|
210171
|
7.8 |
HIGH
Local
|
automationbroker
|
apb
|
A flaw was found in automationbroker/apb container in versions up to and including 2.0.4-1. This container grants all users sudoer permissions allowing an unauthorized user with access to the running…
|
CWE-269
Improper Privilege Management
|
CVE-2020-10728
|
2024-11-21 13:55 |
2022-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210172
|
4.4 |
MEDIUM
Local
|
theforeman
|
foreman
|
A flaw was found where the Plaintext Candlepin password is disclosed while updating Red Hat Satellite through the satellite-installer. This flaw allows an attacker with sufficiently high privileges, …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-10710
|
2024-11-21 13:55 |
2022-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210173
|
9.8 |
CRITICAL
Network
|
emerson
|
openenterprise_scada_server
|
Emerson OpenEnterprise versions through 3.3.4 may allow an attacker to run an arbitrary commands with system privileges or perform remote code execution via a specific communication service.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-10640
|
2024-11-21 13:55 |
2022-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210174
|
7.5 |
HIGH
Network
|
emerson
|
openenterprise_scada_server
|
Inadequate encryption may allow the passwords for Emerson OpenEnterprise versions through 3.3.4 user accounts to be obtained.
|
CWE-326
Inadequate Encryption Strength
|
CVE-2020-10636
|
2024-11-21 13:55 |
2022-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210175
|
4.3 |
MEDIUM
Network
|
kuka
|
sim_pro
|
Simulation models for KUKA.Sim Pro version 3.1 are hosted by a server maintained by KUKA. When these devices request a model, the server transmits the model in plaintext.
|
CWE-924
Improper Enforcement of Message Integrity During Transmission in a Communication Channel
|
CVE-2020-10635
|
2024-11-21 13:55 |
2022-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210176
|
5.3 |
MEDIUM
Network
|
emerson
|
openenterprise_scada_server
|
Inadequate folder security permissions in Emerson OpenEnterprise versions through 3.3.4 may allow modification of important configuration files, which could cause the system to fail or behave in an u…
|
NVD-CWE-Other
|
CVE-2020-10632
|
2024-11-21 13:55 |
2022-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210177
|
8.1 |
HIGH
Adjacent
|
insulet
|
omnipod_insulin_management_system_firmware
|
Insulet Omnipod Insulin Management System insulin pump product ID 19191 and 40160 is designed to communicate using a wireless RF with an Insulet manufactured Personal Diabetes Manager device. This wi…
|
NVD-CWE-Other
|
CVE-2020-10627
|
2024-11-21 13:55 |
2021-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210178
|
7.5 |
HIGH
Network
|
replicated
|
replicated_classic
|
Replicated Classic 2.x versions have an improperly secured API that exposes sensitive data from the Replicated Admin Console configuration. An attacker with network access to the Admin Console port (…
|
NVD-CWE-noinfo
|
CVE-2020-10590
|
2024-11-21 13:55 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210179
|
4.3 |
MEDIUM
Network
|
elastic
redhat
|
kibana
openshift_container_platform
|
It was discovered that OpenShift Container Platform's (OCP) distribution of Kibana could open in an iframe, which made it possible to intercept and manipulate requests. This flaw allows an attacker t…
|
-
|
CVE-2020-10743
|
2024-11-21 13:55 |
2021-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210180
|
6.0 |
MEDIUM
Local
|
linux
redhat
|
linux_kernel
enterprise_linux
|
A flaw was found in the Linux kernel. An index buffer overflow during Direct IO write leading to the NFS client to crash. In some cases, a reach out of the index after one memory allocation by kmallo…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-10742
|
2024-11-21 13:55 |
2021-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
