Search Results (83758 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-21676 2 Debian, Fig2dev Project 2 Debian Linux, Fig2dev 2024-11-21 5.5 Medium
A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.
CVE-2020-21675 2 Debian, Fig2dev Project 2 Debian Linux, Fig2dev 2024-11-21 5.5 Medium
A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format.
CVE-2020-21674 1 Libarchive 1 Libarchive 2024-11-21 6.5 Medium
Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.1dev allows remote attackers to cause a denial of service (out-of-bounds write in heap memory resulting into a crash) via a crafted archive file. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product's official releases are unaffected.
CVE-2020-21656 1 Xyhcms 1 Xyhcms 2024-11-21 5.4 Medium
XYHCMS v3.6 contains a stored cross-site scripting (XSS) vulnerability in the component xyhai.php?s=/Link/index.
CVE-2020-21639 1 Ruijie 2 Rg-uac 6000-e50, Rg-uac 6000-e50 Firmware 2024-11-21 6.1 Medium
Ruijie RG-UAC 6000-E50 commit 9071227 was discovered to contain a cross-site scripting (XSS) vulnerability via the rule_name parameter. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVE-2020-21606 1 Struktur 1 Libde265 2024-11-21 6.5 Medium
libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_16_fallback function, which can be exploited via a crafted a file.
CVE-2020-21604 1 Struktur 1 Libde265 2024-11-21 6.5 Medium
libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be exploited via a crafted a file.
CVE-2020-21603 1 Struktur 1 Libde265 2024-11-21 6.5 Medium
libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fallback_16 function, which can be exploited via a crafted a file.
CVE-2020-21602 1 Struktur 1 Libde265 2024-11-21 6.5 Medium
libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file.
CVE-2020-21601 1 Struktur 1 Libde265 2024-11-21 6.5 Medium
libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallback function, which can be exploited via a crafted a file.
CVE-2020-21600 1 Struktur 1 Libde265 2024-11-21 6.5 Medium
libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, which can be exploited via a crafted a file.
CVE-2020-21599 2 Debian, Struktur 2 Debian Linux, Libde265 2024-11-21 6.5 Medium
libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file.
CVE-2020-21598 2 Debian, Struktur 2 Debian Linux, Libde265 2024-11-21 8.8 High
libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file.
CVE-2020-21597 2 Debian, Struktur 2 Debian Linux, Libde265 2024-11-21 6.5 Medium
libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file.
CVE-2020-21595 1 Struktur 1 Libde265 2024-11-21 6.5 Medium
libde265 v1.0.4 contains a heap buffer overflow in the mc_luma function, which can be exploited via a crafted a file.
CVE-2020-21594 1 Struktur 1 Libde265 2024-11-21 6.5 Medium
libde265 v1.0.4 contains a heap buffer overflow in the put_epel_hv_fallback function, which can be exploited via a crafted a file.
CVE-2020-21533 2 Debian, Xfig Project 2 Debian Linux, Fig2dev 2024-11-21 5.5 Medium
fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.
CVE-2020-21529 2 Debian, Xfig Project 2 Debian Linux, Fig2dev 2024-11-21 5.5 Medium
fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.
CVE-2020-21523 1 Halo 1 Halo 2024-11-21 9.8 Critical
A Server-Side Freemarker template injection vulnerability in halo CMS v1.1.3 In the Edit Theme File function. The ftl file can be edited. This is the Freemarker template file. This file can cause arbitrary code execution when it is rendered in the background. exp: <#assign test="freemarker.template.utility.Execute"?new()> ${test("touch /tmp/freemarkerPwned")}
CVE-2020-21517 1 Metinfo 1 Metinfo 2024-11-21 6.1 Medium
Cross Site Scripting (XSS) vulnerability in MetInfo 7.0.0 via the gourl parameter in login.php.