|
200541
|
2.5 |
LOW
Local
|
amazon
|
aws_s3_crypto_sdk
|
A vulnerability in the in-band key negotiation exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. An attacker with write access to the targeted bucket can change the encryption algorith…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-8912
|
2024-11-21 14:39 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200542
|
5.6 |
MEDIUM
Local
|
amazon
|
aws_s3_crypto_sdk
|
A padding oracle vulnerability exists in the AWS S3 Crypto SDK for GoLang versions prior to V2. The SDK allows users to encrypt files with AES-CBC without computing a Message Authentication Code (MAC…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-8911
|
2024-11-21 14:39 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200543
|
7.1 |
HIGH
Local
|
google
|
go-tpm
|
An improperly initialized 'migrationAuth' value in Google's go-tpm TPM1.2 library versions prior to 0.3.0 can lead an eavesdropping attacker to discover the auth value for a key created with CreateWr…
|
CWE-665
Improper Initialization
|
CVE-2020-8918
|
2024-11-21 14:39 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200544
|
8.8 |
HIGH
Adjacent
|
huawei
|
fusionsphere_openstack
|
FusionSphere OpenStack 8.0.0 have a protection mechanism failure vulnerability. The product incorrectly uses a protection mechanism. An attacker has to find a way to exploit the vulnerability to cond…
|
NVD-CWE-Other
|
CVE-2020-9079
|
2024-11-21 14:39 |
2020-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200545
|
7.8 |
HIGH
Local
|
huawei
|
fusioncompute
|
FusionCompute 8.0.0 have local privilege escalation vulnerability. A local, authenticated attacker could perform specific operations to exploit this vulnerability. Successful exploitation may cause t…
|
NVD-CWE-noinfo
|
CVE-2020-9078
|
2024-11-21 14:39 |
2020-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200546
|
6.1 |
MEDIUM
Network
|
jeedom
|
jeedom
|
Jeedom through 4.0.38 allows XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2020-9036
|
2024-11-21 14:39 |
2020-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200547
|
6.7 |
MEDIUM
Local
|
trendmicro
|
antivirus_toolkit
apex_one
deep_security
officescan
officescan_business_security
officescan_business_security_service
officescan_cloud
online_scan
portable_security
rootkit…
|
An input validation vulnerability found in multiple Trend Micro products utilizing a particular version of a specific rootkit protection driver could allow an attacker in user-mode with administrator…
|
CWE-20
Improper Input Validation
|
CVE-2020-8607
|
2024-11-21 14:39 |
2020-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200548
|
4.4 |
MEDIUM
Local
|
netapp
|
active_iq_unified_manager
|
Active IQ Unified Manager for VMware vSphere and Windows versions prior to 9.5 are susceptible to a vulnerability which allows administrative users to cause Denial of Service (DoS).
|
NVD-CWE-noinfo
|
CVE-2020-8575
|
2024-11-21 14:39 |
2020-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200549
|
7.8 |
HIGH
Local
|
netapp
|
active_iq_unified_manager
|
Active IQ Unified Manager for Linux versions prior to 9.6 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service enabled allowing unauthorized code execution to local user…
|
NVD-CWE-noinfo
|
CVE-2020-8574
|
2024-11-21 14:39 |
2020-08-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200550
|
5.9 |
MEDIUM
Network
|
kubernetes
|
ingress-nginx
|
The Kubernetes ingress-nginx component prior to version 0.28.0 allows a user with the ability to create namespaces and to read and create ingress objects to overwrite the password file of another ing…
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2020-8553
|
2024-11-21 14:39 |
2020-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
