|
208921
|
9.8 |
CRITICAL
Network
|
ethernut
|
nut\/os
|
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The DNS response data length is not checked (it can be set to an arbitrary value from a packet). This may lead to successf…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-25108
|
2024-11-21 14:17 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208922
|
9.8 |
CRITICAL
Network
|
ethernut
|
nut\/os
|
An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. There is no check on whether a domain name has '\0' termination. This may lead to successful Denial-of-Service, and possib…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-25107
|
2024-11-21 14:17 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208923
|
7.5 |
HIGH
Network
|
ni
|
compactrio_firmware
|
Incorrect permissions are set by default for an API entry-point of a specific service, allowing a non-authenticated user to trigger a function that could reboot the CompactRIO (Driver versions prior …
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-25191
|
2024-11-21 14:17 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208924
|
7.8 |
HIGH
Local
|
we-con
|
levistudiou
|
A heap-based buffer overflow vulnerability exists within the WECON LeviStudioU Release Build 2019-09-21 and prior when processing project files. Opening a specially crafted project file could allow a…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-25199
|
2024-11-21 14:17 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208925
|
4.8 |
MEDIUM
Network
|
arachnys
|
cabot
|
Cross Site Scripting (XSS) vulnerability in Arachnys Cabot 0.11.12 can be exploited via the Address column.
|
CWE-79
Cross-site Scripting
|
CVE-2020-25449
|
2024-11-21 14:17 |
2020-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208926
|
9.8 |
CRITICAL
Network
|
moddable
|
moddable
|
Heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562 in Moddable SDK before OS200903.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-25462
|
2024-11-21 14:17 |
2020-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208927
|
7.5 |
HIGH
Network
|
moddable
|
moddable
|
Invalid Memory Access in the fxProxyGetter function in moddable/xs/sources/xsProxy.c in Moddable SDK before OS200908 causes a denial of service (SEGV).
|
NVD-CWE-Other
|
CVE-2020-25461
|
2024-11-21 14:17 |
2020-12-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208928
|
5.5 |
MEDIUM
Local
|
appimage
|
appimaged
|
AppImage appimaged before 1.0.3 does not properly check whether a downloaded file is a valid appimage. For example, it will accept a crafted mp3 file that contains an appimage, and install it.
|
CWE-494
Download of Code Without Integrity Check
|
CVE-2020-25266
|
2024-11-21 14:17 |
2020-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208929
|
6.5 |
MEDIUM
Network
|
appimage
|
libappimage
|
AppImage libappimage before 1.0.3 allows attackers to trigger an overwrite of a system-installed .desktop file by providing a .desktop file that contains Name= with path components.
|
NVD-CWE-noinfo
|
CVE-2020-25265
|
2024-11-21 14:17 |
2020-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208930
|
8.8 |
HIGH
Network
|
we-con
|
plc_editor
|
WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer overflow vulnerabilities have been identified that may allow arbitrary code execution.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-25181
|
2024-11-21 14:17 |
2020-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
