CVE-2020-5499
Baidu Rust SGX SDK through 1.0.8 has an enclave ID race. There are non-deterministic results in which, sometimes, two global IDs are the same.
Source: CVE-2020-5499
[월:] 2020년 01월
CVE-2015-9540
CVE-2015-9540
Chamilo LMS through 1.9.10.2 allows a link_goto.php?link_url= open redirect, a related issue to CVE-2015-5503.
Source: CVE-2015-9540
CVE-2020-5497
CVE-2020-5497
The OpenID Connect reference implementation for MITREid Connect through 1.3.3 allows XSS due to userInfoJson being included in the page unsanitized. This is related to header.tag. The issue can be exploited to execute arbitrary JavaScript.
Source: CVE-2020-5497
CVE-2019-13766
CVE-2019-13766
Use-after-free in accessibility in Google Chrome prior to 77.0.3865.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Source: CVE-2019-13766
CVE-2019-13765
CVE-2019-13765
Use-after-free in content delivery manager in Google Chrome prior to 78.0.3904.70 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Source: CVE-2019-13765
CVE-2019-3768
CVE-2019-3768
RSA Authentication Manager versions prior to 8.4 P7 contain an XML Entity Injection Vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to cause information disclosure of local system files by supplying specially crafted XML message.
Source: CVE-2019-3768
CVE-2019-5844
CVE-2019-5844
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Source: CVE-2019-5844
CVE-2019-5845
CVE-2019-5845
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Source: CVE-2019-5845
CVE-2019-5846
CVE-2019-5846
Out of bounds access in SwiftShader in Google Chrome prior to 73.0.3683.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
Source: CVE-2019-5846
CVE-2020-5496
CVE-2020-5496
FontForge 20190801 has a heap-based buffer overflow in the Type2NotDefSplines() function in splinesave.c.
Source: CVE-2020-5496