Total
12209 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-36177 | 1 Wolfssl | 1 Wolfssl | 2024-11-21 | 9.8 Critical |
| RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size. | ||||
| CVE-2020-36151 | 2 Fedoraproject, Symonics | 2 Fedora, Libmysofa | 2024-11-21 | 6.5 Medium |
| Incorrect handling of input data in mysofa_resampler_reset_mem function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and overwriting large memory block. | ||||
| CVE-2020-36131 | 1 Aomedia | 1 Aomedia | 2024-11-21 | 8.8 High |
| AOM v2.0.1 was discovered to contain a stack buffer overflow via the component stats/rate_hist.c. | ||||
| CVE-2020-36129 | 1 Aomedia | 1 Aomedia | 2024-11-21 | 8.8 High |
| AOM v2.0.1 was discovered to contain a stack buffer overflow via the component src/aom_image.c. | ||||
| CVE-2020-35979 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.8 High |
| An issue was discovered in GPAC version 0.8.0 and 1.0.1. There is heap-based buffer overflow in the function gp_rtp_builder_do_avc() in ietf/rtp_pck_mpeg4.c. | ||||
| CVE-2020-35965 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2024-11-21 | 7.5 High |
| decode_frame in libavcodec/exr.c in FFmpeg 4.3.1 has an out-of-bounds write because of errors in calculations of when to perform memset zero operations. | ||||
| CVE-2020-35964 | 2 Ffmpeg, Linux | 2 Ffmpeg, Linux Kernel | 2024-11-21 | 6.5 Medium |
| track_header in libavformat/vividas.c in FFmpeg 4.3.1 has an out-of-bounds write because of incorrect extradata packing. | ||||
| CVE-2020-35963 | 2 Linux, Treasuredata | 2 Linux Kernel, Fluent Bit | 2024-11-21 | 7.8 High |
| flb_gzip_compress in flb_gzip.c in Fluent Bit before 1.6.4 has an out-of-bounds write because it does not use the correct calculation of the maximum gzip data-size expansion. | ||||
| CVE-2020-35924 | 1 Try-mutex Project | 1 Try-mutex | 2024-11-21 | 5.5 Medium |
| An issue was discovered in the try-mutex crate before 0.3.0 for Rust. TryMutex<T> allows cross-thread sending of a non-Send type. | ||||
| CVE-2020-35895 | 1 Stack Project | 1 Stack | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the stack crate before 0.3.1 for Rust. ArrayVec has an out-of-bounds write via element insertion. | ||||
| CVE-2020-35881 | 1 Traitobject Project | 1 Traitobject | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the traitobject crate through 2020-06-01 for Rust. It has false expectations about fat pointers, possibly causing memory corruption in, for example, Rust 2.x. | ||||
| CVE-2020-35859 | 1 Lucet-runtime-internals Project | 1 Lucet-runtime-internals | 2024-11-21 | 9.1 Critical |
| An issue was discovered in the lucet-runtime-internals crate before 0.5.1 for Rust. It mishandles sigstack allocation. Guest programs may be able to obtain sensitive information, or guest programs can experience memory corruption. | ||||
| CVE-2020-35858 | 1 Prost Project | 1 Prost | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the prost crate before 0.6.1 for Rust. There is stack consumption via a crafted message, causing a denial of service (e.g., x86) or possibly remote code execution (e.g., ARM). | ||||
| CVE-2020-35845 | 1 Faststone | 1 Image Viewer | 2024-11-21 | 7.8 High |
| FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x96cf. | ||||
| CVE-2020-35844 | 1 Faststone | 1 Image Viewer | 2024-11-21 | 7.8 High |
| FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0xbe9c4. | ||||
| CVE-2020-35843 | 1 Faststone | 1 Image Viewer | 2024-11-21 | 5.5 Medium |
| FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x956e. | ||||
| CVE-2020-35799 | 1 Netgear | 92 D3600, D3600 Firmware, D6000 and 89 more | 2024-11-21 | 8.8 High |
| Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.78, D6200 before 1.1.00.32, D7000 before 1.0.1.68, D7800 before 1.0.1.56, DM200 before 1.0.0.61, EX2700 before 1.0.1.52, EX6100v2 before 1.0.1.76, EX6150v2 before 1.0.1.76, EX6200v2 before 1.0.1.74, EX6400 before 1.0.2.140, EX7300 before 1.0.2.140, EX8000 before 1.0.1.186, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.38, R6050 before 1.0.1.18, R6080 before 1.0.0.38, R6120 before 1.0.0.46, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6260 before 1.1.0.40, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7500v2 before 1.0.3.40, R7800 before 1.0.2.62, R8900 before 1.0.4.12, R9000 before 1.0.4.12, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, WN2000RPTv3 before 1.0.1.34, WN3000RPv2 before 1.0.0.78, WN3000RPv2 before 1.0.0.78, WN3000RPv3 before 1.0.2.78, WN3100RPv2 before 1.0.0.66, WNR2000v5 before 1.0.0.70, WNR2020 before 1.1.0.62, XR450 before 2.3.2.32, and XR500 before 2.3.2.32. | ||||
| CVE-2020-35738 | 3 Debian, Fedoraproject, Wavpack | 3 Debian Linux, Fedora, Wavpack | 2024-11-21 | 6.1 Medium |
| WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases through 5.3.2, which are also affected. | ||||
| CVE-2020-35702 | 1 Freedesktop | 1 Poppler | 2024-11-21 | 7.8 High |
| DCTStream::getChars in DCTStream.cc in Poppler 20.12.1 has a heap-based buffer overflow via a crafted PDF document. NOTE: later reports indicate that this only affects builds from Poppler git clones in late December 2020, not the 20.12.1 release. In this situation, it should NOT be considered a Poppler vulnerability. However, several third-party Open Source projects directly rely on Poppler git clones made at arbitrary times, and therefore the CVE remains useful to users of those projects | ||||
| CVE-2020-35654 | 3 Fedoraproject, Python, Redhat | 3 Fedora, Pillow, Quay | 2024-11-21 | 8.8 High |
| In Pillow before 8.1.0, TiffDecode has a heap-based buffer overflow when decoding crafted YCbCr files because of certain interpretation conflicts with LibTIFF in RGBA mode. | ||||