Total
35019 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-35952 | 1 Php-fusion | 1 Php-fusion | 2024-11-21 | 6.5 Medium |
| login.php in PHPFusion (aka PHP-Fusion) Andromeda 9.x before 2020-12-30 generates error messages that distinguish between incorrect username and incorrect password (i.e., not a single "Incorrect username or password" message in both cases), which might allow enumeration. | ||||
| CVE-2020-35935 | 1 Vasyltech | 1 Advanced Access Manager | 2024-11-21 | 7.5 High |
| The Advanced Access Manager plugin before 6.6.2 for WordPress allows privilege escalation on profile updates via the aam_user_roles POST parameter if Multiple Role support is enabled. (The mechanism for deciding whether a user was entitled to add a role did not work in various custom-role scenarios.) | ||||
| CVE-2020-35927 | 1 Thex Project | 1 Thex | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the thex crate through 2020-12-08 for Rust. Thex<T> allows cross-thread data races of non-Send types. | ||||
| CVE-2020-35925 | 1 Magnetic Project | 1 Magnetic | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the magnetic crate before 2.0.1 for Rust. MPMCConsumer and MPMCProducer allow cross-thread sending of a non-Send type. | ||||
| CVE-2020-35922 | 1 Mio Project | 1 Mio | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the mio crate before 0.7.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation. | ||||
| CVE-2020-35921 | 1 Miow Project | 1 Miow | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the miow crate before 0.3.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation. | ||||
| CVE-2020-35920 | 1 Rust-lang | 1 Socket2 | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the socket2 crate before 0.3.16 for Rust. It has false expectations about the std::net::SocketAddr memory representation. | ||||
| CVE-2020-35919 | 1 Net2 Project | 1 Net2 | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the net2 crate before 0.2.36 for Rust. It has false expectations about the std::net::SocketAddr memory representation. | ||||
| CVE-2020-35918 | 1 Hakobaito | 1 Branca | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the branca crate before 0.10.0 for Rust. Decoding tokens (with invalid base62 data) can panic. | ||||
| CVE-2020-35915 | 1 Futures-intrusive Project | 1 Futures-intrusive | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the futures-intrusive crate before 0.4.0 for Rust. GenericMutexGuard allows cross-thread data races of non-Sync types. | ||||
| CVE-2020-35910 | 1 Lock Api Project | 1 Lock Api | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the lock_api crate before 0.4.2 for Rust. A data race can occur because of MappedMutexGuard unsoundness. | ||||
| CVE-2020-35909 | 1 Protocol | 1 Multihash | 2024-11-21 | 7.5 High |
| An issue was discovered in the multihash crate before 0.11.3 for Rust. The from_slice parsing code can panic via unsanitized data from a network server. | ||||
| CVE-2020-35908 | 1 Rust-lang | 1 Future-utils | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the futures-util crate before 0.3.2 for Rust. FuturesUnordered can lead to data corruption because Sync is mishandled. | ||||
| CVE-2020-35904 | 1 Crossbeam-channel Project | 1 Crossbeam-channel | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the crossbeam-channel crate before 0.4.4 for Rust. It has incorrect expectations about the relationship between the memory allocation and how many iterator elements there are. | ||||
| CVE-2020-35903 | 1 Dync Project | 1 Dync | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the dync crate before 0.5.0 for Rust. VecCopy allows misaligned element access because u8 is not always the type in question. | ||||
| CVE-2020-35880 | 1 Bigint Project | 1 Bigint | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the bigint crate through 2020-05-07 for Rust. It allows a soundness violation. | ||||
| CVE-2020-35879 | 1 Rulinalg Project | 1 Rulinalg | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the rulinalg crate through 2020-02-11 for Rust. There are incorrect lifetime-boundary definitions for RowMut::raw_slice and RowMut::raw_slice_mut. | ||||
| CVE-2020-35872 | 1 Rusqlite Project | 1 Rusqlite | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via the repr(Rust) type. | ||||
| CVE-2020-35868 | 1 Rusqlite Project | 1 Rusqlite | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via UnlockNotification. | ||||
| CVE-2020-35867 | 1 Rusqlite Project | 1 Rusqlite | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the rusqlite crate before 0.23.0 for Rust. Memory safety can be violated via create_module. | ||||