Export limit exceeded: 20757 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20757 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-6999 | 1 Moxa | 2 Mds-g516e, Mds-g516e Firmware | 2024-11-21 | 6.5 Medium |
| In Moxa EDS-G516E Series firmware, Version 5.2 or lower, some of the parameters in the setting pages do not ensure text is the correct size for its buffer. | ||||
| CVE-2020-6996 | 1 Trianglemicroworks | 1 Dnp3 Source Code Library | 2024-11-21 | 9.8 Critical |
| Triangle MicroWorks DNP3 Outstation LibrariesDNP3 Outstation .NET Protocol components and DNP3 Outstation ANSI C source code libraries are affected:3.16.00 through 3.25.01. A specially crafted message may cause a stack-based buffer overflow. Authentication is not required to exploit this vulnerability. | ||||
| CVE-2020-6994 | 1 Belden | 14 Hirschmann Eagle20, Hirschmann Eagle30, Hirschmann Embedded Ethernet Switch and 11 more | 2024-11-21 | 9.8 Critical |
| A buffer overflow vulnerability was found in some devices of Hirschmann Automation and Control HiOS and HiSecOS. The vulnerability is due to improper parsing of URL arguments. An attacker could exploit this vulnerability by specially crafting HTTP requests to overflow an internal buffer. The following devices using HiOS Version 07.0.02 and lower are affected: RSP, RSPE, RSPS, RSPL, MSP, EES, EES, EESX, GRS, OS, RED. The following devices using HiSecOS Version 03.2.00 and lower are affected: EAGLE20/30. | ||||
| CVE-2020-6989 | 1 Moxa | 110 Pt-7528-12msc-12tx-4gsfp-hv, Pt-7528-12msc-12tx-4gsfp-hv-hv, Pt-7528-12msc-12tx-4gsfp-hv-hv Firmware and 107 more | 2024-11-21 | 9.8 Critical |
| In Moxa PT-7528 series firmware, Version 4.0 or lower, and PT-7828 series firmware, Version 3.9 or lower, a buffer overflow in the web server allows remote attackers to cause a denial-of-service condition or execute arbitrary code. | ||||
| CVE-2020-6976 | 1 Deltaww | 1 Cncsoft Screeneditor | 2024-11-21 | 5.5 Medium |
| Delta Industrial Automation CNCSoft ScreenEditor, v1.00.96 and prior. An out-of-bounds read overflow can be exploited when a valid user opens a specially crafted, malicious input file due to the lack of validation. | ||||
| CVE-2020-6970 | 1 Emerson | 1 Openenterprise Scada Server | 2024-11-21 | 9.8 Critical |
| A Heap-based Buffer Overflow was found in Emerson OpenEnterprise SCADA Server 2.83 (if Modbus or ROC Interfaces have been installed and are in use) and all versions of OpenEnterprise 3.1 through 3.3.3, where a specially crafted script could execute code on the OpenEnterprise Server. | ||||
| CVE-2020-6851 | 5 Debian, Fedoraproject, Oracle and 2 more | 13 Debian Linux, Fedora, Georaster and 10 more | 2024-11-21 | 7.5 High |
| OpenJPEG through 2.3.1 has a heap-based buffer overflow in opj_t1_clbl_decode_processor in openjp2/t1.c because of lack of opj_j2k_update_image_dimensions validation. | ||||
| CVE-2020-6831 | 5 Canonical, Debian, Mozilla and 2 more | 10 Ubuntu Linux, Debian Linux, Firefox and 7 more | 2024-11-21 | 9.8 Critical |
| A buffer overflow could occur when parsing and validating SCTP chunks in WebRTC. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. | ||||
| CVE-2020-6825 | 2 Mozilla, Redhat | 5 Firefox, Firefox Esr, Thunderbird and 2 more | 2024-11-21 | 9.8 Critical |
| Mozilla developers and community members Tyson Smith and Christian Holler reported memory safety bugs present in Firefox 74 and Firefox ESR 68.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.7.0, Firefox ESR < 68.7, and Firefox < 75. | ||||
| CVE-2020-6814 | 3 Canonical, Mozilla, Redhat | 6 Ubuntu Linux, Firefox, Firefox Esr and 3 more | 2024-11-21 | 9.8 Critical |
| Mozilla developers reported memory safety bugs present in Firefox and Thunderbird 68.5. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. | ||||
| CVE-2020-6806 | 3 Canonical, Mozilla, Redhat | 6 Ubuntu Linux, Firefox, Firefox Esr and 3 more | 2024-11-21 | 8.8 High |
| By carefully crafting promise resolutions, it was possible to cause an out-of-bounds read off the end of an array resized during script execution. This could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 68.6, Firefox < 74, Firefox < ESR68.6, and Firefox ESR < 68.6. | ||||
| CVE-2020-6801 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2024-11-21 | 8.8 High |
| Mozilla developers reported memory safety bugs present in Firefox 72. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 73. | ||||
| CVE-2020-6800 | 3 Canonical, Mozilla, Redhat | 6 Ubuntu Linux, Firefox, Firefox Esr and 3 more | 2024-11-21 | 8.8 High |
| Mozilla developers and community members reported memory safety bugs present in Firefox 72 and Firefox ESR 68.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. In general, these flaws cannot be exploited through email in the Thunderbird product because scripting is disabled when reading mail, but are potentially risks in browser or browser-like contexts. This vulnerability affects Thunderbird < 68.5, Firefox < 73, and Firefox < ESR68.5. | ||||
| CVE-2020-6793 | 2 Mozilla, Redhat | 3 Thunderbird, Enterprise Linux, Rhel E4s | 2024-11-21 | 6.5 Medium |
| When processing an email message with an ill-formed envelope, Thunderbird could read data from a random memory location. This vulnerability affects Thunderbird < 68.5. | ||||
| CVE-2020-6655 | 1 Eaton | 1 Easysoft | 2024-11-21 | 5.8 Medium |
| The Eaton's easySoft software v7.xx prior to v7.22 are susceptible to Out-of-bounds remote code execution vulnerability. A malicious entity can execute a malicious code or make the application crash by tricking user to upload the malformed .E70 file in the application. The vulnerability arises due to improper validation and parsing of the E70 file content by the application. | ||||
| CVE-2020-6628 | 1 Libming | 1 Libming | 2024-11-21 | 8.8 High |
| Ming (aka libming) 0.4.8 has a heap-based buffer over-read in the function decompile_SWITCH() in decompile.c. | ||||
| CVE-2020-6625 | 1 Jhead Project | 1 Jhead | 2024-11-21 | 7.1 High |
| jhead through 3.04 has a heap-based buffer over-read in Get32s when called from ProcessGpsInfo in gpsinfo.c. | ||||
| CVE-2020-6624 | 1 Jhead Project | 1 Jhead | 2024-11-21 | 7.1 High |
| jhead through 3.04 has a heap-based buffer over-read in process_DQT in jpgqguess.c. | ||||
| CVE-2020-6622 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 8.8 High |
| stb stb_truetype.h through 1.22 has a heap-based buffer over-read in stbtt__buf_peek8. | ||||
| CVE-2020-6621 | 1 Nothings | 1 Stb Truetype.h | 2024-11-21 | 8.8 High |
| stb stb_truetype.h through 1.22 has a heap-based buffer over-read in ttUSHORT. | ||||