|
209561
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Insufficient data validation in WASM in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-20
CWE-787
CWE-843
Improper Input Validation
Out-of-bounds Write
Type Confusion
|
CVE-2020-16015
|
2024-11-21 14:06 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209562
|
9.6 |
CRITICAL
Network
|
google
|
chrome
|
Use after free in PPAPI in Google Chrome prior to 87.0.4280.66 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
|
CWE-416
Use After Free
|
CVE-2020-16014
|
2024-11-21 14:06 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209563
|
8.8 |
HIGH
Network
|
google
|
chrome
|
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-16013
|
2024-11-21 14:06 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209564
|
4.3 |
MEDIUM
Network
|
mozilla
google
|
firefox
chrome
|
Side-channel information leakage in graphics in Google Chrome prior to 87.0.4280.66 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
|
NVD-CWE-noinfo
|
CVE-2020-16012
|
2024-11-21 14:06 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209565
|
5.3 |
MEDIUM
Network
|
arista
|
eos
|
In Arista EOS malformed packets can be incorrectly forwarded across VLAN boundaries in one direction. This vulnerability is only susceptible to exploitation by unidirectional traffic (ex. UDP) and no…
|
NVD-CWE-noinfo
|
CVE-2020-15898
|
2024-11-21 14:06 |
2020-12-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209566
|
7.5 |
HIGH
Network
|
siemens
|
simatic_et_200sp_open_controller_firmware
simatic_s7-1500_software_controller_firmware
|
A vulnerability has been identified in SIMATIC ET 200SP Open Controller (incl. SIPLUS variants) (V20.8), SIMATIC S7-1500 Software Controller (V20.8). The web server of the affected products contains …
|
-
|
CVE-2020-15796
|
2024-11-21 14:06 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209567
|
8.8 |
HIGH
Network
|
gallagher
|
command_centre
|
Type confusion in Gallagher Command Centre Server allows a remote attacker to crash the server or possibly cause remote code execution. This issue affects: Gallagher Command Centre 8.30 versions prio…
|
CWE-843
Type Confusion
|
CVE-2020-16103
|
2024-11-21 14:06 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209568
|
8.2 |
HIGH
Network
|
gallagher
|
command_centre
|
Improper Authentication vulnerability in Gallagher Command Centre Server allows an unauthenticated remote attacker to create items with invalid configuration, potentially causing the server to crash …
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-16102
|
2024-11-21 14:06 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209569
|
7.2 |
HIGH
Network
|
gallagher
|
command_centre
|
SQL Injection vulnerability in Enterprise Data Interface of Gallagher Command Centre allows a remote attacker with 'Edit Enterprise Data Interfaces' privilege to execute arbitrary SQL against a third…
|
CWE-89
SQL Injection
|
CVE-2020-16104
|
2024-11-21 14:06 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209570
|
6.5 |
MEDIUM
Network
|
bitdefender
|
antivirus_plus
|
An Origin Validation Error vulnerability in the SafePay component of Bitdefender Antivirus Plus allows a web resource to misrepresent itself in the URL bar. This issue affects: Bitdefender Antivirus …
|
CWE-346
Origin Validation Error
|
CVE-2020-15733
|
2024-11-21 14:06 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
