|
210311
|
3.3 |
LOW
Local
|
adobe
|
acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc
|
Acrobat Reader versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an input validation vulnerability when decoding a crafted codec tha…
|
-
|
CVE-2020-24427
|
2024-11-21 14:14 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210312
|
3.3 |
LOW
Local
|
adobe
|
acrobat
acrobat_dc
acrobat_reader
acrobat_reader_dc
|
Acrobat Reader DC versions 2020.012.20048 (and earlier), 2020.001.30005 (and earlier) and 2017.011.30175 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosur…
|
-
|
CVE-2020-24426
|
2024-11-21 14:14 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210313
|
5.4 |
MEDIUM
Network
|
nedi
|
nedi
|
NeDi 1.9C allows pwsec.php oid XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2020-23989
|
2024-11-21 14:14 |
2020-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210314
|
5.4 |
MEDIUM
Network
|
nedi
|
nedi
|
NeDi 1.9C allows inc/rt-popup.php d XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2020-23868
|
2024-11-21 14:14 |
2020-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210315
|
6.1 |
MEDIUM
Network
|
grafana
|
grafana
|
Grafana before 7.1.0-beta 1 allows XSS via a query alias for the ElasticSearch datasource.
|
CWE-79
Cross-site Scripting
|
CVE-2020-24303
|
2024-11-21 14:14 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210316
|
7.5 |
HIGH
Network
|
victor_cms_project
|
victor_cms
|
A SQL injection vulnerability exists in Victor CMS V1.0 in the cat_id parameter of the category.php file. This parameter can be used by sqlmap to obtain data information in the database.
|
CWE-89
SQL Injection
|
CVE-2020-23945
|
2024-11-21 14:14 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210317
|
7.8 |
HIGH
Local
|
iobit
|
malware_fighter
|
An issue exits in IOBit Malware Fighter version 8.0.2.547. Local escalation of privileges is possible by dropping a malicious DLL file into the WindowsApps folder.
|
NVD-CWE-noinfo
|
CVE-2020-23864
|
2024-11-21 14:14 |
2020-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210318
|
8.8 |
HIGH
Network
|
fs
|
s3900_24t4s_firmware
|
An issue was discovered in fs.com S3900 24T4S 1.7.0 and earlier. The form does not have an authentication or token authentication mechanism that allows remote attackers to forge requests on behalf of…
|
CWE-352
Origin Validation Error
|
CVE-2020-24033
|
2024-11-21 14:14 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210319
|
5.5 |
MEDIUM
Local
|
adobe
|
indesign
|
Adobe InDesign version 15.1.2 (and earlier) is affected by a NULL pointer dereference bug that occurs when handling a malformed .indd file. The impact is limited to causing a denial-of-service of the…
|
-
|
CVE-2020-24421
|
2024-11-21 14:14 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210320
|
7.8 |
HIGH
Local
|
adobe
|
dreamweaver
|
Dreamweaver version 20.2 (and earlier) is affected by an uncontrolled search path element vulnerability that could lead to privilege escalation. Successful exploitation could result in a local user w…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-24425
|
2024-11-21 14:14 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
