CVE-2020-28636
- EPSS 2.88%
- Veröffentlicht 04.03.2021 20:15:13
- Zuletzt bearbeitet 21.11.2024 05:23:04
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->twin() An attacker can provide malicious input to t...
CVE-2020-35628
- EPSS 2.88%
- Veröffentlicht 04.03.2021 20:15:13
- Zuletzt bearbeitet 21.11.2024 05:27:44
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_S2/SNC_io_parser.h SNC_io_parser::read_sloop() slh->incident_sface. An attacker can provide malicious i...
CVE-2020-28601
- EPSS 2.88%
- Veröffentlicht 04.03.2021 20:15:12
- Zuletzt bearbeitet 21.11.2024 05:22:59
A code execution vulnerability exists in the Nef polygon-parsing functionality of CGAL libcgal CGAL-5.1.1. An oob read vulnerability exists in Nef_2/PM_io_parser.h PM_io_parser::read_vertex() Face_of[] OOB read. An attacker can provide malicious inpu...
CVE-2021-22877
- EPSS 1.69%
- Veröffentlicht 03.03.2021 18:15:14
- Zuletzt bearbeitet 21.11.2024 05:50:49
A missing user check in Nextcloud prior to 20.0.6 inadvertently populates a user's own credentials for other users external storage configuration when not already configured yet.
CVE-2021-22878
- EPSS 1.06%
- Veröffentlicht 03.03.2021 18:15:14
- Zuletzt bearbeitet 21.11.2024 05:50:49
Nextcloud Server prior to 20.0.6 is vulnerable to reflected cross-site scripting (XSS) due to lack of sanitization in `OC.Notification.show`.
CVE-2021-22883
- EPSS 77.39%
- Veröffentlicht 03.03.2021 18:15:14
- Zuletzt bearbeitet 21.11.2024 05:50:49
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connection attempts with an 'unknownProtocol' are established. This leads to a leak of file descriptors. If a file descriptor limit is con...
CVE-2021-22884
- EPSS 32.36%
- Veröffentlicht 03.03.2021 18:15:14
- Zuletzt bearbeitet 21.11.2024 05:50:50
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “localhost6”. When “localhost6” is not present in /etc/hosts, it is just an ordinary domain that is resolved via DNS, i.e., over ne...
CVE-2020-28591
- EPSS 1.9%
- Veröffentlicht 03.03.2021 18:15:13
- Zuletzt bearbeitet 21.11.2024 05:22:58
An out-of-bounds read vulnerability exists in the AMF File AMFParserContext::endElement() functionality of Slic3r libslic3r 1.3.0 and Master Commit 92abbc42. A specially crafted AMF file can lead to information disclosure. An attacker can provide a m...
CVE-2020-8296
- EPSS 0.51%
- Veröffentlicht 03.03.2021 18:15:13
- Zuletzt bearbeitet 21.11.2024 05:38:40
Nextcloud Server prior to 20.0.0 stores passwords in a recoverable format even when external storage is not configured.
CVE-2021-20233
- EPSS 0.61%
- Veröffentlicht 03.03.2021 17:15:12
- Zuletzt bearbeitet 21.11.2024 05:46:10
A flaw was found in grub2 in versions prior to 2.06. Setparam_prefix() in the menu rendering code performs a length calculation on the assumption that expressing a quoted single quote will require 3 characters, while it actually requires 4 characters...