921
|
7.5 |
HIGH
Network
openvpn
|
openvpn
|
Control Channel in OpenVPN 2.4.7 and earlier allows remote attackers to cause a denial of service via crafted reset packet.
Update
|
NVD-CWE-noinfo
|
CVE-2020-20813
|
2024-10-8 04:36 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
922
|
8.8 |
HIGH
Network
|
gnu
|
binutils
|
An issue was discovered in binutils libbfd.c 2.36 relating to the auxiliary symbol data allows attackers to read or write to system memory or cause a denial of service.
Update
|
NVD-CWE-noinfo
|
CVE-2020-19726
|
2024-10-8 04:36 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
923
|
5.5 |
MEDIUM
Local
|
zziplib_project
|
zziplib
|
An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service.
Update
|
NVD-CWE-noinfo
|
CVE-2020-18770
|
2024-10-8 04:36 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
924
|
9.8 |
CRITICAL
Network
gabrieleventuri
|
pandasai
|
An issue in Gaberiele Venturi pandasai v.0.8.0 and before allows a remote attacker to execute arbitrary code via a crafted request to the prompt function.
Update
|
NVD-CWE-noinfo
|
CVE-2023-39660
|
2024-10-8 04:36 |
2023-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
925
|
9.8 |
CRITICAL
Network
nodejs
|
node.js
|
The use of `Module._load()` can bypass the policy mechanism and require modules outside of the policy.json definition for a given module.
This vulnerability affects all users using the experimental …
Update
|
NVD-CWE-noinfo
|
CVE-2023-32002
|
2024-10-8 04:36 |
2023-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
926
|
9.8 |
CRITICAL
Network
draytek
|
vigor2620_firmware vigor2625_firmware
|
user_login.cgi on Draytek Vigor2620 devices before 3.9.8.4 (and on all versions of Vigor2925 devices) allows attackers to send a crafted payload to modify the content of the code segment, insert shel…
Update
|
NVD-CWE-noinfo
|
CVE-2023-31447
|
2024-10-8 04:36 |
2023-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
927
|
7.5 |
HIGH
Network
butterfly-button
|
butterfly_button
|
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in BUTTERFLY BUTTON PROJECT - BUTTERFLY BUTTON (Architecture flaw) allows loss of plausible deniability and confidentiality.
T…
Update
|
NVD-CWE-noinfo
|
CVE-2023-40735
|
2024-10-8 04:36 |
2023-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
928
|
7.5 |
HIGH
Network
tp-link
|
tl-wr1041n_v2_firmware
|
An issue in the component /userRpm/NetworkCfgRpm of TP-Link TL-WR1041N V2 allows attackers to cause a Denial of Service (DoS) via a crafted GET request.
Update
|
NVD-CWE-noinfo
|
CVE-2023-39748
|
2024-10-8 04:36 |
2023-08-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
929
|
7.2 |
HIGH
Network
|
online_travel_agency_system_project
|
online_travel_agency_system
|
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the page_id parameter at article_edit.php.
Update
|
CWE-89
SQL Injection
|
CVE-2023-31940
|
2024-10-8 04:36 |
2023-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
930
|
7.2 |
HIGH
Network
|
online_travel_agency_system_project
|
online_travel_agency_system
|
SQL injection vulnerability found in Online Travel Agency System v.1.0 allows a remote attacker to execute arbitrary code via the costomer_id parameter at customer_edit.php.
Update
|
CWE-89
SQL Injection
|
CVE-2023-31939
|
2024-10-8 04:36 |
2023-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|