Total
12209 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-6113 | 1 Gonitro | 1 Nitro Pro | 2024-11-21 | 7.8 High |
| An exploitable vulnerability exists in the object stream parsing functionality of Nitro Software, Inc.’s Nitro Pro 13.13.2.242 when updating its cross-reference table. When processing an object stream from a PDF document, the application will perform a calculation in order to allocate memory for the list of indirect objects. Due to an error when calculating this size, an integer overflow may occur which can result in an undersized buffer being allocated. Later when initializing this buffer, the application can write outside its bounds which can cause a memory corruption that can lead to code execution. A specially crafted document can be delivered to a victim in order to trigger this vulnerability. | ||||
| CVE-2020-6108 | 1 F2fs-tools Project | 1 F2fs-tools | 2024-11-21 | 7.8 High |
| An exploitable code execution vulnerability exists in the fsck_chk_orphan_node functionality of F2fs-Tools F2fs.Fsck 1.13. A specially crafted f2fs filesystem can cause a heap buffer overflow resulting in a code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2020-6103 | 1 Amd | 1 Radeon Directx 11 Driver Atidxx64.dll | 2024-11-21 | 9.9 Critical |
| An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be triggered from a HYPER-V guest using the RemoteFX feature, leading to executing the vulnerable code on the HYPER-V host (inside of the rdvgm.exe process). Theoretically this vulnerability could be also triggered from web browser (using webGL and webassembly). | ||||
| CVE-2020-6102 | 1 Amd | 1 Radeon Directx 11 Driver Atidxx64.dll | 2024-11-21 | 9.9 Critical |
| An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be triggered from a HYPER-V guest using the RemoteFX feature, leading to executing the vulnerable code on the HYPER-V host (inside of the rdvgm.exe process). Theoretically this vulnerability could be also triggered from web browser (using webGL and webassembly). | ||||
| CVE-2020-6101 | 1 Amd | 1 Radeon Directx 11 Driver Atidxx64.dll | 2024-11-21 | 9.9 Critical |
| An exploitable code execution vulnerability exists in the Shader functionality of AMD Radeon DirectX 11 Driver atidxx64.dll 26.20.15019.19000. An attacker can provide a specially crafted shader file to trigger this vulnerability, resulting in code execution. This vulnerability can be triggered from a HYPER-V guest using the RemoteFX feature, leading to executing the vulnerable code on the HYPER-V host (inside of the rdvgm.exe process). Theoretically this vulnerability could be also triggered from web browser (using webGL and webassembly). | ||||
| CVE-2020-6100 | 1 Amd | 1 Radeon Directx 11 Driver Atidxx64.dll | 2024-11-21 | 9.9 Critical |
| An exploitable memory corruption vulnerability exists in AMD atidxx64.dll 26.20.15019.19000 graphics driver. A specially crafted pixel shader can cause memory corruption vulnerability. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability potentially could be triggered from guest machines running virtualization environments (ie. VMware, qemu, VirtualBox etc.) in order to perform guest-to-host escape - as it was demonstrated before (TALOS-2018-0533, TALOS-2018-0568, etc.). Theoretically this vulnerability could be also triggered from web browser (using webGL and webassembly). This vulnerability was triggered from HYPER-V guest using RemoteFX feature leading to executing the vulnerable code on the HYPER-V host (inside of the rdvgm.exe process). | ||||
| CVE-2020-6098 | 1 Freediameter | 1 Freediameter | 2024-11-21 | 7.5 High |
| An exploitable denial of service vulnerability exists in the freeDiameter functionality of freeDiameter 1.3.2. A specially crafted Diameter request can trigger a memory corruption resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability. | ||||
| CVE-2020-6094 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.8 High |
| An exploitable code execution vulnerability exists in the TIFF fillinraster function of the igcore19d.dll library of Accusoft ImageGear 19.4, 19.5 and 19.6. A specially crafted TIFF file can cause an out-of-bounds write, resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2020-6089 | 1 Leadtools | 1 Leadtools | 2024-11-21 | 7.8 High |
| An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20. A specially crafted ANI file can cause a buffer overflow resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability. | ||||
| CVE-2020-6082 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.8 High |
| An exploitable out-of-bounds write vulnerability exists in the ico_read function of the igcore19d.dll library of Accusoft ImageGear 19.6.0. A specially crafted ICO file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | ||||
| CVE-2020-6076 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.8 High |
| An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll ICO icoread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted ICO file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | ||||
| CVE-2020-6075 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.8 High |
| An exploitable out-of-bounds write vulnerability exists in the store_data_buffer function of the igcore19d.dll library of Accusoft ImageGear 19.5.0. A specially crafted PNG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | ||||
| CVE-2020-6069 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.8 High |
| An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG jpegread precision parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | ||||
| CVE-2020-6068 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.8 High |
| An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll PNG pngread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted PNG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | ||||
| CVE-2020-6067 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.8 High |
| An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll TIFF tifread parser of the Accusoft ImageGear 19.5.0 library. A specially crafted TIFF file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | ||||
| CVE-2020-6066 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.8 High |
| An exploitable out-of-bounds write vulnerability exists in the igcore19d.dll JPEG SOFx parser of the Accusoft ImageGear 19.5.0 library. A specially crafted JPEG file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | ||||
| CVE-2020-6065 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.8 High |
| An exploitable out-of-bounds write vulnerability exists in the bmp_parsing function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted BMP file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | ||||
| CVE-2020-6064 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.8 High |
| An exploitable out-of-bounds write vulnerability exists in the uncompress_scan_line function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted PCX file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | ||||
| CVE-2020-6063 | 1 Accusoft | 1 Imagegear | 2024-11-21 | 8.8 High |
| An exploitable out-of-bounds write vulnerability exists in the uncompress_scan_line function of the igcore19d.dll library of Accusoft ImageGear, version 19.5.0. A specially crafted PCX file can cause an out-of-bounds write, resulting in a remote code execution. An attacker needs to provide a malformed file to the victim to trigger the vulnerability. | ||||
| CVE-2020-6060 | 1 Minisnmpd Project | 1 Minisnmpd | 2024-11-21 | 7.5 High |
| A stack buffer overflow vulnerability exists in the way MiniSNMPD version 1.4 handles multiple connections. A specially timed sequence of SNMP connections can trigger a stack overflow, resulting in a denial of service. To trigger this vulnerability, an attacker needs to simply initiate multiple connections to the server. | ||||