CVE-2020-13622
JerryScript 2.2.0 allows attackers to cause a denial of service (assertion failure) because a property key query for a Proxy object returns unintended data.
Source: CVE-2020-13622
[월:] 2020년 05월
CVE-2020-13623
CVE-2020-13623
JerryScript 2.2.0 allows attackers to cause a denial of service (stack consumption) via a proxy operation.
Source: CVE-2020-13623
CVE-2020-13616
CVE-2020-13616
The boost ASIO wrapper in net/asio.cpp in Pichi before 1.3.0 lacks TLS hostname verification.
Source: CVE-2020-13616
CVE-2020-13614
CVE-2020-13614
An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification.
Source: CVE-2020-13614
CVE-2020-13615
CVE-2020-13615
lib/QoreSocket.cpp in Qore before 0.9.4.2 lacks hostname verification for X.509 certificates.
Source: CVE-2020-13615
CVE-2020-9046
CVE-2020-9046
A vulnerability in all versions of Kantech EntraPass Editions could potentially allow an authorized low-privileged user to gain full system-level privileges by replacing critical files with specifically crafted files.
Source: CVE-2020-9046
CVE-2020-6830
CVE-2020-6830
For native-to-JS bridging, the app requires a unique token to be passed that ensures non-app code can’t call the bridging functions. That token was being used for JS-to-native also, but it isn’t needed in this case, and its usage was also leaking this token. This vulnerability affects Firefox for iOS < 25.
Source: CVE-2020-6830
CVE-2020-12388
CVE-2020-12388
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.
Source: CVE-2020-12388
CVE-2020-12390
CVE-2020-12390
Incorrect origin serialization of URLs with IPv6 addresses could lead to incorrect security checks. This vulnerability affects Firefox < 76.
Source: CVE-2020-12390
CVE-2020-12389
CVE-2020-12389
The Firefox content processes did not sufficiently lockdown access control which could result in a sandbox escape. *Note: this issue only affects Firefox on Windows operating systems.*. This vulnerability affects Firefox ESR < 68.8 and Firefox < 76.
Source: CVE-2020-12389