|
209131
|
8.1 |
HIGH
Network
|
cron-utils_project
|
cron-utils
|
Cron-utils is a Java library to parse, validate, migrate crons as well as get human readable descriptions for them. In cron-utils before version 9.1.3, a template Injection vulnerability is present. …
|
-
|
CVE-2020-26238
|
2024-11-21 14:19 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209132
|
5.4 |
MEDIUM
Network
|
jupyter
|
jupyter_server
|
Jupyter Server before version 1.0.6 has an Open redirect vulnerability. A maliciously crafted link to a jupyter server could redirect the browser to a different website. All jupyter servers are techn…
|
-
|
CVE-2020-26232
|
2024-11-21 14:19 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209133
|
8.7 |
HIGH
Network
|
highlightjs
debian
oracle
|
highlight.js
debian_linux
mysql_enterprise_monitor
|
Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will …
|
-
|
CVE-2020-26237
|
2024-11-21 14:19 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209134
|
5.3 |
MEDIUM
Network
|
time_project
|
time
|
In Rust time crate from version 0.2.7 and before version 0.2.23, unix-like operating systems may segfault due to dereferencing a dangling pointer in specific circumstances. This requires the user to …
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-26235
|
2024-11-21 14:19 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209135
|
3.7 |
LOW
Network
|
typo3
|
typo3
|
TYPO3 is an open source PHP based web content management system. In TYPO3 from version 10.4.0, and before version 10.4.10, RSS widgets are susceptible to XML external entity processing. This vulnerab…
|
-
|
CVE-2020-26229
|
2024-11-21 14:19 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209136
|
7.5 |
HIGH
Network
|
typo3
|
typo3
|
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 user session identifiers were stored in cleartext - without processing with additional cry…
|
-
|
CVE-2020-26228
|
2024-11-21 14:19 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209137
|
6.7 |
MEDIUM
Local
|
octobercms
|
october
|
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. A bypass of CVE-2020-15247 (fixed in 1.0.469 and 1.1.0) was discovered that has the same impact as CVE-202…
|
-
|
CVE-2020-26231
|
2024-11-21 14:19 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209138
|
6.1 |
MEDIUM
Network
|
typo3
|
typo3
|
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site…
|
-
|
CVE-2020-26227
|
2024-11-21 14:19 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209139
|
5.4 |
MEDIUM
Network
|
scratchaddons
|
scratch_addons
|
Scratch Addons is a WebExtension that supports both Chrome and Firefox. Scratch Addons before version 1.3.2 is vulnerable to DOM-based XSS. If the victim visited a specific website, the More Links ad…
|
-
|
CVE-2020-26239
|
2024-11-21 14:19 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209140
|
7.5 |
HIGH
Network
|
scratchverifier
|
scratchverifier
|
In ScratchVerifier before commit a603769, an attacker can hijack the verification process to log into someone else's account on any site that uses ScratchVerifier for logins. A possible exploitation …
|
-
|
CVE-2020-26236
|
2024-11-21 14:19 |
2020-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
