|
215061
|
5.3 |
MEDIUM
Network
|
arista
|
eos
|
In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction. This vulnerability is only susceptible to exploitation by unidirectional traffic (ex. UDP) and no…
|
NVD-CWE-noinfo
|
CVE-2020-15898
|
2024-11-21 14:06 |
2020-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215062
|
7.5 |
HIGH
Network
|
siemens
|
simatic_et_200sp_open_controller_firmware
simatic_s7-1500_software_controller_firmware
|
A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) (V20.8), SIMATIC S7-1500 Software Controller (V20.8). The web server of the affected products contains …
|
-
|
CVE-2020-15796
|
2024-11-21 14:06 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215063
|
8.8 |
HIGH
Network
|
gallagher
|
command_centre
|
Type confusion in Gallagher Command Centre Server allows a remote attacker to crash the server or possibly cause remote code execution. This issue affects: Gallagher Command Centre 8.30 versions prio…
|
CWE-843
Type Confusion
|
CVE-2020-16103
|
2024-11-21 14:06 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215064
|
8.2 |
HIGH
Network
|
gallagher
|
command_centre
|
Improper Authentication vulnerability in Gallagher Command Centre Server allows an unauthenticated remote attacker to create items with invalid configuration, potentially causing the server to crash …
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-16102
|
2024-11-21 14:06 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215065
|
7.2 |
HIGH
Network
|
gallagher
|
command_centre
|
SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege to execute arbitrary SQL against a third…
|
CWE-89
SQL Injection
|
CVE-2020-16104
|
2024-11-21 14:06 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215066
|
6.5 |
MEDIUM
Network
|
bitdefender
|
antivirus_plus
|
An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus allows a web resource to misrepresent itself in the URL bar. This issue affects: Bitdefender Antivirus …
|
CWE-346
Origin Validation Error
|
CVE-2020-15733
|
2024-11-21 14:06 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215067
|
3.8 |
LOW
Local
|
canonical
|
ubuntu_linux
|
The aptdaemon DBus interface disclosed file existence disclosure by setting Terminal/DebconfSocket properties, aka GHSL-2020-192 and GHSL-2020-196. This affected versions prior to 1.1.1+bzr982-0ubunt…
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2020-16128
|
2024-11-21 14:06 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215068
|
4.7 |
MEDIUM
Local
|
canonical
|
ubuntu_linux
|
An Ubuntu-specific patch in PulseAudio created a race condition where the snap policy module would fail to identify a client connection from a snap as coming from a snap if SCM_CREDENTIALS were missi…
|
CWE-362
Race Condition
|
CVE-2020-16123
|
2024-11-21 14:06 |
2020-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215069
|
9.8 |
CRITICAL
Network
|
ortussolutions
|
testbox
|
In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system/runners/HTMLRunner.cfm allow an attacker to write an arbitrary CFM file (within the application's context) c…
|
CWE-22
Path Traversal
|
CVE-2020-15929
|
2024-11-21 14:06 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215070
|
5.3 |
MEDIUM
Network
|
ortussolutions
|
testbox
|
In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters to test-browser/index.cfm allow directory traversal.
|
CWE-22
Path Traversal
|
CVE-2020-15928
|
2024-11-21 14:06 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
