|
199191
|
7.5 |
HIGH
Network
|
leptonica
fedoraproject
debian
|
leptonica
fedora
debian_linux
|
Leptonica before 1.80.0 allows a denial of service (application crash) via an incorrect left shift in pixConvert2To8 in pixconv.c.
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2020-36277
|
2024-11-21 14:29 |
2021-03-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199192
|
7.5 |
HIGH
Network
|
identitymodel_project
|
identitymodel
|
An issue was discovered in IdentityModel (aka ScottBrady.IdentityModel) before 1.3.0. The Branca implementation allows an attacker to modify and forge authentication tokens.
|
NVD-CWE-noinfo
|
CVE-2020-36255
|
2024-11-21 14:29 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199193
|
5.3 |
MEDIUM
Network
|
atlassian
|
crowd
|
The ResourceDownloadRewriteRule class in Crowd before version 4.0.4, and from version 4.1.0 before 4.1.2 allowed unauthenticated remote attackers to read arbitrary files within WEB-INF and META-INF d…
|
NVD-CWE-noinfo
|
CVE-2020-36240
|
2024-11-21 14:29 |
2021-03-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199194
|
8.1 |
HIGH
Network
|
dropbear_ssh_project
|
dropbear_ssh
|
scp.c in Dropbear before 2020.79 mishandles the filename of . or an empty filename, a related issue to CVE-2018-20685.
|
NVD-CWE-noinfo
|
CVE-2020-36254
|
2024-11-21 14:29 |
2021-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199195
|
5.0 |
MEDIUM
Network
|
atlassian
|
atlassian-gadgets
|
The MessageBundleWhiteList class of atlassian-gadgets before version 4.2.37, from version 4.3.0 before 4.3.14, from version 4.3.2.0 before 4.3.2.4, from version 4.4.0 before 4.4.12, and from version …
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-36232
|
2024-11-21 14:29 |
2021-02-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199196
|
4.6 |
MEDIUM
Physics
|
owncloud
|
owncloud
|
The ownCloud application before 2.15 for Android allows attackers to use adb to include a PIN preferences value in a backup archive, and consequently bypass the PIN lock feature by restoring from thi…
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2020-36248
|
2024-11-21 14:29 |
2021-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199197
|
5.7 |
MEDIUM
Adjacent
|
owncloud
|
owncloud
|
ownCloud Server 10.x before 10.3.1 allows an attacker, who has one outgoing share from a victim, to access any version of any file by sending a request for a predictable ID number.
|
CWE-330
Use of Insufficiently Random Values
|
CVE-2020-36252
|
2024-11-21 14:29 |
2021-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199198
|
4.3 |
MEDIUM
Network
|
owncloud
|
owncloud
|
ownCloud Server before 10.3.0 allows an attacker, who has received non-administrative access to a group share, to remove everyone else's access to that share.
|
NVD-CWE-noinfo
|
CVE-2020-36251
|
2024-11-21 14:29 |
2021-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199199
|
4.6 |
MEDIUM
Physics
|
owncloud
|
owncloud
|
In the ownCloud application before 2.15 for Android, the lock protection mechanism can be bypassed by moving the system date/time into the past.
|
NVD-CWE-noinfo
|
CVE-2020-36250
|
2024-11-21 14:29 |
2021-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199200
|
7.5 |
HIGH
Network
|
owncloud
|
file_firewall
|
The File Firewall before 2.8.0 for ownCloud Server does not properly enforce file-type restrictions for public shares.
|
NVD-CWE-Other
|
CVE-2020-36249
|
2024-11-21 14:29 |
2021-02-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
