Apache Airflow CVE-2020-11978远程代码执行漏洞
漏洞标题 Apache Airflow CVE-2020-11978远程代码执行漏洞 漏洞描述 Apache Airflow存在远程代码执行漏洞,此漏洞是缺乏验证导致的。 PoC代码 暂无
CVE-2020-24881: OsTicket < 1.14.3 - Server Side Request Forgery
漏洞标题 CVE-2020-24881: OsTicket < 1.14.3 - Server Side Request Forgery 漏洞描述 SSRF vulnerability exists in osTicket before 1.14.3, allowing an attacker to add malicious file...
CVE-2020-14181: Jira Server and Data Center – Information Disclosure
漏洞标题 CVE-2020-14181: Jira Server and Data Center - Information Disclosure 漏洞描述 Jira Server and Data Center is susceptible to information disclosure. An attacker can enumera...
CVE-2020-8615: WordPress Plugin Tutor LMS 1.5.3 – Cross-Site Request Forgery
漏洞标题 CVE-2020-8615: Wordpress Plugin Tutor LMS 1.5.3 - Cross-Site Request Forgery 漏洞描述 A CSRF vulnerability in the Tutor LMS plugin before 1.5.3 for WordPress can result in...
CVE-2020-24579: D-Link DSL 2888a – Authentication Bypass/Remote Command Execution
漏洞标题 CVE-2020-24579: D-Link DSL 2888a - Authentication Bypass/Remote Command Execution 漏洞描述 D-Link DSL-2888A devices with firmware prior to AU_2.31_V1.1.47ae55 are vulnerab...
CVE-2020-11450: MicroStrategy Web 10.4 – Information Disclosure
漏洞标题 CVE-2020-11450: MicroStrategy Web 10.4 - Information Disclosure 漏洞描述 MicroStrategy Web 10.4 is susceptible to information disclosure. The JVM configuration, CPU archit...
CVE-2020-13405: Microweber <1.1.20 - Information Disclosure
漏洞标题 CVE-2020-13405: Microweber <1.1.20 - Information Disclosure 漏洞描述 Microweber before 1.1.20 is susceptible to information disclosure via userfiles/modules/users/contr...
CVE-2020-13935: Apache Tomcat WebSocket Frame Payload Length Validation Denial of Service
漏洞标题 CVE-2020-13935: Apache Tomcat WebSocket Frame Payload Length Validation Denial of Service 漏洞描述 Apache Tomcat versions 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0...
CVE-2020-13935: Apache Tomcat WebSocket Frame Payload Length Validation Denial of Service
漏洞标题 CVE-2020-13935: Apache Tomcat WebSocket Frame Payload Length Validation Denial of Service 漏洞描述 Apache Tomcat versions 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0...
CVE-2020-2096: Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting
漏洞标题 CVE-2020-2096: Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting 漏洞描述 Jenkins Gitlab Hook 1.4.2 and earlier does not escape project names in the build_now endpoint...
CVE-2020-3580: Cisco ASA/FTD Software – Cross-Site Scripting
漏洞标题 CVE-2020-3580: Cisco ASA/FTD Software - Cross-Site Scripting 漏洞描述 Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software ar...
CVE-2020-10199: Sonatype Nexus Repository Manager 3 – Remote Code Execution
漏洞标题 CVE-2020-10199: Sonatype Nexus Repository Manager 3 - Remote Code Execution 漏洞描述 Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection PoC代码
CVE-2020-11853: Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution
漏洞标题 CVE-2020-11853: Micro Focus Operations Bridge Manager <=2020.05 - Remote Code Execution 漏洞描述 Micro Focus Operations Bridge Manager in versions 2020.05 and below is ...
CVE-2020-24186: WordPress wpDiscuz <=7.0.4 - Remote Code Execution
漏洞标题 CVE-2020-24186: WordPress wpDiscuz <=7.0.4 - Remote Code Execution 漏洞描述 WordPress wpDiscuz plugin versions version 7.0 through 7.0.4 are susceptible to remote code ...
CVE-2020-35848: Agentejo Cockpit <0.12.0 - NoSQL Injection
漏洞标题 CVE-2020-35848: Agentejo Cockpit <0.12.0 - NoSQL Injection 漏洞描述 Agentejo Cockpit prior to 0.12.0 is vulnerable to NoSQL Injection via the newpassword method of the ...
Apache Flink 文件读取(CVE-2020-17519)
漏洞标题 Apache Flink 文件读取(CVE-2020-17519) 漏洞描述 【漏洞对象】Apache Flink 【涉及版本】Flink部分版本(1.11.0, 1.11.1, 1.11.2) \【漏洞描述】ApacheFlink是一个开源的流处理框架...
