|
196141
|
8.8 |
HIGH
Network
|
abb
|
800xa_information_manager
|
The installations for ABB System 800xA Information Manager versions 5.1, 6.0 to 6.0.3.2 and 6.1 wrongly contain an auxiliary component. An attacker is able to use this for an XSS-like attack to an au…
|
CWE-79
Cross-site Scripting
|
CVE-2020-8477
|
2024-11-21 14:38 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196142
|
7.8 |
HIGH
Local
|
abb
|
800xa_base_system
|
Weak Registry permissions in ABB System 800xA Base allow low privileged users to read and modify registry settings related to control system functionality, allowing an authenticated attacker to cause…
|
CWE-269
Improper Privilege Management
|
CVE-2020-8474
|
2024-11-21 14:38 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196143
|
6.2 |
MEDIUM
Physics
|
bitdefender
|
antivirus_2020
|
A vulnerability in the improper handling of junctions in Bitdefender Antivirus Free can allow an unprivileged user to substitute a quarantined file, and restore it to a privileged location. This issu…
|
CWE-59
Link Following
|
CVE-2020-8099
|
2024-11-21 14:38 |
2020-04-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196144
|
7.8 |
HIGH
Local
|
lenovo
|
vantage
|
A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authe…
|
CWE-269
Improper Privilege Management
|
CVE-2020-8327
|
2024-11-21 14:38 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196145
|
5.5 |
MEDIUM
Local
|
lenovo
|
system_interface_foundation
|
A vulnerability was reported in LenovoAppScenarioPluginSystem for Lenovo System Interface Foundation prior to version 1.2.184.31 that could allow unsigned DLL files to be executed.
|
CWE-20
Improper Input Validation
|
CVE-2020-8324
|
2024-11-21 14:38 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196146
|
7.8 |
HIGH
Local
|
lenovo
|
system_interface_foundation
|
A privilege escalation vulnerability was reported in Lenovo System Interface Foundation prior to version 1.1.19.3 that could allow an authenticated user to execute code with elevated privileges.
|
NVD-CWE-noinfo
|
CVE-2020-8319
|
2024-11-21 14:38 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196147
|
7.8 |
HIGH
Local
|
lenovo
|
system_interface_foundation
|
A privilege escalation vulnerability was reported in the LenovoSystemUpdatePlugin for Lenovo System Interface Foundation prior to version that could allow an authenticated user to execute code with e…
|
NVD-CWE-noinfo
|
CVE-2020-8318
|
2024-11-21 14:38 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196148
|
4.4 |
MEDIUM
Local
|
lenovo
|
vantage
|
A vulnerability was reported in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to read files on the system with elevated privileges.
|
NVD-CWE-noinfo
|
CVE-2020-8316
|
2024-11-21 14:38 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196149
|
6.1 |
MEDIUM
Network
|
stormshield
|
stormshield_network_security
|
Stormshield Network Security 310 3.7.10 devices have an auth/lang.html?rurl= Open Redirect vulnerability on the captive portal. For example, the attacker can use rurl=//example.com instead of rurl=ht…
|
CWE-601
Open Redirect
|
CVE-2020-8430
|
2024-11-21 14:38 |
2020-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196150
|
5.3 |
MEDIUM
Network
|
ui
|
cloud_key_gen2
cloud_key_gen2_plus
|
UniFi Cloud Key firmware < 1.1.6 contains a vulnerability that enables an attacker being able to change a device hostname by sending a malicious API request. This affects Cloud Key gen2 and Cloud Key…
|
CWE-287
Improper Authentication
|
CVE-2020-8148
|
2024-11-21 14:38 |
2020-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
