Show filters
1,988 Total Results
Displaying 791-800 of 1,988
Sort by:
Attacker Value
Unknown

CVE-2020-8282

Disclosure Date: December 14, 2020 (last updated February 22, 2025)
A security issue was found in EdgePower 24V/54V firmware v1.7.0 and earlier where, due to missing CSRF protections, an attacker would have been able to perform unauthorized remote code execution.
Attacker Value
Unknown

CVE-2020-25179

Disclosure Date: December 14, 2020 (last updated February 22, 2025)
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.
Attacker Value
Unknown

CVE-2020-25175

Disclosure Date: December 14, 2020 (last updated February 22, 2025)
GE Healthcare Imaging and Ultrasound Products may allow specific credentials to be exposed during transport over the network.
Attacker Value
Unknown

CVE-2020-17153

Disclosure Date: December 10, 2020 (last updated November 28, 2024)
Microsoft Edge for Android Spoofing Vulnerability
0
Attacker Value
Unknown

CVE-2020-17131

Disclosure Date: December 10, 2020 (last updated February 22, 2025)
Chakra Scripting Engine Memory Corruption Vulnerability
0
Attacker Value
Unknown

CVE-2020-17527

Disclosure Date: December 03, 2020 (last updated February 22, 2025)
While investigating bug 64830 it was discovered that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. While this would most likely lead to an error and the closure of the HTTP/2 connection, it is possible that information could leak between requests.
Attacker Value
Unknown

CVE-2020-25649

Disclosure Date: December 03, 2020 (last updated February 22, 2025)
A flaw was found in FasterXML Jackson Databind, where it did not have entity expansion secured properly. This flaw allows vulnerability to XML external entity (XXE) attacks. The highest threat from this vulnerability is data integrity.
Attacker Value
Unknown

CVE-2020-7199

Disclosure Date: December 02, 2020 (last updated February 22, 2025)
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gaining privileged access, causing denial of service, and changing the configuration.
Attacker Value
Unknown

CVE-2020-12148

Disclosure Date: November 30, 2020 (last updated February 22, 2025)
A command injection flaw identified in the nslookup API in Silver Peak Unity ECOSTM (ECOS) appliance software could allow an attacker to execute arbitrary commands with the privileges of the web server running on the EdgeConnect appliance. An attacker could exploit this vulnerability to establish an interactive channel, effectively taking control of the target system. This vulnerability can be exploited by an attacker with authenticated access to the Orchestrator UI or EdgeConnect UI. This affects all ECOS versions prior to : 8.1.9.15, 8.3.0.8, 8.3.1.2, 8.3.2.0, 9.0.2.0, and 9.1.0.0.
Attacker Value
Unknown

CVE-2020-12149

Disclosure Date: November 30, 2020 (last updated February 22, 2025)
The configuration backup/restore function in Silver Peak Unity ECOSTM (ECOS) appliance software was found to directly incorporate the user-controlled config filename in a subsequent shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. This vulnerability can be exploited by an attacker with authenticated access to the Orchestrator UI or EdgeConnect UI. This affects all ECOS versions prior to: 8.1.9.15, 8.3.0.8, 8.3.1.2, 8.3.2.0, 9.0.2.0, and 9.1.0.0.