|
209851
|
7.5 |
HIGH
Network
|
dlink
|
dir-816l_firmware
|
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. There exists an exposed administration function in getcfg.php, which can be used to call various services. It can be utili…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-15894
|
2024-11-21 14:06 |
2020-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209852
|
7.5 |
HIGH
Network
|
dlink
|
dap-1522_firmware
|
An authentication-bypass issue was discovered on D-Link DAP-1522 devices 1.4x before 1.10b04Beta02. There exist a few pages that are directly accessible by any unauthorized user, e.g., logout.php and…
|
CWE-287
Improper Authentication
|
CVE-2020-15896
|
2024-11-21 14:06 |
2020-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209853
|
9.8 |
CRITICAL
Network
|
dlink
|
dir-816l_firmware
|
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play (UPnP) is enabled by default on port 1900. An attacker can perform command injection by injecting …
|
CWE-78
OS Command
|
CVE-2020-15893
|
2024-11-21 14:06 |
2020-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209854
|
9.8 |
CRITICAL
Network
|
dlink
|
dap-1520_firmware
|
An issue was discovered in apply.cgi on D-Link DAP-1520 devices before 1.10b04Beta02. Whenever a user performs a login action from the web interface, the request values are being forwarded to the ssi…
|
CWE-787
CWE-669
Out-of-bounds Write
Incorrect Resource Transfer Between Spheres
|
CVE-2020-15892
|
2024-11-21 14:06 |
2020-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209855
|
7.5 |
HIGH
Network
|
codesys
|
control_rte
control_for_beaglebone
control_for_empc-a\/imx6
control_for_iot2000
control_for_linux
control_for_plcnext
control_for_pfc100
control_for_pfc200
control_for_raspber…
|
CODESYS Control runtime system before 3.5.16.10 allows Uncontrolled Memory Allocation.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-15806
|
2024-11-21 14:06 |
2020-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209856
|
7.5 |
HIGH
Network
|
luajit
debian
canonical
|
luajit
debian_linux
ubuntu_linux
|
LuaJit through 2.1.0-beta3 has an out-of-bounds read because __gc handler frame traversal is mishandled.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-15890
|
2024-11-21 14:06 |
2020-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209857
|
9.8 |
CRITICAL
Network
|
lua
|
lua
|
Lua 5.4.0 has a getobjname heap-based buffer over-read because youngcollection in lgc.c uses markold for an insufficient number of list members.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-15889
|
2024-11-21 14:06 |
2020-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209858
|
8.8 |
HIGH
Network
|
lua
|
lua
|
Lua through 5.4.0 mishandles the interaction between stack resizes and garbage collection, leading to a heap-based buffer overflow, heap-based buffer over-read, or use-after-free.
|
CWE-125
CWE-787
CWE-416
Out-of-bounds Read
Out-of-bounds Write
Use After Free
|
CVE-2020-15888
|
2024-11-21 14:06 |
2020-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209859
|
7.8 |
HIGH
Local
|
360totalsecurity
|
360_total_security
|
In the version 12.1.0.1005 and below of 360 Total Security, when the Gamefolde calls GameChrome.exe, there exists a local privilege escalation vulnerability. An attacker who could exploit DLL hijacki…
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-15724
|
2024-11-21 14:06 |
2020-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209860
|
7.8 |
HIGH
Local
|
360totalsecurity
|
360_total_security
|
In the version 12.1.0.1004 and below of 360 Total Security, when the main process of 360 Total Security calls GameChrome.exe, there exists a local privilege escalation vulnerability. An attacker who …
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2020-15723
|
2024-11-21 14:06 |
2020-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
