Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-17438 | 2 Contiki-os, Uip Project | 2 Contiki, Uip | 2020-12-15 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in uIP 1.0, as used in Contiki 3.0 and other products. The code that reassembles fragmented packets fails to properly validate the total length of an incoming packet specified in its IP header, as well as the fragmentation offset value specified in the IP header. By crafting a packet with specific values of the IP header length and the fragmentation offset, attackers can write into the .bss section of the program (past the statically allocated buffer that is used for storing the fragmented data) and cause a denial of service in uip_reass() in uip.c, or possibly execute arbitrary code on some target architectures. | |||||
| CVE-2020-0455 | 1 Google | 1 Android | 2020-12-15 | 7.5 HIGH | 9.8 CRITICAL |
| There is a possible out of bounds write due to a missing bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-170372514 | |||||
| CVE-2020-25111 | 1 Contiki-os | 1 Contiki-os | 2020-12-15 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the IPv6 stack in Contiki through 3.0. There is an insufficient check for the IPv6 header length. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet. | |||||
| CVE-2020-25108 | 1 Ethernut | 1 Nut\/os | 2020-12-15 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The DNS response data length is not checked (it can be set to an arbitrary value from a packet). This may lead to successful Denial-of-Service, and possibly Remote Code Execution. | |||||
| CVE-2020-24338 | 1 Altran | 1 Picotcp | 2020-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in picoTCP through 1.7.0. The DNS domain name record decompression functionality in pico_dns_decompress_name() in pico_dns_common.c does not validate the compression pointer offset values with respect to the actual data present in a DNS response packet, causing out-of-bounds writes that lead to Denial-of-Service and Remote Code Execution. | |||||
| CVE-2020-25112 | 1 Contiki-os | 1 Contiki-os | 2020-12-14 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the IPv6 stack in Contiki through 3.0. There are inconsistent checks for IPv6 header extension lengths. This leads to Denial-of-Service and potential Remote Code Execution via a crafted ICMPv6 echo packet. | |||||
| CVE-2015-8619 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2020-12-14 | 5.0 MEDIUM | 7.5 HIGH |
| The Human Monitor Interface support in QEMU allows remote attackers to cause a denial of service (out-of-bounds write and application crash). | |||||
| CVE-2020-26970 | 1 Mozilla | 1 Thunderbird | 2020-12-10 | 9.3 HIGH | 8.8 HIGH |
| When reading SMTP server status codes, Thunderbird writes an integer value to a position on the stack that is intended to contain just one byte. Depending on processor architecture and stack layout, this leads to stack corruption that may be exploitable. This vulnerability affects Thunderbird < 78.5.1. | |||||
| CVE-2020-26969 | 1 Mozilla | 1 Firefox | 2020-12-10 | 9.3 HIGH | 8.8 HIGH |
| Mozilla developers reported memory safety bugs present in Firefox 82. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 83. | |||||
| CVE-2020-26968 | 1 Mozilla | 3 Firefox, Firefox Esr, Thunderbird | 2020-12-10 | 9.3 HIGH | 8.8 HIGH |
| Mozilla developers reported memory safety bugs present in Firefox 82 and Firefox ESR 78.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 83, Firefox ESR < 78.5, and Thunderbird < 78.5. | |||||
| CVE-2020-26952 | 1 Mozilla | 1 Firefox | 2020-12-09 | 9.3 HIGH | 8.8 HIGH |
| Incorrect bookkeeping of functions inlined during JIT compilation could have led to memory corruption and a potentially exploitable crash when handling out-of-memory errors. This vulnerability affects Firefox < 83. | |||||
| CVE-2004-0978 | 1 Microsoft | 7 Internet Explorer, Windows 2000, Windows 98se and 4 more | 2020-12-09 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in the Hrtbeat.ocx (Heartbeat) ActiveX control for Internet Explorer 5.01 through 6, when users who visit online gaming sites that are associated with MSN, allows remote attackers to execute arbitrary code via the SetupData parameter. | |||||
| CVE-2019-15679 | 1 Tightvnc | 1 Tightvnc | 2020-12-09 | 7.5 HIGH | 9.8 CRITICAL |
| TightVNC code version 1.3.10 contains heap buffer overflow in InitialiseRFBConnection function, which can potentially result code execution. This attack appear to be exploitable via network connectivity. | |||||
| CVE-2019-15678 | 1 Tightvnc | 1 Tightvnc | 2020-12-09 | 7.5 HIGH | 9.8 CRITICAL |
| TightVNC code version 1.3.10 contains heap buffer overflow in rfbServerCutText handler, which can potentially result code execution.. This attack appear to be exploitable via network connectivity. | |||||
| CVE-2020-25464 | 1 Moddable | 1 Moddable | 2020-12-04 | 5.0 MEDIUM | 7.5 HIGH |
| Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before 20200903. The top stack frame is only partially initialized because the stack overflowed while creating the frame. This leads to a crash in the code sending the stack frame to the debugger. | |||||
| CVE-2020-25462 | 1 Moddable | 1 Moddable | 2020-12-04 | 7.5 HIGH | 9.8 CRITICAL |
| Heap buffer overflow in the fxCheckArrowFunction function at moddable/xs/sources/xsSyntaxical.c:3562 in Moddable SDK before OS200903. | |||||
| CVE-2017-2910 | 1 Libxls Project | 1 Libxls | 2020-12-04 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable Out-of-bounds Write vulnerability exists in the xls_addCell function of libxls 2.0. A specially crafted xls file can cause a memory corruption resulting in remote code execution. An attacker can send malicious xls file to trigger this vulnerability. | |||||
| CVE-2020-26762 | 1 Edimax | 4 Ic-3116w, Ic-3116w Firmware, Ic-3140w and 1 more | 2020-12-04 | 7.5 HIGH | 9.8 CRITICAL |
| A stack-based buffer-overflow exists in Edimax IP-Camera IC-3116W (v3.06) and IC-3140W (v3.07), which allows an unauthenticated, unauthorized attacker to perform remote-code-execution due to a crafted GET-Request. The overflow occurs in binary ipcam_cgi due to a missing type check in function doGetSysteminfo(). This has been fixed in version: IC-3116W v3.08. | |||||
| CVE-2020-9117 | 1 Huawei | 4 Nova 4, Nova 4 Firmware, Sydneym-al00 and 1 more | 2020-12-04 | 4.6 MEDIUM | 7.8 HIGH |
| HUAWEI nova 4 versions earlier than 10.0.0.165(C01E34R2P4) and SydneyM-AL00 versions earlier than 10.0.0.165(C00E66R1P5) have an out-of-bounds read and write vulnerability. An attacker with specific permissions crafts malformed packet with specific parameter and sends the packet to the affected products. Due to insufficient validation of packet, which may be exploited to cause the information leakage or arbitrary code execution. | |||||
| CVE-2020-7563 | 1 Schneider-electric | 40 Modicon M340 Bmx Noc 0401, Modicon M340 Bmx Noc 0401 Firmware, Modicon M340 Bmx Noe 0100 and 37 more | 2020-12-02 | 6.5 MEDIUM | 8.8 HIGH |
| A CWE-787: Out-of-bounds Write vulnerability exists in the Web Server on Modicon M340, Modicon Quantum and Modicon Premium Legacy offers and their Communication Modules (see notification for details) which could cause corruption of data, a crash, or code execution when uploading a specially crafted file on the controller over FTP. | |||||