|
197691
|
7.8 |
HIGH
Local
|
nodejs
opensuse
fedoraproject
|
node.js
leap
fedora
|
The implementation of realpath in libuv < 10.22.1, < 12.18.4, and < 14.9.0 used within Node.js incorrectly determined the buffer size which can result in a buffer overflow if the resolved path is lon…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-8252
|
2024-11-21 14:38 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197692
|
7.5 |
HIGH
Network
|
nodejs
fedoraproject
|
node.js
fedora
|
Node.js < 14.11.0 is vulnerable to HTTP denial of service (DoS) attacks based on delayed requests submission which can make the server unable to accept new connections.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-8251
|
2024-11-21 14:38 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197693
|
8.8 |
HIGH
Network
|
citrix
|
application_delivery_controller_firmware
gateway
netscaler_gateway
sd-wan_wanop
|
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix A…
|
CWE-269
Improper Privilege Management
|
CVE-2020-8247
|
2024-11-21 14:38 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197694
|
7.5 |
HIGH
Network
|
citrix
|
application_delivery_controller_firmware
gateway
netscaler_gateway
sd-wan_wanop
|
Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and NetScaler Gateway 12.0, Citrix A…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-8246
|
2024-11-21 14:38 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197695
|
7.5 |
HIGH
Network
|
json-bigint_project
|
json-bigint
|
Prototype pollution in json-bigint npm package < 1.0.0 may lead to a denial-of-service (DoS) attack.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-8237
|
2024-11-21 14:38 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197696
|
7.5 |
HIGH
Network
|
nextcloud
|
desktop
|
A cleartext storage of sensitive information in Nextcloud Desktop Client 2.6.4 gave away information about used proxies and their authentication credentials.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2020-8225
|
2024-11-21 14:38 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197697
|
7.4 |
HIGH
Network
|
nodejs
opensuse
fedoraproject
|
node.js
leap
fedora
|
Node.js < 12.18.4 and < 14.11 can be exploited to perform HTTP desync attacks and deliver malicious payloads to unsuspecting users. The payloads can be crafted by an attacker to hijack user sessions,…
|
CWE-444
HTTP Request Smuggling
|
CVE-2020-8201
|
2024-11-21 14:38 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197698
|
6.5 |
MEDIUM
Network
|
citrix
|
storefront_server
|
Improper authentication in Citrix StoreFront Server < 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary…
|
CWE-287
Improper Authentication
|
CVE-2020-8200
|
2024-11-21 14:38 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197699
|
6.1 |
MEDIUM
Network
|
citrix
|
application_delivery_controller_firmware
gateway
netscaler_gateway
|
Improper Input Validation on Citrix ADC and Citrix Gateway 13.0 before 13.0-64.35, Citrix ADC and NetScaler Gateway 12.1 before 12.1-58.15, Citrix ADC 12.1-FIPS before 12.1-55.187, Citrix ADC and Net…
|
CWE-79
Cross-site Scripting
|
CVE-2020-8245
|
2024-11-21 14:38 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197700
|
9.8 |
CRITICAL
Network
|
typeorm
|
typeorm
|
Prototype pollution vulnerability in the TypeORM package < 0.2.25 may allow attackers to add or modify Object properties leading to further denial of service or SQL injection attacks.
|
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2020-8158
|
2024-11-21 14:38 |
2020-09-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
