MineTime through 1.8.5 allows XSS via the notes field in a meeting invite.
CVE-2020-6637PUBLISHED: 2020-08-24openSIS Community Edition version 7.3 is vulnerable to SQL injection via the USERNAME parameter of index.php.
CVE-2020-7376PUBLISHED: 2020-08-24The Metasploit Framework module "post/osx/gather/enum_osx module" is affected by a relative path traversal vulnerability in the get_keychains method which can be exploited to write arbitrary files to arbitrary locations on the host filesystem when the module is run on a malicious host.
CVE-2020-7377PUBLISHED: 2020-08-24The Metasploit Framework module "auxiliary/admin/http/telpho10_credential_dump" module is affected by a relative path traversal vulnerability in the untar method which can be exploited to write arbitrary files to arbitrary locations on the host file system when the module is run on a malic...
CVE-2020-24606PUBLISHED: 2020-08-24Squid before 4.13 and 5.x before 5.0.4 allows a trusted peer to perform Denial of Service by consuming all available CPU cycles during handling of a crafted Cache Digest response message. This only occurs when cache_peer is used with the cache digests feature. The problem exists because peerDigestHa...
Support the originator by clicking the read the rest link below.