Total
7228 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-6655 | 1 Eaton | 1 Easysoft | 2024-11-21 | 6.8 MEDIUM | 5.8 MEDIUM |
| The Eaton's easySoft software v7.xx prior to v7.22 are susceptible to Out-of-bounds remote code execution vulnerability. A malicious entity can execute a malicious code or make the application crash by tricking user to upload the malformed .E70 file in the application. The vulnerability arises due to improper validation and parsing of the E70 file content by the application. | |||||
| CVE-2020-6628 | 1 Libming | 1 Libming | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Ming (aka libming) 0.4.8 has a heap-based buffer over-read in the function decompile_SWITCH() in decompile.c. | |||||
| CVE-2020-6625 | 1 Jhead Project | 1 Jhead | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c. | |||||
| CVE-2020-6624 | 1 Jhead Project | 1 Jhead | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c. | |||||
| CVE-2020-6622 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_peek8. | |||||
| CVE-2020-6621 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| stb stb_truetype.h through 1.22 has a heap-based buffer over-read in ttUSHORT. | |||||
| CVE-2020-6620 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_get8. | |||||
| CVE-2020-6618 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__find_table. | |||||
| CVE-2020-6614 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bfr_read in decode.c. | |||||
| CVE-2020-6613 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in bit_search_sentinel in bits.c. | |||||
| CVE-2020-6612 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in copy_compressed_bytes in decode_r2007.c. | |||||
| CVE-2020-6609 | 2 Gnu, Opensuse | 3 Libredwg, Backports Sle, Leap | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| GNU LibreDWG 0.9.3.2564 has a heap-based buffer over-read in read_pages_map in decode_r2007.c. | |||||
| CVE-2020-6555 | 3 Debian, Fedoraproject, Google | 3 Debian Linux, Fedora, Chrome | 2024-11-21 | 6.8 MEDIUM | 7.6 HIGH |
| Out of bounds read in WebGL in Google Chrome prior to 84.0.4147.125 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |||||
| CVE-2020-6458 | 2 Debian, Google | 2 Debian Linux, Chrome | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Out of bounds read and write in PDFium in Google Chrome prior to 81.0.4044.122 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||||
| CVE-2020-6455 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Out of bounds read in WebSQL in Google Chrome prior to 81.0.4044.92 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2020-6447 | 4 Debian, Fedoraproject, Google and 1 more | 5 Debian Linux, Fedora, Chrome and 2 more | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Inappropriate implementation in developer tools in Google Chrome prior to 81.0.4044.92 allowed a remote attacker who had convinced the user to use devtools to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2020-6405 | 1 Google | 1 Chrome | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Out of bounds read in SQLite in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |||||
| CVE-2020-6395 | 1 Google | 1 Chrome | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Out of bounds read in JavaScript in Google Chrome prior to 80.0.3987.87 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. | |||||
| CVE-2020-6374 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated Jupiter Tessallation(.jt) file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | |||||
| CVE-2020-6345 | 1 Sap | 1 3d Visual Enterprise Viewer | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
| SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TGA file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation. | |||||