|
208361
|
6.5 |
MEDIUM
Network
|
ffmpeg
debian
|
ffmpeg
debian_linux
|
Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which could let a remote malicious user cause a Denial of Service.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-22019
|
2024-11-21 14:13 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208362
|
8.8 |
HIGH
Network
|
ffmpeg
debian
|
ffmpeg
debian_linux
|
Buffer Overflow vulnerability in FFmpeg 4.2 in mov_write_video_tag due to the out of bounds in libavformat/movenc.c, which could let a remote malicious user obtain sensitive information, cause a Deni…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-22015
|
2024-11-21 14:13 |
2021-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208363
|
7.5 |
HIGH
Network
|
kyocera
|
d-copia253mf_plus_firmware
|
A directory traversal vulnerability exists in Kyocera Printer d-COPIA253MF plus. Successful exploitation of this vulnerability could allow an attacker to retrieve or view arbitrary files from the aff…
|
CWE-22
Path Traversal
|
CVE-2020-23575
|
2024-11-21 14:13 |
2021-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208364
|
6.1 |
MEDIUM
Network
|
5none
|
nonecms
|
NoneCMS v1.3 has a CSRF vulnerability in public/index.php/admin/nav/add.html, as demonstrated by adding a navigation column which can be injected with arbitrary web script or HTML via the name parame…
|
CWE-352
Origin Validation Error
|
CVE-2020-23376
|
2024-11-21 14:13 |
2021-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208365
|
5.4 |
MEDIUM
Network
|
5none
|
nonecms
|
Cross-site scripting (XSS) vulnerability in admin/article/add.html in noneCMS v1.3.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the name parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2020-23374
|
2024-11-21 14:13 |
2021-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208366
|
5.4 |
MEDIUM
Network
|
5none
|
nonecms
|
Cross-site scripting (XSS) vulnerability in admin/nav/add.html in noneCMS v1.3.0 allows remote authenticated attackers to inject arbitrary web script or HTML via the name parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2020-23373
|
2024-11-21 14:13 |
2021-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208367
|
6.1 |
MEDIUM
Network
|
5none
|
nonecms
|
Cross-site scripting (XSS) vulnerability in static/admin/js/kindeditor/plugins/multiimage/images/swfupload.swf in noneCms v1.3.0 allows remote attackers to inject arbitrary web script or HTML via the…
|
CWE-79
Cross-site Scripting
|
CVE-2020-23371
|
2024-11-21 14:13 |
2021-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208368
|
5.4 |
MEDIUM
Network
|
yzmcms
|
yzmcms
|
In YzmCMS 5.6, stored XSS exists via the common/static/plugin/ueditor/1.4.3.3/php/controller.php action parameter, which allows remote attackers to upload a swf file. The swf file can be injected wit…
|
CWE-79
Cross-site Scripting
|
CVE-2020-23370
|
2024-11-21 14:13 |
2021-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208369
|
6.1 |
MEDIUM
Network
|
yzmcms
|
yzmcms
|
In YzmCMS 5.6, XSS was discovered in member/member_content/init.html via the SRC attribute of an IFRAME element because of using UEditor 1.4.3.3.
|
CWE-79
Cross-site Scripting
|
CVE-2020-23369
|
2024-11-21 14:13 |
2021-05-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208370
|
7.8 |
HIGH
Local
|
windscribe
|
windscribe
|
In Windscribe v1.83 Build 20, 'WindscribeService' has an Unquoted Service Path that facilitates privilege escalation.
|
CWE-428
Unquoted Search Path or Element
|
CVE-2020-22809
|
2024-11-21 14:13 |
2021-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
