|
211901
|
7.5 |
HIGH
Network
|
openldap
redhat
netapp
|
openldap
enterprise_linux
cloud_backup
solidfire_baseboard_management_controller_firmware
|
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sen…
|
-
|
CVE-2020-25692
|
2024-11-21 14:18 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211902
|
5.5 |
MEDIUM
Local
|
ceph
redhat
|
ceph-ansible
ceph_storage
|
A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This flaw allows any user on the system to read sensitive information with…
|
-
|
CVE-2020-25677
|
2024-11-21 14:18 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211903
|
6.1 |
MEDIUM
Network
|
moodle
|
moodle
|
A vulnerability was found in Moodle 3.9 to 3.9.1, 3.8 to 3.8.4 and 3.7 to 3.7.7 where it was possible to include JavaScript in a book's chapter title, which was not escaped on the "Add new chapter" p…
|
-
|
CVE-2020-25631
|
2024-11-21 14:18 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211904
|
7.5 |
HIGH
Network
|
moodle
|
moodle
|
A vulnerability was found in Moodle where the decompressed size of zip files was not checked against available user quota before unzipping them, which could lead to a denial of service risk. This aff…
|
-
|
CVE-2020-25630
|
2024-11-21 14:18 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211905
|
8.8 |
HIGH
Network
|
moodle
|
moodle
|
A vulnerability was found in Moodle where users with "Log in as" capability in a course context (typically, course managers) may gain access to some site administration capabilities by "logging in as…
|
CWE-862
Missing Authorization
|
CVE-2020-25629
|
2024-11-21 14:18 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211906
|
6.1 |
MEDIUM
Network
|
moodle
|
moodle
|
The filter in the tag manager required extra sanitizing to prevent a reflected XSS risk. This affects 3.9 to 3.9.1, 3.8 to 3.8.4, 3.7 to 3.7.7, 3.5 to 3.5.13 and earlier unsupported versions. Fixed i…
|
-
|
CVE-2020-25628
|
2024-11-21 14:18 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211907
|
7.5 |
HIGH
Network
|
moddable
|
moddable
|
Null Pointer Dereference. in xObjectBindingFromExpression at moddable/xs/sources/xsSyntaxical.c:3419 in Moddable SDK before OS200908 causes a denial of service (SEGV).
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-25465
|
2024-11-21 14:18 |
2020-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211908
|
7.5 |
HIGH
Network
|
moddable
|
moddable
|
Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before 20200903. The top stack frame is only partially initialized because the stack overflowed while creating the frame. …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-25464
|
2024-11-21 14:18 |
2020-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211909
|
7.5 |
HIGH
Network
|
moddable
|
moddable
|
Invalid Memory Access in fxUTF8Decode at moddable/xs/sources/xsCommon.c:916 in Moddable SDK before OS200908 causes a denial of service (SEGV).
|
NVD-CWE-Other
|
CVE-2020-25463
|
2024-11-21 14:18 |
2020-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211910
|
6.5 |
MEDIUM
Network
|
infinispan
redhat
netapp
|
infinispan
data_grid
active_iq_unified_manager
|
A flaw was found in infinispan 10 REST API, where authorization permissions are not checked while performing some server management operations. When authz is enabled, any user with authentication can…
|
CWE-862
Missing Authorization
|
CVE-2020-25711
|
2024-11-21 14:18 |
2020-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
