|
198661
|
8.8 |
HIGH
Network
|
hp
|
oneview
synergy_composer_2
synergy_composer
|
There is a remote escalation of privilege possible for a malicious user that has a OneView account in OneView and Synergy Composer. HPE has provided updates to Oneview and Synergy Composer: Update to…
|
NVD-CWE-noinfo
|
CVE-2020-7198
|
2024-11-21 14:36 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198662
|
8.8 |
HIGH
Network
|
zte
|
zxa10_eodn_firmware
|
A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally…
|
NVD-CWE-noinfo
|
CVE-2020-6877
|
2024-11-21 14:36 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198663
|
6.8 |
MEDIUM
Physics
|
hp
|
apollo_2000_firmware
apollo_4200_gen10_firmware
apollo_4500_firmware
proliant_xl230k_gen10_firmware
proliant_xl270d_gen10_firmware
proliant_bl460c_gen10_firmware
proliant_dl120_gen1…
|
A local elevation of privilege using physical access security vulnerability was found in HPE Proliant Gen10 Servers using Intel Innovation Engine (IE). This attack requires a physical attack to the s…
|
NVD-CWE-noinfo
|
CVE-2020-7207
|
2024-11-21 14:36 |
2020-11-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198664
|
7.2 |
HIGH
Network
|
arubanetworks
|
airwave_glass
|
A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
|
NVD-CWE-noinfo
|
CVE-2020-7129
|
2024-11-21 14:36 |
2020-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198665
|
9.8 |
CRITICAL
Network
|
arubanetworks
|
airwave_glass
|
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-7128
|
2024-11-21 14:36 |
2020-11-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198666
|
5.3 |
MEDIUM
Network
|
mozilla
|
firefox
|
When performing EC scalar point multiplication, the wNAF point multiplication algorithm was used; which leaked partial information about the nonce used during signature generation. Given an electro-m…
|
NVD-CWE-noinfo
|
CVE-2020-6829
|
2024-11-21 14:36 |
2020-10-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198667
|
9.8 |
CRITICAL
Network
|
hp
|
storeserv_management_console
|
SSMC3.7.0.0 is vulnerable to remote authentication bypass. HPE StoreServ Management Console (SSMC) 3.7.0.0 is an off node multiarray manager web application and remains isolated from data on the mana…
|
CWE-287
Improper Authentication
|
CVE-2020-7197
|
2024-11-21 14:36 |
2020-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198668
|
6.5 |
MEDIUM
Network
|
hp
|
ezmeral_container_platform
bluedata_epic
|
The HPE BlueData EPIC Software Platform version 4.0 and HPE Ezmeral Container Platform 5.0 use an insecure method of handling sensitive Kerberos passwords that is susceptible to unauthorized intercep…
|
CWE-200
CWE-522
Information Exposure
Insufficiently Protected Credentials
|
CVE-2020-7196
|
2024-11-21 14:36 |
2020-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198669
|
9.8 |
CRITICAL
Network
|
arubanetworks
|
airwave_glass
|
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
|
NVD-CWE-noinfo
|
CVE-2020-7127
|
2024-11-21 14:36 |
2020-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198670
|
5.8 |
MEDIUM
Network
|
arubanetworks
|
airwave_glass
|
A remote server-side request forgery (ssrf) vulnerability was discovered in Aruba Airwave Software version(s): Prior to 1.3.2.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-7126
|
2024-11-21 14:36 |
2020-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
