|
201381
|
8.8 |
HIGH
Network
|
netgear
|
gs116e_firmware
jgs516pe_firmware
|
The CSRF protection mechanism implemented in the web administration panel on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices could be bypassed by omitting the CSRF token parameter in HTTP requests.
|
CWE-352
Origin Validation Error
|
CVE-2020-35223
|
2024-11-21 14:27 |
2021-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201382
|
8.8 |
HIGH
Adjacent
|
netgear
|
gs116e_firmware
jgs516pe_firmware
|
The hashing algorithm implemented for NSDP password authentication on NETGEAR JGS516PE/GS116Ev2 v2.6.0.43 devices was found to be insecure, allowing attackers (with access to a network capture) to qu…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2020-35221
|
2024-11-21 14:27 |
2021-03-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201383
|
7.8 |
HIGH
Local
|
libtiff
debian
fedoraproject
netapp
redhat
|
libtiff
debian_linux
fedora
ontap_select_deploy_administration_utility
enterprise_linux
|
A heap-based buffer overflow flaw was found in libtiff in the handling of TIFF images in libtiff's TIFF2PDF tool. A specially crafted TIFF file can lead to arbitrary code execution. The highest threa…
|
-
|
CVE-2020-35524
|
2024-11-21 14:27 |
2021-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201384
|
7.8 |
HIGH
Local
|
libtiff
debian
netapp
redhat
|
libtiff
debian_linux
ontap_select_deploy_administration_utility
enterprise_linux
|
An integer overflow flaw was found in libtiff that exists in the tif_getimage.c file. This flaw allows an attacker to inject and execute arbitrary code when a user opens a crafted TIFF file. The high…
|
-
|
CVE-2020-35523
|
2024-11-21 14:27 |
2021-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201385
|
5.5 |
MEDIUM
Local
|
libtiff
netapp
fedoraproject
redhat
|
libtiff
ontap_select_deploy_administration_utility
fedora
enterprise_linux
|
In LibTIFF, there is a memory malloc failure in tif_pixarlog.c. A crafted TIFF document can lead to an abort, resulting in a remote denial of service attack.
|
-
|
CVE-2020-35522
|
2024-11-21 14:27 |
2021-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201386
|
5.5 |
MEDIUM
Local
|
libtiff
redhat
fedoraproject
netapp
|
libtiff
enterprise_linux
fedora
ontap_select_deploy_administration_utility
|
A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.
|
-
|
CVE-2020-35521
|
2024-11-21 14:27 |
2021-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201387
|
4.7 |
MEDIUM
Local
|
apache
|
oozie
|
There is a race condition in OozieSharelibCLI in Apache Oozie before version 5.2.1 which allows a malicious attacker to replace the files in Oozie's sharelib during it's creation.
|
CWE-362
Race Condition
|
CVE-2020-35451
|
2024-11-21 14:27 |
2021-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201388
|
6.1 |
MEDIUM
Network
|
zohocorp
|
manageengine_admanager_plus
|
Zoho ManageEngine ADManager Plus before 7066 allows XSS.
|
CWE-79
Cross-site Scripting
|
CVE-2020-35594
|
2024-11-21 14:27 |
2021-03-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201389
|
9.8 |
CRITICAL
Network
|
cgal
debian
|
computational_geometry_algorithms_library
debian_linux
|
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume() OOB read. A specially cra…
|
-
|
CVE-2020-35636
|
2024-11-21 14:27 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201390
|
9.8 |
CRITICAL
Network
|
cgal
fedoraproject
debian
|
computational_geometry_algorithms_library
fedora
debian_linux
|
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->…
|
-
|
CVE-2020-35628
|
2024-11-21 14:27 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
