Lucene search
K

652 matches found

Cvelist
Cvelist
added 2021/01/26 5:16 p.m.16 views

CVE-2020-23449

newbee-mall all versions are affected by incorrect access control to remotely gain privileges through NewBeeMallIndexConfigServiceImpl.java. Unauthorized changes can be made to any user information through the userID...

7.6AI score0.00869EPSS
Exploits1References1
NVD
NVD
added 2021/01/19 9:15 p.m.24 views

CVE-2020-27256

In SOOIL Developments Co., Ltd Diabecare RS, AnyDana-i and AnyDana-A, a hard-coded physician PIN in the physician menu of the insulin pump allows attackers with physical access to change insulin therapy settings...

6.8CVSS7AI score0.00311EPSS
Exploits0References1
NVD
NVD
added 2020/12/28 8:15 a.m.25 views

CVE-2020-29160

An issue was discovered in Zammad before 3.5.1. A REST API call allows an attacker to change Ticket Article data in a way that defeats auditing...

7.5CVSS7.4AI score0.00899EPSS
Exploits0References2
NVD
NVD
added 2020/11/09 1:15 a.m.26 views

CVE-2020-24403

Magento version 2.4.0 and 2.3.5p1 and earlier are affected by an incorrect user permissions vulnerability within the Inventory component. This vulnerability could be abused by authenticated users with Inventory and Source permissions to make unauthorized changes to inventory source data via the...

4CVSS2.4AI score0.01611EPSS
Exploits0References1
Prion
Prion
added 2020/11/09 1:15 a.m.25 views

Spoofing

Magento version 2.4.0 and 2.3.5p1 and earlier are affected by an incorrect user permissions vulnerability within the Inventory component. This vulnerability could be abused by authenticated users with Inventory and Source permissions to make unauthorized changes to inventory source data via the...

4CVSS3.5AI score0.01611EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2020/11/04 6:15 p.m.25 views

CVE-2020-22273

Neoflex Video Subscription System Version 2.0 is affected by CSRF which allows the Website's Settings to be changed such as Payment Settings...

6.5CVSS6.5AI score0.00403EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/11/04 5:3 p.m.26 views

CVE-2020-22273

Neoflex Video Subscription System Version 2.0 is affected by CSRF which allows the Website's Settings to be changed such as Payment Settings...

6.5AI score0.00403EPSS
Exploits0References2
CNVD
CNVD
added 2020/10/23 12:0 a.m.3 views

Unspecified Vulnerability in Oracle Java SE and Oracle Java SE Embedded (CNVD-2020-61049)

Oracle Java SE and Oracle Java SE Embedded are both products of Oracle Corporation.Oracle Java SE is a Java platform for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments.Oracle Java SE Embedded is a Java platform that targets Java...

3.1CVSS7.8AI score0.02684EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/10/15 12:0 a.m.4 views

PT-2020-4579 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.0 and 2.3.5p1 and earlier Description: The issue is related to incorrect user permissions within the Inventory component, allowing authenticated users with Inventory and Source permissions to make unauthorized changes to...

9.4CVSS3.1AI score0.01611EPSS
Exploits0References9
Cvelist
Cvelist
added 2020/10/14 7:45 p.m.22 views

CVE-2020-7383 SQL Injection in Rapid7 Nexpose

A SQL Injection issue in Rapid7 Nexpose version prior to 6.6.49 that may have allowed an authenticated user with a low permission level to access resources & make changes they should not have been able to access...

6.5CVSS8.4AI score0.01123EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2020/10/08 12:0 a.m.5 views

PT-2020-15526 · Jenkins · Jenkins Shared Objects Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Shared Objects Plugin versions 0.44 and earlier Description: A cross-site request forgery CSRF issue allows attackers to configure shared objects. This can be exploited by attackers to perform unauthorized actions. Recommendations: Fo...

4.3CVSS4.5AI score0.0076EPSS
Exploits0References6
OSV
OSV
added 2020/09/30 4:15 p.m.3 views

CVE-2020-12506

Improper Authentication vulnerability in WAGO 750-8XX series with FW version = FW03 allows an attacker to change the settings of the devices by sending specifically constructed requests without authentication This issue affects: WAGO 750-362, WAGO 750-363, WAGO 750-823, WAGO 750-832/xxx-xxx, WAGO...

9.1CVSS7.3AI score0.01452EPSS
Exploits0References1
NVD
NVD
added 2020/09/30 4:15 p.m.22 views

CVE-2020-12505

Improper Authentication vulnerability in WAGO 750-8XX series with FW version = FW07 allows an attacker to change some special parameters without authentication. This issue affects: WAGO 750-852, WAGO 750-880/xxx-xxx, WAGO 750-881, WAGO 750-831/xxx-xxx, WAGO 750-882, WAGO 750-885/xxx-xxx, WAGO...

9.1CVSS0.01247EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/28 12:0 a.m.8 views

Unspecified Vulnerability in Oracle E-Business Suite Common Applications (CNVD-2020-43711)

Oracle E-Business Suite E-Business Suite is a fully integrated set of global business management software from Oracle Corporation. The software provides customer relationship management, service management, financial management, etc. Common Applications also known as Oracle Common Application...

4.7CVSS8.9AI score0.01024EPSS
Exploits0References1
OSV
OSV
added 2020/07/15 6:15 p.m.2 views

CVE-2020-14549

Vulnerability in the Primavera Portfolio Management product of Oracle Construction and Engineering component: Web Server. Supported versions that are affected are 16.1.0.0-16.1.5.1, 18.0.0.0-18.0.2.0 and 19.0.0.0. Difficult to exploit vulnerability allows unauthenticated attacker with network...

5.9CVSS6.8AI score0.01134EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/15 12:0 a.m.3 views

Siemens Opcenter Execution Core Access Control Error Vulnerability (CNVD-2020-43671)

Opcenter Execution Core formerly known as Camstar Enterprise Platform is a general purpose Manufacturing Execution System MES. An access control error vulnerability exists in Camstar Enterprise Platform all versions and Opcenter Execution Core prior to version 8.2. An attacker could use this...

8.1CVSS6.6AI score0.01056EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/15 12:0 a.m.4 views

Unspecified Vulnerability in Oracle E-Business Suite (CNVD-2020-44276)

Oracle E-Business Suite E-Business Suite is the United States Oracle Oracle company's set of fully integrated global business management software. The software provides customer relationship management, service management, financial management and other functions. marketing is one of the...

4.7CVSS8.7AI score0.00985EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/15 12:0 a.m.3 views

Siemens Opcenter Execution Core Access Control Error Vulnerability

Opcenter Execution Core formerly known as Camstar Enterprise Platform is a general purpose Manufacturing Execution System MES. A SQL injection vulnerability exists in Siemens Camstar Enterprise Platform and Opcenter Execution Core. An attacker could exploit the vulnerability to view internal...

8.1CVSS7.8AI score0.01056EPSS
Exploits0References1
NVD
NVD
added 2020/07/14 2:15 p.m.22 views

CVE-2020-7578

A vulnerability has been identified in Camstar Enterprise Platform All versions, Opcenter Execution Core All versions V8.2. Authenticated users could have access to resources they normally would not have. This vulnerability could allow an attacker to view internal information and perform...

8.1CVSS0.01056EPSS
Exploits0References1
OSV
OSV
added 2020/07/14 2:15 p.m.3 views

CVE-2020-7578

A vulnerability has been identified in Camstar Enterprise Platform All versions, Opcenter Execution Core All versions V8.2. Authenticated users could have access to resources they normally would not have. This vulnerability could allow an attacker to view internal information and perform...

8.1CVSS7.2AI score0.01056EPSS
Exploits0References1
Rows per page
Query Builder