|
209501
|
5.4 |
MEDIUM
Network
|
fortinet
|
forticlient_endpoint_management_server
|
A path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4.1 and below; 6.2.8 and below may allow an authenticated attacker to inject directory traversal character sequences to add/delete…
|
CWE-22
Path Traversal
|
CVE-2020-15941
|
2024-11-21 14:06 |
2021-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209502
|
4.3 |
MEDIUM
Network
|
fortinet
|
fortisandbox
|
An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration …
|
NVD-CWE-Other
|
CVE-2020-15939
|
2024-11-21 14:06 |
2021-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209503
|
9.8 |
CRITICAL
Network
|
govicture
|
pc420_firmware
|
Stack-based Buffer Overflow vulnerability in the ONVIF server component of Victure PC420 smart camera allows an attacker to execute remote code on the target device. This issue affects: Victure PC420…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-15744
|
2024-11-21 14:06 |
2021-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209504
|
5.9 |
MEDIUM
Network
|
fehcom
|
s\/qmail
|
In s/qmail through 4.0.07, an active MitM can inject arbitrary plaintext commands into a STARTTLS encrypted session between an SMTP client and s/qmail. This allows e-mail messages and user credential…
|
CWE-77
Command Injection
|
CVE-2020-15955
|
2024-11-21 14:06 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209505
|
6.1 |
MEDIUM
Network
|
egain
|
chat
|
eGain Chat 15.5.5 allows XSS via the Name (aka full_name) field.
|
CWE-79
Cross-site Scripting
|
CVE-2020-15948
|
2024-11-21 14:06 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209506
|
7.5 |
HIGH
Network
|
bitdefender
|
antivirus_plus
total_security
internet_security
|
Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security (HST…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-15732
|
2024-11-21 14:06 |
2021-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209507
|
9.8 |
CRITICAL
Network
|
siemens
|
simatic_driver_controller_firmware
s7-1200_cpu_firmware
s7-1500_cpu_firmware
simatic_s7-1500__software_controller
simatic_s7-plcsim_advanced
et_200sp_open_controller_firmware
|
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP…
|
-
|
CVE-2020-15782
|
2024-11-21 14:06 |
2021-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209508
|
8.1 |
HIGH
Network
|
siemens
|
nucleus_net
nucleus_source_code
|
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-15795
|
2024-11-21 14:06 |
2021-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209509
|
5.5 |
MEDIUM
Local
|
bitdefender
|
safepay
|
An Origin Validation Error vulnerability in Bitdefender Safepay allows an attacker to manipulate the browser's file upload capability into accessing other files in the same directory or sub-directori…
|
CWE-346
Origin Validation Error
|
CVE-2020-15734
|
2024-11-21 14:06 |
2021-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209510
|
6.5 |
MEDIUM
Network
|
fortinet
|
fortiweb
|
An information disclosure vulnerability in Web Vulnerability Scan profile of Fortinet's FortiWeb version 6.2.x below 6.2.4 and version 6.3.x below 6.3.5 may allow a remote authenticated attacker to r…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-15942
|
2024-11-21 14:06 |
2021-04-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
