Total
12074 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-12002 | 1 Advantech | 1 Webaccess | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. | |||||
| CVE-2020-11958 | 2 Canonical, Re2c | 2 Ubuntu Linux, Re2c | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/scanner.cc via a long lexeme. | |||||
| CVE-2020-11939 | 1 Ntop | 1 Ndpi | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concat_hash_string in ssh.c. Due to the granular nature of the overflow primitive and the ability to control both the contents and layout of the nDPI library's heap memory through remote input, this vulnerability may be abused to achieve full Remote Code Execution against any network inspection stack that is linked against nDPI and uses it to perform network traffic analysis. | |||||
| CVE-2020-11904 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 7.5 HIGH | 7.3 HIGH |
| The Treck TCP/IP stack before 6.0.1.66 has an Integer Overflow during Memory Allocation that causes an Out-of-Bounds Write. | |||||
| CVE-2020-11901 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 9.3 HIGH | 9.0 CRITICAL |
| The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response. | |||||
| CVE-2020-11897 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 10.0 HIGH | 10.0 CRITICAL |
| The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets. | |||||
| CVE-2020-11896 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 9.3 HIGH | 10.0 CRITICAL |
| The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. | |||||
| CVE-2020-11873 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A stack-based buffer overflow in the logging tool could allow an attacker to gain privileges. The LG ID is LVE-SMP-200005 (April 2020). | |||||
| CVE-2020-11835 | 1 Oppo | 4 Find X2 Pro, Find X2 Pro Firmware, Reno3 Pro and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_da9313.c, failure to check the parameter buf in the function proc_work_mode_write in proc_work_mode_write causes a vulnerability. | |||||
| CVE-2020-11834 | 1 Oppo | 4 Find X2 Pro, Find X2 Pro Firmware, Reno3 Pro and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_vooc.c, the function proc_fastchg_fw_update_write in proc_fastchg_fw_update_write does not check the parameter len, resulting in a vulnerability. | |||||
| CVE-2020-11833 | 1 Oppo | 4 Find X2 Pro, Find X2 Pro Firmware, Reno3 Pro and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_mp2650.c, the function mp2650_data_log_write in mp2650_data_log_write does not check the parameter len which causes a vulnerability. | |||||
| CVE-2020-11832 | 1 Oppo | 4 Find X2 Pro, Find X2 Pro Firmware, Reno3 Pro and 1 more | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| In functions charging_limit_current_write and charging_limit_time_write in /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.c have not checked the parameters, which causes a vulnerability. | |||||
| CVE-2020-11764 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp. | |||||
| CVE-2020-11763 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp. | |||||
| CVE-2020-11762 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case. | |||||
| CVE-2020-11633 | 1 Zscaler | 1 Client Connector | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack based buffer overflow when connecting to misconfigured TLS servers. An adversary would potentially have been able to execute arbitrary code with system privileges. | |||||
| CVE-2020-11600 | 1 Google | 1 Android | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with Q(10.0) software. There is arbitrary code execution in the Fingerprint Trustlet via a memory overwrite. The Samsung IDs are SVE-2019-16587, SVE-2019-16588, SVE-2019-16589 (April 2020). | |||||
| CVE-2020-11565 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 3.6 LOW | 6.0 MEDIUM |
| An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue “is a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.” | |||||
| CVE-2020-11528 | 1 Bit2spr Project | 1 Bit2spr | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| bit2spr 1992-06-07 has a stack-based buffer overflow (129-byte write) in conv_bitmap in bit2spr.c via a long line in a bitmap file. | |||||
| CVE-2020-11524 | 3 Canonical, Freerdp, Opensuse | 3 Ubuntu Linux, Freerdp, Leap | 2024-11-21 | 6.0 MEDIUM | 6.6 MEDIUM |
| libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. | |||||