Total
736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-27486 | 1 Garmin | 2 Forerunner 235, Forerunner 235 Firmware | 2024-11-21 | 6.5 MEDIUM | 9.9 CRITICAL |
| Garmin Forerunner 235 before 8.20 is affected by: Buffer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the string length provided in the data section of the PRG file. It allocates memory for the string immediately, and then copies the string into the TVM object by using a function similar to strcpy. This copy can exceed the length of the allocated string data and overwrite heap data. A successful exploit would allow a ConnectIQ app store application to escape and perform activities outside the restricted application execution environment. | |||||
| CVE-2020-27372 | 1 Brandy Project | 1 Brandy | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow vulnerability exists in Brandy Basic V Interpreter 1.21 in the run_interpreter function. | |||||
| CVE-2020-26759 | 1 Clickhouse-driver Project | 1 Clickhouse-driver | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code (on a database client) via a crafted server response, due to a buffer overflow. | |||||
| CVE-2020-26154 | 2 Fedoraproject, Libproxy Project | 2 Fedora, Libproxy | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| url.cpp in libproxy through 0.4.15 is prone to a buffer overflow when PAC is enabled, as demonstrated by a large PAC file that is delivered without a Content-length header. | |||||
| CVE-2020-25969 | 1 Gnuplot Project | 1 Gnuplot | 2024-11-21 | N/A | 9.8 CRITICAL |
| gnuplot v5.5 was discovered to contain a buffer overflow via the function plotrequest(). | |||||
| CVE-2020-25928 | 1 Hcc-embedded | 1 Nichestack Tcp\/ip | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: DNS response processing functions: dns_upcall(), getoffset(), dnc_set_answer(). The attack vector is: a specific DNS response packet. The code does not check the "response data length" field of individual DNS answers, which may cause out-of-bounds read/write operations, leading to Information leak, Denial-or-Service, or Remote Code Execution, depending on the context. | |||||
| CVE-2020-25756 | 1 Cesanta | 1 Mongoose | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** A buffer overflow vulnerability exists in the mg_get_http_header function in Cesanta Mongoose 6.18 due to a lack of bounds checking. A crafted HTTP header can exploit this bug. NOTE: a committer has stated "this will not happen in practice." | |||||
| CVE-2020-25583 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 when processing a DNSSL option, rtsold(8) decodes domain name labels per an encoding specified in RFC 1035 in which the first octet of each label contains the label's length. rtsold(8) did not validate label lengths correctly and could overflow the destination buffer. | |||||
| CVE-2020-25577 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| In FreeBSD 12.2-STABLE before r368250, 11.4-STABLE before r368253, 12.2-RELEASE before p1, 12.1-RELEASE before p11 and 11.4-RELEASE before p5 rtsold(8) does not verify that the RDNSS option does not extend past the end of the received packet before processing its contents. While the kernel currently ignores such malformed packets, it passes them to userspace programs. Any programs expecting the kernel to do validation may be vulnerable to an overflow. | |||||
| CVE-2020-25279 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The baseband component has a buffer overflow via an abnormal SETUP message, leading to execution of arbitrary code. The Samsung ID is SVE-2020-18098 (September 2020). | |||||
| CVE-2020-24918 | 1 Ambarella | 1 Oryx Rtsp Server | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated attacker to send a crafted RTSP request, with a long digest authentication header, to execute arbitrary code in parse_authentication_header() in libamprotocol-rtsp.so.1 in rtsp_svc (or cause a crash). This allows remote takeover of a Furbo Dog Camera, for example. NOTE: The vendor states that the RTSP library is used for DEMO only, using it in product is a customer's behavior. Ambarella has emphasized that RTSP is DEMO only library, should NOT be used in product in our document. Because Ambarella's SDK is proprietary, we didn't publish our SDK source code in public network. | |||||
| CVE-2020-24633 | 1 Arubanetworks | 15 7005, 7008, 7010 and 12 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. | |||||
| CVE-2020-24336 | 2 Contiki-ng, Contiki-os | 2 Contiki-ng, Contiki | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitrary length, a buffer overflow can occur. This bug can be exploited whenever NAT64 is enabled. | |||||
| CVE-2020-23679 | 1 Linux Network Project | 1 Linux Network Project | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow vulnerability in Renleilei1992 Linux_Network_Project 1.0, allows attackers to execute arbitrary code, via the password field. | |||||
| CVE-2020-22884 | 1 Espruino | 1 Espruino | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow vulnerability in function jsvGetStringChars in Espruino before RELEASE_2V09, allows remote attackers to execute arbitrary code. | |||||
| CVE-2020-22873 | 1 Jsish | 1 Jsish | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow vulnerability in function NumberToPrecisionCmd in jsish before 3.0.7, allows remote attackers to execute arbitrary code. | |||||
| CVE-2020-1654 | 1 Juniper | 1 Junos | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| On Juniper Networks SRX Series with ICAP (Internet Content Adaptation Protocol) redirect service enabled, processing a malformed HTTP message can lead to a Denial of Service (DoS) or Remote Code Execution (RCE) Continued processing of this malformed HTTP message may result in an extended Denial of Service (DoS) condition. The offending HTTP message that causes this issue may originate both from the HTTP server or the HTTP client. This issue affects Juniper Networks Junos OS on SRX Series: 18.1 versions prior to 18.1R3-S9 ; 18.2 versions prior to 18.2R2-S7, 18.2R3-S3; 18.3 versions prior to 18.3R1-S7, 18.3R2-S4, 18.3R3-S1; 18.4 versions prior to 18.4R1-S7, 18.4R2-S4, 18.4R3; 19.1 versions prior to 19.1R1-S5, 19.1R2; 19.2 versions prior to 19.2R1-S2, 19.2R2; 19.3 versions prior to 19.3R2. This issue does not affect Juniper Networks Junos OS prior to 18.1R1. | |||||
| CVE-2020-19596 | 1 Coreftp | 1 Core Ftp | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow vulnerability in Core FTP Server v1.2 Build 583, via a crafted username. | |||||
| CVE-2020-19320 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the curTime parameter on login. | |||||
| CVE-2020-19319 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2024-11-21 | N/A | 9.8 CRITICAL |
| Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the FILECODE parameter on login. | |||||