Total
3114 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-13390 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/addressNat entrys and mitInterface parameters for a POST request, a value is directly used in a sprintf to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | |||||
| CVE-2020-13389 | 1 Tendacn | 8 Ac15, Ac15 Firmware, Ac18 and 5 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC6 V1.0 V15.03.05.19_multi_TD01, AC9 V1.0 V15.03.05.19(6318)_CN, AC9 V3.0 V15.03.06.42_multi, AC15 V1.0 V15.03.05.19_multi_TD01, and AC18 V15.03.05.19(6318_)_CN devices. There is a buffer overflow vulnerability in the router's web server -- httpd. While processing the /goform/openSchedWifi schedStartTime and schedEndTime parameters for a POST request, a value is directly used in a strcpy to a local variable placed on the stack, which overwrites the return address of a function. An attacker can construct a payload to carry out arbitrary code execution attacks. | |||||
| CVE-2020-13224 | 1 Tp-link | 14 Nc200, Nc200 Firmware, Nc210 and 11 more | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| TP-LINK NC200 devices through 2.1.10 build 200401, NC210 devices through 1.0.10 build 200401, NC220 devices through 1.3.1 build 200401, NC230 devices through 1.3.1 build 200401, NC250 devices through 1.3.1 build 200401, NC260 devices through 1.5.3 build_200401, and NC450 devices through 1.5.4 build 200401 have a Buffer Overflow | |||||
| CVE-2020-12823 | 4 Debian, Fedoraproject, Infradead and 1 more | 4 Debian Linux, Fedora, Openconnect and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| OpenConnect 8.09 has a buffer overflow, causing a denial of service (application crash) or possibly unspecified other impact, via crafted certificate data to get_cert_name in gnutls.c. | |||||
| CVE-2020-12749 | 1 Google | 1 Android | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on Samsung mobile devices with P(9.0) (Exynos chipsets) software. The S.LSI Wi-Fi drivers have a buffer overflow. The Samsung ID is SVE-2020-16906 (May 2020). | |||||
| CVE-2020-12723 | 5 Fedoraproject, Netapp, Opensuse and 2 more | 16 Fedora, Oncommand Workflow Automation, Snap Creator Framework and 13 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls. | |||||
| CVE-2020-12465 | 2 Linux, Netapp | 9 Linux Kernel, Active Iq Unified Manager, Aff Baseboard Management Controller and 6 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
| An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages. | |||||
| CVE-2020-12374 | 1 Intel | 48 Bmc Firmware, Hns2600bpb, Hns2600bpb24 and 45 more | 2024-11-21 | 4.6 MEDIUM | 6.7 MEDIUM |
| Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access. | |||||
| CVE-2020-12140 | 1 Contiki-ng | 1 Contiki-ng | 2024-11-21 | 8.3 HIGH | 8.8 HIGH |
| A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Contiki-NG 4.4 and earlier allows an attacker to execute arbitrary code via malicious L2CAP frames. | |||||
| CVE-2020-12125 | 1 Wavlink | 2 Wn530h4, Wn530h4 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication. | |||||
| CVE-2020-11984 | 7 Apache, Canonical, Debian and 4 more | 13 Http Server, Ubuntu Linux, Debian Linux and 10 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE | |||||
| CVE-2020-11677 | 1 Cerner | 1 Medico | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| Cerner medico 26.00 has a Local Buffer Overflow (issue 3 of 3). | |||||
| CVE-2020-11676 | 1 Cerner | 1 Medico | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| Cerner medico 26.00 has a Local Buffer Overflow (issue 2 of 3). | |||||
| CVE-2020-11675 | 1 Cerner | 1 Medico | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| Cerner medico 26.00 has a Local Buffer Overflow (issue 1 of 3). | |||||
| CVE-2020-11299 | 1 Qualcomm | 762 Apq8009, Apq8009 Firmware, Apq8009w and 759 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Buffer overflow can occur in video while playing the non-standard clip in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2020-11292 | 1 Qualcomm | 354 Apq8009, Apq8009 Firmware, Apq8009w and 351 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Possible buffer overflow in voice service due to lack of input validation of parameters in QMI Voice API in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||
| CVE-2020-11225 | 1 Qualcomm | 405 Apq8064au, Apq8096au, Aqt1000 and 402 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Out of bound access in WLAN driver due to lack of validation of array length before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking | |||||
| CVE-2020-11223 | 1 Qualcomm | 404 Aqt1000, Aqt1000 Firmware, Pm3003a and 401 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Out of bound in camera driver due to lack of check of validation of array index before copying into array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables | |||||
| CVE-2020-11207 | 1 Qualcomm | 124 Apq8052, Apq8052 Firmware, Apq8056 and 121 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Buffer overflow in LibFastCV library due to improper size checks with respect to buffer length' in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8052, APQ8056, APQ8076, APQ8096, APQ8096SG, APQ8098, MDM9655, MSM8952, MSM8956, MSM8976, MSM8976SG, MSM8996, MSM8996SG, MSM8998, QCM4290, QCM6125, QCS410, QCS4290, QCS610, QCS6125, QSM8250, SA6145P, SA6150P, SA6155, SA6155P, SA8150P, SA8155, SA8155P, SA8195P, SC7180, SDA640, SDA660, SDA845, SDA855, SDM640, SDM660, SDM830, SDM845, SDM850, SDX50M, SDX55, SDX55M, SM4250, SM4250P, SM6115, SM6115P, SM6125, SM6150, SM6150P, SM6250, SM6250P, SM6350, SM7125, SM7150, SM7150P, SM7225, SM7250, SM7250P, SM8150, SM8150P, SM8250, SXR2130, SXR2130P | |||||
| CVE-2020-11183 | 1 Qualcomm | 151 Apq8009, Apq8009w, Apq8017 and 148 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
| A process can potentially cause a buffer overflow in the display service allowing privilege escalation by executing code as that service in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | |||||