|
211421
|
5.8 |
MEDIUM
Network
|
weave
|
weave_net
|
In Weave Net before version 2.6.3, an attacker able to run a process as root in a container is able to respond to DNS requests from the host and thereby insert themselves as a fake service. In a clus…
|
-
|
CVE-2020-11091
|
2024-11-21 13:56 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211422
|
7.5 |
HIGH
Network
|
nghttp2
debian
opensuse
fedoraproject
oracle
nodejs
|
nghttp2
debian_linux
leap
fedora
enterprise_communications_broker
graalvm
mysql
blockchain_platform
banking_extensibility_workbench
node.js
|
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a…
|
-
|
CVE-2020-11080
|
2024-11-21 13:56 |
2020-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211423
|
6.1 |
MEDIUM
Network
|
mediawiki
|
mediawiki
|
resources/src/mediawiki.page.ready/ready.js in MediaWiki before 1.35 allows remote attackers to force a logout and external redirection via HTML content in a MediaWiki page.
|
CWE-601
Open Redirect
|
CVE-2020-10959
|
2024-11-21 13:56 |
2020-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211424
|
5.5 |
MEDIUM
Network
|
freerdp
opensuse
debian
|
freerdp
leap
debian_linux
|
In FreeRDP before 2.1.0, there is an out-of-bound read in irp functions (parallel_process_irp_create, serial_process_irp_create, drive_process_irp_write, printer_process_irp_write, rdpei_recv_pdu, se…
|
-
|
CVE-2020-11089
|
2024-11-21 13:56 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211425
|
5.4 |
MEDIUM
Network
|
freerdp
opensuse
debian
|
freerdp
leap
debian_linux
|
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_NegotiateMessage. This has been fixed in 2.1.0.
|
-
|
CVE-2020-11088
|
2024-11-21 13:56 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211426
|
5.4 |
MEDIUM
Network
|
freerdp
opensuse
debian
|
freerdp
leap
debian_linux
|
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_AuthenticateMessage. This has been fixed in 2.1.0.
|
-
|
CVE-2020-11087
|
2024-11-21 13:56 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211427
|
5.4 |
MEDIUM
Network
|
freerdp
opensuse
debian
|
freerdp
leap
debian_linux
|
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound read in ntlm_read_ntlm_v2_client_challenge that reads up to 28 bytes out-of-bound to an internal structure. This has been fixed in 2.1…
|
-
|
CVE-2020-11086
|
2024-11-21 13:56 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211428
|
3.5 |
LOW
Network
|
freerdp
opensuse
debian
|
freerdp
leap
debian_linux
|
In FreeRDP before 2.1.0, there is an out-of-bounds read in cliprdr_read_format_list. Clipboard format data read (by client or server) might read data out-of-bounds. This has been fixed in 2.1.0.
|
-
|
CVE-2020-11085
|
2024-11-21 13:56 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211429
|
2.7 |
LOW
Network
|
freerdp
opensuse
debian
|
freerdp
leap
debian_linux
|
In FreeRDP less than or equal to 2.0.0, there is an out-of-bounds read in rfx_process_message_tileset. Invalid data fed to RFX decoder results in garbage on screen (as colors). This has been patched …
|
-
|
CVE-2020-11043
|
2024-11-21 13:56 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211430
|
2.7 |
LOW
Network
|
freerdp
opensuse
debian
|
freerdp
leap
debian_linux
|
In FreeRDP less than or equal to 2.0.0, there is an out-of-bound data read from memory in clear_decompress_subcode_rlex, visualized on screen as color. This has been patched in 2.1.0.
|
-
|
CVE-2020-11040
|
2024-11-21 13:56 |
2020-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
