Total
13459 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-1060 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
|
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1058, CVE-2020-1093.
|
|||||
| CVE-2020-1058 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
|
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1035, CVE-2020-1060, CVE-2020-1093.
|
|||||
| CVE-2020-1037 | 1 Microsoft | 5 Chakracore, Edge, Windows 10 and 2 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
|
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge (HTML-based), aka 'Chakra Scripting Engine Memory Corruption Vulnerability'.
|
|||||
| CVE-2020-1035 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
|
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka 'VBScript Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1058, CVE-2020-1060, CVE-2020-1093.
|
|||||
| CVE-2020-1028 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka 'Media Foundation Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1126, CVE-2020-1136, CVE-2020-1150.
|
|||||
| CVE-2020-19891 | 1 Dbhcms Project | 1 Dbhcms | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
DBHcms v1.2.0 has an Arbitrary file write vulnerability in dbhcms\mod\mod.editor.php $_POST['updatefile'] is filename and $_POST['tinymce_content'] is file content, there is no filter function for security. A remote authenticated admin user can exploit this vulnerability to get a webshell.
|
|||||
| CVE-2020-19721 | 1 Axiosys | 1 Bento4 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
A heap buffer overflow vulnerability in Ap4TrunAtom.cpp of Bento 1.5.1-628 may lead to an out-of-bounds write while running mp42aac, leading to system crashes and a denial of service (DOS).
|
|||||
| CVE-2020-19667 | 2 Debian, Imagemagick | 2 Debian Linux, Imagemagick | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Stack-based buffer overflow and unconditional jump in ReadXPMImage in coders/xpm.c in ImageMagick 7.0.10-7.
|
|||||
| CVE-2020-19609 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Artifex MuPDF before 1.18.0 has a heap based buffer over-write in tiff_expand_colormap() function when parsing TIFF files allowing attackers to cause a denial of service.
|
|||||
| CVE-2020-19513 | 1 Aida64 | 1 Aida64 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Buffer overflow in FinalWire Ltd AIDA64 Engineer 6.00.5100 allows attackers to execute arbitrary code by creating a crafted input that will overwrite the SEH handler.
|
|||||
| CVE-2020-19491 | 1 Sam2p Project | 1 Sam2p | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
There is an invalid memory access bug in cgif.c that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.
|
|||||
| CVE-2020-19475 | 1 Flowpaper | 1 Pdf2json | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue has been found in function CCITTFaxStream::lookChar in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid write of size 2 .
|
|||||
| CVE-2020-19469 | 1 Flowpaper | 1 Pdf2json | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
An issue has been found in function DCTStream::reset in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid write of size 8 .
|
|||||
| CVE-2020-19323 | 1 Dlink | 2 Dir-619l, Dir-619l Firmware | 2024-11-21 | N/A | 7.5 HIGH |
|
An issue was discovered in /bin/mini_upnpd on D-Link DIR-619L 2.06beta devices. There is a heap buffer overflow allowing remote attackers to restart router via the M-search request ST parameter. No authentication required
|
|||||
| CVE-2020-19318 | 1 Dlink | 2 Dir-605l, Dir-605l Firmware | 2024-11-21 | N/A | 8.8 HIGH |
|
Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program.
|
|||||
| CVE-2020-19190 | 2 Gnu, Netapp | 2 Ncurses, Active Iq Unified Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Buffer Overflow vulnerability in _nc_find_entry in tinfo/comp_hash.c:70 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
|
|||||
| CVE-2020-19189 | 3 Debian, Gnu, Netapp | 3 Debian Linux, Ncurses, Active Iq Unified Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Buffer Overflow vulnerability in postprocess_terminfo function in tinfo/parse_entry.c:997 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
|
|||||
| CVE-2020-19188 | 2 Gnu, Netapp | 2 Ncurses, Active Iq Unified Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1116 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
|
|||||
| CVE-2020-19187 | 2 Gnu, Netapp | 2 Ncurses, Active Iq Unified Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Buffer Overflow vulnerability in fmt_entry function in progs/dump_entry.c:1100 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
|
|||||
| CVE-2020-19186 | 2 Gnu, Netapp | 2 Ncurses, Active Iq Unified Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Buffer Overflow vulnerability in _nc_find_entry function in tinfo/comp_hash.c:66 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
|
|||||
| CVE-2020-19185 | 2 Gnu, Netapp | 2 Ncurses, Active Iq Unified Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Buffer Overflow vulnerability in one_one_mapping function in progs/dump_entry.c:1373 in ncurses 6.1 allows remote attackers to cause a denial of service via crafted command.
|
|||||
| CVE-2020-19144 | 3 Debian, Netapp, Simplesystems | 3 Debian Linux, Ontap Select Deploy Administration Utility, Libtiff | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.
|
|||||
| CVE-2020-19143 | 2 Debian, Simplesystems | 2 Debian Linux, Libtiff | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tif_dir.c'.
|
|||||
| CVE-2020-19131 | 2 Debian, Simplesystems | 2 Debian Linux, Libtiff | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcrop".
|
|||||
| CVE-2020-18971 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
Stack-based Buffer Overflow in PoDoFo v0.9.6 allows attackers to cause a denial of service via the component 'src/base/PdfDictionary.cpp:65'.
|
|||||
| CVE-2020-18900 | 1 Libexe Project | 1 Libexe | 2024-11-21 | 1.9 LOW | 3.3 LOW |
|
A heap-based buffer overflow in the libexe_io_handle_read_coff_optional_header function of libyal libexe before 20181128. NOTE: the vendor has disputed this as described in libyal/libexe issue 1 on GitHub
|
|||||
| CVE-2020-18839 | 1 Freedesktop | 1 Poppler | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Buffer Overflow vulnerability in HtmlOutputDev::page in poppler 0.75.0 allows attackers to cause a denial of service.
|
|||||
| CVE-2020-18831 | 1 Exiv2 | 1 Exiv2 | 2024-11-21 | N/A | 7.8 HIGH |
|
Buffer Overflow vulnerability in tEXtToDataBuf function in pngimage.cpp in Exiv2 0.27.1 allows remote attackers to cause a denial of service and other unspecified impacts via use of crafted file.
|
|||||
| CVE-2020-18781 | 1 Audiofile | 1 Audiofile | 2024-11-21 | N/A | 5.5 MEDIUM |
|
Heap buffer overflow vulnerability in FilePOSIX::read in File.cpp in audiofile 0.3.6 may cause denial-of-service via a crafted wav file, this bug can be triggered by the executable sfconvert.
|
|||||
| CVE-2020-18773 | 1 Exiv2 | 1 Exiv2 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file.
|
|||||
| CVE-2020-18768 | 1 Libtiff | 1 Libtiff | 2024-11-21 | N/A | 5.5 MEDIUM |
|
There exists one heap buffer overflow in _TIFFmemcpy in tif_unix.c in libtiff 4.0.10, which allows an attacker to cause a denial-of-service through a crafted tiff file.
|
|||||
| CVE-2020-18735 | 1 Eclipse | 1 Cyclone Data Distribution Service | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A heap buffer overflow in /src/dds_stream.c of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS subscriber server to crash.
|
|||||
| CVE-2020-18734 | 1 Eclipse | 1 Cyclone Data Distribution Service | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A stack buffer overflow in /ddsi/q_bitset.h of Eclipse IOT Cyclone DDS Project v0.1.0 causes the DDS subscriber server to crash.
|
|||||
| CVE-2020-18652 | 1 Exempi Project | 1 Exempi | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Buffer Overflow vulnerability in WEBP_Support.cpp in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted webp file.
|
|||||
| CVE-2020-18651 | 1 Exempi Project | 1 Exempi | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Buffer Overflow vulnerability in function ID3_Support::ID3v2Frame::getFrameValue in exempi 2.5.0 and earlier allows remote attackers to cause a denial of service via opening of crafted audio file with ID3V2 frame.
|
|||||
| CVE-2020-18494 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A | 8.8 HIGH |
|
Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file.
|
|||||
| CVE-2020-18382 | 1 Webassembly | 1 Binaryen | 2024-11-21 | N/A | 6.5 MEDIUM |
|
Heap-buffer-overflow in /src/wasm/wasm-binary.cpp in wasm::WasmBinaryBuilder::visitBlock(wasm::Block*) in Binaryen 1.38.26. A crafted wasm input can cause a segmentation fault, leading to denial-of-service, as demonstrated by wasm-opt.
|
|||||
| CVE-2020-18232 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A | 8.8 HIGH |
|
Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file.
|
|||||
| CVE-2020-17541 | 1 Libjpeg-turbo | 1 Libjpeg-turbo | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service.
|
|||||
| CVE-2020-17529 | 1 Apache | 1 Nuttx | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
|
Out-of-bounds Write vulnerability in TCP Stack of Apache NuttX (incubating) versions up to and including 9.1.0 and 10.0.0 allows attacker to corrupt memory by supplying and invalid fragmentation offset value specified in the IP header. This is only impacts builds with both CONFIG_EXPERIMENTAL and CONFIG_NET_TCP_REASSEMBLY build flags enabled.
|
|||||