Vulnerabilities (CVE)

Filtered by CWE-787
Total 12074 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-28371 1 Readytalk 1 Avian 2024-11-21 7.5 HIGH 9.8 CRITICAL
An issue was discovered in ReadyTalk Avian 1.2.0 before 2020-10-27. The FileOutputStream.write() method in FileOutputStream.java has a boundary check to prevent out-of-bounds memory read/write operations. However, an integer overflow leads to bypassing this check and achieving the out-of-bounds access. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVE-2020-28343 2 Google, Samsung 4 Android, Exynos 980, Exynos 9820 and 1 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
An issue was discovered on Samsung mobile devices with P(9.0) and Q(10.0) (Exynos 980, 9820, and 9830 chipsets) software. The NPU driver allows attackers to execute arbitrary code because of unintended write and read operations on memory. The Samsung ID is SVE-2020-18610 (November 2020).
CVE-2020-28248 1 Png-img Project 1 Png-img 2024-11-21 6.8 MEDIUM 8.8 HIGH
An integer overflow in the PngImg::InitStorage_() function of png-img before 3.1.0 leads to an under-allocation of heap memory and subsequently an exploitable heap-based buffer overflow when loading a crafted PNG file.
CVE-2020-28198 1 Ibm 1 Tivoli Storage Manager 2024-11-21 4.4 MEDIUM 7.0 HIGH
The 'id' parameter of IBM Tivoli Storage Manager Version 5 Release 2 (Command Line Administrative Interface, dsmadmc.exe) is vulnerable to an exploitable stack buffer overflow. Note: the vulnerability can be exploited when it is used in "interactive" mode while, cause of a max number characters limitation, it cannot be exploited in batch or command line usage (e.g. dsmadmc.exe -id=username -password=pwd). NOTE: This vulnerability only affects products that are no longer supported by the maintainer
CVE-2020-28024 1 Exim 1 Exim 2024-11-21 7.5 HIGH 9.8 CRITICAL
Exim 4 before 4.94.2 allows Buffer Underwrite that may result in unauthenticated remote attackers executing arbitrary commands, because smtp_ungetc was only intended to push back characters, but can actually push back non-character error codes such as EOF.
CVE-2020-28022 1 Exim 1 Exim 2024-11-21 7.5 HIGH 9.8 CRITICAL
Exim 4 before 4.94.2 has Improper Restriction of Write Operations within the Bounds of a Memory Buffer. This occurs when processing name=value pairs within MAIL FROM and RCPT TO commands.
CVE-2020-28016 1 Exim 1 Exim 2024-11-21 7.2 HIGH 7.8 HIGH
Exim 4 before 4.94.2 allows an off-by-two Out-of-bounds Write because "-F ''" is mishandled by parse_fix_phrase.
CVE-2020-28013 1 Exim 1 Exim 2024-11-21 7.2 HIGH 7.8 HIGH
Exim 4 before 4.94.2 allows Heap-based Buffer Overflow because it mishandles "-F '.('" on the command line, and thus may allow privilege escalation from any user to root. This occurs because of the interpretation of negative sizes in strncpy.
CVE-2020-28011 1 Exim 1 Exim 2024-11-21 7.2 HIGH 7.8 HIGH
Exim 4 before 4.94.2 allows Heap-based Buffer Overflow in queue_run via two sender options: -R and -S. This may cause privilege escalation from exim to root.
CVE-2020-28010 1 Exim 1 Exim 2024-11-21 7.2 HIGH 7.8 HIGH
Exim 4 before 4.94.2 allows Out-of-bounds Write because the main function, while setuid root, copies the current working directory pathname into a buffer that is too small (on some common platforms).
CVE-2020-27952 1 Apple 2 Mac Os X, Macos 2024-11-21 6.8 MEDIUM 7.8 HIGH
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. Processing a maliciously crafted font file may lead to arbitrary code execution.
CVE-2020-27948 1 Apple 6 Ipados, Iphone Os, Mac Os X and 3 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted audio file may lead to arbitrary code execution.
CVE-2020-27947 1 Apple 2 Mac Os X, Macos 2024-11-21 9.3 HIGH 7.8 HIGH
A memory corruption issue was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. An application may be able to execute arbitrary code with kernel privileges.
CVE-2020-27944 1 Apple 5 Ipad Os, Iphone Os, Macos and 2 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in watchOS 7.2, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, iOS 14.3 and iPadOS 14.3, tvOS 14.3. Processing a maliciously crafted font file may lead to arbitrary code execution.
CVE-2020-27943 1 Apple 5 Ipad Os, Iphone Os, Macos and 2 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in tvOS 14.3, iOS 14.3 and iPadOS 14.3, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, watchOS 7.2. Processing a maliciously crafted font file may lead to arbitrary code execution.
CVE-2020-27933 1 Apple 6 Icloud, Ipados, Iphone Os and 3 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 13.6 and iPadOS 13.6, iCloud for Windows 7.20, watchOS 6.2.8, tvOS 13.4.8, macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra. Processing a maliciously crafted image may lead to arbitrary code execution.
CVE-2020-27931 1 Apple 5 Ipados, Iphone Os, Mac Os X and 2 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
A memory corruption issue existed in the processing of font files. This issue was addressed with improved input validation. This issue is fixed in iOS 14.0 and iPadOS 14.0, macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, watchOS 7.0, tvOS 14.0. Processing a maliciously crafted font file may lead to arbitrary code execution.
CVE-2020-27927 1 Apple 5 Ipados, Iphone Os, Macos and 2 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, tvOS 14.2, watchOS 7.1. Processing a maliciously crafted font file may lead to arbitrary code execution.
CVE-2020-27923 1 Apple 5 Ipados, Iphone Os, Mac Os X and 2 more 2024-11-21 6.8 MEDIUM 7.8 HIGH
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1, iOS 14.2 and iPadOS 14.2, watchOS 7.1, tvOS 14.2. Processing a maliciously crafted image may lead to arbitrary code execution.
CVE-2020-27919 1 Apple 1 Mac Os X 2024-11-21 6.8 MEDIUM 7.8 HIGH
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave, macOS Big Sur 11.0.1. Processing a maliciously crafted image may lead to arbitrary code execution.