|
195951
|
4.4 |
MEDIUM
Local
|
lenovo
|
vantage
|
A vulnerability was reported in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to read files on the system with elevated privileges.
|
NVD-CWE-noinfo
|
CVE-2020-8316
|
2024-11-21 14:38 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195952
|
6.1 |
MEDIUM
Network
|
stormshield
|
stormshield_network_security
|
Stormshield Network Security 310 3.7.10 devices have an auth/lang.html?rurl= Open Redirect vulnerability on the captive portal. For example, the attacker can use rurl=//example.com instead of rurl=ht…
|
CWE-601
Open Redirect
|
CVE-2020-8430
|
2024-11-21 14:38 |
2020-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195953
|
5.3 |
MEDIUM
Network
|
ui
|
cloud_key_gen2
cloud_key_gen2_plus
|
UniFi Cloud Key firmware < 1.1.6 contains a vulnerability that enables an attacker being able to change a device hostname by sending a malicious API request. This affects Cloud Key gen2 and Cloud Key…
|
CWE-287
Improper Authentication
|
CVE-2020-8148
|
2024-11-21 14:38 |
2020-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195954
|
6.0 |
MEDIUM
Local
|
oneplus
|
oneplus_7_pro_firmware
|
An issue was discovered on OnePlus 7 Pro devices before 10.0.3.GM21BA. The firmware was found to contain functionality that allows a privileged user (root) in the Rich Execution Environment (REE) to …
|
NVD-CWE-noinfo
|
CVE-2020-7958
|
2024-11-21 14:38 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195955
|
6.5 |
MEDIUM
Network
|
mongodb
|
mongodb_enterprise_kubernetes_operator
|
X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the Kubernetes cluster improper access to MongoDB instances. Customers who do not use X…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-7922
|
2024-11-21 14:38 |
2020-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195956
|
5.3 |
MEDIUM
Local
|
bitdefender
|
antimalware_software_development_kit
|
Untrusted Search Path vulnerability in Bitdefender High-Level Antimalware SDK for Windows allows an attacker to load third party code from a DLL library in the search path. This issue affects: Bitdef…
|
CWE-426
Untrusted Search Path
|
CVE-2020-8096
|
2024-11-21 14:38 |
2020-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195957
|
7.5 |
HIGH
Network
|
st
|
stm32f1_firmware
|
STMicroelectronics STM32F1 devices have Incorrect Access Control.
|
NVD-CWE-noinfo
|
CVE-2020-8004
|
2024-11-21 14:38 |
2020-04-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195958
|
9.8 |
CRITICAL
Network
|
utils-extend_project
|
utils-extend
|
Flaw in input validation in npm package utils-extend version 1.0.8 and earlier may allow prototype pollution attack that may result in remote code execution or denial of service of applications using…
|
CWE-20
Improper Input Validation
|
CVE-2020-8147
|
2024-11-21 14:38 |
2020-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195959
|
6.1 |
MEDIUM
Network
|
revive-adserver
|
revive_adserver
|
An Open Redirect vulnerability was discovered in Revive Adserver version < 5.0.5 and reported by HackerOne user hoangn144. A remote attacker could trick logged-in users to open a specifically crafted…
|
CWE-601
Open Redirect
|
CVE-2020-8143
|
2024-11-21 14:38 |
2020-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195960
|
6.8 |
MEDIUM
Physics
|
revive-adserver
|
revive_adserver
|
A security restriction bypass vulnerability has been discovered in Revive Adserver version < 5.0.5 by HackerOne user hoangn144. Revive Adserver, like many other applications, requires the logged in u…
|
CWE-863
Incorrect Authorization
|
CVE-2020-8142
|
2024-11-21 14:38 |
2020-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
