Total
8221 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-24383 | 1 Butok | 1 Fnet | 2024-11-21 | 9.1 Critical |
| An issue was discovered in FNET through 4.6.4. The code for processing resource records in mDNS queries doesn't check for proper '\0' termination of the resource record name string, leading to an out-of-bounds read, and potentially causing information leak or Denial-or-Service. | ||||
| CVE-2020-24372 | 1 Luajit | 1 Luajit | 2024-11-21 | 7.5 High |
| LuaJIT through 2.1.0-beta3 has an out-of-bounds read in lj_err_run in lj_err.c. | ||||
| CVE-2020-24352 | 1 Qemu | 1 Qemu | 2024-11-21 | 5.5 Medium |
| An issue was discovered in QEMU through 5.1.0. An out-of-bounds memory access was found in the ATI VGA device implementation. This flaw occurs in the ati_2d_blt() routine in hw/display/ati_2d.c while handling MMIO write operations through the ati_mm_write() callback. A malicious guest could use this flaw to crash the QEMU process on the host, resulting in a denial of service. | ||||
| CVE-2020-24348 | 1 F5 | 1 Njs | 2024-11-21 | 5.5 Medium |
| njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_json_stringify_iterator in njs_json.c. | ||||
| CVE-2020-24347 | 1 F5 | 1 Njs | 2024-11-21 | 5.5 Medium |
| njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c. | ||||
| CVE-2020-24344 | 1 Jerryscript | 1 Jerryscript | 2024-11-21 | 7.1 High |
| JerryScript through 2.3.0 has a (function({a=arguments}){const arguments}) buffer over-read. | ||||
| CVE-2020-24341 | 1 Altran | 2 Picotcp, Picotcp-ng | 2024-11-21 | 9.1 Critical |
| An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The TCP input data processing function in pico_tcp.c does not validate the length of incoming TCP packets, which leads to an out-of-bounds read when assembling received packets into a data segment, eventually causing Denial-of-Service or an information leak. | ||||
| CVE-2020-24340 | 1 Altran | 2 Picotcp, Picotcp-ng | 2024-11-21 | 7.5 High |
| An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The code that processes DNS responses in pico_mdns_handle_data_as_answers_generic() in pico_mdns.c does not check whether the number of answers/responses specified in a DNS packet header corresponds to the response data available in the packet, leading to an out-of-bounds read, invalid pointer dereference, and Denial-of-Service. | ||||
| CVE-2020-24339 | 1 Altran | 2 Picotcp, Picotcp-ng | 2024-11-21 | 7.5 High |
| An issue was discovered in picoTCP and picoTCP-NG through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS response packet, causing out-of-bounds reads that lead to Denial-of-Service. | ||||
| CVE-2020-24335 | 3 Contiki-ng, Contiki-os, Uip Project | 3 Contiki-ng, Contiki, Uip | 2024-11-21 | 7.5 High |
| An issue was discovered in uIP through 1.0, as used in Contiki and Contiki-NG. Domain name parsing lacks bounds checks, allowing an attacker to corrupt memory with crafted DNS packets. | ||||
| CVE-2020-24334 | 3 Contiki-ng, Contiki-os, Uip Project | 3 Contiki-ng, Contiki, Uip | 2024-11-21 | 8.2 High |
| The code that processes DNS responses in uIP through 1.0, as used in Contiki and Contiki-NG, does not check whether the number of responses specified in the DNS packet header corresponds to the response data available in the DNS packet, leading to an out-of-bounds read and Denial-of-Service in resolv.c. | ||||
| CVE-2020-23931 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.1 High |
| An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read. | ||||
| CVE-2020-23928 | 1 Gpac | 1 Gpac | 2024-11-21 | 7.1 High |
| An issue was discovered in gpac before 1.0.1. The abst_box_read function in box_code_adobe.c has a heap-based buffer over-read. | ||||
| CVE-2020-23922 | 2 Apache, Giflib Project | 2 Bookkeeper, Giflib | 2024-11-21 | 7.1 High |
| An issue was discovered in giflib through 5.1.4. DumpScreen2RGB in gif2rgb.c has a heap-based buffer over-read. | ||||
| CVE-2020-23921 | 1 Fast Ber Project | 1 Fast Ber | 2024-11-21 | 7.1 High |
| An issue was discovered in fast_ber through v0.4. yy::yylex() in asn_compiler.hpp has a heap-based buffer over-read. | ||||
| CVE-2020-23915 | 1 Cpp-peglib Project | 1 Cpp-peglib | 2024-11-21 | 5.5 Medium |
| An issue was discovered in cpp-peglib through v0.1.12. peg::resolve_escape_sequence() in peglib.h has a heap-based buffer over-read. | ||||
| CVE-2020-23909 | 1 Advancemame | 1 Advancemame | 2024-11-21 | 7.1 High |
| Heap-based buffer over-read in function png_convert_4 in file pngex.cc in AdvanceMAME through 2.1. | ||||
| CVE-2020-22218 | 2 Libssh2, Redhat | 2 Libssh2, Enterprise Linux | 2024-11-21 | 7.5 High |
| An issue was discovered in function _libssh2_packet_add in libssh2 1.10.0 allows attackers to access out of bounds memory. | ||||
| CVE-2020-22217 | 3 C-ares, Debian, Redhat | 4 C-ares, Debian Linux, Enterprise Linux and 1 more | 2024-11-21 | 5.9 Medium |
| Buffer overflow vulnerability in c-ares before 1_16_1 thru 1_17_0 via function ares_parse_soa_reply in ares_parse_soa_reply.c. | ||||
| CVE-2020-21535 | 2 Debian, Xfig Project | 2 Debian Linux, Fig2dev | 2024-11-21 | 5.5 Medium |
| fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c. | ||||