|
209411
|
7.8 |
HIGH
Local
|
uclouvain
debian
|
openjpeg
debian_linux
|
A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the …
|
-
|
CVE-2020-27814
|
2024-11-21 14:21 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209412
|
6.1 |
MEDIUM
Network
|
wftpserver
|
wing_ftp_server
|
An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of (sandboxed) arbitrary HTML and JavaScript …
|
CWE-79
Cross-site Scripting
|
CVE-2020-27735
|
2024-11-21 14:21 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209413
|
9.8 |
CRITICAL
Network
|
ibm
|
infosphere_information_server
|
IBM InfoSphere Information Server 8.5.0.0 is affected by deserialization of untrusted data which could allow remote unauthenticated attackers to execute arbitrary code. NOTE: This vulnerability only …
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2020-27583
|
2024-11-21 14:21 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209414
|
7.5 |
HIGH
Network
|
company
|
cs-c2shw_firmware
|
Denial of Service vulnerability in Rostelecom CS-C2SHW 5.0.082.1. AgentGreen service has a bug in parsing broadcast discovery UDP packet. Sending a packet of too small size will lead to an attempt of…
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27541
|
2024-11-21 14:21 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209415
|
9.8 |
CRITICAL
Network
|
company
|
cs-c2shw_firmware
|
Bash injection vulnerability and bypass of signature verification in Rostelecom CS-C2SHW 5.0.082.1. The camera reads firmware update configuration from SD card file vc\version.json. fw-sign parameter…
|
CWE-347
Improper Verification of Cryptographic Signature
|
CVE-2020-27540
|
2024-11-21 14:21 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209416
|
6.8 |
MEDIUM
Physics
|
company
|
cs-c2shw_firmware
|
Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. The camera reads configuration from QR code (including network settings). The static IP configuration from QR code is copied to t…
|
CWE-78
OS Command
|
CVE-2020-27542
|
2024-11-21 14:21 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209417
|
9.8 |
CRITICAL
Network
|
company
|
cs-c2shw_firmware
|
Heap overflow with full parsing of HTTP respose in Rostelecom CS-C2SHW 5.0.082.1. AgentUpdater service has a self-written HTTP parser and builder. HTTP parser has a heap buffer overflow (OOB write). …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27539
|
2024-11-21 14:21 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209418
|
6.5 |
MEDIUM
Adjacent
|
philips
|
viewforum
coronary_tools
dynamic_coronary_roadmap
stentboost_live
interventional_workspot
|
Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools/Dynamic Coronary Roadmap/Stentboost Live (Release 1.0), ViewForum (Release 6.3V1L10). The software construc…
|
CWE-78
OS Command
|
CVE-2020-27298
|
2024-11-21 14:21 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209419
|
7.8 |
HIGH
Local
|
deltaww
|
tpeditor
|
An untrusted pointer dereference has been identified in the way TPEditor(v1.98 and prior) processes project files, allowing an attacker to craft a special project file that may permit arbitrary code …
|
CWE-787
Out-of-bounds Write
|
CVE-2020-27288
|
2024-11-21 14:21 |
2021-01-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
209420
|
7.5 |
HIGH
Network
|
nec
|
esmpro_manager
|
This vulnerability allows remote attackers to disclose sensitive information on affected installations of NEC ESMPRO Manager 6.42. Authentication is not required to exploit this vulnerability. The sp…
|
CWE-22
Path Traversal
|
CVE-2020-27859
|
2024-11-21 14:21 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
