|
202401
|
7.5 |
HIGH
Network
|
tenable
|
tenable.sc
|
In certain scenarios in Tenable.sc prior to 5.17.0, a scanner could potentially be used outside the user's defined scan zone without a particular zone being specified within the Automatic Distributio…
|
NVD-CWE-noinfo
|
CVE-2020-5808
|
2024-11-21 14:34 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202402
|
8.1 |
HIGH
Network
|
marvell
|
qconvergeconsole
|
Relative Path Traversal in Marvell QConvergeConsole GUI 5.5.0.74 allows a remote, authenticated attacker to delete arbitrary files on disk as SYSTEM or root.
|
CWE-22
Path Traversal
|
CVE-2020-5803
|
2024-11-21 14:34 |
2020-12-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202403
|
7.5 |
HIGH
Network
|
weseek
|
growi
|
Directory traversal vulnerability in GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier GROWI versions prior to v4.2.3 (v4.2 …
|
CWE-22
Path Traversal
|
CVE-2020-5683
|
2024-11-21 14:34 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202404
|
7.5 |
HIGH
Network
|
weseek
|
growi
|
Improper input validation in GROWI versions prior to v4.2.3 (v4.2 Series), GROWI versions prior to v4.1.12 (v4.1 Series), and GROWI v3 series and earlier GROWI versions prior to v4.2.3 (v4.2 Series),…
|
CWE-20
CWE-400
Improper Input Validation
Uncontrolled Resource Consumption
|
CVE-2020-5682
|
2024-11-21 14:34 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202405
|
7.4 |
HIGH
Adjacent
|
mitsubishielectric
|
melsec_iq-f_fx5u_cpu_firmware
|
Improper check or handling of exceptional conditions in MELSEC iQ-F series FX5U(C) CPU unit firmware version 1.060 and earlier allows an attacker to cause a denial-of-service (DoS) condition on progr…
|
NVD-CWE-noinfo
|
CVE-2020-5665
|
2024-11-21 14:34 |
2020-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202406
|
9.8 |
CRITICAL
Network
|
soliton
|
filezen
|
Directory traversal vulnerability in FileZen versions from V3.0.0 to V4.2.2 allows remote attackers to upload an arbitrary file in a specific directory via unspecified vectors. As a result, an arbitr…
|
CWE-22
Path Traversal
|
CVE-2020-5639
|
2024-11-21 14:34 |
2020-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202407
|
6.8 |
MEDIUM
Adjacent
|
necplatforms
|
aterm_sa3500g_firmware
|
Improper validation of integrity check value vulnerability in Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to execute a malicious program.
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2020-5637
|
2024-11-21 14:34 |
2020-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202408
|
6.8 |
MEDIUM
Adjacent
|
necplatforms
|
aterm_sa3500g_firmware
|
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative privilege to send a specially crafted request to a specific URL, which may result in an arbitrary command…
|
CWE-78
OS Command
|
CVE-2020-5636
|
2024-11-21 14:34 |
2020-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202409
|
8.8 |
HIGH
Adjacent
|
necplatforms
|
aterm_sa3500g_firmware
|
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker on the adjacent network to send a specially crafted request to a specific URL, which may result in an arbitrary command executio…
|
CWE-78
OS Command
|
CVE-2020-5635
|
2024-11-21 14:34 |
2020-12-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202410
|
5.3 |
MEDIUM
Network
|
f5
|
big-ip_advanced_firewall_manager
|
On BIG-IP 14.1.0-14.1.2.6, undisclosed endpoints in iControl REST allow for a reflected XSS attack, which could lead to a complete compromise of the BIG-IP system if the victim user is granted the ad…
|
CWE-79
Cross-site Scripting
|
CVE-2020-5950
|
2024-11-21 14:34 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
