|
199851
|
5.3 |
MEDIUM
Network
|
neomutt
mutt
debian
|
neomutt
mutt
debian_linux
|
Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and t…
|
CWE-287
CWE-755
Improper Authentication
Improper Handling of Exceptional Conditions
|
CVE-2020-28896
|
2024-11-21 14:23 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199852
|
9.8 |
CRITICAL
Network
|
winscp
|
winscp
|
Buffer overflow in WinSCP 5.17.8 allows a malicious FTP server to cause a denial of service or possibly have other unspecified impact via a long file name.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-28864
|
2024-11-21 14:23 |
2020-11-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199853
|
7.5 |
HIGH
Network
|
scikit-learn
|
scikit-learn
|
svm_predict_values in svm.cpp in Libsvm v324, as used in scikit-learn 0.23.2 and other products, allows attackers to cause a denial of service (segmentation fault) via a crafted model SVM (introduced…
|
NVD-CWE-noinfo
|
CVE-2020-28975
|
2024-11-21 14:23 |
2020-11-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199854
|
7.8 |
HIGH
Local
|
netskope
|
netskope
|
A CSV injection vulnerability in the Admin portal for Netskope 75.0 allows an unauthenticated user to inject malicious payload in admin's portal thus leads to compromise admin's system.
|
CWE-1236
Improper Neutralization of Formula Elements in a CSV File
|
CVE-2020-28845
|
2024-11-21 14:23 |
2020-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199855
|
5.0 |
MEDIUM
Physics
|
linux
debian
|
linux_kernel
debian_linux
|
A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-28974
|
2024-11-21 14:23 |
2020-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199856
|
9.8 |
CRITICAL
Network
|
tp-link
|
wdr7400_firmware
wdr7500_firmware
wdr7660_firmware
wdr7800_firmware
wdr8400_firmware
wdr8500_firmware
wdr8600_firmware
wdr8620_firmware
wdr8640_firmware
wdr8660_firmware
Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-28877
|
2024-11-21 14:23 |
2020-11-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
199857
|
5.3 |
MEDIUM
Network
|
bigbluebutton
|
bigbluebutton
|
web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitization, as demonstrated by accepting control characters in a user name.
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2020-28954
|
2024-11-21 14:23 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199858
|
4.3 |
MEDIUM
Network
|
bigbluebutton
|
bigbluebutton
|
In BigBlueButton before 2.2.29, a user can vote more than once in a single poll.
|
NVD-CWE-noinfo
|
CVE-2020-28953
|
2024-11-21 14:23 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199859
|
7.5 |
HIGH
Network
|
rclone
fedoraproject
|
rclone
fedora
|
An issue was discovered in Rclone before 1.53.3. Due to the use of a weak random number generator, the password generator has been producing weak passwords with much less entropy than advertised. The…
|
CWE-331
CWE-338
Insufficient Entropy
Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
|
CVE-2020-28924
|
2024-11-21 14:23 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199860
|
9.8 |
CRITICAL
Network
|
openwrt
|
openwrt
|
libuci in OpenWrt before 18.06.9 and 19.x before 19.07.5 may encounter a use after free when using malicious package names. This is related to uci_parse_package in file.c and uci_strdup in util.c.
|
CWE-416
Use After Free
|
CVE-2020-28951
|
2024-11-21 14:23 |
2020-11-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
