|
212811
|
10.0 |
CRITICAL
Network
|
treck
|
tcp\/ip
|
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.
|
CWE-119
CWE-787
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Write
|
CVE-2020-11896
|
2024-11-21 13:58 |
2020-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212812
|
4.3 |
MEDIUM
Network
|
microfocus
|
arcsight_management_center
|
Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotel…
|
NVD-CWE-noinfo
|
CVE-2020-11841
|
2024-11-21 13:58 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212813
|
4.3 |
MEDIUM
Network
|
microfocus
|
arcsight_management_center
|
Unauthorized information disclosure vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotel…
|
NVD-CWE-noinfo
|
CVE-2020-11840
|
2024-11-21 13:58 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212814
|
5.4 |
MEDIUM
Network
|
microfocus
|
arcsight_management_center
|
Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Management Center product, Affecting versions 2.6.1, 2.7.x, 2.8.x, 2.9.x prior to 2.9.4. The vulnerabilities could be remotely exploit…
|
CWE-79
Cross-site Scripting
|
CVE-2020-11838
|
2024-11-21 13:58 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212815
|
6.1 |
MEDIUM
Network
|
microfocus
|
arcsight_logger
|
Cross Site Scripting (XSS) vulnerability in Micro Focus ArcSight Logger product, affecting all version from 6.6.1 up to version 7.0.1. The vulnerabilities could be remotely exploited resulting in Cro…
|
CWE-79
Cross-site Scripting
|
CVE-2020-11839
|
2024-11-21 13:58 |
2020-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212816
|
8.1 |
HIGH
Network
|
mids\'_reborn_hero_designer_project
|
mids\'_reborn_hero_designer
|
Mids' Reborn Hero Designer 2.6.0.7 downloads the update manifest, as well as update files, over cleartext HTTP. Additionally, the application does not perform file integrity validation for files afte…
|
CWE-345
CWE-319
Insufficient Verification of Data Authenticity
Cleartext Transmission of Sensitive Information
|
CVE-2020-11614
|
2024-11-21 13:58 |
2020-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212817
|
7.8 |
HIGH
Local
|
mids\'_reborn_hero_designer_project
|
mids\'_reborn_hero_designer
|
Mids' Reborn Hero Designer 2.6.0.7 has an elevation of privilege vulnerability due to default and insecure permissions being set for the installation folder. By default, the Authenticated Users group…
|
CWE-427
CWE-732
Uncontrolled Search Path Element
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-11613
|
2024-11-21 13:58 |
2020-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212818
|
7.5 |
HIGH
Network
|
arista
|
veos
cloudeos
|
A vulnerability exists in Arista’s Cloud EOS VM / vEOS 4.23.2M and below releases in the 4.23.x train, 4.22.4M and below releases in the 4.22.x train, 4.21.3M to 4.21.9M releases in the 4.21.x train,…
|
NVD-CWE-noinfo
|
CVE-2020-11622
|
2024-11-21 13:58 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212819
|
5.3 |
MEDIUM
Network
|
mitel
|
micollab_audio\
_web_\&_video_conferencing
|
A Directory Traversal vulnerability in the web conference component of Mitel MiCollab AWV before 8.1.2.4 and 9.x before 9.1.3 could allow an attacker to access arbitrary files from restricted directo…
|
CWE-22
Path Traversal
|
CVE-2020-11798
|
2024-11-21 13:58 |
2020-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212820
|
7.5 |
HIGH
Adjacent
|
cypress
|
psoc_4.2_ble
|
The Bluetooth Low Energy implementation in Cypress PSoC Creator BLE 4.2 component versions before 3.64 generates a random number (Pairing Random) with significantly less entropy than the specified 12…
|
CWE-331
Insufficient Entropy
|
CVE-2020-11957
|
2024-11-21 13:58 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
