|
210971
|
6.1 |
MEDIUM
Network
|
nagios
|
nagios_xi
|
Cross Site Scripting (XSS) in Nagios XI 5.7.1 allows remote attackers to run arbitrary code via returnUrl parameter in a crafted GET request.
|
CWE-79
Cross-site Scripting
|
CVE-2020-23992
|
2024-11-21 14:14 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210972
|
7.5 |
HIGH
Network
|
freedesktop
debian
|
poppler
debian_linux
|
Uncontrolled Recursion in pdfinfo, and pdftops in poppler 0.89.0 allows remote attackers to cause a denial of service via crafted input.
|
CWE-674
Uncontrolled Recursion
|
CVE-2020-23804
|
2024-11-21 14:14 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210973
|
8.6 |
HIGH
Network
|
spice-space
|
spice-server
|
An issue was discovered in spice-server spice-server-0.14.0-6.el7_6.1.x86_64 of Redhat's VDI product. There is a security vulnerablility that can restart KVMvirtual machine without any authorization.…
|
CWE-862
Missing Authorization
|
CVE-2020-23793
|
2024-11-21 14:14 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210974
|
7.8 |
HIGH
Local
|
rockcarry
|
ffjpeg
|
Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN.
|
CWE-120
Classic Buffer Overflow
|
CVE-2020-24222
|
2024-11-21 14:14 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210975
|
5.5 |
MEDIUM
Local
|
jerryscript
|
jerryscript
|
An issue was discovered in ecma-helpers.c in jerryscript version 2.3.0, allows local attackers to cause a denial of service (DoS) (Null Pointer Dereference).
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-24187
|
2024-11-21 14:14 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210976
|
6.1 |
MEDIUM
Network
|
laborator
|
kalium
|
Cross Site Scripting (XSS) vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code.
|
CWE-79
Cross-site Scripting
|
CVE-2020-24075
|
2024-11-21 14:14 |
2023-08-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210977
|
6.5 |
MEDIUM
Network
|
swoole
|
swoole
|
A HTTP response header injection vulnerability in Swoole v4.5.2 allows attackers to execute arbitrary code via supplying a crafted URL.
|
CWE-74
Injection
|
CVE-2020-24275
|
2024-11-21 14:14 |
2023-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210978
|
5.5 |
MEDIUM
Local
|
asn1c_project
|
asn1c
|
An issue was discovered in asn1c through v0.9.28. A NULL pointer dereference exists in the function _default_error_logger() located in asn1fix.c. It allows an attacker to cause Denial of Service.
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-23911
|
2024-11-21 14:14 |
2023-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210979
|
5.5 |
MEDIUM
Local
|
asn1c_project
|
asn1c
|
Stack-based buffer overflow vulnerability in asn1c through v0.9.28 via function genhash_get in genhash.c.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-23910
|
2024-11-21 14:14 |
2023-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210980
|
7.1 |
HIGH
Local
|
advancemame
|
advancemame
|
Heap-based buffer over-read in function png_convert_4 in file pngex.cc in AdvanceMAME through 2.1.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-23909
|
2024-11-21 14:14 |
2023-07-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
