|
208211
|
7.5 |
HIGH
Network
|
is.js_project
|
is.js
|
is.js is a general-purpose check library. Versions 0.9.0 and prior contain one or more regular expressions that are vulnerable to Regular Expression Denial of Service (ReDoS). is.js uses a regex copy…
|
CWE-1333
Inefficient Regular Expression Complexity
|
CVE-2020-26302
|
2024-11-21 14:19 |
2022-12-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208212
|
7.5 |
HIGH
Network
|
dell
oracle
|
bsafe_micro-edition-suite
http_server
security_service
database
weblogic_server_proxy_plug-in
|
Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain a Buffer Over-Read Vulnerability.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-26185
|
2024-11-21 14:19 |
2022-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208213
|
7.5 |
HIGH
Network
|
dell
oracle
|
bsafe_micro-edition-suite
http_server
security_service
weblogic_server_proxy_plug-in
|
Dell BSAFE Micro Edition Suite, versions prior to 4.5.1, contain an Improper Certificate Validation vulnerability.
|
CWE-295
Improper Certificate Validation
|
CVE-2020-26184
|
2024-11-21 14:19 |
2022-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208214
|
7.8 |
HIGH
Local
|
shopxo
|
shopxo
|
The PluginsUpload function in application/service/PluginsAdminService.php of ShopXO v1.9.0 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via uploadi…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-26008
|
2024-11-21 14:19 |
2022-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208215
|
7.8 |
HIGH
Local
|
shopxo
|
shopxo
|
An arbitrary file upload vulnerability in the upload payment plugin of ShopXO v1.9.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-26007
|
2024-11-21 14:19 |
2022-03-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208216
|
6.1 |
MEDIUM
Local
|
jhead_project
|
jhead
|
JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhea…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-26208
|
2024-11-21 14:19 |
2022-02-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208217
|
10.0 |
CRITICAL
Network
|
ssh2_project
|
ssh2
|
ssh2 is client and server modules written in pure JavaScript for node.js. In ssh2 before version 1.4.0 there is a command injection vulnerability. The issue only exists on Windows. This issue may lea…
|
-
|
CVE-2020-26301
|
2024-11-21 14:19 |
2021-09-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208218
|
9.8 |
CRITICAL
Network
|
systeminformation
|
systeminformation
|
systeminformation is an npm package that provides system and OS information library for node.js. In systeminformation before version 4.26.2 there is a command injection vulnerability. Problem was fix…
|
CWE-78
OS Command
|
CVE-2020-26300
|
2024-11-21 14:19 |
2021-09-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208219
|
7.5 |
HIGH
Network
|
hcc-embedded
|
nichestack_tcp\/ip
|
The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Out-of-bounds Read. The impact is: a denial of service (remote). The component is: DNS response processing in function: dns_upcal…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-25927
|
2024-11-21 14:19 |
2021-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208220
|
7.5 |
HIGH
Network
|
hcc-embedded
|
nichestack_tcp\/ip
|
The DNS client in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Insufficient entropy in the DNS transaction id. The impact is: DNS cache poisoning (remote). The component is: dns_query_type(). T…
|
CWE-331
Insufficient Entropy
|
CVE-2020-25926
|
2024-11-21 14:19 |
2021-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
