Total
8118 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-3617 | 1 Qualcomm | 32 Kamorta, Kamorta Firmware, Nicobar and 29 more | 2024-11-21 | 6.6 MEDIUM | 7.1 HIGH |
| u'Buffer over-read Issue in Q6 testbus framework due to diag packet length is not completely validated before accessing the field and leads to Information disclosure.' in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Kamorta, Nicobar, QCS605, QCS610, Rennell, SC7180, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SXR1130 | |||||
| CVE-2020-3399 | 1 Cisco | 7 Catalyst 9800-40, Catalyst 9800-80, Catalyst 9800-cl and 4 more | 2024-11-21 | 7.8 HIGH | 8.6 HIGH |
| A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) protocol processing of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of an affected device. The vulnerability is due to insufficient input validation during CAPWAP packet processing. An attacker could exploit this vulnerability by sending a crafted CAPWAP packet to an affected device, resulting in a buffer over-read. A successful exploit could allow the attacker to cause the affected device to crash and reload, resulting in a DoS condition on the affected device. | |||||
| CVE-2020-3298 | 1 Cisco | 10 Adaptive Security Appliance Software, Asa 5506-x, Asa 5506h-x and 7 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability in the Open Shortest Path First (OSPF) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory protection mechanisms while processing certain OSPF packets. An attacker could exploit this vulnerability by sending a series of malformed OSPF packets in a short period of time to an affected device. A successful exploit could allow the attacker to cause a reload of the affected device, resulting in a DoS condition for client traffic that is traversing the device. | |||||
| CVE-2020-3123 | 2 Canonical, Clamav | 2 Ubuntu Linux, Clamav | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A vulnerability in the Data-Loss-Prevention (DLP) module in Clam AntiVirus (ClamAV) Software versions 0.102.1 and 0.102.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to an out-of-bounds read affecting users that have enabled the optional DLP feature. An attacker could exploit this vulnerability by sending a crafted email file to an affected device. An exploit could allow the attacker to cause the ClamAV scanning process crash, resulting in a denial of service condition. | |||||
| CVE-2020-36615 | 1 Apple | 1 Macos | 2024-11-21 | N/A | 7.8 HIGH |
| An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.0.1. Processing a maliciously crafted font may lead to arbitrary code execution. | |||||
| CVE-2020-36426 | 2 Arm, Debian | 2 Mbed Tls, Debian Linux | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_crl_parse_der has a buffer over-read (of one byte). | |||||
| CVE-2020-36386 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 5.6 MEDIUM | 7.1 HIGH |
| An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf. | |||||
| CVE-2020-36331 | 5 Apple, Debian, Netapp and 2 more | 6 Ipados, Iphone Os, Debian Linux and 3 more | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkAssignData. The highest threat from this vulnerability is to data confidentiality and to the service availability. | |||||
| CVE-2020-36330 | 5 Apple, Debian, Netapp and 2 more | 6 Ipados, Iphone Os, Debian Linux and 3 more | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| A flaw was found in libwebp in versions before 1.0.1. An out-of-bounds read was found in function ChunkVerifyAndAssign. The highest threat from this vulnerability is to data confidentiality and to the service availability. | |||||
| CVE-2020-36325 | 1 Jansson Project | 1 Jansson | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification | |||||
| CVE-2020-36281 | 4 Debian, Fedoraproject, Leptonica and 1 more | 4 Debian Linux, Fedora, Leptonica and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Leptonica before 1.80.0 allows a heap-based buffer over-read in pixFewColorsOctcubeQuantMixed in colorquant1.c. | |||||
| CVE-2020-36280 | 2 Fedoraproject, Leptonica | 2 Fedora, Leptonica | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Leptonica before 1.80.0 allows a heap-based buffer over-read in pixReadFromTiffStream, related to tiffio.c. | |||||
| CVE-2020-36279 | 4 Debian, Fedoraproject, Leptonica and 1 more | 4 Debian Linux, Fedora, Leptonica and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Leptonica before 1.80.0 allows a heap-based buffer over-read in rasteropGeneralLow, related to adaptmap_reg.c and adaptmap.c. | |||||
| CVE-2020-36278 | 4 Debian, Fedoraproject, Leptonica and 1 more | 4 Debian Linux, Fedora, Leptonica and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Leptonica before 1.80.0 allows a heap-based buffer over-read in findNextBorderPixel in ccbord.c. | |||||
| CVE-2020-36223 | 3 Apple, Debian, Openldap | 4 Mac Os X, Macos, Debian Linux and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). | |||||
| CVE-2020-36150 | 2 Fedoraproject, Symonics | 2 Fedora, Libmysofa | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Incorrect handling of input data in loudness function in the libmysofa library 0.5 - 1.1 will lead to heap buffer overflow and access to unallocated memory block. | |||||
| CVE-2020-36134 | 1 Aomedia | 1 Aomedia | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| AOM v2.0.1 was discovered to contain a segmentation violation via the component aom_dsp/x86/obmc_sad_avx2.c. | |||||
| CVE-2020-35892 | 1 Simple-slab Project | 1 Simple-slab | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in the simple-slab crate before 0.3.3 for Rust. index() allows an out-of-bounds read. | |||||
| CVE-2020-35890 | 1 Ordnung Project | 1 Ordnung | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the ordnung crate through 2020-09-03 for Rust. compact::Vec violates memory safety via out-of-bounds access for large capacity. | |||||
| CVE-2020-35861 | 1 Bumpalo Project | 1 Bumpalo | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the bumpalo crate before 3.2.1 for Rust. The realloc feature allows the reading of unknown memory. Attackers can potentially read cryptographic keys. | |||||