ReportizFlow
Filtered by vendor
Subscriptions
Total
1594 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-35464 | 1 Weave | 1 Cloud Agent | 2024-11-21 | 9.8 Critical |
| Version 1.3.0 of the Weave Cloud Agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the Weave Cloud Agent container may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-35463 | 1 Instana | 1 Dynamic Apm | 2024-11-21 | 9.8 Critical |
| Version 1.0.0 of the Instana Dynamic APM Docker image contains a blank password for the root user. Systems deployed using affected versions of the Instana Dynamic APM container may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-35462 | 1 Coscale Agent Project | 1 Coscale Agent | 2024-11-21 | 9.8 Critical |
| Version 3.16.0 of the CoScale agent Docker image contains a blank password for the root user. Systems deployed using affected versions of the CoScale agent container may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-35226 | 1 Netgear | 4 Gs116e, Gs116e Firmware, Jgs516pe and 1 more | 2024-11-21 | 7.1 High |
| NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices allow unauthenticated users to modify the switch DHCP configuration by sending the corresponding write request command. | ||||
| CVE-2020-35197 | 1 Docker | 1 Memcached Docker Image | 2024-11-21 | 9.8 Critical |
| The official memcached docker images before 1.5.11-alpine (Alpine specific) contain a blank password for a root user. System using the memcached docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-35196 | 1 Docker | 1 Rabbitmq Docker Image | 2024-11-21 | 9.8 Critical |
| The official rabbitmq docker images before 3.7.13-beta.1-management-alpine (Alpine specific) contain a blank password for a root user. System using the rabbitmq docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-35195 | 1 Docker | 1 Haproxy Docker Image | 2024-11-21 | 9.8 Critical |
| The official haproxy docker images before 1.8.18-alpine (Alpine specific) contain a blank password for a root user. System using the haproxy docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-35193 | 1 Sonarsource | 1 Sonarqube Docker Image | 2024-11-21 | 9.8 Critical |
| The official sonarqube docker images before alpine (Alpine specific) contain a blank password for a root user. System using the sonarqube docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-35192 | 1 Hashicorp | 1 Vault | 2024-11-21 | 9.8 Critical |
| The official vault docker images before 0.11.6 contain a blank password for a root user. System using the vault docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-35191 | 1 Drupal | 1 Drupal Docker Images | 2024-11-21 | 9.8 Critical |
| The official drupal docker images before 8.5.10-fpm-alpine (Alpine specific) contain a blank password for a root user. System using the drupal docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-35190 | 1 Plone | 1 Plone | 2024-11-21 | 9.8 Critical |
| The official plone Docker images before version of 4.3.18-alpine (Alpine specific) contain a blank password for a root user. System using the plone docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-35189 | 1 Kong | 1 Kong Alpine Docker Image | 2024-11-21 | 9.8 Critical |
| The official kong docker images before 1.0.2-alpine (Alpine specific) contain a blank password for a root user. System using the kong docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-35187 | 1 Influxdata | 1 Telegraf | 2024-11-21 | 9.8 Critical |
| The official telegraf docker images before 1.9.4-alpine (Alpine specific) contain a blank password for a root user. System using the telegraf docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-35186 | 1 Docker | 1 Adminer | 2024-11-21 | 9.8 Critical |
| The official adminer docker images before 4.7.0-fastcgi contain a blank password for a root user. System using the adminer docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-35185 | 1 Docker | 1 Ghost Alpine Docker Image | 2024-11-21 | 9.8 Critical |
| The official ghost docker images before 2.16.1-alpine (Alpine specific) contain a blank password for a root user. System using the ghost docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-35184 | 1 Docker | 1 Composer Docker Image | 2024-11-21 | 9.8 Critical |
| The official composer docker images before 1.8.3 contain a blank password for a root user. System using the composer docker container deployed by affected versions of the docker image may allow a remote attacker to achieve root access with a blank password. | ||||
| CVE-2020-2076 | 1 Sick | 1 Package Analytics | 2024-11-21 | 9.8 Critical |
| SICK Package Analytics software up to and including version V04.0.0 are vulnerable to an authentication bypass by directly interfacing with the REST API. An attacker can send unauthorized requests, bypass current authentication controls presented by the application and could potentially write files without authentication. | ||||
| CVE-2020-29551 | 1 Urve | 1 Urve | 2024-11-21 | 9.1 Critical |
| An issue was discovered in URVE Build 24.03.2020. Using the _internal/pc/shutdown.php path, it is possible to shutdown the system. Among others, the following files and scripts are also accessible: _internal/pc/abort.php, _internal/pc/restart.php, _internal/pc/vpro.php, _internal/pc/wake.php, _internal/error_u201409.txt, _internal/runcmd.php, _internal/getConfiguration.php, ews/autoload.php, ews/del.php, ews/mod.php, ews/sync.php, utils/backup/backup_server.php, utils/backup/restore_server.php, MyScreens/timeline.config, kreator.html5/test.php, and addedlogs.txt. | ||||
| CVE-2020-29389 | 1 Docker | 1 Crux Linux Docker Image | 2024-11-21 | 9.8 Critical |
| The official Crux Linux Docker images 3.0 through 3.4 contain a blank password for a root user. System using the Crux Linux Docker container deployed by affected versions of the Docker image may allow an attacker to achieve root access with a blank password. | ||||
| CVE-2020-29379 | 1 Vsolcn | 4 V1600d-mini, V1600d-mini Firmware, V1600d4l and 1 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered on V-SOL V1600D4L V1.01.49 and V1600D-MINI V1.01.48 OLT devices. During the process of updating the firmware, the update script starts a telnetd -l /bin/sh process that does not require authentication for TELNET access. | ||||