Total
2430 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-2015 | 1 Paloaltonetworks | 1 Pan-os | 2024-02-28 | 9.0 HIGH | 8.8 HIGH |
A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; PAN-OS 9.1 versions earlier than 9.1.1; All versions of PAN-OS 8.0. | |||||
CVE-2020-15173 | 1 Accel-ppp | 1 Accel-ppp | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
In ACCEL-PPP (an implementation of PPTP/PPPoE/L2TP/SSTP), there is a buffer overflow when receiving an l2tp control packet ith an AVP which type is a string and no hidden flags, length set to less than 6. If your application is used in open networks or there are untrusted nodes in the network it is highly recommended to apply the patch. The problem was patched with commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b As a workaround changes of commit 2324bcd5ba12cf28f47357a8f03cd41b7c04c52b can be applied to older versions. | |||||
CVE-2020-11675 | 1 Cerner | 1 Medico | 2024-02-28 | 5.8 MEDIUM | 8.8 HIGH |
Cerner medico 26.00 has a Local Buffer Overflow (issue 1 of 3). | |||||
CVE-2020-25279 | 1 Google | 1 Android | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The baseband component has a buffer overflow via an abnormal SETUP message, leading to execution of arbitrary code. The Samsung ID is SVE-2020-18098 (September 2020). | |||||
CVE-2019-13168 | 1 Xerox | 2 Phaser 3320, Phaser 3320 Firmware | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Some Xerox printers (such as the Phaser 3320 V53.006.16.000) were affected by a buffer overflow vulnerability in the attributes parser of the IPP service. This would allow an unauthenticated attacker to cause a Denial of Service (DoS) and potentially execute arbitrary code on the device. | |||||
CVE-2020-4363 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, 11.1, and 11.5 is vulnerable to a buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code on the system with root privileges. IBM X-Force ID: 178960. | |||||
CVE-2019-20893 | 1 Activision | 1 Call Of Duty Modern Warfare 2 | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered in Activision Infinity Ward Call of Duty Modern Warfare 2 through 2019-12-11. PartyHost_HandleJoinPartyRequest has a buffer overflow vulnerability and can be exploited by using a crafted joinParty packet. This can be utilized to conduct arbitrary code execution on a victim's machine. | |||||
CVE-2020-4465 | 1 Ibm | 1 Mq Appliance | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
IBM MQ, IBM MQ Appliance, and IBM MQ for HPE NonStop 8.0, 9.1 CD, and 9.1 LTS is vulnerable to a buffer overflow vulnerability due to an error within the channel processing code. A remote attacker could overflow the buffer using an older client and cause a denial of service. IBM X-Force ID: 181562. | |||||
CVE-2019-10620 | 1 Qualcomm | 14 Apq8096au, Apq8096au Firmware, Apq8098 and 11 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
Kernel memory error in debug module due to improper check of user data length before copying into memory in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8096AU, APQ8098, MSM8996AU, QCN7605, SDM439, SDX24, SM8150 | |||||
CVE-2020-6999 | 1 Moxa | 2 Mds-g516e, Mds-g516e Firmware | 2024-02-28 | 4.0 MEDIUM | 6.5 MEDIUM |
In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer. | |||||
CVE-2019-20719 | 1 Netgear | 30 D6220, D6220 Firmware, D6400 and 27 more | 2024-02-28 | 5.2 MEDIUM | 6.8 MEDIUM |
Certain NETGEAR devices are affected by a buffer overflow by an authenticated user. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before 1.0.0.52, D8500 before 1.0.3.43, R6250 before 1.0.4.34, R6400 before 1.0.1.44, R6400v2 before 1.0.2.62, R7000P before 1.4.1.30, R7100LG before 1.0.0.48, R7300DST before 1.0.0.68, R7900 before 1.0.3.8, R7900P before 1.4.1.30, R8000 before 1.0.4.28, R8000P before 1.4.1.30, R8300 before 1.0.2.128, and R8500 before 1.0.2.128. | |||||
CVE-2020-10835 | 1 Samsung | 1 Exynos | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered on Samsung mobile devices with any (before February 2020 for Exynos modem chipsets) software. There is a buffer overflow in baseband CP message decoding. The Samsung IDs are SVE-2019-15816 and SVE-2019-15817 (February 2020). | |||||
CVE-2020-3699 | 1 Qualcomm | 94 Apq8009, Apq8009 Firmware, Apq8017 and 91 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Possible out of bound access while processing assoc response from host due to improper length check before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8009, APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9640, MDM9650, MSM8905, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCM2150, QCN7605, QCS405, QCS605, QM215, SA6155P, Saipan, SC8180X, SDA845, SDM429, SDM429W, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM845, SDX20, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130 | |||||
CVE-2020-5734 | 1 Solarwinds | 1 Dameware | 2024-02-28 | 4.3 MEDIUM | 7.5 HIGH |
Classic buffer overflow in SolarWinds Dameware allows a remote, unauthenticated attacker to cause a denial of service by sending a large 'SigPubkeyLen' during ECDH key exchange. | |||||
CVE-2019-10589 | 1 Qualcomm | 40 Apq8017, Apq8017 Firmware, Apq8053 and 37 more | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Lack of length check of response buffer can lead to buffer over-flow while GP command response buffer handling in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in APQ8017, APQ8053, APQ8098, MDM9206, MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, QM215, SDA660, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660 | |||||
CVE-2020-7261 | 1 Mcafee | 1 Endpoint Security | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
Buffer Overflow via Environment Variables vulnerability in AMSI component in McAfee Endpoint Security (ENS) Prior to 10.7.0 February 2020 Update allows local users to disable Endpoint Security via a carefully crafted user input. | |||||
CVE-2020-3343 | 1 Cisco | 1 Advanced Malware Protection For Endpoints | 2024-02-28 | 2.1 LOW | 5.5 MEDIUM |
A vulnerability in Cisco AMP for Endpoints Linux Connector Software and Cisco AMP for Endpoints Mac Connector Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by sending a crafted packet to an affected device. A successful exploit could allow the attacker to cause the Cisco AMP for Endpoints service to crash and restart. | |||||
CVE-2019-20758 | 1 Netgear | 2 R7000, R7000 Firmware | 2024-02-28 | 5.2 MEDIUM | 8.0 HIGH |
NETGEAR R7000 devices before 1.0.9.42 are affected by a buffer overflow by an authenticated user. | |||||
CVE-2017-18693 | 1 Google | 1 Android | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on Samsung mobile devices with KK(4.4), L(5.0/5.1), M(6.0), and N(7.0) software. There is a buffer overflow in the fps sysfs entry. The Samsung ID is SVE-2016-7510 (January 2017). | |||||
CVE-2020-13393 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/saveParentControlInfo deviceId and time parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. |