Export limit exceeded: 20718 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20718 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-12426 | 2 Mozilla, Opensuse | 2 Firefox, Leap | 2024-11-21 | 8.8 High |
| Mozilla developers and community members reported memory safety bugs present in Firefox 77. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 78. | ||||
| CVE-2020-12425 | 2 Mozilla, Redhat | 4 Firefox, Enterprise Linux, Rhel E4s and 1 more | 2024-11-21 | 6.5 Medium |
| Due to confusion processing a hyphen character in Date.parse(), a one-byte out of bounds read could have occurred, leading to potential information disclosure. This vulnerability affects Firefox < 78. | ||||
| CVE-2020-12418 | 4 Canonical, Mozilla, Opensuse and 1 more | 8 Ubuntu Linux, Firefox, Firefox Esr and 5 more | 2024-11-21 | 6.5 Medium |
| Manipulating individual parts of a URL object could have caused an out-of-bounds read, leaking process memory to malicious JavaScript. This vulnerability affects Firefox ESR < 68.10, Firefox < 78, and Thunderbird < 68.10.0. | ||||
| CVE-2020-12410 | 3 Canonical, Mozilla, Redhat | 6 Ubuntu Linux, Firefox, Firefox Esr and 3 more | 2024-11-21 | 8.8 High |
| Mozilla developers reported memory safety bugs present in Firefox 76 and Firefox ESR 68.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 68.9.0, Firefox < 77, and Firefox ESR < 68.9. | ||||
| CVE-2020-12407 | 1 Mozilla | 1 Firefox | 2024-11-21 | 6.5 Medium |
| Mozilla Developer Nicolas Silva found that when using WebRender, Firefox would under certain conditions leak arbitrary GPU memory to the visible screen. The leaked memory content was visible to the user, but not observable from web content. This vulnerability affects Firefox < 77. | ||||
| CVE-2020-12403 | 2 Mozilla, Redhat | 7 Nss, Enterprise Linux, Openshift Do and 4 more | 2024-11-21 | 9.1 Critical |
| A flaw was found in the way CHACHA20-POLY1305 was implemented in NSS in versions before 3.55. When using multi-part Chacha20, it could cause out-of-bounds reads. This issue was fixed by explicitly disabling multi-part ChaCha20 (which was not functioning correctly) and strictly enforcing tag length. The highest threat from this vulnerability is to confidentiality and system availability. | ||||
| CVE-2020-12396 | 1 Mozilla | 1 Firefox | 2024-11-21 | 9.8 Critical |
| Mozilla developers and community members reported memory safety bugs present in Firefox 75. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 76. | ||||
| CVE-2020-12395 | 3 Canonical, Mozilla, Redhat | 7 Ubuntu Linux, Firefox, Firefox Esr and 4 more | 2024-11-21 | 9.8 Critical |
| Mozilla developers and community members reported memory safety bugs present in Firefox 75 and Firefox ESR 68.7. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox ESR < 68.8, Firefox < 76, and Thunderbird < 68.8.0. | ||||
| CVE-2020-12380 | 1 Intel | 48 Bmc Firmware, Hns2600bpb, Hns2600bpb24 and 45 more | 2024-11-21 | 7.8 High |
| Out of bounds read in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-12374 | 1 Intel | 48 Bmc Firmware, Hns2600bpb, Hns2600bpb24 and 45 more | 2024-11-21 | 6.7 Medium |
| Buffer overflow in the BMC firmware for some Intel(R) Server Boards, Server Systems and Compute Modules before version 2.47 may allow a privileged user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-12360 | 3 Intel, Netapp, Siemens | 552 Bios, Core I3-l13g4, Core I5-l16g7 and 549 more | 2024-11-21 | 7.8 High |
| Out of bounds read in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. | ||||
| CVE-2020-12356 | 2 Intel, Netapp | 2 Active Management Technology Firmware, Cloud Backup | 2024-11-21 | 4.4 Medium |
| Out-of-bounds read in subsystem in Intel(R) AMT versions before 11.8.80, 11.12.80, 11.22.80, 12.0.70 and 14.0.45 may allow a privileged user to potentially enable information disclosure via local access. | ||||
| CVE-2020-12321 | 2 Intel, Redhat | 27 Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3165 Firmware, Dual Band Wireless-ac 3168 and 24 more | 2024-11-21 | 8.8 High |
| Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) products before version 21.110 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access. | ||||
| CVE-2020-12284 | 3 Canonical, Debian, Ffmpeg | 3 Ubuntu Linux, Debian Linux, Ffmpeg | 2024-11-21 | 9.8 Critical |
| cbs_jpeg_split_fragment in libavcodec/cbs_jpeg.c in FFmpeg 4.1 and 4.2.2 has a heap-based buffer overflow during JPEG_MARKER_SOS handling because of a missing length check. | ||||
| CVE-2020-12268 | 4 Artifex, Debian, Opensuse and 1 more | 6 Jbig2dec, Debian Linux, Leap and 3 more | 2024-11-21 | 9.8 Critical |
| jbig2_image_compose in jbig2_image.c in Artifex jbig2dec before 0.18 has a heap-based buffer overflow. | ||||
| CVE-2020-12247 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2024-11-21 | 7.1 High |
| In Foxit Reader and PhantomPDF before 10.0.1, and PhantomPDF before 9.7.3, attackers can obtain sensitive information from an out-of-bounds read because a text-string index continues to be used after splitting a string into two parts. A crash may also occur. | ||||
| CVE-2020-12141 | 1 Contiki-ng | 1 Contiki-ng | 2024-11-21 | 9.1 Critical |
| An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause a denial of service and potentially disclose information via crafted SNMP packets to snmp_ber_decode_string_len_buffer in os/net/app-layer/snmp/snmp-ber.c. | ||||
| CVE-2020-12140 | 1 Contiki-ng | 1 Contiki-ng | 2024-11-21 | 8.8 High |
| A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Contiki-NG 4.4 and earlier allows an attacker to execute arbitrary code via malicious L2CAP frames. | ||||
| CVE-2020-12135 | 2 Mongodb, Whoopsie Project | 2 C Driver, Whoopsie | 2024-11-21 | 5.5 Medium |
| bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input. | ||||
| CVE-2020-12125 | 1 Wavlink | 2 Wn530h4, Wn530h4 Firmware | 2024-11-21 | 9.8 Critical |
| A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication. | ||||