Total
81934 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-6067 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll TIFF tifread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted TIFF file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||
| CVE-2020-6066 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG SOFx parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||
| CVE-2020-6065 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the bmp_parsing function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted BMP file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||
| CVE-2020-6064 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the uncompress_scan_line function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted PCX file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||
| CVE-2020-6063 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the uncompress_scan_line function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted PCX file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | |||||
| CVE-2020-6062 | 4 Canonical, Coturn Project, Debian and 1 more | 4 Ubuntu Linux, Coturn, Debian Linux and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial-of-service vulnerability exists in the way CoTURN 4.5.1.1 web server parses POST requests. A specially crafted HTTP POST request can lead to server crash and denial of service. An attacker needs to send an HTTP request to trigger this vulnerability. | |||||
| CVE-2020-6060 | 1 Minisnmpd Project | 1 Minisnmpd | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A stack buffer overflow vulnerability exists in the way MiniSNMPD version 1.4 handles multiple connections. A specially timed sequence of SNMP connections can trigger a stack overflow, resulting in a denial of service. To trigger this vulnerability, an attacker needs to simply initiate multiple connections to the server. | |||||
| CVE-2020-6059 | 1 Minisnmpd Project | 1 Minisnmpd | 2024-11-21 | 6.4 MEDIUM | 8.2 HIGH |
| An exploitable out of bounds read vulnerability exists in the way MiniSNMPD version 1.4 parses incoming SNMP packets. A specially crafted SNMP request can trigger an out of bounds memory read which can result in sensitive information disclosure and Denial Of Service. In order to trigger this vulnerability, an attacker needs to send a specially crafted packet to the vulnerable server. | |||||
| CVE-2020-6024 | 1 Checkpoint | 1 Smartconsole | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Check Point SmartConsole before R80.10 Build 185, R80.20 Build 119, R80.30 before Build 94, R80.40 before Build 415, and R81 before Build 548 were vulnerable to a possible local privilege escalation due to running executables from a directory with write access to all authenticated users. | |||||
| CVE-2020-6023 | 1 Checkpoint | 1 Zonealarm | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Check Point ZoneAlarm before version 15.8.139.18543 allows a local actor to escalate privileges while restoring files in Anti-Ransomware. | |||||
| CVE-2020-6021 | 1 Checkpoint | 1 Endpoint Security | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| Check Point Endpoint Security Client for Windows before version E84.20 allows write access to the directory from which the installation repair takes place. Since the MS Installer allows regular users to run the repair, an attacker can initiate the installation repair and place a specially crafted DLL in the repair folder which will run with the Endpoint client’s privileges. | |||||
| CVE-2020-6019 | 1 Valvesoftware | 1 Game Networking Sockets | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Valve's Game Networking Sockets prior to version v1.2.0 improperly handles inlined statistics messages in function CConnectionTransportUDPBase::Received_Data(), leading to an exception thrown from libprotobuf and resulting in a crash. | |||||
| CVE-2020-6013 | 1 Checkpoint | 1 Zonealarm Extreme Security | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| ZoneAlarm Firewall and Antivirus products before version 15.8.109.18436 allow an attacker who already has access to the system to execute code at elevated privileges through a combination of file permission manipulation and exploitation of Windows CVE-2020-00896 on unpatched systems. | |||||
| CVE-2020-6012 | 1 Checkpoint | 1 Zonealarm Anti-ransomware | 2024-11-21 | 4.4 MEDIUM | 7.4 HIGH |
| ZoneAlarm Anti-Ransomware before version 1.0.713 copies files for the report from a directory with low privileges. A sophisticated timed attacker can replace those files with malicious or linked content, such as exploiting CVE-2020-0896 on unpatched systems or using symbolic links. This allows an unprivileged user to enable escalation of privilege via local access. | |||||
| CVE-2020-6010 | 1 Thimpress | 1 Learnpress | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| LearnPress Wordpress plugin version prior and including 3.2.6.7 is vulnerable to SQL Injection | |||||
| CVE-2020-6007 | 1 Philips | 2 Hue Bridge V2, Hue Bridge V2 Firmware | 2024-11-21 | 4.3 MEDIUM | 7.9 HIGH |
| Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution. | |||||
| CVE-2020-5992 | 2 Microsoft, Nvidia | 2 Windows, Geforce Now | 2024-11-21 | 4.4 MEDIUM | 7.8 HIGH |
| NVIDIA GeForce NOW application software on Windows, all versions prior to 2.0.25.119, contains a vulnerability in its open-source software dependency in which the OpenSSL library is vulnerable to binary planting attacks by a local user, which may lead to code execution or escalation of privileges. | |||||
| CVE-2020-5991 | 2 Microsoft, Nvidia | 2 Windows, Cuda Toolkit | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA CUDA Toolkit, all versions prior to 11.1.1, contains a vulnerability in the NVJPEG library in which an out-of-bounds read or write operation may lead to code execution, denial of service, or information disclosure. | |||||
| CVE-2020-5990 | 1 Nvidia | 1 Geforce Experience | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| NVIDIA GeForce Experience, all versions prior to 3.20.5.70, contains a vulnerability in the ShadowPlay component which may lead to local privilege escalation, code execution, denial of service or information disclosure. | |||||
| CVE-2020-5988 | 1 Nvidia | 1 Virtual Gpu Manager | 2024-11-21 | 3.6 LOW | 7.1 HIGH |
| NVIDIA Virtual GPU Manager contains a vulnerability in the vGPU plugin, in which allocated memory can be freed twice, which may lead to information disclosure or denial of service. This affects vGPU version 8.x (prior to 8.5), version 10.x (prior to 10.4) and version 11.0. | |||||