|
212381
|
6.5 |
MEDIUM
Network
|
google
|
angle
|
Out of bounds read in ANGLE allowed a remote attacker to obtain sensitive data via a crafted HTML page.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-16048
|
2024-11-21 14:06 |
2021-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212382
|
4.3 |
MEDIUM
Network
|
fortinet
|
fortiadc
|
A cleartext storage of sensitive information in GUI in FortiADC versions 5.4.3 and below, 6.0.0 and below may allow a remote authenticated attacker to retrieve some sensitive information such as user…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2020-15935
|
2024-11-21 14:06 |
2021-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212383
|
5.4 |
MEDIUM
Network
|
fortinet
|
forticlient_enterprise_management_server
|
An improper neutralization of input vulnerability [CWE-79] in FortiClientEMS versions 6.4.1 and below and 6.2.9 and below may allow a remote authenticated attacker to inject malicious script/tags via…
|
CWE-79
Cross-site Scripting
|
CVE-2020-15940
|
2024-11-21 14:06 |
2021-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212384
|
5.4 |
MEDIUM
Network
|
fortinet
|
forticlient_endpoint_management_server
|
A path traversal vulnerability [CWE-22] in FortiClientEMS versions 6.4.1 and below; 6.2.8 and below may allow an authenticated attacker to inject directory traversal character sequences to add/delete…
|
CWE-22
Path Traversal
|
CVE-2020-15941
|
2024-11-21 14:06 |
2021-10-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212385
|
4.3 |
MEDIUM
Network
|
fortinet
|
fortisandbox
|
An improper access control vulnerability (CWE-284) in FortiSandbox versions 3.2.1 and below and 3.1.4 and below may allow an authenticated, unprivileged attacker to download the device configuration …
|
NVD-CWE-Other
|
CVE-2020-15939
|
2024-11-21 14:06 |
2021-09-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212386
|
9.8 |
CRITICAL
Network
|
govicture
|
pc420_firmware
|
Stack-based Buffer Overflow vulnerability in the ONVIF server component of Victure PC420 smart camera allows an attacker to execute remote code on the target device. This issue affects: Victure PC420…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-15744
|
2024-11-21 14:06 |
2021-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212387
|
5.9 |
MEDIUM
Network
|
fehcom
|
s\/qmail
|
In s/qmail through 4.0.07, an active MitM can inject arbitrary plaintext commands into a STARTTLS encrypted session between an SMTP client and s/qmail. This allows e-mail messages and user credential…
|
CWE-77
Command Injection
|
CVE-2020-15955
|
2024-11-21 14:06 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212388
|
6.1 |
MEDIUM
Network
|
egain
|
chat
|
eGain Chat 15.5.5 allows XSS via the Name (aka full_name) field.
|
CWE-79
Cross-site Scripting
|
CVE-2020-15948
|
2024-11-21 14:06 |
2021-07-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212389
|
7.5 |
HIGH
Network
|
bitdefender
|
antivirus_plus
total_security
internet_security
|
Improper Certificate Validation vulnerability in the Online Threat Prevention module as used in Bitdefender Total Security allows an attacker to potentially bypass HTTP Strict Transport Security (HST…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-15732
|
2024-11-21 14:06 |
2021-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212390
|
9.8 |
CRITICAL
Network
|
siemens
|
simatic_driver_controller_firmware
s7-1200_cpu_firmware
s7-1500_cpu_firmware
simatic_s7-1500__software_controller
simatic_s7-plcsim_advanced
et_200sp_open_controller_firmware
|
A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP…
|
-
|
CVE-2020-15782
|
2024-11-21 14:06 |
2021-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
