|
196101
|
6.1 |
MEDIUM
Network
|
typo3
|
typo3
|
svg.swf in TYPO3 6.2.0 to 6.2.38 ELTS and 7.0.0 to 7.1.0 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system. This may be at a contrib/…
|
CWE-79
Cross-site Scripting
|
CVE-2020-8091
|
2024-11-21 14:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196102
|
4.8 |
MEDIUM
Network
|
a1
|
wlan_box_adb_vv2220_firmware
|
The Username field in the Storage Service settings of A1 WLAN Box ADB VV2220v2 devices allows stored XSS (after a successful Administrator login).
|
CWE-79
Cross-site Scripting
|
CVE-2020-8090
|
2024-11-21 14:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196103
|
9.8 |
CRITICAL
Network
|
usebb
|
usebb
|
panel_login.php in UseBB 1.0.12 allows type juggling for login bypass because != is used instead of !== for password hashes, which mishandles hashes that begin with 0e followed by exclusively numeric…
|
NVD-CWE-noinfo
|
CVE-2020-8088
|
2024-11-21 14:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196104
|
9.8 |
CRITICAL
Network
|
smc
|
d3g0804w_firmware
|
SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must us…
|
CWE-20
Improper Input Validation
|
CVE-2020-8087
|
2024-11-21 14:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196105
|
7.8 |
HIGH
Local
|
valvesoftware
|
dota_2
|
rendersystemdx9.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a cra…
|
NVD-CWE-noinfo
|
CVE-2020-7952
|
2024-11-21 14:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196106
|
7.8 |
HIGH
Local
|
valvesoftware
|
dota_2
|
meshsystem.dll in Valve Dota 2 before 7.23e allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-7951
|
2024-11-21 14:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196107
|
7.8 |
HIGH
Local
|
valvesoftware
|
dota_2
|
meshsystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted …
|
NVD-CWE-noinfo
|
CVE-2020-7950
|
2024-11-21 14:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196108
|
7.8 |
HIGH
Local
|
valvesoftware
|
dota_2
|
schemasystem.dll in Valve Dota 2 before 7.23f allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafte…
|
NVD-CWE-noinfo
|
CVE-2020-7949
|
2024-11-21 14:38 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196109
|
7.5 |
HIGH
Network
|
motu
|
avb_firmware
|
AVB MOTU devices through 2020-01-22 allow /.. Directory Traversal, as demonstrated by reading the /etc/passwd file.
|
CWE-22
Path Traversal
|
CVE-2020-8009
|
2024-11-21 14:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196110
|
5.5 |
MEDIUM
Local
|
virglrenderer_project
debian
|
virglrenderer
debian_linux
|
A double-free vulnerability in vrend_renderer.c in virglrenderer through 0.8.1 allows attackers to cause a denial of service by triggering texture allocation failure, because vrend_renderer_resource_…
|
CWE-415
Double Free
|
CVE-2020-8003
|
2024-11-21 14:38 |
2020-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
