|
210161
|
7.7 |
HIGH
Network
|
gallagher
|
command_centre
|
In Gallagher Command Centre versions 8.10 prior to 8.10.1134(MR4), 8.00 prior to 8.00.1161(MR5), 7.90 prior to 7.90.991(MR5), 7.80 prior to 7.80.960(MR2), 7.70 and earlier, any operator account has a…
|
NVD-CWE-noinfo
|
CVE-2020-16096
|
2024-11-21 14:06 |
2020-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210162
|
6.5 |
MEDIUM
Adjacent
|
philips
|
patient_information_center_ix
|
In Patient Information Center iX (PICiX) Versions C.02, C.03, the
software parses a formatted message or structure but does not handle or
incorrectly handles a length field that is inconsistent wit…
|
-
|
CVE-2020-16224
|
2024-11-21 14:06 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210163
|
4.3 |
MEDIUM
Adjacent
|
philips
|
performancebridge_focal_point
patient_information_center_ix
|
In Patient Information Center iX (PICiX) Versions C.02, C.03,
PerformanceBridge Focal Point Version A.01, the product receives input
that is expected to be well-formed (i.e., to comply with a certa…
|
-
|
CVE-2020-16220
|
2024-11-21 14:06 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210164
|
6.8 |
MEDIUM
Physics
|
philips
|
patient_information_center_ix
|
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. …
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-16212
|
2024-11-21 14:06 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210165
|
8.8 |
HIGH
Adjacent
|
philips
|
performancebridge_focal_point
patient_information_center_ix
|
In Patient Information Center iX (PICiX) Version B.02, C.02, C.03, and
PerformanceBridge Focal Point Version A.01, when an actor claims to have
a given identity, the software does not prove or insu…
|
-
|
CVE-2020-16222
|
2024-11-21 14:06 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210166
|
3.5 |
LOW
Adjacent
|
philips
|
patient_information_center_ix
|
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the
software does not neutralize or incorrectly neutralizes
user-controllable input before it is placed in output that is then us…
|
-
|
CVE-2020-16218
|
2024-11-21 14:06 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210167
|
5.0 |
MEDIUM
Local
|
philips
|
patient_information_center_ix
|
In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the
software saves user-provided information into a comma-separated value
(CSV) file, but it does not neutralize or incorrectly n…
|
-
|
CVE-2020-16214
|
2024-11-21 14:06 |
2020-09-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210168
|
9.8 |
CRITICAL
Network
|
nagios
|
nagios_xi
|
An issue was found in Nagios XI before 5.7.3. There is a privilege escalation vulnerability in backend scripts that ran as root where some included files were editable by nagios user. This issue was …
|
NVD-CWE-noinfo
|
CVE-2020-15903
|
2024-11-21 14:06 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210169
|
5.3 |
MEDIUM
Network
|
siemens
|
spectrum_power_4
|
A vulnerability has been identified in Spectrum Power 4 (All versions < V4.70 SP8). If configured in an insecure manner, the web server might be susceptible to a directory listing attack.
|
CWE-200
Information Exposure
|
CVE-2020-15790
|
2024-11-21 14:06 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210170
|
9.8 |
CRITICAL
Network
|
siemens
|
simatic_hmi_united_comfort_panels_firmware
|
A vulnerability has been identified in SIMATIC HMI Unified Comfort Panels (All versions <= V16). Affected devices insufficiently validate authentication attempts as the information given can be trunc…
|
-
|
CVE-2020-15787
|
2024-11-21 14:06 |
2020-09-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
