CVE-2020-11904

The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write.

Source: CVE-2020-11904

CVE-2020-11901

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response.

Source: CVE-2020-11901

CVE-2020-11902

The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read.

Source: CVE-2020-11902

CVE-2020-11900

The Treck TCP/IP stack before 6.0.1.41 has an IPv4 tunneling Double Free.

Source: CVE-2020-11900

CVE-2020-11905

The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read.

Source: CVE-2020-11905

CVE-2020-11908

The Treck TCP/IP stack before 4.7.1.27 mishandles ‘{$content}’ termination in DHCP.

Source: CVE-2020-11908

CVE-2020-11896

The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling.

Source: CVE-2020-11896

CVE-2020-14214

Zammad before 3.3.1, when Domain Based Assignment is enabled, relies on a claimed e-mail address for authorization decisions. An attacker can register a new account that will have access to all tickets of an arbitrary Organization.

Source: CVE-2020-14214

CVE-2020-14213

In Zammad before 3.3.1, a Customer has ticket access that should only be available to an Agent (e.g., read internal data, split, or merge).

Source: CVE-2020-14213

CVE-2020-4053

In Helm greater than or equal to 3.0.0 and less than 3.2.4, a path traversal attack is possible when installing Helm plugins from a tar archive over HTTP. It is possible for a malicious plugin author to inject a relative path into a plugin archive, and copy a file outside of the intended directory. This has been fixed in 3.2.4.

Source: CVE-2020-4053