|
211331
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
debian
oracle
|
wireshark
fedora
debian_linux
zfs_storage_appliance_kit
|
Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
|
CWE-125
Out-of-bounds Read
|
CVE-2020-26421
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211332
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
oracle
|
wireshark
fedora
zfs_storage_appliance_kit
|
Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-26420
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211333
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
oracle
|
wireshark
fedora
zfs_storage_appliance_kit
|
Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-26419
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211334
|
5.3 |
MEDIUM
Network
|
wireshark
fedoraproject
debian
oracle
|
wireshark
fedora
debian_linux
zfs_storage_appliance_kit
|
Memory leak in Kafka protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
|
CWE-401
Missing Release of Memory after Effective Lifetime
|
CVE-2020-26418
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211335
|
5.3 |
MEDIUM
Network
|
ethereum
|
go_ethereum
|
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth from version 1.9.4 and before version 1.9.20 a consensus-vulnerability could cause a chain split, where…
|
CWE-682
Incorrect Calculation
|
CVE-2020-26265
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211336
|
6.5 |
MEDIUM
Network
|
ethereum
|
go_ethereum
|
Go Ethereum, or "Geth", is the official Golang implementation of the Ethereum protocol. In Geth before version 1.9.25 a denial-of-service vulnerability can make a LES server crash via malicious GetPr…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2020-26264
|
2024-11-21 14:19 |
2020-12-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211337
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
A potential DOS vulnerability was discovered in all versions of Gitlab starting from 13.4.x (>=13.4 to <13.4.7, >=13.5 to <13.5.5, and >=13.6 to <13.6.2). Using a specific query name for a project se…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2020-26411
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211338
|
5.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
Information disclosure via GraphQL in GitLab CE/EE 13.1 and later exposes private group and project membership. This affects versions >=13.6 to <13.6.2, >=13.5 to <13.5.5, and >=13.1 to <13.4.7.
|
CWE-200
Information Exposure
|
CVE-2020-26417
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211339
|
4.4 |
MEDIUM
Local
|
gitlab
|
gitlab
|
Information disclosure in Advanced Search component of GitLab EE starting from 8.4 results in exposure of search terms via Rails logs. This affects versions >=8.4 to <13.4.7, >=13.5 to <13.5.5, and >…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2020-26416
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211340
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
Information about the starred projects for private user profiles was exposed via the GraphQL API starting from 12.2 via the REST API. This affects GitLab >=12.2 to <13.4.7, >=13.5 to <13.5.5, and >=1…
|
CWE-200
CWE-862
Information Exposure
Missing Authorization
|
CVE-2020-26415
|
2024-11-21 14:19 |
2020-12-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
