Total
8217 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-12674 | 4 Canonical, Debian, Dovecot and 1 more | 4 Ubuntu Linux, Debian Linux, Dovecot and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Dovecot before 2.3.11.3, sending a specially formatted RPA request will crash the auth service because a length of zero is mishandled.
|
|||||
| CVE-2020-12673 | 4 Canonical, Debian, Dovecot and 1 more | 4 Ubuntu Linux, Debian Linux, Dovecot and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In Dovecot before 2.3.11.3, sending a specially formatted NTLM request will crash the auth service because of an out-of-bounds read.
|
|||||
| CVE-2020-12498 | 1 Phoenixcontact | 2 Pc Worx, Pc Worx Express | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
mwe file parsing in Phoenix Contact PC Worx and PC Worx Express version 1.87 and earlier is vulnerable to out-of-bounds read remote code execution. Manipulated PC Worx projects could lead to a remote code execution due to insufficient input data validation.
|
|||||
| CVE-2020-12485 | 1 Vivo | 1 Frame Touch Module | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
The frame touch module does not make validity judgments on parameter lengths when processing specific parameters,which caused out of the boundary when memory access.The vulnerability eventually leads to a local DOS on the device.
|
|||||
| CVE-2020-12425 | 1 Mozilla | 1 Firefox | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Due to confusion processing a hyphen character in Date.parse(), a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox < 78.
|
|||||
| CVE-2020-12418 | 3 Canonical, Mozilla, Opensuse | 5 Ubuntu Linux, Firefox, Firefox Esr and 2 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0.
|
|||||
| CVE-2020-12407 | 1 Mozilla | 1 Firefox | 2024-11-21 | 2.6 LOW | 6.5 MEDIUM |
|
Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content. This vulnerability affects Firefox < 77.
|
|||||
| CVE-2020-12403 | 1 Mozilla | 1 Nss | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability.
|
|||||
| CVE-2020-12380 | 1 Intel | 48 Bmc Firmware, Hns2600bpb, Hns2600bpb24 and 45 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2020-12360 | 3 Intel, Netapp, Siemens | 552 Bios, Core I3-l13g4, Core I5-l16g7 and 549 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2020-12356 | 2 Intel, Netapp | 2 Active Management Technology Firmware, Cloud Backup | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
|
Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local access.
|
|||||
| CVE-2020-12247 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
|
In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur.
|
|||||
| CVE-2020-12141 | 1 Contiki-ng | 1 Contiki-ng | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause a denial of service and potentially disclose information via crafted SNMP packets to snmp_ber_decode_string_len_buffer in os/net/app-layer/snmp/snmp-ber.c.
|
|||||
| CVE-2020-12018 | 1 Advantech | 1 Webaccess | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data.
|
|||||
| CVE-2020-11947 | 1 Qemu | 1 Qemu | 2024-11-21 | 2.1 LOW | 3.8 LOW |
|
iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.
|
|||||
| CVE-2020-11940 | 1 Ntop | 1 Ndpi | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
In nDPI through 3.2 Stable, an out-of-bounds read in concat_hash_string in ssh.c can be exploited by a network-positioned attacker that can send malformed SSH protocol messages on a network segment monitored by nDPI's library.
|
|||||
| CVE-2020-11914 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 3.3 LOW | 4.3 MEDIUM |
|
The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read.
|
|||||
| CVE-2020-11913 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.
|
|||||
| CVE-2020-11912 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 3.3 LOW | 5.3 MEDIUM |
|
The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read.
|
|||||
| CVE-2020-11905 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read.
|
|||||
| CVE-2020-11903 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
|
The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read.
|
|||||
| CVE-2020-11902 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
|
The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read.
|
|||||
| CVE-2020-11901 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 9.3 HIGH | 9.0 CRITICAL |
|
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response.
|
|||||
| CVE-2020-11895 | 1 Libming | 1 Libming | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c.
|
|||||
| CVE-2020-11894 | 1 Libming | 1 Libming | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c.
|
|||||
| CVE-2020-11765 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read.
|
|||||
| CVE-2020-11763 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.
|
|||||
| CVE-2020-11762 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.
|
|||||
| CVE-2020-11761 | 5 Apple, Canonical, Debian and 2 more | 11 Icloud, Ipados, Iphone Os and 8 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp.
|
|||||
| CVE-2020-11760 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during RLE uncompression in rleUncompress in ImfRle.cpp.
|
|||||
| CVE-2020-11758 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read in ImfOptimizedPixelReading.h.
|
|||||
| CVE-2020-11604 | 1 Google | 1 Android | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (incorporating TEEGRIS) software. There is an Out-of-bounds read in the MLDAP Trustlet. The Samsung ID is SVE-2019-16565 (April 2020).
|
|||||
| CVE-2020-11538 | 3 Canonical, Fedoraproject, Python | 3 Ubuntu Linux, Fedora, Pillow | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
In libImaging/SgiRleDecode.c in Pillow through 7.0.0, a number of out-of-bounds reads exist in the parsing of SGI image files, a different issue than CVE-2020-5311.
|
|||||
| CVE-2020-11526 | 4 Canonical, Debian, Freerdp and 1 more | 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more | 2024-11-21 | 3.5 LOW | 2.2 LOW |
|
libfreerdp/core/update.c in FreeRDP versions > 1.1 through 2.0.0-rc4 has an Out-of-bounds Read.
|
|||||
| CVE-2020-11525 | 4 Canonical, Debian, Freerdp and 1 more | 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more | 2024-11-21 | 3.5 LOW | 2.2 LOW |
|
libfreerdp/cache/bitmap.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out of bounds read.
|
|||||
| CVE-2020-11522 | 4 Canonical, Debian, Freerdp and 1 more | 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more | 2024-11-21 | 6.4 MEDIUM | 6.5 MEDIUM |
|
libfreerdp/gdi/gdi.c in FreeRDP > 1.0 through 2.0.0-rc4 has an Out-of-bounds Read.
|
|||||
| CVE-2020-11521 | 4 Canonical, Debian, Freerdp and 1 more | 4 Ubuntu Linux, Debian Linux, Freerdp and 1 more | 2024-11-21 | 6.0 MEDIUM | 6.6 MEDIUM |
|
libfreerdp/codec/planar.c in FreeRDP version > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write.
|
|||||
| CVE-2020-11304 | 1 Qualcomm | 318 Apq8009, Apq8009 Firmware, Apq8096au and 315 more | 2024-11-21 | 3.6 LOW | 7.8 HIGH |
|
Possible out of bound read in DRM due to improper buffer length check. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2020-11293 | 1 Qualcomm | 678 Apq8017, Apq8017 Firmware, Apq8037 and 675 more | 2024-11-21 | 3.6 LOW | 5.1 MEDIUM |
|
Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking
|
|||||
| CVE-2020-11285 | 1 Qualcomm | 800 Apq8009, Apq8009 Firmware, Apq8009w and 797 more | 2024-11-21 | 9.4 HIGH | 8.2 HIGH |
|
Buffer over-read while unpacking the RTCP packet we may read extra byte if wrong length is provided in RTCP packets in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
|
|||||