|
210651
|
8.8 |
HIGH
Network
|
microsoft
|
windows_server_2012
windows_server_2016
windows_server_2008
windows_server_2019
|
<p>A remote code execution vulnerability exists when Active Directory integrated DNS (ADIDNS) mishandles objects in memory. An authenticated attacker who successfully exploited the vulnerability coul…
|
NVD-CWE-noinfo
|
CVE-2020-0718
|
2024-11-21 13:54 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210652
|
7.8 |
HIGH
Local
|
siemens
|
license_management_utility
|
A vulnerability has been identified in License Management Utility (LMU) (All versions < V2.4). The lmgrd service of the affected application is executed with local SYSTEM privileges on the server whi…
|
-
|
CVE-2020-10056
|
2024-11-21 13:54 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210653
|
7.8 |
HIGH
Local
|
siemens
|
simatic_rtls_locating_manager
|
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). Multiple services of the affected application are executed with SYSTEM privileges while the call path is…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2020-10051
|
2024-11-21 13:54 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210654
|
7.8 |
HIGH
Local
|
siemens
|
simatic_rtls_locating_manager
|
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The directory of service executables of the affected application could allow a local attacker to include…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-10050
|
2024-11-21 13:54 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210655
|
7.3 |
HIGH
Local
|
siemens
|
simatic_rtls_locating_manager
|
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.10.2). The start-stop scripts for the services of the affected application could allow a local attacker to incl…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-10049
|
2024-11-21 13:54 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210656
|
7.6 |
HIGH
Physics
|
ncr
|
aptra_xfs
|
NCR SelfServ ATMs running APTRA XFS 05.01.00 do not properly validate softare updates for the bunch note acceptor (BNA), enabling an attacker with physical access to internal ATM components to restar…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2020-10126
|
2024-11-21 13:54 |
2020-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210657
|
7.6 |
HIGH
Physics
|
ncr
|
aptra_xfs
|
NCR SelfServ ATMs running APTRA XFS 04.02.01 and 05.01.00 implement 512-bit RSA certificates to validate bunch note acceptor (BNA) software updates, which can be broken by an attacker with physical a…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2020-10125
|
2024-11-21 13:54 |
2020-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210658
|
7.1 |
HIGH
Physics
|
ncr
|
aptra_xfs
|
NCR SelfServ ATMs running APTRA XFS 05.01.00 do not encrypt, authenticate, or verify the integrity of messages between the BNA and the host computer, which could allow an attacker with physical acces…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-10124
|
2024-11-21 13:54 |
2020-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210659
|
5.3 |
MEDIUM
Physics
|
ncr
|
aptra_xfs
|
The currency dispenser of NCR SelfSev ATMs running APTRA XFS 05.01.00 or earlier does not adequately authenticate session key generation requests from the host computer, allowing an attacker with phy…
|
CWE-287
Improper Authentication
|
CVE-2020-10123
|
2024-11-21 13:54 |
2020-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210660
|
9.8 |
CRITICAL
Network
|
siemens
|
desigo_consumption_control_compact
desigo_consumption_control
|
A vulnerability has been identified in Desigo CC (V4.x), Desigo CC (V3.x), Desigo CC Compact (V4.x), Desigo CC Compact (V3.x). Affected applications are delivered with a 3rd party component (BIRT) th…
|
CWE-94
Code Injection
|
CVE-2020-10055
|
2024-11-21 13:54 |
2020-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
