|
197931
|
5.5 |
MEDIUM
Local
|
schneider-electric
|
ecostruxure_operator_terminal_expert
|
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability during zip file extraction exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and…
|
CWE-22
Path Traversal
|
CVE-2020-7495
|
2024-11-21 14:37 |
2020-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197932
|
7.8 |
HIGH
Local
|
schneider-electric
|
ecostruxure_operator_terminal_expert
|
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly known as V…
|
CWE-22
Path Traversal
|
CVE-2020-7494
|
2024-11-21 14:37 |
2020-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197933
|
7.8 |
HIGH
Local
|
schneider-electric
|
ecostruxure_operator_terminal_expert
|
A CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability exists in EcoStruxure Operator Terminal Expert 3.1 Service Pack 1 and prior (formerly know…
|
CWE-89
SQL Injection
|
CVE-2020-7493
|
2024-11-21 14:37 |
2020-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197934
|
6.5 |
MEDIUM
Network
|
schneider-electric
|
gp-pro_ex_firmware
|
A CWE-521: Weak Password Requirements vulnerability exists in the GP-Pro EX V1.00 to V4.09.100 which could cause the discovery of the password when the user is entering the password because it is not…
|
CWE-521
Weak Password Requirements
|
CVE-2020-7492
|
2024-11-21 14:37 |
2020-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197935
|
9.1 |
CRITICAL
Network
|
siemens
|
logo\!_8_bm_firmware
|
A vulnerability has been identified in LOGO! 8 BM (incl. SIPLUS variants) (All versions). The vulnerability could lead to an attacker reading and modifying the device configuration and obtain project…
|
-
|
CVE-2020-7589
|
2024-11-21 14:37 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197936
|
9.8 |
CRITICAL
Network
|
cd-messenger_project
|
cd-messenger
|
cd-messenger through 2.7.26 is vulnerable to Arbitrary Code Execution. User input provided to the `color` argument executed by the `eval` function resulting in code execution.
|
CWE-94
Code Injection
|
CVE-2020-7675
|
2024-11-21 14:37 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197937
|
9.8 |
CRITICAL
Network
|
access-policy_project
|
access-policy
|
access-policy through 3.1.0 is vulnerable to Arbitrary Code Execution. User input provided to the `template` function is executed by the `eval` function resulting in code execution.
|
CWE-94
Code Injection
|
CVE-2020-7674
|
2024-11-21 14:37 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197938
|
9.8 |
CRITICAL
Network
|
node-extend_project
|
node-extend
|
node-extend through 0.2.0 is vulnerable to Arbitrary Code Execution. User input provided to the argument `A` of `extend` function`(A,B,as,isAargs)` located within `lib/extend.js` is executed by the `…
|
CWE-94
Code Injection
|
CVE-2020-7673
|
2024-11-21 14:37 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197939
|
7.8 |
HIGH
Local
|
siemens
|
simatic_pcs_7
simatic_step_7
sinamics_starter
simatic_process_device_manager
|
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All version…
|
-
|
CVE-2020-7586
|
2024-11-21 14:37 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197940
|
7.8 |
HIGH
Local
|
siemens
|
simatic_pcs_7
simatic_step_7
sinamics_starter
simatic_process_device_manager
|
A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All version…
|
-
|
CVE-2020-7585
|
2024-11-21 14:37 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
