|
215851
|
8.1 |
HIGH
Network
|
razer
|
chroma_sdk
|
Razer Chroma SDK Rest Server through 3.12.17 allows remote attackers to execute arbitrary programs because there is a race condition in which a file created under "%PROGRAMDATA%\Razer Chroma\SDK\Apps…
|
CWE-362
Race Condition
|
CVE-2020-16602
|
2024-11-21 14:07 |
2020-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215852
|
4.3 |
MEDIUM
Network
|
hoosk
|
hoosk
|
Hoosk Codeigniter CMS before 1.7.2 is affected by a Cross Site Request Forgery (CSRF). When an attacker induces authenticated admin user to a malicious web page, any accounts can be deleted without a…
|
CWE-352
Origin Validation Error
|
CVE-2020-16610
|
2024-11-21 14:07 |
2020-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215853
|
8.3 |
HIGH
Network
|
openstack
|
nova
|
An issue was discovered in Guest.migrate in virt/libvirt/guest.py in OpenStack Nova before 19.3.1, 20.x before 20.3.1, and 21.0.0. By performing a soft reboot of an instance that has previously under…
|
CWE-611
XXE
|
CVE-2020-17376
|
2024-11-21 14:07 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215854
|
8.2 |
HIGH
Network
|
hashicorp
|
vault
|
HashiCorp Vault and Vault Enterprise versions 0.8.3 and newer, when configured with the GCP GCE auth method, may be vulnerable to authentication bypass. Fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1.
|
CWE-287
Improper Authentication
|
CVE-2020-16251
|
2024-11-21 14:07 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215855
|
8.2 |
HIGH
Network
|
hashicorp
|
vault
|
HashiCorp Vault and Vault Enterprise versions 0.7.1 and newer, when configured with the AWS IAM auth method, may be vulnerable to authentication bypass. Fixed in 1.2.5, 1.3.8, 1.4.4, and 1.5.1..
|
CWE-345
CWE-290
Insufficient Verification of Data Authenticity
Authentication Bypass by Spoofing
|
CVE-2020-16250
|
2024-11-21 14:07 |
2020-08-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215856
|
9.8 |
CRITICAL
Network
|
advantech
|
iview
|
Advantech iView, Versions 5.7 and prior. The affected product is vulnerable to path traversal vulnerabilities that could allow an attacker to create/download arbitrary files, limit system availabilit…
|
CWE-22
Path Traversal
|
CVE-2020-16245
|
2024-11-21 14:07 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215857
|
6.5 |
MEDIUM
Local
|
parallels
|
parallels_desktop
|
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code…
|
-
|
CVE-2020-17391
|
2024-11-21 14:07 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215858
|
8.8 |
HIGH
Local
|
parallels
|
parallels_desktop
|
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-17390
|
2024-11-21 14:07 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215859
|
8.8 |
HIGH
Network
|
marvell
|
qconvergeconsole
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability,…
|
-
|
CVE-2020-17389
|
2024-11-21 14:07 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215860
|
8.8 |
HIGH
Network
|
marvell
|
qconvergeconsole
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability,…
|
-
|
CVE-2020-17388
|
2024-11-21 14:07 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
