|
197161
|
9.8 |
CRITICAL
Network
|
templ8_project
|
templ8
|
All versions of package templ8 are vulnerable to Prototype Pollution via the parse function.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2020-7702
|
2024-11-21 14:37 |
2020-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197162
|
7.8 |
HIGH
Local
|
siemens
|
automation_license_manager
|
A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0.8). The application does not properly validate the users' privile…
|
CWE-863
Incorrect Authorization
|
CVE-2020-7583
|
2024-11-21 14:37 |
2020-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197163
|
9.8 |
CRITICAL
Network
|
springtree
|
madlib-object-utils
|
madlib-object-utils before 0.1.7 is vulnerable to Prototype Pollution via setValue.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2020-7701
|
2024-11-21 14:37 |
2020-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197164
|
9.8 |
CRITICAL
Network
|
php.js_project
|
php.js
|
All versions of phpjs are vulnerable to Prototype Pollution via parse_str.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2020-7700
|
2024-11-21 14:37 |
2020-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197165
|
7.3 |
HIGH
Local
|
philips
|
smartcontrol
|
An Uncontrolled Search Path Element (CWE-427) vulnerability in SmartControl version 4.3.15 and versions released before April 15, 2020 may allow an authenticated user to escalate privileges by placin…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-7360
|
2024-11-21 14:37 |
2020-08-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197166
|
5.2 |
MEDIUM
Local
|
mcafee
|
data_loss_prevention
|
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the RiskDB username and password via unprotected log…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-7307
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197167
|
5.2 |
MEDIUM
Local
|
mcafee
|
data_loss_prevention
|
Unprotected Storage of Credentials vulnerability in McAfee Data Loss Prevention (DLP) for Mac prior to 11.5.2 allows local users to gain access to the ADRMS username and password via unprotected log …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-7306
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197168
|
6.5 |
MEDIUM
Network
|
mcafee
|
data_loss_prevention
|
Privilege escalation vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows a low privileged remote attacker to create new rule sets via incorrect validation of user …
|
CWE-269
Improper Privilege Management
|
CVE-2020-7305
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197169
|
7.6 |
HIGH
Adjacent
|
mcafee
|
data_loss_prevention
|
Cross site request forgery vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote attacker to embed a CRSF script via adding a new label.
|
CWE-352
Origin Validation Error
|
CVE-2020-7304
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197170
|
4.1 |
MEDIUM
Adjacent
|
mcafee
|
data_loss_prevention
|
Cross Site scripting vulnerability in McAfee Data Loss Prevention (DLP) ePO extension prior to 11.5.3 allows authenticated remote user to trigger scripts to run in a user's browser via adding a new l…
|
CWE-79
Cross-site Scripting
|
CVE-2020-7303
|
2024-11-21 14:37 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
