|
202061
|
5.5 |
MEDIUM
Local
|
kubernetes
|
kubernetes
|
In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secret…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-8564
|
2024-11-21 14:39 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202062
|
5.5 |
MEDIUM
Local
|
kubernetes
|
kubernetes
|
In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controller manager's log. This affects < v1.19.…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-8563
|
2024-11-21 14:39 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202063
|
5.3 |
MEDIUM
Adjacent
|
johnsoncontrols
|
c-cure_web
victor_web
|
A vulnerability in specified versions of American Dynamics victor Web Client and Software House C•CURE Web Client could allow an unauthenticated attacker on the network to create and sign their own J…
|
CWE-287
Improper Authentication
|
CVE-2020-9049
|
2024-11-21 14:39 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202064
|
8.1 |
HIGH
Network
|
amazon
|
aws_encryption_sdk
|
A weak robustness vulnerability exists in the AWS Encryption SDKs for Java, Python, C and Javalcript prior to versions 2.0.0. Due to the non-committing property of AES-GCM (and other AEAD ciphers suc…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-8897
|
2024-11-21 14:39 |
2020-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202065
|
7.5 |
HIGH
Network
|
netapp
|
hci
element_os
|
Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an attacker to discover sensitive information by intercepting its transmis…
|
NVD-CWE-noinfo
|
CVE-2020-8583
|
2024-11-21 14:39 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202066
|
6.5 |
MEDIUM
Network
|
netapp
|
hci
element_os
|
Element Software versions prior to 12.2 and HCI versions prior to 1.8P1 are susceptible to a vulnerability which could allow an authenticated user to view sensitive information.
|
NVD-CWE-noinfo
|
CVE-2020-8582
|
2024-11-21 14:39 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202067
|
6.5 |
MEDIUM
Network
|
intel
|
data_center_manager
|
Improper input validation in the Intel(R) Data Center Manager Console before version 3.6.2 may allow an authenticated user to potentially enable information disclosure via network access.
|
CWE-20
Improper Input Validation
|
CVE-2020-8669
|
2024-11-21 14:39 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202068
|
5.5 |
MEDIUM
Local
|
intel
|
quartus_prime
|
Uncaught exception in the Intel(R) 50GbE IP Core for Intel(R) Quartus Prime before version 20.2 may allow an authenticated user to potentially enable denial of service via local access.
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2020-8767
|
2024-11-21 14:39 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202069
|
6.5 |
MEDIUM
Adjacent
|
intel
|
software_guard_extensions_data_center_attestation_primitives
|
Improper conditions check in the Intel(R) SGX DCAP software before version 1.6 may allow an unauthenticated user to potentially enable denial of service via adjacent access.
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2020-8766
|
2024-11-21 14:39 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202070
|
6.7 |
MEDIUM
Local
|
intel
netapp
|
bios
hci_storage_node_bios
solidfire_bios
hci_compute_node_bios
aff_bios
fas_bios
|
Improper access control in BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
|
NVD-CWE-Other
|
CVE-2020-8764
|
2024-11-21 14:39 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
