|
210621
|
8.8 |
HIGH
Network
|
cgal
debian
|
computational_geometry_algorithms_library
debian_linux
|
Multiple code execution vulnerabilities exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. A specially crafted malformed file can lead to an out-of-bounds read and type confu…
|
-
|
CVE-2020-28602
|
2024-11-21 14:22 |
2022-04-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210622
|
7.2 |
HIGH
Network
|
hisiphp
|
hisiphp
|
An Access Control vulnerability exists in HisiPHP 2.0.11 via special packets that are constructed in $files = Dir::getList($decompath. '/ Upload/Plugins /, which could let a remote malicious user exe…
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-28062
|
2024-11-21 14:22 |
2022-04-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210623
|
4.3 |
MEDIUM
Network
|
osu
|
ohio_supercomputer_center_open_ondemand
|
The Job Composer app in Ohio Supercomputer Center Open OnDemand before 1.7.19 and 1.8.x before 1.8.18 allows remote authenticated users to provide crafted input in a job template.
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2020-27958
|
2024-11-21 14:22 |
2022-02-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210624
|
9.8 |
CRITICAL
Network
|
chshcms
|
cscms
|
cscms v4.1 allows for SQL injection via the "page_del" function.
|
CWE-89
SQL Injection
|
CVE-2020-28103
|
2024-11-21 14:22 |
2022-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210625
|
9.8 |
CRITICAL
Network
|
chshcms
|
cscms
|
cscms v4.1 allows for SQL injection via the "js_del" function.
|
CWE-89
SQL Injection
|
CVE-2020-28102
|
2024-11-21 14:22 |
2022-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210626
|
6.5 |
MEDIUM
Network
|
genexis
|
platinum_4410_firmware
|
Cross site request forgery (CSRF) in Genexis Platinum 4410 V2-1.28, allows attackers to cause a denial of service by continuously restarting the router.
|
CWE-352
Origin Validation Error
|
CVE-2020-28137
|
2024-11-21 14:22 |
2021-11-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210627
|
8.8 |
HIGH
Network
|
hp
|
color_laserjet_cm4540_mfp_firmware
color_laserjet_enterprise_flow_mfp_m880z_firmware
color_laserjet_managed_flow_mfp_m880zm_firmware
color_laserjet_enterprise_m455_firmware
color_laserjet…
|
During installation with certain driver software or application packages an arbitrary code execution could occur.
|
NVD-CWE-noinfo
|
CVE-2020-28419
|
2024-11-21 14:22 |
2021-11-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210628
|
7.8 |
HIGH
Local
|
hp
|
officejet_4650_e6g87a_firmware
officejet_4650_f1h96a_firmware
officejet_4650_f1h96b_firmware
officejet_4650_f1j03a_firmware
officejet_4650_f1j04a_firmware
officejet_4650_f9d37a_firmwar…
|
HP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentiall…
|
NVD-CWE-noinfo
|
CVE-2020-28416
|
2024-11-21 14:22 |
2021-11-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210629
|
7.5 |
HIGH
Network
|
wuzhicms
|
wuzhicms
|
Arbitrary file deletion vulnerability was discovered in wuzhicms v 4.0.1 via coreframe\app\attachment\admin\index.php, which allows attackers to access sensitive information.
|
CWE-668
Exposure of Resource to Wrong Sphere
|
CVE-2020-28145
|
2024-11-21 14:22 |
2021-10-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
210630
|
6.1 |
MEDIUM
Network
|
53kf
|
53kf
|
Cross site scripting vulnerability in 53KF < 2.0.0.2 that allows for arbitrary code to be executed via crafted HTML statement inserted into chat window.
|
CWE-79
Cross-site Scripting
|
CVE-2020-28119
|
2024-11-21 14:22 |
2021-10-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
