Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-21676 | 2 Debian, Fig2dev Project | 2 Debian Linux, Fig2dev | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A stack-based buffer overflow in the genpstrx_text() component in genpstricks.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pstricks format.
|
|||||
| CVE-2020-21675 | 2 Debian, Fig2dev Project | 2 Debian Linux, Fig2dev | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
A stack-based buffer overflow in the genptk_text component in genptk.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ptk format.
|
|||||
| CVE-2020-21674 | 1 Libarchive | 1 Libarchive | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Heap-based buffer overflow in archive_string_append_from_wcs() (archive_string.c) in libarchive-3.4.1dev allows remote attackers to cause a denial of service (out-of-bounds write in heap memory resulting into a crash) via a crafted archive file. NOTE: this only affects users who downloaded the development code from GitHub. Users of the product's official releases are unaffected.
|
|||||
| CVE-2020-21606 | 1 Struktur | 1 Libde265 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_16_fallback function, which can be exploited via a crafted a file.
|
|||||
| CVE-2020-21604 | 1 Struktur | 1 Libde265 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
libde265 v1.0.4 contains a heap buffer overflow fault in the _mm_loadl_epi64 function, which can be exploited via a crafted a file.
|
|||||
| CVE-2020-21603 | 1 Struktur | 1 Libde265 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
libde265 v1.0.4 contains a heap buffer overflow in the put_qpel_0_0_fallback_16 function, which can be exploited via a crafted a file.
|
|||||
| CVE-2020-21602 | 1 Struktur | 1 Libde265 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_bipred_16_fallback function, which can be exploited via a crafted a file.
|
|||||
| CVE-2020-21601 | 1 Struktur | 1 Libde265 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
libde265 v1.0.4 contains a stack buffer overflow in the put_qpel_fallback function, which can be exploited via a crafted a file.
|
|||||
| CVE-2020-21600 | 1 Struktur | 1 Libde265 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, which can be exploited via a crafted a file.
|
|||||
| CVE-2020-21599 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file.
|
|||||
| CVE-2020-21598 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file.
|
|||||
| CVE-2020-21597 | 2 Debian, Struktur | 2 Debian Linux, Libde265 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
libde265 v1.0.4 contains a heap buffer overflow in the mc_chroma function, which can be exploited via a crafted a file.
|
|||||
| CVE-2020-21595 | 1 Struktur | 1 Libde265 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
libde265 v1.0.4 contains a heap buffer overflow in the mc_luma function, which can be exploited via a crafted a file.
|
|||||
| CVE-2020-21594 | 1 Struktur | 1 Libde265 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
libde265 v1.0.4 contains a heap buffer overflow in the put_epel_hv_fallback function, which can be exploited via a crafted a file.
|
|||||
| CVE-2020-21548 | 1 Libsixel Project | 1 Libsixel | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Libsixel 1.8.3 contains a heap-based buffer overflow in the sixel_encode_highcolor function in tosixel.c.
|
|||||
| CVE-2020-21547 | 1 Libsixel Project | 1 Libsixel | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Libsixel 1.8.2 contains a heap-based buffer overflow in the dither_func_fs function in tosixel.c.
|
|||||
| CVE-2020-21533 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.
|
|||||
| CVE-2020-21529 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.
|
|||||
| CVE-2020-21066 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An issue was discovered in Bento4 v1.5.1.0. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a denial of service (program crash), as demonstrated by mp42aac.
|
|||||
| CVE-2020-21050 | 1 Libsixel Project | 1 Libsixel | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Libsixel prior to v1.8.3 contains a stack buffer overflow in the function gif_process_raster at fromgif.c.
|
|||||
| CVE-2020-21047 | 1 Elfutils Project | 1 Elfutils | 2024-11-21 | N/A | 5.5 MEDIUM |
|
The libcpu component which is used by libasm of elfutils version 0.177 (git 47780c9e), suffers from denial-of-service vulnerability caused by application crashes due to out-of-bounds write (CWE-787), off-by-one error (CWE-193) and reachable assertion (CWE-617); to exploit the vulnerability, the attackers need to craft certain ELF files which bypass the missing bound checks.
|
|||||
| CVE-2020-20746 | 1 Tendacn | 2 Ac9, Ac9 Firmware | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
A stack-based buffer overflow in the httpd server on Tenda AC9 V15.03.06.60_EN allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via a crafted POST request to /goform/SetStaticRouteCfg.
|
|||||
| CVE-2020-20740 | 3 Debian, Fedoraproject, Pdfresurrect Project | 3 Debian Linux, Fedora, Pdfresurrect | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
PDFResurrect before 0.20 lack of header validation checks causes heap-buffer-overflow in pdf_get_version().
|
|||||
| CVE-2020-20663 | 1 Libiec Iccp Mod Project | 1 Libiec Iccp Mod | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
libiec_iccp_mod v1.5 contains a heap-buffer-overflow in the component mms_client_connection.c.
|
|||||
| CVE-2020-20662 | 1 Libiec Iccp Mod Project | 1 Libiec Iccp Mod | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
libiec_iccp_mod v1.5 contains a heap-buffer-overflow in the component mms_client_example1.c.
|
|||||
| CVE-2020-20490 | 1 Libiec Iccp Mod Project | 1 Libiec Iccp Mod | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A heap buffer-overflow in the client_example1.c component of libiec_iccp_mod v1.5 leads to a denial of service (DOS).
|
|||||
| CVE-2020-20486 | 1 Iec104 Project | 1 Iec104 | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
IEC104 v1.0 contains a stack-buffer overflow in the parameter Iec10x_Sta_Addr.
|
|||||
| CVE-2020-20276 | 1 Troglobit | 1 Uftpd | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An unauthenticated stack-based buffer overflow vulnerability in common.c's handle_PORT in uftpd FTP server versions 2.10 and earlier can be abused to cause a crash and could potentially lead to remote code execution.
|
|||||
| CVE-2020-20267 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/resolver process. An authenticated remote attacker can cause a Denial of Service due to invalid memory access.
|
|||||
| CVE-2020-20266 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/dot1x process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
|
|||||
| CVE-2020-20265 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /ram/pckg/wireless/nova/bin/wireless process. An authenticated remote attacker can cause a Denial of Service due via a crafted packet.
|
|||||
| CVE-2020-20254 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
|
|||||
| CVE-2020-20252 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference).
|
|||||
| CVE-2020-20250 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Mikrotik RouterOs before stable version 6.47 suffers from a memory corruption vulnerability in the /nova/bin/lcdstat process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). NOTE: this is different from CVE-2020-20253 and CVE-2020-20254. All four vulnerabilities in the /nova/bin/lcdstat process are discussed in the CVE-2020-20250 github.com/cq674350529 reference.
|
|||||
| CVE-2020-20249 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Mikrotik RouterOs before stable 6.47 suffers from a memory corruption vulnerability in the resolver process. By sending a crafted packet, an authenticated remote attacker can cause a Denial of Service.
|
|||||
| CVE-2020-20247 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Mikrotik RouterOs before 6.46.5 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/traceroute process. An authenticated remote attacker can cause a Denial of Service due via the loop counter variable.
|
|||||
| CVE-2020-20246 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Mikrotik RouterOs stable 6.46.3 suffers from a memory corruption vulnerability in the mactel process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.
|
|||||
| CVE-2020-20245 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Mikrotik RouterOs stable 6.46.3 suffers from a memory corruption vulnerability in the log process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.
|
|||||
| CVE-2020-20237 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Mikrotik RouterOs 6.46.3 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.
|
|||||
| CVE-2020-20236 | 1 Mikrotik | 1 Routeros | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
Mikrotik RouterOs 6.46.3 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/sniffer process. An authenticated remote attacker can cause a Denial of Service due to improper memory access.
|
|||||