Export limit exceeded: 14270 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (14270 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-13573 | 1 Rockwellautomation | 1 Rslinx | 2024-11-21 | 7.5 High |
| A denial-of-service vulnerability exists in the Ethernet/IP server functionality of Rockwell Automation RSLinx Classic 2.57.00.14 CPR 9 SR 3. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability. | ||||
| CVE-2020-13571 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.8 High |
| An out-of-bounds write vulnerability exists in the SGI RLE decompression functionality of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2020-13561 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.8 High |
| An out-of-bounds write vulnerability exists in the TIFF parser of Accusoft ImageGear 19.8. A specially crafted malformed file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2020-13524 | 2 Apple, Pixar | 3 Mac Os X, Macos, Openusd | 2024-11-21 | 5.5 Medium |
| An out-of-bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 uses SPECS data from binary USD files. A specially crafted malformed file can trigger an out-of-bounds memory access and modification which results in memory corruption. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file. | ||||
| CVE-2020-13520 | 2 Apple, Pixar | 2 Macos, Openusd | 2024-11-21 | 7.8 High |
| An out of bounds memory corruption vulnerability exists in the way Pixar OpenUSD 20.05 reconstructs paths from binary USD files. A specially crafted malformed file can trigger an out of bounds memory modification which can result in remote code execution. To trigger this vulnerability, victim needs to access an attacker-provided malformed file. | ||||
| CVE-2020-13497 | 2 Apple, Pixar | 2 Macos, Openusd | 2024-11-21 | 5.5 Medium |
| An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in String Type Index. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file. | ||||
| CVE-2020-13496 | 2 Apple, Pixar | 2 Macos, Openusd | 2024-11-21 | 6.5 Medium |
| An exploitable vulnerability exists in the way Pixar OpenUSD 20.05 handles parses certain encoded types. A specially crafted malformed file can trigger an arbitrary out of bounds memory access in TfToken Type Index. This vulnerability could be used to bypass mitigations and aid further exploitation. To trigger this vulnerability, the victim needs to access an attacker-provided malformed file. | ||||
| CVE-2020-12866 | 3 Canonical, Opensuse, Sane-project | 3 Ubuntu Linux, Leap, Sane Backends | 2024-11-21 | 5.7 Medium |
| A NULL pointer dereference in SANE Backends before 1.0.30 allows a malicious device connected to the same local network as the victim to cause a denial of service, GHSL-2020-079. | ||||
| CVE-2020-12441 | 1 Ivanti | 2 Desktop\&server Management, Service Manager Heat Remote Control | 2024-11-21 | 9.8 Critical |
| Denial-of-Service (DoS) in Ivanti Service Manager HEAT Remote Control 7.4 due to a buffer overflow in the protocol parser of the ‘HEATRemoteService’ agent. The DoS can be triggered by sending a specially crafted network packet. | ||||
| CVE-2020-12417 | 4 Canonical, Mozilla, Opensuse and 1 more | 8 Ubuntu Linux, Firefox, Firefox Esr and 5 more | 2024-11-21 | 8.8 High |
| Due to confusion about ValueTags on JavaScript Objects, an object may pass through the type barrier, resulting in memory corruption and a potentially exploitable crash. *Note: this issue only affects Firefox on ARM64 platforms.* This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0. | ||||
| CVE-2020-12373 | 1 Intel | 48 Bmc Firmware, Hns2600bpb, Hns2600bpb24 and 45 more | 2024-11-21 | 6.7 Medium |
| Expired pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access. | ||||
| CVE-2020-12370 | 1 Intel | 1 Graphics Drivers | 2024-11-21 | 5.5 Medium |
| Untrusted pointer dereference in some Intel(R) Graphics Drivers before version 26.20.100.8141 may allow a privileged user to potentially enable a denial of service via local access. | ||||
| CVE-2020-12365 | 1 Intel | 1 Graphics Drivers | 2024-11-21 | 5.5 Medium |
| Untrusted pointer dereference in some Intel(R) Graphics Drivers before versions 15.33.51.5146, 15.45.32.5145, 15.36.39.5144 and 15.40.46.5143 may allow an authenticated user to potentially denial of service via local access. | ||||
| CVE-2020-12038 | 1 Rockwellautomation | 5 Eds Subsystem, Rslinx, Rslinx Enterprise and 2 more | 2024-11-21 | 5.5 Medium |
| Products that use EDS Subsystem: Version 28.0.1 and prior (FactoryTalk Linx software (Previously called RSLinx Enterprise): Versions 6.00, 6.10, and 6.11, RSLinx Classic: Version 4.11.00 and prior, RSNetWorx software: Version 28.00.00 and prior, Studio 5000 Logix Designer software: Version 32 and prior) is vulnerable. A memory corruption vulnerability exists in the algorithm that matches square brackets in the EDS subsystem. This may allow an attacker to craft specialized EDS files to crash the EDSParser COM object, leading to denial-of-service conditions. | ||||
| CVE-2020-12031 | 1 Rockwellautomation | 1 Factorytalk View | 2024-11-21 | 7.5 High |
| In all versions of FactoryTalk View SE, after bypassing memory corruption mechanisms found in the operating system, a local, authenticated attacker may corrupt the associated memory space allowing for arbitrary code execution. Rockwell Automation recommends applying patch 1126290. Before installing this patch, the patch rollup dated 06 Apr 2020 or later MUST be applied. 1066644 – Patch Roll-up for CPR9 SRx. | ||||
| CVE-2020-11984 | 8 Apache, Canonical, Debian and 5 more | 16 Http Server, Ubuntu Linux, Debian Linux and 13 more | 2024-11-21 | 9.8 Critical |
| Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE | ||||
| CVE-2020-11898 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 9.1 Critical |
| The Treck TCP/IP stack before 6.0.1.66 improperly handles an IPv4/ICMPv4 Length Parameter Inconsistency, which might allow remote attackers to trigger an information leak. | ||||
| CVE-2020-11896 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 10.0 Critical |
| The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. | ||||
| CVE-2020-11865 | 3 Fedoraproject, Libemf Project, Opensuse | 3 Fedora, Libemf, Leap | 2024-11-21 | 7.8 High |
| libEMF (aka ECMA-234 Metafile Library) through 1.0.11 allows out-of-bounds memory access. | ||||
| CVE-2020-11612 | 6 Debian, Fedoraproject, Netapp and 3 more | 26 Debian Linux, Fedora, Oncommand Api Services and 23 more | 2024-11-21 | 7.5 High |
| The ZlibDecoders in Netty 4.1.x before 4.1.46 allow for unbounded memory allocation while decoding a ZlibEncoded byte stream. An attacker could send a large ZlibEncoded byte stream to the Netty server, forcing the server to allocate all of its free memory to a single decoder. | ||||