|
211431
|
7.8 |
HIGH
Local
|
upx_project
|
upx
|
A heap-based buffer over-read was discovered in the invert_pt_dynamic function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-27796
|
2024-11-21 14:21 |
2022-08-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211432
|
9.8 |
CRITICAL
Network
|
redhat
|
openshift_container_platform
|
A flaw was found in cluster-ingress-operator. A change to how the router-default service allows only certain IP source ranges could allow an attacker to access resources that would otherwise be restr…
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-27836
|
2024-11-21 14:21 |
2022-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211433
|
7.5 |
HIGH
Network
|
radare
|
radare2
|
A segmentation fault was discovered in radare2 with adf command. In libr/core/cmd_anal.c, when command "adf" has no or wrong argument, anal_fcn_data (core, input + 1) --> RAnalFunction *fcn = r_anal_…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2020-27795
|
2024-11-21 14:21 |
2022-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211434
|
9.1 |
CRITICAL
Network
|
radare
|
radare2
|
A double free issue was discovered in radare2 in cmd_info.c:cmd_info(). Successful exploitation could lead to modification of unexpected memory locations and potentially causing a crash.
|
CWE-415
Double Free
|
CVE-2020-27794
|
2024-11-21 14:21 |
2022-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211435
|
7.5 |
HIGH
Network
|
radare
|
radare2
|
An off-by-one overflow flaw was found in radare2 due to mismatched array length in core_java.c. This could allow an attacker to cause a crash, and perform a denail of service attack.
|
CWE-193
Off-by-one Error
|
CVE-2020-27793
|
2024-11-21 14:21 |
2022-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211436
|
7.1 |
HIGH
Local
|
artifex
debian
|
ghostscript
debian_linux
|
A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF fil…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2020-27792
|
2024-11-21 14:21 |
2022-08-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211437
|
5.5 |
MEDIUM
Local
|
upx_project
|
upx
|
An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-27788
|
2024-11-21 14:21 |
2022-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211438
|
5.5 |
MEDIUM
Local
|
upx_project
|
upx
|
A floating point exception issue was discovered in UPX in PackLinuxElf64::invert_pt_dynamic() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could …
|
CWE-369
Divide By Zero
|
CVE-2020-27790
|
2024-11-21 14:21 |
2022-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211439
|
5.5 |
MEDIUM
Local
|
upx_project
|
upx
|
A Segmentaation fault was found in UPX in invert_pt_dynamic() function in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of servi…
|
NVD-CWE-noinfo
|
CVE-2020-27787
|
2024-11-21 14:21 |
2022-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211440
|
5.4 |
MEDIUM
Network
|
galaxkey
|
galaxkey
|
Persistent XSS in Galaxkey Secure Mail Client in Galaxkey up to 5.6.11.5 allows an attacker to perform an account takeover by intercepting the HTTP Post request when sending an email and injecting a …
|
CWE-79
Cross-site Scripting
|
CVE-2020-27509
|
2024-11-21 14:21 |
2022-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
