|
198281
|
8.8 |
HIGH
Network
|
tribulant
|
newsletter
|
Insecure Deserialization in the Newsletter plugin before 6.8.2 for WordPress allows authenticated remote attackers with minimal privileges (such as subscribers) to use the tpnc_render AJAX action to …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-35932
|
2024-11-21 14:28 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198282
|
7.8 |
HIGH
Local
|
foxitsoftware
|
foxit_reader
phantompdf
|
An issue was discovered in Foxit Reader before 10.1.1 (and before 4.1.1 on macOS) and PhantomPDF before 9.7.5 and 10.x before 10.1.1 (and before 4.1.1 on macOS). An attacker can spoof a certified PDF…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2020-35931
|
2024-11-21 14:28 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198283
|
5.4 |
MEDIUM
Network
|
seopanel
|
seo_panel
|
Seo Panel 4.8.0 allows stored XSS by an Authenticated User via the url parameter, as demonstrated by the seo/seopanel/websites.php URI.
|
CWE-79
Cross-site Scripting
|
CVE-2020-35930
|
2024-11-21 14:28 |
2021-01-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198284
|
4.7 |
MEDIUM
Local
|
atom_project
|
atom
|
An issue was discovered in the atom crate before 0.3.6 for Rust. An unsafe Send implementation allows a cross-thread data race.
|
CWE-362
Race Condition
|
CVE-2020-35897
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198285
|
7.5 |
HIGH
Network
|
ws-rs_project
|
ws-rs
|
An issue was discovered in the ws crate through 2020-09-25 for Rust. The outgoing buffer is not properly limited, leading to a remote memory-consumption attack.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2020-35896
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198286
|
9.8 |
CRITICAL
Network
|
stack_project
|
stack
|
An issue was discovered in the stack crate before 0.3.1 for Rust. ArrayVec has an out-of-bounds write via element insertion.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-35895
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198287
|
7.5 |
HIGH
Network
|
obstack_project
|
obstack
|
An issue was discovered in the obstack crate before 0.1.4 for Rust. Unaligned references can occur.
|
CWE-706
Use of Incorrectly-Resolved Name or Reference
|
CVE-2020-35894
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198288
|
7.5 |
HIGH
Network
|
simple-slab_project
|
simple-slab
|
An issue was discovered in the simple-slab crate before 0.3.3 for Rust. remove() has an off-by-one error, causing memory leakage and a drop of uninitialized memory.
|
CWE-193
CWE-401
CWE-908
Off-by-one Error
Missing Release of Memory after Effective Lifetime
Use of Uninitialized Resource
|
CVE-2020-35893
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198289
|
9.1 |
CRITICAL
Network
|
simple-slab_project
|
simple-slab
|
An issue was discovered in the simple-slab crate before 0.3.3 for Rust. index() allows an out-of-bounds read.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-35892
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198290
|
7.5 |
HIGH
Network
|
ordnung_project
|
ordnung
|
An issue was discovered in the ordnung crate through 2020-09-03 for Rust. compact::Vec violates memory safety via a remove() double free.
|
CWE-415
Double Free
|
CVE-2020-35891
|
2024-11-21 14:28 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
