|
209611
|
4.6 |
MEDIUM
Physics
|
apexmic
|
apm32f103_firmware
|
The flash memory readout protection in Apex Microelectronics APM32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling.
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2020-13463
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209612
|
6.1 |
MEDIUM
Network
|
o-dyn
|
collabtive
|
An issue was discovered in Collabtive 3.0 and later. managefile.php is vulnerable to XSS: when the action parameter is set to movefile and the id parameter corresponds to a project the current user h…
|
CWE-79
Cross-site Scripting
|
CVE-2020-13655
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209613
|
6.5 |
MEDIUM
Adjacent
|
espressif
|
esp-idf
|
The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.0 through 4.2 (for ESP32 devices) returns the wrong number of completed BLE packets and triggers a reachable assertion …
|
CWE-617
Reachable Assertion
|
CVE-2020-13595
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209614
|
6.5 |
MEDIUM
Adjacent
|
espressif
|
esp-idf
|
The Bluetooth Low Energy (BLE) controller implementation in Espressif ESP-IDF 4.2 and earlier (for ESP32 devices) does not properly restrict the channel map field of the connection request packet on …
|
CWE-20
Improper Input Validation
|
CVE-2020-13594
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209615
|
8.8 |
HIGH
Adjacent
|
ti
|
simplelink-cc2640r2_software_development_kit
|
The Bluetooth Low Energy Secure Manager Protocol (SMP) implementation in Texas Instruments SimpleLink SIMPLELINK-CC2640R2-SDK through 2.2.3 allows the Diffie-Hellman check during the Secure Connectio…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2020-13593
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209616
|
5.9 |
MEDIUM
Network
|
mitel
|
micollab
|
The Mitel MiCollab application before 9.1.332 for iOS could allow an unauthorized user to access restricted files and folders due to insufficient access control. An exploit requires a rooted iOS devi…
|
NVD-CWE-noinfo
|
CVE-2020-13767
|
2024-11-21 14:01 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209617
|
7.5 |
HIGH
Network
|
mitel
|
6863_firmware
6865_firmware
6867_firmware
6869_firmware
6873_firmware
6940_firmware
6970_firmware
6930_firmware
6920_firmware
6905_firmware
6910_firmware
|
The Web UI component of Mitel MiVoice 6800 and 6900 series SIP Phones with firmware before 5.1.0.SP5 could allow an unauthenticated attacker to expose sensitive information due to improper memory han…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2020-13617
|
2024-11-21 14:01 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209618
|
5.4 |
MEDIUM
Network
|
hivemq
|
broker_control_center
|
An issue was discovered in HiveMQ Broker Control Center 4.3.2. A crafted clientid parameter in an MQTT packet (sent to the Broker) is reflected in the client section of the management console. The at…
|
CWE-79
Cross-site Scripting
|
CVE-2020-13821
|
2024-11-21 14:01 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209619
|
7.5 |
HIGH
Network
|
aedes_project
|
aedes
|
An issue was discovered in MoscaJS Aedes 0.42.0. lib/write.js does not properly consider exceptions during the writing of an invalid packet to a stream.
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2020-13410
|
2024-11-21 14:01 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209620
|
8.8 |
HIGH
Network
|
i-doit
|
i-doit
|
A CSV injection (aka Excel Macro Injection or Formula Injection) issue in i-doit 1.14.2 allows an attacker to execute arbitrary commands via a Title parameter that is mishandled in a CSV export.
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2020-13826
|
2024-11-21 14:01 |
2020-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
