|
209181
|
5.5 |
MEDIUM
Local
|
imagemagick
|
imagemagick
|
TIFFGetProfiles() in /coders/tiff.c calls strstr() which causes a large out-of-bounds read when it searches for `"dc:format=\"image/dng\"` within `profile` due to improper string handling, when a cra…
|
-
|
CVE-2020-25667
|
2024-11-21 14:18 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209182
|
3.3 |
LOW
Local
|
imagemagick
debian
|
imagemagick
debian_linux
|
There are 4 places in HistogramCompare() in MagickCore/histogram.c where an integer overflow is possible during simple math calculations. This occurs in the rgb values and `count` value for a color. …
|
-
|
CVE-2020-25666
|
2024-11-21 14:18 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209183
|
5.5 |
MEDIUM
Local
|
imagemagick
debian
|
imagemagick
debian_linux
|
The PALM image coder at coders/palm.c makes an improper call to AcquireQuantumMemory() in routine WritePALMImage() because it needs to be offset by 256. This can cause a out-of-bounds read later on i…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-25665
|
2024-11-21 14:18 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209184
|
6.1 |
MEDIUM
Local
|
imagemagick
fedoraproject
|
imagemagick
fedora
|
In WriteOnePNGImage() of the PNG coder at coders/png.c, an improper call to AcquireVirtualMemory() and memset() allows for an out-of-bounds write later when PopShortPixel() from MagickCore/quantum-pr…
|
-
|
CVE-2020-25664
|
2024-11-21 14:18 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209185
|
5.5 |
MEDIUM
Local
|
imagemagick
|
imagemagick
|
A call to ConformPixelInfo() in the SetImageAlphaChannel() routine of /MagickCore/channel.c caused a subsequent heap-use-after-free or heap-buffer-overflow READ when GetPixelRed() or GetPixelBlue() w…
|
-
|
CVE-2020-25663
|
2024-11-21 14:18 |
2020-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209186
|
9.8 |
CRITICAL
Network
|
online_bus_booking_system_project
|
online_bus_booking_system
|
Online Bus Booking System Project Using PHP/MySQL version 1.0 has SQL injection via the login page. By placing SQL injection payload on the login page attackers can bypass the authentication and can …
|
CWE-89
SQL Injection
|
CVE-2020-25889
|
2024-11-21 14:18 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209187
|
7.5 |
HIGH
Network
|
openldap
redhat
netapp
|
openldap
enterprise_linux
cloud_backup
solidfire_baseboard_management_controller_firmware
|
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sen…
|
-
|
CVE-2020-25692
|
2024-11-21 14:18 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209188
|
5.5 |
MEDIUM
Local
|
ceph
redhat
|
ceph-ansible
ceph_storage
|
A flaw was found in Ceph-ansible v4.0.41 where it creates an /etc/ceph/iscsi-gateway.conf with insecure default permissions. This flaw allows any user on the system to read sensitive information with…
|
-
|
CVE-2020-25677
|
2024-11-21 14:18 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209189
|
6.1 |
MEDIUM
Network
|
moodle
|
moodle
|
A vulnerability was found in Moodle 3.9 to 3.9.1, 3.8 to 3.8.4 and 3.7 to 3.7.7 where it was possible to include JavaScript in a book's chapter title, which was not escaped on the "Add new chapter" p…
|
-
|
CVE-2020-25631
|
2024-11-21 14:18 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209190
|
7.5 |
HIGH
Network
|
moodle
|
moodle
|
A vulnerability was found in Moodle where the decompressed size of zip files was not checked against available user quota before unzipping them, which could lead to a denial of service risk. This aff…
|
-
|
CVE-2020-25630
|
2024-11-21 14:18 |
2020-12-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
