Total
2073 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-7828 | 2 Hmtalk, Microsoft | 2 Daviewindy, Windows | 2024-08-04 | 7.8 High |
| DaviewIndy 8.98.4 and earlier version contain Heap-based overflow vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution. | ||||
| CVE-2020-7829 | 2 Hmtalk, Microsoft | 2 Daviewindy, Windows | 2024-08-04 | 7.8 High |
| DaviewIndy 8.98.4 and earlier version contain Heap-based overflow vulnerability, triggered when the user opens a malformed specific file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution. | ||||
| CVE-2020-7586 | 1 Siemens | 4 Simatic Pcs 7, Simatic Process Device Manager, Simatic Step 7 and 1 more | 2024-08-04 | 7.8 High |
| A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). A buffer overflow vulnerability could allow a local attacker to cause a Denial-of-Service situation. The security vulnerability could be exploited by an attacker with local access to the affected systems. Successful exploitation requires user privileges but no user interaction. The vulnerability could allow an attacker to compromise the availability of the system as well as to have access to confidential information. | ||||
| CVE-2020-7039 | 5 Debian, Libslirp Project, Opensuse and 2 more | 12 Debian Linux, Libslirp, Leap and 9 more | 2024-08-04 | 5.6 Medium |
| tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code. | ||||
| CVE-2020-6970 | 1 Emerson | 1 Openenterprise Scada Server | 2024-08-04 | 9.8 Critical |
| A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise Server. | ||||
| CVE-2020-6851 | 5 Debian, Fedoraproject, Oracle and 2 more | 13 Debian Linux, Fedora, Georaster and 10 more | 2024-08-04 | 7.5 High |
| OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. | ||||
| CVE-2020-6556 | 5 Debian, Fedoraproject, Google and 2 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-08-04 | 8.8 High |
| Heap buffer overflow in SwiftShader in Google Chrome prior to 84.0.4147.135 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2020-6582 | 2 Fedoraproject, Nagios | 2 Fedora, Remote Plug In Executor | 2024-08-04 | 7.5 High |
| Nagios NRPE 3.2.1 has a Heap-Based Buffer Overflow, as demonstrated by interpretation of a small negative number as a large positive number during a bzero call. | ||||
| CVE-2020-6548 | 4 Debian, Fedoraproject, Google and 1 more | 4 Debian Linux, Fedora, Chrome and 1 more | 2024-08-04 | 8.8 High |
| Heap buffer overflow in Skia in Google Chrome prior to 84.0.4147.125 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2020-6540 | 4 Debian, Fedoraproject, Google and 1 more | 4 Debian Linux, Fedora, Chrome and 1 more | 2024-08-04 | 8.8 High |
| Buffer overflow in Skia in Google Chrome prior to 84.0.4147.105 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2020-6452 | 4 Fedoraproject, Google, Opensuse and 1 more | 5 Fedora, Chrome, Backports and 2 more | 2024-08-04 | 8.8 High |
| Heap buffer overflow in media in Google Chrome prior to 80.0.3987.162 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2020-6510 | 5 Debian, Fedoraproject, Google and 2 more | 6 Debian Linux, Fedora, Chrome and 3 more | 2024-08-04 | 7.8 High |
| Heap buffer overflow in background fetch in Google Chrome prior to 84.0.4147.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2020-6148 | 1 Pixar | 1 Openusd | 2024-08-04 | 7.8 High |
| A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. An instance exists in USDC file format FIELDSETS section decompression heap overflow. | ||||
| CVE-2020-6146 | 1 Gonitro | 1 Nitro Pro | 2024-08-04 | 8.8 High |
| An exploitable code execution vulnerability exists in the rendering functionality of Nitro Pro 13.13.2.242 and 13.16.2.300. When drawing the contents of a page and selecting the stroke color from an 'ICCBased' colorspace, the application will read a length from the file and use it as a loop sentinel when writing data into the member of an object. Due to the object member being a buffer of a static size allocated on the heap, this can result in a heap-based buffer overflow. A specially crafted document must be loaded by a victim in order to trigger this vulnerability. | ||||
| CVE-2020-6150 | 1 Pixar | 1 Openusd | 2024-08-04 | 7.8 High |
| A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software USDC file format SPECS section decompression heap overflow. | ||||
| CVE-2020-6155 | 1 Pixar | 1 Openusd | 2024-08-04 | 7.8 High |
| A heap overflow vulnerability exists in the Pixar OpenUSD 20.05 while parsing compressed value rep arrays in binary USD files. A specially crafted malformed file can trigger a heap overflow, which can result in remote code execution. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file. | ||||
| CVE-2020-6147 | 2 Apple, Pixar | 3 Ipados, Iphone Os, Openusd | 2024-08-04 | 7.8 High |
| A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. This instance exists in the USDC file format FIELDS section decompression heap overflow. | ||||
| CVE-2020-6149 | 1 Pixar | 1 Openusd | 2024-08-04 | 7.8 High |
| A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance in USDC file format PATHS section. | ||||
| CVE-2020-6156 | 1 Pixar | 1 Openusd | 2024-08-04 | 7.8 High |
| A heap overflow vulnerability exists in Pixar OpenUSD 20.05 when the software parses compressed sections in binary USD files. To trigger this vulnerability, the victim needs to open an attacker-provided malformed file in an instance USDC file format path element token index. | ||||
| CVE-2020-6007 | 1 Philips | 2 Hue Bridge V2, Hue Bridge V2 Firmware | 2024-08-04 | 7.9 High |
| Philips Hue Bridge model 2.X prior to and including version 1935144020 contains a Heap-based Buffer Overflow when handling a long ZCL string during the commissioning phase, resulting in a remote code execution. | ||||