|
214741
|
5.4 |
MEDIUM
Network
|
searchblox
|
searchblox
|
SearchBlox product with version before 9.2.1 is vulnerable to stored cross-site scripting at multiple user input parameters. In SearchBlox products multiple parameters are not sanitized/validate prop…
|
CWE-79
Cross-site Scripting
|
CVE-2020-10128
|
2024-11-21 13:54 |
2023-09-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214742
|
6.5 |
MEDIUM
Adjacent
|
silabs
|
uzb-7
700_series_firmware
|
Z-Wave devices based on Silicon Labs 700 series chipsets using S2 do not adequately authenticate or encrypt FIND_NODE_IN_RANGE frames, allowing a remote, unauthenticated attacker to inject a FIND_NOD…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2020-10137
|
2024-11-21 13:54 |
2022-01-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214743
|
5.5 |
MEDIUM
Local
|
siemens
|
simatic_rtls_locating_manager
|
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application does not properly handle the import of large configuration files. A local attacke…
|
NVD-CWE-noinfo
|
CVE-2020-10054
|
2024-11-21 13:54 |
2021-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214744
|
5.5 |
MEDIUM
Local
|
siemens
|
simatic_rtls_locating_manager
|
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application writes sensitive data, such as database credentials in configuration files. A loc…
|
-
|
CVE-2020-10053
|
2024-11-21 13:54 |
2021-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214745
|
5.5 |
MEDIUM
Local
|
siemens
|
simatic_rtls_locating_manager
|
A vulnerability has been identified in SIMATIC RTLS Locating Manager (All versions < V2.12). The affected application writes sensitive data, such as usernames and passwords in log files. A local atta…
|
-
|
CVE-2020-10052
|
2024-11-21 13:54 |
2021-11-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214746
|
6.5 |
MEDIUM
Network
|
apple
|
macos
|
A resource exhaustion issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.0.1. An attacker in a privileged network position may be able to perform denial of se…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-10005
|
2024-11-21 13:54 |
2021-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214747
|
7.8 |
HIGH
Local
|
adobe
|
coldfusion
|
The Adobe ColdFusion installer fails to set a secure access-control list (ACL) on the default installation directory, such as C:\ColdFusion2021\. By default, unprivileged users can create files in th…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-10145
|
2024-11-21 13:54 |
2021-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214748
|
5.3 |
MEDIUM
Local
|
zephyrproject
|
zephyr
|
Improper Handling of Insufficient Permissions or Privileges in zephyr. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Insufficient Permissions or Privileges (CWE-280). For more in…
|
NVD-CWE-Other
|
CVE-2020-10072
|
2024-11-21 13:54 |
2021-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214749
|
6.5 |
MEDIUM
Adjacent
|
zephyrproject
|
zephyr
|
Zephyr Bluetooth unchecked packet data results in denial of service. Zephyr versions >= v1.14.2, >= v2.2.0 contain Improper Handling of Parameters (CWE-233). For more information, see https://github.…
|
NVD-CWE-Other
|
CVE-2020-10069
|
2024-11-21 13:54 |
2021-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214750
|
5.7 |
MEDIUM
Adjacent
|
zephyrproject
|
zephyr
|
Incorrect Error Handling in Bluetooth HCI core. Zephyr versions >= v1.14.2, >= v2.2.0 contain NULL Pointer Dereference (CWE-476). For more information, see https://github.com/zephyrproject-rtos/zephy…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-10066
|
2024-11-21 13:54 |
2021-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
