|
209561
|
7.8 |
HIGH
Local
|
deltaww
|
cncsoft_screeneditor
|
A stack-based buffer overflow may exist in Delta Electronics CNCSoft ScreenEditor versions 1.01.26 and prior when processing specially crafted project files, which may allow an attacker to execute ar…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27281
|
2024-11-21 14:20 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209562
|
7.8 |
HIGH
Local
|
deltaww
|
dopsoft
|
Delta Electronics DOPSoft Version 4.0.8.21 and prior has a null pointer dereference issue while processing project files, which may allow an attacker to execute arbitrary code.
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-27277
|
2024-11-21 14:20 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209563
|
7.8 |
HIGH
Local
|
deltaww
|
dopsoft
|
Delta Electronics DOPSoft Version 4.0.8.21 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27275
|
2024-11-21 14:20 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209564
|
5.5 |
MEDIUM
Local
|
ethereum
|
aleth
|
A stack overflow vulnerability in Aleth Ethereum C++ client version <= 1.8.0 using a specially crafted a config.json file may result in a denial of service.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-26800
|
2024-11-21 14:20 |
2021-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209565
|
7.8 |
HIGH
Local
|
videolan
debian
|
vlc_media_player
debian_linux
|
A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-26664
|
2024-11-21 14:20 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209566
|
5.4 |
MEDIUM
Network
|
innokasmedical
|
vital_signs_monitor_vc150_firmware
|
Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7.15 A stored cross-site scripting (XSS) vulnerability exists in the affected products that allow an attacker to inject arbitrary web sc…
|
CWE-79
Cross-site Scripting
|
CVE-2020-27262
|
2024-11-21 14:20 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209567
|
5.3 |
MEDIUM
Physics
|
innokasmedical
|
vital_signs_monitor_vc150_firmware
|
Innokas Yhtymä Oy Vital Signs Monitor VC150 prior to Version 1.7.15 HL7 v2.x injection vulnerabilities exist in the affected products that allow physically proximate attackers with a connected barcod…
|
CWE-74
Injection
|
CVE-2020-27260
|
2024-11-21 14:20 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209568
|
8.8 |
HIGH
Network
|
restaurant_reservation_system_project
|
restaurant_reservation_system
|
Restaurant Reservation System 1.0 suffers from an authenticated SQL injection vulnerability, which allows a remote, authenticated attacker to execute arbitrary SQL commands via the date parameter in …
|
CWE-89
SQL Injection
|
CVE-2020-26773
|
2024-11-21 14:20 |
2021-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209569
|
6.1 |
MEDIUM
Network
|
mozilla
|
firefox
|
When a user typed a URL in the address bar or the search bar and quickly hit the enter key, a website could sometimes capture that event and then redirect the user before navigation occurred to the d…
|
CWE-601
Open Redirect
|
CVE-2020-26979
|
2024-11-21 14:20 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209570
|
6.1 |
MEDIUM
Network
|
mozilla
|
firefox_esr
thunderbird
firefox
|
Using techniques that built on the slipstream research, a malicious webpage could have exposed both an internal network's hosts as well as services running on the user's local machine. This vulnerabi…
|
NVD-CWE-noinfo
|
CVE-2020-26978
|
2024-11-21 14:20 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
