|
209381
|
9.1 |
CRITICAL
Network
|
contiki-ng
|
contiki-ng
|
Memory access out of buffer boundaries issues was discovered in Contiki-NG 4.4 through 4.5, in the SNMP BER encoder/decoder. The length of provided input/output buffers is insufficiently verified dur…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2020-14937
|
2024-11-21 14:04 |
2020-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209382
|
9.8 |
CRITICAL
Network
|
contiki-ng
|
contiki-ng
|
Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. Functions parsing the OIDs in SNMP requests lack sufficient allocated target-buffer capacity verification when writi…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-14936
|
2024-11-21 14:04 |
2020-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209383
|
9.8 |
CRITICAL
Network
|
contiki-ng
|
contiki-ng
|
Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP bulk get request response encoding function. The function parsing the received SNMP request does not verify the input messa…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-14935
|
2024-11-21 14:04 |
2020-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209384
|
9.8 |
CRITICAL
Network
|
contiki-ng
|
contiki-ng
|
Buffer overflows were discovered in Contiki-NG 4.4 through 4.5, in the SNMP agent. The function parsing the received SNMP request does not verify the input message's requested variables against the c…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-14934
|
2024-11-21 14:04 |
2020-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209385
|
9.1 |
CRITICAL
Network
|
ftp-srv_project
|
ftp-srv
|
ftp-srv is an npm package which is a modern and extensible FTP server designed to be simple yet configurable. In ftp-srv before versions 2.19.6, 3.1.2, and 4.3.4 are vulnerable to Server-Side Request…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-15152
|
2024-11-21 14:04 |
2020-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209386
|
9.0 |
CRITICAL
Network
|
openapi-python-client_project
|
openapi-python-client
|
In openapi-python-client before version 0.5.3, clients generated with a maliciously crafted OpenAPI Document can generate arbitrary Python code. Subsequent execution of this malicious client is arbit…
|
CWE-94
Code Injection
|
CVE-2020-15142
|
2024-11-21 14:04 |
2020-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209387
|
4.1 |
MEDIUM
Network
|
openapi-python-client_project
|
openapi-python-client
|
In openapi-python-client before version 0.5.3, there is a path traversal vulnerability. If a user generated a client using a maliciously crafted OpenAPI document, it is possible for generated files t…
|
-
|
CVE-2020-15141
|
2024-11-21 14:04 |
2020-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209388
|
8.2 |
HIGH
Local
|
getcomposer
|
composer-setup
|
In Composer-Setup for Windows before version 6.0.0, if the developer's computer is shared with other users, a local attacker may be able to exploit the following scenarios. 1. A local regular user ma…
|
-
|
CVE-2020-15145
|
2024-11-21 14:04 |
2020-08-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209389
|
5.9 |
MEDIUM
Physics
|
horndis_project
|
horndis
|
All versions of HoRNDIS are affected by an integer overflow in the RNDIS packet parsing routines. A malicious USB device can trigger disclosure of unrelated kernel memory to userspace applications on…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-15137
|
2024-11-21 14:04 |
2020-08-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209390
|
6.1 |
MEDIUM
Network
|
getsymphony
|
symphony
|
content/content.blueprintsevents.php in Symphony CMS 3.0.0 allows XSS via fields['name'] to appendSubheading.
|
CWE-79
Cross-site Scripting
|
CVE-2020-15071
|
2024-11-21 14:04 |
2020-08-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
