|
209611
|
8.8 |
HIGH
Network
|
siemens
|
sinema_remote_connect_server
|
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.0). The webserver could allow unauthorized actions via special urls for unpriviledged users. The settings of the…
|
-
|
CVE-2020-25239
|
2024-11-21 14:17 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209612
|
5.5 |
MEDIUM
Local
|
siemens
|
logo\!_8_bm_firmware
|
A vulnerability has been identified in LOGO! 12/24RCE (6ED1052-1MD08-0BA1) (All versions), LOGO! 12/24RCEo (6ED1052-2MD08-0BA1) (All versions), LOGO! 230RCE (6ED1052-1FB08-0BA1) (All versions), LOGO!…
|
-
|
CVE-2020-25236
|
2024-11-21 14:17 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209613
|
8.8 |
HIGH
Network
|
advantech
|
webaccess\/scada
|
The WADashboard component of WebAccess/SCADA Versions 9.0 and prior may allow an attacker to control or influence a path used in an operation on the filesystem and remotely execute code as an adminis…
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2020-25161
|
2024-11-21 14:17 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209614
|
7.8 |
HIGH
Local
|
fujielectric
|
v-server
|
The affected Fuji Electric V-Server Lite versions prior to 3.3.24.0 are vulnerable to an out-of-bounds write, which may allow an attacker to remotely execute arbitrary code.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-25171
|
2024-11-21 14:17 |
2021-02-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209615
|
5.5 |
MEDIUM
Local
|
nfstream
|
nfstream
|
An issue was discovered in NFStream 5.2.0. Because some allocated modules are not correctly freed, if the nfstream object is directly destroyed without being used after it is created, it will cause a…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-25340
|
2024-11-21 14:17 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209616
|
7.8 |
HIGH
Local
|
siemens
|
digsi_4
|
A vulnerability has been identified in DIGSI 4 (All versions < V4.94 SP1 HF 1). Several folders in the %PATH% are writeable by normal users. As these folders are included in the search for dlls, an a…
|
-
|
CVE-2020-25245
|
2024-11-21 14:17 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209617
|
7.8 |
HIGH
Local
|
siemens
|
totally_integrated_automation_portal
simatic_process_control_system_neo
|
A vulnerability has been identified in PCS neo (Administration Console) (All versions < V3.1), TIA Portal (V15, V15.1 and V16). Manipulating certain files in specific folders could allow a local atta…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-25238
|
2024-11-21 14:17 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209618
|
8.1 |
HIGH
Network
|
siemens
|
sinec_network_management_system
sinema_server
|
A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP1 Update 1), SINEMA Server (All versions < V14.0 SP2 Update 2). When uploading files to an affected system using a zip containe…
|
-
|
CVE-2020-25237
|
2024-11-21 14:17 |
2021-02-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209619
|
5.3 |
MEDIUM
Network
|
jetbrains
|
youtrack
|
In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-25208
|
2024-11-21 14:17 |
2021-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209620
|
7.8 |
HIGH
Local
|
reolink
|
rln8-410_firmware
rlc-422_firmware
rlc-510a_firmware
rlc-423s_firmware
rlc-423_firmware
rlc-410_firmware
rlc-520a_firmware
|
An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-25173
|
2024-11-21 14:17 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
