|
215981
|
5.3 |
MEDIUM
Network
|
cipplanner
|
cipace
|
An issue was discovered in CIPPlanner CIPAce 9.1 Build 2019092801. An unauthenticated attacker can make an HTTP GET request to two files that contain customer data and application paths.
|
NVD-CWE-noinfo
|
CVE-2020-11588
|
2024-11-21 13:58 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215982
|
4.3 |
MEDIUM
Network
|
dnnsoftware
|
dotnetnuke
|
There is an information disclosure issue in DNN (formerly DotNetNuke) 9.5 within the built-in Activity-Feed/Messaging/Userid/ Message Center module. A registered user is able to enumerate any file in…
|
CWE-330
CWE-639
Use of Insufficiently Random Values
Authorization Bypass Through User-Controlled Key
|
CVE-2020-11585
|
2024-11-21 13:58 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215983
|
8.8 |
HIGH
Adjacent
|
pulsesecure
|
pulse_connect_secure
pulse_policy_secure
|
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, la…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-11582
|
2024-11-21 13:58 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215984
|
8.1 |
HIGH
Network
|
pulsesecure
|
pulse_connect_secure
pulse_policy_secure
|
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, al…
|
CWE-78
OS Command
|
CVE-2020-11581
|
2024-11-21 13:58 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215985
|
9.1 |
CRITICAL
Network
|
pulsesecure
|
pulse_connect_secure
pulse_policy_secure
|
An issue was discovered in Pulse Secure Pulse Connect Secure (PCS) through 2020-04-06. The applet in tncc.jar, executed on macOS, Linux, and Solaris clients when a Host Checker policy is enforced, ac…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-11580
|
2024-11-21 13:58 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215986
|
9.8 |
CRITICAL
Network
|
projectworlds
|
official_car_rental_system
|
Project Worlds Official Car Rental System 1 is vulnerable to multiple SQL injection issues, as demonstrated by the email and parameters (account.php), uname and pass parameters (login.php), and id pa…
|
CWE-89
SQL Injection
|
CVE-2020-11545
|
2024-11-21 13:58 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215987
|
7.2 |
HIGH
Network
|
projectworlds
|
official_car_rental_system
|
An issue was discovered in Project Worlds Official Car Rental System 1. It allows the admin user to run commands on the server with their account because the upload section on the file-manager page c…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-11544
|
2024-11-21 13:58 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215988
|
7.8 |
HIGH
Local
|
malwarebytes
|
adwcleaner
|
An Untrusted Search Path vulnerability in Malwarebytes AdwCleaner 8.0.3 could cause arbitrary code execution with SYSTEM privileges when a malicious DLL library is loaded.
|
CWE-426
Untrusted Search Path
|
CVE-2020-11507
|
2024-11-21 13:58 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215989
|
6.0 |
MEDIUM
Local
|
linux
canonical
|
linux_kernel
ubuntu_linux
|
An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-11565
|
2024-11-21 13:58 |
2020-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215990
|
9.8 |
CRITICAL
Network
|
gpac
|
gpac
|
An issue was discovered in libgpac.a in GPAC 0.8.0, as demonstrated by MP4Box. audio_sample_entry_Read in isomedia/box_code_base.c does not properly decide when to make gf_isom_box_del calls. This le…
|
CWE-416
Use After Free
|
CVE-2020-11558
|
2024-11-21 13:58 |
2020-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
