|
210331
|
5.3 |
MEDIUM
Network
|
trendmicro
|
officescan
apex_one
|
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal version a…
|
NVD-CWE-noinfo
|
CVE-2020-28576
|
2024-11-21 14:22 |
2020-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210332
|
6.7 |
MEDIUM
Local
|
trendmicro
|
serverprotect
|
A heap-based buffer overflow privilege escalation vulnerability in Trend Micro ServerProtect for Linux 3.0 may allow an attacker to escalate privileges on affected installations. An attacker must fir…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-28575
|
2024-11-21 14:22 |
2020-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210333
|
5.3 |
MEDIUM
Network
|
trendmicro
|
officescan
apex_one
|
An improper access control information disclosure vulnerability in Trend Micro Apex One and OfficeScan XG SP1 could allow an unauthenticated user to connect to the product server and reveal the total…
|
NVD-CWE-noinfo
|
CVE-2020-28573
|
2024-11-21 14:22 |
2020-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210334
|
9.8 |
CRITICAL
Network
|
barco
|
wepresent_wipg-1600w_firmware
|
Barco wePresent WiPG-1600W firmware includes a hardcoded API account and password that is discoverable by inspecting the firmware image. A malicious actor could use this password to access authentica…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-28329
|
2024-11-21 14:22 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210335
|
9.8 |
CRITICAL
Network
|
barco
|
wepresent_wipg-1600w_firmware
|
Barco wePresent WiPG-1600W devices use Hard-coded Credentials (issue 2 of 2). Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W device has a hardcoded root pa…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-28334
|
2024-11-21 14:22 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210336
|
9.8 |
CRITICAL
Network
|
barco
|
wepresent_wipg-1600w_firmware
|
Barco wePresent WiPG-1600W devices allow Authentication Bypass. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W web interface does not use session cookies for tracking authenticated sess…
|
CWE-287
CWE-200
Improper Authentication
Information Exposure
|
CVE-2020-28333
|
2024-11-21 14:22 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210337
|
9.8 |
CRITICAL
Network
|
barco
|
wepresent_wipg-1600w_firmware
|
Barco wePresent WiPG-1600W devices download code without an Integrity Check. Affected Version(s): 2.5.1.8, 2.5.0.25, 2.5.0.24, 2.4.1.19. The Barco wePresent WiPG-1600W firmware does not perform verif…
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2020-28332
|
2024-11-21 14:22 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210338
|
6.5 |
MEDIUM
Network
|
barco
|
wepresent_wipg-1600w_firmware
|
Barco wePresent WiPG-1600W devices have Unprotected Transport of Credentials. Affected Version(s): 2.5.1.8. An attacker armed with hardcoded API credentials (retrieved by exploiting CVE-2020-28329) c…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-28330
|
2024-11-21 14:22 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210339
|
7.5 |
HIGH
Network
|
barco
|
wepresent_wipg-1600w_firmware
|
Barco wePresent WiPG-1600W devices have Improper Access Control. Affected Version(s): 2.5.1.8. The Barco wePresent WiPG-1600W device has an SSH daemon included in the firmware image. By default, the …
|
NVD-CWE-Other
|
CVE-2020-28331
|
2024-11-21 14:22 |
2020-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210340
|
6.5 |
MEDIUM
Network
|
hashicorp
|
nomad
|
HashiCorp Nomad and Nomad Enterprise 0.9.0 up to 0.12.7 client Docker file sandbox feature may be subverted when not explicitly disabled or when using a volume mount type. Fixed in 0.12.8, 0.11.7, an…
|
CWE-22
Path Traversal
|
CVE-2020-28348
|
2024-11-21 14:22 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
