|
210951
|
8.8 |
HIGH
Network
|
mozilla
|
firefox_esr
thunderbird
firefox
|
Certain blit values provided by the user were not properly constrained leading to a heap buffer overflow on some video drivers. This vulnerability affects Firefox < 84, Thunderbird < 78.6, and Firefo…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-26971
|
2024-11-21 14:20 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210952
|
6.1 |
MEDIUM
Network
|
formstone
|
formstone
|
Formstone <=1.4.16 is vulnerable to a Reflected Cross-Site Scripting (XSS) vulnerability caused by improper validation of user supplied input in the upload-target.php and upload-chunked.php files. A …
|
CWE-79
Cross-site Scripting
|
CVE-2020-26768
|
2024-11-21 14:20 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210953
|
5.3 |
MEDIUM
Network
|
redlion
|
crimson
|
An attacker could send a specially crafted message to Crimson 3.1 (Build versions prior to 3119.001) that could leak arbitrary memory locations.
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2020-27283
|
2024-11-21 14:20 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210954
|
7.5 |
HIGH
Network
|
redlion
|
crimson
|
A NULL pointer deference vulnerability has been identified in the protocol converter. An attacker could send a specially crafted packet that could reboot the device running Crimson 3.1 (Build version…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-27279
|
2024-11-21 14:20 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210955
|
9.1 |
CRITICAL
Network
|
redlion
|
crimson
|
The default configuration of Crimson 3.1 (Build versions prior to 3119.001) allows a user to be able to read and modify the database without authentication.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-27285
|
2024-11-21 14:20 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210956
|
9.8 |
CRITICAL
Network
|
clickhouse-driver_project
|
clickhouse-driver
|
clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code (on a database client) via a crafted server response, due to a buffer overflow.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-26759
|
2024-11-21 14:20 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210957
|
9.8 |
CRITICAL
Network
|
gdatasoftware
|
g_data
|
An issue was discovered in G-Data before 25.5.9.25 using Symbolic links, it is possible to abuse the infected-file restore mechanism to achieve arbitrary write that leads to elevation of privileges.
|
CWE-59
Link Following
|
CVE-2020-27172
|
2024-11-21 14:20 |
2020-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210958
|
5.9 |
MEDIUM
Network
|
arista
|
eos
|
In EVPN VxLAN setups in Arista EOS, specific malformed packets can lead to incorrect MAC to IP bindings and as a result packets can be incorrectly forwarded across VLAN boundaries. This can result in…
|
NVD-CWE-noinfo
|
CVE-2020-26569
|
2024-11-21 14:20 |
2020-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210959
|
8.8 |
HIGH
Network
|
user_registration_\&_login_and_user_management_system_with_admin_panel_project
|
user_registration_\&_login_and_user_management_system_with_admin_panel
|
A Cross Site Request Forgery (CSRF) vulnerability exists in the loginsystem page in PHPGurukul User Registration & Login and User Management System With Admin Panel 2.1.
|
CWE-352
Origin Validation Error
|
CVE-2020-26766
|
2024-11-21 14:20 |
2020-12-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210960
|
7.5 |
HIGH
Network
|
emerson
|
x-stream_enhanced_xegp_firmware
x-stream_enhanced_xegk_firmware
x-stream_enhanced_xefd_firmware
x-stream_enhanced_xexf_firmware
|
Emerson Rosemount X-STREAM Gas AnalyzerX-STREAM enhanced XEGP, XEGK, XEFD, XEXF – all revisions, The affected products are vulnerable to improper authentication for accessing log and backup data, whi…
|
CWE-287
Improper Authentication
|
CVE-2020-27254
|
2024-11-21 14:20 |
2020-12-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
