Search Results (44126 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2020-14309 3 Gnu, Opensuse, Redhat 7 Grub2, Leap, Enterprise Linux and 4 more 2024-11-21 6.7 Medium
There's an issue with grub2 in all versions before 2.06 when handling squashfs filesystems containing a symbolic link with name length of UINT32 bytes in size. The name size leads to an arithmetic overflow leading to a zero-size allocation further causing a heap-based buffer overflow with attacker controlled data.
CVE-2020-14308 3 Gnu, Opensuse, Redhat 7 Grub2, Leap, Enterprise Linux and 4 more 2024-11-21 6.4 Medium
In grub2 versions before 2.06 the grub memory allocator doesn't check for possible arithmetic overflows on the requested allocation size. This leads the function to return invalid memory allocations which can be further used to cause possible integrity, confidentiality and availability impacts during the boot process.
CVE-2020-14260 1 Hcltech 1 Domino 2024-11-21 9.8 Critical
HCL Domino is susceptible to a Buffer Overflow vulnerability in DXL due to improper validation of user input. A successful exploit could enable an attacker to crash Domino or execute attacker-controlled code on the server system.
CVE-2020-14163 1 Jerryscript 1 Jerryscript 2024-11-21 7.5 High
An issue was discovered in ecma/operations/ecma-container-object.c in JerryScript 2.2.0. Operations with key/value pairs did not consider the case where garbage collection is triggered after the key operation but before the value operation, as demonstrated by improper read access to memory in ecma_gc_set_object_visited in ecma/base/ecma-gc.c.
CVE-2020-14155 7 Apple, Gitlab, Netapp and 4 more 22 Macos, Gitlab, Active Iq Unified Manager and 19 more 2024-11-21 5.3 Medium
libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
CVE-2020-14153 1 Ijg 1 Libjpeg 2024-11-21 7.1 High
In IJG JPEG (aka libjpeg) from version 8 through 9c, jdhuff.c has an out-of-bounds array read for certain table pointers.
CVE-2020-14150 1 Gnu 1 Bison 2024-11-21 5.5 Medium
GNU Bison before 3.5.4 allows attackers to cause a denial of service (application crash). NOTE: there is a risk only if Bison is used with untrusted input, and an observed bug happens to cause unsafe behavior with a specific compiler/architecture. The bug reports were intended to show that a crash may occur in Bison itself, not that a crash may occur in code that is generated by Bison.
CVE-2020-14148 3 Barton, Debian, Fedoraproject 3 Ngircd, Debian Linux, Fedora 2024-11-21 7.5 High
The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.
CVE-2020-14147 4 Debian, Oracle, Redislabs and 1 more 4 Debian Linux, Communications Operations Monitor, Redis and 1 more 2024-11-21 7.7 High
An integer overflow in the getnum function in lua_struct.c in Redis before 6.0.3 allows context-dependent attackers with permission to run Lua code in a Redis session to cause a denial of service (memory corruption and application crash) or possibly bypass intended sandbox restrictions via a large number, which triggers a stack-based buffer overflow. NOTE: this issue exists because of a CVE-2015-8080 regression.
CVE-2020-14125 1 Mi 3 Miui, Redmi Note 11, Redmi Note 9t 2024-11-21 7.5 High
A denial of service vulnerability exists in some Xiaomi models of phones. The vulnerability is caused by out-of-bound read/write and can be exploited by attackers to make denial of service.
CVE-2020-14124 1 Mi 2 Ax3600, Ax3600 Firmware 2024-11-21 9.8 Critical
There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12.
CVE-2020-14096 1 Mi 2 Xiaomi Ai Speaker, Xiaomi Ai Speaker Firmware 2024-11-21 9.8 Critical
Memory overflow in Xiaomi AI speaker Rom version <1.59.6 can happen when the speaker verifying a malicious firmware during OTA process.
CVE-2020-14034 1 Meetecho 1 Janus 2024-11-21 9.8 Critical
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_get_codec_from_pt in utils.c has a Buffer Overflow via long value in an SDP Offer packet.
CVE-2020-14033 1 Meetecho 1 Janus 2024-11-21 9.8 Critical
An issue was discovered in janus-gateway (aka Janus WebRTC Server) through 0.10.0. janus_streaming_rtsp_parse_sdp in plugins/janus_streaming.c has a Buffer Overflow via a crafted RTSP server.
CVE-2020-14026 1 Ozeki 1 Ozeki Ng Sms Gateway 2024-11-21 8.8 High
CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the Export Of Contacts feature in Ozeki NG SMS Gateway through 4.17.6 via a value that is mishandled in a CSV export.
CVE-2020-14011 1 Lansweeper 1 Lansweeper 2024-11-21 9.8 Critical
Lansweeper 6.0.x through 7.2.x has a default installation in which the admin password is configured for the admin account, unless "Built-in admin" is manually unchecked. This allows command execution via the Add New Package and Scheduled Deployments features.
CVE-2020-13999 2 Fedoraproject, Libemf Project 2 Fedora, Libemf 2024-11-21 5.5 Medium
ScaleViewPortExtEx in libemf.cpp in libEMF (aka ECMA-234 Metafile Library) 1.0.12 allows an integer overflow and denial of service via a crafted EMF file.
CVE-2020-13988 1 Contiki-ng 1 Contiki-ng 2024-11-21 7.5 High
An issue was discovered in Contiki through 3.0. An Integer Overflow exists in the uIP TCP/IP Stack component when parsing TCP MSS options of IPv4 network packets in uip_process in net/ipv4/uip.c.
CVE-2020-13987 5 Contiki-os, Open-iscsi Project, Redhat and 2 more 12 Contiki, Open-iscsi, Enterprise Linux and 9 more 2024-11-21 7.5 High
An issue was discovered in Contiki through 3.0. An Out-of-Bounds Read vulnerability exists in the uIP TCP/IP Stack component when calculating the checksums for IP packets in upper_layer_chksum in net/ipv4/uip.c.
CVE-2020-13985 1 Contiki-os 1 Contiki 2024-11-21 7.5 High
An issue was discovered in Contiki through 3.0. A memory corruption vulnerability exists in the uIP TCP/IP stack component when handling RPL extension headers of IPv6 network packets in rpl_remove_header in net/rpl/rpl-ext-header.c.