Export limit exceeded: 347763 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 43540 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (43540 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-29245 | 1 Tag Project | 1 Tag | 2024-11-21 | 6.5 Medium |
| dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readAtomData. | ||||
| CVE-2020-29244 | 1 Tag Project | 1 Tag | 2024-11-21 | 6.5 Medium |
| dhowden tag before 2020-11-19 allows "panic: runtime error: slice bounds out of range" via readTextWithDescrFrame. | ||||
| CVE-2020-29243 | 1 Tag Project | 1 Tag | 2024-11-21 | 6.5 Medium |
| dhowden tag before 2020-11-19 allows "panic: runtime error: index out of range" via readAPICFrame. | ||||
| CVE-2020-29242 | 1 Tag Project | 1 Tag | 2024-11-21 | 6.5 Medium |
| dhowden tag before 2020-11-19 allows "panic: runtime error: index out of range" via readPICFrame. | ||||
| CVE-2020-29238 | 1 Expressvpn | 1 Expressvpn | 2024-11-21 | 7.5 High |
| An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted request. | ||||
| CVE-2020-29203 | 1 Struct2json Project | 1 Struct2json | 2024-11-21 | 9.8 Critical |
| struct2json before 2020-11-18 is affected by a Buffer Overflow because strcpy is used for S2J_STRUCT_GET_string_ELEMENT. | ||||
| CVE-2020-29130 | 4 Debian, Fedoraproject, Libslirp Project and 1 more | 4 Debian Linux, Fedora, Libslirp and 1 more | 2024-11-21 | 4.3 Medium |
| slirp.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. | ||||
| CVE-2020-29129 | 4 Debian, Fedoraproject, Libslirp Project and 1 more | 4 Debian Linux, Fedora, Libslirp and 1 more | 2024-11-21 | 4.3 Medium |
| ncsi.c in libslirp through 4.3.1 has a buffer over-read because it tries to read a certain amount of header data even if that exceeds the total packet length. | ||||
| CVE-2020-29040 | 1 Xen | 1 Xen | 2024-11-21 | 8.8 High |
| An issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial of service (stack corruption), cause a data leak, or possibly gain privileges because of an off-by-one error. NOTE: this issue is caused by an incorrect fix for CVE-2020-27671. | ||||
| CVE-2020-29023 | 1 Secomea | 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more | 2024-11-21 | 3.5 Low |
| Improper Encoding or Escaping of Output from CSV Report Generator of Secomea GateManager allows an authenticated administrator to generate a CSV file that may run arbitrary commands on a victim's computer when opened in a spreadsheet program (like Excel). This issue affects: Secomea GateManager all versions prior to 9.3. | ||||
| CVE-2020-29022 | 1 Secomea | 8 Gatemanager 4250, Gatemanager 4250 Firmware, Gatemanager 4260 and 5 more | 2024-11-21 | 5.3 Medium |
| Failure to Sanitize host header value on output in the GateManager Web server could allow an attacker to conduct web cache poisoning attacks. This issue affects Secomea GateManager all versions prior to 9.3 | ||||
| CVE-2020-29018 | 1 Fortinet | 1 Fortiweb | 2024-11-21 | 8.8 High |
| A format string vulnerability in FortiWeb 6.3.0 through 6.3.5 may allow an authenticated, remote attacker to read the content of memory and retrieve sensitive data via the redir parameter. | ||||
| CVE-2020-28974 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Enterprise Linux | 2024-11-21 | 5.0 Medium |
| A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can be used for manipulations such as font height. | ||||
| CVE-2020-28969 | 1 Aplixio | 1 Pdf Shapingup | 2024-11-21 | 7.8 High |
| Aplioxio PDF ShapingUp 5.0.0.139 contains a buffer overflow which allows attackers to cause a denial of service (DoS) via a crafted PDF file. | ||||
| CVE-2020-28967 | 1 Flashget | 1 Flashget | 2024-11-21 | 8.8 High |
| FlashGet v1.9.6 was discovered to contain a buffer overflow in the 'current path directory' function. This vulnerability allows attackers to elevate local process privileges via overwriting the registers. | ||||
| CVE-2020-28963 | 2 Krylack, Microsoft | 2 Zip Password Recovery, Windows | 2024-11-21 | 7.8 High |
| Passcovery Co. Ltd ZIP Password Recovery v3.70.69.0 was discovered to contain a buffer overflow via the decompress function. | ||||
| CVE-2020-28954 | 1 Bigbluebutton | 1 Bigbluebutton | 2024-11-21 | 5.3 Medium |
| web/controllers/ApiController.groovy in BigBlueButton before 2.2.29 lacks certain parameter sanitization, as demonstrated by accepting control characters in a user name. | ||||
| CVE-2020-28926 | 2 Debian, Readymedia Project | 2 Debian Linux, Readymedia | 2024-11-21 | 9.8 Critical |
| ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Sending a malicious UPnP HTTP request to the miniDLNA service using HTTP chunked encoding can lead to a signedness bug resulting in a buffer overflow in calls to memcpy/memmove. | ||||
| CVE-2020-28915 | 2 Linux, Redhat | 3 Linux Kernel, Enterprise Linux, Rhev Hypervisor | 2024-11-21 | 5.8 Medium |
| A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def. | ||||
| CVE-2020-28895 | 2 Oracle, Windriver | 2 Communications Eagle, Vxworks | 2024-11-21 | 7.3 High |
| In Wind River VxWorks, memory allocator has a possible overflow in calculating the memory block's size to be allocated by calloc(). As a result, the actual memory allocated is smaller than the buffer size specified by the arguments, leading to memory corruption. | ||||