|
213371
|
9.8 |
CRITICAL
Network
|
uffizio
|
gps_tracker
|
A Remote Code Execution vulnerability exist in Uffizio's GPS Tracker all versions. The web server can be compromised by uploading and executing a web/reverse shell. An attacker could then run command…
|
NVD-CWE-noinfo
|
CVE-2020-17485
|
2024-11-21 14:08 |
2023-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213372
|
6.1 |
MEDIUM
Network
|
uffizio
|
gps_tracker
|
An Open Redirection vulnerability exists in Uffizio's GPS Tracker all versions allows an attacker to construct a URL within the application that causes a redirection to an arbitrary external domain.
|
CWE-601
Open Redirect
|
CVE-2020-17484
|
2024-11-21 14:08 |
2023-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213373
|
7.5 |
HIGH
Network
|
uffizio
|
gps_tracker
|
An improper access control vulnerability exists in Uffizio's GPS Tracker all versions that lead to sensitive information disclosure of all the connected devices. By visiting the vulnerable host at po…
|
NVD-CWE-noinfo
|
CVE-2020-17483
|
2024-11-21 14:08 |
2023-12-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213374
|
6.5 |
MEDIUM
Network
|
univention
|
ucs\@school
|
Incorrect LDAP ACLs in ucs-school-ldap-acls-master in UCS@school before 4.4v5-errata allow remote teachers, staff, and school administrators to read LDAP password hashes (sambaNTPassword, krb5Key, sa…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2020-17477
|
2024-11-21 14:08 |
2023-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213375
|
7.4 |
HIGH
Network
|
typora
|
typora
|
Cross Site Scripting (XSS) vulnerability found in Typora v.0.9.65 allows a remote attacker to obtain sensitive information via the PDF file exporting function.
|
CWE-79
Cross-site Scripting
|
CVE-2020-18336
|
2024-11-21 14:08 |
2023-10-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213376
|
9.8 |
CRITICAL
Network
|
earcms
|
ear
|
An issue found in Earcms Ear App v.20181124 allows a remote attacker to execute arbitrary code via the uload/index-uplog.php.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-18912
|
2024-11-21 14:08 |
2023-08-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213377
|
6.5 |
MEDIUM
Network
|
freedesktop
|
poppler
|
Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-18839
|
2024-11-21 14:08 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213378
|
7.8 |
HIGH
Local
|
exiv2
|
exiv2
|
Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of service and other unspecified impacts via use of crafted file.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-18831
|
2024-11-21 14:08 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213379
|
5.5 |
MEDIUM
Local
|
audiofile
|
audiofile
|
Heap buffer overflow vulnerability in FilePOSIX::read in File.cpp in audiofile 0.3.6 may cause denial-of-service via a crafted wav file, this bug can be triggered by the executable sfconvert.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-18781
|
2024-11-21 14:08 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213380
|
5.5 |
MEDIUM
Local
|
nasm
|
netwide_assembler
|
A Use After Free vulnerability in function new_Token in asm/preproc.c in nasm 2.14.02 allows attackers to cause a denial of service via crafted nasm command.
|
CWE-416
Use After Free
|
CVE-2020-18780
|
2024-11-21 14:08 |
2023-08-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
