CVE-2020-12420
- EPSS 1.86%
- Veröffentlicht 09.07.2020 15:15:11
- Zuletzt bearbeitet 21.11.2024 04:59:41
When trying to connect to a STUN server, a race condition could have caused a use-after-free of a pointer, leading to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird...
CVE-2020-12398
- EPSS 0.98%
- Veröffentlicht 09.07.2020 15:15:10
- Zuletzt bearbeitet 21.11.2024 04:59:38
If Thunderbird is configured to use STARTTLS for an IMAP server, and the server sends a PREAUTH response, then Thunderbird will continue with an unencrypted connection, causing email data to be sent without protection. This vulnerability affects Thun...
CVE-2020-12405
- EPSS 1.35%
- Veröffentlicht 09.07.2020 15:15:10
- Zuletzt bearbeitet 21.11.2024 04:59:39
When browsing a malicious page, a race condition in our SharedWorkerService could occur and lead to a potentially exploitable crash. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9.
CVE-2020-10760
- EPSS 2.66%
- Veröffentlicht 06.07.2020 19:15:12
- Zuletzt bearbeitet 21.11.2024 04:56:00
A use-after-free flaw was found in all samba LDAP server versions before 4.10.17, before 4.11.11, before 4.12.4 used in a AC DC configuration. A Samba LDAP user could use this flaw to crash samba.
CVE-2020-14303
- EPSS 3.54%
- Veröffentlicht 06.07.2020 18:15:20
- Zuletzt bearbeitet 21.11.2024 05:02:57
A flaw was found in the AD DC NBT server in all Samba versions before 4.10.17, before 4.11.11 and before 4.12.4. A samba user could send an empty UDP packet to cause the samba server to crash.
CVE-2020-8161
- EPSS 3.59%
- Veröffentlicht 02.07.2020 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:38:24
A directory traversal vulnerability exists in rack < 2.2.0 that allows an attacker perform directory traversal vulnerability in the Rack::Directory app that is bundled with Rack which could result in information disclosure.
CVE-2020-5973
- EPSS 0.4%
- Veröffentlicht 30.06.2020 23:15:12
- Zuletzt bearbeitet 21.11.2024 05:34:55
NVIDIA Virtual GPU Manager and the guest drivers contain a vulnerability in vGPU plugin, in which there is the potential to execute privileged operations, which may lead to denial of service. This affects vGPU version 8.x (prior to 8.4), version 9.x ...
CVE-2017-18922
- EPSS 2.26%
- Veröffentlicht 30.06.2020 11:15:10
- Zuletzt bearbeitet 21.11.2024 03:21:16
It was discovered that websockets.c in LibVNCServer prior to 0.9.12 did not properly decode certain WebSocket frames. A malicious attacker could exploit this by sending specially crafted WebSocket frames to a server, causing a heap-based buffer overf...
CVE-2020-15393
- EPSS 0.43%
- Veröffentlicht 29.06.2020 22:15:10
- Zuletzt bearbeitet 21.11.2024 05:05:28
In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.
CVE-2020-4067
- EPSS 1.85%
- Veröffentlicht 29.06.2020 20:15:10
- Zuletzt bearbeitet 21.11.2024 05:32:14
In coturn before version 4.5.1.3, there is an issue whereby STUN/TURN response buffer is not initialized properly. There is a leak of information between different client connections. One client (an attacker) could use their connection to intelligent...