|
197141
|
7.8 |
HIGH
Local
|
emerson
|
valvelink
|
In Emerson ValveLink v12.0.264 to v13.4.118, a vulnerability in the ValveLink software may allow a local, unprivileged, trusted insider to escalate privileges due to insecure configuration parameters.
|
CWE-269
Improper Privilege Management
|
CVE-2020-6971
|
2024-11-21 14:36 |
2020-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197142
|
7.5 |
HIGH
Network
|
hp
|
oneview_global_dashboard
|
HPE OneView Global Dashboard (OVGD) 1.9 has a remote information disclosure vulnerability. HPE OneView Global Dashboard - After Upgrade or Install of OVGD Version 1.9, Appliance Firewall May Leave Po…
|
CWE-200
Information Exposure
|
CVE-2020-7130
|
2024-11-21 14:36 |
2020-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197143
|
8.8 |
HIGH
Network
|
mozilla
canonical
|
firefox
ubuntu_linux
|
Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been expl…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-6801
|
2024-11-21 14:36 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197144
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
firefox_esr
|
A content process could have modified shared memory relating to crash reporting information, crash itself, and cause an out-of-bound write. This could have caused memory corruption and a potentially …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-6796
|
2024-11-21 14:36 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197145
|
8.8 |
HIGH
Network
|
mozilla
canonical
|
thunderbird
firefox
firefox_esr
ubuntu_linux
|
Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enoug…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-6800
|
2024-11-21 14:36 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197146
|
8.8 |
HIGH
Network
|
mozilla
|
firefox
firefox_esr
|
Command line arguments could have been injected during Firefox invocation as a shell handler for certain unsupported file types. This required Firefox to be configured as the default handler for a gi…
|
CWE-88
Argument Injection
|
CVE-2020-6799
|
2024-11-21 14:36 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197147
|
6.1 |
MEDIUM
Network
|
mozilla
|
thunderbird
firefox
firefox_esr
|
If a template tag was used in a select tag, the parser could be confused and allow JavaScript parsing and execution when it should not be allowed. A site that relied on the browser behaving correctly…
|
CWE-79
Cross-site Scripting
|
CVE-2020-6798
|
2024-11-21 14:36 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197148
|
4.3 |
MEDIUM
Network
|
mozilla
|
firefox
firefox_esr
thunderbird
|
By downloading a file with the .fileloc extension, a semi-privileged extension could launch an arbitrary application on the user's computer. The attacker is restricted as they are unable to download …
|
CWE-20
Improper Input Validation
|
CVE-2020-6797
|
2024-11-21 14:36 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197149
|
6.5 |
MEDIUM
Network
|
mozilla
|
thunderbird
|
When processing a message that contains multiple S/MIME signatures, a bug in the MIME processing code caused a null pointer dereference, leading to an unexploitable crash. This vulnerability affects …
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-6795
|
2024-11-21 14:36 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197150
|
6.5 |
MEDIUM
Network
|
mozilla
canonical
|
thunderbird
ubuntu_linux
|
If a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was no…
|
CWE-312
CWE-459
CWE-522
Cleartext Storage of Sensitive Information
Incomplete Cleanup
Insufficiently Protected Credentials
|
CVE-2020-6794
|
2024-11-21 14:36 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
