|
208181
|
5.7 |
MEDIUM
Local
|
linux
redhat
debian
netapp
|
linux_kernel
enterprise_linux
enterprise_mrg
debian_linux
cloud_backup
solidfire_baseboard_management_controller_firmware
h410c_firmware
|
A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, m…
|
-
|
CVE-2020-27825
|
2024-11-21 14:21 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208182
|
7.5 |
HIGH
Network
|
frappe
|
frappe
|
In two-factor authentication, the system also sending 2fa secret key in response, which enables an intruder to breach the 2fa security.
|
NVD-CWE-noinfo
|
CVE-2020-27508
|
2024-11-21 14:21 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208183
|
7.8 |
HIGH
Local
|
linux
redhat
netapp
|
linux_kernel
enterprise_linux
openshift_container_platform
enterprise_mrg
cloud_backup
solidfire_baseboard_management_controller
|
A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue.…
|
-
|
CVE-2020-27786
|
2024-11-21 14:21 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208184
|
7.8 |
HIGH
Local
|
jasper_project
fedoraproject
|
jasper
fedora
|
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data co…
|
-
|
CVE-2020-27828
|
2024-11-21 14:21 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208185
|
2.8 |
LOW
Local
|
debian
|
advanced_package_tool
|
Various memory and file descriptor leaks were found in apt-python files python/arfile.cc, python/tag.cc, python/tarfile.cc, aka GHSL-2020-170. This issue affects: python-apt 1.1.0~beta1 versions prio…
|
CWE-772
Missing Release of Resource after Effective Lifetime
|
CVE-2020-27351
|
2024-11-21 14:21 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208186
|
5.7 |
MEDIUM
Local
|
debian
netapp
|
advanced_package_tool
solidfire_baseboard_management_controller_firmware
|
APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfi…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-27350
|
2024-11-21 14:21 |
2020-12-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208187
|
5.5 |
MEDIUM
Local
|
canonical
|
ubuntu_linux
|
Aptdaemon performed policykit checks after interacting with potentially untrusted files with elevated privileges. This affected versions prior to 1.1.1+bzr982-0ubuntu34.1, 1.1.1+bzr982-0ubuntu32.3, 1…
|
CWE-862
Missing Authorization
|
CVE-2020-27349
|
2024-11-21 14:21 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208188
|
7.8 |
HIGH
Local
|
anydesk
|
anydesk
|
AnyDesk for macOS versions 6.0.2 and older have a vulnerability in the XPC interface that does not properly validate client requests and allows local privilege escalation.
|
CWE-20
Improper Input Validation
|
CVE-2020-27614
|
2024-11-21 14:21 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208189
|
6.0 |
MEDIUM
Local
|
qemu
debian
|
qemu
debian_linux
|
A flaw was found in the memory management API of QEMU during the initialization of a memory region cache. This issue could lead to an out-of-bounds write access to the MSI-X table while performing MM…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27821
|
2024-11-21 14:21 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208190
|
3.3 |
LOW
Local
|
imagemagick
debian
|
imagemagick
debian_linux
|
A flaw was found in ImageMagick in coders/txt.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of ty…
|
-
|
CVE-2020-27758
|
2024-11-21 14:21 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
