Export limit exceeded: 338065 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 338065 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 338065 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (20742 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2020-12141 | 1 Contiki-ng | 1 Contiki-ng | 2024-11-21 | 9.1 Critical |
| An out-of-bounds read in the SNMP stack in Contiki-NG 4.4 and earlier allows an attacker to cause a denial of service and potentially disclose information via crafted SNMP packets to snmp_ber_decode_string_len_buffer in os/net/app-layer/snmp/snmp-ber.c. | ||||
| CVE-2020-12140 | 1 Contiki-ng | 1 Contiki-ng | 2024-11-21 | 8.8 High |
| A buffer overflow in os/net/mac/ble/ble-l2cap.c in the BLE stack in Contiki-NG 4.4 and earlier allows an attacker to execute arbitrary code via malicious L2CAP frames. | ||||
| CVE-2020-12135 | 2 Mongodb, Whoopsie Project | 2 C Driver, Whoopsie | 2024-11-21 | 5.5 Medium |
| bson before 0.8 incorrectly uses int rather than size_t for many variables, parameters, and return values. In particular, the bson_ensure_space() parameter bytesNeeded could have an integer overflow via properly constructed bson input. | ||||
| CVE-2020-12125 | 1 Wavlink | 2 Wn530h4, Wn530h4 Firmware | 2024-11-21 | 9.8 Critical |
| A remote buffer overflow vulnerability in the /cgi-bin/makeRequest.cgi endpoint of the WAVLINK WN530H4 M30H4.V5030.190403 allows an attacker to execute arbitrary machine instructions as root without authentication. | ||||
| CVE-2020-12022 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An improper validation vulnerability exists that could allow an attacker to inject specially crafted input into memory where it can be executed. | ||||
| CVE-2020-12019 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| WebAccess Node Version 8.4.4 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code. | ||||
| CVE-2020-12018 | 1 Advantech | 1 Webaccess | 2024-11-21 | 7.5 High |
| Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. An out-of-bounds vulnerability exists that may allow access to unauthorized data. | ||||
| CVE-2020-12002 | 1 Advantech | 1 Webaccess | 2024-11-21 | 9.8 Critical |
| Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple stack-based buffer overflow vulnerabilities exist caused by a lack of proper validation of the length of user-supplied data, which may allow remote code execution. | ||||
| CVE-2020-11984 | 8 Apache, Canonical, Debian and 5 more | 16 Http Server, Ubuntu Linux, Debian Linux and 13 more | 2024-11-21 | 9.8 Critical |
| Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE | ||||
| CVE-2020-11958 | 2 Canonical, Re2c | 2 Ubuntu Linux, Re2c | 2024-11-21 | 7.8 High |
| re2c 1.3 has a heap-based buffer overflow in Scanner::fill in parse/scanner.cc via a long lexeme. | ||||
| CVE-2020-11947 | 2 Qemu, Redhat | 3 Qemu, Advanced Virtualization, Enterprise Linux | 2024-11-21 | 3.8 Low |
| iscsi_aio_ioctl_cb in block/iscsi.c in QEMU 4.1.0 has a heap-based buffer over-read that may disclose unrelated information from process memory to an attacker. | ||||
| CVE-2020-11940 | 1 Ntop | 1 Ndpi | 2024-11-21 | 7.5 High |
| In nDPI through 3.2 Stable, an out-of-bounds read in concat_hash_string in ssh.c can be exploited by a network-positioned attacker that can send malformed SSH protocol messages on a network segment monitored by nDPI's library. | ||||
| CVE-2020-11914 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 4.3 Medium |
| The Treck TCP/IP stack before 6.0.1.66 has an ARP Out-of-bounds Read. | ||||
| CVE-2020-11913 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 5.3 Medium |
| The Treck TCP/IP stack before 6.0.1.66 has an IPv6 Out-of-bounds Read. | ||||
| CVE-2020-11912 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 5.3 Medium |
| The Treck TCP/IP stack before 6.0.1.66 has a TCP Out-of-bounds Read. | ||||
| CVE-2020-11905 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 6.5 Medium |
| The Treck TCP/IP stack before 6.0.1.66 has a DHCPv6 Out-of-bounds Read. | ||||
| CVE-2020-11903 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 6.5 Medium |
| The Treck TCP/IP stack before 6.0.1.28 has a DHCP Out-of-bounds Read. | ||||
| CVE-2020-11902 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 7.3 High |
| The Treck TCP/IP stack before 6.0.1.66 has an IPv6OverIPv4 tunneling Out-of-bounds Read. | ||||
| CVE-2020-11901 | 1 Treck | 1 Tcp\/ip | 2024-11-21 | 9.0 Critical |
| The Treck TCP/IP stack before 6.0.1.66 allows Remote Code execution via a single invalid DNS response. | ||||
| CVE-2020-11895 | 1 Libming | 1 Libming | 2024-11-21 | 9.1 Critical |
| Ming (aka libming) 0.4.8 has a heap-based buffer over-read (2 bytes) in the function decompileIF() in decompile.c. | ||||