CVE-2020-24265
- EPSS 2.56%
- Veröffentlicht 19.10.2020 15:15:13
- Zuletzt bearbeitet 21.11.2024 05:14:33
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in MemcmpInterceptorCommon() that can make tcpprep crash and cause a denial of service.
CVE-2020-24266
- EPSS 2.56%
- Veröffentlicht 19.10.2020 15:15:13
- Zuletzt bearbeitet 21.11.2024 05:14:33
An issue was discovered in tcpreplay tcpprep v4.3.3. There is a heap buffer overflow vulnerability in get_l2len() that can make tcpprep crash and cause a denial of service.
CVE-2020-9983
- EPSS 2.08%
- Veröffentlicht 16.10.2020 17:15:18
- Zuletzt bearbeitet 21.11.2024 05:41:38
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in Safari 14.0. Processing maliciously crafted web content may lead to code execution.
CVE-2020-26934
- EPSS 2.19%
- Veröffentlicht 10.10.2020 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:20:32
phpMyAdmin before 4.9.6 and 5.x before 5.0.3 allows XSS through the transformation feature via a crafted link.
CVE-2020-26935
- EPSS 67.08%
- Veröffentlicht 10.10.2020 19:15:12
- Zuletzt bearbeitet 21.11.2024 05:20:32
An issue was discovered in SearchController in phpMyAdmin before 4.9.6 and 5.x before 5.0.3. A SQL injection vulnerability was discovered in how phpMyAdmin processes SQL statements in the search feature. An attacker could use this flaw to inject mali...
CVE-2020-26880
- EPSS 0.35%
- Veröffentlicht 07.10.2020 18:15:12
- Zuletzt bearbeitet 21.11.2024 05:20:24
Sympa through 6.2.57b.2 allows a local privilege escalation from the sympa user account to full root access by modifying the sympa.conf configuration file (which is owned by sympa) and parsing it through the setuid sympa_newaliases-wrapper executable...
CVE-2020-25862
- EPSS 2.45%
- Veröffentlicht 06.10.2020 15:15:15
- Zuletzt bearbeitet 21.11.2024 05:18:55
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the TCP dissector could crash. This was addressed in epan/dissectors/packet-tcp.c by changing the handling of the invalid 0xFFFF checksum.
CVE-2020-25863
- EPSS 4.92%
- Veröffentlicht 06.10.2020 15:15:15
- Zuletzt bearbeitet 21.11.2024 05:18:55
In Wireshark 3.2.0 to 3.2.6, 3.0.0 to 3.0.13, and 2.6.0 to 2.6.20, the MIME Multipart dissector could crash. This was addressed in epan/dissectors/packet-multipart.c by correcting the deallocation of invalid MIME parts.
CVE-2020-25866
- EPSS 3.94%
- Veröffentlicht 06.10.2020 15:15:15
- Zuletzt bearbeitet 21.11.2024 05:18:56
In Wireshark 3.2.0 to 3.2.6 and 3.0.0 to 3.0.13, the BLIP protocol dissector has a NULL pointer dereference because a buffer was sized for compressed (not uncompressed) messages. This was addressed in epan/dissectors/packet-blip.c by allowing reasona...
CVE-2020-26575
- EPSS 3.12%
- Veröffentlicht 06.10.2020 15:15:15
- Zuletzt bearbeitet 21.11.2024 05:20:06
In Wireshark through 3.2.7, the Facebook Zero Protocol (aka FBZERO) dissector could enter an infinite loop. This was addressed in epan/dissectors/packet-fbzero.c by correcting the implementation of offset advancement.