|
211151
|
6.5 |
MEDIUM
Network
|
mikrotik
|
routeros
|
Mikrotik RouterOs 6.44.6 (long-term tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via th…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-20218
|
2024-11-21 14:11 |
2021-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211152
|
6.1 |
MEDIUM
Network
|
dogtagpki
|
dogtagpki
|
A flaw was found in the Key Recovery Authority (KRA) Agent Service in pki-core 10.10.5 where it did not properly sanitize the recovery ID during a key recovery request, enabling a reflected cross-sit…
|
-
|
CVE-2020-1721
|
2024-11-21 14:11 |
2021-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211153
|
9.8 |
CRITICAL
Network
|
apache
debian
fedoraproject
|
spamassassin
debian_linux
fedora
|
In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of…
|
CWE-78
OS Command
|
CVE-2020-1946
|
2024-11-21 14:11 |
2021-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211154
|
5.9 |
MEDIUM
Network
|
apache
|
hive
|
Apache Hive cookie signature verification used a non constant time comparison which is known to be vulnerable to timing attacks. This could allow recovery of another users cookie signature. The issue…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2020-1926
|
2024-11-21 14:11 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211155
|
9.8 |
CRITICAL
Network
|
facebook
|
hhvm
|
When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalid…
|
CWE-416
Use After Free
|
CVE-2020-1900
|
2024-11-21 14:11 |
2021-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211156
|
7.5 |
HIGH
Network
|
facebook
|
hhvm
|
The unserialize() function supported a type code, "S", which was meant to be supported only for APC serialization. This type code allowed arbitrary memory addresses to be accessed as if they were sta…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2020-1899
|
2024-11-21 14:11 |
2021-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211157
|
7.5 |
HIGH
Network
|
facebook
|
hhvm
|
The fb_unserialize function did not impose a depth limit for nested deserialization. That meant a maliciously constructed string could cause deserialization to recurse, leading to stack exhaustion. T…
|
CWE-674
Uncontrolled Recursion
|
CVE-2020-1898
|
2024-11-21 14:11 |
2021-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211158
|
7.5 |
HIGH
Network
|
facebook
|
hhvm
|
In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within the buffer. This issue affects HHVM versions prior to 4.56.3…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-1921
|
2024-11-21 14:11 |
2021-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211159
|
7.5 |
HIGH
Network
|
facebook
|
hhvm
|
Incorrect bounds calculations in substr_compare could lead to an out-of-bounds read when the second string argument passed in is longer than the first. This issue affects HHVM versions prior to 4.56.…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-1919
|
2024-11-21 14:11 |
2021-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211160
|
7.5 |
HIGH
Network
|
facebook
|
hhvm
|
In-memory file operations (ie: using fopen on a data URI) did not properly restrict negative seeking, allowing for the reading of memory prior to the in-memory buffer. This issue affects HHVM version…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-1918
|
2024-11-21 14:11 |
2021-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
