|
210091
|
8.6 |
HIGH
Network
|
perl
fedoraproject
opensuse
netapp
oracle
|
perl
fedora
leap
snap_creator_framework
oncommand_workflow_automation
communications_eagle_lnp_application_processor
sd-wan_aware
enterprise_manager_base_platform
communicatio…
|
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of in…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-10878
|
2024-11-21 13:56 |
2020-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210092
|
9.8 |
CRITICAL
Network
|
octobercms
|
debugbar
|
The October CMS debugbar plugin before version 3.1.0 contains a feature where it will log all requests (and all information pertaining to each request including session data) whenever it is enabled. …
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-11094
|
2024-11-21 13:56 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210093
|
5.8 |
MEDIUM
Network
|
weave
|
weave_net
|
In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a clus…
|
-
|
CVE-2020-11091
|
2024-11-21 13:56 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210094
|
7.5 |
HIGH
Network
|
nghttp2
debian
opensuse
fedoraproject
oracle
nodejs
|
nghttp2
debian_linux
leap
fedora
enterprise_communications_broker
graalvm
mysql
blockchain_platform
banking_extensibility_workbench
node.js
|
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a…
|
-
|
CVE-2020-11080
|
2024-11-21 13:56 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210095
|
6.1 |
MEDIUM
Network
|
mediawiki
|
mediawiki
|
resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page.
|
CWE-601
Open Redirect
|
CVE-2020-10959
|
2024-11-21 13:56 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210096
|
5.5 |
MEDIUM
Network
|
freerdp
opensuse
debian
|
freerdp
leap
debian_linux
|
In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, se…
|
-
|
CVE-2020-11089
|
2024-11-21 13:56 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210097
|
5.4 |
MEDIUM
Network
|
freerdp
opensuse
debian
|
freerdp
leap
debian_linux
|
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0.
|
-
|
CVE-2020-11088
|
2024-11-21 13:56 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210098
|
5.4 |
MEDIUM
Network
|
freerdp
opensuse
debian
|
freerdp
leap
debian_linux
|
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0.
|
-
|
CVE-2020-11087
|
2024-11-21 13:56 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210099
|
5.4 |
MEDIUM
Network
|
freerdp
opensuse
debian
|
freerdp
leap
debian_linux
|
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1…
|
-
|
CVE-2020-11086
|
2024-11-21 13:56 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210100
|
3.5 |
LOW
Network
|
freerdp
opensuse
debian
|
freerdp
leap
debian_linux
|
In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0.
|
-
|
CVE-2020-11085
|
2024-11-21 13:56 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
