Total
12209 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-26800 | 1 Ethereum | 1 Aleth | 2024-11-21 | 5.5 Medium |
| A stack overflow vulnerability in Aleth Ethereum C++ client version <= 1.8.0 using a specially crafted a config.json file may result in a denial of service. | ||||
| CVE-2020-26797 | 2 Fedoraproject, Mediaarea | 2 Fedora, Mediainfo | 2024-11-21 | 7.5 High |
| Mediainfo before version 20.08 has a heap buffer overflow vulnerability via MediaInfoLib::File_Gxf::ChooseParser_ChannelGrouping. | ||||
| CVE-2020-26762 | 1 Edimax | 4 Ic-3116w, Ic-3116w Firmware, Ic-3140w and 1 more | 2024-11-21 | 9.8 Critical |
| A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and IC-3140W (v3.07), which allows an unauthenticated, unauthorized attacker to perform remote-code-execution due to a crafted GET-Request. The overflow occurs in binary ipcam_cgi due to a missing type check in function doGetSysteminfo(). This has been fixed in version: IC-3116W v3.08. | ||||
| CVE-2020-26664 | 2 Debian, Videolan | 2 Debian Linux, Vlc Media Player | 2024-11-21 | 7.8 High |
| A vulnerability in EbmlTypeDispatcher::send in VideoLAN VLC media player 3.0.11 allows attackers to trigger a heap-based buffer overflow via a crafted .mkv file. | ||||
| CVE-2020-26572 | 4 Debian, Fedoraproject, Opensc Project and 1 more | 4 Debian Linux, Fedora, Opensc and 1 more | 2024-11-21 | 5.5 Medium |
| The TCOS smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in tcos_decipher. | ||||
| CVE-2020-26571 | 4 Debian, Fedoraproject, Opensc Project and 1 more | 4 Debian Linux, Fedora, Opensc and 1 more | 2024-11-21 | 5.5 Medium |
| The gemsafe GPK smart card software driver in OpenSC before 0.21.0-rc1 has a stack-based buffer overflow in sc_pkcs15emu_gemsafeGPK_init. | ||||
| CVE-2020-26570 | 4 Debian, Fedoraproject, Opensc Project and 1 more | 4 Debian Linux, Fedora, Opensc and 1 more | 2024-11-21 | 5.5 Medium |
| The Oberthur smart card software driver in OpenSC before 0.21.0-rc1 has a heap-based buffer overflow in sc_oberthur_read_file. | ||||
| CVE-2020-26561 | 1 Belkin | 2 Linksys Wrt 160nl, Linksys Wrt 160nl Firmware | 2024-11-21 | 8.8 High |
| Belkin LINKSYS WRT160NL 1.0.04.002_US_20130619 devices have a stack-based buffer overflow vulnerability because of sprintf in create_dir in mini_httpd. Successful exploitation leads to arbitrary code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | ||||
| CVE-2020-26537 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Foxit Reader and PhantomPDF before 10.1. In a certain Shading calculation, the number of outputs is unequal to the number of color components in a color space. This causes an out-of-bounds write. | ||||
| CVE-2020-26535 | 1 Foxitsoftware | 2 Foxit Reader, Phantompdf | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Foxit Reader and PhantomPDF before 10.1. If TslAlloc attempts to allocate thread local storage but obtains an unacceptable index value, V8 throws an exception that leads to a write access violation (and read access violation). | ||||
| CVE-2020-26519 | 3 Artifex, Debian, Fedoraproject | 3 Mupdf, Debian Linux, Fedora | 2024-11-21 | 5.5 Medium |
| Artifex MuPDF before 1.18.0 has a heap based buffer over-write when parsing JBIG2 files allowing attackers to cause a denial of service. | ||||
| CVE-2020-26312 | 2024-11-21 | 8.1 High | ||
| Dotmesh is a git-like command-line interface for capturing, organizing and sharing application states. In versions 0.8.1 and prior, the unsafe handling of symbolic links in an unpacking routine may enable attackers to read and/or write to arbitrary locations outside the designated target folder. The routine `untarFile` attempts to guard against creating symbolic links that point outside the directory a tar archive is extracted to. However, a malicious tarball first linking `subdir/parent` to `..` (allowed, because `subdir/..` falls within the archive root) and then linking `subdir/parent/escapes` to `..` results in a symbolic link pointing to the tarball’s parent directory, contrary to the routine’s goals. This issue may lead to arbitrary file write (with same permissions as the program running the unpack operation) if the attacker can control the archive file. Additionally, if the attacker has read access to the unpacked files, they may be able to read arbitrary system files the parent process has permissions to read. As of time of publication, no patch for this issue is available. | ||||
| CVE-2020-26208 | 1 Jhead Project | 1 Jhead | 2024-11-21 | 5.3 Medium |
| JHEAD is a simple command line tool for displaying and some manipulation of EXIF header data embedded in Jpeg images from digital cameras. In affected versions there is a heap-buffer-overflow on jhead-3.04/jpgfile.c:285 ReadJpegSections. Crafted jpeg images can be provided to the user resulting in a program crash or potentially incorrect exif information retrieval. Users are advised to upgrade. There is no known workaround for this issue. | ||||
| CVE-2020-25928 | 1 Hcc-embedded | 1 Nichestack Tcp\/ip | 2024-11-21 | 9.8 Critical |
| The DNS feature in InterNiche NicheStack TCP/IP 4.0.1 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: DNS response processing functions: dns_upcall(), getoffset(), dnc_set_answer(). The attack vector is: a specific DNS response packet. The code does not check the "response data length" field of individual DNS answers, which may cause out-of-bounds read/write operations, leading to Information leak, Denial-or-Service, or Remote Code Execution, depending on the context. | ||||
| CVE-2020-25857 | 1 Realtek | 2 Rtl8195a, Rtl8195a Firmware | 2024-11-21 | 7.5 High |
| The function ClientEAPOLKeyRecvd() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker does not need to know the network's PSK. | ||||
| CVE-2020-25856 | 1 Realtek | 2 Rtl8195a, Rtl8195a Firmware | 2024-11-21 | 8.1 High |
| The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an rtl_memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker needs to know the network's PSK in order to exploit this. | ||||
| CVE-2020-25855 | 1 Realtek | 2 Rtl8195a, Rtl8195a Firmware | 2024-11-21 | 8.1 High |
| The function AES_UnWRAP() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for a memcpy() operation, resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker needs to know the network's PSK in order to exploit this. | ||||
| CVE-2020-25854 | 1 Realtek | 2 Rtl8195a, Rtl8195a Firmware | 2024-11-21 | 8.1 High |
| The function DecWPA2KeyData() in the Realtek RTL8195A Wi-Fi Module prior to versions released in April 2020 (up to and excluding 2.08) does not validate the size parameter for an internal function, rt_arc4_crypt_veneer() or _AES_UnWRAP_veneer(), resulting in a stack buffer overflow which can be exploited for remote code execution or denial of service. An attacker can impersonate an Access Point and attack a vulnerable Wi-Fi client, by injecting a crafted packet into the WPA2 handshake. The attacker needs to know the network's PSK in order to exploit this. | ||||
| CVE-2020-25844 | 1 Panorama | 1 Nhiservisignadapter | 2024-11-21 | 8.1 High |
| The digest generation function of NHIServiSignAdapter has not been verified for parameter’s length, which leads to a stack overflow loophole. Remote attackers can use the leak to execute code without privilege. | ||||
| CVE-2020-25843 | 1 Panorama | 1 Nhiservisignadapter | 2024-11-21 | 8.1 High |
| NHIServiSignAdapter fails to verify the length of digital credential files’ path which leads to a heap overflow loophole. Remote attackers can use the leak to execute code without privilege. | ||||