|
210741
|
5.5 |
MEDIUM
Local
|
newmediacompany
|
smarty
|
An issue was discovered in New Media Smarty before 9.10. Passwords are stored in the database in an obfuscated format that can be easily reversed. The file data.mdb contains these obfuscated password…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2020-10375
|
2024-11-21 13:55 |
2021-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210742
|
6.5 |
MEDIUM
Network
|
iobit
|
advanced_systemcare
|
The AscRegistryFilter.sys kernel driver in IObit Advanced SystemCare 13.2 allows an unprivileged user to send an IOCTL to the device driver. If the user provides a NULL entry for the dwIoControlCode …
|
NVD-CWE-noinfo
|
CVE-2020-10234
|
2024-11-21 13:55 |
2021-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210743
|
9.8 |
CRITICAL
Network
|
epikur
|
epikur
|
An issue was discovered in Epikur before 20.1.1. The Epikur server contains the checkPasswort() function that, upon user login, checks the submitted password against the user password's MD5 hash stor…
|
CWE-287
Improper Authentication
|
CVE-2020-10539
|
2024-11-21 13:55 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210744
|
5.5 |
MEDIUM
Local
|
epikur
|
epikur
|
An issue was discovered in Epikur before 20.1.1. It stores the secret passwords of the users as MD5 hashes in the database. MD5 can be brute-forced efficiently and should not be used for such purpose…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2020-10538
|
2024-11-21 13:55 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210745
|
7.8 |
HIGH
Local
|
epikur
|
epikur
|
An issue was discovered in Epikur before 20.1.1. A Glassfish 4.1 server with a default configuration is running on TCP port 4848. No password is required to access it with the administrator account.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-10537
|
2024-11-21 13:55 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210746
|
9.8 |
CRITICAL
Network
|
proofpoint
|
insider_threat_management_server
|
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-10658
|
2024-11-21 13:55 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210747
|
7.2 |
HIGH
Network
|
proofpoint
|
insider_threat_management_server
|
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-10657
|
2024-11-21 13:55 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210748
|
9.8 |
CRITICAL
Network
|
proofpoint
|
insider_threat_management_server
|
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability a…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-10656
|
2024-11-21 13:55 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210749
|
9.8 |
CRITICAL
Network
|
proofpoint
|
insider_threat_management_server
|
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an ano…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-10655
|
2024-11-21 13:55 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210750
|
8.2 |
HIGH
Network
|
kuka
|
visual_components_network_license_server
|
Visual Components (owned by KUKA) is a robotic simulator that allows simulating factories and robots in order toimprove planning and decision-making processes. Visual Components software requires a s…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2020-10292
|
2024-11-21 13:55 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
