|
210011
|
7.5 |
HIGH
Network
|
contiki-ng
|
contiki-ng
|
An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-13988
|
2024-11-21 14:02 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210012
|
7.5 |
HIGH
Network
|
uip_project
open-iscsi_project
siemens
|
uip
open-iscsi
sentron_3va_com100_firmware
sentron_3va_com800_firmware
sentron_pac3200_firmware
sentron_pac4200_firmware
|
An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-13987
|
2024-11-21 14:02 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210013
|
7.5 |
HIGH
Network
|
contiki-os
|
contiki
|
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/r…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-13986
|
2024-11-21 14:02 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210014
|
7.5 |
HIGH
Network
|
contiki-os
|
contiki
|
An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_he…
|
CWE-787
CWE-190
CWE-681
Out-of-bounds Write
Integer Overflow or Wraparound
Incorrect Conversion between Numeric Types
|
CVE-2020-13985
|
2024-11-21 14:02 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210015
|
7.5 |
HIGH
Network
|
contiki-os
|
contiki
|
An issue was discovered in Contiki through 3.0. An infinite loop exists in the uIP TCP/IP stack component when processing IPv6 extension headers in ext_hdr_options_process in net/ipv6/uip6.c.
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-13984
|
2024-11-21 14:02 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210016
|
5.3 |
MEDIUM
Network
|
divebook_project
|
divebook
|
The DiveBook plugin 1.1.4 for WordPress was prone to a SQL injection within divelog.php, allowing unauthenticated users to retrieve data from the database via the divelog.php filter_diver parameter.
|
CWE-89
SQL Injection
|
CVE-2020-14207
|
2024-11-21 14:02 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210017
|
6.1 |
MEDIUM
Network
|
divebook_project
|
divebook
|
The DiveBook plugin 1.1.4 for WordPress is prone to unauthenticated XSS within the filter function (via an arbitrary parameter).
|
CWE-79
Cross-site Scripting
|
CVE-2020-14206
|
2024-11-21 14:02 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210018
|
5.3 |
MEDIUM
Network
|
divebook_project
|
divebook
|
The DiveBook plugin 1.1.4 for WordPress is prone to improper access control in the Log Dive form because it fails to perform authorization checks. An attacker may leverage this issue to manipulate th…
|
CWE-862
Missing Authorization
|
CVE-2020-14205
|
2024-11-21 14:02 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210019
|
6.5 |
MEDIUM
Network
|
apache
|
apisix
|
In Apache APISIX, the user enabled the Admin API and deleted the Admin API access IP restriction rules. Eventually, the default token is allowed to access APISIX management data. This affects version…
|
NVD-CWE-Other
|
CVE-2020-13945
|
2024-11-21 14:02 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210020
|
4.3 |
MEDIUM
Network
|
samba
redhat
|
samba
enterprise_linux
storage
|
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be u…
|
-
|
CVE-2020-14318
|
2024-11-21 14:02 |
2020-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
