|
651
|
3.3
4.3
|
LOW
Local
|
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the ran…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-27775
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:21
2020-12-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
652
|
3.3
4.3
|
LOW
Local
|
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of a too large shift fo…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-27774
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:21
2020-12-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
653
|
3.3
4.3
|
LOW
Local
|
A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero.…
|
CWE-369
Divide By Zero
|
CVE-2020-27765
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:21
2020-12-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
654
|
3.3
4.3
|
LOW
Local
|
In RestoreMSCWarning() of /coders/pdf.c there are several areas where calls to GetPixelIndex() could result in values outside the range of representable for the unsigned char type. The patch casts th…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-27771
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:21
2020-12-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
655
|
3.3
4.3
|
LOW
Local
|
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the ran…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2020-27767
|
cpe:2.3:o:redhat:enterprise_linux:7.0:* cpe:2.3:o:redhat:enterprise_linux:6.0:* cpe:2.3:o:redhat:enterprise_linux…
|
|
|
|
|
2024-11-21 14:21
2020-12-5
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
656
|
6.1
4.3
|
MEDIUM
Network
|
A XSS vulnerability was discovered in python-lxml's clean module. The module's parser didn't properly imitate browsers, which caused different behaviors between the sanitizer and the user's page. A r…
|
-
|
CVE-2020-27783
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 14:21
2020-12-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
657
|
7.5
5.0
|
HIGH
Network
|
A flaw was found in Poppler in the way certain PDF files were converted into HTML. A remote attacker could exploit this flaw by providing a malicious PDF file that, when processed by the 'pdftohtml' …
|
CWE-824
Access of Uninitialized Pointer
|
CVE-2020-27778
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 14:21
2020-12-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
658
|
7.8
4.6
|
HIGH
Local
|
A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly esca…
|
-
|
CVE-2020-14351
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 14:03
2020-12-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
659
|
8.8
7.2
|
HIGH
Local
|
A flaw was found in libvirt, where it leaked a file descriptor for `/dev/mapper/control` into the QEMU process. This file descriptor allows for privileged operations to happen against the device-mapp…
|
-
|
CVE-2020-14339
|
cpe:2.3:o:redhat:enterprise_linux:8.0:*
|
|
|
|
|
2024-11-21 14:03
2020-12-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
660
|
4.3
4.0
|
MEDIUM
Network
|
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be u…
|
-
|
CVE-2020-14318
|
cpe:2.3:o:redhat:enterprise_linux:8.0:* cpe:2.3:o:redhat:enterprise_linux:7.0:*
|
|
|
|
|
2024-11-21 14:02
2020-12-4
|
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|