Total
2592 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-10639 | 1 Eaton | 2 Hmisoft Vu3, Hmisoft Vu3 Firmware | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Eaton HMiSoft VU3 (HMIVU3 runtime not impacted), Version 3.00.23 and prior, however, the HMIVU runtimes are not impacted by these issues. A specially crafted input file could cause a buffer overflow when loaded by the affected product. | |||||
| CVE-2020-10599 | 1 Visam | 2 Vbase Editor, Vbase Web-remote | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow a vulnerable ActiveX component to be exploited resulting in a buffer overflow, which may lead to a denial-of-service condition and execution of arbitrary code. | |||||
| CVE-2020-10595 | 2 Debian, Pam-krb5 Project | 2 Debian Linux, Pam-krb5 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| pam-krb5 before 4.9 has a buffer overflow that might cause remote code execution in situations involving supplemental prompting by a Kerberos library. It may overflow a buffer provided by the underlying Kerberos library by a single '\0' byte if an attacker responds to a prompt with an answer of a carefully chosen length. The effect may range from heap corruption to stack corruption depending on the structure of the underlying Kerberos library, with unknown effects but possibly including code execution. This code path is not used for normal authentication, but only when the Kerberos library does supplemental prompting, such as with PKINIT or when using the non-standard no_prompt PAM configuration option. | |||||
| CVE-2020-10566 | 1 Freebsd | 1 Freebsd | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| grub2-bhyve, as used in FreeBSD bhyve before revision 525916 2020-02-12, mishandles font loading by a guest through a grub2.cfg file, leading to a buffer overflow. | |||||
| CVE-2020-10379 | 3 Canonical, Fedoraproject, Python | 3 Ubuntu Linux, Fedora, Pillow | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In Pillow before 7.1.0, there are two Buffer Overflows in libImaging/TiffDecode.c. | |||||
| CVE-2020-10188 | 6 Arista, Debian, Fedoraproject and 3 more | 6 Eos, Debian Linux, Fedora and 3 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| utility.c in telnetd in netkit telnet through 0.17 allows remote attackers to execute arbitrary code via short writes or urgent data, because of a buffer overflow involving the netclear and nextitem functions. | |||||
| CVE-2020-10071 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 7.5 HIGH | 9.0 CRITICAL |
| The Zephyr MQTT parsing code performs insufficient checking of the length field on publish messages, allowing a buffer overflow and potentially remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions. | |||||
| CVE-2020-10070 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 7.5 HIGH | 9.0 CRITICAL |
| In the Zephyr Project MQTT code, improper bounds checking can result in memory corruption and possibly remote code execution. NCC-ZEP-031 This issue affects: zephyrproject-rtos zephyr version 2.2.0 and later versions. | |||||
| CVE-2020-10042 | 1 Siemens | 6 Sicam Mmu, Sicam Mmu Firmware, Sicam Sgu and 3 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability has been identified in SICAM MMU (All versions < V2.05), SICAM SGU (All versions), SICAM T (All versions < V2.18). A buffer overflow in various positions of the web application might enable an attacker with access to the web application to execute arbitrary code over the network. | |||||
| CVE-2020-10023 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 4.6 MEDIUM | 6.9 MEDIUM |
| The shell subsystem contains a buffer overflow, whereby an adversary with physical access to the device is able to cause a memory corruption, resulting in denial of service or possibly code execution within the Zephyr kernel. See NCC-NCC-019 This issue affects: zephyrproject-rtos zephyr version 1.14.0 and later versions. version 2.1.0 and later versions. | |||||
| CVE-2020-10022 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 7.5 HIGH | 9.0 CRITICAL |
| A malformed JSON payload that is received from an UpdateHub server may trigger memory corruption in the Zephyr OS. This could result in a denial of service in the best case, or code execution in the worst case. See NCC-NCC-016 This issue affects: zephyrproject-rtos zephyr version 2.1.0 and later versions. version 2.2.0 and later versions. | |||||
| CVE-2020-10019 | 1 Zephyrproject | 1 Zephyr | 2024-11-21 | 4.6 MEDIUM | 8.1 HIGH |
| USB DFU has a potential buffer overflow where the requested length (wLength) is not checked against the buffer size. This could be used by a malicious USB host to exploit the buffer overflow. See NCC-ZEP-002 This issue affects: zephyrproject-rtos zephyr version 1.14.1 and later versions. version 2.1.0 and later versions. | |||||
| CVE-2020-0584 | 1 Intel | 8 Optane Ssd 900p, Optane Ssd 900p Firmware, Optane Ssd 905p and 5 more | 2024-11-21 | 2.1 LOW | 6.2 MEDIUM |
| Buffer overflow in firmware for Intel(R) SSD DC P4800X and P4801X Series, Intel(R) Optane(TM) SSD 900P and 905P Series may allow an unauthenticated user to potentially enable a denial of service via local access. | |||||
| CVE-2020-0576 | 1 Intel | 2 Compute Module Mfs2600ki, Compute Module Mfs2600ki Firmware | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| Buffer overflow in Intel(R) Modular Server MFS2600KISPP Compute Module may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2020-0530 | 1 Intel | 140 Compute Stick Stck1a32wfc, Compute Stick Stck1a32wfc Firmware, Compute Stick Stck1a8lfc and 137 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Improper buffer restrictions in firmware for Intel(R) NUC may allow an authenticated user to potentially enable escalation of privilege via local access. The list of affected products is provided in intel-sa-00343: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00343.html | |||||
| CVE-2020-0504 | 1 Intel | 1 Graphics Driver | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Buffer overflow in Intel(R) Graphics Drivers before versions 15.40.44.5107, 15.45.30.5103, and 26.20.100.7158 may allow an authenticated user to potentially enable escalation of privilege and denial of service via local access. | |||||
| CVE-2020-0501 | 1 Intel | 1 Graphics Driver | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Buffer overflow in Intel(R) Graphics Drivers before version 26.20.100.6912 may allow an authenticated user to potentially enable a denial of service via local access. | |||||
| CVE-2019-9689 | 1 Axtls Project | 1 Axtls | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| process_certificate in tls1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates. | |||||
| CVE-2019-9677 | 1 Dahuasecurity | 18 Ipc-hdbw4x2x, Ipc-hdbw4x2x Firmware, Ipc-hdw1x2x and 15 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflow by constructing malicious packets. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HDW5X2X,IPC-HFW5X2X for versions which Build time is before August 18, 2019. | |||||
| CVE-2019-9099 | 1 Moxa | 12 Mb3170, Mb3170 Firmware, Mb3180 and 9 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Moxa MGate MB3170 and MB3270 devices before 4.1, MB3280 and MB3480 devices before 3.1, MB3660 devices before 2.3, and MB3180 devices before 2.1. A Buffer overflow in the built-in web server allows remote attackers to initiate DoS, and probably to execute arbitrary code (issue 1 of 2). | |||||