|
208101
|
7.8 |
HIGH
Local
|
softmaker
|
planmaker_2021
|
A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, whic…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27248
|
2024-11-21 14:20 |
2021-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208102
|
7.8 |
HIGH
Local
|
softmaker
|
planmaker_2021
|
A specially crafted document can cause the document parser to copy data from a particular record type into a static-sized buffer within an object that is smaller than the size used for the copy, whic…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27247
|
2024-11-21 14:20 |
2021-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208103
|
7.5 |
HIGH
Network
|
eclipse
|
californium
|
In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because the DTLS server side sticks to a wrong internal state. That wrong inter…
|
NVD-CWE-Other
|
CVE-2020-27222
|
2024-11-21 14:20 |
2021-02-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208104
|
9.8 |
CRITICAL
Network
|
monal
|
monal
|
Monal before 4.9 does not implement proper sender verification on MAM and Message Carbon (XEP-0280) results. This allows a remote attacker (able to send stanzas to a victim) to inject arbitrary messa…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2020-26547
|
2024-11-21 14:20 |
2021-02-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208105
|
7.5 |
HIGH
Network
|
honeywell
|
opc_ua_tunneller
|
Some parsing functions in the affected product do not check the return value of malloc and the thread handling the message is forced to close, which may lead to a denial-of-service condition on the O…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2020-27274
|
2024-11-21 14:20 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208106
|
7.8 |
HIGH
Local
|
deltaww
|
tpeditor
|
TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write instances in the way it processes project files, allowing an attacker to craft a special project file that may permit arbitrary cod…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27284
|
2024-11-21 14:20 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208107
|
7.8 |
HIGH
Local
|
deltaww
|
ispsoft
|
A use after free issue has been identified in the way ISPSoft(v3.12 and prior) processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution.
|
CWE-416
Use After Free
|
CVE-2020-27280
|
2024-11-21 14:20 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208108
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible way to access contacts due to a permissions bypass. This could lead to local information disclosure with no additional …
|
NVD-CWE-noinfo
|
CVE-2020-27098
|
2024-11-21 14:20 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208109
|
5.5 |
MEDIUM
Local
|
google
|
android
|
In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. Use…
|
NVD-CWE-noinfo
|
CVE-2020-27097
|
2024-11-21 14:20 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208110
|
5.5 |
MEDIUM
Local
|
eset
|
security
mail_security
file_security
endpoint_security
endpoint_antivirus
smart_security
internet_security
nod32_antivirus
|
A local (authenticated) low-privileged user can exploit a behavior in an ESET installer to achieve arbitrary file overwrite (deletion) of any file via a symlink, due to insecure permissions. The poss…
|
CWE-276
Incorrect Default Permissions
|
CVE-2020-26941
|
2024-11-21 14:20 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
