Vulnerabilities (CVE)

Filtered by CWE-125
Total 7258 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2020-12380 1 Intel 48 Bmc Firmware, Hns2600bpb, Hns2600bpb24 and 45 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2020-12360 3 Intel, Netapp, Siemens 552 Bios, Core I3-l13g4, Core I5-l16g7 and 549 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2020-12356 2 Intel, Netapp 2 Active Management Technology Firmware, Cloud Backup 2024-11-21 2.1 LOW 4.4 MEDIUM
Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local access.
CVE-2020-12247 2 Foxitsoftware, Microsoft 3 Phantompdf, Reader, Windows 2024-11-21 5.8 MEDIUM 7.1 HIGH
In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur.
CVE-2020-12141 1 Contiki-ng 1 Contiki-ng 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause a denial of service and potentially disclose information via crafted SNMP packets to snmp_ber_decode_string_len_buffer in os/net/app-layer/snmp/snmp-ber.c.
CVE-2020-12018 1 Advantech 1 Webaccess 2024-11-21 5.0 MEDIUM 7.5 HIGH
Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data.
CVE-2020-11947 1 Qemu 1 Qemu 2024-11-21 2.1 LOW 3.8 LOW
iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker.
CVE-2020-11940 1 Ntop 1 Ndpi 2024-11-21 5.0 MEDIUM 7.5 HIGH
In nDPI through 3.2 Stable, an out-of-bounds read in concat_hash_string in ssh.c can be exploited by a network-positioned attacker that can send malformed SSH protocol messages on a network segment monitored by nDPI's library.
CVE-2020-11914 1 Treck 1 Tcp\/ip 2024-11-21 3.3 LOW 4.3 MEDIUM
The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read.
CVE-2020-11913 1 Treck 1 Tcp\/ip 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read.
CVE-2020-11912 1 Treck 1 Tcp\/ip 2024-11-21 3.3 LOW 5.3 MEDIUM
The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read.
CVE-2020-11910 1 Treck 1 Tcp\/ip 2024-11-21 5.0 MEDIUM 5.3 MEDIUM
The Treck TCP/IP stack before 6.0.1.66 has an ICMPv4 Out-of-bounds Read.
CVE-2020-11905 1 Treck 1 Tcp\/ip 2024-11-21 3.3 LOW 6.5 MEDIUM
The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read.
CVE-2020-11903 1 Treck 1 Tcp\/ip 2024-11-21 3.3 LOW 6.5 MEDIUM
The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read.
CVE-2020-11902 1 Treck 1 Tcp\/ip 2024-11-21 7.5 HIGH 7.3 HIGH
The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read.
CVE-2020-11901 1 Treck 1 Tcp\/ip 2024-11-21 9.3 HIGH 9.0 CRITICAL
The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response.
CVE-2020-11895 1 Libming 1 Libming 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c.
CVE-2020-11894 1 Libming 1 Libming 2024-11-21 6.4 MEDIUM 9.1 CRITICAL
Ming (aka libming) 0.4.8 has a heap-based buffer over-read (8 bytes) in the function decompileIF() in decompile.c.
CVE-2020-11765 6 Apple, Canonical, Debian and 3 more 12 Icloud, Ipados, Iphone Os and 9 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in OpenEXR before 2.4.1. There is an off-by-one error in use of the ImfXdr.h read function by DwaCompressor::Classifier::Classifier, leading to an out-of-bounds read.
CVE-2020-11763 6 Apple, Canonical, Debian and 3 more 12 Icloud, Ipados, Iphone Os and 9 more 2024-11-21 4.3 MEDIUM 5.5 MEDIUM
An issue was discovered in OpenEXR before 2.4.1. There is an std::vector out-of-bounds read and write, as demonstrated by ImfTileOffsets.cpp.