|
197301
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
media: dvbdev: Fix memory leak in dvb_media_device_free()
dvb_media_device_free() is leaking memory. Free `dvbdev->adapter->conn`…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-36777
|
2024-11-21 14:30 |
2024-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197302
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
thermal/drivers/cpufreq_cooling: Fix slab OOB issue
Slab OOB issue is scanned by KASAN in cpu_power_to_freq().
If power is limite…
|
CWE-129
Improper Validation of Array Index
|
CVE-2020-36776
|
2024-11-21 14:30 |
2024-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197303
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
f2fs: fix to avoid potential deadlock
Using f2fs_trylock_op() in f2fs_write_compressed_pages() to avoid potential
deadlock like w…
|
CWE-667
Improper Locking
|
CVE-2020-36775
|
2024-11-21 14:30 |
2024-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197304
|
- |
|
-
|
-
|
plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash).
|
-
|
CVE-2020-36774
|
2024-11-21 14:30 |
2024-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197305
|
9.8 |
CRITICAL
Network
|
artifex
|
ghostscript
|
Artifex Ghostscript before 9.53.0 has an out-of-bounds write and use-after-free in devices/vector/gdevtxtw.c (for txtwrite) because a single character code in a PDF document can map to more than one …
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2020-36773
|
2024-11-21 14:30 |
2024-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197306
|
4.4 |
MEDIUM
Local
|
cloudlinux
|
cagefs
|
CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail proxy command. This allows local users to read and write arbitrary files of certain file formats outsid…
|
CWE-610
Externally Controlled Reference to a Resource in Another Sphere
|
CVE-2020-36772
|
2024-11-21 14:30 |
2024-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197307
|
7.8 |
HIGH
Local
|
cloudlinux
|
cagefs
|
CloudLinux CageFS 7.1.1-1 or below passes the authentication token as a command line argument. In some configurations this allows local users to view the authentication token via the process list and…
|
NVD-CWE-noinfo
|
CVE-2020-36771
|
2024-11-21 14:30 |
2024-01-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197308
|
9.8 |
CRITICAL
Network
|
gentoo
|
ebuild_for_slurm
|
pkg_postinst in the Gentoo ebuild for Slurm through 22.05.3 unnecessarily calls chown to assign root's ownership on files in the live root filesystem. This could be exploited by the slurm user to bec…
|
NVD-CWE-noinfo
|
CVE-2020-36770
|
2024-11-21 14:30 |
2024-01-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197309
|
9.8 |
CRITICAL
Network
|
reiner-lemoine-institut
|
nesp2
|
A vulnerability was found in rl-institut NESP2 Initial Release/1.0. It has been classified as critical. Affected is an unknown function of the file app/database.py. The manipulation leads to sql inje…
|
-
|
CVE-2020-36768
|
2024-11-21 14:30 |
2023-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197310
|
7.5 |
HIGH
Network
|
vareille
|
tinyfiledialogs
|
tinyfiledialogs (aka tiny file dialogs) before 3.8.0 allows shell metacharacters in titles, messages, and other input data.
|
NVD-CWE-noinfo
|
CVE-2020-36767
|
2024-11-21 14:30 |
2023-10-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
