Total
13378 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-11939 | 1 Ntop | 1 Ndpi | 2024-11-21 | 9.8 Critical |
| In nDPI through 3.2 Stable, the SSH protocol dissector has multiple KEXINIT integer overflows that result in a controlled remote heap overflow in concat_hash_string in ssh.c. Due to the granular nature of the overflow primitive and the ability to control both the contents and layout of the nDPI library's heap memory through remote input, this vulnerability may be abused to achieve full Remote Code Execution against any network inspection stack that is linked against nDPI and uses it to perform network traffic analysis. | ||||
| CVE-2020-11901 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 9.0 Critical |
| The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response. | ||||
| CVE-2020-11897 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 10.0 Critical |
| The Treck TCP/IP stack before 5.0.1.35 has an Out-of-Bounds Write via multiple malformed IPv6 packets. | ||||
| CVE-2020-11896 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 10.0 Critical |
| The Treck TCP/IP stack before 6.0.1.66 allows Remote Code Execution, related to IPv4 tunneling. | ||||
| CVE-2020-11873 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| An issue was discovered on LG mobile devices with Android OS 7.2, 8.0, 8.1, 9, and 10 software. A stack-based buffer overflow in the logging tool could allow an attacker to gain privileges. The LG ID is LVE-SMP-200005 (April 2020). | ||||
| CVE-2020-11869 | 1 Qemu | 1 Qemu | 2024-11-21 | 3.3 Low |
| An integer overflow was found in QEMU 4.0.1 through 4.2.0 in the way it implemented ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati-2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could abuse this flaw to crash the QEMU process, resulting in a denial of service. | ||||
| CVE-2020-11835 | 1 Oppo | 4 Find X2 Pro, Find X2 Pro Firmware, Reno3 Pro and 1 more | 2024-11-21 | 5.5 Medium |
| In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_da9313.c, failure to check the parameter buf in the function proc_work_mode_write in proc_work_mode_write causes a vulnerability. | ||||
| CVE-2020-11834 | 1 Oppo | 4 Find X2 Pro, Find X2 Pro Firmware, Reno3 Pro and 1 more | 2024-11-21 | 5.5 Medium |
| In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_vooc.c, the function proc_fastchg_fw_update_write in proc_fastchg_fw_update_write does not check the parameter len, resulting in a vulnerability. | ||||
| CVE-2020-11833 | 1 Oppo | 4 Find X2 Pro, Find X2 Pro Firmware, Reno3 Pro and 1 more | 2024-11-21 | 5.5 Medium |
| In /SM8250_Q_Master/android/vendor/oppo_charger/oppo/charger_ic/oppo_mp2650.c, the function mp2650_data_log_write in mp2650_data_log_write does not check the parameter len which causes a vulnerability. | ||||
| CVE-2020-11832 | 1 Oppo | 4 Find X2 Pro, Find X2 Pro Firmware, Reno3 Pro and 1 more | 2024-11-21 | 5.5 Medium |
| In functions charging_limit_current_write and charging_limit_time_write in /SM8250_Q_Master/android/vendor/oppo_charger/oppo/oppo_charger.c have not checked the parameters, which causes a vulnerability. | ||||
| CVE-2020-11764 | 7 Apple, Canonical, Debian and 4 more | 13 Icloud, Ipados, Iphone Os and 10 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds write in copyIntoFrameBuffer in ImfMisc.cpp. | ||||
| CVE-2020-11763 | 7 Apple, Canonical, Debian and 4 more | 13 Icloud, Ipados, Iphone Os and 10 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp. | ||||
| CVE-2020-11762 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Ipados, Iphone Os and 9 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case. | ||||
| CVE-2020-11759 | 5 Apple, Canonical, Debian and 2 more | 11 Icloud, Ipados, Iphone Os and 8 more | 2024-11-21 | 5.5 Medium |
| An issue was discovered in OpenEXR before 2.4.1. Because of integer overflows in CompositeDeepScanLine::Data::handleDeepFrameBuffer and readSampleCountForLineBlock, an attacker can write to an out-of-bounds pointer. | ||||
| CVE-2020-11633 | 1 Zscaler | 1 Client Connector | 2024-11-21 | 9.8 Critical |
| The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack based buffer overflow when connecting to misconfigured TLS servers. An adversary would potentially have been able to execute arbitrary code with system privileges. | ||||
| CVE-2020-11600 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with Q(10.0) software. There is arbitrary code execution in the Fingerprint Trustlet via a memory overwrite. The Samsung IDs are SVE-2019-16587, SVE-2019-16588, SVE-2019-16589 (April 2020). | ||||
| CVE-2020-11565 | 3 Canonical, Linux, Redhat | 4 Ubuntu Linux, Linux Kernel, Enterprise Linux and 1 more | 2024-11-21 | 6.0 Medium |
| An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security community disagrees that this is a vulnerability because the issue “is a bug in parsing mount options which can only be specified by a privileged user, so triggering the bug does not grant any powers not already held.” | ||||
| CVE-2020-11528 | 1 Bit2spr Project | 1 Bit2spr | 2024-11-21 | 7.5 High |
| bit2spr 1992-06-07 has a stack-based buffer overflow (129-byte write) in conv_bitmap in bit2spr.c via a long line in a bitmap file. | ||||
| CVE-2020-11524 | 4 Canonical, Freerdp, Opensuse and 1 more | 6 Ubuntu Linux, Freerdp, Leap and 3 more | 2024-11-21 | 6.6 Medium |
| libfreerdp/codec/interleaved.c in FreeRDP versions > 1.0 through 2.0.0-rc4 has an Out-of-bounds Write. | ||||
| CVE-2020-11503 | 1 Sophos | 2 Sfos, Xg Firewall | 2024-11-21 | 9.8 Critical |
| A heap-based buffer overflow in the awarrensmtp component of Sophos XG Firewall v17.5 MR11 and older potentially allows an attacker to run arbitrary code remotely. | ||||