|
210221
|
8.1 |
HIGH
Network
|
thekelleys
fedoraproject
debian
|
dnsmasq
fedora
debian_linux
|
A flaw was found in dnsmasq before 2.83. A buffer overflow vulnerability was discovered in the way dnsmasq extract names from DNS packets before validating them with DNSSEC data. An attacker on the n…
|
-
|
CVE-2020-25682
|
2024-11-21 14:18 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210222
|
8.1 |
HIGH
Network
|
thekelleys
fedoraproject
debian
|
dnsmasq
fedora
debian_linux
|
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in the way RRSets are sorted before validating with DNSSEC data. An attacker on the network, who can forge…
|
-
|
CVE-2020-25681
|
2024-11-21 14:18 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210223
|
3.7 |
LOW
Network
|
thekelleys
fedoraproject
debian
arista
|
dnsmasq
fedora
debian_linux
eos
|
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in forward.c:reply_query(), which is the forwarded query that matches the reply, by only u…
|
CWE-326
Inadequate Encryption Strength
|
CVE-2020-25685
|
2024-11-21 14:18 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210224
|
3.7 |
LOW
Network
|
thekelleys
fedoraproject
debian
arista
|
dnsmasq
fedora
debian_linux
eos
|
A flaw was found in dnsmasq before version 2.83. When getting a reply from a forwarded query, dnsmasq checks in the forward.c:reply_query() if the reply destination address/port is used by the pendin…
|
NVD-CWE-Other
|
CVE-2020-25684
|
2024-11-21 14:18 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210225
|
5.9 |
MEDIUM
Network
|
thekelleys
fedoraproject
debian
|
dnsmasq
fedora
debian_linux
|
A flaw was found in dnsmasq before version 2.83. A heap-based buffer overflow was discovered in dnsmasq when DNSSEC is enabled and before it validates the received DNS entries. A remote attacker, who…
|
-
|
CVE-2020-25683
|
2024-11-21 14:18 |
2021-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210226
|
7.0 |
HIGH
Local
|
malwarebytes
|
malwarebytes
|
An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly v…
|
CWE-362
Race Condition
|
CVE-2020-25533
|
2024-11-21 14:18 |
2021-01-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210227
|
5.9 |
MEDIUM
Network
|
m2crypto_project
redhat
fedoraproject
|
m2crypto
enterprise_linux
virtualization
fedora
|
A flaw was found in all released versions of m2crypto, where they are vulnerable to Bleichenbacher timing attacks in the RSA decryption API via the timed processing of valid PKCS#1 v1.5 Ciphertext. T…
|
-
|
CVE-2020-25657
|
2024-11-21 14:18 |
2021-01-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210228
|
5.9 |
MEDIUM
Network
|
cryptography.io
oracle
|
cryptography
communications_cloud_native_core_network_function_cloud_native_environment
|
python-cryptography 3.2 is vulnerable to Bleichenbacher timing attacks in the RSA decryption API, via timed processing of valid PKCS#1 v1.5 ciphertext.
|
NVD-CWE-Other
|
CVE-2020-25659
|
2024-11-21 14:18 |
2021-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210229
|
4.4 |
MEDIUM
Local
|
redhat
fedoraproject
|
ceph_storage
ceph
fedora
|
A flaw was found in ceph in versions prior to 16.y.z where ceph stores mgr module passwords in clear text. This can be found by searching the mgr logs for grafana and dashboard, with passwords visibl…
|
-
|
CVE-2020-25678
|
2024-11-21 14:18 |
2021-01-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210230
|
5.4 |
MEDIUM
Network
|
redhat
|
jboss_core_services_httpd
|
A flaw was found in JBCS httpd in version 2.4.37 SP3, where it uses a back-end worker SSL certificate with the keystore file's ID is 'unknown'. The validation of the certificate whether CN and hostna…
|
-
|
CVE-2020-25680
|
2024-11-21 14:18 |
2021-01-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
