|
197201
|
6.8 |
MEDIUM
Physics
|
huawei
|
ais-bw80h-00_firmware
|
There is an insufficient integrity check vulnerability in Huawei Sound X Product. The system does not check certain software package's integrity sufficiently. Successful exploit could allow an attack…
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2020-9118
|
2024-11-21 14:40 |
2021-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197202
|
5.5 |
MEDIUM
Local
|
epson
|
iprojection
|
In Epson iProjection v2.30, the driver file EMP_MPAU.sys allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from I…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-9453
|
2024-11-21 14:40 |
2021-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197203
|
5.4 |
MEDIUM
Network
|
squaredup
|
squaredup
|
SquaredUp allowed Stored XSS before version 4.6.0. A user was able to create a dashboard that executed malicious content in iframe or by uploading an SVG that contained a script.
|
CWE-79
Cross-site Scripting
|
CVE-2020-9390
|
2024-11-21 14:40 |
2021-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197204
|
3.7 |
LOW
Network
|
squaredup
|
squaredup
|
A username enumeration issue was discovered in SquaredUp before version 4.6.0. The login functionality was implemented in a way that would enable a malicious user to guess valid username due to a dif…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2020-9389
|
2024-11-21 14:40 |
2021-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197205
|
6.5 |
MEDIUM
Network
|
squaredup
|
squaredup
|
CSRF protection was not present in SquaredUp before version 4.6.0. A CSRF attack could have been possible by an administrator executing arbitrary code in a HTML dashboard tile via a crafted HTML page…
|
CWE-352
Origin Validation Error
|
CVE-2020-9388
|
2024-11-21 14:40 |
2021-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197206
|
8.8 |
HIGH
Network
|
apache
oracle
|
hadoop
solr
financial_services_crime_and_compliance_management_studio
|
In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification.
|
CWE-863
Incorrect Authorization
|
CVE-2020-9492
|
2024-11-21 14:40 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197207
|
6.7 |
MEDIUM
Local
|
huawei
|
smc2.0_firmware
|
There is a privilege escalation vulnerability in SMC2.0 product. Some files in a directory of a module are located improperly. It does not apply the directory limitation. Attackers can exploit this v…
|
CWE-862
Missing Authorization
|
CVE-2020-9209
|
2024-11-21 14:40 |
2021-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197208
|
3.3 |
LOW
Local
|
huawei
|
p30_firmware
|
There is a resource management errors vulnerability in Huawei P30. Local attackers construct broadcast message for some application, causing this application to send this broadcast message and impact…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-9203
|
2024-11-21 14:40 |
2021-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197209
|
5.3 |
MEDIUM
Network
|
huawei
|
magic_ui
emui
|
There is a missing authentication vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability may lead to low-sensitive information exposure.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-9143
|
2024-11-21 14:40 |
2021-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197210
|
9.1 |
CRITICAL
Network
|
huawei
|
magic_ui
emui
|
There is a heap base buffer overflow vulnerability in some Huawei smartphone.Successful exploitation of this vulnerability can cause heap overflow and memory overwriting when the system incorrectly p…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-9142
|
2024-11-21 14:40 |
2021-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
