Total
12599 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-21534 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-08-04 | 5.5 Medium |
| fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c. | ||||
| CVE-2020-21533 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-08-04 | 5.5 Medium |
| fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c. | ||||
| CVE-2020-21532 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-08-04 | 5.5 Medium |
| fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c. | ||||
| CVE-2020-20703 | 1 Vim | 1 Vim | 2024-08-04 | 9.8 Critical |
| Buffer Overflow vulnerability in VIM v.8.1.2135 allows a remote attacker to execute arbitrary code via the operand parameter. | ||||
| CVE-2020-20220 | 1 Mikrotik | 1 Routeros | 2024-08-04 | 6.5 Medium |
| Mikrotik RouterOs prior to stable 6.47 suffers from a memory corruption vulnerability in the /nova/bin/bfd process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference). | ||||
| CVE-2020-19131 | 3 Debian, Redhat, Simplesystems | 3 Debian Linux, Enterprise Linux, Libtiff | 2024-08-04 | 7.5 High |
| Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcrop". | ||||
| CVE-2020-18773 | 1 Exiv2 | 1 Exiv2 | 2024-08-04 | 6.5 Medium |
| An invalid memory access in the decode function in iptc.cpp of Exiv2 0.27.99.0 allows attackers to cause a denial of service (DOS) via a crafted tif file. | ||||
| CVE-2020-19143 | 2 Debian, Simplesystems | 2 Debian Linux, Libtiff | 2024-08-04 | 6.5 Medium |
| Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "TIFFVGetField" funtion in the component 'libtiff/tif_dir.c'. | ||||
| CVE-2020-18770 | 2 Redhat, Zziplib Project | 2 Enterprise Linux, Zziplib | 2024-08-04 | 5.5 Medium |
| An issue was discovered in function zzip_disk_entry_to_file_header in mmapped.c in zziplib 0.13.69, which will lead to a denial-of-service. | ||||
| CVE-2020-18974 | 1 Nasm | 1 Netwide Assembler | 2024-08-04 | 3.3 Low |
| Buffer Overflow in Netwide Assembler (NASM) v2.15.xx allows attackers to cause a denial of service via 'crc64i' in the component 'nasmlib/crc64'. This issue is different than CVE-2019-7147. | ||||
| CVE-2020-18771 | 2 Debian, Exiv2 | 2 Debian Linux, Exiv2 | 2024-08-04 | 8.1 High |
| Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp which can result in an information leak. | ||||
| CVE-2020-18494 | 1 Hdfgroup | 1 Hdf5 | 2024-08-04 | 8.8 High |
| Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file. | ||||
| CVE-2020-18232 | 1 Hdfgroup | 1 Hdf5 | 2024-08-04 | 8.8 High |
| Buffer Overflow vulnerability in function H5S_close in H5S.c in HDF5 1.10.4 allows remote attackers to run arbitrary code via creation of crafted file. | ||||
| CVE-2020-17541 | 2 Libjpeg-turbo, Redhat | 2 Libjpeg-turbo, Enterprise Linux | 2024-08-04 | 8.8 High |
| Libjpeg-turbo all version have a stack-based buffer overflow in the "transform" component. A remote attacker can send a malformed jpeg file to the service and cause arbitrary code execution or denial of service of the target service. | ||||
| CVE-2020-17426 | 1 Foxitsoftware | 1 Foxit Studio Photo | 2024-08-04 | 7.8 High |
| This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of CR2 files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-11230. | ||||
| CVE-2020-17397 | 1 Parallels | 1 Parallels Desktop | 2024-08-04 | 8.2 High |
| This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the handling of network packets. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the hypervisor. Was ZDI-CAN-11253. | ||||
| CVE-2020-17380 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-08-04 | 6.3 Medium |
| A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() routine in hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, or potentially execute arbitrary code with privileges of the QEMU process on the host. | ||||
| CVE-2020-15674 | 1 Mozilla | 1 Firefox | 2024-08-04 | 8.8 High |
| Mozilla developers reported memory safety bugs present in Firefox 80. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 81. | ||||
| CVE-2020-15782 | 1 Siemens | 63 6es7510-1dj01-0ab0, 6es7510-1sj01-0ab0, 6es7511-1ak01-0ab0 and 60 more | 2024-08-04 | 9.8 Critical |
| A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC (incl. SIPLUS variants) (All versions), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions < V21.9), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (All versions < V4.5.0), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions < V2.9.2), SIMATIC S7-1500 Software Controller (All versions < V21.9), SIMATIC S7-PLCSIM Advanced (All versions < V4.0), SINAMICS PERFECT HARMONY GH180 Drives (Drives manufactured before 2021-08-13), SINUMERIK MC (All versions < V6.15), SINUMERIK ONE (All versions < V6.15). Affected devices are vulnerable to a memory protection bypass through a specific operation. A remote unauthenticated attacker with network access to port 102/tcp could potentially write arbitrary data and code to protected memory areas or read sensitive data to launch further attacks. | ||||
| CVE-2020-15582 | 2 Google, Samsung | 2 Android, Exynos 7885 | 2024-08-04 | 5.5 Medium |
| An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 7885 chipsets) software. The Bluetooth Low Energy (BLE) component has a buffer overflow with a resultant deadlock or crash. The Samsung ID is SVE-2020-16870 (July 2020). | ||||