|
210841
|
6.5 |
MEDIUM
Network
|
monstra
|
monstra_cms
|
An issue in Monstra CMS v3.0.4 allows attackers to execute arbitrary web scripts or HTML via bypassing the file extension filter and uploading crafted HTML files.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-20691
|
2024-11-21 14:12 |
2021-09-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210842
|
8.1 |
HIGH
Network
|
maccms
|
maccms
|
A Cross-Site Request Forgery (CSRF) in Maccms v10 via admin.php/admin/admin/del/ids/<id>.html allows authenticated attackers to delete all users.
|
CWE-352
Origin Validation Error
|
CVE-2020-20514
|
2024-11-21 14:12 |
2021-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210843
|
6.1 |
MEDIUM
Network
|
shopkit_project
|
shopkit
|
Shopkit v2.7 contains a reflective cross-site scripting (XSS) vulnerability in the /account/register component, which allows attackers to hijack user credentials via a crafted payload in the E-Mail t…
|
CWE-79
Cross-site Scripting
|
CVE-2020-20508
|
2024-11-21 14:12 |
2021-09-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210844
|
7.5 |
HIGH
Network
|
redislabs
|
redis
|
A segmentation fault in the redis-server component of Redis 5.0.7 leads to a denial of service (DOS). NOTE: the vendor cannot reproduce this issue in a released version, such as 5.0.7
|
NVD-CWE-noinfo
|
CVE-2020-21468
|
2024-11-21 14:12 |
2021-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210845
|
6.5 |
MEDIUM
Network
|
ffmpeg
|
ffmpeg
|
A CWE-125: Out-of-bounds read vulnerability exists in long_term_filter function in g729postfilter.c in FFmpeg 4.2.1 during computation of the denominator of pseudo-normalized correlation R'(0), that …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-20902
|
2024-11-21 14:12 |
2021-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210846
|
8.8 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
Integer Overflow vulnerability in function filter16_prewitt in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-20898
|
2024-11-21 14:12 |
2021-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210847
|
8.8 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
An issue was discovered in function latm_write_packet in libavformat/latmenc.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a Null pointer derefe…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-20896
|
2024-11-21 14:12 |
2021-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210848
|
8.8 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
An issue was discovered in function filter_frame in libavfilter/vf_lenscorrection.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts due to a division by ze…
|
CWE-369
Divide By Zero
|
CVE-2020-20892
|
2024-11-21 14:12 |
2021-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210849
|
8.8 |
HIGH
Network
|
ffmpeg
|
ffmpeg
|
Buffer Overflow vulnerability in function config_input in libavfilter/vf_gblur.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-20891
|
2024-11-21 14:12 |
2021-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210850
|
5.5 |
MEDIUM
Local
|
unicode
debian
|
international_components_for_unicode
debian_linux
|
International Components for Unicode (ICU-20850) v66.1 was discovered to contain a use after free bug in the pkg_createWithAssemblyCode function in the file tools/pkgdata/pkgdata.cpp.
|
CWE-416
Use After Free
|
CVE-2020-21913
|
2024-11-21 14:12 |
2021-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
