|
199651
|
9.8 |
CRITICAL
Network
|
cgal
debian
|
computational_geometry_algorithms_library
debian_linux
|
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1 in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sface() sfh->volume() OOB read. A specially cra…
|
-
|
CVE-2020-35636
|
2024-11-21 14:27 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199652
|
9.8 |
CRITICAL
Network
|
cgal
fedoraproject
debian
|
computational_geometry_algorithms_library
fedora
debian_linux
|
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->…
|
-
|
CVE-2020-35628
|
2024-11-21 14:27 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199653
|
6.5 |
MEDIUM
Network
|
courier_management_system_project
|
courier_management_system
|
Courier Management System 1.0 1.0 is affected by SQL Injection via 'MULTIPART street '.
|
CWE-89
SQL Injection
|
CVE-2020-35329
|
2024-11-21 14:27 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199654
|
5.4 |
MEDIUM
Network
|
courier_management_system_project
|
courier_management_system
|
Courier Management System 1.0 - 'First Name' Stored XSS
|
CWE-79
Cross-site Scripting
|
CVE-2020-35328
|
2024-11-21 14:27 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199655
|
6.5 |
MEDIUM
Network
|
courier_management_system_project
|
courier_management_system
|
SQL injection vulnerability was discovered in Courier Management System 1.0, which can be exploited via the ref_no (POST) parameter to admin_class.php
|
CWE-89
SQL Injection
|
CVE-2020-35327
|
2024-11-21 14:27 |
2021-03-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199656
|
7.5 |
HIGH
Network
|
thinkadmin
|
thinkadmin
|
ThinkAdmin v6 has default administrator credentials, which allows attackers to gain unrestricted administratior dashboard access.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-35296
|
2024-11-21 14:27 |
2021-03-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199657
|
7.4 |
HIGH
Network
|
saltstack
fedoraproject
debian
|
salt
fedora
debian_linux
|
In SaltStack Salt before 3002.5, when authenticating to services using certain modules, the SSL certificate is not always validated.
|
CWE-295
Improper Certificate Validation
|
CVE-2020-35662
|
2024-11-21 14:27 |
2021-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199658
|
6.1 |
MEDIUM
Network
|
acronis
|
cyber_protect
|
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. There is cross-site scripting (XSS) in the console.
|
CWE-79
Cross-site Scripting
|
CVE-2020-35664
|
2024-11-21 14:27 |
2021-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199659
|
6.1 |
MEDIUM
Network
|
mantisbt
|
mantisbt
|
An issue was discovered in MantisBT through 2.24.3. In the helper_ensure_confirmed call in manage_custom_field_update.php, the custom field name is not sanitized. This may be problematic depending on…
|
CWE-79
Cross-site Scripting
|
CVE-2020-35571
|
2024-11-21 14:27 |
2021-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199660
|
7.5 |
HIGH
Network
|
acronis
|
cyber_protect
|
An issue was discovered in Acronis Cyber Protect before 15 Update 1 build 26172. Because the local notification service misconfigures CORS, information disclosure can occur.
|
NVD-CWE-noinfo
|
CVE-2020-35556
|
2024-11-21 14:27 |
2021-02-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
