|
210011
|
6.3 |
MEDIUM
Network
|
jupyter
|
oauthenticator
|
OAuthenticator is an OAuth login mechanism for JupyterHub. In oauthenticator from version 0.12.0 and before 0.12.2, the deprecated (in jupyterhub 1.2) configuration `Authenticator.whitelist`, which s…
|
CWE-863
Incorrect Authorization
|
CVE-2020-26250
|
2024-11-21 14:19 |
2020-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210012
|
9.8 |
CRITICAL
Network
|
systeminformation
|
systeminformation
|
npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper poll…
|
CWE-78
OS Command
|
CVE-2020-26245
|
2024-11-21 14:19 |
2020-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210013
|
7.5 |
HIGH
Network
|
nanopb_project
|
nanopb
|
Nanopb is a small code-size Protocol Buffers implementation. In Nanopb before versions 0.4.4 and 0.3.9.7, decoding specifically formed message can leak memory if dynamic allocation is enabled and an …
|
-
|
CVE-2020-26243
|
2024-11-21 14:19 |
2020-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210014
|
6.5 |
MEDIUM
Network
|
glpi-project
|
glpi
|
GLPI stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. I…
|
-
|
CVE-2020-26212
|
2024-11-21 14:19 |
2020-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210015
|
7.5 |
HIGH
Network
|
ethereum
|
go_ethereum
|
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.18, there is a Denial-of-service (crash) during block processing. This is fixed in 1…
|
NVD-CWE-noinfo
|
CVE-2020-26242
|
2024-11-21 14:19 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210016
|
7.1 |
HIGH
Network
|
ethereum
|
go_ethereum
|
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. This is a Consensus vulnerability in Geth before version 1.9.17 which can be used to cause a chain-split where …
|
-
|
CVE-2020-26241
|
2024-11-21 14:19 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210017
|
7.5 |
HIGH
Network
|
ethereum
|
go_ethereum
|
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. An ethash mining DAG generation flaw in Geth before version 1.9.24 could cause miners to erroneously calculate …
|
CWE-682
Incorrect Calculation
|
CVE-2020-26240
|
2024-11-21 14:19 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210018
|
8.1 |
HIGH
Network
|
cron-utils_project
|
cron-utils
|
Cron-utils is a Java library to parse, validate, migrate crons as well as get human readable descriptions for them. In cron-utils before version 9.1.3, a template Injection vulnerability is present. …
|
-
|
CVE-2020-26238
|
2024-11-21 14:19 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210019
|
5.4 |
MEDIUM
Network
|
jupyter
|
jupyter_server
|
Jupyter Server before version 1.0.6 has an Open redirect vulnerability. A maliciously crafted link to a jupyter server could redirect the browser to a different website. All jupyter servers are techn…
|
-
|
CVE-2020-26232
|
2024-11-21 14:19 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210020
|
8.7 |
HIGH
Network
|
highlightjs
debian
oracle
|
highlight.js
debian_linux
mysql_enterprise_monitor
|
Highlight.js is a syntax highlighter written in JavaScript. Highlight.js versions before 9.18.2 and 10.1.2 are vulnerable to Prototype Pollution. A malicious HTML code block can be crafted that will …
|
-
|
CVE-2020-26237
|
2024-11-21 14:19 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
