Total
2963 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-25185 | 1 Paradox | 2 Ip150, Ip150 Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The affected product is vulnerable to five post-authentication buffer overflows, which may allow a logged in user to remotely execute arbitrary code on the IP150 (firmware versions 5.02.09). | |||||
| CVE-2020-25125 | 2 Gnupg, Gpg4win | 2 Gnupg, Gpg4win | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| GnuPG 2.2.21 and 2.2.22 (and Gpg4win 3.1.12) has an array overflow, leading to a crash or possibly unspecified other impact, when a victim imports an attacker's OpenPGP key, and this key has AEAD preferences. The overflow is caused by a g10/key-check.c error. NOTE: GnuPG 2.3.x is unaffected. GnuPG 2.2.23 is a fixed version. | |||||
| CVE-2020-24995 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Buffer overflow vulnerability in sniff_channel_order function in aacdec_template.c in ffmpeg 3.1.2, allows attackers to execute arbitrary code (local). | |||||
| CVE-2020-24918 | 1 Ambarella | 1 Oryx Rtsp Server | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated attacker to send a crafted RTSP request, with a long digest authentication header, to execute arbitrary code in parse_authentication_header() in libamprotocol-rtsp.so.1 in rtsp_svc (or cause a crash). This allows remote takeover of a Furbo Dog Camera, for example. NOTE: The vendor states that the RTSP library is used for DEMO only, using it in product is a customer's behavior. Ambarella has emphasized that RTSP is DEMO only library, should NOT be used in product in our document. Because Ambarella's SDK is proprietary, we didn't publish our SDK source code in public network. | |||||
| CVE-2020-24889 | 1 Libraw | 1 Libraw | 2024-11-21 | 5.1 MEDIUM | 7.8 HIGH |
| A buffer overflow vulnerability in LibRaw version < 20.0 LibRaw::GetNormalizedModel in src/metadata/normalize_model.cpp may lead to context-dependent arbitrary code execution. | |||||
| CVE-2020-24824 | 1 Libelfin Project | 1 Libelfin | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A global buffer overflow issue in the dwarf::line_table::line_table function of Libelfin v0.3 allows attackers to cause a denial of service (DOS). | |||||
| CVE-2020-24633 | 1 Arubanetworks | 15 7005, 7008, 7010 and 12 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| There are multiple buffer overflow vulnerabilities that could lead to unauthenticated remote code execution by sending especially crafted packets destined to the PAPI (Aruba Networks AP management protocol) UDP port (8211) of access-points or controllers in Aruba 9000 Gateway; Aruba 7000 Series Mobility Controllers; Aruba 7200 Series Mobility Controllers version(s): 2.1.0.1, 2.2.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below; 6.4.4.23, 6.5.4.17, 8.2.2.9, 8.3.0.13, 8.5.0.10, 8.6.0.5, 8.7.0.0 and below. | |||||
| CVE-2020-24501 | 1 Intel | 10 Ethernet Network Adapter E810-cqda1, Ethernet Network Adapter E810-cqda1 For Ocp, Ethernet Network Adapter E810-cqda1 For Ocp 3.0 and 7 more | 2024-11-21 | 3.3 LOW | 6.5 MEDIUM |
| Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow an unauthenticated user to potentially enable denial of service via adjacent access. | |||||
| CVE-2020-24500 | 1 Intel | 10 Ethernet Network Adapter E810-cqda1, Ethernet Network Adapter E810-cqda1 For Ocp, Ethernet Network Adapter E810-cqda1 For Ocp 3.0 and 7 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable a denial of service via local access. | |||||
| CVE-2020-24498 | 1 Intel | 10 Ethernet Network Adapter E810-cqda1, Ethernet Network Adapter E810-cqda1 For Ocp, Ethernet Network Adapter E810-cqda1 For Ocp 3.0 and 7 more | 2024-11-21 | 2.1 LOW | 4.4 MEDIUM |
| Buffer overflow in the firmware for Intel(R) E810 Ethernet Controllers before version 1.4.1.13 may allow a privileged user to potentially enable denial of service via local access. | |||||
| CVE-2020-24474 | 1 Intel | 46 Baseboard Management Controller Firmware, Compute Module Hns2600bpb24r, Compute Module Hns2600bpbr and 43 more | 2024-11-21 | 5.2 MEDIUM | 8.0 HIGH |
| Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.48.ce3e3bd2 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. | |||||
| CVE-2020-24336 | 2 Contiki-ng, Contiki-os | 2 Contiki-ng, Contiki | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Contiki through 3.0 and Contiki-NG through 4.5. The code for parsing Type A domain name answers in ip64-dns64.c doesn't verify whether the address in the answer's length is sane. Therefore, when copying an address of an arbitrary length, a buffer overflow can occur. This bug can be exploited whenever NAT64 is enabled. | |||||
| CVE-2020-24295 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | N/A | 8.8 HIGH |
| Buffer Overflow vulnerability in PSDParser.cpp::ReadImageLine() in FreeImage 3.19.0 [r1859] allows remote attackers to ru narbitrary code via use of crafted psd file. | |||||
| CVE-2020-24294 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | N/A | 6.5 MEDIUM |
| Buffer Overflow vulnerability in psdParser::UnpackRLE function in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to cuase a denial of service via opening of crafted psd file. | |||||
| CVE-2020-24293 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | N/A | 8.8 HIGH |
| Buffer Overflow vulnerability in psdThumbnail::Read in PSDParser.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted psd file. | |||||
| CVE-2020-24292 | 1 Freeimage Project | 1 Freeimage | 2024-11-21 | N/A | 8.8 HIGH |
| Buffer Overflow vulnerability in load function in PluginICO.cpp in FreeImage 3.19.0 [r1859] allows remote attackers to run arbitrary code via opening of crafted ico file. | |||||
| CVE-2020-24222 | 1 Rockcarry | 1 Ffjpeg | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in jfif_decode() function in rockcarry ffjpeg through version 1.0.0, allows local attackers to execute arbitrary code due to an issue with ALIGN. | |||||
| CVE-2020-24020 | 1 Ffmpeg | 1 Ffmpeg | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Buffer Overflow vulnerability in FFMpeg 4.2.3 in dnn_execute_layer_pad in libavfilter/dnn/dnn_backend_native_layer_pad.c due to a call to memcpy without length checks, which could let a remote malicious user execute arbitrary code. | |||||
| CVE-2020-23902 | 1 Wildbit-soft | 1 Wildbit Viewer | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address may be used as a return value starting at Editor!TMethodImplementationIntercept+0x528a3. | |||||
| CVE-2020-23900 | 1 Wildbit-soft | 1 Wildbit Viewer | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| A buffer overflow in WildBit Viewer v6.6 allows attackers to cause a denial of service (DoS) via a crafted tga file. Related to Data from Faulting Address controls Code Flow starting at Editor!TMethodImplementationIntercept+0x57a3b. | |||||