|
209151
|
8.2 |
HIGH
Local
|
parallels
|
parallels_desktop
|
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on th…
|
-
|
CVE-2020-17395
|
2024-11-21 14:08 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209152
|
6.0 |
MEDIUM
Local
|
parallels
|
parallels_desktop
|
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged…
|
-
|
CVE-2020-17394
|
2024-11-21 14:08 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209153
|
6.5 |
MEDIUM
Local
|
parallels
|
parallels_desktop
|
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code…
|
-
|
CVE-2020-17393
|
2024-11-21 14:08 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209154
|
8.8 |
HIGH
Local
|
parallels
|
parallels_desktop
|
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code …
|
-
|
CVE-2020-17392
|
2024-11-21 14:08 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209155
|
9.8 |
CRITICAL
Network
|
seowonintech
|
slc-130_firmware
slr-120s_firmware
slr-120s42g_firmware
slr-120d42g_firmware
slr-120t42g_firmware
|
SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter to the system_log.cgi page.
|
CWE-78
OS Command
|
CVE-2020-17456
|
2024-11-21 14:08 |
2020-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209156
|
7.5 |
HIGH
Network
|
megvii
|
koala_firmware
|
Lack of authentication in the network relays used in MEGVII Koala 2.9.1-c3s allows attackers to grant physical access to anyone by sending packet data to UDP port 5000.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-17475
|
2024-11-21 14:08 |
2020-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209157
|
9.8 |
CRITICAL
Network
|
zkteco
|
zkbiosecurity_server
facedepot_7b_firmware
|
A token-reuse vulnerability in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to create arbitrary new users, elevate users to administrators, delete users, and…
|
CWE-613
Insufficient Session Expiration
|
CVE-2020-17474
|
2024-11-21 14:08 |
2020-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209158
|
5.9 |
MEDIUM
Network
|
zkteco
|
zkbiosecurity_server
facedepot_7b_firmware
|
Lack of mutual authentication in ZKTeco FaceDepot 7B 1.0.213 and ZKBiosecurity Server 1.0.0_20190723 allows an attacker to obtain a long-lasting token by impersonating the server.
|
CWE-613
Insufficient Session Expiration
|
CVE-2020-17473
|
2024-11-21 14:08 |
2020-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209159
|
7.8 |
HIGH
Local
|
cmsmadesimple
|
cms_made_simple
|
CMS Made Simple 2.2.14 allows Authenticated Arbitrary File Upload because the File Manager does not block .ptar files, a related issue to CVE-2017-16798.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-17462
|
2024-11-21 14:08 |
2020-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209160
|
6.5 |
MEDIUM
Network
|
wireshark
fedoraproject
opensuse
oracle
|
wireshark
fedora
leap
zfs_storage_appliance_kit
|
In Wireshark 3.2.0 to 3.2.5, the Kafka protocol dissector could crash. This was addressed in epan/dissectors/packet-kafka.c by avoiding a double free during LZ4 decompression.
|
CWE-415
Double Free
|
CVE-2020-17498
|
2024-11-21 14:08 |
2020-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
