|
211351
|
7.5 |
HIGH
Network
|
altran
|
picotcp
picotcp-ng
|
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compre…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-24339
|
2024-11-21 14:14 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211352
|
9.8 |
CRITICAL
Network
|
altran
|
picotcp
|
An issue was discovered in picoTCP through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer o…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-24338
|
2024-11-21 14:14 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211353
|
7.5 |
HIGH
Network
|
altran
|
picotcp
picotcp-ng
|
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by …
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-24337
|
2024-11-21 14:14 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211354
|
9.8 |
CRITICAL
Network
|
contiki-os
contiki-ng
|
contiki
contiki-ng
|
An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-24336
|
2024-11-21 14:14 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211355
|
8.2 |
HIGH
Network
|
uip_project
|
uip
|
The code that processes DNS responses in uIP through 1.0, as used in Contiki and Contiki-NG, does not check whether the number of responses specified in the DNS packet header corresponds to the respo…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-24334
|
2024-11-21 14:14 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211356
|
7.0 |
HIGH
Local
|
adobe
|
lightroom
|
Adobe Lightroom Classic version 10.0 (and earlier) for Windows is affected by an uncontrolled search path vulnerability that could result in arbitrary code execution in the context of the current use…
|
-
|
CVE-2020-24447
|
2024-11-21 14:14 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211357
|
7.0 |
HIGH
Local
|
adobe
|
prelude
|
Adobe Prelude version 9.0.1 (and earlier) is affected by an uncontrolled search path element that could result in arbitrary code execution in the context of the current user. Exploitation of this iss…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-24440
|
2024-11-21 14:14 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211358
|
9.0 |
CRITICAL
Network
|
adobe
|
experience_manager_cloud_service
experience_manager
|
AEM's Cloud Service offering, as well as version 6.5.6.0 (and below), are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by an attacker to inject malicious scripts…
|
-
|
CVE-2020-24445
|
2024-11-21 14:14 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211359
|
5.8 |
MEDIUM
Network
|
adobe
|
experience_manager_forms_add-on
|
AEM Forms SP6 add-on for AEM 6.5.6.0 and Forms add-on package for AEM 6.4 Service Pack 8 Cumulative Fix Pack 2 (6.4.8.2) have a blind Server-Side Request Forgery (SSRF) vulnerability. This vulnerabil…
|
-
|
CVE-2020-24444
|
2024-11-21 14:14 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211360
|
5.5 |
MEDIUM
Local
|
amoisoft
|
anyview
|
In AnyView (network police) network monitoring software 4.6.0.1, there is a local denial of service vulnerability in AnyView, attackers can use a constructed program to cause a computer crash (BSOD).
|
NVD-CWE-noinfo
|
CVE-2020-23741
|
2024-11-21 14:14 |
2020-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
