Total
1554 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-3353 | 1 Cisco | 1 Identity Services Engine | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| A vulnerability in the syslog processing engine of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a race condition that may occur when syslog messages are processed. An attacker could exploit this vulnerability by sending a high rate of syslog messages to an affected device. A successful exploit could allow the attacker to cause the Application Server process to crash, resulting in a DoS condition. | |||||
| CVE-2020-3350 | 4 Canonical, Cisco, Debian and 1 more | 5 Ubuntu Linux, Advanced Malware Protection For Endpoints, Clam Antivirus and 2 more | 2024-11-21 | 3.3 LOW | 5.5 MEDIUM |
| A vulnerability in the endpoint software of Cisco AMP for Endpoints and Clam AntiVirus could allow an authenticated, local attacker to cause the running software to delete arbitrary files on the system. The vulnerability is due to a race condition that could occur when scanning malicious files. An attacker with local shell access could exploit this vulnerability by executing a script that could trigger the race condition. A successful exploit could allow the attacker to delete arbitrary files on the system that the attacker would not normally have privileges to delete, producing system instability or causing the endpoint software to stop working. | |||||
| CVE-2020-3163 | 1 Cisco | 1 Unified Contact Center Enterprise | 2024-11-21 | 7.1 HIGH | 5.9 MEDIUM |
| A vulnerability in the Live Data server of Cisco Unified Contact Center Enterprise could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability exists because the affected software improperly manages resources when processing inbound Live Data traffic. An attacker could exploit this vulnerability by sending multiple crafted Live Data packets to an affected device. A successful exploit could cause the affected device to run out of buffer resources, which could result in a stack overflow and cause the affected device to reload, resulting in a DoS condition. Note: The Live Data port in Cisco Unified Contact Center Enterprise devices allows only a single TCP connection. To exploit this vulnerability, an attacker would have to send crafted packets to an affected device before a legitimate Live Data client establishes a connection. | |||||
| CVE-2020-36558 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.1 MEDIUM |
| A race condition in the Linux kernel before 5.5.7 involving VT_RESIZEX could lead to a NULL pointer dereference and general protection fault. | |||||
| CVE-2020-36557 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A | 5.1 MEDIUM |
| A race condition in the Linux kernel before 5.6.2 between the VT_DISALLOCATE ioctl and closing/opening of ttys could lead to a use-after-free. | |||||
| CVE-2020-36458 | 1 Lexer Project | 1 Lexer | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the lexer crate through 2020-11-10 for Rust. For ReaderResult<T, E>, there is an implementation of Sync with a trait bound of T: Send, E: Send. | |||||
| CVE-2020-36454 | 1 Parc Project | 1 Parc | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the parc crate through 2020-11-14 for Rust. LockWeak<T> has an unconditional implementation of Send without trait bounds on T. | |||||
| CVE-2020-36447 | 1 V9 Project | 1 V9 | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the v9 crate through 2020-12-18 for Rust. There is an unconditional implementation of Sync for SyncRef<T>. | |||||
| CVE-2020-36446 | 1 Signal-simple Project | 1 Signal-simple | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the signal-simple crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for SyncChannel<T>. | |||||
| CVE-2020-36445 | 1 Project | 1 Convec | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the convec crate through 2020-11-24 for Rust. There are unconditional implementations of Send and Sync for ConVec<T>. | |||||
| CVE-2020-36444 | 1 Async-coap Project | 1 Async-coap | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the async-coap crate through 2020-12-08 for Rust. Send and Sync are implemented for ArcGuard<RC, T> without trait bounds on RC. | |||||
| CVE-2020-36442 | 1 Beef Project | 1 Beef | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait. | |||||
| CVE-2020-36441 | 1 Abox Project | 1 Abox | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the abox crate before 0.4.1 for Rust. It implements Send and Sync for AtomicBox<T> with no requirement for T: Send and T: Sync. | |||||
| CVE-2020-36440 | 1 Libsbc Project | 1 Libsbc | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the libsbc crate before 0.1.5 for Rust. For Decoder<R>, it implements Send for any R: Read. | |||||
| CVE-2020-36439 | 1 Ticketed Lock Project | 1 Ticketed Lock | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the ticketed_lock crate before 0.3.0 for Rust. There are unconditional implementations of Send for ReadTicket<T> and WriteTicket<T>. | |||||
| CVE-2020-36438 | 1 Tiny Future Project | 1 Tiny Future | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the tiny_future crate before 0.4.0 for Rust. Future<T> does not have bounds on its Send and Sync traits. | |||||
| CVE-2020-36437 | 1 Conqueue Project | 1 Conqueue | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the conqueue crate before 0.4.0 for Rust. There are unconditional implementations of Send and Sync for QueueSender<T>. | |||||
| CVE-2020-36436 | 1 Unicycle Project | 1 Unicycle | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the unicycle crate before 0.7.1 for Rust. PinSlab<T> and Unordered<T, S> do not have bounds on their Send and Sync traits. | |||||
| CVE-2020-36435 | 1 Ruspiro-singleton Project | 1 Ruspiro-singleton | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in the ruspiro-singleton crate before 0.4.1 for Rust. In Singleton, Send and Sync do not have bounds checks. | |||||
| CVE-2020-36203 | 1 Reffers Project | 1 Reffers | 2024-11-21 | 1.9 LOW | 4.7 MEDIUM |
| An issue was discovered in the reffers crate through 2020-12-01 for Rust. ARefss can contain a !Send,!Sync object, leading to a data race and memory corruption. | |||||