|
218981
|
9.8 |
CRITICAL
Network
|
baxter
|
em2400_firmware
em1200_firmware
|
Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, 1.13, 1.14 a…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-12016
|
2024-11-21 13:59 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218982
|
7.5 |
HIGH
Network
|
baxter
|
em2400_firmware
em1200_firmware
|
Baxter ExactaMix EM 2400 Versions 1.10, 1.11 and ExactaMix EM1200 Versions 1.1, 1.2 systems use cleartext messages to communicate order information with an order entry system. This could allow an att…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-12008
|
2024-11-21 13:59 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218983
|
6.1 |
MEDIUM
Physics
|
baxter
|
em2400_firmware
em1200_firmware
|
Baxter ExactaMix EM 2400 & EM 1200, Versions ExactaMix EM2400 Versions 1.10, 1.11, 1.13, 1.14, ExactaMix EM1200 Versions 1.1, 1.2, 1.4, 1.5, Baxter ExactaMix EM 2400 Versions 1.10, 1.11, and 1.13, an…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-12012
|
2024-11-21 13:59 |
2020-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218984
|
7.5 |
HIGH
Network
|
apache
canonical
oracle
opensuse
debian
netapp
|
tomcat
ubuntu_linux
workload_manager
siebel_ui_framework
mysql_enterprise_monitor
leap
debian_linux
oncommand_system_manager
|
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient …
|
NVD-CWE-noinfo
|
CVE-2020-11996
|
2024-11-21 13:59 |
2020-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218985
|
8.8 |
HIGH
Adjacent
|
rockwellautomation
|
factorytalk_services_platform
|
In Rockwell Automation FactoryTalk Services Platform, all versions, the redundancy host service (RdcyHost.exe) does not validate supplied identifiers, which could allow an unauthenticated, adjacent a…
|
CWE-20
Improper Input Validation
|
CVE-2020-12033
|
2024-11-21 13:59 |
2020-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218986
|
9.0 |
CRITICAL
Network
|
osisoft
|
pi_web_api
|
In OSIsoft PI Web API 2019 Patch 1 (1.12.0.6346) and all previous versions, the affected product is vulnerable to a cross-site scripting attack, which may allow an attacker to remotely execute arbitr…
|
CWE-79
Cross-site Scripting
|
CVE-2020-12021
|
2024-11-21 13:59 |
2020-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218987
|
9.8 |
CRITICAL
Network
|
unisys
|
stealth
|
In Unisys Stealth 3.4.x, 4.x and 5.x before 5.0.026, if certificate-based authorization is used without HTTPS, an endpoint could be authorized without a private key.
|
CWE-863
Incorrect Authorization
|
CVE-2020-12053
|
2024-11-21 13:59 |
2020-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218988
|
9.8 |
CRITICAL
Network
|
apache
|
shiro
|
Apache Shiro before 1.5.3, when using Apache Shiro with Spring dynamic controllers, a specially crafted request may cause an authentication bypass.
|
NVD-CWE-noinfo
|
CVE-2020-11989
|
2024-11-21 13:59 |
2020-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218989
|
5.3 |
MEDIUM
Network
|
beckhoff
|
twincat_driver
twincat
|
Beckhoff's TwinCAT RT network driver for Intel 8254x and 8255x is providing EtherCAT functionality. The driver implements real-time features. Except for Ethernet frames sent from real-time functional…
|
-
|
CVE-2020-12494
|
2024-11-21 13:59 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218990
|
9.8 |
CRITICAL
Network
|
advantech
|
webaccess
|
WebAccess Node Version 8.4.4 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-12019
|
2024-11-21 13:59 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
