|
214121
|
6.1 |
MEDIUM
Network
|
oauth2_proxy_project
|
oauth2_proxy
|
In OAuth2 Proxy before 5.1.1, there is an open redirect vulnerability. Users can provide a redirect address for the proxy to send the authenticated user to at the end of the authentication flow. This…
|
CWE-601
Open Redirect
|
CVE-2020-11053
|
2024-11-21 13:56 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214122
|
9.8 |
CRITICAL
Network
|
sorcery_project
|
sorcery
|
In Sorcery before 0.15.0, there is a brute force vulnerability when using password authentication via Sorcery. The brute force protection submodule will prevent a brute force attack for the defined l…
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2020-11052
|
2024-11-21 13:56 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214123
|
2.2 |
LOW
Network
|
freerdp
canonical
debian
|
freerdp
ubuntu_linux
debian_linux
|
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bound read of client memory that is then passed on to the protocol parser. This has been patched in 2.0.0.
|
-
|
CVE-2020-11049
|
2024-11-21 13:56 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214124
|
2.2 |
LOW
Network
|
freerdp
canonical
debian
|
freerdp
ubuntu_linux
debian_linux
|
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bounds read. It only allows to abort a session. No data extraction is possible. This has been fixed in 2.0.0.
|
-
|
CVE-2020-11048
|
2024-11-21 13:56 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214125
|
5.9 |
MEDIUM
Network
|
freerdp
canonical
debian
|
freerdp
ubuntu_linux
debian_linux
|
In FreeRDP after 1.1 and before 2.0.0, there is an out-of-bounds read in autodetect_recv_bandwidth_measure_results. A malicious server can extract up to 8 bytes of client memory with a manipulated me…
|
-
|
CVE-2020-11047
|
2024-11-21 13:56 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214126
|
2.2 |
LOW
Network
|
freerdp
canonical
debian
|
freerdp
ubuntu_linux
debian_linux
|
In FreeRDP after 1.0 and before 2.0.0, there is a stream out-of-bounds seek in update_read_synchronize that could lead to a later out-of-bounds read.
|
-
|
CVE-2020-11046
|
2024-11-21 13:56 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214127
|
3.3 |
LOW
Network
|
freerdp
debian
canonical
|
freerdp
debian_linux
ubuntu_linux
|
In FreeRDP after 1.0 and before 2.0.0, there is an out-of-bound read in in update_read_bitmap_data that allows client memory to be read to an image buffer. The result displayed on screen as colour.
|
-
|
CVE-2020-11045
|
2024-11-21 13:56 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214128
|
2.2 |
LOW
Network
|
freerdp
canonical
debian
|
freerdp
ubuntu_linux
debian_linux
|
In FreeRDP greater than 1.2 and before 2.0.0, a double free in update_read_cache_bitmap_v3_order crashes the client application if corrupted data from a manipulated server is parsed. This has been pa…
|
-
|
CVE-2020-11044
|
2024-11-21 13:56 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214129
|
5.9 |
MEDIUM
Network
|
freerdp
debian
canonical
|
freerdp
debian_linux
ubuntu_linux
|
In FreeRDP greater than 1.1 and before 2.0.0, there is an out-of-bounds read in update_read_icon_info. It allows reading a attacker-defined amount of client memory (32bit unsigned -> 4GB) to an inter…
|
-
|
CVE-2020-11042
|
2024-11-21 13:56 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214130
|
7.5 |
HIGH
Network
|
wavlink
|
wl-wn575a3_firmware
wl-wn579g3_firmware
wn531a6_firmware
wn535g3_firmware
wn530h4_firmware
wn57x93_firmware
wn572hg3_firmware
wn575a4_firmware
wn578a2_firmware
wn579g3_firm…
|
An issue was discovered affecting a backup feature where a crafted POST request returns the current configuration of the device in cleartext, including the administrator password. No authentication i…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-10974
|
2024-11-21 13:56 |
2020-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
