Total
7258 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-1763 | 1 Libreswan | 1 Libreswan | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash. | |||||
| CVE-2020-1342 | 1 Microsoft | 7 365 Apps, Office, Office Online Server and 4 more | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1445. | |||||
| CVE-2020-1322 | 1 Microsoft | 3 365 Apps, Office, Project | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'. | |||||
| CVE-2020-1232 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'. | |||||
| CVE-2020-19861 | 1 Nlnetlabs | 1 Ldns | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rdf) byte data can be copied, causing heap overflow information leakage. | |||||
| CVE-2020-19860 | 1 Nlnetlabs | 1 Ldns | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload. | |||||
| CVE-2020-19751 | 1 Gpac | 1 Gpac | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool function in odf_code.c has a heap-based buffer over-read. | |||||
| CVE-2020-19750 | 1 Gpac | 1 Gpac | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in gpac 0.8.0. The strdup function in box_code_base.c has a heap-based buffer over-read. | |||||
| CVE-2020-19668 | 1 Libsixel Project | 1 Libsixel | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Unverified indexs into the array lead to out of bound access in the gif_out_code function in fromgif.c in libsixel 1.8.6. | |||||
| CVE-2020-19499 | 1 Struktur | 1 Libheif | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in heif::Box_iref::get_references in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read. | |||||
| CVE-2020-19481 | 1 Gpac | 1 Gpac | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid memory read in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file. | |||||
| CVE-2020-19472 | 1 Flowpaper | 1 Pdf2json | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue has been found in function DCTStream::readHuffSym in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 2 . | |||||
| CVE-2020-19471 | 1 Flowpaper | 1 Pdf2json | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue has been found in function DCTStream::decodeImage in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 4 . | |||||
| CVE-2020-19466 | 1 Flowpaper | 1 Pdf2json | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue has been found in function DCTStream::transformDataUnit in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 1 . | |||||
| CVE-2020-19465 | 1 Flowpaper | 1 Pdf2json | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue has been found in function ObjectStream::getObject in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 4 . | |||||
| CVE-2020-18778 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_p_mb_intfi in vc1_block.c that allows an attacker to cause denial-of-service via a crafted file. | |||||
| CVE-2020-18776 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Libav 12.3, there is a segmentation fault in vc1_decode_b_mb_intfr in vc1_block.c that allows an attacker to cause denial-of-service via a crafted file. | |||||
| CVE-2020-18775 | 1 Libav | 1 Libav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_b_mb_intfi in vc1_block.c that allows an attacker to cause denial-of-service via a crafted file. | |||||
| CVE-2020-18771 | 2 Debian, Exiv2 | 2 Debian Linux, Exiv2 | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
| Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp which can result in an information leak. | |||||
| CVE-2020-18756 | 1 Dcce | 2 Mac1100 Plc, Mac1100 Plc Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An arbitrary memory access vulnerability in the EPA protocol of Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to read the contents of any variable area. | |||||