|
208841
|
3.3 |
LOW
Local
|
sap
|
erp_client_for_e-bilanz
|
SAP ERP Client for E-Bilanz, version - 1.0, installation sets Incorrect default filesystem permissions are set in its installation folder which allows anyone to modify the files in the folder.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-26807
|
2024-11-21 14:20 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208842
|
5.5 |
MEDIUM
Local
|
trendmicro
|
interscan_messaging_security_virtual_appliance
|
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an information disclosure vulnerability which could allow an attacker to access a specific database and key.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-27019
|
2024-11-21 14:20 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208843
|
5.5 |
MEDIUM
Local
|
trendmicro
|
interscan_messaging_security_virtual_appliance
|
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a server side request forgery vulnerability which could allow an authenticated attacker to abuse the product's …
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-27018
|
2024-11-21 14:20 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208844
|
4.9 |
MEDIUM
Network
|
trendmicro
|
interscan_messaging_security_virtual_appliance
|
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to an XML External Entity Processing (XXE) vulnerability which could allow an authenticated administrator to read …
|
CWE-611
XXE
|
CVE-2020-27017
|
2024-11-21 14:20 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208845
|
8.8 |
HIGH
Network
|
trendmicro
|
interscan_messaging_security_virtual_appliance
|
Trend Micro InterScan Messaging Security Virtual Appliance (IMSVA) 9.1 is vulnerable to a cross-site request forgery (CSRF) vulnerability which could allow an attacker to modify policy rules by trick…
|
CWE-352
Origin Validation Error
|
CVE-2020-27016
|
2024-11-21 14:20 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208846
|
9.8 |
CRITICAL
Network
|
percona
|
percona_server
|
An issue was discovered in the MongoDB Simple LDAP plugin through 2020-10-02 for Percona Server when using the SimpleLDAP authentication in conjunction with Microsoft’s Active Directory, Percona has …
|
CWE-287
Improper Authentication
|
CVE-2020-26542
|
2024-11-21 14:20 |
2020-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208847
|
6.7 |
MEDIUM
Local
|
cisco
|
sd-wan_vmanage
|
A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an authenticated, local attacker to inject arbitrary commands and potentially gain elevated privileges. T…
|
CWE-88
Argument Injection
|
CVE-2020-27129
|
2024-11-21 14:20 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208848
|
6.5 |
MEDIUM
Network
|
cisco
|
sd-wan
|
A vulnerability in the application data endpoints of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to write arbitrary files to an affected system. The vulnerability is d…
|
CWE-22
Path Traversal
|
CVE-2020-27128
|
2024-11-21 14:20 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208849
|
5.5 |
MEDIUM
Local
|
cisco
|
anyconnect_secure_mobility_client
|
A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to read arbitrary files on the unde…
|
NVD-CWE-noinfo
|
CVE-2020-27123
|
2024-11-21 14:20 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208850
|
6.7 |
MEDIUM
Local
|
cisco
|
identity_services_engine
|
A vulnerability in the Microsoft Active Directory integration of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to elevate privileges on an affected device. To expl…
|
CWE-269
Improper Privilege Management
|
CVE-2020-27122
|
2024-11-21 14:20 |
2020-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
