|
210361
|
7.5 |
HIGH
Network
|
ygopro
|
ygocore
|
An integer overflow was discovered in YGOPro ygocore v13.51. Attackers can use it to leak the game server thread's memory.
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-24213
|
2024-11-21 14:14 |
2020-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210362
|
6.5 |
MEDIUM
Network
|
arista
|
cloudvision_portal
|
A vulnerability in Arista’s CloudVision Portal (CVP) prior to 2020.2 allows users with “read-only” or greater access rights to the Configlet Management module to download files not intended for acces…
|
NVD-CWE-noinfo
|
CVE-2020-24333
|
2024-11-21 14:14 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210363
|
7.2 |
HIGH
Network
|
titanhq
|
spamtitan
|
A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. This re…
|
CWE-269
Improper Privilege Management
|
CVE-2020-24046
|
2024-11-21 14:14 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210364
|
7.2 |
HIGH
Network
|
titanhq
|
spamtitan
|
A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. The res…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2020-24045
|
2024-11-21 14:14 |
2020-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210365
|
9.6 |
CRITICAL
Network
|
free
|
freebox_revolution_firmware
freebox_mini_firmware
freebox_one_firmware
freebox_delta_firmware
freebox_pop_firmware
|
A DNS rebinding vulnerability in the Freebox OS web interface in Freebox Server before 4.2.3.
|
CWE-20
Improper Input Validation
|
CVE-2020-24377
|
2024-11-21 14:14 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210366
|
9.6 |
CRITICAL
Network
|
free
|
freebox_revolution_firmware
freebox_mini_firmware
freebox_one_firmware
freebox_delta_firmware
freebox_pop_firmware
|
A DNS rebinding vulnerability in the UPnP IGD implementations in Freebox v5 before 1.5.29 and Freebox Server before 4.2.3.
|
CWE-20
Improper Input Validation
|
CVE-2020-24376
|
2024-11-21 14:14 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210367
|
9.6 |
CRITICAL
Network
|
free
|
freebox_hd_firmware
|
A DNS rebinding vulnerability in Freebox v5 before 1.5.29.
|
CWE-20
Improper Input Validation
|
CVE-2020-24374
|
2024-11-21 14:14 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210368
|
8.8 |
HIGH
Network
|
free
|
freebox_revolution_firmware
freebox_mini_firmware
freebox_one_firmware
freebox_delta_firmware
freebox_pop_firmware
|
A CSRF vulnerability in the UPnP MediaServer implementation in Freebox Server before 4.2.3.
|
CWE-352
Origin Validation Error
|
CVE-2020-24373
|
2024-11-21 14:14 |
2020-09-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210369
|
9.8 |
CRITICAL
Network
|
projectworlds
|
house_rental
|
Projectworlds House Rental v1.0 suffers from an unauthenticated SQL Injection vulnerability, allowing remote attackers to execute arbitrary code on the hosting webserver via a malicious index.php POS…
|
CWE-89
SQL Injection
|
CVE-2020-23833
|
2024-11-21 14:14 |
2020-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210370
|
9.8 |
CRITICAL
Network
|
online_course_registration_project
|
online_course_registration
|
A File Upload vulnerability in SourceCodester Online Course Registration v1.0 allows remote attackers to achieve Remote Code Execution (RCE) on the hosting webserver by uploading a crafted PHP web-sh…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-23828
|
2024-11-21 14:14 |
2020-09-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
