|
196461
|
6.5 |
MEDIUM
Network
|
avaya
|
aura_system_manager
weblm
|
An XML external entity (XXE) vulnerability in Avaya WebLM admin interface allows authenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in…
|
CWE-611
XXE
|
CVE-2020-7032
|
2024-11-21 14:36 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196462
|
5.4 |
MEDIUM
Network
|
avaya
|
equinox_conferencing
|
A Cross Site Scripting (XSS) Vulnerability on the Unified Portal Client (web client) used in Avaya Equinox Conferencing can allow an authenticated user to perform XSS attacks. The affected versions o…
|
CWE-79
Cross-site Scripting
|
CVE-2020-7033
|
2024-11-21 14:36 |
2020-11-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196463
|
8.8 |
HIGH
Network
|
hp
|
oneview
synergy_composer_2
synergy_composer
|
There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to…
|
NVD-CWE-noinfo
|
CVE-2020-7198
|
2024-11-21 14:36 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196464
|
8.8 |
HIGH
Network
|
zte
|
zxa10_eodn_firmware
|
A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally…
|
NVD-CWE-noinfo
|
CVE-2020-6877
|
2024-11-21 14:36 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196465
|
6.8 |
MEDIUM
Physics
|
hp
|
apollo_2000_firmware
apollo_4200_gen10_firmware
apollo_4500_firmware
proliant_xl230k_gen10_firmware
proliant_xl270d_gen10_firmware
proliant_bl460c_gen10_firmware
proliant_dl120_gen1…
|
A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the s…
|
NVD-CWE-noinfo
|
CVE-2020-7207
|
2024-11-21 14:36 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196466
|
7.2 |
HIGH
Network
|
arubanetworks
|
airwave_glass
|
A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
|
NVD-CWE-noinfo
|
CVE-2020-7129
|
2024-11-21 14:36 |
2020-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196467
|
9.8 |
CRITICAL
Network
|
arubanetworks
|
airwave_glass
|
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-7128
|
2024-11-21 14:36 |
2020-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196468
|
5.3 |
MEDIUM
Network
|
mozilla
|
firefox
|
When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-m…
|
NVD-CWE-noinfo
|
CVE-2020-6829
|
2024-11-21 14:36 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196469
|
9.8 |
CRITICAL
Network
|
hp
|
storeserv_management_console
|
SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the mana…
|
CWE-287
Improper Authentication
|
CVE-2020-7197
|
2024-11-21 14:36 |
2020-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196470
|
6.5 |
MEDIUM
Network
|
hp
|
ezmeral_container_platform
bluedata_epic
|
The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized intercep…
|
CWE-200
CWE-522
Information Exposure
Insufficiently Protected Credentials
|
CVE-2020-7196
|
2024-11-21 14:36 |
2020-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
