|
211141
|
6.8 |
MEDIUM
Network
|
dovecot
debian
fedoraproject
|
dovecot
debian_linux
fedora
|
An issue was discovered in Dovecot before 2.3.13. By using IMAP IDLE, an authenticated attacker can trigger unhibernation via attacker-controlled parameters, leading to access to other users' email m…
|
NVD-CWE-Other
|
CVE-2020-24386
|
2024-11-21 14:14 |
2021-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211142
|
7.4 |
HIGH
Adjacent
|
arista
|
eos
|
An issue with ARP packets in Arista’s EOS affecting the 7800R3, 7500R3, and 7280R3 series of products may result in issues that cause a kernel crash, followed by a device reload. The affected Arista …
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2020-24360
|
2024-11-21 14:14 |
2020-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211143
|
6.1 |
MEDIUM
Network
|
pega
|
pega_platform
|
Pega Platform through 8.4.x is affected by Cross Site Scripting (XSS) via the ConnectionID parameter, as demonstrated by a pyActivity=Data-TRACERSettings.pzStartTracerSession request to a PRAuth URI.
|
CWE-79
Cross-site Scripting
|
CVE-2020-23957
|
2024-11-21 14:14 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211144
|
9.1 |
CRITICAL
Network
|
butok
|
fnet
|
An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-24383
|
2024-11-21 14:14 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211145
|
9.1 |
CRITICAL
Network
|
altran
|
picotcp
picotcp-ng
|
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bo…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-24341
|
2024-11-21 14:14 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211146
|
7.5 |
HIGH
Network
|
altran
|
picotcp
picotcp-ng
|
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The code that processes DNS responses in pico_mdns_handle_data_as_answers_generic() in pico_mdns.c does not check whether the number o…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-24340
|
2024-11-21 14:14 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211147
|
7.5 |
HIGH
Network
|
altran
|
picotcp
picotcp-ng
|
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compre…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-24339
|
2024-11-21 14:14 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211148
|
9.8 |
CRITICAL
Network
|
altran
|
picotcp
|
An issue was discovered in picoTCP through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer o…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-24338
|
2024-11-21 14:14 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211149
|
7.5 |
HIGH
Network
|
altran
|
picotcp
picotcp-ng
|
An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. When an unsupported TCP option with zero length is provided in an incoming TCP packet, it is possible to cause a Denial-of-Service by …
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-24337
|
2024-11-21 14:14 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211150
|
9.8 |
CRITICAL
Network
|
contiki-os
contiki-ng
|
contiki
contiki-ng
|
An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-24336
|
2024-11-21 14:14 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
