|
197611
|
4.8 |
MEDIUM
Network
|
codologic
|
codoforum
|
Codoforum 4.8.3 allows XSS via a post using parameters display name, title name, or content.
|
CWE-79
Cross-site Scripting
|
CVE-2020-5306
|
2024-11-21 14:33 |
2020-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197612
|
4.8 |
MEDIUM
Network
|
codologic
|
codoforum
|
Codoforum 4.8.3 allows XSS in the admin dashboard via a name field of a new user, i.e., on the Manage Users screen.
|
CWE-79
Cross-site Scripting
|
CVE-2020-5305
|
2024-11-21 14:33 |
2020-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197613
|
7.1 |
HIGH
Network
|
python
debian
canonical
fedoraproject
|
pillow
debian_linux
ubuntu_linux
fedora
|
libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-5313
|
2024-11-21 14:33 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197614
|
9.8 |
CRITICAL
Network
|
python
canonical
debian
fedoraproject
|
pillow
ubuntu_linux
debian_linux
fedora
|
libImaging/PcxDecode.c in Pillow before 6.2.2 has a PCX P mode buffer overflow.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-5312
|
2024-11-21 14:33 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197615
|
9.8 |
CRITICAL
Network
|
python
debian
canonical
fedoraproject
|
pillow
debian_linux
ubuntu_linux
fedora
|
libImaging/SgiRleDecode.c in Pillow before 6.2.2 has an SGI buffer overflow.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-5311
|
2024-11-21 14:33 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197616
|
8.8 |
HIGH
Network
|
python
canonical
fedoraproject
|
pillow
ubuntu_linux
fedora
|
libImaging/TiffDecode.c in Pillow before 6.2.2 has a TIFF decoding integer overflow, related to realloc.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-5310
|
2024-11-21 14:33 |
2020-01-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197617
|
7.2 |
HIGH
Network
|
comtechtel
|
stampede_fx-1010_firmware
|
Comtech Stampede FX-1010 7.4.3 devices allow remote authenticated administrators to execute arbitrary OS commands by navigating to the Diagnostics Ping page and entering shell metacharacters in the T…
|
CWE-78
OS Command
|
CVE-2020-5179
|
2024-11-21 14:33 |
2020-01-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197618
|
3.3 |
LOW
Local
|
ibm
|
financial_transaction_manager
|
IBM Financial Transaction Manager for High Value Payments for Multi-Platform 3.2.0 through 3.2.10 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force I…
|
NVD-CWE-noinfo
|
CVE-2020-4556
|
2024-11-21 14:32 |
2023-03-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197619
|
5.9 |
MEDIUM
Network
|
ibm
|
spectrum_protect_plus
|
IBM Spectrum Protect Plus 10.1.0 through 10.1.12 discloses sensitive information due to unencrypted data being used in the communication flow between Spectrum Protect Plus vSnap and its agents. An a…
|
CWE-319
Cleartext Transmission of Sensitive Information
|
CVE-2020-4497
|
2024-11-21 14:32 |
2022-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197620
|
7.5 |
HIGH
Network
|
hcltech
|
verse
|
The application was signed using a key length less than or equal to 1024 bits, making it potentially vulnerable to forged digital signatures. An attacker could forge the same digital signature of the…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2020-4099
|
2024-11-21 14:32 |
2022-11-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
