|
199491
|
7.5 |
HIGH
Network
|
mozilla
|
firefox
firefox_esr
thunderbird
|
When reading from areas partially or fully outside the source resource with WebGL's <code>copyTexSubImage</code> method, the specification requires the returned values be zero. Previously, this memor…
|
CWE-908
Use of Uninitialized Resource
|
CVE-2020-6821
|
2024-11-21 14:36 |
2020-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199492
|
8.1 |
HIGH
Network
|
mozilla
|
thunderbird
firefox
firefox_esr
|
Under certain conditions, when handling a ReadableStream, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affects Thund…
|
CWE-362
Race Condition
|
CVE-2020-6820
|
2024-11-21 14:36 |
2020-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199493
|
8.1 |
HIGH
Network
|
mozilla
|
thunderbird
firefox
firefox_esr
|
Under certain conditions, when running the nsDocShell destructor, a race condition can cause a use-after-free. We are aware of targeted attacks in the wild abusing this flaw. This vulnerability affec…
|
CWE-362
CWE-416
Race Condition
Use After Free
|
CVE-2020-6819
|
2024-11-21 14:36 |
2020-04-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199494
|
5.4 |
MEDIUM
Network
|
hp
|
onboard_administrator
|
A potential security vulnerability has been identified in HPE Onboard Administrator. The vulnerability could be remotely exploited to allow Reflected Cross Site Scripting. HPE has made the following …
|
CWE-79
Cross-site Scripting
|
CVE-2020-7132
|
2024-11-21 14:36 |
2020-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199495
|
9.9 |
CRITICAL
Network
|
elementor
|
elementor_page_builder
|
An issue was discovered in Elementor 2.7.4. Arbitrary file upload is possible in the Elementor Import Templates function, allowing an attacker to execute code via a crafted ZIP archive.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-7055
|
2024-11-21 14:36 |
2020-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199496
|
7.8 |
HIGH
Local
|
autodesk
|
fbx_software_development_kit
|
A heap overflow vulnerability in the Autodesk FBX-SDK versions 2019.2 and earlier may lead to arbitrary code execution on a system running it.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-7085
|
2024-11-21 14:36 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199497
|
5.5 |
MEDIUM
Local
|
autodesk
|
fbx_software_development_kit
|
A NULL pointer dereference vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application.
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-7084
|
2024-11-21 14:36 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199498
|
6.5 |
MEDIUM
Network
|
autodesk
|
fbx_software_development_kit
|
An intager overflow vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to denial of service of the application.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-7083
|
2024-11-21 14:36 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199499
|
8.8 |
HIGH
Network
|
autodesk
|
fbx_software_development_kit
|
A use-after-free vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to code execution on a system running it.
|
CWE-416
Use After Free
|
CVE-2020-7082
|
2024-11-21 14:36 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199500
|
8.8 |
HIGH
Network
|
autodesk
|
fbx_software_development_kit
|
A type confusion vulnerability in the Autodesk FBX-SDK versions 2019.0 and earlier may lead to arbitary code read/write on the system running it.
|
CWE-843
Type Confusion
|
CVE-2020-7081
|
2024-11-21 14:36 |
2020-04-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
