|
210621
|
7.5 |
HIGH
Network
|
sized-chunks_project
|
sized-chunks
|
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, insert_from can have a memory-safety issue upon a panic.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-25795
|
2024-11-21 14:18 |
2020-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210622
|
7.5 |
HIGH
Network
|
sized-chunks_project
|
sized-chunks
|
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, clone can have a memory-safety issue upon a panic.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-25794
|
2024-11-21 14:18 |
2020-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210623
|
7.5 |
HIGH
Network
|
sized-chunks_project
|
sized-chunks
|
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with From<InlineArray<A, T>>.
|
CWE-129
Improper Validation of Array Index
|
CVE-2020-25793
|
2024-11-21 14:18 |
2020-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210624
|
7.5 |
HIGH
Network
|
sized-chunks_project
|
sized-chunks
|
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with pair().
|
CWE-129
Improper Validation of Array Index
|
CVE-2020-25792
|
2024-11-21 14:18 |
2020-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210625
|
7.5 |
HIGH
Network
|
sized-chunks_project
|
sized-chunks
|
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the Chunk implementation, the array size is not checked when constructed with unit().
|
CWE-129
Improper Validation of Array Index
|
CVE-2020-25791
|
2024-11-21 14:18 |
2020-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210626
|
7.2 |
HIGH
Network
|
typesettercms
|
typesetter
|
Typesetter CMS 5.x through 5.1 allows admins to upload and execute arbitrary PHP code via a .php file inside a ZIP archive. NOTE: the vendor disputes the significance of this report because "admins a…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-25790
|
2024-11-21 14:18 |
2020-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210627
|
6.1 |
MEDIUM
Network
|
tt-rss
|
tiny_tiny_rss
|
An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. The cached_url feature mishandles JavaScript inside an SVG document.
|
CWE-79
Cross-site Scripting
|
CVE-2020-25789
|
2024-11-21 14:18 |
2020-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210628
|
8.1 |
HIGH
Network
|
tt-rss
|
tiny_tiny_rss
|
An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. imgproxy in plugins/af_proxy_http/init.php mishandles $_REQUEST["url"] in an error message.
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2020-25788
|
2024-11-21 14:18 |
2020-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210629
|
9.8 |
CRITICAL
Network
|
tt-rss
|
tiny_tiny_rss
|
An issue was discovered in Tiny Tiny RSS (aka tt-rss) before 2020-09-16. It does not validate all URLs before requesting them.
|
CWE-20
Improper Input Validation
|
CVE-2020-25787
|
2024-11-21 14:18 |
2020-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210630
|
6.1 |
MEDIUM
Network
|
dlink
|
dir-803_firmware
dir-816l_firmware
dir-645_firmware
dir-815_firmware
dir-860l_firmware
dir-865l_firmware
|
webinc/js/info.php on D-Link DIR-816L 2.06.B09_BETA and DIR-803 1.04.B02 devices allows XSS via the HTTP Referer header. NOTE: This vulnerability only affects products that are no longer supported by…
|
CWE-79
Cross-site Scripting
|
CVE-2020-25786
|
2024-11-21 14:18 |
2020-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
