|
210441
|
5.5 |
MEDIUM
Local
|
nasm
|
netwide_assembler
|
In Netwide Assembler (NASM) 2.15rc10, SEGV can be triggered in tok_text in asm/preproc.c by accessing READ memory.
|
NVD-CWE-noinfo
|
CVE-2020-24242
|
2024-11-21 14:14 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210442
|
5.5 |
MEDIUM
Local
|
nasm
|
netwide_assembler
|
In Netwide Assembler (NASM) 2.15rc10, there is heap use-after-free in saa_wbytes in nasmlib/saa.c.
|
CWE-416
Use After Free
|
CVE-2020-24241
|
2024-11-21 14:14 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210443
|
5.5 |
MEDIUM
Local
|
gnu
|
bison
|
GNU Bison before 3.7.1 has a use-after-free in _obstack_free in lib/obstack.c (called from gram_lex) when a '\0' byte is encountered. NOTE: there is a risk only if Bison is used with untrusted input,…
|
CWE-416
Use After Free
|
CVE-2020-24240
|
2024-11-21 14:14 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210444
|
8.8 |
HIGH
Network
|
ethz
|
minetime
|
MineTime through 1.8.5 allows arbitrary command execution via the notes field in a meeting. Could lead to RCE via meeting invite.
|
CWE-74
Injection
|
CVE-2020-24364
|
2024-11-21 14:14 |
2020-08-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210445
|
10.0 |
CRITICAL
Network
|
gvectors
|
wpdiscuz
|
A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via th…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-24186
|
2024-11-21 14:14 |
2020-08-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210446
|
8.8 |
HIGH
Network
|
verint
|
s5120fd_firmware
|
The management website of the Verint S5120FD Verint_FW_0_42 unit features a CGI endpoint ('ipfilter.cgi') that allows the user to manage network filtering on the unit. This endpoint is vulnerable to …
|
CWE-78
OS Command
|
CVE-2020-24057
|
2024-11-21 14:14 |
2020-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210447
|
7.5 |
HIGH
Network
|
verint
|
5620ptz_firmware
4320_firmware
s5120fd_firmware
|
A hardcoded credentials vulnerability exists in Verint 5620PTZ Verint_FW_0_42, Verint 4320 V4320_FW_0_23, V4320_FW_0_31, and Verint S5120FD Verint_FW_0_42units. This could cause a confidentiality iss…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-24056
|
2024-11-21 14:14 |
2020-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210448
|
9.8 |
CRITICAL
Network
|
verint
|
5620ptz_firmware
4320_firmware
|
Verint 5620PTZ Verint_FW_0_42 and Verint 4320 V4320_FW_0_23, and V4320_FW_0_31 units feature an autodiscovery service implemented in the binary executable '/usr/sbin/DM' that listens on port TCP 6666…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-24055
|
2024-11-21 14:14 |
2020-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210449
|
9.8 |
CRITICAL
Network
|
moog
|
exvf5c-2_firmware
exvp7c2-3_firmware
|
The administration console of the Moog EXO Series EXVF5C-2 and EXVP7C2-3 units features a 'statusbroadcast' command that can spawn a given process repeatedly at a certain time interval as 'root'. One…
|
CWE-78
OS Command
|
CVE-2020-24054
|
2024-11-21 14:14 |
2020-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210450
|
7.5 |
HIGH
Network
|
moog
|
exvf5c-2_firmware
exvp7c2-3_firmware
|
Moog EXO Series EXVF5C-2 and EXVP7C2-3 units have a hardcoded credentials vulnerability. This could cause a confidentiality issue when using the FTP, Telnet, or SSH protocols.
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2020-24053
|
2024-11-21 14:14 |
2020-08-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
