Vulnerabilities (CVE)

Filtered by CWE-125
Total 7258 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-1763 1 Libreswan 1 Libreswan 2024-11-21 5.0 MEDIUM 7.5 HIGH
An out-of-bounds buffer read flaw was found in the pluto daemon of libreswan from versions 3.27 till 3.31 where, an unauthenticated attacker could use this flaw to crash libreswan by sending specially-crafted IKEv1 Informational Exchange packets. The daemon respawns after the crash.
CVE-2020-1342 1 Microsoft 7 365 Apps, Office, Office Online Server and 4 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1445.
CVE-2020-1322 1 Microsoft 3 365 Apps, Office, Project 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable, aka 'Microsoft Project Information Disclosure Vulnerability'.
CVE-2020-1232 1 Microsoft 3 Windows 10, Windows Server 2016, Windows Server 2019 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
An information disclosure vulnerability exists when Media Foundation improperly handles objects in memory, aka 'Media Foundation Information Disclosure Vulnerability'.
CVE-2020-19861 1 Nlnetlabs 1 Ldns 2024-11-21 5.0 MEDIUM 7.5 HIGH
When a zone file in ldns 1.7.1 is parsed, the function ldns_nsec3_salt_data is too trusted for the length value obtained from the zone file. When the memcpy is copied, the 0xfe - ldns_rdf_size(salt_rdf) byte data can be copied, causing heap overflow information leakage.
CVE-2020-19860 1 Nlnetlabs 1 Ldns 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
When ldns version 1.7.1 verifies a zone file, the ldns_rr_new_frm_str_internal function has a heap out of bounds read vulnerability. An attacker can leak information on the heap by constructing a zone file payload.
CVE-2020-19751 1 Gpac 1 Gpac 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in gpac 0.8.0. The gf_odf_del_ipmp_tool function in odf_code.c has a heap-based buffer over-read.
CVE-2020-19750 1 Gpac 1 Gpac 2024-11-21 5.0 MEDIUM 7.5 HIGH
An issue was discovered in gpac 0.8.0. The strdup function in box_code_base.c has a heap-based buffer over-read.
CVE-2020-19668 1 Libsixel Project 1 Libsixel 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
Unverified indexs into the array lead to out of bound access in the gif_out_code function in fromgif.c in libsixel 1.8.6.
CVE-2020-19499 1 Struktur 1 Libheif 2024-11-21 6.8 MEDIUM 8.8 HIGH
An issue was discovered in heif::Box_iref::get_references in libheif 1.4.0, allows attackers to cause a Denial of Service or possibly other unspecified impact due to an invalid memory read.
CVE-2020-19481 1 Gpac 1 Gpac 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in GPAC before 0.8.0, as demonstrated by MP4Box. It contains an invalid memory read in gf_m2ts_process_pmt in media_tools/mpegts.c that can cause a denial of service via a crafted MP4 file.
CVE-2020-19472 1 Flowpaper 1 Pdf2json 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue has been found in function DCTStream::readHuffSym in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 2 .
CVE-2020-19471 1 Flowpaper 1 Pdf2json 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue has been found in function DCTStream::decodeImage in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 4 .
CVE-2020-19466 1 Flowpaper 1 Pdf2json 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue has been found in function DCTStream::transformDataUnit in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 1 .
CVE-2020-19465 1 Flowpaper 1 Pdf2json 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue has been found in function ObjectStream::getObject in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid read of size 4 .
CVE-2020-18778 1 Libav 1 Libav 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_p_mb_intfi in vc1_block.c that allows an attacker to cause denial-of-service via a crafted file.
CVE-2020-18776 1 Libav 1 Libav 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
In Libav 12.3, there is a segmentation fault in vc1_decode_b_mb_intfr in vc1_block.c that allows an attacker to cause denial-of-service via a crafted file.
CVE-2020-18775 1 Libav 1 Libav 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
In Libav 12.3, there is a heap-based buffer over-read in vc1_decode_b_mb_intfi in vc1_block.c that allows an attacker to cause denial-of-service via a crafted file.
CVE-2020-18771 2 Debian, Exiv2 2 Debian Linux, Exiv2 2024-11-21 5.8 MEDIUM 8.1 HIGH
Exiv2 0.27.99.0 has a global buffer over-read in Exiv2::Internal::Nikon1MakerNote::print0x0088 in nikonmn_int.cpp which can result in an information leak.
CVE-2020-18756 1 Dcce 2 Mac1100 Plc, Mac1100 Plc Firmware 2024-11-21 5.0 MEDIUM 7.5 HIGH
An arbitrary memory access vulnerability in the EPA protocol of Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to read the contents of any variable area.