|
211861
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
oracle
|
wireshark
fedora
zfs_storage_appliance_kit
|
Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-26420
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211862
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
oracle
|
wireshark
fedora
zfs_storage_appliance_kit
|
Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-26419
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211863
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
debian
oracle
|
wireshark
fedora
debian_linux
zfs_storage_appliance_kit
|
Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-26418
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211864
|
5.3 |
MEDIUM
Network
|
ethereum
|
go_ethereum
|
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where…
|
CWE-682
Incorrect Calculation
|
CVE-2020-26265
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211865
|
6.5 |
MEDIUM
Network
|
ethereum
|
go_ethereum
|
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.25 a denial-of-service vulnerability can make a LES server crash via malicious GetPr…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-26264
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211866
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A potential DOS vulnerability was discovered in all versions of Gitlab starting from 13.4.x (>=13.4 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2). Using a specific query name for a project se…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2020-26411
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211867
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership. This affects versions >=13.6 to <13.6.2, >=13.5 to <13.5.5, and >=13.1 to <13.4.7.
|
CWE-200
Information Exposure
|
CVE-2020-26417
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211868
|
4.4 |
MEDIUM
Local
|
gitlab
|
gitlab
|
Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs. This affects versions >=8.4 to <13.4.7, >=13.5 to <13.5.5, and >…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-26416
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211869
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API. This affects GitLab >=12.2 to <13.4.7, >=13.5 to <13.5.5, and >=1…
|
CWE-200
CWE-862
Information Exposure
Missing Authorization
|
CVE-2020-26415
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211870
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.4 before 13.6.2. Information disclosure via GraphQL results in user email being unexpectedly visible.
|
CWE-200
Information Exposure
|
CVE-2020-26413
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
