|
196151
|
9.8 |
CRITICAL
Network
|
deep-get-set_project
|
deep-get-set
|
All versions of package deep-get-set are vulnerable to Prototype Pollution via the main function.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2020-7715
|
2024-11-21 14:37 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196152
|
9.8 |
CRITICAL
Network
|
realseriousgames
|
confucious
|
All versions of package confucious are vulnerable to Prototype Pollution via the set function.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2020-7714
|
2024-11-21 14:37 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196153
|
9.8 |
CRITICAL
Network
|
arr-flatten-unflatten_project
|
arr-flatten-unflatten
|
All versions of package arr-flatten-unflatten are vulnerable to Prototype Pollution via the constructor.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2020-7713
|
2024-11-21 14:37 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196154
|
7.8 |
HIGH
Local
|
schneider-electric
|
somove
|
Incorrect Default Permission vulnerability exists in SoMove (V2.8.1) and prior which could cause elevation of privilege and provide full access control to local system users to SoMove component and s…
|
-
|
CVE-2020-7527
|
2024-11-21 14:37 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196155
|
8.8 |
HIGH
Network
|
apc
|
powerchute
|
Improper Input Validation vulnerability exists in PowerChute Business Edition (software V9.0.x and earlier) which could cause remote code execution when a script is executed during a shutdown event.
|
-
|
CVE-2020-7526
|
2024-11-21 14:37 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196156
|
7.5 |
HIGH
Network
|
schneider-electric
|
spacelynk_firmware
wiser_for_knx_firmware
|
Improper Restriction of Excessive Authentication Attempts vulnerability exists in all hardware versions of spaceLYnk and Wiser for KNX (formerly homeLYnk) which could allow an attacker to guess a pas…
|
-
|
CVE-2020-7525
|
2024-11-21 14:37 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196157
|
7.5 |
HIGH
Network
|
schneider-electric
|
modicon_m218_firmware
|
Out-of-bounds Write vulnerability exists in Modicon M218 Logic Controller (V5.0.0.7 and prior) which could cause Denial of Service when sending specific crafted IPV4 packet to the controller: Sending…
|
-
|
CVE-2020-7524
|
2024-11-21 14:37 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196158
|
7.8 |
HIGH
Local
|
schneider-electric
|
modbus_driver_suite
modbus_serial_driver
|
Improper Privilege Management vulnerability exists in Schneider Electric Modbus Serial Driver (see security notification for versions) which could cause local privilege escalation when the Modbus Ser…
|
-
|
CVE-2020-7523
|
2024-11-21 14:37 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196159
|
9.8 |
CRITICAL
Network
|
schneider-electric
|
apc_easy_ups_online_software
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method …
|
-
|
CVE-2020-7522
|
2024-11-21 14:37 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196160
|
9.8 |
CRITICAL
Network
|
schneider-electric
|
apc_easy_ups_online_software
|
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in SFAPV9601 - APC Easy UPS On-Line Software (V2.0 and earlier) when accessing a vulnerable method …
|
-
|
CVE-2020-7521
|
2024-11-21 14:37 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
