|
213911
|
5.9 |
MEDIUM
Network
|
meetecho
|
janus
|
An issue was discovered in Janus through 0.9.1. plugins/janus_voicemail.c in the VoiceMail plugin has a race condition that could cause a server crash.
|
CWE-362
Race Condition
|
CVE-2020-10576
|
2024-11-21 13:55 |
2020-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213912
|
4.2 |
MEDIUM
Network
|
meetecho
|
janus
|
An issue was discovered in Janus through 0.9.1. plugins/janus_videocall.c in the VideoCall plugin mishandles session management because a race condition causes some references to be freed too early o…
|
CWE-362
Race Condition
|
CVE-2020-10575
|
2024-11-21 13:55 |
2020-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213913
|
9.8 |
CRITICAL
Network
|
meetecho
|
janus
|
An issue was discovered in Janus through 0.9.1. janus.c tries to use a string that doesn't actually exist during a "query_logger" Admin API request, because of a typo in the JSON validation.
|
CWE-706
Use of Incorrectly-Resolved Name or Reference
|
CVE-2020-10574
|
2024-11-21 13:55 |
2020-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213914
|
7.5 |
HIGH
Network
|
meetecho
|
janus
|
An issue was discovered in Janus through 0.9.1. janus_audiobridge.c has a double mutex unlock when listing private rooms in AudioBridge.
|
CWE-667
Improper Locking
|
CVE-2020-10573
|
2024-11-21 13:55 |
2020-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213915
|
9.8 |
CRITICAL
Network
|
psd-tools_project
|
psd-tools
|
An issue was discovered in psd-tools before 1.9.4. The Cython implementation of RLE decoding did not check for malicious data.
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2020-10571
|
2024-11-21 13:55 |
2020-03-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213916
|
8.8 |
HIGH
Network
|
onthegosystems
|
sitepress-multilingual-cms
|
The sitepress-multilingual-cms (WPML) plugin before 4.3.7-b.2 for WordPress has CSRF due to a loose comparison. This leads to remote code execution in includes/class-wp-installer.php via a series of …
|
CWE-352
Origin Validation Error
|
CVE-2020-10568
|
2024-11-21 13:55 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213917
|
9.8 |
CRITICAL
Network
|
tecrail
|
responsive_filemanager
|
An issue was discovered in Responsive Filemanager through 9.14.0. In the ajax_calls.php file in the save_img action in the name parameter, there is no validation of what kind of extension is sent. Th…
|
CWE-20
Improper Input Validation
|
CVE-2020-10567
|
2024-11-21 13:55 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213918
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, mishandles font loading by a guest through a grub2.cfg file, leading to a buffer overflow.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-10566
|
2024-11-21 13:55 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213919
|
7.8 |
HIGH
Local
|
freebsd
|
freebsd
|
grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, does not validate the address provided as part of a memrw command (read_* or write_*) by a guest through a grub2.cfg file. Thi…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2020-10565
|
2024-11-21 13:55 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213920
|
9.8 |
CRITICAL
Network
|
iptanus
|
wordpress_file_upload
|
An issue was discovered in the File Upload plugin before 4.13.0 for WordPress. A directory traversal can lead to remote code execution by uploading a crafted txt file into the lib directory, because …
|
CWE-22
Path Traversal
|
CVE-2020-10564
|
2024-11-21 13:55 |
2020-03-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
