|
210041
|
9.8 |
CRITICAL
Network
|
winstonprivacy
|
winston_firmware
|
Winston 1.5.4 devices are vulnerable to command injection via the API.
|
CWE-78
OS Command
|
CVE-2020-16257
|
2024-11-21 14:07 |
2020-10-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210042
|
7.5 |
HIGH
Network
|
arista
|
eos
|
Arista EOS before 4.21.12M, 4.22.x before 4.22.7M, 4.23.x before 4.23.5M, and 4.24.x before 4.24.2F allows remote attackers to cause a denial of service (restart of agents) by crafting a malformed DH…
|
NVD-CWE-noinfo
|
CVE-2020-17355
|
2024-11-21 14:07 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210043
|
7.3 |
HIGH
Local
|
ghisler
|
total_commander
|
An issue was discovered in Ghisler Total Commander 9.51. Due to insufficient access restrictions in the default installation directory, an attacker can elevate privileges by replacing the %SYSTEMDRIV…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-17381
|
2024-11-21 14:07 |
2020-10-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210044
|
6.1 |
MEDIUM
Network
|
ge
|
s2020_firmware
s2024_firmware
|
The affected Reason S20 Ethernet Switch is vulnerable to cross-site scripting (XSS), which may allow attackers to trick users into following a link or navigating to a page that posts a malicious Java…
|
-
|
CVE-2020-16246
|
2024-11-21 14:07 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210045
|
7.8 |
HIGH
Local
|
microsoft
|
windows_10
|
<p>A remote code execution vulnerability exists in the way that Microsoft Windows Codecs Library handles objects in memory. An attacker who successfully exploited the vulnerability could execute arbi…
|
NVD-CWE-noinfo
|
CVE-2020-17022
|
2024-11-21 14:07 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210046
|
7.8 |
HIGH
Local
|
microsoft
|
3d_viewer
|
<p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.</p>
<p>An attacker who successfully exploited the vulnerability would gain execution on a v…
|
NVD-CWE-noinfo
|
CVE-2020-17003
|
2024-11-21 14:07 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210047
|
4.7 |
MEDIUM
Local
|
microsoft
|
.net_framework
|
<p>An information disclosure vulnerability exists when the .NET Framework improperly handles objects in memory. An attacker who successfully exploited the vulnerability could disclose contents of an …
|
NVD-CWE-noinfo
|
CVE-2020-16937
|
2024-11-21 14:07 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210048
|
7.8 |
HIGH
Local
|
microsoft
|
365_apps
3d_viewer
|
<p>A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory.</p>
<p>An attacker who successfully exploited the vulnerability would gain execution on a v…
|
NVD-CWE-noinfo
|
CVE-2020-16918
|
2024-11-21 14:07 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210049
|
5.3 |
MEDIUM
Network
|
microsoft
|
azure_functions
|
<p>An elevation of privilege vulnerability exists in the way Azure Functions validate access keys.</p>
<p>An unauthenticated attacker who successfully exploited this vulnerability could invoke an HTT…
|
CWE-863
Incorrect Authorization
|
CVE-2020-16904
|
2024-11-21 14:07 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210050
|
5.0 |
MEDIUM
Local
|
microsoft
|
windows_server_2016
windows_10
|
<p>An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory.</p>
<p>To exploit this vulnerability, an authenticated attacker could run a special…
|
CWE-665
Improper Initialization
|
CVE-2020-16901
|
2024-11-21 14:07 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
