|
210671
|
7.5 |
HIGH
Network
|
lwip_project
|
lwip
|
A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows attackers to access sensitive information via a cra…
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-22283
|
2024-11-21 14:13 |
2021-07-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210672
|
6.1 |
MEDIUM
Network
|
piwigo
|
piwigo
|
A cross site scripting (XSS) vulnerability in /admin.php?page=permalinks of Piwigo 2.10.1 allows attackers to execute arbitrary web scripts or HTML.
|
CWE-79
Cross-site Scripting
|
CVE-2020-22150
|
2024-11-21 14:13 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210673
|
6.1 |
MEDIUM
Network
|
piwigo
|
piwigo
|
A stored cross site scripting (XSS) vulnerability in /admin.php?page=tags of Piwigo 2.10.1 allows attackers to execute arbitrary web scripts or HTML.
|
CWE-79
Cross-site Scripting
|
CVE-2020-22148
|
2024-11-21 14:13 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210674
|
7.5 |
HIGH
Network
|
mv
|
mconnect
|
Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's database via brute force.
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2020-23283
|
2024-11-21 14:13 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210675
|
7.5 |
HIGH
Network
|
mv
|
mconnect
|
SQL injection in Logon Page in MV's mConnect application, v02.001.00, allows an attacker to use a non existing user with a generic password to connect to the application and get access to unauthorize…
|
CWE-89
SQL Injection
|
CVE-2020-23282
|
2024-11-21 14:13 |
2021-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210676
|
7.5 |
HIGH
Network
|
mv
|
idce
|
Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals inter…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-23284
|
2024-11-21 14:13 |
2021-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210677
|
7.5 |
HIGH
Network
|
baidu
|
xuperchain
|
An issue was discovered in Xuperchain 3.6.0 that allows for attackers to recover any arbitrary users' private key after obtaining the partial signature in multisignature.
|
CWE-312
Cleartext Storage of Sensitive Information
|
CVE-2020-22741
|
2024-11-21 14:13 |
2021-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210678
|
7.5 |
HIGH
Network
|
att
|
alienvault_ossim
|
A memory leak vulnerability in sim-organizer.c of AlienVault Ossim v5 causes a denial of service (DOS) via a system crash triggered by the occurrence of a large number of alarm events.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-22650
|
2024-11-21 14:13 |
2021-07-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210679
|
7.5 |
HIGH
Network
|
jsish
|
jsish
|
Stack overflow vulnerability in function jsi_evalcode_sub in jsish before 3.0.18, allows remote attackers to cause a Denial of Service via a crafted value to the execute parameter.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-22907
|
2024-11-21 14:13 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210680
|
7.5 |
HIGH
Network
|
artifex
|
mujs
|
Buffer overflow vulnerability in function jsG_markobject in jsgc.c in mujs before 1.0.8, allows remote attackers to cause a denial of service.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-22886
|
2024-11-21 14:13 |
2021-07-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
