|
199531
|
4.6 |
MEDIUM
Physics
|
tesla
|
model_x_firmware
|
Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module (BCM) to initiate a Bluetooth wake-up action. (The full VIN…
|
NVD-CWE-noinfo
|
CVE-2020-29439
|
2024-11-21 14:24 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199532
|
6.5 |
MEDIUM
Adjacent
|
tesla
|
model_x_firmware
|
Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. This allows attackers to construct firmware that retrieves an unlock code from a se…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2020-29438
|
2024-11-21 14:24 |
2020-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199533
|
3.3 |
LOW
Local
|
paloaltonetworks
|
pan-os
|
An information exposure through log file vulnerability exists where the password for the configured system proxy server for a PAN-OS appliance may be displayed in cleartext when using the CLI in Palo…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-2048
|
2024-11-21 14:24 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199534
|
7.2 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
An OS command injection and memory corruption vulnerability in the PAN-OS management web interface that allows authenticated administrators to disrupt system processes and potentially execute arbitra…
|
CWE-78
OS Command
|
CVE-2020-2000
|
2024-11-21 14:24 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199535
|
8.2 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
An authentication bypass vulnerability exists in the GlobalProtect SSL VPN component of Palo Alto Networks PAN-OS software that allows an attacker to bypass all client certificate checks with an inva…
|
CWE-287
Improper Authentication
|
CVE-2020-2050
|
2024-11-21 14:24 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199536
|
7.5 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
An information exposure vulnerability exists in Palo Alto Networks Panorama software that discloses the token for the Panorama web interface administrator's session to a managed device when the Panor…
|
CWE-269
Improper Privilege Management
|
CVE-2020-2022
|
2024-11-21 14:24 |
2020-11-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199537
|
7.2 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. Thi…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-2042
|
2024-11-21 14:24 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199538
|
7.5 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
An insecure configuration of the appweb daemon of Palo Alto Networks PAN-OS 8.1 allows a remote unauthenticated user to send a specifically crafted request to the device that causes the appweb servic…
|
NVD-CWE-Other
|
CVE-2020-2041
|
2024-11-21 14:24 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199539
|
3.3 |
LOW
Local
|
paloaltonetworks
|
pan-os
|
An information exposure through log file vulnerability where an administrator's password or other sensitive information may be logged in cleartext while using the CLI in Palo Alto Networks PAN-OS sof…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-2044
|
2024-11-21 14:24 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199540
|
3.3 |
LOW
Local
|
paloaltonetworks
|
pan-os
|
An information exposure through log file vulnerability where sensitive fields are recorded in the configuration log without masking on Palo Alto Networks PAN-OS software when the after-change-detail …
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-2043
|
2024-11-21 14:24 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
