CVE-2020-26419
- EPSS 2.78%
- Veröffentlicht 11.12.2020 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:19:54
Memory leak in the dissection engine in Wireshark 3.4.0 allows denial of service via packet injection or crafted capture file.
CVE-2020-26420
- EPSS 2.61%
- Veröffentlicht 11.12.2020 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:19:54
Memory leak in RTPS protocol dissector in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
CVE-2020-26421
- EPSS 2.59%
- Veröffentlicht 11.12.2020 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:19:54
Crash in USB HID protocol dissector and possibly other dissectors in Wireshark 3.4.0 and 3.2.0 to 3.2.8 allows denial of service via packet injection or crafted capture file.
CVE-2020-35132
- EPSS 1.23%
- Veröffentlicht 11.12.2020 05:15:12
- Zuletzt bearbeitet 21.11.2024 05:26:49
An XSS issue has been discovered in phpLDAPadmin before 1.2.6.2 that allows users to store malicious values that may be executed by other users at a later time via get_request in lib/function.php.
CVE-2020-27828
- EPSS 1.37%
- Veröffentlicht 11.12.2020 04:15:11
- Zuletzt bearbeitet 21.11.2024 05:21:53
There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary out-of-bounds write. This could potentially affect data confidentiality, integrity, or application availabili...
CVE-2020-29668
- EPSS 1.96%
- Veröffentlicht 10.12.2020 08:15:11
- Zuletzt bearbeitet 21.11.2024 05:24:24
Sympa before 6.2.59b.2 allows remote attackers to obtain full SOAP API access by sending any arbitrary string (except one from an expired cookie) as the cookie value to authenticateAndRun.
CVE-2020-16592
- EPSS 1.05%
- Veröffentlicht 09.12.2020 21:15:15
- Zuletzt bearbeitet 21.11.2024 05:07:10
A use after free issue exists in the Binary File Descriptor (BFD) library (aka libbfd) in GNU Binutils 2.34 in bfd_hash_lookup, as demonstrated in nm-new, that can cause a denial of service via a crafted file.
CVE-2020-26257
- EPSS 2.36%
- Veröffentlicht 09.12.2020 19:15:11
- Zuletzt bearbeitet 21.11.2024 05:19:40
Matrix is an ecosystem for open federated Instant Messaging and VoIP. Synapse is a reference "homeserver" implementation of Matrix. A malicious or poorly-implemented homeserver can inject malformed events into a room by specifying a different room id...
CVE-2020-29660
- EPSS 0.47%
- Veröffentlicht 09.12.2020 17:15:31
- Zuletzt bearbeitet 21.11.2024 05:24:22
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.
CVE-2020-29661
- EPSS 1.13%
- Veröffentlicht 09.12.2020 17:15:31
- Zuletzt bearbeitet 21.11.2024 05:24:23
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.