Total
12879 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-36242 | 3 Cryptography.io, Fedoraproject, Oracle | 3 Cryptography, Fedora, Communications Cloud Native Core Network Function Cloud Native Environment | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| In the cryptography package before 3.3.2 for Python, certain sequences of update calls to symmetrically encrypt multi-GB values could result in an integer overflow and buffer overflow, as demonstrated by the Fernet class. | |||||
| CVE-2020-36220 | 1 Va-ts Project | 1 Va-ts | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the va-ts crate before 0.0.4 for Rust. Because Demuxer<T> omits a required T: Send bound, a data race and memory corruption can occur. | |||||
| CVE-2020-36217 | 1 May Queue Project | 1 May Queue | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the may_queue crate through 2020-11-10 for Rust. Because Queue does not have bounds on its Send trait or Sync trait, memory corruption can occur. | |||||
| CVE-2020-36216 | 1 Petabi | 1 Eventio | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in Input<R> in the eventio crate before 0.5.1 for Rust. Because a non-Send type can be sent to a different thread, a data race and memory corruption can occur. | |||||
| CVE-2020-36215 | 1 Hashconsing Project | 1 Hashconsing | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the hashconsing crate before 1.1.0 for Rust. Because HConsed does not have bounds on its Send trait or Sync trait, memory corruption can occur. | |||||
| CVE-2020-36211 | 1 Devolutions | 1 Gfwx | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
| An issue was discovered in the gfwx crate before 0.3.0 for Rust. Because ImageChunkMut does not have bounds on its Send trait or Sync trait, a data race and memory corruption can occur. | |||||
| CVE-2020-36210 | 1 Autorand Project | 1 Autorand | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in the autorand crate before 0.2.3 for Rust. Because of impl Random on arrays, uninitialized memory can be dropped when a panic occurs, leading to memory corruption. | |||||
| CVE-2020-36208 | 1 Conquer-once Project | 1 Conquer-once | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in the conquer-once crate before 0.3.2 for Rust. Thread crossing can occur for a non-Send but Sync type, leading to memory corruption. | |||||
| CVE-2020-36207 | 1 Aovec Project | 1 Aovec | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
| An issue was discovered in the aovec crate through 2020-12-10 for Rust. Because Aovec<T> does not have bounds on its Send trait or Sync trait, a data race and memory corruption can occur. | |||||
| CVE-2020-36206 | 1 Rusb Project | 1 Rusb | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
| An issue was discovered in the rusb crate before 0.7.0 for Rust. Because of a lack of Send and Sync bounds, a data race and memory corruption can occur. | |||||
| CVE-2020-36203 | 1 Reffers Project | 1 Reffers | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| An issue was discovered in the reffers crate through 2020-12-01 for Rust. ARefss can contain a !Send,!Sync object, leading to a data race and memory corruption. | |||||
| CVE-2020-36177 | 1 Wolfssl | 1 Wolfssl | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size. | |||||
| CVE-2020-36151 | 2 Fedoraproject, Symonics | 2 Fedora, Libmysofa | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block. | |||||
| CVE-2020-36131 | 1 Aomedia | 1 Aomedia | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| AOM v2.0.1 was discovered to contain a stack buffer overflow via the component stats/rate_hist.c. | |||||
| CVE-2020-36129 | 1 Aomedia | 1 Aomedia | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aom_image.c. | |||||
| CVE-2020-35979 | 1 Gpac | 1 Gpac | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is heap-based buffer overflow in the function gp_rtp_builder_do_avc() in ietf/rtp_pck_mpeg4.c. | |||||
| CVE-2020-35965 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations. | |||||
| CVE-2020-35964 | 2 Ffmpeg, Linux | 2 Ffmpeg, Linux Kernel | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing. | |||||
| CVE-2020-35963 | 2 Linux, Treasuredata | 2 Linux Kernel, Fluent Bit | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| flb_gzip_compress in flb_gzip.c in Fluent Bit before 1.6.4 has an out-of-bounds write because it does not use the correct calculation of the maximum gzip data-size expansion. | |||||
| CVE-2020-35924 | 1 Try-mutex Project | 1 Try-mutex | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in the try-mutex crate before 0.3.0 for Rust. TryMutex<T> allows cross-thread sending of a non-Send type. | |||||