|
209931
|
8.1 |
HIGH
Network
|
schedmd
fedoraproject
opensuse
debian
|
slurm
fedora
leap
debian_linux
|
Slurm 19.05.x before 19.05.7 and 20.02.x before 20.02.3, in the rare case where Message Aggregation is enabled, allows Authentication Bypass via an Alternate Path or Channel. A race condition allows …
|
NVD-CWE-Other
|
CVE-2020-12693
|
2024-11-21 14:00 |
2020-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209932
|
6.1 |
MEDIUM
Network
|
contentful
|
python_example
|
Contentful through 2020-05-21 for Python allows reflected XSS, as demonstrated by the api parameter to the-example-app.py.
|
CWE-79
Cross-site Scripting
|
CVE-2020-13258
|
2024-11-21 14:00 |
2020-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209933
|
8.2 |
HIGH
Network
|
libexif_project
debian
canonical
opensuse
|
libexif
debian_linux
ubuntu_linux
leap
|
An issue was discovered in libexif before 0.6.22. Use of uninitialized memory in EXIF Makernote handling could lead to crashes and potential use-after-free conditions.
|
CWE-908
Use of Uninitialized Resource
|
CVE-2020-13113
|
2024-11-21 14:00 |
2020-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209934
|
9.8 |
CRITICAL
Network
|
pango
|
virtual_private_network_software_development_kit
|
An issue was discovered in AnchorFree VPN SDK before 1.3.3.218. The VPN SDK service takes certain executable locations over a socket bound to localhost. Binding to the socket and providing a path whe…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-12828
|
2024-11-21 14:00 |
2020-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209935
|
7.5 |
HIGH
Network
|
libexif_project
canonical
opensuse
|
libexif
ubuntu_linux
leap
|
An issue was discovered in libexif before 0.6.22. An unrestricted size in handling Canon EXIF MakerNote data could lead to consumption of large amounts of compute time for decoding EXIF data.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2020-13114
|
2024-11-21 14:00 |
2020-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209936
|
9.1 |
CRITICAL
Network
|
libexif_project
debian
canonical
opensuse
|
libexif
debian_linux
ubuntu_linux
leap
|
An issue was discovered in libexif before 0.6.22. Several buffer over-reads in EXIF MakerNote handling could lead to information disclosure and crashes. This is different from CVE-2020-0093.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-13112
|
2024-11-21 14:00 |
2020-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209937
|
8.8 |
HIGH
Network
|
centreon
|
centreon
|
Centreon before 19.04.15 allows remote attackers to execute arbitrary OS commands by placing shell metacharacters in RRDdatabase_status_path (via a main.get.php request) and then visiting the include…
|
CWE-78
OS Command
|
CVE-2020-13252
|
2024-11-21 14:00 |
2020-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209938
|
8.8 |
HIGH
Network
|
mariadb
opensuse
fedoraproject
|
connector\/c
leap
fedora
|
libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a server. NOTE: although mariadb_lib.c was originally based on code s…
|
NVD-CWE-noinfo
|
CVE-2020-13249
|
2024-11-21 14:00 |
2020-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209939
|
7.8 |
HIGH
Local
|
microweber
|
microweber
|
Microweber 1.1.18 allows Unrestricted File Upload because admin/view:modules/load_module:users#edit-user=1 does not verify that the file extension (used with the Add Image option on the Edit User scr…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-13241
|
2024-11-21 14:00 |
2020-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209940
|
7.5 |
HIGH
Network
|
gitea
|
gitea
|
An issue was discovered in Gitea through 1.11.5. An attacker can trigger a deadlock by initiating a transfer of a repository's ownership from one organization to another.
|
CWE-667
Improper Locking
|
CVE-2020-13246
|
2024-11-21 14:00 |
2020-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
