|
200801
|
6.5 |
MEDIUM
Local
|
vmware
|
workstation
esxi
fusion
|
VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundatio…
|
CWE-20
Improper Input Validation
|
CVE-2020-3999
|
2024-11-21 14:32 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200802
|
6.1 |
MEDIUM
Network
|
hcltech
|
domino
|
HCL Verse v10 and v11 is susceptible to a Stored Cross-Site Scripting (XSS) vulnerability due to improper handling of message content. An unauthenticated remote attacker could exploit this vulnerabil…
|
CWE-79
Cross-site Scripting
|
CVE-2020-4080
|
2024-11-21 14:32 |
2020-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200803
|
3.6 |
LOW
Local
|
vmware
|
carbon_black_cloud
|
The installer of the macOS Sensor for VMware Carbon Black Cloud (prior to 3.5.1) handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which a macOS sens…
|
NVD-CWE-noinfo
|
CVE-2020-4008
|
2024-11-21 14:32 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200804
|
6.7 |
MEDIUM
Local
|
hcltech
|
notes
|
HCL Notes is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Notes or execute attacker-controlle…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-4102
|
2024-11-21 14:32 |
2020-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200805
|
5.3 |
MEDIUM
Network
|
hcltech
|
domino
|
HCL Domino is susceptible to a lockout policy bypass vulnerability in the ID Vault service. An unauthenticated attacker could use this vulnerability to mount a brute force attack against the ID Vault…
|
NVD-CWE-noinfo
|
CVE-2020-4128
|
2024-11-21 14:32 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200806
|
5.3 |
MEDIUM
Network
|
hcltech
|
hcl_domino
|
HCL Domino is susceptible to a lockout policy bypass vulnerability in the LDAP service. An unauthenticated attacker could use this vulnerability to mount a brute force attack against the LDAP service…
|
NVD-CWE-noinfo
|
CVE-2020-4129
|
2024-11-21 14:32 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200807
|
5.9 |
MEDIUM
Network
|
hcltech
|
hcl_inotes
|
HCL iNotes is susceptible to a sensitive cookie exposure vulnerability. This can allow an unauthenticated remote attacker to capture the cookie by intercepting its transmission within an http session…
|
CWE-311
Missing Encryption of Sensitive Data
|
CVE-2020-4126
|
2024-11-21 14:32 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200808
|
6.5 |
MEDIUM
Network
|
hcltech
|
hcl_domino
|
HCL Domino is susceptible to a Login CSRF vulnerability. With a valid credential, an attacker could trick a user into accessing a system under another ID or use an intranet user's system to access in…
|
CWE-352
Origin Validation Error
|
CVE-2020-4127
|
2024-11-21 14:32 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200809
|
6.5 |
MEDIUM
Network
|
vmware
|
sd-wan_orchestrator
|
VMware SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 was found to be vulnerable to SQL-injection attacks allowing for potential information disclosure. A…
|
CWE-89
SQL Injection
|
CVE-2020-4003
|
2024-11-21 14:32 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200810
|
7.2 |
HIGH
Network
|
vmware
|
sd-wan_orchestrator
|
The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 handles system parameters in an insecure way. An authenticated SD-WAN Orchestrator user with high privi…
|
NVD-CWE-noinfo
|
CVE-2020-4002
|
2024-11-21 14:32 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
