|
210521
|
9.8 |
CRITICAL
Network
|
contiki-os
|
contiki-os
|
An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-25112
|
2024-11-21 14:17 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210522
|
9.8 |
CRITICAL
Network
|
contiki-os
|
contiki-os
|
An issue was discovered in the IPv6 stack in Contiki through 3.0. There is an insufficient check for the IPv6 header length. This leads to Denial-of-Service and potential Remote Code Execution via a …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-25111
|
2024-11-21 14:17 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210523
|
9.8 |
CRITICAL
Network
|
ethernut
|
nut\/os
|
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The length byte of a domain name in a DNS query/response is not checked, and is used for internal memory operations. This …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-25110
|
2024-11-21 14:17 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210524
|
9.8 |
CRITICAL
Network
|
ethernut
|
nut\/os
|
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The number of DNS queries/responses (set in a DNS header) is not checked against the data present. This may lead to succes…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-25109
|
2024-11-21 14:17 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210525
|
9.8 |
CRITICAL
Network
|
ethernut
|
nut\/os
|
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The DNS response data length is not checked (it can be set to an arbitrary value from a packet). This may lead to successf…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-25108
|
2024-11-21 14:17 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210526
|
9.8 |
CRITICAL
Network
|
ethernut
|
nut\/os
|
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. There is no check on whether a domain name has '\0' termination. This may lead to successful Denial-of-Service, and possib…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-25107
|
2024-11-21 14:17 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210527
|
7.5 |
HIGH
Network
|
ni
|
compactrio_firmware
|
Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to trigger a function that could reboot the CompactRIO (Driver versions prior …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-25191
|
2024-11-21 14:17 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210528
|
7.8 |
HIGH
Local
|
we-con
|
levistudiou
|
A heap-based buffer overflow vulnerability exists within the WECON LeviStudioU Release Build 2019-09-21 and prior when processing project files. Opening a specially crafted project file could allow a…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-25199
|
2024-11-21 14:17 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210529
|
4.8 |
MEDIUM
Network
|
arachnys
|
cabot
|
Cross Site Scripting (XSS) vulnerability in Arachnys Cabot 0.11.12 can be exploited via the Address column.
|
CWE-79
Cross-site Scripting
|
CVE-2020-25449
|
2024-11-21 14:17 |
2020-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210530
|
9.8 |
CRITICAL
Network
|
moddable
|
moddable
|
Heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562 in Moddable SDK before OS200903.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-25462
|
2024-11-21 14:17 |
2020-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
