|
209531
|
6.1 |
MEDIUM
Network
|
drupal
|
drupal
|
Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8…
|
CWE-79
Cross-site Scripting
|
CVE-2020-13668
|
2024-11-21 14:01 |
2022-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209532
|
6.1 |
MEDIUM
Network
|
outsystems
|
lifetime_management_console
platform_server
outsystems
|
A stored XSS vulnerability was discovered in the ECT Provider in OutSystems before 2020-09-04, affecting generated applications. It could allow an unauthenticated remote attacker to craft and store m…
|
CWE-79
Cross-site Scripting
|
CVE-2020-13639
|
2024-11-21 14:01 |
2021-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209533
|
8.8 |
HIGH
Network
|
rukovoditel
|
rukovoditel
|
An exploitable SQL injection vulnerability exists in the ‘entities/fields’ page of the Rukovoditel Project Management App 2.7.2. The entities_id parameter in the 'entities/fields page (mulitple_edit …
|
CWE-89
SQL Injection
|
CVE-2020-13589
|
2024-11-21 14:01 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209534
|
8.8 |
HIGH
Network
|
rukovoditel
|
rukovoditel
|
An exploitable SQL injection vulnerability exists in the ‘entities/fields’ page of the Rukovoditel Project Management App 2.7.2. The heading_field_id parameter in ‘‘entities/fields’ page is vulnerabl…
|
CWE-89
SQL Injection
|
CVE-2020-13588
|
2024-11-21 14:01 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209535
|
8.8 |
HIGH
Network
|
drupal
|
drupal
|
Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities.
|
CWE-352
Origin Validation Error
|
CVE-2020-13663
|
2024-11-21 14:01 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209536
|
6.1 |
MEDIUM
Network
|
drupal
|
drupal
|
Cross-site scripting vulnerability in l Drupal Core allows an attacker could leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupa…
|
CWE-79
Cross-site Scripting
|
CVE-2020-13688
|
2024-11-21 14:01 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209537
|
7.8 |
HIGH
Local
|
zephyrproject
|
zephyr
|
Integer Overflow in memory allocating functions. Zephyr versions >= 1.14.2, >= 2.4.0 contain Integer Overflow or Wraparound (CWE-190). For more information, see https://github.com/zephyrproject-rtos/…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-13603
|
2024-11-21 14:01 |
2021-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209538
|
5.5 |
MEDIUM
Local
|
zephyrproject
|
zephyr
|
Remote Denial of Service in LwM2M do_write_op_tlv. Zephyr versions >= 1.14.2, >= 2.2.0 contain Improper Input Validation (CWE-20), Loop with Unreachable Exit Condition ('Infinite Loop') (CWE-835). Fo…
|
CWE-20
CWE-835
Improper Input Validation
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-13602
|
2024-11-21 14:01 |
2021-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209539
|
9.8 |
CRITICAL
Network
|
zephyrproject
|
zephyr
|
Possible read out of bounds in dns read. Zephyr versions >= 1.14.2, >= 2.3.0 contain Out-of-bounds Read (CWE-125). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advi…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-13601
|
2024-11-21 14:01 |
2021-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209540
|
7.6 |
HIGH
Physics
|
zephyrproject
|
zephyr
|
Malformed SPI in response for eswifi can corrupt kernel memory. Zephyr versions >= 1.14.2, >= 2.3.0 contain Heap-based Buffer Overflow (CWE-122). For more information, see https://github.com/zephyrpr…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-13600
|
2024-11-21 14:01 |
2021-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
