Total
7228 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-5675 | 1 Mitsubishielectric | 20 Gs2107-wtbd, Gs2107-wtbd-n, Gs2107-wtbd-n Firmware and 17 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Out-of-bounds read vulnerability in GT21 model of GOT2000 series (GT2107-WTBD V01.39.000 and earlier, GT2107-WTSD V01.39.000 and earlier, GT2104-RTBD V01.39.000 and earlier, GT2104-PMBD V01.39.000 and earlier, and GT2103-PMBD V01.39.000 and earlier), GS21 model of GOT series (GS2110-WTBD V01.39.000 and earlier, GS2107-WTBD V01.39.000 and earlier, GS2110-WTBD-N V01.39.000 and earlier, and GS2107-WTBD-N V01.39.000 and earlier), and Tension Controller LE7-40GU-L series (LE7-40GU-L Screen package data for CC-Link IEF Basic V1.00, LE7-40GU-L Screen package data for MODBUS/TCP V1.00, and LE7-40GU-L Screen package data for SLMP V1.00) allows a remote attacker to cause a denial-of-service (DoS) condition by sending a specially crafted packet. As a result, deterioration of communication performance or a denial-of-service (DoS) condition of the TCP communication functions of the products may occur. | |||||
| CVE-2020-5360 | 2 Dell, Oracle | 5 Bsafe Micro-edition-suite, Database, Http Server and 2 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Dell BSAFE Micro Edition Suite, versions prior to 4.5, are vulnerable to a Buffer Under-Read Vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability resulting in undefined behaviour, or a crash of the affected systems. | |||||
| CVE-2020-5313 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2024-11-21 | 5.8 MEDIUM | 7.1 HIGH |
| libImaging/FliDecode.c in Pillow before 6.2.2 has an FLI buffer overflow. | |||||
| CVE-2020-5254 | 1 Nethack | 1 Nethack | 2024-11-21 | 6.8 MEDIUM | 3.9 LOW |
| In NetHack before 3.6.6, some out-of-bound values for the hilite_status option can be exploited. NetHack 3.6.6 resolves this issue. | |||||
| CVE-2020-5235 | 1 Nanopb Project | 1 Nanopb | 2024-11-21 | 7.5 HIGH | 6.5 MEDIUM |
| There is a potentially exploitable out of memory condition In Nanopb before 0.4.1, 0.3.9.5, and 0.2.9.4. When nanopb is compiled with PB_ENABLE_MALLOC, the message to be decoded contains a repeated string, bytes or message field and realloc() runs out of memory when expanding the array nanopb can end up calling `free()` on a pointer value that comes from uninitialized memory. Depending on platform this can result in a crash or further memory corruption, which may be exploitable in some cases. This problem is fixed in nanopb-0.4.1, nanopb-0.3.9.5, nanopb-0.2.9.4. | |||||
| CVE-2020-5140 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in SonicOS allows a remote unauthenticated attacker to cause Denial of Service (DoS) on the firewall SSLVPN service by sending a malicious HTTP request that leads to memory addresses leak. This vulnerability affected SonicOS Gen 5 version 5.9.1.7, 5.9.1.13, Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version SonicOS 7.0.0.0. | |||||
| CVE-2020-5134 | 1 Sonicwall | 2 Sonicos, Sonicosv | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| A vulnerability in SonicOS allows an authenticated attacker to cause out-of-bound invalid file reference leads to a firewall crash. This vulnerability affected SonicOS Gen 6 version 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0. | |||||
| CVE-2020-4767 | 1 Ibm | 1 Sterling Connect\ | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| IBM Sterling Connect Direct for Microsoft Windows 4.7, 4.8, 6.0, and 6.1 could allow a remote attacker to cause a denial of service, caused by a buffer over-read. Bysending a specially crafted request, the attacker could cause the application to crash. IBM X-Force ID: 188906. | |||||
| CVE-2020-4033 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 6.4 MEDIUM | 3.1 LOW |
| In FreeRDP before version 2.1.2, there is an out of bounds read in RLEDECOMPRESS. All FreeRDP based clients with sessions with color depth < 32 are affected. This is fixed in version 2.1.2. | |||||
| CVE-2020-4030 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | 6.4 MEDIUM | 3.5 LOW |
| In FreeRDP before version 2.1.2, there is an out of bounds read in TrioParse. Logging might bypass string length checks due to an integer overflow. This is fixed in version 2.1.2. | |||||
| CVE-2020-3990 | 1 Vmware | 3 Horizon Client, Workstation Player, Workstation Pro | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
| VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client. | |||||
| CVE-2020-3988 | 1 Vmware | 3 Horizon Client, Workstation Player, Workstation Pro | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
| VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. | |||||
| CVE-2020-3987 | 1 Vmware | 3 Horizon Client, Workstation Player, Workstation Pro | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
| VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMR STRETCHDIBITS parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. | |||||
| CVE-2020-3986 | 1 Vmware | 3 Horizon Client, Workstation Player, Workstation Pro | 2024-11-21 | 3.6 LOW | 6.1 MEDIUM |
| VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMF Parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. | |||||
| CVE-2020-3981 | 2 Apple, Vmware | 5 Mac Os X, Cloud Foundation, Esxi and 2 more | 2024-11-21 | 3.5 LOW | 5.8 MEDIUM |
| VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process. | |||||
| CVE-2020-3970 | 1 Vmware | 4 Cloud Foundation, Esxi, Fusion and 1 more | 2024-11-21 | 1.9 LOW | 3.8 LOW |
| VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in the Shader functionality. A malicious actor with non-administrative local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to crash the virtual machine's vmx process leading to a partial denial of service condition. | |||||
| CVE-2020-3965 | 1 Vmware | 4 Cloud Foundation, Esxi, Fusion and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the XHCI USB controller. A malicious actor with local access to a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. | |||||
| CVE-2020-3960 | 1 Vmware | 3 Fusion, Vsphere Esxi, Workstation | 2024-11-21 | 3.6 LOW | 8.4 HIGH |
| VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe functionality. A malicious actor with local non-administrative access to a virtual machine with a virtual NVMe controller present may be able to read privileged information contained in physical memory. | |||||
| CVE-2020-3912 | 1 Apple | 1 Mac Os X | 2024-11-21 | 6.6 MEDIUM | 7.1 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory. | |||||
| CVE-2020-3908 | 1 Apple | 1 Mac Os X | 2024-11-21 | 6.6 MEDIUM | 7.1 HIGH |
| An out-of-bounds read was addressed with improved input validation. This issue is fixed in macOS Catalina 10.15.4. A local user may be able to cause unexpected system termination or read kernel memory. | |||||