Total
3900 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-11130 | 1 Qualcomm | 62 Qcm4290, Qcm4290 Firmware, Qcs4290 and 59 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
u'Possible buffer overflow in WIFI hal process due to copying data without checking the buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X, SC8180XP, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P
|
|||||
| CVE-2020-11121 | 1 Qualcomm | 62 Qcm4290, Qcm4290 Firmware, Qcs4290 and 59 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
u'Possible buffer overflow in WIFI hal process due to usage of memcpy without checking length of destination buffer' in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile in QCM4290, QCS4290, QM215, QSM8350, SA6145P, SA6155, SA6155P, SA8155, SA8155P, SC8180X, SC8180XP, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6250, SM6350, SM7125, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SM8350, SM8350P, SXR2130, SXR2130P
|
|||||
| CVE-2020-11116 | 1 Qualcomm | 98 Apq8009, Apq8009 Firmware, Apq8053 and 95 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
u'Possible out of bound write while processing association response received from host due to lack of check of IE length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8053, APQ8096AU, APQ8098, Bitra, Kamorta, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996 ...
Show More |
|||||
| CVE-2020-11068 | 1 Semtech | 1 Loramac-node | 2024-11-21 | 6.5 MEDIUM | 5.0 MEDIUM |
|
In LoRaMac-node before 4.4.4, a reception buffer overflow can happen due to the received buffer size not being checked. This has been fixed in 4.4.4.
|
|||||
| CVE-2020-10931 | 1 Memcached | 1 Memcached | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Memcached 1.6.x before 1.6.2 allows remote attackers to cause a denial of service (daemon crash) via a crafted binary protocol header to try_read_command_binary in memcached.c.
|
|||||
| CVE-2020-10850 | 1 Google | 1 Android | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The secure bootloade has a buffer overflow of the USB buffer, leading to arbitrary code execution. The Samsung ID is SVE-2019-15872 (January 2020).
|
|||||
| CVE-2020-10835 | 1 Samsung | 1 Exynos | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 (February 2020).
|
|||||
| CVE-2020-10814 | 1 Codeblocks | 1 Code\ | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A buffer overflow vulnerability in Code::Blocks 17.12 allows an attacker to execute arbitrary code via a crafted project file.
|
|||||
| CVE-2020-10813 | 1 Ftpdmin Project | 1 Ftpdmin | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A buffer overflow vulnerability in FTPDMIN 0.96 allows attackers to crash the server via a crafted packet.
|
|||||
| CVE-2020-10713 | 4 Debian, Gnu, Opensuse and 1 more | 4 Debian Linux, Grub2, Leap and 1 more | 2024-11-21 | 4.6 MEDIUM | 8.2 HIGH |
|
A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craf ...
Show More |
|||||
| CVE-2020-10639 | 1 Eaton | 2 Hmisoft Vu3, Hmisoft Vu3 Firmware | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. A specially crafted input file could cause a buffer overflow when loaded by the affected product.
|
|||||
| CVE-2020-10599 | 1 Visam | 2 Vbase Editor, Vbase Web-remote | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow a vulnerable ActiveX component to be exploited resulting in a buffer overflow, which may lead to a denial-of-service condition and execution of arbitrary code.
|
|||||
| CVE-2020-10595 | 2 Debian, Pam-krb5 Project | 2 Debian Linux, Pam-krb5 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to a prompt with an answer of a carefully chosen length. The effect may range from heap corruption to stack corruption depending on the structure of the underlying Kerberos library, with unknown effects but possibly including code exe ...
Show More |
|||||
| CVE-2020-10566 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, mishandles font loading by a guest through a grub2.cfg file, leading to a buffer overflow.
|
|||||
| CVE-2020-10379 | 3 Canonical, Fedoraproject, Python | 3 Ubuntu Linux, Fedora, Pillow | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c.
|
|||||
| CVE-2020-10071 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 7.5 HIGH | 9.0 CRITICAL |
|
The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions.
|
|||||
| CVE-2020-10070 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 7.5 HIGH | 9.0 CRITICAL |
|
In the Zephyr Project MQTT code, improper bounds checking can result in memory corruption and possibly remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions.
|
|||||
| CVE-2020-10042 | 1 Siemens | 6 Sicam Mmu, Sicam Mmu Firmware, Sicam Sgu and 3 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). A buffer overflow in various positions of the web application might enable an attacker with access to the web application to execute arbitrary code over the network.
|
|||||
| CVE-2020-10023 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 4.6 MEDIUM | 6.9 MEDIUM |
|
The shell subsystem contains a buffer overflow, whereby an adversary with physical access to the device is able to cause a memory corruption, resulting in denial of service or possibly code execution within the Zephyr kernel. See NCC-NCC-019 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions.
|
|||||
| CVE-2020-10022 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 7.5 HIGH | 9.0 CRITICAL |
|
A malformed JSON payload that is received from an UpdateHub server may trigger memory corruption in the Zephyr OS. This could result in a denial of service in the best case, or code execution in the worst case. See NCC-NCC-016 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions. version 2.2.0 and later versions.
|
|||||
| CVE-2020-10019 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 4.6 MEDIUM | 8.1 HIGH |
|
USB DFU has a potential buffer overflow where the requested length (wLength) is not checked against the buffer size. This could be used by a malicious USB host to exploit the buffer overflow. See NCC-ZEP-002 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version 2.1.0 and later versions.
|
|||||
| CVE-2020-0584 | 1 Intel | 8 Optane Ssd 900p, Optane Ssd 900p Firmware, Optane Ssd 905p and 5 more | 2024-11-21 | 2.1 LOW | 6.2 MEDIUM |
|
Buffer overflow in firmware for Intel(R) SSD DC P4800X and P4801X Series, Intel(R) Optane(TM) SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via local access.
|
|||||
| CVE-2020-0576 | 1 Intel | 2 Compute Module Mfs2600ki, Compute Module Mfs2600ki Firmware | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
Buffer overflow in Intel(R) Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable denial of service via adjacent access.
|
|||||
| CVE-2020-0530 | 1 Intel | 140 Compute Stick Stck1a32wfc, Compute Stick Stck1a32wfc Firmware, Compute Stick Stck1a8lfc and 137 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html
|
|||||
| CVE-2020-0504 | 1 Intel | 1 Graphics Driver | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Buffer overflow in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.30.5103, and 26.20.100.7158 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access.
|
|||||
| CVE-2020-0501 | 1 Intel | 1 Graphics Driver | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
Buffer overflow in Intel(R) Graphics Drivers before version 26.20.100.6912 may allow an authenticated user to potentially enable a denial of service via local access.
|
|||||
| CVE-2019-9689 | 1 Axtls Project | 1 Axtls | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
process_certificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates.
|
|||||
| CVE-2019-9677 | 1 Dahuasecurity | 18 Ipc-hdbw4x2x, Ipc-hdbw4x2x Firmware, Ipc-hdw1x2x and 15 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflow by constructing malicious packets. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019.
|
|||||
| CVE-2019-9134 | 1 Solideos | 1 Architectural Information System | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Architectural Information System 1.0 and earlier versions have a Stack-based buffer overflow, allows remote attackers to execute arbitrary code.
|
|||||
| CVE-2019-9099 | 1 Moxa | 12 Mb3170, Mb3170 Firmware, Mb3180 and 9 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A Buffer overflow in the built-in web server allows remote attackers to initiate DoS, and probably to execute arbitrary code (issue 1 of 2).
|
|||||
| CVE-2019-8842 | 1 Apple | 1 Mac Os X | 2024-11-21 | 2.6 LOW | 3.3 LOW |
|
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. In certain configurations, a remote attacker may be able to submit arbitrary print jobs.
|
|||||
| CVE-2019-8839 | 1 Apple | 1 Mac Os X | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An attacker in a privileged position may be able to perform a denial of service attack.
|
|||||
| CVE-2019-8696 | 1 Apple | 1 Mac Os X | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.
|
|||||
| CVE-2019-8675 | 1 Apple | 1 Mac Os X | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra. An attacker in a privileged network position may be able to execute arbitrary code.
|
|||||
| CVE-2019-8542 | 1 Apple | 6 Icloud, Iphone Os, Itunes and 3 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2, iTunes 12.9.4 for Windows, iCloud for Windows 7.11. A malicious application may be able to elevate privileges.
|
|||||
| CVE-2019-8527 | 1 Apple | 4 Iphone Os, Mac Os X, Tvos and 1 more | 2024-11-21 | 9.4 HIGH | 9.1 CRITICAL |
|
A buffer overflow was addressed with improved size validation. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory.
|
|||||
| CVE-2019-8511 | 1 Apple | 3 Iphone Os, Mac Os X, Watchos | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2. A malicious application may be able to elevate privileges.
|
|||||
| CVE-2019-8508 | 1 Apple | 1 Mac Os X | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. Mounting a maliciously crafted NFS network share may lead to arbitrary code execution with system privileges.
|
|||||
| CVE-2019-8287 | 1 Tightvnc | 1 Tightvnc | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
TightVNC code version 1.3.10 contains global buffer overflow in HandleCoRREBBP macro function, which can potentially result code execution. This attack appear to be exploitable via network connectivity.
|
|||||
| CVE-2019-7485 | 1 Sonicwall | 2 Sma 100, Sma 100 Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Buffer overflow in SonicWall SMA100 allows an authenticated user to execute arbitrary code in DEARegister CGI script. This vulnerability impacted SMA100 version 9.0.0.3 and earlier.
|
|||||