Max CVSS 8.5 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2020-1045 5.0
<p>A security feature bypass vulnerability exists in the way Microsoft ASP.NET Core parses encoded cookie names.</p> <p>The ASP.NET Core cookie parser decodes entire cookie strings which could allow a malicious attacker to set a second cookie with th
31-12-2023 - 22:15 11-09-2020 - 17:15
CVE-2020-16845 5.0
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
03-02-2023 - 02:28 06-08-2020 - 18:15
CVE-2020-12825 5.8
libcroco through 0.6.13 has excessive recursion in cr_parser_parse_any_core in cr-parser.c, leading to stack consumption.
27-10-2022 - 01:04 12-05-2020 - 18:15
CVE-2020-7066 4.3
In PHP versions 7.2.x below 7.2.29, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using get_headers() with user-supplied URL, if the URL contains zero (\0) character, the URL will be silently truncated at it. This may cause some software to make in
08-05-2022 - 23:51 01-04-2020 - 04:15
CVE-2020-14352 8.5
A flaw was found in librepo in versions before 1.12.1. A directory traversal vulnerability was found where it failed to sanitize paths in remote repository metadata. An attacker controlling a remote repository may be able to copy files outside of the
09-11-2020 - 14:28 30-08-2020 - 15:15
CVE-2020-15669 6.8
When aborting an operation, such as a fetch, an abort signal may be deleted while alerting the objects to be notified. This results in a use-after-free and we presume that with enough effort it could have been exploited to run arbitrary code. This vu
02-10-2020 - 19:02 01-10-2020 - 19:15
CVE-2020-16845 5.0
Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loop in ReadUvarint and ReadVarint in encoding/binary via invalid inputs.
24-09-2020 - 12:15 06-08-2020 - 18:15
CVE-2020-1720 3.5
A flaw was found in PostgreSQL's "ALTER ... DEPENDS ON EXTENSION", where sub-commands did not perform authorization checks. An authenticated attacker could use this flaw in certain configurations to perform drop objects such as function, triggers, et
17-08-2020 - 19:15 17-03-2020 - 16:15
Back to Top Mark selected
Back to Top