|
210701
|
7.8 |
HIGH
Local
|
x.org
|
x_server
|
A flaw was found in the X.Org Server before version 1.20.10. An out-of-bounds access in the XkbSetMap function may lead to a privilege escalation vulnerability. The highest threat from this vulnerabi…
|
-
|
CVE-2020-14360
|
2024-11-21 14:03 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210702
|
5.4 |
MEDIUM
Network
|
libsdl
debian
fedoraproject
|
simple_directmedia_layer
debian_linux
fedora
|
SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP file.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-14410
|
2024-11-21 14:03 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210703
|
7.8 |
HIGH
Local
|
libsdl
fedoraproject
debian
starwindsoftware
|
simple_directmedia_layer
fedora
debian_linux
starwind_virtual_san
|
SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c via a crafted .BMP file.
|
CWE-787
CWE-190
Out-of-bounds Write
Integer Overflow or Wraparound
|
CVE-2020-14409
|
2024-11-21 14:03 |
2021-01-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210704
|
2.7 |
LOW
Network
|
redhat
|
single_sign-on
|
The "Test Connection" available in v7.x of the Red Hat Single Sign On application console can permit an authorized user to cause SMTP connections to be attempted to arbitrary hosts and ports of the u…
|
-
|
CVE-2020-14341
|
2024-11-21 14:03 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210705
|
7.1 |
HIGH
Network
|
eclipse
|
che
|
A flaw was found in Eclipse Che in versions prior to 7.14.0 that impacts CodeReady Workspaces. When configured with cookies authentication, Theia IDE doesn't properly set the SameSite value, allowing…
|
-
|
CVE-2020-14368
|
2024-11-21 14:03 |
2020-12-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210706
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is abou…
|
CWE-416
Use After Free
|
CVE-2020-14381
|
2024-11-21 14:03 |
2020-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210707
|
7.8 |
HIGH
Local
|
linux
redhat
debian
|
linux_kernel
enterprise_linux
debian_linux
|
A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly esca…
|
-
|
CVE-2020-14351
|
2024-11-21 14:03 |
2020-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210708
|
8.8 |
HIGH
Local
|
redhat
|
enterprise_linux
libvirt
|
A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapp…
|
-
|
CVE-2020-14339
|
2024-11-21 14:03 |
2020-12-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210709
|
6.3 |
MEDIUM
Network
|
redhat
|
cloudforms
|
This release fixes a Cross Site Request Forgery vulnerability was found in Red Hat CloudForms which forces end users to execute unwanted actions on a web application in which the user is currently au…
|
CWE-352
Origin Validation Error
|
CVE-2020-14369
|
2024-11-21 14:03 |
2020-12-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210710
|
6.5 |
MEDIUM
Network
|
samba
redhat
|
samba
enterprise_linux
|
A flaw was found in samba's DNS server. An authenticated user could use this flaw to the RPC server to crash. This RPC server, which also serves protocols other than dnsserver, will be restarted afte…
|
NVD-CWE-Other
|
CVE-2020-14383
|
2024-11-21 14:03 |
2020-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
