Vulnerabilities (CVE)

Filtered by CWE-125
Total 7256 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-12356 2 Intel, Netapp 2 Active Management Technology Firmware, Cloud Backup 2024-11-21 2.1 LOW 4.4 MEDIUM
Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local access.
CVE-2020-12247 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2024-11-21 5.8 MEDIUM 7.1 HIGH
In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur.
CVE-2020-12141 1 Contiki-ng 1 Contiki-ng 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause a denial of service and potentially disclose information via crafted SNMP packets to snmp_ber_decode_string_len_buffer in os/net/app-layer/snmp/snmp-ber.c.
CVE-2020-12018 1 Advantech 1 Webaccess 2024-11-21 5.0 MEDIUM 7.5 HIGH
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data.
CVE-2020-11947 1 Qemu 1 Qemu 2024-11-21 2.1 LOW 3.8 LOW
iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.
CVE-2020-11940 1 Ntop 1 Ndpi 2024-11-21 5.0 MEDIUM 7.5 HIGH
In nDPI through 3.2 Stable, an out-of-bounds read in concat_hash_string in ssh.c can be exploited by a network-positioned attacker that can send malformed SSH protocol messages on a network segment monitored by nDPI's library.
CVE-2020-11914 1 Treck 1 Tcp\/ip 2024-11-21 3.3 LOW 4.3 MEDIUM
The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read.
CVE-2020-11913 1 Treck 1 Tcp\/ip 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.
CVE-2020-11912 1 Treck 1 Tcp\/ip 2024-11-21 3.3 LOW 5.3 MEDIUM
The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read.
CVE-2020-11910 1 Treck 1 Tcp\/ip 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read.
CVE-2020-11905 1 Treck 1 Tcp\/ip 2024-11-21 3.3 LOW 6.5 MEDIUM
The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read.
CVE-2020-11903 1 Treck 1 Tcp\/ip 2024-11-21 3.3 LOW 6.5 MEDIUM
The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read.
CVE-2020-11902 1 Treck 1 Tcp\/ip 2024-11-21 7.5 HIGH 7.3 HIGH
The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read.
CVE-2020-11901 1 Treck 1 Tcp\/ip 2024-11-21 9.3 HIGH 9.0 CRITICAL
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response.
CVE-2020-11895 1 Libming 1 Libming 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c.
CVE-2020-11894 1 Libming 1 Libming 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c.
CVE-2020-11765 6 Apple, Canonical, Debian and 3 more 12 Icloud, Ipados, Iphone Os and 9 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read.
CVE-2020-11763 6 Apple, Canonical, Debian and 3 more 12 Icloud, Ipados, Iphone Os and 9 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.
CVE-2020-11762 6 Apple, Canonical, Debian and 3 more 12 Icloud, Ipados, Iphone Os and 9 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read and write in DwaCompressor::uncompress in ImfDwaCompressor.cpp when handling the UNKNOWN compression case.
CVE-2020-11761 5 Apple, Canonical, Debian and 2 more 11 Icloud, Ipados, Iphone Os and 8 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in OpenEXR before 2.4.1. There is an out-of-bounds read during Huffman uncompression, as demonstrated by FastHufDecoder::refill in ImfFastHuf.cpp.