|
218611
|
7.8 |
HIGH
Local
|
beyondtrust
|
privilege_management_for_windows
|
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. If the publisher criteria is selected, it defines the name of a publisher that must be present in the certificate …
|
NVD-CWE-noinfo
|
CVE-2020-12614
|
2024-11-21 13:59 |
2023-12-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218612
|
7.8 |
HIGH
Local
|
beyondtrust
|
privilege_management_for_windows
|
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When adding the Add Admin token to a process, and specifying that it runs at medium integrity with the user owning…
|
NVD-CWE-noinfo
|
CVE-2020-12615
|
2024-11-21 13:59 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218613
|
7.8 |
HIGH
Local
|
beyondtrust
|
privilege_management_for_windows
|
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. When specifying a program to elevate, it can typically be found within the Program Files (x86) folder and therefor…
|
NVD-CWE-noinfo
|
CVE-2020-12612
|
2024-11-21 13:59 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218614
|
8.8 |
HIGH
Network
|
beyondtrust
|
privilege_management_for_windows
|
An issue was discovered in BeyondTrust Privilege Management for Windows through 5.6. An attacker can spawn a process with multiple users as part of the security token (prior to Avecto elevation). Whe…
|
NVD-CWE-noinfo
|
CVE-2020-12613
|
2024-11-21 13:59 |
2023-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218615
|
5.9 |
MEDIUM
Network
|
mozilla
|
firefox
firefox_esr
|
The Raccoon attack is a timing attack on DHE ciphersuites inherit in the TLS specification. To mitigate this vulnerability, Firefox disabled support for DHE ciphersuites.
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2020-12413
|
2024-11-21 13:59 |
2023-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218616
|
7.8 |
HIGH
Local
|
pilz
codesys
festo
wago
|
pmc
control_for_beaglebone
control_for_empc-a\/imx6
control_for_iot2000
control_for_pfc100
control_for_pfc200
control_for_plcnext
control_for_raspberry_pi
hmi_v3
control_v3…
|
In CODESYS V3 products in all versions prior V3.5.16.0 containing the CmpUserMgr, the CODESYS Control runtime system stores the online communication passwords using a weak hashing algorithm. This can…
|
CWE-916
Use of Password Hash With Insufficient Computational Effort
|
CVE-2020-12069
|
2024-11-21 13:59 |
2022-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218617
|
7.5 |
HIGH
Network
|
pilz
|
pmc
|
In Pilz PMC programming tool 3.x before 3.5.17 (based on CODESYS Development System), a user's password may be changed by an attacker without knowledge of the current password.
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2020-12067
|
2024-11-21 13:59 |
2022-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218618
|
7.5 |
HIGH
Network
|
badgermeter
|
moni\
|
In s::can moni::tools in versions below 4.2 an unauthenticated attacker could get any file from the device by path traversal in the image-relocator module.
|
-
|
CVE-2020-12508
|
2024-11-21 13:59 |
2022-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218619
|
8.8 |
HIGH
Network
|
badgermeter
|
moni\
|
In s::can moni::tools before version 4.2 an authenticated attacker could get full access to the database through SQL injection. This may result in loss of confidentiality, loss of integrity and DoS.
|
-
|
CVE-2020-12507
|
2024-11-21 13:59 |
2022-11-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218620
|
7.5 |
HIGH
Network
|
badgermeter
|
moni\
|
In s::can moni::tools in versions below 4.2 an unauthenticated attacker could get any file from the device by path traversal in the camera-file module.
|
-
|
CVE-2020-12509
|
2024-11-21 13:59 |
2022-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
