Vulnerabilities (CVE)

Filtered by CWE-125
Total 8853 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-27824 4 Debian, Fedoraproject, Redhat and 1 more 4 Debian Linux, Fedora, Enterprise Linux and 1 more 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
A flaw was found in OpenJPEG’s encoder in the opj_dwt_calc_explicit_stepsizes() function. This flaw allows an attacker who can supply crafted input to decomposition levels to cause a buffer overflow. The highest threat from this vulnerability is to system availability.
CVE-2020-27818 3 Debian, Fedoraproject, Libpng 4 Debian Linux, Extra Packages For Enterprise Linux, Fedora and 1 more 2026-06-17 4.3 MEDIUM 3.3 LOW
A flaw was found in the check_chunk_name() function of pngcheck-2.4.0. An attacker able to pass a malicious file to be processed by pngcheck could cause a temporary denial of service, posing a low risk to application availability.
CVE-2020-27801 1 Upx 1 Upx 2026-06-17 N/A 7.8 HIGH
A heap-based buffer over-read was discovered in the get_le64 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
CVE-2020-27800 1 Upx 1 Upx 2026-06-17 N/A 7.8 HIGH
A heap-based buffer over-read was discovered in the get_le32 function in bele.h in UPX 4.0.0 via a crafted Mach-O file.
CVE-2020-27799 1 Upx 1 Upx 2026-06-17 N/A 7.8 HIGH
A heap-based buffer over-read was discovered in the acc_ua_get_be32 function in miniacc.h in UPX 4.0.0 via a crafted Mach-O file.
CVE-2020-27796 1 Upx 1 Upx 2026-06-17 N/A 7.8 HIGH
A heap-based buffer over-read was discovered in the invert_pt_dynamic function in p_lx_elf.cpp in UPX 4.0.0 via a crafted Mach-O file.
CVE-2020-27788 1 Upx 1 Upx 2026-06-17 N/A 5.5 MEDIUM
An out-of-bounds read access vulnerability was discovered in UPX in PackLinuxElf64::canPack() function of p_lx_elf.cpp file. An attacker with a crafted input file could trigger this issue that could cause a crash leading to a denial of service.
CVE-2020-27737 1 Siemens 6 Nucleus Net, Nucleus Readystart V3, Nucleus Readystart V4 and 3 more 2026-06-17 5.8 MEDIUM 6.5 MEDIUM
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS response parsing functionality does not properly validate various length and counts of the records. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the memory past the allocated structure.
CVE-2020-27736 1 Siemens 6 Nucleus Net, Nucleus Readystart V3, Nucleus Readystart V4 and 3 more 2026-06-17 5.8 MEDIUM 6.5 MEDIUM
A vulnerability has been identified in APOGEE PXC Compact (BACnet) (All versions < V3.5.5), APOGEE PXC Compact (P2 Ethernet) (All versions < V2.8.20), APOGEE PXC Modular (BACnet) (All versions < V3.5.5), APOGEE PXC Modular (P2 Ethernet) (All versions < V2.8.20), Nucleus NET (All versions), Nucleus ReadyStart V3 (All versions < V2017.02.3), Nucleus ReadyStart V4 (All versions < V4.1.0), Nucleus Source Code (Versions including affected DNS modules), SIMOTICS CONNECT 400 (All versions < V0.5.0.0), TALON TC Compact (BACnet) (All versions < V3.5.5), TALON TC Modular (BACnet) (All versions < V3.5.5). The DNS domain name label parsing functionality does not properly validate the null-terminated name in DNS-responses. The parsing of malformed responses could result in a read past the end of an allocated structure. An attacker with a privileged position in the network could leverage this vulnerability to cause a denial-of-service condition or leak the read memory.
CVE-2020-27338 1 Treck 1 Ipv6 2026-06-17 4.8 MEDIUM 5.9 MEDIUM
An issue was discovered in Treck IPv6 before 6.0.1.68. Improper Input Validation in the DHCPv6 client component allows an unauthenticated remote attacker to cause an Out of Bounds Read, and possibly a Denial of Service via adjacent network access.
CVE-2020-27336 1 Treck 1 Ipv6 2026-06-17 5.0 MEDIUM 3.7 LOW
An issue was discovered in Treck IPv6 before 6.0.1.68. Improper input validation in the IPv6 component when handling a packet sent by an unauthenticated remote attacker could result in an out-of-bounds read of up to three bytes via network access.
CVE-2020-27299 1 Honeywell 1 Opc Ua Tunneller 2026-06-17 6.4 MEDIUM 9.1 CRITICAL
The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to obtain and disclose sensitive data information or cause the device to crash on the OPC UA Tunneller (versions prior to 6.3.0.8233).
CVE-2020-27291 1 Deltaww 1 Cncsoft-b 2026-06-17 6.8 MEDIUM 7.8 HIGH
Delta Electronics CNCSoft-B Versions 1.0.0.2 and prior is vulnerable to an out-of-bounds read while processing project files, which may allow an attacker to execute arbitrary code.
CVE-2020-27047 1 Google 1 Android 2026-06-17 4.3 MEDIUM 5.5 MEDIUM
In ce_t4t_update_binary of ce_t4t.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157649298
CVE-2020-27046 1 Google 1 Android 2026-06-17 2.1 LOW 4.4 MEDIUM
In nfc_ncif_proc_ee_action of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-157649306
CVE-2020-27043 1 Google 1 Android 2026-06-17 2.1 LOW 4.4 MEDIUM
In nfc_enabled of nfc_main.cc, there is a possible out of bounds read due to an incorrect increment. This could lead to local information disclosure via firmware with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-155234594
CVE-2020-27040 1 Google 1 Android 2026-06-17 2.1 LOW 4.4 MEDIUM
In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153731880
CVE-2020-27037 1 Google 1 Android 2026-06-17 2.1 LOW 4.4 MEDIUM
In phNxpNciHal_core_initialized of phNxpNciHal.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153731335
CVE-2020-27036 1 Google 1 Android 2026-06-17 4.6 MEDIUM 6.7 MEDIUM
In phNxpNciHal_send_ext_cmd of phNxpNciHal_ext.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC server with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153731369
CVE-2020-27033 1 Google 1 Android 2026-06-17 2.1 LOW 4.4 MEDIUM
In nfc_ncif_proc_get_routing of nfc_ncif.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-153655153