|
208191
|
7.7 |
HIGH
Network
|
xstream_project
debian
fedoraproject
|
xstream
debian_linux
fedora
|
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side Forgery Request vulnerability can be activated when unmarshalling. The vulnerabil…
|
-
|
CVE-2020-26258
|
2024-11-21 14:19 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208192
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
debian
oracle
|
wireshark
fedora
debian_linux
zfs_storage_appliance_kit
|
Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-26421
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208193
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
oracle
|
wireshark
fedora
zfs_storage_appliance_kit
|
Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-26420
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208194
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
oracle
|
wireshark
fedora
zfs_storage_appliance_kit
|
Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-26419
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208195
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
debian
oracle
|
wireshark
fedora
debian_linux
zfs_storage_appliance_kit
|
Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-26418
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208196
|
5.3 |
MEDIUM
Network
|
ethereum
|
go_ethereum
|
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where…
|
CWE-682
Incorrect Calculation
|
CVE-2020-26265
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208197
|
6.5 |
MEDIUM
Network
|
ethereum
|
go_ethereum
|
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.25 a denial-of-service vulnerability can make a LES server crash via malicious GetPr…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-26264
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208198
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A potential DOS vulnerability was discovered in all versions of Gitlab starting from 13.4.x (>=13.4 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2). Using a specific query name for a project se…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2020-26411
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208199
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership. This affects versions >=13.6 to <13.6.2, >=13.5 to <13.5.5, and >=13.1 to <13.4.7.
|
CWE-200
Information Exposure
|
CVE-2020-26417
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208200
|
4.4 |
MEDIUM
Local
|
gitlab
|
gitlab
|
Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs. This affects versions >=8.4 to <13.4.7, >=13.5 to <13.5.5, and >…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-26416
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
