|
208061
|
6.1 |
MEDIUM
Network
|
mozilla
|
firefox
firefox_esr
thunderbird
|
A parsing and event loading mismatch in Firefox's SVG code could have allowed load events to fire, even after sanitization. An attacker already capable of exploiting an XSS vulnerability in privilege…
|
CWE-79
Cross-site Scripting
|
CVE-2020-26951
|
2024-11-21 14:20 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208062
|
8.8 |
HIGH
Network
|
mozilla
|
firefox_esr
thunderbird
firefox
|
In certain circumstances, the MCallGetProperty opcode can be emitted with unmet assumptions resulting in an exploitable use-after-free condition. This vulnerability affects Firefox < 82.0.3, Firefox …
|
CWE-416
Use After Free
|
CVE-2020-26950
|
2024-11-21 14:20 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208063
|
8.8 |
HIGH
Network
|
katacontainers
|
kata_containers
|
An issue was discovered in Kata Containers through 1.11.3 and 2.x through 2.0-rc1. The runtime will execute binaries given using annotations without any kind of validation. Someone who is granted acc…
|
NVD-CWE-noinfo
|
CVE-2020-27151
|
2024-11-21 14:20 |
2020-12-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208064
|
9.8 |
CRITICAL
Network
|
edimax
|
ic-3116w_firmware
ic-3140w_firmware
|
A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and IC-3140W (v3.07), which allows an unauthenticated, unauthorized attacker to perform remote-code-execution due to a crafte…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-26762
|
2024-11-21 14:20 |
2020-12-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208065
|
4.8 |
MEDIUM
Network
|
eclipse
netapp
oracle
apache
debian
|
jetty
snap_creator_framework
oncommand_system_manager
flexcube_private_banking
communications_offline_mediation_controller
communications_services_gatekeeper
communications_pricing_…
|
In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients…
|
NVD-CWE-noinfo
|
CVE-2020-27218
|
2024-11-21 14:20 |
2020-11-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208066
|
8.8 |
HIGH
Network
|
cloudera
|
data_engineering
|
Cloudera Data Engineering (CDE) before 1.1 was vulnerable to a CSRF attack.
|
CWE-352
Origin Validation Error
|
CVE-2020-26936
|
2024-11-21 14:20 |
2020-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208067
|
7.5 |
HIGH
Network
|
zetetic
|
sqlcipher
|
Zetetic SQLCipher 4.x before 4.4.1 has a use-after-free, related to sqlcipher_codec_pragma and sqlite3Strlen30 in sqlite3.c. A remote denial of service attack can be performed. For example, a SQL inj…
|
CWE-416
Use After Free
|
CVE-2020-27207
|
2024-11-21 14:20 |
2020-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208068
|
7.5 |
HIGH
Network
|
rockwellautomation
|
factorytalk_linx
|
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious set attribute requests, which …
|
-
|
CVE-2020-27255
|
2024-11-21 14:20 |
2020-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208069
|
7.5 |
HIGH
Network
|
rockwellautomation
|
factorytalk_linx
|
A flaw exists in the Ingress/Egress checks routine of FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to specifically craft a malicious pack…
|
-
|
CVE-2020-27253
|
2024-11-21 14:20 |
2020-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208070
|
9.8 |
CRITICAL
Network
|
rockwellautomation
|
factorytalk_linx
|
A heap overflow vulnerability exists within FactoryTalk Linx Version 6.11 and prior. This vulnerability could allow a remote, unauthenticated attacker to send malicious port ranges, which could resul…
|
-
|
CVE-2020-27251
|
2024-11-21 14:20 |
2020-11-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
