|
209501
|
5.5 |
MEDIUM
Local
|
trendmicro
|
apex_one
|
An out-of-bounds read information disclosure vulnerabilities in Trend Micro Apex One may allow a local attacker to disclose sensitive information to an unprivileged account on vulnerable installation…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-25770
|
2024-11-21 14:18 |
2020-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209502
|
7.5 |
HIGH
Network
|
mediawiki
fedoraproject
|
mediawiki
fedora
|
An information leak was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. Handling of actor ID does not necessarily use the correct database or correct wiki.
|
CWE-863
Incorrect Authorization
|
CVE-2020-25869
|
2024-11-21 14:18 |
2020-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209503
|
7.5 |
HIGH
Network
|
mediawiki
fedoraproject
|
mediawiki
fedora
|
An issue was discovered in the OATHAuth extension in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. For Wikis using OATHAuth on a farm/cluster (such as via CentralAuth), rate limit…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2020-25827
|
2024-11-21 14:18 |
2020-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209504
|
6.1 |
MEDIUM
Network
|
mediawiki
fedoraproject
|
mediawiki
fedora
|
An issue was discovered in MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4. The non-jqueryMsg version of mw.message().parse() doesn't escape HTML. This affects both message contents …
|
CWE-79
Cross-site Scripting
|
CVE-2020-25828
|
2024-11-21 14:18 |
2020-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209505
|
6.1 |
MEDIUM
Network
|
mediawiki
fedoraproject
|
mediawiki
fedora
|
An issue was discovered in MediaWiki 1.32.x through 1.34.x before 1.34.4. LogEventList::getFiltersDesc is insecurely using message text to build options names for an HTML multi-select field. The rele…
|
CWE-79
Cross-site Scripting
|
CVE-2020-25815
|
2024-11-21 14:18 |
2020-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209506
|
6.1 |
MEDIUM
Network
|
mediawiki
fedoraproject
|
mediawiki
fedora
|
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, XSS related to jQuery can occur. The attacker creates a message with [javascript:payload xss] and turns it into a jQuery object wi…
|
CWE-79
Cross-site Scripting
|
CVE-2020-25814
|
2024-11-21 14:18 |
2020-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209507
|
5.3 |
MEDIUM
Network
|
mediawiki
fedoraproject
|
mediawiki
fedora
|
In MediaWiki before 1.31.10 and 1.32.x through 1.34.x before 1.34.4, Special:UserRights exposes the existence of hidden users.
|
NVD-CWE-noinfo
|
CVE-2020-25813
|
2024-11-21 14:18 |
2020-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209508
|
6.1 |
MEDIUM
Network
|
mediawiki
fedoraproject
|
mediawiki
fedora
|
An issue was discovered in MediaWiki 1.34.x before 1.34.4. On Special:Contributions, the NS filter uses unescaped messages as keys in the option key for an HTMLForm specifier. This is vulnerable to a…
|
CWE-79
Cross-site Scripting
|
CVE-2020-25812
|
2024-11-21 14:18 |
2020-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209509
|
5.3 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
hw/usb/hcd-ohci.c in QEMU 5.0.0 has an infinite loop when a TD list has a loop.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-25625
|
2024-11-21 14:18 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209510
|
9.8 |
CRITICAL
Network
|
rubetek
|
rv-3406_firmware
rv-3409_firmware
rv-3411_firmware
|
The Telnet service of Rubetek cameras RV-3406, RV-3409, and RV-3411 cameras (firmware versions v342, v339) could allow an remote attacker to take full control of the device with a high-privileged acc…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-25749
|
2024-11-21 14:18 |
2020-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
