|
210191
|
7.5 |
HIGH
Network
|
torproject
|
tor
|
Tor before 0.4.3.6 has an out-of-bounds memory access that allows a remote denial-of-service (crash) attack against Tor instances built to use Mozilla Network Security Services (NSS), aka TROVE-2020-…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-15572
|
2024-11-21 14:05 |
2020-07-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210192
|
9.8 |
CRITICAL
Network
|
sophos
|
xg_firewall_firmware
|
A SQL injection vulnerability in the user and admin web interfaces of Sophos XG Firewall v18.0 MR1 and older potentially allows an attacker to run arbitrary code remotely. The fix is built into the r…
|
CWE-89
SQL Injection
|
CVE-2020-15504
|
2024-11-21 14:05 |
2020-07-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210193
|
6.1 |
MEDIUM
Network
|
king-theme
|
kingcomposer
|
A reflected Cross-Site Scripting (XSS) Vulnerability in the KingComposer plugin through 2.9.4 for WordPress allows remote attackers to trick a victim into submitting an install_online_preset AJAX req…
|
CWE-79
Cross-site Scripting
|
CVE-2020-15299
|
2024-11-21 14:05 |
2020-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210194
|
5.9 |
MEDIUM
Network
|
red-gate
|
sql_monitor
|
In Redgate SQL Monitor 7.1.4 through 10.1.6 (inclusive), the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration > Notifica…
|
CWE-295
Improper Certificate Validation
|
CVE-2020-15526
|
2024-11-21 14:05 |
2020-07-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210195
|
6.5 |
MEDIUM
Network
|
cmsuno_project
|
cmsuno
|
An issue was discovered in CMSUno before 1.6.1. uno.php allows CSRF to change the admin password.
|
CWE-352
Origin Validation Error
|
CVE-2020-15600
|
2024-11-21 14:05 |
2020-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210196
|
6.1 |
MEDIUM
Network
|
victor_cms_project
|
victor_cms
|
Victor CMS through 2019-02-28 allows XSS via the register.php user_firstname or user_lastname field.
|
CWE-79
Cross-site Scripting
|
CVE-2020-15599
|
2024-11-21 14:05 |
2020-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210197
|
9.8 |
CRITICAL
Network
|
riot-os
|
riot
|
RIOT 2020.04 has a buffer overflow in the base64 decoder. The decoding function base64_decode() uses an output buffer estimation function to compute the required buffer capacity and validate against …
|
CWE-119
CWE-131
Incorrect Access of Indexable Resource ('Range Error')
Incorrect Calculation of Buffer Size
|
CVE-2020-15350
|
2024-11-21 14:05 |
2020-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210198
|
8.8 |
HIGH
Network
|
turn\!_project
|
turn\!
|
The turn extension through 0.3.2 for TYPO3 allows Remote Code Execution.
|
NVD-CWE-noinfo
|
CVE-2020-15515
|
2024-11-21 14:05 |
2020-07-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210199
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with Q(10.0) software. Attackers can trigger an out-of-bounds access and device reset via a 4K wallpaper image because ImageProcessHelper mishandles …
|
CWE-119
CWE-20
Incorrect Access of Indexable Resource ('Range Error')
Improper Input Validation
|
CVE-2020-15584
|
2024-11-21 14:05 |
2020-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210200
|
5.5 |
MEDIUM
Local
|
google
|
android
|
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) software. StickerProvider allows directory traversal for access to system files. The Samsung ID is SVE-2020-17665 (J…
|
CWE-22
Path Traversal
|
CVE-2020-15583
|
2024-11-21 14:05 |
2020-07-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
