|
209441
|
6.1 |
MEDIUM
Network
|
elkarbackup
|
elkarbackup
|
Cross Site Scripting (XSS) vulnerability in ElkarBackup 1.3.3, allows attackers to execute arbitrary code via the name parameter to the add client feature.
|
CWE-79
Cross-site Scripting
|
CVE-2020-35249
|
2024-11-21 14:27 |
2021-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209442
|
7.5 |
HIGH
Network
|
expertpdf
|
expertpdf
|
A local file inclusion vulnerability in ExpertPDF 9.5.0 through 14.1.0 allows attackers to read the file contents from files that the running ExpertPDF process has access to read.
|
CWE-552
Files or Directories Accessible to External Parties
|
CVE-2020-35340
|
2024-11-21 14:27 |
2021-09-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209443
|
8.8 |
HIGH
Network
|
cgal
debian
|
computational_geometry_algorithms_library
debian_linux
|
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() store_sm_boundary_item() Sloop_of OOB r…
|
-
|
CVE-2020-35635
|
2024-11-21 14:27 |
2021-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209444
|
8.8 |
HIGH
Network
|
cgal
debian
|
computational_geometry_algorithms_library
debian_linux
|
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() s…
|
-
|
CVE-2020-35634
|
2024-11-21 14:27 |
2021-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209445
|
8.8 |
HIGH
Network
|
cgal
debian
|
computational_geometry_algorithms_library
debian_linux
|
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser<EW>::read_sface() s…
|
-
|
CVE-2020-35633
|
2024-11-21 14:27 |
2021-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209446
|
7.5 |
HIGH
Network
|
hcc-embedded
siemens
|
nichestack
7km9300-0ae02-0aa0_firmware
|
An issue was discovered in HCC Nichestack 3.0. The code that parses ICMP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the ICMP checksum. When …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-35683
|
2024-11-21 14:27 |
2021-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209447
|
9.1 |
CRITICAL
Network
|
hcc-embedded
siemens
|
nichestack
sentron_3wa_com190_firmware
sentron_3wl_com35_firmware
|
An issue was discovered in HCC Nichestack 3.0. The code that generates Initial Sequence Numbers (ISNs) for TCP connections derives the ISN from an insufficiently random source. As a result, an attack…
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2020-35685
|
2024-11-21 14:27 |
2021-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209448
|
7.5 |
HIGH
Network
|
hcc-embedded
siemens
|
nichestack
sentron_3wl_com35_firmware
sentron_3wa_com190_firmware
|
An issue was discovered in HCC Nichestack 3.0. The code that parses TCP packets relies on an unchecked value of the IP payload size (extracted from the IP header) to compute the length of the TCP pay…
|
CWE-20
Improper Input Validation
|
CVE-2020-35684
|
2024-11-21 14:27 |
2021-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209449
|
9.8 |
CRITICAL
Network
|
phpgurukul
|
employee_record_management_system
|
SQL injection vulnerability in PHPGurukul Employee Record Management System 1.1 allows remote attackers to execute arbitrary SQL commands and bypass authentication.
|
CWE-89
SQL Injection
|
CVE-2020-35427
|
2024-11-21 14:27 |
2021-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209450
|
6.1 |
MEDIUM
Network
|
fiyo
|
fiyo_cms
|
In Fiyo CMS 2.0.6.1, the 'tag' parameter results in an unauthenticated XSS attack.
|
CWE-79
Cross-site Scripting
|
CVE-2020-35373
|
2024-11-21 14:27 |
2021-06-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
