|
197071
|
5.5 |
MEDIUM
Local
|
avast
|
antivirus_for_linux
antivirus_pro_plus
antivirus_pro
|
The Avast AV parsing engine allows virus-detection bypass via a crafted ZIP archive. This affects versions before 12 definitions 200114-0 of Antivirus Pro, Antivirus Pro Plus, and Antivirus for Linux.
|
CWE-436
Interpretation Conflict
|
CVE-2020-9399
|
2024-11-21 14:40 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197072
|
9.1 |
CRITICAL
Network
|
lua-openssl_project
|
lua-openssl
|
openssl_x509_check_ip_asc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.
|
CWE-295
Improper Certificate Validation
|
CVE-2020-9434
|
2024-11-21 14:40 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197073
|
9.1 |
CRITICAL
Network
|
lua-openssl_project
|
lua-openssl
|
openssl_x509_check_email in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.
|
CWE-295
Improper Certificate Validation
|
CVE-2020-9433
|
2024-11-21 14:40 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197074
|
9.1 |
CRITICAL
Network
|
lua-openssl_project
|
lua-openssl
|
openssl_x509_check_host in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.
|
CWE-295
Improper Certificate Validation
|
CVE-2020-9432
|
2024-11-21 14:40 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197075
|
7.5 |
HIGH
Network
|
wireshark
opensuse
fedoraproject
debian
|
wireshark
leap
fedora
debian_linux
|
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operation…
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-9431
|
2024-11-21 14:40 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197076
|
7.5 |
HIGH
Network
|
wireshark
fedoraproject
opensuse
debian
|
wireshark
fedora
leap
debian_linux
|
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the WiMax DLMAP dissector could crash. This was addressed in plugins/epan/wimax/msg_dlmap.c by validating a length field.
|
CWE-20
Improper Input Validation
|
CVE-2020-9430
|
2024-11-21 14:40 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197077
|
7.5 |
HIGH
Network
|
wireshark
opensuse
|
wireshark
leap
|
In Wireshark 3.2.0 to 3.2.1, the WireGuard dissector could crash. This was addressed in epan/dissectors/packet-wireguard.c by handling the situation where a certain data structure intentionally has a…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-9429
|
2024-11-21 14:40 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197078
|
7.5 |
HIGH
Network
|
wireshark
debian
fedoraproject
opensuse
|
wireshark
debian_linux
fedora
leap
|
In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the EAP dissector could crash. This was addressed in epan/dissectors/packet-eap.c by using more careful sscanf parsing.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-9428
|
2024-11-21 14:40 |
2020-02-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197079
|
7.5 |
HIGH
Network
|
pureftpd
debian
fedoraproject
canonical
|
pure-ftpd
debian_linux
fedora
extra_packages_for_enterprise_linux
ubuntu_linux
|
An issue was discovered in Pure-FTPd 1.0.49. An uninitialized pointer vulnerability has been detected in the diraliases linked list. When the *lookup_alias(const char alias) or print_aliases(void) fu…
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2020-9274
|
2024-11-21 14:40 |
2020-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197080
|
6.5 |
MEDIUM
Network
|
golfbuddyglobal
|
course_manager
|
In GolfBuddy Course Manager 1.1, passwords are sent (with base64 encoding) via a GET request.
|
CWE-200
CWE-326
Information Exposure
Inadequate Encryption Strength
|
CVE-2020-9337
|
2024-11-21 14:40 |
2020-02-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
