|
201701
|
6.4 |
MEDIUM
Local
|
intel
siemens
netapp
|
bios
simatic_field_pg_m6_firmware
simatic_ipc427e_firmware
simatic_ipc477e_firmware
simatic_ipc477e_pro_firmware
simatic_ipc527g_firmware
simatic_ipc547g_firmware
simatic_ipc627e…
|
Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.
|
CWE-362
Race Condition
|
CVE-2020-8670
|
2024-11-21 14:39 |
2021-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201702
|
4.3 |
MEDIUM
Network
|
google
|
rendertron
|
Rendertron versions prior to 3.0.0 are are susceptible to a Server-Side Request Forgery (SSRF) attack. An attacker can use a specially crafted webpage to force a rendertron headless chrome process to…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-8902
|
2024-11-21 14:39 |
2021-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201703
|
7.5 |
HIGH
Network
|
johnsoncontrols
|
metasys_reporting_engine
|
Path Traversal vulnerability exists in Metasys Reporting Engine (MRE) Web Services which could allow a remote unauthenticated attacker to access and download arbitrary files from the system.
|
CWE-22
Path Traversal
|
CVE-2020-9050
|
2024-11-21 14:39 |
2021-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201704
|
8.1 |
HIGH
Network
|
isc
debian
fedoraproject
siemens
netapp
|
bind
debian_linux
fedora
sinec_infrastructure_network_services
cloud_backup
a250_firmware
500f_firmware
|
BIND servers are vulnerable if they are running an affected version and are configured to use GSS-TSIG features. In a configuration which uses BIND's default settings the vulnerable code path is not …
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-8625
|
2024-11-21 14:39 |
2021-02-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201705
|
6.7 |
MEDIUM
Local
|
intel
|
realsense_depth_camera_manager
|
Incorrect default permissions in the installer for the Intel(R) RealSense(TM) DCM may allow a privileged user to potentially enable escalation of privilege via local access.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-8765
|
2024-11-21 14:39 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201706
|
6.7 |
MEDIUM
Local
|
intel
|
solid-state_drive_toolbox
|
Incorrect default permissions in installer for the Intel(R) SSD Toolbox versions before 2/9/2021 may allow a privileged user to potentially enable escalation of privilege via local access.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-8701
|
2024-11-21 14:39 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201707
|
7.8 |
HIGH
Local
|
intel
|
graphics_drivers
|
Improper access control for Intel(R) Graphics Drivers before version 15.45.33.5164 and 27.20.100.8280 may allow an authenticated user to potentially enable an escalation of privilege via local access.
|
NVD-CWE-Other
|
CVE-2020-8678
|
2024-11-21 14:39 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201708
|
3.3 |
LOW
Local
|
netapp
|
clustered_data_ontap
|
Clustered Data ONTAP versions prior to 9.1P18 and 9.3P12 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-…
|
NVD-CWE-noinfo
|
CVE-2020-8590
|
2024-11-21 14:39 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201709
|
5.5 |
MEDIUM
Local
|
netapp
|
oncommand_system_manager
|
OnCommand System Manager 9.x versions prior to 9.3P20 and 9.4 prior to 9.4P3 are susceptible to a vulnerability that could allow HTTP clients to cache sensitive responses making them accessible to an…
|
NVD-CWE-noinfo
|
CVE-2020-8587
|
2024-11-21 14:39 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201710
|
3.3 |
LOW
Local
|
netapp
|
clustered_data_ontap
|
Clustered Data ONTAP versions prior to 9.3P20 are susceptible to a vulnerability which could allow an attacker to discover node names via AutoSupport bundles even when the –remove-private-data parame…
|
NVD-CWE-noinfo
|
CVE-2020-8578
|
2024-11-21 14:39 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
