|
213331
|
7.5 |
HIGH
Network
|
torproject
opensuse
|
tor
leap
backports_sle
|
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (memory leak), aka TROVE-2020-004. This occurs in circpad_setup_machine_on_c…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-10593
|
2024-11-21 13:55 |
2020-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213332
|
7.5 |
HIGH
Network
|
torproject
opensuse
|
tor
leap
backports
|
Tor before 0.3.5.10, 0.4.x before 0.4.1.9, and 0.4.2.x before 0.4.2.7 allows remote attackers to cause a Denial of Service (CPU consumption), aka TROVE-2020-002.
|
NVD-CWE-noinfo
|
CVE-2020-10592
|
2024-11-21 13:55 |
2020-03-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213333
|
6.5 |
MEDIUM
Network
|
tesla
|
model_3_web_interface
|
The driving interface of Tesla Model 3 vehicles in any release before 2020.4.10 allows Denial of Service to occur due to improper process separation, which allows attackers to disable the speedometer…
|
NVD-CWE-noinfo
|
CVE-2020-10558
|
2024-11-21 13:55 |
2020-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213334
|
7.1 |
HIGH
Local
|
deltaww
|
delta_industrial_automation_dopsoft
|
Delta Industrial Automation DOPSoft, Version 4.00.08.15 and prior. Multiple out-of-bounds read vulnerabilities may be exploited by processing specially crafted project files, which may allow an attac…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-10597
|
2024-11-21 13:55 |
2020-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213335
|
7.8 |
HIGH
Local
|
cmsmadesimple
|
cms_made_simple
|
The Filemanager in CMS Made Simple 2.2.13 allows remote code execution via a .php.jpegd JPEG file, as demonstrated by m1_files[] to admin/moduleinterface.php. The file should be sent as application/o…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-10682
|
2024-11-21 13:55 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213336
|
5.4 |
MEDIUM
Network
|
cmsmadesimple
|
cms_made_simple
|
The Filemanager in CMS Made Simple 2.2.13 has stored XSS via a .pxd file, as demonstrated by m1_files[] to admin/moduleinterface.php.
|
CWE-79
Cross-site Scripting
|
CVE-2020-10681
|
2024-11-21 13:55 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213337
|
7.5 |
HIGH
Network
|
canon
|
oce_colorwave_500_firmware
|
The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to authentication bypass on the page /home.jsp. An unauthenticated attacker able to connect to the device's we…
|
CWE-287
Improper Authentication
|
CVE-2020-10669
|
2024-11-21 13:55 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213338
|
8.8 |
HIGH
Network
|
canon
|
oce_colorwave_500_firmware
|
The Canon Oce Colorwave 500 4.0.0.0 printer's web application is missing any form of CSRF protections. This is a system-wide issue. An attacker could perform administrative actions by targeting a log…
|
CWE-352
Origin Validation Error
|
CVE-2020-10671
|
2024-11-21 13:55 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213339
|
6.1 |
MEDIUM
Network
|
canon
|
oce_colorwave_500_firmware
|
The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in the parameter settingId of the settingDialogContent.jsp page. NOTE: this is fixed in the l…
|
CWE-79
Cross-site Scripting
|
CVE-2020-10670
|
2024-11-21 13:55 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213340
|
6.1 |
MEDIUM
Network
|
canon
|
oce_colorwave_500_firmware
|
The web application exposed by the Canon Oce Colorwave 500 4.0.0.0 printer is vulnerable to Reflected XSS in /home.jsp. The vulnerable parameter is openSI. NOTE: this is fixed in the latest version.
|
CWE-79
Cross-site Scripting
|
CVE-2020-10668
|
2024-11-21 13:55 |
2020-03-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
