|
210811
|
6.5 |
MEDIUM
Network
|
exempi_project
|
exempi
|
Buffer Overflow vulnerability in WEBP_Support.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-18652
|
2024-11-21 14:08 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210812
|
8.8 |
HIGH
Network
|
hdfgroup
|
hdf5
|
Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-18494
|
2024-11-21 14:08 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210813
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
Heap-buffer-overflow in /src/wasm/wasm-binary.cpp in wasm::WasmBinaryBuilder::visitBlock(wasm::Block*) in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-s…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-18382
|
2024-11-21 14:08 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210814
|
6.5 |
MEDIUM
Network
|
webassembly
|
binaryen
|
A NULL pointer dereference was discovered in SExpressionWasmBuilder::makeBlock in wasm/wasm-s-parser.c in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-s…
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-18378
|
2024-11-21 14:08 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210815
|
8.8 |
HIGH
Network
|
hdfgroup
|
hdf5
|
Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-18232
|
2024-11-21 14:08 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210816
|
9.8 |
CRITICAL
Network
|
sem-cms
|
semcms
|
File Upload vulnerability in SEMCMS PHP 3.7 allows remote attackers to upload arbitrary files and gain escalated privileges.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-18432
|
2024-11-21 14:08 |
2023-06-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210817
|
4.8 |
MEDIUM
Network
|
chaoji_cms_project
|
chaoji_cms
|
Stored cross site scripting (XSS) vulnerability in Chaoji CMS v2.18 that allows attackers to execute arbitrary code via /index.php?admin-master-webset.
|
CWE-79
Cross-site Scripting
|
CVE-2020-18414
|
2024-11-21 14:08 |
2023-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210818
|
6.8 |
MEDIUM
Network
|
catfishcms_project
|
catfishcms
|
Cross Site Request Forgery (CSRF) vulnerability was discovered in CatfishCMS 4.8.63 that would allow attackers to obtain administrator permissions via /index.php/admin/index/modifymanage.html.
|
CWE-352
Origin Validation Error
|
CVE-2020-18409
|
2024-11-21 14:08 |
2023-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210819
|
4.8 |
MEDIUM
Network
|
ecisp
|
espcms
|
An issue was discovered in espcms version P8.18101601. There is a cross site scripting (XSS) vulnerability that allows arbitrary code to be executed via the title parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2020-18404
|
2024-11-21 14:08 |
2023-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210820
|
6.8 |
MEDIUM
Network
|
jyuu
|
jymusic
|
An cross site request forgery (CSRF) vulnerability discovered in Jymusic v2.0.0.,that allows attackers to execute arbitrary code via /admin.php?s=/addons/config.html&id=6 to modify payment informatio…
|
CWE-352
Origin Validation Error
|
CVE-2020-18416
|
2024-11-21 14:08 |
2023-06-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
