Total
2430 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-4102 | 1 Hcltech | 1 Notes | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
HCL Notes is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Notes or execute attacker-controlled code on the client system. | |||||
CVE-2020-8261 | 2 Ivanti, Pulsesecure | 4 Connect Secure, Policy Secure, Pulse Connect Secure and 1 more | 2024-02-28 | 4.3 MEDIUM | 4.3 MEDIUM |
A vulnerability in the Pulse Connect Secure / Pulse Policy Secure < 9.1R9 is vulnerable to arbitrary cookie injection. | |||||
CVE-2021-27965 | 1 Msi | 1 Dragon Center | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
The MsIo64.sys driver before 1.1.19.1016 in MSI Dragon Center before 2.0.98.0 has a buffer overflow that allows privilege escalation via a crafted 0x80102040, 0x80102044, 0x80102050, or 0x80102054 IOCTL request. | |||||
CVE-2021-25135 | 1 Hpe | 10 Cloudline Cl3100 Gen10 Server, Cloudline Cl3100 Gen10 Server Firmware, Cloudline Cl4100 Gen10 Server and 7 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsmtp_func function. | |||||
CVE-2020-8249 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
A vulnerability in the Pulse Secure Desktop Client (Linux) < 9.1R9 could allow local attackers to perform buffer overflow. | |||||
CVE-2021-21051 | 3 Adobe, Apple, Microsoft | 3 Photoshop, Macos, Windows | 2024-02-28 | 9.3 HIGH | 7.8 HIGH |
Adobe Photoshop versions 21.2.4 (and earlier) and 22.1.1 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted javascript file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | |||||
CVE-2020-4097 | 1 Hcltech | 1 Notes | 2024-02-28 | 4.6 MEDIUM | 6.8 MEDIUM |
In HCL Notes version 9 previous to release 9.0.1 FixPack 10 Interim Fix 8, version 10 previous to release 10.0.1 FixPack 6 and version 11 previous to 11.0.1 FixPack 1, a vulnerability in the input parameter handling of the Notes Client could potentially be exploited by an attacker resulting in a buffer overflow. This could enable an attacker to crash HCL Notes or execute attacker-controlled code on the client. | |||||
CVE-2020-5025 | 4 Ibm, Linux, Microsoft and 1 more | 4 Db2, Linux Kernel, Windows and 1 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 db2fm is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 193661. | |||||
CVE-2021-25132 | 1 Hpe | 10 Cloudline Cl3100 Gen10 Server, Cloudline Cl3100 Gen10 Server Firmware, Cloudline Cl4100 Gen10 Server and 7 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setmediaconfig_func function. | |||||
CVE-2020-11155 | 1 Qualcomm | 22 Apq8009, Apq8009 Firmware, Apq8053 and 19 more | 2024-02-28 | 8.3 HIGH | 8.8 HIGH |
u'Buffer overflow while processing PDU packet in bluetooth due to lack of check of buffer length before copying into it.' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, QCN7606, SA415M, SA515M, SA6155P, SA8155P, SC8180X, SDX55 | |||||
CVE-2020-27678 | 3 Illumos, Joyent, Omniosce | 3 Illumos, Smartos, Omnios | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c. | |||||
CVE-2019-14557 | 1 Intel | 55 Bios, Celeron 4205u, Celeron 4305u and 52 more | 2024-02-28 | 5.2 MEDIUM | 8.0 HIGH |
Buffer overflow in BIOS firmware for 8th, 9th, 10th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 & 5000 Series Processors may allow an authenticated user to potentially enable elevation of privilege or denial of service via adjacent access. | |||||
CVE-2021-25306 | 1 Gigaset | 2 Dx600a, Dx600a Firmware | 2024-02-28 | 7.8 HIGH | 7.5 HIGH |
A buffer overflow vulnerability in the AT command interface of Gigaset DX600A v41.00-175 devices allows remote attackers to force a device reboot by sending relatively long AT commands. | |||||
CVE-2020-16146 | 1 Espressif | 1 Esp-idf | 2024-02-28 | 5.0 MEDIUM | 7.5 HIGH |
Espressif ESP-IDF 2.x, 3.0.x through 3.0.9, 3.1.x through 3.1.7, 3.2.x through 3.2.3, 3.3.x through 3.3.2, and 4.0.x through 4.0.1 has a Buffer Overflow in BluFi provisioning in btc_blufi_recv_handler function in blufi_prf.c. An attacker can send a crafted BluFi protocol Write Attribute command to characteristic 0xFF01. With manipulated packet fields, there is a buffer overflow. | |||||
CVE-2020-11154 | 1 Qualcomm | 22 Apq8009, Apq8009 Firmware, Apq8053 and 19 more | 2024-02-28 | 8.3 HIGH | 8.8 HIGH |
u'Buffer overflow while processing a crafted PDU data packet in bluetooth due to lack of check of buffer size before copying' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, QCA6390, QCN7605, QCN7606, SA415M, SA515M, SA6155P, SA8155P, SC8180X, SDX55 | |||||
CVE-2020-27486 | 1 Garmin | 2 Forerunner 235, Forerunner 235 Firmware | 2024-02-28 | 6.5 MEDIUM | 9.9 CRITICAL |
Garmin Forerunner 235 before 8.20 is affected by: Buffer Overflow. The component is: ConnectIQ TVM. The attack vector is: To exploit the vulnerability, the attacker must upload a malicious ConnectIQ application to the ConnectIQ store. The ConnectIQ program interpreter trusts the string length provided in the data section of the PRG file. It allocates memory for the string immediately, and then copies the string into the TVM object by using a function similar to strcpy. This copy can exceed the length of the allocated string data and overwrite heap data. A successful exploit would allow a ConnectIQ app store application to escape and perform activities outside the restricted application execution environment. | |||||
CVE-2020-28864 | 1 Winscp | 1 Winscp | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Buffer overflow in WinSCP 5.17.8 allows a malicious FTP server to cause a denial of service or possibly have other unspecified impact via a long file name. | |||||
CVE-2021-25130 | 1 Hpe | 10 Cloudline Cl3100 Gen10 Server, Cloudline Cl3100 Gen10 Server Firmware, Cloudline Cl4100 Gen10 Server and 7 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setactdir_func function. | |||||
CVE-2019-8839 | 1 Apple | 1 Mac Os X | 2024-02-28 | 4.3 MEDIUM | 5.5 MEDIUM |
A buffer overflow was addressed with improved bounds checking. This issue is fixed in macOS Catalina 10.15.2, Security Update 2019-002 Mojave, and Security Update 2019-007 High Sierra. An attacker in a privileged position may be able to perform a denial of service attack. | |||||
CVE-2018-9333 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe. |