
7.5 |
HIGH
Network
|
shadan-kun
|
server_security_type
|
Shadankun Server Security Type (excluding normal blocking method types) Ver.1.5.3 and earlier allows remote attackers to cause a denial of service which may result in not being able to add newly dete…
|
NVD-CWE-Other
|
CVE-2020-5622
|
2024-11-21 14:34 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202655
|
9.8 |
CRITICAL
Network
|
magmi_project
|
magmi
|
MAGMI versions prior to 0.7.24 are vulnerable to a remote authentication bypass due to allowing default credentials in the event there is a database connection failure. A remote attacker can trigger …
|
CWE-287
Improper Authentication
|
CVE-2020-5777
|
2024-11-21 14:34 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202656
|
8.8 |
HIGH
Network
|
magmi_project
|
magmi
|
Currently, all versions of MAGMI are vulnerable to CSRF due to the lack of CSRF tokens. RCE (via phpcli command) is possible in the event that a CSRF is leveraged against an existing admin session fo…
|
CWE-352
Origin Validation Error
|
CVE-2020-5776
|
2024-11-21 14:34 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202657
|
6.7 |
MEDIUM
Local
|
pivotal_software
vmware
|
rabbitmq
|
RabbitMQ versions 3.8.x prior to 3.8.7 are prone to a Windows-specific binary planting security vulnerability that allows for arbitrary code execution. An attacker with write privileges to the Rabbit…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-5419
|
2024-11-21 14:34 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202658
|
6.1 |
MEDIUM
Network
|
riken
|
xoonips
|
Cross-site scripting vulnerability in XooNIps 3.48 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors.
|
CWE-79
Cross-site Scripting
|
CVE-2020-5625
|
2024-11-21 14:34 |
2020-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202659
|
9.8 |
CRITICAL
Network
|
riken
|
xoonips
|
SQL injection vulnerability in the XooNIps 3.48 and earlier allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
|
CWE-89
SQL Injection
|
CVE-2020-5624
|
2024-11-21 14:34 |
2020-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202660
|
6.1 |
MEDIUM
Network
|
nitori
|
nitori
|
NITORI App for Android versions 6.0.4 and earlier and NITORI App for iOS versions 6.0.2 and earlier allow remote attackers to lead a user to access an arbitrary website via the vulnerable App. As a r…
|
CWE-601
Open Redirect
|
CVE-2020-5623
|
2024-11-21 14:34 |
2020-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
