|
209851
|
7.2 |
HIGH
Network
|
ge
|
asset_performance_management_classic
|
GE Digital APM Classic, Versions 4.4 and prior. Salt is not used for hash calculation of passwords, making it possible to decrypt passwords. This design flaw, along with the IDOR vulnerability, puts …
|
NVD-CWE-Other
|
CVE-2020-16244
|
2024-11-21 14:07 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209852
|
5.3 |
MEDIUM
Network
|
ge
|
asset_performance_management_classic
|
GE Digital APM Classic, Versions 4.4 and prior. An insecure direct object reference (IDOR) vulnerability allows user account data to be downloaded in JavaScript object notation (JSON) format by users…
|
-
|
CVE-2020-16240
|
2024-11-21 14:07 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209853
|
7.1 |
HIGH
Local
|
philips
|
clinical_collaboration_platform
|
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-16247
|
2024-11-21 14:07 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209854
|
4.2 |
MEDIUM
Network
|
microsoft
|
edge
|
<p>A remote code execution vulnerability exists in the way that the IEToEdge Browser Helper Object (BHO) plugin on Internet Explorer handles objects in memory. The vulnerability could corrupt memory …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-16884
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209855
|
7.8 |
HIGH
Local
|
microsoft
|
visual_studio_code
|
<p>A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability cou…
|
NVD-CWE-noinfo
|
CVE-2020-16881
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209856
|
5.5 |
MEDIUM
Local
|
microsoft
|
windows_server_2019
windows_10
windows_server_2016
|
<p>An information disclosure vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could obtain info…
|
NVD-CWE-noinfo
|
CVE-2020-16879
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209857
|
5.4 |
MEDIUM
Network
|
microsoft
|
dynamics_365
|
<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated at…
|
CWE-79
Cross-site Scripting
|
CVE-2020-16878
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209858
|
8.4 |
HIGH
Network
|
microsoft
|
exchange_server
|
<p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p>
<p>An attacker who successfully exploited the vulnerability could run …
|
CWE-74
CWE-269
Injection
Improper Privilege Management
|
CVE-2020-16875
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209859
|
7.8 |
HIGH
Local
|
microsoft
|
visual_studio
visual_studio_2019
visual_studio_2017
|
<p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the…
|
NVD-CWE-noinfo
|
CVE-2020-16874
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209860
|
4.7 |
MEDIUM
Network
|
microsoft
|
xamarin.forms
|
<p>A spoofing vulnerability manifests in Microsoft Xamarin.Forms due to the default settings on Android WebView version prior to 83.0.4103.106. This vulnerability could allow an attacker to execute a…
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2020-16873
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
