|
211511
|
9.8 |
CRITICAL
Network
|
advantech
|
iview
|
Advantech iView, Versions 5.7 and prior. The affected product is vulnerable to path traversal vulnerabilities that could allow an attacker to create/download arbitrary files, limit system availabilit…
|
CWE-22
Path Traversal
|
CVE-2020-16245
|
2024-11-21 14:07 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211512
|
6.5 |
MEDIUM
Local
|
parallels
|
parallels_desktop
|
This vulnerability allows local attackers to disclose information on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code…
|
-
|
CVE-2020-17391
|
2024-11-21 14:07 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211513
|
8.8 |
HIGH
Local
|
parallels
|
parallels_desktop
|
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-17390
|
2024-11-21 14:07 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211514
|
8.8 |
HIGH
Network
|
marvell
|
qconvergeconsole
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability,…
|
-
|
CVE-2020-17389
|
2024-11-21 14:07 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211515
|
8.8 |
HIGH
Network
|
marvell
|
qconvergeconsole
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability,…
|
-
|
CVE-2020-17388
|
2024-11-21 14:07 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211516
|
8.8 |
HIGH
Network
|
marvell
|
qconvergeconsole
|
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Marvell QConvergeConsole 5.5.0.64. Although authentication is required to exploit this vulnerability,…
|
-
|
CVE-2020-17387
|
2024-11-21 14:07 |
2020-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211517
|
6.5 |
MEDIUM
Network
|
cellopoint
|
cellos
|
Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. With cookie of an authenticated user, attackers can temper with the URL parameter and access arbitrary file on system.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-17386
|
2024-11-21 14:07 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211518
|
7.5 |
HIGH
Network
|
cellopoint
|
cellos
|
Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly, which allows unauthorized user to launch Path Traversal attack and access arbitrate file on the system.
|
CWE-22
Path Traversal
|
CVE-2020-17385
|
2024-11-21 14:07 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211519
|
7.2 |
HIGH
Network
|
cellopoint
|
cellos
|
Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. With the cookie of the system administrator, attackers can inject and remotely execute arbitrary command to manipulat…
|
CWE-78
OS Command
|
CVE-2020-17384
|
2024-11-21 14:07 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211520
|
2.1 |
LOW
Physics
|
philips
|
suresigns_vs4_firmware
|
Philips SureSigns VS4, A.07.107 and prior. The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
|
CWE-863
Incorrect Authorization
|
CVE-2020-16241
|
2024-11-21 14:07 |
2020-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
