|
198641
|
4.9 |
MEDIUM
Network
|
elastic
|
elasticsearch
|
Elasticsearch versions before 7.10.0 and 6.8.14 have an information disclosure issue when audit logging and the emit_request_body option is enabled. The Elasticsearch audit log could contain sensitiv…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-7021
|
2024-11-21 14:36 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198642
|
9.8 |
CRITICAL
Network
|
fortinet
|
fortiisolator
|
An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, shou…
|
CWE-613
Insufficient Session Expiration
|
CVE-2020-6649
|
2024-11-21 14:36 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198643
|
4.9 |
MEDIUM
Network
|
bosch
|
fsm-2500_firmware
fsm-5000_firmware
|
Use of Password Hash With Insufficient Computational Effort in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows a remote attacker with admin priv…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2020-6780
|
2024-11-21 14:36 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198644
|
10.0 |
CRITICAL
Network
|
bosch
|
fsm-2500_firmware
fsm-5000_firmware
|
Use of Hard-coded Credentials in the database of Bosch FSM-2500 server and Bosch FSM-5000 server up to and including version 5.2 allows an unauthenticated remote attacker to log into the database wit…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-6779
|
2024-11-21 14:36 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198645
|
4.8 |
MEDIUM
Network
|
bosch
|
praesideo_firmware
praesensa_firmware
|
A vulnerability in the web-based management interface of Bosch PRAESIDEO until and including version 4.41 and Bosch PRAESENSA until and including version 1.10 allows an authenticated remote attacker …
|
CWE-79
Cross-site Scripting
|
CVE-2020-6777
|
2024-11-21 14:36 |
2021-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198646
|
8.8 |
HIGH
Network
|
bosch
|
praesideo_firmware
praesensa_firmware
|
A vulnerability in the web-based management interface of Bosch PRAESIDEO until and including version 4.41 and Bosch PRAESENSA until and including version 1.10 allows an unauthenticated remote attacke…
|
CWE-352
Origin Validation Error
|
CVE-2020-6776
|
2024-11-21 14:36 |
2021-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198647
|
7.8 |
HIGH
Local
|
eaton
|
easysoft
|
Eaton's easySoft software v7.xx prior to v7.22 are susceptible to file parsing type confusion remote code execution vulnerability. A malicious entity can execute a malicious code or make the applicat…
|
CWE-843
Type Confusion
|
CVE-2020-6656
|
2024-11-21 14:36 |
2021-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198648
|
7.8 |
HIGH
Local
|
eaton
|
easysoft
|
The Eaton's easySoft software v7.xx prior to v7.22 are susceptible to Out-of-bounds remote code execution vulnerability. A malicious entity can execute a malicious code or make the application crash …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-6655
|
2024-11-21 14:36 |
2021-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198649
|
5.3 |
MEDIUM
Network
|
hp
|
integrated_lights-out_4
integrated_lights-out_5
|
A potential security vulnerability has been identified in HPE Integrated Lights-Out 5 (iLO 5) and Integrated Lights-Out 4 (iLO 4) firmware. The vulnerability could be remotely exploited to disclose t…
|
NVD-CWE-noinfo
|
CVE-2020-7202
|
2024-11-21 14:36 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198650
|
7.5 |
HIGH
Network
|
zte
|
zxhn_e8810_firmware
zxhn_e8820_firmware
zxhn_e8822_firmware
|
ZTE E8810/E8820/E8822 series routers have an information leak vulnerability, which is caused by hard-coded MQTT service access credentials on the device. The remote attacker could use this credential…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-6882
|
2024-11-21 14:36 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
