|
209441
|
4.9 |
MEDIUM
Network
|
rsa
|
archer
|
Archer before 6.9 P1 (6.9.0.1) contains an improper access control vulnerability in an API. A remote authenticated malicious administrative user can potentially exploit this vulnerability to gather i…
|
NVD-CWE-noinfo
|
CVE-2020-29538
|
2024-11-21 14:24 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209442
|
5.4 |
MEDIUM
Network
|
rsa
|
archer
|
Archer before 6.8 P2 (6.8.0.2) is affected by an open redirect vulnerability. A remote privileged attacker may potentially redirect legitimate users to arbitrary web sites and conduct phishing attack…
|
CWE-601
Open Redirect
|
CVE-2020-29537
|
2024-11-21 14:24 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209443
|
4.3 |
MEDIUM
Network
|
rsa
|
archer
|
Archer before 6.8 P2 (6.8.0.2) is affected by a path exposure vulnerability. A remote authenticated malicious attacker with access to service files may obtain sensitive information to use it in furth…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-29536
|
2024-11-21 14:24 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209444
|
5.4 |
MEDIUM
Network
|
rsa
|
archer
|
Archer before 6.8 P4 (6.8.0.4) contains a stored XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript cod…
|
CWE-79
Cross-site Scripting
|
CVE-2020-29535
|
2024-11-21 14:24 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209445
|
3.9 |
LOW
Local
|
qemu
debian
|
qemu
debian_linux
|
ide_atapi_cmd_reply_end in hw/ide/atapi.c in QEMU 5.1.0 allows out-of-bounds read access because a buffer index is not validated.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-29443
|
2024-11-21 14:24 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209446
|
6.5 |
MEDIUM
Network
|
atlassian
|
confluence_server
confluence_data_center
|
Affected versions of Atlassian Confluence Server and Data Center allow remote attackers to impact the application's availability via a Denial of Service (DoS) vulnerability in the avatar upload featu…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-29450
|
2024-11-21 14:24 |
2021-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209447
|
5.3 |
MEDIUM
Network
|
atlassian
|
crucible
fisheye
|
Affected versions of Atlassian Fisheye & Crucible allow remote attackers to browse local files via an Insecure Direct Object References (IDOR) vulnerability in the WEB-INF directory. The affected ver…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2020-29446
|
2024-11-21 14:24 |
2021-01-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209448
|
8.7 |
HIGH
Network
|
dell
|
emc_avamar_server
emc_integrated_data_protection_appliance
|
Dell EMC Avamar Server, versions 19.1, 19.2, 19.3, contain a Path Traversal Vulnerability in PDM. A remote user could potentially exploit this vulnerability, to gain unauthorized write access to the …
|
CWE-22
Path Traversal
|
CVE-2020-29494
|
2024-11-21 14:24 |
2021-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209449
|
5.4 |
MEDIUM
Network
|
simplcommerce
|
simplcommerce
|
SimplCommerce 1.0.0-rc uses the Bootbox.js library, which allows creation of programmatic dialog boxes using Bootstrap modals. The Bootbox.js library intentionally does not perform any sanitization o…
|
CWE-79
Cross-site Scripting
|
CVE-2020-29587
|
2024-11-21 14:24 |
2021-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209450
|
10.0 |
CRITICAL
Network
|
dell
|
emc_avamar_server
emc_integrated_data_protection_appliance
|
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability in Fitness Analyzer. A remote unauthenticated attacker could potentially exploit this vulnerability, l…
|
CWE-78
OS Command
|
CVE-2020-29495
|
2024-11-21 14:24 |
2021-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
