|
196731
|
6.5 |
MEDIUM
Network
|
mozilla
|
thunderbird
|
When processing a message that contains multiple S/MIME signatures, a bug in the MIME processing code caused a null pointer dereference, leading to an unexploitable crash. This vulnerability affects …
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-6795
|
2024-11-21 14:36 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196732
|
6.5 |
MEDIUM
Network
|
mozilla
canonical
|
thunderbird
ubuntu_linux
|
If a user saved passwords before Thunderbird 60 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored password file was no…
|
CWE-312
CWE-459
CWE-522
Cleartext Storage of Sensitive Information
Incomplete Cleanup
Insufficiently Protected Credentials
|
CVE-2020-6794
|
2024-11-21 14:36 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196733
|
6.5 |
MEDIUM
Network
|
mozilla
|
thunderbird
|
When processing an email message with an ill-formed envelope, Thunderbird could read data from a random memory location. This vulnerability affects Thunderbird < 68.5.
|
CWE-908
Use of Uninitialized Resource
|
CVE-2020-6793
|
2024-11-21 14:36 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196734
|
4.3 |
MEDIUM
Network
|
mozilla
canonical
|
thunderbird
ubuntu_linux
|
When deriving an identifier for an email message, uninitialized memory was used in addition to the message contents. This vulnerability affects Thunderbird < 68.5.
|
CWE-908
CWE-909
Use of Uninitialized Resource
Missing Initialization of Resource
|
CVE-2020-6792
|
2024-11-21 14:36 |
2020-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196735
|
6.1 |
MEDIUM
Network
|
mozilla
|
webthings_gateway
|
A reflected XSS vulnerability exists within the gateway, allowing an attacker to craft a specialized URL which could steal the user's authentication token. When combined with CVE-2020-6803, an attack…
|
CWE-79
Cross-site Scripting
|
CVE-2020-6804
|
2024-11-21 14:36 |
2020-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196736
|
6.1 |
MEDIUM
Network
|
mozilla
|
webthings_gateway
|
An open redirect is present on the gateway's login page, which could cause a user to be redirected to a malicious site after logging in.
|
CWE-601
Open Redirect
|
CVE-2020-6803
|
2024-11-21 14:36 |
2020-02-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196737
|
5.3 |
MEDIUM
Network
|
php
tenable
debian
opensuse
|
php
tenable.sc
debian_linux
leap
|
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when creating PHAR archive using PharData::buildFromIterator() function, the files are added with default permissions (06…
|
CWE-281
Improper Preservation of Permissions
|
CVE-2020-7063
|
2024-11-21 14:36 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196738
|
7.5 |
HIGH
Network
|
php
opensuse
debian
canonical
|
php
leap
debian_linux
ubuntu_linux
|
In PHP versions 7.2.x below 7.2.28, 7.3.x below 7.3.15 and 7.4.x below 7.4.3, when using file upload functionality, if upload progress tracking is enabled, but session.upload_progress.cleanup is set …
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-7062
|
2024-11-21 14:36 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196739
|
9.1 |
CRITICAL
Network
|
php
tenable
|
php
tenable.sc
|
In PHP versions 7.3.x below 7.3.15 and 7.4.x below 7.4.3, while extracting PHAR files on Windows using phar extension, certain content inside PHAR file could lead to one-byte read past the allocated …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-7061
|
2024-11-21 14:36 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196740
|
9.1 |
CRITICAL
Network
|
openfortivpn_project
fedoraproject
opensuse
|
openfortivpn
fedora
leap
backports_sle
|
An issue was discovered in openfortivpn 1.11.0 when used with OpenSSL before 1.0.2. tunnel.c mishandles certificate validation because hostname comparisons do not consider '\0' characters, as demonst…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-7043
|
2024-11-21 14:36 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
