Total
3192 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-2042 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1. | |||||
| CVE-2020-2040 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3. | |||||
| CVE-2020-2015 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| A buffer overflow vulnerability in the PAN-OS management server allows authenticated users to crash system processes or potentially execute arbitrary code with root privileges. This issue affects: PAN-OS 7.1 versions earlier than 7.1.26; PAN-OS 8.1 versions earlier than 8.1.13; PAN-OS 9.0 versions earlier than 9.0.7; PAN-OS 9.1 versions earlier than 9.1.1; All versions of PAN-OS 8.0. | |||||
| CVE-2020-29659 | 1 Flexense | 1 Dupscout | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A buffer overflow in the web server of Flexense DupScout Enterprise 10.0.18 allows a remote anonymous attacker to execute code as SYSTEM by overflowing the sid parameter via a GET /settings&sid= attack. | |||||
| CVE-2020-29596 | 1 Miniweb Http Server Project | 1 Miniweb Http Server | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| MiniWeb HTTP server 0.8.19 allows remote attackers to cause a denial of service (daemon crash) via a long name for the first parameter in a POST request. | |||||
| CVE-2020-29203 | 1 Struct2json Project | 1 Struct2json | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| struct2json before 2020-11-18 is affected by a Buffer Overflow because strcpy is used for S2J_STRUCT_GET_string_ELEMENT. | |||||
| CVE-2020-28969 | 1 Aplixio | 1 Pdf Shapingup | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow which allows attackers to cause a denial of service (DoS) via a crafted PDF file. | |||||
| CVE-2020-28967 | 1 Flashget | 1 Flashget | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| FlashGet v1.9.6 was discovered to contain a buffer overflow in the 'current path directory' function. This vulnerability allows attackers to elevate local process privileges via overwriting the registers. | |||||
| CVE-2020-28963 | 2 Krylack, Microsoft | 2 Zip Password Recovery, Windows | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Passcovery Co. Ltd ZIP Password Recovery v3.70.69.0 was discovered to contain a buffer overflow via the decompress function. | |||||
| CVE-2020-28926 | 2 Debian, Readymedia Project | 2 Debian Linux, Readymedia | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove. | |||||
| CVE-2020-28877 | 1 Tp-link | 30 Wdr7400, Wdr7400 Firmware, Wdr7500 and 27 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in in the copy_msg_element function for the devDiscoverHandle server in the TP-Link WR and WDR series, including WDR7400, WDR7500, WDR7660, WDR7800, WDR8400, WDR8500, WDR8600, WDR8620, WDR8640, WDR8660, WR880N, WR886N, WR890N, WR890N, WR882N, and WR708N. | |||||
| CVE-2020-28864 | 1 Winscp | 1 Winscp | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in WinSCP 5.17.8 allows a malicious FTP server to cause a denial of service or possibly have other unspecified impact via a long file name. | |||||
| CVE-2020-28840 | 1 Matthiaswandel | 1 Jhead | 2024-11-21 | N/A | 7.8 HIGH |
| Buffer Overflow vulnerability in jpgfile.c in Matthias-Wandel jhead version 3.04, allows local attackers to execute arbitrary code and cause a denial of service (DoS). | |||||
| CVE-2020-28759 | 1 Tengine Project | 1 Tengine | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| The serializer module in OAID Tengine lite-v1.0 has a Buffer Overflow and crash. NOTE: another person has stated "I don't think there is an proof of overflow so far. | |||||
| CVE-2020-28341 | 2 Google, Samsung | 2 Android, Exynos 990 | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with Q(10.0) (Exynos990 chipsets) software. The S3K250AF Secure Element CC EAL 5+ chip allows attackers to execute arbitrary code and obtain sensitive information via a buffer overflow. The Samsung ID is SVE-2020-18632 (November 2020). | |||||
| CVE-2020-28005 | 1 Tp-link | 2 Tl-wpa4220, Tl-wpa4220 Firmware | 2024-11-21 | 3.5 LOW | 6.5 MEDIUM |
| httpd on TP-Link TL-WPA4220 devices (hardware versions 2 through 4) allows remote authenticated users to trigger a buffer overflow (causing a denial of service) by sending a POST request to the /admin/syslog endpoint. Fixed version: TL-WPA4220(EU)_V4_201023 | |||||
| CVE-2020-27823 | 3 Debian, Fedoraproject, Uclouvain | 3 Debian Linux, Fedora, Openjpeg | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| A flaw was found in OpenJPEG’s encoder. This flaw allows an attacker to pass specially crafted x,y offset input to OpenJPEG to use during encoding. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
| CVE-2020-27745 | 2 Debian, Schedmd | 2 Debian Linux, Slurm | 2024-11-21 | 6.8 MEDIUM | 9.8 CRITICAL |
| Slurm before 19.05.8 and 20.x before 20.02.6 has an RPC Buffer Overflow in the PMIx MPI plugin. | |||||
| CVE-2020-27690 | 1 Imomobile | 2 Verve Connect Vh510, Verve Connect Vh510 Firmware | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| The Relish (Verve Connect) VH510 device with firmware before 1.0.1.6L0516 contains a buffer overflow within its web management portal. When a POST request is sent to /boaform/admin/formDOMAINBLK with a large blkDomain value, the Boa server crashes. | |||||
| CVE-2020-27678 | 3 Illumos, Joyent, Omniosce | 3 Illumos, Smartos, Omnios | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in illumos before 2020-10-22, as used in OmniOS before r151030by, r151032ay, and r151034y and SmartOS before 20201022. There is a buffer overflow in parse_user_name in lib/libpam/pam_framework.c. | |||||