|
209461
|
7.5 |
HIGH
Network
|
powerdns
opensuse
|
recursor
leap
backports_sle
|
An issue has been found in PowerDNS Recursor before 4.1.18, 4.2.x before 4.2.5, and 4.3.x before 4.3.5. A remote attacker can cause the cached records for a given name to be updated to the Bogus DNSS…
|
NVD-CWE-noinfo
|
CVE-2020-25829
|
2024-11-21 14:18 |
2020-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209462
|
6.7 |
MEDIUM
Local
|
qualcomm
|
qcmap
|
The QCMAP_CLI utility in the Qualcomm QCMAP software suite prior to versions released in October 2020 uses a system() call without validating the input, while handling a SetGatewayUrl() request. A lo…
|
CWE-78
OS Command
|
CVE-2020-25859
|
2024-11-21 14:18 |
2020-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209463
|
2.4 |
LOW
Physics
|
telegram
|
telegram_desktop
|
Telegram Desktop through 2.4.3 does not require passcode entry upon pushing the Export key within the Export Telegram Data wizard. The threat model is a victim who has voluntarily opened Export Wizar…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-25824
|
2024-11-21 14:18 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209464
|
6.0 |
MEDIUM
Local
|
trendmicro
|
antivirus
|
Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in a specific kernel extension where an attacker could supply a kernel pointer and leak several bytes of memory. An attacker must fir…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-25778
|
2024-11-21 14:18 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209465
|
5.4 |
MEDIUM
Network
|
trendmicro
|
antivirus
|
Trend Micro Antivirus for Mac 2020 (Consumer) is vulnerable to a specific kernel extension request attack where an attacker could bypass the Web Threat Protection feature of the product. User interac…
|
NVD-CWE-noinfo
|
CVE-2020-25777
|
2024-11-21 14:18 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209466
|
7.5 |
HIGH
Network
|
linux
debian
netapp
opensuse
canonical
|
linux_kernel
debian_linux
solidfire_\&_hci_management_node
solidfire_\&_hci_storage_node
leap
hci_compute_node_bios
ubuntu_linux
|
A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by …
|
-
|
CVE-2020-25645
|
2024-11-21 14:18 |
2020-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209467
|
3.3 |
LOW
Local
|
trendmicro
|
antivirus
|
Trend Micro Antivirus for Mac 2020 (Consumer) has a vulnerability in which a Internationalized Domain Name homograph attack (Puny-code) could be used to add a malicious website to the approved websit…
|
NVD-CWE-Other
|
CVE-2020-25779
|
2024-11-21 14:18 |
2020-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209468
|
7.5 |
HIGH
Network
|
octopus
|
octopus_deploy
|
In Octopus Deploy 3.1.0 to 2020.4.0, certain scripts can reveal sensitive information to the user in the task logs.
|
NVD-CWE-noinfo
|
CVE-2020-25825
|
2024-11-21 14:18 |
2020-10-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209469
|
5.3 |
MEDIUM
Network
|
soplanning
|
soplanning
|
SoPlanning before 1.47 doesn't correctly check the security key used to publicly share plannings. It allows a bypass to get access without authentication.
|
CWE-287
Improper Authentication
|
CVE-2020-25867
|
2024-11-21 14:18 |
2020-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209470
|
5.3 |
MEDIUM
Network
|
contao
|
contao
|
Contao before 4.4.52, 4.9.x before 4.9.6, and 4.10.x before 4.10.1 have Improper Input Validation. It is possible to inject insert tags in front end forms which will be replaced when the page is rend…
|
CWE-20
CWE-74
Improper Input Validation
Injection
|
CVE-2020-25768
|
2024-11-21 14:18 |
2020-10-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
