|
218971
|
8.8 |
HIGH
Network
|
gitlab
|
gitlab
|
OAuth flow missing verification checks CE/EE 12.3 and later through 13.0.1 allows unverified user to use OAuth authorization code flow
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2020-13272
|
2024-11-21 14:00 |
2020-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218972
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
User email verification bypass in GitLab CE/EE 12.5 and later through 13.0.1 allows user to bypass email verification
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2020-13265
|
2024-11-21 14:00 |
2020-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218973
|
6.1 |
MEDIUM
Network
|
gitlab
|
gitlab
|
Client-Side code injection through Mermaid markup in GitLab CE/EE 12.9 and later through 13.0.1 allows a specially crafted Mermaid payload to PUT requests on behalf of other users via clicking on a l…
|
CWE-74
Injection
|
CVE-2020-13262
|
2024-11-21 14:00 |
2020-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218974
|
6.5 |
MEDIUM
Network
|
gitlab
|
gitlab
|
An authorization issue in the mirroring logic allowed read access to private repositories in GitLab CE/EE 10.6 and later through 13.0.5
|
CWE-863
Incorrect Authorization
|
CVE-2020-13277
|
2024-11-21 14:00 |
2020-06-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218975
|
7.5 |
HIGH
Network
|
arm
|
mbed-coap
|
Memory leaks were discovered in the CoAP library in Arm Mbed OS 5.15.3 when using the Arm mbed-coap library 5.1.5. The CoAP parser is responsible for parsing received CoAP packets. The function sn_co…
|
CWE-190
CWE-401
Integer Overflow or Wraparound
Missing Release of Memory after Effective Lifetime
|
CVE-2020-12887
|
2024-11-21 14:00 |
2020-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218976
|
9.1 |
CRITICAL
Network
|
arm
|
mbed_os
|
A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses the C…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-12886
|
2024-11-21 14:00 |
2020-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218977
|
7.5 |
HIGH
Network
|
arm
|
mbed_os
|
An infinite loop was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse_multiple_options…
|
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2020-12885
|
2024-11-21 14:00 |
2020-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218978
|
9.1 |
CRITICAL
Network
|
arm
|
mbed_os
|
A buffer over-read was discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse_multiple_optio…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-12884
|
2024-11-21 14:00 |
2020-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218979
|
9.1 |
CRITICAL
Network
|
arm
|
mbed_os
|
Buffer over-reads were discovered in the CoAP library in Arm Mbed OS 5.15.3. The CoAP parser is responsible for parsing received CoAP packets. The function sn_coap_parser_options_parse() parses CoAP …
|
CWE-125
Out-of-bounds Read
|
CVE-2020-12883
|
2024-11-21 14:00 |
2020-06-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218980
|
7.2 |
HIGH
Network
|
mjml
|
mjml
|
MJML prior to 4.6.3 contains a path traversal vulnerability when processing the mj-include directive within an MJML document.
|
CWE-22
Path Traversal
|
CVE-2020-12827
|
2024-11-21 14:00 |
2020-06-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
