|
213351
|
7.8 |
HIGH
Local
|
advantech
|
webaccess\/hmi_designer
|
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a type confusion condition, which m…
|
CWE-843
Type Confusion
|
CVE-2020-16229
|
2024-11-21 14:06 |
2020-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213352
|
7.8 |
HIGH
Local
|
advantech
|
webaccess\/hmi_designer
|
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. A double free vulnerability caused by processing specially crafted project files may allow remote code execution, disclosure/modificatio…
|
CWE-415
Double Free
|
CVE-2020-16217
|
2024-11-21 14:06 |
2020-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213353
|
7.8 |
HIGH
Local
|
advantech
|
webaccess\/hmi_designer
|
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause a stack-based buffer overflow, whic…
|
CWE-20
Improper Input Validation
|
CVE-2020-16215
|
2024-11-21 14:06 |
2020-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213354
|
7.8 |
HIGH
Local
|
advantech
|
webaccess\/hmi_designer
|
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Processing specially crafted project files lacking proper validation of user supplied data may cause the system to write outside the int…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-16213
|
2024-11-21 14:06 |
2020-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213355
|
5.5 |
MEDIUM
Local
|
advantech
|
webaccess\/hmi_designer
|
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. An out-of-bounds read vulnerability may be exploited by processing specially crafted project files, which may allow an attacker to read …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-16211
|
2024-11-21 14:06 |
2020-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213356
|
7.8 |
HIGH
Local
|
advantech
|
webaccess\/hmi_designer
|
Advantech WebAccess HMI Designer, Versions 2.1.9.31 and prior. Multiple heap-based buffer overflow vulnerabilities may be exploited by opening specially crafted project files that may overflow the he…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-16207
|
2024-11-21 14:06 |
2020-08-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213357
|
6.1 |
MEDIUM
Network
|
limesurvey
|
limesurvey
|
LimeSurvey 4.3.2 allows reflected XSS because application/controllers/LSBaseController.php lacks code to validate parameters.
|
CWE-79
Cross-site Scripting
|
CVE-2020-16192
|
2024-11-21 14:06 |
2020-08-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213358
|
7.5 |
HIGH
Network
|
acti
|
nvr
|
ActiveMediaServer.exe in ACTi NVR3 Standard Server 3.0.12.42 allows remote unauthenticated attackers to trigger a buffer overflow and application termination via a malformed payload.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-15956
|
2024-11-21 14:06 |
2020-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213359
|
5.4 |
MEDIUM
Network
|
gantt-chart_project
|
gantt-chart
|
An issue was discovered in the Gantt-Chart module before 5.5.5 for Jira. Due to missing validation of user input, it is vulnerable to a persistent XSS attack. An attacker can embed the attack vectors…
|
CWE-79
Cross-site Scripting
|
CVE-2020-15944
|
2024-11-21 14:06 |
2020-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213360
|
8.1 |
HIGH
Network
|
gantt-chart_project
|
gantt-chart
|
An issue was discovered in the Gantt-Chart module before 5.5.4 for Jira. Due to a missing privilege check, it is possible to read and write to the module configuration of other users. This can also b…
|
CWE-79
CWE-862
Cross-site Scripting
Missing Authorization
|
CVE-2020-15943
|
2024-11-21 14:06 |
2020-08-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
