|
209391
|
5.3 |
MEDIUM
Network
|
ge
|
asset_performance_management_classic
|
GE Digital APM Classic, Versions 4.4 and prior. An insecure direct object reference (IDOR) vulnerability allows user account data to be downloaded in JavaScript object notation (JSON) format by users…
|
-
|
CVE-2020-16240
|
2024-11-21 14:07 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209392
|
7.1 |
HIGH
Local
|
philips
|
clinical_collaboration_platform
|
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-16247
|
2024-11-21 14:07 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209393
|
4.2 |
MEDIUM
Network
|
microsoft
|
edge
|
<p>A remote code execution vulnerability exists in the way that the IEToEdge Browser Helper Object (BHO) plugin on Internet Explorer handles objects in memory. The vulnerability could corrupt memory …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-16884
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209394
|
7.8 |
HIGH
Local
|
microsoft
|
visual_studio_code
|
<p>A remote code execution vulnerability exists in Visual Studio Code when a user is tricked into opening a malicious 'package.json' file. An attacker who successfully exploited the vulnerability cou…
|
NVD-CWE-noinfo
|
CVE-2020-16881
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209395
|
5.5 |
MEDIUM
Local
|
microsoft
|
windows_server_2019
windows_10
windows_server_2016
|
<p>An information disclosure vulnerability exists when a Windows Projected Filesystem improperly handles file redirections. An attacker who successfully exploited this vulnerability could obtain info…
|
NVD-CWE-noinfo
|
CVE-2020-16879
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209396
|
5.4 |
MEDIUM
Network
|
microsoft
|
dynamics_365
|
<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated at…
|
CWE-79
Cross-site Scripting
|
CVE-2020-16878
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209397
|
8.4 |
HIGH
Network
|
microsoft
|
exchange_server
|
<p>A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments.</p>
<p>An attacker who successfully exploited the vulnerability could run …
|
CWE-74
CWE-269
Injection
Improper Privilege Management
|
CVE-2020-16875
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209398
|
7.8 |
HIGH
Local
|
microsoft
|
visual_studio
visual_studio_2019
visual_studio_2017
|
<p>A remote code execution vulnerability exists in Visual Studio when it improperly handles objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the…
|
NVD-CWE-noinfo
|
CVE-2020-16874
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209399
|
4.7 |
MEDIUM
Network
|
microsoft
|
xamarin.forms
|
<p>A spoofing vulnerability manifests in Microsoft Xamarin.Forms due to the default settings on Android WebView version prior to 83.0.4103.106. This vulnerability could allow an attacker to execute a…
|
CWE-1188
Insecure Default Initialization of Resource
|
CVE-2020-16873
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209400
|
7.6 |
HIGH
Network
|
microsoft
|
dynamics_365
|
<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated at…
|
CWE-79
Cross-site Scripting
|
CVE-2020-16872
|
2024-11-21 14:07 |
2020-09-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
