|
198941
|
7.5 |
HIGH
Network
|
dht_project
|
dht
|
Due to unchecked type assertions, maliciously crafted messages can cause panics, which may be used as a denial of service vector.
|
CWE-617
Reachable Assertion
|
CVE-2020-36562
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198942
|
6.1 |
MEDIUM
Network
|
openmrs
|
admin_ui_module
|
A vulnerability classified as problematic has been found in OpenMRS Admin UI Module up to 1.4.x. Affected is the function sendErrorMessage of the file omod/src/main/java/org/openmrs/module/adminui/pa…
|
-
|
CVE-2020-36636
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198943
|
9.1 |
CRITICAL
Network
|
digitalocean
|
golang-nanoauth
|
Authentication is globally bypassed in github.com/nanobox-io/golang-nanoauth between v0.0.0-20160722212129-ac0cc4484ad4 and v0.0.0-20200131131040-063a3fb69896 if ListenAndServe is called with an empt…
|
CWE-287
Improper Authentication
|
CVE-2020-36569
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198944
|
7.5 |
HIGH
Network
|
revel
|
revel
|
Unsanitized input in the query parser in github.com/revel/revel before v1.0.0 allows remote attackers to cause resource exhaustion via memory allocation.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2020-36568
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198945
|
9.1 |
CRITICAL
Network
|
tar-utils_project
|
tar-utils
|
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
|
CWE-22
Path Traversal
|
CVE-2020-36566
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198946
|
7.5 |
HIGH
Network
|
nosurf_project
|
nosurf
|
Due to improper validation of caller input, validation is silently disabled if the provided expected token is malformed, causing any user supplied token to be considered valid.
|
CWE-20
Improper Input Validation
|
CVE-2020-36564
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198947
|
9.1 |
CRITICAL
Network
|
go-unzip_project
|
go-unzip
|
Due to improper path sanitization, archives containing relative file paths can cause files to be written (or overwritten) outside of the target directory.
|
CWE-22
Path Traversal
|
CVE-2020-36560
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198948
|
7.5 |
HIGH
Network
|
aahframework
|
aah
|
Due to improper sanitization of user input, HTTPEngine.Handle allows for directory traversal, allowing an attacker to read files outside of the target directory that the server has permission to read.
|
CWE-22
Path Traversal
|
CVE-2020-36559
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198949
|
7.5 |
HIGH
Network
|
gin-gonic
|
gin
|
Unsanitized input in the default logger in github.com/gin-gonic/gin before v1.6.0 allows remote attackers to inject arbitrary log lines.
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2020-36567
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198950
|
6.1 |
MEDIUM
Network
|
tri
|
panel_builder
|
A vulnerability classified as critical has been found in Modern Tribe Panel Builder Plugin. Affected is the function add_post_content_filtered_to_search_sql of the file ModularContent/SearchFilter.ph…
|
CWE-79
Cross-site Scripting
|
CVE-2020-36626
|
2024-11-21 14:29 |
2022-12-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
