|
197441
|
9.8 |
CRITICAL
Network
|
hp
|
systems_insight_manager
|
A potential security vulnerability has been identified in HPE Systems Insight Manager (SIM) version 7.6. The vulnerability could be exploited to allow remote code execution.
|
NVD-CWE-noinfo
|
CVE-2020-7200
|
2024-11-21 14:36 |
2020-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197442
|
9.8 |
CRITICAL
Network
|
hp
|
edgeline_infrastructure_manager
|
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited t…
|
CWE-287
Improper Authentication
|
CVE-2020-7199
|
2024-11-21 14:36 |
2020-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197443
|
9.8 |
CRITICAL
Network
|
zte
|
zxv10_w908_firmware
|
A ZXELINK wireless controller has a SQL injection vulnerability. A remote attacker does not need to log in. By sending malicious SQL statements, because the device does not properly filter parameters…
|
CWE-89
SQL Injection
|
CVE-2020-6880
|
2024-11-21 14:36 |
2020-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197444
|
9.8 |
CRITICAL
Network
|
tableau
|
tableau_server
|
Tableau Server installations configured with Site-Specific SAML that allows the APIs to be used by unauthenticated users. If exploited, this could allow a malicious user to configure Site-Specific SA…
|
NVD-CWE-noinfo
|
CVE-2020-6939
|
2024-11-21 14:36 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197445
|
3.5 |
LOW
Adjacent
|
zte
|
zxhn_z500_firmware
zxhn_f670l_firmware
|
Some ZTE devices have input verification vulnerabilities. The devices support configuring a static prefix through the web management page. The restriction of the front-end code can be bypassed by con…
|
CWE-20
Improper Input Validation
|
CVE-2020-6879
|
2024-11-21 14:36 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197446
|
6.5 |
MEDIUM
Network
|
avaya
|
aura_system_manager
weblm
|
An XML external entity (XXE) vulnerability in Avaya WebLM admin interface allows authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in…
|
CWE-611
XXE
|
CVE-2020-7032
|
2024-11-21 14:36 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197447
|
5.4 |
MEDIUM
Network
|
avaya
|
equinox_conferencing
|
A Cross Site Scripting (XSS) Vulnerability on the Unified Portal Client (web client) used in Avaya Equinox Conferencing can allow an authenticated user to perform XSS attacks. The affected versions o…
|
CWE-79
Cross-site Scripting
|
CVE-2020-7033
|
2024-11-21 14:36 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197448
|
8.8 |
HIGH
Network
|
hp
|
oneview
synergy_composer_2
synergy_composer
|
There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to…
|
NVD-CWE-noinfo
|
CVE-2020-7198
|
2024-11-21 14:36 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197449
|
8.8 |
HIGH
Network
|
zte
|
zxa10_eodn_firmware
|
A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally…
|
NVD-CWE-noinfo
|
CVE-2020-6877
|
2024-11-21 14:36 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197450
|
6.8 |
MEDIUM
Physics
|
hp
|
apollo_2000_firmware
apollo_4200_gen10_firmware
apollo_4500_firmware
proliant_xl230k_gen10_firmware
proliant_xl270d_gen10_firmware
proliant_bl460c_gen10_firmware
proliant_dl120_gen1…
|
A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the s…
|
NVD-CWE-noinfo
|
CVE-2020-7207
|
2024-11-21 14:36 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
