|
201731
|
6.5 |
MEDIUM
Network
|
symonics
fedoraproject
|
libmysofa
fedora
|
Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-36151
|
2024-11-21 14:28 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201732
|
6.5 |
MEDIUM
Network
|
symonics
fedoraproject
|
libmysofa
fedora
|
Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-36150
|
2024-11-21 14:28 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201733
|
6.5 |
MEDIUM
Network
|
symonics
fedoraproject
|
libmysofa
fedora
|
Incorrect handling of input data in changeAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protec…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-36149
|
2024-11-21 14:28 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201734
|
6.5 |
MEDIUM
Network
|
symonics
fedoraproject
|
libmysofa
fedora
|
Incorrect handling of input data in verifyAttribute function in the libmysofa library 0.5 - 1.1 will lead to NULL pointer dereference and segmentation fault error in case of restrictive memory protec…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-36148
|
2024-11-21 14:28 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201735
|
8.8 |
HIGH
Network
|
zohocorp
|
manageengine_applications_manager
|
doFilter in com.adventnet.appmanager.filter.UriCollector in Zoho ManageEngine Applications Manager through 14930 allows an authenticated SQL Injection via the resourceid parameter to showresource.do.
|
CWE-89
SQL Injection
|
CVE-2020-35765
|
2024-11-21 14:28 |
2021-02-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201736
|
9.8 |
CRITICAL
Network
|
asus
|
rt-ax86u_firmware
|
ASUS RT-AX86U router firmware below version under 9.0.0.4_386 has a buffer overflow in the blocking_request.cgi function of the httpd module that can cause code execution when an attacker constructs …
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-36109
|
2024-11-21 14:28 |
2021-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201737
|
5.4 |
MEDIUM
Network
|
egavilanmedia
|
phpcrud
|
Stored Cross Site Scripting (XSS) vulnerability in EGavilan Media CRUD Operation with PHP, MySQL, Bootstrap, and Dompdf via First Name or Last Name parameter in the 'Add New Record Feature'.
|
CWE-79
Cross-site Scripting
|
CVE-2020-36115
|
2024-11-21 14:28 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201738
|
7.2 |
HIGH
Network
|
opensolution
|
quick.cms
quick.cart
|
OpenSolution Quick.CMS < 6.7 and Quick.Cart < 6.7 allow an authenticated user to perform code injection (and consequently Remote Code Execution) via the input fields of the Language tab.
|
CWE-94
Code Injection
|
CVE-2020-35754
|
2024-11-21 14:28 |
2021-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201739
|
4.8 |
MEDIUM
Network
|
bdtask
|
multi-store
|
Stored XSS vulnerability in BDTASK Multi-Store Inventory Management System 1.0 allows a local admin to inject arbitrary code via the Customer Name Field.
|
CWE-79
Cross-site Scripting
|
CVE-2020-36012
|
2024-11-21 14:28 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
201740
|
4.8 |
MEDIUM
Network
|
qdocs
|
smart_hospital
|
A cross-site scripting (XSS) issue in Add Patient Form in QDOCS Smart Hospital Management System 3.1 allows a remote attacker to inject arbitrary code via the Name, Guardian Name, Email, Address, Rem…
|
CWE-79
Cross-site Scripting
|
CVE-2020-36011
|
2024-11-21 14:28 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
