|
209111
|
8.7 |
HIGH
Network
|
cogboard
|
red-dashboard
|
Red Discord Bot Dashboard is an easy-to-use interactive web dashboard to control your Redbot. In Red Discord Bot before version 0.1.7a an RCE exploit has been discovered. This exploit allows Discord …
|
CWE-79
Cross-site Scripting
|
CVE-2020-26249
|
2024-11-21 14:19 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209112
|
4.8 |
MEDIUM
Network
|
apereo
|
opencast
|
Opencast before versions 8.9 and 7.9 disables HTTPS hostname verification of its HTTP client used for a large portion of Opencast's HTTP requests. Hostname verification is an important part when usin…
|
CWE-346
Origin Validation Error
|
CVE-2020-26234
|
2024-11-21 14:19 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209113
|
6.5 |
MEDIUM
Network
|
c2fo
|
fast-csv
|
Fast-csv is an npm package for parsing and formatting CSVs or any other delimited value file in node. In fast-cvs before version 4.3.6 there is a possible ReDoS vulnerability (Regular Expression Deni…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-26256
|
2024-11-21 14:19 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209114
|
7.3 |
HIGH
Network
|
microsoft
|
git_credential_manager_core
|
Git Credential Manager Core (GCM Core) is a secure Git credential helper built on .NET Core that runs on Windows and macOS. In Git Credential Manager Core before version 2.0.289, when recursively clo…
|
-
|
CVE-2020-26233
|
2024-11-21 14:19 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209115
|
9.1 |
CRITICAL
Network
|
getkirby
|
panel
kirby
|
Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.4.5, and Kirby Panel before version 2.5.14 , an editor with full access to the Kirby Panel can upload a PHP .phar file and execute it on t…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-26255
|
2024-11-21 14:19 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209116
|
5.4 |
MEDIUM
Network
|
student_management_system_project_in_php_project
|
student_management_system_project_in_php
|
SourceCodester Student Management System Project in PHP version 1.0 is vulnerable to stored a cross-site scripting (XSS) via the 'add subject' tab.
|
CWE-79
Cross-site Scripting
|
CVE-2020-25955
|
2024-11-21 14:19 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209117
|
7.7 |
HIGH
Network
|
omniauth-apple_project
|
omniauth-apple
|
omniauth-apple is the OmniAuth strategy for "Sign In with Apple" (RubyGem omniauth-apple). In omniauth-apple before version 1.0.1 attackers can fake their email address during authentication. This vu…
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2020-26254
|
2024-11-21 14:19 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209118
|
5.9 |
MEDIUM
Network
|
getkirby
|
kirby
panel
|
Kirby is a CMS. In Kirby CMS (getkirby/cms) before version 3.3.6, and Kirby Panel before version 2.5.14 there is a vulnerability in which the admin panel may be accessed if hosted on a .dev domain. I…
|
CWE-346
Origin Validation Error
|
CVE-2020-26253
|
2024-11-21 14:19 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209119
|
5.5 |
MEDIUM
Local
|
intland
|
codebeamer
|
An issue was discovered in Intland codeBeamer ALM 10.x through 10.1.SP4. The ReqIF XML data, used by the codebeamer ALM application to import projects, is parsed by insecurely configured software com…
|
CWE-611
XXE
|
CVE-2020-26513
|
2024-11-21 14:19 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209120
|
7.2 |
HIGH
Network
|
inspur
|
nf8480m5_firmware
nf8260m5_firmware
ns5162m5_firmware
ns5488m5_firmware
ns5484m5_firmware
ns5482m5_firmware
nf5280m5_firmware
nf5468m5_firmware
nf5488m5-d_firmware
nf5180m5…
|
Inspur NF5266M5 through 3.21.2 and other server M5 devices allow remote code execution via administrator privileges. The Baseboard Management Controller (BMC) program of INSPUR server is weak in chec…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2020-26122
|
2024-11-21 14:19 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
