|
197711
|
5.4 |
MEDIUM
Network
|
servicerocket
|
linking
|
A vulnerability classified as problematic has been found in Linking. This affects an unknown part of the component New Windows Macro. The manipulation leads to cross site scripting. It is possible to…
|
CWE-79
Cross-site Scripting
|
CVE-2020-36525
|
2024-11-21 14:29 |
2022-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197712
|
5.4 |
MEDIUM
Network
|
refined
|
refined_toolkit
|
A vulnerability was found in Refined Toolkit. It has been rated as problematic. Affected by this issue is some unknown functionality of the component UI-Image/UI-Button. The manipulation leads to cro…
|
CWE-79
Cross-site Scripting
|
CVE-2020-36524
|
2024-11-21 14:29 |
2022-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197713
|
5.4 |
MEDIUM
Network
|
avono
|
plantuml
|
A vulnerability was found in PlantUML 6.43. It has been declared as problematic. Affected by this vulnerability is the component Database Information Macro. The manipulation leads to cross site scrip…
|
CWE-79
Cross-site Scripting
|
CVE-2020-36523
|
2024-11-21 14:29 |
2022-06-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197714
|
4.9 |
MEDIUM
Network
|
mimecast
|
email_security
|
Mimecast Email Security before 2020-01-10 allows any admin to spoof any domain, and pass DMARC alignment via SPF. This occurs through misuse of the address rewrite feature. (The domain being spoofed …
|
NVD-CWE-noinfo
|
CVE-2020-36519
|
2024-11-21 14:29 |
2022-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197715
|
7.5 |
HIGH
Network
|
fasterxml
oracle
debian
netapp
|
jackson-databind
weblogic_server
commerce_platform
utilities_framework
peoplesoft_enterprise_peopletools
primavera_unifier
sd-wan_edge
coherence
global_lifecycle_management_ne…
|
jackson-databind before 2.13.0 allows a Java StackOverflow exception and denial of service via a large depth of nested objects.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-36518
|
2024-11-21 14:29 |
2022-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197716
|
7.5 |
HIGH
Network
|
home-assistant
|
home-assistant
|
An information leak in Nabu Casa Home Assistant Operating System and Home Assistant Supervised 2022.03 allows a DNS operator to gain knowledge about internal network resources via the hardcoded DNS r…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2020-36517
|
2024-11-21 14:29 |
2022-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197717
|
6.1 |
MEDIUM
Network
|
codetipi
|
15zine
|
The 15Zine WordPress theme before 3.3.0 does not sanitise and escape the cbi parameter before outputing it back in the response via the cb_s_a AJAX action, leading to a Reflected Cross-Site Scripting
|
-
|
CVE-2020-36510
|
2024-11-21 14:29 |
2022-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197718
|
5.9 |
MEDIUM
Network
|
linux
netapp
|
linux_kernel
solidfire_\&_hci_management_node
cloud_volumes_ontap_mediator
solidfire\
_enterprise_sds_\&_hci_storage_node
e-series_santricity_os_controller
h300s_firmware
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP…
|
CWE-327
Use of a Broken or Risky Cryptographic Algorithm
|
CVE-2020-36516
|
2024-11-21 14:29 |
2022-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
|
197719
|
9.8 |
CRITICAL
Network
|
acc_reader_project
|
acc_reader
|
An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. fill_buf may read from uninitialized memory locations.
|
CWE-908
Use of Uninitialized Resource
|
CVE-2020-36514
|
2024-11-21 14:29 |
2021-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197720
|
9.8 |
CRITICAL
Network
|
acc_reader_project
|
acc_reader
|
An issue was discovered in the acc_reader crate through 2020-12-27 for Rust. read_up_to may read from uninitialized memory locations.
|
CWE-908
Use of Uninitialized Resource
|
CVE-2020-36513
|
2024-11-21 14:29 |
2021-12-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
