|
210201
|
7.5 |
HIGH
Network
|
troglobit
|
uftpd
|
In uftpd before 2.12, handle_CWD in ftpcmd.c mishandled the path provided by the user, causing a NULL pointer dereference and denial of service, as demonstrated by a CWD /.. command.
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-14149
|
2024-11-21 14:02 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210202
|
7.5 |
HIGH
Network
|
barton
debian
fedoraproject
|
ngircd
debian_linux
fedora
|
The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-14148
|
2024-11-21 14:02 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210203
|
7.7 |
HIGH
Network
|
redislabs
oracle
suse
debian
|
redis
communications_operations_monitor
linux_enterprise
debian_linux
|
An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (me…
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2020-14147
|
2024-11-21 14:02 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210204
|
5.3 |
MEDIUM
Network
|
pcre
apple
gitlab
oracle
netapp
splunk
|
pcre
macos
gitlab
communications_cloud_native_core_policy
cloud_backup
steelstore_cloud_integrated_storage
ontap_select_deploy_administration_utility
clustered_data_ontap
acti…
|
libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-14155
|
2024-11-21 14:02 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210205
|
4.8 |
MEDIUM
Network
|
mutt
canonical
|
mutt
ubuntu_linux
|
Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate.
|
NVD-CWE-Other
|
CVE-2020-14154
|
2024-11-21 14:02 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210206
|
7.1 |
HIGH
Local
|
ijg
|
libjpeg
|
In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-14153
|
2024-11-21 14:02 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210207
|
7.1 |
HIGH
Local
|
ijg
debian
|
libjpeg
debian_linux
|
In IJG JPEG (aka libjpeg) before 9d, jpeg_mem_available() in jmemnobs.c in djpeg does not honor the max_memory_to_use setting, possibly causing excessive memory consumption.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-14152
|
2024-11-21 14:02 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210208
|
5.5 |
MEDIUM
Local
|
gnu
|
bison
|
GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe…
|
NVD-CWE-noinfo
|
CVE-2020-14150
|
2024-11-21 14:02 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210209
|
9.8 |
CRITICAL
Network
|
meetecho
|
janus
|
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_get_codec_from_pt in utils.c has a Buffer Overflow via long value in an SDP Offer packet.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-14034
|
2024-11-21 14:02 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210210
|
9.8 |
CRITICAL
Network
|
meetecho
|
janus
|
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_streaming_rtsp_parse_sdp in plugins/janus_streaming.c has a Buffer Overflow via a crafted RTSP server.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-14033
|
2024-11-21 14:02 |
2020-06-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
