Max CVSS | 5.8 | Min CVSS | 4.3 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2020-8203 | 5.8 |
Prototype pollution attack when using _.zipObjectDeep in lodash before 4.17.20.
|
21-01-2024 - 02:37 | 15-07-2020 - 17:15 | |
CVE-2020-11023 | 4.3 |
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex
|
31-08-2023 - 03:15 | 29-04-2020 - 21:15 | |
CVE-2020-9283 | 5.0 |
golang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go allows a panic during signature verification in the golang.org/x/crypto/ssh package. A client can attack an SSH server that accepts public keys. Also, a server can attack any SSH cl
|
17-06-2023 - 00:15 | 20-02-2020 - 20:15 | |
CVE-2020-12666 | 5.8 |
macaron before 1.3.7 has an open redirect in the static handler, as demonstrated by the http://127.0.0.1:4000//example.com/ URL.
|
28-10-2022 - 23:30 | 05-05-2020 - 22:15 | |
CVE-2020-14040 | 5.0 |
The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 deco
|
18-11-2020 - 14:44 | 17-06-2020 - 20:15 | |
CVE-2020-11023 | 4.3 |
In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing <option> elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may ex
|
01-10-2020 - 00:15 | 29-04-2020 - 21:15 |