|
201161
|
5.3 |
MEDIUM
Adjacent
|
johnsoncontrols
|
c-cure_web
victor_web
|
A vulnerability in specified versions of American Dynamics victor Web Client and Software House C•CURE Web Client could allow an unauthenticated attacker on the network to create and sign their own J…
|
CWE-287
Improper Authentication
|
CVE-2020-9049
|
2024-11-21 14:39 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201162
|
8.1 |
HIGH
Network
|
amazon
|
aws_encryption_sdk
|
A weak robustness vulnerability exists in the AWS Encryption SDKs for Java, Python, C and Javalcript prior to versions 2.0.0. Due to the non-committing property of AES-GCM (and other AEAD ciphers suc…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-8897
|
2024-11-21 14:39 |
2020-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201163
|
7.5 |
HIGH
Network
|
netapp
|
hci
element_os
|
Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmis…
|
NVD-CWE-noinfo
|
CVE-2020-8583
|
2024-11-21 14:39 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201164
|
6.5 |
MEDIUM
Network
|
netapp
|
hci
element_os
|
Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an authenticated user to view sensitive information.
|
NVD-CWE-noinfo
|
CVE-2020-8582
|
2024-11-21 14:39 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201165
|
6.5 |
MEDIUM
Network
|
intel
|
data_center_manager
|
Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable information disclosure via network access.
|
CWE-20
Improper Input Validation
|
CVE-2020-8669
|
2024-11-21 14:39 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201166
|
5.5 |
MEDIUM
Local
|
intel
|
quartus_prime
|
Uncaught exception in the Intel(R) 50GbE IP Core for Intel(R) Quartus Prime before version 20.2 may allow an authenticated user to potentially enable denial of service via local access.
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2020-8767
|
2024-11-21 14:39 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201167
|
6.5 |
MEDIUM
Adjacent
|
intel
|
software_guard_extensions_data_center_attestation_primitives
|
Improper conditions check in the Intel(R) SGX DCAP software before version 1.6 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2020-8766
|
2024-11-21 14:39 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201168
|
6.7 |
MEDIUM
Local
|
intel
netapp
|
bios
hci_storage_node_bios
solidfire_bios
hci_compute_node_bios
aff_bios
fas_bios
|
Improper access control in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
|
NVD-CWE-Other
|
CVE-2020-8764
|
2024-11-21 14:39 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201169
|
4.6 |
MEDIUM
Physics
|
intel
|
converged_security_and_manageability_engine
|
Inadequate encryption strength in subsystem for Intel(R) CSME versions before 13.0.40 and 13.30.10 may allow an unauthenticated user to potentially enable information disclosure via physical access.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2020-8761
|
2024-11-21 14:39 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201170
|
7.8 |
HIGH
Local
|
intel
netapp
|
active_management_technology_firmware
cloud_backup
|
Integer overflow in subsystem for Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70, 14.0.45 may allow a privileged user to potentially enable escalation of privilege via local access.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-8760
|
2024-11-21 14:39 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
