|
208231
|
7.3 |
HIGH
Network
|
siemens
|
sicam_a8000_cp-8000_firmware
sicam_a8000_cp-8021_firmware
sicam_a8000_cp-8022_firmware
|
A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V16), SICAM A8000 CP-8021 (All versions < V16), SICAM A8000 CP-8022 (All versions < V16). A web server misconfiguration of t…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-28396
|
2024-11-21 14:22 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208232
|
9.8 |
CRITICAL
Network
|
corenlp-js-interface_project
|
corenlp-js-interface
|
All versions of package corenlp-js-interface are vulnerable to Command Injection via the main function.
|
CWE-78
OS Command
|
CVE-2020-28440
|
2024-11-21 14:22 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208233
|
9.8 |
CRITICAL
Network
|
corenlp-js-prefab_project
|
corenlp-js-prefab
|
This affects all versions of package corenlp-js-prefab. The injection point is located in line 10 in 'index.js.' It depends on a vulnerable package 'corenlp-js-interface.' Vulnerability can be exploi…
|
CWE-78
OS Command
|
CVE-2020-28439
|
2024-11-21 14:22 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208234
|
6.8 |
MEDIUM
Adjacent
|
schneider-electric
|
modicon_m258_firmware
somachine
somachine_motion
|
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion softw…
|
-
|
CVE-2020-28220
|
2024-11-21 14:22 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208235
|
7.8 |
HIGH
Local
|
schneider-electric
|
ecostruxure_geo_scada_expert_2020
ecostruxure_geo_scada_expert_2019
|
A CWE-522: Insufficiently Protected Credentials vulnerability exists in EcoStruxure Geo SCADA Expert 2019 (Original release and Monthly Updates to September 2020, from 81.7268.1 to 81.7578.1) and Eco…
|
-
|
CVE-2020-28219
|
2024-11-21 14:22 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208236
|
6.5 |
MEDIUM
Network
|
schneider-electric
|
easergy_t300_firmware
|
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to trick a user into initiating an uninten…
|
-
|
CVE-2020-28218
|
2024-11-21 14:22 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208237
|
7.5 |
HIGH
Network
|
schneider-electric
|
easergy_t300_firmware
|
A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.
|
-
|
CVE-2020-28217
|
2024-11-21 14:22 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208238
|
7.5 |
HIGH
Network
|
schneider-electric
|
easergy_t300_firmware
|
A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.
|
-
|
CVE-2020-28216
|
2024-11-21 14:22 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208239
|
9.8 |
CRITICAL
Network
|
schneider-electric
|
easergy_t300_firmware
|
A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older), that could cause a wide range of problems, including information exposures, denial of service, and arbi…
|
-
|
CVE-2020-28215
|
2024-11-21 14:22 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208240
|
5.5 |
MEDIUM
Local
|
schneider-electric
|
modicon_m221_firmware
|
A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 (all references, all versions), that could allow an attacker to pre-compute the hash value using dictiona…
|
-
|
CVE-2020-28214
|
2024-11-21 14:22 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
