|
220611
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
A flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system.
|
CWE-416
Use After Free
|
CVE-2020-10720
|
2024-11-21 13:55 |
2020-09-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220612
|
8.8 |
HIGH
Network
|
github
|
github
|
A remote code execution vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration of the underlying parsers use…
|
NVD-CWE-noinfo
|
CVE-2020-10518
|
2024-11-21 13:55 |
2020-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220613
|
4.3 |
MEDIUM
Network
|
github
|
github
|
An improper access control vulnerability was identified in GitHub Enterprise Server that allowed authenticated users of the instance to determine the names of unauthorized private repositories given …
|
NVD-CWE-noinfo
|
CVE-2020-10517
|
2024-11-21 13:55 |
2020-08-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220614
|
6.8 |
MEDIUM
Physics
|
sintef
|
urx
|
Universal Robots controller execute URCaps (zip files containing Java-powered applications) without any permission restrictions and a wide API that presents many primitives that can compromise the ov…
|
CWE-269
Improper Privilege Management
|
CVE-2020-10290
|
2024-11-21 13:55 |
2020-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220615
|
9.8 |
CRITICAL
Network
|
dronecode
|
micro_air_vehicle_link
|
The Micro Air Vehicle Link (MAVLink) protocol presents authentication mechanisms on its version 2.0 however according to its documentation, in order to maintain backwards compatibility, GCS and autop…
|
NVD-CWE-Other
|
CVE-2020-10283
|
2024-11-21 13:55 |
2020-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220616
|
8.8 |
HIGH
Network
|
openrobotics
|
robot_operating_system
|
Use of unsafe yaml load. Allows instantiation of arbitrary objects. The flaw itself is caused by an unsafe parsing of YAML values which happens whenever an action message is processed to be sent, and…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-10289
|
2024-11-21 13:55 |
2020-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220617
|
9.9 |
CRITICAL
Network
|
redhat
|
openstack_platform
|
A flaw was found in the nova_libvirt container provided by the Red Hat OpenStack Platform 16, where it does not have SELinux enabled. This flaw causes sVirt, an important isolation mechanism, to be d…
|
NVD-CWE-noinfo
|
CVE-2020-10731
|
2024-11-21 13:55 |
2020-07-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220618
|
8.2 |
HIGH
Local
|
gnu
debian
opensuse
vmware
|
grub2
debian_linux
leap
photon_os
|
A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. …
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-10713
|
2024-11-21 13:55 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220619
|
5.4 |
MEDIUM
Network
|
osisoft
|
pi_vision
|
An authenticated remote attacker could use specially crafted URLs to send a victim using PI Vision 2019 mobile to a vulnerable web page due to a known issue in a third-party component.
|
CWE-79
Cross-site Scripting
|
CVE-2020-10643
|
2024-11-21 13:55 |
2020-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220620
|
7.5 |
HIGH
Network
|
grundfos
|
cim_500
|
Grundfos CIM 500 v06.16.00 stores plaintext credentials, which may allow sensitive information to be read or allow modification to system settings by someone with access to the device.
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-10609
|
2024-11-21 13:55 |
2020-07-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
