|
208231
|
5.5 |
MEDIUM
Local
|
upx_project
|
upx
|
A floating point exception issue was discovered in UPX in PackLinuxElf64::invert_pt_dynamic() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could …
|
CWE-369
Divide By Zero
|
CVE-2020-27790
|
2024-11-21 14:21 |
2022-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208232
|
5.5 |
MEDIUM
Local
|
upx_project
|
upx
|
A Segmentaation fault was found in UPX in invert_pt_dynamic() function in p_lx_elf.cpp. An attacker with a crafted input file allows invalid memory address access that could lead to a denial of servi…
|
NVD-CWE-noinfo
|
CVE-2020-27787
|
2024-11-21 14:21 |
2022-08-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208233
|
5.4 |
MEDIUM
Network
|
galaxkey
|
galaxkey
|
Persistent XSS in Galaxkey Secure Mail Client in Galaxkey up to 5.6.11.5 allows an attacker to perform an account takeover by intercepting the HTTP Post request when sending an email and injecting a …
|
CWE-79
Cross-site Scripting
|
CVE-2020-27509
|
2024-11-21 14:21 |
2022-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208234
|
8.8 |
HIGH
Adjacent
|
drtrustusa
|
icheck_connect_bp_monitor_bp_testing_118_firmware
|
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing Authentication.
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2020-27376
|
2024-11-21 14:21 |
2022-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208235
|
6.5 |
MEDIUM
Adjacent
|
drtrustusa
|
icheck_connect_bp_monitor_bp_testing_118_firmware
|
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Transmitting Write Requests and Chars.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2020-27375
|
2024-11-21 14:21 |
2022-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208236
|
7.5 |
HIGH
Adjacent
|
drtrustusa
|
icheck_connect_bp_monitor_bp_testing_118_firmware
|
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to a Replay Attack to BP Monitoring.
|
CWE-294
Authentication Bypass by Capture-replay
|
CVE-2020-27374
|
2024-11-21 14:21 |
2022-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208237
|
8.8 |
HIGH
Adjacent
|
drtrustusa
|
icheck_connect_bp_monitor_bp_testing_118_firmware
|
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to Plain text command over BLE.
|
CWE-78
OS Command
|
CVE-2020-27373
|
2024-11-21 14:21 |
2022-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208238
|
7.5 |
HIGH
Network
|
processwire
|
processwire
|
A Directory Traversal vulnerability exits in Processwire CMS before 2.7.1 via the download parameter to index.php.
|
CWE-22
Path Traversal
|
CVE-2020-27467
|
2024-11-21 14:21 |
2022-02-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208239
|
6.1 |
MEDIUM
Network
|
mit
|
scratch-svg-renderer
|
A DOM-based cross-site scripting (XSS) vulnerability in Scratch-Svg-Renderer v0.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted sb3 file.
|
CWE-79
Cross-site Scripting
|
CVE-2020-27428
|
2024-11-21 14:21 |
2022-01-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208240
|
9.8 |
CRITICAL
Network
|
mahadiscom
|
mahavitaran
|
Mahavitaran android application 7.50 and prior are affected by account takeover due to improper OTP validation, allows remote attackers to control a users account.
|
CWE-613
Insufficient Session Expiration
|
CVE-2020-27416
|
2024-11-21 14:21 |
2021-12-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
