|
215821
|
7.5 |
HIGH
Network
|
trianglemicroworks
|
scada_data_gateway
|
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to disclose sensitive information due to the lack of proper validation of user-supp…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-10613
|
2024-11-21 13:55 |
2020-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215822
|
9.8 |
CRITICAL
Network
|
trianglemicroworks
|
scada_data_gateway
|
Triangle MicroWorks SCADA Data Gateway 3.02.0697 through 4.0.122, 2.41.0213 through 4.0.122 allows remote attackers to execute arbitrary code due to the lack of proper validation of user-supplied dat…
|
CWE-843
Type Confusion
|
CVE-2020-10611
|
2024-11-21 13:55 |
2020-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215823
|
7.8 |
HIGH
Local
|
eaton
|
hmisoft_vu3_firmware
|
Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. A specially crafted input file could cause a buffer overflow …
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-10639
|
2024-11-21 13:55 |
2020-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215824
|
5.5 |
MEDIUM
Local
|
eaton
|
hmisoft_vu3_firmware
|
Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. A specially crafted input file could trigger an out-of-bounds…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-10637
|
2024-11-21 13:55 |
2020-04-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215825
|
7.8 |
HIGH
Local
|
targetcli-fb_project
|
targetcli-fb
|
A flaw was found in Linux, in targetcli-fb versions 2.1.50 and 2.1.51 where the socket used by targetclid was world-writable. If a system enables the targetclid socket, a local attacker can use this …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-10699
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215826
|
8.8 |
HIGH
Network
|
icatchinc
|
dvr_firmware
|
iCatch DVR firmware before 20200103 do not validate function parameter properly, resulting attackers executing arbitrary command.
|
CWE-77
Command Injection
|
CVE-2020-10514
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215827
|
6.5 |
MEDIUM
Network
|
icatchinc
|
dvr_interface
|
The file management interface of iCatch DVR firmware before 20200103 contains broken access control which allows the attacker to remotely manipulate arbitrary file.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-10513
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215828
|
8.8 |
HIGH
Network
|
hgiga
|
oaklouds_ccm\@il
|
HGiga C&Cmail CCMAILQ before olln-calendar-6.0-100.i386.rpm and CCMAILN before olln-calendar-5.0-100.i386.rpm contains a SQL Injection vulnerability which allows attackers to injecting SQL commands i…
|
CWE-89
SQL Injection
|
CVE-2020-10512
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215829
|
9.8 |
CRITICAL
Network
|
hgiga
|
oaklouds_ccm\@il
|
HGiga C&Cmail CCMAILQ before olln-base-6.0-418.i386.rpm and CCMAILN before olln-base-5.0-418.i386.rpm contains insecure configurations. Attackers can exploit these flaws to access unauthorized functi…
|
CWE-78
OS Command
|
CVE-2020-10511
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215830
|
9.8 |
CRITICAL
Network
|
the_school_manage_system_project
|
the_school_manage_system
|
The School Manage System before 2020, developed by ALLE INFORMATION CO., LTD., contains a vulnerability of Unrestricted file upload (RCE) , that would allow attackers to gain access in the hosting ma…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-10507
|
2024-11-21 13:55 |
2020-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
