Max CVSS | 8.5 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-1045 | 5.0 |
<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p>
<p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with th
|
31-12-2023 - 22:15 | 11-09-2020 - 17:15 | |
CVE-2020-16845 | 5.0 |
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
|
03-02-2023 - 02:28 | 06-08-2020 - 18:15 | |
CVE-2020-12825 | 5.8 |
libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption.
|
27-10-2022 - 01:04 | 12-05-2020 - 18:15 | |
CVE-2020-7066 | 4.3 |
In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make in
|
08-05-2022 - 23:51 | 01-04-2020 - 04:15 | |
CVE-2020-14352 | 8.5 |
A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the
|
09-11-2020 - 14:28 | 30-08-2020 - 15:15 | |
CVE-2020-15669 | 6.8 |
When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. This vu
|
02-10-2020 - 19:02 | 01-10-2020 - 19:15 | |
CVE-2020-16845 | 5.0 |
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
|
24-09-2020 - 12:15 | 06-08-2020 - 18:15 | |
CVE-2020-1720 | 3.5 |
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et
|
17-08-2020 - 19:15 | 17-03-2020 - 16:15 |