|
208981
|
8.8 |
HIGH
Network
|
bigprof
|
online_invoicing_system
|
BigProf Online Invoicing System before 3.0 offers a functionality that allows an administrator to move the records of members across groups. The applicable endpoint (admin/pageTransferOwnership.php) …
|
CWE-352
Origin Validation Error
|
CVE-2020-35675
|
2024-11-21 14:27 |
2022-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208982
|
9.8 |
CRITICAL
Network
|
bigprof
|
online_invoicing_system
|
BigProf Online Invoicing System before 2.9 suffers from an unauthenticated SQL Injection found in /membership_passwordReset.php (the endpoint that is responsible for issuing self-service password res…
|
CWE-89
SQL Injection
|
CVE-2020-35674
|
2024-11-21 14:27 |
2022-09-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208983
|
5.5 |
MEDIUM
Local
|
libraw
|
libraw
|
In LibRaw, there is an out-of-bounds read vulnerability within the "LibRaw::parseSonySRF()" function (libraw\src\metadata\sony.cpp) when processing srf files.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-35535
|
2024-11-21 14:27 |
2022-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208984
|
5.5 |
MEDIUM
Local
|
libraw
|
libraw
|
In LibRaw, there is a memory corruption vulnerability within the "crxFreeSubbandData()" function (libraw\src\decoders\crx.cpp) when processing cr3 files.
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2020-35534
|
2024-11-21 14:27 |
2022-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208985
|
5.5 |
MEDIUM
Local
|
libraw
debian
|
libraw
debian_linux
|
In LibRaw, an out-of-bounds read vulnerability exists within the "LibRaw::adobe_copy_pixel()" function (libraw\src\decoders\dng.cpp) when reading data from the image file.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-35533
|
2024-11-21 14:27 |
2022-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208986
|
5.5 |
MEDIUM
Local
|
libraw
debian
|
libraw
debian_linux
|
In LibRaw, an out-of-bounds read vulnerability exists within the "simple_decode_row()" function (libraw\src\x3f\x3f_utils_patched.cpp) which can be triggered via an image with a large row_stride fiel…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-35532
|
2024-11-21 14:27 |
2022-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208987
|
5.5 |
MEDIUM
Local
|
libraw
debian
|
libraw
debian_linux
|
In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-35531
|
2024-11-21 14:27 |
2022-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208988
|
5.5 |
MEDIUM
Local
|
libraw
debian
|
libraw
debian_linux
|
In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-35530
|
2024-11-21 14:27 |
2022-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208989
|
9.8 |
CRITICAL
Network
|
sqlite
netapp
|
sqlite
ontap_select_deploy_administration_utility
|
In SQLite 3.31.1, there is an out of bounds access problem through ALTER TABLE for views that have a nested FROM clause.
|
-
|
CVE-2020-35527
|
2024-11-21 14:27 |
2022-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
208990
|
7.5 |
HIGH
Network
|
sqlite
|
sqlite
|
In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-35525
|
2024-11-21 14:27 |
2022-09-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
