|
210791
|
9.8 |
CRITICAL
Network
|
zulipchat
|
zulip_desktop
|
Zulip Desktop before 5.2.0 has Missing SSL Certificate Validation because all validation was inadvertently disabled during an attempt to recognize the ignoreCerts option.
|
CWE-295
Improper Certificate Validation
|
CVE-2020-12637
|
2024-11-21 13:59 |
2020-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210792
|
8.8 |
HIGH
Network
|
advantech
|
webaccess
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application…
|
CWE-22
Path Traversal
|
CVE-2020-12026
|
2024-11-21 13:59 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210793
|
9.8 |
CRITICAL
Network
|
advantech
|
webaccess
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An improper validation vulnerability exists that could allow an attacker to inject specially crafted input into memory where it can b…
|
CWE-129
Improper Validation of Array Index
|
CVE-2020-12022
|
2024-11-21 13:59 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210794
|
7.5 |
HIGH
Network
|
advantech
|
webaccess
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-12018
|
2024-11-21 13:59 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210795
|
7.5 |
HIGH
Network
|
advantech
|
webaccess
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Input is not properly sanitized and may allow an attacker to inject SQL commands.
|
CWE-89
SQL Injection
|
CVE-2020-12014
|
2024-11-21 13:59 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210796
|
7.1 |
HIGH
Local
|
advantech
|
webaccess
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow an authenticated user to use a specially crafted file to delete…
|
CWE-22
Path Traversal
|
CVE-2020-12010
|
2024-11-21 13:59 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210797
|
9.8 |
CRITICAL
Network
|
advantech
|
webaccess
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow a low privilege user to overwrite files outside the application…
|
CWE-22
Path Traversal
|
CVE-2020-12006
|
2024-11-21 13:59 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210798
|
9.8 |
CRITICAL
Network
|
advantech
|
webaccess
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data,…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-12002
|
2024-11-21 13:59 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210799
|
7.5 |
HIGH
Network
|
zohocorp
|
manageengine_opmanager
|
Zoho ManageEngine OpManager Stable build before 124196 and Released build before 125125 allows an unauthenticated attacker to read arbitrary files on the server by sending a crafted request.
|
CWE-22
Path Traversal
|
CVE-2020-12116
|
2024-11-21 13:59 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210800
|
7.8 |
HIGH
Local
|
solarwinds
|
managed_service_provider_patch_management_engine
|
An issue was discovered in SolarWinds MSP PME (Patch Management Engine) Cache Service before 1.1.15 in the Advanced Monitoring Agent. There are insecure file permissions for %PROGRAMDATA%\SolarWinds …
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-12608
|
2024-11-21 13:59 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
