|
210271
|
8.8 |
HIGH
Network
|
freeimage_project
|
freeimage
|
Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-24293
|
2024-11-21 14:14 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210272
|
8.8 |
HIGH
Network
|
freeimage_project
|
freeimage
|
Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico file.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-24292
|
2024-11-21 14:14 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210273
|
6.1 |
MEDIUM
Network
|
nagios
|
nagios_xi
|
Cross Site Scripting (XSS) in Nagios XI 5.7.1 allows remote attackers to run arbitrary code via returnUrl parameter in a crafted GET request.
|
CWE-79
Cross-site Scripting
|
CVE-2020-23992
|
2024-11-21 14:14 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210274
|
7.5 |
HIGH
Network
|
freedesktop
debian
|
poppler
debian_linux
|
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input.
|
CWE-674
Uncontrolled Recursion
|
CVE-2020-23804
|
2024-11-21 14:14 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210275
|
8.6 |
HIGH
Network
|
spice-space
|
spice-server
|
An issue was discovered in spice-server spice-server-0.14.0-6.el7_6.1.x86_64 of Redhat's VDI product. There is a security vulnerablility that can restart KVMvirtual machine without any authorization.…
|
CWE-862
Missing Authorization
|
CVE-2020-23793
|
2024-11-21 14:14 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210276
|
7.8 |
HIGH
Local
|
rockcarry
|
ffjpeg
|
Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-24222
|
2024-11-21 14:14 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210277
|
5.5 |
MEDIUM
Local
|
jerryscript
|
jerryscript
|
An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference).
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-24187
|
2024-11-21 14:14 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210278
|
6.1 |
MEDIUM
Network
|
laborator
|
kalium
|
Cross Site Scripting (XSS) vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code.
|
CWE-79
Cross-site Scripting
|
CVE-2020-24075
|
2024-11-21 14:14 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210279
|
6.5 |
MEDIUM
Network
|
swoole
|
swoole
|
A HTTP response header injection vulnerability in Swoole v4.5.2 allows attackers to execute arbitrary code via supplying a crafted URL.
|
CWE-74
Injection
|
CVE-2020-24275
|
2024-11-21 14:14 |
2023-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210280
|
5.5 |
MEDIUM
Local
|
asn1c_project
|
asn1c
|
An issue was discovered in asn1c through v0.9.28. A NULL pointer dereference exists in the function _default_error_logger() located in asn1fix.c. It allows an attacker to cause Denial of Service.
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-23911
|
2024-11-21 14:14 |
2023-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
