|
196181
|
5.5 |
MEDIUM
Local
|
freebsd
|
freebsd
|
In 11.4-PRERELEASE before r360733 and 11.3-RELEASE before p13, improper mbuf handling in the kernel causes a use-after-free bug by sending IPv6 Hop-by-Hop options over the loopback interface. The use…
|
CWE-416
Use After Free
|
CVE-2020-7462
|
2024-11-21 14:37 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196182
|
7.3 |
HIGH
Network
|
freebsd
siemens
|
freebsd
simatic_rf350m_firmware
simatic_rf650m_firmware
|
In FreeBSD 12.1-STABLE before r365010, 11.4-STABLE before r365011, 12.1-RELEASE before p9, 11.4-RELEASE before p3, and 11.3-RELEASE before p13, dhclient(8) fails to handle certain malformed input rel…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-7461
|
2024-11-21 14:37 |
2021-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196183
|
7.8 |
HIGH
Local
|
hmtalk
|
daviewindy
|
DaviewIndy has a Heap-based overflow vulnerability, triggered when the user opens a malformed ex.j2c format file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code exec…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-7852
|
2024-11-21 14:37 |
2021-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196184
|
9.8 |
CRITICAL
Network
|
tobesoft
|
xplatform
|
An outbound read/write vulnerability exists in XPLATFORM that does not check offset input ranges, allowing out-of-range data to be read. An attacker can exploit arbitrary code execution.
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2020-7853
|
2024-11-21 14:37 |
2021-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196185
|
9.8 |
CRITICAL
Network
|
markany
|
maepsbroker
|
In MaEPSBroker 2.5.0.31 and prior, a command injection vulnerability caused by improper input validation checks when parsing brokerCommand parameter.
|
CWE-20
Improper Input Validation
|
CVE-2020-7839
|
2024-11-21 14:37 |
2021-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196186
|
7.8 |
HIGH
Local
|
mcafee
|
data_loss_prevention
|
Privilege Escalation vulnerability in McAfee Data Loss Prevention (DLP) for Windows prior to 11.6.100 allows a local, low privileged, attacker through the use of junctions to cause the product to loa…
|
CWE-59
Link Following
|
CVE-2020-7346
|
2024-11-21 14:37 |
2021-03-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196187
|
7.8 |
HIGH
Local
|
voiceye_wsactivebridgees_project
|
voiceye_wsactivebridges
|
VOICEYE WSActiveBridgeES versions prior to 2.1.0.3 contains a stack-based buffer overflow vulnerability caused by improper bound checking parameter given by attack. It finally leads to a stack-based …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-7836
|
2024-11-21 14:37 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196188
|
8.8 |
HIGH
Network
|
cnesty
|
helpcom
|
Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcoded cryptographic key. It finally leads to a file download and execution via access to crafted web pa…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-7846
|
2024-11-21 14:37 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196189
|
8.0 |
HIGH
Adjacent
|
iptime
|
nas-i_firmware
nas-ii_firmware
nas-iie_firmware
nas101_firmware
nas1dual_firmware
nas2dual_firmware
nas3_firmware
nas4_firmware
nas4dual_firmware
|
The ipTIME NAS product allows an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. This issue affects: pTIME NAS 1.4.36.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-7847
|
2024-11-21 14:37 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196190
|
8.8 |
HIGH
Network
|
uprism
|
curix
|
A vulnerability of uPrism.io CURIX(Video conferecing solution) could allow an unauthenticated attacker to execute arbitrary code. This vulnerability is due to insufficient input(server domain) valida…
|
CWE-20
Improper Input Validation
|
CVE-2020-7849
|
2024-11-21 14:37 |
2021-02-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
