|
209511
|
9.8 |
CRITICAL
Network
|
opener_project
|
opener
|
An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can le…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-13556
|
2024-11-21 14:01 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209512
|
7.5 |
HIGH
Network
|
opener_project
|
opener
|
A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span o…
|
CWE-672
Operation on a Resource after Expiration or Release
|
CVE-2020-13530
|
2024-11-21 14:01 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209513
|
7.8 |
HIGH
Local
|
pixar
apple
|
openusd
macos
|
An out of bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 reconstructs paths from binary USD files. A specially crafted malformed file can trigger an out of bounds memory…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-13520
|
2024-11-21 14:01 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209514
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An issue was discovered in Gitlab CE/EE versions >= 13.1 to <13.4.7, >= 13.5 to <13.5.5, and >= 13.6 to <13.6.2 allowed an unauthorized user to access the user list corresponding to a feature flag in…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2020-13357
|
2024-11-21 14:01 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209515
|
8.8 |
HIGH
Network
|
processmaker
|
processmaker
|
SQL injection vulnerability exists in the handling of sort parameters in ProcessMaker 3.4.11. A specially crafted HTTP request can cause an SQL injection. The reportTables_Ajax and clientSetupAjax pa…
|
CWE-89
SQL Injection
|
CVE-2020-13526
|
2024-11-21 14:01 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209516
|
8.8 |
HIGH
Network
|
processmaker
|
processmaker
|
The sort parameter in the download page /sysworkflow/en/neoclassic/reportTables/reportTables_Ajax is vulnerable to SQL injection in ProcessMaker 3.4.11. A specially crafted HTTP request can cause an …
|
CWE-89
SQL Injection
|
CVE-2020-13525
|
2024-11-21 14:01 |
2020-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209517
|
5.5 |
MEDIUM
Local
|
pixar
apple
|
openusd
mac_os_x
macos
|
An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory ac…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-13524
|
2024-11-21 14:01 |
2020-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209518
|
8.8 |
HIGH
Network
|
webkitgtk
fedoraproject
|
webkitgtk
fedora
|
An exploitable use-after-free vulnerability exists in WebKitGTK browser version 2.30.1 x64. A specially crafted HTML web page can cause a use-after-free condition, resulting in a remote code executio…
|
CWE-416
Use After Free
|
CVE-2020-13584
|
2024-11-21 14:01 |
2020-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209519
|
8.8 |
HIGH
Network
|
webkitgtk
|
webkitgtk
|
A code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code …
|
CWE-416
Use After Free
|
CVE-2020-13543
|
2024-11-21 14:01 |
2020-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209520
|
7.8 |
HIGH
Local
|
logicaldoc
|
logicaldoc
|
A local privilege elevation vulnerability exists in the file system permissions of LogicalDoc 8.5.1 installation. Depending on the vector chosen, an attacker can either replace the service binary or …
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-13542
|
2024-11-21 14:01 |
2020-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
