|
208411
|
6.0 |
MEDIUM
Local
|
linux
fedoraproject
debian
canonical
|
linux_kernel
fedora
debian_linux
ubuntu_linux
|
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic…
|
CWE-193
Off-by-one Error
|
CVE-2020-27171
|
2024-11-21 14:20 |
2021-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208412
|
4.7 |
MEDIUM
Local
|
linux
fedoraproject
canonical
debian
|
linux_kernel
fedora
ubuntu_linux
debian_linux
|
An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spec…
|
CWE-203
Information Exposure Through Discrepancy
|
CVE-2020-27170
|
2024-11-21 14:20 |
2021-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208413
|
7.8 |
HIGH
Local
|
softaculous
|
softaculous
|
Softaculous before 5.5.7 is affected by a code execution vulnerability because of External Initialization of Trusted Variables or Data Stores. This leads to privilege escalation on the local host.
|
CWE-665
Improper Initialization
|
CVE-2020-26886
|
2024-11-21 14:20 |
2021-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208414
|
7.5 |
HIGH
Network
|
mediaarea
fedoraproject
|
mediainfo
fedora
|
Mediainfo before version 20.08 has a heap buffer overflow vulnerability via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-26797
|
2024-11-21 14:20 |
2021-03-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208415
|
4.3 |
MEDIUM
Physics
|
hamilton-medical
|
hamilton-t1_firmware
|
In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, an XML validation vulnerability in the ventilator allows privileged attackers with physical access to render the device persistently un…
|
-
|
CVE-2020-27282
|
2024-11-21 14:20 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208416
|
5.2 |
MEDIUM
Physics
|
hamilton-medical
|
hamilton-t1_firmware
|
In Hamilton Medical AG,T1-Ventillator versions 2.2.3 and prior, hard-coded credentials in the ventilator allow attackers with physical access to obtain admin privileges for the device’s configuration…
|
-
|
CVE-2020-27278
|
2024-11-21 14:20 |
2021-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208417
|
7.8 |
HIGH
Local
|
eclipse
|
platform
|
In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue a…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-27225
|
2024-11-21 14:20 |
2021-03-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208418
|
5.3 |
MEDIUM
Network
|
eclipse
apache
netapp
debian
oracle
|
jetty
spark
nifi
snap_creator_framework
snapcenter
snapmanager
hci
solidfire
hci_management_node
e-series_santricity_web_services
element_plug-in_for_vcenter_server
e…
|
In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 (inclusive), 10.0.0, and 11.0.0 when Jetty handles a request containing multiple Accept headers with a large number of “quality” (i.e. q) paramete…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-27223
|
2024-11-21 14:20 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208419
|
9.6 |
CRITICAL
Network
|
eclipse
|
theia
|
In Eclipse Theia versions up to and including 1.2.0, the Markdown Preview (@theia/preview), can be exploited to execute arbitrary code.
|
CWE-79
Cross-site Scripting
|
CVE-2020-27224
|
2024-11-21 14:20 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208420
|
5.4 |
MEDIUM
Network
|
fastadmin
|
fastadmin
|
fastadmin V1.0.0.20200506_beta contains a cross-site scripting (XSS) vulnerability which may allow an attacker to obtain administrator credentials to log in to the background.
|
CWE-79
Cross-site Scripting
|
CVE-2020-26609
|
2024-11-21 14:20 |
2021-02-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
