|
213511
|
6.1 |
MEDIUM
Network
|
drupal
|
drupal
|
Cross-site Scripting (XSS) vulnerability in ckeditor of Drupal Core allows attacker to inject XSS. This issue affects: Drupal Core 8.8.x versions prior to 8.8.10.; 8.9.x versions prior to 8.9.6; 9.0.…
|
CWE-79
Cross-site Scripting
|
CVE-2020-13669
|
2024-11-21 14:01 |
2022-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213512
|
6.1 |
MEDIUM
Network
|
drupal
|
drupal
|
Access Bypass vulnerability in Drupal Core allows for an attacker to leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupal Core 8…
|
CWE-79
Cross-site Scripting
|
CVE-2020-13668
|
2024-11-21 14:01 |
2022-02-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213513
|
6.1 |
MEDIUM
Network
|
outsystems
|
lifetime_management_console
platform_server
outsystems
|
A stored XSS vulnerability was discovered in the ECT Provider in OutSystems before 2020-09-04, affecting generated applications. It could allow an unauthenticated remote attacker to craft and store m…
|
CWE-79
Cross-site Scripting
|
CVE-2020-13639
|
2024-11-21 14:01 |
2021-08-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213514
|
8.8 |
HIGH
Network
|
rukovoditel
|
rukovoditel
|
An exploitable SQL injection vulnerability exists in the ‘entities/fields’ page of the Rukovoditel Project Management App 2.7.2. The entities_id parameter in the 'entities/fields page (mulitple_edit …
|
CWE-89
SQL Injection
|
CVE-2020-13589
|
2024-11-21 14:01 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213515
|
8.8 |
HIGH
Network
|
rukovoditel
|
rukovoditel
|
An exploitable SQL injection vulnerability exists in the ‘entities/fields’ page of the Rukovoditel Project Management App 2.7.2. The heading_field_id parameter in ‘‘entities/fields’ page is vulnerabl…
|
CWE-89
SQL Injection
|
CVE-2020-13588
|
2024-11-21 14:01 |
2021-08-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213516
|
8.8 |
HIGH
Network
|
drupal
|
drupal
|
Cross Site Request Forgery vulnerability in Drupal Core Form API does not properly handle certain form input from cross-site requests, which can lead to other vulnerabilities.
|
CWE-352
Origin Validation Error
|
CVE-2020-13663
|
2024-11-21 14:01 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213517
|
6.1 |
MEDIUM
Network
|
drupal
|
drupal
|
Cross-site scripting vulnerability in l Drupal Core allows an attacker could leverage the way that HTML is rendered for affected forms in order to exploit the vulnerability. This issue affects: Drupa…
|
CWE-79
Cross-site Scripting
|
CVE-2020-13688
|
2024-11-21 14:01 |
2021-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213518
|
7.8 |
HIGH
Local
|
zephyrproject
|
zephyr
|
Integer Overflow in memory allocating functions. Zephyr versions >= 1.14.2, >= 2.4.0 contain Integer Overflow or Wraparound (CWE-190). For more information, see https://github.com/zephyrproject-rtos/…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-13603
|
2024-11-21 14:01 |
2021-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213519
|
5.5 |
MEDIUM
Local
|
zephyrproject
|
zephyr
|
Remote Denial of Service in LwM2M do_write_op_tlv. Zephyr versions >= 1.14.2, >= 2.2.0 contain Improper Input Validation (CWE-20), Loop with Unreachable Exit Condition ('Infinite Loop') (CWE-835). Fo…
|
CWE-20
CWE-835
Improper Input Validation
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-13602
|
2024-11-21 14:01 |
2021-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213520
|
9.8 |
CRITICAL
Network
|
zephyrproject
|
zephyr
|
Possible read out of bounds in dns read. Zephyr versions >= 1.14.2, >= 2.3.0 contain Out-of-bounds Read (CWE-125). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advi…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-13601
|
2024-11-21 14:01 |
2021-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
