By Risk Score
By Publish Date
By Recent Activity
cve-2020-0601 vulnerabilities and exploits
(subscribe to this query)
Multiple integer signedness errors in the gdImageCrop function in ext/gd/gd.c in PHP 5.5.x before 5.5.9 allow remote attackers to cause a denial of service (application crash) or obtain sensitive information via an imagecrop function call with a negative value for the (1) x or...
Fine Free file before 5.17 allows context-dependent attackers to cause a denial of service (infinite recursion, CPU consumption, and crash) via a crafted indirect offset value in the magic of a file....
An Elevation of Privilege vulnerability in Bluetooth could potentially enable a local malicious application to accept harmful files shared via bluetooth without user permission. This issue is rated as Moderate due to local bypass of user interaction requirements. Product:...
Workgroup Manager in Apple Mac OS X Server 10.2 through 10.2.6 does not disable a password for a new account before it is saved for the first time, which allows remote attackers to gain unauthorized access via the new account before it is saved....
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC (Message Integrity Check) protection, aka 'Windows NTLM Tampering Vulnerability'....
28 Github repositories available
4 Articles available
Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0605, CVE-2013-0616,...
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2011. Notes: none....
Untrusted search path vulnerability in axpdfium v0.01 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory....
Format string vulnerability in Wireshark 0.99.8 through 1.0.5 on non-Windows platforms allows local users to cause a denial of service (application crash) via format string specifiers in the HOME environment variable....
A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets....