|
213001
|
7.2 |
HIGH
Network
|
cellopoint
|
cellos
|
Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. With the cookie of the system administrator, attackers can inject and remotely execute arbitrary command to manipulat…
|
CWE-78
OS Command
|
CVE-2020-17384
|
2024-11-21 14:07 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213002
|
2.1 |
LOW
Physics
|
philips
|
suresigns_vs4_firmware
|
Philips SureSigns VS4, A.07.107 and prior. The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
|
CWE-863
Incorrect Authorization
|
CVE-2020-16241
|
2024-11-21 14:07 |
2020-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213003
|
4.9 |
MEDIUM
Network
|
philips
|
suresigns_vs4_firmware
|
Philips SureSigns VS4, A.07.107 and prior. When an actor claims to have a given identity, the software does not prove or insufficiently proves the claim is correct.
|
CWE-287
Improper Authentication
|
CVE-2020-16239
|
2024-11-21 14:07 |
2020-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213004
|
2.1 |
LOW
Physics
|
philips
|
suresigns_vs4_firmware
|
Philips SureSigns VS4, A.07.107 and prior. The product receives input or data, but it does not validate or incorrectly validates that the input has the properties required to process the data safely …
|
CWE-20
Improper Input Validation
|
CVE-2020-16237
|
2024-11-21 14:07 |
2020-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213005
|
8.8 |
HIGH
Local
|
rangee
|
rangeeos
|
In the default configuration of Rangee GmbH RangeeOS 8.0.4, all components are executed in the context of the privileged root user. This may allow a local attacker to break out of the restricted envi…
|
CWE-78
OS Command
|
CVE-2020-16282
|
2024-11-21 14:07 |
2020-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213006
|
7.8 |
HIGH
Local
|
rangee
|
rangeeos
|
The Kommbox component in Rangee GmbH RangeeOS 8.0.4 could allow a local authenticated attacker to escape from the restricted environment and execute arbitrary code due to unrestricted context menus b…
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2020-16281
|
2024-11-21 14:07 |
2020-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213007
|
5.5 |
MEDIUM
Local
|
rangee
|
rangeeos
|
Multiple Rangee GmbH RangeeOS 8.0.4 modules store credentials in plaintext including credentials of users for several external facing administrative services, domain joined users, and local administr…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-16280
|
2024-11-21 14:07 |
2020-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213008
|
9.8 |
CRITICAL
Network
|
rangee
|
rangeeos
|
The Kommbox component in Rangee GmbH RangeeOS 8.0.4 is vulnerable to Remote Code Execution due to untrusted user supplied input being passed to the command line without sanitization.
|
CWE-78
OS Command
|
CVE-2020-16279
|
2024-11-21 14:07 |
2020-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213009
|
5.5 |
MEDIUM
Local
|
artifex
debian
canonical
|
ghostscript
debian_linux
ubuntu_linux
|
A division by zero vulnerability in dot24_print_page() in devices/gdevdm24.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted PDF file. This i…
|
CWE-369
Divide By Zero
|
CVE-2020-16310
|
2024-11-21 14:07 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213010
|
5.5 |
MEDIUM
Local
|
artifex
debian
canonical
|
ghostscript
debian_linux
ubuntu_linux
|
A buffer overflow vulnerability in lxm5700m_print_page() in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-16309
|
2024-11-21 14:07 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
