|
218521
|
4.3 |
MEDIUM
Adjacent
|
sane-project
opensuse
canonical
|
sane_backends
leap
ubuntu_linux
|
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the prog…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-12864
|
2024-11-21 14:00 |
2020-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218522
|
4.3 |
MEDIUM
Adjacent
|
sane-project
debian
canonical
opensuse
|
sane_backends
debian_linux
ubuntu_linux
leap
|
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the prog…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-12863
|
2024-11-21 14:00 |
2020-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218523
|
4.3 |
MEDIUM
Adjacent
|
sane-project
debian
canonical
opensuse
|
sane_backends
debian_linux
ubuntu_linux
leap
|
An out-of-bounds read in SANE Backends before 1.0.30 may allow a malicious device connected to the same local network as the victim to read important information, such as the ASLR offsets of the prog…
|
CWE-125
Out-of-bounds Read
|
CVE-2020-12862
|
2024-11-21 14:00 |
2020-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218524
|
8.8 |
HIGH
Adjacent
|
sane-project
canonical
opensuse
|
sane_backends
ubuntu_linux
leap
|
A heap buffer overflow in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to execute arbitrary code, aka GHSL-2020-080.
|
CWE-787
Out-of-bounds Write
|
CVE-2020-12861
|
2024-11-21 14:00 |
2020-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218525
|
6.5 |
MEDIUM
Network
|
nukeviet
|
nukeviet
|
modules\users\admin\edit.php in NukeViet 4.4 allows CSRF to change a user's password via an admin/index.php?nv=users&op=edit&userid= URI. The old password is not needed.
|
CWE-352
Origin Validation Error
|
CVE-2020-13157
|
2024-11-21 14:00 |
2020-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218526
|
6.5 |
MEDIUM
Network
|
nukeviet
|
nukeviet
|
modules\users\admin\add_user.php in NukeViet 4.4 allows CSRF to add a user account via the admin/index.php?nv=users&op=user_add URI.
|
CWE-352
Origin Validation Error
|
CVE-2020-13156
|
2024-11-21 14:00 |
2020-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218527
|
8.8 |
HIGH
Network
|
nukeviet
|
nukeviet
|
clearsystem.php in NukeViet 4.4 allows CSRF with resultant HTML injection via the deltype parameter to the admin/index.php?nv=webtools&op=clearsystem URI.
|
CWE-352
Origin Validation Error
|
CVE-2020-13155
|
2024-11-21 14:00 |
2020-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218528
|
9.8 |
CRITICAL
Network
|
openfind
|
mailgates
mailaudit
|
Openfind MailGates contains a Command Injection flaw, when receiving email with specific strings, malicious code in the mail attachment will be triggered and gain unauthorized access to system files.
|
CWE-77
Command Injection
|
CVE-2020-12782
|
2024-11-21 14:00 |
2020-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218529
|
9.8 |
CRITICAL
Network
|
articatech
|
artica_proxy
|
Artica Proxy before 4.30.000000 Community Edition allows OS command injection via the Netbios name, Server domain name, dhclient_mac, Hostname, or Alias field. NOTE: this may overlap CVE-2020-10818.
|
CWE-78
OS Command
|
CVE-2020-13159
|
2024-11-21 14:00 |
2020-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218530
|
7.5 |
HIGH
Network
|
articatech
|
artica_proxy
|
Artica Proxy before 4.30.000000 Community Edition allows Directory Traversal via the fw.progrss.details.php popup parameter.
|
CWE-22
Path Traversal
|
CVE-2020-13158
|
2024-11-21 14:00 |
2020-06-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
