|
211221
|
7.8 |
HIGH
Local
|
adobe
|
illustrator
|
Adobe Illustrator version 24.2 (and earlier) is affected by an out-of-bounds read vulnerability when parsing crafted PDF files. This could result in a read past the end of an allocated memory structu…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-24409
|
2024-11-21 14:14 |
2020-10-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211222
|
7.5 |
HIGH
Network
|
yubico
fedoraproject
|
yubihsm-shell
fedora
|
An issue was discovered in the _send_secure_msg() function of yubihsm-shell through 2.0.2. The function does not validate the embedded length field of a message received from the device. This could l…
|
CWE-20
CWE-787
Improper Input Validation
Out-of-bounds Write
|
CVE-2020-24388
|
2024-11-21 14:14 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211223
|
7.5 |
HIGH
Network
|
yubico
fedoraproject
|
yubihsm-shell
fedora
|
An issue was discovered in the yh_create_session() function of yubihsm-shell through 2.0.2. The function does not explicitly check the returned session id from the device. An invalid session id would…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2020-24387
|
2024-11-21 14:14 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211224
|
6.5 |
MEDIUM
Network
|
free
|
freebox_server
freebox_v5_firmware
|
A DNS rebinding vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3.
|
CWE-290
Authentication Bypass by Spoofing
|
CVE-2020-24375
|
2024-11-21 14:14 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211225
|
7.5 |
HIGH
Network
|
broadcom
fedoraproject
|
tcpreplay
fedora
|
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-24266
|
2024-11-21 14:14 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211226
|
7.5 |
HIGH
Network
|
broadcom
fedoraproject
|
tcpreplay
fedora
|
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-24265
|
2024-11-21 14:14 |
2020-10-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211227
|
6.1 |
MEDIUM
Network
|
magento
|
magento
|
Magento versions 2.4.0 and 2.3.5p1 (and earlier) are affected by a persistent XSS vulnerability that allows users to upload malicious JavaScript via the file upload component. This vulnerability coul…
|
-
|
CVE-2020-24408
|
2024-11-21 14:14 |
2020-10-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211228
|
5.5 |
MEDIUM
Local
|
qemu
|
qemu
|
An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while…
|
CWE-125
CWE-787
Out-of-bounds Read
Out-of-bounds Write
|
CVE-2020-24352
|
2024-11-21 14:14 |
2020-10-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211229
|
6.1 |
MEDIUM
Network
|
unitedplanet
|
intrexx
|
Cross-site scripting (XSS) vulnerability in the search functionality in Intrexx before 9.4.0 allows remote attackers to inject arbitrary web script or HTML via the request parameter.
|
CWE-79
Cross-site Scripting
|
CVE-2020-24188
|
2024-11-21 14:14 |
2020-10-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211230
|
6.1 |
MEDIUM
Network
|
iproom
|
mmc\+
|
IProom MMC+ Server login page does not validate specific parameters properly. Attackers can use the vulnerability to redirect to any malicious site and steal the victim's login credentials.
|
CWE-601
Open Redirect
|
CVE-2020-24551
|
2024-11-21 14:14 |
2020-10-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
