|
209671
|
7.5 |
HIGH
Network
|
jetbrains
|
youtrack
|
In JetBrains YouTrack before 2020.3.6638, improper access control for some subresources leads to information disclosure via the REST API.
|
NVD-CWE-noinfo
|
CVE-2020-25209
|
2024-11-21 14:17 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209672
|
9.8 |
CRITICAL
Network
|
jetbrains
|
toolbox
|
JetBrains ToolBox before version 1.18 is vulnerable to Remote Code Execution via a browser protocol handler.
|
NVD-CWE-noinfo
|
CVE-2020-25207
|
2024-11-21 14:17 |
2020-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209673
|
7.5 |
HIGH
Network
|
bd
|
alaris_8015_pcu_firmware
alaris_systems_manager
|
BD Alaris PC Unit, Model 8015, Versions 9.33.1 and earlier and BD Alaris Systems Manager, Versions 4.33 and earlier The affected products are vulnerable to a network session authentication vulnerabil…
|
-
|
CVE-2020-25165
|
2024-11-21 14:17 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209674
|
7.5 |
HIGH
Network
|
nexcom
|
nio_50_firmware
|
The affected product transmits unencrypted sensitive information, which may allow an attacker to access this information on the NIO 50 (all versions).
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-25155
|
2024-11-21 14:17 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209675
|
7.5 |
HIGH
Network
|
nexcom
|
nio_50_firmware
|
The affected product does not properly validate input, which may allow an attacker to execute a denial-of-service attack on the NIO 50 (all versions).
|
-
|
CVE-2020-25151
|
2024-11-21 14:17 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209676
|
8.8 |
HIGH
Network
|
ilias
|
ilias
|
Remote Code Execution can occur via the external news feed in ILIAS 6.4 because of incorrect parameter sanitization for Magpie RSS data.
|
CWE-88
Argument Injection
|
CVE-2020-25268
|
2024-11-21 14:17 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209677
|
5.4 |
MEDIUM
Network
|
ilias
|
ilias
|
An XSS issue exists in the question-pool file-upload preview feature in ILIAS 6.4.
|
CWE-79
Cross-site Scripting
|
CVE-2020-25267
|
2024-11-21 14:17 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209678
|
9.8 |
CRITICAL
Network
|
moinmo
debian
|
moinmoin
debian_linux
|
The cache action in action/cache.py in MoinMoin through 1.9.10 allows directory traversal through a crafted HTTP request. An attacker who can upload attachments to the wiki can use this to achieve re…
|
CWE-22
Path Traversal
|
CVE-2020-25074
|
2024-11-21 14:17 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209679
|
7.8 |
HIGH
Local
|
bbraun
|
onlinesuite_application_package
|
A DLL hijacking vulnerability in the B. Braun OnlineSuite Version AP 3.0 and earlier allows local attackers to execute code on the system as a high privileged user.
|
-
|
CVE-2020-25174
|
2024-11-21 14:17 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209680
|
9.8 |
CRITICAL
Network
|
bbraun
|
onlinesuite_application_package
|
A relative path traversal attack in the B. Braun OnlineSuite Version AP 3.0 and earlier allows unauthenticated attackers to upload or download arbitrary files.
|
-
|
CVE-2020-25172
|
2024-11-21 14:17 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
