|
199541
|
9.8 |
CRITICAL
Network
|
paloaltonetworks
|
pan-os
|
A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to …
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-2040
|
2024-11-21 14:24 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199542
|
5.3 |
MEDIUM
Network
|
paloaltonetworks
|
pan-os
|
An uncontrolled resource consumption vulnerability in Palo Alto Networks PAN-OS allows for a remote unauthenticated user to upload temporary files through the management web interface that are not pr…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-2039
|
2024-11-21 14:24 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199543
|
7.2 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0…
|
CWE-78
OS Command
|
CVE-2020-2038
|
2024-11-21 14:24 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199544
|
7.2 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 8.1…
|
CWE-78
OS Command
|
CVE-2020-2037
|
2024-11-21 14:24 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199545
|
8.8 |
HIGH
Network
|
paloaltonetworks
|
pan-os
|
A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the fir…
|
CWE-79
Cross-site Scripting
|
CVE-2020-2036
|
2024-11-21 14:24 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199546
|
7.5 |
HIGH
Network
|
sick
|
lms111_firmware
lms511_firmware
clv620_firmware
clv622_firmware
clv621_firmware
icr890-3_firmware
msc800_firmware
rfh_firmware
clv650_firmware
clv651_firmware
clv631_fir…
|
Platform mechanism AutoIP allows remote attackers to reboot the device via a crafted packet in SICK AG solutions Bulkscan LMS111, Bulkscan LMS511, CLV62x – CLV65x, ICR890-3, LMS10x, LMS11x, LMS15x, L…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2020-2075
|
2024-11-21 14:24 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199547
|
3.0 |
LOW
Network
|
paloaltonetworks
|
pan-os
|
When SSL/TLS Forward Proxy Decryption mode has been configured to decrypt the web transactions, the PAN-OS URL filtering feature inspects the HTTP Host and URL path headers for policy enforcement on …
|
NVD-CWE-noinfo
|
CVE-2020-2035
|
2024-11-21 14:24 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199548
|
6.5 |
MEDIUM
Network
|
sick
|
package_analytics
|
Passwords are stored in plain text within the configuration of SICK Package Analytics software up to and including V04.1.1. An authorized attacker could access these stored plaintext credentials and …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-2078
|
2024-11-21 14:24 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199549
|
7.5 |
HIGH
Network
|
sick
|
package_analytics
|
SICK Package Analytics software up to and including version V04.0.0 are vulnerable due to incorrect default permissions settings. An unauthorized attacker could read sensitive data from the system by…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-2077
|
2024-11-21 14:24 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199550
|
9.8 |
CRITICAL
Network
|
sick
|
package_analytics
|
SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. An attacker can send unauthorized requests, b…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-2076
|
2024-11-21 14:24 |
2020-07-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
