|
201101
|
6.5 |
MEDIUM
Network
|
google
debian
fedoraproject
opensuse
|
chrome
debian_linux
fedora
backports_sle
|
Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
|
NVD-CWE-noinfo
|
CVE-2020-6557
|
2024-11-21 14:35 |
2020-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201102
|
7.8 |
HIGH
Local
|
checkpoint
|
zonealarm
|
Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware.
|
NVD-CWE-noinfo
|
CVE-2020-6023
|
2024-11-21 14:35 |
2020-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201103
|
4.8 |
MEDIUM
Network
|
sap
|
netweaver_design_time_repository
|
SAP NetWeaver Design Time Repository (DTR), versions - 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2020-6370
|
2024-11-21 14:35 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201104
|
5.9 |
MEDIUM
Network
|
sap
|
solution_manager
focused_run
|
SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an unauthenticated attackers to bypass the authentication if the default passwords fo…
|
NVD-CWE-Other
|
CVE-2020-6369
|
2024-11-21 14:35 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201105
|
6.1 |
MEDIUM
Network
|
sap
|
netweaver_composite_application_framework
|
There is a reflected cross site scripting vulnerability in SAP NetWeaver Composite Application Framework, versions - 7.20, 7.30, 7.31, 7.40, 7.50. An unauthenticated attacker can trick an unsuspectin…
|
CWE-79
Cross-site Scripting
|
CVE-2020-6367
|
2024-11-21 14:35 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201106
|
6.5 |
MEDIUM
Network
|
sap
|
netweaver_compare_systems
|
SAP NetWeaver (Compare Systems) versions - 7.20, 7.30, 7.40, 7.50, does not sufficiently validate uploaded XML documents. An attacker with administrative privileges can retrieve arbitrary files inclu…
|
CWE-20
Improper Input Validation
|
CVE-2020-6366
|
2024-11-21 14:35 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201107
|
6.5 |
MEDIUM
Network
|
sap
|
banking_services
|
SAP Banking Services version 500, use an incorrect authorization object in some of its reports. Although the affected reports are protected with otherauthorization objects, exploitation of the vulner…
|
CWE-863
Incorrect Authorization
|
CVE-2020-6362
|
2024-11-21 14:35 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201108
|
5.5 |
MEDIUM
Local
|
sap
|
3d_visual_enterprise_viewer
|
SAP 3D Visual Enterprise Viewer, version 9, allows an attacker to send certain manipulated file to the victim, which can lead to leakage of sensitive information when the victim loads the malicious f…
|
NVD-CWE-noinfo
|
CVE-2020-6315
|
2024-11-21 14:35 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201109
|
7.5 |
HIGH
Network
|
rockwellautomation
|
flex_i\/o_1794-aent
|
An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause …
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-6085
|
2024-11-21 14:35 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201110
|
7.5 |
HIGH
Network
|
rockwellautomation
|
flex_i\/o_1794-aent
|
An exploitable denial of service vulnerability exists in the ENIP Request Path Logical Segment functionality of Allen-Bradley Flex IO 1794-AENT/B 4.003. A specially crafted network request can cause …
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-6084
|
2024-11-21 14:35 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
