Show filters
1,989 Total Results
Displaying 851-860 of 1,989
Sort by:
Attacker Value
Unknown

CVE-2020-12144

Disclosure Date: May 05, 2020 (last updated February 21, 2025)
The certificate used to identify the Silver Peak Cloud Portal to EdgeConnect devices is not validated. This makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted portal.
Attacker Value
Unknown

CVE-2020-12142

Disclosure Date: May 05, 2020 (last updated February 21, 2025)
1. IPSec UDP key material can be retrieved from machine-to-machine interfaces and human-accessible interfaces by a user with admin credentials. Such a user, with the required system knowledge, could use this material to decrypt in-flight communication. 2. The vulnerability requires administrative access and shell access to the EdgeConnect appliance. An admin user can access IPSec seed and nonce parameters using the CLI, REST APIs, and the Linux shell.
Attacker Value
Unknown

CVE-2020-12143

Disclosure Date: May 05, 2020 (last updated February 21, 2025)
The certificate used to identify Orchestrator to EdgeConnect devices is not validated, which makes it possible for someone to establish a TLS connection from EdgeConnect to an untrusted Orchestrator.
Attacker Value
Unknown

CVE-2020-5892

Disclosure Date: April 30, 2020 (last updated November 27, 2024)
In versions 7.1.5-7.1.8, the BIG-IP Edge Client components in BIG-IP APM, Edge Gateway, and FirePass legacy allow attackers to obtain the full session ID from process memory.
Attacker Value
Unknown

CVE-2020-5883

Disclosure Date: April 30, 2020 (last updated February 21, 2025)
On BIG-IP 15.0.0-15.0.1, 14.1.0-14.1.2.3, 14.0.0-14.0.1, and 13.1.0-13.1.3.1, when a virtual server is configured with HTTP explicit proxy and has an attached HTTP_PROXY_REQUEST iRule, POST requests sent to the virtual server cause an xdata memory leak.
Attacker Value
Unknown

CVE-2020-5887

Disclosure Date: April 30, 2020 (last updated February 21, 2025)
On versions 15.1.0-15.1.0.1, 15.0.0-15.0.1.2, and 14.1.0-14.1.2.3, BIG-IP Virtual Edition (VE) may expose a mechanism for remote attackers to access local daemons and bypass port lockdown settings.
Attacker Value
Unknown

CVE-2020-5882

Disclosure Date: April 30, 2020 (last updated November 27, 2024)
On BIG-IP 15.0.0-15.0.1.3, 14.1.0-14.1.2.3, 13.1.0-13.1.3.3, 12.1.0-12.1.5, and 11.6.1-11.6.5.1, under certain conditions, the Intel QuickAssist Technology (QAT) cryptography driver may produce a Traffic Management Microkernel (TMM) core file.
Attacker Value
Unknown

CVE-2020-0969

Disclosure Date: April 15, 2020 (last updated February 21, 2025)
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.
Attacker Value
Unknown

CVE-2020-0970

Disclosure Date: April 15, 2020 (last updated February 21, 2025)
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-0968.
Attacker Value
Unknown

CVE-2020-2935

Disclosure Date: April 15, 2020 (last updated November 27, 2024)
Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations product of Oracle Financial Services Applications (component: User Interface). Supported versions that are affected are 8.0.6 - 8.0.8. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Financial Services Hedge Management and IFRS Valuations. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Financial Services Hedge Management and IFRS Valuations accessible data as well as unauthorized read access to a subset of Oracle Financial Services Hedge Management and IFRS Valuations accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N).