Export limit exceeded: 20747 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20747 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-25279 | 1 Google | 1 Android | 2024-11-21 | 9.8 Critical |
| An issue was discovered on Samsung mobile devices with O(8.x), P(9.0), and Q(10.0) (Exynos chipsets) software. The baseband component has a buffer overflow via an abnormal SETUP message, leading to execution of arbitrary code. The Samsung ID is SVE-2020-18098 (September 2020). | ||||
| CVE-2020-25241 | 1 Siemens | 14 Simatic Mv420 Sr-b, Simatic Mv420 Sr-b Body, Simatic Mv420 Sr-b Body Firmware and 11 more | 2024-11-21 | 7.5 High |
| A vulnerability has been identified in SIMATIC MV400 family (All Versions < V7.0.6). The underlying TCP stack of the affected products does not correctly validate the sequence number for incoming TCP RST packages. An attacker could exploit this to terminate arbitrary TCP sessions. | ||||
| CVE-2020-25226 | 1 Siemens | 132 Scalance X200-4pirt, Scalance X200-4pirt Firmware, Scalance X201-3pirt and 129 more | 2024-11-21 | 9.8 Critical |
| A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (All versions < V5.2.5), SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions < V5.5.0). The web server of the affected devices contains a vulnerability that may lead to a buffer overflow condition. An attacker could cause this condition on the webserver by sending a specially crafted request. The webserver could stop and not recover anymore. | ||||
| CVE-2020-25211 | 4 Debian, Fedoraproject, Linux and 1 more | 9 Debian Linux, Fedora, Linux Kernel and 6 more | 2024-11-21 | 6.0 Medium |
| In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_conntrack_netlink.c, aka CID-1cc5ef91d2ff. | ||||
| CVE-2020-25199 | 1 We-con | 1 Levistudiou | 2024-11-21 | 7.8 High |
| A heap-based buffer overflow vulnerability exists within the WECON LeviStudioU Release Build 2019-09-21 and prior when processing project files. Opening a specially crafted project file could allow an attacker to exploit and execute code under the privileges of the application. | ||||
| CVE-2020-25189 | 1 Paradox | 2 Ip150, Ip150 Firmware | 2024-11-21 | 9.8 Critical |
| The affected product is vulnerable to three stack-based buffer overflows, which may allow an unauthenticated attacker to remotely execute arbitrary code on the IP150 (firmware versions 5.02.09). | ||||
| CVE-2020-25188 | 1 Laquisscada | 1 Scada | 2024-11-21 | 7.8 High |
| An attacker who convinces a valid user to open a specially crafted project file to exploit could execute code under the privileges of the application due to an out-of-bounds read vulnerability on the LAquis SCADA (Versions prior to 4.3.1.870). | ||||
| CVE-2020-25185 | 1 Paradox | 2 Ip150, Ip150 Firmware | 2024-11-21 | 8.8 High |
| The affected product is vulnerable to five post-authentication buffer overflows, which may allow a logged in user to remotely execute arbitrary code on the IP150 (firmware versions 5.02.09). | ||||
| CVE-2020-25181 | 1 We-con | 1 Plc Editor | 2024-11-21 | 8.8 High |
| WECON PLC Editor Versions 1.3.8 and prior has a heap-based buffer overflow vulnerabilities have been identified that may allow arbitrary code execution. | ||||
| CVE-2020-25177 | 1 We-con | 1 Plc Editor | 2024-11-21 | 8.8 High |
| WECON PLC Editor Versions 1.3.8 and prior has a stack-based buffer overflow vulnerability has been identified that may allow arbitrary code execution. | ||||
| CVE-2020-25170 | 1 Bbraun | 1 Onlinesuite Application Package | 2024-11-21 | 7.8 High |
| An Excel Macro Injection vulnerability exists in the export feature in the B. Braun OnlineSuite Version AP 3.0 and earlier via multiple input fields that are mishandled in an Excel export. | ||||
| CVE-2020-25159 | 1 Rtautomation | 2 499es Ethernet\/ip Adaptor, 499es Ethernet\/ip Adaptor Firmware | 2024-11-21 | 9.8 Critical |
| 499ES EtherNet/IP (ENIP) Adaptor Source Code is vulnerable to a stack-based buffer overflow, which may allow an attacker to send a specially crafted packet that may result in a denial-of-service condition or code execution. | ||||
| CVE-2020-25125 | 2 Gnupg, Gpg4win | 2 Gnupg, Gpg4win | 2024-11-21 | 7.8 High |
| GnuPG 2.2.21 and 2.2.22 (and Gpg4win 3.1.12) has an array overflow, leading to a crash or possibly unspecified other impact, when a victim imports an attacker's OpenPGP key, and this key has AEAD preferences. The overflow is caused by a g10/key-check.c error. NOTE: GnuPG 2.3.x is unaffected. GnuPG 2.2.23 is a fixed version. | ||||
| CVE-2020-25110 | 1 Ethernut | 1 Nut\/os | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The length byte of a domain name in a DNS query/response is not checked, and is used for internal memory operations. This may lead to successful Denial-of-Service, and possibly Remote Code Execution. | ||||
| CVE-2020-25109 | 1 Ethernut | 1 Nut\/os | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. The number of DNS queries/responses (set in a DNS header) is not checked against the data present. This may lead to successful Denial-of-Service, and possibly Remote Code Execution. | ||||
| CVE-2020-25107 | 1 Ethernut | 1 Nut\/os | 2024-11-21 | 9.8 Critical |
| An issue was discovered in the DNS implementation in Ethernut in Nut/OS 5.1. There is no check on whether a domain name has '\0' termination. This may lead to successful Denial-of-Service, and possibly Remote Code Execution. | ||||
| CVE-2020-25085 | 2 Debian, Qemu | 2 Debian Linux, Qemu | 2024-11-21 | 5.0 Medium |
| QEMU 5.0.0 has a heap-based Buffer Overflow in flatview_read_continue in exec.c because hw/sd/sdhci.c mishandles a write operation in the SDHC_BLKSIZE case. | ||||
| CVE-2020-25054 | 1 Samsung | 1 Exynos | 2024-11-21 | 9.1 Critical |
| An issue was discovered on Samsung mobile devices with software through 2020-04-02 (Exynos modem chipsets). There is a heap-based buffer over-read in the Shannon baseband. The Samsung ID is SVE-2020-17239 (August 2020). | ||||
| CVE-2020-25023 | 1 Noise-java Project | 1 Noise-java | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Noise-Java through 2020-08-27. AESGCMOnCtrCipherState.encryptWithAd() allows out-of-bounds access. | ||||
| CVE-2020-25022 | 1 Noise-java Project | 1 Noise-java | 2024-11-21 | 9.8 Critical |
| An issue was discovered in Noise-Java through 2020-08-27. AESGCMFallbackCipherState.encryptWithAd() allows out-of-bounds access. | ||||