CVE-2020-28984
- EPSS 2.17%
- Veröffentlicht 23.11.2020 22:15:12
- Zuletzt bearbeitet 21.11.2024 05:23:26
prive/formulaires/configurer_preferences.php in SPIP before 3.2.8 does not properly validate the couleur, display, display_navigation, display_outils, imessage, and spip_ecran parameters.
CVE-2020-28896
- EPSS 2.32%
- Veröffentlicht 23.11.2020 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:23:14
Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and the code could continue attempting to authenticate. ...
- EPSS 0.73%
- Veröffentlicht 23.11.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:26:59
Use after free vulnerability in EDK II may allow an authenticated user to potentially enable escalation of privilege, information disclosure and/or denial of service via adjacent access.
CVE-2019-14587
- EPSS 0.63%
- Veröffentlicht 23.11.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:26:59
Logic issue EDK II may allow an unauthenticated user to potentially enable denial of service via adjacent access.
CVE-2020-0569
- EPSS 0.56%
- Veröffentlicht 23.11.2020 17:15:12
- Zuletzt bearbeitet 21.11.2024 04:53:46
Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2019-14563
- EPSS 0.4%
- Veröffentlicht 23.11.2020 17:15:11
- Zuletzt bearbeitet 21.11.2024 04:26:58
Integer truncation in EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2019-14575
- EPSS 0.36%
- Veröffentlicht 23.11.2020 17:15:11
- Zuletzt bearbeitet 21.11.2024 04:26:59
Logic issue in DxeImageVerificationHandler() for EDK II may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2019-14562
- EPSS 0.31%
- Veröffentlicht 23.11.2020 16:15:12
- Zuletzt bearbeitet 21.11.2024 04:26:58
Integer overflow in DxeImageVerificationHandler() EDK II may allow an authenticated user to potentially enable denial of service via local access.
CVE-2020-20739
- EPSS 1.98%
- Veröffentlicht 20.11.2020 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:12:15
im_vips2dz in /libvips/libvips/deprecated/im_vips2dz.c in libvips before 8.8.2 has an uninitialized variable which may cause the leakage of remote server path or stack address.
CVE-2020-20740
- EPSS 1.05%
- Veröffentlicht 20.11.2020 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:12:15
PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_version().