|
211581
|
6.5 |
MEDIUM
Local
|
xen
fedoraproject
|
xen
fedora
|
An issue was discovered in Xen through 4.14.x. There is mishandling of the constraint that once-valid event channels may not turn invalid. Logic in the handling of event channel operations in Xen ass…
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2020-25597
|
2024-11-21 14:18 |
2020-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211582
|
5.5 |
MEDIUM
Local
|
xen
fedoraproject
debian
opensuse
|
xen
fedora
debian_linux
leap
|
An issue was discovered in Xen through 4.14.x. x86 PV guest kernels can experience denial of service via SYSENTER. The SYSENTER instruction leaves various state sanitization activities to software. O…
|
CWE-74
Injection
|
CVE-2020-25596
|
2024-11-21 14:18 |
2020-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211583
|
7.8 |
HIGH
Local
|
xen
fedoraproject
debian
opensuse
|
xen
fedora
debian_linux
leap
|
An issue was discovered in Xen through 4.14.x. The PCI passthrough code improperly uses register data. Code paths in Xen's MSI handling have been identified that act on unsanitized values read back f…
|
CWE-269
Improper Privilege Management
|
CVE-2020-25595
|
2024-11-21 14:18 |
2020-09-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211584
|
6.1 |
MEDIUM
Network
|
gon_project
debian
canonical
|
gon
debian_linux
ubuntu_linux
|
An issue was discovered in the gon gem before gon-6.4.0 for Ruby. MultiJson does not honor the escape_mode parameter to escape fields as an XSS protection mechanism. To mitigate, json_dumper.rb in go…
|
CWE-79
Cross-site Scripting
|
CVE-2020-25739
|
2024-11-21 14:18 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211585
|
7.8 |
HIGH
Local
|
pingidentity
|
pingid_integration_for_windows_login
|
PingID Integration for Windows Login before 2.4.2 allows local users to gain privileges by modifying CefSharp.BrowserSubprocess.exe.
|
CWE-732
Incorrect Permission Assignment for Critical Resource
|
CVE-2020-25826
|
2024-11-21 14:18 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211586
|
7.5 |
HIGH
Network
|
peg-markdown_project
|
peg-markdown
|
peg-markdown 0.4.14 has a NULL pointer dereference in process_raw_blocks in markdown_lib.c. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
|
CWE-476
NULL Pointer Dereference
|
CVE-2020-25821
|
2024-11-21 14:18 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211587
|
7.8 |
HIGH
Local
|
simple_library_management_system_project
|
simple_library_management_system
|
Sourcecodester Simple Library Management System 1.0 is affected by Insecure Permissions via Books > New Book , http://<site>/lms/index.php?page=books.
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2020-25515
|
2024-11-21 14:18 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211588
|
8.4 |
HIGH
Local
|
simple_library_management_system_project
|
simple_library_management_system
|
Sourcecodester Simple Library Management System 1.0 is affected by Incorrect Access Control via the Login Panel, http://<site>/lms/admin.php.
|
CWE-89
SQL Injection
|
CVE-2020-25514
|
2024-11-21 14:18 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211589
|
7.8 |
HIGH
Local
|
phpgurukul
|
zoo_management_system
|
PHPGURUKUL Zoo Management System Using PHP and MySQL version 1.0 is affected by: SQL Injection via zms/animal-detail.php.
|
CWE-89
SQL Injection
|
CVE-2020-25487
|
2024-11-21 14:18 |
2020-09-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
211590
|
7.5 |
HIGH
Network
|
sized-chunks_project
|
sized-chunks
|
An issue was discovered in the sized-chunks crate through 0.6.2 for Rust. In the InlineArray implementation, an unaligned reference may be generated for a type that has a large alignment requirement.
|
CWE-129
Improper Validation of Array Index
|
CVE-2020-25796
|
2024-11-21 14:18 |
2020-09-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
