|
202641
|
9.8 |
CRITICAL
Network
|
usebb
|
usebb
|
panel_login.php in UseBB 1.0.12 allows type juggling for login bypass because != is used instead of !== for password hashes, which mishandles hashes that begin with 0e followed by exclusively numeric…
|
NVD-CWE-noinfo
|
CVE-2020-8088
|
2024-11-21 14:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202642
|
9.8 |
CRITICAL
Network
|
smc
|
d3g0804w_firmware
|
SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must us…
|
CWE-20
Improper Input Validation
|
CVE-2020-8087
|
2024-11-21 14:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202643
|
7.8 |
HIGH
Local
|
valvesoftware
|
dota_2
|
rendersystemdx9.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a cra…
|
NVD-CWE-noinfo
|
CVE-2020-7952
|
2024-11-21 14:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202644
|
7.8 |
HIGH
Local
|
valvesoftware
|
dota_2
|
meshsystem.dll in Valve Dota 2 before 7.23e allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-7951
|
2024-11-21 14:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202645
|
7.8 |
HIGH
Local
|
valvesoftware
|
dota_2
|
meshsystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted …
|
NVD-CWE-noinfo
|
CVE-2020-7950
|
2024-11-21 14:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202646
|
7.8 |
HIGH
Local
|
valvesoftware
|
dota_2
|
schemasystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafte…
|
NVD-CWE-noinfo
|
CVE-2020-7949
|
2024-11-21 14:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202647
|
7.5 |
HIGH
Network
|
motu
|
avb_firmware
|
AVB MOTU devices through 2020-01-22 allow /.. Directory Traversal, as demonstrated by reading the /etc/passwd file.
|
CWE-22
Path Traversal
|
CVE-2020-8009
|
2024-11-21 14:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202648
|
5.5 |
MEDIUM
Local
|
virglrenderer_project
debian
|
virglrenderer
debian_linux
|
A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_…
|
CWE-415
Double Free
|
CVE-2020-8003
|
2024-11-21 14:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202649
|
5.5 |
MEDIUM
Local
|
virglrenderer_project
debian
|
virglrenderer
debian_linux
|
A NULL pointer dereference in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service via commands that attempt to launch a grid without previously providing a C…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-8002
|
2024-11-21 14:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
202650
|
9.8 |
CRITICAL
Network
|
intelliantech
|
aptus
|
The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-8001
|
2024-11-21 14:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
