|
210291
|
6.8 |
MEDIUM
Adjacent
|
schneider-electric
|
modicon_m258_firmware
somachine
somachine_motion
|
A CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists in Modicon M258 Firmware (All versions prior to V5.0.4.11) and SoMachine/SoMachine Motion softw…
|
-
|
CVE-2020-28220
|
2024-11-21 14:22 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210292
|
7.8 |
HIGH
Local
|
schneider-electric
|
ecostruxure_geo_scada_expert_2020
ecostruxure_geo_scada_expert_2019
|
A CWE-522: Insufficiently Protected Credentials vulnerability exists in EcoStruxure Geo SCADA Expert 2019 (Original release and Monthly Updates to September 2020, from 81.7268.1 to 81.7578.1) and Eco…
|
-
|
CVE-2020-28219
|
2024-11-21 14:22 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210293
|
6.5 |
MEDIUM
Network
|
schneider-electric
|
easergy_t300_firmware
|
A CWE-1021: Improper Restriction of Rendered UI Layers or Frames vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to trick a user into initiating an uninten…
|
-
|
CVE-2020-28218
|
2024-11-21 14:22 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210294
|
7.5 |
HIGH
Network
|
schneider-electric
|
easergy_t300_firmware
|
A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.
|
-
|
CVE-2020-28217
|
2024-11-21 14:22 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210295
|
7.5 |
HIGH
Network
|
schneider-electric
|
easergy_t300_firmware
|
A CWE-311: Missing Encryption of Sensitive Data vulnerability exists in Easergy T300 (firmware 2.7 and older), that would allow an attacker to read network traffic over HTTP protocol.
|
-
|
CVE-2020-28216
|
2024-11-21 14:22 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210296
|
9.8 |
CRITICAL
Network
|
schneider-electric
|
easergy_t300_firmware
|
A CWE-862: Missing Authorization vulnerability exists in Easergy T300 (firmware 2.7 and older), that could cause a wide range of problems, including information exposures, denial of service, and arbi…
|
-
|
CVE-2020-28215
|
2024-11-21 14:22 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210297
|
5.5 |
MEDIUM
Local
|
schneider-electric
|
modicon_m221_firmware
|
A CWE-760: Use of a One-Way Hash with a Predictable Salt vulnerability exists in Modicon M221 (all references, all versions), that could allow an attacker to pre-compute the hash value using dictiona…
|
-
|
CVE-2020-28214
|
2024-11-21 14:22 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210298
|
7.5 |
HIGH
Network
|
zx2c4
|
password-store
|
pass through 1.7.3 has a possibility of using a password for an unintended resource. For exploitation to occur, the user must do a git pull, decrypt a password, and log into a remote service with the…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2020-28086
|
2024-11-21 14:22 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210299
|
9.8 |
CRITICAL
Network
|
deepref_project
|
deepref
|
Prototype pollution vulnerability in 'deepref' versions 1.1.1 through 1.2.1 allows attacker to cause a denial of service and may lead to remote code execution.
|
NVD-CWE-noinfo
|
CVE-2020-28274
|
2024-11-21 14:22 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210300
|
7.8 |
HIGH
Local
|
apple
fedoraproject
debian
webkitgtk
|
tvos
itunes
iphone_os
watchos
icloud
ipados
safari
macos
fedora
debian_linux
webkitgtk\+
|
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 14.2 and iPadOS 14.2, iCloud for Windows 11.5, Safari 14.0.1, tvOS …
|
CWE-416
Use After Free
|
CVE-2020-27918
|
2024-11-21 14:22 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
