|
210541
|
4.3 |
MEDIUM
Network
|
dovecot
fedoraproject
|
dovecot
fedora
|
The Sieve engine in Dovecot before 2.3.15 allows Uncontrolled Resource Consumption, as demonstrated by a situation with a complex regular expression for the regex extension.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2020-28200
|
2024-11-21 14:22 |
2021-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210542
|
5.9 |
MEDIUM
Physics
|
linux
netapp
|
linux_kernel
cloud_backup
h410c_firmware
h300s_firmware
h500s_firmware
h700s_firmware
h300e_firmware
h500e_firmware
h700e_firmware
h410s_firmware
|
The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka CID-973c096f6a85.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-28097
|
2024-11-21 14:22 |
2021-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210543
|
7.5 |
HIGH
Network
|
gulpjs
oracle
|
glob-parent
communications_cloud_native_core_policy
|
This affects the package glob-parent before 5.1.2. The enclosure regex used to check for strings ending in enclosure containing path separator.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-28469
|
2024-11-21 14:22 |
2021-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210544
|
9.8 |
CRITICAL
Network
|
articlecms_project
|
articlecms
|
A file upload issue exists in all versions of ArticleCMS which allows malicious users to getshell.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-28063
|
2024-11-21 14:22 |
2021-05-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210545
|
7.5 |
HIGH
Network
|
siemens
|
scalance_xm-400_firmware
scalance_xr524_firmware
scalance_xr526_firmware
scalance_xr528_firmware
scalance_xr552_firmware
scalance_xm416-4c_firmware
scalance_xm408-8c_firmware
sca…
|
An unauthenticated remote attacker could create a permanent denial-of-service condition by sending specially crafted OSPF packets. Successful exploitation requires OSPF to be enabled on an affected d…
|
-
|
CVE-2020-28393
|
2024-11-21 14:22 |
2021-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210546
|
7.8 |
HIGH
Local
|
openscad
|
openscad
|
An out-of-bounds write vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-28600
|
2024-11-21 14:22 |
2021-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210547
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
An information disclosure vulnerability exists in the /proc/pid/syscall functionality of Linux Kernel 5.1 Stable and 5.4.66. More specifically, this issue has been introduced in v5.1-rc4 (commit 631b…
|
CWE-681
Incorrect Conversion between Numeric Types
|
CVE-2020-28588
|
2024-11-21 14:22 |
2021-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210548
|
7.0 |
HIGH
Local
|
ibm
|
tivoli_storage_manager
|
The 'id' parameter of IBM Tivoli Storage Manager Version 5 Release 2 (Command Line Administrative Interface, dsmadmc.exe) is vulnerable to an exploitable stack buffer overflow. Note: the vulnerabilit…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-28198
|
2024-11-21 14:22 |
2021-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210549
|
9.8 |
CRITICAL
Network
|
exim
|
exim
|
Exim 4 before 4.94.2 has Improper Neutralization of Line Delimiters, relevant in non-default configurations that enable Delivery Status Notification (DSN). Certain uses of ORCPT= can place a newline …
|
NVD-CWE-Other
|
CVE-2020-28026
|
2024-11-21 14:22 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210550
|
7.5 |
HIGH
Network
|
exim
|
exim
|
Exim 4 before 4.94.2 allows Out-of-bounds Read because pdkim_finish_bodyhash does not validate the relationship between sig->bodyhash.len and b->bh.len; thus, a crafted DKIM-Signature header might le…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-28025
|
2024-11-21 14:22 |
2021-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
