|
200441
|
6.1 |
MEDIUM
Network
|
oauth2_proxy_project
|
oauth2_proxy
|
OAuth2 Proxy before 5.0 has an open redirect vulnerability. Authentication tokens could be silently harvested by an attacker. This has been patched in version 5.0.
|
CWE-601
Open Redirect
|
CVE-2020-5233
|
2024-11-21 14:33 |
2020-01-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200442
|
7.5 |
HIGH
Network
|
feedgen_project
|
feedgen
|
Feedgen (python feedgen) before 0.9.0 is susceptible to XML Denial of Service attacks. The *feedgen* library allows supplying XML as content for some of the available fields. This XML will be parsed …
|
CWE-776
XML Entity Expansion
|
CVE-2020-5227
|
2024-11-21 14:33 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200443
|
7.5 |
HIGH
Network
|
google
|
tensorflow
|
In TensorFlow before 1.15.2 and 2.0.1, converting a string (from Python) to a tf.float16 value results in a segmentation fault in eager mode as the format checks for this use case are only in the gra…
|
CWE-20
Improper Input Validation
|
CVE-2020-5215
|
2024-11-21 14:33 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200444
|
9.8 |
CRITICAL
Network
|
nethack
|
nethack
|
In NetHack before 3.6.5, an invalid extended command in value for the AUTOCOMPLETE configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escala…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-5211
|
2024-11-21 14:33 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200445
|
9.8 |
CRITICAL
Network
|
nethack
|
nethack
|
In NetHack before 3.6.5, detecting an unknown configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects syst…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-5214
|
2024-11-21 14:33 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200446
|
9.8 |
CRITICAL
Network
|
nethack
|
nethack
|
In NetHack before 3.6.5, too long of a value for the SYMBOL configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerabilit…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-5213
|
2024-11-21 14:33 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200447
|
9.8 |
CRITICAL
Network
|
nethack
|
nethack
|
In NetHack before 3.6.5, an extremely long value for the MENUCOLOR configuration file option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulne…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-5212
|
2024-11-21 14:33 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200448
|
7.8 |
HIGH
Local
|
nethack
|
nethack
|
In NetHack before 3.6.5, an invalid argument to the -w command line option can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects s…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-5210
|
2024-11-21 14:33 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200449
|
7.8 |
HIGH
Local
|
nethack
|
nethack
|
In NetHack before 3.6.5, unknown options starting with -de and -i can cause a buffer overflow resulting in a crash or remote code execution/privilege escalation. This vulnerability affects systems th…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-5209
|
2024-11-21 14:33 |
2020-01-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200450
|
7.5 |
HIGH
Network
|
jetbrains
|
ktor
|
In Ktor before 1.3.0, request smuggling is possible when running behind a proxy that doesn't handle Content-Length and Transfer-Encoding properly or doesn't handle \n as a headers separator.
|
CWE-444
HTTP Request Smuggling
|
CVE-2020-5207
|
2024-11-21 14:33 |
2020-01-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
