|
209601
|
5.4 |
MEDIUM
Network
|
dolibarr
|
dolibarr_erp\/crm
|
Dolibarr 11.0.4 is affected by multiple stored Cross-Site Scripting (XSS) vulnerabilities that could allow remote authenticated attackers to inject arbitrary web script or HTML via ticket/card.php?ac…
|
CWE-79
Cross-site Scripting
|
CVE-2020-13828
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209602
|
4.6 |
MEDIUM
Physics
|
gigadevice
|
gd32f103_firmware
|
The flash memory readout protection in Gigadevice GD32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the DMA module.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-13472
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209603
|
6.8 |
MEDIUM
Physics
|
apexmic
|
apm32f103_firmware
|
Apex Microelectronics APM32F103 devices allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration.
|
NVD-CWE-noinfo
|
CVE-2020-13471
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209604
|
4.6 |
MEDIUM
Physics
|
gigadevice
|
gd32f103_firmware
gd32f130_firmware
|
Gigadevice GD32F103 and GD32F130 devices allow physical attackers to extract data via the probing of easily accessible bonding wires and de-obfuscation of the observed data.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-13470
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209605
|
4.6 |
MEDIUM
Physics
|
gigadevice
|
gd32vf103_firmware
|
The flash memory readout protection in Gigadevice GD32VF103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-13469
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209606
|
6.8 |
MEDIUM
Physics
|
gigadevice
|
gd32f130_firmware
|
Gigadevice GD32F130 devices allow physical attackers to escalate their debug interface permissions via fault injection into inter-IC bonding wires (which have insufficient physical protection).
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-13468
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209607
|
4.6 |
MEDIUM
Physics
|
cksic
|
cks32f103_firmware
|
The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface and exception handling.
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2020-13467
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209608
|
6.8 |
MEDIUM
Physics
|
st
|
stm32f103_firmware
|
STMicroelectronics STM32F103 devices through 2020-05-20 allow physical attackers to execute arbitrary code via a power glitch and a specific flash patch/breakpoint unit configuration.
|
NVD-CWE-noinfo
|
CVE-2020-13466
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209609
|
6.8 |
MEDIUM
Physics
|
gigadevice
|
gd32f103_firmware
|
The security protection in Gigadevice GD32F103 devices allows physical attackers to redirect the control flow and execute arbitrary code via the debug interface.
|
CWE-20
Improper Input Validation
|
CVE-2020-13465
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209610
|
4.2 |
MEDIUM
Physics
|
cksic
|
cks32f103_firmware
|
The flash memory readout protection in China Key Systems & Integrated Circuit CKS32F103 devices allows physical attackers to extract firmware via the debug interface by utilizing the CPU or DMA modul…
|
CWE-862
Missing Authorization
|
CVE-2020-13464
|
2024-11-21 14:01 |
2020-09-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
