Total
315521 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-27232 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘manageServiceStocks.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27231 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findDistrict parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27230 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findSector parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27229 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A number of exploitable SQL injection vulnerabilities exists in ‘patientslist.do’ page of OpenClinic GA 5.173.3 application. The findPersonID parameter in ‘‘patientslist.do’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27228 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An incorrect default permissions vulnerability exists in the installation functionality of OpenClinic GA 5.173.3. Overwriting the binary can result in privilege escalation. An attacker can replace a file to exploit this vulnerability. | |||||
| CVE-2020-27227 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially crafted web requests can cause commands to be executed on the server. An attacker can send a web request with parameters containing specific parameter to trigger this vulnerability, potentially allowing exfiltration of the database, user credentials and compromise underlying operating system. | |||||
| CVE-2020-27226 | 1 Openclinic Ga Project | 1 Openclinic Ga | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An exploitable SQL injection vulnerability exists in ‘quickFile.jsp’ page of OpenClinic GA 5.173.3. A specially crafted HTTP request can lead to SQL injection. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |||||
| CVE-2020-27225 | 1 Eclipse | 1 Platform | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform process. | |||||
| CVE-2020-27224 | 1 Eclipse | 1 Theia | 2024-11-21 | 9.3 HIGH | 9.6 CRITICAL |
| In Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code. | |||||
| CVE-2020-27222 | 1 Eclipse | 1 Californium | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because the DTLS server side sticks to a wrong internal state. That wrong internal state is set by a previous certificate based DTLS handshake failure with TLS parameter mismatch. The DTLS server side must be restarted to recover this. This allow clients to force a DoS. | |||||
| CVE-2020-27221 | 1 Eclipse | 1 Openj9 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Eclipse OpenJ9 up to and including version 0.23, there is potential for a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding. | |||||
| CVE-2020-27220 | 1 Eclipse | 1 Hono | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| The Eclipse Hono AMQP and MQTT protocol adapters do not check whether an authenticated gateway device is authorized to receive command & control messages when it has subscribed only to commands for a specific device. The missing check involves verifying that the command target device is configured giving permission for the gateway device to act on its behalf. This means an authenticated device of a certain tenant, notably also a non-gateway device acting like a gateway, may receive command & control messages targeted at a different device of the same tenant without corresponding permissions getting checked. | |||||
| CVE-2020-27219 | 1 Eclipse | 1 Hawkbit | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| In all version of Eclipse Hawkbit prior to 0.3.0M7, the HTTP 404 (Not Found) JSON response body returned by the REST API may contain unsafe characters within the path attribute. Sending a POST request to a non existing resource will return the full path from the given URL unescaped to the client. | |||||
| CVE-2020-27218 | 5 Apache, Debian, Eclipse and 2 more | 17 Kafka, Spark, Debian Linux and 14 more | 2024-11-21 | 5.8 MEDIUM | 4.8 MEDIUM |
| In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is received entirely but not consumed by the application, then a subsequent request on the same connection will see that body prepended to its body. The attacker will not see any data but may inject data into the body of the subsequent request. | |||||
| CVE-2020-27217 | 1 Eclipse | 1 Hono | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Eclipse Hono version 1.3.0 and 1.4.0 the AMQP protocol adapter does not verify the size of AMQP messages received from devices. In particular, a device may send messages that are bigger than the max-message-size that the protocol adapter has indicated during link establishment. While the AMQP 1.0 protocol explicitly disallows a peer to send such messages, a hand crafted AMQP 1.0 client could exploit this behavior in order to send a message of unlimited size to the adapter, eventually causing the adapter to fail with an out of memory exception. | |||||
| CVE-2020-27216 | 6 Apache, Debian, Eclipse and 3 more | 19 Beam, Debian Linux, Jetty and 16 more | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
| In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. | |||||
| CVE-2020-27213 | 1 Ethernut | 1 Nut\/os | 2024-11-21 | N/A | 7.5 HIGH |
| An issue was discovered in Ethernut Nut/OS 5.1. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attacker may be able to determine the ISN of current and future TCP connections and either hijack existing ones or spoof future ones. While the ISN generator seems to adhere to RFC 793 (where a global 32-bit counter is incremented roughly every 4 microseconds), proper ISN generation should aim to follow at least the specifications outlined in RFC 6528. | |||||
| CVE-2020-27212 | 1 St | 95 Stm32cubel4 Firmware, Stm32l412c8, Stm32l412cb and 92 more | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
| STMicroelectronics STM32L4 devices through 2020-10-19 have incorrect access control. The flash read-out protection (RDP) can be degraded from RDP level 2 (no access via debug interface) to level 1 (limited access via debug interface) by injecting a fault during the boot phase. | |||||
| CVE-2020-27211 | 1 Nordicsemi | 2 Nrf52840, Nrf52840 Firmware | 2024-11-21 | 3.3 LOW | 5.7 MEDIUM |
| Nordic Semiconductor nRF52840 devices through 2020-10-19 have improper protection against physical side channels. The flash read-out protection (APPROTECT) can be bypassed by injecting a fault during the boot phase. | |||||
| CVE-2020-27209 | 1 Micro-ecc Project | 1 Micro-ecc | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The ECDSA operation of the micro-ecc library 1.0 is vulnerable to simple power analysis attacks which allows an adversary to extract the private ECC key. | |||||