Total
3037 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-14260 | 1 Hcltech | 1 Domino | 2024-08-04 | 9.8 Critical |
| HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Domino or execute attacker-controlled code on the server system. | ||||
| CVE-2020-14124 | 1 Mi | 2 Ax3600, Ax3600 Firmware | 2024-08-04 | 9.8 Critical |
| There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12. | ||||
| CVE-2020-14034 | 1 Meetecho | 1 Janus | 2024-08-04 | 9.8 Critical |
| An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_get_codec_from_pt in utils.c has a Buffer Overflow via long value in an SDP Offer packet. | ||||
| CVE-2020-14033 | 1 Meetecho | 1 Janus | 2024-08-04 | 9.8 Critical |
| An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_streaming_rtsp_parse_sdp in plugins/janus_streaming.c has a Buffer Overflow via a crafted RTSP server. | ||||
| CVE-2020-13840 | 2 Google, Lg | 35 Android, Cv1, Cv1s and 32 more | 2024-08-04 | 9.8 Critical |
| An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via an MTK AT command handler buffer overflow. The LG ID is LVE-SMP-200008 (June 2020). | ||||
| CVE-2020-13839 | 2 Google, Lg | 35 Android, Cv1, Cv1s and 32 more | 2024-08-04 | 9.8 Critical |
| An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 (MTK chipsets). Code execution can occur via a custom AT command handler buffer overflow. The LG ID is LVE-SMP-200007 (June 2020). | ||||
| CVE-2020-13432 | 1 Rejetto | 1 Http File Server | 2024-08-04 | 7.5 High |
| rejetto HFS (aka HTTP File Server) v2.3m Build #300, when virtual files or folders are used, allows remote attackers to trigger an invalid-pointer write access violation via concurrent HTTP requests with a long URI or long HTTP headers. | ||||
| CVE-2020-13392 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-08-04 | 9.8 Critical |
| An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/setcfm funcpara1 parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | ||||
| CVE-2020-13390 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-08-04 | 9.8 Critical |
| An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/addressNat entrys and mitInterface parameters for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | ||||
| CVE-2020-13393 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-08-04 | 9.8 Critical |
| An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/saveParentControlInfo deviceId and time parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | ||||
| CVE-2020-13391 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-08-04 | 9.8 Critical |
| An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetSpeedWan speed_dir parameter for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | ||||
| CVE-2020-13389 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-08-04 | 9.8 Critical |
| An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/openSchedWifi schedStartTime and schedEndTime parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | ||||
| CVE-2020-13394 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-08-04 | 9.8 Critical |
| An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/SetNetControlList list parameter for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | ||||
| CVE-2020-13224 | 1 Tp-link | 14 Nc200, Nc200 Firmware, Nc210 and 11 more | 2024-08-04 | 8.8 High |
| TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow | ||||
| CVE-2020-12823 | 4 Debian, Fedoraproject, Infradead and 1 more | 4 Debian Linux, Fedora, Openconnect and 1 more | 2024-08-04 | 9.8 Critical |
| OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c. | ||||
| CVE-2020-12749 | 1 Google | 1 Android | 2024-08-04 | 7.8 High |
| An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. The S.LSI Wi-Fi drivers have a buffer overflow. The Samsung ID is SVE-2020-16906 (May 2020). | ||||
| CVE-2020-12653 | 5 Debian, Linux, Netapp and 2 more | 42 Debian Linux, Linux Kernel, A700s and 39 more | 2024-08-04 | 7.8 High |
| An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of service because of an incorrect memcpy and buffer overflow, aka CID-b70261a288ea. | ||||
| CVE-2020-12723 | 6 Fedoraproject, Netapp, Opensuse and 3 more | 21 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 18 more | 2024-08-04 | 7.5 High |
| regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. | ||||
| CVE-2020-12426 | 2 Mozilla, Opensuse | 2 Firefox, Leap | 2024-08-04 | 8.8 High |
| Mozilla developers and community members reported memory safety bugs present in Firefox 77. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 78. | ||||
| CVE-2020-12465 | 3 Linux, Netapp, Redhat | 10 Linux Kernel, Active Iq Unified Manager, Aff Baseboard Management Controller and 7 more | 2024-08-04 | 6.7 Medium |
| An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages. | ||||