|
711
|
7.8
4.6
|
HIGH
Local
|
A heap use-after-free vulnerability was found in systemd before version v245-rc1, where asynchronous Polkit queries are performed while handling dbus messages. A local unprivileged attacker can abuse…
|
CWE-416
Use After Free
|
CVE-2020-1712
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 14:11
2020-04-1
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
712
|
6.1
4.3
|
MEDIUM
Network
|
A Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL …
|
CWE-79
Cross-site Scripting
|
CVE-2019-10221
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:18
2020-03-21
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
713
|
6.1
4.3
|
MEDIUM
Network
|
A vulnerability was found in all pki-core 10.x.x versions, where the Key Recovery Authority (KRA) Agent Service did not properly sanitize recovery request search page, enabling a Reflected Cross Site…
|
-
|
CVE-2019-10179
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:18
2020-03-21
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
714
|
4.7
2.6
|
MEDIUM
Network
|
A Reflected Cross Site Scripting flaw was found in all pki-core 10.x.x versions module from the pki-core server due to the CA Agent Service not properly sanitizing the certificate request page. An at…
|
-
|
CVE-2019-10146
|
cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 13:18
2020-03-19
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
715
|
6.5
3.5
|
MEDIUM
Network
|
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to …
|
CWE-862
Missing Authorization
|
CVE-2020-1720
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 14:11
2020-03-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
716
|
9.8
7.5
|
CRITICAL
Network
|
The CGIHTTPServer module in Python 2.7.5 and 3.3.4 does not properly handle URLs in which URL encoding is used for path separators, which allows remote attackers to read script source code or conduct…
|
CWE-22
Path Traversal
|
CVE-2014-4650
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 11:10
2020-02-21
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
717
|
9.8
7.5
|
CRITICAL
Network
|
SQL injection vulnerability in Zend Framework before 1.12.9, 2.2.x before 2.2.8, and 2.3.x before 2.3.3, when using the sqlsrv PHP extension, allows remote attackers to execute arbitrary SQL commands…
|
CWE-89
SQL Injection
|
CVE-2014-8089
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:*
|
|
|
|
|
2024-11-21 11:18
2020-02-18
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
718
|
5.9
5.8
|
MEDIUM
Network
|
A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious contain…
|
-
|
CVE-2020-1726
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 14:11
2020-02-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
719
|
6.0
6.0
|
MEDIUM
Network
|
An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-1711
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 14:11
2020-02-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
720
|
6.8
7.2
|
MEDIUM
Physics
|
Buffer overflow in the auerswald_probe function in the Auerswald Linux USB driver for the Linux kernel before 2.6.27 allows physically proximate attackers to execute arbitrary code, cause a denial of…
|
CWE-120
Classic Buffer Overflow
|
CVE-2009-4067
|
cpe:2.3:o:redhat:enterprise_linux:4.0:*
|
|
|
|
|
2024-11-21 10:08
2020-02-12
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|