Total
11736 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-8797 | 3 Debian, Opensuse, Rdesktop | 3 Debian Linux, Leap, Rdesktop | 2020-09-29 | 7.5 HIGH | 9.8 CRITICAL |
| rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution. | |||||
| CVE-2018-8795 | 3 Debian, Opensuse, Rdesktop | 3 Debian Linux, Leap, Rdesktop | 2020-09-29 | 7.5 HIGH | 9.8 CRITICAL |
| rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution. | |||||
| CVE-2018-19490 | 3 Debian, Gnuplot, Opensuse | 3 Debian Linux, Gnuplot, Leap | 2020-09-28 | 6.8 MEDIUM | 7.8 HIGH |
| An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range argument that is passed to the plot function. | |||||
| CVE-2019-11365 | 1 Atftp Project | 1 Atftp | 2020-09-28 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in atftpd in atftp 0.7.1. A remote attacker may send a crafted packet triggering a stack-based buffer overflow due to an insecurely implemented strncpy call. The vulnerability is triggered by sending an error packet of 3 bytes or fewer. There are multiple instances of this vulnerable strncpy pattern within the code base, specifically within tftpd_file.c, tftp_file.c, tftpd_mtftp.c, and tftp_mtftp.c. | |||||
| CVE-2020-3989 | 1 Vmware | 3 Horizon Client, Workstation Player, Workstation Pro | 2020-09-28 | 2.1 LOW | 3.3 LOW |
| VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an out-of-bounds write issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to create a partial denial-of-service condition on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client. | |||||
| CVE-2018-8570 | 1 Microsoft | 2 Internet Explorer, Windows 7 | 2020-09-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. | |||||
| CVE-2018-0870 | 1 Microsoft | 7 Internet Explorer, Windows 10, Windows 7 and 4 more | 2020-09-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0991, CVE-2018-0997, CVE-2018-1018, CVE-2018-1020. | |||||
| CVE-2018-8631 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2020-09-28 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. | |||||
| CVE-2017-5503 | 1 Jasper Project | 1 Jasper | 2020-09-25 | 4.3 MEDIUM | 5.5 MEDIUM |
| The dec_clnpass function in libjasper/jpc/jpc_t1dec.c in JasPer 1.900.27 allows remote attackers to cause a denial of service (invalid memory write and crash) or possibly have unspecified other impact via a crafted image. | |||||
| CVE-2020-0354 | 1 Google | 1 Android | 2020-09-24 | 7.5 HIGH | 9.8 CRITICAL |
| In Bluetooth, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-143604331 | |||||
| CVE-2020-25489 | 1 Sqreen | 1 Python Mini Racer | 2020-09-24 | 7.5 HIGH | 9.8 CRITICAL |
| A heap overflow in Sqreen PyMiniRacer (aka Python Mini Racer) before 0.3.0 allows remote attackers to potentially exploit heap corruption. | |||||
| CVE-2020-0245 | 1 Google | 1 Android | 2020-09-23 | 9.3 HIGH | 8.8 HIGH |
| In DecodeFrameCombinedMode of combined_decode.cpp, there is a possible out of bounds write due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-152496149 | |||||
| CVE-2020-0385 | 1 Google | 1 Android | 2020-09-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Parse_insh of eas_mdls.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote information disclosure in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-9 Android-10 Android-11 Android-8.0 Android-8.1Android ID: A-150160041 | |||||
| CVE-2020-0123 | 1 Google | 1 Android | 2020-09-23 | 10.0 HIGH | 9.8 CRITICAL |
| There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-149871374 | |||||
| CVE-2020-0229 | 1 Google | 1 Android | 2020-09-23 | 10.0 HIGH | 9.8 CRITICAL |
| There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-156333725 | |||||
| CVE-2020-0278 | 1 Google | 1 Android | 2020-09-23 | 10.0 HIGH | 9.8 CRITICAL |
| There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812574 | |||||
| CVE-2020-0342 | 1 Google | 1 Android | 2020-09-23 | 10.0 HIGH | 9.8 CRITICAL |
| There is a possible out of bounds write due to an incorrect bounds check.Product: AndroidVersions: Android SoCAndroid ID: A-160812576 | |||||
| CVE-2020-0384 | 1 Google | 1 Android | 2020-09-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Parse_art of eas_mdls.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote information disclosure in the media extractor with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-150159906 | |||||
| CVE-2020-0383 | 1 Google | 1 Android | 2020-09-23 | 4.3 MEDIUM | 5.5 MEDIUM |
| In Parse_ins of eas_mdls.c, there is a possible out of bounds write due to a missing bounds check. This could lead to remote information disclosure in the media extractor process with no additional execution privileges needed. User interaction is needed for exploitation.Product: AndroidVersions: Android-8.1 Android-9 Android-10 Android-11 Android-8.0Android ID: A-150160279 | |||||
| CVE-2020-0380 | 1 Google | 1 Android | 2020-09-23 | 10.0 HIGH | 9.8 CRITICAL |
| In allocExcessBits of bitalloc.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-8.0 Android-8.1 Android-9 Android-10Android ID: A-146398979 | |||||