|
211951
|
9.8 |
CRITICAL
Network
|
thecodingmachine
|
gotenberg
|
In Gotenberg through 6.2.1, insecure permissions for tini (writable by user gotenberg) potentially allow an attacker to overwrite the file, which can lead to denial of service or code execution.
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-13452
|
2024-11-21 14:01 |
2021-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211952
|
9.8 |
CRITICAL
Network
|
thecodingmachine
|
gotenberg
|
An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg through 6.2.1 allows an attacker to overwrite LibreOffice configuration files and execute arbitrary code via macros.
|
CWE-459
Incomplete Cleanup
|
CVE-2020-13451
|
2024-11-21 14:01 |
2021-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211953
|
9.8 |
CRITICAL
Network
|
thecodingmachine
|
gotenberg
|
A directory traversal vulnerability in file upload function of Gotenberg through 6.2.1 allows an attacker to upload and overwrite any writable files outside the intended folder. This can lead to DoS,…
|
CWE-22
Path Traversal
|
CVE-2020-13450
|
2024-11-21 14:01 |
2021-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211954
|
7.5 |
HIGH
Network
|
thecodingmachine
|
gotenberg
|
A directory traversal vulnerability in the Markdown engine of Gotenberg through 6.2.1 allows an attacker to read any container files.
|
CWE-22
Path Traversal
|
CVE-2020-13449
|
2024-11-21 14:01 |
2021-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211955
|
7.5 |
HIGH
Network
|
rockwellautomation
|
rslinx
|
A denial-of-service vulnerability exists in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic 2.57.00.14 CPR 9 SR 3. A specially crafted network request can lead to a denial …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2020-13573
|
2024-11-21 14:01 |
2021-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211956
|
7.8 |
HIGH
Local
|
softmaker
|
softmaker_office
|
An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the docu…
|
CWE-787
CWE-681
Out-of-bounds Write
Incorrect Conversion between Numeric Types
|
CVE-2020-13545
|
2024-11-21 14:01 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211957
|
7.8 |
HIGH
Local
|
softmaker
|
softmaker_office
|
An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021’s TextMaker application. A specially crafted document can cause the documen…
|
CWE-681
Incorrect Conversion between Numeric Types
|
CVE-2020-13544
|
2024-11-21 14:01 |
2021-01-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211958
|
8.8 |
HIGH
Local
|
win911
|
mobile-911_server
|
An exploitable local privilege elevation vulnerability exists in the file system permissions of the Mobile-911 Server V2.5 install directory. Depending on the vector chosen, an attacker can overwrite…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-13541
|
2024-11-21 14:01 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211959
|
7.8 |
HIGH
Local
|
win911
|
win-911
|
An exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install directory via WIN-911 Account Change Utility. Depending on the …
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-13540
|
2024-11-21 14:01 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211960
|
7.8 |
HIGH
Local
|
win911
|
win-911
|
An exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install directory via “WIN-911 Mobile Runtime” service. Depending on th…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-13539
|
2024-11-21 14:01 |
2021-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
