Export limit exceeded: 19966 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19966 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-7039 | 5 Debian, Libslirp Project, Opensuse and 2 more | 12 Debian Linux, Libslirp, Leap and 9 more | 2024-11-21 | 5.6 Medium |
| tcp_emu in tcp_subr.c in libslirp 4.1.0, as used in QEMU 4.2.0, mismanages memory, as demonstrated by IRC DCC commands in EMU_IRC. This can cause a heap-based buffer overflow or other out-of-bounds access which can lead to a DoS or potential execute arbitrary code. | ||||
| CVE-2020-7034 | 1 Avaya | 1 Session Border Controller For Enterprise | 2024-11-21 | 7.2 High |
| A command injection vulnerability in Avaya Session Border Controller for Enterprise could allow an authenticated, remote attacker to send specially crafted messages and execute arbitrary commands with the affected system privileges. Affected versions of Avaya Session Border Controller for Enterprise include 7.x, 8.0 through 8.1.1.x | ||||
| CVE-2020-7007 | 1 Moxa | 4 Eds-510e, Eds-510e Firmware, Eds-g516e and 1 more | 2024-11-21 | 9.8 Critical |
| In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service. | ||||
| CVE-2020-7002 | 1 Deltaww | 1 Cncsoft Screeneditor | 2024-11-21 | 7.8 High |
| Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. Multiple stack-based buffer overflows can be exploited when a valid user opens a specially crafted, malicious input file. | ||||
| CVE-2020-6996 | 1 Trianglemicroworks | 1 Dnp3 Source Code Library | 2024-11-21 | 9.8 Critical |
| Triangle MicroWorks DNP3 Outstation LibrariesDNP3 Outstation .NET Protocol components and DNP3 Outstation ANSI C source code libraries are affected:3.16.00 through 3.25.01. A specially crafted message may cause a stack-based buffer overflow. Authentication is not required to exploit this vulnerability. | ||||
| CVE-2020-6989 | 1 Moxa | 110 Pt-7528-12msc-12tx-4gsfp-hv, Pt-7528-12msc-12tx-4gsfp-hv-hv, Pt-7528-12msc-12tx-4gsfp-hv-hv Firmware and 107 more | 2024-11-21 | 9.8 Critical |
| In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service condition or execute arbitrary code. | ||||
| CVE-2020-6970 | 1 Emerson | 1 Openenterprise Scada Server | 2024-11-21 | 9.8 Critical |
| A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise Server. | ||||
| CVE-2020-6948 | 1 Hashbrowncms | 1 Hashbrown Cms | 2024-11-21 | 9.8 Critical |
| A remote code execution issue was discovered in HashBrown CMS through 1.3.3. Server/Entity/Deployer/GitDeployer.js has a Service.AppService.exec call that mishandles the URL, repository, username, and password. | ||||
| CVE-2020-6860 | 2 Fedoraproject, Symonics | 2 Fedora, Libmysofa | 2024-11-21 | 8.8 High |
| libmysofa 0.9.1 has a stack-based buffer overflow in readDataVar in hdf/dataobject.c during the reading of a header message attribute. | ||||
| CVE-2020-6851 | 5 Debian, Fedoraproject, Oracle and 2 more | 13 Debian Linux, Fedora, Georaster and 10 more | 2024-11-21 | 7.5 High |
| OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. | ||||
| CVE-2020-6842 | 1 Dlink | 2 Dch-m225, Dch-m225 Firmware | 2024-11-21 | 7.2 High |
| D-Link DCH-M225 1.05b01 and earlier devices allow remote authenticated admins to execute arbitrary OS commands via shell metacharacters in the media renderer name. | ||||
| CVE-2020-6841 | 1 Dlink | 2 Dch-m225, Dch-m225 Firmware | 2024-11-21 | 9.8 Critical |
| D-Link DCH-M225 1.05b01 and earlier devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the spotifyConnect.php userName parameter. | ||||
| CVE-2020-6839 | 1 Mruby | 1 Mruby | 2024-11-21 | 9.8 Critical |
| In mruby 2.1.0, there is a stack-based buffer overflow in mrb_str_len_to_dbl in string.c. | ||||
| CVE-2020-6831 | 5 Canonical, Debian, Mozilla and 2 more | 10 Ubuntu Linux, Debian Linux, Firefox and 7 more | 2024-11-21 | 9.8 Critical |
| A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. | ||||
| CVE-2020-6826 | 1 Mozilla | 1 Firefox | 2024-11-21 | 9.8 Critical |
| Mozilla developers Tyson Smith, Bob Clary, and Alexandru Michis reported memory safety bugs present in Firefox 74. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 75. | ||||
| CVE-2020-6825 | 2 Mozilla, Redhat | 5 Firefox, Firefox Esr, Thunderbird and 2 more | 2024-11-21 | 9.8 Critical |
| Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75. | ||||
| CVE-2020-6822 | 2 Mozilla, Redhat | 5 Firefox, Firefox Esr, Thunderbird and 2 more | 2024-11-21 | 8.8 High |
| On 32-bit builds, an out of bounds write could have occurred when processing an image larger than 4 GB in <code>GMPDecodeData</code>. It is possible that with enough effort this could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75. | ||||
| CVE-2020-6815 | 1 Mozilla | 1 Firefox | 2024-11-21 | 9.8 Critical |
| Mozilla developers reported memory safety and script safety bugs present in Firefox 73. Some of these bugs showed evidence of memory corruption or escalation of privilege and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 74. | ||||
| CVE-2020-6814 | 3 Canonical, Mozilla, Redhat | 6 Ubuntu Linux, Firefox, Firefox Esr and 3 more | 2024-11-21 | 9.8 Critical |
| Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. | ||||
| CVE-2020-6811 | 3 Canonical, Mozilla, Redhat | 6 Ubuntu Linux, Firefox, Firefox Esr and 3 more | 2024-11-21 | 8.8 High |
| The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a request, which can be controlled by the website. If a user used the 'Copy as Curl' feature and pasted the command into a terminal, it could have resulted in command injection and arbitrary command execution. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. | ||||