|
211051
|
7.8 |
HIGH
Local
|
beyondtrust
|
privilege_management_for_windows
|
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When specifying a program to elevate, it can typically be found within the Program Files (x86) folder and therefor…
|
NVD-CWE-noinfo
|
CVE-2020-12612
|
2024-11-21 13:59 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211052
|
8.8 |
HIGH
Network
|
beyondtrust
|
privilege_management_for_windows
|
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). Whe…
|
NVD-CWE-noinfo
|
CVE-2020-12613
|
2024-11-21 13:59 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211053
|
5.9 |
MEDIUM
Network
|
mozilla
|
firefox
firefox_esr
|
The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2020-12413
|
2024-11-21 13:59 |
2023-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211054
|
7.8 |
HIGH
Local
|
pilz
codesys
festo
wago
|
pmc
control_for_beaglebone
control_for_empc-a\/imx6
control_for_iot2000
control_for_pfc100
control_for_pfc200
control_for_plcnext
control_for_raspberry_pi
hmi_v3
control_v3…
|
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2020-12069
|
2024-11-21 13:59 |
2022-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211055
|
7.5 |
HIGH
Network
|
pilz
|
pmc
|
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's password may be changed by an attacker without knowledge of the current password.
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2020-12067
|
2024-11-21 13:59 |
2022-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211056
|
7.5 |
HIGH
Network
|
badgermeter
|
moni\
|
In s::can moni::tools in versions below 4.2 an unauthenticated attacker could get any file from the device by path traversal in the image-relocator module.
|
-
|
CVE-2020-12508
|
2024-11-21 13:59 |
2022-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211057
|
8.8 |
HIGH
Network
|
badgermeter
|
moni\
|
In s::can moni::tools before version 4.2 an authenticated attacker could get full access to the database through SQL injection. This may result in loss of confidentiality, loss of integrity and DoS.
|
-
|
CVE-2020-12507
|
2024-11-21 13:59 |
2022-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211058
|
7.5 |
HIGH
Network
|
badgermeter
|
moni\
|
In s::can moni::tools in versions below 4.2 an unauthenticated attacker could get any file from the device by path traversal in the camera-file module.
|
-
|
CVE-2020-12509
|
2024-11-21 13:59 |
2022-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211059
|
8.8 |
HIGH
Adjacent
|
contiki-ng
|
contiki-ng
|
A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Contiki-NG 4.4 and earlier allows an attacker to execute arbitrary code via malicious L2CAP frames.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-12140
|
2024-11-21 13:59 |
2021-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211060
|
5.5 |
MEDIUM
Local
|
vivo
|
jovi_smart_scene
|
The attacker can access the sensitive information stored within the jovi Smart Scene module by entering carefully constructed commands without requesting permission.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-12488
|
2024-11-21 13:59 |
2021-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
