|
196041
|
7.8 |
HIGH
Local
|
intel
|
bios
|
Out of bound read in BIOS firmware for 8th, 9th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 Series Processors may allow an unauthenticated user to potentially enable elevation of…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-8672
|
2024-11-21 14:39 |
2021-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196042
|
6.7 |
MEDIUM
Local
|
intel
|
m10jnp2sb_firmware
|
Improper input validation in the firmware for Intel(R) Server Board M10JNP2SB before version 7.210 may allow a privileged user to potentially enable escalation of privilege via local access.
|
CWE-20
Improper Input Validation
|
CVE-2020-8734
|
2024-11-21 14:39 |
2021-02-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196043
|
5.5 |
MEDIUM
Local
|
netapp
|
oncommand_unified_manager
|
OnCommand Unified Manager Core Package versions prior to 5.2.5 may disclose sensitive account information to unauthorized users via the use of PuTTY Link (plink).
|
CWE-59
Link Following
|
CVE-2020-8585
|
2024-11-21 14:39 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196044
|
9.1 |
CRITICAL
Network
|
kubernetes
|
java
|
Kubernetes Java client libraries in version 10.0.0 and versions prior to 9.0.1 allow writes to paths outside of the current directory when copying multiple files from a remote pod which sends a malic…
|
CWE-22
Path Traversal
|
CVE-2020-8570
|
2024-11-21 14:39 |
2021-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196045
|
6.5 |
MEDIUM
Network
|
kubernetes
|
container_storage_interface_snapshotter
|
Kubernetes CSI snapshot-controller prior to v2.1.3 and v3.0.2 could panic when processing a VolumeSnapshot custom resource when: - The VolumeSnapshot referenced a non-existing PersistentVolumeClaim a…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-8569
|
2024-11-21 14:39 |
2021-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196046
|
6.5 |
MEDIUM
Network
|
kubernetes
|
secrets_store_csi_driver
|
Kubernetes Secrets Store CSI Driver versions v0.0.15 and v0.0.16 allow an attacker who can modify a SecretProviderClassPodStatus/Status resource the ability to write content to the host filesystem an…
|
CWE-22
Path Traversal
|
CVE-2020-8568
|
2024-11-21 14:39 |
2021-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196047
|
6.5 |
MEDIUM
Network
|
google
hashicorp
microsoft
|
secret_manager_provider_for_secret_store_csi_driver
vault_provider_for_secrets_store_csi_driver
azure_key_vault_provider_for_secrets_store_csi_driver
|
Kubernetes Secrets Store CSI Driver Vault Plugin prior to v0.0.6, Azure Plugin prior to v0.0.10, and GCP Plugin prior to v0.2.0 allow an attacker who can create specially-crafted SecretProviderClass …
|
CWE-22
Path Traversal
|
CVE-2020-8567
|
2024-11-21 14:39 |
2021-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196048
|
5.0 |
MEDIUM
Network
|
kubernetes
oracle
|
kubernetes
communications_cloud_native_core_network_slice_selection_function
communications_cloud_native_core_service_communication_proxy
communications_cloud_native_core_policy
|
Kubernetes API server in all versions allow an attacker who is able to create a ClusterIP service and set the spec.externalIPs field, to intercept traffic to that IP address. Additionally, an attacke…
|
NVD-CWE-noinfo
|
CVE-2020-8554
|
2024-11-21 14:39 |
2021-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196049
|
6.5 |
MEDIUM
Network
|
netapp
|
clustered_data_ontap
|
Clustered Data ONTAP versions prior to 9.3P20 and 9.5 are susceptible to a vulnerability which could allow an authenticated but unauthorized attacker to overwrite arbitrary data when VMware vStorage …
|
NVD-CWE-noinfo
|
CVE-2020-8581
|
2024-11-21 14:39 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196050
|
9.8 |
CRITICAL
Network
|
netapp
|
solidfire
hci_management_node
hci_storage_node
element_os
|
Element OS versions prior to 1.8P1 and 12.2 are susceptible to a vulnerability that could allow an unauthenticated remote attacker to perform arbitrary code execution.
|
NVD-CWE-noinfo
|
CVE-2020-8584
|
2024-11-21 14:39 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
