|
208481
|
7.1 |
HIGH
Network
|
tibco
|
ebx_add-ons
|
The TIBCO EBX Add-on for Oracle Hyperion EPM, TIBCO EBX Data Exchange Add-on, and TIBCO EBX Insight Add-on components of TIBCO Software Inc.'s TIBCO EBX Add-ons contain a vulnerability that theoretic…
|
CWE-611
XXE
|
CVE-2020-27148
|
2024-11-21 14:20 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208482
|
6.1 |
MEDIUM
Network
|
vanderbilt
|
redcap
|
REDCap 10.3.4 contains a XSS vulnerability in the ToDoList function with parameter sort. The information submitted by the user is immediately returned in the response and not escaped leading to the r…
|
CWE-79
Cross-site Scripting
|
CVE-2020-26713
|
2024-11-21 14:20 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208483
|
9.8 |
CRITICAL
Network
|
vanderbilt
|
redcap
|
REDCap 10.3.4 contains a SQL injection vulnerability in the ToDoList function via sort parameter. The application uses the addition of a string of information from the submitted user that is not vali…
|
CWE-89
SQL Injection
|
CVE-2020-26712
|
2024-11-21 14:20 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208484
|
7.8 |
HIGH
Local
|
google
|
android
|
In onAuthenticated of AuthenticationClient.java, there is a possible tapjacking attack when requesting the user's fingerprint due to an overlaid window. This could lead to local escalation of privile…
|
CWE-1021
Improper Restriction of Rendered UI Layers or Frames
|
CVE-2020-27059
|
2024-11-21 14:20 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208485
|
7.8 |
HIGH
Local
|
deltaww
|
cncsoft-b
|
Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27287
|
2024-11-21 14:20 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208486
|
7.8 |
HIGH
Local
|
deltaww
|
cncsoft_screeneditor
|
A stack-based buffer overflow may exist in Delta Electronics CNCSoft ScreenEditor versions 1.01.26 and prior when processing specially crafted project files, which may allow an attacker to execute ar…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27281
|
2024-11-21 14:20 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208487
|
7.8 |
HIGH
Local
|
deltaww
|
dopsoft
|
Delta Electronics DOPSoft Version 4.0.8.21 and prior has a null pointer dereference issue while processing project files, which may allow an attacker to execute arbitrary code.
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-27277
|
2024-11-21 14:20 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208488
|
7.8 |
HIGH
Local
|
deltaww
|
dopsoft
|
Delta Electronics DOPSoft Version 4.0.8.21 and prior is vulnerable to an out-of-bounds write while processing project files, which may allow an attacker to execute arbitrary code.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27275
|
2024-11-21 14:20 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208489
|
5.5 |
MEDIUM
Local
|
ethereum
|
aleth
|
A stack overflow vulnerability in Aleth Ethereum C++ client version <= 1.8.0 using a specially crafted a config.json file may result in a denial of service.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-26800
|
2024-11-21 14:20 |
2021-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208490
|
7.8 |
HIGH
Local
|
videolan
debian
|
vlc_media_player
debian_linux
|
A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-26664
|
2024-11-21 14:20 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
