Total
6844 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-21814 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via htmlwescape ../../programs/escape.c:97. | |||||
| CVE-2020-21813 | 1 Gnu | 1 Libredwg | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A heap based buffer overflow issue exists in GNU LibreDWG 0.10.2641 via output_TEXT ../../programs/dwg2SVG.c:114. | |||||
| CVE-2020-21598 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file. | |||||
| CVE-2020-21548 | 1 Libsixel Project | 1 Libsixel | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c. | |||||
| CVE-2020-21547 | 1 Libsixel Project | 1 Libsixel | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c. | |||||
| CVE-2020-20746 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg. | |||||
| CVE-2020-20740 | 3 Debian, Fedoraproject, Pdfresurrect Project | 3 Debian Linux, Fedora, Pdfresurrect | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_version(). | |||||
| CVE-2020-20490 | 1 Libiec Iccp Mod Project | 1 Libiec Iccp Mod | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A heap buffer-overflow in the client_example1.c component of libiec_iccp_mod v1.5 leads to a denial of service (DOS). | |||||
| CVE-2020-20486 | 1 Iec104 Project | 1 Iec104 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IEC104 v1.0 contains a stack-buffer overflow in the parameter Iec10x_Sta_Addr. | |||||
| CVE-2020-1990 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| A stack-based buffer overflow vulnerability in the management server component of PAN-OS allows an authenticated user to upload a corrupted PAN-OS configuration and potentially execute code with root privileges. This issue affects Palo Alto Networks PAN-OS 8.1 versions before 8.1.13; 9.0 versions before 9.0.7. This issue does not affect PAN-OS 7.1. | |||||
| CVE-2020-1921 | 1 Facebook | 1 Hhvm | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In the crypt function, we attempt to null terminate a buffer using the size of the input salt without validating that the offset is within the buffer. This issue affects HHVM versions prior to 4.56.3, all versions between 4.57.0 and 4.80.1, all versions between 4.81.0 and 4.93.1, and versions 4.94.0, 4.95.0, 4.96.0, 4.97.0, 4.98.0. | |||||
| CVE-2020-1912 | 1 Facebook | 1 Hermes | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An out-of-bounds read/write vulnerability when executing lazily compiled inner generator functions in Facebook Hermes prior to commit 091835377369c8fd5917d9b87acffa721ad2a168 allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits evaluation of untrusted JavaScript. Hence, most React Native applications are not affected. | |||||
| CVE-2020-1910 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A missing bounds check in WhatsApp for Android prior to v2.21.1.13 and WhatsApp Business for Android prior to v2.21.1.13 could have allowed out-of-bounds read and write if a user applied specific image filters to a specially crafted image and sent the resulting image. | |||||
| CVE-2020-1906 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| A buffer overflow in WhatsApp for Android prior to v2.20.130 and WhatsApp Business for Android prior to v2.20.46 could have allowed an out-of-bounds write when processing malformed local videos with E-AC-3 audio streams. | |||||
| CVE-2020-1894 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A stack write overflow in WhatsApp for Android prior to v2.20.35, WhatsApp Business for Android prior to v2.20.20, WhatsApp for iPhone prior to v2.20.30, and WhatsApp Business for iPhone prior to v2.20.30 could have allowed arbitrary code execution when playing a specially crafted push to talk message. | |||||
| CVE-2020-1886 | 1 Whatsapp | 2 Whatsapp, Whatsapp Business | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A buffer overflow in WhatsApp for Android prior to v2.20.11 and WhatsApp Business for Android prior to v2.20.2 could have allowed an out-of-bounds write via a specially crafted video stream after receiving and answering a malicious video call. | |||||
| CVE-2020-1876 | 1 Huawei | 6 Nip6800, Nip6800 Firmware, Secospace Usg6600 and 3 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| NIP6800;Secospace USG6600;USG9500 with versions of V500R001C30; V500R001C60SPC500; V500R005C00SPC100 have an out-of-bounds write vulnerability. An unauthenticated attacker crafts malformed packets with specific parameter and sends the packets to the affected products. Due to insufficient validation of packets, which may be exploited to cause the process reboot. | |||||
| CVE-2020-1832 | 1 Huawei | 2 E6878-370, E6878-370 Firmware | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| E6878-370 products with versions of 10.0.3.1(H557SP27C233) and 10.0.3.1(H563SP1C00) have a stack buffer overflow vulnerability. The program copies an input buffer to an output buffer without verification. An attacker in the adjacent network could send a crafted message, successful exploit could lead to stack buffer overflow which may cause malicious code execution. | |||||
| CVE-2020-1711 | 4 Debian, Opensuse, Qemu and 1 more | 5 Debian Linux, Leap, Qemu and 2 more | 2024-11-21 | 6.0 MEDIUM | 7.7 HIGH |
| An out-of-bounds heap buffer access flaw was found in the way the iSCSI Block driver in QEMU versions 2.12.0 before 4.2.1 handled a response coming from an iSCSI server while checking the status of a Logical Address Block (LBA) in an iscsi_co_block_status() routine. A remote user could use this flaw to crash the QEMU process, resulting in a denial of service or potential execution of arbitrary code with privileges of the QEMU process on the host. | |||||
| CVE-2020-1664 | 1 Juniper | 1 Junos | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| A stack buffer overflow vulnerability in the device control daemon (DCD) on Juniper Networks Junos OS allows a low privilege local user to create a Denial of Service (DoS) against the daemon or execute arbitrary code in the system with root privilege. This issue affects Juniper Networks Junos OS: 17.3 versions prior to 17.3R3-S9; 17.4 versions prior to 17.4R2-S12, 17.4R3-S3; 18.1 versions prior to 18.1R3-S11; 18.2 versions prior to 18.2R3-S6; 18.2X75 versions prior to 18.2X75-D53, 18.2X75-D65; 18.3 versions prior to 18.3R2-S4, 18.3R3-S4; 18.4 versions prior to 18.4R2-S5, 18.4R3-S5; 19.1 versions prior to 19.1R3-S3; 19.2 versions prior to 19.2R1-S5, 19.2R3; 19.3 versions prior to 19.3R2-S4, 19.3R3; 19.4 versions prior to 19.4R1-S3, 19.4R2-S2, 19.4R3; 20.1 versions prior to 20.1R1-S4, 20.1R2; 20.2 versions prior to 20.2R1-S1, 20.2R2. Versions of Junos OS prior to 17.3 are unaffected by this vulnerability. | |||||