Total
4018 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-2040 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 9.8 Critical |
| A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3. | ||||
| CVE-2020-2015 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 8.8 High |
| A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; PAN-OS 9.1 versions earlier than 9.1.1; All versions of PAN-OS 8.0. | ||||
| CVE-2020-29659 | 1 Flexense | 1 Dupscout | 2024-11-21 | 9.8 Critical |
| A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack. | ||||
| CVE-2020-29596 | 1 Miniweb Http Server Project | 1 Miniweb Http Server | 2024-11-21 | 7.5 High |
| MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial of service (daemon crash) via a long name for the first parameter in a POST request. | ||||
| CVE-2020-29203 | 1 Struct2json Project | 1 Struct2json | 2024-11-21 | 9.8 Critical |
| struct2json before 2020-11-18 is affected by a Buffer Overflow because strcpy is used for S2J_STRUCT_GET_string_ELEMENT. | ||||
| CVE-2020-28969 | 1 Aplixio | 1 Pdf Shapingup | 2024-11-21 | 7.8 High |
| Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow which allows attackers to cause a denial of service (DoS) via a crafted PDF file. | ||||
| CVE-2020-28967 | 1 Flashget | 1 Flashget | 2024-11-21 | 8.8 High |
| FlashGet v1.9.6 was discovered to contain a buffer overflow in the 'current path directory' function. This vulnerability allows attackers to elevate local process privileges via overwriting the registers. | ||||
| CVE-2020-28963 | 2 Krylack, Microsoft | 2 Zip Password Recovery, Windows | 2024-11-21 | 7.8 High |
| Passcovery Co. Ltd ZIP Password Recovery v3.70.69.0 was discovered to contain a buffer overflow via the decompress function. | ||||
| CVE-2020-28926 | 2 Debian, Readymedia Project | 2 Debian Linux, Readymedia | 2024-11-21 | 9.8 Critical |
| ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove. | ||||
| CVE-2020-28877 | 1 Tp-link | 30 Wdr7400, Wdr7400 Firmware, Wdr7500 and 27 more | 2024-11-21 | 9.8 Critical |
| Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N, WR890N, WR890N, WR882N, and WR708N. | ||||
| CVE-2020-28864 | 1 Winscp | 1 Winscp | 2024-11-21 | 9.8 Critical |
| Buffer overflow in WinSCP 5.17.8 allows a malicious FTP server to cause a denial of service or possibly have other unspecified impact via a long file name. | ||||
| CVE-2020-28840 | 1 Matthiaswandel | 1 Jhead | 2024-11-21 | 7.8 High |
| Buffer Overflow vulnerability in jpgfile.c in Matthias-Wandel jhead version 3.04, allows local attackers to execute arbitrary code and cause a denial of service (DoS). | ||||
| CVE-2020-28759 | 1 Tengine Project | 1 Tengine | 2024-11-21 | 5.5 Medium |
| The serializer module in OAID Tengine lite-v1.0 has a Buffer Overflow and crash. NOTE: another person has stated "I don't think there is an proof of overflow so far. | ||||
| CVE-2020-28592 | 1 Cosori | 2 Cs158-af, Cs158-af Firmware | 2024-11-21 | 9.8 Critical |
| A heap-based buffer overflow vulnerability exists in the configuration server functionality of the Cosori Smart 5.8-Quart Air Fryer CS158-AF 1.1.0. A specially crafted JSON object can lead to remote code execution. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2020-28341 | 2 Google, Samsung | 2 Android, Exynos 990 | 2024-11-21 | 7.8 High |
| An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos990 chipsets) software. The S3K250AF Secure Element CC EAL 5+ chip allows attackers to execute arbitrary code and obtain sensitive information via a buffer overflow. The Samsung ID is SVE-2020-18632 (November 2020). | ||||
| CVE-2020-28005 | 1 Tp-link | 2 Tl-wpa4220, Tl-wpa4220 Firmware | 2024-11-21 | 6.5 Medium |
| httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the /admin/syslog endpoint. Fixed version: TL-WPA4220(EU)_V4_201023 | ||||
| CVE-2020-27824 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2024-11-21 | 5.5 Medium |
| A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability. | ||||
| CVE-2020-27823 | 4 Debian, Fedoraproject, Redhat and 1 more | 4 Debian Linux, Fedora, Enterprise Linux and 1 more | 2024-11-21 | 7.8 High |
| A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | ||||
| CVE-2020-27818 | 3 Debian, Fedoraproject, Libpng | 4 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 1 more | 2024-11-21 | 3.3 Low |
| A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. An attacker able to pass a malicious file to be processed by pngcheck could cause a temporary denial of service, posing a low risk to application availability. | ||||
| CVE-2020-27745 | 2 Debian, Schedmd | 2 Debian Linux, Slurm | 2024-11-21 | 9.8 Critical |
| Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin. | ||||