|
200191
|
7.2 |
HIGH
Network
|
microweber
|
microweber
|
A directory traversal issue in the Utils/Unzip module in Microweber through 1.1.20 allows an authenticated attacker to gain remote code execution via the backup restore feature. To exploit the vulner…
|
CWE-22
Path Traversal
|
CVE-2020-28337
|
2024-11-21 14:22 |
2021-02-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200192
|
5.3 |
MEDIUM
Network
|
lodash
oracle
siemens
|
lodash
primavera_unifier
peoplesoft_enterprise_peopletools
retail_customer_management_and_segmentation_foundation
communications_services_gatekeeper
enterprise_communications_broker
Lodash versions prior to 4.17.21 are vulnerable to Regular Expression Denial of Service (ReDoS) via the toNumber, trim and trimEnd functions.
|
NVD-CWE-Other
|
CVE-2020-28500
|
2024-11-21 14:22 |
2021-02-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
200193
|
7.8 |
HIGH
Local
|
prusa3d
|
prusaslicer
|
A stack-based buffer overflow vulnerability exists in the Objparser::objparse() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted obj file can lead …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-28596
|
2024-11-21 14:22 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200194
|
7.8 |
HIGH
Local
|
prusa3d
|
prusaslicer
|
An out-of-bounds write vulnerability exists in the Obj.cpp load_obj() functionality of Prusa Research PrusaSlicer 2.2.0 and Master (commit 4b040b856). A specially crafted obj file can lead to code ex…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-28595
|
2024-11-21 14:22 |
2021-02-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200195
|
5.5 |
MEDIUM
Local
|
siemens
|
jt2go
teamcenter_visualization
|
A vulnerability has been identified in JT2Go (All versions < V13.1.0.1), Teamcenter Visualization (All versions < V13.1.0.1). Affected applications lack proper validation of user-supplied data when p…
|
-
|
CVE-2020-28394
|
2024-11-21 14:22 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200196
|
7.8 |
HIGH
Local
|
siemens
|
simaris_configuration
|
A vulnerability has been identified in SIMARIS configuration (All versions < V4.0.1). During installation to default target folder, incorrect permissions are configured for the application folder and…
|
-
|
CVE-2020-28392
|
2024-11-21 14:22 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200197
|
5.3 |
MEDIUM
Network
|
siemens
|
nucleus_source_code
nucleus_net
capital_vstar
pluscontrol_1st_gen
nucleus_readystart
|
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5…
|
NVD-CWE-Other
|
CVE-2020-28388
|
2024-11-21 14:22 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200198
|
8.6 |
HIGH
Network
|
decal_project
|
decal
|
This affects all versions of package decal. The vulnerability is in the extend function.
|
NVD-CWE-Other
|
CVE-2020-28450
|
2024-11-21 14:22 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200199
|
8.6 |
HIGH
Network
|
decal_project
|
decal
|
This affects all versions of package decal. The vulnerability is in the set function.
|
NVD-CWE-Other
|
CVE-2020-28449
|
2024-11-21 14:22 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200200
|
5.4 |
MEDIUM
Network
|
solarwinds
|
serv-u
|
SolarWinds Serv-U before 15.2.2 allows Authenticated Stored XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2020-28001
|
2024-11-21 14:22 |
2021-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
