|
210171
|
8.8 |
HIGH
Network
|
systeminformation
|
systeminformation
|
In systeminformation (npm package) before version 4.31.1 there is a command injection vulnerability. The problem was fixed in version 4.31.1 with a shell string sanitation fix.
|
CWE-78
OS Command
|
CVE-2020-26274
|
2024-11-21 14:19 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210172
|
6.1 |
MEDIUM
Network
|
dell
|
idrac9_firmware
|
Dell EMC iDRAC9 versions prior to 4.32.10.00 and 4.40.00.00 contain a reflected cross-site scripting vulnerability in the iDRAC9 web application. A remote attacker could potentially exploit this vuln…
|
CWE-79
Cross-site Scripting
|
CVE-2020-26198
|
2024-11-21 14:19 |
2020-12-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210173
|
5.2 |
MEDIUM
Local
|
linuxfoundation
|
osquery
|
osquery is a SQL powered operating system instrumentation, monitoring, and analytics framework. In osquery before version 4.6.0, by using sqlite's ATTACH verb, someone with administrative access to o…
|
CWE-77
Command Injection
|
CVE-2020-26273
|
2024-11-21 14:19 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210174
|
6.8 |
MEDIUM
Network
|
xstream_project
debian
fedoraproject
|
xstream
debian_linux
fedora
|
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, is vulnerable to an Arbitrary File Deletion on the local host when unmarshalling. The vulnerabi…
|
-
|
CVE-2020-26259
|
2024-11-21 14:19 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210175
|
7.7 |
HIGH
Network
|
xstream_project
debian
fedoraproject
|
xstream
debian_linux
fedora
|
XStream is a Java library to serialize objects to XML and back again. In XStream before version 1.4.15, a Server-Side Forgery Request vulnerability can be activated when unmarshalling. The vulnerabil…
|
-
|
CVE-2020-26258
|
2024-11-21 14:19 |
2020-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210176
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
debian
oracle
|
wireshark
fedora
debian_linux
zfs_storage_appliance_kit
|
Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-26421
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210177
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
oracle
|
wireshark
fedora
zfs_storage_appliance_kit
|
Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-26420
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210178
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
oracle
|
wireshark
fedora
zfs_storage_appliance_kit
|
Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-26419
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210179
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
debian
oracle
|
wireshark
fedora
debian_linux
zfs_storage_appliance_kit
|
Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-26418
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210180
|
5.3 |
MEDIUM
Network
|
ethereum
|
go_ethereum
|
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where…
|
CWE-682
Incorrect Calculation
|
CVE-2020-26265
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
