|
220571
|
3.3 |
LOW
Local
|
redhat
|
ansible_tower
|
A flaw was found in Ansible Tower when running jobs. This flaw allows an attacker to access the stdout of the executed jobs which are run from other organizations. Some sensible data can be disclosed…
|
NVD-CWE-Other
|
CVE-2020-10698
|
2024-11-21 13:55 |
2021-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220572
|
4.4 |
MEDIUM
Local
|
redhat
|
ansible_tower
|
A flaw was found in Ansible Tower when running Openshift. Tower runs a memcached, which is accessed via TCP. An attacker can take advantage of writing a playbook polluting this cache, causing a denia…
|
NVD-CWE-Other
|
CVE-2020-10697
|
2024-11-21 13:55 |
2021-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220573
|
6.1 |
MEDIUM
Network
|
redhat
|
jboss_enterprise_application_platform
openshift_application_runtimes
resteasy
fuse
|
A cross-site scripting (XSS) flaw was found in RESTEasy in versions before 3.11.1.Final and before 4.5.3.Final, where it did not properly handle URL encoding when the RESTEASY003870 exception occurs.…
|
-
|
CVE-2020-10688
|
2024-11-21 13:55 |
2021-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220574
|
7.8 |
HIGH
Local
|
redhat
|
single_sign-on
|
An insecure modification flaw in the /etc/passwd file was found in the redhat-sso-7 container. An attacker with access to the container can use this flaw to modify the /etc/passwd and escalate their …
|
-
|
CVE-2020-10695
|
2024-11-21 13:55 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220575
|
7.5 |
HIGH
Network
|
invigo
|
automatic_device_management
|
A directory traversal on the /admin/search_by.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to read arbitrary server files accessible to the user running …
|
CWE-22
Path Traversal
|
CVE-2020-10584
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220576
|
8.8 |
HIGH
Network
|
invigo
|
automatic_device_management
|
The /admin/admapi.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary OS commands on the server as the user running the appli…
|
CWE-78
OS Command
|
CVE-2020-10583
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220577
|
9.8 |
CRITICAL
Network
|
invigo
|
automatic_device_management
|
A SQL injection on the /admin/display_errors.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to execute arbitrary SQL requests (including data reading and m…
|
CWE-89
SQL Injection
|
CVE-2020-10582
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220578
|
7.5 |
HIGH
Network
|
invigo
|
automatic_device_management
|
Multiple session validity check issues in several administration functionalities of Invigo Automatic Device Management (ADM) through 5.0 allow remote attackers to read potentially sensitive data host…
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-10581
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220579
|
8.8 |
HIGH
Network
|
invigo
|
automatic_device_management
|
A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote authenticated attackers to execute arbitrary PHP code on the server as the…
|
CWE-77
Command Injection
|
CVE-2020-10580
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220580
|
7.5 |
HIGH
Network
|
invigo
|
automatic_device_management
|
A directory traversal on the /admin/sysmon.php script of Invigo Automatic Device Management (ADM) through 5.0 allows remote attackers to list the content of arbitrary server directories accessible to…
|
CWE-22
Path Traversal
|
CVE-2020-10579
|
2024-11-21 13:55 |
2021-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
