|
219151
|
8.8 |
HIGH
Network
|
dolibarr
|
dolibarr
|
core/get_menudiv.php in Dolibarr before 11.0.4 allows remote authenticated attackers to bypass intended access restrictions via a non-alphanumeric menu parameter.
|
CWE-20
Improper Input Validation
|
CVE-2020-12669
|
2024-11-21 14:00 |
2020-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219152
|
7.5 |
HIGH
Network
|
graphicsmagick
debian
opensuse
|
graphicsmagick
debian_linux
leap
backports_sle
|
GraphicsMagick through 1.3.35 has a heap-based buffer overflow in ReadMNGImage in coders/png.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-12672
|
2024-11-21 14:00 |
2020-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219153
|
6.1 |
MEDIUM
Network
|
go-macaron
fedoraproject
|
macaron
fedora
|
macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL.
|
CWE-601
Open Redirect
|
CVE-2020-12666
|
2024-11-21 14:00 |
2020-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219154
|
6.7 |
MEDIUM
Local
|
linux
netapp
|
linux_kernel
cloud_backup
steelstore_cloud_integrated_storage
solidfire_\&_hci_management_node
active_iq_unified_manager
solidfire_baseboard_management_controller
hci_baseboard_…
|
An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom val…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-12659
|
2024-11-21 14:00 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219155
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body.
|
CWE-416
Use After Free
|
CVE-2020-12657
|
2024-11-21 14:00 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219156
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-12655
|
2024-11-21 14:00 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219157
|
5.5 |
MEDIUM
Local
|
linux
canonical
opensuse
|
linux_kernel
ubuntu_linux
leap
|
gss_mech_free in net/sunrpc/auth_gss/gss_mech_switch.c in the rpcsec_gss_krb5 implementation in the Linux kernel through 5.6.10 lacks certain domain_release calls, leading to a memory leak. Note: Thi…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-12656
|
2024-11-21 14:00 |
2020-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219158
|
7.8 |
HIGH
Local
|
beyondtrust
|
privilege_management_for_windows
|
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the publisher criteria is selected, it defines the name of a publisher that must be present in the certificate …
|
NVD-CWE-noinfo
|
CVE-2020-12614
|
2024-11-21 13:59 |
2023-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219159
|
7.8 |
HIGH
Local
|
beyondtrust
|
privilege_management_for_windows
|
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning…
|
NVD-CWE-noinfo
|
CVE-2020-12615
|
2024-11-21 13:59 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219160
|
7.8 |
HIGH
Local
|
beyondtrust
|
privilege_management_for_windows
|
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When specifying a program to elevate, it can typically be found within the Program Files (x86) folder and therefor…
|
NVD-CWE-noinfo
|
CVE-2020-12612
|
2024-11-21 13:59 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
