|
196431
|
8.8 |
HIGH
Network
|
google
debian
|
chrome
debian_linux
|
Use after free in payments in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-787
CWE-416
Out-of-bounds Write
Use After Free
|
CVE-2020-6459
|
2024-11-21 14:35 |
2020-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196432
|
8.8 |
HIGH
Network
|
google
debian
|
chrome
debian_linux
|
Out of bounds read and write in PDFium in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2020-6458
|
2024-11-21 14:35 |
2020-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196433
|
9.6 |
CRITICAL
Network
|
google
debian
|
chrome
debian_linux
|
Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2020-6457
|
2024-11-21 14:35 |
2020-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196434
|
5.5 |
MEDIUM
Local
|
gonitro
|
nitro_pro
|
An exploitable information disclosure vulnerability exists in the way Nitro Pro 13.9.1.155 does XML error handling. A specially crafted PDF document can cause uninitialized memory access resulting in…
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2020-6093
|
2024-11-21 14:35 |
2020-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196435
|
7.8 |
HIGH
Local
|
gonitro
|
nitro_pro
|
An exploitable code execution vulnerability exists in the way Nitro Pro 13.9.1.155 parses Pattern objects. A specially crafted PDF file can trigger an integer overflow that can lead to arbitrary code…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-6092
|
2024-11-21 14:35 |
2020-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196436
|
8.8 |
HIGH
Network
|
gonitro
|
nitro_pro
|
An exploitable code execution vulnerability exists in the PDF parser of Nitro Pro 13.9.1.155. A specially crafted PDF document can cause a use-after-free which can lead to remote code execution. An a…
|
CWE-416
Use After Free
|
CVE-2020-6074
|
2024-11-21 14:35 |
2020-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196437
|
8.8 |
HIGH
Network
|
sap
|
application_server
|
Service Data Download in SAP Application Server ABAP (ST-PI, before versions 2008_1_46C, 2008_1_620, 2008_1_640, 2008_1_700, 2008_1_710, 740) allows an attacker to inject code that can be executed by…
|
CWE-94
Code Injection
|
CVE-2020-6262
|
2024-11-21 14:35 |
2020-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196438
|
6.5 |
MEDIUM
Network
|
sap
|
adaptive_server_enterprise
|
Under certain conditions SAP Adaptive Server Enterprise, versions 15.7, 16.0, allows an attacker to access information which would otherwise be restricted leading to Missing Authorization Check.
|
CWE-862
Missing Authorization
|
CVE-2020-6259
|
2024-11-21 14:35 |
2020-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196439
|
6.5 |
MEDIUM
Network
|
sap
|
identity_management
|
SAP Identity Management, version 8.0, does not perform necessary authorization checks for an authenticated user, allowing the attacker to view certain sensitive information of the victim, leading to …
|
CWE-862
Missing Authorization
|
CVE-2020-6258
|
2024-11-21 14:35 |
2020-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196440
|
5.4 |
MEDIUM
Network
|
sap
|
businessobjects_business_intelligence_platform
|
SAP Business Objects Business Intelligence Platform (CMC and BI Launchpad) 4.2 does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting vulnerability.
|
CWE-79
Cross-site Scripting
|
CVE-2020-6257
|
2024-11-21 14:35 |
2020-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
