|
202241
|
7.8 |
HIGH
Local
|
pixar
|
openusd
|
A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep arrays in binary USD files. A specially crafted malformed file can trigger a heap overflow, which ca…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-6155
|
2024-11-21 14:35 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202242
|
7.8 |
HIGH
Local
|
pixar
|
openusd
|
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software USDC file format SPECS section decompression heap overflow.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-6150
|
2024-11-21 14:35 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202243
|
7.8 |
HIGH
Local
|
pixar
|
openusd
|
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provi…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-6149
|
2024-11-21 14:35 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202244
|
7.8 |
HIGH
Local
|
pixar
|
openusd
|
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. An instance exists in USDC file format FIELDSETS section decompression he…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-6148
|
2024-11-21 14:35 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202245
|
7.8 |
HIGH
Local
|
pixar
apple
|
openusd
iphone_os
ipados
|
A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-6147
|
2024-11-21 14:35 |
2020-11-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202246
|
4.3 |
MEDIUM
Network
|
sap
|
s\/4hana
erp
|
SAP ERP and SAP S/4 HANA allows an authenticated user to see cost records to objects to which he has no authorization in PS reporting, leading to Missing Authorization check.
|
CWE-862
Missing Authorization
|
CVE-2020-6316
|
2024-11-21 14:35 |
2020-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202247
|
6.5 |
MEDIUM
Network
|
google
debian
fedoraproject
opensuse
|
chrome
debian_linux
fedora
backports_sle
|
Inappropriate implementation in networking in Google Chrome prior to 86.0.4240.75 allowed a remote attacker to perform domain spoofing via a crafted HTML page.
|
NVD-CWE-noinfo
|
CVE-2020-6557
|
2024-11-21 14:35 |
2020-11-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202248
|
7.8 |
HIGH
Local
|
checkpoint
|
zonealarm
|
Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware.
|
NVD-CWE-noinfo
|
CVE-2020-6023
|
2024-11-21 14:35 |
2020-10-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202249
|
4.8 |
MEDIUM
Network
|
sap
|
netweaver_design_time_repository
|
SAP NetWeaver Design Time Repository (DTR), versions - 7.11, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2020-6370
|
2024-11-21 14:35 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202250
|
5.9 |
MEDIUM
Network
|
sap
|
solution_manager
focused_run
|
SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10.5, 10.7), allows an unauthenticated attackers to bypass the authentication if the default passwords fo…
|
NVD-CWE-Other
|
CVE-2020-6369
|
2024-11-21 14:35 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
