|
210681
|
8.8 |
HIGH
Network
|
rittal
|
cmciii-pu-9333e0fb_firmware
pdu-3c002dec_firmware
cmc_iii_pu_7030.000_firmware
lcp-cw_firmware
iot_interface_3124.300
|
An issue was discovered on Rittal PDU-3C002DEC through 5.15.40 and CMCIII-PU-9333E0FB through 3.15.70_4 devices. Attackers can execute code.
|
CWE-78
OS Command
|
CVE-2020-11953
|
2024-11-21 13:58 |
2020-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210682
|
6.2 |
MEDIUM
Local
|
rittal
|
cmciii-pu-9333e0fb_firmware
pdu-3c002dec_firmware
cmc_iii_pu_7030.000_firmware
lcp-cw_firmware
iot_interface_3124.300
|
An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices. Attackers can bypass the CLI menu.
|
NVD-CWE-noinfo
|
CVE-2020-11952
|
2024-11-21 13:58 |
2020-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210683
|
9.8 |
CRITICAL
Network
|
rittal
|
cmciii-pu-9333e0fb_firmware
pdu-3c002dec_firmware
cmc_iii_pu_7030.000_firmware
lcp-cw_firmware
iot_interface_3124.300
|
An issue was discovered on Rittal PDU-3C002DEC through 5.17.10 and CMCIII-PU-9333E0FB through 3.17.10 devices. There is a Backdoor root account.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-11951
|
2024-11-21 13:58 |
2020-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210684
|
9.0 |
CRITICAL
Network
|
pandorafms
|
pandora_fms
|
Pandora FMS 7.0 NG <= 746 suffers from Multiple XSS vulnerabilities in different browser views. A network administrator scanning a SNMP device can trigger a Cross Site Scripting (XSS), which can run …
|
CWE-79
Cross-site Scripting
|
CVE-2020-11749
|
2024-11-21 13:58 |
2020-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210685
|
9.8 |
CRITICAL
Network
|
microfocus
|
identity_manager
|
Elevation of privilege and/or unauthorized access vulnerability in Micro Focus Identity Manager. Affecting versions prior to 4.7.3 and 4.8.1 hot fix 1. The vulnerability could allow information expos…
|
NVD-CWE-noinfo
|
CVE-2020-11849
|
2024-11-21 13:58 |
2020-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210686
|
6.1 |
MEDIUM
Network
|
telefonica
|
o2_business
|
The O2 Business application 1.2.0 for Android exposes the canvasm.myo2.SplashActivity activity to other applications. The purpose of this activity is to handle deeplinks that can be delivered either …
|
CWE-601
Open Redirect
|
CVE-2020-11882
|
2024-11-21 13:58 |
2020-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210687
|
8.1 |
HIGH
Network
|
python
fedoraproject
canonical
|
pillow
fedora
ubuntu_linux
|
In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-11538
|
2024-11-21 13:58 |
2020-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210688
|
5.3 |
MEDIUM
Network
|
wolfssl
|
wolfssl
|
The private-key operations in ecc.c in wolfSSL before 4.4.0 do not use a constant-time modular inverse when mapping to affine coordinates, aka a "projective coordinates leak."
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2020-11735
|
2024-11-21 13:58 |
2020-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210689
|
7.5 |
HIGH
Network
|
mi
|
xiaomi_r3600_firmware
|
Xiaomi router R3600 ROM before 1.0.50 is affected by a sensitive information leakage caused by an insecure interface get_config_result without authentication
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-11961
|
2024-11-21 13:58 |
2020-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210690
|
9.8 |
CRITICAL
Network
|
mi
|
xiaomi_r3600_firmware
|
Xiaomi router R3600 ROM before 1.0.50 is affected by a vulnerability when checking backup file in c_upload interface let attacker able to extract malicious file under any location in /tmp, lead to po…
|
NVD-CWE-noinfo
|
CVE-2020-11960
|
2024-11-21 13:58 |
2020-06-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
